RE: serial-line protocols

["Rob Shein" <shoten () starpower net>]

I would think you'd be better off deploying the NIDS at either end instead,
adjacent to one of the routers.  Anything passing in between them (and not
generated by one of them, obviously) would have to pass by that position
anyways, would it not?

> -----Original Message-----
> From: Raj Malhotra [mailto:ral.mal () gmail com] 
> Sent: Thursday, August 26, 2004 8:08 AM
> To: focus-ids () securityfocus com
> Subject: serial-line protocols
>
>
> Hi,
>
> We have two routers connected by fibre running a serial-line 
> protocol like PPP. If we need to deploy a NIDS running on a 
> linux-box having a 10/100/1000 ethernet card, would an 
> optical-tap with a protocol converter suffice?
>
> With a serial-line protocol would any synchronization at the 
> protocol converter be necessary?