well I guess we're mixing up directions........... yes incoming from a device attached to a port on the switch.
which would still help him but wouldn't be perfect. no, the port wouldn't shut down if a promiscuous mode nic was plugged in. It would receive everything. but that PC would not be able to send anything - to do so the switch would learn it's MAC - which wouldn't match and the port would shut down. But consider this....... what info is passed between the switch and the NIC so that the Link light goes on? I don't know... will the switch still learn the MAC even if "real" traffic is not passed? Kevin Wigle ----- Original Message ----- From: "Sasa Milic" To: Sent: Tuesday, September 17, 2002 2:40 PM Subject: Re: Port Security on 3550 [7:53446] > Kevin, > > port security works by monitoring INCOMING traffic to the switch. > If source mac in incoming packets is not the one configured, port > is either blocked or snmp trap is sent. > > And what if another computer use the port without sending any > traffic (just capturing traffic, without sending anything) ? > Switch won't shut it down. > > Sasa > > Kevin Wigle wrote: > > > > well I think port security would still be helpful. Port security is > > concerned with outgoing traffic from the port not incoming. > > > > setting the security to allow only one MAC would prevent another computer > > from using the port. > > > > If another computer tried to use the port with the wrong MAC then the port > > would shut down after 90 seconds. > > > > Kevin Wigle > > > > ----- Original Message ----- > > From: "Sasa Milic" > > To: > > Sent: Tuesday, September 17, 2002 1:20 PM > > Subject: Re: Port Security on 3550 [7:53446] > > > > > With "port security" command, but it won't help you. Anyone > > > can connect passive sniffer to that port, and switch won't > > > block the port since there is no incoming traffic (you > > > will configure port to be SPAN, right ? So anyone can sniff > > > on that port). > > > > > > Sasa > > > > > > > > > JohnZ wrote: > > > > > > > > How do you enable port security on a 3550. I want to use a port for > > sniffer > > > > and want to make sure that only my laptop is able to gain access on > that > > > > certain port. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53505&t=53446 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
