all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Openvpn traffic monitoring for SOC

Add to bookmarks
Dec. 23, 2023, 4 p.m. | /u/Terrible-Butterfly

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

I have a simple openvpn infrastructure setup: the authentication is on AD through FreeRadius, and some logging, accounting is done on MariaDB. An easy and connvetional one really. what I would like to have is to monitor in real time (or almost) what the end user is doing (connecting to RDP to jump servers etc ...) after they're connected. The only solution I've found is that that I'd capture all traffic going through tun0 if the source IP is the …

accounting authentication blueteamsec doing easy end end user etc infrastructure logging mariadb monitor monitoring openvpn rdp real real time servers simple soc traffic traffic monitoring

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

Any tips for doing a living off the land threat hunt on your own computer? 10 hours ago | www.reddit.com
blueteamsec clients computer computers +18
A Summary of 6 Months Tracking AiTM Campaigns 22 hours ago | www.reddit.com
aitm blueteamsec campaigns tracking
Unpacking with Windows Defender 1 day, 4 hours ago | www.reddit.com
blueteamsec defender unpacking windows +1
How Lazarus Group laundered $200M from 25 hacks 1 day, 5 hours ago | www.reddit.com
blueteamsec hacks lazarus lazarus group
Recommendations for SIEM Architecture Books 1 day, 8 hours ago | www.reddit.com
alternatives architecture blueteamsec books +11
How to Block Residential Proxies using Okta 2 days, 15 hours ago | www.reddit.com
block blueteamsec okta proxies
2024 Cyber Insurance Claims Report 3 days, 5 hours ago | www.reddit.com
blueteamsec claims cyber cyber insurance +2
Just-in-Time admin and production access using Azure PIM 3 days, 20 hours ago | www.reddit.com
access admin azure blueteamsec +3
Hackers use developing countries as testing ground for new ransomware attacks 4 days, 1 hour ago | www.reddit.com
attacks blueteamsec countries developing countries +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs