Shuxratov Raxmatillo 1-amaliy topshiriq


Natija № 2 LABORATORIYA ISHI



Yüklə 144,43 Kb.
səhifə2/5
tarix07.01.2024
ölçüsü144,43 Kb.
#207869
1   2   3   4   5
1-5

Natija



№ 2 LABORATORIYA ISHI


KOMMUTATORDA PORT XAVFSIZLIGI (PORT SECURITY) NI
SOZLASH
Ishdan maqsad: Kommutatsiya jadvallari to`ldirilishiga yo`naltirilgan hujumlardan, tarmoqni himoya qilish imkonini beruvchi kommutatorning “portsecurity” funksiyasini sozlash bo`yicha amaliy ko`nikmalarga ega bo’lish.

Qisqacha nazariy ma’lumotlar


Port-security funksiyasi kommutatorning biror bir porti orqali tarmoqqa faqat ko`rsatilgan qurilmalar kirishini sozlashga imkon beradi. Ushbu portga kirishga ruxsat berilgan qurilmalar MAC-manzillar bo`yicha aniqlanadi. MACmanzillar dinamik yoki tarmoq administrator tomonidan qo`lda sozlanishi mumkin. Bundan tashqari Port-security funksiyasi portga ulanuvchi tugunlar sonini cheklashga imkoniyat yaratadi, bu esa portga MAC-manzillar sonini ko`rsatish orqali amalga oshiriladi. Yana bir funksiyasi MAC-manzillar jadvali to`ldirilishiga yo`naltirilgan hujumlardan kommutatorni himoyalash hisoblanadi (2.1-rasm.).

1.Topologiyani tuzub oldik va kompyuterlarga ip address berib chiqdim .


Qurilma

IP-manzil

МАС-manzil

Interfeys

Port rejimlari

Laptop0

192.168.1.1

00D0.975B.887B

Fa0

n/a

Laptop1

192.168.1.2

0060.47B8.5CC5

Fa0

n/a

Laptop2

192.168.1.3

0060.47B6.AEB0

Fa0

n/a

Laptop3

192.168.1.4

0003.E494.23BE

Fa0

n/a

Laptop4

192.168.1.5

0060.5C29.A1E0

Fa0

n/a

Laptop5

192.168.1.6

0001.6301.59C5

Fa0

n/a

SW1

N/A

N/A

Fa0/1

sticky

SW1

N/A

N/A

Fa0/2

mac-address
00D0.5819.04E3

SW1

N/A

N/A

Fa0/3

violation protect

SW1

N/A

N/A

Fa0/5-24

Shutdown

SW2

N/A

N/A

Fa0/1

restrict

SW2

N/A

N/A

Fa0/2

restrict

SW2

N/A

N/A

Fa0/3

Protect

SW2

N/A

N/A

Fa0/4

maximum 4

Switch1
Switch>enable
Switch#configure terminal Switch(config)#hostname sw1 sw1 (config)#interface fa0/1 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security
sw1 (config-if)#switchport port-security mac-address sticky sw1 (config)#interface fastEthernet 0/2 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security sw1 (config-if)#switchport port-security mac-address 0060.47B8.5CC5 sw1 (config)# interface fastEtherinnet 0/3 sw1 (config-if)#switchport mode access sw1 (config-if)#switchport port-security sw1 (config-if)#switchport port-security mac-address sticky sw1 (config-if)#switchport port-security violation protect sw1 (config)#interface range fastEthernet 0/4-24 sw1 (config-if-range)#shutdown
Switch 2
Switch>enable
Switch#configure terminal Switch(config)#hostname Farhod sw1 (config)#interface g0/1 sw1 (config-if)#switchport mode trunk sw1 (config-if)#switchport port-security maximum 4 sw1 (config-if)#switchport port-security violation restrict
Natija:
#show port-security int f0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0



Yüklə 144,43 Kb.

Dostları ilə paylaş:
1   2   3   4   5



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©www.azkurs.org 2025
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin