Práctica de
relevamiento de protocolos
Fecha: 26 de abril del 2016 Clase: CCNA 1 R&S
Escenario
En esta clase, presentamos un esquema para relevar
o encontrar todos los protocolos posibles, y ante la sospecha
de alguna sigla que nos indique que pueda ser,
investigarla.
Configuraciones de los
equipos
La primer pista sobre
protocolos corriendo (o no) es realizar un show running y leer línea por línea,
aunque
no tengamos ni idea de que se trata cada una,
pero da para indagar sobre que se trata.
GW_aula7b#sh runn
Building
configuration...
Current configuration : 1151 bytes
!
version 12.4
no service
timestamps log datetime msec
no service timestamps
debug datetime msec
no service
password-encryption
!
hostname
GW_aula7b
!
no ip cef
no ipv6 cef
!
spanning-tree
mode pvst (1)
!
interface
FastEthernet0/0 (2)
ip address
192.168.1.1 255.255.255.0 (3)
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface
Serial0/0/0
ip address
10.0.0.1 255.255.255.252
clock rate
2000000
!
interface
Serial0/0/1
ip address
10.0.0.5 255.255.255.252
encapsulation
ppp (4)
clock rate
2000000
!
interface Serial0/1/0
ip address
10.0.0.9 255.255.255.252
encapsulation
frame-relay (5)
ip ospf network broadcast
!
interface
Serial0/1/1
no ip address
clock rate
2000000
shutdown
!
interface
Vlan1
no ip address
shutdown
!
router eigrp 100 (6)
network 10.0.0.0
0.0.0.3
network
10.0.0.4 0.0.0.3
network
192.168.1.0
auto-summary
!
router ospf 1 (7)
log-adjacency-changes
network
10.0.0.8 0.0.0.3 area 0
network
192.168.1.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export
version 9 (8)
!
line con 0 (9)
!
line aux 0
!
line vty 0 4 (10)
login
!
end
GW_aula7b#
Sucursal#sh runn
Building
configuration...
Current configuration : 1339 bytes
!
version 12.4
no service
timestamps log datetime msec
no service
timestamps debug datetime msec
no service
password-encryption
!
hostname Sucursal
!
no ip cef
no ipv6 cef
!
spanning-tree
mode pvst
!
interface
FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface
FastEthernet0/0.10
encapsulation
dot1Q 10 (11)
ip address 192.168.10.1
255.255.255.0
!
interface
FastEthernet0/0.20
encapsulation
dot1Q 20
ip address
192.168.20.1 255.255.255.0
!
interface
FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface
Serial0/0/0
ip address
10.0.0.2 255.255.255.252
!
interface
Serial0/0/1
ip address
10.0.0.6 255.255.255.252
encapsulation
ppp
!
interface
Serial0/1/0
ip address
10.0.0.10 255.255.255.252
encapsulation
frame-relay
ip ospf network broadcast
!
interface
Serial0/1/1
no ip address
clock rate
2000000
shutdown
!
interface
Vlan1
no ip address
shutdown
!
router eigrp 100
network
10.0.0.0 0.0.0.3
network
10.0.0.4 0.0.0.3
network
192.168.10.0
network
192.168.20.0
auto-summary
!
router ospf 1
log-adjacency-changes
network
10.0.0.8 0.0.0.3 area 0
network 192.168.10.0
0.0.0.255 area 0
network
192.168.20.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export
version 9
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
Sucursal#
Switch aula7b.com:
Switch#sh runn
Building
configuration...
Current configuration : 1619 bytes
!
version 12.2
no service
timestamps log datetime msec
no service
timestamps debug datetime msec
no service
password-encryption
!
hostname
Switch
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
spanning-tree
portfast
!
interface
FastEthernet0/2
spanning-tree
portfast
!
interface
FastEthernet0/3
spanning-tree
portfast
!
interface
FastEthernet0/4
spanning-tree
portfast
!
interface
FastEthernet0/5
spanning-tree
portfast
!
interface
FastEthernet0/6
spanning-tree
portfast
!
interface
FastEthernet0/7
spanning-tree
portfast
!
interface
FastEthernet0/8
spanning-tree
portfast
!
interface
FastEthernet0/9
spanning-tree
portfast
!
interface
FastEthernet0/10
spanning-tree
portfast
!
interface
FastEthernet0/11
spanning-tree
portfast
!
interface
FastEthernet0/12
spanning-tree
portfast
!
interface
FastEthernet0/13
spanning-tree
portfast
!
interface
FastEthernet0/14
spanning-tree
portfast
!
interface
FastEthernet0/15
spanning-tree
portfast
!
interface
FastEthernet0/16
spanning-tree
portfast
!
interface
FastEthernet0/17
spanning-tree
portfast
!
interface
FastEthernet0/18
spanning-tree
portfast
!
interface
FastEthernet0/19
spanning-tree
portfast
!
interface FastEthernet0/20
spanning-tree
portfast
!
interface
FastEthernet0/21
spanning-tree
portfast
!
interface
FastEthernet0/22
spanning-tree
portfast
!
interface
FastEthernet0/23
spanning-tree
portfast
!
interface
FastEthernet0/24
spanning-tree
portfast
!
interface
GigabitEthernet0/1 (12)
!
interface
GigabitEthernet0/2
!
interface
Vlan1
no ip address
shutdown
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
Switch#
Switch de sucursal:
Switch#sh runn
Building
configuration...
Current configuration : 1696 bytes
!
version 12.2
no service
timestamps log datetime msec
no service
timestamps debug datetime msec
no service
password-encryption
!
hostname
Switch
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
spanning-tree
portfast
!
interface
FastEthernet0/2
spanning-tree
portfast
!
interface
FastEthernet0/3
spanning-tree
portfast
!
interface
FastEthernet0/4
spanning-tree
portfast
!
interface
FastEthernet0/5
spanning-tree
portfast
!
interface
FastEthernet0/6
spanning-tree
portfast
!
interface
FastEthernet0/7
spanning-tree
portfast
!
interface
FastEthernet0/8
spanning-tree
portfast
!
interface
FastEthernet0/9
spanning-tree
portfast
!
interface
FastEthernet0/10
switchport
access vlan 10
spanning-tree
portfast
!
interface
FastEthernet0/11
spanning-tree
portfast
!
interface
FastEthernet0/12
spanning-tree
portfast
!
interface
FastEthernet0/13
spanning-tree
portfast
!
interface
FastEthernet0/14
spanning-tree
portfast
!
interface
FastEthernet0/15
spanning-tree
portfast
!
interface
FastEthernet0/16
spanning-tree
portfast
!
interface
FastEthernet0/17
spanning-tree
portfast
!
interface
FastEthernet0/18
spanning-tree
portfast
!
interface
FastEthernet0/19
spanning-tree
portfast
!
interface
FastEthernet0/20
switchport
access vlan 20
spanning-tree
portfast
!
interface
FastEthernet0/21
spanning-tree
portfast
!
interface
FastEthernet0/22
spanning-tree
portfast
!
interface
FastEthernet0/23
spanning-tree
portfast
!
interface
FastEthernet0/24
switchport
mode trunk
spanning-tree
portfast
!
interface
GigabitEthernet0/1
!
interface
GigabitEthernet0/2
!
interface
Vlan1
no ip address
shutdown
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
Switch#
Protocolos encontrados
1.- Spanning-tree: protocolo para evitar bucles de capa 2.
2.- FastEthernet: protocolo (o estándard) de 100 Mbps.
3.- IP: protocolo de capa 3.
4.- PPP: protocolo de capa 2 para enlaces
WAN.
5.- Frame-relay: protocolo de capa 2 para enlaces WAN.
6.- EIGRP: protocolo de enrutamiento
propietario de Cisco.
7.- OSPF: protocolo de enrutamiento abierto.
8.- NetFlow: propietario de Cisco, detalla los flujos
de tráfico que atraviesan una interface.
9.- RS232: estándard para el intercambio de datos en
serie.
10.- Telnet: protocolo que actúa como una consola
de administración remota.
11.- 802.1q: protocolo de capa 2 para etiquetar
tráfico de diferentes VLANs.
12.- GigabitEthernet: protocolo (o estándard)
de 1000 Mbps.
13.- CDP: Por default esta habilitado en todos los
equipos Cisco.
Sucursal#sh cdp neighbors
Capability Codes:
R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch,
H - Host, I - IGMP, r - Repeater, P - Phone
Device ID
Local Intrfce Holdtme
Capability Platform Port ID
Switch Fas 0/0 168 S 2960 Fas 0/24
GW_aula7b Ser 0/0/0 174 R C1841 Ser 0/0/0
GW_aula7b Ser 0/0/1 174 R C1841 Ser 0/0/1
Sucursal#
14.- HDLC: Por default en las interfaces
serial de los routers Cisco.
GW_aula7b#sh int s0/0/0
Serial0/0/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 10.0.0.1/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 17 bits/sec, 0 packets/sec
5 minute output rate 20 bits/sec, 0 packets/sec
14 packets input, 925 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
13 packets output, 780 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
GW_aula7b#
15.- NTP (Network Time
Protocol): Si bien no esta
configurado, está activo, también en el server.
GW_aula7b#sh ntp stat
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 000.0000 Hz, actual freq is 000.0000 Hz, precision is 0**00
reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1990)
clock offset is 0.00 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec.
GW_aula7b#
16.- VTP (Vlan Trunking Protocol):
Por default en las
interfaces trunk de los switchs
Cisco.
Switch#sh interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24 1-1005
Port Vlans allowed and active in management domain
Fa0/24 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/24 1,10,20
Switch#
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xFC 0x48 0xEB 0xA1 0xFB 0xBC 0xDA 0x1E
Configuration last modified by 0.0.0.0 at 3-1-93 00:18:57
Local updater ID is 0.0.0.0 (no valid interface found)
Switch#
17.- DTP (Dynamic Trunk Protocol): por default está habilitado en todos
los puertos de los switchs Cisco.
18.- HTTP
19.- HTTPS
20.- DHCP: En en el
server y la PC de aula7b.com (la PC es cliente).
PC>ipconfig /all
FastEthernet0 Connection:(default port)
Connection-specific DNS Suffix..:
Physical Address................: 0004.9A4B.624D
Link-local IPv6 Address.........: FE80::204:9AFF:FE4B:624D
IP Address......................: 192.168.1.100
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1
DNS Servers.....................: 192.168.1.10
DHCP
Servers....................: 192.168.1.10
DHCPv6 Client DUID..............: 00-01-00-01-23-CA-B8-41-00-04-9A-4B-62-4D
PC>
21.- DHCPv6: En el server aula7b.com
(desactivado)
22.- IPv6: En la PC de aula7b.com
PC>ipconfig /all
FastEthernet0 Connection:(default port)
Connection-specific DNS Suffix..:
Physical Address................: 0004.9A4B.624D
Link-local IPv6 Address.........: FE80::204:9AFF:FE4B:624D
IP Address......................: 192.168.1.100
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1
DNS Servers.....................: 192.168.1.10
DHCP Servers....................: 192.168.1.10
DHCPv6 Client DUID..............:
00-01-00-01-23-CA-B8-41-00-04-9A-4B-62-4D
PC>
23.- HTTP: En el server aula7b.com (la PC es
cliente).
24.- DNS: En el server aula7b.com (la PC es
cliente).
25.- TFTP: En el server aula7b.com.
26.- Syslog: En el server aula7b.com.
27.- Radius: Protocolo de AAA en el server aula7b.com.
28.- Radius: Protocolo de AAA en el server aula7b.com.
29.- SMTP: protocolo de correo electrónico.
30.- POP3: protocolo de correo electrónico.
31.- FTP: protocolo de transferencia de
archivos.
32.- ISKAMP: fase I de IPsec. (si bien los
protocolos no aparecen explicitamente, si buscamos
33.- ESP: fase II de IPsec. como actúa un
cliente VPN los encontraremos).
34.- PPoE: protocolo para conexiones PPP sobre (over)
Ethernet.
35.- ICMP: protocolo de mensajería de errores y
control de la suite IP.
36.- IMAP: protocolo de correo electrónico.
37.- NetBIOS: protocolo de Microsoft para redes
pequeñas.
38.- SFTP: protocolo de FTP seguro.
39.-SNMP: protocolo de administración (management) de redes.
40.- SSH: protocolo seguro de consola remota,
la variante segura de Telnet.
41.- SKYNNY: protocolo de señalización de la
solución de telefonía Cisco.
42.- RTP: Protocolo de voz estandarizado en
telefonía IP.
43.- 802.11: si bien no se menciona explicitamente, si investigamos veremos que nuestras placas
WiFi son 802.11 algo.
GW_aula7b#sh ip interface
FastEthernet0/0 is up, line protocol is up (connected)
Internet address is 192.168.1.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is
enabled (44)(protocolo
para encontrar una MAC dada la IP)
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is disabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP Fast switching turbo vector
IP multicast fast switching is disabled
IP multicast distributed fast switching is disabled
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled (45)(protocolo de capa 4)
RTP/IP header compression is disabled (relevado como 42)
Probe proxy name replies are disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled (46)(protocolo de enrutamiento abierto)
Input features: MCI Check
WCCP
Redirect outbound is disabled (47)(https://es.wikipedia.org/wiki/WCCP)
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
(2016) Sensei, LSD is a protocol ?
Rosario, Argentina