BTW, while I've seen replies on my original question, I'm still hazy on how safe it is to do what I'd like to.
Here is what it looks like.
WAN
|
Switch (On the public side - This was a hub)
|
Firewall
|
Core Switch--Lan side Switches off of multiple firewall interfaces
|
Server with two Nics running wireshark on it
Nic0 connected inside LAN
Nic1 connected to first switch before firewall
It was suggested that I take all protocols off of Nic1 which would make it safe to have on the public side.
At the time, I was connecting to a hub before the firewall. At the moment, I am connected to the core switch and am using port mirroring.
What I would like to do is to have Nic1 connected to the public side switch, which would have port mirroring.
I ordered a new switch to replace the hub so should have this setup in a few days.
What I'm looking for is input on just how safe this setup is.