سلام مجدد
بالاخره بعد از 2 روز تونستم کابل کنسول گیر بیارم و باهاش به روتر تلنت کنم
نتایج بدین شرح میباشد
واسه امنیت بیشتر بعضی اعداد رو تغییر دادم
(اگه درست نشه ممکنه اخراج بشم...)
This is the NTTacPlus security server.
Username:
Password:
Authentication Successful.
IAUKhash-Ro535>en
Enable password:
Authentication Successful.
IAUKhash-Ro535#sh run
Building configuration...
Current configuration : 5115 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname IAUKhash-Ro535
!
boot-start-marker
no boot startup-test
boot-end-marker
!
!
!
!
resource-pool disable
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication ppp default if-needed group tacacs+ local
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa authorization network default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
aaa session-id common
!
resource policy
!
spe default-firmware spe-firmware-1
ip rcmd rsh-enable
ip rcmd remote-host SYSTEM 78.38.110.195 SYSTEM enable
!
!
ip cef
ip name-server 70.38.156.565
ip name-server 217.218.127.104
ip name-server 4.2.2.4
!
!
isdn switch-type primary-net5
isdn voice-call-failure 0
!
!
!
!
!
!
!
!
!
!
!
!
!
username admin privilege 15 password 7 09415C5948514145
!
!
controller E1 3/0
framing NO-CRC4
pri-group timeslots 1-31
!
controller E1 3/1
shutdown
framing NO-CRC4
!
!
interface GigabitEthernet0/0
ip address 5 255.255.255.192
duplex auto
speed auto
negotiation auto
!
interface GigabitEthernet0/1
ip address 192.168.80.45 255.255.255.252
duplex auto
speed auto
negotiation auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
no dce-terminal-timing-enable
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
no dce-terminal-timing-enable
!
interface Serial3/0:15
ip unnumbered GigabitEthernet0/0
encapsulation ppp
isdn switch-type primary-net5
isdn incoming-voice modem 56
isdn guard-timer 3000
no peer default ip address
no keepalive
no fair-queue
ppp authentication pap
!
interface Group-Async0
no ip address
encapsulation slip
no group-range
!
interface Group-Async1
ip unnumbered GigabitEthernet0/0
encapsulation ppp
ip tcp header-compression
async mode dedicated
peer default ip address pool Group-Pool-1
keepalive 15 3
ppp authentication pap
group-range 1/00 1/29
!
interface Group-Async2
no ip address
encapsulation slip
shutdown
group-range 1/30 1/59
!
router rip
version 2
passive-interface GigabitEthernet0/1
network 78.0.0.0
no auto-summary
!
ip local pool Group-Pool-1 70.38.156.225 70.38.156.254!
ip route 0.0.0.0 0.0.0.0 192.168.80.46
no ip http server
!
!
access-list 110 deny udp any any eq netbios-ns
access-list 110 deny udp any any eq netbios-dgm
access-list 110 deny tcp any any eq 135
access-list 110 deny udp any any eq 135
access-list 110 deny tcp any any eq 137
access-list 110 deny tcp any any eq 139
access-list 110 deny udp any any eq netbios-ss
access-list 110 deny tcp any any eq 445
access-list 110 deny udp any any eq 445
access-list 110 deny tcp any any eq 1434
access-list 110 deny udp any any eq 1434
access-list 110 deny tcp any any eq 31789
access-list 110 deny tcp any any eq 31790
access-list 110 deny tcp any any range 666 765
access-list 110 deny udp any any range 666 765
access-list 110 deny tcp any any eq 1234
access-list 110 deny tcp any any eq 16959
access-list 110 deny tcp any any eq 27374
access-list 110 deny tcp any any eq 6711
access-list 110 deny tcp any any eq 6712
access-list 110 deny tcp any any eq 6776
access-list 110 deny tcp any any eq 4444
access-list 110 deny tcp any any eq 3333
access-list 110 deny tcp any any eq 593
access-list 110 deny udp any any eq tftp
access-list 110 deny tcp any any eq 4662
access-list 110 deny udp any any eq 4672
access-list 110 deny tcp any any range 6881 6999
access-list 110 deny tcp any any eq 1214
access-list 110 deny ip 10.0.0.0 0.255.255.255 any
access-list 110 deny ip 127.0.0.0 0.255.255.255 any
access-list 110 deny ip any 10.0.0.0 0.255.255.255
access-list 110 deny ip any 127.0.0.0 0.255.255.255
access-list 110 deny ip 172.16.0.0 0.15.255.255 any
access-list 110 deny ip 192.168.0.0 0.0.255.255 any
access-list 110 deny ip any 172.16.0.0 0.15.255.255
access-list 110 deny ip any 192.168.0.0 0.0.255.255
access-list 110 permit icmp 70.38.156.562 0.0.0.63 any
access-list 110 permit ip 70.38.156.562 0.0.0.63 any
snmp-server community khash1381 RW
snmp-server enable traps tty
!
tacacs-server host 70.38.156.565
tacacs-server timeout 20
tacacs-server directed-request
!
!
control-plane
!
!
!
voice-port 3/0
!
!
!
!
ss7 mtp2-variant Bellcore 0
ss7 mtp2-variant Bellcore 1
ss7 mtp2-variant Bellcore 2
ss7 mtp2-variant Bellcore 3
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password 7 11584B56
line 1/00 1/59
no flush-at-activation
no modem callout
modem Dialin
modem autoconfigure discovery
transport input all
autoselect during-login
autoselect ppp
!
scheduler allocate 10000 400
end