From: Penetration Testing (pentest@infosecure.com.au)
Date: Mon Jul 15 2002 - 14:43:49 EDT
Hi all.
I have recently completed some experimentation into using a captured
router to sniff network traffic on a remote network. This is in the same
vein as Gauis' article in Phrack 56 (Things to do in cisco land when you
are dead).
I have tried to build on Gauis' work in that I terminated the GRE tunnel
on a Cisco router instead of a *nix machine. I explored a couple of
possible scenarios for this, the net result being that it is possible to
remotely capture (bi-directional) network traffic using NO customised
tools; all that is required is one cisco router with vanilla IOS, and a
machine that can run snoop or tcpdump.
Anyway, if anyone is interested, the document describing the experiment
and results is available at http://www.geocities.com/david_taylor_au/
(Word 2000 format). Or, contact me.
Regards,
Dave Taylor
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:23 EDT