Wireshark mailing list archives

Re: One NIC on public side

From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Thu, 13 May 2010 09:19:35 -0700



--------------------------------------------------
From: <mike () grounded net>
Sent: Thursday, May 13, 2010 9:09 AM
To: "wireshark-users" <wireshark-users () wireshark org>
Subject: Re: [Wireshark-users] One NIC on public side

On Thu, 13 May 2010 07:55:40 -0700, Gianluca Varenni wrote:

On NIC1 you can totally disable the TCP/IP stack. Go to the properties of
that network connection, in the list of services/protocols bound to that
NIC, uncheck TCP/IP.


Ok, I've unchecked TCP/IP but still have others such as MS Client, QoS and 
of course, the network monitors such as VMON1 and Network Monitor Driver.


MS client gets disabled if you disable TCP/IP. QoS can be disabled as well. 
The network monitors can be left on.


I was under the impression that without a viable IP on the NIC, it could 
never be accessed from remote but could be used in promiscuous mode to 
read traffic.

So, disabling some of these protocols will allow me to safely connect it 
on the public side again then?


You are disabling TCP/IP on the public NIC. The LAN NIC will have its own IP 
address, the public one will not. As far as "safely connect" is concerned, 
it depends on what you mean by "safely".

This will still allow you to capture, but there won't be any protocol 
bound
to that NIC apart from the WinPcap driver.


One last thing, is the WinPcap driver something I should see in the list 
of protocols?


No, it doesn't get listed there.

GV


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users

mailto:wireshark-users-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

One NIC on public side mike () grounded net (May 12)
- Re: One NIC on public side Terry Martin (May 12)
  - Re: One NIC on public side mike () grounded net (May 12)
- Re: One NIC on public side Gianluca Varenni (May 13)
  - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side Gianluca Varenni (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side Gianluca Varenni (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side Gianluca Varenni (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side Gianluca Varenni (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)
    - Re: One NIC on public side Gianluca Varenni (May 13)
    - Re: One NIC on public side mike () grounded net (May 13)

(Thread continues...)