Port Gigabit
Port Gigabit
 |
 Laptop 34mm RJ45 Port Gigabit Ethernet Express Card  US $17.62
|
 RJ45 Gigabit Ethernet Port 34mm Laptop Express Card US $20.84
|
 Lot of 5 DELL J1679 Intel Pro 1000 MT Dual Port Gigabit Ethernet PCI x NIC US $8.50
|
 Laptop 34mm Express Card w RJ45 Gigabit Ethernet Port US $24.58
|
 high speed 10 100 1000 Gigabit Network LAN Ethernet port PCI Controller Card US $12.99
|
 Laptop 34mm Express Card w RJ45 Gigabit Ethernet Port US $20.86
|
 Laptop 34mm RJ45 Port Gigabit Ethernet Express Card US $18.56
|
 StarTechcom 1 Port ExpressCard Gigabit Laptop Ethernet EC1000S 065030839808 US $42.17
|
 StarTech 4 Port PCIe Gigabit Ethernet NIC Network Adapter PC PCIe ST1000SPEX4 US $273.16
|
 StarTech ST1000SPEXDP 2 Port PCI Express Gigabit Ethernet Internal Network Card US $119.50
|
 Startech ST1000SPEXD2 Server Adapter NIC Card Low Profile Dual Port Gigabit LAN US $125.53
|
 Gigabit Ethernet port to USB 20 Adapter 1000 100 10 Base T Auto negotiation US $17.99
|
 Gigabit Ethernet port to USB 20 Adapter 1000 100 10 Base T Auto negotiation US $17.99
|
 Intel 10 Gigabit XF SR Dual Port Server Adpter PN EXPX9502FXSRGP5 w transceivers US $850.00
|
 Intel Dual Port 1GB Network Adapter Dell Poweredge D33682 Gigabit PCI E Pro 1000 US $39.95
|
 HP AB545A 4 port Quad 1000Base T Gigabit NIC Network Ethernet PCI X Card HPUX US $54.95
|
 Intel E1G44ET Gigabit Ethernet Quad Port Server Adapter 10 100 1000Mbps PCI Ex US $330.00
|
 Intel E1G44ET Gigabit Ethernet Quad Port Server Adapter 10 100 1000Mbps PCI Ex US $330.00
|
 Intel E1G44ET Gigabit Ethernet Quad Port Server Adapter 10 100 1000Mbps PCI Ex US $330.00
|
 Intel PRO 1000PF PCI e Dual Port Gigabit Server Adapter EXPI9402PFBLK D53756 003 US $349.95
|
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 Dual port Gigabit Fiber card PCI Intel US $35.15
|
 Dual port Gigabit Fiber card PCI Intel chipset US $30.13
|
 NEW SEALED NETGEAR GS105 10 100 1000 Mbps 5 port Gigabit Switch FAST PRIORITY US $50.00
|
 For Laptop RJ45 Gigabit Ethernet Port 34mm ExpressCard US $20.87
|
 HP NC375T PCI Express Quad Port Gigabit Server Adapter P N 538696 B21 US $270.00 |
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 NEW StarTechcom 4 Port PCIe Gigabit Ethernet NIC Netwo US $220.99
|
 INTEL C41421 003 PRO 1000 MT DUAL PORT GIGABIT LAN CARD PCI PCI X US $15.66
|
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 StarTech 4 Port PCIe Gigabit Ethernet NIC Network Adapter PC PCIe ST1000SPEX4 US $50.00
|
 Intel Pro Dell X3959 Dual Port Gigabit Ethernet NIC Card PCI E D33682 card US $59.99
|
 HP NC7170 dual port Gigabit Ethernet1000BaseT313586 001 US $25.00
|
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 Intel E1G44HTBLK PCI Express Gigabit Ethernet Quad Port Server Adapter 4 x RJ45 US $239.00
|
 BRAND NEWD Link DGS 1024D 24 Port Rackmountable Gigabit Switch US $179.99
|
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 Dell X3959 Dual Port Gigabit PCI E NIC Server Adapter Ethernet Network Card PCIE US $66.44
|
 HP NC380T 374443 001 PCI E Express Dual Port Gigabit Ethernet Network Card US $47.46
|
 high speed 10 100 1000 Gigabit Network LAN Ethernet port PCI Controller Card US $12.99
|
 INTEL 8492MT 1000MT Gigabit 2 PORT SERVER NETWORK CARD US $24.37
|
 Dell Broadcom Gigabit Single Port PCIe Network Interface Card XK104 BCM95722A220 US $19.95
|
 Dell 2 port Gigabit Ethernet Controller Card 0X3959 US $29.00
|
 NEW SEALED NETGEAR GS105 10 100 1000 Mbps 5 port Gigabit Switch FAST PRIORITY US $50.00
|
 NETGEAR GS105 10 100 1000 Mbps 5 port Gigabit Switch NEW SEALED FAST PRIORITY US $49.95
|
 HP Dual Port Gigabit Ethernet Card NC7170 313559 001 US $4.95
|
 DELL INTEL PRO 1000 PT QUAD PORT Gigabit Ethernet PCI E Network Card NIC YT674 US $227.81
|
 INTEL PWLA 8492MT 1000MT Gigabit Dual Port Server Network Card NIC New US $23.95
|
 StarTechcom 1 Port ExpressCard Gigabit Laptop Ethernet EC1000S 065030839808 US $44.99
|
 StarTech ST1000SPEXDP 2 Port PCI Express Gigabit Ethernet Internal Network Card US $124.99
|
 Startech ST1000SPEXD2 Server Adapter NIC Card Low Profile Dual Port Gigabit LAN US $130.99
|
 HP NC380T 374443 001 PCI E Express NIC Dual Port Gigabit Ethernet 012393 000 002 US $47.46
|
 AVAYA M8008R 1000GB 8 Port Gigabit Module US $19.99
|
 AVAYA M8008R 1000GB 8 Port Gigabit Module US $19.99
|
 AVAYA M8008R 1000GB 8 Port Gigabit Module US $19.99
|
 Silicom PEG4 RoHS Gigabit PCI E Network Card NIC PCIe PEG4 Quad 4 Port Ports US $250.00
|
 DELL DUAL PORT GIGABIT MEZZANINE CARD M600 YY424 US $59.96
|
 NEW HP NC360T PCIe DP Dual Port 2 Port GIGABIT SERVER ADAPTER 412648 B21 US $69.99
|
 Intel 10 Gigabit CX4 Dual Port Server Adapter EXPX9502CX4 US $350.00
|
 Intel 10 Gigabit CX4 Dual Port Server Adapter EXPX9502CX4 US $200.00
|
 Intel 10 Gigabit CX4 Dual Port Server Adapter EXPX9502CX4 US $350.00
|
 IBM Gigabit Network Card PCI X Dual Port Intel PRO 1000 GT 73P5119 73P5109 US $10.00
|
 Silicom PXG6i 6 port gigabit ethernet adapter gigE NIC PCI X NEW US $250.00
|
 HP NC360T PCI Express Dual Port GigaBit Server Adapter 412648 B21 US $70.34
|
 Silicom PXG4BPi Quad Port Gigabit PCI X 4 GB ports NIC US $49.99
|
 1 Port 10 100 1000Mbps PCI Gigabit LAN network Ethernet card 32Bit US $10.26
|
 StarTech ST1000BT32 1 Port PCI 10 100 1000 32 Bit Gigabit Ethernet Network US $13.00
|
 BROADCOM BCM5709 DUAL PORT 1GB GIGABIT PCIE PCI EXPRESS NIC US $69.95
|
 HP 447881 001 NC364m 4 Port Gigabit Ethernet Mezzanine Adapter US $395.00
|
 Lot of 2 faster Gigabit Ethernet port to USB 20 Adapter 1000 100 10 Base T US $33.99
|
 Netgear GS724T 300NAS ProSafe 24 Port Gigabit Switch US $256.00
|
 HP NC382T PCI E DUAL PORT GIGABIT SERVER ADAPTER CARD 458491 001 US $77.99
|
 HP NC360T Dual Gigabit Port 412651 001 Low Profile Ethernet Card Board PCIe US $29.99
|
 HP NC7170 Dual Port PCI X Gigabit 313881 b21 313586 001NC 7170 1GB NIC US $14.99
|
 IBM Intel 39Y6127 PCI E Dual Port gigabit NIC 1000 US $49.99
|
 Supermicro 2 Port Low Profile PCI E Gigabit Ethernet Adapter AOC SG I2 US $65.95
|
 HP 436431 001 435506 003 PCI E Quad Port Gigabit Server Adapter TESTED US $275.00
|
 NEW Netgear GS108T 200NAS Prosafe 8 Port Gigabit Switch US $91.40
|
 NETGEAR SWITCH GS608NA 8 PORT GIGABIT Switch GS608 NEW US $63.99
|
 CHELSIOS S320E CXA Storage Accelerator w dual port 10 Gigabit Ethernet adapter US $475.00
|
 TRENDnet TEG S50G 5 Port Gigabit GREENnet Switch US $44.99
|
 HP NC382T 453055 001 458491 001 PCI E Dual Port Gigabit Network Card fr ProLiant US $132.89
|
 DELL J1679 Intel Pro 1000 MT Dual Port Gigabit Ethernet PCI x NIC US $14.99
|
 2 HP 313586 001 NC7170 Dual Port Gigabit NIC Network Interface Card US $24.99
|
 NEW ZyXEL PLA4225 500 Mbps Powerline 4 Port Gigabit Swi US $84.24
|
 DELL INTEL PRO 1000 PT QUAD PORT Gigabit Ethernet PCI E Card NIC US $256.73
|
 Belkin F5D5055 1 Port Gigabit USB 20 Network Adapter US $34.14
|
 NEW LINKSYS SD2005 5PORT 10 100 1000 GIGABIT SWITCH NIB US $59.99
|
 Intel PRO 1000VT Quad Port PCI E Gigabit Server Adapter US $363.86
|
 Hotlava Vesuvius Six Port Gigabit PCI E Full Height Ethernet Network Adapter US $379.68
|
 HP NC364T PCI E NIC 4 Port Gigabit Network Adapter 435506 002 US $200.00
|
 Juniper P 1GE SX 1 port Gigabit Ethernet PIC SX Optics US $600.00
|
 INTEL D33682 DUAL PORT 1 GIGABIT 1000MBIT PCI E CARD US $50.00
|
 Intel Pro 1000 Single Port Gigabit PCI E x8 Ethernet Card U3867 US $34.99
|
 INTEL E1G44ET2 GIGABIT ET2 QUAD PORT SERVER ADAPTER US $469.47
|
 INTEL Pro 1000 PT D33682 Dual Port Gigabit LAN Adapter US $72.00
|
 IBM BladeCenter 4 Port Gigabit NIC Module 13N0557 USED US $134.99
|
 HP NC360T PCI Express Dual Port Gigabit Server Adapter PCI E 2 xRJ 45 412648 B21 US $341.46
|
 Hotlava Shasta 12G6 Six Port Gigabit PCI E Ethernet Network Adapter US $379.68
|
 INTEL E1G44ET2 GIGABIT ET2 QUAD PORT SERVER ADAPTER US $469.47
|
How to connect two DHCP servers within cisco switch 3550 10 gigabit ports?
I have two DHCP servers with different subnet connect to the same cisco switch 3550 with 10 gigabit ports. Port # 2 connect to DHCP server1, Port # 3 connect to DHCP server2 and Port # 3 connect to dhcp client zone. Is it impossible to work out? If yes, please tell me on how to do it!
Thanks so much in advance! 
First off, if someone has sold you a 3550 telling you it is a 10G switch, you have been had.
Beyond that, we need to know a little more about what you are trying to do.
The simple option is something like
int fas 0/1
des DHCP server 1
switch mode acce
switch acce vlan 10
no shut
int fas 0/2
des DHCP server 2
switch mode acce
switch acce vlan 20
no shut
int fas 0/3
des user to get address from DHCP server 1
switch mode acce
switch acce vlan 10
no shut
int fas 0/4
des user to get address from DHCP server 2
switch mode acce
switch acce vlan 20
no shut
ip routing
int vlan 10
ipadd
no shut
int vlan 20
ipadd
These last two can be repeated as you wish to allocate users to DHCP servers.
This will allow the users on both VLANs too contact each other.
Use of Taps and Span Ports in Cyber Intelligence Applications
Cyber warfare is unfortunately no longer found only in speculative fiction; it is with us today. Distributed denial-of-service (DDoS) attacks have been launched against the United States, South Korea, Kyrgyzstan, Estonia, and Georgia in recent years, and military and government computer systems around the world are assaulted by intruders daily. Some attacks come from nation-states, but others are perpetrated by transnational and unaligned rogue groups. Those bent on inflicting harm on nations and citizens not only use networks as an attack vector, but also for organizing, recruiting, and publicizing their beliefs and activities.
On the other side of the fence are the good guys, the members of the cyber intelligence community who aim to understand and track the terrorists, and ultimately stymie their plans. Due to the pervasive use of networks by radical and criminal organizations in the modern world, a great deal can be learned about terrorists by examining their use of the World Wide Web, and how the Internet is used as a vector to attack both public and private systems. This field of study is called "terrorism informatics," which is defined as "the application of advanced methodologies and information fusion and analysis techniques to acquire, integrate, process, analyze, and manage the diversity of terrorism-related information for national/international and homeland security-related applications" (Hsinchun Chen et al, eds., Terrorism Informatics. New York: Springer, 2008, p. xv).
Terrorism informatics analyzes information from data-at-rest sources such as blogs, social media, and databases. For other types of analyses, it is necessary to examine data in motion, in other words, information as it travels on a network. Access to data-in-motion is often obtained by eavesdropping on the network traffic using Span ports in switches. This paper focuses specifically on the implications of using Span ports in counter-terrorism monitoring applications. It shows that Span ports are particularly ill-suited to this use. Note also that the security vulnerabilities of Span ports in counter-terrorism applications apply equally when Span ports are used for other monitoring needs such as performance or compliance monitoring.
Introduction
Span or mirror ports are a convenient and inexpensive way to access traffic flowing through a network switch. Switches that support Span ports-typically high-end switches-can be configured to mirror traffic from selected ports or VLANs to the Span port, where monitoring tools can be attached. At first glance, it seems that a Span port could be a good way to connect an intrusion detection system (IDS), forensic recorder, or other security monitoring device.
Unfortunately, Span ports have several characteristics that can be troublesome and risky in a counter-terrorism application. These characteristics include:
- The possibility of dropping packets
- The need for reconfiguring switches
- The vulnerability of Span ports to attack
- The fact that Span ports are not passive mechanisms
These issues are elaborated in the following sections.
Problem #1: Dropped Packets
The first issue with Span ports in a counter-terrorism application is that the visibility of network traffic is less than perfect. In counter-terrorism monitoring, a fundamental requirement is that the security device must be able to see every single packet on the wire. An IDS cannot detect a virus if it doesn't see the packets carrying it. Span ports cannot meet this requirement because they drop packets. Spanning is the switch's lowest priority task, and Span traffic is the first thing to go when the switch gets busy. In fact, it is allowable for any port on a switch to drop packets because network protocols are specifically designed to be robust in spite of dropped packets, which are inevitable in a network. But it is not acceptable in a counter-terrorism monitoring application.
Different switches may be more or less prone to drop Span packets depending on their internal architecture, which varies from switch to switch. However, it is unlikely that the performance of the Span port was evaluated as an important criterion when the switching gear was selected. As a counter-terrorism professional, you probably don't want your security strategy to be dependent on a procurement policy that you don't control.
Nevertheless, suppose you do have switches with the best possible Spanning performance. Dropped packets may still be an issue depending on how much traffic you need to send through the Span port. If you need to see all of the traffic on a full-duplex 1 Gigabit link, a 1 Gigabit Span port won't do the job. Full duplex link traffic exceeds the 1 Gigabit SPAN port capacity when link utilization goes above 50 percent in both directions. To see all the traffic, you need to dedicate a 10 Gigabit port for Spanning, and now the Span port doesn't seem so inexpensive any more.
However, Span port visibility issues go beyond simply dropping packets. Being switch technology, Span ports by their very nature are not transparent for layer 1 and layer 2 information: for example, they drop undersized and oversized packets, and packets with CRC errors. They usually remove VLAN tags, too. In addition, Span ports do not preserve the packet timing of the original traffic, or in some cases even the packet order. This type of information can be critical for detecting certain types of network attacks such as network worms and viruses, and for some behavior-based packet classification algorithms. For example, network consultant Betty DuBois observed, "[Regarding] losing the VLAN tag information when Spanning, if there is an issue with ISL or 802.1q, how will I ever know with a Span port?"
Problem #2: The Need for Switch Configuration
Another issue with using Span ports in a counter-terrorism application is the very fact that the switch needs to be configured to send specific traffic to the Span port. This fact leads to a host of complications:
- The configuration may not be done correctly. "If the switch owner mistakenly or intentionally configures the Span port to not show all the traffic it should, you may or may not discover the misconfiguration. I have seen this happen countless times," said Richard Bejtlich, the highly respected author of The Tao of Network Security Monitoring.
- Sharing the Span port. A switch typically supports only one or two Span ports, and the network administrator or someone else may need to use "your" Span port for one reason or another. They may or may not tell you when the Span traffic profile is changed for their needs. IT Manager Bob Huber recalled, "Span was a huge issue we dealt with on the IDS team where I used to work. We had constant issues with the Span going up and down. When there are network issues to deal with, the network engineers have priority to the limited number of Span ports available. Hoping they remember to reconfigure your Span port was a waste of time."
- Switch configuration may not be available when you need it. If you need to change the profile of the traffic you are Spanning, or change it back after someone else used the port, it may not be easy to get the switch owner's time to do it. In larger organizations, you may also need to get the change authorized through a Change Control Board, and then wait for a maintenance window to get it implemented.
- Changes to the network switches for other reasons can impact the Span traffic. Networks are constantly being reconfigured to optimize applications or support new requirements. If the counter-terrorism monitoring solution depends on Span ports, it is vulnerable to changes (planned or surprises) any time the network is reconfigured for any reason.
- Switch configuration itself is a security vulnerability. In any counter-terrorism activity, the network's security is of course paramount. Switches are a highly vulnerable network point, and the ability to reconfigure them must be tightly controlled. Does it make sense to require switch reconfiguration as part of the counter-terrorism monitoring solution, when reconfiguring a switch can accidentally or deliberately expose or bring down the network?
If you have any doubt that Span port misconfiguration can be an issue, take a look at this note in the Cisco Catalyst 6500 Series documentation: "Connectivity issues because of the misconfiguration of Span ports occur frequently in CatOS... Be very careful of the port that you choose as a Span destination."
Problem #3: Vulnerability to Attack
Span ports are usually configured for uni-directional traffic, restricted to transmitting traffic to the monitoring device. However, in some cases they can receive traffic as well (a feature Cisco calls ingress traffic forwarding), in order to enable management of the monitoring device over the same switch port and monitoring device NIC as the mirror traffic. When this configuration is used, the Span port becomes an open ingress port to the switch, creating a serious security vulnerability. Therefore, this configuration should be avoided as a best practice. If for some reason it becomes necessary to use this configuration, you should at least lock the Span port to the monitoring tool's MAC address if possible, so an unauthorized user won't be able to plug a laptop into the connection and hack the switch.
Problem #4: Not Passive
A final important consideration when using Span ports for counter-terrorism monitoring access is that Span ports are not passive: They can affect the performance of the switch's other ports. For example, Gerald Combs, the father of Wireshark, warns, "Some switch families (e.g., the Cisco 3500 sercies) don't set a lower priority on Span traffic, and will slow down the backplane in order to deliver packets to a Span port." This effect violates a primary principal of security and especially forensic monitoring, that monitoring should not affect the traffic being monitored. It may have legal as well as practical implications.
The Tap Alternative
To avoid the problems that Span ports bring to counter-terrorism monitoring applications, security experts like Bejtlich recommend using traffic access ports (Taps) for access to the network traffic. Taps are specifically designed to provide 100 percent traffic visibility without any impact on monitored traffic. Optical Taps for fiber links use optical splitters to divert part of the light from the link to a monitor port, creating a true copy of the link traffic all the way down to layer 1 and layer 2 errors. Taps for copper links perform a similar function electronically. Optical Taps do not use any power at all, while copper Taps include relays which ensure that link traffic continues to flow even when the Tap loses power. Taps avoid all of the pitfalls of Span ports in counter-terrorism applications:
- Taps send the monitoring tool an exact copy of the link traffic, including layer 1 and layer 2 errors and malformed packets, no matter how busy the link is. They never drop packets.
- Taps require little or no configuration. Once a Tap is installed in a link, monitoring access to the link traffic is always available, consistently and persistently.
- Taps are secure. They do not have an IP address so attackers cannot see them, and they cannot inject traffic into the network under any circumstances. In fact, a Tap actually hides the monitoring tool from the network as well, providing true "stealth" monitoring.
- Taps are completely passive. They cannot affect the link traffic, not even if they lose power.
Tap technology has evolved to offer a range of additional features as well, most of which are not available with Span ports. (Note that some of these features require a trade-off with the previously mentioned characteristics.)
- Regeneration Taps produce multiple copies of the link traffic so multiple tools and multiple users can view the same traffic simultaneously. Your counter-terrorism monitoring device does not need to give up access when the network administrator needs to put an additional protocol analyzer onto the link.
- Aggregator Taps combine the traffic from both directions of full-duplex links and from multiple links and sends it to a single NIC on the monitoring tool. No packets are dropped as long as the aggregated traffic does not exceed the monitor port bandwidth.
- Active Response Taps permit monitoring tools to send response packets such as TCP resets, ICMP messages, and ACL changes into the tapped link. This feature can be used by an IDS to take action when certain types of intrusions are detected. (Active Response Taps are an exception to the Tap "one direction only" traffic rule.)
- iTaps provide a remote management interface and basic monitoring data about link traffic, such as packet counts and utilization levels. (Remote management interfaces require IP addresses, but they are secured with passwords, SSH, HTTPS, and other measures.)
- Media Conversion refers to Taps that support different media types on their network and monitor ports. Many Taps have pluggable SFP or XFP ports enabling different media types to be accommodated simply by plugging in different transceiver types. Some Taps even perform 10 Gigabit to 1 Gigabit and 1 Gigabit to 10 Gigabit data rate conversion as well.
- Filter Taps enable mirrored traffic to be restricted to particular protocols, source and destination IP addresses, VLANs, ports, and other criteria, making it easier to isolate or troubleshoot issues, and relieving monitoring tools from spending valuable processing cycles on pre-filtering traffic. For example, the Net Optics Director Data Monitoring Switch supports filtering as well as regeneration, aggregation, remote management, and media conversion, all in a single device.
- Bypass Switches create fail-safe access ports for in-line devices such as intrusion prevention systems and firewalls.
Conclusion
Monitoring is an essential building block of Bejtlich´s "defensible network architecture," the first of its seven key characteristics: monitored, inventoried, controlled, claimed, minimized, assessed, and current. Utilizing Span ports for counter-terrorism monitoring access is placing that building block on a weak foundation, subject to packet loss, misconfiguration, and intrusion. A Monitoring Access Platform, based on Tap technology and integrated within the network architecture, is an alternate access approach that provides a solid base on which to build your network's security and counter-terrorism applications.
LangDetectsv>de GoogleC Abschluss
About the Author
Cisco SG 300-10MP Unboxing: 10-Port Gigabit Max-PoE Managed Switch
