Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS

From: tschroed () acm org (Trevor Schroeder)
Date: Tue, 7 Dec 1999 11:11:13 -0600 (CST)


On Tue, 7 Dec 1999, Dafunquia, Facundo wrote:


I need a ids software , but i need to run over ibm token ring network at 16
mb/sec and over linux platform, which software applies this enviroments?
Comments?


Two thoughts spring immediately to mind:  you may not want to limit
yourself exclusively to Linux.  There are a lot of good IDS out there that
don't run under Linux.

Secondly, and more importantly, for this to work at all, you'll need to
make sure that you are NOT running your IDS with an IBM Token-Ring
adapter.  They do not have promiscuous mode support.  I believe the Linux
Token-Ring driver supports Olicom adapters (it's been a long time since
I've had anything to do with Linux TR) and there was talk of Madge support
as well.  Either that or you might be able to use an IBM Trace and
Performance (TAP) adapter.  That is, assuming that there's nothing freaky
you have to do to get it into promiscuous mode.
..........................................................................
: "I knew it was going to cost me my head and also my swivel chair, but  :
: I thought: What the hell--better men than I have risked their heads    :
: and their swivel chairs for truth and justice." -- James P. Cannon     :
:........... http://www.zweknu.org/ for PGP key and more ................:
Previous By Date Next
Previous By Thread Next

Current thread: