The Technique

Configure your logger, IDS probe, or sniffer with an active Ethernet interface that has no IP address.

If the network you want the stealth-probe on is switched, insert a hub at a strategic point and hang the probe off of the hub.

To use a stealth logger, you'll need a bogus static ARP entry on each host that sends log datah