Main Page

<esc></esc>Welcome to '''{WIKITITLE}'''!{BR}

==Cisco IOS Forensics==
===Setup Essentials===

Guide to [IosConfigEvidence|evidence preserving IOS Configurations]
[TrapsAndPitfalls|Traps and Pitfalls] that destroy evidence
<esc></esc>
===Crash Analysis===
Hackers guide to [TheCrashInfo|reading crashinfo]
How to [DisableCrashinfo|disable generating crashinfo file]?
[ExploitDetection|Detection of successful exploitation] using IOS on-board tools

===Crash Analysis using CIR===
Initial crash analysis [UsingCIR|using CIR Professional]
Initial crash analysis [UsingCIRonline|using CIR Online]
Technical details about [InterpretingCIRreports|interpreting CIR reports]
Detections that should be supported in [FutureCIRfeatures|future CIR Releases]

==Cisco IOS Attacks==

===IOS Exploitation===
[ExploitIntro|Introduction to IOS exploitation]
[ExploitCollection|Collection of public IOS exploits]

===IOS Rootkits===
[IosRootkitIntro|Introduction to IOS rootkits]
[IosRootkitHistory|History of IOS rootkits] (what happened and history, credits to past discoveries, etc.)
[ThreatAnalysis|Threat analysis] (who do these threaten, how afraid or not should we be, what can organizations do?){BR}

===Network and Protocol Based Attacks===
[ArpSpoofing|ARP spoofing] - very old but still powerful and in wide use
[IcmpAttacks|ICMP based attacks] you need to be aware of


==General Information==
===Network Management Tools and Security===
[CiscoInformation|IOS on-board and networking tools] to detect mischief 
[http://www.elemental.net/~lf/undoc/|Undocumented IOS command list] for reference
[netstat|The command on IOS same as "netstat -na"]

===Opinions===
[PersonalStatements|Statements and writeups on the topic of IOS 0wnage], feedback and suggestions.


===Additional Resources===
IOS Crash Analysis and Rootkit Wiki

Navigation

Main Page
