Penetration Testing mailing list archives
Re: [PEN-TEST] ios/cisco packet sniffer...
From: "van der Kooij, Hugo" <Hugo.van.der.Kooij () CAIW NL>
Date: Sat, 25 Nov 2000 10:09:47 +0100
On Fri, 24 Nov 2000, Joe Hacker wrote:
I couldn't see this in the thread, only a bunch of links to various pages, and since I am off-line at the moment (and probably WAAAY behind reading this...), I leave it to the moderator to approve the post. One good way to do a packet dump on a Cisco is: router(config)#access-list 199 permit ip <source> <mask> <destination> <mask> router(config)#access-list 199 permit ip <destination> <mask> <source> <mask> router(config)#end router# debug ip packet 199 dump E.g. access-list 199 permit ip host 192.168.0.1 any access-list 199 permit ip any host 192.168.0.1 Will dump packets destined to and from 192.168.0.1. I included the list, since debugging at packet level can cause the router to reload if there is a lot of traffic.
Don't use it too liberal. Your router is now left for DoS attack. Unless you have a high CPU vs bandwidhth ratio a simple portscan will render your router useless. (Customer thought he was smart. However I shot his router straight out of the sky the moment I started a noisy test.) Hugo.
-- Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland hvdkooij () caiw nl http://home.kabelfoon.nl/~hvdkooij/ -------------------------------------------------------------- This message has not been checked and may contain harmfull content.
Current thread:
- Re: [PEN-TEST] ios/cisco packet sniffer..., (continued)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Nasir Farhat Khan (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Sheldon Dubrowin (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Etaoin Shrdlu (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... batz (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Seth Georgion (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... James Mancini (Nov 03)
- Re: [PEN-TEST] ios/cisco packet sniffer... Joe Hacker (Nov 25)
- Re: [PEN-TEST] ios/cisco packet sniffer... van der Kooij, Hugo (Nov 26)
- Re: [PEN-TEST] ios/cisco packet sniffer... Joe Shaw (Nov 26)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 28)
- Re: [PEN-TEST] ios/cisco packet sniffer... Jon Vandiveer (Nov 28)
- Re: [PEN-TEST] ios/cisco packet sniffer... James Mancini (Nov 28)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 01)