Randy Barlow <[EMAIL PROTECTED]> writes: > [EMAIL PROTECTED] wrote: >> I mean if >> you connect it to any machine in the diagram or elsewhere wouldn't you >> be exposing that machine to the unfiltered internet? > > I think that's the idea here - to see the difference between the two > sides of the router.
If that is the case then I guess I don't see how the quote below applies. From Mick in his initial reply: > A rather simpler solution to do this would be to get hold of hub, > connect it to the firewall and watch everything that passes through > it. I relize you are not who made the reply I quote above but: If you still have to come up with a hardened interface to the hub then how is it simpler? Further, since the router is switched then you'd really need two hubs. One on each side, if the aim were to compare what is coming and what is getting thru. So we're getting further and futher away from `rather simpler' Come up with the hardened interface and forget the hub[s]. As I said my router offers to send all the bounced traffic to a designated DMZ. I am probably not interested enough right now to build up a whole different machine to talk to the hub or be the DMZ. So if you are pretty convinced doing it from a VMgentoo appliance running on one of the win boxes then I'll probably just keep fiddling around with the logs produced by the router. ... Thanks -- [EMAIL PROTECTED] mailing list
