tap interface on internal network
tap interface on internal network
Is there any way to create a tap on an internal network? I want to play with some IDS devices on my internal network and will need a tap or mirror port to capture all data.
-
Sasquatch
- Volunteer
- Posts: 17798
- Joined: 17. Mar 2008, 13:41
- Primary OS: Debian other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows XP, Windows 7, Linux
- Location: /dev/random
Re: tap interface on internal network
You can't sniff Internal Network, it's all in the software. Why not use Host-Only if you want to sniff from the Host?
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
Re: tap interface on internal network
I've got a set up of 6 machines on an internal network with one of them also on a bridged connection to the real world. It is setup to simulate an office network behind its own router/firewall.
I do security testing and want to put an IDS on that internal network so I can monitor how various attacks look when ran against those machines.
I could setup a machine between the router (the one on two networks) and the network and have that with two interfaces, one running off to an IDS, and have it transparently tap all the traffic running between the router and the rest of the network but I also want to be able to monitor all traffic inside the network, for example to be able to see the result of one compromised machine being used to try to attack another.
So the tap should be to a machine already on the internal network, not out to the host machine, although that would be ok as I could run the IDS on the host but then I'd have to mess with filtering out all the non-VM traffic.
I do security testing and want to put an IDS on that internal network so I can monitor how various attacks look when ran against those machines.
I could setup a machine between the router (the one on two networks) and the network and have that with two interfaces, one running off to an IDS, and have it transparently tap all the traffic running between the router and the rest of the network but I also want to be able to monitor all traffic inside the network, for example to be able to see the result of one compromised machine being used to try to attack another.
So the tap should be to a machine already on the internal network, not out to the host machine, although that would be ok as I could run the IDS on the host but then I'd have to mess with filtering out all the non-VM traffic.
-
Sasquatch
- Volunteer
- Posts: 17798
- Joined: 17. Mar 2008, 13:41
- Primary OS: Debian other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows XP, Windows 7, Linux
- Location: /dev/random
Re: tap interface on internal network
Ah, ok. Well it should be possible, but keep in mind that VB simulates a switch instead, there is nothing to sniff. Switches are smart devices that send network traffic to one destination port based on the connected MAC address. It's different compared to a hub, which sends data to all the ports.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
Re: tap interface on internal network
Exactly. What I'm trying to do is to get the switch to either behave like a hub, or to get a mirror port on that switch so I can see all the traffic. This is exactly what I would do in the real world I'm just trying to find a way to do it in the virtual one.
-
Sasquatch
- Volunteer
- Posts: 17798
- Joined: 17. Mar 2008, 13:41
- Primary OS: Debian other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows XP, Windows 7, Linux
- Location: /dev/random
Re: tap interface on internal network
I don't think a so called 'management port' exists in this virtual one. So your sniffing won't work.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
Re: tap interface on internal network
Shame, that would be a good feature to have.
-
Sasquatch
- Volunteer
- Posts: 17798
- Joined: 17. Mar 2008, 13:41
- Primary OS: Debian other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows XP, Windows 7, Linux
- Location: /dev/random
Re: tap interface on internal network
You're free to add such a feature 
.
.Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
Re: tap interface on internal network
Unfortunately with a newborn and work piling up I think it might have to wait for a year or two!
-
Sasquatch
- Volunteer
- Posts: 17798
- Joined: 17. Mar 2008, 13:41
- Primary OS: Debian other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows XP, Windows 7, Linux
- Location: /dev/random
Re: tap interface on internal network
Congratulations with the baby! I wish you lots of happiness. And work piling up, I know that feeling.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org
Retired from this Forum since OSSO introduction.