You are previewing Network Administrators Survival Guide.
O'Reilly logo
Network Administrators Survival Guide

Book Description

The all-in-one practical guide to supporting your Cisco network

  • Provides detailed tips for using freeware and open-source tools readily available from the Internet, including the reasons behind choosing a particular tool

  • Refer to a single source for common Cisco network administration issues

  • Dedicated section for network security aids administrators in effectively dealing with security issues

  • Deploy fully functional RADIUS and TACACS+ for servers for controlling access to Cisco devices

  • Deploy Linux- and Windows-based syslog servers to centrally collect syslog information generated by Cisco devices

  • Deploy Linux- and Windows-based network monitoring systems to monitor interface traffic through Cisco devices including routers, switches, VPN concentrators, and Cisco PIX® firewalls

  • Use the trending feature of network monitoring systems for long-term network analysis and capacity planning

  • Automatically detect and report configuration changes on Cisco IOS® Software-based devices and Cisco PIX firewalls

  • Deploy Cisco-based VPNs in mixed environments using Linux- and Windows-based VPN servers

  •  Network Administrators Survival Guide solves many common network administration problems by providing administrators with an all-in-one practical guide to supporting Cisco® networks using freeware tools. It is a single reference source that explains particular issues, their significance for administrators, and the installation and configuration process for the tools. The solutions are Cisco centric and provide detail not available in generic online information. Network Administrators Survival Guide emphasizes solutions for network managers and administrators of small to medium-sized businesses and enterprises.

    Each chapter is broadly based on a network administration function, starting with an overview of the topic, followed by the methodology involved to accomplish that function. This includes the tools available, why they are the right choice, and their installation, configuration, and usage methods. For any given function, Network Administrators Survival Guide covers both Windows- and Linux-based tools as appropriate. Most of the Windows-based tools offer the advantage of GUI for ease of use, whereas the Linux-based tools are command-line based and can be used in automated scripts. Both are significant for network administrators.

    Based on author Anand Deveriya’s extensive field experience, this practical guide to maintaining Cisco networks will save you significant time and money. Any network administrator—beginner or advanced—will find this book useful. The solutions to practical aspects of network administration make Network Administrators Survival Guide a must-have reference for supporting your Cisco network.

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Author
    3. About the Technical Reviewers
    4. Acknowledgments
    5. Icons Used in This Book
    6. Command Syntax Conventions
    7. Introduction
    8. Objectives
    9. Who Should Read This Book
    10. How This Book Is Organized
    11. I. Basic Network Administration
      1. 1. Cisco Device Installation
        1. Introduction
        2. Connecting to Cisco Devices for Configuration
          1. Local Connection Using a Console Interface
            1. Using Windows-Based Console Tools
            2. Using Linux-Based Console Tools
              1. Minicom for Console Connections
              2. Using cu for Console Connections
              3. Using GtkTerm for Serial Communications
          2. Remote Connection Using Telnet
          3. Automating Tasks Using Macros
            1. Windows-Based Macro Tool
            2. Linux-Based Macro Tools
              1. Macros in Minicom
              2. Macros in GtkTerm
        3. Securing Remote Connections to Cisco Devices Using Secure Shell (SSH)
          1. Cisco Device Configuration for SSH
          2. SSH Client Installation
            1. Windows-Based SSH Client: PuTTY
            2. Windows-Based SSH Client: SSH Secure Shell Client
            3. SSH Using the Linux Client
            4. SSH Using the Cisco IOS Device as an SSH Client
        4. Configuring Cisco Devices Using GUI Tools
          1. HTTP Interface for IOS-Based Devices
            1. Enabling IOS for HTTP
            2. Connecting to the Router Home Page
          2. PIX Device Manager
            1. Enabling PDM Access on the Cisco PIX Firewall
            2. Connecting to the PDM Through the Browser
          3. Security Device Manager
          4. Other GUI Tools for Configuring Cisco Devices
        5. Managing System Files
          1. File Management Using a TFTP Server
            1. Configuring Windows-Based TFTP Servers
            2. Configuring Linux-Based TFTP Servers
            3. Configuring Cisco IOS-Based TFTP Servers
          2. Configuring Cisco Devices to Use TFTP
          3. Using an FTP Server for File Management
            1. Configuring Windows-Based FTP Servers
              1. Installing the IIS Server
              2. Configuring FTP Services on the IIS Server
            2. Configuring Linux-Based FTP Servers
            3. Configuring Cisco Devices to Use FTP
        6. Summary
      2. 2. Basic Network Connectivity
        1. Basics of Network Monitoring Tools: ping and traceroute
          1. Verifying Network Connectivity Using ping
            1. Using the MS-Windows-Based ping Command
              1. Verifying Basic Network Connectivity with the ping Command
              2. Inaccurate Results of the ping Command
                1. Timeout Value of the Windows ping Command
                2. MTU Value of the Link
              3. Using Continuous ping for Extended Monitoring
              4. Using the ping Command for Name Resolution
            2. Using the Linux-Based ping Command
              1. A Continuous ping Command for Basic Connectivity
              2. Using Limited ping for Basic Connectivity Testing
              3. Using ping for MTU Testing
            3. Using the IOS-Based ping Command
              1. User Mode ping Command
              2. Privileged Mode ping Command
              3. Continuous ping
              4. Using ping for MTU Testing
            4. Other OS-Based Variations of ping
              1. fping
              2. hping
              3. SmokePing
            5. Network Troubleshooting Steps Using ping
          2. Verifying Network Connectivity Using traceroute
            1. Using the MS-Windows-Based tracert Command
              1. Using tracert for Basic Tracing
              2. Inaccurate Results of the tracert Command
            2. Using the Linux-Based traceroute Command
              1. Interpreting the Output of traceroute
              2. traceroute Fails Even If the Host Is Up
            3. Using the IOS-Based traceroute Command
              1. User Mode traceroute Command
              2. Privileged Mode traceroute Command
        2. Case Study: Using ping and traceroute to Isolate a BGP Meltdown Emergency
          1. Observation
          2. Conclusions
          3. Actions
        3. Advanced Network Connectivity Testing Tools
          1. Using whois Lookup for Domain Registration Information
          2. Using nslookup to Find DNS Information
            1. Using the MS-Windows–Based nslookup Tool
            2. Using the Linux-Based nslookup /dig Tool
          3. Using netstat for Port and Connection Information
            1. Using the MS Windows—Based netstat Command
              1. Using the Windows netstat Command to Display Active Connections
              2. Using the Windows netstat Command to Display All Connections
              3. Using the Windows netstat Command to Display Network Statistics
              4. Using the Windows netstat Command to Display a Routing Table
            2. Using the Linux-Based netstat Command
              1. Using the Linux netstat Command to Display Active Connections
              2. Using the Linux netstat Command to Display All Connections
              3. Using the Linux netstat Command to Display Ethernet Network Statistics
              4. Using the Linux netstat Command to Display Network Statistics
              5. Using the Linux netstat Command to Display a Routing Table
          4. Using the MS-Windows nbtstat Command to Trace MAC Addresses and Network Details
          5. Using the arp Command to Trace Layer 2 Issues
        4. Summary
      3. 3. Access Control
        1. Overview of AAA Technology
          1. TACACS+
          2. RADIUS
          3. RADIUS and TACACS+ Comparison
        2. Using TACACS+ for AAA
          1. Deploying a Linux-Based TACACS+ Server
            1. Downloading the Installation Files
            2. Installing the TACACS+ Daemon
            3. Configuring the Text File
              1. Configuring the Encryption Key
              2. Configuring Default Authentication
              3. Configuring Groups
              4. Configuring Users
              5. Configuring the Password (User Authentication)
              6. Configuring Expiration Dates
              7. Configuring Service Authorization
              8. Configuring Command Authorization
              9. Configuring Accounting
              10. Verifying the Configuration File
            4. Starting the TACACS+ Daemon
            5. Viewing Debug Messages
            6. Additional Configuration Templates
              1. Configuring Unknown Users
              2. Configuring Session Timeout
          2. Configuring Cisco Routers for TACACS+
            1. Step 1: Preparing the IOS Device for AAA
            2. Step 2: Configuring Authentication
            3. Step 3: Configuring Authorization
            4. Step 4: Configuring Accounting
          3. Configuring a Cisco Switch for TACACS+
            1. Step 1: Preparing the Switch for AAA
            2. Step 2: Configuring Authentication
            3. Step 3: Configuring Authorization
            4. Step 4: Configuring Accounting
          4. Configuring Cisco PIX Firewalls for TACACS+
          5. Configuring a Cisco VPN Concentrator for TACACS+
        3. Using RADIUS for AAA
          1. Deploying a Linux-Based RADIUS Server
            1. Installing the FreeRADIUS Server
            2. Configuring the FreeRADIUS Server
              1. /etc/raddb/clients.conf File
              2. /etc/raddb/users File
              3. /etc/raddb/radiusd.conf File
              4. /etc/raddb/dictionary File
              5. /etc/raddb/acct_users File
            3. Running the FreeRADIUS Server
          2. Configuring a Microsoft IAS Server as a RADIUS Server
            1. Installing the Microsoft IAS-Based RADIUS Server
            2. Configuring the Microsoft IAS-Based RADIUS Server
              1. Adding the Clients
              2. Configuring Remote-Access Policies
              3. Configuring Accounting Parameters
          3. Configuring a Cisco Router for RADIUS
          4. Configuring a Cisco Switch for RADIUS
          5. Configuring Cisco PIX Firewalls for RADIUS
        4. Commercial Products
        5. Summary
      4. 4. Using Syslog
        1. Overview of Syslog
          1. Facility
          2. Severity
          3. Hostname
          4. Timestamp
          5. Message
        2. Deploying Syslog Servers
          1. Deploying the Default Syslog Daemon
            1. Configuring the Syslog Daemon
            2. Running the Syslog Daemon
          2. Deploying a Linux-Based Syslog-ng Server
            1. Installing the Syslog-ng Daemon
            2. Configuring the Syslog-ng Daemon
              1. Options
              2. Source
              3. destination
              4. filter
              5. log
            3. Starting the Syslog-ng Daemon
            4. Viewing the Logs
          3. Configuring a Windows-Based Syslog Server
            1. Installing the Syslog Server
            2. Configuring the Syslog Server
            3. Starting the Syslog Server
            4. Viewing Messages on the Syslog Server
          4. Securing Syslog Servers
        3. Configuring Cisco Devices to Use a Syslog Server
          1. Configuring Cisco Routers for Syslog
          2. Configuring a Cisco Switch for Syslog
          3. Configuring a Cisco PIX Firewall for Syslog
          4. Configuring a Cisco VPN Concentrator for Syslog
        4. Commercial Cisco Products
        5. Summary
    12. II. Network Management Systems (NMS)
      1. 5. Monitoring Network Availability
        1. Network-Monitoring Fundamentals
          1. Network-Monitoring Terms
            1. Service-Level Agreement
            2. Mean Time to Repair
            3. Mean Time to Respond
            4. Mean Time Between Failure
            5. Availability
            6. Five Nines
          2. Network-Monitoring Techniques
        2. Deploying a Network-Monitoring System
          1. Deploying a Linux-Based Big Brother Network-Monitoring System
            1. Installing Big Brother in Linux
            2. Configuring Big Brother Using the Text Files
            3. Running the Big Brother Server
            4. Tips for Advanced Users
              1. Change Notification Interval
              2. Sending E-Mail Notifications
              3. Increasing Performance
              4. Monitoring Additional Services
              5. Improving Scalability
              6. Creating Hyperlinks for Node Information
          2. Deploying a Windows-Based Big Brother Network-Monitoring System
            1. Installing Big Brother in Windows
            2. Configuring Big Brother
              1. bb-hosts.cfg File
              2. bb-def.cfg File
              3. bbskin-eng.cfg File
              4. bbskin-fra.cfg File
              5. bbwarnrules.cfg File
              6. bb warnsetup.cfg File
              7. security.cfg File
            3. Running the Big Brother Server
          3. Deploying Nagios for Linux-Based Network Monitoring
            1. Nagios Installation
            2. Nagios Configuration
              1. Editing the /etc/nagios/hosts.cfg File
              2. Editing the /etc/nagios/services.cfg File
              3. Editing the /etc/nagios/hostgroups.cfg File
              4. Editing the /etc/nagios/contactgroups.cfg File
              5. Editing the /etc/nagios/contacts.cfg File
            3. Running Nagios
            4. Notes for Advanced Nagios Use
        3. Adding Redundancy and Security to Network-Monitoring Systems
        4. Commercial Cisco Products
        5. Summary
      2. 6. Network Performance Monitoring
        1. Performance-Monitoring Overview
        2. Deploying Network Performance-Monitoring Tools
          1. Deploying a Linux-Based Performance-Monitoring System—MRTG
            1. Installing MRTG
            2. Configuring the MRTG
            3. Understanding the cfgmaker Tool
              1. Understanding the mrtg.cfg File
              2. Understanding the indexmaker Tool
            4. Running MRTG
          2. Deploying a Windows-Based Performance-Monitoring System—MRTG
        3. Performance and Scalability Enhancements
          1. RRDTool
          2. Cricket
          3. Deploying a Windows-Based Performance-Monitoring System—Cacti
            1. Installing Cacti
            2. Configuring Cacti
            3. Running the Cacti Server
        4. Configuring Cisco Devices for Performance Monitoring
          1. Enabling the SNMP Agent on Cisco Routers
          2. Enabling the SNMP Agent on Cisco Switches
          3. Enabling the SNMP Agent on a Cisco PIX Firewall
          4. Enabling the SNMP Agent on Cisco VPN 3000 Concentrators
          5. Securing SNMP
        5. Commercial Cisco Offerings
        6. Summary
    13. III. Security
      1. 7. Network Security Testing
        1. Network Security Testing Overview
        2. Bootable CD-ROM–Based Tool Kits
        3. Network Scanners
          1. Nmap Scanner
            1. Scanning a Network
            2. Scanning TCP Ports
            3. Scanning UDP Ports
            4. Scanning a Port Range
            5. Scanning Common Ports
            6. Remote OS Detection
            7. Detailed Outputs
          2. Nessus Scanner
            1. Running the Nessus Server and Client
            2. Generating Nessus Reports
            3. A Word of Caution about Nessus
        4. Packet Analyzers
          1. Preparing the Network
            1. SPAN for CatOS Switches
            2. SPAN for IOS Switches
          2. Using Packet Analyzers
            1. Tcpdump
              1. Understanding Tcpdump Output
              2. Tcpdump Examples
            2. Ethereal
              1. Starting a Capture Session to Collect Packets
              2. Viewing the Captured Packets
              3. Filtering the Output
              4. Saving the Captured Files
              5. Reassembling TCP Packets
        5. Summary
      2. 8. Router and Switch Security
        1. Router and Switch Security Overview
          1. Securing Cisco Routers
            1. Cisco Router Passwords
              1. Decrypting Type 7 Passwords
              2. Decrypting Type 5 Passwords
            2. Unneeded Services Running on Cisco Routers
            3. Protocol and OS Vulnerabilities
            4. IOS Configuration Errors: Audit Using RAT
              1. Installing RAT
              2. Configuring RAT
              3. Running RAT
              4. Auditing Multiple Configurations
              5. Auditing Live Routers
            5. IOS Configuration Errors: Audit Using SDM
              1. Deploying SDM on Cisco Routers
                1. Configuring SDM
                2. Launching SDM to Use the Security Audit Tools
              2. Using the SDM-Based Security Audit Tools
                1. Using the Security Audit Wizard for Router Security
                2. Using One-Step Lockdown for Router Security
          2. Best Practice Recommendations
        2. Summary
      3. 9. Intrusion Detection System (IDS)
        1. IDS Overview
          1. IDS Classification
          2. IDS Placement
        2. IDS Tools
          1. Snort
            1. Deploying Linux-Based Snort
              1. Installing Snort
              2. Configuring Snort
              3. Running Snort
              4. Viewing Snort Alerts
            2. Deploying MS-Windows–Based Snort
              1. Installing Snort
                1. Installing Snort
                2. Installing the WinPcap Driver
              2. Configuring Snort
              3. Running Snort
              4. Viewing Snort Alerts
            3. Snort for Advanced Users
          2. Rancid
            1. Deploying Rancid
              1. Installing Rancid
              2. Configuring Rancid
              3. Testing Rancid Configurations
              4. Automating Rancid Through crontab
              5. Obtaining Rancid E-Mail Output
        3. IDS Sensors Using Common Cisco Devices
          1. Router IDSs
            1. Configuring an IOS-Based IDS Sensor
            2. Verifying the Configuration
            3. Monitoring the Network
          2. PIX IDSs
            1. Configuring a PIX-Based IDS Sensor
            2. Verifying Sensor Configuration
            3. Monitoring the Network
        4. Commercial Cisco Products
        5. Summary
      4. 10. Virtual Private Networks (VPN)
        1. VPN Overview
          1. IPSec Overview
            1. Protocol and Algorithm
            2. IPSec Components
            3. IPSec Operation Steps
            4. IPSec Modes: Tunnel Versus Transport
        2. Linux-Based VPNs
          1. OpenSWAN
            1. Deploying OpenSWAN
              1. Verifying Prerequisites
              2. Installing the OpenSWAN Files
              3. Editing the Configuration Files
                1. ipsec.conf File
                2. ipsec.secrets File
              4. Running the OpenSWAN Server
              5. Troubleshooting the OpenSWAN Server
          2. Interoperating OpenSWAN with Cisco IOS
            1. IOS Configuration Tasks
              1. Step 1: Determine the Security Policies
              2. Step 2: Configure the IKE Parameters
              3. Step 3: Configure the IPSec Parameters
              4. Step 4: Monitor and Troubleshoot
            2. Case Study—IOS and OpenSWAN VPN with Preshared Keys
              1. IOS Configuration
              2. Monitoring and Troubleshooting
          3. Interoperating OpenSWAN with a Cisco PIX Firewall
            1. PIX Configuration Tasks
              1. Configuration Commands
              2. Monitoring and Troubleshooting Commands
            2. Case Study: PIX Firewall and OpenSWAN VPN with Preshared Keys
          4. Interoperating OpenSWAN with a Cisco VPN Concentrator
            1. Case Study: VPN 3000 Concentrator and OpenSWAN VPN with Preshared Keys
              1. VPN 3000 Concentrator Configuration
              2. Monitoring the VPN 3000 Concentrator
        3. Windows-Based VPNs
          1. Windows/Cisco Interoperability
            1. Deploying IPSec on Windows
              1. Prerequisites
              2. Configuration
                1. Step 1: Create an IPSec Policy
                2. Step 2: Identify Interesting Traffic Using Filter Lists
                3. Step 3: Configure Phase 2 Parameters
                4. Step 4: Configure Phase 1 (IKE) Parameters
                5. Step 5: Assign the IPSec Policy to the Windows Gateway
              3. Monitoring and Troubleshooting
                1. Services Console
                2. IP Security Monitor
                3. Event Viewer
            2. Deploying IPSec on Cisco Devices
        4. Summary
    14. IV. Network Documentation
      1. 11. Documentation Tools: Network Diagrams
        1. Network Diagram Overview
          1. Topology
          2. File Formats
          3. Features
        2. Linux-Based Graphic Design Tools
          1. Deploying Dia
          2. Creating Diagrams with Dia
            1. Adding Icons
            2. Connecting Icons
            3. Removing a Connection
            4. Adding a Text Box
            5. Inserting an Ethernet Backbone
            6. Exporting the Diagram as a JPEG Image
            7. Adding a New Icon to the Stencil
          3. Viewing Sample Dia Diagrams
        3. Windows-Based Graphic Design Tools
          1. Deploying Network Notepad
          2. Creating Diagrams in Network Notepad
            1. Adding Icons
            2. Connecting Icons
            3. Removing a Connection
            4. Adding a Host Name and IP Address Information
            5. Adding Text
            6. Adding an Ethernet Backbone
            7. Exporting the Diagram as a .bmp Image
            8. Adding New Icons to the Library
          3. Viewing Sample Diagrams Created by Network Notepad
        4. What’s Next
        5. Summary