[106475] in North American Network Operators' Group
Re: Hardware capture platforms
daemon@ATHENA.MIT.EDU (Network Fortius)
Tue Jul 29 21:45:24 2008
Date: Tue, 29 Jul 2008 20:45:15 -0500
From: "Network Fortius" <netfortius@gmail.com>
To: "nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <75cb24520807291712r50167c9ap3a444d7b4792c7e3@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
Richard's blog @ http://taosecurity.blogspot.com/search?q=taps and
especially his books (Tao of Network Security Monitoring and Extrusion
Detection) are the best sources I have ever found, concerning [not only]
taps and[/but] so much more on the subject - proper usage and best
methodologies and practices for network monitoring (and not only for
security!!!)
Stefan
On Tue, Jul 29, 2008 at 7:12 PM, Christopher Morrow <morrowc.lists@gmail.com
> wrote:
> On Wed, Jul 30, 2008 at 12:35 AM, Jared Mauch <jared@puck.nether.net>
> wrote:
> > Check out packet forensics depending on what your ultimate requirements
> are.
> >
>
> I would also add a 'see packet forensics'...
>
> > On Jul 29, 2008, at 7:10 PM, "John A. Kilpatrick" <john@hypergeek.net>
> > wrote:
> >
> >>
> >> We've deployed a bunch taps in our network and now we need a platform on
> >> which to capture the data. Our bandwidth is currently pretty low but
> I've
> >> got 8 links to tap, which means I need 16 ports. Has anyone done any
> >> research on doing accurate packet capture with commodity hardware?
> >>
> >>
> >> --
> >> John A. Kilpatrick
> >> john@hypergeek.net Email| http://www.hypergeek.net/
> >> john-page@hypergeek.net Text pages| ICQ: 19147504
> >> remember: no obstacles/only challenges
> >>
> >>
> >
> >
>
>
