Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: switch? for what?

From: "Weber Mail" <Don () WeberOnTheWeb com>
Date: Wed, 15 May 2002 07:32:32 -0700
keep in mind, this solution only works for all traffic actually going OUT to
the internet, mayb i missed part of this thread and that is all you need,
but this method does not see any of the traffic that is communicating
internally btwn computers on just the LAN. ie, the traffic that never goes
out of the switch like from one PC to the mail server.

Don
  -----Original Message-----
  From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of Bruno Taranto
  Sent: Wednesday, May 15, 2002 5:42 AM
  To: snort-users () lists sourceforge net
  Subject: [Snort-users] switch? for what?


  Hy mans...
  I have a better idea. Its very, very simple!
  Some times u can't do a port mirror or other modifications on the
hardware/system of the client.
  Depending on the hardware/system u have to learn how to do a port mirror
to get all traffic on that box(switch).
  Learn is cool man, but... some times... we dont have time to play with
this toys.
  Some times IT professionals dont configure the hardware/system like u like
or when u want.
  U have to do a complete solution without modifications or touch on any
system/hardware of the company. Right?
  Some time i hate IT professionals.
  I saw many problems with "IT professionals x Security Officers".
  ITS COOL MAN!!!  >:-)
  They always have problems with our security work.
  argh!!!
  Maybe u r IT professional!!!  :-p~
  If... I'm sorry... Forget what i said. :-p~~~

  U can do that:

  =================================
            INET
               |
               |
          ROUTER
               |
               |
          COOL HUB ---------> SNORT SENSOR (only)
               |
               |
          SWITCH
               |
               |
          COMPANY
               |
               |
          FUCKIN USERS
  =================================

  :-)

  Its simple...  but work!!!
  U can use that solution to anything (like SNIFFING / NIDS / SPOOFING /
ETC... ).

  ___________________________________
  Internet Security Services
  HISS, Inc.

  Bruno Taranto
  phone: +55 21 2221-2180
  phone: +55 21 2508-0505 r.741
  phone/fax: +55 21 2232-6209
  email: bruno () hiss com br
  corporate site: http://www.hiss.com.br
  security portal: http://www.hacker.com.br
  ___________________________________
Previous By Date Next
Previous By Thread Next

Current thread: