From: Ramsdell, Scott (sramsdell@stinsonmoheck.com)
Date: Thu Jun 15 2006 - 09:49:07 EDT
Eduardo,
On a 6500, the command is "sho cam <MAC>" with the MAC in the format
xx:xx:xx:xx:xx:xx
This will give you the port that the MAC shows up on.
Next, you will want to make sure the MAC isn't on a trunk port, coming
in from another switch.
So, you: "sho cdp neigh <port> /details"
If you get an IP in the "details" report above, the MAC is on a
different switch. Telnet to the IP of the switch and use "sho cam" if
it's a 65xx, or "sho mac".
Best Regards,
Scott Ramsdell
-----Original Message-----
From: Eduardo Espina [mailto:eduardomx@gmail.com]
Sent: Wednesday, June 14, 2006 3:27 PM
To: Luis Gutierrez
Cc: pen-test@securityfocus.com
Subject: Re: Physical ports in IOS
Hi,
Thanks for the tip, I forgot to say, i'm in a Cisco Catalyst 6500 with
IOS 12.1(8b) and there's no sh mac-address-table command available. I do
have the enable password, show privilege give me level 15. All
references to interfaces are to Vlan# but no physical ports anyway.
Is there a separate port for switch configuration and router
configuration?, i have other Cisco devices for testing and i found the
show mac-adress-table useful, but with IOS 12.4. Is it a problem with
IOS version?
Thanks,
Eduardo.
On 6/14/06, Luis Gutierrez <lgutierrez@foxhollowtech.com> wrote:
>
>
> Here is a sample of how to do it:
>
> 740S3C22#sh ip arp xx.xx.xx.56
>
> Protocol Address Age (min) Hardware Addr Type Interface
> Internet xx.xx.xx.56 1 0011.434c.8b43 ARPA Vlanxx
>
>
> 740S3C22#sh mac add add 0011.434c.8b43
>
> Unicast Entries
> vlan mac address type protocols port
> -------+---------------+--------+---------------------+---------------
> -------+---------------+--------+---------------------+--
> ---
> xx 0011.434c.8b43 dynamic ip
> GigabitEthernet6/1
>
>
> -luis
>
>
> -----Original Message-----
> From: Eduardo Espina [mailto:eduardomx@gmail.com]
> Sent: Tuesday, June 13, 2006 7:21 PM
> To: pen-test@securityfocus.com
> Subject: Physical ports in IOS
>
> Hi,
>
> I'm pen-testing a network and i've already gained access to a Cisco
> switch in certain VLAN; i'm stucked in getting a SPAN port in the
> physical port where i'm attached or changing that port to a different
> VLAN; "show interfaces fastethernet" doesn't work, and "show
> interfaces" just output the MAC address of the VLAN, but i can't find
> the way to correlate IP (mine) with the physical port (Fa0/3 i.e.).
>
> Some idea?
>
> Thanks,
> Eduardo.
>
> ----------------------------------------------------------------------
> --
> ------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
> Analyst's Choice Award from eWeek. As attacks through web applications
> continue to rise, you need to proactively protect your applications
> from hackers. Cenzic has the most comprehensive solutions to meet your
> application security penetration testing and vulnerability management
> needs. You have an option to go with a managed service (Cenzic
> ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
> FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm
> your results from other product. Contact us at request@cenzic.com for
> details.
> ----------------------------------------------------------------------
> --
> ------
>
>
>
>
------------------------------------------------------------------------
------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request@cenzic.com for
details.
------------------------------------------------------------------------
------
This communication is from a law firm and may contain confidential and/or privileged information. If it has been sent to you in error, please contact the sender for instructions concerning return or destruction, and do not use or disclose the contents to others.
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:07 EDT