Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6267
Views
0
Helpful
2
Replies

ACS 5.1 tcpdump tech dumptcp 'feature'

Go to solution
lanstreamer
Level 1
Level 1

‎08-25-2010 03:26 AM - edited ‎03-10-2019 05:21 PM

Hi

I'm just installing ACS 5.1 for the first time and came across the tech dumptcp 'feature'.

This command seems to be almost completely useless for capturing packets at the ACS 5.1 OS!

It's not possible to specify a filter or capture the packets to disk.  The only options that exist are the ability to specify the number of packets that are dumped to the console which rather limits its usefulness, especially if you're SSHed in to ACS 5.1 in the first place.

tech dumptcp 0 count ?
  <1-10000>  Package count

Reading the command reference at http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_app_a.html#wp1039556 made me laugh.  The tech author has demonstrated the command whilst SSHed in and all they've captured to screen are, surprise surprise, the SSH packets from their console session.


So - 2 questions:

1)     Does anyone know of an alternative way within the ACS 5.1 host operating system to capture network packets whilst SSHed in?

2)     Has anyone out there already raised a request with Cisco to enhance the tech dumptcp 'feature' by adding the ability to filter packets and capture to disk?

Thanks very much.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jrabinow
Level 7
Level 7

‎08-25-2010 01:01 PM

There is an enhancement CDETS open:

CSCtd13775: ACS5 and TCPDump/Sniffer functionality

View solution in original post

0 Helpful
2 Replies 2

Go to solution
jrabinow
Level 7
Level 7

‎08-25-2010 01:01 PM

There is an enhancement CDETS open:

CSCtd13775: ACS5 and TCPDump/Sniffer functionality

0 Helpful

Go to solution
lanstreamer
Level 1
Level 1
In response to jrabinow

‎08-31-2010 09:57 AM

Thanks very much for this answer.  I did search the bug navigator for enhancement requests to 5.1 but must have forgotten to search for any that were already open for 5.0.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents