Sec572 Security Testing Ilab

Student Name _________________________________ Date _____________

SEC572 Security Testing iLab

Task 1 – Verify Connectivity between Router and Hosts

Complete the table below based on the dynamic routes displayed in the routing table:

Routing protocol | Destination Network | Metric | Outbound Interface |

| | | |

| | | |

* Select the Task 1 commands and output in the Virtual CLI using the mouse. Click on the Copy button. Use <Ctrl>V to paste the commands into your Lab Document.

Task 2 – Flow Analysis Security Port Scans

* Open the Permitted services links Public_Server->Dallas_Host and Public_Server->Dallas_Server. Note the TCP and UDP port numbers that are open. Use <Alt><PrtSc> to capture the Public_Server->Dallas_Host and the Public_Server->Dallas_Server windows and use <Ctrl>V to paste the two captured windows into your Lab Document. [Note: expand the window to show the entire table content]

* What are the UDP and TCP ports that are permitted in traffic from the Public_Server to the Dallas_Host? What are the UDP and TCP ports that are permitted in traffic from the Public_Server to the Dallas_Server?

Destination | UDP Ports Permitted | TCP Ports Permitted |

Dallas_Host | | |

Dallas_Server | | |

Task 3 - Deny Upper TCP ports Public_Server->Dallas Server

* Use the Dallas router Virtual CLI (as we did in Task 1) to define an extended ACL that will deny all TCP services with port numbers above 255 from the Public Server to the Dallas Server while allowing all other traffic. Apply the ACL to the outside (S0/1) interface of the Dallas router for all inbound traffic. Execute a show running-config command to verify. Copy these Virtual CLI commands and the command output to your iLab document. The required commands are shown below:

* Open the Permitted services links “Public_Server->Dallas_Host” and “Public_Server->Dallas_Server”. Note the TCP and...