Shulou(Shulou.com)06/01 Report--

I. SNMP

Principle:

After snmp services are installed on all devices in a network, NMS (Network Management system) can be used to manage these devices remotely.

Topology Diagram:

I. Centos6 64-bit webserver configuration

Install httpd and SNMP,ip:192.168.6.6

1. [root@centos ~] # mount / dev/cdrom / media/cdrom

[root@centos~] # cd / media/cdrom/Packages/

[root@centosPackages] # ll | grep snmp

/ usr/sbin/snmpd//agent

/ usr/sbin/snmptrapd / / nms

two。 Install net-snmp,httpd

[root@centosPackages] # yum install net-snmp httpd

[root@centos Packages] # service snmpd start

[root@centos mibs] # chkconfig snmpd on

[root@centosPackages] # netstat-tupln | grep snmp

There is port 161.

II. Server 2003 configuration

Address 192.168.6.100

1. Install snmp (add windows components)

two。 Open the remote Desktop (right-click my computer) and turn on the telnet service.

3. Open the service SNMPservice for configuration

Security:

Trap trap:

three。 Start configuring the router

R1:

[R1] ints0

[R1-Serial0] ipadd 10.1.1.1 24

[R1-Serial0] inte0

[R1-Ethernet0] ipadd 192.168.5.1 24

[R1] iproute 192.168.6.0 24 10.1.1.2 / / configure a route to the 6.0 network segment

[R1] localuser admin pass sip admin ser admin creates an administrative account

Configure SNMP

[R1] snmp

[R1] snmpcommunity read public

[R1] snmpcommunity write private

[R1] snmpsys-info contact user1 contact

[R1] snmpsys-info location zhengzhou location

[R1] snmpsys-info version all version

[R1] snmptrap enable starts the reporting function

[R1] snmptarget trap add 192.168.5.100 securityname public

Should report to 192.168.5.100

R2:

[R2] ints0

[R2-Serial0] ipadd 10.1.1.2 24

[R2-Serial0] inte0

[R2-Ethernet0] ipadd 192.168.6.1 24

[R2] iproute 192.168.5.0 24 10.1.1.1

[R2] localuser admin pass sip admin ser admin

Configure SNMP

[R2] snmp

[R2] snmpcommunity read public

[R2] snmpcommunity write private

[R2] snmpsys-info contact user1 contact

[R2] snmpsys-info location zhengzhou location

[R2] snmpsys-info version all version

[R2] snmptrap enable starts the reporting function

[R2] snmptarget trap add 192.168.5.100 securityname public

Should report to 192.168.5.100

SW (switch configuration):

[sw] intvlan1

[sw-Vlan-interface1] ipadd 192.168.6.10 24

[sw] iproute-static 0.0.0.0 192.168.6.1 / / configure the gateway

Add an administrative account:

[sw] local-useradmin

[sw-luser-admin] passwordsimple admin

[sw-luser-admin] service-typetelnet level 3

[sw-luser-admin] quit

[sw] user-interface vty 0 4 / / Open vty 0, 1, 2, 3, 4 and other five user virtual terminals / / VTY (Virtual Teletype Terminal) virtual terminals, a connection mode for network devices, and virtual ports for remote login of routers or switches.

[sw-ui-vty0-4] authentication-modescheme

With SNMP

[sw] snmp-agent

[sw] snmp-agent sys-infolocation zhengzhou

[sw] snmp-agentsys-info contact user1

[sw] snmp-agentsys-info version all

[sw] snmp-agentcommunity read public

[sw] snmp-agentcommunity write private

[sw] snmp-agenttarget-host trap add udp-domain 192.168.5.100 params securityname public

[sw] snmp-agenttrap enable

IV. (Win2003) NMS:192.168.5.100

Install the windows component snmp

Install whats up

Topological graph

After stopping the httpd and win2003 hosts, an exception was found in the icon.

Two-mirror technology

1. Local port mirroring

Case: use the local image to grab the data of the local port to achieve the purpose of monitoring.

Principle:

Topology Diagram:

Implementation:

Firewall configuration:

[H3C] sysname A

[A] int eth0/0

[A-Ethernet0/0] ip add 192.168.2.10 24

[A-Ethernet0/0] firewall zone trust

[A-zone-trust] add interface eth0/0

[A] firewall packet-filter default permit

[a] undo insulate / / remove port isolation

Exchanger

[Quidway] mirroring-group 1 monitor-porte1/0/1

[Quidway] mirroring-group 1 mirroring-porte1/0/22 both

Install wireshark. Centos on the virtual machine C.

Turn off the firewall first:

Service iptables stop

Setenforce 0

Mount / dev/cdrom / media/cdrom

Yum install wireshark / / install the wireshark package grab tool

Execute on C

Tshark-ni eth0-R "tcp.port eq 23"

B telnet A, you can see the data grabbed by C.

Install the ftp service on A:

[A] ftp server enable

[a] local-user user1 / / create an account

[A-luser-user1] password simple 123

[A-luser-user1] service-type ftp

C above:

Tshark-ni eth0-R "tcp.port eq 21"

After B ftp An and ftp 192.168.2.10, you can see the account password crawled by C.

two。 Flowing mirror image

Principle:

Topology Diagram:

Implementation:

Exchanger

ACL configuration, only telnet is allowed to pass.

[Quidway] acl number 3000 match-order auto

[Quidway-acl-adv-3000] rule 10 permit tcpsource any destination any destination-port eq 23

Mirroring the data to the interface e1Comp0Accord1

[Quidway] mirrored-to ip-group 3000interface e1/0/1

Test:

B telnet A, you can see the data grabbed by C.

Install the ftp service on A:

[A] ftp server enable

[a] local-user user1 / / create an account

[A-luser-user1] password simple 123

[A-luser-user1] service-type ftp

[A] acl number 3000 match-order auto

[A-acl-adv-3000] rule 20 permit tcp sourceany destination any destination-port eq 21

[A] mirrored-to ip-group 3000 interfacee1/0/1

Execute on C: tshark-ni eth0-R "tcp.port eq 21"

Let B ftp A, namely ftp 192.168.2.10

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.