Cisco ASA 5510

brewoz40brewoz40 Posts: 57Member ■■□□□□□□□□
Hey...wandering if there is a way to inspect packets coming in to determine what operating system the packets are coming from. Is this possible with a ASA 5510?

Comments

  • RouteMyPacketRouteMyPacket Posts: 1,104Member
    Your only hope is CX, but if you are smart just get a Palo Alto and be done with it. : )
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • brewoz40brewoz40 Posts: 57Member ■■□□□□□□□□
    So far as i can tell the cx is another cisco device that runs in parrallel with the asa correct?
  • It can be done by using OS identifications, but you need to have the IPS module for the ASA 5500 series.
  • doverdover Posts: 184Member ■■■■□□□□□□
    You may be looking for something more automated, or real-time, but you can always use the ASA to capture a traffic stream (GUI or CLI), save it as a pcap file and then use p0f (passive OS fingerprint utility) to identify client OS. Or use nmap with the -O switch and target the unknown system(s) for an OS scan.

    * Provided you are in a lab and/or have permission to do so :)
Sign In or Register to comment.