Friday, December 20, 2013

Using the cisco ASA IPS packet capure function from the cli

In this blog we will look at the cli packet capture function on the cisco ASA 5558-X series.

The conducting of packet captures, is a everyday function for a security analyst.

In this few simple steps, you can capture packets over any of the  IPS sensor interfaces. Here I will demostrate this using the  management interface on a cisco Next Generation Firewall.

1st step we execute the capture;

Within this step we have tons of options that you can specify;

2nd We will now  perform a tcp dump looking at udp traffic only;

3rd  And display the capture locally & from the Management interface ;

4th No capture would not be complete without transfer the data for later analysis and review;

5th And for  finally good maintenance actions , it;s best to delete the capture file and validating that it's deleted;

Ken Felix
Freelance Network / Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(   +   $  )=
       /     \

1 comment:

  1. Looking for the Best Dating Website? Create an account to find your perfect match.