all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Openvpn traffic monitoring for SOC

Add to bookmarks
Dec. 23, 2023, 4 p.m. | /u/Terrible-Butterfly

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

I have a simple openvpn infrastructure setup: the authentication is on AD through FreeRadius, and some logging, accounting is done on MariaDB. An easy and connvetional one really. what I would like to have is to monitor in real time (or almost) what the end user is doing (connecting to RDP to jump servers etc ...) after they're connected. The only solution I've found is that that I'd capture all traffic going through tun0 if the source IP is the …

accounting authentication blueteamsec doing easy end end user etc infrastructure logging mariadb monitor monitoring openvpn rdp real real time servers simple soc traffic traffic monitoring

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

CVE-2024-24919 Check Point 0-Day Remote Access VPN - or - aCSHELL/../../../../../../../ homepage/admin/.ssh/id_rsa * ssh admin@Host … 16 hours ago | www.reddit.com
blueteamsec
Australian court rules on appeal that Cyber Incident Response documents ARE NOT protected from legal … 20 hours ago | www.reddit.com
australian blueteamsec claim court +17
Snowflake Community: Detecting and Preventing Unauthorized User Access: Instructions 1 day, 10 hours ago | www.reddit.com
access blueteamsec community instructions +2
Linux rootkits explained – Part 1: Dynamic linker hijacking, Part 2: Loadable kernel modules 1 day, 11 hours ago | www.reddit.com
blueteamsec dynamic explained hijacking +5
NSA Releases Guidance on the Visibility and Analytics Pillar of Zero Trust 1 day, 12 hours ago | www.reddit.com
analytics blueteamsec guidance nsa +4
Exiled, then spied on: Civil society in Latvia, Lithuania, and Poland targeted with Pegasus spyware 1 day, 23 hours ago | www.reddit.com
blueteamsec civil civil society latvia +6
How malware authors play with the LNK file format 2 days, 11 hours ago | www.reddit.com
authors blueteamsec file lnk +3
The Pumpkin Eclipse 2 days, 13 hours ago | www.reddit.com
blueteamsec eclipse pumpkin
The Best Way to Start with AWS Security Hub 2 days, 14 hours ago | www.reddit.com
aws aws security hub blueteamsec hub +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com