RE: taps What Brand and Where in network

["Petriz, Pablo" <ppetriz () siscat com ar>]

Hello Michael

We are trying your TAP model but with a 568A standard (please see images
attached).

1) connection to positions labeled HOST to HOST without the TAPS positions,
works fine.
2) then we connect the IDS to position labeled TAP B, and works fine.
3) when we connect the 2nd. IDS NIC to position labeled TAP A, we lost
performance (from 3 or 4 MB/s to 100 o 200 KB/s)and get a lot of ping packet
drops.

We try reverse cables, connections and nics but when we connect to TAP A
allways happened the same.

The TAP is listening between the FW NIC and the switch of the DMZ.

NICS of the IDS (bonding): 3com 3C905B (linking at 100)
NIC of the FW: 3com 3C905B (linking at 100)
SWITCH: 3com SuperStackII 3000 (port setting autonegotiating links up 100
full duplex)

Any help will be appreciated!


PABLO


> From: "Peters, Michael D." <Michael.Peters () acbl net>
> To: 'Ron Shuck' <rshuck () Buchanan com>, 
> snort-users () lists sourceforge net, 
>       markmormartin () eircom net
> Subject: RE: [Snort-users] taps What Brand and Where in network
> Date: Mon, 12 Jan 2004 14:54:34 -0500
>
> I wrote an article for Sun BigAdmin located here:
> http://www.sun.com/bigadmin/content/submitted/passive_ethernet
> _tap.html. It
> includes a pretty clear detail on the construction and usage. 
> I included the
> places to get good parts as well.
>
> Best regards,
>
> Michael D. Peters 
> michael.peters () lazarusalliance com