Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall and IDS, (the second way).

From: Marco Ivaldi <raptor () mediaservice net>
Date: Mon, 18 Mar 2002 12:58:57 +0100 (CET)
Some commercial IDS use special a special Ethernet device that is
supposed to be invisible.


If you want your sensor to be non-invasive and undetectable, it's highly
suggested that you use a special device, like the Shomiti (now Finisar)
Century TAP:

http://www.finisar.com/product/product.php?product_id=69&product_category_id=41

PROS: full duplex support, fault tolerant, non-invasive network
monitoring, undetectable, useful for switched environments (there's no
longer need for a span port).

CONS: it's expensive for small environments.

Hope that helps,

+------------------------------------------------------------+
|Marco Ivaldi                    Email:  mi () mediaservice net
|Security Manager                Phone:  (+39)-011-32.72.100
|D.S.D. Data Security Division   Fax:    (+39)-011-32.46.497
|@ Mediaservice.net Srl          http://www.0xdeadbeef.eu.org
|Get my PGP pubkey at http://www.0xdeadbeef.eu.org/raptor.asc
Previous By Date Next
Previous By Thread Next

Current thread: