Configure switchport on 4507 to span all vlans & capture traffic on a specific port.

Posted on 2010-01-07
Last Modified: 2013-11-22
We had conficker go through our network. We believe to have a rogue system somewhere out there. We tried wireshark to capture traffic, but nothing came up because it was only run inside of 1 vlan. We need to find this system that keeps spewing the virus out. We have a Cisco 4507 that we would like to capture traffic on port 445. Can someone give me a play by play on configuring the switch  - or orther actions to squelch the virus?

Question by:specialdevices
    1 Comment
    LVL 23

    Accepted Solution

    Here is the configu for a 4500 series running IOS.
    The config sets the interface to monitor as 4/2 and the port you connect your laptop to is 4/3
    For more details here is a good link

    monitor session 1 source interface fastethernet 4/2
    monitor session 1 destination interface fastethernet 4/3
    show monitor session 1
    !verifies span was setup correctly 

    Open in new window


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Suggested Solutions

    So you got the Conficker. You could go to each machine and run the eye chart test (, but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
    PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now