Penetration Testing mailing list archives
Re: [PEN-TEST] ios/cisco packet sniffer...
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Tue, 31 Oct 2000 15:27:37 -0800
I've never seen any 3rd party software that one could add onto the IOS, but I have given this particular question some thought before. First of all, you can do a "debug ip packet", which will NOT give you the full packets, but gives you port numbers and other information that might be useful for traffic analysis, or as a starting point for what to watch for, Second, I think it would be possible to do a combination of tunnels and maybe NAT to re-route traffic elsewhere in the world for monitoring, and then back again. Obviously this will cause a big performance hit if the monitor is far away, network-wise, but for store-and-forward things like mail, it probably wouldn't be noticed right away. You should be able to use policy-based routing to select which types of traffic (ports) you want to redirect. I haven't gotten as far as working out specific configurations for this, sorry. Ryan On Mon, 18 Sep 2000 mlynn () X25 NET wrote:
im sure something like this exists (well im almost sure)...but has anyone seen a packet sniffer that would run on a cisco router?...
Current thread:
- [PEN-TEST] ios/cisco packet sniffer... mlynn (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Nasir Farhat Khan (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Sheldon Dubrowin (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Etaoin Shrdlu (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... batz (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Seth Georgion (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... James Mancini (Nov 03)
- Re: [PEN-TEST] ios/cisco packet sniffer... Joe Hacker (Nov 25)
- Re: [PEN-TEST] ios/cisco packet sniffer... van der Kooij, Hugo (Nov 26)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 01)