Non-volatile memory ( NVRAM) is a type of memory that stores data even when it’s no longer connected to a power supply. It’s the name of the current Cisco IOS file image that is running in RAM. VPNRouter# dirĢ55744000 bytes total (221896413 bytes free)Ī number of files are stored in flash memory but only the first one is of interest to us. As a result, the #symbol is appended to the flash listing to indicate that it’s a bootable disk.īecause the flash file system is the default file system, the dircommand lists the contents in flash memory. Note that the asterisk *in front of the flash file system indicates that it’s the current default file system the bootable IOS is located in flash memory. Levels of authorization include read only ( ro), write only ( wo), and read-write ( rw). This command provides some useful information, such as: ![]() The show file systems command lists all file systems available on a Cisco 1941 or on a layer 3 switch. The directories available depend on the device. The administrator can also create subdirectories in flash memory or on disk. The Cisco IFS ( IOS File System) enables an administrator to navigate the various directories and list the files in a directory. In a large network, you have lots of interconnected equipment and it’s impossible to configure all of this equipment manually using step-by-step commands.įortunately, there are various ways of copying or updating your configurations. Quiz: Configure the VLANs on Your Network Use VLANs to Reduce Your Broadcast Domains Practice Resolving a Router Fault on Your Network Perform the Initial Configuration of Your Network Routers Quiz: Configure Your Corporate Network Using Packet Tracer Practice Troubleshooting the WiFi and Switch on Your Network Understand the Command Line Interface (CLI)Ĭonfigure Basic Parameters in a Layer 2 SwitchĬonfigure Secure Remote Access on Your Switch Quiz: Install Packet Tracer on Your ComputerĬonfigure the IP Parameters for End DevicesĪdd a Wireless Access Point to the Agency’s Network 5.Install Packet Tracer on Your Operating System I am hopeful that the information shared makes both network administrators and security professionals aware of these misconfigures and provides a reference to further improve securing Cisco networks. nmap -sU -p69 -script tftp-enum.nse įigure 20: Port Descriptions 4.0 ConclusionĪs I briefly demonstrated, obtaining a Cisco configuration file could provide an attacker the required information to establish a foothold and laterally move across a network. ![]() Since TFTP does not provide a directory listing, the NSE script performs basic enumeration of common Cisco configuration file names. 2.0 Configuration File Download 2.1 TFTPĪfter identifying a TFTP server during the reconnaissance phase, I will rescan the exposed TFTP server port utilizing Nmap with the tftp-enum.nse script. Not only do configuration files provide information regarding the device, but they also provide additional avenues for further enumeration and possible lateral movement, such as physical and logical neighbor relations, password reuse, user enumeration, and applied access control lists (ACL). Each one of these services provides an avenue to exploit a misconfiguration to download a Cisco configuration file.Ĭisco configuration files can provide a wealth of knowledge for an attacker. Today, I have taken that knowledge and used it to demonstrate how to compromise networks so that I can help clients strengthen their security posture.ĭuring the reconnaissance phase of a penetration test, I typically look for an exposed TFTP, SNMP, and Cisco Smart Install (SMI) service on a network. During that time, I performed best practice assessments aimed at identifying misconfigurations that could lead to a network compromise. Prior to making a career change to offensive security, I spent over 15 years working for a Cisco partner designing and implementing enterprise and VoIP networks. By Michael Bond in Penetration Testing, Security Testing & Analysis 1.0 Intro
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |