=========================================== === Cain's SSH-1 sniffer generated file === =========================================== SSH-1 connection ------------------ Server address: 192.168.1.1 Client address: 192.168.1.14 Identification phase ---------------------- Server ID string: SSH-1.5-Cisco-1.25 Client ID string: SSH-1.5-OpenSSH_3.4p1 Negotiation phase ------------------- Ciphermask from server: 0x4 Supported ciphers: DES, Authmask from server: 0x8 Supported authentications: Password, Session setup phase --------------------- Cookie: 810840239c21da11 Server-side SessionID: 9b3184746c54071009f992446684e9b7 Client-side SessionID: afdbfbc65991d658886bf6d571d3e535 Session Key: 87d08c9e22f891ac62f66a0059def069258bcce2e21a3e6969091edc60f36f46 Client cipher: DES Encrypted state reached ------------------------- [Server] Message type 14 (Command Success) [Client] Message type 4 (Username) Authentication phase ---------------------- Username: pix [Server] Message type 15 (Command Failure) [Client] Message type 9 (Password Authentication) Password: test [Server] Message type 14 (Command Success) [Client] Message type 10 (PTY Request) [Server] Message type 14 (Command Success) [Client] Message type 12 (Shell Session Request) Type help or '?' for a list of available commands. pixfirewall> pixfirewall> eenn Password: t*e*s*t* pixfirewall# sshhooww rruunn : Saved : PIX Version 6.2(2) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password N7FecZuSHJlVZC2P encrypted passwd N7FecZuSHJlVZC2P encrypted hostname pixfirewall domain-name test.lab clock timezone CEST 1 clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00 fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names access-list outside_access_in permit icmp any any access-list inside_access_in permit ip any any pager lines 24 logging trap alerts interface ethernet0 10baset interface ethernet1 10full icmp deny any outside mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute retry 4 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-group outside_access_in in interface outside access-group inside_access_in in interface inside timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community local.net.snmp no snmp-server enable traps floodguard enable sysopt noproxyarp outside sysopt noproxyarp inside no sysopt route dnat crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac telnet 192.168.1.0 255.255.255.0 inside telnet timeout 5 ssh 192.168.1.0 255.255.255.0 inside ssh timeout 5 dhcpd address 192.168.1.2-192.168.1.33 inside dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd domain test.lab dhcpd auto_config outside dhcpd enable inside terminal width 80 Cryptochecksum:64904979a6185a10596856cde6104bb1 : end pixfirewall# eexxiitt Logoff [Server] Message type 20 (Exit status) [Client] Message type 33 (Exit confirmation)