[Snort-users] Receive Only Cable...
tony at ...4540...
Mon Jan 14 16:33:01 EST 2002
RE: [Snort-users] Receive Only Cable...I agree a DoS or maybe some type of
flood could be used to "hide" a real attack, but that is about all that I
could think of.
Frank - Not a bad idea, as not everyone is hardware savy, but you would need
a good res to those all those tiny wires
----- Original Message -----
From: Frank Knobbe
To: 'Chris Arsenault' ; snort-users at lists.sourceforge.net
Sent: Monday, January 14, 2002 7:17 PM
Subject: RE: [Snort-users] Receive Only Cable...
-----BEGIN PGP SIGNED MESSAGE-----
I guess any type of ICMP and UDP flood/DoS would still work.
Afterall, if Snort can see the packet, the system can.
Getting in as far as hacking..... I don't think so, since no data
leaves the interface (well, the cable more or less :)
PS: I was contemplating making a little How-to video of the creation
of the cable (since I get this asked a lot). Is there interest in
such a 'how do you crimp a funky cable' mpeg?
- -----Original Message-----
From: Chris Arsenault [mailto:carsenault at ...4459...]
Sent: Monday, January 14, 2002 5:35 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Receive Only Cable...
I setup a receive only cable as described in the Snort FAQ,
works like a charm!! I was just wondering with this cable and the
interface it is plugged into set up as stealth, can anyone describe a
possible attack which can still get to this box?
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME (X.509) encrypted email preferred.
-----END PGP SIGNATURE-----
More information about the Snort-users