[go: up one dir, main page]
Scribd
Upload
71 views9 pages

Router Passwords

1. The document discusses securing access points on a router, including the console port, AUX port, enable level, and Telnet access. It provides configuration examples to set passwords on each of these ports and levels using commands like "password", "enable password", and "service password-encryption". 2. It emphasizes the importance of the "service password-encryption" command to encrypt passwords, and the "copy running-config startup-config" command to save the configuration changes. 3. The document also mentions configuring Telnet access in Cisco Packet Tracer to demonstrate remote access configuration.

Uploaded by

yasiralordi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
71 views9 pages

Router Passwords

1. The document discusses securing access points on a router, including the console port, AUX port, enable level, and Telnet access. It provides configuration examples to set passwords on each of these ports and levels using commands like "password", "enable password", and "service password-encryption". 2. It emphasizes the importance of the "service password-encryption" command to encrypt passwords, and the "copy running-config startup-config" command to save the configuration changes. 3. The document also mentions configuring Telnet access in Cisco Packet Tracer to demonstrate remote access configuration.

Uploaded by

yasiralordi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

‫‪Router Passwords‬‬

‫ﺷرح ﺗﺄﻣﯾن ﻧﻘﺎط اﻟدﺧول ﻟﺟﮭﺎز اﻟراوﺗر‪:‬‬


‫‪-‬ﻗﺒﻞ اﻟﺒﺪء ﻓﻲ ﻋﻤﻠﯿﺔ اﻟﺘﺄﻣﯿﻦ ﯾﺠﺐ اﻟﺘﺬﻛﺮ إﻧﮫ ﯾﻮﺟﺪ أﻛﺜﺮ ﻣﻦ ﻣﻨﻔﺬ ﻋﻠﻰ اﻟﺠﮭﺎز ﻣﺜﻞ ﺟﮭﺎز‬
‫اﻟﺮاوﺗﺮ ﯾﻮﺟﺪ ﻋﻠﯿﮫ ﻣﻨﻔﺬ اﻷﻋﺪادات و ﻣﻨﻔﺬ اﻟﺘﺤﻜﻢ ﻋﻦ ﺑﻌﺪ اﻷن ﻋﻨﺪﻣﺎ ﻧﺮﯾﺪ ﺗﺄﻣﯿﻦ ھﺬه‬
‫اﻟﻤﻨﺎﻓﺬ ‪:‬‬
‫‪ .1‬ﺗﺄﻣﯾن ﻣﻧﻔذ اﻟﺗﺣﻛم اﻟﻣﺑﺎﺷر ‪Console‬‬
‫ﯾﺠﺐ ﻋﻠﯿﻨﺎ أن ﻧﺒﺪأ ﻓﻲ ﺗﺄﻣﯿﻦ اﻟﻤﻨﻔﺬ اﻷول و ھﻮ ﻣﻨﻔﺬ اﻹﻋﺪادات ‪ Console‬ﻹﻧﮫ‬
‫ھﻮ اﻟﻤﻨﻔﺬ اﻟﺮﺋﯿﺴﻲ اﻟﺬي ﺳﯿﺘﻢ ﻣﻨﮫ اﻟﺪﺧﻮل ﻟﻠﺠﮭﺎز‬

‫‪Router > enable‬‬


‫‪Router # config t‬‬
‫‪Router (config) # line console 0‬‬
‫‪Router (config-line) # Password cisco123‬‬
‫‪Router (config-line) # login‬‬
‫‪ .2‬ﺗﺄﻣﯾن ﻣﻧﻔذ اﻟﺗﺣﻛم ﻋن ﺑﻌد ‪AUX‬‬
‫‪Router > enable‬‬
‫‪Router # config t‬‬
‫‪Router (config) # line aux 0‬‬
‫‪Router (config-line) # Password cisco456‬‬
‫‪Router (config-line) # login‬‬

‫‪ .3‬ﺗﺄﻣﯾن ﻣﺳﺗوى اﻹﻋدادات و ھو ﻣﺳﺗوى ال ‪Enable‬‬

‫‪Router > enable‬‬


‫‪Router # config t‬‬
‫‪Router (config) # enable password cisco789‬‬
‫‪Or‬‬
‫‪Router (config) # enable secret cisco123‬‬ ‫ﯾﺴﺘﺨﺪم ﺗﺸﻔﯿﺮ اﻗﻮى‬
‫‪Router (config) # service password-encryption‬‬
‫‪-‬اﻷن أﻣﺮ اﻟﺘﺸﻔﯿﺮ ھﺬا ﯾﻘﻮم ﺑﺘﺸﻔﯿﺮ ﻛﻠﻤﺔ اﻟﻤﺮور اﻟﺨﺎﺻﺔ ﻓﻲ اﻟﻤﻨﺎﻓﺬ ﻹﻧﮫ ﻟﻮ ﺗﺮﻛﻨﺎ ﻛﻠﻤﺔ‬
‫اﻟﻤﺮور ﻛﻤﺎ ھﻲ ﺳﺘﻈﮭﺮ ﺑﺸﻜﻞ اﻟﺘﺎﻟﻲ ﻛﻢ ھﻮ ظﮭﺮة ﺑﺼﻮرة اﻟﺘﺎﻟﯿﺔ‪:‬‬
‫‪ Service password-encryption‬ھذا ھو اﻷﻣر ﯾﺟب ﺗﻔﻌﯾﻠﮫ ﻣﮭم ﺟدا‬

‫‪Router # show running-config‬‬

‫ھذا اﻷﻣر ﻟﻌرض ﻣﻠف اﻹﻋدادات‬

‫ھذه اﻟﺻورة ﻣﺎ ﻗﺑل ﻋﻣﻠﯾﺔ اﻟﺗﺷﻔﯾر أي اﺳﺗﺧدام اﻻﻣر ‪Service password-encryption‬‬


‫ھذه اﻟﺻورة ﻣﺎ ﺑﻌد ﻋﻣﻠﯾﺔ اﻟﺗﺷﻔﯾر أي اﺳﺗﺧدام اﻻﻣر ‪Service password-encryption‬‬

‫‪Router # copy running-config startup-config‬‬


‫‪-‬ھﺬا اﻷﻣﺮ ﻣﻦ أھﻢ اﻻواﻣﺮ اﻟﺘﻲ ﯾﺠﺐ ﻛﺘﺎﺑﺘﮫ ﻓﻲ ﻧﮭﺎﯾﺔ اﻟﻌﻤﻞ ﻋﻠﻰ اﻟﺠﮭﺎز ﻟﯿﺘﻢ ﺣﻔﻆ ﻛﻞ ﺷﻲء‬
‫ﺗﻢ ﻋﻤﻠﮭﺎ ﻣﻦ إﻋﺪادات‬

‫ﻓﻲ ھﺬه اﻟﺼﻮرة ﺑﻌﺪ ﻛﺘﺎﺑﺔ اﻷﻣﺮ ﻧﻘﻮم ﺑﻀﻐﻂ ﻋﻠﻰ ‪ Enter‬ﺳﺘﻈﮭﺮ رﺳﺎﻟﺔ ﺗﻘﻮل ﻟﻚ ھﻞ‬
‫ﺗﺮﯾﺪ ﺣﻔﻆ اﻟﻤﻠﻒ ﺑﻨﻔﺲ اﻻﺳﻢ إذا اﻧﺘﺎ ﻣﻮﻓﻖ اﺿﻐﻂ ‪ Enter ,‬و اﻧﺼﺤﻚ أن ﻻ ﺗﻐﯿﺮ أو‬
‫ﺗﻌﺪل ﻓﻲ أﺳﻢ اﻟﻤﻠﻒ اﺗﺮك اﻟﻤﻠﻒ ﻛﻤﺎ ھﻮ ﻣﺴﻤﻰ‪.‬‬

‫‪ .4‬ﺗﺄﻣﯾن ﻣﻧﻔذ اﻟﺗﺣﻛم ﻋن ﺑﻌد ‪Telnet‬‬


‫ﺑروﺗوﻛول ال ‪ Telnet :‬ھﻮ ﺑﺮوﺗﻮﻛﻮل وﺗﻄﺒﯿﻖ ﯾﺴﺘﺨﺪم ﻟﺘﺴﺠﯿﻞ اﻟﺪﺧﻮل إﻟﻰ ﺣﺎﺳﻮب‬
‫ﻋﻦ ﺑﻌﺪ‬
‫ﺗﻌﻤﻞ ﺧﺪﻣﺔ ال ‪ Telnet‬ﻋﻠﻰ ﺑﺮوﺗﻮﻛﻮل ‪ TCP‬و ﻋﻠﻰ‪Port 23 .‬‬
‫•اﻷن ﺳﻨﻘﻮم ﺑﻌﻤﻞ ﺗﻄﺒﯿﻖ ﻟﺨﺪﻣﺔ اﻻﺗﺼﺎل ﻋﻦ ﺑﻌﺪ ‪ Telnet‬ﺳﻨﻘﻮم ﺑﺘﻄﺒﯿﻖ ﻋﻠﻰ ﺑﺮﻧﺎﻣﺞ‬
‫ال ‪ Cisco Packet Tracer Student‬و اﻟﻌﻤﻞ ﻋﻠﯿﮫ‬
‫‪-‬ﻻﺣﻆ أن اﻟﻜﺎﺑﻞ اﻟﺬي ﯾﺮﺑﻂ ﻣﺎ ﺑﯿﻦ اﻟﺮاوﺗﺮ و اﻟﺴﻮﯾﺘﺶ ﻟﻮﻧﮫ أﺣﻤﺮ ﻣﻦ اﻟﻄﺒﯿﻌﻲ ﺟﺪا ً أن‬
‫ﯾﻜﻮن ھﻜﺬا ﻹﻧﮫ ﻟﻢ ﯾﺘﻢ ﺗﺸﻐﯿﻞ اﻹﻧﺘﺮﻓﯿﺲ اﻟﺨﺎص ﻓﻲ اﻟﺮاوﺗﺮ وﻟﻢ ﻧﻘﻢ ﺑﺘﺮﻛﯿﺐ اﻻي ﺑﻲ‬
‫ﻋﻠﯿﮫ ﺳﻨﻘﻮم ﻓﻲ ھﺬه اﻟﺤﺎل ﺑﺘﺸﻐﯿﻞ ھﺬا اﻹﻧﺘﺮﻓﯿﺲ و ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﯿﮫ و ﺑﻌﺪه ﺳﻨﻘﻮم‬
‫ﺑﺘﻔﻌﯿﻞ ﺧﺪﻣﺔ اﻻﺗﺼﺎل ﻋﻦ ﺑﻌﺪ ‪ vty‬و ﺳﻨﻘﻮم ﺑﺪﺧﻮل ﻣﻦ ﺧﻼل اﻟﺠﮭﺎز اﻟﻤﺮﺗﺒﻂ ﻓﻲ‬
‫اﻟﺴﻮﯾﺘﺶ اﻟﺬي ﯾﺮﻣﺰ ﻋﻠﯿﮫ ‪ PC 2‬و ھﻮ ﻣﻦ ﺳﯿﻘﻮم ﺑﺪﺧﻮل ﻋﻠﻰ اﻟﺮاوﺗﺮ ﻣﻦ ﺧﻼل ﺧﺪﻣﺔ‬
‫ال‪vty‬‬
‫اﻷن ﺳﻨﻘﻮم ﺑﻮﺿﻊ اﻹﻋﺪادات و ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﻰ ﻛﻞ ﻣﻦ ﺟﮭﺎز اﻟﺮاوﺗﺮ و ﺟﮭﺎز‬
‫اﻟﺤﺎﺳﻮب ‪ ,‬ﺗﺎﺑﻊ اﻟﻄﺮﯾﻘﺔ اﻟﺘﺎﻟﯿﺔ‪.‬‬
‫‪PC 2‬‬
‫‪IP :192.168.1.1‬‬
‫‪Mask : 255.255.255.0‬‬
‫‪GY : 192.168.1.100‬‬
‫ﻛﻣﺎ ﻓﻲ اﻟﺻورة اﻟﺗﺎﻟﯾﺔ‬
‫ﺑﮭﺬه اﻟﻄﺮﯾﻘﺔ ﻟﻘﺪ ﻗﻤﻨﺎ ً ﺑﺘﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﻰ ﺟﮭﺎز اﻟﺤﺎﺳﻮب اﻷن ﺳﻨﻘﻮم ﺑﻌﻤﻞ اﻹﻋﺪادات‬
‫اﻟﺨﺎﺻﺔ ﻓﻲ ﺟﮭﺎز اﻟﺮاوﺗﺮ ﺳﻨﻘﻮم ﺑﺘﺸﻐﯿﻞ اﻹﻧﺘﺮﻓﯿﺲ ‪ 0/0‬و ﻧﻘﻮم ﺑﻮﺿﻊ اﻻي ﺑﻲ ﻋﻠﯿﮫ و‬
‫ﻣﻦ ﺑﻌﺪ ذاﻟﻚ ﻧﻘﻮم ﺑﺘﻔﻌﯿﻞ ﺧﺪﻣﺔ ال ‪ vty‬ﺗﺎﺑﻊ اﻟﺘﺎﻟﻲ‬

‫اﻷن ﺳﻧﻘوم ﺑﻛﺗﺎﯾﺔ اﻻواﻣر اﻟﺗﺎﻟﯾﺔ‪:‬‬


‫‪Router # show ip interface brief‬‬
‫ھﺬا اﻷﻣﺮ ﻟﻌﺮض اﻹﻧﺘﺮﻓﯿﺲ اﻟﻤﻮﺟﻮدة ﻋﻠﻰ اﻟﺮاوﺗﺮ ﻛﻤﺎ ھﻮ ﻓﻲ اﻟﺼﻮرة اﻟﺘﺎﻟﯿﺔ‬
‫اﻷن ﯾﻈﮭﺮ ﻓﻲ اﻟﺼﻮرة اﻟﺴﺎﺑﻘﺔ ‪ Interface fast Ethernet 2‬اﻷول ﯾﺎﺧﺬ رﻗﻢ ‪ 0/0‬و‬
‫اﻟﺜﺎﻧﻲ ﯾﺎﺧﺬ رﻗﻢ ‪ 0/1‬ﻧﺤﻦ اﻷن ﺳﻨﻘﻮم ﺑﺎﺧﺘﯿﺮ اﻹﻧﺘﺮﻓﯿﺲ اﻷول ‪ 0/0‬ﺳﻨﻘﻮم ﺑﺘﺸﻐﯿﻠﮫ و‬
‫ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﯿﮫ‪.‬‬
‫‪-‬اﻷن ﺳﻧﻘوم ﺑﻛﺗﺎﯾﺔ اﻻواﻣر اﻟﺗﺎﻟﯾﺔ‪:‬‬
‫‪Router # config t‬‬
‫‪Router (config) # interface fastethernet 0/0‬‬
‫‪Router (config-if) # ip address 192.168.1.100 255.255.255.0‬‬
‫‪Router (config-if) # no shutdown‬‬
‫ﻛﻣﺎ ﻓﻲ اﻟﺻورة اﻟﺗﺎﻟﯾﺔ‬

‫ﻻﺣﻆ ﺑﻌﺪ أن ﺗﻢ ﺗﻨﻔﯿﺬ اﻻواﻣﺮ و ﺗﺸﻐﯿﻞ اﻹﻧﺘﺮﻓﯿﺲ ‪ 0/0‬و ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﯿﮫ ﺗﻢ اظﮭﺎر‬
‫رﺳﺎﻟﺔ ﺗﻘﻮل ﻟﻚ أن اﻹﻧﺘﺮﻓﯿﺲ ﺗﻢ ﺗﺸﻐﯿﻠﮫ و ﺑﺤﺎﻟﺔ ‪ up‬و ﺗﻢ ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﯿﮫ اﻷن‬
‫ﻧﻘﻮم ﺑﻌﻤﻠﯿﺔ اﻟﺨﺮوج ﻣﻦ ﻣﺴﺘﻮى اﻹﻧﺘﺮﻓﯿﺲ و اﻟﺮﺟﻮع إﻟﻰ اﻟﻤﺴﺘﻮى اﻷول ﻟﻠﺮﺟﻮع‬
‫ﻧﻜﺘﺐ اﻷﻣﺮ اﻟﺘﺎﻟﻲ‪.‬‬
‫‪Router (config-if) # end‬‬
‫أو ﻧﻘﻮم ﺑﻀﻐﻂ ﻋﻠﻰ ‪Ctrl + Z‬‬
‫ﺑﻌﺪ ھﺬا‬
‫ﺳﻨﻘﻮم ﺑﻜﺘﺎﺑﺔ اﻷﻣﺮ اﻟﺘﺎﻟﻲ‪Router # show ip interface brief‬‬
‫و ﺳﯿﻈﮭﺮ ﻟﻨﺎ اﻹﻋﺪادات اﻟﺘﺎﻟﯿﺔ اﻟﺘﻲ ﻓﻲ اﻟﺼﻮرة‬
‫ﻻﺣﻆ إﻧﮫ ﺗﻢ إﺿﺎﻓﺔ اﻻي ﺑﻲ ‪ 192.168.1.100‬ﻋﻠﻰ اﻹﻧﺘﺮﻓﯿﺲ ‪ 0/0‬و اﻟﺤﺎﻟﺔ ‪ up‬و‬
‫اﻟﺒﺮوﺗﻮﻛﻮل ‪ up‬و ﻟﻜﻦ ﻻ ﯾﻮﺟﺪ ﻟﺪﯾﻨﺎ ﺑﺮوﺗﻮﻛﻮل ﻣﻔﻌﻞ ﻓﻲ اﻟﻮﻗﺖ اﻟﺤﺎﻟﻲ‪.‬‬
‫‪-‬اﻷن ﺑﻌﺪ أن ﻗﻤﻨﺎ ﺑﻌﻤﻞ اﻹﻋﺪادات و ﺗﺸﻐﯿﻞ اﻹﻧﺘﺮﻓﯿﺲ و ﺗﺮﻛﯿﺐ اﻻي ﺑﻲ ﻋﻠﻰ‬
‫اﻹﻧﺘﺮﻓﯿﺲ ﺳﻨﻘﻮم اﻷن ﺑﺘﻔﻌﯿﻞ ﺑﺮوﺗﻮﻛﻮل اﻻﺗﺼﺎل ﻋﻨﺪ ﺑﻌﺪ ‪ vty‬ﺗﺎﺑﻊ اﻟﺪرس‪.‬‬
‫•طﺮﯾﻘﺔ ﺗﺸﻐﯿﻞ أو ﺗﻔﻌﯿﻞ ﺑﺮوﺗﻮﻛﻮل ال ‪ vty‬ﻋﻠﻰ أﺟﮭﺰة ﺳﯿﺴﻜﻮ‪:‬‬
‫‪-‬اﻷن ﺳﻧﻘوم ﺑﻛﺗﺎﯾﺔ اﻻواﻣر اﻟﺗﺎﻟﯾﺔ‪:‬‬
‫‪-‬ھذه إﻋدادات ﺑروﺗوﻛول ال‪vty .‬‬
‫‪Router > enable‬‬
‫‪Router # config t‬‬
‫‪Router (config) # line vty 0‬‬
‫رﻗم ‪ 0‬ﯾﻌﻧﻲ رﻗم اﻟﻣﻧﻔذ ﺑﻣﻌﻧﻰ اﻧك ﺗﺳﺗطﯾﻊ أن ﺗﻘوم ﺑﺈﺿﺎﻓﺔ اﻛﺛر ﻣن ﻣﻧﻔذ ﻣن ‪ 0‬إﻟﻰ‪4‬‬
‫‪Router (config-line) # password cisco123‬‬
‫‪Router (config-line) # login‬‬
‫‪Router (config-line) # end‬‬
‫‪Router # copy running-config startup-config‬‬
‫‪-‬ﺑﻌد ھذا ﺳﻧﻘوم ﺑدﺧول ﻋﻠﻰ اﻟﺟﮭﺎز اﻟﺗﺎﻟﻲ اﻟﻣﺳﻣﻰ ‪ PC 2‬و ﻧﻘوم ﺑدﺧول ﻋﻠﻰ‬
‫‪Command Prompt‬ﻛم ھو ﻣوﺿﺢ ﻓﻲ اﻟﺻورة اﻟﺗﺎﻟﯾﺔ‪:‬‬

‫و ﺑﻌﺪ اﻟﺪﺧﻮل ‪ Command Prompt‬ﺳﺘﻈﮭﺮ ﺷﺎﺷﺔ ﺳﻮدا ﺗﺴﻤﻰ ‪ DOS‬ﺳﻨﻘﻮم ﺑﻜﺘﺎﺑﺔ‬


‫اﻻواﻣﺮ اﻟﺘﺎﻟﯿﺔ ﻟﯿﺘﻢ اﻟﺪﺧﻮل و اﻻﺗﺼﺎل ﻓﻲ ﺟﮭﺎز اﻟﺮاوﺗﺮ ﺑﺸﻜﻞ ﻣﺒﺎﺷﺮة ﻧﻼﺣﻆ ﻓﻲ‬
‫اﻟﺼﻮرة اﻟﺘﺎﻟﯿﺔ‪.‬‬
‫‪-‬ﻓﻲ ھﺬه اﻟﺤﺎﻟﺔ ﺗﻢ ﻓﺘﺢ ﺷﺎﺷﺔ اﻟﺪوس ﺳﻨﻘﻮم ﺑﻜﺘﺎﺑﺔ و ﻧﻘﻮم ﺑﺘﺴﺠﯿﻞ اﻟﺪﺧﻮل ﻋﻠﻰ اﻟﺮاوﺗﺮ‪.‬‬
‫‪-‬اﻷن ﺳﻨﻘﻮم ﺑﻜﺘﺎﺑﺔ اﻻواﻣﺮ اﻟﺘﺎﻟﯿﺔ ﻟﺘﺴﺠﯿﻞ اﻟﺪﺧﻮل ﻋﻠﻰ اﻟﺮاوﺗﺮ ﻛﻤﺎ ﻓﻲ اﻟﺼﻮرة اﻟﺘﺎﻟﯿﺔ‪:‬‬

‫اﻻواﻣر اﻟﺗﺎﻟﯾﺔ ﻟﺗﺳﺟﯾل اﻟدﺧول ﻋﻠﻰ اﻟراوﺗر‪:‬‬


‫‪PC > telnet 192.168.1.100‬‬
‫ھﺬا اﻷﻣﺮ ﯾﻘﻮم ﺑﻌﻤﻠﯿﺔ اﻻﺗﺼﺎل ﻓﻲ اﻟﺮاوﺗﺮ ﺑﻌﺪ أن ﯾﺘﻢ اﻻﺗﺼﺎل ﺳﯿﻄﻠﺐ ﻣﻨﻚ ﻛﻠﻤﺔ‬
‫اﻟﻤﺮور اﻟﺘﻲ ﺗﻢ وﺿﻌﮭﺎ ﻓﻲ اﻹﻋﺪادات ﻛﻠﻤﺔ اﻟﻤﺮور ھﻲ‪789 .‬‬

You might also like