[Snort-users] Network traffic forwarder (hardware device)
erek at ...577...
Fri Jun 28 13:12:06 EDT 2002
On Fri, 28 Jun 2002, Lee, Mike (BlackBoard Support) wrote:
> I know some of you have told me this before, but I am asking
> again. Can you send me a URL of a company that makes a device which
> forwards (actually duplicates) the network traffic. I saw one before, it
> has one RJ-45 input and two outputs; one to say your firewall and the other
> to a snort machine. I need one of these so I can see all of the nasty port
> scans on my snort box before they hit my netfilter firewall, which drops
> scans before snort can take effect.
<sarcastic bastard mode>
</sarcastic bastard mode>
Seriously--If you mean exactly what you describe in a technical sense, then
grab a hub, or a switch with port spanning/mirroring.
If you mean what you wrote in a more secure and 'network friendly' manner,
then have a look at taps. <http://www.netoptics.com/net-96135.html>
More information about the Snort-users