sis - security lab introductory session university of pittsburgh 2006
TRANSCRIPT
![Page 1: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/1.jpg)
SIS - Security Lab Introductory Session
University of Pittsburgh
2006
![Page 2: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/2.jpg)
Agenda
Description of lab infrastructure Equipment configuration basics
Text based connection / configuration Graphical configuration environment
Cabling description Useful commands
Cisco IOS Windows / Linux
Recommendations
![Page 3: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/3.jpg)
![Page 4: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/4.jpg)
Lab Infrastructure
![Page 5: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/5.jpg)
![Page 6: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/6.jpg)
Equipment configuration
![Page 7: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/7.jpg)
Equipment configuration (2)
![Page 8: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/8.jpg)
Equipment configuration (3)
![Page 9: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/9.jpg)
Access modes
The PIX firewalls (and other CISCO equipment) have four administrative access modes: Unprivileged mode: Available at first access. Provides a
restricted, limited view of system settings. (Prompt = ‘>’) Privileged mode: Allows you to change system settings.
(Prompt = ‘#’) Configuration mode: Enables you to change system
configurations. (Prompt = ‘(config)#’ Monitor mode: Special mode that allows you to update
system configuration image over the network (using a TFTP server)
![Page 10: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/10.jpg)
Access modes (2)
To access privilege mode
enable To access configuration mode
configure terminal Use the exit command to exit from one mode
to the previous one
![Page 11: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/11.jpg)
Firewalls
System or group of systems that manage access between two networks
Internet
Router Firewall
DMZ
Inside Network
Outside Network
![Page 12: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/12.jpg)
PIX Firewalls
Proprietary operating system Stateful inspection Protocol and application inspection User-based authentication Virtual private networking Web-based management Stateful failover capabilities
![Page 13: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/13.jpg)
Graphical configuration environment (PIX 501 Firewall) Important: To access the GUI configuration
environment on the PIX 501 use a PC connected to the PIX and a browser with the MICROSOFT JAVA VM enabled !!
Activate GUI environment via browserhttps://192.168.1.1/pdm.html
![Page 14: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/14.jpg)
![Page 15: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/15.jpg)
![Page 16: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/16.jpg)
![Page 17: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/17.jpg)
![Page 18: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/18.jpg)
Viewing / Saving configurations
There are two configuration memories, running-configuration and startup-configuration
show running-config displays the current configuration in the RAM memory of the equipment. Any configuration changes are written to the running-configuration
write memory saves the current running-configuration to the flash memory startup-configuration
show configure shows the configuration that is in flash memory
show history displays previously entered commands
![Page 19: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/19.jpg)
Cabling description
Networking ports for each computer are numbered Correspondence (see picture) Move the patch cords to where you need them if they
are not properly set.
![Page 20: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/20.jpg)
Basic CISCO IOS commands
ip address if_name ip_address [netmask]ip address ethernet2 172.16.0.1 255.255.255.0
show ip address Displays the IP adresses assigned to all
interfaces show interface
allows you to view the network interface information and status
ping ip_address To determine reachability of a system
![Page 21: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/21.jpg)
Basic Windows/Linux networking commands ipconfig (windows) / ifconfig (linux)
To obtain ip configuration information of a PC ping netstat –r
To obtain routing configuration and statistics netstat
Gives you information on active ports and established connections on a system
![Page 22: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/22.jpg)
Lab procedures
Lab assignments will be given a couple of days in advance to the start of the lab working period
Lab working periods = 1 or 2 weeks Lab groups should be composed of two persons (no
more, no less) Use sign-up sheet to schedule the time in which you
will be using lab equipment Lab reports can be written in any format but should
include answers to the questions presented in the assignment and equipment configuration files
![Page 23: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/23.jpg)
Important recommendations
Never change a password (you’ll be held accountable) unless its for your own user account
Discharge often – get rid of static electricity build up before touching equipment
For questions: Check CISCO web site http://www.cisco.com Ask GSA:
E-mail: [email protected]
![Page 24: SIS - Security Lab Introductory Session University of Pittsburgh 2006](https://reader035.vdocument.in/reader035/viewer/2022062421/56649d015503460f949d34ae/html5/thumbnails/24.jpg)
Questions ??