INTRUDER ALERT

    Oh no! It seems as if some one has destroyed our network! Our previous Network Engineer wasn’t too experienced and forgot to set some passwords and secure the networks from intruders!

    Not only did they mess with our configurations they rearranged some of the wires! Now we don’t know what goes where! They also stole a hub and I believe they have my stapler!

    All is not lost, I found the field operations manual (FOM) and back up logs from our previous Network Engineer that kept diligent details of the Logical Topology and IP Address Schemes!!ospf





Objectives
Part 1:
Make sure to power on any shut off devices.

Part 2:
Check/Assign configurations of devices, making sure they all have the correct IP Address and /CIDR according to the Address Table.

Part 3:
Disable DNS lookup
 Configure basic router settings.
EXEC PASSWORD = ENTER
CONSOLE PASSWORD = OPEN
VTY PASSWORD(S) 0 – 4 = SEZME

Enable login, and add the logging synchronous commands for both Console lines and Vty Lines.
Encrypt all passwords.
Save the running configuration to the startup configuration file.
Make a Warning Banner Message of the Day (MOTD).

Part 4:
Shorten all HOSTNAMES to match the physical devices.
Router1 = R1
Router2 = R2
E.C.T. …………………………

Part 5:
Check all Serial Cables for correct attachment to their interface counterparts.
Close any unused Serial and/or GigibitEthernet interfaces.

Part 6:

Configure OSPF on all routers with a PROCCESS ID of 1 and an AREA ID of zero “0”
“ROUTER OSPF 1”
“NETWORK A.B.C.D  WILDCARD MASK  AREA 0″

Check network statements on ALL routers to make sure they are adjacent with each other, if not the trouble shoot and fix any errors in the networks.

R1 (config) # ROUTER OSPF 1
R1 (config-router) # NETWORK 192.168.1.5 255.255.255.0 AREA 1 <<WRONG
R1 (config-router) # NETWORK 192.168.1.0 0.0.0.255 AREA 0  <<CORRECTED

CHECK ALL ROUTERS! FOR ERRORS!

Part 7:
Reduce traffic on the LANS! Issue the “passive-interface” command on all GigibitEthernet0/0 interfaces!

Part 8 :

If all nodes are able to connect/PING/ICMP to all other nodes, your job is finished. If not, then you will have to stay in the office until they are. Hey, over time right!?

Go home, relax. We have secured the networks for now.
Tomorrow is another day and we will have more work to do to insure the safety and integrity of the networks!

(P.S. Switches dont count at the moment, they have no IP address and are therefore unmanaged. )

This is a 2 part LAB. There are more security items we can use to lock down the system and make it impenetrable!


DOWNLOAD THE PACKET TRACER ACTIVITY HERE  

Finished with this activity? Looking for part 2? Click here!

Need to ask your Supervisor for some help?
Click Here and Here for some useful tips on OSPF!


Or you can always CHEAT shame on you! 
Still in training? Need the full CHEAT ?

Curious about BrainDumps?
Still curious about BrainDumps?
MORE information on BrainDumps!