It’s easy to intercept data communication inside linux/unix environment since there are so many tools to help us. We have tcpdump, wireshark, ettercap, dsniff, and still many others. But, can you imagine how to sniff data flows trough router? If our router are Juniper family, then we are lucky enough because Juniper has internal command which works like tcpdump on unix/linux system. For example, we can use this following command to sniff traffic on Juniper interface ge-0/0/0.0
monitor traffic interface ge-1/0/0.0 detail no-resolve
monitor traffic interface ge-1/0/0.0 detail no-resolve print-ascii print-hex
These two commands will work in Juniper like tcpdump in linux/unix below:
tcpdump -nev -i ge-1/0/0.0
tcpdump -nev -X -i ge-1/0/0.0
But remember, ge-1/0/0.0 interface is not known in linux/unix so that’s why you have to change this with Network Interface Card (NIC) in linux/unix. Then, how if our router is not Juniper family? Here, i’ll write my experience in sniffing inside Cisco router which’s known as the most popular router over the world.
