index_133
UNCLASSIFIED
Implementing Security on Cisco Routers
Version 1.0g
UNCLASSIFIED
133
4. Viewing the current ARP table –
Extraneous devices, mis-connected devices, and unauthorized devices on
a network segment can often be detected by their presence in a router’s
address resolution (ARP) table. To display the ARP table, use the
command show arp, as in the example below.
Central# show arp
Protocol Address Age(min) Hardware Addr Type Interface
Internet 14.2.9.6 57 0004.acd5.f3f6 ARPA Eth0/1
Internet 14.2.1.20 10 0010.7bf9.127a ARPA Eth0/0
Internet 14.2.9.64 43 0050.0f03.3680 ARPA Eth0/1
Internet 14.1.1.250 53 0010.7bb6.baa0 ARPA Eth0/0
.
.
Central#
5. Viewing the logged in users –
The command show users displays a list of users that are currently
logged in. In the example output below, there is one user logged in at the
console, and two are logged in over the network.
Central# show users
Line User Host(s) Idle Location
0 con 0 jsmith idle 00:00:56
130 vty 0 andrew idle 00:01:02 14.2.1.20
*131 vty 1 neal idle 00:00:00 14.2.9.6
Central#
6. Viewing host name and name lookup information –
Cisco IOS uses two mechanisms for mapping between IP addresses and
names: locally defined names, and DNS. Locally defined names take
precedence over DNS names. Use the command show host to display
the DNS configuration and the list of locally defined names.
Central# show host
Default domain is not set
Name/address lookup uses domain service
Name servers are 14.1.1.2, 14.2.9.1
Host Flags Age Type Address(es)
east (perm, OK) 4 IP 14.1.1.20
central (perm, OK) ** IP 14.1.15.250
south (perm, OK) 52 IP 14.2.9.64
Central#
7. Viewing interface status and configuration –
Use the command show ip interface to view a verbose display of
the status and configuration of a router’s network interfaces. For a quick
look, use the command show ip interface brief. In all cases, the
listing will include both active and inactive interfaces. The example
below shows the brief output format, slightly abbreviated.
Central# show ip interf brief