实验目的
通过本实验,读者可以掌握以下技能:
路由器Console端口、vty线路、enable等口令的设置;
路由器口令恢复的技巧。
路由器的ROM中除固化了一种功能有限的IOS之外,还有一种非IOS的简单操作系统,同IOS一样,也可以被加载,加载之后进入的模式被称为ROM Monitor模式。ROM Mintor模式通常被用于对设备进行低级调试和口令恢复。在网络设备的一般性调试中很少用到ROMMonitor模式。这是许多人对它不熟悉的主要原因。
以PC机的超级终端访问路由器,在路由器加电后的60s内按下Break键 (或Ctrl+Break键)就能进入到ROM Monitor模式下,口令恢复的操作便可以进行了。
监测清单2-5记录了对Cisco2500系列路由器口令恢复操作的全过程,其中与口令恢复操作无关的内容己被删节。
监测清单2-5 Cisco 2500系列路由器的口令恢复操作
第1段: ROM Monitor
System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
Copyright (c) 1986-1995 by cisco Systems
2500 processor with 16384 Kbytes of main memory
(按下Break键, 进入ROM Monitor模式)
Abort at Ox1OEA81C (PC)
>?
$ Toggle cache state
B [filename] [TFTP Server IP address I TFTP Server Name]
Load and execute system p_w_picpath from ROM or from TFTP server
C [address] Continue execution [optional address]
D/S M LV Deposit value V of size S into location L with modifier M
E/S M L Examine location L with size S with modifier M
G [address] Begin execution
H Help for commands
I Initialize
K Stack trace
L [filename] [TFTP Server IP address ! TFTP Server Name]
Load system p_w_picpath from ROM or from TFTP server, but do not
begin execution
O Show configuration register option settings
P Set the break point
S Single step next instruction
T function Test device (? for help)
Deposit and Examine sizes may be B (byte), L (long) or S (short).
Modifiers may be R (register) or S (byte swap).
Register names are: DO-D7, AO-A6, SS, US, SR, and PC
>0
Configuration register=0xFFFF2102atlast boot
Bit# Configuration register option settings:
15 Diagnostic mode disabled
14 IP broadcasts do not have network numbers
13 Boot default ROM software if network boot fails
12-11 Console speed is 9600 baud
10 IP broadcasts with ones
08 Break disabled
07 OEM disabled
06 Ignore configuration disabled
03-OOBoot file is cisco2-2500 (or 'boot system' command)
>o/r 0x2142
>i
第2段:路由器正常启动
(以下为路由器的正常启动过程)
System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
Copyright (c) 1986-1995 by cisco Systems
...(路由器启动报告,省略)
---System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!
Router>en
Router#sh version
Cisco Internetwork Operating System Softwaree 0
... (此处为版本,接口等信息,省略)
Router#sh startup-config
Using 455 out of 32762 bytes
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
enable password cisco
... (此处省略多行)
!
line con 0
password ciscol
login
line aux 0
line vty 0 4
!
end
Router#copy start run
Destination filename [running-config]?
455 bytes copied in 4.708 sees (113 bytes/sec)
Router#conf t
Router(coiifig)#coiifig-register 0x2102
Router(config)#end
Router#sh version
Cisco Internetwork Operating System Softwaree 0
...(此处为版本、接口等信息,省略)
Configuration register is 0x2142(will be 0x2102 at next reload)
(2)使用o/r命令把配置寄存器值更改为0x2142,目的是使路由器启动IOS软件时不调用NVRAM中的配置文件,从而不进行口令方面的认证。
(3)使用"i"命令启动路由器进入IOS运行模式。
(4)第2段中的内容是路由器进入IOS模式后的记录。show version命令显示当前配置寄存器的值为0x2142。
(5)查看NVRAM中的配置发现原配置文件依然完整地保存着,可以看到原来设的口令。使用copy命令把starup-config复制到running-config中,可以使原配置立即生效。
(6)在全局配置模式下,发出命令config-register0x2102,把配置寄存器值更改回0x2102,即要求路由器在下次启动时调用NVRAM中的配置文件。show version命令显示了我们希望看到的结果