mailing list archives
Re: [PEN-TEST] ios/cisco packet sniffer...
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Tue, 31 Oct 2000 15:27:37 -0800
I've never seen any 3rd party software that one could add onto the IOS,
but I have given this particular question some thought before.
First of all, you can do a "debug ip packet", which will NOT give you the
full packets, but gives you port numbers and other information that might
be useful for traffic analysis, or as a starting point for what to watch
Second, I think it would be possible to do a combination of tunnels and
maybe NAT to re-route traffic elsewhere in the world for monitoring, and
then back again. Obviously this will cause a big performance hit if the
monitor is far away, network-wise, but for store-and-forward things like
mail, it probably wouldn't be noticed right away. You should be able to
use policy-based routing to select which types of traffic (ports) you want
I haven't gotten as far as working out specific configurations for this,
On Mon, 18 Sep 2000 mlynn () X25 NET wrote:
im sure something like this exists (well im almost sure)...but has anyone
seen a packet sniffer that would run on a cisco router?...