You could try using a Symantec ManHunt or SNS unit; they can
cross-correlate between interfaces. YMMV, but it has worked for me before.
Try an eval SNS box and see how it works for you.
--------------------------------------------------
J o h a n n v a n D u y n
--------------------------------------------------
"The most common of all follies
is to believe passionately in the palpably not true.
It is the chief occupation of mankind."
--H. L. Mencken
_____________________________________________________________________
Confidentiality Notice: The information in this document and attachments is
confidential and may also be legally privileged. It is intended only for the
use of the named recipient.
Internet communications are not secure and therefore British American Tobacco
does not accept legal responsibility for the contents of this message.
If you are not the intended recipient, please notify us immediately and then
delete this document. Do not disclose the contents of this document to any
other person, nor take any copies.
Violation of this notice may be unlawful.
______________________________________________________________________
--------------------------------------------------------------------------
Stop hurting your network!
The NeVO passive vulnerability sensor continuously finds vulnerabilities,
applications and new hosts without the need for network scanning.
It also finds compromised systems with application-based intrusion detection.
Go to http://www.tenablesecurity.com/products/nevo.shtml to learn more.
--------------------------------------------------------------------------
