[Snort-users] Dual NIC with special feature...

Paulo Matos pjsm at ...6433...
Wed Jul 24 08:53:03 EDT 2002


	Hi!
	This might be a little bit out of the list subject, my appologies 
for that.
	I'm trying to set up an IDS on my network (with multiple 
_switched_networks). 

Scenario 1
	Net A *------------------* Net B

Scenario 2
	Net A *-------\ /-------* Net B
		      | |
		   +--+-+--+	
		   |  IDS  |
		   | host  |
                   +-------+

	I'm looking for DUAL NIC to do this, with a special feature if IDS 
host for some reason has a power failure, the connection between Nets A 
and B is not affected, we have scenario 1 again. (Bandwidth managers like 
PacketShaper -- www.packeteer.com, have a similar mechanism)

	The IDS host is a passive host that only sniffes everything on the 
wire. This way we have an IDS host completely invisible on the net (also 
we have no arp poisning) we use an alternate NIC to comunicate with other 
IDS hosts/managers.

	Does anyone know this hardware piece?

	Thanks in advance.

	Best regards,

-- 
	Paulo Matos
 ----------------------------------- ----------------------------------
|Sys & Net Admin                    | Serviço de Informática           |
|Faculdade de Ciências e Tecnologia | Tel: +351-21-2948596             |
|Universidade Nova de Lisboa        | Fax: +351-21-2948548             |
|P-2829-516 Caparica                | e-Mail: pjsm at ...6433...          |
 ----------------------------------- ----------------------------------





More information about the Snort-users mailing list