Is this hosted on an alternate site other than the geocities site which has exceeded the xfer limit? -----Original Message----- From: Penetration Testing [mailto:pentestat_private] Sent: Monday, July 15, 2002 2:44 PM To: pen-testat_private Subject: Using a Compromised Router to Capture Network Traffic Hi all. I have recently completed some experimentation into using a captured router to sniff network traffic on a remote network. This is in the same vein as Gauis' article in Phrack 56 (Things to do in cisco land when you are dead). I have tried to build on Gauis' work in that I terminated the GRE tunnel on a Cisco router instead of a *nix machine. I explored a couple of possible scenarios for this, the net result being that it is possible to remotely capture (bi-directional) network traffic using NO customised tools; all that is required is one cisco router with vanilla IOS, and a machine that can run snoop or tcpdump. Anyway, if anyone is interested, the document describing the experiment and results is available at http://www.geocities.com/david_taylor_au/ (Word 2000 format). Or, contact me. Regards, Dave Taylor ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Jul 15 2002 - 11:06:42 PDT