Date: Thu, 21 Dec 2000 14:54:52 +0300 From: "Artem Koutchine" <matrix@ipform.ru> To: <security@FreeBSD.ORG>, <questions@FreeBSD.ORG> Subject: Re: What anti-sniffer measures do i have? Message-ID: <001901c06b44$d88f6c00$0c00a8c0@ipform.ru> References: <000a01c06ab8$4676a040$1805010a@epconline.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This would cost a BUNCH of $$$ to replace every card in every machine, and not driver for BSD yet. So, most of you are saying that a switch would be a solution. Anyone can recommed a particular switch wich he/she is using without problems? Also, what about tunnelling?? Artem ----- Original Message ----- From: "Chuck Rock" <carock@epconline.net> To: <security@FreeBSD.ORG>; <questions@FreeBSD.ORG> Sent: Wednesday, December 20, 2000 10:08 PM Subject: RE: What anti-sniffer measures do i have? > Well there is another option you may not know about.... > > Encrypion on the physical level. > > 3Com make new network cards with built in encryption that works up to full > duplex 100Meg. > > Secures sensitive data by delivering 3DES,DES,MD5,and SHA-1 > > Check out the specs here.... > http://www.3com.com/products/nics/3cr990fb.html > > I don't know if anyone has built any drivers for FreeBSD, but I think it's > worth it. They make one for the server too that allows redundant NIC's for > failover protection. > > There appear to be beta drivers for Linux for these network cards as well... > http://support.3com.com/infodeli/tools/nic/linuxdownload.htm > > I can sell the 3CR990-TX-97 which provides 168 Bit encryption for about $120 > each. > And the 3CR990-SVR-97 for $115. > > I haven't used these, but the principal sounds good. I think the only > drawback is, any server using one probably has to have one in each client > computer, or there would be no way for them to speak to each other. This > would rule out some other equipment as well, but they are supposed to be > compliant with IPSec. > > If anyone has used these, I would be interested in hearing how well they > work in a "real" environment running other O/S's and routers and such. > > Chuck > > > -----Original Message----- > > From: owner-freebsd-security@FreeBSD.ORG > > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Dmitry Galyant > > Sent: Wednesday, December 20, 2000 6:58 AM > > To: Artem Koutchine > > Cc: Jonas Luster; security@FreeBSD.ORG; questions@FreeBSD.ORG > > Subject: Re: What anti-sniffer measures do i have? > > > > > > On Wed, 20 Dec 2000, Artem Koutchine wrote: > > > > > Date: Wed, 20 Dec 2000 15:27:41 +0300 > > > From: Artem Koutchine <matrix@ipform.ru> > > > To: Jonas Luster <JonasL@webex.com>, security@FreeBSD.ORG, > > > questions@FreeBSD.ORG > > > Subject: Re: What anti-sniffer measures do i have? > > > > > > Hello again! > > > > > > Well, i am depressed now :( The issue is even worse than i thought > > > at first. So, SHOUD I upgrade to switches? Will they REALLY help? > > > > > > Or should i build a simple FreeBSD router for each branch of the tree > > > with a buch of ethernet cards. For example. In a room with 8 computers i > > > will install a Pentium MMX with 8 PCI slots and 8 network cards > > and route > > > pure IP, no MAC addresing (i don't need ipx rounter or > > anything, just ip). > > > > and don't forget give root shell to this 8 mans ;-) > > switch has no shell - imho it's better way. > > > > > > > > Is there relatively cheap switches wich do the same? Is it even > > a solution? > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001901c06b44$d88f6c00$0c00a8c0>