Tag: packet capture

Capturing Traffic with the Cisco ASA

I have written quite a few things lately about capturing traffic so why not write another? This time we will be taking a look at capturing data from another key place in the network; the firewall.

Cisco Switch SPAN Port Filtering

If you have a bit of familiarity Cisco switches you may have configured a SPAN port or a monitor session in the past. A basic span port is very useful in capturing packets or passively monitoring and is a requirement for some web filtering services such as Websense. Today, I want to focus on the SPAN session from a packet capturing standpoint.

If we mirror a switch port that sees a high volume of traffic simply mirroring all of that traffic to our packet capturing port could be too much for our capture system to consume. Fortunately, there is a way to do this through access control lists on the switch itself.

Capture Files from Data Streams with Wireshark

Most networkers are familiar with the basic capabilities available in Wireshark. Packet captures are very helpful when troubleshooting a host of network problems. One feature folks may be less familiar with in Wireshark is it’s ability to actually save files that were seen as part of a packet capture.

Passive Sniffing on Windows

With Linux you can configure a sniffing only port relatively easy. Put it in promiscuous mode without an IP and sniff away passively. With windows, there is typically always an IP address assigned to an interface. If not statically assigned the interface will search for DHCP and will ultimately end up with an address in […]