M11CDE Skills-based Assessment 2011-12 School of Engineering & Computing Department of Computing Internet Information Security (M11CDE) Layered Security Student Name: Saud Aljaloud I certify that this is my own work yes/no and that I have read and understand the University Assessment regulations. CU 01/11/2011 M11CDE
33
Embed
M11CDE Internet security Network configuration between three cities CISCO
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
M11CDE Skills-based Assessment 2011-12
School of Engineering & Computing Department of Computing
Internet Information Security(M11CDE)
Layered Security
Student Name: Saud Aljaloud
I certify that this is my own work yes/no and that I have read and understand the University Assessment regulations.
CU 01/11/2011 M11CDE
M11CDE Skills-based Assessment 2011-12
Submission DetailsThe details below indicate what you should submit, when you should submit it and where is should be submitted to.
Submission Date and Method
Deadline 18 st January 2012 both online and paper submission.
Submission Format:
1. Fill the online quiz for the practical test which will be available one week before the final fixed deadline.
2. Download an electronic copy of this document and where there are blanks or spaces to complete addressing information etc., please include them in the document. You submission should include the answers in the document, but do not change the document in any other way! If the document has been modified other than to include the required information your submission will be null and void.
3. Your files should be name as “SID_FIRSTNAME_SURNAME_FILENAME.xxx”. E.g. 100292_FIRSTNAME_SURNAME_ANSWERS.doc.
4. Save the configurations from all your network devices and embed them into the end of this document.
5. If you have attempted to configure VLANs, please also include a switch configuration from any one of your LAN switches. Please note that this must be a switch that you have actually configured VLANs on.
6. If you have implemented the network in Packet Tracer, you may consider submitting a copy of that as well but this is not compulsory.
Zero Tolerance for late submission:
If your work is late it will have to be marked zero according to new university policy. Please ensure you upload your work well before the deadline. You will be able to delete and update your work before the deadline.
Plagiarism Note:
As with all assessed work, both the research and written submission should be your own work. When submitting this work you are explicitly indicating that you have read the rules on plagiarism as defined in the University regulations and that all work is in fact your own, except where explicitly referenced using the accepted referencing style.
Feedback and marking:
The practical work will be marked by using the questions set in the online quiz and number of questions for each section will depend on the weightings set in the below sections. Feedbacks and marks will be provided once the online practical quiz is submitted.
CU 01/11/2011 M11CDE
M11CDE Skills-based Assessment 2011-12
Network topology
[Whilst the topology shows only two hosts on each LAN, you should configure four hosts on each LAN.]
CU 01/11/2011 M11CDE
M11CDE Skills-based Assessment 2011-12
Network Information
The WAN IP network address between Dundee and Glasgow is 209.154.17.0 with a
subnet mask of 255.255.255.0. The WAN IP network address between Edinburgh and
Glasgow is 209.154.16.0 with a subnet mask of 255.255.255.0. This is clearly shown on
the network topology.
Dundee information
The LAN for Dundee has been assigned an IP network address of 192.168.6.0
Each subnet of the above network needs to accommodate 14 host addresses. The subnet
mask will be 255.255.255.240. This is worked out by borrowing 4 bits from the final octet
Current configuration : 1179 bytes!version 12.2no service timestamps log datetime msecno service timestamps debug datetime msecno service password-encryption!hostname EDN!!!enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1!!!!!!!!!!ip host 209.154.17.2 192.168.6.104 ip host DUN 209.154.17.2 192.168.6.104 ip host GLA 209.154.16.1 209.154.17.1 !!!!!!interface FastEthernet0/0 ip address 192.168.5.78 255.255.255.240 ip access-group 101 in duplex auto speed auto!interface FastEthernet1/0 no ip address duplex auto speed auto shutdown!
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
interface Serial2/0 ip address 209.154.16.2 255.255.255.0!interface Serial3/0 no ip address shutdown!interface FastEthernet4/0 no ip address shutdown!interface FastEthernet5/0 no ip address shutdown!router rip network 172.16.0.0 network 192.168.5.0 network 192.168.6.0 network 209.154.16.0 network 209.154.17.0!ip classless!!access-list 101 deny tcp 192.168.5.72 0.0.0.7 172.16.0.0 0.0.255.255 eq wwwaccess-list 101 permit tcp 192.168.5.64 0.0.0.7 172.16.0.0 0.0.255.255 eq www!banner motd ^C Warn of unauthorised access ^C!!!!line con 0 password cisco loginline vty 0 4 password berril login!!!end
EDN#
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
Configuration of Dundee Router:
Restricted Rights Legend
Use, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.
cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706
Cisco Internetwork Operating System SoftwareIOS (tm) PT1000 Software (PT1000-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by cisco Systems, Inc.Compiled Wed 27-Apr-04 19:01 by miwang
PT 1001 (PTSC2005) processor (revision 0x200) with 60416K/5120K bytes of memory.Processor board ID PT0123 (0123)PT2005 processor: part number 0, mask 01Bridging software.X.25 software, Version 3.0.0.4 FastEthernet/IEEE 802.3 interface(s)2 Low-speed serial(sync/async) network interface(s)32K bytes of non-volatile configuration memory.63488K bytes of ATA CompactFlash (Read/Write)
Press RETURN to get started!
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
%LINK-5-CHANGED: Interface FastEthernet1/0, changed state to up
%LINK-5-CHANGED: Interface Serial3/0, changed state to up
%LINK-5-CHANGED: Interface FastEthernet1/0, changed state to administratively down
%SYS-5-CONFIG_I: Configured from console by console
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up Warn of unauthorised access
User Access Verification
Password:
DUN>enPassword:
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
DUN#sh runBuilding configuration...
Current configuration : 1218 bytes!version 12.2no service timestamps log datetime msecno service timestamps debug datetime msecno service password-encryption!hostname DUN!!!enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1!!!!!!!!!!ip host EDN 209.154.16.2 192.168.5.72 ip host GLA 209.154.16.1 209.154.17.1 !!!!!!interface FastEthernet0/0 ip address 192.168.6.110 255.255.255.240 ip access-group 102 in duplex auto speed auto!interface FastEthernet1/0 no ip address duplex auto speed auto shutdown!interface Serial2/0 no ip address ipv6 ospf cost 781 shutdown!interface Serial3/0 ip address 209.154.17.2 255.255.255.0 ipv6 ospf cost 781!interface FastEthernet4/0 no ip address shutdown!interface FastEthernet5/0
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
no ip address shutdown!router rip network 172.16.0.0 network 192.168.5.0 network 192.168.6.0 network 209.154.16.0 network 209.154.17.0!ip classless!!access-list 102 permit ip any anyaccess-list 102 permit tcp 192.168.6.96 0.0.0.7 172.16.0.0 0.0.255.255 eq wwwaccess-list 102 deny tcp 192.168.6.104 0.0.0.7 172.16.0.0 0.0.255.255 eq www!banner motd ^C Warn of unauthorised access ^C!!!!line con 0 password cisco loginline vty 0 4 password berril login!!!end
SwitchDun(config)#interface FastEthernet0/1SwitchDun(config-if)#SwitchDun(config-if)#SwitchDun(config-if)#switchport trunk allowed vlan add 1SwitchDun(config-if)#SwitchDun(config-if)#endSwitchDun#%SYS-5-CONFIG_I: Configured from console by consolecopy running-config startup-configDestination filename [startup-config]? Building configuration...[OK]SwitchDun#SwitchDun#copy running-config startup-configDestination filename [startup-config]? Building configuration...[OK]SwitchDun#SwitchDun#configure terminalEnter configuration commands, one per line. End with CNTL/Z.SwitchDun(config)#SwitchDun(config)#interface FastEthernet0/1SwitchDun(config-if)#SwitchDun(config-if)#SwitchDun(config-if)#switchport trunk allowed vlan add 1002SwitchDun(config-if)#%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to upduplex autoSwitchDun(config-if)#SwitchDun(config-if)#exitSwitchDun(config)#SwitchDun(config)#endSwitchDun#%SYS-5-CONFIG_I: Configured from console by consolecopy running-config startup-configDestination filename [startup-config]? Building configuration...[OK]SwitchDun#
SwitchDun con0 is now available
Press RETURN to get started.
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
SwitchDun>SwitchDun>sh run ^% Invalid input detected at '^' marker.
Current configuration : 599 bytes!version 12.1no service timestamps log datetime msecno service timestamps debug datetime msecno service password-encryption!hostname SwitchDun!!!interface FastEthernet0/1 switchport access vlan 20 switchport trunk allowed vlan 1-1002 switchport mode trunk!interface FastEthernet1/1 switchport access vlan 10!interface FastEthernet2/1 switchport access vlan 10!interface FastEthernet3/1 switchport access vlan 20!interface FastEthernet4/1 switchport access vlan 20!interface Vlan1 no ip address shutdown!!line con 0!line vty 0 4 loginline vty 5 15 login!!
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
end
SwitchDun#SwitchDun#
-------------------Destination filename [startup-config]? Building configuration...[OK]SwitchEDN#SwitchEDN#sh runBuilding configuration...
Current configuration : 521 bytes!version 12.1no service timestamps log datetime msecno service timestamps debug datetime msecno service password-encryption!hostname SwitchEDN!!!interface FastEthernet0/1 shutdown!interface FastEthernet1/1 switchport access vlan 10!interface FastEthernet2/1 switchport access vlan 10!interface FastEthernet3/1 switchport access vlan 20!interface FastEthernet4/1 switchport access vlan 20!interface Vlan1 no ip address shutdown!!line con 0!line vty 0 4 loginline vty 5 15 login!!end
SwitchEDN#SwitchEDN#
CU 17/11/2009 M11CDE
M11CDE Skills-based Assessment Version 1
SwitchEDN#SwitchEDN#configure terminalEnter configuration commands, one per line. End with CNTL/Z.SwitchEDN(config)#interface FastEthernet0/1SwitchEDN(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
SwitchEDN(config-if)#SwitchEDN(config-if)#exitSwitchEDN(config)#interface FastEthernet0/1SwitchEDN(config-if)#SwitchEDN(config-if)#exitSwitchEDN(config)#interface FastEthernet0/1SwitchEDN(config-if)#SwitchEDN(config-if)#exitSwitchEDN(config)#SwitchEDN(config)#interface FastEthernet0/1SwitchEDN(config-if)#%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
SwitchEDN>enableSwitchEDN#configure terminalEnter configuration commands, one per line. End with CNTL/Z.SwitchEDN(config)#interface FastEthernet0/1SwitchEDN(config-if)#