Snort mailing list archives
Re: snort in non switched environments
From: Michael Boman <michael () ayeka dyndns org>
Date: Mon, 20 Aug 2001 00:59:13 +0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 19 August 2001 19:12, Prashant Desai wrote:
Hi friends where should i put the snort sensor host if i dont have mirror port on my switch , please guide me as i am new to IDS Thanks & Regards Prashaht Desai
I think you would find the following document usefull, page 36 has a nice diagram. http://cs-www.ncsl.nist.gov/publications/drafts/idsdraft.pdf But, unmanaged switched will be a problem however you do.. CISCO 29xx series is not that expensive so next time it's time to upgrade your infrastructure put in a few more $$$ to get some pretty good equipment - the cost-savings is just not worth it in the long run (even $300 more for a switch spread out over 3 years is less then $10 per month, and you spend more money then that on coffee/smoke breaks). Best regards Michael Boman - -- There is no such thing as a system that is secure out of the box. Tim [Timothy M. Mullen, CIO of AnchorIS.Com] claimed earlier this morning that he had found one at Val-Mart the other day that was secure out of the box, but as it turns out that was a Nintendo. - -- Jesper M Johansson, Ph.D. Assistant Professor of Information Systems at Boston University - during a SANS audio broadcast -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7f/Bqds5fQJiraJwRAgPAAKCGs0fIqMhxMwGQrmo8Koyv9Ra0uwCgl6VX XV97ZSlpMKjDZbH1Fk0WNq4= =WbVR -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort in non switched environments Prashant Desai (Aug 19)
- Re: snort in non switched environments Michael Boman (Aug 19)