[Link] IIS Admin Blog + ASP Free Forums

• How to install PHP on IIS 6.0
  
• How to install MySQL and PHP on IIS 6.0
  
• How to install WordPress on IIS 6.0
  
  /** db와 user를 생성하고 사용 권한을 주는 기본적인 명령 **/
  mysql> CREATE DATABASE databasename;
  
  mysql> CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
  
  mysql> GRANT SELECT , INSERT , UPDATE , DELETE , CREATE , DROP , ALTER ON 'databasename' . * TO 'username'@'localhost';
  

  // 이 명령을 실행하면 error가 발생하는 데 syntax가 잘못되었다고 하지만 어디가 정확히 잘못된 것인지 찾지 못해 db생성은 phpMyAdmin을 사용하였다.
  

  
  mysql> FLUSH PRIVILEGES;
  
  
  mysql> CREATE DATABASE databasename;
  
  mysql> GRANT ALL PRIVILEGES ON databasename.* TO "dbusername"@"hostname"
  -> IDENTIFIED BY "password";
  
  mysql> FLUSH PRIVILEGES;
  
  
  
• Using PHP with MS SQL Server
  
  

[Link] Getting Started With OpenSolaris 2008.05

Getting Started With OpenSolaris 2008.05

Document Information

1.  Getting Started With OpenSolaris 2008.05

2.  Getting Started With the Image Packaging System

IPS Overview

IPS for End Users (Tasks)

Installing Developer Software (Tasks)

IPS for Developers (Commands)

IPS For Developers (Tasks)

Further Information

pkg(1) Command Reference

Glossary

NetBeans Packages

Sun Studio Express 5/08 Packages

Web Stack Packages

3.  Upgrading and Managing Your Boot Environments

[scrap] Howto use Blastewave and Sunfreeware Repositories in OpenSolaris 2008.05

[Source] EDV - Ende der Vernunft

First how much stuff is in it?

jvm@is7:~# pkg list -a | wc -l        
9214

Now add the repos.

jvm@is7:~# pkg set-authority -O http://blastwave.network.com:10000 blastwave
jvm@is7:~# pkg set-authority -O http://pkg.sunfreeware.com:9000 sunfreeware.com

And update.

jvm@is7:~# pkg refresh

So you get.

jvm@is7:~# pkg list -a | wc -l
11224

Some links for Solaris

• SDN Korea - SUN Developer Network Korea 블로그
  
  
• OpenSolaris Project
  
  
• Solaris School
  
  
• 아름다운 OS 솔라리스
  
  
• Sangpill Kim's Blog
  
  
• Freeware for Solaris
  
  
• SUN BigAdmin - System Administrator Resources and Community
  

YouTube Video Quality Investigation

http://www.youtube.com/watch?v=U6KoEfczGEo 에서 공급한 동영상 소스

<object width="425" height="344">
   <param name="movie" value="http://www.youtube.com/v/U6KoEfczGEo&hl=en&fs=1"></param>
   <param name="allowFullScreen" value="true"></param>
      <embed src="http://www.youtube.com/v/U6KoEfczGEo&hl=en&fs=1" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344"></embed>
</object>

more..

DoA님께서 블로그에 올리신 소스

<object width="480" height="360">     
    <param name="movie" value="http://www.youtube.com/v/U6KoEfczGEo"> 
    <embed src="http://www.youtube.com/v/U6KoEfczGEo" type="application/x-shockwave-flash" width="480" height="360"> </embed>     
</object> 

more..

http://www.youtube.com/watch?v=U6KoEfczGEo&fmt=18  에서 capture.

수정된 고화질용 소스

<object width="425" height="344">
   <param name="movie" value="http://www.youtube.com/v/U6KoEfczGEo&fmt=18"></param>
   <param name="allowFullScreen" value="true"></param>
      <embed src="http://www.youtube.com/v/U6KoEfczGEo&fmt=18" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344"></embed>
</object> 

 
        /** 고화질 요청이 적용되지 않음. **/

DoA님께서 블로그에 올리신 고화질용 소스

<object width="480" height="360">
    <param name="movie" value="http://www.youtube.com/v/U6KoEfczGEo&ap=%2526fmt%3D18"> 
    <embed src="http://www.youtube.com/v/U6KoEfczGEo&ap=%2526fmt%3D18" type="application/x-shockwave-flash" width="480" height="360"> </embed>     
</object> 

 
        /** 고화질 요청이 적용되었음. **/


제목처럼 거창한 작업은 아니지만 나름대로 상당히 번거로운 포스팅이 되고 말았다.
위에서 알 수 있듯이 http://www.youtube.com/watch?v=U6KoEfczGEo&fmt=18 를 통해 고화질 비디오를 보는 것은 가능하였으나 동영상 소스 삽입은 동작하지 않았다.
이러한 현상이 일부 비디오에 해당하는 문제인지 전체 YouTube에 해당하는 문제인지는 아직 알 수 없다.
예전에 블로그에 올린 YouTube 비디오들은 다 사전에 두 버전을 비교해보았었기 때문에 당연히 작동한다고 믿고 있었던 것이 잘못된 것이었다. 

Route Poisoning

[Source] Wikipedia, the free encyclopedia

Route poisoning is a way to prevent routing loops.
Distance-vector routing protocols use route poisoning to indicate to other routers that a route is no longer reachable and should be removed from their routing tables.
A variation of route poisoning is split horizon with poison reverse whereby a router sends updates with unreachable hop counts back to the sender for every route received to help prevent routing loops.

A route is considered unreachable if the hop count exceeds the maximum allowed. Route poisoning is a method of quickly removing outdated routing information from other router's routing tables by changing its hop count to be unreachable (higher than the maximum number of hops allowed) and sending a routing update.

In the case of the Routing Information Protocol (RIP), to perform route poisoning on a route its hop count is changed to 16, deeming it unreachable (sometimes referred to as an Infinite metric) and a routing update is sent.

Ethernet0 on GW_Router went down.
The Router is poisoning the routes and multicasting the new path costs via Ethernet1.

When a router receives a route poisoning, it sends an update back to the router from which it received the route poisoning, this is called poison reverse. This is to ensure that all routers on a segment have received the poisoned route information.

The security protocols to secure wireless computer networks

[Source] Wikipedia, the free encyclopedia

Wired Equivalent Privacy (WEP)

WEP is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks.
Beginning in 2001, several serious weaknesses were identified by cryptanalysts with the result that today a WEP connection can be cracked with readily available software within minutes.

Two methods of authentication can be used with WEP: Open System authentication and Shared Key authentication.

Encryption Algorithm : stream cipher RC4 for confidentiality, CRC-32 checksum for integrity.

Wi-Fi Protected Access (WPA and WPA2)

WPA is a certification program created by the Wi-Fi Alliance.
The WPA certification mark indicates compliance with a security protocol designed to enhance the security of wireless networks.

There are two flavors of this protocol: enterprise and personal.
Enterprise is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each user.
Personal WPA utilizes less scalable "pre-shared key" (PSK) mode, where every allowed computer is given the same passphrase.
The WPA and WPA2 standard has officially adopted five EAP(Extensible Authentication Protocol) types as its official authentication mechanisms.

Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector(IV). One major improvement in the protocol over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.

In addition to authentication and encryption, the protocol also provides vastly improved payload integrity. The cyclic redundancy check (CRC) used in WEP is inherently insecure; A more secure message authentication code (MIC : message integrity code) is used in the protocol.

WPA2 introduces a new AES(Advanced Encryption Standard)-based algorithm, CCMP(Counter Mode with Cipher Block Chaining Message Authentication Code Protocol), that is considered fully secure. CCMP uses AES algorithm. Unlike TKIP, key management and message integrity is handled by a single component built around AES.

Comparison

	Authentication	Encryption Algorithm	Encryption Method
WEP	Open System authentication Shared Key authentication	RC4	WEP
WPA	802.1x / EAP / PSK	RC4	TKIP
WPA2		AES	CCMP

[Link] Frame Relay

Frame Relay @ protocols.com


Introduction to Frame Relay - Part 2 @ www.cramsession.com

.....
In 1990, Cisco and several partners developed the Local Management Interfaces (LMI) enhancements to the Frame protocol. LMI adds several important management functions to the Frame specifications. There are three types of LMI configurable on Cisco devices: Cisco, ANSI, and q933a (default is Cisco). LMI uses reserved DLCI 1023 (cisco LMI) or DLCI 0 (ANSI and ITU).
.....

[Link] Enhanced Inter-Gateway Routing Protocol (EIGRP)

EIGRP @ wikipedia.org


EIGRP @ www.rhyshaden.com


EIGRP @ networking.ringofsaturn.com



#. List of IP protocol numbers
     EIGRP = 88
     OSPF = 89

[cisco.com] Understanding Port Security

[Source] Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.1(20)EW

> Configuring Port Security > Understanding Port Security

Understanding Port Security

You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the workstations that are allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port.

If a port is configured as a secure port and the maximum number of secure MAC addresses is reached, when the MAC address of a workstation attempting to access the port is different from any of the identified secure MAC addresses, a security violation occurs.

After you have set the maximum number of secure MAC addresses on a port, the secure addresses are included in an address table in one of these ways:

•You can configure all secure MAC addresses by using the switchport port-security mac-address mac_address interface configuration command.

•You can allow the port to dynamically configure secure MAC addresses with the MAC addresses of connected devices.

•You can configure a number of addresses and allow the rest to be dynamically configured.

---

Note If the port shuts down, all dynamically learned addresses are removed.

---

After the maximum number of secure MAC addresses is configured, they are stored in an address table. To ensure that an attached device has the full bandwidth of the port, configure the MAC address of the attached device and set the maximum number of addresses to one, which is the default.

---

Note When a Catalyst 4000 switch port is configured to support voice as well as port security, the maximum number of allowable MAC addresses on this port should be changed to three.

---

A security violation occurs if the maximum number of secure MAC addresses has been added to the address table and a workstation whose MAC address is not in the address table attempts to access the interface.

You can configure the interface for one of these violation modes, based on the action to be taken if a violation occurs:

•Restrict—A port security violation restricts data, causes the SecurityViolation counter to increment, and causes an SNMP Notification to be generated. The rate at which SNMP traps are generated can be controlled by the snmp-server enable traps port-security trap-rate command. The default value ("0") causes an SNMP trap to be generated for every security violation.

•Shutdown—A port security violation causes the interface to shut down immediately. When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. This is the default mode.

You can also customize the time to recover from the specified error disable cause (default is 300 seconds) by entering the errdisable recovery interval interval command.

Port Security Guidelines and Restrictions

Follow these guidelines when configuring port security:

•A secure port cannot be a trunk port.

•A secure port cannot be a destination port for Switch Port Analyzer (SPAN).

•A secure port cannot belong to an EtherChannel port-channel interface.

•A secure port cannot be an 802.1X port. If you try to enable 802.1X on a secure port, an error message appears, and 802.1X is not enabled. If you try to change an 802.1X-enabled port to a secure port, an error message appears, and the security settings are not changed.

•A secure port and static MAC address configuration are mutually exclusive.

##################################################################################
Switch1(config-if)# switchport port-security maximum 1
                        // Only one host is permitted to attach dynamically to each port.
Switch1(config-if)# switchport port-security violation shutdown
                        // If that policy ist violated, the interface should shut down.

[scrap] WAN Layer 2 Encapsulation

[Source]

Interconnecting WANs

> Establishing Serial Point-to-Point Connections

> WAN Layer 2 Encapsulation

WAN Layer 2 Encapsulation

As you move up from the physical layer of the OSI model, serial devices must encapsulate data in a frame format at the data link layer (Layer 2). Different services can use different framing formats.

To ensure that the correct protocol is used, you need to configure the appropriate data link layer encapsulation type. The choice of protocol depends on the WAN technology and communicating equipment. Figure 7-5 shows the protocols that are associated with the three WAN connectivity options.

Figure 7-5. Data Link Layer: WAN Encapsulation Types Based on Connection Type

Typical WAN encapsulation types include the following:

• Cisco High-Level Data Link Control (HDLC or cHDLC)— cHDLC is the default encapsulation type for Cisco routers and is used on point-to-point dedicated links and circuit-switched connections. Cisco HDLC is a proprietary synchronous data link layer protocol typically used when communicating between two Cisco devices. HDLC is covered in more detail later in this chapter.

• Point-to-Point Protocol (PPP)— PPP is a standard protocol that provides router-to-router and host-to-network connections over many physical standards, including synchronous and asynchronous circuits. PPP was designed to work with several network layer protocols, such as IP. It also has built-in security mechanisms such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). PPP is covered in more detail later in this chapter.

• Serial Line Internet Protocol (SLIP)— SLIP is a standard protocol for point-to-point serial connections using TCP/IP. SLIP has been largely displaced by PPP.

• X.25/Link Access Procedure, Balanced (LAPB)— LAPB is an International Telecommunications Union Telecommunications Standardization Sector (ITU-T) standard that defines how connections between DTE and DCE are established and maintained for remote terminal access and computer communications over unreliable links. The X.25 specification defines LAPB as its data link layer protocol.

• Frame Relay— Frame Relay is an industry-standard switched data link layer protocol based on ISDN framing technology that handles multiple virtual circuits. Frame Relay is viewed as a successor to X.25, streamlined to eliminate some of the time-consuming processes that were employed in X.25, such as error correction and flow control, that were employed to compensate for older, less-reliable communications links. Frame Relay is covered in more detail in Chapter 8, "Establishing a Frame Relay PVC Connection."

• Asynchronous Transfer Mode (ATM)— ATM is the international standard for cell relay in which multiple service types (such as voice, video, and data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells allow processing to occur in hardware, reducing transit delays. ATM is designed to take advantage of high-speed transmission media such as T3, E3, and Synchronous Optical Network (SONET).

[cisco.com] Cisco Feature Navigator

Cisco Feature Navigator allows you to quickly find the right Cisco IOS, IOS XE and CatOS software release for the features you want to run on your network.

Cisco Feature Navigator