Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] ios/cisco packet sniffer...
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Tue, 31 Oct 2000 15:27:37 -0800

I've never seen any 3rd party software that one could add onto the IOS,
but I have given this particular question some thought before.

First of all, you can do a "debug ip packet", which will NOT give you the
full packets, but gives you port numbers and other information that might
be useful for traffic analysis, or as a starting point for what to watch
for,

Second, I think it would be possible to do a combination of tunnels and
maybe NAT to re-route traffic elsewhere in the world for monitoring, and
then back again.  Obviously this will cause a big performance hit if the
monitor is far away, network-wise, but for store-and-forward things like
mail, it probably wouldn't be noticed right away.  You should be able to
use policy-based routing to select which types of traffic (ports) you want
to redirect.

I haven't gotten as far as working out specific configurations for this,
sorry.

                                        Ryan

On Mon, 18 Sep 2000 mlynn () X25 NET wrote:

im sure something like this exists (well im almost sure)...but has anyone
seen a packet sniffer that would run on a cisco router?...



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault