In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
[original translation] packet capture of PIX/ASA
User's guide
Enable packet capture by attaching an interface option keyword to capture. Capturing multiple interfaces requires multiple capture statements. Packets must be filtered through Ethernet and access lists before they can be stored in the capture buffer.
Useful capture commands:
The no capture command with the optional access-list or interface keyword clears the corresponding capture.
No capture without an optional keyword removes the capture.
If you specify the access-list optional keyword, the access list is removed from the capture and the capture is retained. If the interface keyword is specified, the capture is detached from the specified interface and retained.
The clearcapture capture_name command clears the capture buffer. Note: the capture command is not saved in the configuration and does not repeat itself on alternate settings during failover.
For more detailed capture commands, refer to the customer documentation for capture commands.
Configuration example
Capture packets passing through internal and external interfac
Step # 1-capture packets that pass through the inside interface
Access-list capture_in permit host A host B
Access-list capture_in permit host B host A
Capture inside access-list capture_in interface inside
Step # 2-capture packets passing through the external interface
Access-list capture_out permit host A hostB
Access-list capture_out permit host B hostA
Capture outside access-list capture_out interface outside
Get a packet from the device
Option # 1-browse through WEB from PIX/ASA to get files in pcap format.
Step # 1-if the http service is not available, use the "http" command to enable http (s)
Step # 2-then open a browser and type
Https:///capture//pcap
You will be prompted to save the file after connecting to ASA. For example,
Https://172.16.171.49/capture/inside/pcap
Option # 2-send pcap format files from ASA to tftp server
Step # 1-start the tftp application and set the tftp file root directory for receiving files
Step # 2-then enter the following command copy / pcap capture:t ftp:///temp on ASA. For example:
Copy / pcapcapture: inside t ftp://172.16.89.8/temp copy / pcapcapture:outside t ftp://172.16.89.8/temp
View the capture buffer on PIX
If the name of the packet capture is specified, its contents can be seen in the capture buffer. Show capture to view the capture.
Reset and delete capture commands to clear the capture buffer enter the following clear capture command
Delete the capture command:
Clear capture inside
Clear capture outside
Don't forget to delete the capture list after you finish the capture
No capture inside
No capture outside
No access-list capture_inno access-list capture_out
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
