> Some commercial IDS use special a special Ethernet device that is > supposed to be invisible. If you want your sensor to be non-invasive and undetectable, it's highly suggested that you use a special device, like the Shomiti (now Finisar) Century TAP: http://www.finisar.com/product/product.php?product_id=69&product_category_id=41 PROS: full duplex support, fault tolerant, non-invasive network monitoring, undetectable, useful for switched environments (there's no longer need for a span port). CONS: it's expensive for small environments. Hope that helps, +------------------------------------------------------------+ |Marco Ivaldi Email: miat_private |Security Manager Phone: (+39)-011-32.72.100 |D.S.D. Data Security Division Fax: (+39)-011-32.46.497 |@ Mediaservice.net Srl http://www.0xdeadbeef.eu.org |Get my PGP pubkey at http://www.0xdeadbeef.eu.org/raptor.asc
This archive was generated by hypermail 2b30 : Mon Mar 18 2002 - 09:13:26 PST