Network Documentation free essay sample

Network Documentation 2 Introduction In this lab, you will learn how to use various tools and techniques to determine and document IP network design. You will use the Windows Command Prompt to generate network traffic; Wireshark to capture and analyze the generated traffic; PuTTY to remotely access the Cisco Switch; and finally, you will issue IOS commands on the Cisco Switch to understand its various interfaces and inner workings. Learning Objectives Upon completing this lab, you will be able to: †¢ Develop a plan for identifying and documenting the logical IP network design and IP addressing schema based on data collected from Lab #1 †¢ Use PuTTY to establish Telnet and SSH to the IP addresses of the identified interfaces on Cisco routers, switches, and firewalls †¢ Use Cisco show commands to display the MAC-layer addresses of Ethernet ports, IP addressing schema, and subnet mask addressing used throughout the IP networking infrastructure †¢ Document the MAC addresses and IP addresses of the IP networking infrastructure †¢ Document the IP host addresses of the VM server farm hosts TOOLS AND SOFTWARE USED NAME MORE INFORMATION Wireshark http://www. We will write a custom essay sample on Network Documentation or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page wireshark. org/ PuTTY http://www. chiark. greenend. org. uk/~sgtatham/putty/ Cisco IOS http://www. cisco. com/warp/cpropub/45/tutorial. htm 17 18 LAB #2 ? |? Network Documentation Deliverables Upon completion of this lab, you are required to provide the following deliverables to your instructor: 1. A completed Network Documentation Chart #1; 2. Lab Assessment Questions Answers for Lab #2. Instructor Demo Lab #2 The instructor will review the packet capture files from Lab #1 using Wireshark or NetWitness Investigator. IP data payloads that display data in cleartext will be displayed. The instructor will also show students how IP host address information and IP subnet numbers can be determined from these packet captures to Telnet to a Cisco device using the captured Cisco console password. Finally, the instructor will demonstrate the various Cisco IOS â€Å"show† terminal console commands to display useful network documentation information that can obtained from Cisco devices for further network exploration and documentation. Hands-On Steps 19 Hands-On Steps 1. This lab begins at the student landing vWorkstation virtual machine desktop of the VSCL, as shown here. FIGURE 2. 1 â€Å"Student Landing† VSCL workstation 2 Network Documentation Note: Review the Network Documentation Chart at the end of this lab. You will use the steps in this lab to find the information required to complete this deliverable. 2. To start the Wireshark application, double-click on the Wireshark icon on the desktop. 3. When the Wireshark window appears, click the Citrix Systems link in the area marked â€Å"Interface List. † This tells Wireshark which interface to monitor for activity. In this case, you are capturing data from the virtual environment. In a production environment, you would see a list of interfaces c orresponding to the resources available in that environment (servers, nodes, etc. ). FIGURE 2. 2 The Wireshark window Once you select Citrix Systems, Wireshark begins capturing data, from every action you take until you tell it to stop capturing data later in this lab. 20 LAB #2 ? |? Network Documentation 4. Minimize the Wireshark application window. 5. Start the Windows Command Prompt by clicking Start Run and typing cmd in the dialog box. Note: To collect data for analysis, Wireshark must have a stream of incoming packets to capture. The next steps cover how to feed IP packets to Wireshark using ping, Telnet, and Secure Shell (SSH) connections. These connections generate packets on the virtual environment interface, which are then captured by Wireshark. 6. From the Windows Command Prompt application window, type ping 172. 30. 0. 8 (the IP address for the remote TargetWindows01 server) and press Enter. Note the Reply responses, which indicate the two-way passage of packets. You will use this information to complete the deliverables for this lab. FIGURE 2. 3 Windows Command Prompt window 7. Repeat step 6 for the following IP addresses to create a packet stream for Wireshark. †¢ 172. 30. 0. 2 †¢ 172. 16. 8. 1 †¢ 172. 17. 0. 2 †¢ 172. 16. 0. 2 †¢ 172. 19. 0. 1 †¢ 172. 19. 0. 2 8. Minimize the Windows Command Prompt window. 9. Double-click the PuTTY icon on the desktop to start the PuTTY application. Note: The next steps use PuTTY, a terminal emulator program that you can use as a client to create a variety of secure connections to network resources. This lab uses it to create Telnet and SSH sessions. Hands-On Steps 21 10. In the PuTTY application window, type the IP address for LAN Switch 1, 172. 16. 8. 5. Select the Telnet radio button and click the Open button to start the connection. FIGURE 2. 4 PuTTY application window 2 a. Username: cisco b. Password: cisco FIGURE 2. 5 PuTTY terminal console window Network Documentation 11. PuTTY will launch a terminal console window. At the login prompt, type the following: 22 LAB #2 ? |? Network Documentation Note: The next steps involve using the Cisco IOS show command to obtain network documentation information from the interface you’ve connected to (LAN Switch 1). Cisco IOS is a package of routing, switching, and networking commands integrated with a Cisco-specific operating system, of which the show command is a key function. Entering a show command at the command prompt in the terminal console will return network information specific to the command you entered. There are hundreds of show commands in Cisco IOS; availability is based on the privilege level of the user. The relevant show commands for this lab include the following: IOS COMMAND INFORMATION AVAILABLE FROM THIS COMMAND show interface This command displays physical and logical configuration information about each interface (such as, interface names and the number of interfaces), and whether or not the interface is up/available or down/ unavailable. This commands tells you what interfaces are enabled and active. show ip interface In additional to the interface names, this command also tells you what the IP subnet information, IP host address, and subnet mask address information is for all enabled ports. show ip arp This command displays the address resolution table of MAC-layer addresses to assigned IP host addresses. show ip route This command displays the IP routing protocol used, the IP routes and network numbers visible to the switch/router, and the physical interface that an IP packet traverses based on the IP routes and IP networks seen (Cisco routers only). show vlan This command displays the VLAN name and status configured within the LAN Switch 1 and LAN Switch 2 devices only. show switch vlan This command displays the VLANS configured within the ASA devices only. 12. In the terminal console window, at the command prompt labeled 172. 16. 8. 5/LanSwitch1, type show vlan and press Enter. FIGURE 2. 6 Output from show vlan command Hands-On Steps 23 Note: Review the output for this command. Notice the interface name displayed in the first table. These names correspond to the names in the Host Device column of the Network Documentation Chart at the end of the lab. The output from this command also displays the active ports for each of the devices. 13. In the terminal console window, at the command prompt labeled 172. 16. 8. 5/LanSwitch1, type show interface and press Enter. FIGURE 2. 7 Output from show interface command 2 Network Documentation Note: Review the output for this command. Notice the FastEthernet devices listed for this server. These lines indicate which devices are currently active, the device name associated with it, and the MAC-layer address for that device. 24 LAB #2 ? |? Network Documentation 14. In the terminal console window, at the command prompt labeled 172. 16. 8. 5/LanSwitch1, type show ip interface and press Enter. FIGURE 2. 8 Output from show ip interface command Note: Review the output for this command. Notice the information displayed for Vlan100 (the Norfolk server according to the information you uncovered in the show vlan command): the IP. The command displays the IP address and broadcast address for this device. Hands-On Steps 25 15. In the terminal console window, at the command prompt labeled 172. 16. 8. 5/LanSwitch1, type show ip arp and press Enter. FIGURE 2. 9 Output from show ip arp command 2 Note: 16. When finished entering the show commands and reviewing the output, type quit to close the terminal 17. 18. 19. 20. console. Double-click the PuTTY icon to restart the application. This time, in the PuTTY application window, type the IP address for LAN Switch 2, 172. 16. 20. 5, select the SSH radio button, and click the Open button to start the connection. Enter the username and password from Step 11. Repeat Steps 12-15, reviewing the returned output for the same data to complete the deliverables for this lab. Maximize the Wireshark application window from the vWorkstation application tray. Click the Stop scan icon to stop the packet capture process. Review the packet capture data in the Wireshark window, paying close attention to IP host address information, IP source and destination address information, and IP data payload information. You will need this information to complete the deliverables. FIGURE 2. 10 Packet capture data in the Wireshark window Note: As you review the packet capture data from Wireshark, it will be helpful to consider the following things: 1.? How can this information be used to compromise the Cisco LAN Switch 1 and LAN Switch 2 devices? 2.? ow can a protocol analyzer like Wireshark provide useful information to an attacker trying to break H into the IP network infrastructure? Network Documentation Review the output for this command. Notice the hardware (MAC address) for LAN Switch 1 and the West Covina server are displayed. 26 LAB #2 ? |? Network Documentation Evaluation Criteria and Rubrics The following are the evaluation criteria and rubrics for Lab #2 that students must perform: 1. Was the student able to develop a plan for identifying and documenting the logical IP network design and IP addressing schema based on data collected from Lab #1? – [20%] 2. Was the student able to use PuTTY to establish Telnet and SSH to the IP addresses of the identified interfaces on Cisco routers, switches, and firewalls? – [20%] 3. Was the student able to use Cisco show commands to display the MAC-layer addresses of Ethernet ports, IP addressing schema, and subnet mask addressing used throughout the IP networking i nfrastructure? – [20%] 4. Was the student able to document the MAC addresses and IP addresses of the IP networking i nfrastructure? – [20%] 5. Was the student able to document the IP host addresses of the VM server farm? – [20%] Assessment Worksheet 27 LAB #2 – ASSESSMENT WORKSHEET Network Documentation Course Name and Number: Student Name: Instructor Name: 2 Lab Due Date: In this lab, you learned how to use several different applications and interfaces to identify and document an IP network design and schema. Chief among these is PuTTY, which you used in Lab #1. The primary use of PuTTY is to establish Telnet and SSH sessions to remote servers. You used PuTTY to collect information about those resources. You also used Wireshark to capture packet data from the sessions you established with PuTTY. Lab Assessment Questions Answers 1. What is the terminal console password for LAN Switch 1 and LAN Switch 2? 2. Specify the host IP address for LAN Switch 1 and LAN Switch 2 that you discovered from the Wireshark protocol capture file. Network Documentation Overview 28 LAB #2 ? |? Network Documentation 3. What is the difference between the following Cisco IOS commands: show interface and show IP interface? 4. Which Cisco IOS command displays the VLAN name and status? 5. How can you find out what the MAC-layer addresses and IP host addresses are of the server farm devices? 6. Which device supported encrypted terminal console connections and was verified in your Wireshark protocol capture and analysis: LAN Switch 1 or LAN Switch 2? 29 Assessment Worksheet LAB #2 – ASSESSMENT SPREADSHEET Network Documentation Chart #1 IP NETWORK NUMBER: HOST DEVICE LAN Switch 1 LAN Switch 2 ACTIVE PORTS SUBNET MASK ADDRESS: IP HOST ADDRESSES MAC ADDRESSES SUBNET NUMBER 2 Norfolk Tampa Seattle West Covina Network Documentation Indy