| 1 |
On Friday 14 December 2007, reader@×××××××.com wrote: |
| 2 |
> Mick <michaelkintzios@×××××.com> writes: |
| 3 |
> >> Would I likely be opening my lan up for some christmas shopping by |
| 4 |
> >> having a gentoo guest on a WinXP host running as a DMZ machine? |
| 5 |
> >> It would be pretty barebones with a IPTABLE setup for logging and |
| 6 |
> >> tagging or whatever I get interested in doing with the traffic. |
| 7 |
> >> |
| 8 |
> >> No X server or other frills. |
| 9 |
> > |
| 10 |
> > A rather simpler solution to do this would be to get hold of hub, connect |
| 11 |
> > it to the firewall and watch everything that passes through it. |
| 12 |
> |
| 13 |
> I do have an older hub, but not sure what you mean here. The hub has |
| 14 |
> no network address and of course is not switched so anything going |
| 15 |
> thru it can be filtered with tcpdump. But the router is switched. |
| 16 |
> Not sure how a hub would see the outfacing address. I'd be able to |
| 17 |
> see all the lan machines that were going thru it, but how about the |
| 18 |
> traffic that the firewall is rejecting? Thats what I'm after. |
| 19 |
> |
| 20 |
> Can you elaborate a little? |
| 21 |
> |
| 22 |
> Maybe you mean something different by `hub'. |
| 23 |
|
| 24 |
I mean a hardware hub, not a switch and not a router. You need to place it |
| 25 |
in-line between your router/switch and your modem. Being on the WAN side of |
| 26 |
your NAT it will 'see' all the packets that go to/from the Internet |
| 27 |
(unfiltered). On the other side of the router you get the filtered traffic |
| 28 |
which when compared/contrasted with the WAN side will show you what the |
| 29 |
router and it's firewall are doing. I hope this is a bit clearer, otherwise |
| 30 |
please email me if you think this is getting off topic. |
| 31 |
-- |
| 32 |
Regards, |
| 33 |
Mick |
Archives