-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, Performing a pen-test on a class C network, and I've gained privileged access to the main router on the client's network. It is a Cisco 2600, and appears to sit in front of a firewall (although the fw is transparent at this point). It is directly connected via a Ethernet interface to the entire network, and it doesn't appear to be doing any NAT/masquerading. The firewall(s) still filters traffic from the router (the router is does not appear "trusted"). I was wondering if there was a way to sniff or route (source route?) traffic that is destined to the client's network to my own machine on the Internet and capture that traffic while allowing it to pass thru to the client's network unmodified and with little packet loss. Are there any other tricks I can do with admin access (aside from obvious DoS attacks) to the external router? For clarification, I have the Cisco 2600 privileged password and can telnet to the router remotely. I cannot identify the firewall via port scans or any manner of filter bypassing/firewalking, although I'd love to hear some suggestions. Thanks, o. -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wl4EARECAB4FAj0G2noXHG9tZWdhdHJvbkBodXNobWFpbC5jb20ACgkQYPShwwsH0MIo jwCgv2vT99T2plG7TrvWCl4Pu8BFNyIAn1IjOeFx6ot0+512dOno3iMIrni4 =lGzb -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
