[Snort-users] Sniffing a virtual VPN interface?
laleem at ...1050...
Mon Nov 4 13:57:07 EST 2002
I have an ADSL modem and my access provider requires that I connect to the
modem using PPTP. I can use a Linux firewall to connect to the modem. The
public IP address on the firewall is the address of the tunnel. There is no
point in letting Snort snif between the modem and the firewall, because of
I could snif behind the firewall, but then I would see only see the traffic
from and to internal hosts and not the traffic that is stopped by the firewall.
For educational purposes I would like to see *all traffic*. Is it possible
to install Snort on the firewall and snif the virtual VPN interface?
Alternatively, does anyone know of an ADSL router that will forward *all*
traffic it receives on it's public IP address to an inside IP address? Just
setting port address translation for a few ports won't do.
I really only have one public IP address.
Thanks in Advance,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users