Using the cisco ASA IPS packet capure function from the cli

In this blog we will look at the cli packet capture function on the cisco ASA 5558-X series.

The conducting of packet captures, is a everyday function for a security analyst.

In this few simple steps, you can capture packets over any of the  IPS sensor interfaces. Here I will demostrate this using the  management interface on a cisco Next Generation Firewall.

1st step we execute the capture;

Within this step we have tons of options that you can specify;

2nd We will now  perform a tcp dump looking at udp traffic only;

3rd  And display the capture locally & from the Management interface ;

4th No capture would not be complete without transfer the data for later analysis and review;

5th And for  finally good maintenance actions , it;s best to delete the capture file and validating that it's deleted;

Ken Felix

Freelance Network / Security Engineer

kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^

=(   +   $  )=

          o

       /     \