Snort mailing list archives
RE: switch? for what?
From: "Weber Mail" <Don () WeberOnTheWeb com>
Date: Wed, 15 May 2002 07:32:32 -0700
keep in mind, this solution only works for all traffic actually going OUT to the internet, mayb i missed part of this thread and that is all you need, but this method does not see any of the traffic that is communicating internally btwn computers on just the LAN. ie, the traffic that never goes out of the switch like from one PC to the mail server. Don -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Bruno Taranto Sent: Wednesday, May 15, 2002 5:42 AM To: snort-users () lists sourceforge net Subject: [Snort-users] switch? for what? Hy mans... I have a better idea. Its very, very simple! Some times u can't do a port mirror or other modifications on the hardware/system of the client. Depending on the hardware/system u have to learn how to do a port mirror to get all traffic on that box(switch). Learn is cool man, but... some times... we dont have time to play with this toys. Some times IT professionals dont configure the hardware/system like u like or when u want. U have to do a complete solution without modifications or touch on any system/hardware of the company. Right? Some time i hate IT professionals. I saw many problems with "IT professionals x Security Officers". ITS COOL MAN!!! >:-) They always have problems with our security work. argh!!! Maybe u r IT professional!!! :-p~ If... I'm sorry... Forget what i said. :-p~~~ U can do that: ================================= INET | | ROUTER | | COOL HUB ---------> SNORT SENSOR (only) | | SWITCH | | COMPANY | | FUCKIN USERS ================================= :-) Its simple... but work!!! U can use that solution to anything (like SNIFFING / NIDS / SPOOFING / ETC... ). ___________________________________ Internet Security Services HISS, Inc. Bruno Taranto phone: +55 21 2221-2180 phone: +55 21 2508-0505 r.741 phone/fax: +55 21 2232-6209 email: bruno () hiss com br corporate site: http://www.hiss.com.br security portal: http://www.hacker.com.br ___________________________________
Current thread:
- switch? for what? Bruno Taranto (May 15)
- RE: switch? for what? Weber Mail (May 15)