Ethical Hacker Community Forums

Hi,
I've never really had much oportunity to work with network equipment and I think it's about time I got my hands on a cisco router to get some IOS experience. I'd like something which offers a good range of features but doesn't cost the earth. Anyone have any recommendations for a entry level cisco router that's going to let me get to grips with IOS?

Regards,
Jimbob

Perhaps something like a Cisco 1720 would probably be ideal. Be good in a little lab environment, and should be able to get one cheap enough.

Maybe you can try an IOS emulator. It won't cost you much (many are free) and it will give you all the experience you need.

JimBob,

personally I'd agree with both suggestions so far. In terms of simulators the best of breed is Boson Netsim (http://www.boson.com/AboutNetSim.html). I ordered the CCNA version as a complement to a Cisco Bootcamp and found it really useful (plus it stopped me breaking the live environment under the laws of snafu ;) ). Only downside is that the versions can get costly depending on what functionality you are looking for.

I'm currently trying to evaluate GNS3 (http://www.gns3.net/), think I was introduced to it from a EH-net forum post but can't find the original (apologises to original poster). Looks promising, but you need to supply your own IOS images.

The hardware approach provides the most realistic (shockingly ;)) environment and allows for trying some activities that aren't available under simulators (for example hardware resets for password recovery or trying to figure out what is wrong with your MiniCom configuration). In terms of hardware the 1700 series devices are a nice, low-end place to start. Depending on your requirements and budgets I'd suggest taking a look at the Cisco 3750 (http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5023/product_data_sheet0900aecd80371991.html). As it has functionality at both layer 2 and layer 3, you can create some complicated logical setups using only one device, which can save cost and space when playing in a lab environment.

Hope this helps, let me know if you want some more pointers.
RR

Thanks for all the answers guys, I'll take a look and see what suits best  :)

Regards,
Jimbob

To get into learning some of the basics, you can setup some in-computer virtual routers.  To learn more about that, go here: http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator .  You will need to get some images for that, but it can emulate more than just the 7200, it can do some of the smaller stuff as well.  That should let you setup some different links, play around with different routing, and all of that goodness.  You should be able to play around with cdp a little, and all of the basic good stuff.  It also will let you integrate with virtual pix devices and even your physical network if you desire.  If you want to try with the real thing, check out http://www.mindtechcom.com .  They were pretty inexpensive and I did my CCNA playing on that before I took the exam.  It worked out pretty well. 

HTH

You can also find quite a variety of vmware appliances here to experiment with

http://vmware.com/appliances/ (http://vmware.com/appliances/)

I've never spotted a VMware appliance that runs IOS, is there one which provides an IOS emulator? I've not come across one so far...

Jimbob

Check out dynamips. It's a cisco hardware emulator that you put proper copies of IOS onto, much the same as you would put an OS on VMWare. Many emulators don't provide full functionality, so I find this great. I've just finished my foundation degree in network security and I found this brilliant for doing practical labs and practicing for my exams. There's a few front ends available if you google around, both command line and gui and it runs on both Windows and Linux, and is free. The only thing is you have to find yourself a copy of your preferred version of IOS, but again, a bit of googling should sort this out for you. (RoleReversal, It was me that suggested GNS for you, and no probs ;) )
Cisco also provide a free emulator called packet tracer which is ok if you prefer something like this, but for me not much can beat working with the real thing, which I've been lucky enough to do at my uni. I've found dynamips to be the next best thing for home use, as being a student I can't really afford to be shelling out for actual routers...

my bad, my search-fu wasn't up to speed at the time ;)

Very nice Rob! I haven't ever used that, but I'll definitely be checking it out.

The instructor for my CEH training used a VMWare router for our hacking lab.  I assumed it was Cisco IOS but I didn't pay that close of attention.  I'm not sure where he got it from but I will double check the lab setup and post what I find out.   ;)

It's well worth it as it's the closest you'll get to the real thing short of buying some routers, IMO. It's fairly easy to get going on Windows, but, although it can be a hassle to set up, it runs much better on Linux.

How is it load-wise if you have several of them running?

The labs I do tend to be 2 routers and a pix. My machine (2.2ghz athlon X2, 2gb ram) runs that with little lag. Throw in 2 or 3 vmware machines connected as hosts or servers and things start to chug a bit... :) Still doable though.