Cisco ASA 5510

brewoz40brewoz40 Member Posts: 57 ■■□□□□□□□□
in CCNP Security
Hey...wandering if there is a way to inspect packets coming in to determine what operating system the packets are coming from. Is this possible with a ASA 5510?
· Share on FacebookShare on Twitter

Comments

  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    Your only hope is CX, but if you are smart just get a Palo Alto and be done with it. : )
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
    · Share on FacebookShare on Twitter
  • brewoz40brewoz40 Member Posts: 57 ■■□□□□□□□□
    So far as i can tell the cx is another cisco device that runs in parrallel with the asa correct?
    · Share on FacebookShare on Twitter
  • SecurityThroughObscuritySecurityThroughObscurity Member Posts: 212 ■■■□□□□□□□
    It can be done by using OS identifications, but you need to have the IPS module for the ASA 5500 series.
    · Share on FacebookShare on Twitter
  • doverdover Member Posts: 184 ■■■■□□□□□□
    You may be looking for something more automated, or real-time, but you can always use the ASA to capture a traffic stream (GUI or CLI), save it as a pcap file and then use p0f (passive OS fingerprint utility) to identify client OS. Or use nmap with the -O switch and target the unknown system(s) for an OS scan.

    * Provided you are in a lab and/or have permission to do so :)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.