RE: stealth interface

["Vanish Pattni (DSL AK)" <VanishP () datacom co nz>]

Keg's explanation is perhaps more useful. Just as a matter of interest if
you have the iproute package installed (by default on RH8) then you could
also issue the command:
 
ip address del 10.5.1.1/24 dev eth0
 
replacing the ip and ethernet device names as it applies to you. This will
remove an existing ip address from the eth0 interface.
 
cheers
Vanish

-----Original Message-----
From: Keg [mailto:snrtlst () netscape net]
Sent: Tuesday, April 08, 2003 8:03 AM
To: d_greenjr
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] stealth interface


Let's say you want to have the eth1 without IP assigned:

1.Go to  /etc/sysconifg/network-scripts/ifcfg-eth1 adn edit it to look like
this:
DEVICE=eth1
ONBOOT=no

2. Create custom startup script for that interface
 - Go to /etc/init.d and do   touch <your-script-name> && chmod +x
<your-script-name>
 - Edit this script tp include the following line: ifconfig eth1 up

3. Go to /etc/rc3.d and create the link to that script.
     ln -s /etc/init.d/<your-script-name>  S90eth1up (whatever name you
choose but male sure it starts with S and number should be bigger than the
one that starts service network)

That should do it.


d_greenjr wrote:


Can someone tell me or give me the URL on how to create an interface with no
ipaddr (stealth), on a linux [RH8] system? (Not the receive only cable-I saw
that in the snort FAQs)  I have searched the Internet and the snort archives
but have not found a message/page that describes what to do-only the end
results.  Thanks
 


-- 
Your favorite stores, helpful shopping tools and great gift ideas.
Experience the convenience of buying online with Shop@Netscape!
http://shopnow.netscape.com/ <http://shopnow.netscape.com/>