Lab 8.3.2 conducting a Network capture with wireshark

Diposting oleh Rika Rahayu , Label: , 1.10.2011 11.18



Lab 8.3.2 conducting a Network capture with wireshark

Step 1: install and launch Wireshark
Step 2: select an interface to  use for capturing pakets
Step 3 : Analysyze web trafict information (optional)
a.       The conection to the google server with a query to the DNS server to lookup the server IP address. The destination server IP address will most likely start with 64.x.x.x what is the source and destination of the first packet sent to the google server?
Source: 192.168.1.103
Destination: 65.24.7.3
b.      Open another browser window and go to the ARIN who is database http://www.arin.net/whois/ or use another whois lookup tool and enter thr IP address of the destination server. To what organization is this IP address assigned? 192.168.1.103
c.       What are the protocols is used to establish the connection to the web server and deliver the web page to your local host? TCP
d.      What is the color used to establish the connection to the server and deliver the web page to your local host? hijau
e.       What is the color used to highlight the traffic between your host and the google web server? gray
Step 5: filter a network capture
a.       Open a command prompt window by clicking start > all programs > run and typing cmd.
b.      Ping a host IP address on your local network and observer? ICMP
c.       When icmp is typed in the filter text box what kind of raffic is was displayed? Ketika kita menge-ping host IP address yang ada di jaringan local kita
d.      Click the filter: Expression button on the wireshark eindow. Scroll down the list and view the filter possibilities there. Are TCP, HTTP,ARP and other protocols listed? Ya ada
Step 6:reflection
a.       There are hundreads of filters listed in the filter: expression option. It may be possible that, in a large network , there would be enormounts and many different types of traffic. Which three filters in the long list do you think might be most useful to a network administrator
b.      Is wreshark a tool for out of band or in band network monitoring
Explain your answare

0 Comments

Lab 4.5.4 Terminating UTP

Diposting oleh Rika Rahayu , Label: , 11.17



Objectives
• Use a punch down tool to terminate an RJ-45 wall jack.
• Install an RJ-45 jack in a wall plate.
• Use a punch down tool to terminate a UTP cable at a patch panel.
Background / Preparation
In this lab you will wire an RJ-45 data jack for installation in a wall plate using a punch-down tool. This is done frequently when installing cabling in an office environment. The punch tool is also used to terminate the other end of the cable at a patch panel punch-down block. The punch tool uses spring-loaded action to push wires between metal pins, while at the same time skinning the sheath away from the wire. This ensures that the wire makes a good electrical connection with the pins inside the jack. The punch tool also cuts off any extra wire.
A Category 5/5e straight-through patch cable with an RJ-45 connector normally plugs into a data jack or outlet to connect a PC to the network. It is important to use Category 5 or 5e rated jacks and patch panels with Category 5 or 5e cabling in order to support Fast Ethernet (100 Mbps) and Gigabit Ethernet (1000 Mbps). The process of punching down wires into a data jack in an office area is the same as punching them down at a patch panel in a wiring closet. This lab can be performed individually, in pairs, or in groups. The following resources are required:
• 60-90 cm (2-3 feet) length of cable, either Category 5 or 5e.
• RJ-45 data jack—If RJ-45 data jacks are installed on both ends of the cable, two jacks will be  and the installation can be tested by inserting cable with RJ-45 connectors and a simple cable continuity tester. More jacks may also be needed if errors are made.
• Category 5/5e wall plate.
• Patch panel.
• Punch tool, type 110.
• UTP cable stripper.
• Wire cutters.
• Two known good straight-through patch cables for testing (optional).
Step 1: Strip the sheath
a. Remove the cable sheath 2.54 cm (1 inch) from the end of the cable.
Step 2: Position wires in data jack
a. Position wires in the proper channels on the RJ-45 jack maintaining the twists as close to the jack as possible. The diagram that follows shows an example of how to place the wires with one type of jack.
b. Most jacks have the channels color-coded to indicate where the wires go. The following photo of the jack shows one model. Jacks are typically stamped to indicate whether they are T568A or T568B
Step 3: Punch down the data jack
a. Use the punch tool to push conductors into the channels. Make sure to position the cutting side of the punch tool so that it faces the outside of the jack. If this is not done, it will cut the wire being punched. Try tilting the handle of the punch tool a little to the outside, so it will cut better.
b. If any wire remains attached after using the punch tool, simply twist the ends gently to remove them. Then place the clips on the jack, and tighten them. Make sure that no more than 1.27 cm (one half inch) of untwisted wire is between the end of the cable jacket and the channels on the jack.
Step 4. Attach the faceplate.
  1. Snap the jack into the faceplate by pushing it from the back side. Make sure when this is done, that the jack is right-side up so the clip faces down when the wall plate is mounted.
  2. Use the screws to attach the faceplate to either the box or to the bracket. If there is a surfacemounted box, keep in mind that it might hold 30-60 cm (1-2 feet) of excess cable. Then it will be necessary to either slide the cable through the tie-wraps, or pull back the raceway that covers it, in order to push the excess cable back into the wall. If there is a flush-mounted jack, all that is needed is to push the excess cable back into the wall.
Step 5: Punch down the patch panel
  1. On the opposite end of the cabling, remove the jacket 2.54 cm (1 inch) from the cable.
  2. Lay the wires down in the patch panel so that the colors of the wires correspond exactly to the colors indicated on the pin locations in the same manner as the data jack was punched down.
  3. Keep the sheath within .64 cm (¼ inch) of where the wires begin branching out to their pin locations.
  4. Do not untwist the wires more than necessary to lay them down at the pin locations. A good way to keep from untwisting too much is to hold down the wires next to the patch panel with one finger while using the other hand to pull apart each end as you lay it across the connector.
  1. The following figure shows a large punch down patch panel with carefully routed cabling.
Step 6: Test the data jack and patch panel terminations with a basic cable tester (optional)
  1. Obtain two straight-through Ethernet patch cables and verify they both function properly using a simple cable tester.
  2. Connect one end of one of the straight-through Ethernet patch cables to the data jack outlet and one end of the other straight-through cable to the jack at the patch panel.
  3. Insert the opposite ends of the two cables into a simple cable tester and check for continuity from end to end through both patch cables, the data jack, and the patch panel. Did the cable run test good from end to end? Jawaban: yes. Yes. If not, try to analyze where the problem is and repeat  the connections if possible with another wall jack and patch panel port
Step 7: Reflection (optional)
  1. Take a tour of a wiring closet that contains patch panels and punch-down blocks. Was there any other type of devices that might use similar techniques to attach wires? What do you think attaches to these cables? Jawaban: wifi card, modem dll. Ternyata koneksi dengan menggunakan kabel memiliki speed yang lebih cepat dari pada menggunakan wifi.
  1. What do you think are some of the drawbacks and advantages of having a job installing network cabling? Jawaban: dengan teknik pengkabelan kita dapat merasakan keuntungan: speednya lebih cepat dari pada wifi, sedangkan kekurangannya: sulit untuk pemasangan kabel untuk area gedung yang luas dan banyak memakan biaya.

1 Comment

CCNA 4 Lab 1.3.4Creating an ACL

Diposting oleh Rika Rahayu , Label: , 11.17



Step 1: Analyze the traffic filtering requirements
  1. Determine the access and filtering requirements.
For this lab:
  1. PC1 is a network administrator’s workstation. This host must be permitted FTP and HTTP access to the network server, and telnet access to the router FC-CPE-1.
  2. PC2 is a general workstation that is to have HTTP access only. FTP services and Telnet access to the router is not permitted.
  1. Having determined specific requirements, decide if all other traffic is to be allowed or denied. List the benefits and potential problems to the following filtering scenarios:
Step 2: Design and create the ACL
  1. Review, and then apply, ACL recommended practice.
  • • Always plan thoroughly before implementation.
  • • The sequence of the statements is important. Put the more specific statements at the beginning and the more general statements at the end.
  • • Statements are added to the end of the ACL as they are written.
  • • Create and edit ACLs with a text editor and save the file.
  • • Use Named ACLs wherever possible.
  • • Use comments (remark option) within the ACL to document the purpose of the statements.
  • • To take effect, ACLs must be applied to an interface.
  • • An interface can have one ACL per Network Layer protocol, per direction.
  • • Although there is an implicit deny any statement at the end of every ACL, it is good practice to
configure this explicitly. This ensures that you remember that the effect is in place and allows
logging of matches to this statement to be used.
  • • ACLs with many statements take longer to process, which may affect router performance.
  • • Placement of ACLs:
o Standard: closest to destination (if have administrative authority on that router)
o Extended: closest to source (if have administrative authority on that router)
  1. Consider the two approaches to writing ACLs:
  • • Permit specific traffic first and then deny general traffic.
  • • Deny specific traffic first and then permit general traffic.
  1. Select one approach and write the ACL statements that will meet the requirements of this lab.
Step 3: Cable and configure the given network
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
  1. Referring to the topology diagram, connect the console (or rollover) cable to the console port on the router and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and router.
  2. Connect and configure the devices in accordance with the given topology and configuration. Your instructor may substitute Discovery Server with an equivalent server for this lab.
  3. Establish a HyperTerminal, or other terminal emulation program, from PC1 to Router R1.
  4. From the global configuration mode issue the following commands:
Router(config)#hostname FC-CPE-1
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip address 10.0.0.1 255.255.255.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#interface FastEthernet0/1
FC-CPE-1(config-if)#ip address 172.17.0.1 255.255.0.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#end
  1. Ping between PC1 and Discovery Server to confirm network connectivity. Troubleshoot and establish connectivity if the pings fail.
Step 4: Test the network services without ACLs Perform the following tests on PC1:
  1. Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar. What web page was displayed? Discovery Server Home Page
  2. Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar. What web page was displayed? Discovery FTP Home Directory
  3. On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop. Did the file copy successfully?
  4. From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display?

Step 5: Configure the network services ACL
From the global configuration mode issue the following commands:
  1. Allow PC1 to access the web server and telnet to the router.
  2. Allow PC2 to access the web server.
FC-CPE-1(config-ext-nacl)#remark Allow PC2 to access web server
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.201 host 172.17.1.1 eq
www log
  1. Allow PC1 telnet access to router
FC-CPE-1(config-ext-nacl)#remark Allow PC1 to telnet router
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.10 host 10.0.0.1 eq telnet log
  1. Deny all other traffic.
FC-CPE-1(config-ext-nacl)#remark Deny all other traffic
FC-CPE-1(config-ext-nacl)#deny ip any any log
FC-CPE-1(config-ext-nacl)#exit
Step 6: Apply the ACLs
  1. Apply the Extended ACL to the router interface closest to the source.
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip access-group Server-Access in
FC-CPE-1(config-if)#end
  1. From the Privileged EXEC mode, issue the show running-configuration command and confirm that the ACLs have been configured and applied as required. Reconfigure if errors are noted.
Step 7: Test the network services with ACLs
Perform the following tests on PC1:
  1. Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar.
  2. Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar.
  3. On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop.
Did the file copy successfully? _________
Why is this the outcome?
  1. From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display? Why is this the outcome?
  2. Exit the Telnet session.

Perform the following tests on PC2:
  1. Open a web browser on PC2 and enter the URL http://172.17.1.1 at the address bar.
  2. Open a web browser on PC2 and enter the URL ftp://172.17.1.1 at the address bar.
  3. From the PC2 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. If any of these transactions did not result in the expected outcome, troubleshoot the network and configurations and retest the ACLs from each host.
Step 8: Observe the number of statement matches
  1. From the Privileged EXEC mode, issue the command:
FC-CPE-1#show access-list Server-Access
List the number of matches logged against each ACL statement.
Step 9: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
Rewrite the Server-Access ACL used in this lab so that:
1) Administrator workstations are considered to be in the address range of 10.0.0.10 /24 to
10.0.0.15 /24 instead of a single host; and,
2) The general workstations have the address range of 10.0.0.16 /24 to 10.0.0.254 /24 instead of
being a single host.

0 Comments

CCNA 4 Lab 1.4.6 AGaining Physical Acces to the Network

Diposting oleh Rika Rahayu , Label: , 11.16



Task 1: Access and Change the Router Passwords
Step 1: Attempt login to the router
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
  1. Referring to the Topology 1, connect the host PC NIC Ethernet port to the router Fa0/0 Ethernet port using a crossover cable. Ensure that power has been applied to both the host computer and router.
  2. Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
  3. When this attempt at remote login fails, establish a direct physical connection to the router by making the necessary console connections between the PC and router. Then establish a terminal session using HyperTerminal or TeraTerm. What does the message-of-the-day display? Jawaban:  ONLY AUTHORIZED ACCESS TO THIS DEVICE PERMITTED Unauthorized access will be penalized in accordance with the relevant laws
Attempt to log in by guessing the password.
How many login attempts are allowed? __________ 3
What message is displayed to indicate failure of the log-in attempts? Jawaban: % Bad passwords
The configuration register needs to be changed so that the startup-configuration is not loaded. Normally, this is this done from the global configuration mode, but because you cannot log in at all, the boot process must first be interrupted so that the change can be made in the ROM Monitor mode.
Step 2: Enter the ROM Monitor mode
ROM Monitor mode (ROMMON) is a limited command-line environment used for special purposes, such as low-level troubleshooting and debugging. ROMMON mode is invoked when a Break key sequence sent to the console port interrupts the router boot process. This can only be done via the physical console connection.
The actual Break key sequence depends on the terminal program used:
  • • With HyperTerminal, the key combination is Ctrl+Break.
  • • For TeraTerm, it is Alt+b.
The list of standard break key sequences is available athttp://www.cisco.com/warp/public/701/61.pdf
  1. To enter ROM Monitor mode, turn the router off, wait a few seconds, and turn it back on.
  2. When the router starts displaying “System Bootstrap, Version …” on the terminal screen, press the Ctrl key and the Break key together if using HyperTerminal, or the Alt key and thekey together if using TeraTerm.
The router will boot in ROM monitor mode. Depending on the router hardware, one of several prompts such as “rommon 1 >” or simply “>” may show.
Step 3: Examine the ROM Monitor mode help
Enter at the prompt. The output should be similar to this:
rommon 1 > ?
alias set and display aliases command
boot boot up an external process
break set/show/clear the breakpoint
confreg configuration register utility
context display the context of a loaded image
dev list the device table
dir list files in file system
dis display instruction stream
help monitor builtin command help
history monitor command history
meminfo main memory information
repeat repeat a monitor command
reset system reset
set display the monitor variables
sysret print out info from last system return
tftpdnld tftp image download
xmodem x/ymodem image download
Step 4: Change the configuration register setting to boot without loading configuration file
From the ROM Monitor mode, enter confreg 0×2142 to change the config-register. rommon 2 >confreg 0×2142
NOTE: The ROMMON prompt increments when a command is issued – this is normal behavior. The increment does not mean a change of mode. The same ROMMON commands are still available. “0x” (zero- x) denotes that 2142 is a hexadecimal value. What is this value in binary?
Step 5: Restart router
  1. From the ROM Monitor mode, enter reset, or power cycle the router. rommon 3 > reset
Due to the new configuration register setting, the router will not load the configuration file. After restarting, the system prompts:
“Would you like to enter the initial configuration dialog? [yes/no]:”
  1. Enter no and press Enter.
Step 6: Enter Privileged EXEC mode and view and change passwords
The router is now running without a loaded configuration file.
  1. At the user mode prompt Router>, enter enable and press Enter to go to the privileged mode without a password.
  2. Use the command copy startup-config running-config to restore the existing configuration. Because the user is already in privileged EXEC, no password is needed.
  3. Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable? service password encryption, enable secret somepassword
  1. If the passwords were not readable, they can be changed. Enter configure terminal to enter the global configuration mode.
  2. In global configuration mode, use these commands to change the passwords:
FC-CPE-1(config)#enable password cisco
FC-CPE-1(config)#line console 0
FC-CPE-1(config-line)#password console
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
Step 7: Change the configuration register setting to boot and load the configuration file
  1. The instructor will provide you with the original configuration register value, most likely 0×2101. While still in the global configuration mode, enter config-register 0×2101 (or the value provided by your instructor). Press Enter. FC-CPE-1(config)#config-register 0×2101
  2. Use the Ctrl+z combination to return to the privileged EXEC mode.
  3. Use the copy running-config startup-config command to save the new configuration.
  4. Before restarting the router, verify the new configuration setting. From the privileged EXEC prompt, enter the show version command and press Enter.
  5. Verify that the last line of the output reads: Configuration register is 0×2142 (will be 0×2101 at next reload).
  6. Use the reload command to restart the router.
Step 8: Verify new password and configuration
  1. When the router reloads, log in and change mode using the new passwords.
  2. Issue the no shutdown command on the fa0/0 interface to bring it up to working status. FC-CPE-1(config-if)# no shutdown
  3. Save the running configuration to startup configuration FC-CPE-1# copy run start
  4. Disconnect the console cable and access the router using Telnet from the PC command line.The newly configured passwords will allow a successful login.
Step 9: Clean up
Erase the configurations and reload the router. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 2: Access and Change the Switch Passwords
Step 1: Attempt login to the switch
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
  1. Referring to the Topology 2, connect the host PC NIC Ethernet port to the switch Fa0/1 Ethernet port using a straight-through cable. Ensure that power has been applied to both the host computer and switch.
  2. Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
Step 2: Enter the switch: mode
  1. Power off the switch.
  2. Locate the MODE button on the front of the switch.
  3. Hold down the MODE button on the front of the switch while powering on the switch. Release the
MODE button after 10 seconds.
Output similar to the following should be displayed:
Base ethernet MAC Address: 00:0a:b7:72:2b:40
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash files system. The following commands will initialize
the flash files system, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
  1. To initialize the file system and finish loading the operating system, enter the following commands at
the switch: prompt:
switch: flash_init
switch: load_helper
  1. To view the contents of flash memory, enter dir flash: at the switch: prompt.
switch: dir flash:
NOTE: Do not forget to type the colon (:) after the word “flash” in the command dir flash:
The file config.txt should be seen listed.
  1. Enter rename flash:config.text flash:config.old to rename the configuration file. This file contains the password definitions.
  2. Enter dir flash: at the switch: prompt to view the name change. switch: dir flash:
Step 3: Restart the switch
  1. Enter boot to restart the switch.
  2. Would you like to terminate autoinstall? [Yes]: Y
  3. Would you like to enter the initial configuration dialog? [yes/no] N Switch>
Step 4: Enter Privileged EXEC mode and view and change passwords
The switch is now running without a loaded configuration file.
  1. At the user mode prompt Router>, type enable and press Enter to go to the privileged mode without a password.
  2. Enter rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]?
Press Enter to confirm file name change.
  1. Copy the configuration file into RAM.
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
Press Enter to confirm file name.
  1. Press Enter to accept the default file names.
Source filename [config.text]?
Destination filename [running-config]
The configuration file is now loaded.
  1. Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable?
____________________________________________ service password encryption
____________________________________________ enable secret somepassword
  1. If the passwords were not readable they can be changed. Enter configure terminal to enter the global configuration mode.
  2. Change the unknown passwords.
FC-ASW-1#configure terminal
FC-ASW-1(config)#enable password cisco
FC-ASW-1(config)#line console 0
FC-ASW-1(config-line)#password console
FC-ASW-1(config-line)#line vty 0 15
FC-ASW-1(config-line)#password telnet
FC-ASW-1(config-line)#exit
FC-ASW-1(config)#exit
Step 5: Save the configuration file
Use the copy running-config startup-config command to save the new configuration.
Step 6: Verify new password and configuration
Power cycle the switch and verify that the passwords are now functional.
Step 7: Clean up
Erase the configurations and reload the switch. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
Consider the different methods of securing physical access to networking devices such as routers and
switches. List how only those people who require access can be identified and how this security can be
implemented. Jawaban: Physical security includes locking rooms and closets containing switches and routers. Networking devices sharing common space with other services, such as electrical power panels, should be enclosed in a separated lockable cabinet. Keys and access codes should only be given to identified authorized personnel. People authorized to access the networking devices should include only those network personnel required to configure and troubleshoot switches and routers as part of their regular or daily duties. Other IT personnel such as help desk staff, data center administrators, or desktop support workers would normally not be required to access switches and routers.

0 Comments
Langganan: Postingan (Atom)