Re: Small hardware network sniffer - does it exist? - yup
- From: Alvin Oga <alvin.sec@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 6 Nov 2006 16:09:13 -0800 (PST)
hi ya javier
Javier Reyna Padilla wrote:
Thats exactly what I was going to recommend.
1. buy a soekris box
2. install linux on it
3. put network interfaces in bridge mode --- use bridge modules in
kernel and bridge-utils
4. use iptables and ip-queue module
5.- install snort and run with -Q switch
6. send oll traffic from iptables to snort (snort-inline).
7. Cancel your social lief
8. buy a ton of coffe for reading all logs/capture
9. have fun!
NetworkNightare.com has all that installed and running,
but unfortunately or not, its a commercial product based on
wrap instead of soekris
c ya
alvin
FocusHacks wrote:
http://www.soekris.com/
They have some pretty small machines that are essentially headless
486s that can run BSD or Linux, and many of them have
power-over-ethernet, multiple NICs, WiFi ability, etc.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- Re: Small hardware network sniffer - does it exist?
- From: Javier Reyna Padilla
- Re: Small hardware network sniffer - does it exist?
- Prev by Date: RE: Vulnerability Assessment of a EAL 4 system
- Next by Date: Re: Small hardware network sniffer - does it exist?
- Previous by thread: Re: Small hardware network sniffer - does it exist?
- Next by thread: RE: Small hardware network sniffer - does it exist?
- Index(es):
Relevant Pages
|
