Copyright 2001 - Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager

Slides:



Advertisements
Similar presentations
Netflow Data-Mining Techniques Chris Poetzel Argonne National Laboratory Scott Pinkerton.
Advertisements

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
Network Asset Management at Jefferson Lab Bryan Hess, Andy Kowalski, Brent Morris,
Wireless and Switch Security NETS David Mitchell.
University of Michigan Residence Halls Networking In-Room Student Registration System
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
BA 471 – Telecommunications and Networking Dr. V.T. Raja Oregon State University
AutoMAC: A Tool for Automating Network Moves, Adds, and Changes Christopher J. Tengi Princeton University.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.
COEN 252: Computer Forensics Router Investigation.
INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : ,
Network Registration and User Tracking An Open Source Approach Mark Berman Ashley Frost Williams College.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
CS 350 Chapter-5. Conn. devicesDescription HubConnect multiple network segments, doesn’t recognize frame, broadcast to all ports Repeater (hubs) Reamplify/regenerate.
EC4019PA Intrusion & Access Control Technology (IACT) Chapter 4- CAMS Prepared by Sandy Tay.
Managing DHCP. 2 DHCP Overview Is a protocol that allows client computers to automatically receive an IP address and TCP/IP settings from a Server Reduces.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.
Chapter Twelve Using TCP/IP on the Network. Objectives Here, we’ll examine how to configure TCP/IP. The concepts of subnetting will be examined in detail.
1 Chapter Overview Network devices. Hubs Broadcast For star topology Same as a repeater Operate at the physical layer 2.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
1 ISP Help Desk Working at a Small-to-Medium Business or ISP – Chapter 2.
Name Resolution Domain Name System.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.
Implementing Dynamic Host Configuration Protocol
Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.
Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.
Call Manager Basic Configuration Wael K. Valencia Community College.
COEN 252 Computer Forensics
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
1 Positioning Statement LinkRunner Network Multimeter An essential personal tool to quickly verify network connectivity and availability 1.
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
COEN 252 Computer Forensics Collecting Network-based Evidence.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.
1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang Networking Systems.
CIS 450 – Network Security Chapter 3 – Information Gathering.
University of Montana - Missoula Adam Ormesher & Chase Maier.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
CS 453 Computer Networks Lecture 21 Layer 3 Network Layer Network Layer of the Internet.
NUS.SOC.CS2105 Ooi Wei Tsang Application Transport Network Link Physical you are here.
Week 7 Objectives Installing a DHCP Server Role Configuring DHCP Scopes Managing a DHCP Database Securing and Monitoring DHCP.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—5-1 Module Summary  A WAN allows the transmission of data across broad geographic distances.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Information Flow Across the Internet. What is the Internet? A large group of computers that link together to form the Worldwide Area Network (WAN)
DSL-520B. What is a DSL-520B -ADSL2+ MODEM ROUTER -1 RJ-11 ADSL port, 1 RJ-45 10/100BASE-TX Ethernet LAN port with auto MDI/MDIX -Factory reset button.
Resnet Enhancements and Directions Part 1, Bruce Campbell, Information Systems and Technology.
Presented by Rebecca Meinhold But How Does the Internet Work?
Unit 2 - Hardware Networking. What is a network? A computer network is essentially a connection between two or more computers. This connection can be.
Network Management CCNA 4 Chapter 7. Monitoring the Network Connection monitoring takes place every day when users log on Ping only shows that the connection.
1 Objectives Discuss the basics of Dynamic Host Configuration Protocol (DHCP) Describe the components and processes of DHCP Install DHCP in a Windows Server.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)
Cisco Router Technology. Overview Topics :- Overview of cisco Overview of cisco Introduction of Router Introduction of Router How Router Works How Router.
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
Performing Troubleshooting Tasks with Response Point Response Point Troubleshooting Scenarios Joe Schurman Founder, Executive Director Evangelyze Communications,
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
CSE 461 Section. Port numbers for applications MAC addresses for hardware IP addresses for a way to send data in a smart, routable way.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Solving Real-World Problems with Wireshark
Chapter 2: Basic Switching Concepts and Configuration
Hiding Network Computers Gateways
Intro to Ethical Hacking
Allocating IP Addressing by Using Dynamic Host Configuration Protocol
Presentation transcript:

Copyright Scott Conti Tools that Work… …At Umass-Amherst Scott F. Conti Network Operations Manager

Copyright Scott Conti UMASS-Amherst Network Vital Statistics Class B network (umass.edu ) 142 buildings All 42 Residential buildings networked 8800 Residence hall connections (port-per-pillow) 5500 Academic building connections 900- Cisco 24 port Switches (1900 and 2900 series) 5 Cisco 6509 core switches, 2 Cisco 5500 switches 600 Off-campus dial-in modem lines (2) DS-3 (45mb/s) commodity Internet connections DS-3 - Internet2 connection

Copyright Scott Conti How do we find the port ? Lookup IP address in DHCP server logs Search switches for MAC address in switch CAM tables Lookup Jack activation record in Remedy database jacktrack database Netreg database (students) Verify correct jack check logs if necessary

Copyright Scott Conti Remedy Jacktrack system The Remedy AR (Action Request) system is used to manage all aspects of Jack activation for administrative jacks. Activates Switch ports immediately, or sends request to Cable Engineering for crosswiring. Support database lookups on any identifying field Provides real-time statistics on request processing. Allows movement of workflow through multiple departments.

Copyright Scott Conti Network Services Remedy Screen

Copyright Scott Conti Remedy Jacktrack Schema

#./quickfind searching for haml-198.res.umass.edu. ( ) Enet address for : 00:e0:98:02:4c:69 Checking if haml-198.res.umass.edu. is operating....host IS operating. 19XX, ignoring ports 25(AUI), 26(A), 27(B): 00:e0:98:02:4c:69 found on haml-sw-210-1, 21 getting room number from OIT/NSS Jack Tracking Building and Room: HAML 427 =========================================================== 1 Building : HAML 10 Switch Port : 21 2 Room Number : Jack Number : Jack Letter : C 5 Last Name : TUTHILL 6 First Name : RICK 7 Phone Number : UMAccess acct : tuthill 9 Name : haml-sw =========================================================== 1 Building : HAML 10 Switch Port : 13 2 Room Number : Jack Number : Jack Letter : D 5 Last Name : MISRA 6 First Name : CHRISTOPHER 7 Phone Number : UMAccess acct : crispy 9 Name : haml-sw =========================================================== IP address : Enet address: 00:e0:98:02:4c:69 Lease Starts: 1999/12/09 15:59:06; Lease Ends : 1999/12/14 15:59:06; Lease Client: "Mole"; #

Copyright Scott Conti Netreg Developed by Southwestern University Works by issuing a temporary “non-routable” DHCP lease until the user registers the MAC address of the machine. Spoofs all DNS queries to registration server. Once registered, user can obtain a normal DHCP issued IP address.

Copyright Scott Conti Netreg - Subnet Overview

Copyright Scott Conti Netreg – Subnet Details

Copyright Scott Conti Netreg - Lease Information

Copyright Scott Conti Netreg – User Information

Copyright Scott Conti Systool Systool is a web-front end that runs PERL scripts that parse the Cisco Log files. Router Tool – queries router logs Dialup Tool – queries AS5800 Access- server dial-in logs.

Copyright Scott Conti Systool – Router Tool Query

Copyright Scott Conti Systool – Router Tool

Copyright Scott Conti Systool – Router Tool Top Ten

Copyright Scott Conti Honeypot systems A Honeypot system is a deception tool that allows a cracker to attack a “vulnerable system”. The system can be a “real” or a “virtual” machine. (Straight Linux or UML) Intrusion Detection system sits nearby and logs hacking attempts. At Umass – we move our Honeypot around to different subnets. Check out -

Copyright Scott Conti Incident Database - Console

Copyright Scott Conti Incident Database – Query

Copyright Scott Conti Trend – Top Talkers

Copyright Scott Conti “The Packet of Shame”

Copyright Scott Conti Thank You ! Scott F. Conti University of Massachusetts-Amherst

Copyright Scott Conti SANS ECN – Emergency Communications Network ! If you are an amateur radio operator and interested in participating in the SANS Emergency Communications Network project - please talk to me at the break or send me at:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.