how to build an inline ids?

From: spy guy (spyguy703@earthlink.net)
Date: 11/16/02

Next message: Kevin Jones: "Where is Ron Gula? (was "Changes in IDS Companies?")"

Previous message: Ralph Los: "RE: IDS for DataBase Systems."
Next in thread: Milos Urbanek: "Re: how to build an inline ids?"
Reply: Milos Urbanek: "Re: how to build an inline ids?"
Maybe reply: Gregory Perry: "Re: how to build an inline ids?"
Reply: buzzdee: "Re: how to build an inline ids?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: spy guy <spyguy703@earthlink.net>
To: focus-ids@securityfocus.com
Date: 15 Nov 2002 15:00:45 -0800

I have a question and I was hoping someone could help.

Is it possible to build an x86 based PC as an in-line IDS?

I want to install Snort IDS at home, but have no taps or equipment that
can mirror/span ports.

Can I build a Linux PC with 2 nics and put it inline between my firewall
and adsl modem?

I would like to have the NIC's in some sort of 'Stealth mode', so that
no IP's are needed and thus my network config will not change. I just
want the NIC's to pass traffic in both directions and then run snort to
monitor the traffic on both.

Is there a way to do this?

Next message: Kevin Jones: "Where is Ron Gula? (was "Changes in IDS Companies?")"
Previous message: Ralph Los: "RE: IDS for DataBase Systems."
Next in thread: Milos Urbanek: "Re: how to build an inline ids?"
Reply: Milos Urbanek: "Re: how to build an inline ids?"
Maybe reply: Gregory Perry: "Re: how to build an inline ids?"
Reply: buzzdee: "Re: how to build an inline ids?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]