Analyzing Switch Port Traffic with Cisco & Linux

By Baldwin Sung on September 26, 2008 3:29 PM | 0 Comments | 0 TrackBacks

To analyze switch port traffic, you need to mirror your switch port. This is also known as port mirroring or on Cisco Catalyst switches - Catalyst Switched Port Analyzer (SPAN).

On my switch, I mirror my switch port by running the following commands:



monitor session 1 source interface fa2

monitor session 1 destination interface fa6

Once that's done, I take the physical connection that is in fa6 above and plug in into the eth1 interface on my Linux box.

From my Linux box, I can run tcpdump or use tools like ipfm to analyze the traffic.

No TrackBacks

TrackBack URL: http://baldwinsung.com/cgi-bin/mt-tb.cgi/103

Cisco Terminal Output: Setting the number of lines for either Cisco ASA/PIX or IOS devices can be done as follows. ASA/PIX: Set to…; By Baldwin Sung | Comments (0)
NetApp (Toasters) Mailing List: There is a very cool unofficial NetApp Mailing list, its called toasters. Subscribe by sending an email to lists@mathworks.com. Be…; By Baldwin Sung | Comments (0)
Updating the password for a MovableType user from MySQL: # mysql -u root -p SOMETHING Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL…; By Baldwin Sung | Comments (0)

Search

Analyzing Switch Port Traffic with Cisco & Linux

Categories:

No TrackBacks

Leave a comment

Recent Entries

Links

Sign In

Search

Analyzing Switch Port Traffic with Cisco & Linux

Categories:

No TrackBacks

Leave a comment

Recent Entries

Links