Prerequisites: CCNP level skills.
Note!
I have created a pdf document with OSPF Lab 1 and 2 containing a detailed lab breakdown. Check it out if want. Any feedback is most welcome.
http://www.4shared.com/document/W8lhDzNo/Hacking-Cisco-OSPF-Lab1-2-Brea.htmlTopology
Task 1
AS 50 has been experiencing a SYN attack on TCP port 179 (BGP). In order to protect the router, configure R5 so that it accepts BGP packets only from its directly connected neighbor.
Solution
Task 1
AS 50 has been experiencing a SYN attack on TCP port 179 (BGP). In order to protect the router, configure R5 so that it accepts BGP packets only from its directly connected neighbor.Notice!
These attacks must have their TTL higher than 1 in order to reach AS 50. Due to the volatile behavior of BGP paths, the attacker will find it very difficult or almost impossible to calculate their TTL value to be 1 when delivered to our router. The configuration must be done on both neighbors (R3 and R5).
R3 Configuration:
!
router bgp 123
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
network 172.16.103.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 123
neighbor 10.1.13.1 route-reflector-client
neighbor 10.1.13.1 next-hop-self
neighbor 10.1.23.2 remote-as 123
neighbor 10.1.23.2 route-reflector-client
neighbor 10.1.23.2 next-hop-self
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 ttl-security hops 1
no auto-summary
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
network 172.16.103.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 123
neighbor 10.1.13.1 route-reflector-client
neighbor 10.1.13.1 next-hop-self
neighbor 10.1.23.2 remote-as 123
neighbor 10.1.23.2 route-reflector-client
neighbor 10.1.23.2 next-hop-self
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 ttl-security hops 1
no auto-summary
!