Great Circle Associates Firewalls
(February 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: detecting foreign packets on ethernet
From: "Cary Conover(IS) 13897" <cconov @ exp2 . is . xpark . pmh . org>
Organization: Parkland Memorial Hospital
Date: Thu, 27 Feb 1997 10:43:17 -0600
To: "Vaughn, Phil" <pvaughn @ norwest . com>
Cc: "'Firewalls @ GreatCircle . COM'" <Firewalls @ GreatCircle . COM>, "'gvc @ ocsystems . com'" <gvc @ ocsystems . com>
References: <c=US%a=_%p=Norwest%l=MSGMSP2-970224154659Z-27362 @ msgmsp1 . norwest . com> 
Vaughn, Phil wrote:
> 
> Take a look at Wheelgroup's NetRanger.  They are at
> http://www.wheelgroup.com.  It you limit yourself to any one platform,
> you're limiting your ability to provide network security.


Yes this maybe true.  However, if in the case this person has expertise
in AIX and IBM systems trying to bring in a Sun or HP system would be
counter productive from the stand point that then there would be
multiple Unixes to support and not all of the commands are the same and
because IBM has allot of it's own extensions to Unix trying to support
another unix is difficult because of the confusion in what is an AIX
extension and what is plan jane System V or BSD.  Staying to one os is
limiting however it makes for much better support because you have the
expertise to deal with the system problems instead of a highly paid
phone jockey that lives for the help desk solution.

By the way Sun expects you to be a know it all for their Systems
anyway.  If you don't there is that air of being very incompitent and
most people detest that air.  I have had dealling with the support from
all three of the above and IBM seems to me to be the best of all of
them.


> 
> >----------
> >From:  gvc @
 ocsystems .
 com[SMTP:gvc @
 ocsystems .
 com]
> >Sent:  Sunday, February 23, 1997 10:44 AM
> >To:    Firewalls @
 GreatCircle .
 COM
> >Subject:       detecting foreign packets on ethernet
> >
> >The O"Reilly book tells me I should monitor my
> >internal netwrok (ethernet) for packets which
> >originated from a foreign domain if I'm connected
> >to the outside through a firewall, but doesn't
> >go into detail about how to do this.
> >Presumably this involves running an ethernet interface
> >in promiscuous mode, but beyond that I'm not sure where
> >to start.
> >
> >I need to be able to do this from an AIX host.
> >--gvc
> >
> >

-- 
Cary D. Conover
AIX Systems Administrator		Senior Systems Analyst
Parkland Health and Hospital System 	Dallas, Texas
cconov @
 parknet .
 pmh .
 org (Work)		carydc @
 why .
 net (Home)
817-571-6694 Home Voice / Ans. Mach.	817-571-6793 Home Data/Fax
817-360-8572 Mobile/Voice Mail/Pager 	214-590-0244 Work Voice
214-786-0282 Pager			214-590-0202 Work Fax

The views I express are mine and do not represent my employer.
References:
Indexed By Date Previous: Re: irc and firewalls
From: ArkanoiD <ark @ paranoid . convey . ru>
Next: Re: irc and firewalls
From: Brian Tackett <cym @ acrux . net>
Indexed By Thread Previous: RE: detecting foreign packets on ethernet
From: "Vaughn, Phil" <pvaughn @ norwest . com>
Next: CISCO's PIX Firewall
From: Mark Harvey <markh @ forcetech . com . au>
Google
 
Search Internet Search www.greatcircle.com