User Account

All Pages

Prepare the router and tftp server

Assignment Help Computer Networking
Reference no: EM132008422

Implementing Intrusion Prevention

Objective: Configure an Intrusion Prevention System

TOPOLOGY:

Note: ISR G1 devices have Fast Ethernet interfaces instead of Gigabit Ethernet Interfaces.

In this lab, you will perform the following tasks:

Part 1: Configure Basic Device Settings

- Configure basic settings such as host name, interface IP addresses, and access passwords.

- Configure static routing to enable end-to-end connectivity.

Part 2: Use CLI to Configure an IOS IPS

- Configure IOS IPS using CLI.

- Modify IPS signatures.

- Examine the resulting IPS configuration.

- Verify IPS functionality.

- Log IPS messages to a syslog server.

Part 3: Simulate an Attack

- Use a scanning tool to simulate an attack.

BACKGROUND

In this lab, you will configure the Cisco IOS IPS, which is part of the Cisco IOS Firewall feature set. IPS examines certain attack patterns and alerts or mitigates when those patterns occur. IPS alone is not enough to make a router into a secure Internet firewall, but when added to other security features, it can be a powerful defense.

You will configure IPS using the Cisco IOS CLI and then test IPS functionality. You will load the IPS Signature package from a TFTP server and configure the public crypto key using the Cisco IOS.

Note: The router commands and output in this lab are from a Cisco 1941 with Cisco IOS Release 15.4(3)M2 (UniversalK9-M). Other routers and Cisco IOS versions can be used. See the Router Interface Summary Table at the end of the lab to determine which interface identifiers to use based on the equipment in the lab. Depending on the router model and Cisco IOS version, the commands available and output produced might vary from what is shown in this lab.

Note: Before beginning, ensure that the routers and switches have been erased and have no startup configurations.

Instructions for initializing the network devices are provided in Lab 0.0.0.0.

Part 1: Configure Basic Device Settings

The desktop system assigned to you serves as an end-user terminal. You access and manage the lab environment from the student desktop system using GNS3 Software.

Students should perform the steps in this task individually.

In Part 1 of this lab, you set up the network topology and configure basic settings, such as the interface IP addresses, static routing, device access, and passwords.

All steps should be performed on routers R1-S0000 and R3-S0000. The procedures are shown for only one of the routers.

Part 2: Configuring IPS Using the Cisco IOS CLI

In Part 2 of this lab, you will configure IPS on R1 using the Cisco IOS CLI. You then review and test the resulting configuration.

Task 1: Verify Current Router Configurations.

In this task, you will verify end-to-end network connectivity before implementing ZPF.

Task 2: Prepare the Router and TFTP Server

Task 3: Configure the IPS Crypto Key

The crypto key verifies the digital signature for the master signature file (sigdef-default.xml). The contents are signed by a Cisco private key to guarantee the authenticity and integrity at every release.

Task 4: Configure IPS

Task 5: Load the IOS IPS Signature Package to the Router

The most common way to load the signature package to the router is to use TFTP.

Task 6: Test the IPS Rule and Modify a Signature

You can work with signatures in many ways. They can be retired and unretired, enabled and disabled, and their characteristics and actions can be changed. In this task, you first test the default behavior of IOS IPS by pinging it from the outside.

Part 3: Simulate an Attack

Task 1: Verify IPS with Zenmap

Nmap/Zenmap is a network-scanning tool that allows you to discover network hosts and resources, including services, ports, operating systems, and other fingerprinting information. Zenmap is the graphical interface for Nmap. Nmap should not be used to scan networks without prior permission. The act of network scanning can be considered a form of network attack.

Nmap/Zenmap will test the IPS capabilities on R1. You will run the scanning program from PC-A and attempt to scan open ports on router R2 before and after applying IPS rule iosips on R1.

Task 2: Observe the syslog messages on R1.

You should see syslog entries on the R1 console and on the syslog server if it is enabled. The descriptions should include phrases, such as TCP NULL Packet and TCP SYN/FIN Packet.

a. What is the IPS risk rating or severity level (Sev:) of the TCP NULL Packet, signature 3040?

b. What is the IPS risk rating or severity level (Sev:) of the TCP SYN/FIN packet, signature 3041?

Reflection

1. If changes are made to a signature while using version 5.x signature files, are they visible in the router running the configuration?

Attachment:- Configure an Intrusion Prevention System IPS.rar

Verified Expert

Given task is about configuration of topology in gns. For that router binary file must required. That support IPS technology , generally the binary with advance advertisement support this type of IPS technology. After creating topology basic configuration in router and switch are created. For the syslog analysis the cloud is placed in the gns topology and required output is captured using tools like tftpd and file transfer operations is performed using tftp software.

Reference no: EM132008422

Questions Cloud

Compute the amount of postretirement expense : The following information is related to the Stone Co. postretirement benefits plan for 2015: Compute the amount of postretirement expense
Set up a T account for Accounts Receivable : Set up a T account for Accounts Receivable and T accounts for the four accounts needed in the customer ledger. Post to the T accounts
Journalize the transactions for january : Journalize the transactions for January, using a single-column revenue journal and a two-column general journal
Contract with lesha management : Advise Major Events whether it is bound by the contract with Lesha's management.
Prepare the router and tftp server : ITNE - Implementing Intrusion Prevention - You will load the IPS Signature package from a TFTP server and configure the public crypto key using the Cisco IOS
Which subsidiary ledgers would you recommend for practice : For the past few years, your client, Omni Care, has operated a small medical practice. Which subsidiary ledgers would you recommend for the medical practice
Non-executive directors with full time professional jobs : All three shareholders are also directors of the company but Lee runs the business on a day to day basis. Kate and Louise are non-executive
Recommend for the industry sector : What strategies might you recommend for the industry sector in which you work, or intend to work?
Identify and assess at least three professional skills : Information professionals with adequate skills are required to maintain the business continuity of database services in an organization.

Reviews

inf2008422

7/28/2018 2:49:31 AM

every configuration window and screenshot should have student id as per requirement whcih is XXXX please tell me the price all together for all of my 3 tasks. Im attaching lab sample Solution should look like similar to that and ensure student id XXXX is there in evey screenshot Overall, the assignment was well done. The expert did an excellent job helping people like me that struggle with work. Thank you so much!

Write a Review

Computer Networking Questions & Answers

  Discuss the relationship between autonomous systems

COIT20261 Network Routing and Switching (Term 1, 2017) Assignment. Define the terms and discuss the relationship between Autonomous Systems

  What is the linux command for listing all network interfaces

The script for starting the Apache Web server is found in what directory?

  Implement various application servers for an organization

Plan and implement various application servers for an organization. Company to host a website including a separate IIS server.

  Explain digital multiplexing

Explain digital multiplexing, the digital T(X), and SONET hierarchy. Explain the differences between the American and European systems

  Summarize all routes from each area into the core

Summarize all routes from each area into the core. Plan for approximately 30 networks in each area with exception of the core, which is exactly as shown in the diagram.

  Computation of a routing table using dijkstras spf algorithm

calculate its routing table, thereby enabling forwarding of network traffic between end systems. The purpose of the project is to design and implement a simple Link-State Routing Protocol

  What is the largest attack volume as of the papers writing

What's the largest attack volume (in Gbps) as of the paper's writing? What percentage of companies were hit by a DDoS attack in 2013?

  What is queuing delay and packet loss

CMET 435- Give the examples of network core devices? Give the examples of physical media? Are they network core or network edge devices? What is queuing delay and packet loss?

  Why was it necessary to implement ipv-six

Why was it necessary to implement IPv6? Logically support your rationale. How do you properly abbreviate an IPv6 address? Provide a detailed example.

  Cite two illustrations of a circuit switch and packet

cite two examples of a circuit switch and packet switch environment. base one example on a circuit switch and the other

  Compare and contrast ipsec tunnel and ipsec transfer mode

What is a certificate authority? How does PGP differ from SSL? How does SSL differ from IPSec?- Compare and contrast IPSec tunnel mode and IPSec transfer mode.

  Discuss various stages in project life cycle

Discuss various stages in project life cycle based on the type of IT organization structure you have seen - Your ability to see what the module.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd