Penetration Testing mailing list archives

Re: Nokia IP 330 Firewall Appliance

From: "Mike Brentlinger" <mdbrentlinger () hotmail com>
Date: Tue, 14 May 2002 09:07:48 -0400

Resolution 692
How do I change the admin password when it is lost or unknown?

IPSO (Operating system),   System Configuration
for version: 3.0  And Later

last update: 03/27/2000 11:03:23
This resolution describes how to delete the admin password.

If you are running IPSO version 3.1.3 or earlier on an IP650 or on an IP330,please contact support and ask about Internal Resolution 1961 - How toremove config and password if /etc/overpw fails.

SOLUTION

You must have local serial console access to the unit to perform thisprocedure. Keyboard and monitor directly connected to the machine will notdisplay the "boot:" line, which means you will not be able to perform thisprocedure.

1) Boot up in single user mode: To do this reboot or power cycle themachine, When you see the line " boot: " you must enter "-s" before it goesinto multiuser mode. (you have about 10 seconds)


* on a ip330 or ip650 you need to type boot -s at the BOOTMGR prompt*
BOOTMGR[0]> boot wd0 /image/current/kernel -s

2) After it boots, it will ask you "Enter pathname of shell or RETURN forsh:", press Enter key.

3) Type "/etc/overpw" in the # prompt. It will ask if you want continue,type "y".

In IPSO 3.1.3 systems and earlier, it will ask you to put a floppy disk intothe floppy drive to make sure you have physical access to the box. Put afloppy disk into the floppy drive and press Enter key. IPSO 3.1.4 and laterdoes not ask this question.

4) The admin password defaults to no password for admin. Continue to boot tomultiuser mode.

5) Re-config the passwd as usual, in Voyager.

----Original Message Follows----
From: <pentest.nospam13 () web-cities net>
To: <pen-test () securityfocus com>
Subject: Nokia IP 330 Firewall Appliance
Date: Mon, 13 May 2002 13:44:12 -0700

Anyone know how to change root password on an IP330?  I was able to social
engineer my
way to Admin (thanks nokia support).  I still need to get root password to
reconfigure the box.
I do not have access to the nokia website ;(   but I do have physical access
to the box.

Anyhelp would be appreciated.. this is a non-profit group and I am doing
a freebie for them and really don't have any more time to keep messing with
it.

Regards,
Dr Bado.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

_________________________________________________________________

Join the worlds largest e-mail service with MSN Hotmail.http://www.hotmail.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Re: Nokia IP 330 Firewall Appliance Mike Brentlinger (May 14)
- <Possible follow-ups>
- RE: Nokia IP 330 Firewall Appliance Paige, Randall (May 15)