IDS mailing list archives
RE: CISCO IDS Packet capture
From: "Matt Vaughan" <mcv () OceanShipholdings com>
Date: Tue, 6 Apr 2004 09:44:07 -0500
Hi John, You can configure specific signature types to be captured. You can open them up in something like Ethereal after downloading them from IDM (IDS web interface). -----Original Message----- From: Strand, John [mailto:John.Strand () mms gov] Sent: Friday, April 02, 2004 7:36 AM To: focus-ids () securityfocus com Subject: CISCO IDS Packet capture Hello All, Does anyone know how to enable some level of packet capture and logging on the CISCO IDS system (the newer version which interfaces with CiscoWorks and can run on Win2K)? I have hunted through the CISCO provided PDF's and their a little on the light side. I also have hit the usual suspects, google, CISCO groups, etc.. Thanks in advance for any help. js ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- CISCO IDS Packet capture Strand, John (Apr 06)
- RE: CISCO IDS Packet capture Alex Arndt (Apr 08)
- RE: CISCO IDS Packet capture Chad R. Skipper (Apr 08)
- Re: CISCO IDS Packet capture James Fields (Apr 08)
- <Possible follow-ups>
- RE: CISCO IDS Packet capture Matt Vaughan (Apr 08)
- RE: CISCO IDS Packet capture Strand, John (Apr 08)
- RE: CISCO IDS Packet capture Billy Dodson (Apr 08)
- RE: Snoop on Cisco IDS (Was: CISCO IDS Packet capture) Alex Arndt (Apr 12)
- Re: Snoop on Cisco IDS (Was: CISCO IDS Packet capture) Jason Haar (Apr 15)
- RE: Snoop on Cisco IDS (Was: CISCO IDS Packet capture) Alex Arndt (Apr 12)
- RE: CISCO IDS Packet capture Terence Runge (Apr 08)