I need to capture traffic from a secure network but a PC will be capturing the traffic so one NIC will be used for the SPAN traffic and the other will be connected to another less secure network for management. Can a hacker use that SPAN port to get into the secure network?
It is SPAN port, so this is only Listening Mode. that means it only receiving capabilities of all the traffic ( or mirroring all the traffic in the network), Other side if you conncted to Management, this means most of the admin only have access.
if this Manangement side network compromised, then your network is on some one hands.. can be done many things.
*** Rate All Helpful Responses ***
Thanks those two networks are obviously separated so the switches are different. Logically can an attacker on the less secure network compromise the switch that the SPAN port is plugged into?
As BB stated the port used for SPAN is in a mode where it listens to traffic but is not able to send any traffic. If an attacker is able to access the PC then they would be able to observe traffic on the secure network and some people might regard that as a compromise. But the attacker would not be able to perform any action in the more secure network to compromise it.