Just to make sure you're aware, debug ip packet with its options is
generally frowned upon in production environments, if you are not specific
enough with the debug or hit enter prematurely, well thats a good way to
draw the wrath of your coworkers.
Brian
The path to a desireable destination
is often more difficult than the path to stay where you are.
On Wed, 3 Sep 2003, dre wrote:
> ""Reimer, Fred"" wrote in message ...
> > Cisco routers don't have the ability to capture packets. However, you
can
> > use an ACL and the debug ip packet command to get some limited
> information.
>
> Well, you can do "debug ip packet dump" and get the
> full payload in both hex and ASCII (like tcpdump).
>
> Or, even better, if the device supports SPAN, RSPAN or ERSPAN,
> you can mirror the traffic from x ports/vlans to y ports/vlans.
>
> Or, you can setup a GRE tunnel that copies all traffic from the Cisco to
> a nearby Unix machine. https://www.phrack.com/show.php?p=56&a=10
>
> There are also many other ways to accomplish this, which rely on changing
> the ways the protocols normally operate. For example, using a tool such a
> (but clearly not limited to) dsniff or irpas, one can easily create a MITM
> gateway based on modification of ARP, ICMP redirect, IRDP, STP,
> HSRP, PBR (using interface, next-hop, etc), or even using generalized
> proxies (IP NAT, MAC address translation).
>
> -dre
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74738&t=74708
--------------------------------------------------
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
