Contributed by jose on from the stealthy-packeteering dept.
"This months daemon news has an article about transparent packet filtering (bridged firewall) using OpenBSD/PF. "You can find the article on the DaemonNews site . This month also features a discussion about setting up ISC's DHCP server suite (under FreeBSD, but most of the dicussion carries over).
(Comments are closed)
By fansipans () on
Comments
By RC () on
Comments
By fansipans () on
Comments
By RC () on
I'm not going to say there's no situation where a packet-filtering bridge would be necessecary, but I seriously doubt that there is, and certainly can't think of any such situation.
Comments
By Michael Anuzis () michael_anuzis@hotmail.com on http://www.anuzisnetworking.com
A transparent bridge is nearly completely invisible to the hacker(s) involved because it has no IP addresses, so it's able to log everything to/from a honeypot without the attacker having any clue as to its existence, giving the potential for a honeypot with much more realistic features.
By fansipans () on
By Frank K () frank@inout.no on mailto:frank@inout.no
One exsample I belive would be that if you always rely on your laptop, you could use it for administration wherever you are in the world..
- Frank
By Cindy () on
-- Cindy
Comments
By Sean () askshant@alloyant.com on mailto:askshant@alloyant.com
Comments
By Cindy () on
In case you didn't read the comment I have copied and pasted it below. " (think horribly ugly lotus notes programs with every url hardcoded) "
--Cindy
Comments
By Sean () askshant@alloyant.com on mailto:askshant@alloyant.com
By Anonymous Coward () on
I suppose you can get pfstat to graph packets just as easily in bridge mode (have not tried it myself yet) but you need to be able to get to tbox to view the graphs.
I'm glad to see articles coming out more and more, all add to the universe of knowledge.
Comments
By jose () on http://www.monkey.org/~jose/
Comments
By Dom () on
MRTG works a treat on monitoring the bridged interfaces, and I even send SNMP queries out of the box to monitor my external router etc.
Oh, and I even have IP forwarding on for those times when you need NAT, e.g. via a VPN :-)
By Chris "Saundo" Saunderson () saundo@earthlink.net on mailto:saundo@earthlink.net
I remember hearing Tom Limoncelli describe the bridged firewall in 98 and his solution was to put a 3rd interface into the box.
Alternatively, you could just bind an address on the internal interface and manage by that, but I think that if you're in a production environment, your terminal server gives a more secure method of managing that environment. Presuming that your term server is also secure, but that's a different story.
By jolan () on
Comments
By Sean () askshant@alloyant.com on mailto:askshant@alloyant.com
By Some guy () on
By zil0g () on
just 'snort' the interfaces and NAT the relevant ips.
w00h00 invisible NAT!
nothing can stop us now!
:P
Comments
By jonathan () on
By Scooter () on
Transparent Bridging Router with Razor and SpamAssassin filtering doing NAT with 3+ NICs.
nevermind about that XML - just a reflex