24
Networking, NetReg, & BUVS with Phil Hoffman

Netreg Presentation

Tags:

Embed Size (px)

Citation preview

Page 1: Netreg Presentation

Networking, NetReg, & BUVS

with Phil Hoffman

Page 2: Netreg Presentation

NetReg: The Process

Page 3: Netreg Presentation

• All users who wish to the wired residential network (Resnet) must register their computers with the network.

• NetReg is the web-based tool that allows them to do this. • NetRegistering a machine creates an association between the

machine, its IP address and, the user, in an IT database. • NetReg is required because it allows us to know who owns which

computer – if a computer starts attacking other computers, for example, we know who to contact.

NetReg & BUVS

Page 4: Netreg Presentation

So wait, what about BUVS?

• BUVS is the acronym for: Boston University Virus & Security tool. • It is an online application that all PC users must run before they

can be registered on the network.• It ensures the security of a machine by forcing patches through

Windows Update and a complete virus scan with current virus definitions.• Previously, the BUVS scan was required

but it is NOT required this year. • Just because BUVS is not required does not mean you won’t be

seeing it.

Page 5: Netreg Presentation

NetReg Play-by-PlayIn more detail than the flowchart.

*what should happen & what does happen hardly every coincide. That’s why you are all here & my presentation is supposed to be 45 minutes long.

Restart computer (refresh IP address)

Agree to terms of use

Login in with username & Kerberos Password

Browser should* be redirected to http://netreg.bu.edu

Boot up the computer & open a web browser

Connect computer to Ethernet port

Page 6: Netreg Presentation

Physical problemsBroken NICBroken cableBroken port

Configuration problems

Network Troubleshooting

Page 7: Netreg Presentation

Computer Test1. Swap the customer’s computer for our known good laptop.

2. Ask if you can use their roommate’s known good computer. • Just be sure that the roommate’s computer works before

doing this test. • Again, you want to be sure that the computer is known

good before you use it for a test.• BE SURE YOU ARE USING THE CUSTOMER’S ETHERNET

CABLE SO THAT YOU ARE ONLY TESTING THE COMPUTER & NOTHING ELSE!

Page 8: Netreg Presentation

• If the known good computer works, you know without question that the cable and jack and everything beyond are working.

• If it doesn’t work, you will need to test the cable and/or the network jack.

Computer Test

Page 9: Netreg Presentation

• Event Viewer Look for recurring errors or warnings. Look at events that occurred around the time of the error, if known.

• Device Manager – Look for a malfunctioning driver, or no driver. In XP you can roll back a driver if necessary. Try reinstalling or updating the driver.

• IP Settings – For network cards, see if it’s really a configuration problem, or a corrupt stack

• Restore Points – In XP you can roll back to a certain date with restore points. Use this if the customer knows when the problem started.

Things to look at on a PC

Page 10: Netreg Presentation

Look at the port – Bent pins in a computer’s jack (like what happens after a telephone or USB cable has been inserted in place of an Ethernet cable) are not uncommon. Some laptop manufactures will ship a machine with a port that’s not connected to anything if the machine is ordered without a NIC. This can lead to very confused customers, since the port looks right (and is actually correct) but is missing hardware behind the scenes.Test the network cable & the jack – First, be sure they are using the correct jack in the wall! The nseg-cms.bu.edu links to NSG’s floor plans which show where the active ports are in a room. See below for detailed information on testing the jack, & again, keep in mind the possibility of bent pins.

Things to look at on a PC

Page 11: Netreg Presentation

• Console (found in /Applications/Utilities, look at system.log or console.log) –Look specifically for network events & software errors. If the user knows when a problem started take a look at the events around that time.

• Network Panel – The Network panel of the System Preferences has a handy display of all of the configured network ports on the system. It will show green for an active connection, red for an inactive (disconnected) connection, and yellow for a partial connection- e.g. a 169.254.x.x address, when DHCP requests have failed.

Things to look at on a Mac

Page 12: Netreg Presentation

Every time you go out into the field, you will need a known good Ethernet cable. Start by swapping your known good cable for the customer’s cable. Be sure to use the same jack and the same computer. Alternatively, take the customer’s cable and use it with a known good computer and jack.

If the known good Ethernet cable works, the customer’s cable is bad. If things still don’t work start looking in other areas - it is not uncommon for there to be more than one problem with a given system.

If you’re certain that the computer and cable are fully functional, the remaining point of failure is the jack or the port in the jack (or the floor or building’s network, but that’s generally obvious). At this point, you would make a referral to NSG via the database.

Cable Test

Page 13: Netreg Presentation

“Known good” is a term you will hear very often during ResNet. It refers to hardware (computer, cable, network card, etc.) that has been tested and is known to be working.

When entering a room and testing for a bad jack immediately assume that all equipment is malfunctioning. Also keep in mind that NSG is easily irritated by inaccurate reports of bad jacks – be careful and methodical in confirming a bad jack.

Start by swapping individual pieces of the setup for known good replacements. This way you can determine the individual piece that is your problem.

Testing for Bad Ports

Page 14: Netreg Presentation

In order to test a bad port, you need a known good computer, network card, and Ethernet cable. Using the known good setup, attempt to get on the network. You can use our equipment or, if a roommate is available they may have a computer that’s connected. If so, you can ask if you can borrow their setup in helping confirm the problem. Make sure you do a release/renew of the known good system’s IP address. The system may have an IP address from the last area the machine was in, and that IP may not work in your current location. (Roommates can sometimes be on different subnets.)

Note: Sometimes there are more physical ports than active ports. This is especially true in suites and brownstones where the room designations are not straightforward. You can check to see where the active ports are in a room by using NSEG floorplans of each room located at nseg-cms.bu.edu.

Port Test

Page 15: Netreg Presentation

• Incorrect Network connection setting (TCP/IP settings)

• Interference from third party security software• Malware• Routers & WAPs

Configuration Problems

Page 16: Netreg Presentation

• In TCP/IP Settings that “Obtain IP Address automatically is selected”.

• In TCP/IP Settings that “Obtain DNS Server address automatically is selected”.

• In TCP/IP Settings -> Configure that the “Link Speed” or “Duplex Mode” is set to Auto negotiate (or 10Mbps Half Duplex).

Correct Configuration Settings

Page 17: Netreg Presentation

• Because many machines ship with wired and wireless adapters, bridging is a common occurrence. Bridging causes traffic to pass into one interface, and out through the other. – This can lead to changing MAC addresses, either on the

client as the interfaces shift in priority across reboots, or on other machines that may be connected through the machine via wireless (similar in effect to a NAT box or access point).

• It’s always a good idea to check and make sure that bridging is off on any system you work on.

Bridged Connections

Page 18: Netreg Presentation

Always be on the lookout for third-party firewalls (Symantec, ZoneAlarm, Kerio…). These helpful little applications can make your life miserable!

Sometimes turning off the firewall isn’t enough; you may need to uninstall it to get rid of lingering effects.

Third Party Firewalls

Page 19: Netreg Presentation

Often, malware will force some network activity to a specific site before going anywhere else. It can also sometimes co-opt DNS, redirecting all DNS traffic through another site, or all Web traffic.

This can prevent browsers (especially IE) from connecting to webpages or completely prevent network traffic due to the nature of the pre-quarantine environment. When in doubt, run a scan or even install something like MalwareBytes from CD or a USB drive.

Malware

Page 20: Netreg Presentation

• Consumer Routers and WAPs (Wireless Access Points) can and do cause many problems for us each year.

• WAPs are against the terms of service for ResNet, and routers are frowned upon. • Any device that provides NAT (Network Address Translation) functionality can

negatively affect the network. • The most common problem we see with these is with people plugging the LAN

port into their wall jack. This causes the device to act as a DHCP server for the subnet, and sometimes worse, causing the router to route all traffic through itself to the WAN jack, which is probably not connected to anything even vaguely resembling the Internet.

• The primary symptom of this setup is generally machines getting 10.0.0.x or 192.168.x.x IP addresses - usually, these are the machines owned by people other than the guilty party, since a floor or even a building can be affected by a rogue router.

Routers or WAPs

Page 21: Netreg Presentation

• The other, lesser problem we see is with the user’s own machine - they go through step one of NetReg, but the release/renew stage doesn’t have the expected result.

• This is because the release/renew does make the client renew, but the NAT device itself is what actually needs to release/renew, since it’s what NetReg sees. This means power cycling the device.

• WAPs can be reported to NSG.

Routers or WAPs

Page 22: Netreg Presentation

• You will hear the term “rogue DHCP server” often during ResNet. This is in reference to a router or WAP that’s handing out bad IP addresses to clients on the network.

• When you get a call, or are working on an on-site, and the customer’s IP address is 192.168.x.x or 10.x.x.x (but NOT 10.66.x.x), you can assume a rogue DHCP server is the culprit.

• It’s not uncommon for a floor or building that’s been afflicted by one of these to have repeat occurrences.

• The guilty party will often notice that there’s a problem with their device, and plug it into another port.

• This cycle can run until a given room has had all of its ports deactivated. Because of this, don’t dismiss a call from a residence where this problem was fixed a few moments ago - it may actually have returned.

Tracking Down a Rogue DHCP Server

Page 23: Netreg Presentation

To Track it Down– Open a command prompt : (Start -> Run -> cmd or /Applications/Utilities/Terminal on a

Mac) – Enter the command: arp –a (then hit enter). – This command will display the ARP (address resolution protocol) cache. This is how the

computer keeps track of what physical (MAC) address goes with which IP address. – The one you are after is the one that has an IP which matches the client machine’s IP, but

ends in .1. – For example, if the client had an IP of 192.168.1.5, you’re looking for the entry with

192.168.1.1. – Report the MAC address of this device to NSG, and they will be able to disable and/or

locate it, thus solving the problem.

Tracking Down a Rogue DHCP Server

Page 24: Netreg Presentation

Conclusion


NetReg with Devices Micronet 10/21/2015 Saskia Etling, Information Security and Policy

NetReg with Devices Micronet 10/21/2015 Saskia Etling, Information Security and Policy

Documents
NetReg – Virus Killer? Spam Stopper? Copyright – 2006This work is the intellectual property of the authors. Permission is granted for this material to

NetReg – Virus Killer? Spam Stopper? Copyright – 2006This work is the intellectual property of the authors. Permission is granted for this material to

Documents
Presentation about powerpoint presentation

Presentation about powerpoint presentation

Design
Presentation Effective Presentation Skills

Presentation Effective Presentation Skills

Documents
Presentation and presentation skills

Presentation and presentation skills

Presentations & Public Speaking
FDA Presentation FDA Presentation

FDA Presentation FDA Presentation

Documents
Summit Presentation Main Presentation

Summit Presentation Main Presentation

Documents
Information Session Presentation 2015,PowerPoint ......Information Session Presentation 2015,PowerPoint Presentation,Information Session Presentation 2015,PowerPoint Presentation Author

Information Session Presentation 2015,PowerPoint ......Information Session Presentation 2015,PowerPoint Presentation,Information Session Presentation 2015,PowerPoint Presentation Author

Documents
España presentation spain presentation

España presentation spain presentation

Self Improvement
0 &+1(*/2#3netreg.sourceforge.net/LISA99/NetReg-LISA99.pdf · 1999-10-21 · ibkmq'adfopj?bw2`bnmkmhslmpjfokme'adibhsxvqmlm?@adn'aoum?@adib`xvnmcji@lmkmfdcfd?bq qmibadi'hsnmlmv`b?'`bnmkmadibfdkmfdkme

0 &+1(*/2#3netreg.sourceforge.net/LISA99/NetReg-LISA99.pdf · 1999-10-21 · ibkmq'adfopj?bw2`bnmkmhslmpjfokme'adibhsxvqmlm?@adn'aoum?@adib`xvnmcji@lmkmfdcfd?bq qmibadi'hsnmlmv`b?'`bnmkmadibfdkmfdkme

Documents
NetReg Net·Reg - /'net-rej/ noun A web-based registration application for the management of system, network and contact information

NetReg Net·Reg - /'net-rej/ noun A web-based registration application for the management of system, network and contact information

Documents
Presentation on Presentation

Presentation on Presentation

Documents
PRESENTATION HEADER Presentation Title Placeholder PRESENTATION HEADER Presentation Title Placeholder

PRESENTATION HEADER Presentation Title Placeholder PRESENTATION HEADER Presentation Title Placeholder

Documents
Presentation (my class presentation)

Presentation (my class presentation)

Documents
Presentation 2501 AB2501 Presentation

Presentation 2501 AB2501 Presentation

Documents
CRRF Presentation Final Presentation

CRRF Presentation Final Presentation

Documents
Drought presentation presentation

Drought presentation presentation

Technology
Presentation about presentation

Presentation about presentation

Education
First Presentation+2nd Presentation

First Presentation+2nd Presentation

Documents
Presentation presentation

Presentation presentation

Documents
Synchro Presentation Presentation

Synchro Presentation Presentation

Documents
Imeem Presentation Buscomp Presentation

Imeem Presentation Buscomp Presentation

Technology
Production Presentation VUMS Presentation

Production Presentation VUMS Presentation

Documents
Presentation Title Presentation Subtitle

Presentation Title Presentation Subtitle

Documents
PBS Presentation - Final Presentation

PBS Presentation - Final Presentation

Technology
Presentation on Presentation 1

Presentation on Presentation 1

Documents
Coloursquare presentation Corporate Presentation

Coloursquare presentation Corporate Presentation

Business
Presentation Tools Presentation

Presentation Tools Presentation

Documents
CVA Accenture Presentation Presentation

CVA Accenture Presentation Presentation

Documents
Unit 9 Consumer Arithmetic Presentation 1Buying Presentation 2Hire Purchases Presentation 3Earning Presentation 4Money Exchange Presentation 5Savings Presentation

Unit 9 Consumer Arithmetic Presentation 1Buying Presentation 2Hire Purchases Presentation 3Earning Presentation 4Money Exchange Presentation 5Savings Presentation

Documents