Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Small hardware network sniffer - does it exist? - yup

From: Alvin Oga <alvin.sec () mail Linux-Consulting com>
Date: Mon, 6 Nov 2006 16:09:13 -0800 (PST)

hi ya javier


Javier Reyna Padilla wrote:

Thats exactly what I was going to recommend.

1. buy a soekris box
2. install linux on it
3. put network interfaces in bridge mode --- use bridge modules in
kernel and bridge-utils
4. use iptables and ip-queue module
5.- install snort and run with -Q switch
6. send oll traffic from iptables to snort (snort-inline).
7. Cancel your social lief
8. buy a ton of coffe for reading all logs/capture
9. have fun!


NetworkNightare.com has all that installed and running, 
but unfortunately or not, its a commercial product based on 
wrap instead of soekris

c ya
alvin



FocusHacks wrote:

http://www.soekris.com/

They have some pretty small machines that are essentially headless
486s that can run BSD or Linux, and many of them have
power-over-ethernet, multiple NICs, WiFi ability, etc.



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: