From: David Swafford (dswafford@alterhighschool.org)
Date: Mon Oct 16 2006 - 17:10:15 EDT
This can be done both on switches and routers. On Cisco routers you would use a route-map to basically copy all traffic passing through one interface to another interface. Possible uses would be for IDS setups and probably other uses. On switches it would be known as port mirroring.
David Swafford.
>>> Ron <ron@gwndev.com> 10/16/2006 3:49 pm >>>
>
> Some router have an option of dumping all traffic to a give port, so
> if you are connected to the right router port you will see everything
> as if it was a hub. At least I already saw a router configured that
> way, that port that was connected to a computer that was dedicated to
> run snort.
Just to clarify, I'm pretty sure you're talking about switches that have
a "mirror" port.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
______________________________________________________
Founded in Faith - Preserved with Pride - Sustained by Spirit
______________________________________________________
Upcoming Events:
ALTER OPEN HOUSE
November 16
7 - 9 p.m.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:13 EDT