1 / 24

SIS - Security Lab Introductory Session

SIS - Security Lab Introductory Session. University of Pittsburgh 2006. Agenda. Description of lab infrastructure Equipment configuration basics Text based connection / configuration Graphical configuration environment Cabling description Useful commands Cisco IOS Windows / Linux

scott
Download Presentation

SIS - Security Lab Introductory Session

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SIS - Security Lab Introductory Session University of Pittsburgh 2006

  2. Agenda • Description of lab infrastructure • Equipment configuration basics • Text based connection / configuration • Graphical configuration environment • Cabling description • Useful commands • Cisco IOS • Windows / Linux • Recommendations

  3. Lab Infrastructure

  4. Equipment configuration

  5. Equipment configuration (2)

  6. Equipment configuration (3)

  7. Access modes • The PIX firewalls (and other CISCO equipment) have four administrative access modes: • Unprivileged mode: Available at first access. Provides a restricted, limited view of system settings. (Prompt = ‘>’) • Privileged mode: Allows you to change system settings. (Prompt = ‘#’) • Configuration mode: Enables you to change system configurations. (Prompt = ‘(config)#’ • Monitor mode: Special mode that allows you to update system configuration image over the network (using a TFTP server)

  8. Access modes (2) • To access privilege mode enable • To access configuration mode configure terminal • Use the exit command to exit from one mode to the previous one

  9. Firewalls • System or group of systems that manage access between two networks DMZ Internet Router Firewall Outside Network Inside Network

  10. PIX Firewalls • Proprietary operating system • Stateful inspection • Protocol and application inspection • User-based authentication • Virtual private networking • Web-based management • Stateful failover capabilities

  11. Graphical configuration environment (PIX 501 Firewall) • Important: To access the GUI configuration environment on the PIX 501 use a PC connected to the PIX and a browser with the MICROSOFT JAVA VM enabled !! • Activate GUI environment via browser https://192.168.1.1/pdm.html

  12. Viewing / Saving configurations • There are two configuration memories, running-configuration and startup-configuration • show running-config displays the current configuration in the RAM memory of the equipment. Any configuration changes are written to the running-configuration • write memorysaves the current running-configuration to the flash memory startup-configuration • show configureshows the configuration that is in flash memory • show historydisplays previously entered commands

  13. Cabling description • Networking ports for each computer are numbered • Correspondence (see picture) • Move the patch cords to where you need them if they are not properly set.

  14. Basic CISCO IOS commands • ip address if_name ip_address [netmask] ip address ethernet2 172.16.0.1 255.255.255.0 • show ip address • Displays the IP adresses assigned to all interfaces • show interface • allows you to view the network interface information and status • ping ip_address • To determine reachability of a system

  15. Basic Windows/Linux networking commands • ipconfig (windows) / ifconfig (linux) • To obtain ip configuration information of a PC • ping • netstat –r • To obtain routing configuration and statistics • netstat • Gives you information on active ports and established connections on a system

  16. Lab procedures • Lab assignments will be given a couple of days in advance to the start of the lab working period • Lab working periods = 1 or 2 weeks • Lab groups should be composed of two persons (no more, no less) • Use sign-up sheet to schedule the time in which you will be using lab equipment • Lab reports can be written in any format but should include answers to the questions presented in the assignment and equipment configuration files

  17. Important recommendations • Never change a password (you’ll be held accountable) unless its for your own user account • Discharge often – get rid of static electricity build up before touching equipment • For questions: • Check CISCO web site http://www.cisco.com • Ask GSA: • E-mail: cec15@pitt.edu

  18. Questions ??

More Related