Penetration Testing mailing list archives
Re: Sniff/Source Route Cisco Router Traffic?
From: "Krish Ahya" <Krish () houston rr com>
Date: Wed, 12 Jun 2002 18:05:51 -0500
Yes, you can. Use Policy Based Routing using the route-map command. Using PBR, you can route based on just about anything (even ports) and set destinations. http://www.cisco.com/warp/public/cc/techno/protocol/tech/plicy_wp.htm http://www.cisco.com/warp/public/105/top_issues/iprouting/policyrt.html http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c /qcpart1/qcpolicy.htm - Krish, CCNP ~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~ I have not failed 10,000 times, I have sucessfully found 10,000 ways that won't work." -- Thomas A. Edison ----- Original Message ----- From: <omegatron () hushmail com> To: <pen-test () securityfocus com> Sent: Wednesday, June 12, 2002 12:25 AM Subject: Sniff/Source Route Cisco Router Traffic?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Performing a pen-test on a class C network, and I've gained privileged
access to the main router on the client's network. It is a Cisco 2600, and appears to sit in front of a firewall (although the fw is transparent at this point). It is directly connected via a Ethernet interface to the entire network, and it doesn't appear to be doing any NAT/masquerading.
The firewall(s) still filters traffic from the router (the router is does
not appear "trusted"). I was wondering if there was a way to sniff or route (source route?) traffic that is destined to the client's network to my own machine on the Internet and capture that traffic while allowing it to pass thru to the client's network unmodified and with little packet loss.
Are there any other tricks I can do with admin access (aside from obvious
DoS attacks) to the external router? For clarification, I have the Cisco 2600 privileged password and can telnet to the router remotely.
I cannot identify the firewall via port scans or any manner of filter
bypassing/firewalking, although I'd love to hear some suggestions.
Thanks, o. -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wl4EARECAB4FAj0G2noXHG9tZWdhdHJvbkBodXNobWFpbC5jb20ACgkQYPShwwsH0MIo jwCgv2vT99T2plG7TrvWCl4Pu8BFNyIAn1IjOeFx6ot0+512dOno3iMIrni4 =lGzb -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name?
http://www.hush.com/partners/offers.cgi?id=domainpeople
--------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Sniff/Source Route Cisco Router Traffic? omegatron (Jun 12)
- RE: Sniff/Source Route Cisco Router Traffic? Maximiliano PĂ©rez (Jun 12)
- Re: Sniff/Source Route Cisco Router Traffic? Krish Ahya (Jun 13)
- Re: Sniff/Source Route Cisco Router Traffic? batz (Jun 14)
- <Possible follow-ups>
- RE: Sniff/Source Route Cisco Router Traffic? Joshua Wright (Jun 12)