Information Technology Reference
In-Depth Information
25
CHAPTER
Troubleshooting Security Implementations
This chapter covers several of the security products used to protect the network. It includes scanning
software (CiscoSecure Scanner, formerly known as NetSonar), intrusion-detection software
(CiscoSecure Intrusion Detection System, formerly known as NetRanger), firewall software (Cisco PIX
Firewall), and router and switch password recovery.
As the Internet grows, so does the possibility of illegal activities. These activities can range from
denial-of-service attacks to the compromising of propriety data. Many products have been developed to
protect networks.
Firewalls were the first security products introduced to prevent unauthorized entry into the protected
network. They allow network access only to specifically configured protocols and network objects. Next
came intrusion-detection software products. These products track authorized traffic permitted by the
firewall, while searching for unauthorized activity such as hacking attempts or denial-of-service attacks.
Finally there was scanning software, which allowed administrators to detect security vulnerabilities in
their network design.
This chapter assists a network administrator in debugging the security products mentioned here that have
been installed in the network. This chapter assumes that the reader is familiar with the installation and
operation of the software products to be debugged.
Only debugging commands are discussed in this chapter. For more information about the command
syntax or explanation for each software product, refer to the user manual. You can also find the
commands under “Service and Support” in the “Technical Documentation” section of Cisco Connection
Online (CCO).
In the creation of this chapter, care was taken to use only the latest versions of software. If you have
earlier versions of software than those discussed here, refer to the user's manual for your product for
proper commands and syntax.
Objectives
The objective of this chapter is to help those already familiar with installed security software products
to do some basic troubleshooting or debugging.
