SlideShare ist ein Scribd-Unternehmen logo

Packet Tracer: SNMP, Netflow, Sys-log

Als DOCX, PDF herunterladen
R
Rafat Khandaker

This document summarizes a packet tracer lab where SNMP, Netflow, and syslog protocols were configured to monitor network traffic and generate log messages. Key aspects covered include: - SNMP allows network monitoring through protocols that transmit data to SNMP servers. It was configured to send traffic logs and router status updates to a server. - Netflow captures detailed traffic information like source/destination IP/port and protocol from router interfaces and exports it to a server for analysis. Random traffic was generated to test netflow collection. - Syslog messages of different severity levels were configured to be sent from routers to a server for logging and troubleshooting purposes.

Technologie
1 von 10
Packet Tracer Lab Rafat Khandaker SNMP Netflow, Syslog, Trap 05-17-16 . ABSTRACT In this lab, I'm going to research and study Cisco routing protocols that include SNMP, HSRP and GLBP. Those protocols will be used to configure load balancing, network monitering and generate sys log messages and transport to a snmp server/syslog server. INTRODUCTION SNMP Simple Network management protocol, was developed in 1988 to allow applications to access the traffic information being passed through cisco routers. SNMP allowed, servers to log error messages about the network. SNMP also allowed active network monitoring such as netflow application to be transmitted and logged into a server. SNMP protocols are usually configured with a management device and an agent. The agent usually contains MIB or message information block, which inside an OID ( object identifier ) can be configured from an SNMP manager. The manager is allowed to query or ask for variables inside the OID. It can also be configured with " trap " notifications, which is a preconfigured detection feature to be logged into the SNMP manager. SNMP had security flaws, it only used community strings ( read /write private... read only ) they were pre-configured with default values. SNMP v2 never caught on in the market... V2c allowed more information to be transmitted through a single query. still used community strings. SNMP v3 - good security, encryption, integrity check and authentication services. SIMULATION
In this example, a server is connected on the network to log snmp traffic. The router will be configured to send the snmp traffic into the server when PC 1 is communicating to pc0, and log information about the status of the router in general, including links going up and down. to set up this lab, I made sure that all links have connectivity through pc1 .
ONCE CONNECTIVITY IS CONFIRMED , I am now going to configure SNMP protocol and view the SYS log on the server. Enable TRAP to send syslog messages to the server Entering severity 7 ... just for demonstration purpose... almost like a network analyzer... at this point. Usually severity 4 is used for administration.
we can see the server sys log entering messages
server is actively logging NETFLOW Netflow is a feature on cisco routers that allows us to get a very detailed information about the network traffic. netflow has 7 things in common 1.source ip address 2. destination ip address 3. Source port number 4. Destination Port number 5. Layer 3 protocol type. 6. Type of service (ToS) value 7. ingress interface. We can get very detailed information of the packet in the flow within the network. configuring netflow on the interface ingress ( inbound ) egress ( outbound )
The idea is to create connections from the pc to internet and monitor the traffic - here i have some random garbage requests to the pc accross the simulated internet.
We can see from the command show ip cache flow, that the router is capturing traffic from the netflow configuration. Now I'm going to export the netflow to a server... ( version depends on the netflow collector documentation ) ** usually the app you are using..
here we configured ip flow export on loopback 0 version 9 and export destination to the server on port 9996. ( usual port number but can be different ) On the server interface, netflow is configured.. and I will do some garbage pings and failed telnet attempts and let netflow collect information.
SYSLOG MESSAGE Level
CONCLUSION: In this lab I have successfully configured SNMP, Netflow and syslog onto a server. These protocols are very useful for administrators to check for network downtime, troubleshooting and monitoring a network.

Empfohlen

SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)
Mohammad Awais Javaid
 
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackNicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
ShapeBlue
 
Chapter 6 slides
Chapter 6 slidesChapter 6 slides
Chapter 6 slides
lara_ays
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic Configuration
Prof. Erwin Globio
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
Prasenjit Gayen
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheet
Eng. Emad Al-Atoum
 
OSPF Configuration
OSPF Configuration OSPF Configuration
OSPF Configuration
NetProtocol Xpert
 
CCNA ppt Day 1
CCNA ppt Day 1CCNA ppt Day 1
CCNA ppt Day 1
VISHNU N
 

Empfohlen

SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)
Mohammad Awais Javaid
 
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStackNicolas Vazquez - Open vSwitch with DPDK on CloudStack
Nicolas Vazquez - Open vSwitch with DPDK on CloudStack
ShapeBlue
 
Chapter 6 slides
Chapter 6 slidesChapter 6 slides
Chapter 6 slides
lara_ays
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic Configuration
Prof. Erwin Globio
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
Prasenjit Gayen
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheet
Eng. Emad Al-Atoum
 
OSPF Configuration
OSPF Configuration OSPF Configuration
OSPF Configuration
NetProtocol Xpert
 
CCNA ppt Day 1
CCNA ppt Day 1CCNA ppt Day 1
CCNA ppt Day 1
VISHNU N
 
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Bruno Teixeira
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for Monitoring
GLC Networks
 
Igrp
IgrpIgrp
Igrp
1 2d
 
Opendaylight SDN Controller
Opendaylight SDN ControllerOpendaylight SDN Controller
Opendaylight SDN Controller
Sumit Arora
 
Route Redistribution between OSPF and EIGRP
Route Redistribution between OSPF and EIGRPRoute Redistribution between OSPF and EIGRP
Route Redistribution between OSPF and EIGRP
NetProtocol Xpert
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
Er. Anmol Bhagat
 
SPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANSPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPAN
NetProtocol Xpert
 
ClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release NotesClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release Notes
Aruba, a Hewlett Packard Enterprise company
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
rjain51
 
SNMP
SNMPSNMP
SNMP
OECLIB Odisha Electronics Control Library
 
IGMP
IGMPIGMP
IGMP
Raghavendra Hamilpure
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTik
KHNOG
 
Protocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distanciaProtocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distancia
Jorge Arroyo
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
Smriti Tikoo
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring tools
QaswarBosan
 
Trouble Ticket Integration with Zabbix in Large Environment
Trouble Ticket Integration with Zabbix in Large EnvironmentTrouble Ticket Integration with Zabbix in Large Environment
Trouble Ticket Integration with Zabbix in Large Environment
Alain Ganuchaud
 
Introduction Network Monitoring and Management Solution
Introduction Network Monitoring and Management SolutionIntroduction Network Monitoring and Management Solution
Introduction Network Monitoring and Management Solution
Tien Nguyen Duc
 
Packet Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 SwitchingPacket Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 Switching
Johnson Liu
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
Varnnit Jain
 
How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
SolarWinds
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
Jose Manuel Vega Monroy
 

Weitere ähnliche Inhalte

Was ist angesagt?

Igrp
IgrpIgrp
Igrp
1 2d
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
rjain51
 
Protocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distanciaProtocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distancia
Jorge Arroyo
 
Packet Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 SwitchingPacket Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 Switching
Johnson Liu
 

Was ist angesagt? (20)

Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for Monitoring
 
Igrp
IgrpIgrp
Igrp
 
Opendaylight SDN Controller
Opendaylight SDN ControllerOpendaylight SDN Controller
Opendaylight SDN Controller
 
Route Redistribution between OSPF and EIGRP
Route Redistribution between OSPF and EIGRPRoute Redistribution between OSPF and EIGRP
Route Redistribution between OSPF and EIGRP
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
 
SPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANSPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPAN
 
ClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release NotesClearPass 6.3.6 Release Notes
ClearPass 6.3.6 Release Notes
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
SNMP
SNMPSNMP
SNMP
 
IGMP
IGMPIGMP
IGMP
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTik
 
Protocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distanciaProtocolos de enrutamiento por vector distancia
Protocolos de enrutamiento por vector distancia
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring tools
 
Trouble Ticket Integration with Zabbix in Large Environment
Trouble Ticket Integration with Zabbix in Large EnvironmentTrouble Ticket Integration with Zabbix in Large Environment
Trouble Ticket Integration with Zabbix in Large Environment
 
Introduction Network Monitoring and Management Solution
Introduction Network Monitoring and Management SolutionIntroduction Network Monitoring and Management Solution
Introduction Network Monitoring and Management Solution
 
Packet Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 SwitchingPacket Tracer Simulation Lab Layer 2 Switching
Packet Tracer Simulation Lab Layer 2 Switching
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
 

Andere mochten auch

Network Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseNetwork Traffic Search using Apache HBase
Network Traffic Search using Apache HBase
Evans Ye
 
2.2 determining trust relationships
2.2 determining trust relationships2.2 determining trust relationships
2.2 determining trust relationships
Muuluu
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
Lancope, Inc.
 
5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
aqpjuan
 

Andere mochten auch (18)

How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
 
Network Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseNetwork Traffic Search using Apache HBase
Network Traffic Search using Apache HBase
 
Introduction to SNMP
Introduction to SNMPIntroduction to SNMP
Introduction to SNMP
 
2.2 determining trust relationships
2.2 determining trust relationships2.2 determining trust relationships
2.2 determining trust relationships
 
Snmp
SnmpSnmp
Snmp
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
 
Network protocols
Network protocolsNetwork protocols
Network protocols
 
Ordering guide for cisco isr g2
Ordering guide for cisco isr g2Ordering guide for cisco isr g2
Ordering guide for cisco isr g2
 
5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
 
How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routers
 
Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3
 
Nagios
NagiosNagios
Nagios
 
BGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet WorkBGP Protocol Makes the Internet Work
BGP Protocol Makes the Internet Work
 
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardwareComputer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
 
GTU PHP Project Training Guidelines
GTU PHP Project Training GuidelinesGTU PHP Project Training Guidelines
GTU PHP Project Training Guidelines
 

Ähnlich wie Packet Tracer: SNMP, Netflow, Sys-log

CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
Ahmed Gad
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
cscpconf
 
Report on routing interface configuration
Report on routing interface configurationReport on routing interface configuration
Report on routing interface configuration
DebjyotiSaha9
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
Salem Trabelsi
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands Overview
Muhammed Niyas
 

Ähnlich wie Packet Tracer: SNMP, Netflow, Sys-log (20)

CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
 
F5 tcpdump
F5 tcpdumpF5 tcpdump
F5 tcpdump
 
hakin9_6-2006_str22-33_snort_EN
hakin9_6-2006_str22-33_snort_ENhakin9_6-2006_str22-33_snort_EN
hakin9_6-2006_str22-33_snort_EN
 
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRENON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
NON-INTRUSIVE REMOTE MONITORING OF SERVICES IN A DATA CENTRE
 
111
111111
111
 
111
111111
111
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessment
 
Troubleshooting basic networks
Troubleshooting basic networksTroubleshooting basic networks
Troubleshooting basic networks
 
Advanced RAC troubleshooting: Network
Advanced RAC troubleshooting: NetworkAdvanced RAC troubleshooting: Network
Advanced RAC troubleshooting: Network
 
Report on routing interface configuration
Report on routing interface configurationReport on routing interface configuration
Report on routing interface configuration
 
How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7How To Install and Configure SNMP on RHEL 7 or CentOS 7
How To Install and Configure SNMP on RHEL 7 or CentOS 7
 
IPS_3M_eng
IPS_3M_engIPS_3M_eng
IPS_3M_eng
 
CCNA FUNDAMENTAL
CCNA FUNDAMENTALCCNA FUNDAMENTAL
CCNA FUNDAMENTAL
 
Cisco Router Security
Cisco Router SecurityCisco Router Security
Cisco Router Security
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptx
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands Overview
 
Ppp
PppPpp
Ppp
 
Ppp
PppPpp
Ppp
 

Mehr von Rafat Khandaker

Career Prep Exit Project
Career Prep Exit ProjectCareer Prep Exit Project
Career Prep Exit Project
Rafat Khandaker
 
Career Prep Exit Project
Career Prep Exit ProjectCareer Prep Exit Project
Career Prep Exit Project
Rafat Khandaker
 

Mehr von Rafat Khandaker (10)

Packet Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRPPacket Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRP
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPF
 
Packet Tracer: Nat protocol
Packet Tracer: Nat protocolPacket Tracer: Nat protocol
Packet Tracer: Nat protocol
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configuration
 
Packet Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocolPacket Tracer: Cisco, Spanning tree protocol
Packet Tracer: Cisco, Spanning tree protocol
 
Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.
 
CCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and TrunkingCCNA- Router on stick, VLAN and Trunking
CCNA- Router on stick, VLAN and Trunking
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1
 
Career Prep Exit Project
Career Prep Exit ProjectCareer Prep Exit Project
Career Prep Exit Project
 
Career Prep Exit Project
Career Prep Exit ProjectCareer Prep Exit Project
Career Prep Exit Project
 

Kürzlich hochgeladen

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Packet Tracer: SNMP, Netflow, Sys-log

  • 1. Packet Tracer Lab Rafat Khandaker SNMP Netflow, Syslog, Trap 05-17-16 . ABSTRACT In this lab, I'm going to research and study Cisco routing protocols that include SNMP, HSRP and GLBP. Those protocols will be used to configure load balancing, network monitering and generate sys log messages and transport to a snmp server/syslog server. INTRODUCTION SNMP Simple Network management protocol, was developed in 1988 to allow applications to access the traffic information being passed through cisco routers. SNMP allowed, servers to log error messages about the network. SNMP also allowed active network monitoring such as netflow application to be transmitted and logged into a server. SNMP protocols are usually configured with a management device and an agent. The agent usually contains MIB or message information block, which inside an OID ( object identifier ) can be configured from an SNMP manager. The manager is allowed to query or ask for variables inside the OID. It can also be configured with " trap " notifications, which is a preconfigured detection feature to be logged into the SNMP manager. SNMP had security flaws, it only used community strings ( read /write private... read only ) they were pre-configured with default values. SNMP v2 never caught on in the market... V2c allowed more information to be transmitted through a single query. still used community strings. SNMP v3 - good security, encryption, integrity check and authentication services. SIMULATION
  • 2. In this example, a server is connected on the network to log snmp traffic. The router will be configured to send the snmp traffic into the server when PC 1 is communicating to pc0, and log information about the status of the router in general, including links going up and down. to set up this lab, I made sure that all links have connectivity through pc1 .
  • 3. ONCE CONNECTIVITY IS CONFIRMED , I am now going to configure SNMP protocol and view the SYS log on the server. Enable TRAP to send syslog messages to the server Entering severity 7 ... just for demonstration purpose... almost like a network analyzer... at this point. Usually severity 4 is used for administration.
  • 4. we can see the server sys log entering messages
  • 5. server is actively logging NETFLOW Netflow is a feature on cisco routers that allows us to get a very detailed information about the network traffic. netflow has 7 things in common 1.source ip address 2. destination ip address 3. Source port number 4. Destination Port number 5. Layer 3 protocol type. 6. Type of service (ToS) value 7. ingress interface. We can get very detailed information of the packet in the flow within the network. configuring netflow on the interface ingress ( inbound ) egress ( outbound )
  • 6. The idea is to create connections from the pc to internet and monitor the traffic - here i have some random garbage requests to the pc accross the simulated internet.
  • 7. We can see from the command show ip cache flow, that the router is capturing traffic from the netflow configuration. Now I'm going to export the netflow to a server... ( version depends on the netflow collector documentation ) ** usually the app you are using..
  • 8. here we configured ip flow export on loopback 0 version 9 and export destination to the server on port 9996. ( usual port number but can be different ) On the server interface, netflow is configured.. and I will do some garbage pings and failed telnet attempts and let netflow collect information.
  • 10. CONCLUSION: In this lab I have successfully configured SNMP, Netflow and syslog onto a server. These protocols are very useful for administrators to check for network downtime, troubleshooting and monitoring a network.