Yeh, I guess they never thought to check those two variables?
Come on guys. Powers of 10! You can't be going and moving from my powers of 10 wired Ethernet speeds, how will I do the simple math!
1 -> 10 -> 100 -> 1000 -> 10000
Easy maths! Say no to 40Gpbs.
No I wasn't kidding, but apparently, I wasn't clear either.
I know how you intercept traffic on a switched network - but the person I was replying to didn't appear to do so. It's not been a case of 'just sticking another PC on the network' for quite a while now.
If you want to sniff on switched networks, stop being so cheap.
You'll need a managed switch with the ability to designate a specific switch port as a SPAN or mirror port (http://en.wikipedia.org/wiki/Port_mirroring). This will allow you to monitor any other traffic that is passing through the switch.
Those days aren't gone, they merely got a whole lot more expensive.
In any case, it's more likely that you'd do monitoring at the egress point(s) of your private network, not on a particular switch.
Luckily I don't want to sniff stuff on a switched network, although the comment I was replying to made it sound like it was possible to do it by simply sticking another PC on the network. We both know that's not the case.
Your comment is happily covered by my "You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason."
Yep, that's certainly one option. And it's more than just "another PC on the same subnet running a packet sniffer". Do any home-grade ADSL / Cable devices support it? Maybe with some of the open firmware solutions?
How do you packet sniff on switched networks? The days of being able to sniff all traffic[1] on a network by having something else on the same network are gone my friend.
You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason.
[1] Yes, you can sniff some broadcast traffic.
Policy.
In corporate environments (of the ones I have experience) people don't pay for UNIX hardware and run files-ervers on it with SAMBA. That's why I picked AIX / HP-UX and Solaris, not Linux.
My point was that policy makers don't understand the underlying OS and simply say 'we must have AV' without considering the applications running on those machines.
When my Oracle DB or DB2 instance gets infected with HappySmilieFacev02 I'll change my mind. Policy should be appropriate and not simply blanket coverage, because that leads to as many problems as it solves.
This is probably just a policy issue. "We've put your AIX / HP-UX / Solaris server in". "What AV does it run?" "Er, it's running AIX / HP-UX / Solaris , we've not installed AV". "But our policy says we have to use product X or product Y to AV protect all our servers". "Yes, but you're not understan....." "Just install AV".
Maybe it comes from working in IT, but I always assume that if someone else is holding my data, they can access it. It doesn't interest me what they say - that's my basic starting assumption. So I always assumed that Dropbox could get to my data, and if I cared about the privacy of that data I just encrypted the files myself first.
It's my data, I'm in control of it. Giving it up to someone else and hoping they keep it safe is silly.
I'm surprised so many people are surprised (and I wonder if the people are are surprised haven't been in IT long?)
R2D2 could understand speech but not speak.
Just because you couldn't understand the mighty R2D2 doesn't mean he wasn't speaking!
What is now proved was once only imagin'd. -- William Blake