|
-
July 29th, 2002, 05:34 PM
#1
Junior Member
 spoof/sniff on a switched network
Hi,
i m trying to find a way to prevent arp spoof and sniff on my switched network and generally secure it.
after some personal researches i came to the result of : buy an ids and some sensors...(or convince my management that bsd and snort will be able to do what we need atm, but i ve close to no hope on this one).
maybe some of you have good ideas/practices/software i can use, some info on my setup :
- fully switched network,
- cisco devices only (2924 --> 4006),
- vlans used and deployed, so is vtp (...meaning the private vlan feature from cisco is a no no for me).
Also hardcoding the mac adress per port will give me nothing against the sniffing.
thanks in advance.
-
July 29th, 2002, 06:01 PM
#2
just pop snort on bsd and you are all set. it works fine with switches and routers that are in place. just put it on your pipe to the outside world and youll be all set.
-
July 30th, 2002, 01:41 PM
#3
Junior Member
well thanks but this doesnt apply to my setup sadly.
why :
- big boss is against *bsd and the whole opensource concept, he prefers nothing than a bsd with snort...stupid but well, he s the boss.
-
July 31st, 2002, 06:57 AM
#4
Junior Member
Hey Morehei,
Just don't tell him that it's BSD. You can give the big speal and show him the web front end. He'll not know the difference. Also you can collect some pingas towards the xmas piss up.
J
viapek
....attempting constantly to find a place where learning is no longer necessary
-
July 31st, 2002, 12:47 PM
#5
Senior Member
Morehei,
I will be posting a tut soon that i am working on now "installing snort on win2k" maybe he would go for that? I have been using it for a few weeks and seems to work well.
just making some minor adjustments to your system.... 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote