IDS mailing list archives
Passive Network Taps - on the cheap
From: Packet Man <packetman () altsec info>
Date: Mon, 13 Feb 2006 12:31:46 -0600
I've finally finished a major upgrade to my work on construction and use of passive network taps. Granted, the best tap is a commercial tap. But, a home-built passive network tap can be used quite successfully to monitor network traffic. The original paper on construction, with minor modifications: http://www.altsec.info/passive-network-tap.html The new paper on using the tap, with recent test lab results: http://www.altsec.info/pnt-sensor-data.html Anyone who is interested, please feel free to have a look. For any comments, suggestions, or corrections, please see the papers for contact information. Just my way of saying thanks for all the great information I get in this list. I hope my many hours of testing and research benefits someone. Mark -- Excellence in InfoSec and Linux http://www.altsec.info ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- Passive Network Taps - on the cheap Packet Man (Feb 13)
- Re: Passive Network Taps - on the cheap Richard Bejtlich (Feb 13)
- Re: Passive Network Taps - on the cheap Packet Man (Feb 15)
- Re: Passive Network Taps - on the cheap Richard Bejtlich (Feb 13)