RE: Spyware assessment techniques - hub?

From: Richard Zaluski (rzaluski@ivolution.ca)
Date: Mon Feb 13 2006 - 09:02:42 EST

The scary part of the lack of knowledge is that a lot of the people who work
in the computer sections (At the Box stores for example) are students in
Computer Sc or have their MCSE / Certifications.

Richard Zaluski
CISO, Security and Infrastructure Services
iVOLUTION Technologies Incorporated
905.309.1911 Ext 600
866.601.4678 Ext 600
www.ivolution.ca
rzaluski@ivolution.ca
-----Original Message-----
From: offset [mailto:offset@svcroot.net]
Sent: Sunday, February 12, 2006 8:59 PM
To: pen-test@securityfocus.com
Subject: Re: Spyware assessment techniques - hub?

I agree about real hub hassles, and most stores have no clue
about what you are talking about. I've even seen one brand that
said hub on the box, but was really a switch.

I've had good luck with NetGear hubs. They are very inexpensive on eBay.

Something like the 4port 100mb hubs (netgear en104)
or the 8port 10/100mb Netgear hubs (netgear en108)

On Sun, Feb 12, 2006 at 01:37:54PM +0100, Petr.Kazil@eap.nl wrote:
> > If you are doing a host:
> > - interrupt the hosts uplink with a hub and plug your snort box in.
> > You could have this all setup on a laptop.
>
> I have tried this but run into problems:
>
> - Real hubs are (almost?) impossible to get nowadays. Even the cheapest
> "hub" is really a switch. If you know where I can find a hub-like network
> component, then I'll order it right away.
> - I was able to buy the last real hub from a PC-shop, but it was only
> 10Mbps and it refused to work with my 100Mb cards and switches.
>
> A few nice sniffer componentens are described in the book:
> "Extrusion Detection: Security Monitoring for Internal Intrusions"
> but these are not cheap.

---------------------------------------------------------------------------- 

--
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT