Hi all, I've been running a bridging firewall now for about six months
(works great) and now I'm working on setting up an IDS (Intrusion Detection
System) just to be on the safe side. I'm new to this aspect of network
security so have been reading up on it.
Most of the docs recommend putting in a IDS box onto a hub so it can
monitor all the packets sent to the hub. Great, that works fine, but we've
recently upgraded to a fully switched network. If I plug an IDS box into
that I only get stuff sent to that port on the switch, which is limited in
its usefullness.
So, I thought, why not set up a bridge between two switches and use that
as an IDS.
Does this sounds reasonable to people and has anyone else tried it or are
there any pointers/ideas on it in general?
Thanks,
Ryan.
--
Ryan McConigley - Systems Administrator _.-,
Computer Science University of Western Australia .--' '-._
Tel: (+61 8) 9380 7082 - Fax: (+61 8) 9380 1089 _/`- _ '.
Email: [EMAIL PROTECTED] - http://www.cs.uwa.edu.au/~ryan '----'._`.----. \
` \;
"You're just jealous because the voices are talking to me" ;_\
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
