How To Discover CISCO Switches Without SNMP?

  • Thread starter Thread starter Scott H.
  • Start date Start date
S

Scott H.

I have several Cisco devices on a network. None have snmp and some of the
switches don't even have an IP. Is there a utility that I can use to find
the names of and connect to these switches over the lan? There is a
Catalyst 5000, several 2900 series with fiber modules and even an ancient
CiscoPRO 1400. They are all on the same subnet and I'm trying to diagram
the network topology.

Is there a way to do this w/out enabling snmp or directly connecting to
them? The owners of these devices have no clue as to passwords and want me
to figure out the connections. We have an 'orphaned' switch that is active
with cabling, but nobody has a clue what is connected to it. Its active but
'invisible'. I have physical access to all devices but don't want to modify
their configurations. I've used every piece of software out there to try to
find these switch names. They want me to help them get a handle on this but
I'm a bit stumped and don't want to reconfigure anything at this time. Is
there a Cisco utility that can help me? Does anyone have suggestions on how
I can obtain the info and map this net?

Thanks!

Scott
 
"Scott H." <monibaggerATyahoo.com> wrote in message
:I have several Cisco devices on a network. None have snmp and some of the
: switches don't even have an IP. Is there a utility that I can use to find
: the names of and connect to these switches over the lan? There is a
: Catalyst 5000, several 2900 series with fiber modules and even an ancient
: CiscoPRO 1400. They are all on the same subnet and I'm trying to diagram
: the network topology.
:
: Is there a way to do this w/out enabling snmp or directly connecting to
: them? The owners of these devices have no clue as to passwords and want
me
: to figure out the connections. We have an 'orphaned' switch that is
active
: with cabling, but nobody has a clue what is connected to it. Its active
but
: 'invisible'. I have physical access to all devices but don't want to
modify
: their configurations. I've used every piece of software out there to try
to
: find these switch names. They want me to help them get a handle on this
but
: I'm a bit stumped and don't want to reconfigure anything at this time. Is
: there a Cisco utility that can help me? Does anyone have suggestions on
how
: I can obtain the info and map this net?

How long has it been since they've been updated? Sounds like they never
are. What do you want to be the web server is enabled and they're
completely exposed? On a contract last year I found over half of the
routers/switches had not been updated, but the excuses for them were, and
were vulnerable to this type of attack. Actually, its not even an attack.
It's wide open.
http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html#affected

I see at least 4 other options:
1. http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/cisnm.htm
2. http://www.cisco.com/en/US/support/index.html
3. Walk the network.
4. Hire a consultant.

If you have physical access and the device is running IOS, then you can
reset the password. Don't forget to shoot the admin who set this up who
never documented anything.

Here's just one:
http://www.cisco.com/warp/public/474/pswdrec_1700.shtml

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
 
I am the consultant! :>) They've had 3 admins and each snowballed it until
they left. I've got a 12 year background in I.T. but am not csco certified.
This has driven me to drink and get certified. I've seen some messes, and
this definitely takes the cake. In this net, 100% of the switches have not
ever been updated. There are managed and unmanaged switches, some active
and some powered down with cables attached, wide open wireless access points
which I 'encouraged' to have removed today, patch panels have 10s of cables
that have just been cut and left hanging and both of the 5000s have power
supply fan failures.

After some console visits, I found that the two Catalyst 5Ks have 1997
software and the other switches are 1998/99. Not a one even had a password.
A few packet sniffs, crawling, downing links, and a lansurveyor discovery
shed a lot of light on things. I assigned IPs so I could see the switches
with a discovery scan and then they'll be updated and secured. Thanks for
your help.

Scott
 
in message :I am the consultant! :>) They've had 3 admins and each snowballed it
until
: they left. I've got a 12 year background in I.T. but am not csco
certified.
: This has driven me to drink and get certified. I've seen some messes,
and
: this definitely takes the cake. In this net, 100% of the switches have
not
: ever been updated. There are managed and unmanaged switches, some active
: and some powered down with cables attached, wide open wireless access
points
: which I 'encouraged' to have removed today, patch panels have 10s of
cables
: that have just been cut and left hanging and both of the 5000s have power
: supply fan failures.
:
: After some console visits, I found that the two Catalyst 5Ks have 1997
: software and the other switches are 1998/99. Not a one even had a
password.
: A few packet sniffs, crawling, downing links, and a lansurveyor discovery
: shed a lot of light on things. I assigned IPs so I could see the switches
: with a discovery scan and then they'll be updated and secured. Thanks for
: your help.

You made milk go through my nose! (O:=
That is a mess. I've seen bad but I'm not sure I've seen that bad. The
packet sniffer will definitely help but CDP, if running, will help find some
of these and the HTTP, if enabled, will get you in without effort. I would
suggest to them that they get support from Cisco so they can get updates, if
updates are available, and Cisco might even be willing to buy some old
equipment as part of an upgrade. It will also get you answers to all the
questions you have. Most of these, if not all, will not even be able to
upgrade to the latest firmware. Cisco can shorten the research to find all
of these. The main limitation is memory.

You know your customer better than I do but I usually hurt them with the
truth. I give them the positive, "I can solve your issues." Then I give
them the negative, "This is what it is going to take. I need someone who
can make a decision to purchase because unless you consider upgrading
immediately, it will end up costing you more."

If you have configs, that show the password, even if it is encrypted, you
can break it to help you get in. Shout if you need help. Once you get in,
immediately change passwords. Each device gets its own.
Updating the configs is not difficult. A TFTP server is all that is
required but you do need access. If you have physical access, you can get
in. Admins who have networks like this normally use the same password for
everything. I work with an associate that every network he supports has the
same password for his account, which he puts on their network with admin
access. Some things scare the hell out of me. I know if he has ever been
to a network I'm on, I can get in. L0phtCrack would crack his password in
less than 10 seconds on a brute force.

The last thing you need is at least one more person on your side, not the
company's. This will help you keep your head straight and they can be a
buffer when you need to get things done, especially if the "next" Admin is
over your shoulder.

Good luck.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
 
Roland,

Thanks for your help, and humor! This is a 400 student private school with
a small budget. Do you know where I can get some relatively new,
inexpensive, refurbished cisco equipment? They won't be able to afford new
stuff but have budgeted for renovations this summer. I will be helping to
relocate, consolidate and update their "subnet-challenged-limping-wan-ring"
into something more efficient and I'd like to keep the cisco environment but
bring the year and bandwidth forward about tenfold! :>)

Thanks!
Scott H.
 
"Scott H." <monibaggerATyahoo.com> wrote in message
: Roland,
:
: Thanks for your help, and humor! This is a 400 student private school
with
: a small budget. Do you know where I can get some relatively new,
: inexpensive, refurbished cisco equipment? They won't be able to afford
new
: stuff but have budgeted for renovations this summer. I will be helping to
: relocate, consolidate and update their
"subnet-challenged-limping-wan-ring"
: into something more efficient and I'd like to keep the cisco environment
but
: bring the year and bandwidth forward about tenfold! :>)

Hey Scott...

Most of my posts include humor. Nice to see some recognize it.

I used to support a Catholic girl's school, K-12. Getting money out of a
nun is difficult, unless you're a stripper. (O;=
However, the city of Houston helped them out by putting a road through their
property. They got a $20m judgment and the school and the computer
department got a boost. That may not be an option unless you can figure out
how to manipulate the transportation administrator.

There are sites that offer used Cisco equipment, like:
http://www.usedrouter.com/
This site buys and sells used Cisco and other equipment. I noticed a
DSU/CSU I like, the Adtran TSU. They have it for $155. That's incredible.

I normally use eBay and bought my last router for $29. I needed something
to test with for my CCNA. The problem is, you still need updates and RAM is
generally the issue with updates.

I would still consider talking to Cisco because there may be educational
discounts, at least for the support so you can get firmware updates.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
 
Scott and Roland,

Ben Nelson at UsedRouter.Com is highly respected in our industry and
Ben's prices are terrific.

However, should you need a much larger selection of Refurbished ADTRAN
you may wish to investigate:

http://www.bradreese.com/adtran-inventory-search.htm

as well as SMARTnet® Eligible Cisco Factory Refurbished:

http://www.bradreese.com/cisco-inventory-search.htm

Furthermore, you may find the Cisco SMARTnet® Pricing Calculator
useful:

http://www.bradreese.com/cisco-smartnet.htm

Cisco Repair may be cost effective alternative for you too:

http://www.bradreese.com/cisco-big-iron-repair.htm

Sincerely,

Brad Reese
BradReese.Com Cisco Resource Center
United Kingdom: 44-20-70784294
U.S. Toll Free: 877-549-2680
International: 828-277-7272
Fax: 775-254-3558
Website: http://www.BradReese.Com/
 
Scott and Roland,

Ben Nelson at UsedRouter.Com is highly respected in our industry and
Ben's prices are terrific.

However, should you need a much larger selection of Refurbished ADTRAN
you may wish to investigate:

http://www.bradreese.com/adtran-inventory-search.htm

as well as SMARTnet® Eligible Cisco Factory Refurbished:

http://www.bradreese.com/cisco-inventory-search.htm

Furthermore, you may find the Cisco SMARTnet® Pricing Calculator
useful:

http://www.bradreese.com/cisco-smartnet.htm

Cisco Repair may be cost effective alternative for you too:

http://www.bradreese.com/cisco-big-iron-repair.htm

Thanks for the links Brad.

Roland
 
Back
Top