Scenario:
You are the security office for the national security team in the Netherlands. It seems your webserver is under attack but you are unsure where the attacker is located. You want to use a method to track down the source IP address from the attacker.
Goals:
- All IP addresses have been preconfigure for you.
- EIGRP has been configured for connectivity.
- Start a ping from the attacker to the webserver.
- Use the “source track” command to track down the attacker in your network.
- Send syslog messages every 2 minutes.
IOS:
c3725-adventerprisek9_ivs-mz.124-15.T13
Topology:
Video Solution:
Configuration Files
You need to register to download the GNS3 topology file. (Registration is free!)Once you are logged in you will find the configuration files right here.
Do you want your CCNA or CCNP Certificate?
The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.
Written by René Molenaar - CCIE #41726
If you use the "show ip source-track cache" command, this will display the source IP address of the device.
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow
SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts
Port Msk AS Port Msk AS NextHop B/Pk Active
Fa0/1 [b]45.45.45.45[/b] Null 192.168.89.9 01 00 10 72