A collection of links and notes about network security, esp. relating to DNR's "cyberinfrastructure".

Network taps

I'm trying to choose between a passive network tap and an aggregation tap for our soon-to-be 1Gbit server network (we're still on the 10Mbit hub as I write this).

The aggregation tap costs twice as much and I think we can simply put two NICs in a PC and run a separate instance of tcpdump on each interface and combine/merge files later.

• DIY Passive Network Tap
• DIY Active Network Tap
• "Aggregation Tap" versus "Tap Aggregation"
• Span Port vs. Tap
• Passive Network Tap considerations and performance - I especially like the Connecting the tap section