Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] ios/cisco packet sniffer...

From: Joe Hacker <hacker () ONLINE NO>
Date: Fri, 24 Nov 2000 20:59:09 +0000
I couldn't see this in the thread, only a bunch of links to various pages,
and since I
am off-line at the moment (and probably WAAAY behind reading this...), I
leave it
to the moderator to approve the post.

One good way to do a packet dump on a Cisco is:

        router(config)#access-list 199 permit ip <source> <mask> <destination> <mask>
        router(config)#access-list 199 permit ip <destination> <mask> <source> <mask>
        router(config)#end
        router# debug ip packet 199 dump

E.g.

        access-list 199 permit ip host 192.168.0.1 any
        access-list 199 permit ip any host 192.168.0.1

Will dump packets destined to and from 192.168.0.1.

I included the list, since debugging at packet level can cause the router
to reload if there is a lot
of traffic.

-j0e
Previous By Date Next
Previous By Thread Next

Current thread: