[Snort-users] Snorting on a Layer-3 switch

Nick Lomonte nick at ...6540...
Tue Aug 6 08:55:02 EDT 2002


Hi all,

I've been trying to figure out a way to set up an IDS on a Layer-3 switch.  I'm using the Cisco 2948G-L3.  It doesn't have the standard 'port monitor' commands.  I have most ports in the same bridge-group, and a few that are routing.   I'm only interested in snorting the bridge group though.

Has anyone else done this, or know a way to do it?

Thanks




More information about the Snort-users mailing list