SIS - Security Lab Introductory Session

University of Pittsburgh

2006

Agenda

Description of lab infrastructure Equipment configuration basics

Text based connection / configuration Graphical configuration environment

Cabling description Useful commands

Cisco IOS Windows / Linux

Recommendations

Lab Infrastructure

Equipment configuration

Equipment configuration (2)

Equipment configuration (3)

Access modes

The PIX firewalls (and other CISCO equipment) have four administrative access modes: Unprivileged mode: Available at first access. Provides a

restricted, limited view of system settings. (Prompt = ‘>’) Privileged mode: Allows you to change system settings.

(Prompt = ‘#’) Configuration mode: Enables you to change system

configurations. (Prompt = ‘(config)#’ Monitor mode: Special mode that allows you to update

system configuration image over the network (using a TFTP server)

Access modes (2)

To access privilege mode

enable To access configuration mode

configure terminal Use the exit command to exit from one mode

to the previous one

Firewalls

System or group of systems that manage access between two networks

Internet

Router Firewall

DMZ

Inside Network

Outside Network

PIX Firewalls

Proprietary operating system Stateful inspection Protocol and application inspection User-based authentication Virtual private networking Web-based management Stateful failover capabilities

Graphical configuration environment (PIX 501 Firewall) Important: To access the GUI configuration

environment on the PIX 501 use a PC connected to the PIX and a browser with the MICROSOFT JAVA VM enabled !!

Activate GUI environment via browserhttps://192.168.1.1/pdm.html

Viewing / Saving configurations

There are two configuration memories, running-configuration and startup-configuration

show running-config displays the current configuration in the RAM memory of the equipment. Any configuration changes are written to the running-configuration

write memory saves the current running-configuration to the flash memory startup-configuration

show configure shows the configuration that is in flash memory

show history displays previously entered commands

Cabling description

Networking ports for each computer are numbered Correspondence (see picture) Move the patch cords to where you need them if they

are not properly set.

Basic CISCO IOS commands

ip address if_name ip_address [netmask]ip address ethernet2 172.16.0.1 255.255.255.0

show ip address Displays the IP adresses assigned to all

interfaces show interface

allows you to view the network interface information and status

ping ip_address To determine reachability of a system

Basic Windows/Linux networking commands ipconfig (windows) / ifconfig (linux)

To obtain ip configuration information of a PC ping netstat –r

To obtain routing configuration and statistics netstat

Gives you information on active ports and established connections on a system

Lab procedures

Lab assignments will be given a couple of days in advance to the start of the lab working period

Lab working periods = 1 or 2 weeks Lab groups should be composed of two persons (no

more, no less) Use sign-up sheet to schedule the time in which you

will be using lab equipment Lab reports can be written in any format but should

include answers to the questions presented in the assignment and equipment configuration files

Important recommendations

Never change a password (you’ll be held accountable) unless its for your own user account

Discharge often – get rid of static electricity build up before touching equipment

For questions: Check CISCO web site http://www.cisco.com Ask GSA:

E-mail: cec15@pitt.edu

Questions ??