IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Avoiding VLAN bridge with N-IDS?

From: "Chris Conacher" <chris_conacher () hotmail com>
Date: Mon, 09 Aug 2004 19:31:54 +0000
My understanding is that the deployment of N-IDS in a VLANd environment where the switch is spanned to enable a single N-IDS to sniff all VLAN traffic creates the risk that the IDS sensor can form a bridge to where someone can compromise the N-IDS machine and then use that to sniff all traffic or else move from VLAN to VLAN.
Is there information on deploying N-IDS in switched and VLANd environments that do not require one N-IDS per VLAN and avoid the above risk if it does exist? 

Thanks

Chris

_________________________________________________________________
Want to block unwanted pop-ups? Download the free MSN Toolbar now! http://toolbar.msn.co.uk/ 


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: