Telnet Password• Line vty 0 ?• Password 5678• login
Secure Shell1. set your hostname: hostname ccna2. Set domain name: ip domain-name ccna.com3. Set username: username haitham password 56784. Generate encryption key: crypto key generate rsa general-keys modulus 10245. Ssh version 26. Line vty 0 ?7. Transport input ssh telnet
Encrypting Passwords• Show running-config• Service password-encryption• No service password-encryption
Descriptions• Conf t• Interface• Description bla bla bla• Do show run – What does do mean?
Router Interfaces• Move through interfaces• Move from interface to another
Bringing Up an Interface• Conf t• Interface ?• No shutdown• Ip address # #
Using the pipe |• Pipe means: Output Modifier• Show run | begin interface• Show ip route | include #
Serial Interface Commands• DCE vs. DTE ‘find the clock symbol’• Add clocking to DCE only – Does it really matter?• Conf t• Int serial ?• Clock rate ?• Show controllers – Command that shows DCE connection
Viewing, Saving, and Erasing Configurations• Show running-config• Show startup-config• Copy running-config startup-config• Erase start-up config• Reload – Take care • Erase running-config
Verifying Settings• Ping #destination-ip• Ping – Called: extended ping• Traceroute #destination-ip – No map this time • telnet #destination-ip• Show interface #interface-id• Show ip interface• Show ip interface brief• Show protocols• Show controllers #serial-id
Internal Components• Bootstrap: – Stored in ROM, used to bring router up during initialization. Boot the router, load the IOS.• POST: – Stored in ROM, used to check the basic functionality of the router hardware and determines which interfaces are present
Internal Components• RAM: – Hold packet buffers, ARP cache, routing tables, running-config, most routers expand IOS from flash to RAM on boot• ROM: – Start and maintain the router. Hold Boot Strap, and POST• Flash Memory: – Store CISCO IOS by default. It is not erased when router is reloaded.
Internal Components• NVRAM: – Hold the router and switch configuration. Not erased when device is reloaded. Does not store IOS. Configuration Register is stored in NVRAM.• Configuration Register – Control how the router boots up. This value can be found as the last line in #show version. Default: 0x2102 -> load IOS from flash and load configuration from NVRAM
Changing Configuration Register Value• Main Reasons: – Force system into the ROM monitor mode – Select boot source – Enable or disable Break function – Control Broadcast addresses – Set console terminal baud rate – Load OS from ROM – Enable booting from TFTP
Important• Don’t try this on real device… – Unless you have to!
• Router(config)#config-register 0x2101• Show version• Show flash• Config-register 0x2102• Reload• Now What?
Recovering Passwords• The default configuration register value is 0x2102, meaning that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6. Doing this will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0x2142.
main steps to password recovery1. Boot the router and interrupt the boot sequence byperforming a break, which will take the router into ROMmonitor mode.2. Change the configuration register to turn on bit 6 (with thevalue 0x2142).3. Reload the router.4. Enter privileged mode.5. Copy the startup-config file to running-config.6. Change the password.7. Reset the configuration register to the default value.8. Save the router configuration.9. Reload the router (optional).
1. Break the Boot Sequence• Ctrl + Break• While loading!• Rommon: Rom Monitor Mode