Tuesday, December 28, 2010

Configuration of one to one nat mapping and pool nat

ip nat inside source list 1 interface Serial0/0/0 overload
ip nat inside source static 172.18.0.109 204.8.1xx.xxx extendable
ip nat inside source static 172.18.0.108 204.8.1xx.xxx extendable
ip nat inside source static 172.18.0.107 204.8.1xx.xxx extendable
ip nat inside source static 172.18.0.106 204.8.1xx.xxx extendable
ip nat inside source static 172.18.0.105 204.8.1xx.xxx extendable
!
access-list 1 deny 172.18.0.108
access-list 1 deny 172.18.0.109
access-list 1 deny 172.18.0.106
access-list 1 deny 172.18.0.107
access-list 1 deny 172.18.0.105
access-list 1 permit 172.0.0.0 0.255.255.255

Wednesday, December 15, 2010

Official List of TCP and UDP port numbers

0  UDP  Reserved
1  TCP  UDP  TCP Port Service Multiplexer (TCPMUX)
2  TCP  UDP  Management Utility
3  TCP  UDP  Compression Process

5  TCP  UDP  Remote Job Entry

7  TCP  UDP  Echo Protocol

9  TCP  UDP  Discard Protocol

11  TCP  UDP  Active Users (systat service[2])

13  TCP  UDP  Daytime Protocol (RFC 867)
17  TCP  UDP  Quote of the Day
18  TCP  UDP  Message Send Protocol
19  TCP  UDP  Character Generator Protocol (CHARGEN)
20  TCP   FTP – data transfer
21  TCP   FTP – control (command)
22  TCP  UDP  Secure Shell (SSH)—used for secure logins, file transfers (scp, sftp) and port forwarding
23  TCP   Telnet protocol—unencrypted text communications
24  TCP  UDP  Priv-mail : any private mail system.
25  TCP   Simple Mail Transfer Protocol (SMTP)—used for e-mail routing between mail servers
35  TCP  UDP  Any private printer server protocol
37  TCP  UDP  TIME protocol
39  TCP  UDP  Resource Location Protocol[3] (RLP)—used for determining the location of higher level services from hosts on a network
41  TCP  UDP  Graphics
42  TCP  UDP  nameserver, ARPA Host Name Server Protocol
43  TCP   WHOIS protocol
47  TCP  UDP  NI FTP
49  TCP  UDP  TACACS Login Host protocol
50  TCP  UDP  Remote Mail Checking Protocol
51  TCP  UDP  IMP Logical Address Maintenance
52  TCP  UDP  XNS (Xerox Network Systems) Time Protocol
53  TCP  UDP  Domain Name System (DNS)
54  TCP  UDP  XNS (Xerox Network Systems) Clearinghouse
56  TCP  UDP  XNS (Xerox Network Systems) Authentication
58  TCP  UDP  XNS (Xerox Network Systems) Mail
67  UDP  Bootstrap Protocol (BOOTP) Server; also used by Dynamic Host Configuration Protocol (DHCP)
68  UDP  Bootstrap Protocol (BOOTP) Client; also used by Dynamic Host Configuration Protocol (DHCP)
69  UDP  Trivial File Transfer Protocol (TFTP)
70  TCP   Gopher protocol
79  TCP   Finger protocol
80  TCP  UDP  Hypertext Transfer Protocol (HTTP)
83  TCP   MIT ML Device
88  TCP  UDP  Kerberos—authentication system
90  TCP  UDP  dnsix (DoD Network Security for Information Exchange) Securit Attribute Token Map
101  TCP   NIC host name
102  TCP   ISO-TSAP (Transport Service Access Point) Class 0 protocol[5]
104  TCP  UDP  ACR/NEMA Digital Imaging and Communications in Medicine
105  TCP  UDP  CCSO Nameserver Protocol (Qi/Ph)
107  TCP   Remote TELNET Service[6] protocol
108  TCP  UDP  SNA Gateway Access Server [7]
109  TCP   Post Office Protocol v2 (POP2)
110  TCP   Post Office Protocol v3 (POP3)
111  TCP  UDP  ONC RPC (SunRPC)
113  TCP   ident—user identification system, used by IRC servers to identify users
113  TCP  UDP  Authentication Service (auth)
115  TCP   Simple File Transfer Protocol (SFTP)
117  TCP   UUCP Path Service
118  TCP  UDP  SQL (Structured Query Language) Services
119  TCP   Network News Transfer Protocol (NNTP) — retrieval of newsgroup messages
123  UDP  Network Time Protocol (NTP)—used for time synchronization
135  TCP  UDP  DCE endpoint resolution
137  TCP  UDP  NetBIOS NetBIOS Name Service
138  TCP  UDP  NetBIOS NetBIOS Datagram Service
139  TCP  UDP  NetBIOS NetBIOS Session Service
143  TCP  UDP  Internet Message Access Protocol (IMAP) — management of email messages
152  TCP  UDP  Background File Transfer Program (BFTP)[9]
153  TCP  UDP  SGMP, Simple Gateway Monitoring Protocol
156  TCP  UDP  SQL Service
161  UDP  Simple Network Management Protocol (SNMP)
162  TCP  UDP  Simple Network Management Protocol Trap (SNMPTRAP)[10]
170  TCP   Print-srv, Network PostScript
177  TCP  UDP  X Display Manager Control Protocol (XDMCP)
179  TCP   BGP (Border Gateway Protocol)
194  TCP  UDP  Internet Relay Chat (IRC)
199  TCP  UDP  SMUX, SNMP Unix Multiplexer
201  TCP  UDP  AppleTalk Routing Maintenance
209  TCP  UDP  The Quick Mail Transfer Protocol
210  TCP  UDP  ANSI Z39.50
213  TCP  UDP  Internetwork Packet Exchange (IPX)
218  TCP  UDP  Message posting protocol (MPP)
220  TCP  UDP  Internet Message Access Protocol (IMAP), version 3
259  TCP  UDP  ESRO, Efficient Short Remote Operations
264  TCP  UDP  BGMP, Border Gateway Multicast Protocol
308  TCP   Novastor Online Backup
311  TCP   Mac OS X Server Admin (officially AppleShare IP Web administration)
318  TCP  UDP  PKIX TSP, Time Stamp Protocol
319  UDP  Precision time protocol event messages
320  UDP  Precision time protocol general messages
350  TCP  UDP  MATIP-Type A, Mapping of Airline Traffic over Internet Protocol
351  TCP  UDP  MATIP-Type B, Mapping of Airline Traffic over Internet Protocol
366  TCP  UDP  ODMR, On-Demand Mail Relay
369  TCP  UDP  Rpc2portmap
371  TCP  UDP  ClearCase albd
383  TCP  UDP  HP data alarm manager
384  TCP  UDP  A Remote Network Server System
387  TCP  UDP  AURP, AppleTalk Update-based Routing Protocol
389  TCP  UDP  Lightweight Directory Access Protocol (LDAP)
401  TCP  UDP  UPS Uninterruptible Power Supply
427  TCP  UDP  Service Location Protocol (SLP)
443  TCP   HTTPS (Hypertext Transfer Protocol over SSL/TLS)
444  TCP  UDP  SNPP, Simple Network Paging Protocol (RFC 1568)
445  TCP   Microsoft-DS Active Directory, Windows shares
445  TCP   Microsoft-DS SMB file sharing
464  TCP  UDP  Kerberos Change/Set password
475  TCP   tcpnethaspsrv (Aladdin Knowledge Systems Hasp services, TCP/IP version)
497  TCP   Dantz Retrospect
500  UDP  Internet Security Association and Key Management Protocol (ISAKMP)
504  TCP  UDP  Citadel – multiservice protocol for dedicated clients for the Citadel groupware system
512  TCP   Rexec, Remote Process Execution
512  UDP  comsat, together with biff
513  TCP   rlogin
513  UDP  Who
514  TCP   Shell—used to execute non-interactive commands on a remote system (Remote Shell, rsh, remsh)
514  UDP  Syslog—used for system logging
515  TCP   Line Printer Daemon—print service
517  UDP  Talk
518  UDP  NTalk
520  TCP   efs, extended file name server
520  UDP  Routing Information Protocol (RIP)
524  TCP  UDP  NetWare Core Protocol (NCP) is used for a variety things such as access to primary NetWare server resources, Time Synchronization, etc.
525  UDP  Timed, Timeserver
530  TCP  UDP  RPC
532  TCP   netnews
533  UDP  netwall, For Emergency Broadcasts
540  TCP   UUCP (Unix-to-Unix Copy Protocol)
542  TCP  UDP  commerce (Commerce Applications)
543  TCP   klogin, Kerberos login
544  TCP   kshell, Kerberos Remote shell
546  TCP  UDP  DHCPv6 client
547  TCP  UDP  DHCPv6 server
548  TCP   Apple Filing Protocol (AFP) over TCP
550  UDP  new-rwho, new-who
554  TCP  UDP  Real Time Streaming Protocol (RTSP)
556  TCP   Remotefs, RFS, rfs_server
560  UDP  rmonitor, Remote Monitor
561  UDP  monitor
563  TCP  UDP  NNTP protocol over TLS/SSL (NNTPS)
587  TCP   e-mail message submission[11] (SMTP)
591  TCP   FileMaker 6.0 (and later) Web Sharing (HTTP Alternate, also see port 80)
593  TCP  UDP  HTTP RPC Ep Map, Remote procedure call over Hypertext Transfer Protocol, often used by Distributed Component Object Model services and Microsoft Exchange Server
604  TCP   TUNNEL profile[12], a protocol for BEEP peers to form an application layer tunnel
623   UDP  ASF Remote Management and Control Protocol (ASF-RMCP)
631  TCP  UDP  Internet Printing Protocol (IPP)
635  TCP  UDP  RLZ DBase
636  TCP  UDP  Lightweight Directory Access Protocol over TLS/SSL (LDAPS)
639  TCP  UDP  MSDP, Multicast Source Discovery Protocol
641  TCP  UDP  SupportSoft Nexus Remote Command (control/listening): A proxy gateway connecting remote control traffic
646  TCP  UDP  LDP, Label Distribution Protocol, a routing protocol used in MPLS networks
647  TCP   DHCP Failover protocol[13]
648  TCP   RRP (Registry Registrar Protocol)[14]
651  TCP  UDP  IEEE-MMS
653  TCP  UDP  SupportSoft Nexus Remote Command (data): A proxy gateway connecting remote control traffic
654  TCP   Media Management System (MMS) Media Management Protocol (MMP)[15]
657  TCP  UDP  IBM RMC (Remote monitoring and Control) protocol, used by System p5 AIX Integrated Virtualization Manager (IVM)[16] and Hardware Management Console to connect managed logical partitions (LPAR) to enable dynamic partition reconfiguration
660  TCP   Mac OS X Server administration
666   UDP  Doom, first online first-person shooter
674  TCP   ACAP (Application Configuration Access Protocol)
691  TCP   MS Exchange Routing
692  TCP   Hyperwave-ISP
694  TCP  UDP  Linux-HA High availability Heartbeat
695  TCP   IEEE-MMS-SSL (IEEE Media Management System over SSL)[17]
698   UDP  OLSR (Optimized Link State Routing)
699  TCP   Access Network
700  TCP   EPP (Extensible Provisioning Protocol), a protocol for communication between domain name registries and registrars (RFC 5734)
701  TCP   LMP (Link Management Protocol (Internet))[18], a protocol that runs between a pair of nodes and is used to manage traffic engineering (TE) links
702  TCP   IRIS[19][20] (Internet Registry Information Service) over BEEP (Blocks Extensible Exchange Protocol)[21] (RFC 3983)
706  TCP   Secure Internet Live Conferencing (SILC)
711  TCP   Cisco Tag Distribution Protocol[22][23][24]—being replaced by the MPLS Label Distribution Protocol[25]
712  TCP   Topology Broadcast based on Reverse-Path Forwarding routing protocol (TBRPF) (RFC 3684)
749  TCP  UDP  Kerberos (protocol) administration
750  TCP   rfile
750   UDP  loadav
750   UDP  kerberos-iv, Kerberos version IV
751  TCP  UDP  pump
752  TCP   qrh
752   UDP  qrh
753  TCP   Reverse Routing Header (rrh)[26]
753   UDP  Reverse Routing Header (rrh)
754  TCP   tell send
754   UDP  tell send
760  TCP  UDP  ns
847  TCP   DHCP Failover protocol
860  TCP   iSCSI (RFC 3720)
873  TCP   rsync file synchronisation protocol  USA only
902  TCP   ideafarm-door 902/tcp self documenting Door: send 0x00 for info
902   UDP  ideafarm-door
989  TCP  UDP  FTPS Protocol (data): FTP over TLS/SSL
990  TCP  UDP  FTPS Protocol (control): FTP over TLS/SSL
991  TCP  UDP  NAS (Netnews Administration System)
992  TCP  UDP  TELNET protocol over TLS/SSL
993  TCP   Internet Message Access Protocol over SSL (IMAPS)
995  TCP   Post Office Protocol 3 over TLS/SSL (POP3S)
1058  TCP  UDP  nim, IBM AIX Network Installation Manager (NIM)
1059  TCP  UDP  nimreg, IBM AIX Network Installation Manager (NIM)
1080  TCP   SOCKS proxy
1085  TCP  UDP  WebObjects
1098  TCP  UDP  rmiactivation, RMI Activation
1099  TCP  UDP  rmiregistry, RMI Registry
1140  TCP  UDP  AutoNOC protocol
1169  TCP  UDP  Tripwire
1176  TCP   Perceptive Automation Indigo Home automation server
1182  TCP  UDP  AcceleNet Intelligent Transfer Protocol
1194  TCP  UDP  OpenVPN
1198  TCP  UDP  The cajo project Free dynamic transparent distributed computing in Java
1200  TCP   scol, protocol used by SCOL 3D virtual worlds server to answer world name resolution client request[28]
1200   UDP  scol, protocol used by SCOL 3D virtual worlds server to answer world name resolution client request
1214  TCP   Kazaa
1220  TCP   QuickTime Streaming Server administration
1223  TCP  UDP  TGP, TrulyGlobal Protocol, also known as "The Gur Protocol" (named for Gur Kimchi of TrulyGlobal)
1241  TCP  UDP  Nessus Security Scanner
1270  TCP  UDP  Microsoft System Center Operations Manager (SCOM) (formerly Microsoft Operations Manager (MOM)) agent
1293  TCP  UDP  IPSec (Internet Protocol Security)
1311  TCP   Dell OpenManage HTTPS
1319  TCP   AMX ICSP
1319  UDP   AMX ICSP
1337   UDP  Men and Mice DNS
1337  TCP   Men and Mice DNS
1352  TCP   IBM Lotus Notes/Domino Remote Procedure Call (RPC) protocol
1387  TCP  UDP  cadsi-lm, LMS International (formerly Computer Aided Design Software, Inc. (CADSI)) LM
1414  TCP   IBM WebSphere MQ (formerly known as MQSeries)
1417  TCP  UDP  Timbuktu Service 1 Port
1418  TCP  UDP  Timbuktu Service 2 Port
1419  TCP  UDP  Timbuktu Service 3 Port
1420  TCP  UDP  Timbuktu Service 4 Port
1431  TCP   Reverse Gossip Transport Protocol (RGTP), used to access a General-purpose Reverse-Ordered Gossip Gathering System (GROGGS) bulletin board, such as that implemented on the Cambridge University's Phoenix system
1433  TCP   MSSQL (Microsoft SQL Server database management system) Server
1434  TCP  UDP  MSSQL (Microsoft SQL Server database management system) Monitor
1470  TCP   Solarwinds Kiwi Log Server
1494  TCP   Citrix XenApp Independent Computing Architecture (ICA) thin client protocol
1512  TCP  UDP  Microsoft Windows Internet Name Service (WINS)
1513  TCP  UDP  Garena Garena Gaming Client
1521  TCP   nCube License Manager
1524  TCP  UDP  ingreslock, ingres
1533  TCP   IBM Sametime IM—Virtual Places Chat Microsoft SQL Server
1547  TCP  UDP  Laplink
1581   UDP  MIL STD 2045-47001 VMF
1677  TCP  UDP  Novell GroupWise clients in client/server access mode
1701   UDP  Layer 2 Forwarding Protocol (L2F) & Layer 2 Tunneling Protocol (L2TP)
1719   UDP  H.323 Registration and alternate communication
1720  TCP   H.323 Call signalling
1723  TCP  UDP  Microsoft Point-to-Point Tunneling Protocol (PPTP)
1755  TCP  UDP  Microsoft Media Services (MMS, ms-streaming)
1761   UDP  cft-0
1761  TCP   cft-0
1762–1768  TCP  UDP  cft-1 to cft-7
1801  TCP  UDP  Microsoft Message Queuing
1812  TCP  UDP  radius, RADIUS authentication protocol
1813  TCP  UDP  radacct, RADIUS accounting protocol
1863  TCP   MSNP (Microsoft Notification Protocol), used by the .NET Messenger Service and a number of Instant Messaging clients
1900   UDP  Microsoft SSDP Enables discovery of UPnP devices
1935  TCP   Adobe Systems Macromedia Flash Real Time Messaging Protocol (RTMP) "plain" protocol
1947  TCP   hasplm, Aladdin HASP Licenz Manager
1970  TCP  UDP  Netop Business Solutions Netop Remote Control
1971  TCP  UDP  Netop Business Solutions Netop School
1972  TCP  UDP  InterSystems Caché
1975–1977   UDP  Cisco TCO (Documentation)
1984  TCP   Big Brother System and Network Monitor
1985   UDP  Cisco HSRP
1994  TCP  UDP  Cisco STUN-SDLC (Serial Tunneling—Synchronous Data Link Control) protocol
1998  TCP  UDP  Cisco X.25 over TCP (XOT) service
2000  TCP  UDP  Cisco SCCP (Skinny)
2031  TCP  UDP  mobrien-chat(http://chat.mobrien.com:2031/)
2049   UDP  Network File System
2049   UDP  shilp
2053   UDP  lot105-ds-upd Lot105 DSuper Updates
2053  TCP   lot105-ds-upd Lot105 DSuper Updates
2073  TCP  UDP  DataReel Database
2074  TCP  UDP  Vertel VMF SA (i.e. App.. SpeakFreely)
2082  TCP   Infowave Mobility Server
2083  TCP   Secure Radius Service (radsec)
2086  TCP   GNUnet
2102  TCP  UDP  zephyr-srv Project Athena Zephyr Notification Service server
2103  TCP  UDP  zephyr-clt Project Athena Zephyr Notification Service serv-hm connection
2104  TCP  UDP  zephyr-hm Project Athena Zephyr Notification Service hostmanager
2105  TCP  UDP  IBM MiniPay
2156   UDP  Talari Reliable Protocol
2161  TCP   APC Agent
2181  TCP  UDP  EForward-document transport system
2210  TCP  UDP  NOAAPORT Broadcast Network
2211  TCP  UDP  EMWIN
2212  TCP  UDP  LeeCO POS Server Service
2219  TCP  UDP  NetIQ NCAP Protocol
2220  TCP  UDP  NetIQ End2End
2261  TCP  UDP  CoMotion Master
2262  TCP  UDP  CoMotion Backup
2369  TCP   Default for BMC Software Control-M/Server—Configuration Agent, though often changed during installation
2370  TCP   Default for BMC Software Control-M/Server—to allow the Control-M/Enterprise Manager to connect to the Control-M/Server, though often changed during installation
2404  TCP   IEC 60870-5 -104, used to send electric power telecontrol messages between two systems via directly connected data circuits
2420   UDP  Westell Remote Access
2427   UDP  Cisco MGCP
2447  TCP  UDP  ovwdb—OpenView Network Node Manager (NNM) daemon
2483  TCP  UDP  Oracle database listening for unsecure client connections to the listener, replaces port 1521
2484  TCP  UDP  Oracle database listening for SSL client connections to the listener
2500  TCP   THEòSMESSENGER listening for TheòsMessenger client connections
2501  TCP   TheosNet-Admin listening for TheòsMessenger client connections
2612  TCP  UDP  QPasa from MQSoftware
2700–2800  TCP   KnowShowGo P2P
2713  TCP  UDP  Raven Trinity Broker Service
2714  TCP  UDP  Raven Trinity Data Mover
2735  TCP  UDP  NetIQ Monitor Console
2809  TCP   corbaloc:iiop URL, per the CORBA 3.0.3 specification
2809   UDP  corbaloc:iiop URL, per the CORBA 3.0.3 specification.
2868  TCP  UDP  Norman Proprietary Event Protocol NPEP
2947  TCP   gpsd GPS daemon
2948  TCP  UDP  WAP-push Multimedia Messaging Service (MMS)
2949  TCP  UDP  WAP-pushsecure Multimedia Messaging Service (MMS)
3050  TCP  UDP  gds_db (Interbase/Firebird)
3051  TCP  UDP  Galaxy Server (Gateway Ticketing Systems)
3074  TCP  UDP  Xbox LIVE and/or Games for Windows - LIVE
3225  TCP  UDP  FCIP (Fiber Channel over Internet Protocol)
3233  TCP  UDP  WhiskerControl research control protocol
3235  TCP  UDP  Galaxy Network Service (Gateway Ticketing Systems)
3260  TCP   iSCSI target
3268  TCP  UDP  msft-gc, Microsoft Global Catalog (LDAP service which contains data from Active Directory forests)
3269  TCP  UDP  msft-gc-ssl, Microsoft Global Catalog over SSL (similar to port 3268, LDAP over SSL)
3283  TCP   Apple Remote Desktop reporting (officially Net Assistant, referring to an earlier product)
3305  TCP  UDP  odette-ftp, Odette File Transfer Protocol (OFTP)
3306  TCP  UDP  MySQL database system
3386  TCP  UDP  GTP' 3GPP GSM/UMTS CDR logging protocol
3389  TCP  UDP  Microsoft Terminal Server (RDP) officially registered as Windows Based Terminal (WBT) - Link
3396  TCP  UDP  Novell NDPS Printer Agent
3412  TCP  UDP  xmlBlaster
3455  TCP  UDP  [RSVP] Reservation Protocol
3423  TCP   Xware xTrm Communication Protocol
3424  TCP   Xware xTrm Communication Protocol over SSL
3478  TCP  UDP  STUN, a protocol for NAT traversal
3483   UDP  Slim Devices discovery protocol
3483  TCP   Slim Devices SlimProto protocol
3516  TCP  UDP  Smartcard Port
3527   UDP  Microsoft Message Queuing
3532  TCP  UDP  Raven Remote Management Control
3533  TCP  UDP  Raven Remote Management Data
3544   UDP  Teredo tunneling
3605   UDP  ComCam IO Port
3606  TCP  UDP  Splitlock Server
3632  TCP   distributed compiler
3689  TCP   Digital Audio Access Protocol (DAAP)—used by Apple’s iTunes and AirPort Express
3690  TCP  UDP  Subversion version control system
3702  TCP  UDP  Web Services Dynamic Discovery (WS-Discovery), used by various components of Windows Vista
3880  TCP  UDP  IGRS
3868  TCP  SCTP  Diameter base protocol (RFC 3588)
3900  TCP   udt_os, IBM UniData UDT OS[30]
3945  TCP  UDP  EMCADS service, a Giritech product used by G/On
3999  TCP  UDP  Norman distributed scanning service
4018  TCP  UDP  protocol information and warnings
4069   UDP  Minger Email Address Verification Protocol[31]
4089  TCP  UDP  OpenCORE Remote Control Service
4093  TCP  UDP  PxPlus Client server interface ProvideX
4096  TCP  UDP  Ascom Timeplex BRE (Bridge Relay Element)
4111  TCP   Xgrid
4116  TCP  UDP  Smartcard-TLS
4321  TCP   Referral Whois (RWhois) Protocol[32]
4500   UDP  IPSec NAT Traversal (RFC 3947)
4569   UDP  Inter-Asterisk eXchange (IAX2)
4662  TCP  UDP  OrbitNet Message Service
4728  TCP   Computer Associates Desktop and Server Management (DMP)/Port Multiplexer [33]
4840  TCP  UDP  OPC UA TCP Protocol for OPC Unified Architecture from OPC Foundation
4843  TCP  UDP  OPC UA TCP Protocol over TLS/SSL for OPC Unified Architecture from OPC Foundation
4847  TCP  UDP  Web Fresh Communication, Quadrion Software & Odorless Entertainment
4894  TCP  UDP  LysKOM Protocol A
4899  TCP  UDP  Radmin remote administration tool (program sometimes used by a Trojan horse)
4949  TCP   Munin Resource Monitoring Tool
4950  TCP  UDP  Cylon Controls UC32 Communications Port
5000  TCP   commplex-main
5001  TCP   commplex-link
5003  TCP  UDP  FileMaker
5004  TCP  UDP,DCCP  RTP (Real-time Transport Protocol) media data (RFC 3551, RFC 4571)
5005  TCP  UDP,DCCP  RTP (Real-time Transport Protocol) control protocol (RFC 3551, RFC 4571)
5051  TCP   ita-agent Symantec Intruder Alert[34]
5060  TCP  UDP  Session Initiation Protocol (SIP)
5061  TCP   Session Initiation Protocol (SIP) over TLS
5084  TCP  UDP  EPCglobal Low Level Reader Protocol (LLRP)
5085  TCP  UDP  EPCglobal Low Level Reader Protocol (LLRP) over TLS
5093   UDP  SafeNet, Inc Sentinel LM, Sentinel RMS, License Manager, Client-to-Server
5099  TCP  UDP  SafeNet, Inc Sentinel LM, Sentinel RMS, License Manager, Server-to-Server
5151  TCP   ESRI SDE Instance
5151   UDP  ESRI SDE Remote Start
5154  TCP  UDP  BZFlag
5190  TCP   ICQ and AOL Instant Messenger
5222  TCP   Extensible Messaging and Presence Protocol (XMPP) client connection (RFC 3920)
5246   UDP  Control And Provisioning of Wireless Access Points (CAPWAP) CAPWAP control (RFC 5415)
5247   UDP  Control And Provisioning of Wireless Access Points (CAPWAP) CAPWAP data (RFC 5415)5269  TCP   Extensible Messaging and Presence Protocol (XMPP) server connection (RFC 3920)5298  TCP  UDP  Extensible Messaging and Presence Protocol (XMPP) JEP-0174: Link-Local Messaging / XEP-0174: Serverless Messaging5351  TCP  UDP  NAT Port Mapping Protocol—client-requested configuration for inbound connections through network address translators5353 UDP Multicast DNS (mDNS)
5355 TCP UDP LLMNR—Link-Local Multicast Name Resolution, allows hosts to perform name resolution for hosts on the same local link (only provided by Windows Vista and Server 2008)
5402 TCP UDP mftp, Stratacache OmniCast content delivery system MFTP file sharing protocol
5405 TCP UDP NetSupport Manager
5421 TCP UDP NetSupport Manager
5432 TCP UDP PostgreSQL database system
5556 TCP UDP Freeciv
5631 TCP pcANYWHEREdata, Symantec pcAnywhere (version 7.52 and later[37])[38] data
5632 UDP pcANYWHEREstat, Symantec pcAnywhere (version 7.52 and later) status
5814 TCP UDP Hewlett-Packard Support Automation (HP OpenView Self-Healing Services)
5900 TCP UDP Virtual Network Computing (VNC) remote desktop protocol (used by Apple Remote Desktop and others)
5984 TCP UDP CouchDB database server
5999 TCP CVSup [40] file update tool
6000 TCP X11—used between an X client and server over the network
6001 UDP X11—used between an X client and server over the network
6005 TCP Default for BMC Software Control-M/Server—Socket used for communication between Control-M processes—though often changed during installation
6086 TCP PDTP—FTP like file server in a P2P network
6110 TCP UDP softcm, HP Softbench CM
6111 TCP UDP spc, HP Softbench Sub-Process Control
6112 TCP UDP "dtspcd"—a network daemon that accepts requests from clients to execute commands and launch applications remotely
6129 TCP DameWare Remote Control
6343 UDP SFlow, sFlow traffic monitoring
6346 TCP UDP gnutella-svc, gnutella (FrostWire, Limewire, Shareaza, etc.)
6347 TCP UDP gnutella-rtr, Gnutella alternate
6350 TCP UDP App Discovery and Access Protocol
6432 TCP PgBouncer - A connection pooler for PostgreSQL
6444 TCP UDP Sun Grid Engine—Qmaster Service
6445 TCP UDP Sun Grid Engine—Execution Service
6619 TCP UDP odette-ftps, Odette File Transfer Protocol (OFTP) over TLS/SSL
6665–6669 TCP Internet Relay Chat (IRC)
6888 TCP UDP MUSE
6969 TCP UDP acmsoda
7400 TCP UDP RTPS (Real Time Publish Subscribe) DDS Discovery
7401 TCP UDP RTPS (Real Time Publish Subscribe) DDS User-Traffic
7402 TCP UDP RTPS (Real Time Publish Subscribe) DDS Meta-Traffic
7547 TCP UDP CPE WAN Management Protocol Technical Report 069
7787-7788 TCP GFI EventsManager 7 & 8
7937-9936 TCP UDP EMC2 (Legato) Networker or Sun Solcitice Backup
8000 TCP UDP iRDMI (Intel Remote Desktop Management Interface)[45]—sometimes erroneously used instead of port 8080
8008 TCP HTTP Alternate
8080 TCP HTTP alternate (http_alt)—commonly used for Web proxy and caching server, or for running a Web server as a non-root user
8118 TCP Privoxy—advertisement-filtering Web proxy
8123 TCP Polipo Web proxy
8243 TCP UDP HTTPS listener for Apache Synapse [48]
8280 TCP UDP HTTP listener for Apache Synapse [48]
8400 TCP UDP cvp, Commvault Unified Data Management
8442 TCP UDP CyBro A-bus, Cybrotech Ltd.
8880 UDP cddbp-alt, CD DataBase (CDDB) protocol (CDDBP) alternate
8880 TCP cddbp-alt, CD DataBase (CDDB) protocol (CDDBP) alternate
8888 TCP UDP NewsEDGE server
9001 TCP UDP ETL Service Manager[49]
9009 TCP UDP Pichat Server—Peer to peer chat software
9080 UDP glrpc, Groove Collaboration software GLRPC
9080 TCP glrpc, Groove Collaboration software GLRPC
9100 TCP PDL Data Stream
9101 TCP UDP Bacula Director
9102 TCP UDP Bacula File Daemon
9103 TCP UDP Bacula Storage Daemon
9105 TCP UDP Xadmin Control Daemon
9119 TCP UDP MXit Instant Messenger
9306 TCP Sphinx Native API
9312 TCP Sphinx SphinxQL
9418 TCP UDP git, Git pack transfer service
9535 TCP UDP mngsuite, LANDesk Management Suite Remote Control
9536 TCP UDP laes-bf, IP Fabrics Surveillance buffering function
9600 UDP Omron FINS, OMRON FINS PLC communication
9800 TCP UDP WebDAV Source
9898 TCP UDP MonkeyCom
9996 TCP UDP The Palace "The Palace" Virtual Reality Chat software. – 5
10008 TCP UDP Octopus Multiplexer, primary port for the CROMP protocol, which provides a platform-independent means for communication of objects across a network
10010 TCP Open Object Rexx (ooRexx) rxapi daemon
10050 TCP UDP Zabbix-Agent
10051 TCP UDP Zabbix-Trapper
10113 TCP UDP NetIQ Endpoint
10114 TCP UDP NetIQ Qcheck
10115 TCP UDP NetIQ Endpoint
10116 TCP UDP NetIQ VoIP Assessor
11371 OpenPGP HTTP key server
12222 UDP Light Weight Access Point Protocol (LWAPP) LWAPP data (RFC 5412)
12223 UDP Light Weight Access Point Protocol (LWAPP) LWAPP control (RFC 5412)
13076 TCP Default for BMC Software Control-M/Enterprise Manager Corba communication, though often changed during installation
13720 TCP UDP Symantec NetBackup—bprd (formerly VERITAS)
13721 TCP UDP Symantec NetBackup—bpdbm (formerly VERITAS)
13724 TCP UDP Symantec Network Utility—vnetd (formerly VERITAS)
13782 TCP UDP Symantec NetBackup—bpcd (formerly VERITAS)
13783 TCP UDP Symantec VOPIED protocol (formerly VERITAS)
13785 TCP UDP Symantec NetBackup Database—nbdb (formerly VERITAS)
13786 TCP UDP Symantec nomdb (formerly VERITAS)
15000 TCP hydap, Hypack Hydrographic Software Packages Data Acquisition
15000 UDP hydap, Hypack Hydrographic Software Packages Data Acquisition
15345 TCP UDP XPilot Contact
17500 TCP Dropbox LanSync Protocol (db-lsp); used to synchronize file catalogs between Dropbox clients on your local network.
17500 UDP Dropbox LanSync Discovery (db-lsp-disc); used to synchronize file catalogs between Dropbox clients on your local network; is transmitted to broadcast addresses.
18104 TCP RAD PDF Service
19283 TCP UDP K2 - KeyAuditor & KeyServer, Sassafras Software Inc. Software Asset Management tools
19315 TCP UDP KeyShadow for K2 - KeyAuditor & KeyServer, Sassafras Software Inc. Software Asset Management tools
19999 DNP - Secure (Distributed Network Protocol - Secure), a secure version of the protocol used in SCADA systems between communicating RTU's and IED's
20000 DNP (Distributed Network Protocol), a protocol used in SCADA systems between communicating RTU's and IED's
22347 TCP UDP WibuKey, WIBU-SYSTEMS AG Software protection system
22350 TCP UDP CodeMeter, WIBU-SYSTEMS AG Software protection system
24465 TCP UDP Tonido Directory Server for Tonido which is a Personal Web App and P2P platform
24554 TCP UDP BINKP, Fidonet mail transfers over TCP/IP
26000 TCP UDP id Software's Quake server
31457 TCP TetriNET
33434 TCP UDP traceroute
40000 TCP UDP SafetyNET p Real-time Industrial Ethernet protocol
43047 TCP TheòsMessenger second port for service TheòsMessenger
43048 TCP TheòsMessenger third port for service TheòsMessenger
47808 TCP UDP BACnet Building Automation and Control Networks (4780810 = BAC016)

CCIE R&S Lab Equipment and IOS Version

1841 series routers - IOS 12.4(T) – Advanced Enterprise Services
3825 series routers - IOS 12.4(T) – Advanced Enterprise Services
Catalyst 3560 Series switches running IOS version 12.2 - Advanced IP Services

Monday, December 13, 2010

common network related dos command

ipconfig [/all] [/renew]
arp -a
ftp
nslookup
ping
tracert
telnet
netstat
netstat -ano | findstr " 80"
tasklist | findstar " pid"

Wednesday, December 8, 2010

some common cisco command

ip name-server xxx.xxx.xxx.xxx
sntp server hk.pool.ntp.org
clear interface virtual-access [number]
logging buffer 51200 debug
clock set 10:50:00 Oct 26 2006
clock timezone HKT 8
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime

show process cpu
show process cpu sorted

sh ip cac flow – show current traffic of specified interface**
sh ip accounting – show accumulated traffic of specified interface**
clear ip flow stats
clear counter [interface]

show process memory
show process memory sorted
show memory allocating-process totals
show memory summary
show memory statistics
show memory dead
show memory free
show memory bigger

show buffers
show buffer old


router#config t
router(config)#int vlan1
router(config-if)#ip route-cache flow
OR
router(config-if)#ip accounting (may cause memory low/exhaust, remember to deactivate!)
router(config-if)#^Z
router#sh ip cac flow

Router#reload in 5

ip nat translation tcp-timeout 300
ip nat translation udp-timeout 200
ip nat translation max-entries list 2 100
access-list 2 permit 10.1.68.173

zyxel command

ip nat reset [interface]
ip dhcp enif0 stat
ip dhcp enif0 server rele 1
ip arp flush
ip route st

sys filter netbios disp
sys reboot
sys log disp

324
ip nat iface wanif0

Tuesday, December 7, 2010

common DNS record type

  1. A: address record
  2. CNAME: Canonical name record
  3. MX: mail exchange record
  4. NS: name server record
  5. PTR: pointer record RFC 1035
  6. TXT (SPF): Sender Policy Framework RFC 4408

DNS tools: nslookup and dig

nslookup

list the query type: set q=any (if want to display all)
change the DNS server: server dns_server_ip
list the zone record: ls -d [domain_name]
check ptr: set type=ptr, then type the ip address you want...

dig - DNS lookup utility

SYNOPSIS

dig [ @server ] [ -b address ] [ -c class ] [ -f filename ] [ -k filename ] [ -p port# ] [ -t type ] [ -x addr ] [ -y name:key ] [ name ] [ type ] [ class ] [ queryopt... ]
dig [ -h ]
dig [ global-queryopt... ] [ query... ]

Monday, December 6, 2010

case: telnet web port Dec 7 2010

Customer report he should not have the certificate on his nas server. but when doing the port checking, found the ssl module is running
P334> ip telnet 192.168.0.55 5000
Resolving 192.168.0.55... Connected to 192.168.0.55
Escape character is '^]'.
exit

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://(null)/webman/index.cgi">here</a>.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/1.0.0a Server at * Port 5000</address>
</body></html>
Telnet session with remote host terminated.

SMTP protocol telnet simulation

telnet smtp.foo.com 25
S: 220 foo.com Simple Mail Transfer Service Ready
C: EHLO bar.com
S: 250-foo.com greets bar.com
S: 250-8BITMIME
S: 250-SIZE
S: 250-DSN
S: 250 HELP
C: MAIL FROM:<Smith@bar.com>
S: 250 OK
C: RCPT TO:<Jones@foo.com>
S: 250 OK
C: RCPT TO:<Green@foo.com>
S: 550 No such user here
C: RCPT TO:<Brown@foo.com>

S: 250 OK
C: DATA
S: 354 Start mail input; end with <CRLF>.<CRLF>
C: Blah blah blah...
C: ...etc. etc. etc.
C: .
S: 250 OK
C: QUIT
S: 221 foo.com Service closing transmission channel

POP3 protocol telnet simulation

> telnet pop.xxx.com 110
Trying xxx.xxx.xxx.xxx
Connected to pop.xxx.com.
Escape character is '^]'.
+OK POP3 Ready ospop1 0002002c
user honying@abc.com.hk
+OK USER honying@abc.com.hk set, mate
pass kokogoda
+OK Logged in.
quit
+OK Logging out.

S:    +OK POP3 server ready <1896.697170952@dbc.mtview.ca.us>
C:    APOP mrose c4c9334bac560ecc979e58001b3e22fb
S:    +OK mrose's maildrop has 2 messages (320 octets)
C:    STAT
S:    +OK 2 320
C:    LIST
S:    +OK 2 messages (320 octets)
S:    1 120
S:    2 200
S:    .
C:    RETR 1
S:    +OK 120 octets
S:    <the POP3 server sends message 1>
S:    .
C:    DELE 1
S:    +OK message 1 deleted
C:    RETR 2
S:    +OK 200 octets
S:    <the POP3 server sends message 2>
C:    QUIT
S:    +OK dewey POP3 server signing off (maildrop empty)

MRTG and PRTG site url

mrtg website: http://oss.oetiker.ch/mrtg/

prtg website: http://www.paessler.com/prtg/

CCIE R&S check list

  1. Implement Layer 2 Technologies
    1. Implement Spanning Tree Protocol (STP)
      1. 802.1d (STP) - 
        1. Transparent Bridging
        2. Process: learning, flooding, filtering, forwarding, aging
      2. 802.1w (RSTP)
      3. 801.1s (MST)
      4. Portfast
      5. Loop guard
      6. Root guard
      7. Bridge protocol data unit (BPDU) guard
      8. BPDU Filters
      9. UplinkFast
      10. BackboneFast
      11. MSTP
      12. Storm control
      13. Unicast flooding
      14. Port roles, failure propagation, and loop guard operation
      15. Optimizing STP by STP Timers
      16. Selecting the Root Bridge for an MST Instance in an MST Environment
      17. Setting the Port Priority to Designate the Forwarding Ports
    2. Implement VLAN and VLAN Trunking Protocol (VTP)
      1. Configuration
        1. Creating, Deleting, and Editing VLANs
        2. VTP in Client/Server Mode
        3. VTP in Transparent Mode
        4. VTP Authentication
        5. VTP Pruning
        6. Controlling VLANs That Cross a Trunk
        7. Selecting the Root Bridge for VLANS in a PVST Environment
    3. Implement trunk and trunk protocols, EtherChannel, and load-balance
      1. Configuration
        1. Trunks Using an Industry Standard Encapsulation
        2. Trunks Using a Cisco Proprietary Encapsulation
        3. EtherChannel Using an Industry-Standard Protocol
        4. EtherChannel Using a Cisco Proprietary Protocol
        5. Disabling Protocols on the EtherChannel
        6. Load-Balancing Type on the EtherChannel
    4. Implement Ethernet technologies
      1. Speed and duplex
      2. Ethernet, FastEthernet, and Gigabit Ethernet
      3. PPP over Ethernet (PPPoE)
    5. Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
    6. Implement Frame Relay
      1. Local Management Interface (LMI)
      2. Traffic shaping
      3. Full mesh
      4. Hub and spoke
      5. Discard eligiable (DE)
      6. Configuration:
        1. Frame Relay Multipoint Link on  a Physical Interface Using Inverse ARP
        2. Frame Relay Multipoint Link on  a Physical Interface Without Using Inverse ARP
        3. Frame Relay Multipoint Link on a Subinterface Using Inverse ARP
        4. Frame Relay Multipoint Link on a Subinterface Without Using Inverse ARP
        5. Frame Relay Point-to-Point Subinterfaces
        6. PVC with a Multipoint Interface on One Side and a Subinterface on the Other side
        7. Authentication on a Frame Relay Link Using PPP
    7. Implement High-Level Data Link Control (HDLC) and PPP
  2. Implement IPv4
    1. Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
    2. Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
    3. Implement IPv4 RIP version (RIPv2)
    4. Implement IPv4 Open Shortest Path First (OSPF) 
      1. OSPF on a Broadcast Multicast Access Network (Ethernet)
      2. OSPF over a Frame Relay Multipoint Network by changing Network Types
      3. OSPF over a Frame Relay Multipoint Network by Using the neighbor Command
      4. OSPF over a Frame Relay Point-to-Point Network
      5. Virtual Links
      6. Standard OSPF areas
      7. Stub area
      8. Totally stubby area
      9. Not-so-stubby-area (NSSA)
      10. Totally NSSA
      11. Link-state advertisement (LSA) types
      12. Adjacency on a point-to-point and on a multi-access network
      13. OSPF graceful restart
    5. Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
      1. Basic EIGRP
      2. Passive Interfaces
      3. EIGRP Stub on Router and Switches
      4. EIGRP Update -Bandwidth Control
      5. Changing the Administrative Distance of EIGRP
      6. Best path
      7. Loop-free paths
      8. EIGRP operations when alternate loop-free paths are available, and when they are not available
      9. EIGRP queries
      10. Unequal-cost Load Balancing for EIGRP
      11. Manual summarization and auto summarization
    6. Implement IPv4 Border Gateway Protocol (BGP) 
      1. IBGP
        1. IBGP Peering
        2. Advertising Routes in iBGP
        3. Next-Hop Attribute
        4. Route Reflectors
        5. Redundancy by Neighbor Relationships Based on Loopbacks
      2. EBGP
        1. EBGP Peering
        2. EBGP Peering Based on Loopbacks
      3. BGP Advanced Features 
        1. Filtering Using ACLs
        2. Filtering Using Prefix Lists
        3. Filtering Using AS Path Filters
        4. Redistributing Connected Routes into BGP
        5. Redistributing Dynamic Routing Protocols into BGP
        6. BGP Aggregation
        7. BGP Aggregation with the Summary Only Parameter
        8. BGP Aggregation with Suppress Maps
        9. BGP Aggregation with Unsuppressed Maps
        10. BGP Best-Path Selection - Weight
        11. BGP Best-Path Selection - Local Preference
        12. BGP Best-Path Selection - MED
        13. BGP Communities - No-Export
        14. BGP Communities - No-Advertise
        15. BGP Confederation BGP Local AS
        16. Working with Private AS Numbers
        17. Route Dampening
        18. Conditional Advertising
        19. Peer Groups
    7. Implement policy routing
    8. Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
    9. Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced features.
      1. Route Filtering for OSPF within the Area Using Distribute List with an ACL and Prefix
      2. Route Filtering for OSPF Between Areas
      3. Summarization of OSPF Routes between Areas
      4. Summarization of External routers Within OSPF
      5. Filtering with a Distribute List Using an ACL and Prefix Lists
      6. Using Advanced ACLs and a Prefix List for Filtering Routes
      7. Summarizing Routes with EIGRP
      8. Route Summarization for RIP
      9. Redistribution Between OSPF and EIGRP
      10. Redistribution Between RIP and EIGRP
      11. Redistribution Between RIP and OSPF
      12. Redistribution of Directly Connected Routes
      13. Redistribution of Staic Routes
      14. Redistribution with Filtering Using ACLs and Prefix Lists
      15. Redistribution with Filtering Using Route Tagging
  3. Implement IPv6
    1. Implement IP version (IPv6) addressing and different addressing types
    2. Implement IPv6 neighbour discovery
    3. Implement basic IPv6 functionality protocols
    4. Implement tunnelling techniques
    5. Implement RIPng
    6. Implement OSPF version 3 (OSPFv3)
    7. Implement EIGRP version 6 (EIGRPv6)
    8. Implement IPv6 on a Frame Relay Network - Multipoint
    9. Implement IPv6 on a Frame Relay Network - Point-toPoint
    10. Implement filtering with a Distribute List Using an ACL and Prefix Lists
    11. Implement Route Redistribution Between OSPFv3 and EIGRPv6
  4. Implement MPLS Layer 3 VPNs
    1. Implement Multiprotocol label Switching (MPLS)
      1. MPLS Unicast Routing Using LDP
      2. Controlling Label Distribution
    2. Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer edge (CE) routers
      1. MPLS VPN Using Static Routing Between PE-CE
      2. MPLS VPN Using EIGRP as the PE-CE Routing Protocol
      3. MPLS VPN Using OSPF as the PE-CE Routing Protocol
      4. MPLS VPN Using EBGP as the PE-CE Routing Protocol
      5. Controlling Route Propagation Using the Route Target with Import and Export Maps
    3. Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
  5. Implement IP Multicast
    1. Implement PIM Dense Mode
    2. PIM on an NMBA Network
    3. Implement Protocol Independent Multicast (PIM) sparse mode
      1. Static Rendezvous Point
      2. Multiple Statuc Rendezvous Points
      3. Auto Rendezvous Points
      4. PIM Sparse Mode with Multiple Rendezvous Points Using the Auto Rendezvous Point
    4. Bidirectional PIM
    5. Implement Multicast Source Discovery Protocol (MSDP)
      1. MSDP
      2. MSDP to an Anycast Rendezvous Point
    6. Implement interdomain multicast routing
    7. Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router (BSR)
    8. Implement multicast tools, features, and source-specific multicast
      1. Multicast Rate Limiting
      2. IGMP Filtering on the Switch
      3. Use of teh Switch to Block Multicast Traffic
      4. Multicasting Through a GRE Tunnel
      5. Multicast Helper Address
    9. Implement IPv6 multicast
      1. IPv6 Multicast Routing Using PIM
      2. IPv6 Multicast Listener discovery (MLD) Protocol
  6. Implement Network Security
    1. Implement access lists
      1. Standard Access Lists
      2. Extended Access Lists
      3. Time-Based Access Lists
      4. Reflexive Access Lists
    2. Implement Unicast Reverse Path Forwarding (uRPF)
    3. Implemenet IP Source Guard
    4. Implement authentication, authorization, and accounting (AAA) (configuring AAA server is not required, only the client-side (IOS) is configured)
      1. Use of a Router to Authenticate Against a AAA Server Using TACACS+
      2. Use of a Router to Authenticate Against a AAA Server Using RADIUS
      3. Local Privilege Authorization
      4. Accounting to a AAA Server Using TACACS+
      5. Accounting to a AAA Server Using RADIUS
    5. Implement Control Plane Policing (CoPP)
    6. Implement Cisco IOS and Zone-Based Firewalls
      1. Basic Cisco IOS Firewall
      2. DoS Protection on a Cisco IOS Firewall
      3. Basic Zone-Based Firewall
      4. Zone-Based Firewall with Deep Packet Inspection
    7. Implement Cisco IOS Intrusion Prevention System (IPS)
    8. Implement Secure Shell (SSH)
    9. Implement 802.1x
    10. Implement NAT
      1. Dynamic NAT
      2. PAT
      3. Static NAT
      4. Policy-Based NAT
    11. Implement routing protocol authentication
      1. Routing Protocol Authentication for EIGRP
      2. Routing Protocol Authentication for OSPF-Area-Wide
      3. Routing Protocol Authentication for OSPF-Interface-Specific
      4. Routing Protocol Authentication for OSPF Virtual Links
      5. Routing Protocol Authentication for BGP
    12. Implement device access control
    13. Implement security features
      1. Storm Control
      2. Switch Port Security
      3. Dot1x Authentication
      4. Dot1x Authentication for VLAN Assignment
      5. VLAN Access Maps
      6. DHCP Snooping
      7. DAI
      8. IP Source Guard
      9. Private VLANs
      10. Configuring the TCP Intercept Feature
      11. Configuring Blocking of Fragment Attacks
      12. Configuring Switch Security Features
      13. Configuring Antispoofing Using ACL
      14. Configuring Antispoofing Using uRPF
  7. Implement Network Service
    1. Implement Hot Standby Router Protocol (HSRP)
      1. HSRP between two Routers
      2. Pre-empt for HSRP
      3. Authentication for HSRP
    2. Implement Gateway Load Balancing Protocol (GLBP)
    3. Implement Virtual Router Redundancy Protocol (VRRP)
    4. Implement Network Time Protocol (NTP)
      1. NTP Using the NTP Master and NTP Server Commands
      2. NTP Without Using the NTP Server
      3. NTP Using NTP Broadcast Commands
    5. Implement DHCP
      1. Configuring DHCP on a Cisco IOS Router
      2. Configuring DHCP on a Switch
      3. Using a Router and a Switch to Act as a DHCP Relay Agent (Helper Address)
    6. Implement Web Cache Communication Protocol (WCCP)
    7. Use of the Router to Generate an Exception Dump Using TFTP
    8. Use of the Router to Generate an Exception Dump Using FTP
    9. Use of the Router to Generate an Exception Dump Using RCP
    10. Broadcast Forwarding for Protocols
  8. Implement Quality of Service (QoS)
    1. Implement Modular QoS CLI (MQC)
      1. Policing
      2. Class-based weighted fair queuing (CBWFQ)
      3. Low latency queuing (LLQ)
      4. Shaping Using MQC
      5. Random Early Detection Using MQC
      6. WRED Using MQC
      7. Using Network-Based Aplication Recognition (NBAR) for QoS
      8. Discard Eligible Marking Using MQC
    2. modified deficit round robin (MDRR)
    3. Classification
      1. Marking Using DSCP
      2. Marking Using IP Precedence
      3. Marking Using COS
    4. Congestion Management and Congestion Avoidance
      1. Priority Queuing
      2. Custom Queuing
      3. Weighted Fair Queuing
      4. Weighted random early detection (WRED), and random early detection (RED)
      5. Resource Reservation Protocol (RSVP)
    5. Policing and Shaping
      1. CAR Using Rate Limiting Under the Interface
      2. Frame Relay Traffic Using Map Classes
      3. Discard Eligible List
    6. Link Efficiency Mechanisms
      1. Compression
      2. link fragmentation and interleaving (LFI) for Frame Relay
    7. Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
    8. Implement generic traffic shaping
    9. Implement Cisco AutoQoS
  9. Troubleshoot a Network 
    1. Troubleshoot complex Layer 2 network issues
      1. Troubleshooting Catalyst Switch Network Issues
      2. Troubleshooting Frame Relay Network Issues
    2. Troubleshoot complex Layer 3 network issues
      1. Troubleshooting IP Addressing Network Issues
      2. Troubleshooting Routing Protocol Network Issues
      3. Troubleshooting Routing Protocol Loop Issues
    3. Troubleshoot a network in response to application problems
      1. Determinig Which Aspects of the Network to Troubleshoot to Determine Network
    4. Troubleshoot network services
      1. Troubleshooting  Misconfigured NTP Setup
      2. Troubleshooting  Misconfigured DHCP Setup
      3. Troubleshooting  Misconfigured Telnet and SSH Setup
      4. Troubleshooting  Misconfigured SNMP Setup
    5. Troubleshoot network security
      1. Troubleshooting Misconfigured ACLs
      2. Troubleshooting Misconfigured NAT
      3. Troubleshooting Misconfigured AAA Services
  10.  Optimize the Network
    1. Logging In
      1. Logging into a Remote Syslog Server
      2. Logging into the Internal Buffer
    2. Implement IP Service Level Agreement SLA
      1.  
    3. Implement Netflow
    4. Implement SPAN, RSPAN, and router IP traffic export (RITE)
    5. Implement Simple Network Managemnet Protocol (SNMP)
      1. SNMP Management on the Switch 
      2. Use of a Router to Communicate to an SNMP Management Station
      3. User of a Router to Generate SNMP Traps
    6. Implement Cisco IOS Embedded Event Management (EEM)
    7. Implement Remote Monitoring (RMON) 
      1. Use of a Router to Generate SNMP Traps Using RMON
    8. Accounting
      1. IP Accounting
    9. Implement FTP
    10. Implement TFTP
    11. Implement TFTP server on router
    12. Implement Secure Copy Protocol (SCP)
    13. Implement HTTP and HTTPS
    14. Implement Telnet
      1. Telnet and SSH management on the Switch
      2. Disabling telnet and the SSH Client on the Switch
      3. Controlling Inbound and Outbound Telnet on the Switch
  11.  Misc
    1. Regular and Smart Macros
    2. Switch Banners
    3. UDLD
    4. Switch Virtual Interface (SVIs) for IP Routing
    5. Router on a Stick
    6. IP Phones to Connect to the Catalyst Swith
    7. Dot1q Tunneling