Wireshark-users: Re: [Wireshark-users] One NIC on public side

From: "Terry Martin" <tmartin@xxxxxxxxxxxxxxxx>
Date: Wed, 12 May 2010 23:37:05 -0500
Depending on the OS. You may need to aet the port you are monitoring into permiscuous mode. Some do not auto configure
I am not sure how secure it will be,  it depends on the firewall. You  
still have a Mac address that can be attack
I am also causious

Sent from my iPhone

On May 12, 2010, at 11:20 PM, "mike@xxxxxxxxxxxx" <mike@xxxxxxxxxxxx> wrote:
The server I'm using wireshark on has two NICs.
I put NIC0 on the LAN side which is how I remotely manage the server.
I put NIC1 on a hub just before the firewall so that I can see all public traffic before it hits the firewall.
On NIC1, I do not have any IP assigned which is on my lan but have  
169.254.1.2 on it.
From what I understand, the NIC goes into promiscuous mode when  
wireshark and other network monitoring software fires up to use that  
NIC.
What I wondered about was, just now safe is it to have that NIC on  
the public side?
Thanks.

___________________________________________________________________________

Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx >
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx? subject=unsubscribe