2010-11-18

Занимательные факты о cisco waas

  • страничка продукта http://cisco.com/go/waas
  • система куплена вместе с компанием actona
  • на WAE есть tcpdump и wireshark:
WAE1#tcpdump -h
tcpdump version 3.8.1 (jlemon)
libpcap version 0.8
Usage: tcpdump [-aAdDeflLnNOpqRStuUvxX] [-c count] [ -C file_size (kB) ]
[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -w file ] [ -y datalinktype ]
[ -M max_log_files ] [ expression ]
WAE1#tcpdump -D
1.eth0
2.eth2
3.eth4
4.eth5
5.any (Pseudo-device that captures on all interfaces)
6.lo
WAE1#tcpdump -i eth4 -n
tcpdump: WARNING: eth4: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth4, link-type EN10MB (Ethernet), capture size 96 bytes
19:38:30.642777 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39
 0100 0ccc cccd 001e 79c4 e681 8100 e00a
 0032 aaaa 0300 000c 010b 0000 0000 0080
 0000 02fd a7d6 c000 0000 1380 0a00 1e79
 c4e6 8080 0101
19:38:30.834835 00:1e:79:c4:e6:81 > 01:00:0c:cc:cc:cc sap aa ui/C len=35
19:38:31.849711 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39
 0100 0ccc cccd 001e 79c4 e681 8100 e00b
 0032 aaaa 0300 000c 010b 0000 0000 0080
 0b00 1e79 c4e6 8000 0000 0080 0b00 1e79
 c4e6 8080 0100
19:38:32.648268 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39
 0100 0ccc cccd 001e 79c4 e681 8100 e00a
 0032 aaaa 0300 000c 010b 0000 0000 0080
 0000 02fd a7d6 c000 0000 1380 0a00 1e79
 c4e6 8080 0101
19:38:33.492675 

WAE1#tethereal -h
TShark 1.0.0
Dump and analyze network traffic.
See http://www.wireshark.org for more information.

Copyright 1998-2008 Gerald Combs and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Usage: tshark [options] ...

Capture interface:
  -i  interface         name or idx of interface (def: first non-loopback)
  -f filter     packet filter in libpcap filter syntax
  -s snaplen            packet snapshot length (def: 65535)
  -p                       don't capture in promiscuous mode
  -y link-type           link layer type (def: first appropriate)
  -D                       print list of interfaces and exit
  -L                       print list of link-layer types of iface and exit

Capture stop conditions:
  -c packet-count       stop after n packets (def: infinite)
  -a autostop  ...  duration:NUM - stop after NUM seconds
                           filesize:NUM - stop this file after NUM KB
                              files:NUM - stop after NUM files
Capture output:
  -b ringbuffer ... duration:NUM - switch to next file after NUM secs
                           filesize:NUM - switch to next file after NUM KB
                              files:NUM - ringbuffer: replace after NUM files
Input file:
  -r infile             set the filename to read from (no pipes or stdin!)

Processing:
  -R read-filter        packet filter in Wireshark display filter syntax
  -n                        disable all name resolutions (def: all enabled)
  -N name-resolution-flag enable specific name resolution(s): "mntC"
  -d layer-type==selector,decode-as-protocol ...
                           "Decode As", see the man page for details
                           Example: tcp.port==8888,http
Output:
  -w output          set the output filename (or '-' for stdout)
  -C config     start with specified configuration profile
  -F outout-type   set the output file type, default is libpcap
                           an empty "-F" option will list the file types
  -V                       add output of packet tree        (Packet Details)
  -S                       display packets even when writing to a file
  -x                       add output of hex and ASCII dump (Packet Bytes)
  -T pdml|ps|psml|text|fields
                           format of text output (def: text)
  -e field              field to print if -Tfields selected (e.g. tcp.port);
                           this option can be repeated to print multiple fields
  -E option=value set options for output when -Tfields selected:
     header=y|n            switch headers on and off
     separator=/t|/s| select tab, space, printable character as separator
     quote=d|s|n           select double, single, no quotes for values
  -t ad|a|r|d|dd|e         output format of time stamps (def: r: rel. to first)
  -l                       flush standard output after each packet
  -q                       be more quiet on stdout (e.g. when using statistics)
  -X key:value         eXtension options, see the man page for details
  -z stats           various statistics, see the man page for details

Miscellaneous:
  -h                       display this help and exit
  -v                       display version info and exit
  -o option:value ...    override preference setting
WAE1#tethereal -i eth4
Running as user "admin" and group "root". This could be dangerous.
Capturing on eth4
  0.000000 00:1b:53:50:0a:c0 -> 00:1b:53:50:0a:c0 LOOP Reply
  0.643978 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32779/00:1e:79:c4:e6:80  Cost = 0  Port = 0x8001
  1.155038 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32768/00:02:fd:a7:d6:c0  Cost = 19  Port = 0x8001
  1.700815 00:1e:79:c4:e6:81 -> 00:1e:79:c4:e6:81 LOOP Reply
  2.648238 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32779/00:1e:79:c4:e6:80  Cost = 0  Port = 0x8001
  3.152556 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:c6 packets captured


  • на WAE есть grep
WAE1#sh run | in -h
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
WAE1#

  • логин/пароль по умолчанию весьма оригинальны: admin/default

продолжение следует

Немає коментарів: