Forwarded by: Berislav Kucan <berislavat_private> http://www.net-security.org/mirror/cisco675-cr/ (Our reader contributed this - I didn't pasted the hole paper as it is long with some html formatting and colours being used) How to fix your hosed Cisco 675 Router Especially after attack by Code Red Virus Or if you accidentally erased the operating system (CBOS) Disclaimer: I am a private user of the Cisco Router and the Qwest DSL & ISP service. I am not affiliated in any way with Qwest or Cisco. I am providing this How-To page as a service to other Cisco 675 owners who are down to their last chance to save their routers. PLEASE NOTE: The procedure of erasing and reinstalling the CBOS is risky, and if done improperly, could permanently lock up your Cisco as badly as any worm. First try more moderate attempts, like powering off your Cisco for a minute and powering back on, then rebooting your PC. Failing that, follow only steps A.3, A.4, and all of E through G in this How-to procedure (using your exec and enable passwords, if any). If that still doesn't work, or if your router won't even let you try, and your DSL service people can't help either, follow these directions carefully, and: ATTEMPT THIS FIX ONLY AS A LAST-DITCH ALTERNATIVE TO INCINERATING YOUR CISCO ROUTER. Having said that, I'll add that it worked like a charm for me! Some DSL providers are advising customers with severely infected Cisco 675 routers to throw them away and buy new ones, all because the infected routers will not respond to simple treatment like rebooting or reconfiguring. This is a bit like giving up all hope just because a couple of aspirin will not cure a brain tumor. However, for the Cisco router, an alternative treatment exists: erase the router's entire corrupt CBOS (Cisco Broadband Operating System), and replace it with a more robust version of CBOS. Like a brain surgery, this treatment for rescuing a Cisco 675 router wth Code Red infection carries some risk, but it is an appealing alternative to giving up and throwing out the router, particularly because the odds of successful "recovery" are excellent if the instructions are followed precisely. Since I had nothing to lose, I performed the CBOS erasure and reinstallation procedure after being told by my Internet Service Provider that I would need to purchase a new router, as mine was “permanently” damaged by the Code Red Worm. It worked, and now I am sharing my experience with other Cisco 675 users. The step-by-step procedure listed below was assembled from bits and pieces that I put together from a number of sources (acknowledged below), including old Cisco Hyperterminal sessions I had saved on my PC. I posted this “How-To” for your benefit, because I found no single source that had complete instructions for downloading the CBOS image, entering Cisco Debug, programming the CBOS in, and configuring the NVRAM properly all in one place. I hope it helps you. [...] Berislav Kucan Help Net Security - http://www.net-security.org IP-Solutions - http://www.ip-solutions.dk E-mail: bkucan@net-security.org Phone: +385 91 513 9159 - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 07:57:59 PDT