Cisco 设备中的 OSPF 协议的配置需要定义 Process ID,该 Process ID 是在本地表示 OSPF 路由选择,多个路由器之间的 ID 可以不同。但是不建议在一个路由器上运行多个 ID 进程,因为这样会导致产生多个链路状态数据库,增加硬件设备的负担,彼此也是不能共享路由信息,需要共享就需要在同一设备的不同 OSPF 进程中实现重发布。
Enabling an OSPF process:Enabling an OSPF process:router ospf <process-id>Assigning areas to the interfaces:network <network or IP address> <mask> <area-id>
“定向广播”特指 IP 主机位全为 1 的数据包,路由器不转发全网广播(255.255.255.255),但是思科路由器可以转发定向广播,只是默认不转发而已,使用 ip directed-broadcast 接口命令来实现转发定向广播。
我们来利用这一特性,在 Linux 下实现 Ping Spoofing 的攻击。
storm-control 可以用来控制网络中报文发送数量,防止数据风暴产生,在思科 Catalyst 3560 上测试了一下,利用 WinARPAttacker 产生 ARP 广播,其速率超过接口设定的门限值。利用这一点,可以在思科交换机上实现对一些网络攻击起到防范作用。 猛击阅读全文
在日志和调试时加上时间戳
Router(config)#service timestamps log datetime localtime
Router(config)#service timestamps debug datetime localtime
设置时间
Router#clock set 15:30:00 January 1 2009
outer#calendar set 15:30:00 January 1 2009
Clock 和 Calendar 的区别:
Most Cisco routers have two clocks:a battery-powered hardware clock (referenced in CLI commands as the “calendar”) and a software clock (referenced in CLI commands as the “clock”). These two clocks are managed separately.
The primary source for time data on your system is the software clock. This clock runs from the moment the system starts up and keeps track of the current date and time. The software clock can be set from a number of sources and in turn can be used to distribute the current time through various mechanisms to other systems. When a router with a hardware clock is initialized or rebooted, the software clock is initially set based on the time in the hardware clock.