Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1728
Views
5
Helpful
3
Replies

Are SPAN ports secure?

eddie.sardinha
Level 1
Level 1

‎01-21-2019 04:57 PM

Hello All,

 

I need to capture traffic from a secure network but a PC will be capturing the traffic so one NIC will be used for the SPAN traffic and the other will be connected to another less secure network for management.  Can a hacker use that SPAN port to get into the secure network?

 

Thanks all,

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎01-21-2019 05:23 PM

It is SPAN port, so this is only Listening Mode. that means it only receiving capabilities of all the traffic ( or mirroring all the traffic in the network), Other side if you conncted to Management, this means most of the admin only have access.

 

if this Manangement side network compromised, then your network is on some one hands..  can be done many things.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

eddie.sardinha
Level 1
Level 1
In response to balaji.bandi

‎01-21-2019 05:48 PM

Thanks those two networks are obviously separated so the switches are different.  Logically can an attacker on the less secure network compromise the switch that the SPAN port is plugged into?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to eddie.sardinha

‎01-22-2019 10:38 AM

As BB stated the port used for SPAN is in a mode where it listens to traffic but is not able to send any traffic. If an attacker is able to access the PC then they would be able to observe traffic on the secure network and some people might regard that as a compromise. But the attacker would not be able to perform any action in the more secure network to compromise it.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents