思科路由器与交换机配置及密码破解详解(全面)课件

路由器原理与基本概念路由器路由器---互连网络的枢纽路由器工作在最低三层协议中，其中最高层为网络层，如TCP/IP的IP层或SPX/IPX的IPX层。关键地位是因为它处于网络层，路由器具有很强的异种网互联能力，互联的两个物理网络其最低二层协议可互不相同，通过路由器第三层得到统一CISCO路由器均是多协议路由器，能同时支持多种不同的网络层协议(IP、IPX、APPLETALK)，并可以“使能”或“禁止”某些特定协议。路由器内部结构ConsoleAuxiliaryInterfacesRAMNVRAMFlashROM路由器基本功能作用（二）路由器的另一个基本功把数据(IP报文)传送到正确的网络。IP数据报的转发，包括数据报的寻径和传送。子网隔离，抑制广播风暴。维护路由表，并与其它路由器交换路由信息，这是IP报文转发的基础。IP数据报的差错处理及简单的拥塞控制。实现对IP数据报表的过滤、记帐网络层的作用：决定路径

第三层的作用是在网络中找出最优路径WhichPath?网络地址、主机地址

网络地址：供路由器用主机地址：标识各个主机1.21.3NetworkHost11232131路由器的结构发展1图1.1第一代路由器：共享存储路由器路由器的结构发展2图1.2第二代路由器：共享总线路由器路由器的结构发展3图1.3具有交换网络的第三代路由器配置路由器的途径ConsolePortAuxiliaryPortInterfacesVirtualTerminalsVTY04TNetworkManagementStation路由器配置模式特权模式Detailedexaminationofrouter.

Debuggingandtesting.File

manipulation.Remoteaccess.Router#Router>用户模式Limitedexaminationof

router.Remoteaccess.UsediftheoperatingsystemdoesnotexistinFlashorthebootsequencewasinterruptedduringstartup.ROM监测模式>orrommon>Prompteddialogusedtoestablish

aninitialconfiguration.设置模式RXBoot模式BoothelpersoftwarewhichhelpstherouterbootwhenitcannotfindavalidCiscoIOSimageinFlashmemory.Router<boot>Complexandmultilineconfigurations.其他配置模式Router(config-mode)#Router(config)#Commandsthataffectthesystemasawhole.全局配置模式登录到路由器上Router>Router>enablePassword:Router#Router#exitRouter>Router>logoutConsoleRoutercon0isnowavailablePressRETURNtogetstarted.UsermodepromptPrivilegedmodeprompt查看路由器状态的命令RAMInternetworkOperatingSystemProgramsTables

and

BuffersDynamicConfigurationInformationNVRAMFlashBackupConfigurationFileOperating

SystemsInterfacesRouter#showstartup-configRouter#showrunning-configRouter#showprocessesCPURouter#showprotocolsRouter#showflashRouter#showmemRouter#showiprouteRouter#showversionRouter#showinterface使用showiproute命令Lookuptheroutetablerouter>shiprouteCodes:C-connected,S-static,I-IGRP,R-RIP,M-mobile,B-BGPD-EIGRP,EX-EIGRPexternal,O-OSPF,IA-OSPFinterareaN1-OSPFNSSAexternaltype1,N2-OSPFNSSAexternaltype2E1-OSPFexternaltype1,E2-OSPFexternaltype2,E-EGPi-IS-IS,L1-IS-ISlevel-1,L2-IS-ISlevel-2,ia-IS-ISinterarea*-candidatedefault,U-per-userstaticrouteo-ODRGatewayoflastresortis31tonetworkB/24[200/70]via54,13:26:07OE1/24[110/24]via31,00:03:02,FastEthernet4/1[110/24]via33,00:03:02,FastEthernet4/1OE1/25[110/23]via31,00:03:02,FastEthernet4/1[110/23]via33,00:03:02,FastEthernet4/1使用CDP协议在CiscoIOS10.3或以上的IOS版本包括Cisco交换机及集线器提供的信息包括:设备名称地址物理端口设备功能硬件型号CDPshowcdpCDPCDP使用ping和trace命令TestconnectivityandpathtoaremotedeviceRouter##ping0

Typeescapesequencetoabort.Sending5,100-byteICMPEchosto0,timeoutis2seconds:!!!!!Successrateis100percent(5/5),round-tripmin/avg/max=4/4/4msRouter#trace0

Typeescapesequencetoabort.Tracingtherouteto0104msec4msec4msecRouter#加载配置文件ConsoleorTerminalRAMTNVRAMconfigureterminalcopystartup-configrunning-configcopytcopytftpstartup-config配置口令密码Router(config)#lineconsole0Router(config-line)#loginRouter(config-line)#passwordciscoConsolePasswordVirtualTerminalPasswordRouter(config)#linevty04Router(config-line)#loginRouter(config-line)#passwordsanjoseEnablePasswordRouter(config)#enablepasswordciscoSecretPasswordRouter(config)#enablesecretsanfran

观察接口Router#showinterfaceserial1Serial1isup,lineprotocolisupHardwareiscxBusSerialDescription:56KbLineSanJose-MP::::::::::::::::::::Operational..................ConnectionProblem...InterfaceProblem........Disabled......................Serial1isup,lineprotocolisupSerial1isup,lineprotocolisdownSerial1isdown,lineprotocolisdownSerial1isadministrativelydown,lineprotocolisdownKeepalivesCarrierDetect关闭接口Router#configuretermRouter(config)#interfaceserial1Router(config-if)#shutdown%LINEPROTO-5-UPDOWN:LineProtocolonInterfaceSerial1,changedstatetodown%LINK-5-CHANGED:InterfaceSerial,changedstatetoadministrativelydownRouter#configuretermRouter(config)#interfaceserial1Router(config-if)#noshutdown%LINK-3-UPTOWN:InterfaceSerial,changedstatetoup%LINEPROTO-5-UPDOWN:LineProtocolonInterfaceSerial1,%changedstatetoup路由器启动顺序路由器加电/启动顺序加电自检(POST)加载并运行启动引导微代码寻找IOS映象文件加载IOS映象文件寻找配置文件加载配置文件正常运行路由器内部组件RAM配置寄存器ROMFlashNVRAM端口ROM功能ROM存放完成基本功能的微代码BootstrapMiniIOSROM

monitorPOSTshowversion控制台确认当前的配置寄存器值wg_ro_a#showversionCiscoInternetworkOperatingSystemSoftwareIOS(tm)2500Software(C2500-JS-L),Version12.0(3),RELEASESOFTWARE(fc1)Copyright(c)1986-1999byciscoSystems,Inc.CompiledMon08-Feb-9918:18byphanguyeImagetext-base:0x03050C84,data-base:0x00001000ROM:SystemBootstrap,Version11.0(10c),SOFTWAREBOOTFLASH:3000BootstrapSoftware(IGS-BOOT-R),Version11.0(10c),RELEASESOFTWARE(fc1)wg_ro_auptimeis20minutesSystemrestartedbyreloadSystemimage"flash:c2500-js-l_120-3.bin"--More--Configurationregisteris0x2102

用命令showversion所显示的配置寄存器值设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x0含义进入ROMmonitor模式(人工启动时用b命令)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x00x1含义进入ROMmonitor模式(人工启动时用b命令)自动从ROM启动(提供完整IOS的一个子集)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

配置寄存器的3,2,1和0位是启动选项位用命令showversion来检查配置寄存器的值设定配置寄存器的值配置寄存器启动选项部分的值0x00x2to0xF0x1含义进入ROMmonitor模式(人工启动时用b命令)Rommon>检查NVRAM之bootsystem命令(如果路由器配有Flash则缺省值为0x2)自动从ROM启动(提供完整IOS的一个子集)Router(boot)>Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

寻找IOS映象文件Flashshowversionshowstartup-configIOS搜索顺序:1.检查配置寄存器2.解析NVRAM中的配置文件3.缺省是使用Flash中的第一个文件4.尝试从网络启动5.RXBOOT6.ROMMON控制台配置寄存器NVRAM从Flash加载IOS映象文件FlashIOSIOSshowflashFlash中的映象文件解压缩到RAM中控制台RAM使用showflash命令wg_ro_a#shflash

Systemflashdirectory:FileLengthName/status110084696c2500-js-l_120-3.bin[10084760bytesused,6692456available,16777216total]16384KbytesofprocessorboardSystemflash(ReadONLY)

加载配置文件控制台IOSSetuputilityshowstartup-configshowrunning-config从NVRAM中加载并运行配置文件如果NVRAM中没有配置文件,进入setup模式ConfigConfigRAMNVRAM使用showrunning和showstartup命令wg_ro_c#showstartup-configUsing1359outof32762bytes!version12.0! --More--wg_ro_c#showrunning-configBuildingconfiguration...

Currentconfiguration:

!

version12.0! --More--存在NVRAM中存在RAM中显示当前运行的和保存的配置情况CISCO交换机基本操作XX公司网络知识培训系统启动例程会初始化交换机初始启动利用缺省配置参数1.启动前确认正确连接线缆和控制线2.接入电源3.观察启动顺序面板上的指示灯LEDsCiscoIOS输出到控制台上的内容交换机的初始启动检查交换机指示灯(LEDs)交换机自检期间的端口指示灯1.启动时，所有端口指示灯变绿.2.每个端口自检完毕，对应的指示灯熄灭.3.如果端口自检失败,对应指示灯呈黄色.4.如果有任何自检失败情况，系统指示灯呈现黄色.5.如果没有自检失败,自检过程完成.6.随着自检过程的完成,指示灯闪亮后熄灭.交换机初次启动时的显示信息控制台连接ciscoWS-C2924-XL(PowerPC403GA)processor(revision0x11)with8192K/1024Kbytesofmemory.ProcessorboardIDFAB0432U1D2,withhardwarerevision0x01Lastresetfromwarm-resetProcessorisrunningEnterpriseEditionSoftwareClustercommandswitchcapableClustermemberswitchcapable24FastEthernet/IEEE802.3interface(s)32Kbytesofflash-simulatednon-volatileconfigurationmemory.BaseethernetMACAddress:00:02:FD:70:FF:40Motherboardassemblynumber:73-3382-08Powersupplypartnumber:34-0834-01Motherboardserialnumber:FAB0430439FPowersupplyserialnumber:DAB04202AJFModelrevisionnumber:A0Motherboardrevisionnumber:B0Modelnumber:WS-C2924-XL-ENSystemserialnumber:FAB0432U1D2PressRETURNtogetstarted!控制台登入交换机并键入特权模式密码>>enableEnterpassword:##disable>quit用户模式提示特权模式提示Switch#showinterfacesSwitch#showversion显示交换机初始启动的状态Switch#showrunning-config显示交换机的各种运行状态Eccom#showversionCiscoInternetworkOperatingSystemSoftwareIOS(tm)C2900XLSoftware(C2900XL-C3H2S-M),Version12.0(5.2)XU,MAINTENANCEINTERIMSOFTWARECopyright(c)1986-2000byciscoSystems,Inc.CompiledMon17-Jul-0017:35byayounesImagetext-base:0x00003000,data-base:0x00301F3CROM:BootstrapprogramisC2900XLbootloaderSwitchuptimeis4minutesSystemreturnedtoROMbyreloadSystemimage"flash:c2900XL-c3h2s-mz-120.5.2-XU.bin"ciscoWS-C2924-XL(PowerPC403GA)processor(revision0x11)with8192K/1024Kbytesofmemory.ProcessorboardIDFAB0432U1D2,withhardwarerevision0x01Lastresetfromwarm-resetProcessorisrunningEnterpriseEditionSoftwareClustercommandswitchcapableClustermemberswitchcapable24FastEthernet/IEEE802.3interface(s)交换机之showversion命令Eccom#showrunBuildingconfiguration...Currentconfiguration:!hostname"Eccom"!ipaddress3ipdefault-gateway!interfaceEthernet0/1<textomitted>interfaceEthernet0/24!InterfaceEthernet0/25!interfaceFastEthernet0/26!interfaceFastEthernet0/27交换机之showrunning-configuration命令interfaceVLAN1noipdirected-broadcastnoiproute-cache!interfaceVLAN10noipdirected-broadcastnoiproute-cacheshutdown!interfaceVLAN20noipdirected-broadcastnoiproute-cacheshutdown!!linecon0transportinputnonestopbits1linevty04loginlinevty515login!endCatalyst2924Eccom#showinterfacesfastethernet0/1FastEthernet0/1isdown,lineprotocolisdownHardwareisFastEthernet,addressis0002.fd70.ff41(bia0002.fd70.ff41)MTU1500bytes,BW0Kbit,DLY100usec,reliability255/255,txload1/255,rxload1/255EncapsulationARPA,loopbacknotsetKeepalivenotsetAuto-duplex,AutoSpeed,100BaseTX/FXARPtype:ARPA,ARPTimeout04:00:00Lastinputnever,output00:07:14,outputhangneverLastclearingof"showinterface"countersneverQueueingstrategy:fifoOutputqueue0/40,0drops;inputqueue0/75,0drops5minuteinputrate0bits/sec,0packets/sec5minuteoutputrate0bits/sec,0packets/sec1packetsinput,64bytesReceived0broadcasts,0runts,0giants,0throttles0inputerrors,0CRC,0frame,0overrun,0ignored---more---交换机之show

interfaces命令配置模式:全局配置模式Eccom#conftermEccom(config)#端口配置模式Eccom(config)#interfacee0/1Eccom(config-if)#配置交换机配置交换机的各种标识为交换机设置本地标识交换机名(config)#hostnameEccomEccom(config)#Eccom(config-if)#ipaddress{ipaddress}{mask}Eccom(config-if)#ipaddress1配置交换机端口IP地址100baseT端口:自动协商双工模式生成树协议:开启控制台密码:无Catalyst2900系列的缺省配置查看MAC地址表Eccom#showmac-address-tableEccom#shmac-address-tableNumberofpermanentaddresses:0Numberofrestrictedstaticaddresses:0Numberofdynamicaddresses:6Address DestInterface TypeSourceInterfaceList-------------------------------------------------------------------------------------------------00E0.1E5D.AE2FEthernet0/2 DynamicAll00D0.588F.B604FastEthernet0/26 DynamicAll00E0.1E5D.AE2BFastEthernet0/26 DynamicAll0090.273B.87A4FastEthernet0/26 DynamicAll00D0.588F.B600FastEthernet0/26 DynamicAll00D0.5892.38C4FastEthernet0/27 DynamicAllEccom#showmac-address-table查看MAC地址表copynvramtftpEccom#将配置文件发送到一个TFTP服务器:备份配置文件copytcopynvramtftpEccom#将配置文件发送到一个TFTP服务器:Eccom#从一个TFTP服务器下载配置文件:管理配置文件copytEccom#copynvramtftpConfigurationuploadissuccessfullycompletedEccom#copytftpnvramTdownloadedconfigurationfilecopynvramtftpEccom#Eccom#将配置文件发送到一个TFTP服务器:从一个TFTP服务器下载配置文件:管理配置文件CISOCR/S设备基本配置OverviewofRouterModesSavingConfigurationsCopiesthecurrentconfigurationtoNVRAMRouterX#RouterX#copyrunning-configstartup-configDestination[startup-config]?Buildingconfiguration…RourterX#ConfiguringRouterIdentificationConsole-LineCommandsRouterX(config)#lineconsole0RouterX(config-line)#exec-timeout2030RouterX(config)#lineconsole0RouterX(config-line)#loggingsynchronousModifiesconsolesessiontimeoutRedisplaysinterruptedconsoleinputRouterX(config)#interfacetypenumberRouterX(config-if)#typeincludesserial,ethernet,tokenring,fddi,hssi,loopback,dialer,null,async,atm,bri,tunnel,andsoonnumberisusedtoidentifyindividualinterfacesRouterX(config-if)#exitQuitsfromcurrentinterfaceconfigurationmodeRouterX(config)#interfacetypeslot/portRouterX(config-if)#Formodularrouters,selectsaninterfaceConfiguringanInterfaceRouterX(config-if)#descriptionstring

stringisacommentoradescriptiontohelpyourememberwhatisattachedtothisinterface.Themaximumnumberofcharactersforthestringargumentis238.ConfiguringanInterfaceDescriptionRouterX#configureterminalRouterX(config)#interfaceserial0

RouterX(config-if)#noshutdown%LINK-3-UPDOWN:InterfaceSerial0,changedstatetoup%LINEPROTO-5-UPDOWN:LineProtocolonInterfaceSerial0,changedstatetoupEnablesaninterfacethatisadministrativelyshutdownRouterX#configureterminalRouterX(config)#interfaceserial0

RouterX(config-if)#shutdown%LINK-5-CHANGED:InterfaceSerial0,changedstatetoadministrativelydown%LINEPROTO-5-UPDOWN:LineprotocolonInterfaceSerial0,changedstatetodownAdministrativelyturnsoffaninterfaceDisablingorEnablinganInterfaceUniqueaddressingallowscommunication

betweenendstationsPathchoiceisbasedondestinationaddressConfiguringIPAddressesRoutershowinterfacesCommandRouterX#showinterfacesEthernet0isup,lineprotocolisupHardwareisLance,addressis00e0.1e5d.ae2f(bia00e0.1e5d.ae2f)Internetaddressis1/24MTU1500bytes,BW10000Kbit,DLY1000usec,rely255/255,load1/255EncapsulationARPA,loopbacknotset,keepaliveset(10sec)ARPtype:ARPA,ARPTimeout04:00:00Lastinput00:00:07,output00:00:08,outputhangneverLastclearingof"showinterface"countersneverQueueingstrategy:fifoOutputqueue0/40,0drops;inputqueue0/75,0drops5minuteinputrate0bits/sec,0packets/sec5minuteoutputrate0bits/sec,0packets/sec81833packetsinput,27556491bytes,0nobufferReceived42308broadcasts,0runts,0giants,0throttles1inputerrors,0CRC,0frame,0overrun,1ignored,0abort0inputpacketswithdribbleconditiondetected55794packetsoutput,3929696bytes,0underruns0outputerrors,0collisions,1interfaceresets0babbles,0latecollision,4deferred0lostcarrier,0nocarrier0outputbufferfailures,0outputbufferssoutInterpretingtheInterfaceStatusVerifyingaSerialInterfaceConfigurationUsingTelnettoConnecttoRemoteDevicesViewingTelnetConnectionsViewingSSHConnectionsRouterB#showssh

Connection

Version

Encryption

State

Username0

1.5

3DES

SessionStarted

guestSuspendingandResumingaTelnetSessionClosingaTelnetSession设备密码破解路由器启动顺序路由器加电/启动顺序加电自检(POST)加载并运行启动引导微代码寻找IOS映象文件加载IOS映象文件寻找配置文件加载配置文件正常运行路由器内部组件RAM配置寄存器ROMFlashNVRAM端口ROM功能ROM存放完成基本功能的微代码BootstrapMiniIOSROM

monitorPOSTshowversion控制台确认当前的配置寄存器值wg_ro_a#showversionCiscoInternetworkOperatingSystemSoftwareIOS(tm)2500Software(C2500-JS-L),Version12.0(3),RELEASESOFTWARE(fc1)Copyright(c)1986-1999byciscoSystems,Inc.CompiledMon08-Feb-9918:18byphanguyeImagetext-base:0x03050C84,data-base:0x00001000ROM:SystemBootstrap,Version11.0(10c),SOFTWAREBOOTFLASH:3000BootstrapSoftware(IGS-BOOT-R),Version11.0(10c),RELEASESOFTWARE(fc1)wg_ro_auptimeis20minutesSystemrestartedbyreloadSystemimage"flash:c2500-js-l_120-3.bin"--More--Configurationregisteris0x2102

用命令showversion所显示的配置寄存器值设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x0含义进入ROMmonitor模式(人工启动时用b命令)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x00x1含义进入ROMmonitor模式(人工启动时用b命令)自动从ROM启动(提供完整IOS的一个子集)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

配置寄存器的3,2,1和0位是启动选项位用命令showversion来检查配置寄存器的值设定配置寄存器的值配置寄存器启动选项部分的值0x00x2to0xF0x1含义进入ROMmonitor模式(人工启动时用b命令)Rommon>检查NVRAM之bootsystem命令(如果路由器配有Flash则缺省值为0x2)自动从ROM启动(提供完整IOS的一个子集)Router(boot)>Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

寻找IOS映象文件Flashshowversionshowstartup-configIOS搜索顺序:1.检查配置寄存器2.解析NVRAM中的配置文件3.缺省是使用Flash中的第一个文件4.尝试从网络启动5.RXBOOT6.ROMMON控制台配置寄存器NVRAM从Flash加载IOS映象文件FlashIOSIOSshowflashFlash中的映象文件解压缩到RAM中控制台RAM使用showflash命令wg_ro_a#shflash

Systemflashdirectory:FileLengthName/status110084696c2500-js-l_120-3.bin[10084760bytesused,6692456available,16777216total]16384KbytesofprocessorboardSystemflash(ReadONLY)

加载配置文件控制台IOSSetuputilityshowstartup-configshowrunning-config从NVRAM中加载并运行配置文件如果NVRAM中没有配置文件,进入setup模式ConfigConfigRAMNVRAM使用showrunning和showstartup命令wg_ro_c#showstartup-configUsing1359outof32762bytes!version12.0! --More--wg_ro_c#showrunning-configBuildingconfiguration...

Currentconfiguration:

!

version12.0! --More--存在NVRAM中存在RAM中显示当前运行的和保存的配置情况路由器密码破解路由器加电/启动顺序加电自检(POST)加载并运行启动引导微代码寻找IOS映象文件加载IOS映象文件寻找配置文件加载配置文件正常运行路由器内部组件RAM配置寄存器ROMFlashNVRAM端口ROM功能ROM存放完成基本功能的微代码BootstrapMiniIOSROM

monitorPOSTshowversion控制台确认当前的配置寄存器值wg_ro_a#showversionCiscoInternetworkOperatingSystemSoftwareIOS(tm)2500Software(C2500-JS-L),Version12.0(3),RELEASESOFTWARE(fc1)Copyright(c)1986-1999byciscoSystems,Inc.CompiledMon08-Feb-9918:18byphanguyeImagetext-base:0x03050C84,data-base:0x00001000ROM:SystemBootstrap,Version11.0(10c),SOFTWAREBOOTFLASH:3000BootstrapSoftware(IGS-BOOT-R),Version11.0(10c),RELEASESOFTWARE(fc1)wg_ro_auptimeis20minutesSystemrestartedbyreloadSystemimage"flash:c2500-js-l_120-3.bin"--More--Configurationregisteris0x2102

用命令showversion所显示的配置寄存器值设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x0含义进入ROMmonitor模式(人工启动时用b命令)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

设定配置寄存器的值配置寄存器的3,2,1和0位是启动选项位配置寄存器启动选项部分的值0x00x1含义进入ROMmonitor模式(人工启动时用b命令)自动从ROM启动(提供完整IOS的一个子集)Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

配置寄存器的3,2,1和0位是启动选项位用命令showversion来检查配置寄存器的值设定配置寄存器的值配置寄存器启动选项部分的值0x00x2to0xF0x1含义进入ROMmonitor模式(人工启动时用b命令)Rommon>检查NVRAM之bootsystem命令(如果路由器配有Flash则缺省值为0x2)自动从ROM启动(提供完整IOS的一个子集)Router(boot)>Router#configureterminalRouter(config)#config-register0x2102[Ctrl-Z]Router#reload

寻找IOS映象文件Flashshowversionshowstartup-configIOS搜索顺序:1.检查配置寄存器2.解析NVRAM中的配置文件3.缺省是使用Flash中的第一个文件4.尝试从网络启动5.RXBOOT6.ROMMON控制台配置寄存器NVRAM从Flash加载IOS映象文件FlashIOSIOSshowflashFlash中的映象文件解压缩到RAM中控制台RAM使用showflash命令wg_ro_a#shflash

Systemflashdirectory:FileLengthName/status110084696c2500-js-l_120-3.bin[10084760bytesused,6692456available,16777216total]16384KbytesofprocessorboardSystemflash(ReadONLY)

加载配置文件控制台IOSSetuputilityshowstartup-configshowrunning-config从NVRAM中加载并运行配置文件如果NVRAM中没有配置文件,进入setup模式ConfigConfigRAMNVRAM使用showrunning和showstartup命令wg_ro_c#showstartup-configUsing1359outof32762bytes!version12.0! --More--wg_ro_c#showrunning-configBuildingconfiguration...

Currentconfiguration:

!

version12.0! --More--存在NVRAM中存在RAM中显示当前运行的和保存的配置情况CISCOR/S设备的内部结构ConsoleAuxiliaryInterfacesRAMNVRAMFlashROM配置模式特权模式Detailedexaminationofrouter.

Debuggingandtesting.File

manipulation.Remoteaccess.Router#Router>用户模式Limitedexaminationof

router.Remoteaccess.UsediftheoperatingsystemdoesnotexistinFlashorthebootsequencewasinterruptedduringstartup.ROM监测模式>orrommon>Prompteddialogusedtoestablish

aninitialconfiguration.设置模式RXBoot模式BoothelpersoftwarewhichhelpstherouterbootwhenitcannotfindavalidCiscoIOSimageinFlashmemory.Router<boot>Complexandmultilineconfigurations.其他配置模式Router(config-mode)#Router(config)#Commandsthataffectthesystemasawhole.全局配置模式密码恢复（PasswordRecovery）以下的恢复步骤主要适于设备：Cisco16/1700Cisco26/36/3700Cisco18/28/3800Cisco7x00Cisco12000CiscoAS5x00Cat2948G-L3Cat4908G-L3Cat5500(RSM)Cat4500(IOS)Cat8500Cat6x00(IOS)Router>Router>enablePassword:Router>Router>showverConsoleRoutercon0isnowavailablePressRETURNtogetstarted.UsermodepromptStep1：通过Console口连接到设备上，PC终端设置如果可以进入普通用户模式：Router>Showver查看ConfigurationRegisterValue，一般为0x2102or0x102如果需要密码，RegisterValue：0x2102！9600baudrate

Noparity

8databits

1stopbit

NoflowcontrolStep2：关机后重新开机，在开机60秒内按break键（或ctl+break）中断启动过程，进入ROMMON状态rommon>在rommon>中输入：confreg0x2142

修改设备的ConfigurationRegisterValue在rommon>中输入：reset将跳开设备的配置重新启动设备Step2：(Cont.)***SystemreceivedanabortduetoBreakKey***signal=0x3,code=0x500,context=0x813ac158PC=0x802d0b60,Vector=0x500,SP=0x80006030rommon1>confreg0x2142Youmustresetorpowercyclefornewconfigtotakeeffectrommon2>resetSystemBootstrap,Version11.3(2)XA4,RELEASESOFTWARE(fc1)Copyright(c)1999byciscoSystems,Inc.TAC:Home:SW:IOS:SpecialsforinfoC2600platformwith32768Kbytesofmainmemoryprogramloadcomplete,entrypoint:0x80008000,size:0x6fdb4cSelfdecompressingtheimage:########################################################################################################################################################################################################################################################[OK]Step3：设备重启完成后，退出对话配置模式

noorCtrl-c进入Router>进入特权模式：enableRouter#将设备原配置文件拷入MEM(nvrammem)，恢复设备的配置Router#copystartup-configrunning-config

Step4：检查设备配置，并修改密码Hostname#showrunInterfaces:shutdownPasswords:enablepassword,enablesecret,vty,consolepasswords,andsoon

hostname(config)#Interfaces:hostname(config-if)#noshutdownPasswords:

hostname(config)#

enablesecret

<password>

修改（恢复）设备启动ConfigurationRegisterValue：hostname(config)#

config-register0x2102

保存：hostname#wr,orhostname#copyrunstartStep4：(Cont.)Configurationregisteris0x2142Router#configureterminalRouter(config)#config-register0x2102Router#showversionCiscoInternetworkOperatingSystemSoftwareIOS(tm)C2600Software(C2600-IS-M),Version12.0(7)T,RELEASESOFTWARE(fc2)Copyright(c)1986-1999byciscoSystems,Inc.CompiledTue07-Dec-9902:21byphanguyeImagetext-base:0x80008088,data-base:0x80C524F8ROM:SystemBootstrap,Version11.3(2)XA4,RELEASESOFTWARE(fc1)Routeruptimeis3minutesSystemreturnedtoROMbyabortatPC0x802D0B60Systemimage"flash:c2600-is-mz.120-7.T"……Configurationregisteris0x2142(willbe0x2102atnextreload)CISOC交换机密码破解CISCO交换机密码恢复

（PasswordRecovery）以下的恢复步骤主要适于以下交换机系列：Cat2900XLCat3500XLCat2950Cat2960Cat2970Cat3550Cat3560Cat3750Step1：通过Console口连接到设备上，PC终端设置如果可以进入普通用户模式：Router>Showver查看ConfigurationRegisterValue，一般为0x2102or0x102如果需要密码，RegisterValue：0x2102！9600baudrate

Noparity

8databits

1stopbit

flowcontrol:Xon/XoffStep2：Holddownthemodebuttonlocatedontheleftsideofthefrontpanel,whileyoureconnectthepowercabletotheswitch.(2955例外，使用ctl+break中断启动)使用设备Mode按钮中断启动过程，进入ROMMON状态switch:Step3：初始化设备flash文件系统switch:flash_init

switch:flash_initInitializingFlash...flashfs[0]:143files,4directoriesflashfs[0]:0orphanedfiles,0orphaneddirectoriesflashfs[0]:Totalbytes:3612672flashfs[0]:Bytesused:2729472flashfs[0]:Bytesavailable:883200flashfs[0]:flashfsfscktook86seconds....DoneInitializingFlash.BootSector(bs:)installed,fsid:3ParameterBlock(pb:)installed,fsid:4switch:Step4：加载并查看flash文件内容switch:load_helperswitch:dirflash:修改系统配置文件名称后重启系统switch:renameflash:config.textflash:config.oldswitch:bootswitch:flash_initDirectoryofflash:/2-rwx1803357<date>c3500xl-c3h2s-mz.120-5.WC7.bin!---Thisisthecurrentversionofsoftware.4-rwx1131<date>config.text!---Thisistheconfigurationfile.Step4(Cont.)：其它后，终止自动配置；进入配置模式修改密码Hostname#showrunPasswords:enablepassword,enablesecret,vty,consolepasswords,andsoon

保存：hostname#writememoryCISOC路由器安全措施CommonThreatstoPhysicalInstallationsHardwarethreatsEnvironmentalthreatsElectricalthreatsMaintenancethreatsConfiguringaRouterPasswordConfiguringtheLoginBannerRouterX#bannerlogin"Accessforauthorizedusersonly.Pleaseenteryourusernameandpassword."DefinesandenablesacustomizedbannertobedisplayedbeforetheusernameandpasswordloginpromptsTelnetvs.SSHAccessTelnetMostcommonaccessmethodInsecureSSHEncryptedIPdomainmustbedefinedkeymustbegenerated!---TheusernamecommandcreatetheusernameandpasswordfortheSSHsessionusernameciscopassword0ciscoipdomain-namecryptokeygeneratersaipsshversion2linevty04loginlocaltransportinputsshCISOC交换机安全措施CommonThreatstoPhysicalInstallationsHardwarethreatsEnvironmentalthreatsElectricalthreatsMaintenancethreatsConfiguringaSwitchPasswordConfiguringtheLoginBannerDefinesandenablesacustomizedbannertobedisplayedbeforetheusernameandpasswordloginprompts.SwitchX#bannerlogin"Accessforauthorizedusersonly.Pleaseenteryourusernameandpassword."Telnetvs.SSHAcces