.

Raspberry Pi for Layer 2 IDS?

<<

Eleven

User avatar

Full Member
Full Member

Posts: 121

Joined: Thu Nov 10, 2011 6:47 pm

Post Sun Dec 09, 2012 1:38 pm

Raspberry Pi for Layer 2 IDS?

I'm reading TJ OConnor's Detecting and Responding to Data Link Layer Attacks and I'm wondering how well the Raspberry Pi work with detecting these layer 2 attacks using the Python example scripts in the paper.  Does anyone have any experience with it?

http://www.sans.org/reading_room/whitep ... acks_33513
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Dec 10, 2012 9:54 am

Re: Raspberry Pi for Layer 2 IDS?

Hardware constraints might be a limiting factor if you're going to monitor a large amount of traffic. You also only get one NIC by default, so you'll have to perform monitoring and management on the same port. It'll probably be fine for playing around with at home or in a small office though.
The day you stop learning is the day you start becoming obsolete.
<<

Eleven

User avatar

Full Member
Full Member

Posts: 121

Joined: Thu Nov 10, 2011 6:47 pm

Post Mon Dec 10, 2012 3:39 pm

Re: Raspberry Pi for Layer 2 IDS?

Apparently you're right and the network performance isn't good.  Oh well, maybe they'll come up with a better version in the future.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Dec 10, 2012 5:46 pm

Re: Raspberry Pi for Layer 2 IDS?

If you're just looking to do IDS activities in a small form factor, check out the Soekris boards: http://soekris.com/

They go up to 1.6Ghz/2GB/4 Ethernet ports, but they're obviously much more expensive than a Raspberry Pi.
The day you stop learning is the day you start becoming obsolete.
<<

Eleven

User avatar

Full Member
Full Member

Posts: 121

Joined: Thu Nov 10, 2011 6:47 pm

Post Tue Dec 11, 2012 5:32 pm

Re: Raspberry Pi for Layer 2 IDS?

ajohnson wrote:If you're just looking to do IDS activities in a small form factor, check out the Soekris boards: http://soekris.com/

They go up to 1.6Ghz/2GB/4 Ethernet ports, but they're obviously much more expensive than a Raspberry Pi.


They are definitely more expensive, but I guess you can do more with them too... thanks :)

Return to Hardware

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software