[c-nsp] LOG ACL

Roland Dobbins rdobbins at cisco.com
Mon Jan 30 00:55:29 EST 2006 

Another way to do this would be to enable NetFlow on the interfaces  
in question; you can look at it 'live' on the router, and export it  
for further analysis, as well:

	http://www.cisco.com/go/netflow


On Jan 29, 2006, at 9:31 PM, Melvin C. Etheridge wrote:

> I at least would like to know what ports are being used.
>
> TIA
>
> Mel
>
> ----- Original Message -----
> From: "Melvin C. Etheridge" <mele at enia.net>
> To: "Amol Sapkal" <amolsapkal at gmail.com>
> Cc: "Cisco-Nsp" <cisco-nsp at puck.nether.net>
> Sent: Monday, January 30, 2006 12:19 AM
> Subject: Re: [c-nsp] LOG ACL
>
>
>> I would really like to log all traffic on this host.
>>
>> The cust thinks they have a trojan and have not been able to track it
>> down.
>>
>> Thanks!
>>
>> Mel
>>  ----- Original Message -----
>>  From: Amol Sapkal
>>  To: Melvin C. Etheridge
>>  Sent: Sunday, January 29, 2006 11:19 PM
>>  Subject: Re: [c-nsp] LOG ACL
>>
>>
>>  Melvin,
>>
>>  Are you looking at logging only the number of packets?
>>  If yes, try put an explicit permit statement in your access-list.
>>
>>  Like,
>>
>>  access-list 100 permit ip host 1.1.1.1 any
>>  access-list 100 permit ip any host 1.1.1.1
>>
>>
>>
>>  HTH,
>>  Amol
>>
>>
>>
>>  On 1/30/06, Melvin C. Etheridge <mele at enia.net> wrote:
>>    I would like to create a ACL to just log traffic to and from a  
>> ip going
>>    through one of my adsl routers.
>>
>>    What would be the best way to word the ACL to do this?
>>
>>    Thanks,
>>
>>    Mel
>>
>>    _______________________________________________
>>    cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>    https://puck.nether.net/mailman/listinfo/cisco-nsp
>>    archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
>>
>>
>>  --
>>  Warm regards,
>>
>>  Amol Sapkal
>>
>>  -------------------------------------------------------------------
>>  "A new study shows that licking the sweat off
>>  a frog can cure depression. The down side is,
>>  the minute you stop licking, the frog gets
>>  depressed again." - Jay Leno
>>  -------------------------------------------------------------------
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice

      Everything has been said.  But nobody listens.

                    -- Roger Shattuck

More information about the cisco-nsp mailing list