| 1 |
On Thursday 13 December 2007, reader@×××××××.com wrote: |
| 2 |
> Setup: |
| 3 |
> Home Lan with principle desktop machine running Gentoo. |
| 4 |
> Three other machines running WinXP that are a trio of video and sound |
| 5 |
> editing machines. And finally my wifes WinXP machine in antoher room. |
| 6 |
> All connected by Gigabit lan thru a netgear FVP318 router/firewall. |
| 7 |
> |
| 8 |
> I want to begin scanning thru the traffic that bounces off my |
| 9 |
> router/firewall. |
| 10 |
> |
| 11 |
> The router logs themselves are in a bad cumbersom format. And if I |
| 12 |
> use an available option to output them to a lan System logger the |
| 13 |
> information is greatly truncated and nearly useless. |
| 14 |
> |
| 15 |
> Router logs can be emailed but again they are cumbersom and clunky. |
| 16 |
> That how I currently look through them. |
| 17 |
> |
| 18 |
> So cutting to the chase, I don't want to even mess around with those |
| 19 |
> methods. Been there done that... didn't like it. |
| 20 |
> |
| 21 |
> The router has an option to route traffic to a DMZ machine. In the |
| 22 |
> past when I got this same urge 2 or so years ago I setup an Openbsd |
| 23 |
> OS on an older PC. Buttoned it down what little I knew to do and had |
| 24 |
> lots of fun with incoming traffic.... I mean just studying and being |
| 25 |
> amazed etc. |
| 26 |
> |
| 27 |
> I want to do that again but don't have that old machine anymore and |
| 28 |
> don't want the unfamiliar hassle of relearning whatever I knew about |
| 29 |
> OpenBSD. |
| 30 |
> |
| 31 |
> I don't want the hassle of hardening my main desktop... preferring to |
| 32 |
> keep it pretty loose behind the firewall. Running a lan webserver and |
| 33 |
> the like. |
| 34 |
> |
| 35 |
> I wondered if any of the security buffs here could tell me if a vmware |
| 36 |
> gentoo guest running on one of the winXP boxes could be setup to have |
| 37 |
> an independant tap on the Firewall as DMZ and not be offering every |
| 38 |
> hack whiz out there a shot at my home lan. |
| 39 |
> |
| 40 |
> As I remember you can setup vmware with its own network address, not |
| 41 |
> sharing its hosts address to some degree. |
| 42 |
> |
| 43 |
> But I wondered.., since any traffic is really going thru that WinXP |
| 44 |
> hosts nic one way or another if it would be as safe as a truly |
| 45 |
> independant host with its own ethernet wire to the router. (which is |
| 46 |
> switched). |
| 47 |
> |
| 48 |
> Would I likely be opening my lan up for some christmas shopping by |
| 49 |
> having a gentoo guest on a WinXP host running as a DMZ machine? |
| 50 |
> It would be pretty barebones with a IPTABLE setup for logging and |
| 51 |
> tagging or whatever I get interested in doing with the traffic. |
| 52 |
> |
| 53 |
> No X server or other frills. |
| 54 |
|
| 55 |
A rather simpler solution to do this would be to get hold of hub, connect it |
| 56 |
to the firewall and watch everything that passes through it. |
| 57 |
-- |
| 58 |
Regards, |
| 59 |
Mick |
Archives