Penetration Testing mailing list archives
Re: unswitched behavior of a switched network...
From: "David Swafford" <dswafford () alterhighschool org>
Date: Mon, 16 Oct 2006 17:10:15 -0400
This can be done both on switches and routers. On Cisco routers you would use a route-map to basically copy all traffic passing through one interface to another interface. Possible uses would be for IDS setups and probably other uses. On switches it would be known as port mirroring. David Swafford.
Ron <ron () gwndev com> 10/16/2006 3:49 pm >>>
Some router have an option of dumping all traffic to a give port, so if you are connected to the right router port you will see everything as if it was a hub. At least I already saw a router configured that way, that port that was connected to a computer that was dedicated to run snort.
Just to clarify, I'm pretty sure you're talking about switches that have a "mirror" port. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ______________________________________________________ Founded in Faith - Preserved with Pride - Sustained by Spirit ______________________________________________________ Upcoming Events: ALTER OPEN HOUSE November 16 7 - 9 p.m. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- unswitched behavior of a switched network... Jon Hart (Oct 13)
- Re: unswitched behavior of a switched network... Krugger (Oct 16)
- Re: unswitched behavior of a switched network... Ron (Oct 16)
- Re: unswitched behavior of a switched network... David Swafford (Oct 16)
- Re: unswitched behavior of a switched network... Buz Dale (Oct 16)
- Re: unswitched behavior of a switched network... Jon Hart (Oct 16)
- Re: unswitched behavior of a switched network... Tim (Oct 17)
- RE: unswitched behavior of a switched network... Erin Carroll (Oct 17)
- Re: unswitched behavior of a switched network... David C. Smith (Oct 18)
- Re: unswitched behavior of a switched network... Ron (Oct 16)
- Re: unswitched behavior of a switched network... Krugger (Oct 16)
- Re: unswitched behavior of a switched network... Florian Osses (Oct 16)
- Re: unswitched behavior of a switched network... Can't dig that daddy (Oct 16)