CHAPTER 5 PHYSICAL SECURITY (5.3 Implement Hardening Routers (5.3.6…
CHAPTER 5 PHYSICAL SECURITY
5.2 Understand securing modems
5.2.1 Define securing modems.
A modem is a network device that both modulates and demodulates analog carrier signals (called sine waves) for encoding and decoding digital information for processing.
5.2.2 Identify types of Modems
Modems can be of several types and they can be categorized in a number of ways.
Categorization is usually based on the following basic modem features:
Directional capacity: half duplex modem and full duplex modem.
Connection to the line: 2-wire modem and 4-wire modem.
Transmission mode: asynchronous modem and synchronous modem.
A half duplex modem permits transmission in one direction at a time.
If a carrier is detected on the line by the modem, It gives an indication of the incoming carrier to the DTE through a control signal of its digital interface.
A full duplex modem allows simultaneous transmission in both directions.
Therefore, there are two carriers on the line, one outgoing and the other incoming. Wire and 4-wire Modems
2-wire modems use the same pair of wires for outgoing and incoming carriers.
The data connection established through telephone exchange is also a 2-wire connection.
Asynchronous modems can handle data bytes with start and stop bits.
There is no separate timing signal or clock between the modem and the DTE.
Synchronous modems can handle a continuous stream of data bits but requires a clock signal.
The data bits are always synchronized to the clock signal.
5.2.3 Explain the network attacks and risks involve in modems.
Get control of your shares
A common way for intruders to gain access to a system is through its shared resources.
Sharing resources among members of your local network is a key part of having a network.
Limit installed services
Another means for attackers to break into a network is to exploit known vulnerabilities of common applications and services.
Invest in an intrusion system
A detection system can be as simple as enabling the built-in auditing features of your operating system or as complex as deploying a full-featured intrusion detection system (IDS).
5.2.4 Explain the reason for modem failures
Congestion is the most common cause for short Internet outages.
The cyclical nature of a congestion outage is due to the way browsers and humans retry on failed connections.
Failed Link to Provider
Between construction work, thunderstorms, wind, and power problems, anything can happen to your link at almost any time.
Service Provider Internet Speed Fluctuates
Not all DS3 lines are the same.
We have seen many occasions where customers are just not getting their contracted rate 24/7 as promised.
Power surges are the most common cause for frying routers and switches.
Keep your configurations as simple as possible on your routers and firewalls or be ready to upgrade to equipment with faster newer processing power.
Duplicating IP addresses, plugging wires into the wrong jack, and setting bad firewall rules are the leading operator errors reported.
5.3 Implement Hardening Routers
5.3.1 Define Routers, Metrics, Algorithm and IOS
an electronic device that interconnects two or more computer networks
Value used to defined the suitability of a particular route
Router use metrics to determine which routes are better than other routers
Is a sequence of instructions that one must perform in order to solve a well formulated problem
Operating systems of all Cisco devices
Custom Built By Cisco for each platform
5.3.2 Explain Routing Principles and Operation Modes
The routing table is at the core of the routing process. The information contained in the routing table drives all routing decisions made by IP.
Typically the routing table is searched in the following sequence:
Search for a matching host address.
Search for a matching Network Address.
Search for a default entry.
Routing tables may be either static or dynamic.
1.Static - created / updated by the system administrator.
Dynamic - routers communicate directly using a routing protocol.
Wireless Router Mode
-(Default, Home Internet Sharing)
-Connection: Internet -> Modem -> Router -> Computer
Wireless Router Mode
-If you have 1 router, this will almost always be the default router operating mode that you will implement for your basic home use.
-You connect the modem to the router, and then the router “shares” its internet connection to all the devices.
-(Home Wi-fi Range Extension)
-Connection: Internet -> Modem -> Router ->Wireless Extend to Repeater
-You will generally use repeaters or wireless extenders when you have hard to reach places with your home wifi setup. The repeater acts as a “transition” island between your actual client device with the main router.
Access Point(AP) Mode
-(General Internet Extension – Home, Hotel, Etc)
-Connection: Internet -> Modem -> Router ->Wired Connection to AP
-Use Access Point when you cannot alter the main router, but still need a temporary wireless network. This mode is best to be used in an office, hotel, and places where you only have wired network.
5.3.4 adhere to the step to harden a router
Harden a router
Change the default password.
Disable IP directed broadcasts.
Disable HTTP configuration for the router, if possible.
Block ICMP ping requests.
Disable IP source routing.
Determine your packet filtering needs.
Establish Ingress and Egress address filtering policies.
Maintain physical security of the router.
Maintain physical security of the router.
5.3.3 Identify TCPand UDP server proxy and various tools.
TCP server proxy
TCP proxy is a server that acts as an intermediary between a client and the destination server.
proxy server is a service that takes a request and performs it on behalf of the user or another service.
TCP proxy supports a maximum receive window size of 1 MB per session.
Types of Proxies:
CGI (Common Gateway Interface) Proxies.
High Anonymity Proxy.
Hostname -Display the name of the computer.
Ipconfig - Display current TCP/IP network configuration values, update or release Dynamic Host Configuration Protocol (DHCP) allocated leases, and display, register, or flush Domain Name System (DNS) names.
Netstat - Display statistics for current TCP/IP connections. Windows Server 2003 adds IPv6 parameters to the netstat command.
Nslookup - Check records, domain host aliases, domain host services, and operating system information by querying DNS servers..
Ping - Send Internet Control Message Protocol (ICMP) Echo messages to verify IP connectivity. Windows Server 2003 adds IPv6 parameters to the ping command.
Route - Display the IP routing table, and add, edit, or delete IPv4 routes. Route for Windows Server 2003 also displays IPv6 routes.
Tracert - Trace a path to a destination. Windows Server 2003 adds IPv6 parameters to the tracert command.
UDP server proxy
Socket Secure (SOCKS) is an Internet protocol that exchanges network packets between a client and server through a proxy server.
provides authentication ,so only authorized users may access a server.
5.3.5 List ways to secure the routers
List way to secure the router
Lock down the router with passwords
Set the correct time and date
-Back up router configurations to a central source
Secure other network devices such as switches and wireless access
5.3.6 Explain router command s, router types and routing protocols
Use enable command to enter in privilege exec mode.
Router# show interfaces
This command shows the status and configuration of interfaces.
Router# show ip interface brief
This command provides a quick overview of all interfaces on the router including their IP addresses and status.
Router# show version
This command will display information about software version of running IOS. It also provides information about configuration setting.
Router# show ip route
Routers use routing table to take packet forward decision. This command displays routing table.
-Broadband routers can be used to connect computers or to connect to the Internet.
-Wireless routers create a wireless signal in your home or office. So, any PC within range of Wireless routers can connect it and use your Internet.
-Is used to connect different cities.
-This type of router are placed at the edge of the ISP network, the are normally configured to external protocol like BGP (Border gateway protocol) to another BGP of other ISP or large organisation.
A routing protocol specifies how routers communicate with each other, distributing information that enables them to select routes between any two nodes on a computer network.
A routing protocol uses software and routing algorithms to determine optimal network data transfer and communication paths between network nodes.
Routing protocols facilitate router communication and overall network topology understanding.