Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2001 - Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager

Published bySheena Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright 2001 - Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager"— Presentation transcript:

1 Copyright 2001 - Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager Scott@oit.umass.edu

2 Copyright 2001 - Scott Conti UMASS-Amherst Network Vital Statistics Class B network (umass.edu - 128.119) 142 buildings All 42 Residential buildings networked 8800 Residence hall connections (port-per-pillow) 5500 Academic building connections 900- Cisco 24 port Switches (1900 and 2900 series) 5 Cisco 6509 core switches, 2 Cisco 5500 switches 600 Off-campus dial-in modem lines (2) DS-3 (45mb/s) commodity Internet connections DS-3 - Internet2 connection

3 Copyright 2001 - Scott Conti How do we find the port ? Lookup IP address in DHCP server logs Search switches for MAC address in switch CAM tables Lookup Jack activation record in Remedy database jacktrack database Netreg database (students) Verify correct jack check Email logs if necessary

4 Copyright 2001 - Scott Conti Remedy Jacktrack system The Remedy AR (Action Request) system is used to manage all aspects of Jack activation for administrative jacks. Activates Switch ports immediately, or sends request to Cable Engineering for crosswiring. Support database lookups on any identifying field Provides real-time statistics on request processing. Allows movement of workflow through multiple departments.

5 Copyright 2001 - Scott Conti Network Services Remedy Screen

6 Copyright 2001 - Scott Conti Remedy Jacktrack Schema

7 #./quickfind 128.119.123.198 searching for haml-198.res.umass.edu. (128.119.123.198) Enet address for 128.119.123.198: 00:e0:98:02:4c:69 Checking if haml-198.res.umass.edu. is operating....host IS operating. 19XX, ignoring ports 25(AUI), 26(A), 27(B): 00:e0:98:02:4c:69 found on haml-sw-210-1, 21 getting room number from OIT/NSS Jack Tracking 000000000013649... Building and Room: HAML 427 =========================================================== 1 Building : HAML 10 Switch Port : 21 2 Room Number : 427 3 Jack Number : 4-1-21 4 Jack Letter : C 5 Last Name : TUTHILL 6 First Name : RICK 7 Phone Number : 5-9726 8 UMAccess acct : tuthill 9 Name : haml-sw-210-1 =========================================================== 1 Building : HAML 10 Switch Port : 13 2 Room Number : 427 3 Jack Number : 4-1-21 4 Jack Letter : D 5 Last Name : MISRA 6 First Name : CHRISTOPHER 7 Phone Number : 5-9721 8 UMAccess acct : crispy 9 Name : haml-sw-210-4 =========================================================== IP address : 128.119.123.198 Enet address: 00:e0:98:02:4c:69 Lease Starts: 1999/12/09 15:59:06; Lease Ends : 1999/12/14 15:59:06; Lease Client: "Mole"; #

8 Copyright 2001 - Scott Conti Netreg Developed by Southwestern University http://www.southwestern.edu/ITS/netreg/ Works by issuing a temporary “non-routable” DHCP lease until the user registers the MAC address of the machine. Spoofs all DNS queries to registration server. Once registered, user can obtain a normal DHCP issued IP address.

9 Copyright 2001 - Scott Conti Netreg - Subnet Overview

10 Copyright 2001 - Scott Conti Netreg – Subnet Details

11 Copyright 2001 - Scott Conti Netreg - Lease Information

12 Copyright 2001 - Scott Conti Netreg – User Information

13 Copyright 2001 - Scott Conti Systool Systool is a web-front end that runs PERL scripts that parse the Cisco Log files. Router Tool – queries router logs Dialup Tool – queries AS5800 Access- server dial-in logs.

14 Copyright 2001 - Scott Conti Systool – Router Tool Query

15 Copyright 2001 - Scott Conti Systool – Router Tool

16 Copyright 2001 - Scott Conti Systool – Router Tool Top Ten

17 Copyright 2001 - Scott Conti Honeypot systems A Honeypot system is a deception tool that allows a cracker to attack a “vulnerable system”. The system can be a “real” or a “virtual” machine. (Straight Linux or UML) Intrusion Detection system sits nearby and logs hacking attempts. At Umass – we move our Honeypot around to different subnets. Check out - http://project.honeynet.orghttp://project.honeynet.org

18 Copyright 2001 - Scott Conti Incident Database - Console

19 Copyright 2001 - Scott Conti Incident Database – Query

20 Copyright 2001 - Scott Conti Trend – Top Talkers

21 Copyright 2001 - Scott Conti “The Packet of Shame”

22 Copyright 2001 - Scott Conti Thank You ! Scott F. Conti University of Massachusetts-Amherst Scott@oit.umass.edu 413-545-9625

23 Copyright 2001 - Scott Conti SANS ECN – Emergency Communications Network ! If you are an amateur radio operator and interested in participating in the SANS Emergency Communications Network project - please talk to me at the break or send me Email at: N1LYW@ARRL.NET

Download ppt "Copyright 2001 - Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager"

Similar presentations

Netflow Data-Mining Techniques Chris Poetzel Argonne National Laboratory Scott Pinkerton.

Netflow Data-Mining Techniques Chris Poetzel Argonne National Laboratory Scott Pinkerton.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Network Asset Management at Jefferson Lab Bryan Hess, Andy Kowalski, Brent Morris,

Network Asset Management at Jefferson Lab Bryan Hess, Andy Kowalski, Brent Morris,
Wireless and Switch Security NETS David Mitchell.

Wireless and Switch Security NETS David Mitchell.
University of Michigan Residence Halls Networking In-Room Student Registration System

University of Michigan Residence Halls Networking In-Room Student Registration System
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
BA 471 – Telecommunications and Networking Dr. V.T. Raja Oregon State University

BA 471 – Telecommunications and Networking Dr. V.T. Raja Oregon State University
AutoMAC: A Tool for Automating Network Moves, Adds, and Changes Christopher J. Tengi Princeton University.

AutoMAC: A Tool for Automating Network Moves, Adds, and Changes Christopher J. Tengi Princeton University.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.

(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.

Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : 2597371,

INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : ,
Network Registration and User Tracking An Open Source Approach Mark Berman Ashley Frost Williams College.

Network Registration and User Tracking An Open Source Approach Mark Berman Ashley Frost Williams College.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
CS 350 Chapter-5. Conn. devicesDescription HubConnect multiple network segments, doesn’t recognize frame, broadcast to all ports Repeater (hubs) Reamplify/regenerate.

CS 350 Chapter-5. Conn. devicesDescription HubConnect multiple network segments, doesn’t recognize frame, broadcast to all ports Repeater (hubs) Reamplify/regenerate.
EC4019PA Intrusion & Access Control Technology (IACT) Chapter 4- CAMS Prepared by Sandy Tay.

EC4019PA Intrusion & Access Control Technology (IACT) Chapter 4- CAMS Prepared by Sandy Tay.
Managing DHCP. 2 DHCP Overview Is a protocol that allows client computers to automatically receive an IP address and TCP/IP settings from a Server Reduces.

Managing DHCP. 2 DHCP Overview Is a protocol that allows client computers to automatically receive an IP address and TCP/IP settings from a Server Reduces.

Similar presentations

Ads by Google