Snort mailing list archives
RE: RE: Win2K Pro Sniffing
From: "Michael Steele" <michaels () winsnort com>
Date: Fri, 15 Oct 2004 18:24:36 -0700
Check out our forums and the answer is in there for creating a stealth interface for Windows. Kindest regards, Michael... WINSNORT.com Management Team Member -- Pick up your FREE Windows or UNIX Snort installation guides mailto:support () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users- admin () lists sourceforge net] On Behalf Of Robert Reid Sent: Friday, October 15, 2004 2:33 PM To: snort-users () lists sourceforge net Subject: RE: [Snort-users] RE: Win2K Pro Sniffing The easiet method is to set the adapter to obtain its address from DHCP and then disable the DHCP service. Keep in mind this will break 2000's ability to dynamically update DNS, but that shouldn't be a problem on a IDS box. Robert -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jim Richards Sent: Friday, October 15, 2004 7:15 AM To: snort-users () lists sourceforge net Subject: [Snort-users] RE: Win2K Pro Sniffing You can find it here: http://marc.theaimsgroup.com/?l=snort-users&m=101111033932123&w=4 Jim Original Message: Let me apologize ahead of time if this has been posted before. This is what I have: Windows 2000 Professional Running SNORT, ACID, etc. 1 x NIC (Management) Configured for a Management Console to our Firewall (Logging) 1 x NIC (SnifferNET) Connected outside the firewall sniffing on a (Real) HUB What I need to do is Stealth my SnifferNET so prying eyes will have a hard time finding it. I actually found a site with registry Hacks that give the NIC a 0.0.0.0 address and allow sniffing. Anybody know where or how to do this? I don't remember the site and Browser History is of no help. I have spent most of the day trying to find it to no avail... I really didn't want to use the Windows box but, my Firewall management software won't run on Linux and I am out of boxes to spare.... Mike French MIS OnlineServices 754 Port America Place Suite 150 Grapevine, TX 76051 (888) 327-5647 (817) 488-1600 FAX (817) 488-1103 MikeF () misonlineservices com www.misonlineservices.com ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Win2K Pro Sniffing Mike French (Oct 14)
- <Possible follow-ups>
- RE: Win2K Pro Sniffing Jim Richards (Oct 15)
- RE: RE: Win2K Pro Sniffing Robert Reid (Oct 15)
- RE: RE: Win2K Pro Sniffing Michael Steele (Oct 15)
- Re: RE: Win2K Pro Sniffing Scot Scot (Oct 17)