La cuenta de servicio es una herramienta para dar soporte y solucionar problemas que permite conectarte al sistema operativo nativo de las sondas (un Linux).
Estas cuentas no existen por defecto en los IDS y no tienen acceso directo al CLI sino que se conectan directamente a un bash shell. Unicamente se puede crear una cuenta con este role.
Veamos un ejemplo:
Una vez conectado al IDS. Entrar en el modo configure terminal:
ciscoids# configure terminal
Posteriormente se crea la cuenta de servicio:
ciscoids(config)#username alex privilege service password alex1969
ciscoids# show users all
CLI ID User Privilege
* 488 cisco administrator
alex service
operador viewer
Una vez creada vemos que se ve al conectarnos con la cuenta de servicio:
login as: alex
Password: alex1969
***NOTICE***This product contains cryptographic features and is subject to United Statesand local country laws governing import, export, transfer and use. Deliveryof Cisco cryptographic products does not imply third-party authority to import,export, distribute or use encryption. Importers, exporters, distributors andusers are responsible for compliance with U.S. and local country laws. By usingthis product you agree to comply with applicable laws and regulations. If youare unable to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email toexport@cisco.com.Press Enter to continue
************************ WARNING ************************UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED.This account is intended to be used for support andtroubleshooting purposes only. Unauthorized modificationsare not supported and will require this device to bere-imaged to guarantee proper operation.************************************
Password: alex1969
***NOTICE***This product contains cryptographic features and is subject to United Statesand local country laws governing import, export, transfer and use. Deliveryof Cisco cryptographic products does not imply third-party authority to import,export, distribute or use encryption. Importers, exporters, distributors andusers are responsible for compliance with U.S. and local country laws. By usingthis product you agree to comply with applicable laws and regulations. If youare unable to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email toexport@cisco.com.Press Enter to continue
************************ WARNING ************************UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED.This account is intended to be used for support andtroubleshooting purposes only. Unauthorized modificationsare not supported and will require this device to bere-imaged to guarantee proper operation.************************************
Ahora vamos a conectarnos como superusuario tecleando:
-bash-2.05b$ su -
Password: alex1969 (la de cuenta "alex")
Personalmente yo lo he utilizado cuando he tenido problemas actualizando el fichero de firmas. Se ha solucionado reiniciando el proceso del CIDS.
-bash-2.05b# /etc/init.d/cids stop
Shutting down CIDS:
Remove cidmodcap:
Remove cidmodcap node:
-bash-2.05b# cd /usr/cids/idsRoot/var/virtualSensor
-bash-2.05b# /etc/init.d/cids start
startChecking kernel allocated memory: [ OK ]
Load cidmodcap:Create node:
Starting CIDS:
No hay comentarios:
Publicar un comentario