Guest

Cisco Traffic Anomaly Detectors

Cisco Guard and Traffic Anomaly Detector Password Recovery

Cisco - Password Recovery Procedure for the Cisco Guard and Traffic Anomaly Detector Password Recovery

Document ID: 63544

Updated: Jan 09, 2006

   Print

Introduction

This document describes the procedure for recovering the password of the root user in a Cisco Guard or a Cisco Traffic Anomaly Detector Distributed Denial of Service (DDoS) mitigation appliance. This password is used to control root access to a Cisco Guard or Cisco Traffic Anomaly Detector system. The root password is encrypted and can only be replaced by a new password using the procedure below.

Prerequisites

Requirements

There are no specific requirements for this document.

Conventions

For more information on document conventions, refer to Cisco Technical Tips Conventions.

Step-by-Step Procedure

Complete these steps.

  1. Attach a keyboard and a monitor to the Cisco Guard or Cisco Traffic Anomaly Detector (this procedure cannot be performed through a serial or a network connection.)

  2. Login and type reboot.

  3. While the box is powering up, keep the shift key pressed. This will get you a "Lilo boot:" prompt.

  4. Press TAB to see available images.

    Note: 3.0.8 has a 'Cisco' image, while older images have 'Riverhead'.

  5. Type Cisco 1 to get a single user image loaded (or Riverhead 1 in older systems). This will boot the system in single user mode.

  6. During the boot process you will be asked for a password. Enter the fixed password dud&ndud. This will give you a root shell.

  7. Now you can run the passwd command to change root's password. You will be asked to confirm the password you have chosen, for example:

    [root@DETECTOR root]# passwd
        Changing password for user root.
        New password: <new password typed in here>
        Retype new password: <new password typed in here>
        passwd: all authentication tokens updated successfully.
    
  8. After you have changed the password, execute the reboot command to restart the system. Do not interrupt the boot process so that the system enters its normal operation mode.

Related Information

Updated: Jan 09, 2006
Document ID: 63544