Wireshark-users: Re: [Wireshark-users] One NIC on public side

From: "Gianluca Varenni" <gianluca.varenni@xxxxxxxxxxxx>
Date: Thu, 13 May 2010 09:53:59 -0700


--------------------------------------------------
From: <mike@xxxxxxxxxxxx>
Sent: Thursday, May 13, 2010 9:43 AM
To: "wireshark-users" <wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] One NIC on public side

Just wanting to understand what I'm doing. Always good to learn rather than simply being told :).

MS client gets disabled if you disable TCP/IP. QoS can be disabled as well.
The network monitors can be left on.

Because it is a netbios based service, which rides on tcp/ip?

Yes.


You are disabling TCP/IP on the public NIC. The LAN NIC will have its own IP address, the public one will not. As far as "safely connect" is concerned,
it depends on what you mean by "safely".

Yes, the server has two NICs. I have one connected on the LAN side for server admin, etc, the other is connected to a hub which has the WAN connections coming into it, just before the firewall. I want to see what hits us before the firewall does anything with it. It helps a lot when trying to figure out various problems.

What do I mean by safely? Meaning that public cannot gain access to the server in some way. I mean, the setup bypasses the firewall so sure don't want someone being able to gain access into the lan somehow.

If TCP/IP is disabled, I would feel extremely safe (this is what I personally do).

GV


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users

mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe