Security Labs in OPNET IT Guru
Enginyeria i Arquitectura La Salle
Universitat Ramon Llull
Barcelona 2004
Security labs Enginyeria i Arquitectura La Salle
-I-
Security Labs in OPNET IT Guru
Authors:
Cesc Canet
Juan Agustín Zaballos
Translation from Catalan:
Cesc Canet
Overview
This project consists in practical networking scenarios to be done with OPNET IT Guru
Academic Edition, with a particular interest in security issues.
The first two parts are a short installation manual and an introduction to OPNET. After
that there are 10 Labs that bring into practice different networking technologies. Every
Lab consists in a theoretical introduction, a step-by-step construction of the scenario
and finally Q&A referring to the issues exposed.
Lab 1: ICMP Ping, we study Ping traces and link failures.
Lab 2: Subnetting and OSI Model, we study tiers 1,2 and 3 of the OSI model, and
the Packet Analyzer tool to observe TCP connections.
Lab 3: Firewalls, we begin with proxies and firewalls. We will deny multimedia traffic
with a proxy, and study the link usage performance.
Lab 4: RIP explains the RIP routing protocol, and how to create timed link failures
and recoveries.
Lab 5: OSPF compares RIP. We study areas and Load Balancing.
Lab 6: VPN studies secure non-local connections. A Hacker will try to access into a
server that we will try to protect using virtual private networks.
Lab 7: VLAN creates user logical groups with Virtual LANs. Studies One-Armed-
Router interconnections.
Lab 8: Dual Homed Router/Host, Lab 9: Screened Host/Subnet. DMZ and Lab
10: Collapsed DMZ explains the static routing tables, ACLs, proxies and internal vs.
perimetric security. Lab 10 is 100% practical, we want you to create it on your own, a
piece of cake if you did the other Labs!
Security labs Enginyeria i Arquitectura La Salle
-I-
Overview .......................................................................................................... 1
I. Installing OPNET IT Guru ................................................................................. 2
II. OPNET IT Guru Overview................................................................................ 7
Lab 1: ICMP Ping ............................................................................................. 22
Lab 2 Subnetting & OSI model........................................................................... 28
Lab 3 Firewalls ................................................................................................ 43
Lab 4: RIP ...................................................................................................... 56
Lab 5: OSPF.................................................................................................... 68
Lab 6: VPN...................................................................................................... 79
Lab 7: VLANs .................................................................................................. 93
Lab 8: Dual-Homed Router and Host ................................................................ 109
Lab 9: Screened Host / Subnet (DMZ) .............................................................. 125
Lab 10: Collapsed DMZ................................................................................... 142
Security labs Enginyeria i Arquitectura La Salle
-2-
I. Installing OPNET IT Guru
Download the files from http://www.opnet.com/services/university/itg_panko.html
Click at “Download the academic version of IT Guru and follow the step-by-step
software installation instructions to get started right away!”
1. Fill up the form:
I.1 Registry form
Remember that every time we create a OPNET IT Guru Academic Edition
account to have a license, this can be used only once. Thereafter, if we want to
install the application in several computers we will need several e-mail
accounts to register with, otherwise we won’t be able to register anymore.
After a couple of minutes we will receive an e-mail telling us the account is
created. Besides, this e-mail will assign a password to identify us.
Security labs Enginyeria i Arquitectura La Salle
-3-
I.2 Confirmation e-mail
Now click on the hyperlink on the message body: http://www.opnet.com/itguru-
academic/download.html
The link bring us to a new web site where we can log in using the username and
password we received before:
I.3 Log in the OPNET server
After that, we can download the software. The application installer is 47MB long.
We need Administrator rights to install it.
Once the license contract is read and accepted, we store the installer executable
(ITG_Academic_Edition_v1992.exe). If we want to install the program on several
computers, all we will need are several e-mail accounts to create several OPNET
accounts, but we won’t have to download the binaries anymore.
Security labs Enginyeria i Arquitectura La Salle
-4-
I.4 Saving the executable file on the local disk
2. It is recommendable to download the Lab Manuals and Lab Files as well. This
can be done starting at Step 2 at the first link.
I.5 Downloading the Load Files and Load Manuals
We can even download all the Lab Manuals at the same time, and all the IT
Guru Lab files at the same time, both compressed in two single files.
Once we have downloaded the installer, we can execute it and follow the
installation steps.
Security labs Enginyeria i Arquitectura La Salle
-5-
I.6 Starting the program using the start bar
We execute the program and afterwards click on “License Management”.
I.7 License Management
After this dialog another one will pop up. We will click on “Next” and finally we
will get a new dialog such as this:
I.8 License Transaction (step 1)
Now we are doing the application License Transaction in order to identify us as
OPNET users. Now we have to write down the License Request Code (or click
Security labs Enginyeria i Arquitectura La Salle
-6-
“Copy to Clipboard” and click “Next”). In a while the explorer will be launched.
It is very important to request the License Activation Code after obtaining the
License Request Code. Every time we start OPNET without being logged before,
a new License Request Code will be created.
I.9 License Transaction (step 2)
Now we can launch OPNET IT Guru Academic Edition 9.1!
Security labs Enginyeria i Arquitectura La Salle
-7-
II. OPNET IT Guru Overview
Main features
OPNET IT Guru is a virtual environment for modeling, analyzing and performance
prediction of IT infrastructures, including applications, servers and network
technologies.
This OPNET academic version is based upon the commercial version IT Guru 9.1. It
can be downloaded from the web site and used for free with some license constraints.
The Academic Edition has Application Characterization Environment (ACE) and
Wireless modules integrated, with some usage limitations.
The OPNET Academic Edition license lasts for 6 months, but can be renewed for free.
Constraints
This academic version of OPNET IT Guru has some limited features:
• Importing limitations: the scenarios created in any other commercial version of
OPNET cannot be imported. We can only import scenarios created with the
academic version.
• Exporting limitations: the scenarios created with the Academic Edition cannot
be exported to other commercial versions of the software, therefore it is not
possible to prepare scenarios at home and simulate them using all the licenses
at University (e.g.: MPLS).
• Modeling limitations: this version does not include some modules like Flow
Analysis, Net Doctor, Terrain Modeling, etc. This version is not the Modeler, so
models cannot be modified. It is not possible neither to import a model created
Security labs Enginyeria i Arquitectura La Salle
-8-
using OPNET Modeler, nor create multicast scenarios.
• ACE limitations: it can only work with predetermined application captures,
included in the tutorials.
• Wireless features limitations: Pipe-line stages, used in the Wireless model,
cannot be modified (as in the Modeler). This way all the transmissions will use
the space loss attenuation model. We neither have the antennas editor,
therefore all the Wireless nodes will use the isotropic antenna model.
• Can create mobile nodes, but not satellite nodes as in the Modeler.
• The projects created with the Academic Edition are limited in the number of
multi-port devices. We can run small simulations with a reasonable number of
routing elements (20) for educational purposes, but not for commercial studies.
• Analysis limitations: although we have the animation generation option in the
menus, this feature is not available. This option may be included in next
editions of this software.
• There’s not many documentation for this version, all we have is a brief
explanation of the editors and a short PDF tutorial.
Security labs Enginyeria i Arquitectura La Salle
-9-
Simulator usage
To simulate the network performance we will follow these steps:
II.1 Project simulation steps
• First of all we create a project. A project is a set of scenarios with a common
target. Each Lab is a project itself.
• Create the first scenario (or the only one). If we create a project to see the
OSPF protocol, the first scenario could explain a specific feature of this
technology. Sometimes we will have only a single scenario, but if we have
many, then the first one will be used as a start point for the next ones.
Creating a new scenario involves choosing the scenario dimensions and
background, naming the scenario, deploying the network elements, creating
profiles and application demands, etc.
Scenario creation/modification
Choose statistics
Simulation execution
Results analysis
Scenario duplication
Project creation
What If ..?
Security labs Enginyeria i Arquitectura La Salle
-10-
• The next step is to choose the statistics. So far we have only created the
scenario with the elementary components, but now we have to set the
parameters we want to calculate: link throughput (packets/sec), access delay
into a web page, routing tables updates (per sec), etc.
• Now we can continue the project simulation by executing the simulation, or
either duplicating the scenario. To duplicate the scenario means creating a
new scenario starting from another scenario. For example, when we study the
OSPF Lab we create a scenario to study the Load Balancing starting from
another scenario where we studied OSPF without Load Balancing, and then we
have two independent scenarios. We can repeat this process as many times as
we want.
• All the scenarios have to be simulated at the end (similar to compiling a
program). OPNET will do a performance prediction with all the information
about the scenarios, the traffic demands, the statistics chosen, etc.
• At the end, the results analysis is done with graphics, statistics and the
Simulation Log.
• OPNET is designed for network analysis and designs. If the simulation results
are not the ones expected, then we will change the model until we get what we
are looking for, according to the specifications. We can even do analysis in
order to test how would our model would behave if some conditions were
changed (What-If analysis).
Security labs Enginyeria i Arquitectura La Salle
-11-
Graphic Interface
The main window in OPNET IT Guru is the System window. Projects are created and
opened here, working directories are changed, etc.
II.2 System Window
From the System window we can create a new project with File����New����Project.
Project Editor
The Project Editor is a window we can use to create new scenarios, select statistics,
run the simulation, etc. It is the window we will work with.
II.3 Project Editor
Security labs Enginyeria i Arquitectura La Salle
-12-
The working zone of the Project Editor is the zone underneath, and is called the Grid.
We can change the metric units of the grid, the background map, the map dimensions,
etc. At the top part of the Project Editor we have a action buttons bar we can use to
work with the project.
II.4 Action Buttons
The meaning of each button is the following:
• Object Palette: It is a palette we can use to deploy elements on the
scenario: workstations, servers, links, traffic demands,...
• Check Links: This tool checks out if all the links of the network are
correct. It is very useful to use it when we finish creating the scenario, before
running up the simulation, because we can have problems if a link is not set
properly (e.g.: we are using 100BaseT wire in a PPP_DS1 interface).
• Link Failure: This tool simulates failures to the links we have selected.
We can study the scenario performance if a link stop working.
• Link recovery: Recovers links deactivated by the Link Failure.
• Return to Parent Subnet: When a scenario grows (not very often in this
version of OPNET) we may need to group elements into subnets. A Subnet is a
set of stations and links interconnected each other, but graphically grouped
into one icon.
II.5 Subnet
We could do big networks this way. If the Subnet Campus Network from
picture II.5 has a router called node_6 then the real name of the node would
be Campus Network.node_6.
Security labs Enginyeria i Arquitectura La Salle
-13-
• Zoom/Unzoom: To zoom in and out of the scenario.
• Configure/Run Simulation: Opens up a dialog we can use to configure
the simulation of the scenario we are working in. We can set the simulation
length, the seed, the routing protocols’ Sim Efficiency, etc.
• View Results: Once the simulation is run, we can see the graphic results
of the statistics we have chosen.
• Hide/Show All Graphs: The results’ graphics will remain open as long
as we don’t close them. We can hide them without closing them, and show
them up again later on with this button.
Creating a Project
The first step to create a project is to run OPNET: Start Bar����Programs����OPNET IT
Guru Academic Edition 9.1.
This will open the System window. Now we can create a new project by clicking
File����New. At the selection dialog we choose Project and OK. Then we write the
name of the project and the name of the first scenario:
II.6 Writing down the names of the project and the first scenario
The next step is the Startup Wizard, a series of dialogs where we shall insert the
parameters of the initial configuration of the scenario (press Next to advance).The
first dialog is the Initial Topology. We will usually choose Create Empty Scenario.
The Import From ACE option is used to import traffic captures with sniffing
programs.
Security labs Enginyeria i Arquitectura La Salle
-14-
II.7 Initial Topology
Coming up next is the Choose Network Scale dialog, where we can change the
initial scenario dimensions: we select Office or Campus for LANs, and World or
Choose From Maps for WANs.
II.7 Choose Network Scale
This last option opens up a new dialog where we can choose a map from some
regions.
II.8 Choose Map
The next dialog is Select Technologies. We can create a bespoke palette for the
Object Palette from here, including nodes with the technologies set to include: Yes.
Can be faster to search for components.
Security labs Enginyeria i Arquitectura La Salle
-15-
II.9 Select Technologies
At the end we have a dialog we can confirm by pressing OK to accept changes. This
finishes the project settings, and then the Project Editor will open, and the Object
Palette will appear as in picture II.10.
II.10 The project once configured
Now we place all the components of our network over the Grid, drag and dropping
from the Object Palette. If any device is not in the selected palette, we can change the
palette as we can see in picture II.11:
II.11 Deploying all the palettes of the Object Palette
Grouped into palettes in the Object Palette we can see links, routers, workstations,
switches, bridges, hubs, etc. The palette Sm_Int_Model_List has a set of simple
components to create typical LANs.
Security labs Enginyeria i Arquitectura La Salle
-16-
II.12 Creating a simple network with Sm_Int_Model_List components
To link workstations, we only have to select the wires we want (10BaseT) and click on
the start node and destination node of the cable. Once the devices are deployed on
the scenario we can edit the Attributes: Right click on the node, unfold the menu and
go to Edit Attributes. Now we can change the properties of a component instance.
II.13 Editing attributes
Security labs Enginyeria i Arquitectura La Salle
-17-
Attributes are organized in hierarchies. We have fields where we can change values,
and this fields can be into branches and more branches. The small question-mark
symbol on left is a little help of the field.
At the bottom-left side, we can tip Apply Changes to Selected Objects to allow
changes to be applied to all the nodes that are selected in the project (we can select
many objects pressing the CTRL key, and then click on Edit Attributes on any, and
change the attributes to all of them).
On picture II.13 we can see the IP Host Parameters����Interface
Information����Subnet Mask field unfold, to change the network mask of a server.
The number of fields can be very big if we have many-interfaced components such as
switches and routers, where we have to configure the parameters of any individual
interface. That’s why it can be helpful to know the interface name of every interface of
a router/switch. This information can be seen using the tool tip window that pops up
when holding the mouse pointer for a couple of seconds on a component in our
scenario. OPNET assigns interface names automatically, depending on the order the
nodes were created. Thus, we can have identical scenarios with the same components
and results but with interface names different.
II.14 Interfaces of a link
Sometimes we have some fields including rows, with a number of rows that can be set
by the user. The following picture shows how we can edit the Access Control List of a
router, by changing the attribute IP Routing Parameters����Extended ACL
Configuration. For each ACL we have to create a new row. At the example below we
create two rows (0 and 1). Inside each row we can have more rows (in this case, ACL
rules).
II.15 Rows
Security labs Enginyeria i Arquitectura La Salle
-18-
There are two specific elements that we have included in the scenario that are not
stations, they are Controls. In this palette we have Sm_Application_Config and
Sm_Profile_Config, two types of Application_Config and Profile_Config controls we can
find in the internet_toolbox palette.
The Application Config is used to define the applications that every station will run like
email clients, web browsers, etc.
II.16 Attributes of control Sm_Application_Config
The applications itself are defined at the Application Definitions branch. Inside every
type of application we define the load on the network that the application is giving.
The Sm_Application_Config control is an Application_Config control with 16 model
applications.
The Profile Config is used to define profiles. Profiles are groups of applications that the
end-users will use. For instance we can define an Engineer profile admitting Web
Browsing, Email and File Transfer. These applications have to be defined in the
Application_Config control previously, otherwise they’re not available on
Profile_Config.
Security labs Enginyeria i Arquitectura La Salle
-19-
II.17 Profile_Config profiles
Sm_Profile_Config is a Profile_Config with 5 profiles with the Sm_Application_Config
applications. Before we need to select Profile Configuration: Sample Profiles.
Once profiles and applications are defined we need to import them to every single
individual stations, at the Application: Supported Profiles attribute of the
workstations. In order to set up the server to give service to specific applications, we
have to edit the attribute Application: Supported Services for each server.
II.18 Assigning Supported Services
Setting up the Simulation
Two steps:
• Choose the simulation statistics. This can be relative to a node (right
click����Choose Individual Statistics) or referring to the whole scenario (the
same with the right button on the Grid, in a blank zone).
• Anyhow this will open the dialog Choose Results in which we can select the
statistics we want.
Security labs Enginyeria i Arquitectura La Salle
-20-
II.19 Choose Results
• Configure the simulation: By clicking on configure/run simulation we
have access to a dialog to define the basic simulation parameters. To start the
simulation we click on Run.
II.20 Configure the Simulation
Security labs Enginyeria i Arquitectura La Salle
-21-
Results analysis
When the simulation is finished, we can see the statistics simulated by clicking on the
elements with the right button and going to View Results. Here we can configure the
type of graphic to visualize, compare graphics, etc.
II.21 View Results
The Simulation Log console (right button on the Grid�Open Simulation Log)
summarizes the simulation errors (no server found giving service to the requested
application, a router is rejecting packets, etc). These messages are not error
messages always, sometimes they indicate that the simulation is working correctly.
They give the ping traces as well.
II.22 Simulation Log