|
Cisco Cisco is bar far the market
leading in manufacturing and supply of networking equipment. This includes
routers, bridges, frame switches and ATM switches, dial-up access servers and
network management software. Some of Cisco's products have become the de
facto standards. Hopefully the information contained in here will help you
work your way around some of there products and provide you with a list and how-to's
for using a number of freeware tools that are available out there for
Vulnerability Analysis and Penetration Testing.
Hacking Cisco Networks Exposed
is a great book, providing a wealth of information. A number of tools are
listed inside including:
Another tool that can be used
is
p0f. Hopefully the following précis
of command syntax can help you navigate your way around any Cisco routers and
switches you come across. Cisco Router Configuration
Commands:
|
Set a console password to cisco |
Router(config)#line con 0
Router(config-line)#login
Router(config-line)#password cisco |
|
Set the telnet password to cisco |
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password cisco |
|
Stop console timing out |
Router(config)#line con 0
Router(config-line)#exec-timeout 0 0 |
|
Set the enable password to [ANOTHER]. |
Router(config)#enable password [ANOTHER] |
|
Set the enable
secret password to [ANOTHER].
This will
override the enable password and will be stored encypted within the config
file |
Router(config)#enable secret
[ANOTHER] |
|
Enable an interface |
Router(config-if)#no shutdown |
|
To disable an interface |
Router(config-if)#shutdown |
|
To add an IP address to a interface |
Router(config-if)#ip addr 10.1.1.1
255.255.255.0 |
|
To enable RIP on all 192.168.x.y interfaces |
Router(config)#router rip
Router(config-router)#network 192.168.0.0 |
|
Disable RIP |
Router(config)#no router rip |
|
To enable IRGP with a AS of 200, to all interfaces |
Router(config)#router igrp 200
Router(config-router)#network 192.168.0.0 |
|
Disable IGRP |
Router(config)#no router igrp 200 |
|
Static route the remote network is 192.168.1.0, with a
mask of 255.255.255.0, the next hop is 192.168.2.1, at a cost of 3 hops |
Router(config)#ip route 192.168.1.0
255.255.255.0 192.168.2.1 3 |
|
Disable CDP for the whole router |
Router(config)#no cdp run |
|
Enable CDP for he whole router |
Router(config)#cdp run |
|
Disable CDP on an interface |
Router(config-if)#no cdp enable |
Cisco Router Show Commands
|
View version information |
show version |
|
View current configuration (DRAM) |
show running-config |
|
View startup configuration (NVRAM) |
show startup-config |
|
Show IOS file and flash space |
show flash |
|
Shows all logs that the router has in its memory |
show log |
|
View the interface status of interface e0 |
show interface e0 |
|
Overview all interfaces on the router |
show ip interfaces brief |
|
Display current routing protocols |
show ip protocols |
|
Display IP routing table |
show ip route |
|
Display access lists |
show access-lists |
Cisco Router Basic Operations
|
Enable |
Enter privileged mode |
|
Return to user mode from privileged |
disable |
|
Exit Router |
Logout or exit or quit |
|
Recall last command |
up arrow or <Ctrl-P> |
|
Recall next command |
down arrow or <Ctrl-N> |
|
Suspend or abort |
<Shift> and <Ctrl> and 6 then x |
|
Refresh screen output |
<Ctrl-R> |
|
Complete Command |
TAB |
Cisco Router Show Commands
|
Save the current configuration from DRAM to NVRAM |
copy running-config startup-config |
|
Merge NVRAM configuration to DRAM |
copy startup-config running-config |
|
Copy DRAM configuration to a TFTP server |
copy runing-config tftp |
|
Merge TFTP configuration with current router
configuration held in DRAM |
copy tftp runing-config |
|
Backup the IOS onto a TFTP server |
copy flash tftp |
|
Upgrade the router IOS from a TFTP server |
copy tftp flash |
| 
