Snort mailing list archives

RE: Receive Only Cable...

From: Frank Knobbe <FKnobbe () KnobbeITS com>
Date: Mon, 14 Jan 2002 18:17:21 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I guess any type of ICMP and UDP flood/DoS would still work.
Afterall, if Snort can see the packet, the system can.
 
Getting in as far as hacking..... I don't think so, since no data
leaves the interface (well, the cable more or less :)
 
Regards,
Frank
 
 
PS: I was contemplating making a little How-to video of the creation
of the cable (since I get this asked a lot). Is there interest in
such a 'how do you crimp a funky cable' mpeg?
- -----Original Message-----
From: Chris Arsenault [mailto:carsenault () firstedcu org]
Sent: Monday, January 14, 2002 5:35 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Receive Only Cable...


     I setup a receive only cable as described in the Snort FAQ,
works like a charm!!  I was just wondering with this cable and the
interface it is plugged into set up as stealth, can anyone describe a
possible attack which can still get to this box?
 
Thanks,
 
Chris Arsenault
 
 

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME (X.509) encrypted email preferred.

iQA/AwUBPEN1EczYtOFvgXQfEQLyEACePHDdQCXnXWcsHfYh48zoi8Oo+PwAn32G
v7BsTXqKAJkKEtDG8Kuq5aG9
=V30/
-----END PGP SIGNATURE-----

Current thread:

Receive Only Cable... Chris Arsenault (Jan 14)
- <Possible follow-ups>
- RE: Receive Only Cable... Frank Knobbe (Jan 14)
  - Re: Receive Only Cable... Anthony Scalzitti (Jan 14)
  - RE: Receive Only Cable... Abe L. Getchell (Jan 14)
- RE: Receive Only Cable... Frank Knobbe (Jan 14)
- Re: Receive Only Cable... Ian Masters (Jan 14)
  - Re: Receive Only Cable... Erek Adams (Jan 15)