InfoBar where the prompt cursor is located (the data value on the vertical axis)
Note: Note that this is distinguished from the showtooltipgridposition value, which displays the coordinate value, where the data value is displayed
Tooltipformatstring: '%.4p ',//tooltipformatstring with highlighter
Useaxesformatters:true,//tooltipformatstring with highlighter
Tooltipaxesgroups: [],//show only specified a
MAC addresses flooding
To make the switch's Mac table full by simulating a large number of source MAC addresses
can be solved by port security.
VLAN hopping
Access to other VLANs by changing the packet Vlan-id
Strictly set trunk allow which VLAN to pass, put the useless port into the common VLAN (i.e. vlan1)
Attacks between devices on a common VLAN
Devices that belong to the same VLAN can also attack each other.
Through the Pvlan to solve
DHCP starvation
An attacker sends countless DHCP re
not active at this time,But as long as the related interface is opened, the span will become active.The monitoring port is preferably> = the bandwidth of the controlled port. Otherwise, packet loss may occur.
SPAN traffic -- span trafficUse a local span to monitor all network traffic, including multicast, Bridge Protocol Data Unit (BPDU), and CDP,VTP, DTP, STP, pagp, lacp packets. rspan cannot monitor layer-2 protocols.
Traffic types -- traffic typeT
dynamic hongyi_dynamic_map!!!Interface Ethernet0No ip addressNo ip redirectsNo ip unreachablesNo ip proxy-arpNo ip mroute-cacheHalf-duplexPppoe enablePppoe-client dial-pool-number 1No cdp enable!Interface FastEthernet0Ip address 172.16.0.10 255.255.255.0.0Ip access-group local_r0000inNo ip redirectsNo ip unreachablesNo ip proxy-arpIp nat insideIptcp adjust-mss 1452No ip mroute-cacheSpeed autoNo cdp enable!
of Cisco 2501-above
Current configuration:
!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname above
!
Enable secret 5 $1 $ O1aq $ Kxgp1A0Eulqug8SbCm6rdl
Enable password cisco
!
Username down password 7 095C5E19
Chat-script lab abort error abort busy abort "no answer" at h "OK" ATDT \ T"
TIMEOUT 60 CONNECT \ c
!
Interface Ethernet0
Ip address 192.192.193.1 255.255.255.0
!
Interface Serial0
Ip address 192.192.192.1 255.255.255.0
Bandwidth 64
Clockrate 64000
!
Int
MAC addresses flooding
Simulate a large number of source MAC addresses to fill the Mac table of the switch
You can solve this problem through port security.
VLAN hoppingAccess other VLANs by changing the VLAN-id of PacketStrictly set which VLANs are allowed by the trunk and put unused ports in the common VLAN (that is, vlan1)
Attacks between devices on a common VLANDevices belonging to the same VLAN can also attack each other.Solve the problem through pvlan
DHCP starvationAttackers send n
troubleshooting.Second, restrictions on the protocol. To use the layer-2 routing tracking function, you must run the CDP protocol on all switches and interfaces in the network, and the CDP protocol must work properly. CDP becomes the Cisco Discovery protocol. It is mainly used to obtain the Protocol addresses of adjacent devices and platforms for discovering the
different internal addresses using different protocol Port numbers. This method is usually used for dialing Internet.
Below is 2611
VroFor example,
ConfigurationThe list is as follows:
Current configuration:
!
Version 12.0:
Service timestamps debug uptime
Service timestamps log uptime
No service password-encryption
!
Hostname 2611
!
Enable secret 5 $1 $ JIeG $ UZJNjKhcptJXHPc/BP5GG0
Enable password 2323 ipro
!
Ip subnet-zero
No ip source-route
No ip finger
!
!
!
Interface Ethernet0/0
Ip address
; (CatOS) display VTP domain and VTP Mode
Show vtp status; (IOS)
Show interface; (CatOS) display Management interface Information
Show port; (CatOS) displays brief information about each port (number, VLAN, duplex ,...)
Show interface; (IOS)
Show trunk; (CatOS) displays the relay information (mode, encapsulation, allowed port, cropping ,...)
Show interface trunk; (IOS)
Show spantree 45; (CatOS) shows the STP mode, type, status, speed port,...) of the port ,...)
Show spanning-tree 45; (IOS)
3. In
Currently, vrouters are widely used and users are not familiar with some routing settings. So I studied how to turn off unnecessary services in vro settings, disable insecure and unnecessary services on the VBR settings. Here, we assume that the vro is configured with ports Ethernet0 and ethernet1.
Router (config) # no cdp run // disable CDP. CDP uses multicast a
time the vro must pass the KEY back and forth to authenticate itself and try to pass OSPF messages, the HELLO information package of the router is transmitted between routers every 10 seconds by default, which gives attackers a great opportunity to eavesdrop on the KEY, if attackers can snoop the network and obtain the KEY, the OSPF route information package may be forged. More seriously, these forged OSPF route information packets will be redirected blindly. Of course, these attacks are rare,
Mop7. use cdpCdp as little as possible. disable cdp on each interface to run cdp only when it is needed for management; run cdp only on devices within the control range. Do not use cdp on insecure links. For example: internet8. disable Integrated http background programs. By default, Integrated http servers are disabl
VLAN database is configured, you must enter exit to save it;VLAN troubleshooting: physical connection> Switch configuration> VLAN configuration;Physical connections include CDP and duplex;The Trunk is a link between two vswitches;802.1 p: Priority of the 802.1qTAG field;Tunnel requires two tags: one for the enterprise and one for the carrier. The carrier can transmit VLAN, CDP, VTP, STP, and other informat
: GAUGE: 120: 0: NaNDS: cpu_wio: GAUGE: 120: 0: NaNDS: cpu_idle: GAUGE: 120: 0: NaNRRA: AVERAGE: 0.5: 1: 244 # RRA is the form of data storage, Data TablesRRA: AVERAGE: 0.5: 24: 244 # CF merge statistics include average, max, min, and lastRRA: AVERAGE: 0.5: 168: 244 #0.5 is xff, indicating that when the proportion of the missing data volume exceeds 0.5, the data is displayed as null.RRA: AVERAGE: 0.5: 672: 244 # PDP, a data point calculated, such as the AVERAGE value.RRA: AVERAGE: 0.5: 5760: 374
and JS file.
GeSHi
GeSHi (Generic Syntax Highlighter) is used to highlight various source codes on the HTML page. Supports more than 60 languages: PHP, HTML, C, Java, Java5, C #, Actionscript, Delphi, C ++, Groovy, Javascript, Perl, PL/SQL, Ruby, Python, SQL, XML, etc, it is easy to integrate into systems such as Dokuwiki, Mambo, phpBB, WordPress, and WikkaWiki.
Rainbow
Rainbow is a lightweight JavaScript library that coloring code syntax. It is
. with_positions_offsets );
D. Add (f );
Writer. adddocument (d );
}
// Use the term location information to save the highlight time.
Void dostandardhighlights () throws exception
{
Highlighter = new highlighter (this, new queryscorer (query ));
Highlighter. settextfragmenter (New simplefragmenter (20 ));
For (INT I = 0; I
{
String text = hits.doc (I).
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.