["Mike Cannon" <cannon@xxxxxxxxxx>]

Using 2.4.2 kernel with bridging support compiled in I use user space binaries to configure a bridge.  The bridge works.  A little background.

 

eth0 and eth1 are added to a bridge br0 that was created with user space utilities.  ifconfig will show br0,eth0,eth1, lo, all of which do not have an IP assigned to them except lo.  This will forward traffic through the host, "transparently" to most other devices.  I did this so that I could break a network connection from a PC to the wall and insert my bridging laptop to sniff traffic to that workstation.  Similar to our $10,000 Network Associates POD, not including software, or laptop to run software.  The bridge does not have to have an IP assigned to it although I can assign one if I desire.  The IP is assigned to br0 if one is assigned.

 

tcpdump will capture packets with or without the IP assigned.

ethereal will only display the br0 interface for selection if an IP is assigned to br0.

 

My concern is that I don't like to have my Linux laptop plugged into a public network without ipchains/iptables running, which I don't run while sniffing since it blocks packets prior to ethereal receiving them.  If I assign an IP then I feel vulnerable to attack.

 

Any thoughts or suggestion on this matter would be greatly appreciated.

 

Thank you for you time in advance.

 

--
Mike Cannon
Infrastructure Systems Administrator
Management Information
Purdue University
1061 Freehafer Hall (FREH)
West Lafayette, IN  47907-1061

 

office phone: 765.494.6357
office fax: 765.496.1380
email: cannon@xxxxxxxxxx