Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: serial-line protocols

from [Raj Malhotra] Network Security [Permanent Link]
Subject: Re: serial-line protocols
Date: Mon, 30 Aug 2004 14:34:52 +0530 
hi

May be i was not clear in conveying our need. 

We first need to tap the PPP link to get the frames and then access
the IP datagram. In case of an ethernet tap, the 7-byte ethernet
preamble is an indication of the beginning of a frame and hence the
tap is in sync with the link.

In case of PPP-links how is this acheived.

Thanks
Raj
 

On Mon, 30 Aug 2004 00:43:07 +0800, Fook Ming EE <eeefm@singnet.com.sg> wrote:

Hi, I think you got to do it at IP level instead of link-level of PPP.

Cheers,
FM



-----Original Message-----
From: Raj Malhotra [mailto:ral.mal@gmail.com]
Sent: Thursday, August 26, 2004 8:08 PM
To: focus-ids@securityfocus.com
Subject: serial-line protocols

Hi,

We have two routers connected by fibre running a serial-line protocol
like PPP. If we need to deploy a NIDS running on a linux-box having a
10/100/1000 ethernet card, would an optical-tap with a protocol
converter suffice?

With a serial-line protocol would any synchronization at the protocol
converter be necessary?
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SUMMARY Switch Port Mirroring, Andy Cuff
Next by Date:  Re: Firewall vs. IPS - Differences now (ISS, Intrushield 2.1?), Mike Frantzen
Previous by Thread:  RE: serial-line protocols, Fook Ming EE
Next by Thread:  session logging IDS, Raj Malhotra
Indexes:  [Date] [Thread] [Top] [All Lists]