Re: Snort-users digest, Vol 1 #4458 - 10 msgs

[SN ORT <snort_on_acid () yahoo com>]

OMG I got STP and VTP confused...it's been too long.
Thanks for the correction. I still have never seen
performance issues with 5500 and being a Cisco
enginner in the past, I've done a lot of them.
Besides, I don't believe that's even the issue. Of
course, you could start to develop port mirroring
issues if you span too many of them...

Cheese!

Marc


> --__--__--
>
> Message: 1
> Date: Thu, 12 Aug 2004 21:35:59 -0700
> From: "Michael J. Pelletier"
> <mjpelletier () mjpelletier com>
> To: snort-users () lists sourceforge net
> Cc: Hey () wsip-24-234-113-78 lv lv cox net,
> man () wsip-24-234-113-78 lv lv cox net,
>    don't () wsip-24-234-113-78 lv lv cox net,
> be () wsip-24-234-113-78 lv lv cox net,
>    dis'ing () wsip-24-234-113-78 lv lv cox net,
>    my () wsip-24-234-113-78 lv lv cox net,
> net () wsip-24-234-113-78 lv lv cox net,
>    engineers!@wsip-24-234-113-78.lv.lv.cox.net
> Subject: [Snort-users] Re: Snort on span port
>
>
> > Hey man don't be dis'ing my net engineers!
>
> > J/K.
>
> > Ok, so if I remember correctly, root-bridges are
> like only for vlan trunking
> protocol and elections and what-not of switches that
> will act as root bridges.
>
> Root Bridges are used for SPANNING TREE!. You can
> run VLAN trunks with SPANNING
> TREE. With SPANNING TREE each bridge will calulate
> it's distance from the root
> bridge to itself. This cost is used to determine the
> shortest past cost to the
> root bridge. Although ROOT BRIDGES are used with
> SPANNING TREE and VLANS can
> use SPANNING TREE ther are not the same.
>
> > All they do is keep track of vlans.
>
> Not true. Root bridges help determine path cost
> between bridges.
>
> > Not sure what this has to do with port
> spanning/monitoring. Your engineers
> should be spannig at the physical layer and not the
> vlan layer.
>
> Actually you can do both if your IDS understands
> VLAN trunking.
>
> > They should be spanning the physical ports that
> the vlans are trunked on and
> connected to each other. Nevermind the gibberish
> about Cisco switches not
> keeping up with spanning...hogwash!
>
> Dude, Sorry but the Cisco 5500 series is known for
> this. Newer, ie 6500, etc are
> much, much better. Ask any Cisco engineer or
> someone, like me, that has used
> them for years. In private the Cisco Engineer will
> tell you.
>
> > You assign vlans and trucks to ports, all the
> engineers need to worry about
> are physically spannning those ports to your ports.
>
> > IOW, let's say my trunk port is port one on one of
> the switches. The port is
> either part of the backbone or at least connects to
> the other switches. Now
> let's say your IDS is connected to port two. All the
> engineer has to do is get
> on the switch, go to port 2 and type in "port
> monitor fa0/1" Then you'd be set!
>
> Cheese!
>
> Marc



                
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail 


-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users