[Snort-users] RE: Win2K Pro Sniffing
rreid at ...7835...
Fri Oct 15 14:37:22 EDT 2004
The easiet method is to set the adapter to obtain its address from DHCP and
then disable the DHCP service. Keep in mind this will break 2000's ability
to dynamically update DNS, but that shouldn't be a problem on a IDS box.
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Jim Richards
Sent: Friday, October 15, 2004 7:15 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] RE: Win2K Pro Sniffing
You can find it here:
Let me apologize ahead of time if this has been posted before.
This is what I have:
Windows 2000 Professional
Running SNORT, ACID, etc.
1 x NIC (Management) Configured for a Management Console to our Firewall
1 x NIC (SnifferNET) Connected outside the firewall sniffing on a (Real) HUB
What I need to do is Stealth my SnifferNET so prying eyes will have a hard
time finding it. I actually found a site with registry Hacks that give the
NIC a 0.0.0.0 address and allow sniffing. Anybody know where or how to do
this? I don't remember the site and Browser History is of no help. I have
spent most of the day trying to find it to no avail...
I really didn't want to use the Windows box but, my Firewall management
software won't run on Linux and I am out of boxes to spare....
754 Port America Place
Grapevine, TX 76051
FAX (817) 488-1103
MikeF at ...12560...
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use
IT products in your business? Tell us what you think of them. Give us Your
Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users