[Snort-users] Stealth Interface - Additional Information

Chris Arsenault carsenault at ...4459...
Mon Jan 7 10:16:09 EST 2002


In addition to removing all bindings on the NIC card on our sensor
running Windows 2000, I also disabled automatic private IP addressing
via reg hack which now put the sensor interface at an IP address of
0.0.0.0 with no subnet mask or gateway.  This is basically a stealth
interface equivalent to what can be done with linux/unix.  Can anyone
provide information related to the possibility of compromising this
interface?  
 
Due to issues with the Ethernet tap we had, I had to eliminate it so
both the send and receive Ethernet pairs are active on the sensor
interface.
 
Thanks for your help...
 
Chris Arsenault
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020107/6915f6af/attachment.html>


More information about the Snort-users mailing list