Using the capture command in a Cisco Systems PIX firewall.

Find your website's Achilles' Heel


This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls.

A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious network activity in a Cisco Systems PIX firewall is by using the capture command. Many times Cisco TAC will request captures from a PIX in PCAP format for open problem tickets associated with unusual problems or activity associated with the PIX and the network.

Cisco kit can be a bit daunting for a newcomer, but very well featured, it’s important to learn what your PIX can do!

The capture command was first introduced to the PIX OS in version 6.2 and has the ability to capture all data that passes through the PIX device. You can use access-lists to specify the type of traffic that you wish to capture, along with the source and destination addresses and ports. Multiple capture statements can be used to attach the capture command to multiple interfaces. You can even copy the raw header and hexadecimal data in PCAP format to a tftp server and open it with TCPDUMP or Ethereal.

NOTE: You must be in privileged mode to invoke the capture command.

Full article here.


Posted in: Countermeasures, Hardware Hacking, Network Hacking

, , , , , , ,

Recent in Countermeasures:
- Bearded – Security Automation Platform
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,265 views
- Password Hasher Firefox Extension - 117,882 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,751 views

Get protected with Sucuri


One Response to Using the capture command in a Cisco Systems PIX firewall.

  1. navidnmc April 5, 2007 at 2:43 am #

    dear my freind

    I can not open link of (Full article here) article and show me error page

    pleas help me