Gotta remember it has to be a SHARED hub, not switched.

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #202,463

by folkert

4/8/05 11:46:38 AM

4/8/05 11:49:47 AM

Gotta remember it has to be a SHARED hub, not switched.

And put the NIC in Promiscuous mode.

I have a machine setup for that.

It has 2 NICs in it. One for connecting to the LAN for regular stuff. Another for plugging into a hub, in listen only promicuous mode.

I bought on of the cheapest 10/100 hubs I could find. I leave daisy chained from the private interface of my Linux firewall.

That is the one thing I wish my unmanaged switches had, a mirroring port. (hmmm, an I idea.)

Basically, you could also use a real firewall, rather than a PIX. I hates them, I do, for reasons you are acutely aware of now.

Redo: Actually, now that I remember I am using a new setup, I actually just use the firewall itself to find the culprits. It is easy, run ethereal on the private interface for internal problems... run it on the public interface for external problems.

No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]

Edited by folkert April 8, 2005, 11:49:47 AM EDT

Expand All History

I'm stumped on how to find the abuser on my LAN - (FuManChu) - (12) - April 8, 2005, 01:41:58 AM EDT

Re: I'm stumped on how to find the abuser on my LAN - (dws) - (6) - April 8, 2005, 01:54:04 AM EDT

Both. I could do the unplug dance as a last resort. - (FuManChu) - (5) - April 8, 2005, 02:15:29 AM EDT

Re: Both. I could do the unplug dance as a last resort. - (dws) - (1) - April 8, 2005, 02:41:27 AM EDT

Not on the FS 750 - (FuManChu) - April 8, 2005, 02:56:17 AM EDT

AS Greg would say, easy peasy - (broomberg) - (2) - April 8, 2005, 06:42:06 AM EDT

Gotta remember it has to be a SHARED hub, not switched. - (folkert) - April 8, 2005, 11:49:47 AM EDT

That's the ticket. - (FuManChu) - April 8, 2005, 03:12:07 PM EDT

if it's like that... - (pwhysall) - April 8, 2005, 07:10:16 AM EDT

Resolution - (FuManChu) - (3) - April 8, 2005, 05:27:38 PM EDT

I've had days like that. :-) Glad you got it fixored. -NT - (Another Scott) - (1) - April 8, 2005, 06:45:45 PM EDT

Days?? Weeks! -NT - (folkert) - April 8, 2005, 07:33:21 PM EDT

<font size=8>DANG!</font> - (jb4) - April 9, 2005, 11:31:19 AM EDT

iwethey.org

Ha Ha - just kidding. We're all Lumberjacks and We're OK!
82 ms