Browsing articles in "Tutorial"
Jun
22
2009
Have you never seen a Cisco crash?

It is not common see a Cisco crash: Software forced crash, Bus Error, Software watchdog timeout, and so on… But if you would do it, there is a pretty trick :) : it’s the “test crash” command, an hidden IOS command. This can help you if you are lucky enough to have the real crash exactly like one of those you can test with “test crash” command.

May
19
2009
BGP best path selection

The Border Gateway Protocol (BGP) is an interautonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP). BGP is a very robust and scalable routing protocol, as evidenced […]

Apr
16
2009
Tips for securing Cisco administrative access

In this article I would explain some tips for securing Cisco administrative access. When creating passwords, keep these rules in mind: Make passwords lengthy Passwords should combine letters, numbers, and symbols. Passwords should not use dictionary words Change passwords as often as possible Strong passwords are the primary defense against unauthorized access to your router. The best way to manage passwords is to maintain them on an AAA server, but not all people can have/manage a AAA server. Cisco provides a number of enhanced features that allow you to increase the security of your passwords. For the basic configuration read […]

Apr
6
2009
Banner, what is that?

One of the things that usually are not implemented by the network administrator is the banner; but what and why use it? The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH. There are two main reasons to implement banner on our router/switch: Banner messages should be used to warn would-be intruders that they are not welcome on your network. Banner are useful to quickly […]

Mar
17
2009
How to protect against BPDU attack
bpdu_attack_2

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability! See below to understand BPDU attack: In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that all the switches have the same priority).

Feb
17
2009
Use MRTG to monitor bandwidth

In “An introduction to SNMP” I have explained how SNMP protocol works and how use it; but what are the softwares that use SNMP to monitor network bandwith? HP Openview, Ciscoworks, MRTG are some examples. In this article I will explain how monitor Cisco Switches/Routers bandwith under a Linux machine using a free open source tool: MRTG. The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic. MRTG consists of a Perl script which uses SNMP to read the traffic counters […]

Feb
10
2009
Why use HSRP version 2?

Not everyone knows that HSRP, a fault-tolerant default gateway protocol, has two versions: version 1 (the default) and version two. The second version was integrated from IOS Release 12.2(25)S. HSRP Version 2 features: It advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases. It expands the group number range from 0 to 4095 and consequently uses a new MAC address range 0000.0C9F.F000 to 0000.0C9F.FFFF. It provides improved management and troubleshooting: the HSRP version 2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field […]

Jan
29
2009
The PPDIOO network lifecycle

One of the first topic presented in the “Designing for Cisco Internetwork Solutions (DESGN)” book is about the network design methodology. This methodology is composed by six phases closely related: prepare, plan, design, implement, operate, optimize. As show in this figure, the PPDIOO lifecycle phases are separate, yet closely related.  

Jan
19
2009
Preventing STP forwarding loops
stp_loops_2

The Spanning Tree Protocol is an OSI layer-2 protocol that ensures a loop-free topology for any bridged LAN. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links. Bridge loops must be avoided because they result in flooding the network. The Spanning Tree Protocol (STP), is defined in the IEEE Standard 802.1D. As the name suggests, it creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches), and […]

Jan
5
2009
Protecting against MAC flooding attack
mac_flooding_attack_2

In a typical MAC flooding attack, a switch is flooded with packets, each containing different source MAC addresses. The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table. The result of this attack causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out on all ports (as with a hub), instead of just down the correct port as per normal operation. A malicious user could then use a packet sniffer running in promiscuous mode to capture sensitive data from other computers, […]