CCNA/NETWORK CONFIGURATION (CCNA NETWORK FUNDAMENTALS V4.0) PROJECT REPORT by Allen Ganaden & Daryll Osis Dec 12, 2014 Prepared for: Professor Anand Seetharam CST 311: Intro to Computer Networks Our effort is focused on CCNA Network fundamentals v4.0. We went through the different labs and looked over the tasks that were needed to complete. The purpose of the study is to extend the study and explore issues in Labs from the book CCNA Network Fundamentals v4.0. Labs Completed 1.4.4.3 - Researching IT and Networking Job Opportunities 4.1.3.5 Packet Tracer - Configuring IPv4 and IPv6 Interfaces Topology 5.3.3.5 - Configure Layer 3 Switches Instructions 7.2.3.5 - Using Wireshark to Examine a UDP DNS Capture 8.3.2.6 - Pinging and Tracing to Test the Path Instructions 9.3.1.4 - Implementing a Subnetted IPv6 Addressing Scheme Instructions 10.1.2.4 - Researching Peer-to-Peer File Sharing 11.4.2.8 - Researching Password Recovery Procedures 1.4.4.3 - Researching IT and Networking Job Opportunities Part 1: Research Job Opportunities In Part 1, you will use a web browser to visit the popular job listing web sites monster.com and salary.com. 1. Open a web browser and go to a job listing website. In the URL address bar type in http://monster.com and press Enter. Note: For job listings outside of the US, use the following link to search for your country: http://www.monster.com/geo/siteselection/ 2. Search for networking related jobs. a. Type the word Network in the Job title box. Notice that the website offers context sensitive suggestions based on the keywords provided. Either click on, or finish typing the words, Network Administrator and click the SEARCH button (see image below) . b. See results c. Now focus your search by adding terms to the keywords field box. Try terms like Cisco CCNA, CCNP, CCNA Security, CCNA Voice, etc. d. Now try refining your search by adding in different geographical locations. Did you find jobs in the locations you entered? e. Try searching a different website. Go to http://salary.com and click the Job Search menu bar button. Note: For salary listings outside of the US, use the following link to search for your country: http://www.payscale.com/rccountries.aspx Part 2: Reflect on Research In Part 2, you answer questions based on your research findings. a. What job titles did you search for? Networking and Information technology jobs. b. Did you find any jobs that you previously did not know existed? If so, what were they? No. c. Did you find any jobs that you are interested in? If so, which ones and what skills or certifications do they require? CCNA, Cyber Security, C+, A+. Comp TIA 4.1.3.5 Packet Tracer - Configuring IPv4 and IPv6 Interfaces Topology 4.1.3.5 Packet Tracer - Configuring IPv4 and IPv6 Interfaces Topology This packet tracer is in my hand out folder, Semester 2, then New Semester 2 packet tracer files Addressing Table IPv4 Address Device Subnet Mask Interface Default Gateway IPv6 Address/Prefix G0/0 172.16.20.1 255.255.255.128 N/A G0/1 172.16.20.129 255.255.255.128 N/A S0/0/0 209.165.200.225 255.255.255.252 N/A PC1 NIC 172.16.20.10 255.255.255.128 172.16.20.1 PC2 NIC 172.16.20.138 255.255.255.128 172.16.20.129 G0/0 2001:DB8:C0DE:12::1/64 N/A G0/1 2001:DB8:C0DE:13::1/64 N/A S0/0/1 2001:DB8:C0DE:11::1/64 N/A Link-local FE80::2 N/A PC3 NIC 2001:DB8:C0DE:12::A/64 FE80::2 PC4 NIC 2001:DB8:C0DE:13::A/64 FE80::2 R1 R2 Objectives Part 1: Configure IPv4 addressing and Verify Connectivity Part 2: Configure IPv6 Addressing and Verify Connectivity Packet Tracer - Configure IPv4 and IPv6 Interfaces Background Routers R1 and R2 each have two LANs. Your task is to configure the appropriate addressing on each device and verify connectivity between the LANs. Note: The user EXEC password is cisco. The privileged EXEC password is class. Part 1: Configure IPv4 Addressing and Verify Connectivity Step 1: Assign IPv4 addresses to R1 and LAN devices. Referring to the Addressing Table, configure IP addressing for R1 LAN interfaces, PC1 and PC2. The serial interface has already configured. Step 2: Verify connectivity. PC1 and PC2 should be able to ping each other and the Dual Stack Server. Part 2: Configure IPv6 Addressing and Verify Connectivity Step 1: Assign IPv6 addresses to R2 and LAN devices. Referring to the Addressing Table, configure IP addressing for R2 LAN interfaces, PC3 and PC4. The serial interface is already configured. Step 2: Verify connectivity. PC3 and PC4 should be able to ping each other and the Dual Stack Server. 5.3.3.5 - Configure Layer 3 Switches Instructions Packet Tracer - Configure Layer 3 Switches Topology Addressing Table Device Interface IP Address Subnet Mask G0/0 172.16.31.1 255.255.255.0 G0/1 192.168.0.2 255.255.255.0 G0/1 192.168.0.2 255.255.255.0 VLAN 1 182.16.31.1 255.255.255.0 R1 MLSw1 Objectives Part 1: Document the Current Network Configurations Part 2: Configure, Deploy, and Test the New Multilayer Switch Scenario The Network Administrator is replacing the current router and switch with a new Layer 3 switch. As the Network Technician, it is your job to configure the switch and place it into service. You will be working after hours to minimize disruption to the business. Note: This activity begins with a score of 8/100, because the device connections for the PCs are scored. You will delete and restore these connections in Part 2. The scoring is there to verify that you correctly restored the connections. Part 3: Document the Current Network Configurations Note: Normally a production router would have many more configurations than just interface IP addressing. However, to expedite this activity, only interface IP addressing is configured on R1. a. Click R1 and then the CLI tab. b. Use the available commands to gather interface addressing information. c. Document the information in the Addressing Table. Part 4: Configure, Deploy, and Test the New Multilayer Switch Step 1: Configure MLSw1 to use the addressing scheme from R1. a. Click MLSw1 and then the CLI tab. b. Enter interface configuration mode for GigabitEthernet 0/1. c. Change the port to routing mode by entering the no switchport command. d. Configure the IP address to be the same as the address for R1 GigabitEthernet 0/1 and activate the port. e. Enter interface configuration mode for interface VLAN1. f. Configure the IP address to be the same as the address for R1 GigabitEthernet 0/0 and activate the port. g. Save the configuration. Step 3: Deploy the new multilayer switch and verify that connectivity is restored. Note: The following steps would normally be done after hours or when traffic on the production network is at its lowest volume. To minimize downtime, the new equipment should be fully configured and ready to deploy. a. Click an empty area of the screen to unselect all devices. b. Use the Delete tool to remove all the connections, or simply delete R1, S1, and S2. c. Select the appropriate cables to complete the following: - Connect MLSw1 GigabitEthernet 0/1 to the Edge GigabitEthernet 0/0. - Connect the PCs to Fast Ethernet ports on MLSw1. d. Verify the PCs can all ping Edge at 192.168.0.1. Note: Wait until orange link lights turn green. THE TWO DIFFERENT CONNECTIONS Each PC(PC1- PC4) ping Edge at 192.168.0.1 7.2.3.5 - Using Wireshark to Examine a UDP DNS Capture Lab - Using Wireshark to Examine a UDP DNS Capture Topology Objectives Part 1: Record a PC’s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you have ever used the Internet, you have used the Domain Name System (DNS). DNS is a distributed network of servers that translates user-friendly domain names like www.google.com to an IP address. When you type a website URL into your browser, your PC performs a DNS query to the DNS server’s IP address. Your PC’s DNS server query and the DNS server’s response make use of the User Datagram Protocol (UDP) as the transport layer protocol. UDP is connectionless and does not require a session setup as does TCP. DNS queries and responses are very small and do not require the overhead of TCP. In this lab, you will communicate with a DNS server by sending a DNS query using the UDP transport protocol. You will use Wireshark to examine the DNS query and response exchanges with the name server. Note: This lab cannot be completed using Netlab. This lab assumes that you have Internet access. Required Resources 1 PC (Windows 7, Vista, or XP with a command prompt access, Internet access, and Wireshark installed) Part 5: Record a PC’s IP Configuration Information In Part 1, you will use the ipconfig /all command on your local PC to find and record the MAC and IP addresses of your PC’s network interface card (NIC), the IP address of the specified default gateway, and the DNS server IP address specified for the PC. Record this information in the table provided. The information will be used in the following parts of this lab with packet analysis. IP address MAC address Default gateway IP address DNS server IP address 172.20.67.137 34-17-EB-B3-22-2F 172.20.64.1 172.20.20.11 Part 6: Use Wireshark to Capture DNS Queries and Responses In Part 2, you will set up Wireshark to capture DNS query and response packets to demonstrate the use of UDP transport protocol while communicating with a DNS server. a. Click the Windows Start button and navigate to the Wireshark program. Note: If Wireshark is not yet installed, it can be downloaded at http://www.wireshark.org/download.html. b. Select an interface for Wireshark for capturing packets. Use the Interface List to choose the interface that is associated with the recorded PC’s IP and Media Access Control (MAC) addresses in Part 1. c. After selecting the desired interface, click Start to capture the packets. d. Open a web browser and type www.google.com. Press Enter to continue. e. Click Stop to stop the Wireshark capture when you see Google’s home page. Part 7: Analyze Captured DNS or UDP Packets In Part 3, you will examine the UDP packets that were generated when communicating with a DNS server for the IP addresses for www.google.com. Step 1: Filter DNS packets. a. In the Wireshark main window, type dns in the entry area of the Filter toolbar. Click Apply or press Enter. Note: If you do not see any results after the DNS filter was applied, close the web browser and in the command prompt window, type ipconfig /flushdns to remove all previous DNS results. Restart the Wireshark capture and repeat the instructions in Part 2b –2e. If this does not resolve the issue, in the command prompt window, you can type nslookup www.google.com as an alternative to the web browser. b. In the packet list pane (top section) of the main window, locate the packet that includes “standard query” and “A www.google.com”. See frame 4 as an example. Step 2: Examine UDP segment using DNS query. Examine UDP by using a DNS query for www.google.com as captured by Wireshark. In this example, Wireshark capture frame 4 in the packet list pane is selected for analysis. The protocols in this query are displayed in the packet details pane (middle section) of the main window. The protocol entries are highlighted in gray. a. In the packet details pane, frame 4 had 74 bytes of data on the wire as displayed on the first line. This is the number of bytes to send a DNS query to a name server requesting the IP addresses of www.google.com. b. The Ethernet II line displays the source and destination MAC addresses. The source MAC address is from your local PC because your local PC originated the DNS query. The destination MAC address is from the default gateway, because this is the last stop before this query exits the local network. Is the source MAC address the same as recorded from Part 1 for the local PC? - YES c. In the Internet Protocol Version 4 line, the IP packet Wireshark capture indicates that the source IP address of this DNS query is 192.168.1.11, and the destination IP address is 192.168.1.1. In this example, the destination address is the default gateway. The router is the default gateway in this network. Can you pair up the IP and MAC addresses for the source and destination devices? Device IP Address MAC Address Local PC 172.20.67.137 34:17:eb:b3:22:2f Default Gateway 172.20.20.11 02:e0:52:ec:39:04 The IP packet and header encapsulates the UDP segment. The UDP segment contains the DNS query as the data. d. A UDP header only has four fields: source port, destination port, length, and checksum. Each field in UDP header is only 16 bits as depicted below. Expand the User Datagram Protocol in the packet details pane by clicking the plus (+) sign. Notice that there are only four fields. The source port number in this example is 52110. The source port was randomly generated by the local PC using port numbers that are not reserved. The destination port is 53. Port 53 is a well-known port reserved for use with DNS. DNS servers listen on port 53 for DNS queries from clients. In this example, the length of this UDP segment is 40 bytes. Out of 40 bytes, 8 bytes are used as header. The other 32 bytes are used by DNS query data. The 32 bytes of DNS query data is highlighted in the following illustration in the packet bytes pane (lower section) of the Wireshark main window. The checksum is used to determine the integrity of the packet after it has traversed the Internet. The UDP header has low overhead because UDP does not have fields that are associated with three-way handshake in TCP. Any data transfer reliability issues that occur must be handled by the application layer. Record your Wireshark results in the table below: Frame Size 75 Source MAC address 34:17:eb:b3:22:2f Destination MAC address 02:e0:52:ec:39:04 Source IP address 172.20.67.137 Destination IP address 172.20.20.11 Source Port 61250 Destination Port 53 Is the source IP address the same as the local PC’s IP address recorded in Part 1? - YES Is the destination IP address the same as the default gateway noted in Part 1? - NO Step 3: Examine UDP using DNS response. In this step, you will examine the DNS response packet and verify that DNS response packet also uses UDP. a. In this example, frame 5 is the corresponding DNS response packet. Notice the number of bytes on the wire is 290 bytes. It is a larger packet as compared to the DNS query packet. b. In the Ethernet II frame for the DNS response, from what device is the source MAC address and what device is the destination MAC address? - source is from computer and destination is from default gateway c. Notice the source and destination IP addresses in the IP packet. What is the destination IP address? What is the source IP address? Destination IP address: 172.20.67.137 and Source IP address: 172.20.20.11 What happened to the roles of source and destination for the local host and default gateway? - The roles reversed d. In the UDP segment, the role of the port numbers has also reversed. The destination port number is 52110. Port number 52110 is the same port that was generated by the local PC when the DNS query was sent to the DNS server. Your local PC listens for a DNS response on this port. The source port number is 53. The DNS server listens for a DNS query on port 53 and then sends a DNS response with a source port number of 53 back to originator of the DNS query. When the DNS response is expanded, notice the resolved IP addresses for www.google.com in the Answers section. Reflection What are the benefits of using UDP instead of TCP as a transport protocol for DNS? - UDP is faster since it doesn't have the overhead of creating and maintaining a stream. When you are delivering data that can be lost because newer data coming in that can replace the previous data or versions like. weather data or video streaming. 8.3.2.6 - Pinging and Tracing to Test the Path Instructions Packet Tracer - Pinging and Tracing to Test the Path Topology Addressing Table IPv4 Address Device Subnet Mask Interface Default Gateway IPv6 Address/Prefix G0/0 2001:DB8:1:1::1/64 N/A G0/1 10.10.1.97 255.255.255.224 N/A 10.10.1.6 255.255.255.252 N/A R1 S0/0/1 Link-local 2001:DB8:1:2::2/64 N/A FE80::1 N/A 10.10.1.5 255.255.255.252 N/A S0/0/0 R2 2001:DB8:1:2::1/64 N/A 10.10.1.9 N/A 255.255.255.252 S0/0/1 2001:DB8:1:3::1/64 N/A Link-local FE80::2 N/A G0/0 2001:DB8:1:4::1/64 N/A G0/1 10.10.1.17 255.255.255.240 N/A 10.10.1.10 255.255.255.252 N/A R3 S0/0/1 Link-local 2001:DB8:1:3::2/64 N/A FE80::3 N/A PC1 NIC 10.10.1.98 255.255.255.224 PC2 NIC 2001:DB8:1:1::2/64 FE80::1 PC3 NIC 10.10.1.18 10.10.1.17 PC4 NIC 2001:DB8:1:4::2/64 255.255.255.240 10.10.1.97 FE80::2 - FE80::3 Objectives Part 1: Test and Restore IPv4 Connectivity Part 2: Test and Restore IPv6 Connectivity Scenario There are connectivity issues in this activity. In addition to gathering and documenting information about the network, you will locate the problems and implement acceptable solutions to restore connectivity. Note: The user EXEC password is cisco. The privileged EXEC password is class. Part 8: Test and Restore IPv4 Connectivity Step 1: Use ipconfig and ping to verify connectivity. a. Click PC1 and click the Desktop tab > Command Prompt. b. Enter the ipconfig /all command to collect the IPv4 information. Complete the Addressing Table with the IPv4 address, subnet mask, and default gateway. c. Click PC3 and click the Desktop tab > Command Prompt. d. Enter the ipconfig /all command to collect the IPv4 information. Complete the Addressing Table with the IPv4 address, subnet mask, and default gateway. e. Test connectivity between PC1 and PC3. The ping should fail. Step 2: Locate the source of connectivity failure. a. From PC1, enter the necessary command to trace the route to PC3. What is the last successful IPv4 address that was reached? - 10.10.1.97 b. The trace will eventually end after 30 attempts. Enter Ctrl+C to stop the trace before 30 attempts. c. From PC3, enter the necessary command to trace the route to PC1. What is the last successful IPv4 address that was reached? - 10.10.1.17 d. Enter Ctrl+C to stop the trace. e. Click R1 and then the CLI tab. Press ENTER and log in to the router. f. Enter the show ip interface brief command to list the interfaces and their status. There are two IPv4 addresses on the router. One should have been recorded in Step 2a. What is the other? - 10.10.1.6 g. Enter the show ip route command to list the networks to which the router is connected. Note that there are two networks connected to the Serial0/0/1 interface. What are they? - 10.10.1.4/30 and 10.10.1.6/32 h. Repeat step 2e to 2g with R3 and the answers here. - (f) - 10.10.1.10 (g) - 10.10.1.8/30 and 10.10.1.10/32 Notice how the serial interface for R3 changes. i. Run more tests if it helps visualize the problem. Simulation mode is available. Show ip interface brief and show ip route command executed Step 3: Propose a solution to solve the problem. a. Compare your answers in Step 2 to the documentation you have available for the network. What is the error? - Router 2’s s0/0/0 IP address(10.10.1.2) is not right, and it prevents PC1 to communicate/connect to PC3 b. What solution would you propose to correct the problem? - Solution is to change the s0/0/0’s IP address of router 2 from 10.10.1.2 to 10.10.1.5 HERE’s the steps(commands to change the ip): o conf t o int s0/0/0 o ip address 10.10.1.5 255.255.255.252 o no shutdown Step 4: Implement the plan. Implement the solution you proposed in Step 3b. Step 5: Verify that connectivity is restored. a. From PC1 test connectivity to PC3. b. From PC3 test connectivity to PC1. Is the problem resolved? – YES, look at the screenshot on step 4, PC1 was able to ping PC3 successfully. PC3 was able to ping PC1 too. Step 6: Document the solution. - Basically just changed the Router 2’s s0/0/0 ip from 10.10.1.2 to 10.10.1.5 then the problem is solved. Here’s a step by step commands on how to change it: conf t, int s0/0/0, ip address 10.10.1.5 255.255.255.252, no shutdown. Part 9: Test and Restore IPv6 Connectivity Step 1: Use ipv6config and ping to verify connectivity. a. Click PC2 and click the Desktop tab > Command Prompt. b. Enter the ipv6config /all command to collect the IPv6 information. Complete the Addressing Table with the IPv6 address, subnet prefix, and default gateway. c. Click PC4 and click the Desktop tab > Command Prompt. d. Enter the ipv6config /all command to collect the IPv6 information. Complete the Addressing Table with the IPv6 address, subnet prefix, and default gateway. e. Test connectivity between PC2 and PC4. The ping should fail. Step 2: Locate the source of connectivity failure. a. From PC2, enter the necessary command to trace the route to PC4. What is the last successful IPv6 address that was reached? - 2001:DB8:1:1::1 b. The trace will eventually end after 30 attempts. Enter Ctrl+C to stop the trace before 30 attempts. c. From PC4, enter the necessary command to trace the route to PC2. What is the last successful IPv6 address that was reached? - nothing, it wont go through d. Enter Ctrl+C to stop the trace. e. Click R3 and then the CLI tab. Press ENTER and log in to the router. f. Enter the show ipv6 interface brief command to list the interfaces and their status. There are two IPv6 addresses on the router. One should match the gateway address recorded in Step 1d. Is there a discrepancy? - Yes there is a discrepancy, the default gateway of PC 4 should be FE80::3, so it would be able to go through router three and be able to connect to the other computer. g. Run more tests if it helps visualize the problem. Simulation mode is available. Step 4: Propose a solution to solve the problem. a. Compare your answers in Step 2 to the documentation you have available for the network. What is the error? - The PC4 default gateway is FE80::2 while the default gateway of router3 is FE80::3. b. What solution would you propose to correct the problem? - Change the default gateway of PC4 from FE80::2 to FE80::3 Step 5: Implement the plan. Implement the solution you proposed in Step 3b. Step 6: Verify that connectivity is restored. a. From PC2 test connectivity to PC4. b. From PC4 test connectivity to PC2. Is the problem resolved? YES, they are both able to ping each other. STEP 7: Document the solution. Basically, change the default gateway of PC4 from FE80::2 to FE80::3, you can do this by clicking on PC4 then on the tab, click on Desktop then click on the IP Configuration and then change the default gateway. PROOF THAT WE FINISHED THE LAB: 9.3.1.4 - Implementing a Subnetted IPv6 Addressing Scheme Instructions Packet Tracer - Implementing a Subnetted IPv6 Addressing Scheme Topology Addressing Table Device R1 R2 PC1 Interface IPv6 Address Link-Local G0/0 2001:DB8:ACAD:00C8::1/64 FE80::1 G0/1 2001:DB8:ACAD:00C9::1/64 FE80::1 S0/0/0 2001:DB8:ACAD:00CC::1/64 FE80::1 G0/0 2001:DB8:ACAD:00CA::1/64 FE80::2 G0/1 2001:DB8:ACAD:00CB::1/64 FE80::2 S0/0/0 2001:DB8:ACAD:00CC::2/64 FE80::2 NIC Auto Config PC2 NIC Auto Config PC3 NIC Auto Config PC4 NIC Auto Config Objectives Part 1: Determine the IPv6 Subnets and Addressing Scheme Part 2: Configure the IPv6 Addressing on Routers and PCs and Verify Connectivity Packet Tracer - Implementing a Subnetted IPv6 Addressing Scheme Scenario Your network administrator wants you to assign five /64 IPv6 subnets to the network shown in the topology. Your job is to determine the IPv6 subnets, assign IPv6 addresses to the routers, and set the PCs to automatically receive IPv6 addressing. Your final step is to verify connectivity between IPv6 hosts. Part 1: Determine the IPv6 Subnets and Addressing Scheme Step 1: Determine the number of subnets needed. Start with the IPv6 subnet 2001:DB:ACAD:00C8::/64 and assign it to the R1 LAN attached to GigabitEthernet 0/0, as shown in the Subnet Table. For the rest of the IPv6 subnets, increment the 2001:DB:ACAD:00C8::/64 subnet address by 1 and complete the Subnet Table with the IPv6 subnet addresses. Subnet Table Subnet Description R1 G0/0 LAN Subnet Address 2001:DB:ACAD:00C8::0/64 R1 G0/1 LAN 2001:DB8:ACAD:00C9::/64 R2 G0/0 LAN 2001:DB8:ACAD:00CA::/64 R2 G0/1 LAN 2001:DB8:ACAD:00CB::/64 WAN Link 2001:DB:ACAD:00CC::/64 Step 2: Assign IPv6 addressing to the routers. a. Assign the first IPv6 addresses to R1 for the two LAN links and the WAN link. b. Assign the first IPv6 addresses to R2 for the two LANs. Assign the second IPv6 address for the WAN link. c. Document the IPv6 addressing scheme in the Addressing Table. Part 2: Configure the IPv6 Addressing on Routers and PCs and Verify Connectivity Step 1: Configure the routers with IPv6 addressing. Note: This network is already configured with some IPv6 commands that are covered in a later course. At this point in your studies, you only need to know how to configure IPv6 address on an Packet Tracer - Implementing a Subnetted IPv6 Addressing Scheme interface. Configure R1 and R2 with the IPv6 addresses you specified in the Addressing Table and activate the interfaces. Router(config-if)# ipv6 address ipv6-address/prefix Router(config-if)# ipv6 address ipv6-link-local link-local Step 2: Configure the PCs to automatically receive IPv6 addressing. Configure the four PCs for autoconfiguration. Each should then automatically receive full IPv6 addresses from the routers. Lab – Researching Password Recovery Procedures Step 3: Verify connectivity between the PCs. Each PC should be able to ping the other PCs and the routers. Lab – Researching Password Recovery Procedures Suggested Scoring Rubric Activity Section Part 1: Determine IPv6 Subnets and Addressing Scheme Question Location Possible Points Subnet Table 30 Addressing Table 30 Part 1 Total 60 Packet Tracer Score 40 Total Score 100 Earned Points Lab – Researching Password Recovery Procedures Final Outcome a working IPV6 Network Topology: Lab – Researching Password Recovery Procedures Lab – Researching Password Recovery Procedures 10.1.2.4 - Researching Peer-to-Peer File Sharing Lab – Researching Password Recovery Procedures 10.1.2.4 - Researching Peer-to-Peer File Sharing Objectives Part 1: Identify P2P Networks, File Sharing Protocols, and Applications Part 2: Research P2P File Sharing Issues Part 3: Research P2P Copyright Litigations Background / Scenario Peer-to-peer (P2P) computing is a powerful technology that has many uses. P2P networks can be used to share and exchange music, movies, software, and other electronic materials. The use of P2P networks to upload, download, or share copyrighted material, such as movies, music, and software, can violate the rights of copyright owners. In the P2P file-sharing context, infringement may occur, for example, when one person purchases an authorized copy and then uploads it to a P2P network to share with others. Both the individual who makes the file available and those making copies may be found to have infringed the rights of the copyright owners and may be violating copyright law. Another problem with P2P file sharing is that very little protection is in place to ensure that the files exchanged in these networks are not malicious. P2P networks are an ideal medium for spreading malware (computer viruses, worms, Trojan horses, spyware, adware, and other malicious programs). In 2010, Cisco reported increases in P2P activity, coupled with recent P2P malware developments, suggesting that P2P file shares are becoming increasingly favored by users and malware attackers alike. In this lab, you will research available P2P file sharing software and identify some issues that can arise from the use of this technology. Part 1: Identify P2P Networks, File Sharing Protocols, and Applications In Part 1, you will research P2P networks and identify some popular P2P protocols and applications. Step 1: Define P2P networking. a. What is a P2P network? Peer to peer networking is a decentralized form of network communications where each involved party has the same capabilities as the other, such as initiating communication. Each involved party acts both as a client and a server in comparison to the traditional client/server model. P2P is b. What are some advantages that P2P provides over client-server architecture? In a P2P architecture, there is minimal or no reliance for always-on infrastructure servers. With P2P pairs of intermittently connected hosts, called peers, communicate directly with each other. The advantages of P2P can be file distribution because each peer can redistribute any portion of the file it has received to any other peers instead of having one server distributing a large file to multiple clients. c. What are some disadvantages of P2P networks? Since P2P networks are usually from one peer to another and not managed by a server. One peer may be able to distribute malware unknowingly to others since it is not managed. Lab – Researching Password Recovery Procedures Step 2: Identify P2P file sharing protocols and applications. a. Identify some P2P file sharing protocols used today. Ares (Ares Galaxy, Warez P2P) Bitcoin (Bitcoin, Alt-Coins) BitTorrent (ABC [Yet Another BitTorrent Client], Azureus, BitComet, BitSpirit, BitTornado, BitTorrent.Net, G3 Torrent, mlMac, MLdonkey, QTorrent, Shareaza, µTorrent, etc.) Direct Connect (BCDC++, DC++, NeoModus Direct Connect, etc.) FastTrack (Grokster, iMesh, Kazaa, Morpheus, etc.) b. What are some popular P2P file sharing applications available today? UTorrent Transmission MediaGet BitTorrent Frostwire c. What P2P file sharing protocol is attributed to producing the most P2P traffic on the Internet today? It has been observed that P2P file sharing applications dominate internet usage of internet traffic. In 20082009 this study showed that P2P networks generated the most traffic in monitored regions in Northern Africa 43% and Eastern Europe 70% Cohen, B. (2003). Incentives build robustness in BitTorrent. Proceedings of P2P Economics Workshop, Berkeley, CA, USA. This study also identified BitTorrent as the most protocol on the internet. Part 2: Research P2P File Sharing Issues In Part 2, you will research P2P copyright infringement and identify other issues that can occur with P2P file sharing. Step 1: Research P2P copyright infringement. a. What does the acronym DMCA stand for and what is it? Digital Millennium Copyright Act- It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures (commonly known as digital rights management or DRM) that control access to copyrighted works. It also criminalizes the act of circumventing an access control, whether or not there is actual infringement of copyright itself. In addition, the DMCA heightens the penalties for copyright infringement on the Internet. b. Name two associations that actively pursue P2P copyright infringement? Recording Industry Association of America (RIAA) Motion Picture Association of America (MPAA) c. What are the penalties for copyright infringement? Copyright infringement is the act of violating any of a copyright owner’s exclusive rights granted by the federal Copyright Act. There are three elements that must be in place in order for the infringement to occur: The copyright holder must have a valid copyright. The person who is allegedly infringing must have access to the copyrighted work. The duplication of the copyrighted work must be outside the exceptions. Lab – Researching Password Recovery Procedures The legal penalties for copyright infringement are: Infringer pays the actual dollar amount of damages and profits. The law provides a range from $200 to $150,000 for each work infringed. Infringer pays for all attorneys fees and court costs. The Court can issue an injunction to stop the infringing acts. The Court can impound the illegal works. The infringer can go to jail. https://www.lib.purdue.edu/uco/CopyrightBasics/penalties.html d. What are the file sharing copyright laws in your area? Are they more strict or less strict than those in other areas of the world? How aggressively do enforcement agencies in your area pursue those who share copyrighted material? On Campus CSUMB Network states the following, Penalties for copyright infringement include civil and criminal penalties. In general, anyone found liable for civil copyright infringement may be ordered to pay either actual damages or "statutory" damages affixed at not less than $750 and not more than $30,000 per work infringed. For "willful" infringement, a court may award up to $150,000 per work infringed. A court can, in its discretion, also assess costs and attorneys' fees. For details, see Title 17, United States Code, Sections 504, 505. Willful copyright infringement can also result in criminal penalties, including imprisonment of up to five years and fines of up to $250,000 per offense. http://csumb.edu/node/2798 Step 2: Research other P2P issues. a. What types of malware can be transported through P2P file sharing? From a study in 2006 http://conferences.sigcomm.org/imc/2006/papers/p33-kalafut.pdf they found 95 different types of malware in Limewire and 38 in OpenFT. Types of malware included Worms, Trojans, and downloaders. b. What is Torrent Poisoning? Torrent Poisoning is when peers knowingly share torrents or corrupted files with one another in a P2P network. This can also include sharing files with misleading names that are not really the contents of the file. c. How could identity theft occur through the use of P2P file sharing? In P2P network a user may share files or permissions to folders on their computer not knowingly. If a person has sensitive information such as personal data and is sharing the file with another peer on the network. For example if you were using Limewire and were sharing your downloads folder with the other peers to search from, if you accidentally saved your tax return information on there, other peers will have access to everything that is in the folder, including your tax return. Part 3: Research P2P Copyright Litigations Lab – Researching Password Recovery Procedures In Part 3, you will research and identify some historical legal actions that have occurred, as a result of P2P copyright infringement. a. What was the first well-known P2P application that specialized in MP3 file sharing and was shut down by court order? Napster b. What was one of the largest P2P file sharing lawsuits ever? BitTorrent vs. Expendables. Reflection 1. How can you be sure that the files you are downloading from P2P networks are not copyrighted and are safe from malware? Make sure you just are vigilant in what you download and upload from the internet. Be aware of what is out there and do research if you question something that sounds to good to be true. Keep your antivirus software updated and do scans weekly. Make sure you check your settings and make sure that you are not sharing a whole folder with everyone. Lab – Researching Password Recovery Procedures 11.4.2.8 - Researching Password Recovery Procedures Lab – Researching Password Recovery Procedures Lab 11.4.2.8 - Researching Password Recovery Procedures Objectives Part 1: Research the Configuration Register Identify the purpose of the configuration register. Describe router behavior for different configuration register values. Part 2: Document the Password Recovery Procedure for a Specific Cisco Router Research and record the process for password recovery on a specific Cisco router. Answer questions based on the researched procedure. Background / Scenario The purpose of this lab is to research the procedure for recovering or resetting the enable password on a specific Cisco router. The enable password protects access to privileged EXEC and configuration mode on Cisco devices. The enable password can be recovered, but the enable secret password is encrypted and would need to be replaced with a new password. In order to bypass a password, a user must be familiar with the ROM monitor (ROMMON) mode, as well as the configuration register setting for Cisco routers. ROMMON is basic CLI software stored in ROM that can be used to troubleshoot boot errors and recover a router when an IOS is not found. In this lab, you will begin by researching the purpose and settings of the configuration register for Cisco devices. You will then research and detail the exact procedure for password recovery for a specific Cisco router. Required Resources Device with Internet access Part 1: Research the Configuration Register To recover or reset an enable password, a user will utilize the ROMMON interface to instruct the router to ignore the startup configuration when booting. When booted, the user will access privilege EXEC mode, overwrite the running configuration with the saved startup configuration, recover or reset the password, and restore the router’s boot process to include the startup configuration. Lab – Researching Password Recovery Procedures The router’s configuration register plays a vital role in the process of password recovery. In the first part of this lab, you will research the purpose of a router’s configuration register and the meaning of certain configuration register values. Step 1: Describe the purpose of the configuration register. What is the purpose of the configuration register? - Configuration register is a 16-bit number, and it's represented in hexadecimal. It controls everything from the way in which a CISCO router boots to whether or not it will process the contents of the startup configuration file. What command changes the configuration register in configuration mode? config-register - What command changes the configuration register in the ROMMON interface? - confreg Step 2: Determine configuration register values and their meanings. Research and list the router behavior for the following configuration register values. 0x2102 - Ignores break, Boots into ROM if initial boot fails, 9600 console baud rate default value for most platforms 0x2142 - Ignores break, Boots into ROM if initial boot fails, 9600 console baud rate, Ignores the contents of Non-Volatile RAM (NVRAM) (ignores configuration) What is the difference between these two configuration register values? - The difference is the 0x2102 is setting for normal router operation, while the 0x2142 setting ignores the start-up configuration so it can allow the user to recover or reset the enable password. Part 2: Document the Password Recovery Procedure for a Specific Cisco Router For Part 2, you will describe the exact procedure for recovering or resetting a password from a specific Cisco router and answer questions based on your research. Your instructor will provide you with the exact router model to research. Step 1: Detail the process to recover a password on a specific Cisco router. Lab – Researching Password Recovery Procedures Research and list the steps and commands that you need to recover or reset the enable or enable secret password from your Cisco router. Summarize the steps in your own words. To recover a password on cisco 1900 Series router: 1. Establish a terminal connection with the router using a terminal emulator such as Tera Term or any other ones. 2. Boot to ROMMON 3. Type confreg 0x2142 at the prompt 4. Type reset at the next prompt 5. Type no at the initial config dialog 6. and then type enable at the router prompt 7. Then type copy startup-config running-config to load the startup configuration 8. Type show running-config 9.Record unencrypter enable password then reset an encrypted one 10. In configuration mode, type config-register 0x2102 11. Then in privilege mode, type copy running-config startup-config in order to save configuration. 12. then verify the configuration register settings, show version command should be used Lab – Researching Password Recovery Procedures Step 2: Answer questions about the password recovery procedure. Using the process for password recovery, answer the following questions. Describe how to find the current setting for your configuration register. - Show version command provides the current setting for the configuration reguster Describe the process for entering ROMMON. - if using Tera Term, the user can boot the router and hit alt+b. also, the user can remove the flash and then restart the router for it to boot to the ROMMON utility. What commands do you need to enter the ROMMON interface? - confreg 0x2142 in order to change the configuration settings, and then reset to reboot the router. What message would you expect to see when the router boots? - "Continue with configuration dialog?" Why is it important to load the startup configuration into the running configuration? - it is important because it ensures that the original startup configuration remains the same if the user saves during the password recovery process. Why is it important to change the configuration register back to the original value after recovering password? - it is important because it ensures that the router will load the current startup configuration next time. Reflection 1. Why is it of critical importance that a router be physically secured to prevent unauthorized access? - it is important for the router to be physically secured to prevent unauthorized access because the password recovery password procedure requires direct physical access to the device. It provide better security this way.