I agree about real hub hassles, and most stores have no clue
about what you are talking about. I've even seen one brand that
said hub on the box, but was really a switch.
I've had good luck with NetGear hubs. They are very inexpensive on eBay.
Something like the 4port 100mb hubs (netgear en104)
or the 8port 10/100mb Netgear hubs (netgear en108)
On Sun, Feb 12, 2006 at 01:37:54PM +0100, Petr.Kazil@eap.nl wrote:
If you are doing a host:
- interrupt the hosts uplink with a hub and plug your snort box in.
You could have this all setup on a laptop.
I have tried this but run into problems:
- Real hubs are (almost?) impossible to get nowadays. Even the cheapest
"hub" is really a switch. If you know where I can find a hub-like network
component, then I'll order it right away.
- I was able to buy the last real hub from a PC-shop, but it was only
10Mbps and it refused to work with my 100Mb cards and switches.
A few nice sniffer componentens are described in the book:
"Extrusion Detection: Security Monitoring for Internal Intrusions"
but these are not cheap.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
