Ubuntu Security and 2 nic's
Martin Obermair
martin.obermair at albani-group.com
Wed May 31 06:25:31 UTC 2006
Konstantinos Togias schrieb:
> On 5/30/06, Gallagher, Tim (NE) <Tim.Gallagher at gd-ais.com> wrote:
>
>> I have an a Ubuntu setup with 2 nic's. I have some computers trying to
>> communicate with a ip address that we filter out of our router. I have
>> created a VLAN of the offending ip address and I now have eth0 on Ubuntu
>> box assigned to that IP. For logging purposes I want to be able to
>> connect to the box on another nic and see the traffic that is coming
>> into the nic with the offending ip. I WANT to make sure that traffic is
>> not routed between the 2 nic's how can I do that. I do not want any
>> routes or bridging to happen between the 2 nics. Any advice on how to
>> do this?
>>
>> Thanks,
>> -T
>>
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>
> I think that if you do not configure any routing or masquerading then
> by default it will not happen.
>
hi
i think what you search is a passive ethernet tap
it's a kind of a y ethernet adapter, and you need 1 network card for
sniffing each way and noboy sees what's going on and when your pc is
down, the network connection is still available.
here a link to build such a thing
http://www.snort.org/docs/tap/
i tested it about 1,5 year ago and everything worked smoothly!
regards
martin
More information about the ubuntu-users
mailing list