Penetration Testing mailing list archives
Re: [PEN-TEST] ios/cisco packet sniffer...
From: Joe Shaw <jshaw () INSYNC NET>
Date: Sat, 25 Nov 2000 10:28:55 -0600
On Sat, 25 Nov 2000, van der Kooij, Hugo wrote:
One good way to do a packet dump on a Cisco is: router(config)#access-list 199 permit ip <source> <mask> <destination> <mask> router(config)#access-list 199 permit ip <destination> <mask> <source> <mask> router(config)#end router# debug ip packet 199 dump Will dump packets destined to and from 192.168.0.1.Don't use it too liberal. Your router is now left for DoS attack. Unless you have a high CPU vs bandwidhth ratio a simple portscan will render your router useless. (Customer thought he was smart. However I shot his router straight out of the sky the moment I started a noisy test.)
Actually, using debugging alone can bring a Cisco to it's knees if you are not careful. The best way to try and hinder someone dropping your router at this or any point, like in a small packet flood which will generally send the CPU through the roof, is to institute process scheduling. I believe it only works on 7200 and up platforms running IOS 11.2 and later, but it is useful. The best part about it is that it's very tweakable. -- Joseph W. Shaw Sr. Network Security Specialist for Big Company not to be named. I have public opinions, and they have public relations.
Current thread:
- Re: [PEN-TEST] ios/cisco packet sniffer..., (continued)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... Nasir Farhat Khan (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Sheldon Dubrowin (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Etaoin Shrdlu (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Bennett Todd (Nov 01)
- Re: [PEN-TEST] ios/cisco packet sniffer... batz (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... Seth Georgion (Nov 02)
- Re: [PEN-TEST] ios/cisco packet sniffer... James Mancini (Nov 03)
- Re: [PEN-TEST] ios/cisco packet sniffer... Joe Hacker (Nov 25)
- Re: [PEN-TEST] ios/cisco packet sniffer... van der Kooij, Hugo (Nov 26)
- Re: [PEN-TEST] ios/cisco packet sniffer... Joe Shaw (Nov 26)
- Re: [PEN-TEST] ios/cisco packet sniffer... Ryan Russell (Nov 28)
- Re: [PEN-TEST] ios/cisco packet sniffer... Jon Vandiveer (Nov 28)
- Re: [PEN-TEST] ios/cisco packet sniffer... James Mancini (Nov 28)