IDS mailing list archives
RE: Unable to configure IDSM for traffic analysis
From: <Arndt.WA () forces gc ca>
Date: Mon, 24 Apr 2006 15:23:51 -0400
Comments below...
-----Original Message----- From: swordfish667 [mailto:kirti_bapat () yahoo com] Sent: April 24, 2006 18:54 To: focus-ids () securityfocus com Subject: Unable to configure IDSM for traffic analysis hello guys i need some help in configuring the idsm2. I have configured the 6509 switch to capture network traffic using SPAN. i have mentioned vlan as source, for the source SPAN traffic. but after specifying the capture destination on the 6509 (a physical port on the 6509), i am confused about how to send this traffic from the captured port for analysis to virtual sensing port on the IDSM.Basically i am not able to map the phyical destination port on the switch to the virtual sensing ports.
<SNIP> Have you tried following the steps in the Installation guides? They vary depending on what version of the software you want to run on the IDSM-2. Cisco IDS v4.x (beware of line wraps): http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_and_configuration_guide_chapter09186a008035809d.html#wp86441 Cisco IPS v5.x (beware of line wraps): http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_guide_chapter09186a008055fc73.html#wp712919 I hope this helps, Alex Arndt, CD CISSP, GCIA, GCIH ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Unable to configure IDSM for traffic analysis swordfish667 (Apr 24)
- Re: Unable to configure IDSM for traffic analysis joseph (Apr 26)
- <Possible follow-ups>
- RE: Unable to configure IDSM for traffic analysis Arndt.WA (Apr 26)