Thursday, March 15, 2007

Cisco Router Forensics

Have you ever wondered what if your cisco routers or switches is compromised? What is the next step you would take to check your routers or switches for any changes made by the hacker? That was once a question mark in my head, but today i am going to show some commands that you can use to check for any compromisation.

1. show version
2. show ip route
3. show run
4. show start
5. show ip route
6. show nat
7. show users all
8. show ip int
9. show int
10. show tcp brief all
11. show ip sockets
12. show ip nat translations verbose
13. show access-list
14. show xlate detail
15. show connection detail
16. show ip inspect session detail

Of course, there are many others more. But the above commands are most frequently used by me if a Cisco network device is compromised. Comments pls!!

9 comments:

Anonymous said...

Can anyone recommend the top performing Endpoint Security software for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central support network
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!

Unknown said...

The holidays are a time ed hardy of getting together with friends ed hardy shoes and family, attending elaborate ed hardy clothing parties, and other exciting events ed hardy clothes that involves dressing up in stunning ed hardy store wardrobes. If you ed hardy Bikini are pregnant during ed hardy swimsuits the holidays, it does not ed hardy Caps mean that you are unable buy ed hardy to look fabulous and ed hardy swimwear stylish. Now, an expectant ed hardy sale mother has many styles of chic ed hardy glasses maternity clothing that allows cheap ed hardy her to show off her baby bump Christian audigier while looking spectacular.

Generic Viagra said...

Very nice information, I think the right word would be "smarter" but I know you don't like that, I'd love if you can send all this new information to my e-mail, because I'm really interested in this matter, specially with the Cisco network support.

order viagra online said...

Hello I enjoyed yoiur article. I think you have some good ideas and everytime i learn something new i dont think it will ever stop always new info , Thanks for all of your hard work!.

Anonymous said...

Do you have a spam problem on this blog; I also am a
blogger, and I was wondering about your situation; we have created some nice practices and we
are looking to exchange strategies with other folks,
please send me an email if you're interested.

my homepage :: Toenail Fungus
my webpage - Toenail Fungus

Anonymous said...

Hi.
With this blog you clarify some of the most significant pieces
of information!!
Really easy to read through & full of very useful advice!

Thanks a lot for sharing Blogger: Taking Network Security to the Streets.


Feel free to visit my site ... Desktop Gadgets

Anonymous said...

Hi!
I really love your article. Impressive piece of work on the concept
of your website.
Thanks

Here is my blog; How to Golf App

Anonymous said...

Do you have a spam issue on this website; I also am a blogger, and I was wanting to
know your situation; we have created some nice practices and we are looking to swap solutions with other folks, why not shoot me an
email if you are interested.

My webpage vehicle app
My website: vehicle app

Anonymous said...

Searching stumbleupon.com I noticed your site book-marked as:
Blogger: Taking Network Security to the Streets. Now I am assuming you bookmarked
it yourself and wanted to ask if social book-marking
gets you a lot of targeted visitors? I've been considering doing some book-marking for a few of my sites but wasn't sure if it would yield any
positive results. Thank you so much.

my weblog ... Golf App
Also see my website: Free Golf Apps