Detection of Exploitation in Cisco Routers..

Using the following set of commands can help forensic analyst to find out any post-exploitation reaction as an evidence.

show version
show clock detail
show running-config
show startup-config
show reload
show ip route
show ip arp
show users
show logging
show ip interface
show interfaces
show tcp brief all
show ip sockets
show ip nat translations verbose
show ip cache flow
show ip cef
show snmp user
show snmp group

These are useful commands for forensics..i hope u enjoyed....
Have a Pleasant Stay..
hAppy hAcking...