Scribd Logo
Upload

Welcome to Scribd!

  • 0 views

    Practical 3

    Uploaded by

    4832550

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Practical 3

    Uploaded by

    4832550
    0 views6 pages

    Original Title

    PRACTICAL 3

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    0 views6 pages

    Practical 3

    Uploaded by

    4832550

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    PRACTICAL 3

    Aim: Implement SPAN Technologies (Switch Port Analyzer)

    What is a SPAN port?


    SPAN (Switched Port Analyzer) is a dedicated port on a switch that takes a mirrored copy of
    network traffic from within the switch to be sent to a destination.

    The destination is typically a monitoring device, or other tools used for troubleshooting or
    traffic analysis.

    SPAN ports present a readily available mechanism through which to access detailed packet
    information.

      One SPAN session contains only one destination port.


      No two SPAN sessions have same destination port.
      Destination port can’t be used as source port.
      A SPAN session may contain multiple source ports.
      A SPAN session can not mix ports and vlans.

    Background / Scenario
    As the network administrator you want to analyze traffic entering and exiting the local
    network. To do this, you will set up port mirroring on the switch port connected to the router
    and mirror all traffic to another switch port. The goal is to send all mirrored traffic to an
    intrusion detection system (IDS) for analysis. In this initial implementation, you will send all
    mirrored traffic to a PC which will capture the traffic for analysis using a port sniffing
    program. To set up port mirroring you will use the Switched Port Analyzer (SPAN) feature on
    the Cisco switch. SPAN is a type of port mirroring that sends copies of a frame entering a port,
    out another porton the same switch. It is common to find a device running a packet sniffer or
    Intrusion Detection System (IDS) connected to the mirrored port.
    Part 1: Build the Network and Verify Connectivity
    Part 2: Configure Local SPAN

    Part 1: Build the Network and Verify Connectivity

    Step 1: Cable the network as shown in the topology.


    Step 2: Configure basic settings for each switch

    Step 1:- Setting VLANS

    Step 2:- show vlan brief

    Step 3:- Adding ports in the VLANs SW1:


    Step 4:- Verify Vlans
    Part 2: Configure Local SPAN

    Step 1: Configure SPAN on S1.

    Console into S1 and configure the source and destination monitor ports on S1

    Step 2: Run the show run to see the configurations


    Step 3:- Represent ingress and egress for VLAN 20 and will see the same in g0/2.
    This ingress disabled means we are not actually monitoring anything that comes in from G 0

    Step 4:-Run (sh mon det).Source ports none because we aren’t monitoring ports we are
    monitoring VLAN 20
    Step 5:- Run Wireshark on this PC put it in promiscuous mode and we could pick up all the
    traffic that was going to in and out of VLAN 20 it said that's how we would configure and
    use the Cisco port.

    You might also like