LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Running a sever w/o an IP address... (https://www.linuxquestions.org/questions/linux-newbie-8/running-a-sever-w-o-an-ip-address-31073/)

Thaidog 09-24-2002 02:47 AM
Running a sever w/o an IP address...
 
How can you run a server in "stealth mode" without an IP address? In other words... what do I have to do to to subtract the IP address of a server?

Mara 09-24-2002 03:52 AM
AFAIK you can't. You can use port forwarding and use other machine's IP for connections, but without any IP, I don't think so.

unSpawn 09-24-2002 05:00 AM
Hmm. Would that be just configuring the nic w/o giving it any IP address? :-]

Thaidog 09-24-2002 05:21 AM
Quote:
Originally posted by unSpawn
Hmm. Would that be just configuring the nic w/o giving it any IP address? :-]
Can you give me a step by step? I'm not to hip to this thing...

Mara 09-24-2002 05:36 AM
Quote:
Originally posted by unSpawn
Hmm. Would that be just configuring the nic w/o giving it any IP address? :-]
But what for? I can't think of a use of this.

Mara 09-24-2002 05:37 AM
Quote:
Originally posted by Thaidog
Can you give me a step by step? I'm not to hip to this thing...
Thaidog, could you write what you'd like to do in a more detailed way?

Thaidog 09-24-2002 05:52 AM
Sure...
 
Quote:
Originally posted by Mara
Thaidog, could you write what you'd like to do in a more detailed way?
Sure... I was reading page 34 of this month's Linux Journal on how to use the app "snort" as a stealth logger... It explains that if your log server has no IP address, than it can't be hacked... in most basic terms... So it goes through this configuration scheme that I could not understand:

DEVICE=eth1
USERCTL=no
ONBOOT=yes
BOOTPROTO=
BROADCAST=
NETWORK=
NETMASK=
IPADDR=

Anyway, I'm still trying to understand the idea of a card with no IP address... and If I've already got that going on my OS X Jaguar box since I'm running my firewall in what it calls Stealth mode and running snort with NIDS... Or if I need to modify my connection settings... I hope this helps clear things up... ?

Mara 09-24-2002 06:33 AM
Read the whole article. I suppse it says it quite clearly:
Quote:
The trade-off is systems without IP addresses must be administered only from the console, or must have another network interface with an IP address. If a system has multiple interfaces, two precautions are vital. First, IP forwarding must be disabled, and second, the interface with an IP address must be connected to a different network from the sniffing/logging interface. It could, for example, be connected to a dedicated ``admin'' network consisting only of NIDS probes, loggers and administrative workstations.
(taken from http://linuxjournal.com/article.php?sid=6222)
A server without an IP can't be your only one (in general). It's nice to keep logs on it, but not as a normal server. Just my opinion.

stickman 09-24-2002 08:43 PM
The Linux Journal article is a pretty good read. You can do similar things with an unplumbed interface on Solaris.


All times are GMT -5. The time now is 01:46 AM.