Cisco CCNA

Preface

The article describe how to get the Cisco IDS/IPS Software Release 5 running inside VMWare software . After successful installtion, the VM will emulate a

IDS-4215platform with 3 GigabitEthernet interfaces Wink,so I developed this Howto by using VMWare Workstation for Linux, I test this in VMWare 6.0 version

for Windows.

Configuration environment

- VMWare Workstation, the version 6.0, running on a debian etch host system
I never tested with a Windows host system.

- Cisco IPS recovery CD image, Use IPS-K9-cd-1.1-a-5.1-4.iso This file can be downloaded from CCO.

- modified VMWare BIOS (CISCO_IDS4215_440.BIOS.ROM) This file should be in the archive from where you extracted this Howto

- some basic UNIX skills for working with a shell and using vi,

- knowledge of the english keyboard layout Wink

Techincal Desciption

Why I use Cisco Software VMare Software ,beacuse  that  I’m not skilled enough to produce anything useful with the BIOS that can be  downloaded from CCO Wink, so I investigated in how to get VMWare to provide
anything the IPS software wants to hear. I still would prefer to have the native BIOS running, but this is a start for all the desperate souls that need a

working IPS for study/LAB preparation.  It seems that with IDS/IPS software release 5, Cisco Simulator implemented a more strict  hardware identification checks, making it impossible to load the code on 4.x

custom-build systems or in VMWare.  I concentrated myself on the 4215 platform, because it seems that it does not have any special ROM/PROM chips built in.

Basically, IPSv5 is based on Redhat Linux, so it is able to run inside VMWare. The recovery CD boots and reimages fine, as long as the virtual harddisks are
large enough (256M for hda, 4GB for hdb).

hda is the flash in the appliance and holds the complete OS and the  configuration. hdb is a real harddisk and is for “var” storage (event store
etc.). The reimage fails when you have disks that are too small (fdisk will complain about wrong boundaries/size).

With a fresh system, you can boot into runlevel 1, mount the remaining filesystems and inspect what the system will do at regular startups.

The procedure collection file /etc/init.d/ids_functions will determine the platform type during bootup. Because the 4215 doesnt have a special chip, the
routine makes selections based on the CPU speed and processor count. You can trick the routine by entering the CPU speed reported by linux.

But this is not enough. At some point, a program called smbios_bios_info is called, reading information from the BIOS. Also, the binary mainApp will do this
again later, so we have to find a way how to tell the systems what it wants to hear. Luckily, on the 4215 only DMI strings are checked.

VMWare allows to extract the required portion of the BIOS, and with a resource editor you can modify the DMI strings to match the values the software checks.
By telling VMWare to load this modified BIOS, the IPS software is satisfied and identifies the VM as a 4215 sensor.

Change  all the DMI strings to read as Vendor “Cisco Systems”, Platform “IDS-4215″, Chassis/Asset Tag “12345678901″.

Now that the sensor boots and the CLI is useable, network connectivity must work. VMWare and the IPS linux both support Intel e1000 cards, so this looks

promisingThe physical interface configuration layout of all the appliances are defined in /usr/cids/idsRoot/etc/interface.conf. By replacing the pci device-id values with
the one provided by VMWare (see /proc/pci), the sensor recognized the VMWare virtual ethernet cards.

By modifying this file you are able to use interface types a platform normally will not support (Gigabit cards in the 4215).

With this VM I was able to use IDM from a windoze system, create own signatures  and put a sensing interface between two dynamips instances (aletring each
time it sees EIGRP packets). This should be proof enough!

Well, this are nearly all the information I collected during 8-12 hours of  experimenting in a few sentences. However, there are still some quirks and areas
I dont understand well, for example, the problems caused by the absence of the  file /usr/share/zoneinfo/cidsZoneInfo.

I hope you can get Cisoc CCNA Certification.

• Where Download Cisco CCNA 640-802 Answer
• How can you pass cisco ccna 642-812 exam at first try
• Free Download Cisco CCNA Router Simulator v2.0
• How to use Cisco CCNA Exam Router Simulator?
• How To Pass Your Cisco CCNA Exam
• Cisco CCNA 640-802 Test Answer
• Cisco Course Catalog - CCNA Discovery
• How to use Cisco 7200 Simulator
• Cisco in April launched a new certification CCNA Security
• Cisco in April launched a new certification CCNASecurity