Home Career Library Soft Skills & Communications Research Papers & Projects Computer Science & IT Banking, SSB & Govt. Jobs (Material & Information)

Witshaper is the Professional (Computing Skills, English Learning and Soft Skills) Skill Development Training Center. We provide Professional IT Courses and Soft Skill Training in Dehradun to Students, Employees and organization. Who wish to pursue a career in IT Technology. Witshaper is led by a motivated team of IT experts and Soft Skill Professionals. We provide high quality trainings. Our Emphasis is on giving the practical knowledge to the students, so that they will get to know in depth and never forget what they opt, we provide to the students real learning environment. Witshaper prepares students and professionals to be the part of this growing industry. Be a part of Witshaper and get your dreams successful

Friday 3 July 2015

ssh and telnet (difference )implementation





Telnet
The Telnet protocol is still broadly used but on the other hand it is valuable remembering  that it is not as secure as SSH; therefore in any situation in the real world where security is of major concern at that time SSH should always be used.
Below is the basic primary configuration of the router:
Router>en
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#hostname R1

R1(config)#enable secret cisco

R1(config)#int f0/0
R1(config-if)#ip address 192.168.0.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#ex

R1(config)#line vty 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exec-timeout 30
R1(config-line)#logging synchronous
R1(config-line)#motd-banner
R1(config-line)#exit

R1(config)#do copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
R1(config)#

1) elected to have only a single line (hence the line vty 0); if you want more lines then the command would read something like: line vty 0 4 - this would give me a total of 5 lines (lines 0 through 4).
2) The exec-timeout command just sets the time-out limit on the line from the default to 30 minutes. The shorter time-out can be annoying when configuring several devices at once.
3) The logging synchronous command stops any message output from splitting your typing
 4) the motd-banner forces a banner message to appear when logging in. 

SSH
Configuring SSH is identical to Telnet. The key difference is the generation of the crypto key; the basic line parameters are the same:

Router>en
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#hostname R2

R2(config)#enable secret cisco

R2(config)#int f0/0
R2(config-if)#ip address 192.168.10.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#ex

R2(config)#ip domain-name steve.local

R2(config)#crypto key generate rsa
The name for the keys will be: R2.steve.local
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 512
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]

R2(config)#ip ssh time-out 30

R2(config)#ip ssh authentication-retries 5

R2(config)#line vty 0
R2(config-line)#transport input ssh
R2(config-line)#login
% Login disabled on line 66, until 'password' is set
R2(config-line)#password cisco
R2(config-line)#logging synchronous
R2(config-line)#motd-banner
R2(config-line)#exit

Domain name and  the hostname; these two variables will form the basis of the key generation.therefor these variable are important to form 



after executing 

R2(config)#username steve password tiddles

R2(config)#line vty 0
R2(config-line)#login local
R2(config-line)#exit
Posted by at No comments:

virtual private network implementation




Configuration for tunnel security or VPN 

hostname Left
!
!
!
!
!
!
!
!
crypto isakmp policy 5
encr 3des
authentication pre-share
group 2
lifetime 72000
!
crypto isakmp key cisco address 10.0.0.2
!
!
crypto ipsec transform-set STRONG esp-3des esp-sha-hmac
!
crypto map CISCO 10 ipsec-isakmp
set peer 10.0.0.2
set pfs group2
set transform-set STRONG
match address 101
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
crypto map CISCO
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.0
ip route 192.168.2.0 255.255.255.0 10.0.0.0
!
!
access-list 101 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255
!
!
!
!
!
line con 0
line vty 0 4
login
!
!
!
end

And the Second Configuration :
hostname Right!
!
!
!
!
!
!
!
crypto isakmp policy 5
encr 3des
authentication pre-share
group 2
lifetime 72000
!
crypto isakmp key cisco address 10.0.0.1
!
!
crypto ipsec transform-set STRONG esp-3des esp-sha-hmac
!
crypto map Cisco 10 ipsec-isakmp
set peer 10.0.0.1
set pfs group2
set transform-set STRONG
match address 101
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 10.0.0.2 255.255.255.0
duplex auto
speed auto
crypto map Cisco
!
interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.0
ip route 192.168.0.0 255.255.255.0 10.0.0.0
!
!
access-list 101 permit ip 192.168.2.0 0.0.0.255 192.168.0.0 0.0.0.255
!
!
!
!
!
line con 0
line vty 0 4
login
!
!
!

end
Posted by at No comments:

Thursday 2 July 2015

switch port security configuration implementation





Switch>
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-sec
Switch(config-if)#switchport port-security

Switch(config-if)#switchport port-security mac-address 0001.C70C.0D7D
Switch(config-if)#switchport port-security violation ?
Switch(config-if)#switchport port-security violation shutdown
Posted by at No comments:
Subscribe to: Posts (Atom)