Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Network Simulation

UNTCSC
October 14, 2020
0
38

Network Simulation

UNTCSC

October 14, 2020
Tweet

More Decks by UNTCSC

See All by UNTCSC
Password Hashing Fall 2020
unt_csc
0
24
Resume and Interview Workshop
unt_csc
0
22
Security: Why do we Care
unt_csc
0
26
Welcome back fall 2020
unt_csc
0
16
Secure Coding
unt_csc
0
30
UNTCSC Spring 2020 Welcome Back
unt_csc
0
25
Password Guessing
unt_csc
0
19
Network Security
unt_csc
0
15
Jake From State Farm
unt_csc
0
31

Featured

See All Featured
The Cost Of JavaScript in 2023
addyosmani
21
4k
How to Ace a Technical Interview
jacobian
273
22k
Docker and Python
trallard
35
2.7k
Building Effective Engineering Teams - LeadDev
addyosmani
33
1.9k
Designing Experiences People Love
moore
136
23k
The Art of Programming - Codeland 2020
erikaheidi
43
12k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
22
1.4k
Building Better People: How to give real-time feedback that sticks.
wjessup
356
18k
Testing 201, or: Great Expectations
jmmastey
30
6.4k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
245
20k
BBQ
matthewcrist
80
8.8k
How GitHub (no longer) Works
holman
305
140k

Transcript

  1. Network Simulation GNS3 & Virtual Box Cyber Security Student Organization

    University of North Texas October 14,2020

  2. IP Addressing • Network ip - 192.168.1.0 • Host ip

    – 192.168.1.10 • Gateway – 192.168.1.1 • Broadcast ip – 192.168.1.255 • Subnet mask - 255.255.255.0 • CIDR value - 24 • Network notation – 192.168.1.0/24 • Reference on ip addressing - https://www.cisco.com/c/en/us/support/docs/ip/routing- information-protocol-rip/13788-3.html

  3. Basic Network Devices • Layer 3 - Router • Builds

    routing table for destinations • Network layer representation • Records host attached to routers • Permit or deny traffic • Many types of Quality of Service • Addresing technique - IP • Layer 2 – Switch • Layer 2 switching(or Data Link layer switching) is the process of using devices’ MAC addresses to decide where to forward frames. • Addressing technique : MAC

  4. Routing Protocol • Distance vector • Routing Information protocol (RIP)

    • Enhanced Interior Gateway Routing Protocol(EIGRP) • Link State • Open Shortest Path First (OSPF) • Intermediate Systems to Intermediate Systems (IS-IS) Interior Gateway Protocol • Border Gateway Protocol(BGP) External Gateway Protocol

  5. Setting up GNS3 (2.1.21) & Virtual Box System Requirement Ram

    – 8GB Storage – 30 GB Software Requirement GNS3 software Virtual box GNS3 VM OVA Linux L2/L3 images iourc license

  6. Setting Up Ennvironment – Part 1 • Steps • Download

    the files from the link • https://bit.ly/33T4GQm • Unzip the folder and get following items • Gns3 software • Gns3 virtualbox image • iourc file • IOU L2 image • IOU L3 image • Install GNS3 software on windows • Unzip the virtual box vm zip file and load the vm ova file on virtual box • Start GNS3 software now • Choose IOU settings

  7. Setting Up Ennvironment – Part 2

  8. Select Interface of Virtual Box Host

  9. Check the interface IP address of the virtual box gns3vm

    network

  10. This is Fine

  11. Change the settngs as below- and that’s it

  12. Select Add an IOU device

  13. Select Image

  14. Routing Lab Topology

  15. Router Configuration • Entering Configuration terminal • Config terminal •

    Hostname • Hostname <desired hostname> • Interface ip address • Interface <onterface type and number> • Ip address <desired ip address> <subnet mask> • Management interface • Line console (Physical access) - line con 0 • Line vty (telnet/ssh access) - line vty 0 4 • Routing • OSPF • Router ospf <rpocess id> • Network <network id> • Eigrp • Router <AS Number> • Network <network id> <wildcard mask> • Example • IOU1#config terminal • IOU1(config)#hostname Seattle • Seattle(config)#int e0/0 • Seattle(config-if)#ip add <ip> <mask>

  16. Security Management Plane Protection Control access to the device Control

    Plane Protection Controlling what routes can be availed to a router Data Plane protection Controlling what kind of traffic s allowed

  17. Management Plane Security • Configuring management plane • SSH access

    configuration • Config t • aaa new-model • aaa authentication login default local • username <user1> privilege 15 secret <secret password> • unable secret <secret> • line vty 0 4 • Transpurt input ssh • Login local

  18. Control Plane Security • New-York router to allow only access

    to 2.2.2.2 • Create access list • Access-list 1 permit ip 1.1.1.1 0.0.0.0 • Create route-map • route-map ext permit 10 • Match ip address 1 • Route-map ext deny 20 • Redistribute specific routes • Router eigrp 1 • Redistribute ospf 1 route-map ext

  19. Data-Plane Security • Create extended Access-list • Ip access-list extended

    100 • 5 deny icmp any 4.4.4.4 0.0.0.0 echo • 10 deny icmp any 4.4.4.4 0.0.0.0 echo- reply • Apply the access-list on inbound or outbound interface • Int ee0/0 • Ip access-group 100 in

  20. References • Configure Cisco Router Step by Step Guide -

    https://www.computernetworkingnotes.com/ccna -study-guide/configure-cisco-router-step-by-step- guide.html • Cisco Guide to Harden Cisco IOS Devices - https://www.cisco.com/c/en/us/support/docs/ip/ access-lists/13608-21.html • Cisco IOS Routing - https://www.cisco.com/c/en/us/td/docs/switches /lan/catalyst1000/software/releases/15_2_7_e/co nfiguration_guides/rtng/b_1527e_routing_c1000_ cg/configuring_ip_unicast_routing.html • Learn How to install GNS3 VM and Link With Latest GNS3 2.x - https://luminisindia.com/it-networking-blog/167-learn- how-to-install-gns3-vm-and-link-with-latest-gns3-2-0