cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
396
Views
0
Helpful
2
Replies

How to verify a cisco image when device not trusted (hacked?)

anyarcadmin
Level 1
Level 1

I have a cisco router which I do not completely trust. I want to verify the image to make sure it wasn't replaced with a hacked one. The verify command says the image is ok.

Since I verified the image on the router itself but using a possibly compromised system I do not fully trust this information.

Questions:

* Is it possible to deploy "hacked images" or does the cisco low level boot loader refuse to load such an image due to some internal hardware signature checks which cannot be tampered with.

* I have downloaded the image from the router. If the router contained a manipulated image (and did not modify it during download to so that I downloaded a faked but original image), how can I verify the content when It is stored on my workstation. Does the cisco websites contain some "service" where I can query md5sum/sha1/... for a given image version?

Thanks in advance for any answers.

1 Accepted Solution

Accepted Solutions

jfgobin01
Level 1
Level 1

Hello,

I guess you can always boot into rommon and perform the checks/transfer from there ?

jF

View solution in original post

2 Replies 2

jfgobin01
Level 1
Level 1

Hello,

I guess you can always boot into rommon and perform the checks/transfer from there ?

jF

Thanks, this did it for me. The verification from rommon was ok and I guess I can trust the rom even when not comparing the information with cisco webpage.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: