How to verify a cisco image when device not trusted (hacked?)
I have a cisco router which I do not completely trust. I want to verify the image to make sure it wasn't replaced with a hacked one. The verify command says the image is ok.
Since I verified the image on the router itself but using a possibly compromised system I do not fully trust this information.
* Is it possible to deploy "hacked images" or does the cisco low level boot loader refuse to load such an image due to some internal hardware signature checks which cannot be tampered with.
* I have downloaded the image from the router. If the router contained a manipulated image (and did not modify it during download to so that I downloaded a faked but original image), how can I verify the content when It is stored on my workstation. Does the cisco websites contain some "service" where I can query md5sum/sha1/... for a given image version?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...