Argus and MTP

Mark Poepping poepping at cmu.edu
Wed Jan 11 02:00:56 EST 2006 

By the way, Force10 bought these guys back in November.
http://www.force10networks.com/news/pressreleases/2005/pr-2005-11-15.asp
Mark.


> -----Original Message-----
> From: Mark Poepping [mailto:poepping at cmu.edu]
> Sent: Tuesday, January 10, 2006 1:33 AM
> To: 'Patrick Green'; 'argus-info at lists.andrew.cmu.edu'
> Subject: RE: [ARGUS] Argus and MTP
> 
> 
> I'd talked with those guys several times (at JointTechs), but not since
> maybe a year ago.  As I recall, their stuff is essentially optimized for
> pipelining IDS processing, I didn't think they'd deliver packets to the OS
> very fast -- unless you're working with them to distribute argus (which
> didn't sound too likely)..
> 
> That was a while ago, and things maybe have changed, but I was under the
> impression that there would be better general-purpose network cards for
> this..  They may be at the next JT again, so I'll see what they're up to.
> 
> Mark.
> 
> --
> Mark Poepping
> Head IT Architect, Computing Services; Carnegie Mellon
> 
> 
> > -----Original Message-----
> > From: argus-info-bounces at lists.andrew.cmu.edu [mailto:argus-info-
> > bounces at lists.andrew.cmu.edu] On Behalf Of Patrick Green
> > Sent: Monday, January 09, 2006 7:00 AM
> > To: argus-info at lists.andrew.cmu.edu
> > Subject: [ARGUS] Argus and MTP
> >
> > Hi,
> >
> > Has anyone had any experience of running Argus on top of Metanetworks
> > MTP cards?
> >
> > We have been running some tests, on Fedora (customised kernel 2.6.11)
> > with Argus Version 2.0.6, and an MTP card (www.metanetworks.org).
> >
> > If we run an nmap against a machine on the network, I can see the
> > traffic using TCPdump (so the card is picking it up and forwarding it
> > to the OS), but argus doesnt seem to pick the traffic up - at best it
> > sees about four packets ... has anyone else seen this / something
> > obvious I should try?
> >
> > Patrick
> > ------------------------------------------------------------------------
> > --
> > Patrick Green -  Computing Services, Oxford University
> > http://users.ox.ac.uk/~patrick
> > Mobile: +44 (0)7812215375
> > PGP keyID 0x34E49221
> >

More information about the argus mailing list