ITCwiki - User contributions [en]

Main Page

2012-03-15T21:56:24Z

Ckherman1:

<big>'''Welcome to the CNT Wiki'''</big>

To prevent spam on this wiki we require user account creation to create and edit pages.

<span style="font-size: 600%; line-height: 100%"><span style="color: red">ATTENTION ALL CNT STUDENTS:</span> Please complete our [https://ihcc.us2.qualtrics.com/SE/?SID=SV_1EWAAmoUsrVN0Co Farticulation survey] by Friday, March 36!</span>

==Program Information==

* [[Open Lab Schedule|Open lab schedule]] for the current semester.
* [[Certification Information]]
* [[Current Student FAQ|Current Student Frequently Asked Questions]]
* [[CNT Course Guide]]
* [http://www.inverhills.edu/departments/cnt/outcomes.aspx Network Technology & Security AAS & Certificates]
* [http://www.inverhills.edu/departments/cis/outcomes.aspx Microcomputer Software Support Specialist AAS & Certificates]
* [[Network Technology & Security Course Sequencing|Network Technology & Security Sample Course Sequencing]]
* [[ITC Course Credit Equivalency for IT Exams]]
* [[About the CNT Department and Programs]]
* [[IT Career Assessments]]
* [[IT Career Links]]
* [[Information for CNT Instructors]]

== Course Information ==
=== Courses taught by [[User:BenFranske|Dr. Ben Franske]] ===
==== Operating Systems ====
* [[Franske CNT-2311|CNT 2311: Administering Linux Operating Systems]]
* [[Franske CNT-2451|CNT 2451: Windows Operating Systems]]
* [[Franske CNT-2453|CNT 2453: Windows Server Network Infrastructure]]
==== Networking ====
* [[Franske CNT-2510|CNT 2510: Networking Essentials (CCNA 1)]]
* [[Franske CNT-2520|CNT 2520: Network Routers and Routing Fundamentals (CCNA 2)]]
* [[Franske CNT-2530|CNT 2530: Switching Fundamentals and Intermediate Routing (CCNA 3)]]
* [[Franske CNT-2540|CNT 2540: Wide Area Network Technologies (CCNA 4)]]
* [[Franske CNT-2612|CNT 2612: CCNP 1 Network Switching]]

==== Security ====
* [[Franske CNT-2820|CNT 2820: Information Systems Security Fundamentals]]
* [[Franske CNT-2831|CNT 2831: Implementing Cisco IOS Network Security (CCNA Security)]]
==== Other Classes ====
* [[Franske CNT-2189|CNT 2189: Internship Information Technology]]
* [[Franske CNT-2250 CCDA|CNT 2250: Special Topics in CNT - CCDA Independent Study]]
* [[Franske CNT-2300|CNT 2300: PC Hardware and Software (A+)]]
* [[Franske CNT-2722|CNT 2722: Building the Foundation to IP Telephony]]

==== Other Information ====
* [[Franske Book List|Book List]]
* [[Franske Current Student Projects|List of class projects currently being worked on by students]]

== Technical Information ==
=== Networking Equipment ===
* [[Password Recovery and Device Reset Procedures]]
* [[Router Documentation]]
* [[Switch Documentation]]
* [[Vyatta|Using the Vyatta open source routing platform]]
* [[Networking cables]]
* [[Cisco Wireless Access Points|How to configure Cisco 1200 and 1242 series access points]]
* [[CNT Network Design & Useage]]

=== Operating Systems ===
* [[Introduction to DOS]] - Work In Progress

===Virtual Machines===
* [[VMWare Setup|Instructions for creating VMWare machines from the CNT template]]
* [[VirtualBox Startup Script|Instructions for creating a VirtualBox startup script to save VMs in specific location]]

===Wiki Help===
* [http://en.wikipedia.org/wiki/Wikipedia:Tutorial Wikipedia Tutorial]
* [http://meta.wikimedia.org/wiki/Help:Editing Editing Help]
* [http://en.wikipedia.org/wiki/Wikipedia:Cheatsheet Wiki Markup Cheatsheet]
* [http://en.wikipedia.org/wiki/Help:Wikipedia:_The_Missing_Manual Wikipedia: The Missing Manual]
* [http://www.mediawiki.org/wiki/Help:Formatting Formatting instructions]

== Lab Information==
* [[Tasks for student lab assistants|List of tasks for student lab assistants]]

== Software Resources ==
* [http://msdn08.e-academy.com/inverhills_CNT MSDN Academic Alliance] (Microsoft Software, requires IHCC login)
* [http://info.inverhills.edu/eacademy/eacademyvmware.asp VMware eAcademy] (VMware Software, requires IHCC login)
* [https://learningnetwork.cisco.com/community/connections/games Cisco Online Games]

Franske Current Student Projects

2012-02-29T20:36:58Z

Ckherman1: /* CNT 2612 */

=SPRING 2012=
==CNT 2612==
*STP Study Guide - Kevin M.
* Reformating Wiki Course Guide - Billy A. & Matt M.
* Asterisk Configuration C.Hermanson
* Implementing QOS on a multilayer switch M.Luger

==CNT 2311==
*

==CNT 2831==
*

=FALL 2011=
==CNT 2520==
* Routing Protocol Comparison Chart & Configuration Instructions - John Cocchiarella, Tyler Grey
* IPv6 Routing Protocol Configurations - David Favilla, Christopher Abel
* GPON Gigabit Passive Optical Networks (ITU-T G.948) - Jesse Thorpe
* Exam Question Formatting - Josh K.

==CNT 2540==
* Enterprise Network Case Study and Diagramming - Christopher Moosbrugger
* Update CCNA 4 SDM Labs to CCP Labs - Billy & Matt
* Ethernet Link Aggregation - Monique
* IPv6 Over IPv4 Tunnel - Clay & Curt

==CNT 2722==

==CNT 2820==
* Pen Testing and ethics - Curt H. and Byron S.

=SPRING 2011=
==CNT 2510==
* List of resources that correspond to chapter for self study - John Cocchiarella

==CNT 2520==
* Add to and update [[Intro to IPv6]]
* Create router/switch reference guide for CCNA 1 students
* Update VirtualBox startup script and create instructions for moving VMs between home and school with new version of Virualbox

==CNT 2530==
* De-tableize [[Franske CNT-2510 SP10 Schedule]] and add chapter topics
* Create detailed instructions for clearing the configurations (invluding VLANs) for the [[Switch Documentation]] and [[Router Documentation]] pages

==CNT 2612==
* CatOS Guide, comparison to IOS - Mike Kaschner, Nouthou Vang, Mark Benolken

=FALL 2010=
==CNT 2311==
* [[Understanding Linux Permission Sets]] - Casey McBride
* [[How to Setup NAT|NAT with a Linux System]] - Tsega Terefe
* Alphabetical Linux Command List - Don Bliss
* Linux vs. Windows 7 vs. Mac OS X - Andrew Westin

==CNT 2540==
* Lab Maintenance - Samuel Francis
* Update/Correct Frame Relay and ISDN Labs - Adam Nelson & Dan Martin

Franske Current Student Projects

2012-02-29T20:30:56Z

Ckherman1: /* Asterisk configuration */

=SPRING 2012=
==CNT 2612==
*

==CNT 2311==
*

==CNT 2831==
*

=FALL 2011=
==CNT 2520==
* Routing Protocol Comparison Chart & Configuration Instructions - John Cocchiarella, Tyler Grey
* IPv6 Routing Protocol Configurations - David Favilla, Christopher Abel
* GPON Gigabit Passive Optical Networks (ITU-T G.948) - Jesse Thorpe
* Exam Question Formatting - Josh K.

==CNT 2540==
* Enterprise Network Case Study and Diagramming - Christopher Moosbrugger
* Update CCNA 4 SDM Labs to CCP Labs - Billy & Matt
* Ethernet Link Aggregation - Monique
* IPv6 Over IPv4 Tunnel - Clay & Curt

==CNT 2722==

==CNT 2820==
* Pen Testing and ethics - Curt H. and Byron S.

=SPRING 2011=
==CNT 2510==
* List of resources that correspond to chapter for self study - John Cocchiarella

==CNT 2520==
* Add to and update [[Intro to IPv6]]
* Create router/switch reference guide for CCNA 1 students
* Update VirtualBox startup script and create instructions for moving VMs between home and school with new version of Virualbox

==CNT 2530==
* De-tableize [[Franske CNT-2510 SP10 Schedule]] and add chapter topics
* Create detailed instructions for clearing the configurations (invluding VLANs) for the [[Switch Documentation]] and [[Router Documentation]] pages

==CNT 2612==
* CatOS Guide, comparison to IOS - Mike Kaschner, Nouthou Vang, Mark Benolken

=FALL 2010=
==CNT 2311==
* [[Understanding Linux Permission Sets]] - Casey McBride
* [[How to Setup NAT|NAT with a Linux System]] - Tsega Terefe
* Alphabetical Linux Command List - Don Bliss
* Linux vs. Windows 7 vs. Mac OS X - Andrew Westin

==CNT 2540==
* Lab Maintenance - Samuel Francis
* Update/Correct Frame Relay and ISDN Labs - Adam Nelson & Dan Martin

Franske Current Student Projects

2012-02-29T20:30:06Z

Ckherman1: /* CNT 2612 */

=SPRING 2012=
==CNT 2612==
*
=Asterisk configuration=

==CNT 2311==
*

==CNT 2831==
*

=FALL 2011=
==CNT 2520==
* Routing Protocol Comparison Chart & Configuration Instructions - John Cocchiarella, Tyler Grey
* IPv6 Routing Protocol Configurations - David Favilla, Christopher Abel
* GPON Gigabit Passive Optical Networks (ITU-T G.948) - Jesse Thorpe
* Exam Question Formatting - Josh K.

==CNT 2540==
* Enterprise Network Case Study and Diagramming - Christopher Moosbrugger
* Update CCNA 4 SDM Labs to CCP Labs - Billy & Matt
* Ethernet Link Aggregation - Monique
* IPv6 Over IPv4 Tunnel - Clay & Curt

==CNT 2722==

==CNT 2820==
* Pen Testing and ethics - Curt H. and Byron S.

=SPRING 2011=
==CNT 2510==
* List of resources that correspond to chapter for self study - John Cocchiarella

==CNT 2520==
* Add to and update [[Intro to IPv6]]
* Create router/switch reference guide for CCNA 1 students
* Update VirtualBox startup script and create instructions for moving VMs between home and school with new version of Virualbox

==CNT 2530==
* De-tableize [[Franske CNT-2510 SP10 Schedule]] and add chapter topics
* Create detailed instructions for clearing the configurations (invluding VLANs) for the [[Switch Documentation]] and [[Router Documentation]] pages

==CNT 2612==
* CatOS Guide, comparison to IOS - Mike Kaschner, Nouthou Vang, Mark Benolken

=FALL 2010=
==CNT 2311==
* [[Understanding Linux Permission Sets]] - Casey McBride
* [[How to Setup NAT|NAT with a Linux System]] - Tsega Terefe
* Alphabetical Linux Command List - Don Bliss
* Linux vs. Windows 7 vs. Mac OS X - Andrew Westin

==CNT 2540==
* Lab Maintenance - Samuel Francis
* Update/Correct Frame Relay and ISDN Labs - Adam Nelson & Dan Martin

Franske CNT-2612

2012-01-30T21:26:04Z

Ckherman1: /* Chapter 3 */

This is the homepage for the CNT-2612: CCNP 1 Network Switching classes taught by Dr. Ben Franske.

= General Course Information =
* [[Franske CNT-2612 Syllabus|Course Syllabus]]
* [[Franske CNT-2612 SP12 Schedule|Spring 2012 Course Schedule]]
* [[Franske CNT-2612 SP12 Participation|Spring 2012 Participation Assignments]]
* [[Franske CNT-2612 Labs and Homework|Lab and Homework List]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* Assessments and online curriculum available at [http://cisco.netacad.net http://cisco.netacad.net]

= Study Guides =
== Chapter 3 ==
[[ Study Guide ]]
== ==
*[[ STP Study Guide ]]

= Projects =
* [http://wiki.ihcnt.net/w/IOS_vs._CatOS:_Basic_Configuration IOS vs. CatOS: Basic Configuration]
* [http://wiki.ihcnt.net/w/AAA_with_802.1x_and_port_based_authentication AAA with 802.1x and Port-based Authentication]
* [[IPv6 Tunnel]]
*[[Introduction to GNS3]]

= Resources =

Franske CNT-2612

2012-01-30T21:25:27Z

Ckherman1: /* Chapter 3 */

This is the homepage for the CNT-2612: CCNP 1 Network Switching classes taught by Dr. Ben Franske.

= General Course Information =
* [[Franske CNT-2612 Syllabus|Course Syllabus]]
* [[Franske CNT-2612 SP12 Schedule|Spring 2012 Course Schedule]]
* [[Franske CNT-2612 SP12 Participation|Spring 2012 Participation Assignments]]
* [[Franske CNT-2612 Labs and Homework|Lab and Homework List]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* Assessments and online curriculum available at [http://cisco.netacad.net http://cisco.netacad.net]

= Study Guides =
== Chapter 3 ==
[[ Study Guide ]]
*[[ STP Study Guide ]]

= Projects =
* [http://wiki.ihcnt.net/w/IOS_vs._CatOS:_Basic_Configuration IOS vs. CatOS: Basic Configuration]
* [http://wiki.ihcnt.net/w/AAA_with_802.1x_and_port_based_authentication AAA with 802.1x and Port-based Authentication]
* [[IPv6 Tunnel]]
*[[Introduction to GNS3]]

= Resources =

Franske CNT-2612

2012-01-30T21:25:08Z

Ckherman1: /* Chapter 3 */

This is the homepage for the CNT-2612: CCNP 1 Network Switching classes taught by Dr. Ben Franske.

= General Course Information =
* [[Franske CNT-2612 Syllabus|Course Syllabus]]
* [[Franske CNT-2612 SP12 Schedule|Spring 2012 Course Schedule]]
* [[Franske CNT-2612 SP12 Participation|Spring 2012 Participation Assignments]]
* [[Franske CNT-2612 Labs and Homework|Lab and Homework List]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* Assessments and online curriculum available at [http://cisco.netacad.net http://cisco.netacad.net]

= Study Guides =
== Chapter 3 ==
[[ Study Guide ]]
[[ STP Study Guide ]]

= Projects =
* [http://wiki.ihcnt.net/w/IOS_vs._CatOS:_Basic_Configuration IOS vs. CatOS: Basic Configuration]
* [http://wiki.ihcnt.net/w/AAA_with_802.1x_and_port_based_authentication AAA with 802.1x and Port-based Authentication]
* [[IPv6 Tunnel]]
*[[Introduction to GNS3]]

= Resources =

STP Study Guide

2012-01-30T21:22:13Z

Ckherman1: Created page with "==Spanning Tree Protocol Study Guide== ===BY: Mike Luger, Curt Hermanson, Phil Gimber=== * Evolution of STP Basics * Evolution of STP * STP (Spanning Tree Protocol) – Eliminate..."

==Spanning Tree Protocol Study Guide==
===BY: Mike Luger, Curt Hermanson, Phil Gimber===
* Evolution of STP Basics
* Evolution of STP
* STP (Spanning Tree Protocol) – Eliminates loops at layer 2 topology
==STP initially converges on a logically loop-free network topology==
*1) Elects one root bridge
*2) Selects the root port on all nonroot bridges
*3) Selects the designated port on each segment
==Elects One Root Bridge==
*• The protocol uses a process to elect a root bridge
*• Only one bridge acts as the root bridge in a given network per VLAN
*• On the root bridge, all ports act as designated ports
*• Switch with lowest priority parameter is elected as root
*• STP Step 2 (cont)
==Selects the Root Port on All Non-root Bridges==
*• The protocol establishes one root port on each nonroot bridge.
*• The root port is the lowest-cost path from the nonroot bridge to the root bridge
==Selects Designated Port on Each Segment==
*• On each segment, STP establishes one designated port on the bridge that has the lowest path cost to the root bridge
*• The switch primarily chooses a designated port as the least-cost path to the root bridge
*• In the event of a tie, the bridge ID acts as the tiebreaker
*• Port Roles

==There are four roles of ports under STP==
*1) Root
*2) Designated
*3) Non-Designated
*4) Disabled

==There are Five Port States==
*• Blocking
*• Listening
*• Learning
*• Forwarding
*• Disabled

==RSTP==
RSTP is not so much a new protocol, but rather an improved and faster version of STP. It preserves all the basic concepts of STP and interoperates with it as well. Users familiar with the operation of STP can quickly learn the new algorithm since both the terminology and basic parameters have been left unchanged.

==Tree Topology==

Spanning Tree topology can be thought of as a tree: it includes a root (a Root Bridge), branches
(LANs and Designated Switches), and leaves (End Nodes). On a tree there are no disconnected parts that are considered part of the tree; that is, the tree encompasses all of its leaves. In addition, there are no loops in a tree. If you trace a path from one leaf to any other leaf, you will find there is one and only one possible path. This is true of the Spanning Tree topology as well. It organizes and connects switches into a loop-free topology while leaving no segments isolated.

==Root Bridge==
Just as a tree has a root from which all branches spring, Spanning Tree has a Root Bridge . Only one Root Bridge can exist in any given network. Although any switch can be a Root Bridge, the switch with the best Bridge ID becomes the Root Bridge. There are two parts to the Bridge ID: a user selected priority and the MAC address. The switch with the lowest numerical value of the priority component becomes the Root Bridge. When all switches have the same priority value, the one with the lowest MAC address becomes the Root Bridge.

==Designated Bridges==
A simple way to prevent loops in the network is to ensure only one bridge is responsible for forwarding traffic from the direction of the root into any given link (branch). As long as only one active path from a root to any end node (leaf) exists, there will be no loops in the topology. The bridge responsible for forwarding traffic in the direction from the root to a given link is known as the Designated Bridge of that link.

==How RSTP works==
The main difference in the operation of STP and RSTP is that RSTP no longer relies on conservative timers to re-converge after a topology change. In order to accomplish this, the algorithm does the following:

*1. It monitors MAC operational states and retires ports that are no longer functional.
*2. It processes inferior BPDUs to detect topology changes.
*3. It keeps track of ports that provide alternative paths to the Root Bridge.
*4. If a Root Port fails, RSTP can quickly retire the Port and make an Alternative port its new Root Port. This new Root Port can be placed in the forwarding state without delay.
*5. When bridges are connected via point-to-point links (directly connected), they use handshake (sync), rather than timers to transition a Designated Port to Forwarding.

==RSTP Topology Change Mechanism==
When an RSTP bridge detects a topology change it performs the following actions
The RSTP Bridge starts the TC while time with a value equal to twice the hello time for all its nonedge designated ports and its root, port if necessary. The TC While time is the interval during which the RSTP Bridge actively informs the rest of the bridges in the network of a topology. It then flushing the MAC addresses associated with all nonedge ports. And as long as the TC While timer is running the BPDUs will be sent out of the port will have the TC bit set.

==Bridge Identifier for PVRST+==
*• Bridge Priority A 4-bit field still used to carry bridge priority
*• Extended System ID
*• Mac Address

==Only four high-order bits of the 16 bit bridge priority field carry actual priority==
*• Cisco STP Default Config
*• PVST+
*• PVRST+
*• MST

==PortFast==
Spanning Tree Portfast causes an interface configured as a layer 2 access port to enter the forwarding state immediately.

*Conf t
*int fa 0/1
*spanning-tree portfast

*confirm with show spanning-tree interface Fastethernet 0/1

==Config the Basic Parameters of PVRST+==
*conf t
*spanning-tree mode rapid-pvst
*spanning-tree vlan 2 root primary
*spanning tree- vlan 3 root secondary

Basic's of Penetration Testing

2011-12-13T21:37:44Z

Ckherman1: /* */

= =

A penetration test (otherwise known as a pentest) is used to expose a weakness in a computer system such as a company server or network. This kind of test allows a company to see where its vulnerabilities lie and attempt to fix them. Most often the test is conducted by some one that is not directly employed by the organization but is contracted from outside it.
= =
Unlike a hacker the tester is given permission and is paid to exploit the organizations security weaknesses. The tester does not passively scan for security weaknesses either. While penetrating the system this will often times halt, slow down or even stop processes within the company. This is meant to simulate an actual cyber-attack on the organization. This simulation not only exposes security loop holes but tests fail safes (if any) that are put in place. Generally a pentest is conducted on a system that is vulnerable to attack and has important data, such as a banks web page with account information.
= =
After the test is completed the tester generates a report known as a “penetration test report”. This report is short and to the point. The report details the method of attack that was used, and what information was compromised during the attack as well as the value of the information exposed. Also the report can contain preventative measures for such an attack, or the organization can come up with their own solutions.
= =
There are three primary methods of penetration testing. All three are based on the knowledge that the tester has of the system before attempting to breach it. With the black box method the tester has no foreknowledge of the system or its infrastructure. The tester has to figure out where the system is and what type it is as well as the device it is operating on. After this has been deduced the tester can start attempting to breach the system. Because this type of attack is a simulation of an outsider hacking into a system this is the closest of the three methods an organization can get to a real attack.
= =
The other two methods are known as white box and grey box. A white box attack is essentially the opposite of a black box attack. The tester has all the information about the system and its infrastructure, including in depth diagrams of the network and IP addresses as well as source codes for the organizations custom applications. With the grey box method the tester only has some of the information pertaining to a system and its network. These types of attacks are useful in simulating an internal threat to the organization, i.e. an employee who either intentionally or purposefully violates system security.
= =
The Open Source Security Testing Methodology Manual or OSSTMM is a manual that discusses penetration testing in greater detail. The manual covers everything from fraud, social engineering attacks and network security, and physical security. The OOSTMM provides details on what items need tested. It also explains what to do before during and after a security test, as well as how to evaluate the results of the test.
= =
These tests do not come without some risks of their own however. As mentioned earlier the test is meant to exploit weaknesses and vulnerabilities. These exploits can have consequences. During a test the system may slow down, crash or even worse break and become inoperable. With an experienced tester these risks are minimalized.
= =
Pentesting is and invaluable tool for many companies and organizations. The report generated from this test will allow a corporation to identify and determine many things when conducting a vulnerability assessment. The test results can show the likely hood of a certain type of threat, its impact on operations, shows previously unknown loopholes, and the effectiveness of current security measures. In fact many organizations are mandated by the government to perform pentests as part of a security audit. The Payment Card Industry Data Security Standard (PCI DSS) requires organizations that hold credit card information to conduct annual and ongoing Pentesting after a system change.
= =
Penetration testing is akin to running a drill or exercise. When a building conducts a fire drill it is testing the effectiveness of evacuation procedures as well as alarm systems. If the drill was never conducted and the building caught fire many lives could be lost. Just as a bank that offers online banking run drills with its online security through Pentesting. Imagine how much important personal information a person places online through their online banking service, if threats aren’t discovered through pen testers and then sent to the bank to be evaluated and prevented someone with malicious intent could end up with your credit information.

= =
By: Curt Hermanson and Byron Schwarz

Basic's of Penetration Testing

2011-12-13T21:32:04Z

Ckherman1: Created page with "= = A penetration test (otherwise known as a pentest) is used to expose a weakness in a computer system such as a company server or network. This kind of test allows ..."

Franske CNT-2820

2011-12-13T21:29:15Z

Ckherman1: /* Resources */

Talk:Franske CNT-2820

2011-12-13T21:26:00Z

Ckherman1:

= Penetration testing =

Franske CNT-2820

2011-12-13T21:24:51Z

Ckherman1: /* Resources */

Franske CNT-2820

2011-12-13T21:24:02Z

Ckherman1: /* Resources */

Franske CNT-2820

2011-12-13T21:22:50Z

Ckherman1: /* Projects */

Franske CNT-2820

2011-12-13T21:21:00Z

Ckherman1: /* Penetration Testing */

This is the homepage for the CNT-2820: Information Systems Security Fundamentals classes taught by Dr. Ben Franske.

= General Course Information =
* [[Franske CNT-2820 Syllabus|Course Syllabus]]
* [[Franske CNT-2820 FA11 Schedule|Fall 2011 Course Schedule]]
* [[Franske CNT-2820 Labs-Homework|Lab and Homework Assignments]]
* [[Franske Lab Report Format|Lab Report Format]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]

= Projects =

=== Penetration Testing ===
Penetration Testing

A penetration test (otherwise known as a pentest) is used to expose a weakness in a computer system such as a company server or network. This kind of test allows a company to see where its vulnerabilities lie and attempt to fix them. Most often the test is conducted by some one that is not directly employed by the organization but is contracted from outside it.
Unlike a hacker the tester is given permission and is paid to exploit the organizations security weaknesses. The tester does not passively scan for security weaknesses either. While penetrating the system this will often times halt, slow down or even stop processes within the company. This is meant to simulate an actual cyber-attack on the organization. This simulation not only exposes security loop holes but tests fail safes (if any) that are put in place. Generally a pentest is conducted on a system that is vulnerable to attack and has important data, such as a banks web page with account information.
After the test is completed the tester generates a report known as a “penetration test report”. This report is short and to the point. The report details the method of attack that was used, and what information was compromised during the attack as well as the value of the information exposed. Also the report can contain preventative measures for such an attack, or the organization can come up with their own solutions.
There are three primary methods of penetration testing. All three are based on the knowledge that the tester has of the system before attempting to breach it. With the black box method the tester has no foreknowledge of the system or its infrastructure. The tester has to figure out where the system is and what type it is as well as the device it is operating on. After this has been deduced the tester can start attempting to breach the system. Because this type of attack is a simulation of an outsider hacking into a system this is the closest of the three methods an organization can get to a real attack.
The other two methods are known as white box and grey box. A white box attack is essentially the opposite of a black box attack. The tester has all the information about the system and its infrastructure, including in depth diagrams of the network and IP addresses as well as source codes for the organizations custom applications. With the grey box method the tester only has some of the information pertaining to a system and its network. These types of attacks are useful in simulating an internal threat to the organization, i.e. an employee who either intentionally or purposefully violates system security.
The Open Source Security Testing Methodology Manual or OSSTMM is a manual that discusses penetration testing in greater detail. The manual covers everything from fraud, social engineering attacks and network security, and physical security. The OOSTMM provides details on what items need tested. It also explains what to do before during and after a security test, as well as how to evaluate the results of the test.
These tests do not come without some risks of their own however. As mentioned earlier the test is meant to exploit weaknesses and vulnerabilities. These exploits can have consequences. During a test the system may slow down, crash or even worse break and become inoperable. With an experienced tester these risks are minimalized.
Pentesting is and invaluable tool for many companies and organizations. The report generated from this test will allow a corporation to identify and determine many things when conducting a vulnerability assessment. The test results can show the likely hood of a certain type of threat, its impact on operations, shows previously unknown loopholes, and the effectiveness of current security measures. In fact many organizations are mandated by the government to perform pentests as part of a security audit. The Payment Card Industry Data Security Standard (PCI DSS) requires organizations that hold credit card information to conduct annual and ongoing Pentesting after a system change.
Penetration testing is akin to running a drill or exercise. When a building conducts a fire drill it is testing the effectiveness of evacuation procedures as well as alarm systems. If the drill was never conducted and the building caught fire many lives could be lost. Just as a bank that offers online banking run drills with its online security through Pentesting. Imagine how much important personal information a person places online through their online banking service, if threats aren’t discovered through pen testers and then sent to the bank to be evaluated and prevented someone with malicious intent could end up with your credit information.

= Resources =
== Multimedia ==
* Security Now #195: The SSL/TLS Protocol [http://media.grc.com/sn/sn-195.mp3 Audio] @27:30 [http://www.grc.com/sn/sn-195.htm Text]
* Security Now #6: Mechanical & Electromagnetic Information Leakage [http://media.grc.com/sn/sn-006.mp3 Audio] [http://www.grc.com/sn/sn-006.htm Text]
* FM-200 Fire Suppression Demonstration [http://www.youtube.com/watch?v=0WelmCXtsyI YouTube]
* Business Continuity Site Commercial [http://www.youtube.com/watch?v=cnTfGmgmrrA YouTube]
* Explaining RAID [http://www.youtube.com/watch?v=6yDpTj2lePI YouTube]
* [http://lasecwww.epfl.ch/keyboard/ Compromising Electromagnetic Emanations of Wired and Wireless Keyboards]
* Government At Risk: Protecting Your IT Infrastructure [http://www.youtube.com/watch?v=AtNYodMaje4 YouTube]
* Disaster Recovery , Hurricane Katrina 3 of 5 - Technology conference [http://www.youtube.com/watch?v=OFHsuqTLjxA YouTube]
* EnCase Computer Forensics Demo [http://www.youtube.com/watch?v=O4ce74q2zqM YouTube]
* Computer Forensics, Evidence Acquisition [http://www.youtube.com/watch?v=9JoX4uxES7Q YouTube]
=== Wireless ===
* Security Now #10: Open Wireless Access Points [http://media.grc.com/sn/sn-010.mp3 Audio] [http://www.grc.com/sn/sn-010.htm Text]
* Security Now #11: Bad WiFi Security (WEP and MAC address filtering) [http://media.grc.com/sn/sn-011.mp3 Audio] [http://www.grc.com/sn/sn-011.htm Text]
* Security Now #13: Unbreakable WiFi Security [http://media.grc.com/sn/sn-013.mp3 Audio] [http://www.grc.com/sn/sn-013.htm Text]
* Security Now #170: The TKIP Hack [http://media.grc.com/sn/sn-170.mp3 Audio] @24:30-1:19:15 [http://www.grc.com/sn/sn-170.htm Text]
=== Cryptography ===
* Security Now Episode 35: Cryptographic Hashes [http://media.grc.com/sn/sn-035.mp3 Audio], [http://www.grc.com/sn/sn-035.htm Text]
* Security Now Episode 185: Cryptographic HMACs [http://www.podtrac.com/pts/redirect.mp3/aolradio.podcast.aol.com/sn/SN-185.mp3 Audio], [http://www.grc.com/sn/sn-185.htm Text] Content starts at 55:30
* Security Now Episode 31: Symmetric Stream Ciphers [http://media.grc.com/sn/sn-031.mp3 Audio], [http://www.grc.com/sn/sn-031.htm Text]
* Security Now Episode 33: Symmetric Block Ciphers [http://media.grc.com/sn/sn-033.mp3 Audio], [http://www.grc.com/sn/sn-033.htm Text]
* Security Now Episode 34: Public Key Cryptography [http://media.grc.com/sn/sn-034.mp3 Audio], [http://www.grc.com/sn/sn-034.htm Text]

== Web Sites ==
* [http://csrc.nist.gov/ NIST Computer Security Resource Center]

== Security Related Journal Articles ==
=== Finding Articles ===
* [http://www.openj-gate.com Open J-Gate]
* [http://www.doaj.org/doaj?func=searchArticles Directory of Open Access Journals]
* [http://scholar.google.com Google Scholar] - Note this may include links to non-free articles

=== Specific Journals ===
* [http://www.hindawi.com/journals/is/ EURASIP Journal on Information Security]
* [http://ijcnis.kust.edu.pk/index International Journal of Communication Networks and Information Security]

Franske CNT-2820

2011-12-13T21:20:10Z

Ckherman1: /* Projects */

Talk:Franske CNT-2820

2011-12-13T21:13:54Z

Ckherman1: Created page with "Penetration testing"

Penetration testing

Asterisk Notes

2011-12-05T21:57:37Z

Ckherman1:

11-28-11
Astrerisk is a free call process, provides support for cards like T1 - it acts like a gateway, or you can employ a service (server to act as the card or gateway) It has become much better over the last five years and has been aroud for 7 or 8 but was no very stable in the beginning. You will find it built into most open source services. You can get asterisk to work on windows but it is not designed for that. The 7900 series of cisco phones work well with asterisk and can get a 7960 for around 20 bucks on ebay.

We will be using Oracle's VirtualBox to download Asterisk to. You will need to create a storage space on your D drive. Make a new folder with your name and semester "Name-FA11" then close.

Next open up VirtualBox ''settings'' and under ''general'' in the default box find the folder you just made and click ok. Your information will now be saved there.

Next create a new virtual machine by clicking on new machine under OS click on Linux, click ''next'', under RAM use 768 , click ''next'', create new hard disk, click next, VDI, next, Dynammically allocated, next location Astersiks server, default, ''next'', then click ''create''. You should now see that your VM has been created.

You will now nee to change the settings under the network by simply clicking on Network and under network click on adapter and on attatched and change to bridged.

**Next under storage CD/DVD Drive: click icon beside arrow change to choose a virtual disk CNT files under Linux then Ubuntu 10.10. asterisk tty1
You will get a couple of warnings, click on through them. Under language choose your language (English is the only one Franske will have support for) US, enter, under keyboard click no, enter, enter, it will the start to load. Under hostname use Asterisk, enter, yes, enter, enter, under partition move to yes click ''continue''. Make changes to disks move to yes, ''continue''. The base system will now be installed. enter your name in lowercase, password cisco, cisco again yes, no for encrypting and down arrow for no http proxy ''continue'' and it will continue installing choose no automatic updates. Under software selection leave them all blank by using tab key to tab through to select continue after installation select yes to install bootloader. Finish by clicking on devices and click on CD/DVD and make sure there is no check mark beside ubuntu. then click continue

Type your name and password that you entered
You are not automatically admin to become the admin you have to enter: sudo bash You will see a # to confirm that you are now admin. We will now edit a file by typing: nano /etc/apt/sources.list (nano is the text editor and etc is the file) Click control W US. archive.ubuntu.com
Under replace with: enter mirror .rit.edu then repeat control w and change security.ubuntu.com with the mirror.RIT.edu
Update by typing aptitude update, enter aptitude full-upgrade, enter, click enter for yes and update starts. After update it will say Current Staus: 0 updates [-94]
We will the type: aptitude install asterisk atfpd dhcp3-server
enter 001 for USA country code and click continue
If there are errors (and ther will be) type:
aptitude update
enter
install aptitude update
enter

to restart type:
shutdown -r now

and try reinstalling if there are still errors, you will need to log back in and refollow steps to update

We should be able to program settings for 7960 phone
nano sip.com
nano extensions.com

''better notes by Greg 2011 11 28''

asterisk.org

open source / free call processor

gateway
buy VOIP service from service provider on internet
connects over network to provider with actual gateway

asterisk has been around for 7 - 8 years
early days, not ready for prime time, not stable, poor configuration
last 5 years, better
many small businesses use asterisk,
built into other products, often the engine is asterisk

can be customized
call centers
robo dialing

GOALS: Walk through installing asterisk
install on linux (install linux, then install asterisk
Cisco 7960 phones popular with asterisk

Virtual box

create folder on D drive with username, semester, and year
update default folder in virtualbox general
virtualbox settings -- general
New
asterisk server
linux
ubuntu
768 MB ram
Create new hard disk
VDI (default)
Dynamically allocated
8 GB is enough for virtual disk
Confirm that drive is installed in expected folder

Create
Create

Change Network Setting (click on Network)
Attached to: Bridged Adapter
(connects virtual machine directly to network card of computer)

ubuntu server file is already on system

Click on Storage
click on IDE Controller / Empty
click on disk on far right side (next ot IDE Secondary Master)
Choose Virtual CD Disk File
D:\\CNT Files\Linux Install CDs\
ubuntu-10.10-server-i386.iso

Click Start to start the virtual machine
OK through warning about keyboard capture
OK through virtual colors
OK through audio problems
English
Enter
Install Ubuntu Server
OK through mouse pointer
OK through color
Enter through English
Enter through United States
no for detect keyboard
USA
Standard USA keyboard
hostname asterisk
America/Chicago time zone
Guided - use entire disk adn set up LVM
Select Disk -- SCSI3
select YES
use default, 8.3 GB
YES - Write changes to disk

lower corner of screen will show activity to hard disk, CD,
and other devices.

Create User Accounts
Full Name
username
password: cisco
cisco
Yes -- accept weak password
NO -- do not encrypt home directory
empty -- no http proxy

NO automatic updates

Software to Install
Leave blank
TAB to reach Continue button
the distribution is Oct 2010
current Oct2011 server edition is the same

Yes -- install GRUB boot loader to master boot record

Remove virtual CD before
Pull down Devices to --> CD/DVD Devices

Login using name and password that we specified

become administrator

sudo bash
cisco

nano /etc/apt/soruces.list

ctrl-w
ctrl-r
search for us.archive.ubuntu.com
replace with mirror.rit.edu
In vi this is :1,$s/us.archive.ubuntu.com/mirror.rit.edu/g
14 lines are changed
search for security.ubuntu.com
replace with mirror.rit.edu
:1,$s/security.ubuntu.com/mirror.rit.edu/g
6 lines change
ctrl-o
enter
ctrl-x to exit

_______________________________________________________________________________________________________________

Notes 2011 11 30

The problem with the asterisk install was the age of the operating system. The fix is to upgrade the Ubuntu OS to a later version that is compatible with the current asterisk distribution.

The upgrade process includes the following.
1. login
2. become root via the command
sudo bash
3. Edit the file, /etc/apt/sources.list. Change the phrase, maverick, to the phrase, nantty, on every line.
The vi command phrase is :1,$s/maverick/nantty/g
4. Update via the command
aptitude update
5. Install the upgrade via the command
aptitude full-upgrade
Accept this solution: Answer Y to every prompt
Click OK for the openbsd-inetd cron atd upgrade
Click OK for the cron atd upgrade

2011 12 05

* ! '''''exclamation marks = enter'''''
*'''''nano = edit'''''
'''Unhook ethernet & login'''

cd/tftpboot

!

tftpboot#wget ftp://10.1.11.36/tftpboot/*

!

ls (''to show listing'')

!

etc/network/interfaces

!

cp/etc/dhcp3/dhcpd.conf /etc/dhcpd.conf (''to copy config file from dhcpd3 to dhcpd'')

!

'''''Once your plugged back in and have pc and phone plugged into a poe switch'''''

ifup eth0

!

ifconfig

!

'''Use the following command to see what is happening in real time and control c to get back'''

tail -f /var/log/syslog

cntrl c

/etc/init.d/isc-dhcp-server start

!

'''''If you encounter any errors with your configuration file you can edit it by going to:'''''

nano /etc/dhcp/dhcpd.conf

!

tail /var/log/syslog ('''''To show tail end of the log'''''

!

'''''Anytime you need to make a change on the phone you will need to unplug and go through the start up process again'''''

/etc/default/atftpd

!

/etc/inetd.conf

!

'''''Go to the line that starts with tftp go to end of line that and change /srvtftp to tftpboot'''''

ps aux | grep tftp

!

/etc/init.d/openbsd-inetd restart

!

ps aux | grep tftp

!

'''''If the srv is still up you have kill the line'''''

nano XMLDefault.cnf.xml ('''''for editing''''')

!

Asterisk Notes

2011-11-28T21:58:17Z

Ckherman1: Created page with "11-28-11 Astrerisk is a free call process, provides support for cards like T1 - it acts like a gateway, or you can employ a service (server to act as the card or gateway) ..."

Franske CNT-2820 FA11 Schedule

2011-09-08T21:59:15Z

Ckherman1:

{{SyllabusInfo
|coursename = Information Systems Security Fundamentals
|coursenumber = CNT-2820
|numcredits = 3
|instructor = Dr. Ben Franske
|term = Fall 2011 (8/23/2011-12/15/2011)
|meetings = T TH 3:30pm-5:20pm
|location = B143
}}
This schedule provides an outline of the topics expected to be covered in this course as well as the readings and assignments due each week. Topics and readings may change in which case you will be notified in class or by e-mail and the latest version of this document is always available from the course wiki. '''Please have all readings completed prior to the start of each class and be prepared to take part in the discussion.''' Unless otherwise noted online quizzes and exams are due at 11:59pm on the date indicated.

==Session 1: August 23==
'''Topics:'''
* Course Overview
* Introduction to Computer Security

'''Readings:'''

'''Due:'''

==Session 2: August 25==
'''Topics:'''
* Challenges of Securing Information
* What Is Information Security?
* Who Are the Attackers?
* Attacks and Defenses
* Defenses Against Attacks

'''Readings:'''
* Chapter 1: Introduction to Security

'''Due:'''

==Session 3: August 30==
'''Topics:'''
* Course Project Overview
* Wiki page creation and editing

'''Readings:'''

'''Due:'''

==Session 4: September 1==
'''Topics:'''
* Attacks Using Malware
* Social Engineering Attacks

'''Readings:'''
* Chapter 2

'''Due:'''
* Chapter 1 Online Assessment

==Session 5: September 6==
'''Topics:'''
* Chapter 2 Lab

'''Readings:'''

'''Due:'''
* Chapter 2 Online Assessment

==Session 6: September 8==
'''Topics:'''
* Application Attacks
* Network Attacks

'''Readings:'''
* Chapter 3

'''Due:'''

==Session 7: September 13==
'''Topics:'''
* Chapter 3 Lab

'''Readings:'''

'''Due:'''
* Chapter 3 Online Assessment

==Session 8: September 15==
'''Topics:'''
* Vulnerability Assessment
* Vulnerability Scanning vs. Penetration Testing
* Mitigating and Deterring Attacks

'''Readings:'''
* Chapter 4

'''Due:'''

==Session 9: September 20==
'''Topics:'''
* Chapter 4 Lab

'''Readings:'''

'''Due:'''
* Chapter 4 Online Assessment

==Session 10: September 22==
'''Topics:'''
* Guest Speaker

'''Readings:'''

'''Due:'''

==Session 11: September 27==
'''Topics:'''
* Securing the Host
* Application Security
* Securing Data

'''Readings:'''
* Chapter 5

'''Due:'''

==Session 12: September 29==
'''Topics:'''
* Chapter 5 Lab

'''Readings:'''

'''Due:'''
* Chapter 5 Online Assessment

==Session 13: October 4==
'''Topics:'''
* Security Through Network Devices
* Security Through Network Technologies
* Security Through Network Design Elements

'''Readings:'''
* Chapter 6

'''Due:'''

==Session 14: October 6==
'''Topics:'''
* Chapter 6 Lab

'''Readings:'''

'''Due:'''
* Chapter 6 Online Assessment

==Session 15: October 11==
'''Topics:'''
* Common Network Protocols
* Network Administration Principles
* Securing Network Applications

'''Readings:'''
* Chapter 7

'''Due:'''

==Session 16: October 13==
'''Topics:'''
* Chapter 7 Lab

'''Readings:'''

'''Due:'''
* Chapter 7 Online Assessment

==Session 17: October 18==
'''Topics:'''
* Guest Speaker

'''Readings:'''

'''Due:'''

==NO CLASS: October 20==
* No IHCC classes, EdMN Conference

==Session 18: October 25==
'''Topics:'''
* Wireless Attacks
* Vulnerabilities of IEEE 802.11 Security
* Wireless Security Solutions

'''Readings:'''
* Chapter 8

'''Due:'''
* Midterm Assessment

==Session 19: October 27==
'''Topics:'''
* Chapter 8 Lab

'''Readings:'''

'''Due:'''
* Chapter 8 Online Assessment

==Session 20: November 1==
'''Topics:'''
* What Is Access Control?
* Implementing Access Control
* Authentication Services

'''Readings:'''
* Chapter 9

'''Due:'''

==Session 21: November 3==
'''Topics:'''
* Authentication Credentials
* Single Sign-On
* Account Management
* Trusted Operating Systems

'''Readings:'''
* Chapter 10

'''Due:'''
* Chapter 9 Online Assessment

==Session 22: November 8==
'''Topics:'''
* Chapter 10 Lab

'''Readings:'''

'''Due:'''
* Chapter 10 Online Assessment

==Session 23: November 10==
'''Topics:'''
* Defining Cryptography
* Cryptographic Hash Algorithms
* Using Cryptography

'''Readings:'''
* Chapter 11

'''Due:'''

==Session 24: November 15==
'''Topics:'''
* Chapter 11 Lab

'''Readings:'''

'''Due:'''
* Chapter 11 Online Assessment

==Session 25: November 17==
'''Topics:'''
* Digital Certificates
* Public Key Infrastructure (PKI)
* Key Management
* Transport Encryption Algorithms

'''Readings:'''
* Chapter 12

'''Due:'''

==Session 26: November 22==
'''Topics:'''
* Chapter 12 Lab

'''Readings:'''

'''Due:'''
* Chapter 12 Online Assessment

==NO CLASS: November 24==
* No IHCC Classes, Thanksgiving

==Session 27: November 29==
'''Topics:'''
* What Is Business Continuity?
* Disaster Recovery
* Environmental Controls
* Incident Response Procedures

'''Readings:'''
* Chapter 13

'''Due:'''

==Session 28: December 1==
'''Topics:'''
* Guest Speaker

'''Readings:'''

'''Due:'''

==Session 29: December 6==
'''Topics:'''
* Controlling Risk
* Reducing Risk Through Policies
* Awareness and Training

'''Readings:'''
* Chapter 14

'''Due:'''

==Session 30: December 8==
'''Topics:'''
* Security+ Study Session

'''Readings:'''

'''Due:'''

==EXAM WEEK==
'''Topics:'''

'''Readings:'''

'''Due:'''
* CNT Projects
* Online Final Exam

----
The instructor reserves the right to modify and adjust the schedule and assignments as needed during the course of this class. The most up to date version will always be available on the course website or from the instructor.

Franske Current Student Projects

2011-09-06T00:12:36Z

Ckherman1: /* CNT 2820 */

=FALL 2011=
==CNT 2520==

==CNT 2540==

==CNT 2722==

==CNT 2820==
* Pen Testing and ethics - Curt H. and Byron S.

=SPRING 2011=
==CNT 2510==
* List of resources that correspond to chapter for self study - John Cocchiarella

==CNT 2520==
* Add to and update [[Intro to IPv6]]
* Create router/switch reference guide for CCNA 1 students
* Update VirtualBox startup script and create instructions for moving VMs between home and school with new version of Virualbox

==CNT 2530==
* De-tableize [[Franske CNT-2510 SP10 Schedule]] and add chapter topics
* Create detailed instructions for clearing the configurations (invluding VLANs) for the [[Switch Documentation]] and [[Router Documentation]] pages

==CNT 2612==
* CatOS Guide, comparison to IOS - Mike Kaschner, Nouthou Vang, Mark Benolken

=FALL 2010=
==CNT 2311==
* [[Understanding Linux Permission Sets]] - Casey McBride
* [[How to Setup NAT|NAT with a Linux System]] - Tsega Terefe
* Alphabetical Linux Command List - Don Bliss
* Linux vs. Windows 7 vs. Mac OS X - Andrew Westin

==CNT 2540==
* Lab Maintenance - Samuel Francis
* Update/Correct Frame Relay and ISDN Labs - Adam Nelson & Dan Martin

Cisco Router Documentation

2011-05-04T23:59:07Z

Ckherman1:

This page includes links to relevant articles on this and other sites related to routers.

=Configuration=
* [http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/12_4/ipv6_12_4_book.html Cisco IOS IPv6 Configuration Guide, Release 12.4]

=Password Recovery=
* [http://www.cisco.com/en/US/products/hw/routers/ps221/products_password_recovery09186a0080094773.shtml Cisco 1700 and 1800 Series Router Password Recovery Procedure]
* [http://www.cisco.com/en/US/products/hw/routers/ps259/products_password_recovery09186a0080094675.shtml Password Recovery Procedure for the Cisco 2600 and 2800 Series Routers]

=IOS Software Reloading=
==via TFTP==
* [[Downloading IOS using TFTPDNLD on Cisco 1841 Router | Step by step instructions for replacing/upgrading IOS image on Cisco Routers over TFTP]]
* [http://www.cisco.com/en/US/products/hw/routers/ps259/products_tech_note09186a008015bf9e.shtml How to Download a Software Image to a Cisco 2600 via TFTP Using the tftpdnld ROMMON Command]

==via XMODEM==
* [http://www.cisco.com/en/US/products/hw/routers/ps259/products_tech_note09186a008015bfac.shtml Xmodem Console Download Procedure Using ROMmon for the Cisco 2600]

=Troubleshooting=
* [http://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1915.html Troubleshooting Serial Lines on Cisco Routers]
='''Configuration'''
router# erase startup-config this will delete startu configurations if they were saved.
router# reload This must be done last to reload the default configurations.

Talk:Cisco Router Documentation

2011-05-04T23:47:52Z

Ckherman1: Created page with "'''Bold text'''Clear configurantion flash delete flash:"

'''Bold text'''Clear configurantion flash
delete flash:

Cisco Switch Documentation

2011-04-13T20:19:09Z

Ckherman1:

This page includes links to relevant articles on this and other sites related to switches.

=Password Recovery=
* [http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml Cisco 2900XL/3500XL, 2940, 2950/2955, 2960, 2970, 3550, 3560, and 3750 Series Switch Password Recovery Procedure]

=Authentication=
* [http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_25_fx/configuration/guide/sw8021x.html Configuring IEEE 802.1x Port-Based Authentication on Catalyst 2960]

=Configuration=
==Clearing Configurations==
* '''switch# erase startup-config''' This will delete startup configurations if they were saved.
* '''switch# delete flash:vlan.dat''' This deletes the vlan configuration.
* '''switch# reload''' This must be done last to reload the default configurations.

Cisco Switch Documentation

2011-04-13T20:16:35Z

Ckherman1:

Cisco Switch Documentation

2011-04-13T20:15:49Z

Ckherman1:

This page includes links to relevant articles on this and other sites related to switches.

=Password Recovery=
* [http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml Cisco 2900XL/3500XL, 2940, 2950/2955, 2960, 2970, 3550, 3560, and 3750 Series Switch Password Recovery Procedure]

=Authentication=
* [http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_25_fx/configuration/guide/sw8021x.html Configuring IEEE 802.1x Port-Based Authentication on Catalyst 2960]

=Configuration=
==Clearing configurations==
* '''switch# erase startup-config''' This will delete startup configurations if they were saved.
* '''switch# delete flash:vlan.dat''' This deletes the vlan configuration.
* '''switch# reload''' This must be done to reload the default configurations.