iphonogasm Posted May 16, 2012 Posted May 16, 2012 Hi, i want to control all inbound and outbound traffic via a server. Would this be the reccomended configuration? Your thoughts on this setup [ATTACH]184.IPB[/ATTACH] Thanks! Quote
ICTCity Posted May 17, 2012 Posted May 17, 2012 Yes but this will control ONLY the traffic from the switch to internet and viceversa. Internal communications (pc to pc) will not be seen. Check if your switch has port mirroring or something like that, so you can resend all the traffic in your switch to a single port and then sniff it. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
iphonogasm Posted May 18, 2012 Author Posted May 18, 2012 Yes i just really need to monitor incomming traffic for security reasons. I dont think this is the ideal situation as i will have to route any traffic on protocols comming in? Also, can i have NAT at the ROUTER and then NAT again at the SERVER?? I have DES-3226S manager switch with port mirroring configured as below Current Settings Mirror Status: Enabled Target Port : 22 Mirrored Port RX: 1-21,23-24 TX: 1-21,23-24 Server plugged into port 22 But im still missing LOTS of traffic, on the local network aswell as incomming from WAN Thanks! Quote
ICTCity Posted May 18, 2012 Posted May 18, 2012 Well... if you can't see some traffic from WAN to server this is normal, because actually it doesn't reach your switch. The problem is that you should see all the traffic if your switch is mirroring in the right way. What are you using to monitor your traffic? How can you say: "I'm still missing lots of traffic"? Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
iphonogasm Posted May 19, 2012 Author Posted May 19, 2012 yes but all traffic is going through the switch. Its the only switch i have. So connecting to my DVR via LAN. i come in via WAN >> then to the switch >> then to DVR why am i not receiving any trace of remote connections to the DVR? Thanks Quote
ICTCity Posted May 19, 2012 Posted May 19, 2012 The remote connection is on which protocol? if there's a tunnel you could not see that traffic. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
ICTCity Posted May 19, 2012 Posted May 19, 2012 Which is not a protocol... You connect via HTTPS? VPN? How this connection works? Anyway the best thing is to add another Nic on your server, connected in front of the router, so you will have both interfaces sniffing inside and outside. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
iphonogasm Posted May 19, 2012 Author Posted May 19, 2012 im not sure. im not using any type of tunnelling. just a program that connects on port 8016 TCP Quote
ICTCity Posted May 19, 2012 Posted May 19, 2012 this is the only traffic you can't see? Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Recommended Posts