Request for Linux Help

I setup a linux box this week.
When I first installed it, I had 1 NIC on our main Vlan.

I installed and configured arpwatch,snort, and acid.

They all seemed to work.

But now I want to add a second NIC that will be connected to a switch port that has all the VLANS mirrored to it.

Each VLAN is its own subnet. So what IP address do I give the NIC that will have the spanned data sent to it?

How do I tell arpwatch to only look at eth1 when its running as a service and because the different subnets are not in the same range how to I get arpwatch to listen to all arp request, I think I need o use the -n switch but there’s very little documentation about it.

With Snort how can I tell it to only listen on eth1?

Hopefully someone will find this and give me some direction or point me to a really good linux forum.

thanks,jb

Inhelp, lan, linux, work

Micrsoft Defender for Endpoints

Security URL scanners

Security tools bookmarks

Sync Active directory user data with SharePoint

Microsoft graph API to access sharepoint

SQL upgrades

Collection of build numbers

How to manage the local administrators group on Azure AD joined devices

Azure AD and Windows hello for business, SSO for on-premises resources

Request for Linux Help

Like this:

Leave a ReplyCancel reply

Techie camping 2017

Administering Remote Server Apps

Top Entrecard Droppers – March

Short animation

Entrecard Top Droppers – March

Fantasy Football

Share this:

Like this:

Leave a ReplyCancel reply

Recent Post