Configure switchport on 4507 to span all vlans & capture traffic on a specific port.

We had conficker go through our network. We believe to have a rogue system somewhere out there. We tried wireshark to capture traffic, but nothing came up because it was only run inside of 1 vlan. We need to find this system that keeps spewing the virus out. We have a Cisco 4507 that we would like to capture traffic on port 445. Can someone give me a play by play on configuring the switch  - or orther actions to squelch the virus?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Here is the configu for a 4500 series running IOS.
The config sets the interface to monitor as 4/2 and the port you connect your laptop to is 4/3
For more details here is a good link 

monitor session 1 source interface fastethernet 4/2
monitor session 1 destination interface fastethernet 4/3

show monitor session 1
!verifies span was setup correctly 

Open in new window


Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.