Securing Router Logins with SSH: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
(Created page with ''''Wireshark Instructions''' This is a walk through to help new students learn how to install and run wireshark for future lab assignments. We will be doing all of this through y…')
 
No edit summary
 
(14 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Wireshark Instructions''' This is a walk through to help new students learn how to install and run wireshark for future lab assignments. We will be doing all of this through your Virtual Machine as though you were in the lab during class.  If needed the same steps will apply to your home computer with the exception of using a your specific network adapter.
'''Securing Router Logins with SSH''' This is a walk through to help new students learn how to configure a more secure login with a router and utilize SSH.


==Downloading & Installing Wireshark==
This is a quick overview of how to download and install wireshark on to any windows operating system.


*Step 1
'''ADAM NELSON'''
First go to the following link
*'''NOTE''':  Make sure to hold control to open the link in a new tab.  [http://www.wireshark.org/download.html Wireshark Download]


*Step 2
'''DAN MARTINEAU'''
Click on the Windows Installer (32-bit).


'''MIKE GARIN'''


==Checking Router Bin file==
This is a check to ensure that the router you are using is going to run SSH.


[[File:Wireshark.2.jpg|800px]]
*Step 1
Issue the command '''show flash''', to check and see if K9 is in the bin file






*Step 3
[[File:ssh.1.jpg|800px]]
Click the Save button.






[[File:Wireshark.3.jpg|800px]]




==Router Configuration==
This will cover the commands needed to setup the router logins and SSH.


*Step 4
*Step 1
Click the Run button after the file has been downloaded.
'''enaable'''






[[File:Wireshark.4.jpg|800px]]
[[File:ssh.ena.jpg|800px]]






*Step 5
*Step 2
If an older version is installed replace it by clicking the Yes button.
'''config t'''






[[File:Wireshark.6.jpg|800px]]
[[File:ssh.config.jpg|800px]]






*Step 6
*Step 3
Click the Next button until you arrive at the Finish button.
'''hostname (name)'''






[[File:Wireshark.8.jpg|800px]]
[[File:ssh.hostname.jpg|800px]]






*Step 7
*Step 4
Click the Finish button.
'''security passwords min-length (number)''', we used 10 for a password length of 10 characters.






[[File:Wireshark.10.jpg|800px]]
[[File:ssh.passlength.jpg|800px]]






*Step 8
*Step 5
Click the I Agree button to start the install.
'''eable secret (password)'''






[[File:Wireshark.12.jpg|800px]]
[[File:ssh.enablesecret.jpg|800px]]






*Step 9
*Step 6
Click the Next button until you arrive at the Install WinPcap.
'''no enable password''' to clear passwords that may already be set.






[[File:Wireshark.13.jpg|800px]]
[[File:ssh.clearpass.jpg|800px]]






*Step 10
*Step 7
Click the Install button.
'''user (name) secret (password)''' this will be your user name and password for loging in to the router and SSH.






[[File:Wireshark.16.jpg|800px]]
[[File:ssh.userpass.jpg|800px]]






*Step 11
*Step 8
Click the Next button until you get to WinPcap License Agreement.
'''line console 0'''




'''login local'''


[[File:Wireshark.17.jpg|800px]]




[[File:ssh.lineconsole.jpg|800px]]


*Step 12
Click the I Agree button.




*Step 9
'''line aux 0'''


[[File:Wireshark.19.jpg|800px]]


'''no password'''




*Step 13
'''login local'''
Click the Install button.






[[File:Wireshark.20.jpg|800px]]
[[File:ssh.lineaux.jpg|800px]]






*Step 14
*Step 10
When installation is complete click the Next button.
'''line vty 0 4'''




'''login local'''


[[File:Wireshark.27.jpg|800px]]


'''transport input ssh''' this last command is to use ssh and not telnet.




*Step 15
Click the Finish button.


[[File:ssh.linevty.jpg|800px]]




[[File:Wireshark.28.jpg|800px]]


*Step 11
'''ip domain-name (domain name)'''




==Basic Operation of Wireshark==
This will cover opening and running Wireshark in a virtual machine to capture packets.


*Step 1
[[File:ssh.domainname.jpg|800px]]
First open Wireshark by double clicking on the icon.






[[File:Wireshark.29.jpg|800px]]
*Step 12
'''cry key generate rsa'''




'''(360-2048)''' you will use this to set the size of the key the larger the more secure.


*Step 2
Click on the Capture Options on the left side of the window, will give you a screen that looks like this.




[[File:ssh.keygen.jpg|800px]]


[[File:Wireshark.30.jpg|800px]]




[[File:ssh.bits.jpg|800px]]


*Step 3
Click on the drop arrow button on the top right of the window and select the VMware network adapter.
[[File:Wireshark.31.jpg|800px]]
*Step 4
Click on the Start button.  You are now capturing packets!!!
[[File:Wireshark.32.jpg|800px]]
*Step 5
To stop a capture click on the red x button on the top left side on the capture window.
[[File:Wireshark.33.jpg|800px]]
==Examining Capture Data==
In this section we will be showing you how to capture protocols and where to locate the important values given by the use of wireshark.
===Color Code===
*YELLOW:  Indicates the MAC Address of both the destination and source.
*GREEN:  Indicates the NIC Manufacturer of both the destination and source.
*RED:  Indicates the NIC Serial Number of both the destination and source.
*BLUE:  Indicates the Frame Type of the packet.
*PINK:  Indicates the IPv4 of both the destination and source.
*'''NOTE''':  The the '''Preamble''' and the '''FCS''' are '''NOT''' shown on wireshark.
===FTP===
[[File:Wireshark.ftp..jpg|800px]]
===HTTP===
[[File:Wireshark.http.jpg|800px]]
===ARP===
[[File:Wireshark.arp.jpg|800px]]
===DNS===
[[File:Wireshark.dns.jpg|800px]]




*Step 13
'''ip ssh time-out (number)'''


===ICMP===


'''ip ssh authentication-retries (number)'''




[[File:Wireshark.icmp.JPG|800px]]


[[File:ssh.timeoutretries.jpg|800px]]




==Creating a Shortcut to Auto Run Wireshark==
In this section we will be showing you how to create a new desktop icon to auto start your wireshark and have it select the correct network adapter and start capturing by simply double clicking the new icon.


==SSH Through Putty==
*Step 1
*Step 1
Right click the Wireshark icon and click copy.
You will login using the IP of the router you are connecting to.




 
[[File:ssh.2.jpg|800px]]
[[File:Wireshark.copy.JPG|800px]]






*Step 2
*Step 2
Right click on the desktop and click paste.
Login using the user name and password created previously.
 
*Step 3
Right click the new icon and rename "Wireshark Auto Start"
 
 
 
[[File:Wireshark.new.JPG|800px]]
 
 
 
*Step 4
Open Wireshark and click on the Capture Options go to the pull down as previously mentioned and select the VMware network adapter, open the window fully to see the path and select everything after the after the : you should have this selected '''\Device\NPF_{numbers}''' as seen in the picture.
 
 
 
[[File:Wireshark.loctarget.JPG|800px]]
 
 
 
*Step 5
Right click and click properties on the NEW Wireshark icon, and add this to the end of the target line -k -i
*'''NOTE''':  You need to have a space before the -k and after the -i.
 
 
 
[[File:Wireshark.shortcutcmd.JPG|800px]]
 




*Step 6
Now after the -i "and the space" paste the \Device\NPF_[numbers} to the target line as shown in the picture.


Go to enable mode and enter your password.  You are now using secure SSH.




[[File:Wireshark.paste.JPG|800px]]


[[File:ssh.3.jpg|800px]]




*Step 7
Click on the Ok button and now you can simply double click the new icon to start Wireshark and select your network adapter and begin capture with one click of the button.  Enjoy!!!


==External links==
==External links==
*[[VMWare Setup]]
*[http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml Cisco Info]
*[http://www.wireshark.org/download.html Wireshark Download]
*[http://media-2.cacetech.com/video/wireshark/custom-shortcuts/ Creating Shortcuts]

Latest revision as of 17:14, 4 May 2010

Securing Router Logins with SSH This is a walk through to help new students learn how to configure a more secure login with a router and utilize SSH.


ADAM NELSON

DAN MARTINEAU

MIKE GARIN

Checking Router Bin file

This is a check to ensure that the router you are using is going to run SSH.

  • Step 1

Issue the command show flash, to check and see if K9 is in the bin file


Ssh.1.jpg



Router Configuration

This will cover the commands needed to setup the router logins and SSH.

  • Step 1

enaable


Ssh.ena.jpg


  • Step 2

config t


Ssh.config.jpg


  • Step 3

hostname (name)


Ssh.hostname.jpg


  • Step 4

security passwords min-length (number), we used 10 for a password length of 10 characters.


Ssh.passlength.jpg


  • Step 5

eable secret (password)


Ssh.enablesecret.jpg


  • Step 6

no enable password to clear passwords that may already be set.


Ssh.clearpass.jpg


  • Step 7

user (name) secret (password) this will be your user name and password for loging in to the router and SSH.


Ssh.userpass.jpg


  • Step 8

line console 0


login local


Ssh.lineconsole.jpg


  • Step 9

line aux 0


no password


login local


Ssh.lineaux.jpg


  • Step 10

line vty 0 4


login local


transport input ssh this last command is to use ssh and not telnet.


Ssh.linevty.jpg


  • Step 11

ip domain-name (domain name)


Ssh.domainname.jpg


  • Step 12

cry key generate rsa


(360-2048) you will use this to set the size of the key the larger the more secure.


Ssh.keygen.jpg


Ssh.bits.jpg


  • Step 13

ip ssh time-out (number)


ip ssh authentication-retries (number)


Ssh.timeoutretries.jpg


SSH Through Putty

  • Step 1

You will login using the IP of the router you are connecting to.


Ssh.2.jpg


  • Step 2

Login using the user name and password created previously.


Go to enable mode and enter your password. You are now using secure SSH.


Ssh.3.jpg


External links

Retrieved from "https://wiki.ihitc.net/mediawiki/index.php?title=Securing_Router_Logins_with_SSH&oldid=1546"