Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Network Simulation

UNTCSC
October 14, 2020
0
38

Network Simulation

UNTCSC

October 14, 2020
Tweet

More Decks by UNTCSC

See All by UNTCSC
Password Hashing Fall 2020
unt_csc
0
27
Resume and Interview Workshop
unt_csc
0
29
Security: Why do we Care
unt_csc
0
33
Welcome back fall 2020
unt_csc
0
25
Secure Coding
unt_csc
0
45
UNTCSC Spring 2020 Welcome Back
unt_csc
0
39
Password Guessing
unt_csc
0
19
Network Security
unt_csc
0
19
Jake From State Farm
unt_csc
0
35

Featured

See All Featured
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Facilitating Awesome Meetings
lara
50
6.1k
Happy Clients
brianwarren
98
6.7k
Side Projects
sachag
452
42k
BBQ
matthewcrist
85
9.3k
The Pragmatic Product Professional
lauravandoore
31
6.3k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Adopting Sorbet at Scale
ufuk
73
9.1k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Building an army of robots
kneath
302
43k

Transcript

  1. Network Simulation GNS3 & Virtual Box Cyber Security Student Organization

    University of North Texas October 14,2020

  2. IP Addressing • Network ip - 192.168.1.0 • Host ip

    – 192.168.1.10 • Gateway – 192.168.1.1 • Broadcast ip – 192.168.1.255 • Subnet mask - 255.255.255.0 • CIDR value - 24 • Network notation – 192.168.1.0/24 • Reference on ip addressing - https://www.cisco.com/c/en/us/support/docs/ip/routing- information-protocol-rip/13788-3.html

  3. Basic Network Devices • Layer 3 - Router • Builds

    routing table for destinations • Network layer representation • Records host attached to routers • Permit or deny traffic • Many types of Quality of Service • Addresing technique - IP • Layer 2 – Switch • Layer 2 switching(or Data Link layer switching) is the process of using devices’ MAC addresses to decide where to forward frames. • Addressing technique : MAC

  4. Routing Protocol • Distance vector • Routing Information protocol (RIP)

    • Enhanced Interior Gateway Routing Protocol(EIGRP) • Link State • Open Shortest Path First (OSPF) • Intermediate Systems to Intermediate Systems (IS-IS) Interior Gateway Protocol • Border Gateway Protocol(BGP) External Gateway Protocol

  5. Setting up GNS3 (2.1.21) & Virtual Box System Requirement Ram

    – 8GB Storage – 30 GB Software Requirement GNS3 software Virtual box GNS3 VM OVA Linux L2/L3 images iourc license

  6. Setting Up Ennvironment – Part 1 • Steps • Download

    the files from the link • https://bit.ly/33T4GQm • Unzip the folder and get following items • Gns3 software • Gns3 virtualbox image • iourc file • IOU L2 image • IOU L3 image • Install GNS3 software on windows • Unzip the virtual box vm zip file and load the vm ova file on virtual box • Start GNS3 software now • Choose IOU settings

  7. Setting Up Ennvironment – Part 2

  8. Select Interface of Virtual Box Host

  9. Check the interface IP address of the virtual box gns3vm

    network

  10. This is Fine

  11. Change the settngs as below- and that’s it

  12. Select Add an IOU device

  13. Select Image

  14. Routing Lab Topology

  15. Router Configuration • Entering Configuration terminal • Config terminal •

    Hostname • Hostname <desired hostname> • Interface ip address • Interface <onterface type and number> • Ip address <desired ip address> <subnet mask> • Management interface • Line console (Physical access) - line con 0 • Line vty (telnet/ssh access) - line vty 0 4 • Routing • OSPF • Router ospf <rpocess id> • Network <network id> • Eigrp • Router <AS Number> • Network <network id> <wildcard mask> • Example • IOU1#config terminal • IOU1(config)#hostname Seattle • Seattle(config)#int e0/0 • Seattle(config-if)#ip add <ip> <mask>

  16. Security Management Plane Protection Control access to the device Control

    Plane Protection Controlling what routes can be availed to a router Data Plane protection Controlling what kind of traffic s allowed

  17. Management Plane Security • Configuring management plane • SSH access

    configuration • Config t • aaa new-model • aaa authentication login default local • username <user1> privilege 15 secret <secret password> • unable secret <secret> • line vty 0 4 • Transpurt input ssh • Login local

  18. Control Plane Security • New-York router to allow only access

    to 2.2.2.2 • Create access list • Access-list 1 permit ip 1.1.1.1 0.0.0.0 • Create route-map • route-map ext permit 10 • Match ip address 1 • Route-map ext deny 20 • Redistribute specific routes • Router eigrp 1 • Redistribute ospf 1 route-map ext

  19. Data-Plane Security • Create extended Access-list • Ip access-list extended

    100 • 5 deny icmp any 4.4.4.4 0.0.0.0 echo • 10 deny icmp any 4.4.4.4 0.0.0.0 echo- reply • Apply the access-list on inbound or outbound interface • Int ee0/0 • Ip access-group 100 in

  20. References • Configure Cisco Router Step by Step Guide -

    https://www.computernetworkingnotes.com/ccna -study-guide/configure-cisco-router-step-by-step- guide.html • Cisco Guide to Harden Cisco IOS Devices - https://www.cisco.com/c/en/us/support/docs/ip/ access-lists/13608-21.html • Cisco IOS Routing - https://www.cisco.com/c/en/us/td/docs/switches /lan/catalyst1000/software/releases/15_2_7_e/co nfiguration_guides/rtng/b_1527e_routing_c1000_ cg/configuring_ip_unicast_routing.html • Learn How to install GNS3 VM and Link With Latest GNS3 2.x - https://luminisindia.com/it-networking-blog/167-learn- how-to-install-gns3-vm-and-link-with-latest-gns3-2-0