13 September 2006 | 19,410 views

Using the capture command in a Cisco Systems PIX firewall.

Want to Learn Penetration Testing

This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls.

A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious network activity in a Cisco Systems PIX firewall is by using the capture command. Many times Cisco TAC will request captures from a PIX in PCAP format for open problem tickets associated with unusual problems or activity associated with the PIX and the network.

Cisco kit can be a bit daunting for a newcomer, but very well featured, it’s important to learn what your PIX can do!

The capture command was first introduced to the PIX OS in version 6.2 and has the ability to capture all data that passes through the PIX device. You can use access-lists to specify the type of traffic that you wish to capture, along with the source and destination addresses and ports. Multiple capture statements can be used to attach the capture command to multiple interfaces. You can even copy the raw header and hexadecimal data in PCAP format to a tftp server and open it with TCPDUMP or Ethereal.

NOTE: You must be in privileged mode to invoke the capture command.

Full article here.

Post to Twitter Post to Facebook Post to Google Buzz Post to Delicious Post to Digg Post to Reddit Post to StumbleUpon


Tags: , , , , , , ,


# Posted in: Countermeasures, Hardware Hacking, Network Hacking | * 1 Comment


Recent in Countermeasures:
- No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug
- sslyze – Fast and Full-Featured SSL Configuration Scanner
- Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones

Related Posts:
- CDPSnarf – CDP Packet Sniffer
- Cisco IOS FTP Backdoor Ripe for Hackers
- Nipper 0.11.5 Released – Network Device Configuration Security Auditing Tool

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 115,582 views
- Password Hasher Firefox Extension - 110,122 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 55,170 views

Advertise on Darknet


One Response to “Using the capture command in a Cisco Systems PIX firewall.”

  1. navidnmc 5 April 2007 at 2:43 am Permalink

    dear my freind

    I can not open link of (Full article here) article and show me error page

    pleas help me