Router Security Issue Passwords in Routers

[longtimeago 0]

Welcome to the discussion about , Routers and their security issues. Let me start off with what is a Router and i am sure that for Trap people that is self explanatory. Still to give a kick start Routers are end devices of any Network, it is where all packets get routed from one network to another , without the router that will not be possible. So a simple eg. If i have a small network behind my router, all i need to do is tell the router that all packets having this destination IP has to go to this particular place ( adjacent routers ) . All these informations are stored in a table in the router which is commonly known as the routing table. What are the interfaces in a router ? A router can have many interfaces like the serial interface which is commonly used to connect one router with the other router and the fast ethernet interface through which the LAN behind the router is connected . There are somemore ports known as the console port etc in a router. Now in the router there are some protocals which are activated which are termed as the routing protocals. So now that you have a brief idea of what is a router and what it does. Now the thing is to be noted is all these admistrative works like activating a protocol in the router and changing the routing table etc can be only done by the network engineer of that particular network . So how is this done , in order to make heavy changes in the router you need to have 2 things ,1) Physical access to the router ( however certain actions can be done , like configuration etc. through telnet )2) Password to access the router.Now that not all , but still some can have access to the router physically, other than the network engineer. So once you get physical access to the router, is the router safe ??? Though it is protected by password ? still is the router safe ?? My answer is gonna be NO NO NO , and i dont know why it is so . Even the King of Networks CISCO routers too are not safe if some one gets physical access to the router . Every router is protected by various passwords . But the primary one is "Enable password" . Once this password is broke the attacker can have his hands on the router as he wishes . The SAD part in this is , without changing the configuration too , the attacker can just break the password alone , do all he wants to alter and then again keep back the router as if it was not touched at all.So is there any one who can say No a Router Password cannot be broke ?? No there cant be any , because a router password can be broke easily and i write the following part of my post just to bring out the Computer Security Issues & Exploits and i dont have any intention to harm / or disturb any one. This is purely written for Educational purpose and if any moderators or Admins feel that the below portion is not be exposed , you may kindly remove what is written Below .Computer Security Issues & Exploits in a Router : Breaking of a Routers Password .First you need to turn the power switch off and switch on the router . Press the Break key within 60 seconds after switching on the router , you have to press CTRL - BREAK or at times CTRL -D A router normally boots in the 0x2102 // This is the registry value for normal boot . Type o/r 0x2142 to tell the router to boot from another register located in the flash without loading the configuration in NVRAM at the next reload. ( Here you are changing the registry value for the initial boot sequence of the router ) .Type i to have the router reboot. The router ignores the configuration in NVRAM. after this press Ctrl-C to skip the initial setup Dialog. Now the prompt to go to privileged exec mode.Now copy the startup configuration to the running configuration by copy startup-config running-config commands. View the configuration by typing write terminal or show running-config. View the configured line, vty and enable passwords. Any encrypted passwords need to be changed. // because these days Routers encrypt even enable passwords.Enter the configuration mode by typing configure terminal. Change the line of enable passwords.All interfaces are in a shutdown state. Issue the no shutdown command on every interface that is to be used.Enter config-register 0x2102 to return the router to normal operation at the next reloads. You may now exit configuration mode by pressing Ctrl-ZJust type write to save all the changes . Now Just re boot the router . Thats it you have successfully entered into the router without knowing the password.Note : You need physical access to the router , this cannot be done through telnet or SSH . Once you gain access to the router what else can you not do ?? huh ? Now my question is , why is this permitted in routers ??? - Please be ethical enough after reading this post - Hacking is a CRIME , Though it is an art of exploraion, it has to be done Ethically not Criminally -

[benchzero 0]

I guess this is not working all the time.