xxxxxx

Unit 5 Assignment B

Data Networks (NT242)

xxxxx

Table of Contents
Assignment Description....................................................................................................3
Completed Assignment.....................................................................................................4
References.........................................................................................................................7

Assignment Description
Case Project 6-1 (Network+ Guide To Networks, p.290)
You've just been hired at ConnectSpree, a small but growing Internet service provider.
One of your first goals is to learn about the networkthat is, to determine its physical
and logical topologies, access method, throughput rates, type of equipment, and the way
this equipment is interconnected. Although you don't yet have an access card that will let
you into the secure telco rooms and equipment rooms, you do have permission to log on
to the routers and switches. Given what you learned in this chapter and in previous
chapters, what kind of network information can you glean from issuing commands on a
router or switch? What kind of information could you obtain from issuing commands on
your workstation that's connected to this network? What kind of information do you
suppose would not be evident unless you could physically access the network hardware?

Completed Assignment
First off, this scenario is completely unrealistic. If you took a job with a small company,
an ISP of all types, and they turned you loose to peruse their networks, theyd be crazy.
Instead, I venture theyd probably give you their topology documents, specification
sheets, and turn you loose on those for a day or two. Theyd probably have you
following around another, more experienced network engineer as well. Then theyd set
you to work dealing with smaller customer issues and work up from there. Now, if the
above described scenario were true and you started a job where they gave you full access
to the routers and switches, but not the server rooms, then perhaps the entire networking
team got hit by a bus on the same day, but they found someones admin password, but
not the key to the rooms. They pulled you, a novice, off the street in desperation, and
now youre faced with a job from Hell. Everyones hard drives are encrypted, so you
cant view any spec docs, topologies, etc. Honestly, would you take this kind of job? Id
run away like a scared jackrabbit bounding for his life.
Ok, with that said, trying to defy reality and trying to address what is really being asked
of me in this project, lets proceed.
Each manufacturers routers/switches are a bit different, but Cisco methodology has been
more universally accepted than others. Cisco is probably the default, most trusted, and
most relied upon for networking solutions primarily because less expensive alternatives
have had too many security issues over time. Also, dont even touch Huwei or Nortel.
They are riddled with backdoors. For this exercise Ill be referring as much generic
commands as possible, but with a prejudice towards Cisco methodology.
1.

When you log into the switch/router, preferably in user-exec mode as much as
possible so no changes can be made, but exec will be required for many of these.
You can perform many different commands to glean information. Some
commands to use to learn about the router would include:
a. Status: [#show running-configuration] : Displays the current configuration
being run on the switch/router.
b. Version/Firmware: [#show version] : This would tell you the model of the
router, firmware version, and types of connections available.
c. MAC Address Table: [#show mac-address-table] : This command gives
you the mac address of connections to the switch.

d. Routing table: [#show ip route] : This command gives you the routing
table of the router and status of those routes, whether they are in use, idle,
or dead.
e. ARP (Address Resolution Protocol) Tables: There are many ARP
commands, but two most useful in this situation would be [#show arp] and
[#show arp traffic]. These would allow you to view traffic stats and
connections. Keep in mind that depending on the layer of the
router/switch, you may need to use both b and d to get a clear picture of
connections.
f. Filter Entries: You can use the #show command to limit the results to
certain ports, mac addresses, etc. This will help you view only relevant
information. You can also use the #more command.
g. Packet Counts: Using the EPC (Embedded Packet Capture) tool, you can
capture network traffic passing through. You can even store the contents
and analyze it using tools like WireShark. The commands include:
[monitor capture buffer] and [monitor capture point], with many additional
parameters to include.
h. Port Characteristics: [#show interfaces] : This command allows you to
view characteristics from a specific interface or all interfaces. You can
check a port range as well.
i. Nmap: This is a tool you can install on your machine, to map out a
network. It probes for vulnerabilities as well. Some features include Host
Discovery, Port Scanning, Version Detection, OS Detection, and also
scriptable interaction with a target.
2. Basically all information passing through the router/switch could be viewed or
analyzed.
3. You could view certain information from the workstation you are on. Using the
command prompt you can perform the following:
a. Ping: You can use the [ping IP] to determine if the destination address is
reachable and how long it takes to get there.

b. Traceroute: Using [tracert IP] from the command prompt will let you
detect the route the connection is using to get to it.\
c. Telnet: If telnet is turned on, you can [telnet IP PORT] into a destination.
d. NSlookup: Use this tool to query information about the DNS
infrastructure.
4. Information you could view remotely would include:
a. Wiring: How things are wired and if it is logical, optimally utilized, etc.
These would need to be viewed from inside the room.
b. Connections: Determining which cables are connected where on the
switch/router would also need to be determined from inside the room in
most cases.
c. Configuration: The layout of the switches/routers, their locations, if they
are optimally placed, etc would need to be observed from the room.
d. Conditions: The temperature in the room, conditions for ventilation, etc
would need to be observed from the room.
e. Location: Determining the location of resources for any topology map is
important. Youd need to track down its geographic location in the
building, then its physical location in the room.

References
Catalyst 3750-X and 3560-X Switch Software Configuration Guide.
(http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/1
2.2_58_se/configuration/guide/swint.pdf)
Connectivity Testing with Ping, Telnet, Trace Route, and NSlookup.
(http://help.newtekwebhosting.com/KB/a1757/connectivity-testing-with-ping-telnettrace-route-nslookup.aspx)
Davis, David, July 2006, 10 commands you should master when working with the Cisco
IOS. (http://www.techrepublic.com/article/10-commands-you-should-master-whenworking-with-the-cisco-ios/)
Wikipedia, Nmap Wikipedia. (http://en.wikipedia.org/wiki/Nmap)