User Account

All Pages

Prepare the router and tftp server

Assignment Help Computer Networking
Reference no: EM132008422

Implementing Intrusion Prevention

Objective: Configure an Intrusion Prevention System

TOPOLOGY:

Note: ISR G1 devices have Fast Ethernet interfaces instead of Gigabit Ethernet Interfaces.

In this lab, you will perform the following tasks:

Part 1: Configure Basic Device Settings

- Configure basic settings such as host name, interface IP addresses, and access passwords.

- Configure static routing to enable end-to-end connectivity.

Part 2: Use CLI to Configure an IOS IPS

- Configure IOS IPS using CLI.

- Modify IPS signatures.

- Examine the resulting IPS configuration.

- Verify IPS functionality.

- Log IPS messages to a syslog server.

Part 3: Simulate an Attack

- Use a scanning tool to simulate an attack.

BACKGROUND

In this lab, you will configure the Cisco IOS IPS, which is part of the Cisco IOS Firewall feature set. IPS examines certain attack patterns and alerts or mitigates when those patterns occur. IPS alone is not enough to make a router into a secure Internet firewall, but when added to other security features, it can be a powerful defense.

You will configure IPS using the Cisco IOS CLI and then test IPS functionality. You will load the IPS Signature package from a TFTP server and configure the public crypto key using the Cisco IOS.

Note: The router commands and output in this lab are from a Cisco 1941 with Cisco IOS Release 15.4(3)M2 (UniversalK9-M). Other routers and Cisco IOS versions can be used. See the Router Interface Summary Table at the end of the lab to determine which interface identifiers to use based on the equipment in the lab. Depending on the router model and Cisco IOS version, the commands available and output produced might vary from what is shown in this lab.

Note: Before beginning, ensure that the routers and switches have been erased and have no startup configurations.

Instructions for initializing the network devices are provided in Lab 0.0.0.0.

Part 1: Configure Basic Device Settings

The desktop system assigned to you serves as an end-user terminal. You access and manage the lab environment from the student desktop system using GNS3 Software.

Students should perform the steps in this task individually.

In Part 1 of this lab, you set up the network topology and configure basic settings, such as the interface IP addresses, static routing, device access, and passwords.

All steps should be performed on routers R1-S0000 and R3-S0000. The procedures are shown for only one of the routers.

Part 2: Configuring IPS Using the Cisco IOS CLI

In Part 2 of this lab, you will configure IPS on R1 using the Cisco IOS CLI. You then review and test the resulting configuration.

Task 1: Verify Current Router Configurations.

In this task, you will verify end-to-end network connectivity before implementing ZPF.

Task 2: Prepare the Router and TFTP Server

Task 3: Configure the IPS Crypto Key

The crypto key verifies the digital signature for the master signature file (sigdef-default.xml). The contents are signed by a Cisco private key to guarantee the authenticity and integrity at every release.

Task 4: Configure IPS

Task 5: Load the IOS IPS Signature Package to the Router

The most common way to load the signature package to the router is to use TFTP.

Task 6: Test the IPS Rule and Modify a Signature

You can work with signatures in many ways. They can be retired and unretired, enabled and disabled, and their characteristics and actions can be changed. In this task, you first test the default behavior of IOS IPS by pinging it from the outside.

Part 3: Simulate an Attack

Task 1: Verify IPS with Zenmap

Nmap/Zenmap is a network-scanning tool that allows you to discover network hosts and resources, including services, ports, operating systems, and other fingerprinting information. Zenmap is the graphical interface for Nmap. Nmap should not be used to scan networks without prior permission. The act of network scanning can be considered a form of network attack.

Nmap/Zenmap will test the IPS capabilities on R1. You will run the scanning program from PC-A and attempt to scan open ports on router R2 before and after applying IPS rule iosips on R1.

Task 2: Observe the syslog messages on R1.

You should see syslog entries on the R1 console and on the syslog server if it is enabled. The descriptions should include phrases, such as TCP NULL Packet and TCP SYN/FIN Packet.

a. What is the IPS risk rating or severity level (Sev:) of the TCP NULL Packet, signature 3040?

b. What is the IPS risk rating or severity level (Sev:) of the TCP SYN/FIN packet, signature 3041?

Reflection

1. If changes are made to a signature while using version 5.x signature files, are they visible in the router running the configuration?

Attachment:- Configure an Intrusion Prevention System IPS.rar

Verified Expert

Given task is about configuration of topology in gns. For that router binary file must required. That support IPS technology , generally the binary with advance advertisement support this type of IPS technology. After creating topology basic configuration in router and switch are created. For the syslog analysis the cloud is placed in the gns topology and required output is captured using tools like tftpd and file transfer operations is performed using tftp software.

Reference no: EM132008422

Questions Cloud

Compute the amount of postretirement expense : The following information is related to the Stone Co. postretirement benefits plan for 2015: Compute the amount of postretirement expense
Set up a T account for Accounts Receivable : Set up a T account for Accounts Receivable and T accounts for the four accounts needed in the customer ledger. Post to the T accounts
Journalize the transactions for january : Journalize the transactions for January, using a single-column revenue journal and a two-column general journal
Contract with lesha management : Advise Major Events whether it is bound by the contract with Lesha's management.
Prepare the router and tftp server : ITNE - Implementing Intrusion Prevention - You will load the IPS Signature package from a TFTP server and configure the public crypto key using the Cisco IOS
Which subsidiary ledgers would you recommend for practice : For the past few years, your client, Omni Care, has operated a small medical practice. Which subsidiary ledgers would you recommend for the medical practice
Non-executive directors with full time professional jobs : All three shareholders are also directors of the company but Lee runs the business on a day to day basis. Kate and Louise are non-executive
Recommend for the industry sector : What strategies might you recommend for the industry sector in which you work, or intend to work?
Identify and assess at least three professional skills : Information professionals with adequate skills are required to maintain the business continuity of database services in an organization.

Reviews

inf2008422

7/28/2018 2:49:31 AM

every configuration window and screenshot should have student id as per requirement whcih is XXXX please tell me the price all together for all of my 3 tasks. Im attaching lab sample Solution should look like similar to that and ensure student id XXXX is there in evey screenshot Overall, the assignment was well done. The expert did an excellent job helping people like me that struggle with work. Thank you so much!

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd