◼️
General Knowledge
  • Introduction
  • Building a Home Lab
  • Certification Roadmap
  • Basics
    • Basic Networking
    • Basic Gigamon Configuration
  • Firewalls
    • PFSense
    • Cisco ASA
  • Hardware Setup and Device Networking
    • Cisco Device
    • MaxVision Servers
    • Gigamon
  • Reporting
    • Network Activity Report (NAR)
    • Network Change Request (NCR)
    • Redmine
  • DCO Tools
    • Splunk
      • Threat Hunting with Splunk
    • Security Onion 2.4
      • Threat Hunting with Security Onion
    • OsQuery
  • Methodology
    • Gather Information
    • Gather Documents
    • Prepare Equipment and Team Procedures
    • Conduct Network Reconnaissance
    • MITTRE ATT&CK Framework
    • Considerations when Recommending Remedial Action
    • Document Everything
    • Defensive Cyber Operations Checklist
  • Requirements
    • Power Requirements
    • Port Density Requirements
    • Opened Port Requirements
  • Building a Virtual Testing Environment
    • Identify Requirements
    • Gather Equipment and tools
    • Initial Draft
    • Building the Environment
    • Example
Powered by GitBook
On this page
  • Introduction
  • Switching
  • Setting your hostname
  • Setting your password
  • Creating a VLAN and Setting the Name
  • Assign an Interface to a VLAN
  • Assigning an IP to a VLAN
  • Inter-VLAN Routing
  • Clearing a Switch
  • Port Security
  • DHCP
  • Remote Access
  • Spanning
  1. Basics

Basic Networking

We will go over how basic networking works, how to configure it, and how to troubleshoot some common issues we may run into.

Introduction

One of the basic functions of Defensive Cyber Operations (DCO) is a general understanding of how data travels between networked systems. In order to do this, there are a few key pieces of information you will need to know to configure a very basic switch or router and how to integrate those devices with a customer network.

This document will demonstrate from the perspective of Cisco Networking Devices

Switching

Switch> Non-privileged mode

Swtich# Privileged EXEC mode (Elevated Privileges)

Switch(config)# Global Configuration Mode

Please take note of the mode the terminal is in when performing actions

Setting your hostname

Switch> enable
Switch# conf t
Switch(config)# hostname Test-Switch
Test-Switch(config)#

Setting your password

Switch(config)# enable secret

Creating a VLAN and Setting the Name

A VLAN is a way to logically break up networks that share the same physical LAN. Such as if you had two completely different networks communicating over the same switch, you would configure two VLANS and perform Inter-VLAN routing.

Switch(config)# int vlan 
Switch(config-vlan)# name

Assign an Interface to a VLAN

Switch(config)# interface 
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan

Assigning an IP to a VLAN

Switch(config)# int vlan 
Switch(config-if)# ip address

Inter-VLAN Routing

There are two primary methods of performing Inter-VLAN routing. The first is the easiest but requires a layer 3 Switch. The second is slightly more complex and requires a layer 2 switch and a router. Method two is typically used on legacy kits.

Method 1 - Layer 3 Switching

Switch(config)# ip routing

Method 2 - Router on a Stick

# Step 1 is to configure the port on the switch that is connected to the router
Switch(config)# int 
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q

# Step 2 is to configure vlans and ports on the switch. See earlier
# portions of this document for instructions on how to do that.

# Step 3 Create Sub-Interfaces on the router
Router(config)# int .
Router(config-subif)# encapsulation dot1q 
Router(config-subif(# ip address

Clearing a Switch

Switch(config)# write erase
Switch(config)# reload
Switch(config)# delete flash:vlan.dat
#the above line deletes VLAN data
Switch(config)# reload

#OR

Switch(config)# clear config all
Switch(config)# reload

# Each option works on different switches. I have the most luck with option 1

Port Security

Switch(config)# int 
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security violation {restrict | shutdown}
Switch(config-if)# switchport port-security mac-address {sticky | }
# Sticky will pull the next plugged-in MAC and make that the only allowed one.
# Inserting the value will only allow that specific MAC
# To verify Port security worked
Switch(config)# show port-security
# To Clear Port security
Switch(config-if)# shutdown
Switch(config-if)# no switchport port-security mac-address sticky 
Switch(config-if)# no shutdown

DHCP

# Create A Pool
Switch(config)# ip dhcp excluded-address <any_address>
Switch(config)# ip dhcp pool 
Switch(dhcp-config)# network 
Switch(dhcp-config)# default-router 
Switch(dhcp-config)# dns-server 

# Then place a vlan and interface inside the range of this dhcp pool and it will
# automatically apply

Remote Access

Switch(config)# username <user> secret <pass>
Switch(config)# crypto key generate rsa encryption modules 2048
Switch(config)# line vty 0 10
Switch(config)# transport input ssh
Switch(config)# ip ssh version 2
Switch(config)# login local
# You can then SSH to your default gateway when plugged into the switch

Spanning

Switch(config)# monitor session  source interface 
Switch(config)# monitor session  destination interface
PreviousCertification RoadmapNextBasic Gigamon Configuration

Last updated 2 years ago

IP Routing on a Switch