tag:blogger.com,1999:blog-50632659401893834012022-06-10T22:06:45.097-07:00Tumbler NoteMy job note and materialTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.comBlogger27125tag:blogger.com,1999:blog-5063265940189383401.post-22821372937611559962012-06-21T02:10:00.003-07:002012-06-21T02:11:00.007-07:00SSH configuration<ol>
<li><div content="0">
<span style="color: white;">Specify the Host name.</span></div>
<blockquote>
<pre><span style="color: white;">Router(config)#<b>hostname <host name></b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Define a default domain name.</span><br />
<blockquote>
<pre><span style="color: white;">Router(config)#<b>ip domain-name <Domain Name></b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Generate RSA key pairs.</span><br />
<blockquote>
<pre><span style="color: white;">Router(config)#<b>crypto key generate rsa</b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Configure SSH-RSA keys for user and server authentication.</span><br />
<blockquote>
<pre><span style="color: white;">Router(config)#<b>ip ssh pubkey-chain</b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Configure the SSH username.</span><br />
<blockquote>
<pre><span style="color: white;">Router(conf-ssh-pubkey)#<b>username <user name></b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Specify the RSA public key of the remote peer.</span><br />
<blockquote>
<pre><span style="color: white;">Router(conf-ssh-pubkey-user)#<b>key-string</b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Specify the SSH key type and version. (optional)</span><br />
<blockquote>
<pre><span style="color: white;">Router(conf-ssh-pubkey-data)#<b>key-hash ssh-rsa <key ID></b>
</span></pre>
</blockquote>
</li>
<li><span style="color: white;">Exit the current mode and return to privileged EXEC mode.</span><br />
<blockquote>
<pre><span style="color: white;">Router(conf-ssh-pubkey-data)#<b>end</b>
</span></pre>
</blockquote>
</li>
</ol>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-63858007274248036872012-06-19T20:18:00.001-07:002012-06-21T02:09:15.922-07:00some troubleshooting skill related to CPU usage<span style="color: white;"><br /></span><br />
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;">process cpu threshold type total rising 80 interval 5</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span style="color: white;"><br /></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> event syslog pattern "%SYS-1-CPURISINGTHRESHOLD"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 1 cli command "enable"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 1 cli command "<enable password>"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 3 cli command "show clock | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 4 cli command "show proc cpu sorted | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 5 cli command "show proc cpu history | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 6 cli command "show interface | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 7 cli command "show int switching | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 8 cli command "show ip traffic | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 9 cli command "show ip cef switching stat feature | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 10 cli command "show debug | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>
<div class="MsoNormal">
<span lang="EN-US" style="color: white; mso-ansi-language: EN-US;"> action 11 cli command "show align | append flash:risecpu_info"</span><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></div>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-47044690057355676432011-05-07T08:42:00.000-07:002011-05-07T08:42:11.868-07:00IP Prefix NotesHow a Prefix List Match Works<br />
The matching is similar to that of the access-list—more specifically:<br />
· An empty prefix list permits all prefixes.<br />
· An implicit deny is assumed if a given prefix does not match any entries of a prefix list.<br />
· When multiple entries of a prefix list match a given prefix, the one with the smallest sequence is considered as the “real” match. In short, the first match wins!Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-19158742800793138632011-05-04T00:02:00.000-07:002011-05-07T08:44:55.953-07:00BGP notes<b>The BGP Path-Selection Process</b><br />
1. Ignore paths marked as "not synchronized" in the output of <b>show ip bgp</b><br />
<b>x.x.x.x.</b> If BGP synchronization is enabled - which is the current default in IOS<br />
Software - there must be a match for the prefix in the IP routing table for an<br />
internal (that is, iBGP) path to be considered a valid path. Most ISPs will want<br />
to disable synchronization using the<b> no synchronization</b> BGP subcommand.<br />
2. Ignore paths for which the NEXT_HOP is inaccessible. This is why it is<br />
important to have an IGP route to the NEXT_HOP associated with the path.<br />
3. Ignore paths from an eBGP neighbor if the local AS appears in the AS path.<br />
Such paths are denied upon ingress into the router and are not even installed<br />
in the BGP RIB. The same applies to any path denied by routing policy<br />
implemented through access, prefix, AS path, or community lists, unless<br />
inbound soft reconfiguration is configured for the neighbor.<br />
4. If <b>bgp bestpath enforce-first-as</b> is enabled and the UPDATE does not<br />
contain the AS of the neighbor as the first AS number in the AS_SEQUENCE,<br />
send a NOTIFICATION and close the session.<br />
5. Ignore paths marked as "(received-only)" in the output of <b>show ip bgp</b><br />
<b>x.x.x.x.</b> This path has been rejected by policy but has been stored by the<br />
router because soft-reconfiguration inbound has been configured for the<br />
neighbor sending the path.<br />
6. Ignore paths with a next -hop metric marked as inaccessible.<br />
<br />
<b>The BGP Best-Path Algorithm for IOS Software</b> <br />
1. Prefer the path with the largest weight. Note that <b>weight </b>is a Cisco specific<br />
parameter, local to the router on which it is configured.<br />
2. Prefer the path with the largest LOCAL_PREF.<br />
3. Prefer the path that was locally originated through a <b>network </b>or <b>aggregate</b><br />
BGP subcommand or through redistribution from an IGP.<br />
4. Prefer locally sourced network/redistributed paths over locally generated<br />
aggregates.<br />
5. Prefer the path with the shortest AS path.<br />
A. This step is skipped if <b>bgp bestpath as-path</b> <b>ignore </b>is configured.<br />
B. An AS_SET counts as one AS, no matter how many autonomous systems are in the set. The AS_CONFED_SEQUENCE is not included in the AS path length.<br />
6. Prefer the path with the lowest origin type: IGP is lower than EGP, and EGP is<br />
lower than INCOMPLETE.<br />
7. Prefer the path with the lowest MED.<br />
A. This comparison is done only if the first (that is, neighboring) AS is the<br />
same in the two paths; any confederation sub-autonomous systems are ignored. In other words, MEDs are compared only if the first AS in the AS_SEQUENCE is the same; any preceding AS_CONFED_SEQUENCE is ignored.<br />
B. If <b>bgp always-compare-med</b> is enabled, MEDs are compared for all paths. This knob needs to be enabled over the entire AS. Otherwise, routing loops could occur.<br />
C. If <b>bgp bestpath med</b> <b>confed </b>is enabled, MEDs are compared for all paths that consist only of AS_CONFED_SEQUENCE (that is, paths originated within the local confederation).<br />
D. Paths received with no MED are assigned a MED of 0, unless <b>bgp </b><b>bestpath missing-is-worst</b> is enabled, in which case they effectively are considered to have (although not actually assigned) a MED of 4,294,967,295. Any route received from a neighbor with a MED of 4,294,967,295 will have the MED changed to 4,294,967,294 before insertion into the BGP table.<br />
E. BGP Deterministic MED also can influence this step.<br />
8. Prefer the eBGP over iBGP paths. Note that paths containing AS_CONFED_SEQUENCE are local to the confederation and, therefore, are treated as internal paths. There is no distinction between confederation external and confederation internal.<br />
9. Prefer the path with the lowest IGP metric to the BGP next hop.<br />
10. If <b>maximum-paths</b> <i>N</i> is enabled and there are multiple external/confederation-external paths from the same neighboring AS/sub-AS, then insert up to N most recently received paths in the IP routing table. This allows eBGP multipath load sharing. The maximum value of N is currently 6; the default value, with the knob disabled, is 1. The oldest received path is marked as the best path in the output of<b> show ip bgp</b> <i>x.x.x.x</i>, and the equivalent of <b>next-hop-self</b> is performed before forwarding this best path on to internal peers.<br />
11. Prefer the path that was received first (that is, the oldest one).<br />
A. This step minimizes route flapping because a newer path will not displace an older one, even if it otherwise would be selected on account of the additional decision criteria below. It makes more sense to apply the additional decision steps only below to iBGP paths, to ensure a consistent best-path decision within the network and thereby avoid loops.<br />
B. This step is skipped if <b>bgp bestpath compare-routerid</b> is enabled.<br />
C. This step is skipped if the ROUTER_ID is the same because the routers were received from the same router.<br />
D. This step is skipped if there is no current best path. An example of losing the current best path occurs when the neighbor offering the path goes down.<br />
12. Prefer the route coming from the BGP router with the lowest router ID. The<br />
router ID is the highest IP address on the router, with preference given to loopback interfaces if one or more are configured. It also can be set manually<br />
through <b>bgp router-id</b> <i>x.x.x.x.</i> Note that if a path contains route reflector attributes, the originator ID is substituted for the router ID in the path-selection process.<br />
13. If the originator/router ID is the same, prefer the path with the minimum<br />
cluster ID length. This will be present in BGP route-reflector environments<br />
only, and it allows clients to peer with route reflectors/clients in other<br />
clusters. In this scenario, the client must be aware of the route reflector-specific BGP attributes.<br />
14. Prefer the path coming from the lowest neighbor address. This is the IP<br />
address used in the BGP neighbor configuration, and it corresponds to the<br />
address that the remote peer uses in the TCP connection with the local router.<br />
<br />
Several limitations existed with BGP peer groups in older IOS Software versions:<br />
· If used for clients of a route reflector, all the clients should be fully meshed.<br />
· If used as an eBGP peer group, transit cannot be provided among the peer group members.<br />
· All the eBGP peer-group members should be from the same subnet to avoid nonconnected next-hop announcements.<br />
<br />
A list of peer groups commonly by ISPs follows: <br />
· Normal iBGP peer group-For normal iBGP peers.<br />
· iBGP client peer group- For reflection peers on a route reflector.<br />
· eBGP full routes- For peers to receive full Internet routes.<br />
· eBGP customer routes-For peers to receive routes from direct customers of the ISP only. Some members can be configured with default-origination to receive the default route as well as the customer routes.<br />
· eBGP default routes-For peers to receive the default route and possibly a few other routes. <br />
<br />
Two or more iBGP paths are considered candidates for multipath if the following<br />
criteria are met:<br />
· All attributes (weight, localpref, AS-PATH [entire attribute, not just length],<br />
Origin, MED, and IGP distance are the same.<br />
· The next hops are different.<br />
<br />
Currently the prefix-list ORF is implemented for IPv4 unicast only. Some points to<br />
note about the implementation are listed here:<br />
· By default, the prefix-list ORF capability is not advertised to any neighbors.<br />
· The capability cannot be advertised to a neighbor that is a peer group member.<br />
· The prefix-list ORF is pushed over to the peer router immediately after the session is established if the local router has received the ORF capability and has configured an inbound prefix-list filter for the neighbor.Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-38070573273567266082011-04-17T11:27:00.000-07:002011-04-17T13:00:50.584-07:00Spanning Tree ProtocolWhen a switch receives multiple Hellos with equal calculated cost, it uses the following tiebreakers:<br />
1. Pick the lowest value of the forwarding switch's bridge ID.<br />
2. Use the lowest port priority of the neighboring switch. The neighboring switch added its own port priority to the Hello before forwarding it.<br />
3. Use the lowest internal port number (of the forwarding switch) as listed inside the received Hellos.<br />
<br />
<b> </b><br />
<b>spanning-tree mode</b> {<b>mst </b>| <b>pvst </b>| <b>rapid-pvst</b>}<br />
[<b>no</b>] <b>spanning-tree vlan</b><i> vlan-id</i><br />
<b>spanning-tree vlan vlan-id {forwardtime </b><i>seconds </i><b>| hello-time </b><i>seconds </i><b>| max-age </b><i>seconds </i><b>| priority </b><i>priority </i><b>| {root {primary | secondary} [diameter </b><i>net-diameter</i><b> [hello-time </b><i>seconds</i><b>]]}}</b><br />
<b>spanning-tree vlan </b><i>x</i><b> cost </b><i>y</i><br />
<b>spanning-tree vlan </b><i>x</i><b> port-priority </b><i>y</i><br />
<br />
<b>channel-group </b><i>channel-group-number</i><b> mode {auto [non-silent] | desirable [non-silent] | on | active | passive}</b><br />
<b>channel-protocol {lacp | pagp}</b><br />
<b>interface port-channel</b> <i>port-channel-number</i><br />
<br />
<b>spanning-tree portfast</b><br />
<b>spanning-tree bpduguard {enable | disable}</b><br />
<b>spanning-tree uplinkfast</b><br />
<b>spanning-tree backbonefast</b><br />
<b>spanning-tree mst </b><i>instance-id</i><b> priority </b><i>priority</i><br />
<b>spanning-tree mst configuration</b><br />
<br />
<b>show spanning-tree { root | brief | summary }</b><br />
<b>show spanning-tree { uplinkfast | backbonefast }</b><br />
<b>show interface</b><br />
<b>show interface trunk</b><br />
<b>show etherchannel [summary]</b><br />
<b>show interface switchport</b><br />
<b>show vtp status</b><br />
<b>show controllers</b>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-63135437492276127772011-04-12T05:00:00.000-07:002011-04-17T11:00:01.509-07:00VLANUsing VLAN Database Mode to Create VLANs <br />
Switch3# show vlan brief<br />
Switch3# vlan database<br />
Switch3# vlan database<br />
Switch3(vlan)# vlan 21<br />
Switch3(vlan)# show current<br />
Switch3(vlan)# show proposed<br />
Switch3(vlan)# apply<br />
Switch3(vlan)# vlan 22 name ccie-vlan-22<br />
Switch3(vlan)# show current 22<br />
VLAN 22 does not exist in current database<br />
Switch3(vlan)# show proposed 22<br />
Switch3(vlan)# ^Z<br />
<br />
Using Configuration Mode to Put Interfaces into VLANs<br />
Switch3# config t<br />
Enter configuration commands, one per line. End with CNTL/Z.<br />
Switch3(config)# int fa 0/8<br />
Switch3(config-if)# switchport access vlan 31<br />
% Access VLAN does not exist. Creating vlan 31<br />
Switch3(config-if)# exit<br />
Switch3(config)# vlan 32<br />
Switch3(config-vlan)# name ccie-vlan-32<br />
Switch3(config-if)# ^Z<br />
<br />
Switch3(config)# vtp domain CCIE-domain<br />
<br />
Switch1# sh vtp status<br />
Switch1# show vlan brief<br />
<br />
VLAN Trunking<br />
<b>switchport </b>| <b>no switchport</b><br />
<b>switchport mode</b><br />
<b>switchport trunk</b><br />
<b>switchport access</b><br />
<b>show interface trunk</b><br />
<b>show interface</b><i> type number</i><b> trunk</b><br />
<b>show interface </b><i>type number</i><b> switchport</b><br />
<br />
Trunking Configuration Options<b> </b><br />
<b>switchport mode trunk</b><br />
<b>switchport nonegotiate</b><br />
<b>switchport mode dynamic desirable</b><br />
<b>switchport mode dynamic auto</b><br />
<b>switchport mode access</b><br />
<b> switchport trunk encapsulation</b><br />
<b><br />
</b><br />
<b>interface fastethernet 0/0.1<br />
ip address 10.1.21.1 255.255.255.0<br />
encapsulation isl 21<br />
!<br />
interface fastethernet 0/0.2<br />
ip address 10.1.22.1 255.255.255.0<br />
encapsulation isl 22</b><br />
<b><br />
</b><br />
<b>interface fastethernet 0/0<br />
ip address 10.1.21.1 255.255.255.0<br />
!<br />
interface fastethernet 0/0.2<br />
ip address 10.1.22.1 255.255.255.0<br />
encapsulation dot1q 22</b><br />
<b><br />
</b><br />
<b>EdgeRouter# conf t<br />
EdgeRouter(config)# interface fa0/1<br />
EdgeRouter(config-if)# ip address 192.168.100.1 255.255.255.0<br />
EdgeRouter(config-if)# ip nat inside<br />
EdgeRouter(config)# interface fa0/1<br />
EdgeRouter(config-if)# pppoe-client dial-pool-number 1<br />
EdgeRouter(config-if)# exit<br />
EdgeRouter(config)# interface dialer1<br />
EdgeRouter(config-if)# mtu 1492<br />
EdgeRouter(config-if)# encapsulation ppp<br />
EdgeRouter(config-if)# ip address negotiated<br />
EdgeRouter(config-if)# ppp authentication chap</b><br />
<b>EdgeRouter(config-if)# ip nat outside<br />
EdgeRouter(config-if)# dialer pool 1</b><br />
<b>EdgeRouter(config-if)# dialer-group 1<br />
EdgeRouter(config-if)# exit<br />
EdgeRouter(config)# dialer-list 1 protocol ip permit<br />
EdgeRouter(config)# ip nat inside source list 1 interface dialier1 overload<br />
EdgeRouter(config)# access-list 1 permit 192.168.100.0 0.0.0.255<br />
EdgeRouter(config)# ip route 0.0.0.0 0.0.0.0 dialer1</b><br />
<b><br />
</b><br />
<b>show pppoe session</b><br />
<b>debug pppoe [data | errors | events | packets]</b><br />
<br />
<b>show mac address-table [aging-time | count | dynamic | static] [address </b><i>hw-addr</i><b>] [interface </b><i>interface-id</i><b>] [vlan </b><i>vlan-id</i><b>]</b><br />
<b>show interfaces [</b><i>interface-id</i><b> | vlan </b><i>vlan-id</i><b>] switchport | trunk]</b><br />
<b>show vlan [brief | id </b><i>vlan-id</i><b> |name </b><i>vlan-nam</i><i>e</i><b> | summary]</b><br />
<b>show vlan [</b><i>vlan</i><b>]</b><br />
<b>show vtp status</b><br />
<b>switchport mode {access | dot1q-tunnel | dynamic {auto | desirable} | trunk}</b><br />
<b>switchport nonegotiate</b><br />
<b>switchport trunk {allowed vlan </b><i>vlan-list</i><b>} | {encapsulation {dot1q | isl | negotiate}} | {native vlan </b><i>vlan-id</i><b>} | {pruning vlan </b><i>vlan-lis</i><b>t}</b><br />
<b>switchport access vlan </b><i>vlan-id</i><br />
<br />
<b>VLAN Database </b><br />
<b>vtp {domain </b><i>domain-name</i><b> | password </b><i>password </i><b>| pruning | v2-mode | {server | client | transparent}}</b><br />
<b>vlan vlan-id [backupcrf {enable | disable}] [mtu </b><i>mtu-size</i><b>] [name vlan-name] [parent </b><i>parent-vlan-id</i><b>] [state {suspend | active}]</b><br />
<b>show {current | proposed | difference}</b><br />
<b>apply | abort | reset</b><br />
<b><br />
</b><br />
<b>VLAN Configuration Mode</b><br />
<b>vtp {domain </b><i>domain-name</i><b> | file </b><i>filename </i><b>| interface </b><i>name </i><b>| mode {client | server | transparent} | password </b><i>password </i><b>| pruning | version </b><i>number</i><b>}</b><br />
<b>vlan vlan-id</b><br />
<br />
<b>Step 1 Change the VTP mode to Transparent, which will reset the configuration<br />
revision number to 0.<br />
Step 2 Delete the vlan.dat file from the switch’s flash.<br />
Step 3 Reboot the switch.<br />
Step 4 Configure the appropriate VTP parameters.<br />
Step 5 Configure trunking.<br />
Step 6 Connect the switch to the network. </b>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-16885259495896741742011-03-24T06:41:00.000-07:002011-03-24T07:08:22.793-07:00SPAN & RSPAN notesBasic SPAN Configuration Example <br />
MDF-ROC1# configure terminal<br />
MDF-ROC1(config)# monitor session 1 source interface fa0/12<br />
MDF-ROC1(config)# monitor session 1 destination interface fa0/24<br />
<br />
Complex SPAN Configuration Example<br />
MDF-ROC3# config term<br />
MDF-ROC3(config)# monitor session 11 source interface fa0/18 rx<br />
MDF-ROC3(config)# monitor session 11 source interface fa0/9 tx<br />
MDF-ROC3(config)# monitor session 11 source interface fa0/19<br />
MDF-ROC3(config)# monitor session 11 filter vlan 1 - 3 , 229<br />
MDF-ROC3(config)# monitor session 11 destination interface fa0/24 encapsulation replicate<br />
<br />
RSPAN Configuration Example<br />
IDF-SYR1# config term<br />
IDF-SYR1(config)# vlan 199<br />
IDF-SYR1(config-vlan)# remote span<br />
IDF-SYR1(config-vlan)# exit<br />
IDF-SYR1(config)# monitor session 3 source vlan 66 – 68 rx<br />
IDF-SYR1(config)# monitor session 3 destination remote vlan 199<br />
!Now moving to IDF-SYR2:<br />
IDF-SYR2# config term<br />
IDF-SYR2(config)# vlan 199<br />
IDF-SYR2(config-vlan)# remote span<br />
IDF-SYR2(config-vlan)# exit<br />
IDF-SYR2(config)# monitor session 23 source vlan 9 rx<br />
IDF-SYR2(config)# monitor session 23 source vlan 11 rx<br />
IDF-SYR2(config)# monitor session 23 destination remote vlan 199<br />
!Now moving to MDF-SYR9<br />
MDF-SYR9# config term<br />
MDF-SYR9(config)# vlan 199<br />
MDF-SYR9(config-vlan)# remote span<br />
MDF-SYR9(config-vlan)# exit<br />
MDF-SYR9(config)# monitor session 63 source remote vlan 199<br />
MDF-SYR9(config)# monitor session 63 destination interface fa0/24<br />
MDF-SYR9(config)# end<br />
<br />
<b>remote span </b><br />
<b>monitor session </b><i>1-66</i><b> source </b>[<b>vlan </b><i>vlan-id</i><b> </b>|<b> interface </b><i>interface-id</i>] [<b>rx </b>|<b> tx </b>|<b> both</b>]<b></b><br />
<b>monitor session </b>1-66<b> destination </b>[<b>remote vlan </b><i>vlan-id</i>] |<b> interface </b><i>interface-id</i>]<br />
<b>monitor session</b> <i>1-66</i><b> filter vlan </b>[<i>vlan </i>| <i>vlan-range</i>]<b><br />
</b><br />
<b>show monitor session</b> <i>session-id </i>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-76627184634182898732011-03-09T23:46:00.000-08:002011-03-09T23:46:27.036-08:00Implement Spanning Tree Protocol (STP)<div class="pB1_Body1">Each configuration BPDU contains this information: </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097248"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />The unique bridge ID of the switch that the sending switch identifies as the root switch </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097249"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />The spanning-tree path cost to the root </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097250"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />The bridge ID of the sending switch </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097251"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Message age </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097252"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />The identifier of the sending interface </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097253"></a><br />
<div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Values for the hello, forward delay, and max-age protocol timers </div><div class="pBu1_Bullet1"><br />
</div><div class="pBu1_Bullet1"><span class="content"><div class="pB1_Body1">Each Layer 2 interface on a switch using spanning tree exists in one of these states: </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097501"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Blocking—The interface does not participate in frame forwarding. </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097502"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Listening—The first transitional state after the blocking state when the spanning tree decides that the interface should participate in frame forwarding. </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097503"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Learning—The interface prepares to participate in frame forwarding. </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097504"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Forwarding—The interface forwards frames. </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097505"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />Disabled—The interface is not participating in spanning tree because of a shutdown port, no link on the port, or no spanning-tree instance running on the port. </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097506"></a><div class="pB1_Body1">An interface moves through these states: </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097507"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />From initialization to blocking </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097508"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />From blocking to listening or to disabled </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097509"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />From listening to learning or to disabled </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097510"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />From learning to forwarding or to disabled </div><a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=7662718463418289873" name="wp1097511"></a><div class="pBu1_Bullet1">•<img alt="" border="0" height="2" src="http://www.cisco.com/en/US/i/templates/blank.gif" width="19" />From forwarding to disabled </div><div class="pBu1_Bullet1"><br />
</div></span></div>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-45339504078394421982011-03-06T07:59:00.000-08:002011-03-06T08:01:51.967-08:00Reference Websites (updating)http://www.backtrack-linux.org/<br />
- a penetration testing distribution websiteTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-74424797729867548472011-02-24T04:16:00.000-08:002011-02-24T04:16:21.805-08:00adding static DNS entry to Window XP or changing the DNS serverToday I find I cannot access some sites.<br />
By checking with the nslookup, found it is blocked by my DNS provider.<br />
There are two ways to work around:<br />
1) change the primary DNS server to the one not blocked or still working under Local Area Connection.<br />
2) change the hosts file under C:\WINDOWS\system32\drivers\etc<br />
add the ip address you find with your site name<br />
xxx.xxx.xxx.xxx site_nameTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-87375760711703099342011-02-16T23:55:00.000-08:002011-02-21T10:31:11.921-08:00route-map caseThere is a someone wants to configure such scenario.<br />
if the router see some port then use a gateway, the solution is using route-map and apply it to the interface.<br />
<br />
conf t<br />
route-map port80<br />
match ip address matchport80<br />
set ip next-hop xxx.xxx.xxx.xxx <----------- the gateway ip you set for next-hop for the http traffic<br />
<br />
<br />
ip access-list extended matchport80<br />
permit tcp any any eq www<br />
<br />
interface FastEthernet0/0<br />
ip policy route-map port80Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-40345679021046967012011-02-01T00:34:00.000-08:002011-02-08T23:10:39.873-08:00Cisco IP advance feature - sweep range of sizesTo check the destination ip mtu, please use the following method. <br />
router#ping<br />
Protocol [ip]:<br />
Target IP address: 10.30.30.1<br />
Repeat count [5]: 1<br />
Datagram size [100]: 1<br />
% A decimal number between 36 and 18024.<br />
Datagram size [100]: 100<br />
Timeout in seconds [2]:<br />
Extended commands [n]: y<br />
Source address or interface:<br />
Type of service [0]:<br />
Set DF bit in IP header? [no]: y<br />
Validate reply data? [no]:<br />
Data pattern [0xABCD]:<br />
Loose, Strict, Record, Timestamp, Verbose[none]:<br />
Sweep range of sizes [n]: y<br />
Sweep min size [36]: 1470<br />
Sweep max size [18024]: 1500<br />
Sweep interval [1]:<br />
Type escape sequence to abort.<br />
Sending 31, [1470..1500]-byte ICMP Echos to 10.30.30.1, timeout is 2 seconds:<br />
!!!!!..........................<br />
Success rate is 16 percent (5/31), round-trip min/avg/max = 52/67/88 msTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-28028698539561769442011-01-27T23:58:00.000-08:002011-01-27T23:58:11.159-08:00Basic Network IP design Jan 28 2011Only one WAN IP<br />
WAN IP put under WAN interface<br />
Private IP put under LAN gw<br />
<br />
<br />
one WAN IP and a public LAN IP subnet<br />
WAN IP put under WAN interface<br />
put the first usable public LAN IP under LAN gw<br />
can put the private IP under the same interface as secondary IP range if needed.<br />
<br />
<br />
<a class="cssButton" href="javascript:void(0)" id="publishButton" onclick="if (this.className.indexOf("ubtn-disabled") == -1) {var e = document['postingForm'].publish;(e.length) ? e[0].click() : e.click(); if (window.event) window.event.cancelBubble = true; return false;}" target=""><div class="cssButtonOuter"><div class="cssButtonMiddle"><div class="cssButtonInner">Publish Post</div></div></div></a>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-21677288970583686852010-12-28T17:28:00.000-08:002011-02-08T23:11:02.889-08:00Configuration of one to one nat mapping and pool natip nat inside source list 1 interface Serial0/0/0 overload<br />
ip nat inside source static 172.18.0.109 204.8.1xx.xxx extendable<br />
ip nat inside source static 172.18.0.108 204.8.1xx.xxx extendable<br />
ip nat inside source static 172.18.0.107 204.8.1xx.xxx extendable<br />
ip nat inside source static 172.18.0.106 204.8.1xx.xxx extendable<br />
ip nat inside source static 172.18.0.105 204.8.1xx.xxx extendable<br />
!<br />
access-list 1 deny 172.18.0.108<br />
access-list 1 deny 172.18.0.109<br />
access-list 1 deny 172.18.0.106<br />
access-list 1 deny 172.18.0.107<br />
access-list 1 deny 172.18.0.105<br />
access-list 1 permit 172.0.0.0 0.255.255.255Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-2764896220013488322010-12-21T14:44:00.000-08:002011-02-08T23:11:38.345-08:00OUI PUBLIC LISTING: PUBLIC OUI AND 'COMPANY_ID' ASSIGNMENTShttp://standards.ieee.org/develop/regauth/oui/oui.txtTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-66369291334618515942010-12-15T03:39:00.000-08:002011-01-28T01:38:49.964-08:00Official List of TCP and UDP port numbers0 UDP Reserved<br />
1 TCP UDP TCP Port Service Multiplexer (TCPMUX)<br />
2 TCP UDP Management Utility<br />
3 TCP UDP Compression Process<br />
<br />
5 TCP UDP Remote Job Entry<br />
<br />
7 TCP UDP Echo Protocol<br />
<br />
9 TCP UDP Discard Protocol<br />
<br />
11 TCP UDP Active Users (systat service[2])<br />
<br />
13 TCP UDP Daytime Protocol (RFC 867)<br />
17 TCP UDP Quote of the Day<br />
18 TCP UDP Message Send Protocol<br />
19 TCP UDP Character Generator Protocol (CHARGEN)<br />
20 TCP FTP – data transfer<br />
21 TCP FTP – control (command)<br />
22 TCP UDP Secure Shell (SSH)—used for secure logins, file transfers (scp, sftp) and port forwarding<br />
23 TCP Telnet protocol—unencrypted text communications<br />
24 TCP UDP Priv-mail : any private mail system.<br />
25 TCP Simple Mail Transfer Protocol (SMTP)—used for e-mail routing between mail servers<br />
35 TCP UDP Any private printer server protocol<br />
37 TCP UDP TIME protocol<br />
39 TCP UDP Resource Location Protocol[3] (RLP)—used for determining the location of higher level services from hosts on a network<br />
41 TCP UDP Graphics<br />
42 TCP UDP nameserver, ARPA Host Name Server Protocol<br />
43 TCP WHOIS protocol<br />
47 TCP UDP NI FTP<br />
49 TCP UDP TACACS Login Host protocol<br />
50 TCP UDP Remote Mail Checking Protocol<br />
51 TCP UDP IMP Logical Address Maintenance<br />
52 TCP UDP XNS (Xerox Network Systems) Time Protocol<br />
53 TCP UDP Domain Name System (DNS)<br />
54 TCP UDP XNS (Xerox Network Systems) Clearinghouse<br />
56 TCP UDP XNS (Xerox Network Systems) Authentication<br />
58 TCP UDP XNS (Xerox Network Systems) Mail<br />
67 UDP Bootstrap Protocol (BOOTP) Server; also used by Dynamic Host Configuration Protocol (DHCP)<br />
68 UDP Bootstrap Protocol (BOOTP) Client; also used by Dynamic Host Configuration Protocol (DHCP)<br />
69 UDP Trivial File Transfer Protocol (TFTP)<br />
70 TCP Gopher protocol<br />
79 TCP Finger protocol<br />
80 TCP UDP Hypertext Transfer Protocol (HTTP)<br />
83 TCP MIT ML Device<br />
88 TCP UDP Kerberos—authentication system<br />
90 TCP UDP dnsix (DoD Network Security for Information Exchange) Securit Attribute Token Map<br />
101 TCP NIC host name<br />
102 TCP ISO-TSAP (Transport Service Access Point) Class 0 protocol[5]<br />
104 TCP UDP ACR/NEMA Digital Imaging and Communications in Medicine<br />
105 TCP UDP CCSO Nameserver Protocol (Qi/Ph)<br />
107 TCP Remote TELNET Service[6] protocol<br />
108 TCP UDP SNA Gateway Access Server [7]<br />
109 TCP Post Office Protocol v2 (POP2)<br />
110 TCP Post Office Protocol v3 (POP3)<br />
111 TCP UDP ONC RPC (SunRPC)<br />
113 TCP ident—user identification system, used by IRC servers to identify users<br />
113 TCP UDP Authentication Service (auth)<br />
115 TCP Simple File Transfer Protocol (SFTP)<br />
117 TCP UUCP Path Service<br />
118 TCP UDP SQL (Structured Query Language) Services<br />
119 TCP Network News Transfer Protocol (NNTP) — retrieval of newsgroup messages<br />
123 UDP Network Time Protocol (NTP)—used for time synchronization<br />
135 TCP UDP DCE endpoint resolution<br />
137 TCP UDP NetBIOS NetBIOS Name Service<br />
138 TCP UDP NetBIOS NetBIOS Datagram Service<br />
139 TCP UDP NetBIOS NetBIOS Session Service<br />
143 TCP UDP Internet Message Access Protocol (IMAP) — management of email messages<br />
152 TCP UDP Background File Transfer Program (BFTP)[9]<br />
153 TCP UDP SGMP, Simple Gateway Monitoring Protocol<br />
156 TCP UDP SQL Service<br />
161 UDP Simple Network Management Protocol (SNMP)<br />
162 TCP UDP Simple Network Management Protocol Trap (SNMPTRAP)[10]<br />
170 TCP Print-srv, Network PostScript<br />
177 TCP UDP X Display Manager Control Protocol (XDMCP)<br />
179 TCP BGP (Border Gateway Protocol)<br />
194 TCP UDP Internet Relay Chat (IRC)<br />
199 TCP UDP SMUX, SNMP Unix Multiplexer<br />
201 TCP UDP AppleTalk Routing Maintenance<br />
209 TCP UDP The Quick Mail Transfer Protocol<br />
210 TCP UDP ANSI Z39.50<br />
213 TCP UDP Internetwork Packet Exchange (IPX)<br />
218 TCP UDP Message posting protocol (MPP)<br />
220 TCP UDP Internet Message Access Protocol (IMAP), version 3<br />
259 TCP UDP ESRO, Efficient Short Remote Operations<br />
264 TCP UDP BGMP, Border Gateway Multicast Protocol<br />
308 TCP Novastor Online Backup<br />
311 TCP Mac OS X Server Admin (officially AppleShare IP Web administration)<br />
318 TCP UDP PKIX TSP, Time Stamp Protocol<br />
319 UDP Precision time protocol event messages<br />
320 UDP Precision time protocol general messages<br />
350 TCP UDP MATIP-Type A, Mapping of Airline Traffic over Internet Protocol<br />
351 TCP UDP MATIP-Type B, Mapping of Airline Traffic over Internet Protocol<br />
366 TCP UDP ODMR, On-Demand Mail Relay<br />
369 TCP UDP Rpc2portmap<br />
371 TCP UDP ClearCase albd<br />
383 TCP UDP HP data alarm manager<br />
384 TCP UDP A Remote Network Server System<br />
387 TCP UDP AURP, AppleTalk Update-based Routing Protocol<br />
389 TCP UDP Lightweight Directory Access Protocol (LDAP)<br />
401 TCP UDP UPS Uninterruptible Power Supply<br />
427 TCP UDP Service Location Protocol (SLP)<br />
443 TCP HTTPS (Hypertext Transfer Protocol over SSL/TLS)<br />
444 TCP UDP SNPP, Simple Network Paging Protocol (RFC 1568)<br />
445 TCP Microsoft-DS Active Directory, Windows shares<br />
445 TCP Microsoft-DS SMB file sharing<br />
464 TCP UDP Kerberos Change/Set password<br />
475 TCP tcpnethaspsrv (Aladdin Knowledge Systems Hasp services, TCP/IP version)<br />
497 TCP Dantz Retrospect<br />
500 UDP Internet Security Association and Key Management Protocol (ISAKMP)<br />
504 TCP UDP Citadel – multiservice protocol for dedicated clients for the Citadel groupware system<br />
512 TCP Rexec, Remote Process Execution<br />
512 UDP comsat, together with biff<br />
513 TCP rlogin<br />
513 UDP Who<br />
514 TCP Shell—used to execute non-interactive commands on a remote system (Remote Shell, rsh, remsh)<br />
514 UDP Syslog—used for system logging<br />
515 TCP Line Printer Daemon—print service<br />
517 UDP Talk<br />
518 UDP NTalk<br />
520 TCP efs, extended file name server<br />
520 UDP Routing Information Protocol (RIP)<br />
524 TCP UDP NetWare Core Protocol (NCP) is used for a variety things such as access to primary NetWare server resources, Time Synchronization, etc.<br />
525 UDP Timed, Timeserver<br />
530 TCP UDP RPC<br />
532 TCP netnews<br />
533 UDP netwall, For Emergency Broadcasts<br />
540 TCP UUCP (Unix-to-Unix Copy Protocol)<br />
542 TCP UDP commerce (Commerce Applications)<br />
543 TCP klogin, Kerberos login<br />
544 TCP kshell, Kerberos Remote shell<br />
546 TCP UDP DHCPv6 client<br />
547 TCP UDP DHCPv6 server<br />
548 TCP Apple Filing Protocol (AFP) over TCP<br />
550 UDP new-rwho, new-who<br />
554 TCP UDP Real Time Streaming Protocol (RTSP)<br />
556 TCP Remotefs, RFS, rfs_server<br />
560 UDP rmonitor, Remote Monitor<br />
561 UDP monitor<br />
563 TCP UDP NNTP protocol over TLS/SSL (NNTPS)<br />
587 TCP e-mail message submission[11] (SMTP)<br />
591 TCP FileMaker 6.0 (and later) Web Sharing (HTTP Alternate, also see port 80)<br />
593 TCP UDP HTTP RPC Ep Map, Remote procedure call over Hypertext Transfer Protocol, often used by Distributed Component Object Model services and Microsoft Exchange Server<br />
604 TCP TUNNEL profile[12], a protocol for BEEP peers to form an application layer tunnel<br />
623 UDP ASF Remote Management and Control Protocol (ASF-RMCP)<br />
631 TCP UDP Internet Printing Protocol (IPP)<br />
635 TCP UDP RLZ DBase<br />
636 TCP UDP Lightweight Directory Access Protocol over TLS/SSL (LDAPS)<br />
639 TCP UDP MSDP, Multicast Source Discovery Protocol<br />
641 TCP UDP SupportSoft Nexus Remote Command (control/listening): A proxy gateway connecting remote control traffic<br />
646 TCP UDP LDP, Label Distribution Protocol, a routing protocol used in MPLS networks<br />
647 TCP DHCP Failover protocol[13]<br />
648 TCP RRP (Registry Registrar Protocol)[14]<br />
651 TCP UDP IEEE-MMS<br />
653 TCP UDP SupportSoft Nexus Remote Command (data): A proxy gateway connecting remote control traffic<br />
654 TCP Media Management System (MMS) Media Management Protocol (MMP)[15]<br />
657 TCP UDP IBM RMC (Remote monitoring and Control) protocol, used by System p5 AIX Integrated Virtualization Manager (IVM)[16] and Hardware Management Console to connect managed logical partitions (LPAR) to enable dynamic partition reconfiguration<br />
660 TCP Mac OS X Server administration<br />
666 UDP Doom, first online first-person shooter<br />
674 TCP ACAP (Application Configuration Access Protocol)<br />
691 TCP MS Exchange Routing<br />
692 TCP Hyperwave-ISP<br />
694 TCP UDP Linux-HA High availability Heartbeat<br />
695 TCP IEEE-MMS-SSL (IEEE Media Management System over SSL)[17]<br />
698 UDP OLSR (Optimized Link State Routing)<br />
699 TCP Access Network<br />
700 TCP EPP (Extensible Provisioning Protocol), a protocol for communication between domain name registries and registrars (RFC 5734)<br />
701 TCP LMP (Link Management Protocol (Internet))[18], a protocol that runs between a pair of nodes and is used to manage traffic engineering (TE) links<br />
702 TCP IRIS[19][20] (Internet Registry Information Service) over BEEP (Blocks Extensible Exchange Protocol)[21] (RFC 3983)<br />
706 TCP Secure Internet Live Conferencing (SILC)<br />
711 TCP Cisco Tag Distribution Protocol[22][23][24]—being replaced by the MPLS Label Distribution Protocol[25]<br />
712 TCP Topology Broadcast based on Reverse-Path Forwarding routing protocol (TBRPF) (RFC 3684)<br />
749 TCP UDP Kerberos (protocol) administration<br />
750 TCP rfile<br />
750 UDP loadav<br />
750 UDP kerberos-iv, Kerberos version IV<br />
751 TCP UDP pump<br />
752 TCP qrh<br />
752 UDP qrh<br />
753 TCP Reverse Routing Header (rrh)[26]<br />
753 UDP Reverse Routing Header (rrh)<br />
754 TCP tell send<br />
754 UDP tell send<br />
760 TCP UDP ns<br />
847 TCP DHCP Failover protocol<br />
860 TCP iSCSI (RFC 3720)<br />
873 TCP rsync file synchronisation protocol USA only<br />
902 TCP ideafarm-door 902/tcp self documenting Door: send 0x00 for info<br />
902 UDP ideafarm-door<br />
989 TCP UDP FTPS Protocol (data): FTP over TLS/SSL<br />
990 TCP UDP FTPS Protocol (control): FTP over TLS/SSL<br />
991 TCP UDP NAS (Netnews Administration System)<br />
992 TCP UDP TELNET protocol over TLS/SSL<br />
993 TCP Internet Message Access Protocol over SSL (IMAPS)<br />
995 TCP Post Office Protocol 3 over TLS/SSL (POP3S)<br />
1058 TCP UDP nim, IBM AIX Network Installation Manager (NIM)<br />
1059 TCP UDP nimreg, IBM AIX Network Installation Manager (NIM)<br />
1080 TCP SOCKS proxy<br />
1085 TCP UDP WebObjects<br />
1098 TCP UDP rmiactivation, RMI Activation<br />
1099 TCP UDP rmiregistry, RMI Registry<br />
1140 TCP UDP AutoNOC protocol<br />
1169 TCP UDP Tripwire<br />
1176 TCP Perceptive Automation Indigo Home automation server<br />
1182 TCP UDP AcceleNet Intelligent Transfer Protocol<br />
1194 TCP UDP OpenVPN<br />
1198 TCP UDP The cajo project Free dynamic transparent distributed computing in Java<br />
1200 TCP scol, protocol used by SCOL 3D virtual worlds server to answer world name resolution client request[28]<br />
1200 UDP scol, protocol used by SCOL 3D virtual worlds server to answer world name resolution client request<br />
1214 TCP Kazaa<br />
1220 TCP QuickTime Streaming Server administration<br />
1223 TCP UDP TGP, TrulyGlobal Protocol, also known as "The Gur Protocol" (named for Gur Kimchi of TrulyGlobal)<br />
1241 TCP UDP Nessus Security Scanner<br />
1270 TCP UDP Microsoft System Center Operations Manager (SCOM) (formerly Microsoft Operations Manager (MOM)) agent<br />
1293 TCP UDP IPSec (Internet Protocol Security)<br />
1311 TCP Dell OpenManage HTTPS<br />
1319 TCP AMX ICSP<br />
1319 UDP AMX ICSP<br />
1337 UDP Men and Mice DNS<br />
1337 TCP Men and Mice DNS<br />
1352 TCP IBM Lotus Notes/Domino Remote Procedure Call (RPC) protocol<br />
1387 TCP UDP cadsi-lm, LMS International (formerly Computer Aided Design Software, Inc. (CADSI)) LM<br />
1414 TCP IBM WebSphere MQ (formerly known as MQSeries)<br />
1417 TCP UDP Timbuktu Service 1 Port<br />
1418 TCP UDP Timbuktu Service 2 Port<br />
1419 TCP UDP Timbuktu Service 3 Port<br />
1420 TCP UDP Timbuktu Service 4 Port<br />
1431 TCP Reverse Gossip Transport Protocol (RGTP), used to access a General-purpose Reverse-Ordered Gossip Gathering System (GROGGS) bulletin board, such as that implemented on the Cambridge University's Phoenix system<br />
1433 TCP MSSQL (Microsoft SQL Server database management system) Server<br />
1434 TCP UDP MSSQL (Microsoft SQL Server database management system) Monitor<br />
1470 TCP Solarwinds Kiwi Log Server<br />
1494 TCP Citrix XenApp Independent Computing Architecture (ICA) thin client protocol<br />
1512 TCP UDP Microsoft Windows Internet Name Service (WINS)<br />
1513 TCP UDP Garena Garena Gaming Client<br />
1521 TCP nCube License Manager<br />
1524 TCP UDP ingreslock, ingres<br />
1533 TCP IBM Sametime IM—Virtual Places Chat Microsoft SQL Server<br />
1547 TCP UDP Laplink<br />
1581 UDP MIL STD 2045-47001 VMF<br />
1677 TCP UDP Novell GroupWise clients in client/server access mode<br />
1701 UDP Layer 2 Forwarding Protocol (L2F) & Layer 2 Tunneling Protocol (L2TP)<br />
1719 UDP H.323 Registration and alternate communication<br />
1720 TCP H.323 Call signalling<br />
1723 TCP UDP Microsoft Point-to-Point Tunneling Protocol (PPTP)<br />
1755 TCP UDP Microsoft Media Services (MMS, ms-streaming)<br />
1761 UDP cft-0<br />
1761 TCP cft-0<br />
1762–1768 TCP UDP cft-1 to cft-7<br />
1801 TCP UDP Microsoft Message Queuing<br />
1812 TCP UDP radius, RADIUS authentication protocol<br />
1813 TCP UDP radacct, RADIUS accounting protocol<br />
1863 TCP MSNP (Microsoft Notification Protocol), used by the .NET Messenger Service and a number of Instant Messaging clients<br />
1900 UDP Microsoft SSDP Enables discovery of UPnP devices<br />
1935 TCP Adobe Systems Macromedia Flash Real Time Messaging Protocol (RTMP) "plain" protocol<br />
1947 TCP hasplm, Aladdin HASP Licenz Manager<br />
1970 TCP UDP Netop Business Solutions Netop Remote Control<br />
1971 TCP UDP Netop Business Solutions Netop School<br />
1972 TCP UDP InterSystems Caché<br />
1975–1977 UDP Cisco TCO (Documentation)<br />
1984 TCP Big Brother System and Network Monitor<br />
1985 UDP Cisco HSRP<br />
1994 TCP UDP Cisco STUN-SDLC (Serial Tunneling—Synchronous Data Link Control) protocol<br />
1998 TCP UDP Cisco X.25 over TCP (XOT) service<br />
2000 TCP UDP Cisco SCCP (Skinny)<br />
2031 TCP UDP mobrien-chat(<a href="http://chat.mobrien.com:2031/">http://chat.mobrien.com:2031/</a>)<br />
2049 UDP Network File System<br />
2049 UDP shilp<br />
2053 UDP lot105-ds-upd Lot105 DSuper Updates<br />
2053 TCP lot105-ds-upd Lot105 DSuper Updates<br />
2073 TCP UDP DataReel Database<br />
2074 TCP UDP Vertel VMF SA (i.e. App.. SpeakFreely)<br />
2082 TCP Infowave Mobility Server<br />
2083 TCP Secure Radius Service (radsec)<br />
2086 TCP GNUnet<br />
2102 TCP UDP zephyr-srv Project Athena Zephyr Notification Service server<br />
2103 TCP UDP zephyr-clt Project Athena Zephyr Notification Service serv-hm connection<br />
2104 TCP UDP zephyr-hm Project Athena Zephyr Notification Service hostmanager<br />
2105 TCP UDP IBM MiniPay<br />
2156 UDP Talari Reliable Protocol<br />
2161 TCP APC Agent<br />
2181 TCP UDP EForward-document transport system<br />
2210 TCP UDP NOAAPORT Broadcast Network<br />
2211 TCP UDP EMWIN<br />
2212 TCP UDP LeeCO POS Server Service<br />
2219 TCP UDP NetIQ NCAP Protocol<br />
2220 TCP UDP NetIQ End2End<br />
2261 TCP UDP CoMotion Master<br />
2262 TCP UDP CoMotion Backup<br />
2369 TCP Default for BMC Software Control-M/Server—Configuration Agent, though often changed during installation<br />
2370 TCP Default for BMC Software Control-M/Server—to allow the Control-M/Enterprise Manager to connect to the Control-M/Server, though often changed during installation<br />
2404 TCP IEC 60870-5 -104, used to send electric power telecontrol messages between two systems via directly connected data circuits<br />
2420 UDP Westell Remote Access<br />
2427 UDP Cisco MGCP<br />
2447 TCP UDP ovwdb—OpenView Network Node Manager (NNM) daemon<br />
2483 TCP UDP Oracle database listening for unsecure client connections to the listener, replaces port 1521<br />
2484 TCP UDP Oracle database listening for SSL client connections to the listener<br />
2500 TCP THEòSMESSENGER listening for TheòsMessenger client connections<br />
2501 TCP TheosNet-Admin listening for TheòsMessenger client connections<br />
2612 TCP UDP QPasa from MQSoftware<br />
2700–2800 TCP KnowShowGo P2P<br />
2713 TCP UDP Raven Trinity Broker Service<br />
2714 TCP UDP Raven Trinity Data Mover<br />
2735 TCP UDP NetIQ Monitor Console<br />
2809 TCP corbaloc:iiop URL, per the CORBA 3.0.3 specification<br />
2809 UDP corbaloc:iiop URL, per the CORBA 3.0.3 specification.<br />
2868 TCP UDP Norman Proprietary Event Protocol NPEP<br />
2947 TCP gpsd GPS daemon<br />
2948 TCP UDP WAP-push Multimedia Messaging Service (MMS)<br />
2949 TCP UDP WAP-pushsecure Multimedia Messaging Service (MMS)<br />
3050 TCP UDP gds_db (Interbase/Firebird)<br />
3051 TCP UDP Galaxy Server (Gateway Ticketing Systems)<br />
3074 TCP UDP Xbox LIVE and/or Games for Windows - LIVE<br />
3225 TCP UDP FCIP (Fiber Channel over Internet Protocol)<br />
3233 TCP UDP WhiskerControl research control protocol<br />
3235 TCP UDP Galaxy Network Service (Gateway Ticketing Systems)<br />
3260 TCP iSCSI target<br />
3268 TCP UDP msft-gc, Microsoft Global Catalog (LDAP service which contains data from Active Directory forests)<br />
3269 TCP UDP msft-gc-ssl, Microsoft Global Catalog over SSL (similar to port 3268, LDAP over SSL)<br />
3283 TCP Apple Remote Desktop reporting (officially Net Assistant, referring to an earlier product)<br />
3305 TCP UDP odette-ftp, Odette File Transfer Protocol (OFTP)<br />
3306 TCP UDP MySQL database system<br />
3386 TCP UDP GTP' 3GPP GSM/UMTS CDR logging protocol<br />
3389 TCP UDP Microsoft Terminal Server (RDP) officially registered as Windows Based Terminal (WBT) - Link<br />
3396 TCP UDP Novell NDPS Printer Agent<br />
3412 TCP UDP xmlBlaster<br />
3455 TCP UDP [RSVP] Reservation Protocol<br />
3423 TCP Xware xTrm Communication Protocol<br />
3424 TCP Xware xTrm Communication Protocol over SSL<br />
3478 TCP UDP STUN, a protocol for NAT traversal<br />
3483 UDP Slim Devices discovery protocol<br />
3483 TCP Slim Devices SlimProto protocol<br />
3516 TCP UDP Smartcard Port<br />
3527 UDP Microsoft Message Queuing<br />
3532 TCP UDP Raven Remote Management Control<br />
3533 TCP UDP Raven Remote Management Data<br />
3544 UDP Teredo tunneling<br />
3605 UDP ComCam IO Port<br />
3606 TCP UDP Splitlock Server<br />
3632 TCP distributed compiler<br />
3689 TCP Digital Audio Access Protocol (DAAP)—used by Apple’s iTunes and AirPort Express<br />
3690 TCP UDP Subversion version control system<br />
3702 TCP UDP Web Services Dynamic Discovery (WS-Discovery), used by various components of Windows Vista<br />
3880 TCP UDP IGRS<br />
3868 TCP SCTP Diameter base protocol (RFC 3588)<br />
3900 TCP udt_os, IBM UniData UDT OS[30]<br />
3945 TCP UDP EMCADS service, a Giritech product used by G/On<br />
3999 TCP UDP Norman distributed scanning service<br />
4018 TCP UDP protocol information and warnings<br />
4069 UDP Minger Email Address Verification Protocol[31]<br />
4089 TCP UDP OpenCORE Remote Control Service<br />
4093 TCP UDP PxPlus Client server interface ProvideX<br />
4096 TCP UDP Ascom Timeplex BRE (Bridge Relay Element)<br />
4111 TCP Xgrid<br />
4116 TCP UDP Smartcard-TLS<br />
4321 TCP Referral Whois (RWhois) Protocol[32]<br />
4500 UDP IPSec NAT Traversal (RFC 3947)<br />
4569 UDP Inter-Asterisk eXchange (IAX2)<br />
4662 TCP UDP OrbitNet Message Service<br />
4728 TCP Computer Associates Desktop and Server Management (DMP)/Port Multiplexer [33]<br />
4840 TCP UDP OPC UA TCP Protocol for OPC Unified Architecture from OPC Foundation<br />
4843 TCP UDP OPC UA TCP Protocol over TLS/SSL for OPC Unified Architecture from OPC Foundation<br />
4847 TCP UDP Web Fresh Communication, Quadrion Software & Odorless Entertainment<br />
4894 TCP UDP LysKOM Protocol A<br />
4899 TCP UDP Radmin remote administration tool (program sometimes used by a Trojan horse)<br />
4949 TCP Munin Resource Monitoring Tool<br />
4950 TCP UDP Cylon Controls UC32 Communications Port<br />
5000 TCP commplex-main<br />
5001 TCP commplex-link<br />
5003 TCP UDP FileMaker<br />
5004 TCP UDP,DCCP RTP (Real-time Transport Protocol) media data (RFC 3551, RFC 4571)<br />
5005 TCP UDP,DCCP RTP (Real-time Transport Protocol) control protocol (RFC 3551, RFC 4571)<br />
5051 TCP ita-agent Symantec Intruder Alert[34]<br />
5060 TCP UDP Session Initiation Protocol (SIP)<br />
5061 TCP Session Initiation Protocol (SIP) over TLS<br />
5084 TCP UDP EPCglobal Low Level Reader Protocol (LLRP)<br />
5085 TCP UDP EPCglobal Low Level Reader Protocol (LLRP) over TLS<br />
5093 UDP SafeNet, Inc Sentinel LM, Sentinel RMS, License Manager, Client-to-Server<br />
5099 TCP UDP SafeNet, Inc Sentinel LM, Sentinel RMS, License Manager, Server-to-Server<br />
5151 TCP ESRI SDE Instance<br />
5151 UDP ESRI SDE Remote Start<br />
5154 TCP UDP BZFlag<br />
5190 TCP ICQ and AOL Instant Messenger<br />
5222 TCP Extensible Messaging and Presence Protocol (XMPP) client connection (RFC 3920)<br />
5246 UDP Control And Provisioning of Wireless Access Points (CAPWAP) CAPWAP control (RFC 5415)<br />
5247 UDP Control And Provisioning of Wireless Access Points (CAPWAP) CAPWAP data (RFC 5415)5269 TCP Extensible Messaging and Presence Protocol (XMPP) server connection (RFC 3920)5298 TCP UDP Extensible Messaging and Presence Protocol (XMPP) JEP-0174: Link-Local Messaging / XEP-0174: Serverless Messaging5351 TCP UDP NAT Port Mapping Protocol—client-requested configuration for inbound connections through network address translators5353 UDP Multicast DNS (mDNS)<br />
5355 TCP UDP LLMNR—Link-Local Multicast Name Resolution, allows hosts to perform name resolution for hosts on the same local link (only provided by Windows Vista and Server 2008)<br />
5402 TCP UDP mftp, Stratacache OmniCast content delivery system MFTP file sharing protocol<br />
5405 TCP UDP NetSupport Manager<br />
5421 TCP UDP NetSupport Manager<br />
5432 TCP UDP PostgreSQL database system<br />
5556 TCP UDP Freeciv<br />
5631 TCP pcANYWHEREdata, Symantec pcAnywhere (version 7.52 and later[37])[38] data<br />
5632 UDP pcANYWHEREstat, Symantec pcAnywhere (version 7.52 and later) status<br />
5814 TCP UDP Hewlett-Packard Support Automation (HP OpenView Self-Healing Services)<br />
5900 TCP UDP Virtual Network Computing (VNC) remote desktop protocol (used by Apple Remote Desktop and others)<br />
5984 TCP UDP CouchDB database server<br />
5999 TCP CVSup [40] file update tool<br />
6000 TCP X11—used between an X client and server over the network<br />
6001 UDP X11—used between an X client and server over the network<br />
6005 TCP Default for BMC Software Control-M/Server—Socket used for communication between Control-M processes—though often changed during installation<br />
6086 TCP PDTP—FTP like file server in a P2P network<br />
6110 TCP UDP softcm, HP Softbench CM<br />
6111 TCP UDP spc, HP Softbench Sub-Process Control<br />
6112 TCP UDP "dtspcd"—a network daemon that accepts requests from clients to execute commands and launch applications remotely<br />
6129 TCP DameWare Remote Control<br />
6343 UDP SFlow, sFlow traffic monitoring<br />
6346 TCP UDP gnutella-svc, gnutella (FrostWire, Limewire, Shareaza, etc.)<br />
6347 TCP UDP gnutella-rtr, Gnutella alternate<br />
6350 TCP UDP App Discovery and Access Protocol<br />
6432 TCP PgBouncer - A connection pooler for PostgreSQL<br />
6444 TCP UDP Sun Grid Engine—Qmaster Service<br />
6445 TCP UDP Sun Grid Engine—Execution Service<br />
6619 TCP UDP odette-ftps, Odette File Transfer Protocol (OFTP) over TLS/SSL<br />
6665–6669 TCP Internet Relay Chat (IRC)<br />
6888 TCP UDP MUSE<br />
6969 TCP UDP acmsoda<br />
7400 TCP UDP RTPS (Real Time Publish Subscribe) DDS Discovery<br />
7401 TCP UDP RTPS (Real Time Publish Subscribe) DDS User-Traffic<br />
7402 TCP UDP RTPS (Real Time Publish Subscribe) DDS Meta-Traffic<br />
7547 TCP UDP CPE WAN Management Protocol Technical Report 069<br />
7787-7788 TCP GFI EventsManager 7 & 8<br />
7937-9936 TCP UDP EMC2 (Legato) Networker or Sun Solcitice Backup<br />
8000 TCP UDP iRDMI (Intel Remote Desktop Management Interface)[45]—sometimes erroneously used instead of port 8080<br />
8008 TCP HTTP Alternate<br />
8080 TCP HTTP alternate (http_alt)—commonly used for Web proxy and caching server, or for running a Web server as a non-root user<br />
8118 TCP Privoxy—advertisement-filtering Web proxy<br />
8123 TCP Polipo Web proxy<br />
8243 TCP UDP HTTPS listener for Apache Synapse [48]<br />
8280 TCP UDP HTTP listener for Apache Synapse [48]<br />
8400 TCP UDP cvp, Commvault Unified Data Management<br />
8442 TCP UDP CyBro A-bus, Cybrotech Ltd.<br />
8880 UDP cddbp-alt, CD DataBase (CDDB) protocol (CDDBP) alternate<br />
8880 TCP cddbp-alt, CD DataBase (CDDB) protocol (CDDBP) alternate<br />
8888 TCP UDP NewsEDGE server<br />
9001 TCP UDP ETL Service Manager[49]<br />
9009 TCP UDP Pichat Server—Peer to peer chat software<br />
9080 UDP glrpc, Groove Collaboration software GLRPC<br />
9080 TCP glrpc, Groove Collaboration software GLRPC<br />
9100 TCP PDL Data Stream<br />
9101 TCP UDP Bacula Director<br />
9102 TCP UDP Bacula File Daemon<br />
9103 TCP UDP Bacula Storage Daemon<br />
9105 TCP UDP Xadmin Control Daemon<br />
9119 TCP UDP MXit Instant Messenger<br />
9306 TCP Sphinx Native API<br />
9312 TCP Sphinx SphinxQL<br />
9418 TCP UDP git, Git pack transfer service<br />
9535 TCP UDP mngsuite, LANDesk Management Suite Remote Control<br />
9536 TCP UDP laes-bf, IP Fabrics Surveillance buffering function<br />
9600 UDP Omron FINS, OMRON FINS PLC communication<br />
9800 TCP UDP WebDAV Source<br />
9898 TCP UDP MonkeyCom<br />
9996 TCP UDP The Palace "The Palace" Virtual Reality Chat software. – 5<br />
10008 TCP UDP Octopus Multiplexer, primary port for the CROMP protocol, which provides a platform-independent means for communication of objects across a network<br />
10010 TCP Open Object Rexx (ooRexx) rxapi daemon<br />
10050 TCP UDP Zabbix-Agent<br />
10051 TCP UDP Zabbix-Trapper<br />
10113 TCP UDP NetIQ Endpoint<br />
10114 TCP UDP NetIQ Qcheck<br />
10115 TCP UDP NetIQ Endpoint<br />
10116 TCP UDP NetIQ VoIP Assessor<br />
11371 OpenPGP HTTP key server<br />
12222 UDP Light Weight Access Point Protocol (LWAPP) LWAPP data (RFC 5412)<br />
12223 UDP Light Weight Access Point Protocol (LWAPP) LWAPP control (RFC 5412)<br />
13076 TCP Default for BMC Software Control-M/Enterprise Manager Corba communication, though often changed during installation<br />
13720 TCP UDP Symantec NetBackup—bprd (formerly VERITAS)<br />
13721 TCP UDP Symantec NetBackup—bpdbm (formerly VERITAS)<br />
13724 TCP UDP Symantec Network Utility—vnetd (formerly VERITAS)<br />
13782 TCP UDP Symantec NetBackup—bpcd (formerly VERITAS)<br />
13783 TCP UDP Symantec VOPIED protocol (formerly VERITAS)<br />
13785 TCP UDP Symantec NetBackup Database—nbdb (formerly VERITAS)<br />
13786 TCP UDP Symantec nomdb (formerly VERITAS)<br />
15000 TCP hydap, Hypack Hydrographic Software Packages Data Acquisition<br />
15000 UDP hydap, Hypack Hydrographic Software Packages Data Acquisition<br />
15345 TCP UDP XPilot Contact<br />
17500 TCP Dropbox LanSync Protocol (db-lsp); used to synchronize file catalogs between Dropbox clients on your local network.<br />
17500 UDP Dropbox LanSync Discovery (db-lsp-disc); used to synchronize file catalogs between Dropbox clients on your local network; is transmitted to broadcast addresses.<br />
18104 TCP RAD PDF Service<br />
19283 TCP UDP K2 - KeyAuditor & KeyServer, Sassafras Software Inc. Software Asset Management tools<br />
19315 TCP UDP KeyShadow for K2 - KeyAuditor & KeyServer, Sassafras Software Inc. Software Asset Management tools<br />
19999 DNP - Secure (Distributed Network Protocol - Secure), a secure version of the protocol used in SCADA systems between communicating RTU's and IED's<br />
20000 DNP (Distributed Network Protocol), a protocol used in SCADA systems between communicating RTU's and IED's<br />
22347 TCP UDP WibuKey, WIBU-SYSTEMS AG Software protection system<br />
22350 TCP UDP CodeMeter, WIBU-SYSTEMS AG Software protection system<br />
24465 TCP UDP Tonido Directory Server for Tonido which is a Personal Web App and P2P platform<br />
24554 TCP UDP BINKP, Fidonet mail transfers over TCP/IP<br />
26000 TCP UDP id Software's Quake server<br />
31457 TCP TetriNET<br />
33434 TCP UDP traceroute<br />
40000 TCP UDP SafetyNET p Real-time Industrial Ethernet protocol<br />
43047 TCP TheòsMessenger second port for service TheòsMessenger<br />
43048 TCP TheòsMessenger third port for service TheòsMessenger<br />
47808 TCP UDP BACnet Building Automation and Control Networks (4780810 = BAC016)Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-73693802234444087682010-12-15T00:37:00.000-08:002011-01-02T01:57:23.965-08:00CCIE R&S Lab Equipment and IOS Version1841 series routers - IOS 12.4(T) – Advanced Enterprise Services<br />
3825 series routers - IOS 12.4(T) – Advanced Enterprise Services<br />
Catalyst 3560 Series switches running IOS version 12.2 - Advanced IP ServicesTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-74181932841696279952010-12-13T06:52:00.000-08:002011-01-25T20:55:56.218-08:00common network related dos commandipconfig [/all] [/renew]<br />
arp -a<br />
ftp<br />
nslookup<br />
ping<br />
tracert<br />
telnet<br />
netstat<br />
netstat -ano | findstr " 80"<br />
tasklist | findstar " pid"Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-82214027497547895602010-12-08T21:41:00.001-08:002010-12-08T21:41:38.230-08:00some common cisco commandip name-server xxx.xxx.xxx.xxx<br />
sntp server hk.pool.ntp.org<br />
clear interface virtual-access [number]<br />
logging buffer 51200 debug<br />
clock set 10:50:00 Oct 26 2006<br />
clock timezone HKT 8<br />
service timestamps debug datetime msec localtime<br />
service timestamps log datetime msec localtime<br />
<br />
show process cpu<br />
show process cpu sorted<br />
<br />
sh ip cac flow – show current traffic of specified interface** <br />
sh ip accounting – show accumulated traffic of specified interface**<br />
clear ip flow stats<br />
clear counter [interface]<br />
<br />
show process memory<br />
show process memory sorted<br />
show memory allocating-process totals<br />
show memory summary<br />
show memory statistics<br />
show memory dead<br />
show memory free<br />
show memory bigger<br />
<br />
show buffers<br />
show buffer old<br />
<br />
<br />
router#config t <br />
router(config)#int vlan1 <br />
router(config-if)#ip route-cache flow <br />
OR <br />
router(config-if)#ip accounting (may cause memory low/exhaust, remember to deactivate!) <br />
router(config-if)#^Z <br />
router#sh ip cac flow<br />
<br />
Router#reload in 5<br />
<br />
ip nat translation tcp-timeout 300<br />
ip nat translation udp-timeout 200<br />
ip nat translation max-entries list 2 100<br />
access-list 2 permit 10.1.68.173Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-46451526047860956782010-12-08T21:40:00.001-08:002011-02-21T02:11:53.437-08:00zyxel commandip nat reset [interface]<br />
ip dhcp enif0 stat<br />
ip dhcp enif0 server rele 1<br />
ip arp flush<br />
ip route st<br />
<br />
sys filter netbios disp<br />
sys reboot<br />
sys log disp<br />
<br />
324<br />
ip nat iface wanif0Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-47864410428717676012010-12-07T17:30:00.000-08:002010-12-07T17:54:17.046-08:00common DNS record type<ol><li>A: address record</li>
<li>CNAME: Canonical name record</li>
<li>MX: mail exchange record<table class="wikitable sortable" id="sortable_table_id_0"><tbody>
<tr><td></td><td></td></tr>
</tbody></table></li>
<li>NS: name server record</li>
<li>PTR: pointer record <a class="external mw-magiclink-rfc" href="http://tools.ietf.org/html/rfc1035">RFC 1035</a></li>
<li>TXT (SPF): Sender Policy Framework <a class="external mw-magiclink-rfc" href="http://tools.ietf.org/html/rfc4408">RFC 4408</a></li>
</ol>Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-66442544387858025512010-12-07T06:27:00.000-08:002010-12-09T03:39:31.462-08:00DNS tools: nslookup and dignslookup<br />
<br />
list the query type: set q=any (if want to display all)<br />
change the DNS server: server dns_server_ip<br />
list the zone record: ls -d [domain_name]<br />
check ptr: set type=ptr, then type the ip address you want...<br />
<br />
dig - DNS lookup utility <a href="http://www.blogger.com/post-edit.g?blogID=5063265940189383401&postID=6644254438785802551" name="lbAC"> </a> <br />
<h2>SYNOPSIS</h2><b>dig</b> [ <b>@server</b> ] [ <b>-b </b><i>address</i> ] [ <b>-c </b><i>class</i> ] [ <b>-f </b><i>filename</i> ] [ <b>-k </b><i>filename</i> ] [ <b>-p </b><i>port#</i> ] [ <b>-t </b><i>type</i> ] [ <b>-x </b><i>addr</i> ] [ <b>-y </b><i>name:key</i> ] [ <b>name</b> ] [ <b>type</b> ] [ <b>class</b> ] [ <b>queryopt</b><i>...</i> ] <br />
<b>dig</b> [ <b>-h</b> ] <br />
<b>dig</b> [ <b>global-queryopt</b><i>...</i> ] [ <b>query</b><i>...</i> ]Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-78151067146900829872010-12-06T23:14:00.000-08:002011-02-08T23:11:14.709-08:00case: telnet web port Dec 7 2010Customer report he should not have the certificate on his nas server. but when doing the port checking, found the ssl module is running<br />
P334> ip telnet 192.168.0.55 5000<br />
Resolving 192.168.0.55... Connected to 192.168.0.55<br />
Escape character is '^]'.<br />
exit<br />
<br />
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><br />
<html><head><br />
<title>302 Found</title><br />
</head><body><br />
<h1>Found</h1><br />
<p>The document has moved <a href="http://(null)/webman/index.cgi">here</a>.</p><br />
<hr><br />
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/1.0.0a Server at * Port 5000</address><br />
</body></html><br />
Telnet session with remote host terminated.Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-40098344958161084402010-12-06T19:28:00.000-08:002010-12-07T06:26:33.455-08:00SMTP protocol telnet simulationtelnet smtp.foo.com 25 <br />
S: 220 foo.com Simple Mail Transfer Service Ready<br />
C: EHLO bar.com<br />
S: 250-foo.com greets bar.com<br />
S: 250-8BITMIME<br />
S: 250-SIZE<br />
S: 250-DSN<br />
S: 250 HELP<br />
C: MAIL FROM:<Smith@bar.com><br />
S: 250 OK<br />
C: RCPT TO:<Jones@foo.com><br />
S: 250 OK <br />
C: RCPT TO:<Green@foo.com><br />
S: 550 No such user here<br />
C: RCPT TO:<Brown@foo.com><br />
<br />
S: 250 OK<br />
C: DATA<br />
S: 354 Start mail input; end with <CRLF>.<CRLF><br />
C: Blah blah blah...<br />
C: ...etc. etc. etc.<br />
C: .<br />
S: 250 OK<br />
C: QUIT<br />
S: 221 foo.com Service closing transmission channelTumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0tag:blogger.com,1999:blog-5063265940189383401.post-71334546627219604302010-12-06T19:26:00.001-08:002010-12-07T06:26:52.798-08:00POP3 protocol telnet simulation> telnet pop.xxx.com 110<br />
Trying xxx.xxx.xxx.xxx<br />
Connected to pop.xxx.com.<br />
Escape character is '^]'.<br />
+OK POP3 Ready ospop1 0002002c<br />
user honying@abc.com.hk<br />
+OK USER honying@abc.com.hk set, mate<br />
pass kokogoda<br />
+OK Logged in.<br />
quit<br />
+OK Logging out.<br />
<br />
S: +OK POP3 server ready <1896.697170952@dbc.mtview.ca.us><br />
C: APOP mrose c4c9334bac560ecc979e58001b3e22fb<br />
S: +OK mrose's maildrop has 2 messages (320 octets)<br />
C: STAT<br />
S: +OK 2 320<br />
C: LIST<br />
S: +OK 2 messages (320 octets)<br />
S: 1 120<br />
S: 2 200<br />
S: .<br />
C: RETR 1<br />
S: +OK 120 octets<br />
S: <the POP3 server sends message 1><br />
S: .<br />
C: DELE 1<br />
S: +OK message 1 deleted<br />
C: RETR 2<br />
S: +OK 200 octets<br />
S: <the POP3 server sends message 2><br />
C: QUIT<br />
S: +OK dewey POP3 server signing off (maildrop empty)Tumblerhttp://www.blogger.com/profile/18161853800448106671noreply@blogger.com0