Sniff/Source Route Cisco Router Traffic?

[omegatron () hushmail com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

Performing a pen-test on a class C network, and I've gained privileged access to the main router on the client's 
network. It is a Cisco 2600, and appears to sit in front of a firewall (although the fw is transparent at this point). 
It is directly connected via a Ethernet interface to the entire network, and it doesn't appear to be doing any 
NAT/masquerading.

The firewall(s) still filters traffic from the router (the router is does not appear "trusted"). I was wondering if 
there was a way to sniff or route (source route?) traffic that is destined to the client's network to my own machine on 
the Internet and capture that traffic while allowing it to pass thru to the client's network unmodified and with little 
packet loss.

Are there any other tricks I can do with admin access (aside from obvious DoS attacks) to the external router? For 
clarification, I have the Cisco 2600 privileged password and can telnet to the router remotely.

I cannot identify the firewall via port scans or any manner of filter bypassing/firewalking, although I'd love to hear 
some suggestions.

Thanks,

o.

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wl4EARECAB4FAj0G2noXHG9tZWdhdHJvbkBodXNobWFpbC5jb20ACgkQYPShwwsH0MIo
jwCgv2vT99T2plG7TrvWCl4Pu8BFNyIAn1IjOeFx6ot0+512dOno3iMIrni4
=lGzb
-----END PGP SIGNATURE-----


Communicate in total privacy.
Get your free encrypted email at https://www.hushmail.com/?l=2

Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/