SlideShare a Scribd company logo

Router hardening project.slide

Download as PPTX, PDF
Alya Al Saadi
Alya Al Saadi

This shared slides is containing some of the basic information about Router Hardening project which my team and I did in our network security class project and we used it to present our project's process and procedures. Our project scenario was to harden the network and routers for hypothetical organization so we decided to do it for a bank and we called it ANS bank referring to first letters of the team members.

1 of 15
Hardening Router Project Alya Mabrouk Al Saadi 20090000 Noora M. Al Shehi 20090000 Shaikha M. Al Mulla 20090000 Instructor: Huwida Said CIT335-501 Spring 2013 9/12/2014 Designed by Alya Alsaadi 1
Outline 2 Network Topology 3 Conclusion 5 References Project’s Objective Experimental procedures Hardening procedures 9/12/2014 Designed by Alya Alsaadi 2
Project’s Objective--- • Securing routers • Combining security and networking concepts • Team work • Troubleshooting • Time management 2 9/12/2014 Designed by Alya Alsaadi 3
Experimental procedures --- Hardware: Laptops Quantity : 4 Switches Quantity: 3 Routers Quantity: 3 Cables straight cables Quantity: 7 Cross-over cables Quantity: 2 serial cables Quantity: 2 console cables Quantity: 3 2 9/12/2014 Designed by Alya Alsaadi 4
Experimental procedures --- 2 Software: Packet tracer Hyper Terminal 9/12/2014 Designed by Alya Alsaadi 5
Network Topology --- 5 networks 4 PCs Class B & C IP address 3 Layer 2 devices “switches” 3 Layer 3 devices “ Routers” 3 9/12/2014 Designed by Alya Alsaadi 6
Hardening procedures --- • Basic configuration • Task 1 Basic Access Control: console password, VTY and AUX password, • Task 2 Warning Banner: message of the day “MOTD” banner. • Task 3 disable Unnecessary Protocols and Services: • 3.1 - Disable Echo, Chargen and discard • 3.2- Disable finger • 3.3 - Disable the httpd interface • 3.4 - Disable ntp (if you are not using it) • Task 4 shutdown unused port in LAN and WAN network: 9/12/2014 Designed by Alya Alsaadi 7
Enhanced Network Topology --- 7 networks 5 PCs Class B & C IP address 3 Layer 2 devices “switches” 3 Layer 3 devices “ Routers” 2 Servers 3 9/12/2014 Designed by Alya Alsaadi 8
Hardening procedures --- • Task 1 Access control list ACL: HQ(config)#access-list 102 deny icmp any any echo HQ(config)#access-list 102 permit ip any any HQ(config)#int s0/0/1 Figure 13: Ping from PC4 to the webserver HQ(config-if)#ip access-group 102 in HQ(config-if)#int s0/0/0 HQ(config-if)#ip access-group 102 in • Result: Ping from PC4 to web server 9/12/2014 Designed by Alya Alsaadi 9
Hardening procedures --- • Task 2 Radius server: Authentication, Authorization, and Accounting for internal network. 1. Opening port in LAN network for radius server Switch(config)#int fa0/4 Switch(config-if)#no shutdown 2. Configuring authentication on branch router were radius server installed: Branch(config)#username Admin password abcdef Branch(config)#username shaikha password zayed Branch(config)#username noora password zayed2009 Branch(config)#radius-server host 172.30.1.12 Branch(config)#radius-server key radius Branch(config)#aaa new-model Branch(config)#aaa authentication login default group radius local Branch(config)#line con 0 Branch(config-line)#login authentication default 9/12/2014 Designed by Alya Alsaadi 10
Hardening procedures --- • Task 2 Radius server: Authentication, Authorization, and Accounting for internal network. • Result: 9/12/2014 Designed by Alya Alsaadi 11
Hardening procedures --- • Task 3 Physical security: Door locks, Cabinet locks 9/12/2014 Designed by Alya Alsaadi 12
Conclusion --- 5 9/12/2014 Designed by Alya Alsaadi 13
References --- Barreiro, A. (2011, October 26). A log review process for detecting security incidents. ITSecurity. Retrieved March 5, 2013, from www.techrepublic.com/blog/security/a-log-review-process- for-detecting-security- ncidents/6601Cisco , Inc. (2009). Cisco Router Guide.cisco. Retrieved March 7, 2013, fromwww.cisco.com/en/US/prod/collateral/routers/ps5855/prod_brochure0900aecd8019d c1f.pdf Cisco, ink. (2013). Official Linksys Support Site. Official Linksys Support Site. Retrieved March 7, 2013, from http://homesupport.cisco.com/en-us/support Cisco, s. (2013). Cisco 1760 Modular Access Router. cisco. Retrieved March 6, 2013, from www.cisco.com/warp/public/cc/pd/rt/1700/prod Cola, J. (n.d). Information and setwork security: The importance of network security and the types of security attacks. Retrieved from http://www.jackcola.org/learn/information-and-network- security/151-the-importance-of-network-security-and-the-types-of-security-attacks Cox, C. (n.d.). Hardening your router in 9 easy steps. SearchNetworking. Retrieved March 5, 2013, from http://searchnetworking.techt Router - History, Functionality and Manufacturers. (2004). ecommerce.insightin. Retrieved March 5, 2013, from http://ecommerce.insightin.com/network/router.html Sheldon, T. (2011). Route Aggregation.linktionary. Retrieved March 7, 2013, from www.linktionary.com/r/route_aggregation.ht Types of router. (2013). orbit-computer-solutions. Retrieved March 4, 2013, from http://www.orbit-computer- solutions.com/Types-of-Router.php arget.com/tip/Hardening-your-router-in-9-easy-steps 9/12/2014 Designed by Alya Alsaadi 14
THANK YOU FOR LISTENING DO YOU HAVE ANY QUESTIONS? 9/12/2014 Designed by Alya Alsaadi 15

Recommended

Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
Cisco Canada
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
guest575e9c
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewall
IT Tech
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
Harris Andrea
 
Mitigating worm attacks
Mitigating worm attacksMitigating worm attacks
Mitigating worm attacksdkaya
 
Ccna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 AnswersCcna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 Answers
ccna4discovery
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
CCNP Security-Secure
CCNP Security-SecureCCNP Security-Secure
CCNP Security-Securemohannadalhanahnah
 

Recommended

Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
Cisco Canada
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
guest575e9c
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewall
IT Tech
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
Harris Andrea
 
Mitigating worm attacks
Mitigating worm attacksMitigating worm attacks
Mitigating worm attacksdkaya
 
Ccna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 AnswersCcna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 Answers
ccna4discovery
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
CCNP Security-Secure
CCNP Security-SecureCCNP Security-Secure
CCNP Security-Securemohannadalhanahnah
 
Firewall
FirewallFirewall
Firewallthinkahead.net
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
Anwesh Dixit
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt
Sabreen Irfana
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Ciscoguestd05b31
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
Shah Sheikh
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
Ayoma Wijethunga
 
Windows network
Windows networkWindows network
Windows networkJithesh Nair
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
Alberto Rivai
 
Security tools
Security toolsSecurity tools
Security tools
Greater Noida Institute Of Technology
 
Palo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration LabPalo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration LabMykhaylo Skrypka
 
Network security
Network securityNetwork security
Network security
Fekadu Abera
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
Manish Kumar
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2
Mohamed Loey
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
CCNP Security-IPS
CCNP Security-IPSCCNP Security-IPS
CCNP Security-IPSmohannadalhanahnah
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)
Pace IT at Edmonds Community College
 
Security Measures
Security MeasuresSecurity Measures
Security MeasuresSyazzey Waniey II
 

More Related Content

What's hot

Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
Anwesh Dixit
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt
Sabreen Irfana
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
Shah Sheikh
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
Ayoma Wijethunga
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
Alberto Rivai
 
Security tools
Security toolsSecurity tools
Security tools
Greater Noida Institute Of Technology
 
Palo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration LabPalo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration LabMykhaylo Skrypka
 
Network security
Network securityNetwork security
Network security
Fekadu Abera
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
Manish Kumar
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2
Mohamed Loey
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 

What's hot (20)

Firewall
FirewallFirewall
Firewall
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
Windows network
Windows networkWindows network
Windows network
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
 
Security tools
Security toolsSecurity tools
Security tools
 
Palo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration LabPalo Alto VM-100 Configuration Lab
Palo Alto VM-100 Configuration Lab
 
Network security
Network securityNetwork security
Network security
 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2Computer Security - CCNA Security - Lecture 2
Computer Security - CCNA Security - Lecture 2
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
 
CCNP Security-IPS
CCNP Security-IPSCCNP Security-IPS
CCNP Security-IPS
 
Firewall
FirewallFirewall
Firewall
 

Viewers also liked

PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)
Pace IT at Edmonds Community College
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Application
edavid2685
 
Security Measure
Security MeasureSecurity Measure
Security Measuresyafiqa
 
Security measures (Microsoft Powerpoint)
Security measures (Microsoft Powerpoint)Security measures (Microsoft Powerpoint)
Security measures (Microsoft Powerpoint)ainizbahari97
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...
wosborne03
 

Viewers also liked (6)

PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)PACE-IT: Network Hardening Techniques (part 1)
PACE-IT: Network Hardening Techniques (part 1)
 
Security Measures
Security MeasuresSecurity Measures
Security Measures
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Application
 
Security Measure
Security MeasureSecurity Measure
Security Measure
 
Security measures (Microsoft Powerpoint)
Security measures (Microsoft Powerpoint)Security measures (Microsoft Powerpoint)
Security measures (Microsoft Powerpoint)
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...
 

Similar to Router hardening project.slide

OpenSIPS Workshop
OpenSIPS WorkshopOpenSIPS Workshop
OpenSIPS Workshop
Saúl Ibarra Corretgé
 
Securing the Helix Platform at Citrix
Securing the Helix Platform at CitrixSecuring the Helix Platform at Citrix
Securing the Helix Platform at Citrix
Perforce
 
NSA Capstone Presentation
NSA Capstone PresentationNSA Capstone Presentation
NSA Capstone PresentationMinh Vu
 
Architecture vulnerabilities in SAP platforms
Architecture vulnerabilities in SAP platformsArchitecture vulnerabilities in SAP platforms
Architecture vulnerabilities in SAP platforms
ERPScan
 
Network Securities.pptx
Network Securities.pptxNetwork Securities.pptx
Network Securities.pptx
atharkaleem2
 
Cloud native development without the toil
Cloud native development without the toilCloud native development without the toil
Cloud native development without the toil
Ambassador Labs
 
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
Daniel Bryant
 
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Cisco Russia
 
Successfully Interconnecting Data Centers
Successfully Interconnecting Data CentersSuccessfully Interconnecting Data Centers
Successfully Interconnecting Data Centers
Cisco Canada
 
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
Daniel Bryant
 
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
APNIC
 
Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi
Daniele Albrizio
 
Master Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS VillageMaster Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS Village
Chris Sistrunk
 
Dynamic Service Chaining
Dynamic Service Chaining Dynamic Service Chaining
Dynamic Service Chaining
Tail-f Systems
 
"How overlay networks can make public clouds your global WAN" by Ryan Koop o...
"How overlay networks can make public clouds your global WAN" by Ryan Koop o... "How overlay networks can make public clouds your global WAN" by Ryan Koop o...
"How overlay networks can make public clouds your global WAN" by Ryan Koop o...
Cohesive Networks
 
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Aptible
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptxCIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
Jeremy Brown
 
"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013
Ryan Koop
 
A Software Defined WAN Architecture
A Software Defined WAN ArchitectureA Software Defined WAN Architecture
A Software Defined WAN Architecture
Open Networking Summits
 

Similar to Router hardening project.slide (20)

OpenSIPS Workshop
OpenSIPS WorkshopOpenSIPS Workshop
OpenSIPS Workshop
 
Securing the Helix Platform at Citrix
Securing the Helix Platform at CitrixSecuring the Helix Platform at Citrix
Securing the Helix Platform at Citrix
 
NSA Capstone Presentation
NSA Capstone PresentationNSA Capstone Presentation
NSA Capstone Presentation
 
Architecture vulnerabilities in SAP platforms
Architecture vulnerabilities in SAP platformsArchitecture vulnerabilities in SAP platforms
Architecture vulnerabilities in SAP platforms
 
Network Securities.pptx
Network Securities.pptxNetwork Securities.pptx
Network Securities.pptx
 
Cloud native development without the toil
Cloud native development without the toilCloud native development without the toil
Cloud native development without the toil
 
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
 
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
 
Successfully Interconnecting Data Centers
Successfully Interconnecting Data CentersSuccessfully Interconnecting Data Centers
Successfully Interconnecting Data Centers
 
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
 
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
IBCAST 2021: Observations and lessons learned from the APNIC Community Honeyn...
 
Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi
 
Master Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS VillageMaster Serial Killer - DEF CON 22 - ICS Village
Master Serial Killer - DEF CON 22 - ICS Village
 
Dynamic Service Chaining
Dynamic Service Chaining Dynamic Service Chaining
Dynamic Service Chaining
 
"How overlay networks can make public clouds your global WAN" by Ryan Koop o...
"How overlay networks can make public clouds your global WAN" by Ryan Koop o... "How overlay networks can make public clouds your global WAN" by Ryan Koop o...
"How overlay networks can make public clouds your global WAN" by Ryan Koop o...
 
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptxCIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
 
"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013
 
A Software Defined WAN Architecture
A Software Defined WAN ArchitectureA Software Defined WAN Architecture
A Software Defined WAN Architecture
 

Recently uploaded

Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
Assignment_4_ArianaBusciglio Marvel(1).docx
Assignment_4_ArianaBusciglio Marvel(1).docxAssignment_4_ArianaBusciglio Marvel(1).docx
Assignment_4_ArianaBusciglio Marvel(1).docx
ArianaBusciglio
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
NelTorrente
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Dr. Vinod Kumar Kanvaria
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
goswamiyash170123
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Fresher’s Quiz 2023 at GMC Nizamabad.pptx
Fresher’s Quiz 2023 at GMC Nizamabad.pptxFresher’s Quiz 2023 at GMC Nizamabad.pptx
Fresher’s Quiz 2023 at GMC Nizamabad.pptx
SriSurya50
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
IreneSebastianRueco1
 
MERN Stack Developer Roadmap By ScholarHat PDF
MERN Stack Developer Roadmap By ScholarHat PDFMERN Stack Developer Roadmap By ScholarHat PDF
MERN Stack Developer Roadmap By ScholarHat PDF
scholarhattraining
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
Academy of Science of South Africa
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
ArianaBusciglio
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
Ashish Kohli
 

Recently uploaded (20)

Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
Assignment_4_ArianaBusciglio Marvel(1).docx
Assignment_4_ArianaBusciglio Marvel(1).docxAssignment_4_ArianaBusciglio Marvel(1).docx
Assignment_4_ArianaBusciglio Marvel(1).docx
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Fresher’s Quiz 2023 at GMC Nizamabad.pptx
Fresher’s Quiz 2023 at GMC Nizamabad.pptxFresher’s Quiz 2023 at GMC Nizamabad.pptx
Fresher’s Quiz 2023 at GMC Nizamabad.pptx
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
 
MERN Stack Developer Roadmap By ScholarHat PDF
MERN Stack Developer Roadmap By ScholarHat PDFMERN Stack Developer Roadmap By ScholarHat PDF
MERN Stack Developer Roadmap By ScholarHat PDF
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
Aficamten in HCM (SEQUOIA HCM TRIAL 2024)
 

Router hardening project.slide

  • 1. Hardening Router Project Alya Mabrouk Al Saadi 20090000 Noora M. Al Shehi 20090000 Shaikha M. Al Mulla 20090000 Instructor: Huwida Said CIT335-501 Spring 2013 9/12/2014 Designed by Alya Alsaadi 1
  • 2. Outline 2 Network Topology 3 Conclusion 5 References Project’s Objective Experimental procedures Hardening procedures 9/12/2014 Designed by Alya Alsaadi 2
  • 3. Project’s Objective--- • Securing routers • Combining security and networking concepts • Team work • Troubleshooting • Time management 2 9/12/2014 Designed by Alya Alsaadi 3
  • 4. Experimental procedures --- Hardware: Laptops Quantity : 4 Switches Quantity: 3 Routers Quantity: 3 Cables straight cables Quantity: 7 Cross-over cables Quantity: 2 serial cables Quantity: 2 console cables Quantity: 3 2 9/12/2014 Designed by Alya Alsaadi 4
  • 5. Experimental procedures --- 2 Software: Packet tracer Hyper Terminal 9/12/2014 Designed by Alya Alsaadi 5
  • 6. Network Topology --- 5 networks 4 PCs Class B & C IP address 3 Layer 2 devices “switches” 3 Layer 3 devices “ Routers” 3 9/12/2014 Designed by Alya Alsaadi 6
  • 7. Hardening procedures --- • Basic configuration • Task 1 Basic Access Control: console password, VTY and AUX password, • Task 2 Warning Banner: message of the day “MOTD” banner. • Task 3 disable Unnecessary Protocols and Services: • 3.1 - Disable Echo, Chargen and discard • 3.2- Disable finger • 3.3 - Disable the httpd interface • 3.4 - Disable ntp (if you are not using it) • Task 4 shutdown unused port in LAN and WAN network: 9/12/2014 Designed by Alya Alsaadi 7
  • 8. Enhanced Network Topology --- 7 networks 5 PCs Class B & C IP address 3 Layer 2 devices “switches” 3 Layer 3 devices “ Routers” 2 Servers 3 9/12/2014 Designed by Alya Alsaadi 8
  • 9. Hardening procedures --- • Task 1 Access control list ACL: HQ(config)#access-list 102 deny icmp any any echo HQ(config)#access-list 102 permit ip any any HQ(config)#int s0/0/1 Figure 13: Ping from PC4 to the webserver HQ(config-if)#ip access-group 102 in HQ(config-if)#int s0/0/0 HQ(config-if)#ip access-group 102 in • Result: Ping from PC4 to web server 9/12/2014 Designed by Alya Alsaadi 9
  • 10. Hardening procedures --- • Task 2 Radius server: Authentication, Authorization, and Accounting for internal network. 1. Opening port in LAN network for radius server Switch(config)#int fa0/4 Switch(config-if)#no shutdown 2. Configuring authentication on branch router were radius server installed: Branch(config)#username Admin password abcdef Branch(config)#username shaikha password zayed Branch(config)#username noora password zayed2009 Branch(config)#radius-server host 172.30.1.12 Branch(config)#radius-server key radius Branch(config)#aaa new-model Branch(config)#aaa authentication login default group radius local Branch(config)#line con 0 Branch(config-line)#login authentication default 9/12/2014 Designed by Alya Alsaadi 10
  • 11. Hardening procedures --- • Task 2 Radius server: Authentication, Authorization, and Accounting for internal network. • Result: 9/12/2014 Designed by Alya Alsaadi 11
  • 12. Hardening procedures --- • Task 3 Physical security: Door locks, Cabinet locks 9/12/2014 Designed by Alya Alsaadi 12
  • 13. Conclusion --- 5 9/12/2014 Designed by Alya Alsaadi 13
  • 14. References --- Barreiro, A. (2011, October 26). A log review process for detecting security incidents. ITSecurity. Retrieved March 5, 2013, from www.techrepublic.com/blog/security/a-log-review-process- for-detecting-security- ncidents/6601Cisco , Inc. (2009). Cisco Router Guide.cisco. Retrieved March 7, 2013, fromwww.cisco.com/en/US/prod/collateral/routers/ps5855/prod_brochure0900aecd8019d c1f.pdf Cisco, ink. (2013). Official Linksys Support Site. Official Linksys Support Site. Retrieved March 7, 2013, from http://homesupport.cisco.com/en-us/support Cisco, s. (2013). Cisco 1760 Modular Access Router. cisco. Retrieved March 6, 2013, from www.cisco.com/warp/public/cc/pd/rt/1700/prod Cola, J. (n.d). Information and setwork security: The importance of network security and the types of security attacks. Retrieved from http://www.jackcola.org/learn/information-and-network- security/151-the-importance-of-network-security-and-the-types-of-security-attacks Cox, C. (n.d.). Hardening your router in 9 easy steps. SearchNetworking. Retrieved March 5, 2013, from http://searchnetworking.techt Router - History, Functionality and Manufacturers. (2004). ecommerce.insightin. Retrieved March 5, 2013, from http://ecommerce.insightin.com/network/router.html Sheldon, T. (2011). Route Aggregation.linktionary. Retrieved March 7, 2013, from www.linktionary.com/r/route_aggregation.ht Types of router. (2013). orbit-computer-solutions. Retrieved March 4, 2013, from http://www.orbit-computer- solutions.com/Types-of-Router.php arget.com/tip/Hardening-your-router-in-9-easy-steps 9/12/2014 Designed by Alya Alsaadi 14
  • 15. THANK YOU FOR LISTENING DO YOU HAVE ANY QUESTIONS? 9/12/2014 Designed by Alya Alsaadi 15