March 2008 Archives

Sguil 0.7 released

By Robin Gruyters on March 31, 2008 8:09 AM | | Comments (0)
Last week Bamm has made Sguil version 0.7.0 final and released it on Sguil website.
Big changes areĀ separationĀ of agents, (resp. snort_agent, pcap_agent and sancp_agent), added Passive Asset Detection System (PADS) agent and a lot of bug fixes.

For those who aren't familiar with Sguil, check the Sguil website or the overview on Sguil Wiki page.

When I can find the time, I will post my article about 'Network Security Monitoring in a multi tiered environment'.

Bonding interface with FreeBSD > 6.2

By Robin Gruyters on March 11, 2008 2:40 PM | | Comments (0)

When you are using a Network TAP (e.g. NetOptics), and want to bond the interfaces on a FreeBSD, then you have a new way to do this.

Since FreeBSD 6.3 they have introduced a new device called lagg(4). Lagg is a link aggregation and link failover interface.

With lagg you can easily bond two interfaces together.

# ifconfig lagg0 create
# ifconfig lagg0 laggproto fec laggport bge0 laggport bge1 monitor up

Default it uses failover protocol, which you don’t want to use when bonding interfaces. The best protocol for this would be Cisco EtherChannel.

« October 2007 | Main Index | Archives | July 2008 »

About this Archive

This page is an archive of entries from March 2008 listed from newest to oldest.

October 2007 is the previous archive.

July 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Powered by Movable Type 4.2rc4-en

Search