Re: What NICs are people using?

[David Alonso De La Vega Tapage <delavegad () bancoaliado com>]

3 Com TX ..  and function very very well  .. !    :-D

JP Vossen wrote:

> > From: "Gordon Cunningham" <gcunnin2 () bellsouth net>
> > To: <snort-users () lists sourceforge net>
> > Date: Fri, 2 May 2003 12:47:37 -0400
> > Subject: [Snort-users] What NICs are people using?
> >
> > Situation:  RedHat (choice of version, 7.3+), snort, multiple segments to
> > monitor (up to 4), barnyard, MySQL, Webmin, etc.
> >    
>
> I assume you know about the end of life of RedHat < 9 at the end of 2003.
>
>
>  
>
> > RedHat says the use of multiple same-chipset Intel Pro100 NICs won't work
> > due to a bug in the driver. I need to find a solution to support up to 4
> > sniffing promiscuous Ethernet ports - 2 dual-port NICs or single 4-port?
> >
> > Q:  What brand/model of multiple NICs are you using to support sniffing up
> > to 4 segments (5th separate NIC for management interface) on RedHat systems?
> >    
>
> I have a Zynx ZX340Q quad card [1] that I WILL be using in this way, I'm just
> not done yet.  But it came up without a hitch with both RedHat 8.0 and
> Mandrake MNF (testing) [0] using the tulip drivers.  I'm told this is the same
> card that Nokia used to charge ~ $2K (USD) for in their IPSO boxes...  I got
> it on EBay for < $90.  Search EBay for Zynx then look for quad cards.
>
> I have had a problem with it when trying to use crossover cables, but I'm not
> sure where the fault is yet.  The other end of the cable was a Win2K box with
> an Intel 8255x card and I think they just didn't auto-negotiate right.
>
>
>  
>
> > Q:  Do the dual- or multi-port NICs work?
> >    
>
> If the OS can run 'em, Snort can use 'em.  But you will have to mess around
> with startup scripts to run several instances of Snort concurrently.  (Someone
> correct me if I'm wrong, but that's my understanding.)
>
>
>  
>
> > Q:  Should I move to another OS?
> >    
>
> Hell no! :-)  Linux or xxxBSD seem to be quite popular choices.  Snort runs on
> Windows and some people like it, but I wouldn't recommend it.
>
>
>  
>
> > Loved this so much I ripped it:  "The software said it requires Windows 98
> > or better, so I installed Linux..."
> >    
>
> ;-)  Thanks.  I stole if from someplace years and years ago.
>
> Later,
> JP
>
> [0] http://www.mandrakesoft.com/products/mnf
> [1] http://www.znyx.com/products/hardware/zx340q.htm
> ------------------------------|:::======|--------------------------------
> JP Vossen, CISSP              |:::======|                jp () jpsdomain org
> My Account, My Opinions       |=========|       http://www.jpsdomain.org/
> ------------------------------|=========|--------------------------------
> "The software said it requires Windows 98 or better, so I installed
> Linux..."
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>