Hurricane Posted March 31, 2009 Posted March 31, 2009 I am trying to do an interceptor like box but for security protection rather than access. I am thinking for this kind of horsepower I will need to use a full linux box and not an OpenWRT (well maybe x86 OpenWRT). I really want to have a transparent bridged network device. That blocks TCP and UDP traffic to specific ports. Anyone know where I could find instructions to do that? -Hurricane Quote
digininja Posted March 31, 2009 Posted March 31, 2009 Google for transparent bridge or transparent proxy. I haven't got any links but that is what I was looking at when I was researching Interceptor. Basically all you need to do is to put two NICs in the machine, bridge them together then use iptables to control the flow of traffic. You don't need to install daemonlogger as you can sniff/monitor the traffic directly on the bridge. Quote
DingleBerries Posted March 31, 2009 Posted March 31, 2009 So what you want is a large logging firewall? Interceptor is invisible meant only for tapping a network. I do have a question, is this full duplex, also usually with my taps I need on NIC for RX and another for TX. Quote
digininja Posted March 31, 2009 Posted March 31, 2009 Interceptor is full duplex. I also need to reply to your other question, I'll get round to it. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.