how can i capture pkt on vps and send them to malcolm - vpn or sshfs? #wireshark remote capture #noarp

@jadedtwin AF pkt - it runs the show #promisc #noarp #netlink

I will see if i can get arkime storing pkts - i think it needs elastic? maybe not, ultimately i will likely install selks 8 or malcolm or security onion - i like running it off the bridge? - i may go back to the mirrored port #noarp #promisc

new bike is bridge too fr and a luxury - am going to finish out the local lan boxes, get a vps and a couple monster drives, will try to get ids/ips and vital 24/7 pkt cap going plus maybe a ssl/tls proxy - combined with fog server and viln clients could make a fun exploit testing setup but moreover i just want the pkt cap most of all for audit trail and visibility #elk stack #malcolm #selks10 #sec onion #polar proxy #sslstrip #promisc #noarp #arkime
#sftp server #accounts #dmz #segmented lans #vlans #spanning port #openwrt #port mirror #fog server #suricata #snort

may try to install arkime on my kali ws #noarp #promiscuous #no ip #0day