Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
School: Department:
Part A
Q1. Take a Router of your choice and configure the secret and telnet passwords. Save the
configuration and write the contents of .pkt file as your answer.
ANS:-Password:
You’ll notice that before we can get into privileged mode, we have to enter the password we
set earlier. If you followed the above example, you should be able to input mypassword and
press Enter. You are now authenticated for privileged mode!
So why don’t we use the enable password command in most cases? The answer is simple:
it’s an outdated format that anyone can have ample opportunity to take advantage of. Try
following the below steps and note what you see.
Building configuration…
version 12.2
no service password-encryption
hostname Router
As you can see, anyone can see the password in plain view. This is because it is stored as
plain text- no encryption is being used! To help cover this vast security hole, Cisco created
the enable secret command. As you can probably guess, it makes use of encryption this time
around.
Q2. Enlighten upon the purpose of having Banners, what are the various Banners and how
are they used? Write down the configuration steps for them.
Ans: The banner is displayed whenever anyone logs in to your Cisco router. The syntax is
"banner motd # ". MOTD stands for "Message Of The Day".
# symbol signifies the start of the banner message to the router. You will be prompted for the
message to be displayed. You need to enter "#" symbol at the end of the message, signifying
that the message has ended.
Q3 What are they various types of passwords that we can set in a Cisco Router, mention all
of them, their purpose and configuration commands?
1. ENABLE PASSWORD - A global command that restricts access to privileged exec mode.
This is a non-encrypted password.
2. ENABLE SECRET - Assigns a one-way encryptographic secret password, available in
versions 10.3 and up. This secret password is used instead of the enable password when it
exists.
3. Virtual Terminal Password (vty password) - The virtual terminal password is used for
Telnet sessions into the router. The password can be changed at any time. It can be set up
when you configure the router from the console. There can be five distinct passwords
corresponding to each vty (vty0 to vty4) or there can be a single password for all vtys.
4. Auxiliary Password - Auxiliary password is used to set password to the auxiliary port. This
port is used to access a router through a modem.
5. Console Password - Console password is used to set the console port password
The two most basic of passwords a Cisco router can provide support for is the enable
password and enable secret commands. Depending on the IOS version, administrators will
likely only need to setup the enable secret command.
For Cisco routers running IOS versions before version 10.3, enable password is going to be
used. It is the outdated version of the two, and we’ll see why it isn’t used in average
applications after we enable it. You can enable this basic password following the commands
seen below.
Router> enable
In this example, mypassword is the new password that is going to be set on the router. Try
typing exit and navigate to the privileged mode, as seen below.
Router> enable
Password:
You’ll notice that before we can get into privileged mode, we have to enter the password we
set earlier. If you followed the above example, you should be able to input mypassword and
press Enter. You are now authenticated for privileged mode!
So why don’t we use the enable password command in most cases? The answer is simple:
it’s an outdated format that anyone can have ample opportunity to take advantage of. Try
following the below steps and note what you see.
Building configuration…
version 12.2
no service password-encryption
hostname Router
As you can see, anyone can see the password in plain view. This is because it is stored as
plain text- no encryption is being used! To help cover this vast security hole, Cisco created
the enable secret command. As you can probably guess, it makes use of encryption this time
around.
Encryption can be a tough subject to tackle. But Cisco has made the process of enabling an
encrypted password just as easy as the previous example. In fact, we are only changing one
word in the process!
Router#configure terminal
Note that many routers will alert the user at this point if they have made the enable secret and
the enable password values the same in terms of the password. Although the message that
results is just a warning, and administrators can indeed set both to the same thing (although
this is not recommended as it will almost defeat the purpose of the enable secret command).
Now let’s go back to the very beginning, and try logging back into privileged mode once
more. We’ll take a look at the running configuration in the below example.
Building configuration…
version 12.2
no service password-encryption
hostname Router
Notice how the enable secret password is unreadable, while the outdated command enable
password is being displayed in plain view! Obviously, it comes as to no surprise that Cisco
decided to do away with the command in order to improve network security.
Q4.Illustrate the use of Ethernet & Fast Ethernet ports, if Fast is available why do we use the
normal Ethernet Ports. Write down an example of each.
Ans:- Ethernet port works with 10 Mbps & Fast Ethernet port works with 100 Mbps.
Ethernet- 10BASE T,2,5(802.3) DATA can travel at speeed of upto 10mbps upto distance of
100 m(T) to 500m(5).cat 3 utp
Fast Ethernet- 100basetx (802.3 u) data travel 10 times faster at speed of upto 100mbps upto
distance of 100 tp412m.cat 5,6 utp
Q5. If editing a Router Configuration is possible, why do we need to delete one? Write steps
to Delete & Reload the configuration of a Cisco router.
Q6.Use at least 3 show commands and discuss at least 4 options of each one of them in detail
and how can we use them?
Ans: SHOW command is extensively used for seeing the status and configuration information
of the router.
Some of the frequently used commands are:
The show interfaces command boasts a number of options that allow you to limit the
output information. You can specify the type of interface as well as the interface
number:
7. Show IP protocol: This command will show information on RIP timers including routing
update timer (30sec default), hold-down timer (default 180sec). It also displays the number of
seconds due for next update (this is fraction of update timer). This command also gives the
network number for which IP RIP is enabled, Gateway, and the default metric.
8. Show IP route: This command will display the IP routing table entries. In addition, it
displays the Gateway of last resort (if one is assigned). It also displays the codes used for
various types of routes. Some of the important codes are:
C: directly connected;
S: Statically connected
I: IGRP
R: RIP
Show IP interface: This command shows you interface-wise information such as IP address
assigned to each interface, whether the interface is up, MTU etc.
Q7. 172.16.0.0 = Network address, 255.255.240.0 = Subnet mask. Calculate subnets, hosts,
valid subnets, valid hosts, broadcast address.
Ans:
1_ Subnets? 24 = 16.
3_ Valid subnets? 256 – 240 = 0, 16, 32, 48, etc., up to 240. Notice that these are
the same
5_ Valid hosts?
The following table shows the first four subnets, valid hosts, and broadcast
addresses in a
Ans:This is done the same way as the preceding subnet mask, except that we just
have more subnets and fewer hosts per subnet available.
2_ Hosts? 25 – 2 = 30.
3_ Valid subnets? 256 – 224 = 32. 0, 32, 64, 96, 128, 160, 192, 224.
5_ Valid hosts?
First host 0.1 0.65 0.129 0.193 1.1 1.65 1.129 1.193
Last host 0.62 0.126 0.190 0.254 1.62 1.126 1.190 1.254