Snort mailing list archives
Re: stealth interface question
From: Andy Steingruebl <asteingruebl () cccis com>
Date: Wed, 12 Dec 2001 15:02:02 -0600
On Wed, Dec 12, 2001 at 12:35:35PM -0800, Merrick, Gary wrote:
My Snort box has a stealth interface that doesn't have an IP address, and it seems to work very well. Is there any reason to also use a read-only cable?
The quick answer is, with a read-only cable its not possible that a misconfiguration of the system (software only of course) will result in that box being accessible. Even if you should accidentally "up" the interface, it won't matter. Notice that this doesn't protect you against someone who physically swaps cables, but I suppose that is another issue. :) -- Andy Steingruebl Unix/Network Security Security Architecture _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- stealth interface question Merrick, Gary (Dec 12)
- Re: stealth interface question Andy Steingruebl (Dec 12)
- Re: stealth interface question Brian (Dec 13)
- <Possible follow-ups>
- Re: stealth interface question Mike Shaw (Dec 12)
- Re: stealth interface question Fyodor (Dec 12)