Transparent Proxy / Snort

Discussion in 'other firewalls' started by 0peratorX, Feb 17, 2010.

Thread Status:
Not open for further replies.
  1. 0peratorX

    0peratorX Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    16
    After mulling this over in my mind, I am ready to put and end to this:

    HDD / RAM Persistence in something attacking my LAN

    But, before I do, I would like to suffer myself a little longer to try to discover the nature of this "thing" (for my own sense of accomplishment and to make sure that I eliminate it from my machines).

    So, does anyone have any experience in placing a transparent proxy in front of the router?

    My 2003 box has two NICs and I have available a spare HDD that I would like to play with installing Fedora, SUSE or CentOS on to monitor the inbound / outbound traffic after I remove the firewall on the suspect machine.

    Right now, I still have personal files on the local drive, but I am thinking it would be educational and "fun" to finish the stripping process, place it on a separate subnet and "lower the shields" to get a final glimpse of whatever has been ailing me before I swap out the primary drive and begin the process of putting the machine back the way I like it.

    So far, I have found EasyIDS - although I am sure I could just do a vanilla FC install and get Snort.

    Anyway, I suspect that others here may have experience with more "simple" ways of doing this. And that is the impetus for my query...

    :D
     
    0peratorX, Feb 17, 2010
    #1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...