2 laboratoriya ishi kommutatorda port xavfsizligi (port security) ni sozlash
Download 251.33 Kb.
|
2 LABORATORIYA ISHI
- Bu sahifa navigatsiya:
- Qisqacha nazariy ma’lumotlar
№ 2 LABORATORIYA ISHI KOMMUTATORDA PORT XAVFSIZLIGI (PORT SECURITY) NI SOZLASH Ishdan maqsad: Kommutatsiya jadvallari to`ldirilishiga yo`naltirilgan hujumlardan, tarmoqni himoya qilish imkonini beruvchi kommutatorning “port-security” funksiyasini sozlash bo`yicha amaliy ko`nikmalarga ega bo’lish. Qisqacha nazariy ma’lumotlar Port-security funksiyasi kommutatorning biror bir porti orqali tarmoqqa faqat ko`rsatilgan qurilmalar kirishini sozlashga imkon beradi. Ushbu portga kirishga ruxsat berilgan qurilmalar MAC-manzillar bo`yicha aniqlanadi. MAC-manzillar dinamik yoki tarmoq administrator tomonidan qo`lda sozlanishi mumkin. Bundan tashqari Port-security funksiyasi portga ulanuvchi tugunlar sonini cheklashga imkoniyat yaratadi, bu esa portga MAC-manzillar sonini ko`rsatish orqali amalga oshiriladi. Yana bir funksiyasi MAC-manzillar jadvali to`ldirilishiga yo`naltirilgan hujumlardan kommutatorni himoyalash hisoblanadi (2.1-rasm.). 1.Topologiyani tuzub oldik va kompyuterlarga ip address berib chiqdim .
Switch1 Switch>enable Switch#configure terminal Switch(config)#hostname sw1 sw1 (config)#interface fa0/1 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security sw1 (config-if)#switchport port-security mac-address sticky sw1 (config)#interface fastEthernet 0/2 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security sw1 (config-if)#switchport port-security mac-address 0060.47B8.5CC5 sw1 (config)# interface fastEtherinnet 0/3 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security sw1 (config-if)#switchport port-security mac-address sticky sw1 (config-if)#switchport port-security violation protect sw1 (config)#interface range fastEthernet 0/4-24 sw1 (config-if-range)#shutdown Switch 2 Switch>enable Switch#configure terminal Switch(config)#hostname Farhod sw1 (config)#interface g0/1 sw1 (config-if)#switchport mode trunk sw1 (config-if)#switchport port-security maximum 4 sw1 (config-if)#switchport port-security violation restrict Natija: #show port-security int f0/1 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 0 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address:Vlan : 0000.0000.0000:0 Security Violation Count : 0 Download 251.33 Kb. Do'stlaringiz bilan baham: |
Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling
ma'muriyatiga murojaat qiling