MANUAL DE USUARIO

Tips para manejo de Servidores, Mail Server, DNS, switches y router.

CORREO
Crear un correo electronic [root@smtp ~]# cd /var/spool/mail/ [root@smtp mail]# adduser nombrecorreo

Colocar passw al correo electronic [root@smtp ~]# cd /var/spool/mail/ [root@smtp mail]# passwd nombrecorreo

Activar correo, cuando la cuenta ha sido creada [root@smtp mail]# mail -i ecambisaca Crear cuenta de correo useradd -g 100 -c "Nombres y Apellidos" username passwd username Con eso se crea la cuenta en el servidor y se le pone una clave Luego cuando le llegue el primer correo automaticamente se crea el archivo en el /var/spool/mail Crear cuentas de correo con . u carcter especial [root@mail mail]# vi /etc/passwd [root@mail mail]# vi /etc/shadow [root@mail mail]# vi /etc/group

Agregar un usuario en el alias ejm: noc, instalaciones, reportesiac [root@cue ~]# vi /etc/aliases Modifico el archivo y para reinarlo [root@cue ~]# newaliases

Para agregar a alquien en el noc [root@cue ~]# vi /opt/noc

Juan Andres Alvarez B, Ing

 Revisar mail si son enviados: en /var/log archivo maillog grep "from=<azogues@fidasa.fin.ec>" maillog Luego revisar el ID archive ejm: grep o4DGhAxL026013 maillog Revisar espacio por carpetas eje: var/ spool/ etc/ root/ cd /home/ du *

Revisar LOG en Linux tail -f /var/log/messages

Revisar log MAIL tail -f /var/log/maillog

Borrar un carpeta por complete [root@servernaf home]# rm -Rf naf [root@servernaf home]# ls Para borrar todos los correos [root@cue mail]# >sinca

Borrar una cuenta de correo [root@smtp ~]# cd /var/spool/mail/ [root@smtp mail]# userdel -r harias

Borrar correos [root@smtp mail]# mail -f nmerchan Mail version 8.1 6/6/93. Type ? for help. "nmerchan": 3 messages > 1 root@smtp.cue.telcon Tue Jan 19 13:31 21/932 "a" 2 root@smtp.cue.telcon Tue Jan 19 13:32 22/918 "prueba" 3 jalvarezb@cue.telcon Tue Jan 19 13:32 360/14515 "RE: prueba" & d1 & d2
Juan Andres Alvarez B, Ing

& d3 &q "nmerchan" removed

Borrar history [root@smtp mail]# history -c

Para ver los correos [root@cue ~]# cd /var/spool/mail [root@cue mail]# mail -f harias

Ver versiones de Sistemas Operativos

head -n1 /etc/issue mdkdiablo:~# cat /proc/cpuinfo este es para ver la version del centos lsb_release -a

Dar permiso para una IP en correo [root@smtp ~]# vi /etc/mail/relay-domains 200.93.223 200.93.222 201.218.4 200.110.69 200.110.89 200.110.77 200.93.195.81 200.93.192.214 192.168.48.2 192.168.48.15 190.95.186 190.95.252 201.218.2.14 200.110.77 cue.telconet.net RELAY ucuenca.edu.ec RELAY correo.ucuenca.edu.ec RELAY vazcorpsf.com RELAY
Juan Andres Alvarez B, Ing

cedia.org.ec RELAY ~ ~ ~ ~ ~ "/etc/mail/relay-domains" 19L, 286C written You have new mail in /var/spool/mail/root [root@smtp ~]# service sendmail restart Desactivacin de sm-client: [ OK ] Apagando sendmail: [ OK ] Iniciando sendmail: [ OK ] Inicio de sm-client: [ OK ] [root@smtp ~]# vi /etc/mail/relay-doma

Versiones de los outlook En el archivo local.cf los scores a 2 tests los 2 primeros /etc/mail/spamassassin score DOS_OE_TO_MX 1.0 score DOS_OUTLOOK_TO_MX 1.0 score HTML_IMAGE_ONLY_12 1.0

BORRAR LA BASE DE DATOS DEL ANTIVIRUS MAIL SERVER Borrar la BD de antivirus estan en /var/lib/clamav y luego de borrar se hace un freshclam para bajarlas de nuevo. daily.cld main.cvd mirrors.dat Se borra todos

Juan Andres Alvarez B, Ing

ROUTER
Permisos varios en un CISCO level level level level level level level level level level 7 traceroute 7 ping 7 show version 7 show logging 7 show interfaces description 7 show interfaces 7 show startup-config 7 show 7 clear counters 7 clear

privilege exec privilege exec privilege exec privilege exec privilege exec privilege exec privilege exec privilege exec privilege exec privilege exec !

Configurar log en un cisco service timestamps debug datetime localtime service timestamps log datetime localtime service sequence-numbers logging buffered 8192 debugging no logging console clock timezone ECT -5 sntp server 200.93.192.169 ip route 200.93.192.169 255.255.255.255 192.168.36.1 name monitoreo_GYE

Create vlan router cisco 1811

etvmall-cue#vl etvmall-cue#vlan da etvmall-cue#vlan database ? <cr> etvmall-cue#vlan database etvmall-cue(vlan)#vl etvmall-cue(vlan)#vlan 3 VLAN 3 added: Name: VLAN0003 etvmall-cue(vlan)#^Z etvmall-cue(vlan)#^Z etvmall-cue(vlan)#^Z etvmall-cue(vlan)#exit
Juan Andres Alvarez B, Ing

Configurar DHCP router

ip dhcp pool LAN network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 domain-name uio.telconet.net dns-server 200.93.216.2 200.93.216.50

ip ip ip ip

dhcp dhcp dhcp dhcp

excluded-address 172.16.11.1 176.16.11.19 excluded-address 172.16.3.1 172.16.3.20 excluded-address 192.168.247.158 excluded-address 192.168.247.176

habilitar DCP service dhcp sh ip dhcp binding Revisar trafico output-packets

interface Ethernet0/1 description LAN TELCONET ip address 192.168.1.8 255.255.255.0 secondary ip address 190.95.225.65 255.255.255.240 no ip redirects no ip proxy-arp ip accounting output-packets ip nat inside load-interval 30 half-duplex UnitaTarqui#sh ip accounting output-packetsb

Bloquear ping en un cisco

access-list 101 deny icmp any any. As bloquea todos los mensajes icmp (incluido ping), si quiere bloquear solo las solicitudes ada la final la palbra echo, y apliquela de entrada en la interfaz.
Juan Andres Alvarez B, Ing

Revisar historic del procesador CISCO

sh processes cpu history

Romper la clave de un Router

1 - Apagar el equipo y encenderlo 2 - Ni bien lo enciende, presione la tecla Ctrl + Pausa (intermitentemente la 2da tecla) con esto ingresa a modo rommon, lo sabe x q solo vera el prompt ">" 3 - Escribes: confreg 0x2142 4 - reset Luego de esto se reinica... con esto lo q hace es bypassear q le pida contrasea, si quisiera recuperar la configuracion anterior y cambiar el passwd tendria q hacer un "copy start run", luego cambiar el passwd si desea borrar la configuracion tonces dele un "wr" 5 - Volver a cambiar el registro de configuracion al predeterminado Router(config)#config-register 0x2102 Si no hace esto ultimo nunca se le cargara la configuracion grabada

Borrar coliciones easa-cristal#clear counters

Verificar IOS, si se actualiza o no #sh verion 2 Ethernet/IEEE 802.3 interface(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Se debe colocar el IOS new c2600-i-mz.123-16.bin

Crear control de BW en un cisco class-map match-all BW match any policy-map BWTOTAL class BW police cir 2048000 bc 204800 be 204800 exceed-action drop service-policy input BWTOTAL service-policy output BWTOTAL
Juan Andres Alvarez B, Ing

Levantar un interfa de un router cuando no esta conectado nada en el red interna eth0/1 mutualitarenalcue(config)#interface loopback 0 mutualitarenalcue(config-if)#ip add mutualitarenalcue(config-if)#ip address 192.168.4.20 255.255.255.0 Levantar la interfaz en router que Soporte el commando PVintimillaMks#conf terminal Enter configuration commands, one per line. End with CNTL/Z. PVintimillaMks(config)#int fas0/1 PVintimillaMks(config-if)#no k PVintimillaMks(config-if)#no keepalive Cuando no hay flash configurado rommon 3 > set PS1=rommon ! > IP_ADDRESS: 192.168.34.105 IP_SUBNET_MASK: 255.255.254.0 DEFAULT_GATEWAY=192.168.34.1 TFTP_SERVER=192.168.34.1 TFTP_FILE=c2600-telco-mz.123-20.bin rommon 8 >tftpdnld RECOMENDACIONES Poner a la PC la IP del DEFAULT_GATEWAY que debe ser igual a la del TFTP_SERVER Levantar el FTP en la PC Solo se debe colocar le nombre del archivo, sin ips ni nada delante del nombre Se debe conectar en la e0

BW Control por redes o priorizar class-map match-all DATOS-RESTO match access-group 122 class-map match-all VOZ1 match access-group 120 policy-map TOTAL class VOZ1 police cir 200000 bc 20000 be 20000 exceed-action drop class VOZ2
Juan Andres Alvarez B, Ing

police cir 200000 bc 20000 be 20000 exceed-action drop class DATOS-RESTO police cir 724000 bc 72400 be 72400 exceed-action drop access-list access-list access-list access-list access-list access-list 120 remark VOZ1 120 permit ip any host 192.168.0.21 120 permit ip host 192.168.0.21 any 122 remark DATOS-RESTO 122 permit ip any 192.168.0.0 0.0.0.255 122 permit ip 192.168.0.0 0.0.0.255 any

Cambiar el tiempo de actualizacion en las interfaces Mega-Virtualtel-AirCue-Aerop#conf terminal Enter configuration commands, one per line. End with CNTL/Z. Mega-Virtualtel-AirCu(config)#int fas Mega-Virtualtel-AirCu(config)#int e Mega-Virtualtel-AirCu(config)#int ethernet 0/0 Mega-Virtualtel-Ai(config-if)#load-interval 30

Buscar rutas en router sh run | b 192.168.201.206 tunnel source 192.168.201.205 sh run | i 172.16 Cargar desde 0 el IOS de un cisco

http://www.cisco.com/en/US/products/hw/routers/ps259/products_tech_note09186 a008015bfac.shtml

Xmodem Console Download Procedure Using ROMmon Downloads Xmodem Console Download Procedure Using ROMmon

Document ID: 15085 Contents Introduction

Juan Andres Alvarez B, Ing

Prerequisites Requirements Components Used Conventions Overview Usage Examples Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 1603 Router Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 2620 Router Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 3600 Router Cisco Support Community - Featured Conversations Related Information Introduction This document explains how to use the xmodem command at the console to download Cisco IOS software using the ROM monitor (ROMmon). Prerequisites Requirements There are no specific requirements for this document. Components Used The information in this document is based on these software and hardware versions: Cisco 827, 1600, 1700, 2600, 3600, and 3700 Series Routers Cisco AS5200, AS5300, AS5350, and AS5400 Universal Access Servers Note: Xmodem can also be used on certain Catalyst switches. The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions Refer to Cisco Technical Tips Conventions for more information on document conventions. Overview Xmodem can be used on a group of routers (see Components Used) and is used in disaster recovery situations where the router has no valid Cisco IOS software or
Juan Andres Alvarez B, Ing

bootflash image to boot from and hence, only boots up in ROMmon. This procedure can also be used where there are no Trivial File Transfer Protocol (TFTP) servers or network connections, and a direct PC connection (or through a modem connection) to the router's console is the only viable option. Because this procedure relies on the console speed of the router and the serial port of the PC, it can take a long time to download an image. For example, downloading Cisco IOS Software Release 12.1(16) IP Plus image to a Cisco 1600 Series Router using a speed of 38400 bps takes approximately 25 minutes. Usage Here is the command syntax for xmodem as per the Command Reference Manual for Cisco IOS version 12.2. xmodem [-c] [-y] [-e] [-f] [-r] [-x] [-s data-rate] This table describes the command syntax for the xmodem command. syntax Description -c (Optional) CRC-16 checksumming, which is more sophisticated and thorough than standard checksumming. -y (Optional) Uses the Ymodem protocol for higher throughput. -e (Optional) Erases the first partition in Flash memory before starting the download. This option is only valid for the Cisco 1600 series. -f (Optional) Erases all Flash memory before starting the download. This option is only valid for the Cisco 1600 series routers. -r (Optional) Downloads the file to DRAM. The default is Flash memory. -x (Optional) Does not execute the Cisco IOS software image on completion of the download. -s data-rate (Optional) Sets the console port's data rate during file transfer. Values are 1200, 2400, 4800, 9600, 19200, 38400, and 115200 bps. The default rate is specified in the configuration register. This option is only valid for the Cisco 1600 series routers.
Juan Andres Alvarez B, Ing

filename (Optional) Filename to copy. This argument is ignored when the -r keyword is specified since only one file can be copied to DRAM. On the Cisco 1600 series routers, files are loaded to the ROMmon for execution.

Note: xmodem options e, f, and s are only supported on the Cisco 1600 Series Routers. In order to find out the syntax and available options to use with the xmodem command, enter xmodem -? at the ROMmon prompt. Here is an example of the xmodem command issued on a Cisco 1603 Router: rommon 9 >xmodem -? usage: xmodem [-cyrxefs]<destination filename> -c CRC-16 -y ymodem-batch protocol -r copy image to dram for launch -x do not launch on download completion -f Perform full erase of flash -e Perform erase of first flash partition -s<speed>Set speed of Download, where speed may be 1200|2400|4800|9600|19200|38400|115200 Here is an example of the xmodem command issued on a Cisco 2620 Router: rommon 1 >xmodem -? xmodem: illegal option -- ? usage: xmodem [-cyrx] <destination filename> -c CRC-16 -y ymodem-batch protocol -r copy image to dram for launch -x do not launch on download completion Examples rommon 12 > xmodem -cfs115200 c1600-sy-mz.121-16.bin rommon 2 > xmodem -c c2600-is-mz.122-10a.bin Notes: The xmodem transfer only works on the console port. You can only download files to the router. You cannot use xmodem to get files from the router. It is also important to note that the -sdata-rate option is only available on the Cisco 1600 Series Routers and was implemented to overcome the console baud rate limitation of 9600 bps. If you specify -sdata-rate of 115200 bps for example, you can increase the download rate and hence, reduce download time. Other Cisco routers
Juan Andres Alvarez B, Ing

support console speeds up to 115200 bps. Therefore, the -sdata-rate option is not required. Ensure that the PC serial port is using a 16550 universal asynchronous transmitter/receiver (UART) if you are downloading a Cisco IOS software image through the router's console speed at 115200. If the PC serial port is not using a 16550 UART, it is recommended that you use a speed of 38,400 or lower. Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 1603 Router Use this xmodem procedure in order to download a Cisco IOS software image onto a Cisco 1603 Router. Launch a terminal emulator program. In this example, configure Windows HyperTerminal for 8-N-1 at 9600 bps and connect your PC's serial port to the console port of the router. Once connected, you need to get into the ROMmon prompt (rommon 1>). Typically, if the router's Cisco IOS software image and bootflash image are both corrupt, the router only comes up in ROMmon mode. If the former is not true and you need to get into the ROMmon prompt, you need to change the configuration register (typically 0x2102 as given by show version) to 0x0: 1600#configure term Enter configuration commands, one per line. End with CNTL/Z. 1600(config)#configure 1600(config)#config-register 0x0 1600(config)#^Z 1600# 00:22:06: %SYS-5-CONFIG_I: Configured from console by console 1600#reload System configuration has been modified. Save? [yes/no]: n Proceed with reload? [confirm] 00:22:16: %SYS-5-RELOAD: Reload requested System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. Simm with parity detected, ignoring onboard DRAM C1600 platform with 16384 Kbytes of main memory rommon 1 > From the ROMmon prompt, issue the xmodem command. However, before you issue the xmodem command, ensure that you have the new Cisco IOS software image on your PC.

Juan Andres Alvarez B, Ing

In this example, all Flash memory is erased before downloading using the f option (only on the Cisco 1600 Series ). Perform a CRC-16 checksum using the c option and using a download speed of 115200 bps (only on the Cisco 1600 Series ) by specifying s115200: rommon 12 >xmodem -cfs115200 c1600-sy-mz.121-16.bin Do not start the sending program yet... Note: If the console port is attached to a modem, both the console port and the modem must be operating at the same baud rate. Use console speed 115200 bps for download [confirm] File size Checksum File name 1957444 bytes (0x1dde44) 0xe345 c1600-y-mz.113-9.T Erasing flash at 0x83f0000 no partition 2 on device: PCMCIA slot 1 Ready to receive file c1600-sy-mz.121-16.bin ... Download will be performed at 115200. make sure your terminal emulator is set to this speed before sending file. Warning: All existing files in the partition displayed and files in any other partitions on this device will be lost! Continue ? press 'y' for yes, 'n' for no:y Configure the terminal emulator program for a data rate of 115200 bps to match the xmodem speed specified above. This is done by closing the previous terminal session of 9600 bps and opening a new one at 115200 with 8-N-1. The trick here is that the Cisco 1603 only supports a maximum baud rate of 9600 bps. Therefore, when connecting at 115200 bps, you cannot see the router prompt. This is an important point to remember. Once connected to the router at 115200 bps, select Transfer and Send File from the HyperTerminal menu bar.

Specify the image file name and location and enter xmodem as the protocol.

Click on Send to start the transfer.

This message is received when the transfer is complete: Download Complete!

Juan Andres Alvarez B, Ing

Returning console speed to 9600 Please reset your terminal emulator to this speed... Per the message above, you need to exit your 115200 bps HyperTerminal session and restart a new one at 9600 bps. Once connected, the router's ROMmon prompt appears. Verify that the download was successful by issuing a dir flash:. rommon 9 >dir flash: File size Checksum File name 3686656 bytes (0x384100) 0x1a5e c1600-sy-mz.121-16.bin Change the config register back to 0x2102 and reset or power cycle the router so that the new Cisco IOS software image gets loaded. rommon 10 >confreg 0x2102 You must reset or power cycle for new config to take effect. rommon 11 >reset System Bootstrap, Version 12.0(19981130:173850) [rameshs-120t_lava 114], DEVELOPMENT SOFTWARE Copyright (c) 1994-1998 by cisco Systems, Inc. Simm with parity detected, ignoring onboard DRAM C1600 platform with 16384 Kbytes of main memory program load complete, entry point: 0x4020060, size: 0x15568c %SYS-6-BOOT_MESSAGES: Messages above this line are from the boot loader. program load complete, entry point: 0x2005000, size: 0x3840e0 Self decompressing the image : ######################################## ################

........ Cisco Internetwork Operating System Software IOS (tm) 1600 Software (C1600-SY-M), Version 12.1(16), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Mon 08-Jul-02 17:09 by kellythw Image text-base: 0x02005000, data-base: 0x0275BD48 ....... Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 2620 Router Use this xmodem procedure in order to download a Cisco IOS software image onto a Cisco 2620 Router.
Juan Andres Alvarez B, Ing

Launch a terminal emulator program. This example Windows HyperTerminal is configured for 8-N-1 at 9600 bps. Connect your PC's serial port to the console port of the router. Once connected, get into the ROMmon prompt (rommon 1>). Typically, if the router's Cisco IOS software image and bootflash image are both corrupt, the router only comes up in ROMmon mode. If the former is not true and you need to get into the ROMmon prompt, then you will need to change the configuration register (typically 0x2102 as given by show version) to 0x0 as follows: 2620#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2620(config)#con 2620(config)#conf 2620(config)#config-register 0x0 2620(config)#^Z 2620# 5d03h: %SYS-5-CONFIG_I: Configured from console by console 2620# 2620#reload System configuration has been modified. Save? [yes/no]: n Proceed with reload? [confirm] 5d03h: %SYS-5-RELOAD: Reload requested System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. TAC:Home:SW:IOS:Specials for info C2600 platform with 65536 Kbytes of main memory rommon 1 > Once in ROMmon, change the console baud rate from 9600 bps to 115200 bps to speed up the download time. Use the confreg command and complete the instructions presented on the screen. rommon 1 >confreg Configuration Summary enabled are: break/abort has effect console baud: 9600 boot: the ROM Monitor do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: enable "use net in IP bcast address"? y/n [n]: enable "load rom after netboot fails"? y/n [n]:
Juan Andres Alvarez B, Ing

enable "use all zero broadcast"? y/n [n]: disable "break/abort has effect"? y/n [n]: enable "ignore system config info"? y/n [n]: change console baud rate? y/n [n]: y enter rate: 0 = 9600, 1 = 4800, 2 = 1200, 3 = 2400 4 = 19200, 5 = 38400, 6 = 57600, 7 = 115200 [0]: 7 change the boot characteristics? y/n [n]: Configuration Summary enabled are: break/abort has effect console baud: 115200 boot: the ROM Monitor do you wish to change the configuration? y/n [n]: You must reset or power cycle for new config to take effect. rommon 2 > Once the router boots up in ROMmon, the HyperTerminal sessions start to display illegible characters. You need to exit the current terminal session and start a new one at a data rate of 115200 bps to match the console rate as in step 2. You are now ready to issue the xmodem command. However, before issuing the xmodem command, ensure that you have the new Cisco IOS software image on your PC. rommon 1 > rommon 1 >xmodem -? xmodem: illegal option -- ? usage: xmodem [-cyrx] <destination filename> -c CRC-16 -y ymodem-batch protocol -r copy image to dram for launch -x do not launch on download completion rommon 2 > rommon 2 > rommon 2 > xmodem -c c2600-is-mz.122-10a.bin !--- Note that [-s datarate] is not available here since you are set for 115200 bps. Do not start the sending program yet... File size Checksum File name 9939820 bytes (0x97ab6c) 0x4991 c2600-is-mz.122-7a.bin Warning:
Juan Andres Alvarez B, Ing

All existing data in bootflash will be lost! Invoke this application only for disaster recovery. Do you wish to continue? y/n [n]: y Ready to receive file c2600-is-mz.122-10a.bin ... From the HyperTerminal menu bar, select Transfer > Send and specify the image name/location and xmodem protocol as in steps 3 and 4 and start the transfer.

Once the transfer is complete, these messages appear: Erasing flash at 0x60fc0000 program flash location 0x60990000 Download Complete! Notice how the Flash gets erased towards the end automatically compared to Cisco C1600. Therefore, the reason why the f option is not required here. Finally, ensure that you reset the console speed back to 9600 and change the boot sequence back to default by changing the configuration register back to 0x2102: rommon 12 > confreg 0x2102 You must reset or power cycle for new config to take effect rommon 2 >reset System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. TAC:Home:SW:IOS:Specials for info C2600 platform with 65536 Kbytes of main memory program load complete, entry point: 0x80008000, size: 0x995ec8 Self decompressing the image : ################################ ################################################################## ################################################################## ######################## [OK] ............................ Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IS-M), Version 12.2(10a), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Tue 21-May-02 14:16 by pwade Image text-base: 0x80008088, data-base: 0x810ABB08 cisco 2620 (MPC860) processor (revision 0x100) with 61440K/4096K bytes of memory. Processor board ID JAB03110MUB (3691217154)
Juan Andres Alvarez B, Ing

M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 1 FastEthernet/IEEE 802.3 interface(s) 2 Voice FXS interface(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! ......................... Xmodem Procedure for Downloading a Cisco IOS Software Image onto a Cisco 3600 Router Use this xmodem procedure in order to download a Cisco IOS software image onto a Cisco 3600 Series Router. The standard procedure uses the default console speed of 9600 bits per second. Xmodem is a slow transfer protocol, and the transfer of a file as large as a Cisco IOS software image could take an unacceptably long time. An increase to the console speed on the 3600 router helps decrease the time it takes to do the xmodem file transfer. When in ROMMON mode, complete this procedure using the ROMMON confreg utility. rommon 2 > confreg do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: n enable "use net in IP bcast address"? y/n [n]: n disable "load rom after netboot fails"? y/n [n]: n enable "use all zero broadcast"? y/n [n]: n enable "break/abort has effect"? y/n [n]: n enable "ignore system config info"? y/n [n]: n change console baud rate? y/n [n]: y enter rate: 0 = 9600, 1 = 4800, 2 = 1200, 3 = 2400 4 = 19200, 5 = 38400, 6 = 57600, 7 = 115200 [7]: 7 change the boot characteristics? y/n [n]: y enter to boot: 0 = ROM Monitor 1 = the boot helper image 2-15 = boot system [0]: 0 Configuration Summary enabled are:
Juan Andres Alvarez B, Ing

load rom after netboot fails console baud: 115200 boot: the ROM Monitor do you wish to change the configuration? y/n [n]: n You must reset or power cycle for new config to take effect rommom 2 > reset Open a new hyperterminal with these settings: Bits per second - 115200 Data bits - 8 Parity - None Stop bits - 1 Flow control - Hardware After setting the hyperterminal, you receive a rommon prompt. Enter the xmodem command. Before you enter an xmodem command, there should be a software image residing in your terminal or your local hard drive. rommon 2 > xmodem -c c3640-i-mz.121-7.bin Do not start the sending program yet... File size Checksum File name 4936800 bytes (0x4b5460) 0x2dd7 c3640-i-mz.121-7.bin (bad checksum: 0x13eb)

WARNING: All existing data in flash will be lost! Invoke this application only for disaster recovery. Do you wish to continue? y/n [n]: y Ready to receive file c3640-i-mz.121-7.bin ... After this message appears, you have to download the file using xmodem and this procedure: Go to Hyperterminal and click the Transfer menu. Select Send File. In the dialog box which appears, click on browse and look for the file name on your local hard drive. Under the filename field is the Protocol drop-down box. Choose Xmodem. Click Send to initiate the file transfer.
Juan Andres Alvarez B, Ing

After the transfer completes, the router will reload itself. When the reload completes, press the return key to be taken to a prompt and to reset the configuration register and the console line speed. Router> enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#configure terminal Router(config)#config-register 0x2102 Router(config)#line con 0 Router(config-line)# speed 9600 Upon changing the console speed, you will lose connectivity. Go to your terminal program, change the baud rate to 9600, and reconnect to the router console. Router(config-line)#ctrl z Router #write mem Router #reload Cisco Support Community - Featured Conversations Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers. Below are just some of the most recent and relevant conversations happening right now.

Bloquear paginas en un router

ip access-list extended BLOQUEOPAGINA deny ip any host {la ip que deseas denegar} eq 80 permit ip any any lo aplicas en la entrada en la interfaz privada

Juan Andres Alvarez B, Ing

FIREWARE LINUX
NATEAR OTRA IP nateada en un LINUX [root@daca root]# vi /etc/rc.d/security/rules.daca.aaaab # Enmascaramiento $IPTABLES -t nat -A POSTROUTING -o eth0 -s $LAN_IP_RANGE -j MASQUERADE $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -t nat -A POSTROUTING -o eth0 -s 192.172.0.0/24 -j MASQUERADE Y en [root@daca root]# vi /etc/squid/squid.conf acl localnet src 192.168.0.0/255.255.255.0 acl localnet src 192.172.0.0/255.255.255.0

Verificar errores log squid /var/log/squid/squid.out

Forzar el inicio del squid squid -d5 Eso es para intentar forzar el inicio del squid, mira q mensaje te sale, me ha pasado eso es por que ha habido una linea q no debia estar Es recomendable no usar el squid para los cyber q no manejen restricciones del SQUID. Se para el squid Service squid stop Y se documento en el cd /etc/rc.d/security/ #$IPTABLES -t nat -A PREROUTING -i $LAN_IFACE -s $LAN_IP_RANGE -p tcp port 80 -j REDIRECT --to-port 8080

--dd

Bloquea navegacin en un IAC Desactivar [root@grannet1 ~]# iptables -I FORWARD -p tcp -s 192.168.1.12 -d 0/0 -j DROP [root@grannet1 ~]# iptables -I FORWARD -p udp -s 192.168.1.12 -d 0/0 -j DROP Activar
Juan Andres Alvarez B, Ing

[root@grannet1 ~]# iptables -D FORWARD -p udp -s 192.168.0.4 -d 0/0 -j DROP [root@grannet1 ~]# iptables -D FORWARD -p tcp -s 192.168.0.4 -d 0/0 -j DROP [root@grannet1 ~]# iptables nvL

Ping al broadcast para ver maquinas de la red interna [root@flavioatamai ~]# ping 192.168.1.255 b

Navegar en un Linux [root@graimaninternet webmin]# htmlview

Cuando hagan un barrido de ip Linux ps aux finger [root@reychelnet etc]# iptables nL [root@reychelnet etc]# cat crontab [root@reychelnet etc]# stty raw echo Revisar si hace NAT [root@pablomora security]# iptables -nL -t nat

Para natear a una ip privada por puertos en un Linux cce_proxy-telco_eth0_utp -d 200.93.232.12 -p tcp --dport 80 -j

/sbin/iptables -t nat -A PREROUTING -s 0/0 DNAT --to-destination 192.169.0.8:80 **Prueba /sbin/iptables -t nat -A PREROUTING -s 0/0 destination 192.168.0.8 Revisar si hace match iptables nvL t nat

-d 200.93.232.12 -j DNAT --to-

Agregar rutas en Linux Rutas route add -net 192.168.66.0/24 gw 192.168.1.20

Juan Andres Alvarez B, Ing

route add route add route add route add route add route add route add route add route add route add route add route add route add route add route add route add route add route add route add

-net -net -net -net -net -net -net -net -net -net -net -net -net -net -net -net -net -net -net

192.168.68.0/24 gw 192.168.1.20 192.168.4.0/24 gw 192.168.1.20 192.168.14.0/24 gw 192.168.1.20 192.168.16.0/24 gw 192.168.1.20 192.168.60.0/24 gw 192.168.1.20 192.168.64.0/24 gw 192.168.1.20 192.168.62.0/24 gw 192.168.1.20 192.168.58.0/24 gw 192.168.1.20 192.168.56.0/24 gw 192.168.1.20 192.168.52.0/24 gw 192.168.1.20 192.168.50.0/24 gw 192.168.1.20 192.168.48.0/24 gw 192.168.1.20 192.168.44.0/24 gw 192.168.1.20 192.168.46.0/24 gw 192.168.1.20 192.168.3.0/24 gw 192.168.1.20 192.168.26.0/24 gw 192.168.1.20 192.168.28.0/24 gw 192.168.1.20 192.168.42.0/24 gw 192.168.1.20 192.168.30.0/24 gw 192.168.1.20

Juan Andres Alvarez B, Ing

SWITCH
Verificar BW en un Puerto sw1grancolombiacue> sh mls qos aggregate-policer | i port45 Romper la clave de un Cisco 3550

http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_rec overy09186a0080094184.shtml

Introduction
This document describes the password recovery procedure for the Cisco Catalyst Layer 2 fixed configuration switches 2900XL/3500XL, 2940, 2950/2955, 2960, and 2970 Series, as well as the Cisco Catalyst Layer 3 fixed configuration switches 3550, 3560, and 3750 Series.

Before You Begin

Conventions
For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites
There are no specific prerequisites for this document.

Step-by-Step Procedure
Follow the password recovery procedure below. 1. Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch. Use the following terminal settings:
o o o o o

Bits per second (baud): 9600 Data bits: 8 Parity: None Stop bits: 1 Flow Control: Xon/Xoff
Juan Andres Alvarez B, Ing

Note: For additional information on cabling and connecting a terminal to the console port, refer to Connecting a Terminal to the Console Port on Catalyst Switches. 2. Unplug the power cable. 3. Power the switch and bring it to the switch: prompt: For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this: Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch. Catalyst Switch Series 2900XL, 3500XL, 3550 LED Behavior and Mode Button Release Action Release the Mode button when the LED above Port1x goes out. Release the Mode button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber. Release the Mode button when the SYST LED blinks amber and then turns solid green. When you release the Mode button, the SYST LED blinks green. Release the Mode button after approximately 15 seconds when the SYST LED turns solid green. When you release the Mode button, the SYST LED blinks green.

2940, 2950

2960, 2970

3560, 3750

Note: LED position may vary slightly depending on the model. Catalyst 3524XL

Juan Andres Alvarez B, Ing

Catalyst 2950-24

For 2955 series switches only: The Catalyst 2955 series switches do not use an external mode button for password recovery. Instead the switch boot loader uses the break-key detection to stop the automatic boot sequence for the password recovery purposes. The break sequence is determined by the terminal application and operating system used. Hyperterm running on Windows 2000 uses Ctrl + Break. On a workstation running UNIX, Ctrl-C is the break key. For more information, refer to Standard Break Key Sequence Combinations During Password Recovery. The example below uses Hyperterm to break into switch: mode on a 2955.
C2955 Boot Loader (C2955-HBOOT-M) Version 12.1(0.0.514), CISCO DEVELOPMENT TEST VERSION Compiled Fri 13-Dec-02 17:38 by madison WS-C2955T-12 starting... Base ethernet MAC Address: 00:0b:be:b6:ee:00 Xmodem file system is available. Juan Andres Alvarez B, Ing

Initializing Flash... flashfs[0]: 19 files, 2 directories flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 7741440 flashfs[0]: Bytes used: 4510720 flashfs[0]: Bytes available: 3230720 flashfs[0]: flashfs fsck took 7 seconds. ...done initializing flash. Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4 *** The system will autoboot in 15 seconds *** Send break character to prevent autobooting.

!--- Wait until you see this message before !--- you issue the break sequence. !--- Ctrl+Break is entered using Hyperterm.

The system has been interrupted prior to initializing the flash file system to finish loading the operating system software: flash_init load_helper boot switch:

4. Issue the flash_init command.

5. switch: flash_init 6. Initializing Flash... 7. flashfs[0]: 143 files, 4 directories 8. flashfs[0]: 0 orphaned files, 0 orphaned directories 9. flashfs[0]: Total bytes: 3612672 10. flashfs[0]: Bytes used: 2729472 11. flashfs[0]: Bytes available: 883200 12. flashfs[0]: flashfs fsck took 86 seconds 13. ....done Initializing Flash. 14. Boot Sector Filesystem (bs:) installed, fsid: 3 15. Parameter Block Filesystem (pb:) installed, fsid: 4 16. switch: 17. 18. !--- This output is from a 2900XL switch. Output from 19. !--- other switches will vary slightly. 20.

21. Issue the load_helper command.

22. switch: load_helper switch:

23. Issue the dir flash: command. Note: Make sure to type a colon ":" after the dir flash.
Juan Andres Alvarez B, Ing

The switch file system is displayed:

switch: dir flash: Directory of flash:/ 2 -rwx 1803357 <date> 5.WC7.bin

c3500xl-c3h2s-mz.120-

!--- This is the current version of software. 4 -rwx 1131 <date> config.text

!--- This is the configuration file. 5 -rwx 109 <date> info 6 -rwx 389 <date> env_vars 7 drwx 640 <date> html 18 -rwx 109 <date> info.ver 403968 bytes available (3208704 bytes used) switch: !--- This output is from a 3500XL switch. Output from !--- other switches will vary slightly.

24. Type rename flash:config.text flash:config.old to rename the configuration file.

25. 26. 27. 28. 29. 30. switch: rename flash:config.text flash:andres.old switch: !--- The config.text file contains the password !--- definition.

31. Issue the boot command to boot the system.

32. switch: boot 33. Loading "flash:c3500xl-c3h2s-mz.1205.WC7.bin"...############################### 34. ###################################################################### ########## 35. ###################################################################### 36. File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po 37. int: 0x3000 38. executing... 39. 40. !--- Output suppressed. 41. !--- This output is from a 3500XL switch. Output from other switches 42. !--- will vary slightly. 43.

44. Enter "n" at the prompt to abort the initial configuration dialog.
45. 46. 47. 48. 49. 50. --- System Configuration Dialog --At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n Juan Andres Alvarez B, Ing

51. 52. 53. 54. 55. 56. 57. 58. 59. 60.

!--- Type "n" for no. Press RETURN to get started. !--- Press Return or Enter. Switch> !--- The Switch> prompt is displayed.

61. At the switch prompt, type en to enter enable mode.

62. Switch>en Switch#

63. Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
64. Switch#rename flash:config.old flash:config.text 65. Destination filename [config.text] 66. 67. !--- Press Return or Enter. 68. Switch#

69. Copy the configuration file into memory.

70. Switch#copy flash:config.text system:running-config 71. Destination filename [running-config]? 72. 73. !--- Press Return or Enter. 74. 75. 1131 bytes copied in 0.760 secs Sw1#

The configuration file is now reloaded. 76. Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character. Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.
Sw1# conf t

!--- To overwrite existing secret password Sw1(config)#enable secret <new_secret_password>

!--- To overwrite existing enable password Sw1(config)#enable password <new_enable_password> Juan Andres Alvarez B, Ing

!--- To overwrite existing vty password Sw1(config)#line vty 0 15 Sw1(config-line)#password <new_vty_password> Sw1(config-line)#login

!--- To overwrite existing console password Sw1(config-line)#line con 0 Sw1(config-line)#password <new_console_password>

77. Write the running configuration to the configuration file with the write memory command.
78. Sw1#write memory 79. Building configuration... 80. [OK] Sw1#

Estandar IOS de un Cisco 3550 flash:c3550-ipservicesk9-mz.122-25.SEB4.bin

Juan Andres Alvarez B, Ing

Password Recovery for the Catalyst 2900XL, 3500XL, 2950, and 3550 Series Switches Contents
Introduction Step-by-Step Procedure

Introduction
This document describes the password recovery procedure for the Cisco Catalyst 2900XL, 3500XL, 2950, and 3550 series switches.

Step-by-Step Procedure
1. Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch. Use the following terminal settings: Bits per second (baud): 9600 Data bits: 8 Parity: None Stop bits: 1 Flow Control: Xon/Xoff 2. Unplug the power cable. 3. Hold down the mode button located on the left side of the front panel, while reconnecting the power cable to the switch. For 2900/3500XL and 3550 Series switches: release the mode button after the LED above Port 1x goes out. Note: LED position may vary slightly depending on the model. Catalyst 3524XL

Juan Andres Alvarez B, Ing

For 2950 Series switches: release the mode button after the STAT LED goes out. Note: LED position may vary slightly depending on the model. Catalyst 2950-24

The following instructions appear:

The system has been interrupted prior to initializing the flash filesystem. The following commands will initialize the flash filesystem, and finish loading the operating system software: flash_init load_helper boot switch: !--- This output is from a 3500XL switch. Output from a 2900XL, 2950 or 3550 will vary slightly.

Juan Andres Alvarez B, Ing

4. Issue the flash_init command.

5. switch: flash_init 6. Initializing Flash... 7. flashfs[0]: 143 files, 4 directories 8. flashfs[0]: 0 orphaned files, 0 orphaned directories 9. flashfs[0]: Total bytes: 3612672 10. flashfs[0]: Bytes used: 2729472 11. flashfs[0]: Bytes available: 883200 12. flashfs[0]: flashfs fsck took 86 seconds 13. ....done Initializing Flash. 14. Boot Sector Filesystem (bs:) installed, fsid: 3 15. Parameter Block Filesystem (pb:) installed, fsid: 4 16. switch: 17. 18. !--- This output is from a 2900XL switch. Output from a 3500XL, 3550 or 2950 will vary slightly. 19.

20. Issue the load_helper command.

21. switch: load_helper switch:

22. Issue the dir flash: command.

23. 24. !--- Make sure to type a colon ":" after the dir flash. 25.

The switch file system is displayed:

switch: dir flash: Directory of flash:/ 2 -rwx 1803357 <date> 5.WC7.bin

c3500xl-c3h2s-mz.120-

!--- This is the current version of software. 4 -rwx 1131 <date> config.text

!--- This is the configuration file. 5 -rwx 109 <date> info 6 -rwx 389 <date> env_vars 7 drwx 640 <date> html 18 -rwx 109 <date> info.ver 403968 bytes available (3208704 bytes used) switch: !--- This output is from a 3500XL switch. Output from a 2900XL, 2950 or 3550 will vary slightly.

26. Type rename flash:config.text flash:config.old to rename the configuration file.

27. switch: rename flash:config.text flash:config.old Juan Andres Alvarez B, Ing

28. switch: 29. 30. !--- The config.text file contains the password definition. 31.

32. Issue the boot command to boot the system.

33. switch: boot 34. Loading "flash:c3500xl-c3h2s-mz.1205.WC7.bin"...############################### 35. ###################################################################### ########## 36. ###################################################################### 37. File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po 38. int: 0x3000 39. executing... 40. 41. !--- Output truncated. 42. !--- This output is from a 3500XL switch. Output from a 2900XL, 2950 or 3550 will vary slightly. 43.

44. Enter "n" at the prompt to start the Setup program.

45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. --- System Configuration Dialog --At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Continue with configuration dialog? [yes/no]: n !--- Type "n" for no. Press RETURN to get started. !--- press Return or Enter. Switch> !--- The Switch> prompt is displayed.

61. At the switch prompt type en to enter enable mode.

62. Switch>en 63. Switch#

64. Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
65. 66. 67. 68. 69. 70. Switch#rename flash:config.old flash:config.text Destination filename [config.text] !--- Press Return or Enter. Switch#

71. Copy the configuration file into memory:

72. Switch#copy flash:config.text system:running-config 73. Destination filename [running-config]? 74. 75. !--- Press Return or Enter. 76. Juan Andres Alvarez B, Ing

77. 1131 bytes copied in 0.760 secs 78. Switch#

The configuration file is now reloaded. 79. Change the password:

80. Switch#configure terminal 81. Switch(config)#no enable secret 82. 83. !--- This step is necessary if the switch had an enable secret password. 84. 85. Switch(config)#enable password Cisco 86. Switch#(config)#^Z 87. 88. !--- Control/Z. 89.

90. Write the running configuration to the configuration file with the write memory command:
91. Switch#write memory 92. Building configuration... 93. [OK] Switch#

VARIOS
Cambiar la Fecha/Hora y BIOS en un LINUX

Supongamos queremos poner: 27-Mayo-2007 y la hora 17:27. Esto lo haremos como root: # date --set "2007-05-27 17:27" Sun May 27 17:27:00 CET 2007 Ahora realizaremos el mismo cambio para actualizar la fecha en la BIOS. # hwclock --set --date="2007-05-27 17:27" Para comprobarlo tecleamos: # hwclock Fri Feb 25 16:25:06 2000 -0.010586 seconds Y ya est! Si en algn momento reinicias el PC se crear el fichero /etc/adjtime, y como no vendr especificada zona horaria, pondr la local Agregar comunidad de Montoreo
Juan Andres Alvarez B, Ing

Ejm: B.Austro Comunidad SNMP BAustro access-list 94 permit 10.1.1.64 access-list 94 permit 10.1.1.128 snmp-server community B0Na2A0ft RO 94

Comunidad para Mutualista Azuay snmp-server community mut-azuay RO access-list 94 permit 128.1.16.185 access-list 94 permit 128.1.16.81

Bloqueo emisor de SPAM

Router access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list

170 permit tcp any host 205.178.145.244 eq smtp 170 permit tcp any host 205.178.146.50 eq smtp 170 permit tcp any host 200.93.192.58 eq smtp 170 permit tcp any host 200.93.192.122 eq smtp 170 permit tcp any host 200.93.238.146 eq smtp 170 permit tcp any host 200.93.238.14 eq smtp 170 permit tcp any host 200.93.192.151 eq smtp 170 permit tcp any host 200.93.192.156 eq smtp 170 deny tcp any any eq smtp 170 permit ip any any

interface Ethernet0/1 description LAN-CLIENTE ip address 190.95.225.201 255.255.255.248 ip access-group 170 in no ip redirects no ip proxy-arp load-interval 30 half-duplex !

IAC $IPTABLES -I FORWARD -i eth1 -d 0/0 -p tcp --dport 25 -j DROP $IPTABLES -I FORWARD -i eth1 -d 201.218.4.126 -p tcp --dport 25 -j ACCEPT $IPTABLES -I FORWARD -i eth1 -d smtp.telconet.net -p tcp --dport 25 -j ACCEPT
Juan Andres Alvarez B, Ing

$IPTABLES -I FORWARD -i eth1 -d smtprelay.telconet.net -p tcp --dport 25 -j ACCEPT Esto es en el caso de que kieras permitir q el clinete accesa a otros dominios iptables -A FORWARD -p tcp --dport iptables -A FORWARD -p tcp --dport iptables -A FORWARD -p tcp --dport iptables -A FORWARD -p tcp --dport iptables -A FORWARD -p tcp --dport A esos dominios con lo cual trabaja 25 25 25 25 25 -s 0/0 -d -s 0/0 -d -s 0/0 -d -s 0/0 -d -s 0/0 -d adventistas.ec -j ACCEPT educacionadventista.ec -j ACCEPT mail.uagraria.edu.ec -j ACCEPT smtp.telconet.net -j ACCEPT 0/0 -j DROP

CACTI GYE http://nmscorp.telconet.net/ http://nmstelco2.telconet.net

Usuario en el cacti de banco del austro User: baustro Pasw: baustrocacti Cuando son ataques SNMp

>show access-list 136 Extended IP access list 136 10 deny tcp any any eq 135 20 deny tcp any any eq 139 30 deny tcp any any eq 445 40 deny tcp any any eq 593 50 deny udp any any eq 135 60 deny udp any any eq netbios-ns 70 deny udp any any eq netbios-dgm 80 deny udp any any eq 445 90 deny udp any any eq 1434 100 deny tcp host 200.110.89.156 any eq smtp 110 deny udp host 200.110.77.47 any eq snmp 120 deny udp host 200.110.77.47 any eq snmptrap 130 permit ip any any (293 matches)

>show vlan filter sw1ceboscocue>show vlan filter VLAN Map BLOQUEOPUERTOS is filtering VLANs: 1
Juan Andres Alvarez B, Ing

sw1ceboscocue>

Bloqueo en el CPE SNMP access-list 101 deny udp 192.168.17.0 0.0.0.255 any eq snmp access-list 101 permit ip any any Y en la LAN ip access-group 101 in controlamos que la red interna envie trafico snmp

Revisar via redes rotelconetcuenca1>sh ip route vrf telconet | i 200.110.69.240 B 200.110.69.240/28 [20/0] via 192.168.154.14, 2d05h rotelconetcuenca1>

Comandos VRF rotelconetcuenca1>sh arp vrf telconet | inc Cambiar velocidad en las tarjetas de red Linux

A continuacion algunos ejemplos de como ver, ajustar o cambiar la velocidad de nuestra red via la interfaz ethernet:

Apagamos al autonegociacin para empezar a configurar manualmente: sudo ethtool -s eth0 autoneg off

Ver los settings aceptados por nuestras interfaces con el hub/router/switch : deathbian:~# mii-tool eth0: negotiated 100baseTx-FD flow-control, link ok deathbian:~#

Especificar el enlace a 10 mbps, full duplex: deathbian:~# mii-tool --force=10baseT-FD eth0

Especificar el enlace a 10 mbps, half duplex: deathbian:~# mii-tool --force=10baseT-HD eth0

Juan Andres Alvarez B, Ing

Especificar el enlace a 100 mbps, full duplex: deathbian:~# mii-tool --force=100baseTx-FD eth0

Especificar el enlace a 100 mbps, half duplex: deathbian:~# mii-tool --force=100baseTx-HD eth0

* Cmo quitar el aviso de copia pirata o ilegal de Windows XP Profesional? 1. Abrimos el bloc de notas y pegamos el siguiente cdigo:
taskkill /im wgatray.exe Del c:\Windows\System32\WgaTray.exe Del c:\Windows\System32\dllcache\WgaTray.exe echo Windows Registry Editor Version 5.00 >%temp%\WGANFIX.REG echo. >>%temp%\WGANFIX.REG echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] >>%temp%\WGANFIX.REG regedit /s %temp%\WGANFIX.REG del %temp%\WGANFIX.REG del c:windows\system32\wgalogon.dll del c:windows\system32\dllcache\wgalogon.dll

2. Guardamos el archivo como loquequieras.bat . Por ejemplo quitaraviso.bat 3. Ejecutamos el programa que acabamos de crear haciendo dos clics sobre l y reiniciamos el ordenador. Para los vagos: podis descargaros el programa directamente: Descargar programa para quitar el aviso de copia pirata de Windows

Juan Andres Alvarez B, Ing

INSTALAR SSH EN Linux

Creo que por motivos de seguridad, los servicios de administracin remota estn desactivados en Ubuntu por defecto. Telnet es til, pero para mi ya ha pasado a la historia. SSH es exactamente lo mismo, pero con la diferencia en que los datos que envas van encriptados y en Telnet no, por lo que realizar operaciones de mantenimiento con Telnet puede ser peligroso si te estan 'esnifando' los paquetes (pueden ver las contraseas, todo lo que envies por teclado, etc.), por lo que mejor, te curas en salud y utilizas SSH. SSH utiliza el puerto 22. Me imagino que hyperterminal ser capaz de conectarse. Otra opcin es usar "puTTY", un programa freeware y superligero, que te puedes bajar facilmente buscandolo en google. Puedes realizar conexiones Telnet, SSH, lo que le pidas. Para poder acceder via SSH necesitars instalar en tu Ubuntu el daemon (demonio, servicio) que permite realizar la conexin. La mejor manera es instalar via synaptic o apt-get el siguiente paquete: openssh-server En synaptic, lo buscas tal cual, a la opcion buscar: openssh y lo encontrar En apt-get, abrir consola y escribir: sudo apt-get install openssh-server

Agregar Vla en un RO Agregar Vlan a modo trunk Vlan 103

Crear cuenta con otro provedor de mail server https://accountservices.passport.net/ppnetworkhome.srf?lc=3082&mkt=ES-ES

Juan Andres Alvarez B, Ing

SERVER DNS
Ver DNS los dominios [root@dnscuenca etc]# more host host: No such file or directory [root@dnscuenca etc]# more hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 200.93.222.4 dnscuenca.cue.telconet.net dnscuenca 200.93.222.5 dnscuenca.cue.telconet.net dnscuenca #200.55.224.68 dns1.etapanet.net #200.55.224.67 dns2.etapanet.net Revisar si esta registrador en los DNS de Telconet [root@dns1 ~]# dig www.utjp.edu.ec MS Probar resolucin desde un DNS dig etapanet.net +trace
Reiniciar DNS

[root@dns1 ~]# rndc flush [root@dns1 ~]# exit

Juan Andres Alvarez B, Ing