RE: Multiple port mirroring?

From: leon (leon@inyc.com)
Date: 11/20/01

• Previous message: Dr James Reather: "Re: Remote Admin of DMZ"
• In reply to: Marc Mc Guinness: "Multiple port mirroring?"
• Next in thread: Matt Hemingway: "Re: Multiple port mirroring?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "leon" <leon@inyc.com>
To: "'Marc Mc Guinness'" <security@mcguinness.de>
Subject: RE: Multiple port mirroring?
Date: Tue, 20 Nov 2001 09:51:45 -0500
Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA+8DoZCJ8SEaYk5pn4rrIf8KAAAAQAAAAlAoqUJASvEqaUtn8F5xkAgEAAAAA@inyc.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does it have to be logical or can it be physical? There are switches
out there that actually have physical spanning ports (that is you
plug your computer / sniffer into the span port and it actually gets
a mirror of all the traffic traversing the switch). I bet you could
even configure a cisco switch (I bet but I am not sure, especially on
some of the higher end models with the CAT OS) that you could have it
set up logically also. Could someone let me know if I am wrong about
the cisco comment because I am curious as to the answer myself.

Regards,

Leon

- -----Original Message-----
From: Marc Mc Guinness [mailto:security@mcguinness.de]
Sent: Monday, November 19, 2001 1:04 AM
To: security-basics@securityfocus.com
Subject: Multiple port mirroring?

Hello!

Am Mittwoch, 14. November 2001 19:24 schrieb David Ellis:
> What you could actually do is create a mirrored port on your
> switch and sniff all the traffic that way

Does anybody know something about switches, which can do multiple
port mirroring? What I want is one port, that gets all the traffic
of the other ports on that switch.

Best regards,

Marc Mc Guinness

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBO/puAdqAgf0xoaEuEQL1HQCfdAnbA//M9GIotv4WIHpADgIiJ7UAn0+O
/i4a0TlA2Et2GpYBnOg64pKd
=S8C7
-----END PGP SIGNATURE-----

---

• Previous message: Dr James Reather: "Re: Remote Admin of DMZ"
• In reply to: Marc Mc Guinness: "Multiple port mirroring?"
• Next in thread: Matt Hemingway: "Re: Multiple port mirroring?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Cat 2924 ... Copyright 1986-2004 by cisco Systems, ... BOX in both H/W and S/W, compared to a C2924-XL Switch... ... FastEthernet0/1 failed front-end loopback test ... to make the port configuration "visible", you need to apply 2 commands ... (comp.dcom.sys.cisco) RE: Network not accessible!!? ... So I would say you have some sort of port mirroring on the ... on the switch lately. ... the internet on either one of the two other PC's (named ... (microsoft.public.windowsxp.network_web) Re: Cat 2924 ... Copyright 1986-2004 by cisco Systems, ... BOX in both H/W and S/W, compared to a C2924-XL Switch... ... FastEthernet0/1 failed front-end loopback test ... to make the port configuration "visible", you need to apply 2 commands ... (comp.dcom.sys.cisco) Gigabit Flexibility with Magnum 6K32T Managed Switch from GarrettCom, Inc. ... THROUGHPUT WITH MAGNUM 6K32T MANAGED SWITCH ... Gigabit port capability to four Gb ports when compared to the ... (comp.dcom.lans.ethernet) Gigabit Flexibility with Magnum 6K32T Managed Switch from GarrettCom, Inc. ... OF GB THROUGHPUT WITH MAGNUM 6K32T MANAGED SWITCH ... Gigabit port capability to four Gb ports when compared to the ... (sci.engr.control)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)