GT ECE 4112 - Lab: Network Devices Security (29 pages)

Previewing pages 1, 2, 3, 27, 28, 29 of 29 page document View the full content.
View Full Document

Lab: Network Devices Security



Previewing pages 1, 2, 3, 27, 28, 29 of actual document.

View the full content.
View Full Document
View Full Document

Lab: Network Devices Security

86 views


Pages:
29
School:
Georgia Tech
Course:
Ece 4112 - Internetwork Security
Internetwork Security Documents
Unformatted text preview:

ECE4112 Internetwork Security Lab Network Devices Security Group Number Member Names Authored By Krunal Shah Kulin Shah Date Assigned Date Due Please read the entire lab and any extra materials carefully before starting Be sure to start early enough so that you will have time to complete the lab Answer ALL questions in the Answer Sheet and be sure you turn in ALL materials listed in the Turn in Checklist on or before the Date Due Goal This lab will introduce you to the concept of security of network devices You will learn about vulnerabilities that exist on these devices the backbone and lifeline of the internet which can so easily be exploited and certain counter measures that a sys admin would take to prevent their compromise to a certain extent Background The lab gives you hands on experience on hacking into routers and switches This lab is important for a security expert in the sense that whenever a hacker tries to attack a network or a subnetwork he first has to go through the default gateway of the network or default router in case of a subnetwork which is the entry point If properly secured it acts like an extra barricade that must be overcome before getting in However most sys admin are ignorant and not aware of the vulnerabilities existent This makes them the Achilles heel of networks in terms of security Summary In the first section we will learn how to gain administrative privileges assuming physical access and in the second obtaining it through remote access In the third section we will implement CAM overflow of switch MAC address tables The fourth section describes a PVLAN setup and exploit on a switch while the last section deals with a vulnerability which is on by default on switches Pre lab Questions Q In which format are the Cisco router and switch passwords stored Q Which operating systems do Cisco routers and switches use Section 1 Physical access compromise Lab Scenario For this section of the lab you will try to gain administrative privileges to the router and switch Once this is achieved it is possible to modify and manipulate the configuration settings Like for the router you could modify or erase the routing table or simply bring all the interfaces down Similarly for a switch you could modify the mac address tables or reconfigure VLANS to create havoc in the network We will use the virtual XP machine and one Cisco router and switch on the playstation to carry out the attack For this attack we assume that the attacker has physical access to the router however does not have the knowledge of the passwords for administrative privileges For this attack you will need a terminal emulator which will be the video interface between you the attacker and the router and switch console port 1 1 Configuring Hyper Terminal Windows Hyper Terminal is an example of a terminal emulator Terminals are typically synonymous with a command line shell or text terminal A terminal window allows the user access to text terminal and all its applications such as command line interfaces CLI and text user interface applications These may be running either on the same machine or on a different one via telnet ssh or dial up On your Windows XP machine 1 Click on programs 2 Click on Accessories 3 Select hyper terminal if available If it does not appear on the list of accessory programs then 1 Click on Control panel 2 Click on My Computer 3 Click on Install Remove Programs 4 Click on Windows settings 5 Click on Communications 6 Select Hyper terminal and click apply or OK at the bottom Enter personal information such as area code and phone number this will give a window that replicates figure 1 Select any name for the connection select an icon and then click OK In the Connect To window change the field connect using to COM1 or the lowest available COM port on the computer Click OK Configure the settings are as shown below 9 1 Set Bits per second to 9600 2 Set Data Bits to 8 3 Set Stop Bits to 1 4 Set Flow control to none Click ok and ensure that the status shown in the lower left says connected Once this is done you will need to ask the TA for the console cable which you will connect to the console port of the router and the other end to the com port of your machine Now press enter a few times on the keyboard You should get a prompt from the router Once you receive this prompt you have successfully got hyper terminal functional Figure1 10 1 2 Logging into the router Now using the power switch turn the router off and then on Send a break signal to the router within 60 seconds of the powerup This will put the router into the ROM monitor ROMMON mode The break sequence would depend on your terminal emulation program The break signal for the HyperTerminal is CTRL BREAK Q 1 1 What is the break signal for the Minicom terminal emulator 1 Now you should see the ROMMON prompt Rommon System received an abort due to Break Key signal 0x3 code 0x500 context 0x813ac158 PC 0x802d0b60 Vector 0x500 SP 0x80006030 rommon 1 confreg 0x2142 You must reset or power cycle for new config to take effect rommon 2 reset System Bootstrap Version 11 3 2 XA4 RELEASE SOFTWARE fc1 Copyright c 1999 by cisco Systems Inc TAC Home SW IOS Specials for info C2600 platform with 32768 Kbytes of main memory program load complete entry point 0x80008000 size 0x6fdb4c Self decompressing the image OK Figure2 2 Type confreg 0x2142 and press ENTER This will set the router to boot ignoring the configuration stored in NVRAM Then type reset and press ENTER to reboot When the router boots it will display the following 7 System Configuration Dialog 3 Skip the initial setup procedure by pressing CTRL C 4 When the Router prompt appears type enable and press ENTER Copy the NVRAM config file into RAM with copy start run or conf mem Then enter the configuration mode conf t 5 Whoa Now you can change the password to whatever you want to change for example the enable password using the enable secret password command 6 Change the configuration register back with the config register 0x2102 command Leave the configuration mode CTRL Z Save the changes with copy run start or write mem Reboot the router 1 3 Hacking into the switch For the 3550 series catalyst switches 9 Plug in the console cable Set your terminal emulation program as follows 1 Bits per second baud 9600 2 Data bits 8 3 Parity None 4 Stop bits 1 Now carefully follow out the following procedure 1 Flow control Xon Xoff 2 Apply flow control 3 Unplug the power cord 4 Hold down the Mode button on


View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Lab: Network Devices Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lab: Network Devices Security and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?