RE: IDS
From: Batton, David L. (DLB9T@hscmail.mcc.virginia.edu)Date: 04/26/02
- Previous message: Albert Warnecke: "Software oder Hardware-Router: what´s more secure"
- Maybe in reply to: Batton, David L.: "IDS"
- Next in thread: Brett Jackson: "RE: IDS"
- Reply: Brett Jackson: "RE: IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Apr 2002 08:46:30 -0400 From: "Batton, David L." <DLB9T@hscmail.mcc.virginia.edu> To: "Kevin Brooks" <kbrooks@airsmail.com>, <security-basics@securityfocus.com>
Kevin,
It looks as if you're working with 29XX or 35XX gear using IOS? Is this correct?
I think the commands you are looking for is "port monitor fast 0/x". You should do this
inside the fast ethernet interface you want to use as the monitoring interface and list all the vlans and fast ethernet interfaces you want to monitor on this interface. (similar to how you have listed things in your question)
Hope this helps,
David L. Batton
Telecom Network Analyst
UVA Medical Center
-----Original Message-----
From: Kevin Brooks [mailto:kbrooks@airsmail.com]
Sent: Wednesday, April 24, 2002 3:11 PM
To: security-basics@securityfocus.com
Subject: IDS
On a Cisco switched network does anybody know how to set one port on one of
the switches to mirror all traffic?
I just setup an IDS and this is the one stumbling block I've hit.
I know it's
FastEth x/x
portforward fastEth 0/1
portforward fastEth 0/2
and so on..
Does this sound right?
Thanks,
Kevin
- Previous message: Albert Warnecke: "Software oder Hardware-Router: what´s more secure"
- Maybe in reply to: Batton, David L.: "IDS"
- Next in thread: Brett Jackson: "RE: IDS"
- Reply: Brett Jackson: "RE: IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
