Tuesday, September 19, 2017

Cisco Show Commands

You will learn most information on your Cisco device will easy to gather from simple show commands. Everything from sessions to configs. Also Traffic Statistics for errors, or DDoS Attacks. 

Example
ciscoasa# show traffic
OUTSIDE:
        received (in 2395890.690 secs):
                317946819 packets       315525385708 bytes
                0 pkts/sec      131000 bytes/sec
        transmitted (in 2395890.690 secs):
                280139669 packets       79618073485 bytes
                0 pkts/sec      33001 bytes/sec
      1 minute input rate 218 pkts/sec,  142346 bytes/sec
      1 minute output rate 192 pkts/sec,  45133 bytes/sec
      1 minute drop rate, 7 pkts/sec
      5 minute input rate 164 pkts/sec,  109398 bytes/sec
      5 minute output rate 153 pkts/sec,  35406 bytes/sec
      5 minute drop rate, 6 pkts/sec
INSIDE:
        received (in 2395890.690 secs):
                255240733 packets       76128164260 bytes
                0 pkts/sec      31000 bytes/sec
        transmitted (in 2395890.690 secs):
                294891373 packets       247485048480 bytes
                1 pkts/sec      103001 bytes/sec
      1 minute input rate 196 pkts/sec,  44396 bytes/sec
      1 minute output rate 234 pkts/sec,  142469 bytes/sec
      1 minute drop rate, 5 pkts/sec
      5 minute input rate 158 pkts/sec,  35241 bytes/sec
      5 minute output rate 178 pkts/sec,  110074 bytes/sec
      5 minute drop rate, 4 pkts/sec
DMZ:
        received (in 2395890.690 secs):
                32384633 packets        2955292920 bytes
                0 pkts/sec      1000 bytes/sec
        transmitted (in 2395890.690 secs):
                49137094 packets        65615227653 bytes
                0 pkts/sec      27001 bytes/sec
      1 minute input rate 0 pkts/sec,  82 bytes/sec
      1 minute output rate 0 pkts/sec,  125 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 1 pkts/sec,  435 bytes/sec
      5 minute output rate 1 pkts/sec,  1075 bytes/sec
      5 minute drop rate, 0 pkts/sec
management:
        received (in 2395890.750 secs):
                14277133 packets        946118886 bytes
                0 pkts/sec      0 bytes/sec
        transmitted (in 2395890.750 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 5 pkts/sec,  424 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 6 pkts/sec,  407 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec
----------------------------------------
Aggregated Traffic on Physical Interface
----------------------------------------
GigabitEthernet0/0:
        received (in 2395890.790 secs):
                318032181 packets       321511281805 bytes
                0 pkts/sec      134000 bytes/sec
        transmitted (in 2395890.790 secs):
                280139730 packets       85167104894 bytes
                0 pkts/sec      35000 bytes/sec
      1 minute input rate 218 pkts/sec,  146592 bytes/sec
      1 minute output rate 192 pkts/sec,  49034 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 164 pkts/sec,  112593 bytes/sec
      5 minute output rate 153 pkts/sec,  38521 bytes/sec
      5 minute drop rate, 0 pkts/sec
GigabitEthernet0/1:
        received (in 2395890.810 secs):
                255241934 packets       81218647412 bytes
                0 pkts/sec      33001 bytes/sec
        transmitted (in 2395890.810 secs):
                294891391 packets       253102758608 bytes
                1 pkts/sec      105000 bytes/sec
      1 minute input rate 196 pkts/sec,  48364 bytes/sec
      1 minute output rate 234 pkts/sec,  146984 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 158 pkts/sec,  38456 bytes/sec
      5 minute output rate 178 pkts/sec,  113510 bytes/sec
      5 minute drop rate, 0 pkts/sec
GigabitEthernet0/2:
        received (in 2395890.850 secs):
                32384636 packets        3547413050 bytes
                0 pkts/sec      1000 bytes/sec
        transmitted (in 2395890.850 secs):
                49137094 packets        66502670016 bytes
                0 pkts/sec      27000 bytes/sec
      1 minute input rate 0 pkts/sec,  98 bytes/sec
      1 minute output rate 0 pkts/sec,  138 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 1 pkts/sec,  470 bytes/sec
      5 minute output rate 1 pkts/sec,  1108 bytes/sec
      5 minute drop rate, 0 pkts/sec
GigabitEthernet0/3:
        received (in 2395890.860 secs):
                14278281 packets        1203253101 bytes
                0 pkts/sec      0 bytes/sec
        transmitted (in 2395890.860 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 5 pkts/sec,  531 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 6 pkts/sec,  516 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec
GigabitEthernet0/4:
        received (in 2395890.900 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
        transmitted (in 2395890.900 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 0 pkts/sec,  0 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 0 pkts/sec,  0 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec
GigabitEthernet0/5:
        received (in 2395890.910 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
        transmitted (in 2395890.910 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 0 pkts/sec,  0 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 0 pkts/sec,  0 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec
Internal-Control0/0:
        received (in 2395890.950 secs):
                4813061 packets 348829320 bytes
                0 pkts/sec      0 bytes/sec
        transmitted (in 2395890.950 secs):
                5452144 packets 383499485 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 2 pkts/sec,  146 bytes/sec
      1 minute output rate 2 pkts/sec,  160 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 2 pkts/sec,  145 bytes/sec
      5 minute output rate 2 pkts/sec,  160 bytes/sec
      5 minute drop rate, 0 pkts/sec
Internal-Data0/0:
        received (in 2395890.960 secs):
                21248059 packets        1966209991 bytes
                1 pkts/sec      1 bytes/sec
        transmitted (in 2395890.960 secs):
                6170575 packets 958796353 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 8 pkts/sec,  850 bytes/sec
      1 minute output rate 2 pkts/sec,  402 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 8 pkts/sec,  836 bytes/sec
      5 minute output rate 2 pkts/sec,  403 bytes/sec
      5 minute drop rate, 0 pkts/sec
Internal-Data0/1:
        received (in 2395890.990 secs):
                603754038 packets       429853468179 bytes
                1 pkts/sec      179000 bytes/sec
        transmitted (in 2395890.990 secs):
                603754038 packets       429853468179 bytes
                1 pkts/sec      179000 bytes/sec
      1 minute input rate 397 pkts/sec,  209501 bytes/sec
      1 minute output rate 397 pkts/sec,  209501 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 313 pkts/sec,  164474 bytes/sec
      5 minute output rate 313 pkts/sec,  164474 bytes/sec
      5 minute drop rate, 0 pkts/sec
Internal-Data0/2:
        received (in 2395891.020 secs):
                6170575 packets 918208209 bytes
                0 pkts/sec      1 bytes/sec
        transmitted (in 2395891.020 secs):
                21248059 packets        1881217957 bytes
                1 pkts/sec      0 bytes/sec
      1 minute input rate 2 pkts/sec,  385 bytes/sec
      1 minute output rate 8 pkts/sec,  815 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 2 pkts/sec,  386 bytes/sec
      5 minute output rate 8 pkts/sec,  800 bytes/sec
      5 minute drop rate, 0 pkts/sec
Management0/0:
        received (in 2395891.040 secs):
                14278311 packets        1146069880 bytes
                0 pkts/sec      1 bytes/sec
        transmitted (in 2395891.040 secs):
                0 packets       0 bytes
                0 pkts/sec      0 bytes/sec
      1 minute input rate 5 pkts/sec,  507 bytes/sec
      1 minute output rate 0 pkts/sec,  0 bytes/sec
      1 minute drop rate, 0 pkts/sec
      5 minute input rate 6 pkts/sec,  492 bytes/sec
      5 minute output rate 0 pkts/sec,  0 bytes/sec
      5 minute drop rate, 0 pkts/sec
If you have a upgraded device with the security services you can even look at possible attacks against your network.  Such as;

ciscoasa# show threat-detection scanning-threat

and 

ciscoasa# show threat-detection statistics
Host:cicsoasa: tot-ses:30722 act-ses:5 fw-drop:0 insp-drop:0 null-ses:8 bad-acc:0
  1-hour Sent byte:                423             241       0           1523092
  1-hour Sent pkts:                  2               1       0              9023
  1-hour Recv byte:                  1               0       0              3632
  1-hour Recv pkts:                  0               0       0                48

Top 10 protected servers under attack (sorted by average rate)
Monitoring window size: 30 mins    Sampling interval: 30 secs

1    192.168.0.1:443 DMZ 0 0 39 172.16.42.6 (21 secs ago)

No comments:

Post a Comment

Comments are Welcome.