Re: Spyware assessment techniques - hub?

[Petr.Kazil () eap nl]

> If you are doing a host:
> - interrupt the hosts uplink with a hub and plug your snort box in.
> You could have this all setup on a laptop.

I have tried this but run into problems:

- Real hubs are (almost?) impossible to get nowadays. Even the cheapest 
"hub" is really a switch. If you know where I can find a hub-like network 
component, then I'll order it right away.
- I was able to buy the last real hub from a PC-shop, but it was only 
10Mbps and it refused to work with my 100Mb cards and switches.

A few nice sniffer componentens are described in the book:
"Extrusion Detection: Security Monitoring for Internal Intrusions"
but these are not cheap.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------