[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall / span port
 Date:  Wed, 17 Aug 2005 11:26:53 -0400
On 8/17/05, Sebastian Lemke <s dot lemke at infoworxx dot de> wrote:
> >
> > ntop is best suited to a system on your LAN on a span port.
> 
> A "span port" is a port where all traffic is "reflected" so that a software
> (Intrusion-Detection Software) can scan for attacks ?
> 

Yes, for IDS, or just general network monitoring tools like ntop
(though a package like ntop has a place in any good network security
monitoring infrastructure, for the sake of anomaly detection amongst
other reasons).


> Is there a possibility to set up a span port in m0n0 wall ?
> 

No, that's the job of a switch.  

-Chris