sis - security lab introductory session
DESCRIPTION
SIS - Security Lab Introductory Session. University of Pittsburgh 2008. Agenda. Description of lab infrastructure Equipment configuration basics Text based connection / configuration Graphical configuration environment Cabling description Useful commands Cisco IOS Windows / Linux - PowerPoint PPT PresentationTRANSCRIPT
SIS - Security Lab Introductory Session
University of Pittsburgh
2008
Agenda
Description of lab infrastructure Equipment configuration basics
Text based connection / configuration Graphical configuration environment
Cabling description Useful commands
Cisco IOS Windows / Linux
Recommendations
Equipment configuration
Equipment configuration (2)
Access modes
The PIX firewalls (and other CISCO equipment) have four administrative access modes: Unprivileged mode: Available at first access. Provides a
restricted, limited view of system settings. (Prompt = ‘>’) Privileged mode: Allows you to change system settings.
(Prompt = ‘#’) Configuration mode: Enables you to change system
configurations. (Prompt = ‘(config)#’ Monitor mode: Special mode that allows you to update
system configuration image over the network (using a TFTP server)
Access modes (2)
To access privileged mode
enable To access configuration mode
configure terminal Use the exit command to exit from one mode
to the previous one
Firewalls
System or group of systems that manage access between two networks
Internet
Router Firewall
DMZ
Inside Network
Outside Network
PIX Firewalls
Proprietary operating system Stateful inspection Protocol and application inspection User-based authentication Virtual private networking Web-based management Stateful failover capabilities
Viewing / Saving configurations
There are two configuration memories, running-configuration and startup-configuration
show running-config displays the current configuration in the RAM memory of the equipment. Any configuration changes are written to the running-configuration
write memory saves the current running-configuration to the flash memory startup-configuration
show configure shows the configuration that is in flash memory
show history displays previously entered commands
Basic CISCO IOS commands
ip address if_name ip_address [netmask]ip address ethernet2 172.16.0.1 255.255.255.0
show ip address Displays the IP adresses assigned to all
interfaces show interface
allows you to view the network interface information and status
ping ip_address To determine reachability of a system
Basic Windows/Linux networking commands ipconfig (windows) / ifconfig (linux)
To obtain ip configuration information of a PC ping netstat –r
To obtain routing configuration and statistics netstat
Gives you information on active ports and established connections on a system
Packet Sniffer - WireShark
Lab procedures
Lab assignments will be given a couple of days in advance to the start of the lab working period
Lab working periods = 1 or 2 weeks Lab groups should be composed of two persons (no
more, no less) Use sign-up sheet to schedule the time in which you
will be using lab equipment Lab reports can be written in any format but should
include answers to the questions presented in the assignment and equipment configuration files
Important recommendations
Never change a password (you’ll be held accountable) unless its for your own user account
Get rid of static electricity build up before touching equipment
For questions: Check CISCO web site http://www.cisco.com Ask GSA:
E-mail: [email protected]
Questions ??
ReferencesFirewall Lab references
Title: Cisco security specialist's guide to PIX Firewall [electronic resource] / Vitaly Osipov.
Author: Osipov, Vitaly.
Published: Rockland, Mass. : Syngress Pub., c2002.
Read: Chapters 2 and 3 (4 is optional) , (9 if you plan to use graphical GUI)
Title: CCSP Cisco Secure PIX firewall advanced exam certification guide [electronic
resource] : CCSP self-study / [Greg Bastien and Christian Degu].
Author: Bastien, Greg.
Published: Indianapolis, IN : Cisco Press, c2003.
Read: Chapters 5 and 6
Title: Managing Cisco network security [electronic resource] / Eric Knipp ... [et al.] ;
technical editor, Edgar Danielyan.
Edition: 2nd ed.
Published: Rockland, Mass. : Syngress Media, c2002.
Read: Chapters 3 – 5