This is a kind of high level issue I am having, but I figured I'd bring it here anyway. I've got a stack of Cisco 3750G switches. I need to document the network layout and I really don't want to use a tester to map out which patch panel port goes to which office. What I am hoping to do is sniff the traffic on each individual port, find the local private ip of the computer on that port, and then use a network scanner to match up each machine to its current ip.
I've looked at NTop, but couldn't get it to run on my windows machine. Does anyone know of a tool, maybe like ethereal, that would let me sniff traffic isolated to a single switch port of a cisco switch?
I thought ntop had full win32 compatibility? Have you tried Cisco for switch management software? I've used some 3com software for a set of 3com switches before and it mapped out everything fairly well.
I've got the Cisco Network Assistant (CNA) installed and it's not giving me any information like that. If it helps, I'm running Vista and the NTop installer crashes everytime I try it.
First set up port mirroring (SPAN) on your switches so that you are monitoring one port at a time. Run ethereal/wireshark on the monitor port to find the computer's IP. Repeat for each port on the switches.
You may want to run a ping sweep on your LAN IP's at the same time you run ethereal so you are not just waiting for the computers to generate traffic themselves.
SiliconStew on
Just remember that half the people you meet are below average intelligence.
First set up port mirroring (SPAN) on your switches so that you are monitoring one port at a time. Run ethereal/wireshark on the monitor port to find the computer's IP. Repeat for each port on the switches.
You may want to run a ping sweep on your LAN IP's at the same time you run ethereal so you are not just waiting for the computers to generate traffic themselves.
Thank you. It looks like SPAN is going to do exactly what I needed.
First set up port mirroring (SPAN) on your switches so that you are monitoring one port at a time. Run ethereal/wireshark on the monitor port to find the computer's IP. Repeat for each port on the switches.
You may want to run a ping sweep on your LAN IP's at the same time you run ethereal so you are not just waiting for the computers to generate traffic themselves.
Thank you. It looks like SPAN is going to do exactly what I needed.
If you find anything easier to read and sort through than wireshark, let me know. We use port mirroring for CALEA, I know the Law Enforcements have some nice software to decrypt and read that traffic but I know it's expensive too, mega. To test though, we count on Wireshark or worse to ensure the packets are gettin captured properly.
Clearsightnet.com has some stuff I think, but will probably run you $10k or so.
badfish on
"What you had there is what we refer to as a focused non-terminal repeating phantasm or a Class 5 full-roaming vapor."
Posts
Podcast 0207: Sinking to new depths
Preview: Is Uncharted: Golden Abyss the Vita’s killer launch title?
Dynasty Warriors: Gundam 3: Macro-wreckonomics
You may want to run a ping sweep on your LAN IP's at the same time you run ethereal so you are not just waiting for the computers to generate traffic themselves.
Thank you. It looks like SPAN is going to do exactly what I needed.
Podcast 0207: Sinking to new depths
Preview: Is Uncharted: Golden Abyss the Vita’s killer launch title?
Dynasty Warriors: Gundam 3: Macro-wreckonomics
If you find anything easier to read and sort through than wireshark, let me know. We use port mirroring for CALEA, I know the Law Enforcements have some nice software to decrypt and read that traffic but I know it's expensive too, mega. To test though, we count on Wireshark or worse to ensure the packets are gettin captured properly.
Clearsightnet.com has some stuff I think, but will probably run you $10k or so.
Should be just a easy install for windows. Much easier than the real nTop installer.