PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

running Snort on a VirtualBox internal network

From: Robin Wood <robin () digininja org>
Date: Sat, 13 Nov 2010 17:39:54 +0000
In an attempt to add Snort to my VirtualBox lab I was wondering if it
was possible to set up a mirror port on a VirtualBox internal network.

The setup I've got is a group of about 6 machines on an internal
network and another machine with two interfaces, one on the internal
network and one bridged to the real world currently running pfSense
(yes, I know pfSense will run Snort but that will only be on traffic
passing through the firewall). I use the pfSense box to open and NAT
different internal machines to the real world so I can fire off
different attacks, for this running Snort on pfSense would help but
I'd also like to have it running on a mirror on the switch so that I
can watch what alerts trigger when I try to pivot inside that network.

I've tried asking on the VirtualBox forums but I don't think they
really understand what I'm trying to setup. Does anyone know if this
is possible and if so how to do it?

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: