Ubuntu Security and 2 nic's
Martin Obermair
mobermair at albani.de
Wed May 31 06:32:48 UTC 2006
Gallagher, Tim (NE) schrieb:
>I have an a Ubuntu setup with 2 nic's. I have some computers trying to
>communicate with a ip address that we filter out of our router. I have
>created a VLAN of the offending ip address and I now have eth0 on Ubuntu
>box assigned to that IP. For logging purposes I want to be able to
>connect to the box on another nic and see the traffic that is coming
>into the nic with the offending ip. I WANT to make sure that traffic is
>not routed between the 2 nic's how can I do that. I do not want any
>routes or bridging to happen between the 2 nics. Any advice on how to
>do this?
>
>Thanks,
>-T
>
>
>
>
hi
i think what you search is a passive ethernet tap
it's a kind of a y ethernet adapter, and you need 1 network card for
sniffing each way and noboy sees what's going on and when your pc is
down, the network connection is still available.
here a link to build such a thing
http://www.snort.org/docs/tap/
i tested it about 1,5 year ago and everything worked smoothly!
regards
martin
More information about the ubuntu-users
mailing list