RE: Unable to configure IDSM for traffic analysis

[<Arndt.WA () forces gc ca>]

Comments below...

> -----Original Message-----
> From: swordfish667 [mailto:kirti_bapat () yahoo com]
> Sent: April 24, 2006 18:54
> To: focus-ids () securityfocus com
> Subject: Unable to configure IDSM for traffic analysis
>
>
>
> hello guys
>
> i need some help in configuring the idsm2. I have configured 
> the 6509 switch
> to capture network traffic using SPAN. i have mentioned vlan 
> as source, for
> the source SPAN traffic. but after specifying the capture 
> destination on the
> 6509 (a physical port on the 6509), i am confused about how 
> to send this
> traffic from the captured port for analysis to virtual 
> sensing port on the
> IDSM.Basically i am not able to map the phyical destination 
> port on the
> switch to the virtual sensing ports.
<SNIP>

Have you tried following the steps in the Installation guides?
They vary depending on what version of the software you want
to run on the IDSM-2.

Cisco IDS v4.x (beware of line wraps):
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_and_configuration_guide_chapter09186a008035809d.html#wp86441

Cisco IPS v5.x (beware of line wraps):
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_guide_chapter09186a008055fc73.html#wp712919

I hope this helps,

Alex Arndt, CD
CISSP, GCIA, GCIH

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------