Jared Heinrichs

  • Technology Blog
  • Winnipeg Computer Repair
  • Winnipeg Photographer
  • Cooking With Jared
You are here: Home / 2013 / Archives for May 2013

Archives for May 2013

May 24, 2013 By Jared Heinrichs Leave a Comment

FREE Cisco Practice exams for CCENT and CCNA

I am just making a list of FREE Cisco Practice exams that should help you on the way to get your CCENT (ICND1) and CCNA (ICND1 & ICND2).

I am going to list them in two categories

  1. Cisco Certified
  2. Not-Cisco Certified

Hopefully you will benefit from these practice tests as much as I have…

Cisco Certified FREE exams

  1. FREE ICND1 test exam
  2. FREE ICND2 test exam
  3. FREE CCNA test exam

Non-Cisco Certified FREE exams

  • Stay tuned for more links

Filed Under: Networking

May 21, 2013 By Jared Heinrichs Leave a Comment

Cisco CDP commands and output

First off… CDP stands for “Cisco Discovery Protocol”. It’s a protocol that… You guessed it.. Discovers other connected Cisco devices on your network.

There are several CDP commands and their output can look similar or completely different to other CDP commands.

On a Cisco exam you might be asked something like:

  • “Which of the following commands could tell you information about IOS” or
  • “Which of the following CDP command could identify a neighbor’s model of hardware”
  • “What Port does switch “s1” connect to switch “s3”.

To explain CDP I will be using Packet Tracer… Here is my Map:

image

A couple of things to also give you…

  • s1 – Port fa0/24 is connected to “fa0/24 on s2”.
  • s1 – Port fa0/23 is connected to “fa0/1 on s3”.
  • s2 – Port fa0/23 is connected to “fa0/2” on s3”

Look at s1’s perspective:

First we’ll look at both the “show cdp” and “show cdp neighbors” commands:

image

If we didn’t already know the names of the switches we now do. It’s listed under “Device ID” column. Also please note under Port ID you can see what port the switch connects to on the neighbor switch.

Next command will show all switches connected to a single switch. The command is “show cdp neighbors detail”.

 image

A command that gives similar output as the last one is: “show cdp entry s2”. This command though only shows the detailed info for switch you select.

image

Cisco recommends that you disabled CDP on any port that doesn’t connect to another Cisco device.

To completely disable/re-enable CDP on a switch run:

  • no cdp run (gloabal config) (disable for whole switch)
  • cdp run (global Config) (enable for whole switch)

To disable and enable the cdp on switch per interface you need to run these commands:

  • no cdp enable (interface subcommand)
  • cdp enable (interface subcommand)

Hope this helps explain CDP and what some of the information CDP can give you depending on what CDP command you use.

Filed Under: Networking

May 21, 2013 By Jared Heinrichs Leave a Comment

The 3 easiest ways to secure un-used ports on a Cisco switch

By default Cisco has made it’s switches essentially plug and play. This plug and play mentality actually leaves some pretty large security concerns on the switch. There are 3 very easy ways to secure ports on a Cisco switch. They are:

  1. Administrative disable the interface using the shutdown interface subcommand. IF you just shutdown the interface, the exposure goes away. The next two commands will help just encase someone re-enables the port.
  2. Prevent VLAN Trunking. You can do this by running the switchport mode access interface subcommand.
  3. Assign the port to an un-used VLAN using the switchport access vlan number subcommand.

 

I know seeing the workflow in an example can help as well. I am going to be working on switch “s1”. I will take fa0/24 and secure the port. I am going to make my own new VLAN that all new ports that need to be secured will be apart of. This VLAN will be VLAN 4 and I will name it “SECURED-VLAN”.

image

Let’s verify it’s in the proper VLAN using the “show vlan brief” command:

image

Hopefully this helps you secure un-used ports on a Cisco Switch!

Filed Under: Networking

May 17, 2013 By Jared Heinrichs Leave a Comment

Cisco Switch – Three types of login passwords (Console, VTY and Enable)

There are three main ways of locking down your Cisco switch. Before going into what how to setup the passwords it probably a good idea to talk about the 3 types of passwords. The names pretty much tells you what the password is used for.

  1. Console – As you should know in order to connect to the console you need to connect the console cable from your laptop into the back of the switch. You need to run a terminal program like Putty that will give you access to the switches text console.
  2. VTY – By default all cisco switches can not be accessed remotely via a terminal program like PuTTy. There are two methods of connecting remotely either terminal connection or a Secure Shell (SSH) connection. The main difference between the two is one is not-encrypted and the other one is.
  3. Enable – This is a command that allows you to start programming the switch. This can be setup with a clear text password, encrypted password that is easy to break or a MD5 encrypted password that is almost impossible to break.

Now that you know where and what you can password protect, the next part is to configure these passwords. Depending on the password “type” there may be a few ways of creating a password. Please note that even if you give the different items the same password they are considered different. If a password were to be changed on one, it would not effect the others.

Console Password

In order to setup the console password you will need to enter these lines.

  • enable
  • conf t
  • line console 0 <- the “0” is a zero.
  • password consolepassword <- “consolepassword” is the password I specified. please change it to whatever you want.
  • login <- If you do not tell the switch “login” it will not prompt you for a password at login.

console-password

VTY password

In order to setup the VTY password you will need to enter these lines.

  • enable
  • conf t
  • line vty 0 15 <- the “0” is a zero.
  • password vtypassword <- “vtypassword” is the password I specified. please change it to whatever you want.
  • login <- If you do not tell the switch “login” it will not prompt you for a password when you log into via telnet or SSH client.

Enable password

In order to setup the Enable password you will need to enter these lines.

This password is stored completely in clear text in the config file.

  • enable
  • conf t
  • enable password enablepassword <- “enablepassword” is the password I specified. please change it to whatever you want.
  • service password-encryption <- This step is optional. It encrypts all current and future passwords with a very easy de-cryption algorithem.

It’s a better to idea to use the enable secret password. To use the MD5 encryption you need to run this command. Please note that if you’ve setup the “enable password” AND “enable secret”, The password used in “enable secret” will always be used. It’s also good to note that the two passwords can be different.

  • enable
  • conf t
  • enable secret secretpassword <- “enablepassword” is the password I specified. please change it to whatever you want.

Here’s a screenshot where I enable all the passwords in one terminal session:

image

At this point it’s good to check out the running configuration. To do this type:

image

Please notice how the secret password doesn’t reflect what you’ve typed. Please also note how the enable password is in clear text. I’m going to remind you if you want to encrypt the “enable password” you would need to type: service password-encryption. Please NOTE that this command doesn’t do anything to the secret password. Ie. it doesn’t encrypt the already encrypted password.

This is what would look like after you have typed “service password-encryption”

image

Hope this helps 🙂

Filed Under: Networking

May 16, 2013 By Jared Heinrichs Leave a Comment

Packet Tracer – How to emulate connecting to a console

Packet Tracer allows you to emulate plugging in a console cable with a computer and logging in. To emulate connecting to a console with Packet Tracer you will need a couple of things dropped onto your packet tracer document:

  1. Switch (2960)
  2. Laptop
  3. Console cable running from the laptop (RS 232) to the switch (Console port)

 

Here are the steps to connect and configure everything

Click the console cable.

image

Click the Laptop and select the port RS 232.

image

Then select the console port on the switch:

image

Open the laptop and go to terminal:

image

Keep the default settings:

image

Voila… You’re in 🙂

image

Filed Under: Networking

  • 1
  • 2
  • Next Page »

Categories

  • Board Game Rules
  • Camera
  • Computer Hardware
    • Blackberry
    • drivers
    • iPad
    • Magic Jack
    • USB
  • Damn Small Linux
  • Exam Notes
  • Facebook
  • FREE Flashcards
  • Games
    • PC
      • League of Legends
    • Wii
    • xbox 360
  • Music
  • Networking
    • Cisco Certification
    • Mitel
    • Palo Alto Firewall
  • News
    • Google
    • Microsoft
  • Operating System
    • Active Directory (2003)
    • Android
    • Command Prompt
    • Damn Small Linux
    • Group Policy
    • Hyper-V
    • IIS
    • ISA 2006
    • Mac OS X
    • Microsoft Exchange Server
    • Powershell
    • Security
    • SME Server
    • Terminal Server 2003
    • Ubuntu Linux
      • Adito Web SSL VPN
      • OpenVpn-als
      • Webmin
    • Virtual Machine Manager
    • Windows 2003 SBS
    • Windows 2003 Server
    • Windows 2008
    • Windows 2008 R2
    • Windows 2012R2
    • Windows 7
    • Windows 8
    • Windows Command Line
    • Windows Deployment Services
    • Windows Server Backup
    • Windows Vista
    • Windows XP
  • Phones
  • Photography
  • Photos
    • Animals
    • Misc
    • Nature
    • Portraits
  • Portfolio
  • Programming
    • CSS
    • HTML
    • jQuery
    • MySQL
    • PHP
    • Script
  • Programs
    • Acrobat
    • Acrobat Reader
    • Adobe Dreamweaver
    • Adobe Illustrator
    • Adobe Photoshop
    • Anti-virus Software
    • Antivirus
    • Backup Exec
    • Bittorent
    • Blackberry BESADMIN
    • Internet Explorer 9
    • Lightroom
    • Microsoft Office
    • Netbeans
    • Onenote
    • Outlook
    • Shelby
    • Sysprep
    • Trend
    • Video Editing
    • Visual Studio
    • Windows Live Writer
    • WireShark
    • XP Mode
    • Zarafa
  • Recipe
  • Review
  • Software Links
  • Troubleshooting
  • Uncategorized
  • Videos
  • Web Applications
    • Brage
    • Google
    • Spiceworks
    • Wordpress
  • Web Browsers
    • Internet Explorer
  • Web Server
    • XAMPP
  • Winnipeg
    • ISP

Try searching this site!

Copyright © 2021 Winnipeg Web Design