From owner-freebsd-questions Thu Dec 21 3:55:14 2000 From owner-freebsd-questions@FreeBSD.ORG Thu Dec 21 03:55:08 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from osiris.ipform.ru (osiris.ipform.ru [212.158.165.98]) by hub.freebsd.org (Postfix) with ESMTP id 5250837B400; Thu, 21 Dec 2000 03:55:02 -0800 (PST) Received: from wp2 (wp2 [192.168.0.12]) by osiris.ipform.ru (8.11.1/8.11.1) with SMTP id eBLBsxV39210; Thu, 21 Dec 2000 14:54:59 +0300 (MSK) (envelope-from matrix@ipform.ru) Message-ID: <001901c06b44$d88f6c00$0c00a8c0@ipform.ru> From: "Artem Koutchine" To: , References: <000a01c06ab8$4676a040$1805010a@epconline.net> Subject: Re: What anti-sniffer measures do i have? Date: Thu, 21 Dec 2000 14:54:52 +0300 Organization: IP Form MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This would cost a BUNCH of $$$ to replace every card in every machine, and not driver for BSD yet. So, most of you are saying that a switch would be a solution. Anyone can recommed a particular switch wich he/she is using without problems? Also, what about tunnelling?? Artem ----- Original Message ----- From: "Chuck Rock" To: ; Sent: Wednesday, December 20, 2000 10:08 PM Subject: RE: What anti-sniffer measures do i have? > Well there is another option you may not know about.... > > Encrypion on the physical level. > > 3Com make new network cards with built in encryption that works up to full > duplex 100Meg. > > Secures sensitive data by delivering 3DES,DES,MD5,and SHA-1 > > Check out the specs here.... > http://www.3com.com/products/nics/3cr990fb.html > > I don't know if anyone has built any drivers for FreeBSD, but I think it's > worth it. They make one for the server too that allows redundant NIC's for > failover protection. > > There appear to be beta drivers for Linux for these network cards as well... > http://support.3com.com/infodeli/tools/nic/linuxdownload.htm > > I can sell the 3CR990-TX-97 which provides 168 Bit encryption for about $120 > each. > And the 3CR990-SVR-97 for $115. > > I haven't used these, but the principal sounds good. I think the only > drawback is, any server using one probably has to have one in each client > computer, or there would be no way for them to speak to each other. This > would rule out some other equipment as well, but they are supposed to be > compliant with IPSec. > > If anyone has used these, I would be interested in hearing how well they > work in a "real" environment running other O/S's and routers and such. > > Chuck > > > -----Original Message----- > > From: owner-freebsd-security@FreeBSD.ORG > > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Dmitry Galyant > > Sent: Wednesday, December 20, 2000 6:58 AM > > To: Artem Koutchine > > Cc: Jonas Luster; security@FreeBSD.ORG; questions@FreeBSD.ORG > > Subject: Re: What anti-sniffer measures do i have? > > > > > > On Wed, 20 Dec 2000, Artem Koutchine wrote: > > > > > Date: Wed, 20 Dec 2000 15:27:41 +0300 > > > From: Artem Koutchine > > > To: Jonas Luster , security@FreeBSD.ORG, > > > questions@FreeBSD.ORG > > > Subject: Re: What anti-sniffer measures do i have? > > > > > > Hello again! > > > > > > Well, i am depressed now :( The issue is even worse than i thought > > > at first. So, SHOUD I upgrade to switches? Will they REALLY help? > > > > > > Or should i build a simple FreeBSD router for each branch of the tree > > > with a buch of ethernet cards. For example. In a room with 8 computers i > > > will install a Pentium MMX with 8 PCI slots and 8 network cards > > and route > > > pure IP, no MAC addresing (i don't need ipx rounter or > > anything, just ip). > > > > and don't forget give root shell to this 8 mans ;-) > > switch has no shell - imho it's better way. > > > > > > > > Is there relatively cheap switches wich do the same? Is it even > > a solution? > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message