You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I start building a home lab and end up reinstalling security onion over and over again on a proxmox host. I was thinking it will be a strait forward configuration something around creating a Linux bridge then assign it as a monitor interface for SO and attach it to all guests (routers) that I want to sniff traffic from since they all share the same virtual network.
but after going through SO documentation and this discussion (#8245) by @isaacgolding, I BELEIVE I WAS SO WRONG.
since I am not using an external switch, I have only one option to sniff traffic from Proxmox virtual NIC, I think I need to come up with a way to simulate a switch or a Linux bridge with port mirroring configured before I even think about installing SO.
I need assistance to properly deploy SO on this Network and be able to capture traffic from multiple network segments [200.140.40.0/24] [200.140.45.0/24], [200.200.3.0/24],[200.147.47.0/24],[200.147.48.0/24] . . .
Node Network:
I appreciate any comment or advice whether it's related to this discussion or not.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello everyone,
I start building a home lab and end up reinstalling security onion over and over again on a proxmox host. I was thinking it will be a strait forward configuration something around creating a Linux bridge then assign it as a monitor interface for SO and attach it to all guests (routers) that I want to sniff traffic from since they all share the same virtual network.
but after going through SO documentation and this discussion (#8245) by @isaacgolding, I BELEIVE I WAS SO WRONG.
since I am not using an external switch, I have only one option to sniff traffic from Proxmox virtual NIC, I think I need to come up with a way to simulate a switch or a Linux bridge with port mirroring configured before I even think about installing SO.
I need assistance to properly deploy SO on this Network and be able to capture traffic from multiple network segments [200.140.40.0/24] [200.140.45.0/24], [200.200.3.0/24],[200.147.47.0/24],[200.147.48.0/24] . . .
Node Network:
I appreciate any comment or advice whether it's related to this discussion or not.
Beta Was this translation helpful? Give feedback.
All reactions