[nsp] Detecting hacked boxes on switch
Siva Valliappan
svalliap at cisco.com
Tue Jul 1 10:37:00 EDT 2003
> You could also possibly use ip accounting on your router. Just add "ip
> accounting output" to the interface the traffic is going out (as it goes
^^^^^^^
caution with "ip accounting". generic ip accounting (not mac accounting)
is not supported in the DCEF path. Netflow is where the focus is on
development and enhancements. Netflow is also supported in the DCEF
path. so you may want to configure Netflow (caveat being this is a input
feature rather then an output feature).
cheers
.siva
> through your router). Then have a look at show ip accounting.
>
> ----------------------------------------------------------------------
> Jon Lewis *jlewis at lewis.org*| I route
> System Administrator | therefore you are
> Atlantic Net |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list