Sunday, August 4, 2013

cisco image validations ( md5 )

At some given time, you will most likely upgrade a cisco  device ( router, switch, firewall,etc...)

With our cisco routers and switches, we have the ability to compute the hash value to ensure the image was not corrupt during the download from the cisco website,  and the ultimate uploading to our device.  I'm going to demonstrate  how we can check the image files.


1st

You will meed the CCO on-line or some other authoritative sources for the computed  hash known as a md5 CheckSum.

e.g ( cisco support page for a c3550 switch image that we will use  in this demo  )










In this example we upgraded a 3550-24port PoE switch earlier, and will now validate the image as it sits in the flash; " by comparing the md5 checksums to our CCO page".

Here's the switch;




Here's the internal flash contents;


 The file we will verify, is the iosimage file named c3550-ipservicesk9-mz.122-44.SE6.bin

The cli cmd for this activity  "verify"   will be used for the md5 checksum comparisons. We will use the /md5 option for computing the md5 checksum.



The last line, provides the  computed checksum value that should match the CCO  software download checksum. In this case, it does.

So we know the following;


  • The image was not corrupt
  • or tamper with 
We could also validated the image on most unix systems by using either cli cmd  "md5" or "md5sum", depending on OS type.


Notice how the computed values equals our CCO download page values?




Ken Felix
Freelance Network / Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(  @   @ )=
          o
        /     \


No comments:

Post a Comment