Using the capture command in a Cisco Systems PIX firewall.

Your website & network are Hackable

This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls.

A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious network activity in a Cisco Systems PIX firewall is by using the capture command. Many times Cisco TAC will request captures from a PIX in PCAP format for open problem tickets associated with unusual problems or activity associated with the PIX and the network.

Cisco kit can be a bit daunting for a newcomer, but very well featured, it’s important to learn what your PIX can do!

The capture command was first introduced to the PIX OS in version 6.2 and has the ability to capture all data that passes through the PIX device. You can use access-lists to specify the type of traffic that you wish to capture, along with the source and destination addresses and ports. Multiple capture statements can be used to attach the capture command to multiple interfaces. You can even copy the raw header and hexadecimal data in PCAP format to a tftp server and open it with TCPDUMP or Ethereal.

NOTE: You must be in privileged mode to invoke the capture command.

Full article here.

Posted in: Countermeasures, Hardware Hacking, Network Hacking

, , , , , , ,

Recent in Countermeasures:
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence
- Cuckoo Sandbox – Automated Malware Analysis System

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,199 views
- Password Hasher Firefox Extension - 117,854 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,741 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95

One Response to Using the capture command in a Cisco Systems PIX firewall.

  1. navidnmc April 5, 2007 at 2:43 am #

    dear my freind

    I can not open link of (Full article here) article and show me error page

    pleas help me