Latest Releases

Gns3 lab: Configure HTTP/HTTPS Server On Cisco Router

CONFIGURE HTTP/HTTPS SERVER ON CISCO ROUTER

 DESCRIPTION

 In this tutorial, we are going to learn many concepts of networking and security.
Networking

 [+] We create a design of the network.
[+] We configure the network which consist of:
Configure hostname, domain name.
Generate crypto keys
Configure line vty, interfaces, DHCP Pool.
Create the user.
Configure the HTTP and HTTPS on cisco router.
[+] We verify the accounts by accessing through telnet and SSH.
[+] Access cisco router through browser. (Last activity).

Security
[+] In security, we perform network mapping using nmap tool.
[+] Check how many ports are open after configuring the services on cisco router.
[+] Check version of services running on port 80,443.

NETWORK SCENARIO

[+] Again in this tutorial, we take a very simple network scenario which consists of one cisco router 7200 series and one virtual machine ( running kali linux).
  • Network: 10.0.0.0
  • Router IP: 10.0.0.1
  • Linux IP: 10.0.0.2

[+] See the below image for more details about the network.


CONFIGURE HTTP AND HTTPS SERVER 

CONFIGURE HOSTNAME 

R1(config)#hostname router1

CONFIGURE DOMAIN NAME 

router1(config)#ip domain-name hackingdna.com

 GENERATE CRYPTO KEYS 

router1(config)#crypto key generate rsa general-keys modulus 1024

CONFIGURE LINE VTY 

router1#config t
router1(config)#line vty 0 4
router1(config-line)#login local
router1(config-line)#end
router1#

CONFIGURE INTERFACE 

router1#config t
router1(config)#int f0/0
router1(config-if)#ip add 10.0.0.1 255.0.0.0
router1(config-if)#no shut
router1(config-if)#exit
router1(config)#

CONFIGURE DHCP POOL 

router1(config)#ip dhcp pool networkingdna
router1(dhcp-config)#network 10.0.0.0
router1(dhcp-config)#dns-server 10.0.0.1
router1(dhcp-config)#default-router 10.0.0.1
router1(dhcp-config)#exit
router1(config)#end
router1#

CONFIGURE HTTP SERVER 

router1(config)#ip http server
router1(config)#ip http secure-server
router1(config)#ip http authentication local

CREATE USER 
router1(config)#username vivek privilege 15 password 0 12345
router1(config)#logging buffered 51200 warning
router1(config)#

VERIFYING SSH


ACCESS TELNET 



PERFORMING ENUMERATION OF HTTP AND HTTPS


VERSION SCAN 
  • Find out what information you will get when you perform a version scan on port 80 and 443
  • See the below output of nmap:

SSLSCAN

  • Now we know that ssl is running on port 443. Lets confirm it which version of ssl is running on this cisco router.
  • We can make this work easier by using sslscan. You can find this tool easily on kali linux or simply you can download from the repositories. 
  • Lets see the output of sslscan.


ACCESSING ROUTER PAGE THROUGH HTTPS 
  • To access this page, open your web browser and enter the router ip address.
  • As you enter the router ip, it shows some exception. Click on add exception to move forward.
  • See the below image for more help-

 ENTER THE USERNAME PASSWORD 

  • To access the router, we need to enter the (username) and password (12345).
  • See the below image for more details:


FINALLY YOU REACHED YOUR DESTINATION


AT THE END

  • If you configure and practice this way you can make your networking and security more interesting.
  • I hope this tutorial help all many of you.
  • If you like this post you can share with your friends or comment here.
  • Keep following us for more interesting tutorials.
  • You can also join us on our facebook pages. Links are below


THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSES ONLY/-
Read »

GNS3 LAB: Configure SSH on cisco router

CONFIGURE SSH ON CISCO ROUTER 


DESCRIPTION 

 [+] In this tutorial, you will learn about the SSH.
[+] First the network design.
[+] Second we cover all the steps of configuring ssh.
[+] Third we access router through SSH.
[+] We also see some of the commands that are helpful for us.
[+] This is not the end, now we enumerate the ssh protocol using nmap tool.
[+] At last we will see how to configure the sshv2 on cisco router and see the nmap scanning result one more time.

NETWORK SCENARIO

  • This is our network scenario,  We use GNS3, one router, one virtual machine, create a 10.0.0.0 network. 
  • See the below image for more help-



CHANGE THE HOSTNAME 

 R1(config)#hostname router2

router2(config)#


 SET DOMAIN NAME 
router2(config)#ip domain-name hackingdna.com

GENERATE RSA CERTIFICATE

 In this step we generate rsa keys that will use in SSH process.

Command

 router2(config)#crypto key generate rsa general-keys modulus 1024
router2(config)#end
router2#

CONFIGURE TRANSPORT INPUT PROTOCOLS ON VTY LINES

router2(config)#line vty 0 4
router2(config-line)#login local
router2(config-line)#end
router2#

CREATE USER 

router2(config)#username admin privilege 15 secret password
router2(config)#end
router2#

CONFIGURE INTERFACE

router2(config)#int f0/0
router2(config-if)#ip add 10.0.0.1 255.0.0.0
router2(config-if)#no shut
router2(config-if)#exit
router2(config)#

CONFIGURE DHCP POOL

router2(config)#ip dhcp pool networkdna
router2(dhcp-config)#network 10.0.0.0
router2(dhcp-config)#dns-server 10.0.0.1
router2(dhcp-config)#default-router 10.0.0.1
router2(dhcp-config)#exit

ACCESS ROUTER USING SSH 


SHOW SSH COMMAND 


SMALL ASSESSMENT THROUGH NMAP TOOL

NMAP RESULT
  • We perform a stealth scan using nmap to see the open ports on a cisco device.
  • See the below image, it shows that port 22 (SSH) and port 23(TELNET) are opened.

VERSION SCAN RESULT 
  • Observe the below image, this scan will give some extra information i.e it's showing SSH version information which is very helpful for every enumeration process.
  • Remember: The more information you collect, more good for your VAPT process.

SCRIPT SCAN 
  • In this scan observe sshv1 detected by nmap.
  • See the below image for more help:

CONFIGURE SSH VERSION 2 

COMMAND
router2(config)#ip ssh version 2
router2(config)#exit
router2#

AFTER CONFIGURE SSH VERSION 2


AT THE END 

I hope this tutorial will help lots of young people who are new to information security.
Lots more tutorials are still to come. Keep following us.
If you like this tutorial you can join us through our facebook channels. Links are below.

THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSES ONLY/-

Read »

Gns3 lab: Configure dhcp on cisco router

CONFIGURE DHCP ON CISCO ROUTER



DESCRIPTION 

[+] In this tutorial we learn how to configure the DHCP to create a small testing lab.
[+] First we create a network using one router and virtual machine.
[+] Second we configure the interface f0/0, see this post:
link: http://networkingdna.blogspot.in/2015/06/configure-telnet-on-cisco-router.html
[+] Third we configure the dhcp pool.
[+] Fourth from the Linux machine, we check the connectivity between linux machine and router.
[+] Below is the lab setup image.



 HOW TO CONFIGURE DHCP 

 STEPS

 R1(dhcp-config)#ip dhcp pool networkingdna
R1(dhcp-config)#network 10.0.0.0
R1(dhcp-config)#dns-server 10.0.0.1
R1(dhcp-config)#default-router 10.0.0.1
R1(dhcp-config)#exit

Below is the image for more help-

ENABLE DHCP SERVICE 

Usually DHCP service is enabled by default. But in case if you want to start and stop  DHCP service you can use this command.

To Enable DHCP
R1(dhcp-config)#service dhcp

 To Disable DHCP 
R1(dhcp-config)#no service dhcp

 ON LINUX MACHINE 
  • Observe DHCP automatically assigned the ip address to the linux machine.
  • To verfiy the connectivity we ping the router address.
  • See the below image for more details: 

AT THE END 
  • This tutorial will help to make a lab in a easy way to test your router. These are basic tutorial but very useful in different scenarios.
  • Keep following us, we come up soon with more interesting tutorials.
  • You can connect us with this link: https://www.facebook.com/networkingdna

THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSES ONLY/-

Read »

Configure Telnet On Cisco Router


CONFIGURE TELNET ON CISCO ROUTER 

Description

 In this tutorial,we will learn how to configure the line vty line. Tutorial covers few points such as:

[+] Create a network on GNS3
[+] Configure IP address on router.
[+] Configure line vty line.
[+] Run nmap command to see the open ports.
[+] Access router through telnet command from the linux machine.

This is a basic tutorial to learn how to configure a small lab for testing purposes. Its up to you what else you can do with it.
Also make sure that their should be proper connectivity between the router and linux machine.

DEVICE INFORMATION 

Details: 

GNS3: Latest version GNS 1.3.7
Virtual Box: 4.3.28
Router:  7200 series IOS Image
Operating System: Linux (Kali Linux)

CREATE A NETWORK IN GNS3

  • To create a network, we have used 1 router and 1 linux virtual machine.
  • Network is of class A address i.e 10.0.0.0
  • You can see the below image for more help:


CONFIGURE IP ADDRESS ON ROUTER 
  • To configure ip address, follow the below command given below or shown in the below image.
  • See the below image to configure the fast interface 0/0.


Commands

R1#config t
R1(config)#int f0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#

CONFIGURE LINE VTY 


Commands

R1#
R1#config t
R1(config)#line vty 0 4
R1(config-line)#password 12345
R1(config-line)#login
R1(config-line)#exit
R1(config)#enable secret cisco123
R1(config)#

WHAT HAPPEN WHEN WE CONFIGURE LINE VTY 
  • When we configure line vty we started telnet service on port 23.
  • You can check this using nmap tool as shown in the below image.
  • In the below image, observe that port 23 is open when we configure line vty.

ACCESS TELNET THROUGH LINUX MACHINE 

  • Now through the linux machine get access to the router using telnet command.
  • See the below image for more help.
  • Command: telnet <router ip>

AT THE END 
  • This tutorial is just for beginners who wants to setup a basic lab in their laptop.
  • Keep following the we are coming with more tutorials that help you in penetration testing.
  • You can join us on facebook. Here is the link to connect: https://www.facebook.com/hackingDNA

THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSES ONLY/-

Read »

Welcome To NetworkingDNA

About Us 

NetworkingDNA

 Our Mission is to create a knowledge bases of different technologies . 

 Technologies Used 

GNS3 is an open source software that simulate complex networks while being as close as possible to the way real networks perform. All of this without having dedicated network hardware such as routers and switches.
VMware Workstation
 VMware Workstation is the most advanced virtualization software for desktop and laptop computers. The VMware Workstation 10 release further strengthens the product’s leadership in providing the broadest, deepest OS support (including Windows 8.1), best-in-class virtual machine architecture, the richest desktop user experience and an unmatched set of value-added features to enhance the productivity of technical professionals and the organizations they serve.
Wireshark 
is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

 Cisco Packet Tracer
 Cisco Packet Tracer is a powerful network simulation program that allows students to experiment with network behavior and ask “what if” questions. As an integral part of the Networking Academy comprehensive learning experience, Packet Tracer provides simulation, visualization, authoring, assessment, and collaboration capabilities and facilitates the teaching and learning of complex technology concepts.

Read »
Subscribe to: Posts (Atom)

Ads

Copyright © 2015 NetworkingDNA

Designed by Templatezy | Distributed By Gooyaabi Templates