<ul><li>The author, a mid-level Info Sec analyst, discusses their struggle with setting up traffic mirroring in Arkime (Moloch).</li><li>They wanted a simpler solution to capture 'comms' from hosts on the same subnet without having separate interfaces on each subnet.</li><li>After some research, the author discovered GRE Tunneling (Generic Routing Encapsulation) as a way to achieve their goal.</li><li>The author explains the steps they took to set up a GRE tunnel between the high-value system and Arkime, allowing traffic capture on the same subnet.</li></ul>

GRE Tunnels and Arkime (short

Discover more