Cisco Cisco Traffic Anomaly Detector XT 5600A Information Guide

Introduction
 Prerequisites
      Requirements
      Conventions
 Step−by−Step Procedure
 Related Information

This document describes the procedure for recovering the password of the root user in a Cisco Guard or a
Cisco Traffic Anomaly Detector Distributed Denial of Service (DDoS) mitigation appliance. This password is
used to control root access to a Cisco Guard or Cisco Traffic Anomaly Detector system. The root password is
encrypted and can only be replaced by a new password using the procedure below.

There are no specific requirements for this document.

For more information on document conventions, refer to Cisco Technical Tips Conventions.

Complete these steps.

Attach a keyboard and a monitor to the Cisco Guard or Cisco Traffic Anomaly Detector (this
procedure cannot be performed through a serial or a network connection.)

1. 

Login and type reboot.

2. 

While the box is powering up, keep the shift key pressed. This will get you a "Lilo boot:" prompt.

3. 

Press TAB to see available images.

Note: 3.0.8 has a 'Cisco' image, while older images have 'Riverhead'.

4. 

Type Cisco 1 to get a single user image loaded (or Riverhead 1 in older systems). This will boot the
system in single user mode.

5. 

During the boot process you will be asked for a password. Enter the fixed password dud&ndud. This
will give you a root shell.

6. 

Now you can run the passwd command to change root's password. You will be asked to confirm the
password you have chosen, for example:

[root@DETECTOR root]# passwd

    Changing password for user root.

7.