Re: [Full-disclosure] Sniffing on 1GBps
- From: Fabio Pietrosanti - naif <naif@xxxxxxxxxx>
- Date: Mon, 19 Jun 2006 01:00:41 +0200
Denis Jedig wrote:
There are some papers dealing with capturing and performance issues onYou probably need to use a statefull load balancer in order to split the
the net, some of them published by members of the Winpcap team:
http://www.winpcap.org/docs/iscc01-wpcap.pdf which share the basic
idea that filtering should not be done within the application but
either in the kernel or in the capturing device to reduce the number
of copy operations and thus the load on the capturing system.
traffic between different probes (or different load balancers with
probes behind) and get the opportunity to do real-time analysis
(parametric interception).
-naif
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Sniffing on 1GBps
- From: crazy frog crazy frog
- [Full-disclosure] Sniffing on 1GBps
- Prev by Date: [Full-disclosure] ***ULTRALAME*** Microsoft Excel Unicode Overflow ***ULTRALAME***
- Next by Date: [Full-disclosure] [ GLSA 200606-20 ] Typespeed: Remote execution of arbitrary code
- Previous by thread: Re: [Full-disclosure] Sniffing on 1GBps
- Next by thread: Re: [Full-disclosure] Sniffing on 1GBps
- Index(es):
