On Fri, 24 Nov 2000, Joe Hacker wrote:
> I couldn't see this in the thread, only a bunch of links to various pages,
> and since I
> am off-line at the moment (and probably WAAAY behind reading this...), I
> leave it
> to the moderator to approve the post.
>
> One good way to do a packet dump on a Cisco is:
>
> router(config)#access-list 199 permit ip <source> <mask> <destination> <mask>
> router(config)#access-list 199 permit ip <destination> <mask> <source> <mask>
> router(config)#end
> router# debug ip packet 199 dump
>
> E.g.
>
> access-list 199 permit ip host 192.168.0.1 any
> access-list 199 permit ip any host 192.168.0.1
>
> Will dump packets destined to and from 192.168.0.1.
>
> I included the list, since debugging at packet level can cause the router
> to reload if there is a lot
> of traffic.
Don't use it too liberal. Your router is now left for DoS attack. Unless
you have a high CPU vs bandwidhth ratio a simple portscan will render your
router useless. (Customer thought he was smart. However I shot his router
straight out of the sky the moment I started a noisy test.)
Hugo.
>
--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland
hvdkooij@caiw.nl http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
This message has not been checked and may contain harmfull content.
Received on Nov 26 2000
Intro
