IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: serial-line protocols

From: Michael McDonough <mpm () atceast com>
Date: Fri, 3 Sep 2004 06:34:27 -0700 (PDT)
Not sure what your asking regarding "the protocol
converter", but if you need to tap into that fiber
link then why don't you just run a pair of
ethernet<->fiber "bridges back-to-back?  Then you tap
the eth in the middle.  

--- Raj Malhotra <ral.mal () gmail com> wrote:


Hi, 

                                                    
           
----------------------------------
----------------------------------
|       ROUTER             | -------PPP fiber
link---|     ROUTER              |
----------------------------------                  
            
                                                    
            
----------------------------------
       |                      |
------------------           ------------------  
| switch       |          | switch       |
------------------           ------------------

We are not allowed to touch the left part of the
diagram for any type
of deployment
due to policies. We can deploy only on the outgoing
link which is PPP.
If we deploy any of the optical taps, the tap only
splits the light
wave to give us a portion
of the raw data going on the link. Our NIDS has an
ethernet interface
and hence we need
a protocol converter to convert from PPP to ethernet
frames. 
How does the protocol converter detect the IP frames
before it can
encapsulate it into
an ethernet frame and send out.

Raj




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: