RE: CISCO IDS Packet capture
From: Matt Vaughan (mcv_at_OceanShipholdings.com)
Date: 04/06/04
- Previous message: christian graf: "NIPS Vendors explicit answer"
- Maybe in reply to: Strand, John: "CISCO IDS Packet capture"
- Next in thread: Strand, John: "RE: CISCO IDS Packet capture"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Apr 2004 09:44:07 -0500 To: "Strand, John" <John.Strand@mms.gov>, <focus-ids@securityfocus.com>
Hi John,
You can configure specific signature types to be captured. You can open
them up in something like Ethereal after downloading them from IDM (IDS
web interface).
-----Original Message-----
From: Strand, John [mailto:John.Strand@mms.gov]
Sent: Friday, April 02, 2004 7:36 AM
To: focus-ids@securityfocus.com
Subject: CISCO IDS Packet capture
Hello All,
Does anyone know how to enable some level of packet capture and logging
on the CISCO IDS system (the newer version which interfaces with
CiscoWorks and can run on Win2K)? I have hunted through the CISCO
provided PDF's and their a little on the light side. I also have hit the
usual suspects, google, CISCO groups, etc..
Thanks in advance for any help.
js
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: christian graf: "NIPS Vendors explicit answer"
- Maybe in reply to: Strand, John: "CISCO IDS Packet capture"
- Next in thread: Strand, John: "RE: CISCO IDS Packet capture"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
