Snort mailing list archives
To TAP or HUB?
From: "Carleton, Sam (SCI TW)" <Sam_Carleton_TW () stercomm com>
Date: Thu, 19 Dec 2002 13:21:14 -0500
Folks, I understand the point of using a TAP with an IDS, but is it a must? What is the drawback to simply using a HUB? I ask because a TAP is a bit much for the house, or at least right now. My thought is this: I put a HUB between the cable modem and firewall. Then I plug in the second NIC of my IDS Server, but never assign an IP address. Then turn on snort to listen to that NIC. Would that work? Would a hacker be able to get into the IDS Server? It is my understanding that the presents of the IDS would be known, but I can live with that right now. Are there any other drawbacks? Sam ------------------------------------------------------- This SF.NET email is sponsored by: Geek Gift Procrastinating? Get the perfect geek gift now! Before the Holidays pass you by. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- To TAP or HUB? Carleton, Sam (SCI TW) (Dec 19)
- <Possible follow-ups>
- RE: To TAP or HUB? Henning, David (Dec 19)
- RE: To TAP or HUB? Frank Knobbe (Dec 19)
- RE: To TAP or HUB? Madziarczyk, Jonathan (Dec 19)
- RE: To TAP or HUB? Shane Hickey (Dec 19)
- RE: To TAP or HUB? Eric Joe (Dec 19)
- RE: To TAP or HUB? Shane Hickey (Dec 19)
- RE: To TAP or HUB? Matt Kettler (Dec 19)