Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: stealth interface question

From: Andy Steingruebl <asteingruebl () cccis com>
Date: Wed, 12 Dec 2001 15:02:02 -0600
On Wed, Dec 12, 2001 at 12:35:35PM -0800, Merrick, Gary wrote:


My Snort box has a stealth interface that doesn't have an IP address, and
it seems to work very well.  Is there any reason to also use a read-only
cable?


The quick answer is, with a read-only cable its not possible that a
misconfiguration of the system (software only of course) will result in
that box being accessible.  Even if you should accidentally "up" the
interface, it won't matter.

Notice that this doesn't protect you against someone who physically swaps
cables, but I suppose that is another issue. :)

--
Andy Steingruebl              
Unix/Network Security        
Security Architecture       

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: