Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Re: challenges in capturing Gigabit ethernet

Re: challenges in capturing Gigabit ethernet

From: Stefano Zanero <zanero_at_elet.polimi.it>
Date: Tue, 03 Jan 2006 23:19:17 +0100

hank.schupp_at_mantech-ist.com wrote:
> I've tried some experiments with collecting at high-speed off gigabit
> cards. Created a test system that generated traffic at varied rates
> from 10 mbs to 1 gbs.

What system ? On which hardware ? Which OS stack ? Which type of traffic ?

> Though the cards themselves reported very
> little loss (Endace products) the ability to write the data to disk

Which disk ? On which bus ?

> Understand also that the tests were not done under the most
> scientific conditions - still repeated testing showed our breakdown
> was primarily the ability to write the data to disk

hdparm -Tt (or similar) could help you pinpoint this. 

-- 
Best,
Stefano Zanero
Ph.D. Student - Politecnico di Milano - Dip. Elettronica e Informazione
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Received on Jan 05 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos