Posts

Showing posts from August, 2009

Configuring WEP Authentication on Cisco Aironet

Image
The wireless network you installed for your LAN can mean that you are directly exposing your network to the public. Anyone can use a wireless sniffer and view all the traffics going between the wireless access point and the clients. That's why you need to add security in your wireless LAN . This post will talk about WEP or Wired Equivalent Privacy , the name states that your wireless network will be as safe as your wired network but not in reality. There are many WEP decryption tools available out there. Just capture some packets using wireless sniffer and use the the decryption tool to find out the WEP key. So we know the WEP is not secure, nevertheless I want to show how to configure WEP authentication for Cisco Aironet wireless access point. WEP uses 40 bits encryption key (10 hexadecimal characters) or 128 bits (26 hexadecimal characters). Don't get a false sense of security with the length of the encryption, the longer the encryption key just mean the more packets

Configuring WPA and WPA2 on Cisco Aironet

Image
The last post I talked about configuring WEP authentication on Cisco Aironet wireless access point. Now I want to configure WPA and WPA2 to give more strength in the wireless security. Just for a note I put an image of padlock on the last post and now I give a picture of a vault to give the image of stronger security. You know what I mean, padlock versus vault, oh just forget it. Back to the topic, when first posting about WEP I said that WEP encryption is weak, you better use encryption like WPA and WPA2. WPA gives better key management and stronger cipher encryption. For those who don't know about cipher, it's kinda algorithm for encryption and decryption, we'll be configuring the cipher when dealing with WPA and WPA2. WPA uses what is called TKIP or Temporal Key Integrity Protocol for the cipher encryption. WPA2 is even better than WPA, it uses a stronger encryption called AES or Advanced Encryption Standard , it creates fresh sessions key so every packet

Handy Cisco Command - Interface Range

Image
There are many handy Cisco commands that you can use to help you in configuring Cisco devices , these commands well not exactly secret commands but you might not get it from the CCNA curriculum. One of these handy commands I already posted it at my previous post . But I want to cover it again in case you missed the post. This one is the interface range command. What this command does is to select a range of interfaces and apply the same commands to them. This is very handy especially in a Cisco switch environment where you might want to set some ports to be access ports or apply the same security to those ports instead of doing it one by one for each interface. For example, I want to select the interfaces fastethernet 0/2 to 0/8, with the interface range command I'd just do it like this: 2950> enable 2950# configure terminal 2950 (config)# interface range fa0/2 - 8 2950 (config-if-range)# There, you notice that instead of displaying 2950 (config-if)# where you c

3 Books to Definitely Help You Pass CCNA Exam

Image
You might be struggling to save money for joining the Cisco Networking Academy or other courses just to pass CCNA exam . The Cisco Networking Academy is great, yet the other courses, well in my experience, I joined a CCNA course - not the Cisco academy - but to be honest the result was not as I expected. I don't know if this happens in other countries or not, the instructors were not as qualified as they said, sure they passed the CCNA exam also but their experiences in handling Cisco devices were just poor. So, not satisfied with the result, I browsed the internet and found these three books are valuable to help me passed the CCNA exam . CCNA: Cisco Certified Network Associate Study Guide: Exam 640-802 The first book is CCNA study guide from Todd Lammle. If you search for CCNA guide from google then you'd find the name of Todd Lammle popping up everywhere. Todd Lammle successfully authored books that can easily understand even by newbies, you can find all topics co

Configuring SSH for Cisco

Image
In the CCNA level, we only know how to connect to Cisco devices using console connection and telnet connection . We know that no one can tap on the console connection since it's directly connected to the Cisco device , but different story for the telnet connection . Anyone can tap messages from the telnet session. All messages send in clear text, so it's dangerous to leave default communication with Cisco devices just using telnet . We can use SSH for secure connection to the Cisco devices. The SSH will encrypt all messages going from your computer to the Cisco devices. First you're going to need Cisco IOS image that support SSH or IPSec , DES , or 3DES . How would you know that. Well you can just issue the following command: router> ena router# show ip ssh % Invalid input detected at '^' marker. If it's showing % Invalid input detected at '^' marker. , then the IOS does not support SSH. Now start with the configuration , you h

Structured Cabling System

Image
Back in the old days of networking newbie , I didn't even care about networking . What's so interesting about it. Just a bunch of cables connected from the computers to switches or routers/modems voila you get internet. Few years later, come to my notice that networking is far far more interesting than I had imagined. By the way this story is going somewhere if you wonder. Networking (in physical) is more than I said before, there are lots of in between the things I mentioned. Switches and routers should be enough for home or SOHO usage, but when it comes to enterprise, lots of new networking "creatures" would pop-out. All these creatures combined and managed well can be called structured cabling System (SCS). What SCS basically means is the systematic ways or you can say standards for network cabling and telecommunication rooms. These standards issued by the Telecommunications Industry Association (TIA) and the Electronic Industries Alliance (EIA), and o

Home networking basic tools - Part 3

Image
Okay, now you got your ready, you also know the tools you need to run the cables inside your walls , then all that you need to have for your home networking tools is cable tie . What?!? why would I need cable ties . Yes you don't actually need cable ties to do home networking, but you do need them to make your cabling neat. Making your cables neat If you're running a whole lot of bundles of cables in your home, cable ties definitely things of your choice to neat your cabling work. What people usually use are these following types of cable ties : The one on the left is the velcro cable type, and the next one made of plastic or something (well, kinda plastic-like material) You can use any one of those two, the difference I may say is the velcro is definitely more expensive than the plastic cable ties . And also, the velcro cable ties are usually preferred for managing sensitive cables such as fiber optics cables. It's because the velcro type ties are not giving too muc

Home networking basic tools - part 2

Image
Running your cables inside walls, that's what I wanted to title this post but since I want to make these posts related, oh so be it. So you have your basic networking tools for crimping ready, now you're thinking you don't want the cables to be crossing around everywhere in your living room. You can hide your cables by running the cables on the ceiling then go into the walls and eventually pop-out on the walls. You can use the following toolkits: From left to right: Modular Jack Instead of RJ45, you should terminate the UTP with modular jacks if you want to run your cables in walls. These jacks can then act just like your phone connection on the wall. They come in various of colors, and cost probably about US$ 3 or less. Wall Faceplate From the modular jack, you can put them in these faceplates. The faceplate holds still the modular jack on the wall. Then you can screw the faceplate to the wall. Punch Tool Different from the RJ45, you use different tool to ter

Home networking basic tools - part 1

Image
I want to show you how easy it is to set up your own home networking , you don't need an expert to do this work. First let me show you all the basic tools needed to do this. Cables and crimping tools From left to right, you can see in the picture: UTP Cable UTP (Unshielded Twisted Pair ) is the widely used cable for networking, you can use other cables though but UTP and the networking cards are easier to get and configure. UTP is basically 4 pairs of cables (8 cables) with different colors to identify them, twisted together to prevent the crosstalk or interference when transmitting signals. The picture is the type of cable if you buy in bulk, it contains 305m or 1000feet of cable, you can also buy them per meter. Currently there are Cat5, Cat5e, and Cat6 cables. What differentiate them are the bandwidth that they can deliver. Typical cat5 cable can deliver about 100mbps. The Cat5e is an enhanced version of the cat5 cable, they can deliver up to 1000mbps, but most I'v

Cable Trays for Enterprise Networking

Image
In an enterprise environment there should be thousands if not millions of cables running around for data connectivity. Managing all those cables can be very frustrating if you don't carefully design the cable placement and everything else. That's why most modern buildings nowadays have cable trays in place just on top of the ceilings. The reasons to use cable trays are obvious, to keep the cables from tangling and to keep cables used for different purposes away from other cables, e.g. networking cables away from electrical cables to prevent interference. The pictures above show how the cables are arranged at cable trays , you can see that the cables - gray cables for UTP cables, blue cables for fiber optic cables , and black cables for electric cables - are separated and arranged. In reality, sometimes you can't easily arrange them like that, because the cable installers/contractors are commonly different for networking cables, electrical cables, and even for th

Cable Labeling

Image
It is very important to give labels to your cables . Labels make your network troubleshooting less painful. In case of problem, you don't want to trace every cable end to end. Each end of cable should be labeled, the label should give information about where the cable is connected to. It is really up to you or your company policy how the description format of the labels should be written. The most important thing is to keep the writings not too long, and easy to be interpreted. For example, I have a fiber optic cable at the IDF going to the MDF , I like to name it like this: for the IDF cable: MDF_Core1_23 -> it tells that the cable is going to the MDF Core Switch 1 at port 23. for the MDF cable: IDF_2Fl_1_1 -> it tells that the cable is going to the IDF at second floor, switch 1 and port1. Well I suggest try designing your own labeling scheme and don't forget to write it down and give the description to fellow network installers and the project owner. You

Managing Cables in Racks

Image
You typically find bulks of cables like the left picture shows in a project. It's not strange to have a project with 2000 clients to be connected in a network. To arrange cables like these is a nightmare for network installers if you don't provide yourselves with cable managers. Usually the cable managers also provided by the racks vendors. You can ask them if they have it, or use cable managers from other vendors if you don't like the way it looks. Different cable managers have different ways to manage cables , so it's better to consult the vendors on how to install the cables according their products. I need to remind you that some cable managers make the look of your racks neater but if you don't install them accordingly, they will make your future improvement harder. What I mean is that you have to design also how the cables run inside your rack should be. You don't want the outer look of your rack looks neat while you have spaghetti cables in