![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
jmroberts70
2[H]4U
- Joined
- Oct 15, 2002
- Messages
- 2,953
Please understand, I'm no expert when it comes to managed switches but I think I'm grasping the concepts. I'm trying to locate Bittorrent traffic on a fairly large network. We have around 6 Dell Powerconnect 5424 switches and one Cisco Catalyst 2950 switch on the network. I attached a laptop running Wireshark on an available port and start capturing traffic. Problem is, I believe I need to turn on Port Monitoring to be able to capture ALL the traffic. Here are my problems:
1. I've never had to do any messing around with either Dell or Cisco managed switches before (although I'm not afraid of CLI platforms since I used to work that way all the time).
2. Doesn't port monitoring just link one port to another so I can just see the traffic from the source port? Meaning, I could potentially make the "source" port for monitoring the uplink port on the switch and the "destination" port for the receiving the packet information my laptop running Wireshark. Won't this just capture the traffic of that switch alone and not the rest of the network? Maybe I need to run Wireshark from the main router?
If there is anyone out there that lives in Southern California, I'd love to talk with you about this. I am totally in the dark here as I have no one I can call or question about this sort of thing. I'm sure I can figure it out by plowing through the documentation but I'm afraid of damaging the network in the process from going directly to the operation I need to perform and miss something in between!!
Hell, I may still just go for it but I'd really like to talk to someone that is much more familiar with this equipment...
1. I've never had to do any messing around with either Dell or Cisco managed switches before (although I'm not afraid of CLI platforms since I used to work that way all the time).
2. Doesn't port monitoring just link one port to another so I can just see the traffic from the source port? Meaning, I could potentially make the "source" port for monitoring the uplink port on the switch and the "destination" port for the receiving the packet information my laptop running Wireshark. Won't this just capture the traffic of that switch alone and not the rest of the network? Maybe I need to run Wireshark from the main router?
If there is anyone out there that lives in Southern California, I'd love to talk with you about this. I am totally in the dark here as I have no one I can call or question about this sort of thing. I'm sure I can figure it out by plowing through the documentation but I'm afraid of damaging the network in the process from going directly to the operation I need to perform and miss something in between!!
Hell, I may still just go for it but I'd really like to talk to someone that is much more familiar with this equipment...