[Snort-users] Pass data thru Cisco Switch?

dbs brandon at ...12136...
Thu Jul 15 14:09:02 EDT 2004


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you are running IOS you can monitor by interface or by VLAN.  On
the interface the IDS is plugged into execute this command, "port
monitor ?" too see the available options.  From my experience you can
select multiple interfaces to monitor if they are on the same VLAN,
but in this case I would just monitor by VLAN.  For the most part a
Cisco 2900 running IOS has very limited monitoring capabilities as
the 'monitor to' interface and 'monitor from' interface have to be on
the same VLAN.  If your setup is a single VLAN setup you should have
very little problems setting it up.



Good Luck, 
Brandon







Fingerprint: 
AB56 1637 13F5 9FF8 2F0B  7147 F20D 21CB 5728 FEAE 

  -----Original Message-----
  From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Carlton
L. Whitmore
  Sent: Wednesday, July 14, 2004 4:31 PM
  To: snort-users at lists.sourceforge.net
  Subject: [Snort-users] Pass data thru Cisco Switch?


  I want to setup Snort inside my network, but I know if I do my
Cisco Catalyst 2900 switches won't pass the data I need. How do I
configure the Cisco switches to pass the data thru to the IDS system?
  thanks,
  Carlton.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQPbyPfINIctXKP6uEQIR4ACdHx8nkSbpSzDAVrbIfeOtHZEiyw8AnR7B
ENkQkGCqGtCTsL9VOOC5XcA3
=EGdD
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGPexch.htm.pgp
Type: application/octet-stream
Size: 1280 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040715/27a07e80/attachment.obj>


More information about the Snort-users mailing list