Transcript NIB Maintenance - -CUSTOMER VALUE-

NIB Networking & Security
Issues
09-12-2002
Recent Activities
• Additional RAS & Router cards procured
and installed at “A” and “B” type of
locations
• Core bandwidth between A1-A1 and A1-A2
in the process of augmentation (6/26)
• International bandwidth augmented by
about 40 Mbps
09-12-2002
Data Networks
Daily Maintenance
Status of :• Router
– sh env all, sh proc cpu, sh ver
• links
– sh ip int br , sh interfaces, sh logg
• RAS
– sh env all, sh dial-shelf, sh dial-shelf clocks
– sh controllers e1 1/0/1 call-counters , sh modem summ
– disp modem pool statistics table
09-12-2002
Data Networks
Daily Maintenance
•
•
•
•
•
Console should be kept connected
Syslog should be implemented
Traffic on the links should be regularly monitored
Check for balanced loading of the links
Link Flapping (sh logg, Syslog), better to shut
down
• Regularly check MRTG concerning your node
• Apply peer pressure to get the links up,
particularly international gateways
• Regularly check the Website and update the
relevant contents
09-12-2002
Data Networks
Simple ways to check the
Network
• Ping, Extended Ping
• Traceroute, Extended Traceroute
• Ping & traceroute from routeserver.cerf.net/ route-server.exodus.net
• Nslookup, dig, whois
• Cyberkit, Ping Plotter
09-12-2002
Data Networks
MRTG
• MRTG at “A” type of locations for traffic
monitoring of whole network for internal links
and customer links. (pending at JPR)
• Integral part of Bandwidth Augmentation
procedure
• Keep the MRTG up-to-date and ask the
upstream to update the MRTG for new links
and customers
• Needs reconfiguration after additional card
installation
09-12-2002
Data Networks
Web site
• Check the web site
• Please please get the e-mail ids
nib_<city>@sancharnet.in &
<city>@sancharnet.in and
nib_<circle>@sancharnet.in
• Keep the address information current
• Keep the Connectivity information current
• Keep the admin and Tech Contact information
current
09-12-2002
Data Networks
Few Incidents
• Nodes not using proper DNS
• Blackholing the traffic to a particular site
• OSPF costs changed as a result, the traffic
got congested on a single link
• Excessive flapping on few links
• Loaning of IP addresses in Assam
• After transfer, passwords were not handed
over and forgotten.
09-12-2002
Data Networks
Security
• Take regular backups of RAS and Router
configurations.
• Implement Syslog & Analyze it regularly
• Keep connectivity, port utilization,IP
Addressing plan, cable layout plan,
customer contact details up to date
• Keep the addressing plan confidential
• Keep all the passwords (CIM, RAS,
Routers) secure
09-12-2002
Data Networks
Security
• No default password should be there like netman,
cisco
• On transfer, make over the passwords
• As far as possible use Sancharnet mail for sending
network related information
• Remote login should be avoided, if at all done,
then use it through Sancharnet only
• Maintain a logbook containing the details of
access provided to vendors like for PM,
unauthorized SNMP access, spammers,any
important incident etc.
09-12-2002
Data Networks
Security
Do not
•
•
•
•
Deviate from the connectivity plan
Deviate from the IP Addressing plan
Change the order of DNS servers
Connect any equipment to LAN other than
infrastructure and approved
• Browse and send e-mail from consoles and help
desk PC’s
09-12-2002
Data Networks
Security
• All the software provided should be kept secure,
no unauthorized copies be made
• Be aware of Acceptable Use Policy
• Be aware of Nimda, Code Red, Spamming
• Be alert with hoax calls like jdbgmgr.exe
• Anti-Virus software should be kept updated
• Without Proper physical security everything is
useless.
• Bring to the notice any situation which may lead
to security compromise
09-12-2002
Data Networks
Spam
• Junk Mail, UCE
• Why Bad
– People are paying for receiving it
– Consumes bandwidth & other resources
– Annoying
• Users to be made aware of this
09-12-2002
Data Networks
Proposed Policy to deal with SPAM & SCAN
• For leased users
– If complaints are received continuously for 2 days,
intimate to user about possible spamming from his
network.
– Warn the user if complaints continue for 2 days
after intimation
– Disconnect the user, with due intimation,
temporarily for a day, after 5 days of continuous
complaints
– Reconnect and if complaints still continue then
permanent disconnection
• For Dialup Users
– Similar policy after identification of user
09-12-2002
Data Networks
Educating the Users
• For changing the Password and checking
the balance hours regularly
• Loaning of user-id (chance of misuse)
• Made aware of Acceptable Use Policy
– E-mail Policy
– Spamming
– Network, port scan
• Need for keeping the Anti Virus solution
updated
09-12-2002
Data Networks
Questions?
09-12-2002
Data Networks