Dave Bullock / eecue

photographer, director of engineering: crowdrise, photojournalist, hacker, nerd, geek, human

Blog

Monitoring Traffic / Intrusions

I wrote an article a few months ago about using freebsd and ipfilter to do transparent bridging in combination with ipfw. This article goes into further detail about monitoring the firewall.

In my previous article I talked about zeebeede. I've decided against using at as I found that net-snmp now allows for the daemon to bind to tcp instead of udp. This makes it easy to set up an ssh tunnel which will give us a secure means of transfering the snmp queries over the wire...

Blog

secure SNMP monitoring of IPFilter

i've been working on setting up a system of bridging ip-less packt filters with ipfilter (for logging, filtering, accounting, proxying, NAT) and ipfw (for bandwidth limiting). I also wanted to set up a private mointoring network with a thrid NIC in each box. Even though this link was privat I still wanted to keep everything on the wire encrypted.