Snort mailing list archives
Re: Snort Implementation Guide - ACID-MySQL-Redhat7 .2
From: Jason <jason () brvenik com>
Date: Tue, 23 Jul 2002 14:28:50 -0400
I think that the hubs can be a liability for a couple of reasons. 1) Additional SPOFs. But if you only have a hub and can't get funding then a little downtime to the cloud is likely acceptable on failure. 2) You will definitely miss any host to host traffic that does not cross a boundary. In some cases this may be acceptable but I would argue that in nearly all cases of a DMZ it is not and anything larger than a small network should pay attention to internal host to host traffic. Intellectual Property violations and outright data theft can kill a company quick. Is the number still 80% of attacks are internal? If the switches support it, dump the hubs in the DMZ and Internal and use port monitoring. WRT One hub. NO,NO,NO,NO,NO,BAD DOGGY! If you own one box on any segment you can see and get to any other connected segment. Jason. twig les wrote:
Actually I just looked at the conceptual placement and thought it made a lot of sense. The hubs are the cheapest way to do this, and if you save $150 while increasing the confusion, then IMHO it's not worth it. --- Jack Lyons <jack.lyons () martinagency com> wrote:I would like to get people's view points on using 1 hub for all three locations. As long as the IP addressing scheme are different, it shouldn't matter correct? Also, you can buy 4 port hubs for under $100...doesn't seem to expensive.
[snip old stuff] ------------------------------------------------------- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort Implementation Guide - ACID-MySQL-Redhat7 .2 Jack Lyons (Jul 23)
- RE: Snort Implementation Guide - ACID-MySQL-Redhat7 .2 twig les (Jul 23)
- Re: Snort Implementation Guide - ACID-MySQL-Redhat7 .2 Jason (Jul 24)
- RE: Snort Implementation Guide - ACID-MySQL-Redhat7 .2 twig les (Jul 23)