Group Number: _________Member Names: ___________________ _______________________ECE4112 Internetwork SecurityLab: Network Devices SecurityGroup Number: _________Member Names: ___________________ _______________________Authored By: Krunal Shah, Kulin ShahDate Assigned:Date Due: Please read the entire lab and any extra materials carefully before starting. Be sure to start earlyenough so that you will have time to complete the lab. Answer ALL questions in the Answer Sheet and be sure you turn in ALL materials listed in the Turn-in Checklist on or before the Date Due.Goal: This lab will introduce you to the concept of security of network devices. You will learn about vulnerabilities that exist on these devices, the backbone and lifeline of the internet, which can so easily be exploited and certain counter measures that a sys admin would take to prevent their compromise to a certain extent.Background: The lab gives you hands on experience on hacking into routers and switches. This lab is important for a security expert in the sense that whenever a hacker tries to attack a network or a subnetwork, he first has to go through the default gateway of the networkor default router in case of a subnetwork which is the entry point. If properly secured it acts like an extra barricade that must be overcome before getting in. However, most sys admin are ignorant and not aware of the vulnerabilities existent. This makes them the Achilles heel of networks in terms of security.Summary: In the first section we will learn how to gain administrative privileges assuming physical access and in the second, obtaining it through remote access. In the third section we will implement CAM overflow of switch MAC address tables. The fourth section describes a PVLAN setup and exploit on a switch while the last section deals with a vulnerability which is on by default on switches.Pre-lab Questions: Q > In which format are the Cisco router and switch passwords stored?Q > Which operating systems do Cisco routers and switches use?Section 1: Physical access compromiseLab Scenario: For this section of the lab you will try to gain administrative privileges to the router and switch. Once this is achieved it is possible to modify and manipulate the configuration settings. Like for the router you could modify or erase the routing table or simply bring all the interfaces down. Similarly, for a switch you could modify the mac-address tables or reconfigure VLANS to create havoc in the network. We will use the virtual XP machine and one Cisco router and switch on the playstation to carry out the attack.For this attack we assume that the attacker has physical access to the router however does not have the knowledge of the passwords for administrative privileges. For this attack you will need a terminal emulator which will be the video interface between you (the attacker) and the routerand switch console port. 1.1 Configuring Hyper – TerminalWindows Hyper Terminal is an example of a terminal emulator. Terminals are typically synonymous with a command line shell or text terminal. A terminal window allows the user access to text terminal and all its applications such as command-line interfaces (CLI) and text user interface applications. These may be running either on the same machine or on a different one via telnet, ssh, or dial-up. On your Windows XP machine1). Click on programs 2). Click on Accessories 3). Select hyper terminal if available. If it does not appear on the list of accessory programs then 1). Click on Control panel 2). Click on My Computer 3). Click on Install/Remove Programs 4). Click on Windows settings 5). Click on Communications 6). Select Hyper terminal and click apply or OK at the bottomEnter personal information such as area code and phone number this will give a window that replicates figure 1. Select any name for the connection, select an icon, and then click OK. In the ‘Connect To’ window, change the field ‘connect using’ to COM1 or the lowest available COM port on the computer. Click OK. Configure the settings are as shown below. [9]1) Set "Bits per second" to 9600. 2) Set "Data Bits" to 8. 3) Set "Stop Bits" to 1. 4) Set "Flow control" to none. Click ok and ensure that the status shown in the lower left says connected. Once this is done you will need to ask the TA for the console cable which you will connect to the console port of the router and the other end to the com port of your machine. Now press enter a few times on the keyboard. You should get a prompt from the router. Once you receive this prompt, you have successfully got hyper terminal functional.Figure1. [10]1.2 Logging into the routerNow, using the power switch, turn the router off and then on. Send a break signal to the router within 60 seconds of the powerup. This will put the router into the ROM monitor (ROMMON) mode. The break sequence would depend on your terminal emulation program. The break signal for the HyperTerminal is (CTRL-BREAK). Q 1.1 > What is the break signal for the Minicom terminal emulator?1. Now you should see the ROMMON prompt. Rommon>*** System received an abort due to Break Key ***signal= 0x3, code= 0x500, context= 0x813ac158PC = 0x802d0b60, Vector = 0x500, SP = 0x80006030rommon 1 > confreg 0x2142You must reset or power cycle for new config to take effectrommon 2 > resetSystem Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)Copyright (c) 1999 by cisco Systems, Inc.TAC:Home:SW:IOS:Specials for infoC2600 platform with 32768 Kbytes of main memoryprogram load complete, entry point: 0x80008000, size: 0x6fdb4cSelf decompressing the image : ######################################################################################################################################################################################################################################################## [OK]Figure2.2. Type confreg 0x2142 and press ENTER. This will set the router to boot, ignoring the configuration stored in NVRAM. Then type reset and press ENTER to reboot. When the router boots, it will display the following: [7] --- System Configuration Dialog ---3. Skip the initial setup procedure by pressing CTRL-C.4. When the Router> prompt appears, type enable and press ENTER. Copy the NVRAM config file into RAM with copy start run or conf mem. Then enter the configuration mode (conf t).5. Whoa!!! Now you can change the password to whatever you want to change—for example, the enable password