Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Small hardware network sniffer - does it exist? - yup
From: Alvin Oga <alvin.sec () mail Linux-Consulting com>
Date: Mon, 6 Nov 2006 16:09:13 -0800 (PST)

hi ya javier

Javier Reyna Padilla wrote:

Thats exactly what I was going to recommend.

1. buy a soekris box
2. install linux on it
3. put network interfaces in bridge mode --- use bridge modules in
kernel and bridge-utils
4. use iptables and ip-queue module
5.- install snort and run with -Q switch
6. send oll traffic from iptables to snort (snort-inline).
7. Cancel your social lief
8. buy a ton of coffe for reading all logs/capture
9. have fun!

NetworkNightare.com has all that installed and running, 
but unfortunately or not, its a commercial product based on 
wrap instead of soekris

c ya

FocusHacks wrote:

They have some pretty small machines that are essentially headless
486s that can run BSD or Linux, and many of them have
power-over-ethernet, multiple NICs, WiFi ability, etc.

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]