Using Passwords, Port Security, and Authorized IP Managers To Protect Against Unauthorized Access

Configuring and Monitoring Port Security

Syntax:

show interface

List Intrusion Alert status.

 

show intrusion-log

List Intrusion Log content.

 

clear intrusion-log

Clear Intrusion flags on all ports.

 

port-security <port-number>

 

 

clear-intrusion-flag

Clear Intrusion flag on a specific port.

In the following example, executing show interface lists the switch’s port status, which indicates an intrusion alert on port 1.

Intrusion Alert on port 1.

Using Passwords, Port Security, and Authorized IP

MAC Address of latest Intruder on Port 1

Earlier intrusions on port 1 that have already been cleared (that is, the Alert Flag has been reset at least twice before the most recent intrusion occurred.

Figure 7-9. Example of an Unacknowledged Intrusion Alert in a Port Status Display

If you wanted to see the details of the intrusion, you would then enter the show intrusion-logcommand. For example:

Dates and Times of

Intrusions

Figure 7-10. Example of the Intrusion Log with Multiple Entries for the Same Port

The above example shows three intrusions for port 1. Since the switch can show only one uncleared intrusion per port, the older two intrusions in this example have already been cleared by earlier use of the clear intrusion-logor the port-security 1 clear-intrusion-flagcommand. (The intrusion log holds up to

7-26

Page 166
Image 166
HP 2500 manual List Intrusion Alert status, List Intrusion Log content, Clear Intrusion flags on all ports