Skip to Content (press Enter/Return)
preview

Description of Cisco IOS Vulnerabilities

explanatory Essay
1869 words
Open Document
1869 words
  • Small
  • Normal
  • Large
  • Huge
bookmark

In the computer age, vulnerabilities and back doors into devices are proving heaven for hackers and hell for administrators. Every week it seems that new vulnerabilities are discovered in different devices. Cisco IOS is no different and numerous vulnerabilities can be found in their devices. The aim of the report is to research vulnerabilities in Cisco's IOS operating system. Tools available in Backtrack 5 will be used to exploit the vulnerabilities. GNS3 will be used to set up a working topology to work in conjunction with Backtrack 5 to demonstrate the tools. The report also contains screenshots of the tools that will aid the readers understanding.

2. Cisco IOS Vulnerabilities

3. GNS3 Setup

A network topology in GNS3 (Graphical Network Simulator) is used in conjunction with Backtrack 5 to demonstrate the exploit tools of Cisco. The topology consists of three routers connected to one switch which is connected to a cloud. The cloud will act as Backtrack. The network address is 192.168.6.0/24. Each router is configured with separate IP addresses in the network. Backtrack is connected to the cloud on the same Vmnet custom network. (See Figure 3-1 below).

Figure 3-1. GNS3 Topology.

4. Cisco Auditing Tool

The Cisco Auditing Tool's main function is to scan cisco routers to look for well known vulnerabilties. The tool accomplishes three main tasks which are, brute forcing the telnet password if telnet is running, it tries to brute force the Simple Network Management Protocol (SNMP) community strings, and finally it looks for the IOS history bug. (Ali and Heriyanto, 2011, p 144).

Telnet is a program that connects a PC to the server or router on the network. The default port for telnet is 23. SNMP is a p...

... middle of paper ...

...

Mati Aharoni, William M. Hidalgo (2010) Cisco SNMP configuration attack with a GRE tunnel

[online] available from

< http://www.symantec.com/connect/articles/cisco-snmp-configuration-attack-gre-tunnel > [08 March 2014].

Faircloth J, Beale J, Temmingh R, Meer H, van der Walt C, Moore HD (2006) Penetration Testers Open Source Toolkit.

3rd edn. Massachusetts : Elsevier Syngress Publishing.

Kevin Orrey (2008) Cisco Torch [online] available from

< http://www.vulnerabilityassessment.co.uk/torch.htm> [08 March 2014].

Ali, S. and Heriyanto T. (2011) BackTrack 4: Assuring Security by Penetration Testers.

1st edn. Birmingham: Packt Publishing.

Alfredo Andres Omella, David Barroso Berrueta (2010) Yersinia Man Page [online] available from

< http://manpages.ubuntu.com/manpages/hardy/man8/yersinia.8.html> [08 March 2014].

In this essay, the author

  • Explains that vulnerabilities and back doors into devices are proving heaven for hackers and hell for administrators. the report aims to research vulnerabilities in cisco's ios operating system.
  • Describes how cisco's gns3 (graphical network simulator) is used in conjunction with backtrack 5 to demonstrate the exploit tools of cisco.
  • Explains that the default telnet password for cisco is 'cisco'. the password was found very quickly due to the small password list file which only contains slight variations.
  • Advises network administrators to be aware that telnet sends information in plain text and is open to a plethora of attacks.
  • Recommends using a combination of username and password on telnet, as it increases the time it could take for hacker to brute force them.
  • Explains that the cisco auditing tool is a limited tool because it only discovers telnet passwords.
  • Explains that when no telnet password is set, the router is not vulnerable to this type of attack.
  • Explains how the scanner reveals that the default password of telnet is set on the router.
  • Explains that if the default enable password of cisco is set on the router, ocs scanner will identify it and aided with the telnet password.
  • Explains that password telnet and enable mode are set to default! ip router vulnerable.
  • Describes cisco passwd scanner as a tool that scans class a, b, or c ip addresses for cisco routers that haven't changed their default password.
  • Explains that the routers in the topology were not configured with line vty passwords, so cisco scanner doesn't return a result.
  • Explains that the routers were configured with the default password of 'cisco' in the vty terminal.
  • Explains that the cisco passwd scanner tool has limited functionality and renders ineffectual if a different password is set for line vty.
  • Analyzes how the brute force attack of the router reveals that the community strings are set to public and private.
  • Explains that the snmpcheck tool checks the community strings to determine if there read/write or read only. the community string public on the router from the topology has been inadvertently set to read
  • Explains that the pubic community string is set to read/write, making the router configuration vulnerable.
  • Explains that the configuration file is sent to the log viewer on the tftpd server.
  • Explains that john the ripper is a widely used password cracker.
  • Explains that question defence (2012) copy-router-config is available from backtrack 5, vulnerability assessment, network assessment and cisco tools.
  • Explains null byte (2014) hack like a pro: how to crack private & public snmp passwords using onesixtyone.
  • Explains that question defence (2012) copy-router-config is available from backtrack 5, vulnerability assessment, network assessment and cisco tools.
  • Describes the features of the penetration testers open source toolkit.
  • Explains the cisco auditing tool's main function is to scan cisco routers to look for well known vulnerabilities.
  • Explains that if the telnet password is not set to a default value, it's easy to brute force the password.
  • Explains that an nmap scan is one of the most efficient ways to discover the open ports on a router or network.
  • Describes how cisoc ocs scans a range of ip address on cisco routers looking for the default telnet and enable passwords.
  • Explains that virtual teletype (vty) is used to connect to the daemon via telnet. a simple topology set up in gns3 easily demonstrates the tool.
  • Explains that the cisco scanner scans the network searching for the default password of the company on line vty.
  • Explains that the tool copy cisco router config is only possible if the router is configured with the read/write (rw) community string.
  • Explains that the copy router config tool copies the router configuration file and a trivial file transfer protocol (tftp) server stores the copied configuration files.
  • Explains that the config file can be viewable from the tftpd server folder. an attacker can view sensitive information like usernames and passwords.
Get Access
Check Writing Quality
Related
  • explanatory
  • opinionated
  • comparative
  • Nt1330 Unit 7 Lab
    explanatory essay
    In this lab, we explore how the POD is done by setting up a virtual environment running Win95 as the victim and four others as an attackers.

    In this essay, the author

    • Explains how the pod is done by setting up a virtual environment running win95 as the victim and four others as an attackers.
    • Describes how they started their windows 95 machines, then went to the victim (pod server) and clicked run from the start menu and entered winipcfg to show the ip address.
    • Explains that they repeated the ping ten times and left all command prompts running. they then went to the pod server and opened system monitor tool to show the performance of the system.
    • Explains how they started to ping the pod server from all the machines, each having 10 instances of the command prompt running. the processor usage on the server was increasing and increasing until it reached 100%.
    • Describes how the pod server was overwhelmed and the system froze. after a few minutes, some pings started timing out on the attacking machines.
    • Explains the ping of death, a type of denial of service attack in which the attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets.
    • Explains that dos attacks are common among legacy systems, such as ping flood, which sends icmp (internet control message protocol) without waiting for a reply.
    545 words
    Read More
  • Nt1310 Unit 3 Term Paper
    explanatory essay
    The Kali Linux penetration testing platform contains a vast array of tools and utilities, from information gathering to final reporting, that enable security and IT professionals to assess the security of their systems. Metapackages give a user the flexibility to install specific subsets of tools based on your needs. Wireshark is a network protocol analyzer –popular for

    In this essay, the author

    • Explains that security audits do not contain a comprehensive risk assessment. they evaluate policy compliance, determine the effectiveness of existing security, and identify unknown vulnerabilities.
    • Explains kali linux penetration testing platform contains a vast array of tools and utilities that enable security and it professionals to assess the security of their systems.
    • Explains that wireless security is the prevention of unauthorized access or damage to computers using wireless networks.
    • Explains that wireless networks face different threats than wired networks. wireless networks do not have physical cabling to secure, so packets travel the airwaves and are vulnerable between transmitter and receiver.
    • Explains that it departments resisted the addition of mobile wireless devices to their areas of responsibility. while integration of laptops was unavoidable, many chief information officers and chief security officers were reluctant to include handheld devices under their supervision.
    403 words
    Read More
  • Nt1310 Unit 3 Application Paper
    explanatory essay
    To manage Riordan branches nationally and internationally they have put the best networks in place to interconnect these offices. Recent Cyber Threats has taught us a lesson on securing our information. Therefore they put up both hardware and software infrastructure to protect their networks from all forms of electronic threats.

    In this essay, the author

    • Explains how riordan has put up both hardware and software infrastructure to protect their networks against all forms of electronic threats.
    • Explains that riordan's network security hardware includes routers, physical locks, and firewalls. they also established a secure server where sensitive information is kept.
    • Explains that riordan has put in place cisc routers which are responsible for forwarding packets to and from the organization to networks connected to the internet.
    • Explains firewalls have been established in devices such as routers and switches to prevent access to the network via unused ports. all network processors are configured to detect all incoming connections and check to make sure they are authentic.
    • Explains the use of physical locks to protect server rooms and switch panels from unauthorized access and cctv cameras to monitor all attempts to break into these areas.
    • Explains sophos is one of the most powerful network antivirus software on the market. it prevents malicious applications and devices from being inserted into the organization’s workstations.
    • Compares local area networks (lans), wide area networks (wans) and wireless technologies.
    • Explains wireless networks use radio waves to establish connection to network devices to connect to the internet or to workplace. they are less costly than wired networks because it doesn't require many devices such as cables.
    • Explains that riordan manufacturing employs all three technologies in networking. offices and branches are networked using lan technologies and interconnected using wireless networks by microwave radio waves.
    • Explains the concepts and building blocks of today's data communication networks, such as switches, routers, and cabling.
    • Explains that switches have evolved over time to accommodate more workstations while providing excellent security services at relatively fast speeds, thus increasing network reliability in terms of response to requests.
    • Explains that fiber optic cable has provided excellent features though it comes with huge installation and maintenance cost.
    771 words
    Read More
  • Nt1310 Unit 1
    opinionated essay
    Although the organization has already tackled and overcome several significant security failings which have resulted in the exposure of its network infrastructure to various vulnerabilities, as these failings became public it has caused significant damage to the perception and reputation of Advanced Research. As a result there is a clear need to develop, define, and implement an enhanced network topology and infrastructure in order to ensure that all critical functions are protected and that there is no possibility of unauthorized access to the network or any service being obtained. Following an analysis of previous incidents it is apparent that there are several recurring areas which would need to be protected and these should be considered

    In this essay, the author

    • Opines that advanced research needs to develop, define, and implement an enhanced network topology and infrastructure to ensure that all critical functions are protected.
    • Explains that intellectual property is considered a serious risk if there is any unauthorized access to the network or associated systems.
    • Argues that the blitz solution is the most effective way of addressing the requirements of advanced research.
    • Opines that blitz is a powerful testimonial to its quality, as it can simulate various degrees of attack behavior to ensure that the network is always protected at an optimal level.
    1023 words
    Read More
  • Cisco Case Study
    explanatory essay
    Company Overview Communication is the basis by which a company can become successful and achieve a competitive advantage. Information must be able to flow between departments especially if such departments are located globally. The need for communication is what generated the idea that became the company known as Cisco. Husband and wife Len Bosack and Sandy Lerner, both working for Stanford University, wanted to email each other from their respective offices located in different buildings but were unable to due to technological shortcomings (The Network, 2016).

    In this essay, the author

    • Explains that communication is the basis of a company's success and competitive advantage. len bosack and sandy lerner created the first multi-protocol router, which became cisco.
    • Explains that cisco's main purpose is to "shape the future of the internet by creating unprecedented value and opportunity for our customers, employees, investors, and ecosystem partners."
    • Explains that becoming an industry leader requires an organization to recruit talented and skilled employees. firms employ a high amount of time and funding to ensure that the right person is hired.
    • Explains that cisco has an overall goal of getting the top 10 to 15 percent of people in their industry. if they get the best people to fit into their culture and motivate them properly, they'll be an industry leader.
    • Explains the early stages of hiring involved identifying the exact person that needed to be hired. focus groups were created with talent recruiters to ensure that all prospective employees shared similarities.
    • Explains how acquisitions provided a large pool of management talents needed to run the new companies acquired. cisco attempted to hire competitor's employees who were content with their current position and compensation.
    • Explains that hr leaders developed a road map for early, mid, and late career works to develop current employees to their full potential. cisco is taking the time to train existing and new talents to ensure that there are skillful leaders.
    • Explains that cisco has a series of programs which provide the employees with the motivation needed to constantly increase innovation. the cap or the cisco achievement program rewards employees who perform over and above their call of duty.
    • Explains that compensation is not the only form of motivation for an employee. recognition provides the employee with a sense of pride and knowledge that their efforts are being valued.
    • Explains cisco's motivational strategy of allowing their employees to grow to their full potential. the company pays for training and offers bonuses and promotions after the employee becomes certified.
    1343 words
    Read More
  • Cisco
    explanatory essay
    Cisco Current Performance As a company Cisco Systems is still a powerhouse in their industry. It is the worldwide leader in networking for the Internet. Although they have broadened their product line tremendously since they first started, they still try to stick to the same business policies and plans that they had when they first started out. Cisco’s net sales for the last fiscal year were over eighteen billion dollars. This is an unbelievable amount of money for a company to generate if you consider this company is not even twenty-five years old.

    In this essay, the author

    • Opines that cisco systems is still a powerhouse in their industry.
    • Explains cisco, being a market leader, keeps them on top of the market.
    • Explains that this money came mainly from interest on cash that they already had.
    • Explains how easily products can be upgraded, which is convenient and helpful.
    • Explains that it has to constantly be updated in order to make sure that they give their best.
    • Describes the benefits of switching between different levels of networks.
    • Explains that accessing information that they should not see or may cause trouble on the network.
    • Explains that they can make sure that only people that should be on their network are on and that trouble is avoided.
    • Explains that this software helps to fulfill the need of growing and the network will still be reliable.
    • Explains that lucent was born in 1996 from its parent company of at&t.
    • Explains that ascend's cisco products are also involved in cisco.
    • Explains that lucent has a very broad range of products that it sells this can challenge leadership.
    • Explains that lucent is relying heavily on a few major customers and would be in trouble if anything happened to them. they are trying to broaden their customer base through acquisitions of certain companies.
    • Explains cisco's product line has grown tremendously since they started, but they still stick to the same business policies and plans that they had when they first started out.
    • Analyzes how cisco's net sales and net income have grown every year for the past five years by leaps and bounds. net sales grew over 64% percent from the 1999 fiscal year to the year 2000 fiscal
    • Explains that cisco's growth is due to the growth in the pursuit of sales in foreign countries and the great move they made into china.
    • Explains that the higher cost of in-process research and design costs threw off net income.
    • Opines that the price of cisco stock has been performing pretty steadily over the last year. the market and technology and dot com companies have been taking a hit in the market.
    • Analyzes how the stock reacts to how other stocks of its type are also doing. people buy cisco stock depending on how it is doing compared to its major competition.
    • Explains that cisco has a 14.1% profit margin on their products. they get 11.84% returns on assets and 15.03% return on equity.
    • Opines that cisco acquires companies steadily to make the bottom line a little shadier. they can't gauge the growth that they are experiencing because of this.
    • Explains that cisco is making the move into different types of product lines but their main section is still networks.
    • Explains that research into data, voice, and video led to a huge increase in research costs.
    • Opines that a leader must be the trend setter and be out at the front of each new leap in technology.
    • Explains that cisco is making a big push into foreign markets at this time. the asian market is one of the emerging markets for networks and internet tools.
    • Explains cisco spent over one billion dollars more on sales and marketing this fiscal year than last.
    • Explains that cisco is making more money because of the fifty percent increase in interest and other incoming over the year.
    • Describes the products that can be used by themselves in order to connect on to networks as well as components that piece together.
    • Explains that cisco has a wide range of products to help them connect onto networks no matter where the network is in your house, business, school, or around the globe
    • Explains that cisco products are taking advantage of the ability to transfer data.
    • Explains that companies want to be able to have board meetings all over the world at the same time. cisco is making products that make this possible.
    • Explains that cisco's routers are the building block of any type of network. they help to move information from one network to another and tell the data which is the best route to travel.
    • Explains that cisco caters to this type of business need. they make products that will help the person working right out of their home.
    • Explains that cisco provides software to help you set up your website business, handle incoming orders, and make sure that private information sent by customers is actually safe.
    • Explains that cisco wants to become the company that a business can go to for all of its network needs. they want to be able to provide their customers with great service and great products.
    • Explains that lucent had the shadow of at&t over it to help it out. they had sales of last year of over 38 billion dollars.
    • Explains that bell labs is considered one of the best places of invention in the world.
    • Explains that lucent had 1,153 us patents in 1999, which was the ninth highest in the united states. this helps it stay at the head of the market which is very important in an industry such as this.
    • Opines that at&t will be a loyal customer to them which gives them an advantage because of the great amount of money that they will spend.
    • Opines that lucent is just another part of at&t. its inexperience may be a hindrance when it comes to companies that have been around longer.
    • Explains that lucent's stock has been hit hard in the last year and is now around eighteen dollars down from a year high of around 80 dollars.
    3243 words
    Read More
  • Cisco Systems, Inc. Case Study
    opinionated essay
    Cisco Systems, Inc. is a leader in networking for the internet, they develop hardware, software, and services to help create internet solutions that make internet networks possible. Cisco was founded in 1984 by a small group of computer scientists from Stanford University. They are a worldwide company with headquarters in: San Jose, California, Amsterdam Netherlands, and Singapore. Currently, they employ approximately 74,000 people throughout the world. Cisco operates on a set of values which include: change the world, intensely focus on customers, make innovation happen, win together, respect and care for each other, and always do the right thing. They show these values through global involvement in education, community, and philanthropic efforts. (Cisco, 2004)

    In this essay, the author

    • Describes cisco systems, inc. as a leader in networking for the internet. they develop hardware, software, and services to help create internet solutions that make internet networks possible.
    • Explains that cisco systems has been at the forefront of corporate social responsibility or csr for over a decade and provides annual reports to employees, investors, and other interested parties.
    • Explains cisco's governance and ethics, supply chain sustainability, employees, society, and the environment in their report. they realize that their business relies on earning the trust of the public, investors and employees.
    • Opines that cisco understands the importance of supply chain sustainability and wants to instill in suppliers a sense of social responsibility.
    • Explains that cisco makes its employees apart of the csr by providing training and development opportunities, a safe and healthy work environment, an inclusive and diverse work culture, and making sure they reward their employees.
    • Explains that cisco's products and services help connect people through technology. they are able to connect the global community to resources such as healthcare, education, and other critical human needs more easily.
    • Opines that cisco is attempting to make improving energy efficiency and lowering the company’s emissions a vital part of the csr plan.
    • Concludes that cisco's csr plan is well laid out and easy to follow even for someone who is on the outside of the company.
    718 words
    Read More
  • Cisco Certification
    explanatory essay
    What is Cisco Certification? Cisco certification is a accomplished scientific boost certificate skeleton which is feature with ongoing by Cisco company for advancing Cisco technology, cultivating the repercussion management design again designing troubleshooting personnel. Candidates burden help the prevailed Cisco certificates as valid combat of bread change or company qualification. know steam are five levels of certification: Entry, Associate, Professional, Expert, and Architect, now well thanks to seven different paths, Routing & Switching, Design, notoriety Security, cooperation Provider, Storage Networking, Voice, and Wireless. Orthodox educational institutions that decipher Cisco skills are called "the Cisco Networking Academy.

    In this essay, the author

    • Explains that cisco certification is a accomplished scientific boost certificate skeleton which is feature with ongoing by cisco company for advancing cisco technology, cultivating the repercussion management design again designing troubleshooting personnel.
    • Explains that cisco networking academy students can quest exam vouchers that admit them to manage the retired exam for an extended term of go into. cisco courses are offered at collegiate institutions and training is available from cisco learning side.
    • Explains how to exploit cisco certification exams. passing exams gives moment professionals the chance to determine their networking knowledge further strength.
    • Explains how to motivate for cisco certification exams by reading practice exams. they state that kill challenge is the highest domicile which offers the latest brain dumps.
    • Explains that cisco career certifications require candidates to feature plant mastery on the job types of problem solving. candidates must sign a confidentiality agreement online before nice any cisco racket certification exam.
    • Explains that it is in their terrific move to consent in many different cisco certification programs as this will eventuate you fresh valuable as an employee.
    • Explains why it is important to accent such certifications predominance your resume. recruiters look through connections who are hauling cisco certification.
    845 words
    Read More
  • Overview of Network Security
    comparative essay
    Network Security is the protection of the computer’s network though out the entire infrastructure. It can protect very important information and computer files to help prevent theft, spyware, malware, viruses, and more. Depending on if you have a public or private network, can determine what type of security settings you need for your network. All people are different on what they want to have secured or not, but most people do not know how to prevent people or things from getting in their network. “You must have a general understanding of security terminology and specifications as it relates to configuring hardware and software systems.”(Roberts, Richard M. 599). That quote states that by knowing and understanding security terms and specifics, you can

    In this essay, the author

    • Explains that network security is the protection of the computer’s network through out the entire infrastructure.
    • Recommends creating a password for your network, and limiting the security setting of your firewall to block out suspicious activity. social engineering is one of the causes of identity theft and the plantation of malware.
    • Explains that there are several ways to secure a network, such as authentication and encryption.
    • Explains that network security is the foundation of a healthy and protected computer. malware, spyware, viruses, and malicious activity can be prevented by using protocols or software programs.
    • Explains roberts, richard m., "network secrurity." networking fundamentals. 2nd ed. tinley park, il: goodheart-willcox, 2005.
    • Explains that jesper m. johansson, "managing the windows vista firewall." technet 2008: n. pag. web.
    868 words
    Read More
  • Security Compromise Assessment
    explanatory essay
    I want to give everyone a heads up on a Security Compromise assessment we are working on with Optiv Security. This type of assessment is not a vulnerability discovery (which we conduct yearly), but instead an effort to determine if we have been compromised, and if so, what type of data loss we might have experienced.

    In this essay, the author

    • Explains that they are working on a security compromise assessment with optiv security to determine if we have been compromised and what type of data loss we might have experienced.
    • Explains that they will be installing a forensics agent on all servers and workstations, and testing small groups of non-critical systems to make sure any issues are dealt with beforehand.
    • Explains that they are ready to push this out to more critical systems, taking it slow, and will have a back-out plan ready in case an issue does come up.
    181 words
    Read More
Get Access