Zhanxiang> In order to use tcpdump snooping 1Gbps traffic without"Zhanxiang" == Zhanxiang Huang <[EMAIL PROTECTED]> writes:
Zhanxiang> dropping packets, Zhanxiang> what are the requirements for the hardware?
Zhanxiang> Say, how fast should the CUP, memory, cache, buses and hard
Zhanxiang> drive be?
I'm not aware of any current off-the-shelf hardware that can deal with this.
You'd need a PCI-Express equipped system with a NIC card that can deal
with the data rates involved.
If you want to do Gb/s, you'll need hardware dedicated to the purpose. I.e. Smartbits, etc.
Another alternative is to use multiple boxes behind an IDS load balancer. TopLayer produces suitable devices for this.
-- Jefferson Ogata <[EMAIL PROTECTED]> NOAA Computer Incident Response Team (N-CIRT) <[EMAIL PROTECTED]>
- This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
