Security Basics mailing list archives
FW: jeckyl hyde network
From: "crawford charles" <biv0uac17 () hotmail com>
Date: Thu, 17 Apr 2003 17:46:38 +0000
Lotsa folks supported "Etherspan" (balanced by src/dst MAC/IP address hash) -- it just wasn't that popular a feature...
C. From: Jon Pastore [mailto:jpastore () idetech net] Sent: Wednesday, April 16, 2003 2:54 PM To: 'Lee Burleson'; madadulate () hotmail com; security-basics () securityfocus com Subject: RE: jeckyl hyde network Another good product priced a little better with more expandability is the HP Procurve 8000 I switched to those from the catalyst 2900 xl I was using...only advantage you get with Cisco I think they are the only one who support this protocol (etherlan? I forget) basically you can take 2 or 3 ports on both switches and load balance between them to effectively create a larger pipe between switches without getting a split horizon or something of the like...this was before gigabit was big and cheaper then it was...so we had 300Mb pipes between some of our switches... Now we just have 2 HP Procurve 8000 1 with 5 gigabit ports (1 for each switch) and 1 with 72 10/100 ports and 1 gigabit...and some smaller dell 24 port 10/100 with 1 gigabit... Before I got off on that tangent =) I think the HP Procurve also support the VLAN from an easy to use web interface if I remember correctly... Jon Pastore, President IDE Tech, Inc. (954) 360-0393 Office (954) 428-0442 Fax -----Original Message----- From: Lee Burleson [mailto:lburleso () hotmail com] Sent: Wednesday, April 16, 2003 9:49 AM To: madadulate () hotmail com; security-basics () securityfocus com Subject: re: jeckyl hyde network You said you have a Cisco 2900 switch ... as part of the solution, you may be able to use private VLANs to divide the trusted and untrusted ports. the local router would be on a "promiscuous" port. In this configuration, the nodes in each community can only communicate amongst themselves but the router could communicate with all ports. Here's a great link to explain the concept: http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800e47e2.html Not sure if the 2900 even supports it; it may need a software upgrade to do so. If it doesn't support it, you could still learn something in the process. :) - Lee _________________________________________________________________ ---------------------------------------------------------------------------Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- jeckyl hyde network Mada Dulate (Apr 10)
- RE: jeckyl hyde network Burton M. Strauss III (Apr 10)
- Re: jeckyl hyde network Ben (Apr 10)
- Re: jeckyl hyde network Mel (Apr 11)
- <Possible follow-ups>
- Re: jeckyl hyde network H Carvey (Apr 10)
- RE: jeckyl hyde network Chris Santerre (Apr 11)
- re: jeckyl hyde network Lee Burleson (Apr 16)
- RE: jeckyl hyde network Jon Pastore (Apr 17)
- FW: jeckyl hyde network crawford charles (Apr 17)
- re: jeckyl hyde network Lee Burleson (Apr 21)