Layer2 path discovery and mitigation

Unanswered Question
Sep 4th, 2007
User Badges:


I've had a MARS50 online for about a month now and has never really

got layer 2 mitigation to work. We have a network built with only

Cisco equipment so the procedure should be straight forward I would


Our design is pretty basic: 5 Cat2950 access switches serving the

office along with a Cat4503 as a distribution switch. All these are

running native IOS. The 4503 is connected with a layer 2 trunk to our

co-location where the routing and firewalling takes place in a Cat6513

also running native IOS.

What I would like to see, as described in the MARS user guide, is the

port of the access switch presented in the incident graph. Today I

only see a straight line from the attacking host over the network

object and the target and have no option to mitigate the threat. All

access switches are enabled and discoverable by MARS and have snmp

selected as access method.

What am I missing here?


Fredrik Hofgren

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
avai2005uk Fri, 09/07/2007 - 02:13
User Badges:

Hi there,

can u please tell me are you using SNMP RO string of SNMP RW string?


This Discussion