Time
23 hours 18 minutes
Difficulty
Beginner
CEU/CPE
14

Video Transcription

00:01
Hello and welcome back. Dicey Anyone interconnecting Cisco networking devices Part one.
00:05
This is absurd to 13 using the seal I I'm Trend Darrow, and I'll be a structure for this course. In the last video, we went over how to access the command line interface of a switch
00:16
to include the Consul Port Telnet, S S H and a few of the Web server variations.
00:22
In this episode, we were covering how to actually use this, Eli, some of different modes and how the Cisco Iowa's tries to help you out.
00:30
All rights are learning objectives. For this episode, we're going over the differences in the user and privilege modes so little bit about passwords, security,
00:38
the tab completion and some other Iowa's help features. And that, lastly, with the debug and show commands
00:46
quick pre assessment here, what privilege level do you think the user mode is? Give you a few seconds to posit video and try and figure it out
00:57
right? It is user level one or privileged of a one
01:02
and like the rest this lesson This is my life set up right here at my Windows 10 host with a boom to server VM
01:07
at a council cable. US speed to it. The Windows 10 host is going through my so router to the switch and my boon to servers going right to the switch.
01:19
All right, So user and enable modes. So by default is two different privilege levels. There's user mode enabled.
01:26
So user mode is also called the user exact mode or execute mode. This is gonna be privileged of a one.
01:33
Um,
01:34
and the enable mode is going to be the provisional 15 or sometimes called the privilege Executive Otis. So you see, user motor privilege mode sometimes
01:45
so actually change in and out of the commands. You can tell you've been able to go from user mode to enable mode or disable
01:53
to go from enable mode to use her mode. So I'm gonna go ahead and bring up the party session here.
01:59
All right,
02:00
All right. So currently we are in. So if we do a show,
02:05
prove village.
02:07
We're currently have 15. So we're in
02:09
the enable motor privileged executive. So if we do a disable
02:15
and do a show
02:17
privilege were now in privileged of a one or a user mode
02:23
or user exact mode,
02:24
see and
02:27
and, uh,
02:29
show
02:30
prove ledge
02:34
and we're back in 15 again.
02:40
Come on.
02:45
Really?
02:46
All right, so a little bit of passwords security. So by default, the only thing that has allowed his counsel access But the council has no actual passwords on it by the fault,
02:57
because they kind of assumed that if you have physical access to the switch, your should be allowed to be there.
03:04
Um, And if you're not supposed to be there, you can just follow the well documented password recovery procedures that Cisco has published.
03:12
Um, just kind of, you know, there is.
03:15
They assumed that if you're gonna be there, you're supposed to be there, or if you're not supposed to be here, you can just break it. It's not. It's not hard,
03:23
but you had the enable mode password. So that's actually to get into that privilege double 15 or the
03:30
privileged exact mode.
03:32
So it's a different ways of logging in, though. What you set up telling that Taurus the sage reasonable. The council. You can have a local username password database, which is where you guys see me, type in Trent and then type in a password and have that said it was a local account on the switch where you can actually set up online passwords as well, Where you just have ah, just log in.
03:54
So some of the common encryption types is type zero is just clear text. It's not encrypted at all. So I have a couple of these set up already in the switch, so I'm gonna bring putting back up.
04:05
But, uh, so tight fives nd five hashed type seven is vague near cipher, which is not strong. I'll show you how easy that is to crack in just a moment here
04:16
and then it to encrypt all passwords you do Service space, password, dash encryption. This is the This will actually encrypted with a type seven. So it's more or less used for shoulder surfing,
04:29
right? So if you look at his Ryan config, someone looks at the running config and sees a bunch of numbers. They're not gonna know
04:36
what the password is. Student, You know
04:39
it's not. It'll be super easy to crack.
04:42
What has stopped someone from just looking at a password real quick.
04:45
Go on, bring out my party session here
04:47
and let's do a
04:49
show Run. I'll show you a
04:53
So here we have my local log in username real quick.
04:58
Have it set too privileged little 15. So that way, when I log and I go right into the privileges executor and able mode,
05:04
this is with secret five. Meaning the five type there.
05:10
And this is the actual MD five hash. Right?
05:15
So I'm gonna show you a clear text password here. Show Run
05:19
again.
05:20
It's a line.
05:24
So here we have a clear text password. So this would just be type zero
05:28
we have It is well done here,
05:30
So if we do a service
05:34
Ah,
05:36
I got to you
05:40
service
05:42
password encryption,
05:45
and we go back to shore. Run, begin its line.
05:50
Now we are at password seven.
05:54
So I'm gonna copy this hash hero quick,
05:58
and I'm gonna ring up. Just you can look these up online. Cisco type seven passer trackers.
06:04
Somebody get poor decision of the way real quick.
06:08
So I'm just gonna paste in the hash verse about already right there.
06:14
I mean, just have a second. If not even
06:16
it takes no time to crack type seven.
06:18
That's why it's just usually just used for shoulder surfing. So If you look in the running config,
06:25
you can't really see it. That's about all it's used for.
06:29
So I was talking about the different log in types. So right now, if I log in on the S S h or tell nut it's set to use the local database, she'll see here the log in local.
06:39
So if let's say we want to do a cut off T line counsel
06:46
zero
06:47
still a password of again,
06:51
and we just want to do log in
06:56
so many exit out of this,
07:00
Go back in. So now we need a password to go in the council.
07:03
So just do Nimda we're in because it's not utilizing that local password database like the tell Net and
07:11
sssh sessions are seeing
07:14
named, uh,
07:19
all right, someone to go out and close out of this real quick
07:25
heart again. MD five is the one you're actually gonna want. So the way you can get that is if you do an enable secret,
07:30
so let me actually bring back party again. Sorry.
07:34
And let's go into let me see if I have enable secret actually do so.
07:44
There's need to show Ron
07:47
begin at enable
07:56
Rio. So what I want to do.
07:59
You actually just copy this?
08:01
We're going to configuration terminal.
08:05
I've been no
08:07
paste. It's on now. If we go back to
08:13
that command,
08:16
that should be nothing. There
08:18
didn't pop because it hasn't been able command. So now we're just going to come for tea.
08:24
What to do? Enable.
08:28
And what options do we have? We can use password, which will give it
08:33
the clear text
08:35
where we can you secret, which will use the level for type five.
08:41
Where do? Named again.
08:45
Oh, that's right.
08:46
So that's what you can actually copy it from other router configurations.
08:50
So if you do enable secret five, this is telling you this is telling the switch, which, uh,
08:56
which type of hash it iss. Right. So you can just copy that exact tach, one or script. Pace it in here.
09:03
That way you don't ever have to see the clear texas long as you know it.
09:05
So now if we go back into the showroom
09:09
began at enable
09:16
Well,
09:16
we have the MD five hashed enable secret again.
09:24
So a little bit out Cisco makes life. He's here. I'm sure you've seen a little bit by now. We're
09:28
you know, I can hit tab and complete the word.
09:33
It's a quick way if you're trying to think of right word, you gonna tab if it completes, You know,
09:39
you know that it's about the right word.
09:41
Um, the question mark will tell you if you're in the middle of a word, it will tell you what words are available to for that to be completed with
09:50
or if you have, you know, calm configure space question mark. It will tell you the different types off
09:58
configurations you could do. So
10:00
the up and down arrows will go through your previous commands.
10:03
Left and right will move the arrows, control a We'll move you to be getting on the line,
10:09
Control. You will move you to the other line
10:11
so I will go ahead and bring putting up again and show you how it works.
10:18
So I'm gonna do camp
10:18
hit tab.
10:20
We bring in terminal so I won't hit the question mark.
10:24
And here's all the different commands we can use. So let's go ahead and do term tab.
10:30
No, we're in.
10:31
So if we go and to do it,
10:35
here's where you can actually use shorthand.
10:39
So you gonna interface f A 01
10:43
or
10:46
or we can do interface fast. Ethernet. It's zero slash one.
10:52
You can do both. They both do the same thing one just a little quicker,
10:58
But it is good to know the full command. Um,
11:01
I've heard where
11:03
some exams won't allow you to use the tab completion. Some will. So be aware that that is an option. You should know the command.
11:13
So if we go into switch ports
11:18
Sophie hit. We're in the middle of a word here which hit P question mark. And we have three different options. We have priority protected in port security.
11:28
Yes, we do others options so she can go and exit out of this
11:31
and we will move on. Okay, I'll show you the
11:35
let's say you're in the middle of this comment. I gotta go back to control a
11:41
backspace to what you want me. And then you can you can continue again
11:48
and we will move on. So, debugging show command. So debug is kind of tells you what is actually currently happening
11:56
in the switch. The show command kind of gives you a snapshot
11:58
of the different configurations of status is of the ports and switch can fix, right?
12:05
So once again, I will bring putty up here. Just get through that.
12:11
So if we do a show
12:15
I p interface F a 01
12:20
See, it's up and up
12:22
show
12:24
and her face phase. You're one.
12:28
Give a little more information here.
12:31
Got C Mac, we got a description that we had said earlier.
12:35
We're full duplex in 10 megabits per second.
12:39
Uh, I'm actually gonna go change that right now, so don't forget in the wonder why we're slow
12:46
speed
12:48
one.
12:48
So I believe we're going to auto here. Yeah,
12:52
and
12:54
so I have a couple of debug things going on right now. That's what all these you see in the back are doing right now.
12:58
So I do a show debugging.
13:01
Here's the three that I currently have on.
13:03
I just did it so you can kind of see that debug
13:07
happens in real time. It shows you everything that's happening in real time here.
13:11
Um,
13:13
So I'll show you another one real quick. You're gonna see. I'm gonna go unplug one of the switch ports
13:18
and you'll see it just go crazy again. So give me one moment.
13:31
All right? Now, I'm gonna go ahead and plug it back in.
13:43
All right? So you could see that debug does everything kind of real time. Um, the one commander gonna want to avoid his debug. All
13:50
I know, you might be curious,
13:54
but just in case you hit it, it's gonna warn you. Um, it will
13:58
kind of freezing your brother for a minute.
14:01
The quick way to get out of it, in case you do, is either to turn it off or
14:07
type you all you space all in our window and then copy it and Hanner
14:13
copy Paste on her. Um,
14:16
you all actually stands for under bug. All
14:20
like that.
14:22
So if you just copy that from a north thing and then just enter
14:28
turn it off. It will take a second to respond to it. You'll sit there and keep typing, and you wonder why it's not responding. It had takes a second to roll through all the commands, cause it'll be backlogged.
14:41
A quick post assessment here. What is the privilege level of the enable mode or the privileged exact mode?
14:48
Give you just a few seconds.
14:52
All right. Hopefully you got 15. Remember the Teen Able Motives 15 or privilege? Exact. And the user mode is one.
15:01
And in except sold. We're gonna go a little bit over the Cisco Iowa software management's.
15:05
And, of course, if you guys have questions or you need help, go and feel free to shoot the message. Otherwise, thank you for Washington's course,
15:13
and I look forward to teaching the rest of it. Thank you.

Up Next

CCNA ICND1

This course will enable students to understand virtualization and cloud services, and network programmability related to LAN, access and core segments.

Instructed By

Instructor Profile Image
Trenton Darrow
Network Engineer at NCI Information Systems, Inc
Instructor