Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Can You Screw up a Network?

Posted by Cliff on from the learning-through-problem-solving dept.

aztektum asks: "Like a lot of Slashdot readers, I have setup my own home network. It isn't tricked out with all the fanciest hardware, but I do have a switch, BSD based firewall, I have configured e-mail (again on BSD), NFS and Samba, as well as remote access services like SSH and FTP. Now my line of work isn't networking or computer related at all. This is a personal hobby and a fairly new one for me (relatively speaking compared to others). I'm looking to learn more about managing problems with networks, but have no idea where to start. With such a small setup and only supporting two users (myself and a roommate) this isn't exactly enterprise level with enterprise level ups and downs. What are some ways I can screw up my network to troubleshoot problems and gain some insight? Also, what are some reference materials that you have found to be educational with relation to network administration?"

4 of 87 comments (clear)

  1. Cable tricks and other tricks by Kymermosst · · Score: 3, Interesting

    Take an ethernet cable and flex it back and forth (crease-style). Works best with solid conductor cable (I hardly ever see braided anyway). Chances are you'll seriously thin out or break a wire, and if it's one of the right four, you'll have issues.

    Two DHCP servers on the same LAN is fun.

    Plug a crossover cable between two ports on your switch. See what happens (most should disable both ports, but some freak out).

    Crimp your own ethernet cables. That leads to all kinds of fun the first few times you try it.

    Meh.. I'm not good at breaking stuff, that's all I can think of.

    --
    "Alcohol, Tobacco, Firearms, and Explosives" should be a convenience store, not a government agency.
  2. Try building a firewall script... by hand... by WoTG · · Score: 3, Interesting

    OK, maybe this is flamebait... maybe not.

    The first time I tried to setup a really locked down network (i.e. better than a NAT by allowing specific outgoing traffic only) I screwed up royally. Actually, I still would have significant difficulties without a good GUI.

    For a crash course in the difference between UDP and TCP and how IP ports work and what NATs do, IMHO, there's nothing better than actually trying to create a "secure" firewall that still lets you do the stuff you normally expect. E.g. email, web, P2P (take your pick), streaming media, DNS resolution (which is way more complex than I would have imagined).

  3. setup a honeynet and queueing by pr0m · · Score: 3, Interesting

    setup a honeynet on a network that connects to the internet through the same router as your private lan. i found this challenging because i had to think of the worse case scenarios to mitigate with the firewall on the router. be sure to implement a working queue with altq so that your private network gets a higher priority than the honeynet on outbound traffic. it's also interesting because you learn about how "hackers", "crackers", and "script kiddies" launch attacks and what they do with the machines that they take over.

  4. guest account by dimss · · Score: 4, Interesting

    Create SSH-accessible "guest" account on your router or server. Set password to "guest". They will come to your network within 24 hours. Make sure they can't do much with this account! Most probably they will try to download local exploits and other nasty tools.

    I have created "guest" account on my Linksys router three days ago. Someone from Romania discovered this account next morning. They downloaded some binary files and tried to run them. Idiots! Binaries were for i386 but Linksys router is MIPS :)