IDS and HoneyPot placement in LAN

[Quentin Ducas <quentin.h4c () gmail com>]

I apologize for the newbie question, but what is the best placement for the
IDS and the HoneyPot in the LAN?

I want to monitor a HoneyPot with the IDS (snort) [u]without[/u] monitoring
the complete LAN. Want to monitor just one machine.
What should be the best placement for HoneyPot and IDS for this situation.
The HoneyPot is a so called 'research-honeypot' so it is not used for
security-reasons.

Do I have to place the HoneyPot and the IDS in a DMZ?
Or is it better to place the IDS between modem and router, and the HoneyPot
in a DMZ?
Or is it not necessary to have a DMZ and can I place the HoneyPot between
modem and Router and the IDS in the LAN?
Do I need a switch to make a separate network for this?
Or maybe something else?

ergo: What is the best placement for both systems?

Thanks in advance,
Quentin

------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users