Re: Ubuntu Security and 2 nic's

Gallagher, Tim (NE) schrieb:

I have an a Ubuntu setup with 2 nic's. I have some computers trying to
communicate with a ip address that we filter out of our router. I have
created a VLAN of the offending ip address and I now have eth0 on Ubuntu
box assigned to that IP. For logging purposes I want to be able to
connect to the box on another nic and see the traffic that is coming
into the nic with the offending ip. I WANT to make sure that traffic is
not routed between the 2 nic's how can I do that. I do not want any
routes or bridging to happen between the 2 nics. Any advice on how to
do this?



i think what you search is a passive ethernet tap

it's a kind of a y ethernet adapter, and you need 1 network card for sniffing each way and noboy sees what's going on and when your pc is down, the network connection is still available.

here a link to build such a thing

i tested it about 1,5 year ago and everything worked smoothly!


ubuntu-users mailing list