Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 138 views

    15.2.7 Packet Tracer - Logging Network Activity (Answers) 15.2.7 Packet Tracer - Logging Network Activity (Answers)

    Uploaded by

    craf
    The document discusses logging network activity by creating FTP traffic, investigating the FTP traffic using a packet sniffer, and viewing syslog messages. It provides instructions on setting up an FTP session between a client and server to upload a file, and describes viewing the uploaded file and directory contents on the server. The goal is to observe a security vulnerability using network applications and view logged ICMP traffic with syslog.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    15.2.7 Packet Tracer - Logging Network Activity (Answers) 15.2.7 Packet Tracer - Logging Network Activity (Answers)

    Uploaded by

    craf
    138 views7 pages
    The document discusses logging network activity by creating FTP traffic, investigating the FTP traffic using a packet sniffer, and viewing syslog messages. It provides instructions on setting up an FTP session between a client and server to upload a file, and describes viewing the uploaded file and directory contents on the server. The goal is to observe a security vulnerability using network applications and view logged ICMP traffic with syslog.

    Original Title

    1527-packet-tracer-logging-network-activity-answers

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses logging network activity by creating FTP traffic, investigating the FTP traffic using a packet sniffer, and viewing syslog messages. It provides instructions on setting up an FTP session between a client and server to upload a file, and describes viewing the uploaded file and directory contents on the server. The goal is to observe a security vulnerability using network applications and view logged ICMP traffic with syslog.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    138 views7 pages

    15.2.7 Packet Tracer - Logging Network Activity (Answers) 15.2.7 Packet Tracer - Logging Network Activity (Answers)

    Uploaded by

    craf
    The document discusses logging network activity by creating FTP traffic, investigating the FTP traffic using a packet sniffer, and viewing syslog messages. It provides instructions on setting up an FTP session between a client and server to upload a file, and describes viewing the uploaded file and directory contents on the server. The goal is to observe a security vulnerability using network applications and view logged ICMP traffic with syslog.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 7

    lOMoARcPSD|10104886

    15.2.7 Packet Tracer – Logging Network Activity (Answers)

    Network security (Algonquin College)

    StuDocu is not sponsored or endorsed by any college or university


    Downloaded by Chung Quarn (hejatel307@d3bb.com)
    lOMoARcPSD|10104886

    15.2.7 Packet Tracer – Logging Network Activity (Answers)


    Topology

    15.2.7 Packet Tracer – Logging Network Activity

    Addressing Table

    Device Private IP Address Public IP Address

    FTP_Ser
    ver 192.
    168.
    30.
    253 209.
    165.
    200.
    227

    SYSLOG_SERVER 192.
    168.
    11.
    254 209.
    165.
    200.
    229

    Rout
    er2 N/
    A 209.
    165.
    200.
    226

    Objectives

     Part 1: Create FTP traffic.


     Part 2: Investigate the FTP Traffic
     Part 3: View Syslog Messages

    Background

    Int
    hisact
    ivit
    y,youwi
    ll
    usePacketTracert
    osniffandlognet
    wor
    ktraffic
    .Youwil
    lvi
    ewasecur
    it
    y
    vul
    nerabi
    l
    ityinonenet
    workappl
    icat
    i
    on,andviewl oggedICMPtr
    afficwiths
    ysl
    og.

    Instructions

    Part 1: Create FTP traffic.

    Downloaded by Chung Quarn (hejatel307@d3bb.com)


    lOMoARcPSD|10104886

    Step 1: Activate the sniffing device.


    a.Cl
    i
    ckonsni ceSniffer1.
    fferdevi
    b.Got hePhysical t
    ot abandturn on t
    hepowert
    othesni
    ffer
    .

    c.GototheGUI t
    abandturnt
    hesnifferser
    viceon.
    d.TheFTPands y
    slogpack
    etsent
    eri
    ngt hesnifferf
    rom Rout
    er2ar
    ebei
    ngmoni
    t
    ored.
    Step 2: Remotely connect to the FTP server.
    a.ClckonPC-B andgot
    i ot hedesktop.
    b.ClckCommand Prompt.Fr
    i om thecommandpr ompt,openanFTPsessi
    on
    withFTP_SERVER usingitspubli
    cIPaddress
    .Helpwiththecommandli
    neisavai
    l
    abl
    eby
    typi
    ng?attheprompt
    .
    c.Entert
    heusernameofcisco andpasswordofcisco t
    oauthent
    icat
    ewi
    t heFTP_Server.
    ht
    C:\>ftp 209.165.200.227
    Trying to connect...209.165.200.227
    Connected to 209.165.200.227
    220- Welcome to PT Ftp server

    Downloaded by Chung Quarn (hejatel307@d3bb.com)


    lOMoARcPSD|10104886

    Username:cisco
    331- Username ok, need password
    Password:
    230- Logged in
    (passive mode On)
    ftp>
    ftp>
    ftp>
    Step 3: Upload a file to the FTP server.
    a.Attheftp> pr ompt
    ,enterthecommanddir t ovi
    ewthecurr
    entfil
    esst
    oredont her emot
    e
    FTPser ver
    .
    b.Uploadtheclientinfo.txt fil
    etotheFTPserverbyent
    eri
    ngthecommandput
    clientinfo.txt.
    c.Attheftp> pr ompt
    ,ent
    ert hecommanddi randveri
    fyt heclientinfo.txt fil
    hatt eisnowon
    theFTPser ver.
    d.Enterquit attheFTPpr omptt ocl
    osethesessi
    on.

    ftp>dir

    Listing /ftp directory from 209.165.200.227:

    0 : asa842-k8.bin 5571584

    1 : asa923-k8.bin 30468096

    2 : c1841-advipservicesk9-mz.124-15.T1.bin 33591768

    3 : c1841-ipbase-mz.123-14.T7.bin 13832032

    4 : c1841-ipbasek9-mz.124-12.bin 16599160

    5 : c1900-universalk9-mz.SPA.155-3.M4a.bin 33591768

    6 : c2600-advipservicesk9-mz.124-15.T1.bin 33591768

    7 : c2600-i-mz.122-28.bin 5571584

    8 : c2600-ipbasek9-mz.124-8.bin 13169700

    9 : c2800nm-advipservicesk9-mz.124-15.T1.bin 50938004

    10 : c2800nm-advipservicesk9-mz.151-4.M4.bin 33591768

    11 : c2800nm-ipbase-mz.123-14.T7.bin 5571584

    Downloaded by Chung Quarn (hejatel307@d3bb.com)


    lOMoARcPSD|10104886

    12 : c2800nm-ipbasek9-mz.124-8.bin 15522644

    13 : c2900-universalk9-mz.SPA.155-3.M4a.bin 33591768

    14 : c2950-i6q4l2-mz.121-22.EA4.bin 3058048

    15 : c2950-i6q4l2-mz.121-22.EA8.bin 3117390

    16 : c2960-lanbase-mz.122-25.FX.bin 4414921

    17 : c2960-lanbase-mz.122-25.SEE1.bin 4670455

    18 : c2960-lanbasek9-mz.150-2.SE4.bin 4670455

    19 : c3560-advipservicesk9-mz.122-37.SE1.bin 8662192

    20 : c3560-advipservicesk9-mz.122-46.SE.bin 10713279

    21 : c800-universalk9-mz.SPA.152-4.M4.bin 33591768

    22 : c800-universalk9-mz.SPA.154-3.M6a.bin 83029236

    23 : cat3k_caa-universalk9.16.03.02.SPA.bin 505532849

    24 : cgr1000-universalk9-mz.SPA.154-2.CG 159487552

    25 : cgr1000-universalk9-mz.SPA.156-3.CG 184530138

    26 : ir800-universalk9-bundle.SPA.156-3.M.bin 160968869

    27 : ir800-universalk9-mz.SPA.155-3.M 61750062

    28 : ir800-universalk9-mz.SPA.156-3.M 63753767

    29 : ir800_yocto-1.7.2.tar 2877440

    30 : ir800_yocto-1.7.2_python-2.7.3.tar 6912000

    31 : pt1000-i-mz.122-28.bin 5571584

    32 : pt3000-i6q4l2-mz.121-22.EA4.bin 3117390

    ftp>

    ftp>

    ftp>put clientinfo.txt

    Downloaded by Chung Quarn (hejatel307@d3bb.com)


    lOMoARcPSD|10104886

    Writing file clientinfo.txt to 209.165.200.227:


    File transfer in progress...

    [Transfer complete - 662 bytes]

    662 bytes copied in 0.129 secs (5131 bytes/sec)


    ftp>dir

    Listing /ftp directory from 209.165.200.227:


    0 : asa842-k8.bin 5571584
    1 : asa923-k8.bin 30468096
    2 : c1841-advipservicesk9-mz.124-15.T1.bin 33591768
    3 : c1841-ipbase-mz.123-14.T7.bin 13832032
    4 : c1841-ipbasek9-mz.124-12.bin 16599160
    5 : c1900-universalk9-mz.SPA.155-3.M4a.bin 33591768
    6 : c2600-advipservicesk9-mz.124-15.T1.bin 33591768
    7 : c2600-i-mz.122-28.bin 5571584
    8 : c2600-ipbasek9-mz.124-8.bin 13169700
    9 : c2800nm-advipservicesk9-mz.124-15.T1.bin 50938004
    10 : c2800nm-advipservicesk9-mz.151-4.M4.bin 33591768
    11 : c2800nm-ipbase-mz.123-14.T7.bin 5571584
    12 : c2800nm-ipbasek9-mz.124-8.bin 15522644
    13 : c2900-universalk9-mz.SPA.155-3.M4a.bin 33591768
    14 : c2950-i6q4l2-mz.121-22.EA4.bin 3058048
    15 : c2950-i6q4l2-mz.121-22.EA8.bin 3117390
    16 : c2960-lanbase-mz.122-25.FX.bin 4414921
    17 : c2960-lanbase-mz.122-25.SEE1.bin 4670455
    18 : c2960-lanbasek9-mz.150-2.SE4.bin 4670455
    19 : c3560-advipservicesk9-mz.122-37.SE1.bin 8662192
    20 : c3560-advipservicesk9-mz.122-46.SE.bin 10713279
    21 : c800-universalk9-mz.SPA.152-4.M4.bin 33591768
    22 : c800-universalk9-mz.SPA.154-3.M6a.bin 83029236
    23 : cat3k_caa-universalk9.16.03.02.SPA.bin 505532849
    24 : cgr1000-universalk9-mz.SPA.154-2.CG 159487552
    25 : cgr1000-universalk9-mz.SPA.156-3.CG 184530138
    26 : clientinfo.txt 662
    27 : ir800-universalk9-bundle.SPA.156-3.M.bin 160968869
    28 : ir800-universalk9-mz.SPA.155-3.M 61750062
    29 : ir800-universalk9-mz.SPA.156-3.M 63753767
    30 : ir800_yocto-1.7.2.tar 2877440

    Downloaded by Chung Quarn (hejatel307@d3bb.com)


    lOMoARcPSD|10104886

    31 : ir800_yocto-1.7.2_python-2.7.3.tar 6912000
    32 : pt1000-i-mz.122-28.bin 5571584
    33 : pt3000-i6q4l2-mz.121-22.EA4.bin 3117390
    ftp>
    ftp>quit
    Part 2: Investigate the FTP Traffic
    a.Cli heSniffer1 devi
    ckt ceandthencl i heGUI t
    ckt ab.
    b.Clickt
    hroughsomeoft hefir
    stFTPpack et
    sinthes ession.Besuretoscr
    olldowntovi
    ewthe
    appli
    cati
    onlayerprotocoli
    nformat
    ioni nt
    hepack etdetailsforeach.(
    Thi
    sassumesthisi
    syour
    fir
    stFTPsession.Ifyouhav eopenedot hersessions,clearthewindowandrepeatt
    helogi
    nand
    fil
    etr
    ansferprocess.
    )
    Whati st
    hesecur i
    tyvulnerabi
    li
    typresentedbyFTP?
    TheFTPuser nameandpasswor dar etr
    ansmitt
    edi ncleartext.
    Whatshoul dbedonet omiti
    gatet
    hisvulnerabil
    i
    ty?
    Useasecur efil
    et r
    ansferprot
    ocolsuchasSFTP.
    Part 3: View syslog Messages
    Step 1: Remotely connect to Router2.
    a.From thePC-B commandli
    ne,t
    el oRouter2.
    nett
    b.Uset heusernameADMIN andpass dCISCO f
    wor oraut
    hent
    i
    cat
    i
    on.
    c.Enterthefol
    l
    owingcommandsattherout
    erpr
    ompt
    :

    Router2# debug ip icmp

    d.Typelogout att
    hepr
    omptt
    ocl
    oset
    heTel
    netsessi
    on.
    Step 2: Generate and View the syslog Messages.
    a.Cli
    ckont heSYSLOG_SERVER devi ceandgot otheServicestab.
    b.Cli
    ckt heSYSLOG ser vice.Ver if
    ythatt heserviceison.Sy slogmes sageswi l
    lappearhere.
    c.Got ohostPC- Bandopent heDesktop t ab.
    d.Opent heCommand Prompt andping Rout er2.
    e.Got ohos tPC-A andopent heDesktop t ab.
    f
    .Got ot heCommandPr omptandping Rout er2.
    g.Ont hes yslogser verinv estigatethel oggedmess ages.
    h.Thereshoul dbef ourmessagesf rom PC- Aandf ourPC-B.
    Cany out ellwhi chechor epl i
    esar ef orPC- AandPC- Bfr
    om thedest i
    nati
    onaddr esses?Explai
    n.
    Theyshoul dbot hhav ethesamedest i
    nationaddr essbecauseNATi stranslati
    nginter
    nalpri
    vat
    e
    addr
    essest oagl obal publ i
    caddr ess.
    Note: TheHost Namefiel dint hes yslogser verdispl
    ayrefer
    st othedevicet hati
    sthesourceof
    thesyslogmessages .
    .Ping Rout
    i er2from PC- C.
    Whatwi llthedest i
    nationaddr essf orther epli
    esbe ?
    Theaddr esswi llbet heinter nal pri
    vateaddr essofPC- C.

    Downloaded by Chung Quarn (hejatel307@d3bb.com)

    You might also like