Scenario:
“Time ‘r Us’ is a large swiss company selling a wide range of watches. Recently the company was hacked but the company’s security officer traced down the Hacker. Unfortunately the hacker got away because the log files didn’t have any date or timestamps on it and couldn’t be used as evidence in court. You as a security specialist decide to change this for the future and implement timestamps for logging on your routers.
Goal:
- All IP addresses have been preconfigured for you.
- EIGRP has been configured for connectivity.
- Configure router Precision so it saves date-time on its timestamps.
- Configure router Accuracy so it saves uptime on its timestamps.
- Configure both routers to save year information in their logging messages.
- Configure Router Accuracy so it adds milliseconds to the timestamps.
- Configure both routers to prevent tampering with stored logging information.
IOS:
c3640-jk9s-mz.124-16.bin
Topology:
Configuration Files
You need to register to download the GNS3 topology file. (Registration is free!)Once you are logged in you will find the configuration files right here.
Do you want your CCNA or CCNP Certificate?
The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.
Written by René Molenaar - CCIE #41726
hi, have you the solution?
HIIIII,
Please use the service for timestamp.
Conft# service timestamp log uptime/datetime and complete the task as required and check logs.
you will find the solution…….
Precision:
service timestamps log datetime year
service sequence-numbers
Accuracy:
service sequence-numbers
service timestamps log uptime
service timestamps log datetime year msec
to activate count and timestamp for syslogs on router
==============
router(config)# logging count
Count and timestamp logging messages: enabled
=================
====================
to activate logs — date and time — extra option msec
before
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
after
*Mar 1 00:16:29.343: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
command
R2(config)#service timestamps log datetime msec localtime
====================
====================
to save uptime on syslog updates
R2#sh ver | i up
R2 uptime is 19 minutes
R2#sh log
00:19:33: %SYS-5-CONFIG_I: Configured from console by console
command
R2(config)# service timestamps log uptime
====================
====================
you can have uptime + year + date
date and time + year
you can t have uptime + date and time + year | or uptime + date and time
Date + year + uptime
*Mar 1 2002 00:38:59: %SYS-5-CONFIG_I: Configured from console by console
R(config)#service timestamps log uptime
R(config)#service timestamps log datetime year
Date + time (msec) + year
*Mar 1 2002 02:34:21.475: %SYS-5-CONFIG_I: Configured from console by console
R(config)#service timestamps log datetime msec localtime year
====================
====================
prevent tampering— add a sequence number to logs
000054: *Mar 1 2002 02:51:02.275: %SYS-5-CONFIG_I: Configured from console by console
R1(config)#service sequence-numbers
====================