Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Small hardware network sniffer - does it exist? - yup
From: Alvin Oga <alvin.sec () mail Linux-Consulting com>
Date: Mon, 6 Nov 2006 16:09:13 -0800 (PST)


hi ya javier

Javier Reyna Padilla wrote:

Thats exactly what I was going to recommend.

1. buy a soekris box
2. install linux on it
3. put network interfaces in bridge mode --- use bridge modules in
kernel and bridge-utils
4. use iptables and ip-queue module
5.- install snort and run with -Q switch
6. send oll traffic from iptables to snort (snort-inline).
7. Cancel your social lief
8. buy a ton of coffe for reading all logs/capture
9. have fun!

NetworkNightare.com has all that installed and running, 
but unfortunately or not, its a commercial product based on 
wrap instead of soekris

c ya
alvin


FocusHacks wrote:
http://www.soekris.com/

They have some pretty small machines that are essentially headless
486s that can run BSD or Linux, and many of them have
power-over-ethernet, multiple NICs, WiFi ability, etc.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault