IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Auto-sensing for IPS devices

From: Joel M Snyder <Joel.Snyder () Opus1 COM>
Date: Mon, 19 Sep 2005 12:48:45 -0700
Setting a switch port to 100-TX will force any decent NIC on a
host to link up at that setting.  I would trash any NIC that
doesn't.  It's not necessary to force the link mode of the NIC
if the switch doesn't auto-negotiate - the host NIC will find
the desired link setting.
No, that's not the way it works. What you're doing is forcing the NIC to go into fallback mode, and what you're hoping is that it will be 100Mbit/Full Duplex. It happens that most NICs do that, and this is why the results you're seeing are as favorable as they are. If you picked a different speed or duplex, you'd have a bunch of NICs that would suddenly stop working.
However, with the world of 1000Mbit pushing 10/100 out of the way, your technique is going to result in much lower success rate and much higher customer support calls and problems.
If you want reliable operation, you must set speed and duplex settings on both ends. There is no concept of a NIC "figuring it out" or being able to be "forced." If you turn off autonegotiate, there is no way in the standard for the NIC to sense what the speed & duplex settings are. 

jms

--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Phone: +1 520 324 0494 (voice)  +1 520 324 0495 (FAX)
jms () Opus1 COM    http://www.opus1.com/jms    Opus One

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. 
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: