IP Source Tracker


Scenario:

You are the security office for the national security team in the Netherlands. It seems your webserver is under attack but you are unsure where the attacker is located. You want to use a method to track down the source IP address from the attacker.

Goals:

  • All IP addresses have been preconfigure for you.
  • EIGRP has been configured for connectivity.
  • Start a ping from the attacker to the webserver.
  • Use the “source track” command to track down the attacker in your network.
  • Send syslog messages every 2 minutes.

IOS:

c3725-adventerprisek9_ivs-mz.124-15.T13

Topology:

IP Source Tracker

Video Solution:

Configuration Files

You need to register to download the GNS3 topology file. (Registration is free!)

Once you are logged in you will find the configuration files right here.

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

You May Also Like

About the Author: Rene Molenaar

René - CCIE #41726 is the creator of GNS3Vault.com where he shares CCNA, CCNP and CCIE R&S labs. He also blogs about networking on http://networklessons.com

1 Comment

  1. If you use the "show ip source-track cache" command, this will display the source IP address of the device.

    Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
    ——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow

    SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts
    Port Msk AS Port Msk AS NextHop B/Pk Active
    Fa0/1 [b]45.45.45.45[/b] Null 192.168.89.9 01 00 10 72

Comments are closed.