Tag Archives: testing

Cisco Switch Remote SPAN

Capturing network traffic can be a very effective way of solving complicate issues particularly when log files are not yielding useful results. One issue typically is the ability to actually physically perform the capture. To overcome these limitations a Remote SPAN or RSPAN instance can be used. Continue reading

Posted in Networking | Tagged , , , , , , | Leave a comment

Capturing Traffic with the Cisco ASA

I have written quite a few things lately about capturing traffic so why not write another? This time we will be taking a look at capturing data from another key place in the network; the firewall. Continue reading

Posted in Networking, Security | Tagged , , , , , , | Leave a comment

Cisco Switch SPAN Port Filtering

If you have a bit of familiarity Cisco switches you may have configured a SPAN port or a monitor session in the past. A basic span port is very useful in capturing packets or passively monitoring and is a requirement for some web filtering services such as Websense. Today, I want to focus on the SPAN session from a packet capturing standpoint.

If we mirror a switch port that sees a high volume of traffic simply mirroring all of that traffic to our packet capturing port could be too much for our capture system to consume. Fortunately, there is a way to do this through access control lists on the switch itself. Continue reading

Posted in Networking | Tagged , , , , , | 3 Comments

Tail Cat and Grep Your Log Files

I recently treated myself to a long overdue syslog server for our network devices. The system is on a Linux system (I would have it no other way) and has been instrumental to troubleshooting and auditing these past few weeks. You can read this article for some log parsing tricks ranging from basic to a bit more advanced. Cat, Grep and Tail are the commands that truly set Linux based syslog servers apart from one running on windows. Don’t get me wrong, there are other decent alternatives but it’s hard to beat a typed command and an instant result. There … Continue reading

Posted in Networking | Tagged , , , | 1 Comment