|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michael Lea (mlea
ATOMICBLUEBEAR.ORG)Date: Tue Jan 09 2001 - 16:56:22 CST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 9 Jan 2001, Mark McLaughlin wrote:
> ML> For the especially paranoid, people have recommended snipping the TX wires
> ML> on the unaddressed interface or using some sort of tap to enforce a
> ML> listen-only behaviour.
>
> It is my understanding that this would be possible on a 10MB line,
> but if your running 100MB then you would need TX.
> Also in a switched environment, when you connect to the SPAN port
> you will not see any traffic unless you have link.
This type of thing has been discussed before on this and other lists, so I
won't get into a whole lot of detail, but you're right about snipping the
TX only working on 10 Mbps (even then, it may require an AUI adapter to
fake the link signal). There are products out there that will isolate the
TX wires even at 100 Mbps ... they fake the link signal to both the NIC
and the switch. Shomiti Systems (www.shomiti.com) is one vendor that I've
seen recommended.
I've never used either of these methods myself... YMMV.
- - Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: Made with pgp4pine 1.75-6
iEYEARECAAYFAjpblzAACgkQc9EFi4qQZEx0ZwCg3rSv5dveEBD1WThSUDxkHt7t
ToMAoNkLGmIhlTrLJQIfiYBhaUBgmEZf
=/nbP
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]