1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Snort on WRT54G

Discussion in 'Cisco/Linksys Wireless Routers' started by Anonymous, Mar 5, 2006.

  1. Anonymous

    Anonymous Guest

    Hi

    I have recently installed Snort & Base for some IDS testing on my home LAN. What I need to do now is configure a port somewhere on my LAN for Port Monitoring, as my LAN is switched and I don't have a hub anywhere lying around

    Currently my setup is thus:

    ISP
    |
    |
    Cable Modem
    |
    |
    WRT54G (HyperWRT firmware)
    | |
    | |
    | Switch----LAN
    |
    |
    Switch
    |
    |
    LAN

    (excuse the crappy ASCII art!)

    Unfortunately, none of the switches support Port Mirroring (they're all cheap workgroup switches). I do have an old Catalyst 2924XL lying around which I suppose I could dust off and configure a SPAN port on, but I'd like to avoid this because; a) Its bloody loud, and b) its bloody big!

    If I get a cheapo 10/100 hub and stick it directly through one of the switch ports on the WRT54G then plug the IDS box into that hub, will it then be able to sniff everything on the LAN?

    Any advice would be greatly appreciated!

    Cheers
     

Share This Page