CST3607 Class Notes 2021-11-30

News & Tools

• GoDaddy Breached – Plaintext Passwords – 1.2M Affected
• GoDaddy Announces Security Incident Affecting Managed WordPress Service
• Scamming the scammers – catching the virus call centre scammers red-handed
  • Video: Scamming the scammers — catching the virus call centre scammers red-handed (Skip to 18 minutes)
  • Microsoft drops partner accused of cold-call scam. India-based Comantra, alleged to be involved in telephone support scam, ejected from Microsoft’s Gold Partner membership scheme
• Project N95, a nonprofit that connects people to bona fide personal protective equipment.
• Counterfeit Covid Masks Are Still Sold Everywhere, Despite Misleading Claims – Rising Covid cases have spurred a return to mask-wearing in the U.S. and overseas, at a time when flawed KN95s from China continue to dominate e-commerce sites.
• Nurdles: the worst toxic waste you’ve probably never heard of. Billions of these tiny plastic pellets are floating in the ocean, causing as much damage as oil spills, yet they are still not classified as hazardous

Cisco Discovery Protocol (CDP)

• Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help us collect information about locally attached devices.
• Using CDP, we can gather hardware and protocol information about neighbor devices—vital information for documenting and troubleshooting the network!

SW-3# sh cdp neighbors detail

Link Layer Discovery Protocol (LLDP)

• Layer Discovery Protocol (LLDP) is another dynamic discovery protocol is Link, but it’s not proprietary.
• The IEEE created a new standardized discovery protocol called 802.1AB for Station and Media Access Control Connectivity Discovery.
• LLDP defines basic discovery capabilities, but it was also enhanced to specifically address voice applications. This version is called LLDP-MED (Media Endpoint Discovery).
  • An important factor to remember is LLDP and LLDP-MED are not compatible!
• LLDP has the following configuration guidelines and limitations:
  • LLDP must be enabled on the device before you can enable or disable it on any interface.
  • LLDP is supported only on physical interfaces.
  • LLDP can discover up to one device per port.
  • LLDP can discover Linux servers.
• You can turn off LLDP completely with the no lldp run command from global configuration mode and enable it with the lldp run command.

Doing this enables it on all interfaces:

SW-3(config)# no lldp run
SW-3(config)# lldp run

To turn LLDP off or on for an interface, use the lldp transmit and lldp receive commands:

SW-3(config-if)# no lldp transmit
SW-3(config-if)# no lldp receive
SW-3(config-if)# lldp transmit
SW-3(config-if)# lldp receive

Network Time Protocol (NTP)

• NTP synchronizes clocks of computer systems/devices over packet-switched, variable-latency data networks.
• Typically you’ll have an NTP server that connects through the Internet to an atomic clock. This time can then be synchronized throughout the network to keep all routers, switches, servers, etc., receiving the same time information and in sync.
• Correct network time within the network is important because:
  • It allows the tracking of events in the network in the correct order.
  • Clock synchronization is critical for the correct interpretation of events within the syslog data.
  • Clock synchronization is critical for digital certificates.
  • Authentication like SAML SSO.
    • e.g. If there’s time difference of 5 minutes or more, between the client PC and the IdP server, no one will be able to authenticate.  The IdP would throw and error and refuse the attempt.
• For redundancy, you can set your switches to sync with the primary time source, and PC and other devices sync their times with the switch they’re connected to.

syslog

Reading system messages from a switch’s or router’s internal buffer is a popular and efficient method of seeing what’s going on with your network at a particular time.

The best way is to log messages to a syslog server, which stores time-stamped messages from your devices.

• Adverse events affecting the network usually occur when you’re not watching.
• You may need to have historical logs, to go back through, to determine what and when an event occurred.

Network devices can be configured to generate a syslog message and forward it to various destinations.

These four examples are popular ways to gather messages from Cisco devices:

• Logging buffer (on by default)
• Console line (on by default)
• Terminal lines (using the terminal monitor command)
• syslog server

By default, all messages generated by Cisco IOS go to the console port:

• Those console messages can be directed to a syslog server.

A syslog server saves copies of console messages and can time-stamp them so you can view them later. Here would be your configuration on the SF router:

SNMP (Simple Network Management Protocol)

• SNMP is an Application layer protocol that provides a message format for agents on a variety of devices to communicate with network management stations (NMSs).
• SNMP was created in 1988 (RFC 1065)
• Use SNMP v3 in the “authenticated and privacy protected” mode
• Servers being monitored must be reachable on port 161, TCP and UDP

SSH (Secure SHell)

• Use Secure Shell (SSH) instead of Telnet to connect to your devices because it creates a more secure session.
• Telnet uses an unencrypted data stream, where SSH uses encryption keys to send data, so your username and password aren’t sent in the clear.
• CORP(config)# crypto key generate rsa
• PuTTY is a very popular SSH client.

Automation

• Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code.
• Use SSH for more secure management of hosts

Hands-On Lab-12

CST3607-Lab-12-Assets-Spring-2021.zip

Hands-On Troubleshooting Quiz

• Tues. 2021-12-07
• Study the output from all the diagnostic commands
• Practice using Lab-04

Study for Exam 3

CCNA Certification Study Guide, Volume 2

• Chapters 10, 11, 12, etc. see the summary the class notes for 2021-12-04

Better Focus and Efficient Studying When Not Multitasking