1, protocol and port number
Exterior Gateway Protocol BGP TCP
Email TCP Mail Service
FTP File Transfer Protocol TCP 21 20
TELNET Telnet protocol TCP 23
SMTP Simple Mail Transfer Protocol TCP 25
HTTP Hypertext Transfer Protocol TCP 80
POP2 Post Office Protocol v.2 TCP 109
POP3 Post Office Protocol v.3 TCP 110 by default
IMAP Mail Access interactive TCP 143
HTTPS Secure Hypertext Transfer Protocol TCP 443
DNS DNS Domain Name System protocol UDP 53
TFTP Trivial File Transfer Protocol UDP 69
DHCP Dynamic Host Configuration Protocol UDP 68 67 Request reply
SNMP SNMP UDP 162
RIP Routing Information Protocol UDP 520
2, part of the command
After entering the command vty Cisco router configuration mode prompt: Router (config-line) #
Cisco router global configuration mode:
Router (config) # access-list <access_list_num> <deny / permit> <ip_addr> <wildcard_mask> (inverted subnet mask) log
Configuring application interface:
Router (config) #interface <Interface name>
Router (config-if)#ip access-group <access-list_num><in/out>
Cisco router command to check the routing table is show ip route
Loopback interfaces for network management, network administrator for the loopback interface is assigned an IP address as the management address, a subnet mask of 255.255.255.255
In global configuration mode, the ip route command to configure static routes: ip route <destination network address> <subnet mask> <IP address of the next hop router>
Default static routing configuration is: ip route 0.0.0.0 0.0.0.0 <next hop router ip address>
TCP three-way handshake process, the second handshake ack value should be equal to the first handshake seq value plus 1, third handshake ack value should be the second handshake seq value plus 1
3, commonly used in professional terms
discover(1) offer(2) request(3) ack(5) release 释放
physical physical hardware gateway hardware gateway
The domain name length (6)
Relay Agent relay agent (see hops value is not 0)
requesting a specific request specific ip address ip address
protocol协议6(tcp)0800(ip) 1(icmp)8(echo)0(request)
syn packet flags = 02
Customer self-assigned client currently
Objective destination mac (ffffffffffff)
source source mac server ip address server address
dhcp enable应答yes or no
4, commonly used windows command
dns nslookup testing services
ipconfig / flushdns to clear dns cache all the information release release renew to obtain
ipconfig display tcp / ip network configuration
tracert path, you can test the domain name to IP address resolution function
arp: address resolution protocol to obtain a physical address of the TCP / IP protocol
nbstat display based on local and remote tcp / ip netbios of statistics and connection information
netstat displays active tcp connection, frame listening ports, Ethernet statistics
pathping path connectivity dns
route ip routing table entries
Route: for displaying the local IP routing table entries and modifications (host can modify the default gateway)
Internal and external static fixed address mapping, static address
Static: Configure a public IP address of a server within the network
conduit lower security interface to a high security interface
Netstat: displays network connections, routing tables and network interface information (TCP connections, listening ports, Ethernet statistical information, IP and IP routing table statistics)
Ping: used to check whether the network can communicate, determine the fault analysis
Nbtstat: statistics and connection information display local and remote computer-based TCP / IP NetBIOS as
Ipconfig: Displays the current TCP / IP network configuration
Nslookup: Query Internet domain name information or tools to diagnose DNS server issues for
Pathping combines ping and tracert function
Net view: a list of shared resources on the domain list, computer list or specific computer for display
Netflow: A data exchange
nat and global shared network connected to the Internet with nat
Nat: The figure network access to Internet, a series of special equipment must be some function
fixup protocol ftp server outside network to provide services
DHCP:Boot record type = 2(reply)
Nbtstat-r lists names resolved by broadcast and wings
Netstat-r routing table contents display
Net view displays a list of shared resources on the domain list, computer list or specific computer
Snmp: Using third-party software to monitor the status of the router must support the protocol
5, error-prone part of the knowledge
Standard Access Control Lists 0-99 can only check the source address 1300-1999
Extended Access Control Lists 100-199 check source and destination addresses, filtered ip icmp tcp 2000-2699
dns server parameters: forward-reverse resource record (a mx cname) transponder (the local switch)
ftp server parameters: Domain Users group server
dhcp excluded: Multi - starting ip, ip end single - start ip
smtp to send mail
Anti-virus tool is arranged to the entrance, utm export
snmp trap does not return the confirmation message
Attached to the host to detect vulnerabilities on a host system scanner system layer
flash naram ram rom
bgp update news update establish open keeplive keep alive
Vtp operating modes: Transparent (independent) server client (client to learn from server)
The client must support snmp monitor routing protocol
Switcher operate in a data link layer; three switches and routers operate at the network layer, a monitoring function is obtained only port traffic between the port and the other ports. All work in the physical layer hub nodes connected to a shared hub of a collision domain, when a data transmission node, all nodes are able to receive, to capture all the traffic to the communication port in a window.
The method of acquiring network traffic, the error is in series with a switch network link
Paving the way buildings cabling subsystem used for the cable to protect the most unfavorable way: Buried wiring ; the best way is: underground pipe routing
ICMP belong to seal ban extended access control command, the range is 100-199,2000-2699
See Table switch address to the destination MAC address column, the second column is the address type, VLAN number is the third column, the fourth column is the number of the switch port corresponding to the MAC address, VLAN without the column is omitted.
IEEE802.11b IEEE802.11a IEEE802.11g (work ISM)
Maximum data transfer 11Mbps 54Mbps 54Mbps
The actual throughput 5-7Mbps 28-31Mbps 28-31Mbps / 10-12Mbps
The maximum capacity of 33Mbps 432Mbps 162Mbps
IEEE802.11b using the 2.4Ghz band open, no need to apply can be used directly.
= Wireless access point wireless AP, a set of wireless or wired terminal, acts like hubs and switches, to 802.11 CSMA / CD has been adjusted, the new protocol CSMA / CA or the DCF, without using CSMA / CD a.
A wireless router, wireless local area network for establishing a small (with nat function), is AP (Access Point) routing function having infinite
Wireless bridge for connecting several different segments, to achieve a more long-distance wireless data communication (two teaching building campus)
Wireless network card, a computer has two point to point communications of a wireless, wireless local area network consisting of a minimum
DHCP discover: trying to find a network DHCP server to obtain an IP address from the DHCP server; but the DHCP client has no IP address, can only send messages broadcast by the way; it is the source IP address of 0.0.0.0
DHCP offer: DHCP server receives a Discover, the DHCP broadcast network the offer; including IP addresses and configuration information supplied DHCP client, the source address is the address of the DHCP server
DHCP request: client receives the DHCP offer message, receives the relevant parameters, provides an IP address to the DHCP server requests through the request
DHCP ack: The IP address assigned to the DHCP client
ROM: permanent preservation of the boot diagnostics router boot loader and operating system software
Flash: operating system image storage router software currently in use, and some microcode
RAM: During router operating system, stored routing tables, fast switching cache, caching the ARP
NVRAM: startup configuration file storage or backup configuration files
To omit the port state transition waiting time and improve the convergence speed, using: Backbonefast Function
Uplinkfast configured for providing spanning tree convergence speed; portfast spanning tree configuration to accelerate the terminal station proceeds to the forwarding state
A three export platform: network platform, business platform, management platform and broadband export city
Detailed analysis of network requirements include: Network aggregate demand analysis, demand analysis of integrated wiring, network availability and reliability analysis, network security analysis and project cost estimate
Optical Ethernet is ATM cell based data transmission, not in units of cells transmit data, using ATM network data transmission units of cells
For the switch management address has not been configured, the configuration should console
In the management area subsystem change, add, swap, extension cable for cable routing. Not in the work area subsystem
Router performance indicators do not include the maximum number of stackable
Band Management: the use of traditional telecommunications networks
Band management: using the SNMP protocol to establish a network management system, using the IP protocol for network management
Convergence layer functions:
An aggregation packet data transmission, the forwarding exchange
2 for local routing, filtering, traffic balancing, QoS priority management and security control, IP addresses conversion, traffic shaping process
3 user traffic is forwarded to a core switching layer routing or processed locally
MAN core switching layer functions
1 connects a plurality of aggregation layers, to provide high-speed packet forwarding network aggregation layer, the entire metropolitan area to provide high-speed, QoS guarantee safety with the ability to transfer data environment
Internet 2 backbone network implementation and provide broadband IP exports cities
3 provides broadband metropolitan area network users to access Internet routing services needed
Cisco mode:
Global configuration: global configuration mode.
Privilege exec: privileged mode, enter the enable input
Rxboot: Maintenance Mode, enter the password recovery lost password
Setup: setting mode, when entering a factory-fresh router through the console port, without any configuration will enter
Each virtual server called a domain, the domain is identified by a unique IP address and port
When configuring a Cisco router via remote dial-up, you should use the AUX interface
About DHCP server:
When a new reservation is required to enter: IP address and MAC address, subnet mask, no;
Type is not supported by the ARP;
You need to add excluded when you add excluded starting IP address and ending IP addresses do not need to obtain the MAC address of the client
Retention, renewal before the expiration of the client needs to be renewed, by the client automatically
DHCP server scope configuration scoped IP address range, scope name, reserved, excluded. No DHCP server address;
Users can access the site's default document by accessing www server's IP address mode;
DHCP server, the IP address of the scope is too full continuous range on the network is not responsible for the allocation of IP addresses;
A scope is the full consecutive range of network IP addresses are not responsible for IP address assignment;
After activating scopes, DHCP server to assign addresses to clients, it must be added after the New Scope retain and exclude only after the client address allocation is wrong;
About Cisco Aironet 1100 Access Point:
The wireless access point is the default IP address 10.0.0.1, and as a small DHCP server;
The PC, into the coverage of the wireless access point, the configuration is not configured for the SSID or SSID Tsunami, configure the access point with a wireless manner;
Configuring the first wireless access point, typically using a local configuration;
Broadcast SSID in Beacon is yes value indicates the device is not specified SSID of the access point, No and vice versa;
Broadcast SSID in Beacon: enable the device but does not specify the access point SSID
Configuration Server Protocol: Static IP that DHCP server manually assign an IP address; DHCP option means to automatically assign IP addresses from the network DHCP server
IP Address: Set or change the IP address of the access point
Radio Service Set ID (SSID): Enter the administrator of the SSID, a unique SSID client device identifier for the access point, configuration data of an input to be selected SSID.
Cisco Aironet 1100 Series access points can not play the role of the wireless router
Wireless access points implement CSMA / CA MAC algorithm
The series power supply Aironet 1100 Access Point using a line to connect the access point to the network access line power exchange panel; Ethernet local power supply is connected, the input and output terminals of the power module to the access point marked with a 48VDC power supply interface.
Enter the case-sensitive password Cisco
In the browser address bar enter the IP address of the wireless access points, network password dialog box appears
In summary status page, click on the express setup to enter the fast configuration page, enter the appropriate configuration data in the columns
About Serv-U FTP server:
ftp server domain name can be arbitrary;
User server includes anonymous users and user names, both types of users must be added manually by an administrator;
Access the FTP server in addition to special clients can also use the browser;
When you add a user named anonymous, the system will automatically for anonymous users
Anonymous user anonymous is not automatically added by the server;
Enter the domain name when creating a new domain can be qualified domain name can be any other description
The server may construct a plurality of virtual server identified by the IP address and port number;
If the anonymous user is added, the system does not require a password;
Directory Security tab, you can choose to configure authentication and access authentication, IP address and domain name verification, secure communications are three ways;
Serv-UFTP conventional server option does not contain the user's home directory;
After scoping activated, the server can assign addresses to clients;
No administrator password by default ftp services
Serv-U FTP server for each virtual server identified by the IP address and port number
Server option can not provide IP access options
Serv-U FTP add new user registration and operation must be performed by an administrator; "an IP address configuration server, the server if multiple IP addresses to be added separately," the statement is wrong
Serv-U user name limits the option to upload information storage space is occupied by the user quota option.
The main parameters of the FTP server configuration as follows:
- Server option: You can set the maximum upload speed and download speed, maximum number of users, check the anonymous user password. Delete some files have been uploaded, go-ahead scheduling is disabled and interception ftp_bonce attacks. IP does not provide access options
- Domain option: a plurality of virtual servers can be built, each virtual server is called a domain, the IP address and port number uniquely identifies the field; general options options including domain, the domain option is the virtual path, IP domain access options, message options domain, the domain record option and domain upload and download rate option.
- User options: options include user accounts, user directory access options, user options and user quota IP options
- Set of options: including account options, directory access options and IP access options.
Serv-U FTP server can set a fixed IP address, or may not specify an IP address, a dynamic IP address, the server may construct a plurality of virtual servers by the IP address and port number identification.
You need to add the Serv-U FTP server to create a complete user, can be accessed by the client, the user name including anonymous users and named users, if you add the anonymous user, the system will not require a password.
Control connection is established by the client, the server default port is 21; the data connection is established by the server, the server default port is 20.
FTP can be transmitted using any type of file. Not allow users to register a new user-in FTP server.
Control connection is provided by a user in an FTP server, not by the initiative to establish the FTP server.
About winmail mail server:
Winmail can set up a mail server whether to allow users the option to register a new domain name itself is set;
Can be set up to build virtual mail server is a domain name settings;
Winmail Server Quick Setup Wizard, enter the new user information, including user name, domain name and user password. You can not set an administrator password;
Delivery between mail servers using SMTP e-mail, e-mail server using the SMTP protocol to send mail to the mail server, using the POP3 or IMAP4 server reads the mail from the mailbox;
Users use the browser to view the e-mail will use the HTTP protocol
Winmail Server system setting function: SMTP, mail filtering, change administrator passwords;
Winmail Server, the guide is provided in the quick setting whether to allow a new user-set and the like;
When Winmail create a user, you need to enter the information there (domain name, user name) = Mailbox name, password; does not include user IP addresses;
Winmail Server allows users to use Outlook to create the established e-mail account on the server, but does not support user registration for new mail using Outlook itself
Setting options Winmail Server management tools provided does not include e-mail management
Enter the user information Winmail Quick Setup Wizard to create a new user (user name domain user password) system automatically creates a domain named xx, you can choose whether to allow customers to register a new mailbox by winmail
In the system settings, system parameters can be the mail server settings, including SMTP, mail filtering, change the administrator password and other projects.
In the domain name settings, you can add a new domain for building virtual mail server, delete the existing domain, you can also modify the parameter field.
About the website www server:
Site identification includes: the website description, host header name, IP address, non-standard TCP port numbers,
Multiple sites distinguished by identifier, which includes a host header name, IP identification and non-standard TCP port numbers.
Site options can be set: site identification, site connection timeout, enable logging
www service configuration Performance tab settings does not affect the timeout, timeout set by the site options
Configuring the Directory Security tab, you can choose to configure authentication and access control, IP address and domain name restrictions, secure three methods of communication. Directory Security options to configure the home directory access permissions are wrong!
Users can access the default Web site to access documents through the website WWW server's IP address
Set the connection limit on the number of sites in terms of performance options, not in the website option in
About network attacks:
Based on the fundamental recognition of the network intrusion detection system abnormality detector used include statistical sense, pattern matching, or frequency threshold value, a correlation event, not comprising: Promiscuous Mode
Common network antivirus system is composed of System Center, client, server and management console composition
HIPS call to block attacks by monitoring the core system, AIPS arranged at the front end of the application server
WSUS can not serve as security assessment, Wireshark does not support SNMP
ISS actively using non-destructive scanning system safety assessment; passive scanning mode the IDS
(Intrusion Detection System) IDS intrusion detection system; a passive scanning; deploy probes in the link greatest impact on network performance
Vulnerability scanning is divided into active and passive, passive scanning works like IDS, active scanning is similar to the invasion, may affect the normal operation of the network system.
About STP:
Spanning Tree Protocol (STP) and the switch bridge device runs above, is not running on the router
Backbonefast features: in order to save the port state transition waiting time and improve the convergence speed;
Uplinkfast configured for providing spanning tree convergence rate, speed up the convergence of a direct link failure occurs;
Portfast spanning tree configuration for the terminal to speed up the work, go directly from the blocking state to the forwarding state, can not be connected to hubs, switches, bridges, and other equipment;
Automatically increase the host pointer record lookup in the forward region, the region can be increased reverse lookup host record pointer hand.
Router cache is full, only the discarded packet, ICMP type packet sent by the router to the source node is not suppressed.
About SNMP:
Snmp-server view to create or modify SNMP visual threshold
Snmp-server community to create or modify the SNMP Community Access Control
snmp agent Snmp-server enable traps for the configuration of the router has a function of notifying
Snmp trap link-status: an interface connecting or disconnecting the transmitting station issues a notification
Snmp-server trap link-status is used in an interface configuration mode, to specify the port when connecting or disconnecting the station would like to notify
When the management station needs to queries on the issue of community character and GetResponsePDU message to an agent
Need to receive a message sent by the management station when performing notification operation using proxy inform the way
SNMP operations have get, set, notification
SNMP (SNMP) role: provide real-time monitoring of bandwidth measurement, routing CPU load and other performance indicators, as well as statistical historical data.
SNMP trap defined six general situation: cold start, warm start, link failure, etc., when this happens, the agency issued a 'community name' and contains the message TrapPDU to a management station.
About VLAN:
VLAN ID is represented by 12 bit
Vlan ID 1-1005 standard range, extended range 1025-4096
vlan id can be used for Ethernet 1-1000
Ethernet VLAN ID in the VLAN ID is the standard range of 2-1000;
Vlan operating in the second layer OSI: data link layer
VLAN name expressed by 32 characters, letters or numbers may be