Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.
10 Pages
NS1_lab_9_4_10_en
Course: CIT 2251, Fall 2009School: Dupage
Rating:
Word Count: 1553
Document Preview
9.4.10 Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Objective In this lab exercise, the students will complete the following tasks: Display the Inspection protocol configurations Change the Inspection protocol configurations Test the outbound FTP Inspection protocol Perform FTP deep packet inspection Scenario Some applications embed addressing information into the...
Unformatted Document Excerpt
Coursehero >> Illinois >> Dupage >> CIT 2251Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
9.4.10 Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance
Objective
In this lab exercise, the students will complete the following tasks: Display the Inspection protocol configurations Change the Inspection protocol configurations Test the outbound FTP Inspection protocol Perform FTP deep packet inspection
Scenario
Some applications embed addressing information into the application data stream and negotiate randomly picked Transport Control Protocol (TCP) or User Datagram Protocol (UDP) port numbers or IP addresses. In these cases application aware inspection must be performed.
Topology
This figure illustrates the lab network environment.
1 - 10
Network Security 1 v.20 Lab 9.4.10
Copyright 2005, Cisco Systems, Inc.
Preparation
Begin with the standard lab topology and verify the starting configuration on the pod PIX Security Appliance. Access the PIX Security Appliance console port using the terminal emulator on the student PC. If desired, save the PIX Security Appliance configuration to a text file for later analysis.
Tools and resources
In order to complete the lab, the following is required: Standard PIX Security Appliance lab topology Console cable HyperTerminal
Command list
In this lab exercise, the following commands will be used. Refer to this list if assistance or help is needed during the lab exercise. Command clear configure fixup Description To clear the fixup configuration, use the clear configure fixup command in global configuration mode. To identify a specific map for defining the parameters for strict FTP inspection, use the ftpmap command in global configuration mode. To configure a policy, use the policy-map command in global configuration mode. To display all the policy-map configurations or the default policy-map configuration, use the show running-config policy-map command in privileged EXEC mode. To display all currently running service policy configurations, use the show runnig-config service-policy command in global configuration mode.
ftp-map map_name
policy-map name
show running-config policy-map
show running-config servicepolicy
Step 1 List the Fixup Protocols
Complete the following steps and enter the commands as directed to view the current configurations of the PIX Security Appliance: a. Show the default modular policy class-map running on the PIX security appliance: pixP# show run class-map class-map inspection_default match default-inspection-traffic 1. What is the default class-map name?
__________________________________________________________________________
2 - 10
Network Security 1 v.20 Lab 9.4.10
Copyright 2005, Cisco Systems, Inc.
b. Show the default modular policy-map running on the PIX security appliance: pixP# show running-config policy-map ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp 1. What is the default policy-map name?
__________________________________________________________________________
2. What is the class for this policy?
__________________________________________________________________________
3. By default, which protocols are inspected by the PIX Security Appliance? Check each protocol that applies:
dns ftp h323 ras rsh sip skinny sunrpc xdmcp netbios
mgcp tftp snmp rtsp icmp h323 h225 esmtp sqlnet http
3 - 10
Network Security 1 v.20 Lab 9.4.10
Copyright 2005, Cisco Systems, Inc.
c.
List the default modular policy service-policy running on the PIX Security Appliance: PixP# show running-config service-policy service-policy global_policy global 1. What is the default service-policy name?
__________________________________________________________________________
2. Where is the default service-policy applied?
__________________________________________________________________________ Step 2 Change the Protocol Inspection Configuration
Complete the following steps and enter the commands as directed to change some of the current configurations of the PIX security appliance: a. Disable the following Inspection protocols in the default policy-map: PixP# configure terminal PixP(config)# policy-map global_policy PixP(config-pmap)# class inspection_default PixP(config-pmap-c)# no inspect sunrpc PixP(config-pmap-c)# no inspect h323 ras PixP(config-pmap-c)# no inspect sqlnet PixP(config-pmap-c)# exit PixP(config-pmap)# exit PixP(config)# (where P = pod number) b. Show the changes to the default modular policy-map running on the PIX Security Appliance: PixP# show running-config policy-map 1. After the policy-map change, which protocols are inspected by the PIX Security Appliance? dns ftp h323 ras rsh sip skinny sunrpc xdmcp netbios mgcp tftp snmp rtsp icmp h323 h225 esmtp sqlnet http
4 - 10
Network Security 1 v.20 Lab 9.4.10
Copyright 2005, Cisco Systems, Inc.
Step 3 Test Outbound FTP Protocol Inspection
Complete the following steps and enter the commands as directed to test the outbound FTP Protocol Inspection: a. FTP to the backbone server from the student PC using the Windows FTP client: C:\> ftp 172.26.26.50 User (172.26.26.50:(none)): ftpuser 331 Password required for ftpuser. Password: ftppass 1. Was it possible to log into the server? Why or why not?
__________________________________________________________________________
b. Do a directory listing at the FTP prompt: ftp> dir 1. Was it possible to see a file listing? Why or why not?
__________________________________________________________________________
c. Quit the FTP session: ftp> quit d. Turn off the FTP Inspection protocol on the PIX Security Appliance: PixP(config)# policy-map global_policy PixP(config-pmap)# class inspection_default PixP(config-pmap-c)# no inspect ftp PixP(config-pmap-c)# exit PixP(config-pmap)# exit PixP(config)# (where P = pod number) Again, e. ftp to the backbone server from the student PC using the Windows FTP client: C:\> ftp 172.26.26.50 User (172.26.26.50:(none)): ftpuser 331 Password required for ftpuser. Password: ftppass 1. Was it possible to log into the server? Why or why not?
__________________________________________________________________________
2. Do a directory listing at the FTP prompt: ftp> dir 3. Was it possible to see a file listing? Why or why not?
__________________________________________________________________________
f. Quit the FTP session: ftp> quit
5 - 10
Network Security 1 v.20 Lab 9.4.10
Copyright 2005, Cisco Systems, Inc.
Note
If the FTP client is hung, press Ctrl+C until the C:\ prompt returns, or close the command prompt window.
g. Open a browser. Set the browser for passive FTP. In Internet Explorer, this can be done through navigation to Tools > Internet Options > Advanced and select Use Passive FTP. It should be possible to make an FTP connection to the backbone server from the student PC. h. Enter the following in the URL field: ftp://172.26.26.50 1. Was the connection successful? Why or why not?
__________________________________________________________________________
2. Was it possible to see a file listing? Why or why not?
__________________________________________________________________________
i. Disable passive FTP on the browser. Close the web browser.
Step 4 Perform FTP Deep Packet Inspection
Complete the following steps to perform FTP deep packet inspection: a. Set all protocol inspection to the factory defaults: PixP(config)# clear configure fixup (where P = pod number) b. Define an FTP-map to disallow the FTP get command: PixP(config)# ftp-map no_get PixP(config-ftp-map)# deny-request-cmd retr PixP(config-ftp-map)# exit PixP(config)# c. FTP to the backbone server from the student PC using a web browser. It should be possible to open a file because the restrictions that were configured in the previous step have not been applied. To test default FTP inspection, enter the following in the URL field: ftp://172.26.26.50 1. Was the connection successful? Why or why not?
__________________________________________________________________________
2. Was it possible to see a file listing? Why or why not?
__________________________________________________________________________
3. Was it possible to open one of the listed files? Why or why not?
__________________________________________________________________________
d. Close the browser e. Apply the FTP-map restriction to the default policy-map: PixP(config)# policy-map global_policy PixP(config-pmap)# class inspection_default PixP(config-pmap-c)# inspect ftp strict no_get PixP(config-pmap-c)# exit PixP(config-pmap)# exit
6 - 10 Network Security 1 v.20 Lab 9.4.10 Copyright 2005, Cisco Systems, Inc.
PixP(config)# f. FTP to the backbone server from the student PC using a web browser. It should not be possible to open, or retrieve, a file. To do this, enter the following in the URL field: ftp://172.26.26.50 1. Was the connection successful? Why or why not?
__________________________________________________________________________
2. Was it possible to see a file listing? Why or why not?
__________________________________________________________________________
3. Was it possible to open one of the listed files? Why or why not?
__________________________________________________________________________
g. Close the browser. h. Verify the change to the default policy-map settings: PixP(config)# show run policy-map policy-map global_p...
Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more.
Course Hero has millions of course specific materials providing students with the best way to expand
their education.
Below is a small sample set of documents:
Below is a small sample set of documents:
Dupage - CIT - 2251
Lab 3.4.6b Configure the PIX Security Appliance using CLIObjectiveIn this lab exercise, the students will complete the following tasks: Execute general maintenance commands. Configure the PIX Security Appliance inside and outside interfaces. Test and ve
Dupage - CIT - 2251
Lab 3.2.3 Configure Basic Security using Security Device Manager (SDM)ObjectiveIn this lab, the students will complete the following tasks: Copy the SDM files to router Flash memory. Configure the router to support SDM. Configure a basic firewall. Reset
Dupage - CIT - 2252
Lab 2.1.6 Configure a Router with the IOS Intrusion Prevention SystemObjectiveIn this lab, the students will complete the following tasks: Initialize the Intrusion Protection System (IPS) on the router. Disable signatures. Merge signature definition fil
Dallas - COSC - 1300
NewGeneration Monitors Author: Date: Purpose:To report and analyze annual sales figures from three NewGeneration monitorsNewGeneration Monitors Sales Data 1/1/2006 - 12/31/2006 Monthly Sales Data Month VX100 VX300 FlatScreen January 1410 1860 February 1
Princeton - CL - 795
COPYRIGHT NOTICE: Joshua M. Epstein: Generative Social Science is published by Princeton University Press and copyrighted, 2006, by Princeton University Press. All rights reserved. No part of this book may be reproduced in any form by any electronic or me
Calvin - YL - 33
Washington - ESS - 201
Contribution of Working Group II to the Fourth Assessment Report of the Intergovernmental Panel on Climate ChangeSummary for PolicymakersThis summary, approved in detail at the Eighth Session of IPCC Working Group II (Brussels, Belgium, 2-5 April 2007),
University of Texas - CS - 395
Transactional Memory: Architectural Support for Lock-Free Data StructuresMaurice Herlihy Digital Equipment Corporation Cambridge Research Laboratory Cambridge MA 02139 herlihy@crl.dec.com J. Eliot B. Moss Dept. of Computer Science University of Massachus
Iowa State - EE - 435
EE 435Lecture 29 Data Converter CharacterizationSpectral PerformancePerformance Characterization of Data Converters Static characteristics Resolution Least Significant Bit (LSB) Offset and Gain Errors Absolute Accuracy Relative Accuracy Integral Nonl
MIT - MPC - 555
Embedded Target for Motorola MPC555 For Use with Real-Time Workshop Modeling Simulation ImplementationUsers GuideVersion 1How to Contact The MathWorks:www.mathworks.com comp.soft-sys.matlab support@mathworks.com suggest@mathworks.com bugs@mathworks.c
Cornell - CS - 6740
CS 6740/INFO 6300 Advanced Language Technologies Last class General Intro to HLTSemantic analysisAssigning meanings to linguistic utterances Compositional semantics: we can derive the meaning of the whole sentence from the meanings of the parts. Max a
North Texas - BUSI - 6280
On The Use Of Structural Equation Models Experimental DesigBagozzi, Richard P.; Yi, Youjae JMR, Journal of Marketing Research; Aug 1989; 26, 3; ABI/INFORM Global pg. 271Reproduced with permission of the copyright owner. Further reproduction prohibited w
Iowa State - NR - 73966
Sorbic Acid*By Dr. Murli Dharmadhikari A. W. Van Hoffman was the first to isolate sorbic acid from the berries of the mountain ash tree in the year 1859. The antimicrobial (preservative) properties of sorbic acid were recognized in the 1940's. In the lat
University of Florida - FOS - 4321
The performance of the method Limit of detection and quantification Sensitivity Specificity Recovery rate of the spiked standard Availability of instruments and reagents Cost and speed Compliance to government regulation (official methods)Official met
Appalachian State - MATH - 5970
Math 5970 - Number Theory ConceptsInstructor: Contact Information: Tracie McLemore Salinas 233 Walker Hall 828-262-2673 salinastm@appstate.edu http:/www.appstate.edu/~salinastmCourse Description: The Graduate Bulletin describes this course as "a study o
Iowa State - EE - 435
EE 435Lecture 17 A Design Flow For Two-Stage Op AmpsReview from last lectureBasic Two-Stage Op Amp gmd (gm0 - sCc ) A FB (s) 2 s CCCL + sCC (gmo - gmd ) + gmd gmoIt can be shown thatgmogmd CL Q= CC gmo - gmdgmo gmd CL CC = 2 Q (gmo - gmd )2wheregm
Kennesaw - JAN - 21
EDUC 7705 FALLI.Course Number: EDUC 7705 Course Title: Assessment and Evaluation College: Bagwell College of Education Semester: Room: Instructors: Class Meetings: ) Payne, D. A. (2002). Applied educational assessment (2nd ed. ). Publishing Company. ISB
Carnegie Mellon - LING - 101
THE CHILD'S LEARNING OF ENGLISH MORPHOLOGYJEAN BERKOIn this study1 we set out to discover what is learned by children exposed to English morphology. To test for knowledge of morphological rules, we use nonsense materials. We know that if the subject can
University of Toronto - CS - 309
Some practise midterm questions:1) Given 2 IP addresses and a subnet mask, determine whether these are on the same subnet.2) Write the number guessing game (computer thinks of a numberfrom 1-10, user guesses it) on the following platforms:a) Clien
CSU Northridge - EAN - 7513
CSU Northridge - EAN - 7513
University of Toronto - CS - 2410
%!PS-Adobe-2.0 %Creator: dvips(k) 5.95a Copyright 2005 Radical Eye Software %Title: syl.dvi %Pages: 1 %PageOrder: Ascend %BoundingBox: 0 0 612 792 %DocumentFonts: CMBX12 CMR12 CMTI12 %DocumentPaperSizes: Letter %EndComments %DVIPSWebPage: (www.radicaleye.
University of Toronto - CS - 2410
%!PS-Adobe-2.0 %Creator: dvips(k) 5.90a Copyright 2002 Radical Eye Software %Title: f04.dvi %CreationDate: Fri Dec 10 00:28:28 2004 %Pages: 2 %PageOrder: Ascend %BoundingBox: 0 0 596 842 %DocumentFonts: CMBX12 CMR10 CMBX10 CMMI10 CMTI10 CMSY10 CMR8 CMMI8
Wisconsin - GEO - 302
Whole Earth StructurePart I - Seismic Waves as Probes of the InteriorEarth's Internal Structure The chemical differentiation into a core, mantle, and crust produces very strong differences in density and seismic wave velocity Our primary and highest-re
Wisconsin - INSTR - 0304
2003-04 DISTRIBUTION LIST FOR UNBOUND RED BOOKSEntire Madison Campus - Unit A UDDS A-02-08 A-02-08 A-02-95 A-03 A-04 A-10 A-49 A-49 A-49 A-53 A-85 Department Name VC for Administration (Darrell Bazzell) OBPA (Tim Norris) University Research Park (Patty S
UCLA - CS - 218
E % D D C ! # !& A 9 9 5 3 6)B@8r(7rf5642rFf 1 ( $ # ! 0)&'% " dr(rk50pv55pYzvkpd5rpukVVzuuk5updGup5d pvEp5yUFry!EE(5(d5zv dr%zkzddEyEEVp55d5dp5drvzvEEECkE55 zG5EEE5E5E0dkfrf5vf5rE5dfv!r0EYvvzd
Penn State - JEM - 412
WisconsinPlaceResidentialChevyChase,MD JennaMarcolinaConstructionManagement SeniorThesisPresentation2008 ThePennsylvaniaStateUniversity PresentationOutline OverallTheme:TheBuildingEnvelope ProjectOverview Buildinginformation,projectteam,architec
Universidad de Guadalajara - CS - 22
Rose-Hulman - CHEM - 201
Chem.201 Engineering Chemistry Take Home Portion - Third Examination Name _ Individual effort: No human transfers involving electronics, paper, semaphore, etc. contact may be made. Campus mail box _ You may wish to use the text, Google, other texts, and p
Technion - BHR - 76
BUSINESS HISTORY REVIEWAUTUMN 2002 BOOK REVIEWS Fractured Modernity: Making of a Middle Class in Colonial North India. By Sanjay Joshi. New Delhi: Oxford University Press, 2001. xiv + 209 pp. Bibliography, notes, index. Cloth, $29.95. ISBN 0-195-64562-6.
Washington - MATH - 126
Exam 2 Review Exam 2 will cover 6.4, 6.5, 7.1 - 7.5, 7.7, 7.8, and 8.1. You are also expected to have a basic understanding of the material that was covered on Exam 1. This review sheet discusses, in a very basic way, the key concepts from these sections.
Washington - MATH - 126
MATH 125 EXAM I REVIEW Exam 1 will cover 4.10, 5.1 - 5.5, and 6.1 - 6.3. This review sheet discuss, in a very basic way, the key concepts from these sections. This review is not meant to be all inclusive, but hopefully it helps you remember basics. Please
Washington - MATH - 126
12.5,12.6, 10.1, and 13.1 Review This review sheet discusses, in a very basic way, the key concepts from these sections. This review is not meant to be all inclusive, but hopefully it reminds you of some of the basics. Please notify me if you nd any typos
Tennessee - CS - 560
UNIX> dphil_5 1 0 Total blocktime: 0 : 0 0 0 0 0 0 Philosopher 0 thinking for 1 seconds 0 Philosopher 1 thinking for 1 seconds 0 Philosopher 2 thinking for 1 seconds 0 Philosopher 3 thinking for 1 seconds 0 Philosopher 4 thinking for 1 seconds 1 Ph
illinoisstate.edu - MAT - 108
Math 108 FL08 1.2 3Homework #1 Solutions OR:11 3Brodnick- 2 = 11 - 63 = 35 33 = 36 = 2 34 35 11 coterminal with 3 32. 3. 4.5. = rs =65 40= 1.625 rads 1.537 = 5 s = 7.685 in.A = 1 r 2 = 1 (10.5) 2 (1.74) = 95.9175 ft 2 2- 96 - 86 - 766.
Kansas State University - DOCS - 200608
TRACK 2 CLEANUP AND TECHNOLOGY TRANSFER RemediationIN SITU BIODENITRIFICATION OF GROUNDWATER FOR A SMALL RURAL COMMUNITY THE VEGUITA PROJECT1 1A. Kuhn, 1J. Galemore, and 2E. NuttallKleinfelder, Inc., 8300 Jefferson NE, Suite B, Albuquerque, NM 87113;
Canisius College - M - 007
FACTORING REVIEW WORKSHEET ALL CHAPTER 6FACTOR EACH OF THE FOLLOWING COMPLETELY. 1) 15x2 + 16x + 4 2) 25x2 + 64 3) x2 + 12xy + 36y2 4) x3y + 5x2 y2 - 14xy3 5) 32m 7 - 6m 3 6) 216k3 + m 3 7) 48m 9 + 48m 5 + 160m 2Name_20) 6x2 + 15xy - 10xy - 25y2 21) 12
Penn State - ATB - 5039
1625 Deer Run Drive, Jamison PA, 18929267-312-6884abucks9@hotmail.comAndrew BucksnerObjectiveI aspire to become a well-known sports agent in the sports management fieldProfessional AccomplishmentsHigh School (CB East) Presidents award Community Servi
Oklahoma State - DOCUMENT - 2281
Oklahoma Cooperative Extension ServiceEPP-7306Ornamental and Lawn Pest Control(For Homeowners)Tom A. RoyerExtension EntomologistMike SchnelleExtension Ornamentals - Floriculture SpecialistOklahoma Cooperative Extension Fact Sheets are also availab
illinoisstate.edu - PHI - 101
John Stuart Mill 1806-1873 For Mill, ethics is about maximizing the totality of happiness in the world rather than having good intentions. Only pleasure and freedom from pain are ultimate ends. Following Bentham, Mill adopts the utilitarian calculus, whi
Oklahoma State - DOCUMENT - 2367
Oklahoma Cooperative Extension ServiceEPP-7190Monitoring Adult Weevil Populations in Pecan and Fruit Trees in OklahomaPhillip G. Mulder William ReidExtension Entomologist Oklahoma State UniversityEric StafneExtension Horticulturist Oklahoma State Un
RPI - LOCKER - 38
brief communicationsGrowth of carbon micro-treesCarbon deposition under extreme conditions causes tree-like structures to spring up.he complex deposition and growth of graphitic carbon has come up with several surprises in recent years, including the g
University of Illinois, Urbana Champaign - CHEM - 104
Your Name (printed) _ Your Signature First three letters of your last name _Discussion Section __ Chemistry 104 A/B/C/D Fall 2006 Dr. Christian Ray Exam 3 (Form A) Wednesday, December 6, 2006 Instructions: -Write your name on your scantron form -Write t
Minnesota - MICAB - 8002
Cell Host & MicrobeArticleHarnessing Endogenous miRNAs to Control Virus Tissue Tropism as a Strategy for Developing Attenuated Virus VaccinesDwight Barnes,1 Mark Kunitomi,1 Marco Vignuzzi,1,3 Kalle Saksela,2 and Raul Andino1,*of Microbiology and Immun