What is the Difference between capturing traffic creating a Dummy ACL and running a TCP dump? And how do i create a TCP dump? Iam running a Cisco PIX Firewall Version 6.1(5).
A logging acl will provide very limited info about the flow and nothing about the payload. TCP dumping is used by all traffic sniffing technologies to examine this information. AFAIK there is no way to do a tcpdump-like action on your version of PIX software, but on PIX/ASA 7.x the new "capture" command was introduced and provides many powerful ways of doing an "on box" packet trace.
