|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Yahoogroups and Carnivore
In message <[email protected]>, "Patrick W. Gilmore" writes: > >At 03:42 PM 9/17/2001 -0400, Cristopher Daniluk wrote: > >That's just a silly statement, it's a text processor/parser. It's another > >layer. Of course its going to have an effect. On the average person, I would > >venture to guess its overwhelmingly negligible, but it could very well > >bottleneck someone like Yahoo. > >My understanding is that it is no inline, it uses a "monitor port" on a >switch which duplicates all traffic. > >If that is the case, then it is not a silly statement, it is factually correct >. > >Can anyone confirm or deny the above? > Your understanding correct. They use a splitter, and put the monitoring machine on one of the legs. (The independent review of Carnivore is at http://www.usdoj.gov:80/jmd/publications/carniv_entry.htm; comments on that review are at http://www.crypto.com/papers/carnivore_report_comments.html) --Steve Bellovin, http://www.research.att.com/~smb http://www.wilyhacker.com
|