|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
about mirroring port
From: SB CH (chulmin2
hotmail.com)
Date: Mon Mar 17 2003 - 18:36:45 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hello, all.
I would like to setup ids(like snort) at mirroring port in cisco catalyst
switch.
but all of the network traffic is over 100M, and my linux server which
installs snort is not so good hardware.
So I think that when I setup snort at mirroring port, all traffic should
via linux server so the network speed would be slow
Question.
1. when I setup the mirroring port,all traffic(for example, port2 traffic)
would transfer like this or just copy the traffic mirroring port too?
(1) client --> mirroring port1 --> port 2
(2) client --> port 2
--> mirroring port (copy too)
2. Is there any problem when I set snort at mirroring port if the traffic
is so high(over 100~200M)?
3. do you know any commands to setup mirroring port at catalyst 400x(catos
based) switch?
Thanks in advance.
_________________________________________________________________
Çà¿îÀÇ ÁÖÀΰøÀÌ À̹ø¿£ ³ªÀϲ¨¾ß, ÁøÂ¥·ç... ÀÎÅÍ³Ý º¹±Ç
http://www.msn.co.kr/money/interlotto/
-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]