To TAP or HUB?

["Carleton, Sam (SCI TW)" <Sam_Carleton_TW () stercomm com>]

Folks,

I understand the point of using a TAP with an IDS, but is it a must?  What
is the drawback to simply using a HUB?  I ask because a TAP is a bit much
for the house, or at least right now.  My thought is this:  I put a HUB
between the cable modem and firewall.  Then I plug in the second NIC of my
IDS Server, but never assign an IP address.  Then turn on snort to listen to
that NIC.  Would that work?  Would a hacker be able to get into the IDS
Server?  It is my understanding that the presents of the IDS would be known,
but I can live with that right now.  Are there any other drawbacks?

Sam


-------------------------------------------------------
This SF.NET email is sponsored by: Geek Gift Procrastinating?
Get the perfect geek gift now!  Before the Holidays pass you by.
T H I N K G E E K . C O M      http://www.thinkgeek.com/sf/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users