Network Security Assignment 4
Network Security Assignment 4
Student Name
Lawrence Chikopa
CIS/018/19
Course Lecturer
Menard Phiri
[email protected]
LAB ASSIGNMENT 4
2 GOALS 2
3 TOPOLOGY 3
10 CONCLUSION 25
List of Figures
1 Topology for configuring Syslog, NTP and SSH . . . . . . . . . . 3
2 ospf md5 authentication configured on R1 . . . . . . . . . . . . . 4
3 Verifying that ospf md5 is configured on R1 . . . . . . . . . . . . 5
4 ospf md5 authentication configured on R2 . . . . . . . . . . . . . 6
5 Verifying that ospf md5 is configured on R2 . . . . . . . . . . . . 7
6 ospf md5 authentication configured on R3 . . . . . . . . . . . . . 8
7 Verifying that ospf md5 is configured on R3 . . . . . . . . . . . . 9
8 NTP authentication configured on PCA(NTP server) . . . . . . . 11
9 Configuring NTP authentication on R1 . . . . . . . . . . . . . . . 12
10 Configuring NTP authentication on R2 . . . . . . . . . . . . . . . 13
11 Configuring NTP authentication on R3 . . . . . . . . . . . . . . . 14
12 Updating hardware clock with the time learned from NTP server
on R1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
13 Updating hardware clock with the time learned from NTP server
on R2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
14 Updating hardware clock with the time learned from NTP server
on R3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
15 Timestamp log messages on R1 . . . . . . . . . . . . . . . . . . . 17
16 Timestamp log messages on R2 . . . . . . . . . . . . . . . . . . . 17
17 Timestamp log messages on R3 . . . . . . . . . . . . . . . . . . . 17
18 Configuring R1 to identify Syslog server that will receive logging
messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
19 Configuring R2 to identify Syslog server that will receive logging
messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
20 Configuring R3 to identify Syslog server that will receive logging
messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
21 Verify logging on router 1 . . . . . . . . . . . . . . . . . . . . . . 19
22 Verify logging on router 2 . . . . . . . . . . . . . . . . . . . . . . 20
23 Verify logging on router 3 . . . . . . . . . . . . . . . . . . . . . . 21
24 Checking the SYSLOG Server . . . . . . . . . . . . . . . . . . . . 22
25 Domain name on the R3. Any name can be given . . . . . . . . . 22
26 SSHAdmin user with password ”mustcisco” configured on Router 3 23
27 vty lines configured . . . . . . . . . . . . . . . . . . . . . . . . . . 23
28 R3 cannot be managed securely using telnet . . . . . . . . . . . . 24
29 R3 managed securely using SSH . . . . . . . . . . . . . . . . . . . 25
1
1 INTRODUCTION
System Logging protocol(Syslog) is a way network devices can use a standard
message format to communicate with a logging server. It was designed specifi-
cally to make it easy to monitor network devices. Devices can use a Syslog agent
to send out notification messages under a wide range of specific conditions.
SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol
that gives users, particulary system administrators a secure way to access a
computer over an unsecured network.SSH provides strong password authentica-
tion and public key authentication as well as encrypted data communications
between two computers connecting over an open network such as the internet.
2 GOALS
Configure OSPF MD5 authentication
Configure the routers to periodically update the hardware clock with the
time learned from NTP
Configure the routers and use password mustcisco for enable password and
vty lines
2
3 TOPOLOGY
In this topology, PCA is the NTP server, PCB is the Syslog Server, PCC is the
SSH client. There three routers and two switches.
3
4 OSPF MD5 AUTHENTICATION
OSPF MD5 authentication is more secure than the plain text authentication.
This method uses MD5 algorithm to compute a hash value from the contents
of the ospf packet and password. This hash value is transmitted in the packet.
The receiver which knows the same password calculates its own hash value.
The figures below show how the ospf md5 authentication was configured on the
routers.
4.1
4
4.1.1 Verifying that ospf md5 authentication is configured on R1
4.2
5
4.2.1 ospf MD5 authentication on R2
4.3
6
4.3.1 Verifying that ospf md5 authentication is configured on R2
4.4
7
4.4.1 ospf MD5 authentication on R3
4.5
8
4.5.1 Verifying that ospf md5 authentication is configured on R3
4.6
9
5 CONFIGURE AUTHENTICATION ON THE
NTP SERVER AND THE ROUTERS
5.1 Enable NTP authentication on PCA (NTP Server)
To achieve this, on PCA click NTP under the services tab to verify that NTP
is enabled. To configure NTP authentication, click enable and use key 1 and
cisco as password for authentication. The figure below shows the configuration
of NTP authentication on the NTP server.
10
Figure 8: NTP authentication configured on PCA(NTP server)
11
5.2 Configuring R1, R2, and R3 as NTP clients
The routers also use the same key 1 and password cisco for NTP authentication.
The command that is used is ”ntp authentication trusted-key 1 md5 cisco. The
next three figures show how ntp authentication was configured on the routers.
12
5.2.2 Configuring NTP authentication on R2
13
5.2.3 Configuring NTP authentication on R3
14
6 UPDATE THE HARDWARE CLOCK WITH
THE TIME LEARNED FROM THE NTP
Here two command only are used to achiecve the task. The first command
indicates the name of the NTP server in this case PCA, so the command is ”ntp
server 198.168.1.5” and the second command is that update the hardware clock.
The second command is ”ntp update-calender”. The next three figures show
the configurations on the three routers. The command ’show clock’ displays the
clock.
Figure 12: Updating hardware clock with the time learned from NTP server on
R1
15
6.0.2 Update Hardware clock with time learned from NTP on R2
Figure 13: Updating hardware clock with the time learned from NTP server on
R2
Figure 14: Updating hardware clock with the time learned from NTP server on
R3
16
7 CONFIGURE ROUTERS TO TIMESTAMP
LOG MESSAGES
The command ’service timestamps log datetime msec’ is used to achieve this
on the three routers. The next three figures show the configurations that were
made on the three routers from the router 1 to router 3.
17
8 CONFIGURE THE ROUTERS TO IDENTIFY
THE REMOTE HOST(SYSLOG SERVER) THAT
WILL RECEIVE LOGGING MESSAGES
This specifies the syslog server by ip address and host name. The command
that is used is ’Logging host 192.168.1.6’ on each router. The figures below
show the configuration on each routers and the part 7.2 show the verification of
the logging host command.
8.1 Configuration
8.1.1 Router 1
Figure 18: Configuring R1 to identify Syslog server that will receive logging
messages
8.1.2 Router 2
Figure 19: Configuring R2 to identify Syslog server that will receive logging
messages
8.1.3 Router 3
Figure 20: Configuring R3 to identify Syslog server that will receive logging
messages
18
8.2 Verification of the logging syslog server configuration
on the routers
8.2.1 Verification on Router 1
19
8.2.2 Verification on Router 2
20
8.2.3 Verification on Router 3
21
8.3 Checking the Syslog server
Here interface serial0/0/0 on R1 is shut down and turned on again. To check
the logs, go to the syslog server PCB and Under SYSLOG check on syslog. The
figure below shows the logs.
9.2
Figure 25: Domain name on the R3. Any name can be given
22
9.3 Configure users to Login to the SSH server
The username is SSHAdmin and Login Password is ”mustcisco”. The figure
below shows the configuration.
9.4
9.6
23
9.7 Checking if the R3 can be managed by Telnet or SSH
Here Router 3 can not be accessed using Telnet instead it will be managed by
SSH. The operations in the screenshots below were taken on PCC which is the
SSH client.
9.8
24
9.8.1 Using SSH
9.9
10 CONCLUSION
In conclusion, this lab focused on configuring the System logging protocol, Net-
work Time Protocol and Secure Socket Shell on cisco routers.
25