[Snort-users] Pass data thru Cisco Switch?
brandon at ...12136...
Thu Jul 15 14:09:02 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
If you are running IOS you can monitor by interface or by VLAN. On
the interface the IDS is plugged into execute this command, "port
monitor ?" too see the available options. From my experience you can
select multiple interfaces to monitor if they are on the same VLAN,
but in this case I would just monitor by VLAN. For the most part a
Cisco 2900 running IOS has very limited monitoring capabilities as
the 'monitor to' interface and 'monitor from' interface have to be on
the same VLAN. If your setup is a single VLAN setup you should have
very little problems setting it up.
AB56 1637 13F5 9FF8 2F0B 7147 F20D 21CB 5728 FEAE
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Carlton
Sent: Wednesday, July 14, 2004 4:31 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Pass data thru Cisco Switch?
I want to setup Snort inside my network, but I know if I do my
Cisco Catalyst 2900 switches won't pass the data I need. How do I
configure the Cisco switches to pass the data thru to the IDS system?
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1280 bytes
Desc: not available
More information about the Snort-users