Mental Note: Tracking L3 Glean Attacks

Here’s a handy debug command for tracking L3 Glean attacks on IOS based Cisco routers / L3 switches.

From there, you can take the output, paste the contents into a file, then use some Linux foo to determine the attacker.

Supporting documentation: Built-in CPU Sniffer

Share on FacebookTweet about this on TwitterShare on LinkedInShare on RedditEmail this to someone

November 28, 2014

Posted In: cisco, IOS, L3 glean, Layer 3 Switching, network security, Routing Protocols

pyMultiChange – SSH Script Update

I updated the ssh-multi.py script from my pyMultiChange repository. It’s now fully functional and allows you to enter ‘enable’ mode on Cisco routers and switches. As I’m using the paramiko library to interact with routers and switches via SSH, I had to switch from using the ‘exec_command’ API to invoke_shell, send, and recv API’s. It took a little more work – and I’m not completely thrilled with how the ‘recv’ API is implemented in paramiko, but it’s what we have to work with for now.

The pyMuliChange repository is available on my github.

Share on FacebookTweet about this on TwitterShare on LinkedInShare on RedditEmail this to someone

November 26, 2014

Posted In: Cisco Administration Python Scripting, Python Tips, Software Defined Networking