[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Mirror port
 Date:  Thu, 13 Oct 2005 22:46:32 -0400 
On 10/13/05, Jonathan Marriott <jon at kiwiuk dot net> wrote:
> What makes it unwise to mirror a port?
>

It just seems like a "square peg, round hole" situation to me.  It's
just not really the best way to do it, IMO.  Passive network
monitoring is a nice solution, while this is a kludge.  A network tap
from NetOptics (or similar) would be the ideal solution, but then
you're looking at a few hundred bucks.

But I'm a "purist" when it comes network-related stuff - do it the
right way, or not at all.  The reality in many situations is the ideal
way to do something isn't always feasible for financial or other
reasons.

-Chris