RE: Sniff/Source Route Cisco Router Traffic?

From: Joshua Wright (Joshua.Wright@jwu.edu)
Date: 06/12/02

• Previous message: ed d: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
• Maybe in reply to: omegatron@hushmail.com: "Sniff/Source Route Cisco Router Traffic?"
• Next in thread: Maximiliano Pérez: "RE: Sniff/Source Route Cisco Router Traffic?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Joshua Wright <Joshua.Wright@jwu.edu>
To: pen-test@securityfocus.com
Date: Wed, 12 Jun 2002 16:30:41 -0400

I demonstrated such a technique in my SANS GCIH practical, available at
http://www.giac.org/practical/Joshua_Wright_GCIH.zip (MS Word). Set up a
GRE tunnel to a router you control to start sniffing some traffic. This
does not establish a man-in-the-middle scenario as the traffic would be
asymmetrical in nature, but lets you glean all kinds of useful information
(see section D8 in my paper).

Also see the Phrack 56 article "Things To Do In Cisco Land When You Are
Dead" (Gaius).

My paper was never widely received, so I certainly appreciate any comments
on its content.

Thanks.

-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright@jwu.edu

pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73

> Performing a pen-test on a class C network, and I've gained
> privileged access to the main router on the client's network.
 
> Are there any other tricks I can do with admin access (aside
> from obvious DoS attacks) to the external router? For
> clarification, I have the Cisco 2600 privileged password and
> can telnet to the router remotely.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

---

• Previous message: ed d: "RE: MORE: Tools for Detecting Wireless APs - from the wire side."
• Maybe in reply to: omegatron@hushmail.com: "Sniff/Source Route Cisco Router Traffic?"
• Next in thread: Maximiliano Pérez: "RE: Sniff/Source Route Cisco Router Traffic?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: How to sniff packets from afar? ... >> connect directly in between his ISP and router. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) RE: Nmap issues...? or router? ... Subject: Nmap issues...? ... >like 'port scanning tools can create a situation where the router CPU ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) RE: Sniff/Source Route Cisco Router Traffic? ... Sniff/Source Route Cisco Router Traffic? ... Performing a pen-test on a class C network, ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) Re: Sniff/Source Route Cisco Router Traffic? ... Sniff/Source Route Cisco Router Traffic? ... access to the main router on the client's network. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: Using a Compromised Router to Capture Network Traffic ... Using a Compromised Router to Capture Network Traffic ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2002-06