Good morning All,
I have an ESXi 6.5 installation on a bare metal server.
Within that ESXi host are four ubuntu VM's. They have been configured via scripting to make repeated FTP connections to each other and send/receive various files.
The configuration is being used for a CTF event which I am hosting.
Within the VM environment, I have no problem capturing the pcap data of the files and FTP connections being made.
The Server is being plugged in to a single switch wich my players will plug their own computers into.
When I plug into the switch, I am not able to capture the VM packet data since it's never exiting the server via a physical port.
Is there a way to configure a spanning port, or force that packet data out a physical interface?
I don't have vsphere (only ESXi) on this deployment so distributed vSwitches don't seem to be possible.
Yes, promiscuous mode is on for all of my network and virtual network devices.
I currently have a handful of Kali VM's installed on the hardware which my users could RDP into for pcap purposes, but I think that defeats the prupose of using a personal computer.
Any insight would be appreciated.
No comments:
Post a Comment