[c-nsp] Port monitoring
Gary Roberton
gary.ciscomail at gmail.com
Tue Mar 22 10:37:56 EST 2005
Hi
We have a few customers that want to put surf control servers in our
network. The problem that we have found is that surf control is a
pasive device and needs to be connected to a hub to 'see' what is
happening on the network. We want to use switches not hubs and
thought we could use the 'port monitor' command. This now seems to
have been replaced by using the 'span' technique. However, span seems
to only allow the port to receive packets and not allow the server to
transmit.
Is the only answer to have two NICs in the the server - one for
checking the traffic it sees and the other to send out the FIN packets
to the clients trying to get to blacked sites?
We are looking across 2950, 3550 and 23750 switches.
Thanks in advance
Gary
More information about the cisco-nsp
mailing list