Tuesday, February 18, 2014

How to quickly sniff a few packets with a Cisco router.

There was a large amount of traffic on a router and I knew something was not right.

int g 0/0
ip accounting output-packets

#sh ip accounting
   Source           Destination              Packets               Bytes
 10.201.195.4    71.225.81.54                   400              187200
 10.194.41.94    63.251.34.130                  488               28733
 10.194.41.36    108.168.214.12                1140              163510862
 10.136.114.135  78.108.118.250                  45                2100
 10.194.41.57    174.62.230.118                  40                2411
 10.194.41.36    65.112.54.26                     5                178235
 10.194.41.78    63.251.34.145                  479               27517

We need more detail on .36

access-list 105 permit tcp host 10.194.41.36 any

debug ip packet 105

terminal monitor (If you are doing this remotely.)

Now you should get more info like port numbers.

no debug all

This was a DOS attack. Now it has been blocked.
Posted by at No comments:
Labels:

Wednesday, February 5, 2014

Please do not reply to this message; it was sent from an unmonitored email address.

Why do businesses send "do not reply" emails? This is so annoying. My Twitter account was hacked. It sure would be nice if I could let them know I did not change the email address.



Hi, jamsignal

You recently changed the email address associated with your Twitter account (@jamsignal).
To confirm your new contact email, please follow the link in the confirmation message sent to that address.
If you did not request this change and believe your Twitter account has been compromised, contact Twitter support by clicking this link:https://support.twitter.com/forms/hacked
The Twitter Team
Posted by at No comments:
Subscribe to: Posts (Atom)