At 08:21 PM 5/11/01 -0400, Keith Woodworth wrote:
>Want to put a computer on a cat5500 so as to be able to sniff traffic on
>all ports.
>
>We have multiple Vlans on this switch. Basically I have a program called
>Snort running on a unix box plugged into a faste port on the cat5500.
>
>I want to be able to detect portscans etc over everything that we have on
>that switch.
>
> From what Ive read I can mirror a port on a switched network to be able to
>do this. Is this correct?
>
>Thanks,
>Keith
Sure, these ports are called SPAN ports.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_2/_config/span.htm
You can span VLANs, and I thought you can span the entire switch, but I
guess I am wrong or am not reading it carefully enough. Hope this helps.
-Carroll Kong
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4246&t=4240
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
