--------------------------------------------------
From: <mike@xxxxxxxxxxxx>
Sent: Thursday, May 13, 2010 9:09 AM
To: "wireshark-users" <wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] One NIC on public side
On Thu, 13 May 2010 07:55:40 -0700, Gianluca Varenni wrote:
On NIC1 you can totally disable the TCP/IP stack. Go to the properties of
that network connection, in the list of services/protocols bound to that
NIC, uncheck TCP/IP.
Ok, I've unchecked TCP/IP but still have others such as MS Client, QoS and
of course, the network monitors such as VMON1 and Network Monitor Driver.
MS client gets disabled if you disable TCP/IP. QoS can be disabled as well.
The network monitors can be left on.
I was under the impression that without a viable IP on the NIC, it could
never be accessed from remote but could be used in promiscuous mode to
read traffic.
So, disabling some of these protocols will allow me to safely connect it
on the public side again then?
You are disabling TCP/IP on the public NIC. The LAN NIC will have its own IP
address, the public one will not. As far as "safely connect" is concerned,
it depends on what you mean by "safely".
This will still allow you to capture, but there won't be any protocol
bound
to that NIC apart from the WinPcap driver.
One last thing, is the WinPcap driver something I should see in the list
of protocols?
No, it doesn't get listed there.
GV
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
