Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to monitor two different traffics with snort

From: Richard Bejtlich <taosecurity () gmail com>
Date: Fri, 5 Jun 2009 13:12:32 -0400
On Fri, Jun 5, 2009 at 12:16 PM, YARICK<yarick () yarick com> wrote:

Why would you, in your right mind connect the same device to inside
and outside of your network?
Have you looked at a seim solution?!



Hello,

This is a great justification for using network taps as your traffic
access method.  Deploy taps that are wired to NOT allow traffic to be
sent from the sensor.  Any concerns you have about "bridging" the
internal and external networks go away.  This is a common concern but
it is easily addressed.

Sincerely,

Richard

------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises 
looking to deploy the next generation of Solaris that includes the latest 
innovations from Sun and the OpenSource community. Download a copy and 
enjoy capabilities such as Networking, Storage and Virtualization. 
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: