Escolar Documentos
Profissional Documentos
Cultura Documentos
Select a network attack and develop a report for presentation to the class.
Background/Scenario
Network attacks have resulted in the loss of sensitive data and significant network downtime. When a network
or the resources within it are inaccessible, worker productivity can suffer, and business income may be lost.
Attackers have developed many tools over the years to attack and compromise the networks of organizations.
These attacks take many forms, but in most cases, they seek to obtain sensitive information, destroy
resources, or deny legitimate users access to resources.
To understand how to defend a network against attacks, an administrator must first identify network
vulnerabilities. Specialized security audit software developed by equipment and software manufacturers can
be used to help identify potential weaknesses. In addition, the same tools used by attackers can be used to
test the ability of a network to mitigate an attack. After the vulnerabilities are known, steps can be taken to
help mitigate the network attacks.
This lab provides a structured research project that is divided into two parts: Researching Network Attacks
and Researching Security Audit Tools. You can elect to perform Part 1, Part 2, or both. Let your instructor
know what you plan to do so to ensure that a variety of network attacks and vulnerability tools are reported on
by the members of the class.
In Part 1, you research various network attacks that have actually occurred. You select one of these and
describe how the attack was perpetrated and how extensive the network outage or damage was. You also
investigate how the attack could have been mitigated or what mitigation techniques might have been
implemented to prevent future attacks. You prepare a report based on a predefined form included in the lab.
In Part 2, you research network security audit tools and investigate one that can be used to identify host or
network device vulnerabilities. You create a one-page summary of the tool based on a predefined form
included in the lab. You prepare a short (510 minute) presentation to present to the class.
You may work in teams of two with one person reporting on the network attack and the other reporting on the
security audit tools. All team members deliver a short overview of their findings. You can use live
demonstrations or PowerPoint to summarize your findings.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 15
CCNA Security
Required Resources
Step 2: Fill in the following form for the network attack selected.
Name of attack:
Smurf Attack
Type of attack:
distributed denial-of-service
attack
Dates of attacks:
Late 1990s
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 15
CCNA Security
Mitigation options:
turn off the forwarding of directed broadcast on all router ports. no ip directed-broadcast.
filtering your outbound traffic
Page 3 of 15
CCNA Security
_______________________________________________________________________________________
_______________________________________________________________________________________
_______________________________________________________________________________________
Step 2: Fill in the following form for the security audit or network attack tool selected.
Name of tool:
NMAP
Developer:
Both
Both
Cost:
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 4 of 15
CCNA Security
Step 3: Reflection
a. What is the prevalence of network attacks and what is their impact on the operation of an
organization? What are some key steps organizations can take to help protect their networks and
resources?
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
b. Have you actually worked for an organization or know of one where the network was compromised? If
so, what was the impact to the organization and what did it do about it?
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
c.
What steps can you take to protect your own PC or laptop computer?
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 5 of 15
CCNA Security
Topology
IP Addressing Table
Device
R1
R2
R3
PC-A
PC-C
Interface
Fa0/1
S0/0/0 (DCE)
S0/0/0
S0/0/1 (DCE)
Fa0/1
S0/0/1
NIC
NIC
IP Address
192.168.1.1
10.1.1.1
10.1.1.2
10.2.2.2
192.168.3.1
10.2.2.1
192.168.1.3
192.168.3.3
Subnet Mask
255.255.255.0
255.255.255.252
255.255.255.252
255.255.255.252
255.255.255.0
255.255.255.252
255.255.255.0
255.255.255.0
Default Gateway
N/A
N/A
N/A
N/A
N/A
N/A
192.168.1.1
192.168.3.1
Switch Port
S1 Fa0/5
N/A
N/A
N/A
S3 Fa0/5
N/A
S1 Fa0/6
S3 Fa0/18
Objectives
Part 1: Basic Network Device Configuration
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 6 of 15
CCNA Security
Configure routing.
Install CCP.
Manage communities.
Background/Scenario
Cisco Configuration Professional (CCP) is a Windows-based device management tool for Integrated Service
Routers. CCP simplifies router configurations through easy-to-use wizards. The objective of this lab is to verify
that the routers and PC are configured properly for use with CCP.
Note: Ensure that the routers and the switches have been erased and have no startup configurations.
Required Resources
3 routers (Cisco 1841 with Cisco IOS software, release 12.4(20)T1 or comparable)
PC-C: Windows XP, Vista, or Windows 7 with CCP 2.5, Java version 1.6.0_11 up to 1.6.0_21, Internet
Explorer 6.0 or above and Flash Player Version 10.0.12.36 and later
Note: If the PC is running Windows 7, it may be necessary to right-click on the Cisco CP icon or menu item,
and choose Run as administrator.
In order to run CCP, it may be necessary to temporarily disable antivirus programs and O/S firewalls. Make
sure that all pop-up blockers are turned off in the browser.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 7 of 15
CCNA Security
Configure a clock rate for routers with a DCE serial cable attached to their serial interface. Router R1
is shown here as an example.
R1(config)# interface S0/0/0
R1(config-if)# clock rate 64000
d. To prevent the router from attempting to translate incorrectly entered commands as though they were
host names, disable DNS lookup. Router R1 is shown here as an example.
R1(config)# no ip domain-lookup
Step 5: Configure the EIGRP routing protocol on R1, R2, and R3.
a. On R1, use the following commands.
R1(config)# router
R1(config-router)#
R1(config-router)#
R1(config-router)#
eigrp 101
network 192.168.1.0 0.0.0.255
network 10.1.1.0 0.0.0.3
no auto-summary
eigrp 101
network 10.1.1.0 0.0.0.3
network 10.2.2.0 0.0.0.3
no auto-summary
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 8 of 15
CCNA Security
R3(config-router)# network 10.2.2.0 0.0.0.3
R3(config-router)# no auto-summary
Note: If you can ping from PC-A to PC-C you have demonstrated that routing is configured and
functioning correctly. If you cannot ping but the device interfaces are up and IP addresses are correct, use
the show run and show ip route commands to help identify routing protocol related problems.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 9 of 15
CCNA Security
vty 0 4
login local
transport input telnet
transport input telnet ssh
exit
Agree to the terms and conditions and download and save the file to the desired location.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 10 of 15
CCNA Security
Note: If Cisco CP is installed on a PC that uses the Microsoft Windows Vista operating system or the
Microsoft Windows 7 operating system, Cisco CP may fail to launch.
Possible solutions:
1. Compatibility settings:
a. Right click on the Cisco CP icon or menu item and select Properties.
b. While in the Properties dialog box, select the Compatibility tab. In this tab, select the
checkbox for Run this program in compatibility mode for. Then in the drop down menu
below, choose Windows XP (Service Pack 3) for example, if it is appropriate for your
system.
c.
Click OK.
Click OK.
Click OK to continue.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 11 of 15
CCNA Security
b. Once the router has been discovered by CCP, you are ready to configure your Select Community
Member. In this example, the Select Community Member is 192.168.3.1.
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 12 of 15
CCNA Security
Provide a screenshot showing the discovered router in CCP as shown in the screen above.
Page 13 of 15
CCNA Security
1. Code Red
2. Nimba
3. Back Orifice
4. Blaster, MyDoom
5. SQL Slammer
6. SMURF
7. Tribe flood network (TFN)
8. Stacheldraht
9. Sobig
10. Netsky
11. Witty
12. Storm.
Examples of Security Audit Tools
1. Microsoft Baseline Security Analyzer (MBSA)
2. NMAP
3. Cisco IOS AutoSecure
4. Cisco Security Device Manager (SDM) Security Audit Wizard
5. Sourceforge Network Security Analysis Tool (NSAT)
6. Solarwinds Engineering Toolset
7. L0phtcrack
8. Cain and Abel
9. John the Ripper
10. Netcat
11. THC Hydra
12. Chkrootkit
13. DSniff
14. Nessus
15. AirSnort
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 14 of 15
CCNA Security
16. AirCrack
17. WEPCrack,
All contents are Copyright 19922012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 15 of 15