Snort mailing list archives
Re: New to Snort
From: Robby Desmond <rdesmond () els ucsb edu>
Date: Thu, 20 Mar 2003 10:12:38 -0800
At 08:31 AM 3/19/2003 -0500, David Alonso De La Vega Tapage wrote:
Hi David ..if you configure one port in the switch as mirror .. and connect in the snort box .. is enough .. to catch all trafic on your net ... but I'm not sure . if you have a V lan .. then you can catch the traffic of V lan A and Vlan B with one mirror port in the switch ..
Cisco's SPAN documentation states that a span-port can only be setup to monitor within the Vlan it is assigned to. If you could span-port a trunk, that would be nice, but that is one of the things you can't do, at least not on my 3500XLs.
-Robby Robert Desmond Systems Administrator UCSB Extended Learning Services 805-893-4906 -------------------------------------------------------This SF.net email is sponsored by: Tablet PC. Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- New to Snort David Cintron (Mar 19)
- Re: New to Snort David Alonso De La Vega Tapage (Mar 19)
- Re: New to Snort Robby Desmond (Mar 20)
- Re: New to Snort David Alonso De La Vega Tapage (Mar 19)