Igor Drobot – Page 63

CCNA Exploration 4 – Module 4

September 26, 2010 by Igor Drobot Leave a Comment

Configure R1 with OSPF simple authentication:

R1(config)#router ospf 1
R1(config-router)#area 0 authentication
 
R1(config-router)#interface S0/0/0
R1(config-if)#ip ospf authentication-key cisco123

1
2
3

R2(config)#interface S0/0/1
R2(config-if)#ip ospf authentication message-digest
R2(config-if)#ip ospf message-digest-key 1 md5 cisco12

Configure Router to support Cisco SDM:

R1# configure terminal
R1(config) # ip http server
R1(config) # ip http secure-server
R1(config) # ip http authentication local
R1(config) # username Student privilege 15 secret cisco
R1(config) # line vty 0 4
R1(config-line) # privilege level 15
R1(config-line) # login local
R1(config-line) # transport input telnet ssh
R1(config-line) # exit

Additional security for VTY:

R1 (config) # line vty 0 4
R1 (config-line) # exec-timeout 3
R1 (config-line) # exit
R1 (config) # service tcp-keepalives in

Additional tricks:

1
2
3

Router (config) # crypto key generate rsa
Router (config) # ip ssh time-out 15
Router (config) # ip ssh authentication-retries 2

Supports incoming telnet and SSH sessions:

R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input telnet ssh
R1 (config-line) # exit

Supports only incoming SSH sessions:

R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input ssh
R1 (config-line) # exit

CCNA Exploration 4 – Module 3

September 26, 2010 by Igor Drobot Leave a Comment

Some correct answers from CCNA-4 Module 3 Exam:

Q: What two methods does Frame Relay technology use to process frames that contain errors?
Frame Relay services depend on the upper layer protocols to handle error recovery.
The receiving device drops any frames that contain errors without notifying the sender.

Q: What consideration must be taken into account if RIP is used on Frame Relay multiaccess networks?
To forward routing updates, address-to-DLCI mapping must be done via the use of the frame-relay map command coupled with the broadcast keyword.

Q: Which best describes the benefit of using Frame Relay as opposed to a leased line or ISDN service?
Customers only pay for the local loop and the bandwidth they purchase from the network provider.

Q: What best describes the use of a data-link connection identifier (DLCI)?
locally significant address used to identify a virtual circuit

Q: What is created between two DTEs in a Frame Relay network?
virtual circuit

Q: Which two items allow the router to map data link layer addresses to network layer addresses in a Frame Relay network?
Inverse ARP
LMI status messages

Q: Which three actions might a Frame Relay switch perform when it detects an excessive build-up of frames in its queue?
drops frames from the queue that have the DE bit set
sets the FECN bit on all frames it receives on the congested link
sets the BECN bit on all frames it places on the congested link

Q: Which statement about Frame Relay subinterfaces is correct?
Point-to-point subinterfaces act like leased lines and eliminate split-horizon routing issues.

SSH trick to improve your system security

September 25, 2010 by Igor Drobot Leave a Comment

This ASCII-art graph represents your host’s public key, which uniquely identifies (or at least, it better damn should uniquely identify!) it. This representation was added mainly because it is way easier to be able to visually record the shape of your most frequently used hosts.

Enable visualization for hostkeys:

1 2	id@acer:~$ cat .ssh/config VisualHostKey yes

id@acer:~$ ssh root@192.168.1.3
Host key fingerprint is b6:dc:cb:ff:33:83:aa:03:56:94:0c:bc:7f:38:cf:b7
+--[ RSA 2048]----+
|     ..o .       |
|      . +        |
|       o         |
|      . .        |
|       oS.       |
|      oo+o.      |
|     . .o=.  .   |
|        ..o.o +  |
|        .o++Eo.+ |
+-----------------+
root@192.168.1.3's password: 
Linux piper 2.6.26-2-xen-686 #1 SMP Mon Jun 21 10:37:05 UTC 2010 i686

Cisco OSPF configuration

September 25, 2010 by Igor Drobot Leave a Comment

The command turns on the OSPF routing protocol with a process id of 1. The network line must be added to tell the router which networks will be participating in OSPF. This command can be expanded to include stub areas and not so stubby areas. That is how Cisco refers to it. You can run multiple processes of OSPF using different process ids.

1 2	router(config)# router ospf 1 router(config-router)# network 10.130.0.0 0.0.255.255 area 130

Debug OSPF:

1 2	show ip ospf neighbor show ip ospf interface

Shutdown batch

September 25, 2010 by Igor Drobot Leave a Comment

If I go via RDP on some windows server or clients, i hate to run CMD and type “shutdown -s” because the is no traditional shutdown button in the start menu.

I wrote this little batch, and I execute it only to shutdown…

1 2	@echo shutdown.exe -s -t 10 -c "Now you have 10 seconds to save your work"