Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: stealth ports and IDS

From: "Paul D. Robertson" <proberts () patriot net>
Date: Thu, 3 Oct 2002 11:08:44 -0400 (EDT)
On 3 Oct 2002, James X wrote:


One stumbling box has been the idea of a stealth port.  I usually
operate my IDS boxes with the interfaces in stealth mode ie no IP
address or stack. I do not know of a way of acheiving this using linux
or netBSD etc.. and without it I would feel rather vulnerable. To help


Maybe it's just me, but how about just not putting an IP address on the 
interface?  

I doubt you can get away with not puting IP in the kernel, but I really 
don't know enough about how libpcap does its thing to say for sure...

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: