Securing Router Logins with SSH: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 15: Line 15:




==Basic Operation of Wireshark==
==Router Configuration==
This will cover opening and running Wireshark in a virtual machine to capture packets.
This will cover the commands needed to setup the router logins and SSH.


*Step 1
*Step 1
First open Wireshark by double clicking on the icon.
'''enaable'''




Line 28: Line 28:


*Step 2
*Step 2
Click on the Capture Options on the left side of the window, will give you a screen that looks like this.
'''config t'''




Line 37: Line 37:


*Step 3
*Step 3
Click on the drop arrow button on the top right of the window and select the VMware network adapter.
'''hostname (name)'''




Line 46: Line 46:


*Step 4
*Step 4
Click on the Start button. You are now capturing packets!!!
'''security passwords min-length (number)''', we used 10 for a password length of 10 characters.




Line 55: Line 55:


*Step 5
*Step 5
To stop a capture click on the red x button on the top left side on the capture window.
'''eable secret (password)'''
 
 
 
[[File:Wireshark.33.jpg|800px]]
 
 
 
*Step 6
'''no enable password''' to clear passwords that may already be set.
 
 
 
[[File:Wireshark.32.jpg|800px]]
 
 
 
*Step 7
'''user (name) secret (password)''' this will be your user name and password for loging in to the router and SSH.
 
 
 
[[File:Wireshark.33.jpg|800px]]
 
 
 
*Step 8
'''line console 0'''
'''login local'''
 
 
 
[[File:Wireshark.32.jpg|800px]]
 
 
 
*Step 9
'''line aux 0'''
'''no password'''
'''login local'''
 
 
 
[[File:Wireshark.33.jpg|800px]]
 
 
 
*Step 10
'''line vty 0 4'''
'''login local'''
'''transport input ssh''' this last command is to use ssh and not telnet.
 
 
 
[[File:Wireshark.32.jpg|800px]]
 
 
 
*Step 5
'''eable secret (password)'''




Revision as of 16:52, 4 May 2010

Securing Router Logins with SSHThis is a walk through to help new students learn how to configure a more secure login with a router and utilize SSH.

Checking Router Bin file

This is a check to ensure that the router you are using is going to run SSH.

  • Step 1

Issue the command show flash, to check and see if K9 is in the bin file


Wireshark.29.jpg



Router Configuration

This will cover the commands needed to setup the router logins and SSH.

  • Step 1

enaable


Wireshark.29.jpg


  • Step 2

config t


Wireshark.30.jpg


  • Step 3

hostname (name)


Wireshark.31.jpg


  • Step 4

security passwords min-length (number), we used 10 for a password length of 10 characters.


Wireshark.32.jpg


  • Step 5

eable secret (password)


Wireshark.33.jpg


  • Step 6

no enable password to clear passwords that may already be set.


Wireshark.32.jpg


  • Step 7

user (name) secret (password) this will be your user name and password for loging in to the router and SSH.


Wireshark.33.jpg


  • Step 8

line console 0 login local


Wireshark.32.jpg


  • Step 9

line aux 0 no password login local


Wireshark.33.jpg


  • Step 10

line vty 0 4 login local transport input ssh this last command is to use ssh and not telnet.


Wireshark.32.jpg


  • Step 5

eable secret (password)


Wireshark.33.jpg


Examining Capture Data

In this section we will be showing you how to capture protocols and where to locate the important values given by the use of wireshark.

Color Code

  • YELLOW: Indicates the MAC Address of both the destination and source.
  • GREEN: Indicates the NIC Manufacturer of both the destination and source.
  • RED: Indicates the NIC Serial Number of both the destination and source.
  • BLUE: Indicates the Frame Type of the packet.
  • PINK: Indicates the IPv4 of both the destination and source.
  • NOTE: The the Preamble and the FCS are NOT shown on wireshark.

FTP

Wireshark.ftp..jpg


HTTP

Wireshark.http.jpg


ARP

Wireshark.arp.jpg


DNS

Wireshark.dns.jpg


ICMP

Wireshark.icmp.JPG


Creating a Shortcut to Auto Run Wireshark

In this section we will be showing you how to create a new desktop icon to auto start your wireshark and have it select the correct network adapter and start capturing by simply double clicking the new icon.

  • Step 1

Right click the Wireshark icon and click copy.


Wireshark.copy.JPG


  • Step 2

Right click on the desktop and click paste.

  • Step 3

Right click the new icon and rename "Wireshark Auto Start"


Wireshark.new.JPG


  • Step 4

Open Wireshark and click on the Capture Options go to the pull down as previously mentioned and select the VMware network adapter, open the window fully to see the path and select everything after the after the : you should have this selected \Device\NPF_{numbers} as seen in the picture.


Wireshark.loctarget.JPG


  • Step 5

Right click and click properties on the NEW Wireshark icon, and add this to the end of the target line -k -i

  • NOTE: You need to have a space before the -k and after the -i.


Wireshark.shortcutcmd.JPG


  • Step 6

Now after the -i "and the space" paste the \Device\NPF_[numbers} to the target line as shown in the picture.


Wireshark.paste.JPG


  • Step 7

Click on the Ok button and now you can simply double click the new icon to start Wireshark and select your network adapter and begin capture with one click of the button. Enjoy!!!

External links

Retrieved from "https://wiki.ihitc.net/mediawiki/index.php?title=Securing_Router_Logins_with_SSH&oldid=1536"