Warning: Use of undefined constant BLOGUPLOADDIR - assumed 'BLOGUPLOADDIR' (this will throw an Error in a future version of PHP) in /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/revslider/inc_php/base.class.php on line 71

Warning: Declaration of Post_Types_Order_Walker::start_lvl(&$output, $depth) should be compatible with Walker::start_lvl(&$output, $depth = 0, $args = Array) in /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/post-types-order/post-types-order.php on line 344

Warning: Declaration of Post_Types_Order_Walker::end_lvl(&$output, $depth) should be compatible with Walker::end_lvl(&$output, $depth = 0, $args = Array) in /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/post-types-order/post-types-order.php on line 344

Warning: Declaration of Post_Types_Order_Walker::start_el(&$output, $page, $depth, $args) should be compatible with Walker::start_el(&$output, $object, $depth = 0, $args = Array, $current_object_id = 0) in /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/post-types-order/post-types-order.php on line 344

Warning: Declaration of Post_Types_Order_Walker::end_el(&$output, $page, $depth) should be compatible with Walker::end_el(&$output, $object, $depth = 0, $args = Array) in /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/post-types-order/post-types-order.php on line 344

Warning: Cannot modify header information - headers already sent by (output started at /home/enadeg5/public_html/wp-content/themes/Avada/framework/plugins/revslider/inc_php/base.class.php:71) in /home/enadeg5/public_html/wp-includes/feed-rss2.php on line 8
The IP Zone http://theipzone.com Zone for Computer Network Engineers Tue, 25 Feb 2014 23:41:33 +0000 en-US hourly 1 https://wordpress.org/?v=5.7.11 Special Use IPv4 Addresses – RFC5735 http://theipzone.com/blog/2013/12/30/special-use-ipv4-addresses-rfc5735/ http://theipzone.com/blog/2013/12/30/special-use-ipv4-addresses-rfc5735/#respond Mon, 30 Dec 2013 22:44:07 +0000 http://theipzone.com/?p=142 Address Block Present Use  Reference 0.0.0.0/8           “This” Network             RFC 1122, Section 3.2.1.3 10.0.0.0/8          Private-Use Networks       RFC 1918 127.0.0.0/8         Loopback                   RFC 1122, Section 3.2.1.3 169.254.0.0/16      Link Local                 RFC 3927 172.16.0.0/12       Private-Use Networks       RFC 1918 192.0.0.0/24        IETF Protocol Assignments  RFC 5736 192.0.2.0/24        TEST-NET-1                 RFC 5737 192.88.99.0/24      6to4 Relay Anycast         RFC 3068 192.168.0.0/16      Private-Use Networks       RFC 1918 198.18.0.0/15       Network Interconnect RFC 2544    Device Benchmark Testing   RFC 2544 198.51.100.0/24     TEST-NET-2                 RFC 5737 203.0.113.0/24      TEST-NET-3                 RFC 5737 224.0.0.0/4         Multicast                  RFC 3171 240.0.0.0/4         Reserved for Future Use    RFC 1112, Section 4 255.255.255.255/32   Limited Broadcast          RFC 919, Section 7     RFC 922, Section 7

The post Special Use IPv4 Addresses – RFC5735 appeared first on The IP Zone.

]]>
Address Block Present Use  Reference 0.0.0.0/8           “This” Network             RFC 1122, Section 3.2.1.3 10.0.0.0/8          Private-Use Networks       RFC 1918 127.0.0.0/8         Loopback                   RFC 1122, Section 3.2.1.3 169.254.0.0/16      Link Local                 RFC 3927 172.16.0.0/12       Private-Use Networks       RFC 1918 192.0.0.0/24        IETF Protocol Assignments  RFC 5736 192.0.2.0/24        TEST-NET-1                 RFC 5737 192.88.99.0/24      6to4 Relay Anycast         RFC 3068 192.168.0.0/16      Private-Use Networks       RFC 1918 198.18.0.0/15       Network Interconnect RFC 2544    Device Benchmark Testing   RFC 2544 198.51.100.0/24     TEST-NET-2                 RFC 5737 203.0.113.0/24      TEST-NET-3                 RFC 5737 224.0.0.0/4         Multicast                  RFC 3171 240.0.0.0/4         Reserved for Future Use    RFC 1112, Section 4 255.255.255.255/32   Limited Broadcast          RFC 919, Section 7     RFC 922, Section 7

The post Special Use IPv4 Addresses – RFC5735 appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/12/30/special-use-ipv4-addresses-rfc5735/feed/ 0
Cisco ACS Initial Setup http://theipzone.com/blog/2013/12/30/cisco-acs-initial-setup/ http://theipzone.com/blog/2013/12/30/cisco-acs-initial-setup/#respond Mon, 30 Dec 2013 22:35:00 +0000 http://theipzone.com/?p=137 localhost login: setupEnter hostname[]: acs-server-1Enter IP address[]: 209.165.200.225Enter IP default netmask[]: 255.255.255.0Enter IP default gateway[]: 209.165.200.1Enter default DNS domain[]: mycompany.comEnter Primary nameserver[]: 209.165.200.254Add/Edit another nameserver? Y/N : nEnter username [admin]: adminEnter password:Enter password again:Pinging the gateway…Pinging the primary nameserver…Do not use `Ctrl-C’ from this point on…Appliance is configuredInstalling applications…Installing acs…Generating configuration…Rebooting…After the ACS server is installed, the system reboots automatically.Verify that the application has been installed properly by entering show application. Check the release and ACS version installed  by entering show application version acsCheck the status of ACS processes, at the system prompt by entering show application status acs   Password Reset – Power up the appliance.– Insert the ACS 5.3 Recovery DVD. The console displays:       Welcome to Cisco Secure ACS 5.3 Recovery                                  To boot from hard disk press <Enter>.                                           Available boot options:                                                           [1] Cisco Secure ACS 5.3 Installation (Keyboard/Monitor)                        [2] Cisco Secure ACS 5.3 Installation (Serial Console)                          [3] Reset Administrator Password (Keyboard/Monitor)                             [4] Reset Administrator Password (Serial Console)                               <Enter> Boot from hard disk In my case I used option 4 since I was connected via console. The console displays: ————————————————————————-  ———————— Admin Password Recovery ————————  ————————————————————————-   This utility will reset the password for the specified admin username.  At most the first five admin usernames will be listed. Enter Ctrl-C  to abort without saving changes and reboot.   ————————————————————————-   Admin Usernames :      [1] admin   Enter number of admin for password recovery: 1  Password:   Verify password:   Save changes and reboot? [y/n]: y     Source: http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/installation/guide/csacs.pdf

The post Cisco ACS Initial Setup appeared first on The IP Zone.

]]>
localhost login: setup
Enter hostname[]: acs-server-1
Enter IP address[]: 209.165.200.225
Enter IP default netmask[]: 255.255.255.0
Enter IP default gateway[]: 209.165.200.1
Enter default DNS domain[]: mycompany.com
Enter Primary nameserver[]: 209.165.200.254
Add/Edit another nameserver? Y/N : n
Enter username [admin]: admin
Enter password:
Enter password again:
Pinging the gateway…
Pinging the primary nameserver…
Do not use `Ctrl-C’ from this point on…
Appliance is configured
Installing applications…
Installing acs…
Generating configuration…
Rebooting…
After the ACS server is installed, the system reboots automatically.
Verify that the application has been installed properly by entering show application.
Check the release and ACS version installed  by entering show application version acs
Check the status of ACS processes, at the system prompt by entering show application status acs

 

Password Reset

– Power up the appliance.
– Insert the ACS 5.3 Recovery DVD.

The console displays:

      Welcome to Cisco Secure ACS 5.3 Recovery                                 
To boot from hard disk press <Enter>.                                          
Available boot options:                                                        
  [1] Cisco Secure ACS 5.3 Installation (Keyboard/Monitor)                     
  [2] Cisco Secure ACS 5.3 Installation (Serial Console)                       
  [3] Reset Administrator Password (Keyboard/Monitor)                          
  [4] Reset Administrator Password (Serial Console)                            
  <Enter> Boot from hard disk

In my case I used option 4 since I was connected via console.

The console displays:

————————————————————————-
  ———————— Admin Password Recovery ————————
  ————————————————————————-

  This utility will reset the password for the specified admin username.
  At most the first five admin usernames will be listed. Enter Ctrl-C
  to abort without saving changes and reboot.

  ————————————————————————-

  Admin Usernames :

     [1] admin

  Enter number of admin for password recovery: 1
  Password:
  Verify password:

  Save changes and reboot? [y/n]: y

 

 

Source: http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/installation/guide/csacs.pdf

The post Cisco ACS Initial Setup appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/12/30/cisco-acs-initial-setup/feed/ 0
IKE v1 vs. IKE v2 http://theipzone.com/blog/2013/12/30/ike-v1-vs-ike-v2/ http://theipzone.com/blog/2013/12/30/ike-v1-vs-ike-v2/#respond Mon, 30 Dec 2013 20:21:00 +0000 http://theipzone.com/?p=110 IKE Properties – Negotiate SA attributes, determine transforms, hashing and more – Generate and refresh keys using DH – Authenticate peer devices using attributes like IP, FQDN, LDAP DN and more – It has two phases IKE v1 (Phase 1 and 2) IKE v2 (Init and Auth) – Main mode & aggressive mode – ISAKMP negotiates SA for IPSEC. Quick mode & sdoi mode   IKE v2 Advantages – Simplifies the existing IKEv1 – Single RFC, including NAT-T, EAP and remote address acquisition – Replaces the 8 initial exchanges with a single 4 message exchange – Reduces the latency for the IPSEC SA setup and increases connection establishment speed. – Increases robustness against DOS attack. – Improves reliability through the use of sequence numbers, acknowledgements, and error correction. – Forward Compatibility – Simple cryptographic mechanisms – Traffic selector negotiation: – IKEv1: Responder can just say yes/no. IKEv2: Negotiation ability added – Reliability – All messages are request/response. – Initiator is responsible for retransmission if it doesn’t receive a response.   IKE v1 IKE v2 Developed in 1998, based on RFC 4995 Developed in 2006, based on RFC 5996 Pre-shared key and certificate for authentication Pre-shared key, certificate and EAP variants. Supports  for asymmetric authentication. Side A Preshared Key and Side B Certificates. No reliability Reliable. Introduces retransmission and acknowledgement functions. ack and sequenced Phase 1 generates 6 messages (main mode) 3 messages (aggressive mode) Reduced bandwidth requirements. generates only 4 messages at all. When EAP is used in IKEv2, an additional 2 messages may be required. Negotiation of the first CHILD_SA required 3 messages. Subsequent CHILD_SAs require 3 messages Negotiation of the first CHILD_SA required no messages since it is piggybacked onto the negotiation of the […]

The post IKE v1 vs. IKE v2 appeared first on The IP Zone.

]]>
IKE Properties

– Negotiate SA attributes, determine transforms, hashing and more
– Generate and refresh keys using DH
– Authenticate peer devices using attributes like IP, FQDN, LDAP DN and more
– It has two phases IKE v1 (Phase 1 and 2) IKE v2 (Init and Auth)
– Main mode & aggressive mode
– ISAKMP negotiates SA for IPSEC. Quick mode & sdoi mode

 

IKE v2 Advantages
– Simplifies the existing IKEv1
– Single RFC, including NAT-T, EAP and remote address acquisition
– Replaces the 8 initial exchanges with a single 4 message exchange
– Reduces the latency for the IPSEC SA setup and increases connection establishment speed.
– Increases robustness against DOS attack.
– Improves reliability through the use of sequence numbers, acknowledgements, and error correction.
– Forward Compatibility
– Simple cryptographic mechanisms
– Traffic selector negotiation:
– IKEv1: Responder can just say yes/no. IKEv2: Negotiation ability added
– Reliability
– All messages are request/response.
– Initiator is responsible for retransmission if it doesn’t receive a response.

 

IKE v1 IKE v2
Developed in 1998, based on RFC 4995 Developed in 2006, based on RFC 5996
Pre-shared key and certificate for authentication Pre-shared key, certificate and EAP variants. Supports  for asymmetric authentication. Side A Preshared Key and Side B Certificates.
No reliability Reliable. Introduces retransmission and acknowledgement functions. ack and sequenced
Phase 1 generates 6 messages (main mode) 3 messages (aggressive mode) Reduced bandwidth requirements. generates only 4 messages at all. When EAP is used in IKEv2, an additional 2 messages may be required.
Negotiation of the first CHILD_SA required 3 messages. Subsequent CHILD_SAs require 3 messages Negotiation of the first CHILD_SA required no messages since it is piggybacked onto the negotiation of the IKE_SA. Subsequent CHILD_SAs require 2 messages
No NAT traversal (NAT-T) Incorporation of NAT traversal built-in. Supports NAT traversal using UDP port 4500.
No liveness check Liveness check to detect whether the tunnel is still alive or not.
Security Association lifetimes are explicitly negotiated Security Association lifetimes are not explicitly negotiated. Each peer maintains its own local policy for Security Association lifetime. When the lifetime is about to expire, a rekeying operation is initiated.
MOBIKE not available. Introduces MOBIKE. MOBIKE allows IKEv2 to be used in mobile platforms like phones and by users with multi-homed setups.

 

Both protocols run over UDP port 500.
Both protocols provide identify protection, denial-of-service protection mechanism, and perfect forward secrecy.
Both protocols utilize two phases. The first phase in each is used to create the IKE_SA. The second phase is used to establish child SAs using the IKE_SA. In IKEv2, the first child SA is piggybacked on the IKE_AUTH exchange that is used to complete the mutual peer authentication.

The post IKE v1 vs. IKE v2 appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/12/30/ike-v1-vs-ike-v2/feed/ 0
NMAP Cheat Sheet http://theipzone.com/blog/2013/10/07/nmap-cheat-sheet/ http://theipzone.com/blog/2013/10/07/nmap-cheat-sheet/#respond Mon, 07 Oct 2013 03:33:31 +0000 http://theipzone.com/?p=100 Scan an IPv4 host/address nmap 192.168.1.1 Scan an IPv6 host/address nmap -6 2607:f8b0:4007:804::1009 nmap -v A -6 2607:f8b0:4007:804::1009 Scan FQDN nmap server1.cyberciti.biz Scan a host name with more info nmap -v server1.cyberciti.biz Scan a range of IP address nmap 192.168.1.1-20 nmap 192.168.1.* nmap 192.168.1.0/24 nmap 192.168.1.1,2,3 nmap 192.168.1.1 192.168.1.2 Read list of hosts/networks from a file nmap -iL /tmp/test.txt Excluding hosts/networks (IPv4) nmap 192.168.1.0/24 --exclude 192.168.1.5 nmap 192.168.1.0/24 --exclude 192.168.1.5,192.168.1.254 nmap -iL /tmp/scanlist.txt --excludefile /tmp/exclude.txt Turn on OS and version detection scanning script (IPv4) nmap -A 192.168.1.254 nmap -v -A 192.168.1.1 nmap -A -iL /tmp/scanlist.txt Find out if a host/network is protected by a firewall nmap -sA 192.168.1.254 Scan a host when protected by the firewall nmap -PN 192.168.1.1 Scan a network and find out which servers and devices are up and running nmap -sP 192.168.1.0/24 Perform a fast scan nmap -F 192.168.1.1 Display the reason a port is in a particular state nmap --reason 192.168.1.1 Only show open (or possibly open) ports nmap --open 192.168.1.1 Show all packets sent and received nmap --packet-trace 192.168.1.1 Show host interfaces and routes (netsat -nr) nmap --iflist Scan specific ports nmap -p 80 192.168.1.1 nmap -p 80,443 192.168.1.1 nmap -p 80-200 192.168.1.1 nmap -p T:80 192.168.1.1 nmap -p U:53 192.168.1.1 nmap -p U:53,111,137,T:21-25,80,139,8080 192.168.1.1 nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080 192.168.1.254 nmap --top-ports 5 192.168.1.1 Fastest way to scan all your devices/computers for open ports nmap -T5 192.168.1.0/24 Detect remote operating system nmap -O 192.168.1.1 nmap -O --osscan-guess 192.168.1.1 nmap -v -O --osscan-guess 192.168.1.1 Detect remote services (server / daemon) version numbers nmap -sV 192.168.1.1 Scan a host using TCP ACK (PA) and TCP Syn (PS) ping nmap -PS 192.168.1.1 nmap -PS 80,21,443 192.168.1.1 nmap -PA 192.168.1.1 nmap […]

The post NMAP Cheat Sheet appeared first on The IP Zone.

]]>
Scan an IPv4 host/address

nmap 192.168.1.1

Scan an IPv6 host/address

nmap -6 2607:f8b0:4007:804::1009
nmap -v A -6 2607:f8b0:4007:804::1009

Scan FQDN

nmap server1.cyberciti.biz

Scan a host name with more info

nmap -v server1.cyberciti.biz

Scan a range of IP address

nmap 192.168.1.1-20
nmap 192.168.1.*
nmap 192.168.1.0/24
nmap 192.168.1.1,2,3
nmap 192.168.1.1 192.168.1.2

Read list of hosts/networks from a file

nmap -iL /tmp/test.txt

Excluding hosts/networks (IPv4)

nmap 192.168.1.0/24 --exclude 192.168.1.5
nmap 192.168.1.0/24 --exclude 192.168.1.5,192.168.1.254
nmap -iL /tmp/scanlist.txt --excludefile /tmp/exclude.txt

Turn on OS and version detection scanning script (IPv4)

nmap -A 192.168.1.254
nmap -v -A 192.168.1.1
nmap -A -iL /tmp/scanlist.txt

Find out if a host/network is protected by a firewall

nmap -sA 192.168.1.254

Scan a host when protected by the firewall

nmap -PN 192.168.1.1

Scan a network and find out which servers and devices are up and running

nmap -sP 192.168.1.0/24

Perform a fast scan

nmap -F 192.168.1.1

Display the reason a port is in a particular state

nmap --reason 192.168.1.1

Only show open (or possibly open) ports

nmap --open 192.168.1.1

Show all packets sent and received

nmap --packet-trace 192.168.1.1

Show host interfaces and routes (netsat -nr)

nmap --iflist

Scan specific ports

nmap -p 80 192.168.1.1
nmap -p 80,443 192.168.1.1
nmap -p 80-200 192.168.1.1
nmap -p T:80 192.168.1.1
nmap -p U:53 192.168.1.1
nmap -p U:53,111,137,T:21-25,80,139,8080 192.168.1.1
nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080 192.168.1.254
nmap --top-ports 5 192.168.1.1

Fastest way to scan all your devices/computers for open ports

nmap -T5 192.168.1.0/24

Detect remote operating system

nmap -O 192.168.1.1
nmap -O --osscan-guess 192.168.1.1
nmap -v -O --osscan-guess 192.168.1.1

Detect remote services (server / daemon) version numbers

nmap -sV 192.168.1.1

Scan a host using TCP ACK (PA) and TCP Syn (PS) ping

nmap -PS 192.168.1.1
nmap -PS 80,21,443 192.168.1.1
nmap -PA 192.168.1.1
nmap -PA 80,21,200-512 192.168.1.1

Scan a host using IP protocol ping

nmap -PO 192.168.1.1

Scan a host using UDP ping

nmap -PU 192.168.1.1
nmap -PU 2000.2001 192.168.1.1

Stealthy scan

nmap -sS 192.168.1.1

Find out the most commonly used TCP ports using TCP ACK scan

nmap -sA 192.168.1.1

Find out the most commonly used TCP ports using TCP Window scan

nmap -sW 192.168.1.1

Find out the most commonly used TCP ports using TCP Maimon scan

nmap -sM 192.168.1.1

Find out the most commonly used TCP ports using TCP connect scan

nmap -sT 192.168.1.1

Scan a host for UDP services (UDP scan)

nmap -sU 192.168.1.1

Scan for IP protocol

nmap -sO 192.168.1.1

Scan a firewall for security weakness. TCP Null Scan to fool a firewall to generate a response
Does not set any bits (TCP flag header is 0)

nmap -sN 192.168.1.254

TCP Fin scan to check firewall. Sets just the TCP FIN bit

nmap -sF 192.168.1.254

TCP Xmas scan to check firewall. Sets the FIN, PSH, & URG flags, lighting the packet up like a Christmas tree

nmap -sX 192.168.1.254

Scan a firewall for packets fragments

nmap -f 192.168.1.1

Set your own offset size with the –mtu option

nmap --mtu 32 192.168.1.1

Cloak a scan with decoys

nmap -n -Ddecoy-ip1,decoy-ip2,your-own-ip,decoy-ip3,decoy-ip4 remote-host-ip
nmap -n -D192.168.1.5,10.5.1.2,172.1.2.4,3.4.2.1 192.168.1.5

Spoof your MAC address

nmap --spoof-mac MAC-ADDRESS-HERE 192.168.1.1

Add other options

nmap -v -sT -PN --spoof-mac MAC-ADDRESS-HERE 192.168.1.1

Use a random MAC address. The number 0, means nmap chooses a completely random MAC address

nmap -v -sT -PN --spoof-mac 0 192.168.1.1

Save output to a text file

nmap 192.168.1.1 > output.txt
nmap -oN /tmp/filename 192.168.1.1
nmap -oN output.txt 192.168.1.1

Find host MAC address (can only be done on same LAN segment)

sudo nmap -sP -n 192.168.0.1
sudo nmap -sP -n 192.168.0.0/24

The post NMAP Cheat Sheet appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/10/07/nmap-cheat-sheet/feed/ 0
SNMP http://theipzone.com/blog/2013/09/27/snmp/ http://theipzone.com/blog/2013/09/27/snmp/#respond Fri, 27 Sep 2013 03:50:00 +0000 http://theipzone.com/?p=135   Application-layer management protocol used for monitoring and administration. SNMP operates by sending information to Network Management Servers (NMS). The NMS learns about problems in the network by receiving traps or inform messages generated by the individual device running SNMP or what is more commonly called the managed device.   SNMP Operations – Agents listen to UDP port 161 for messages sent by the NMS – Responses are sent back to the originating NMS port from a dynamic port. Many agents use port 161 also for this target – Traps are received on port 162 of a NMS   The first two variants of SNMP have pretty much the same protocol structure.  (V3 is shown below.) This means that each of them will encapsulate the same general message format into a UDP packet. This message will be similar to this:   SNMP Message Sequence Diag   SNMP Message Diagram   Shark Capture showing Version, String and PDU   SNMP Version field will be an integer value and it should be noted that both the NMS and the agent must agree on the version of SNMP being used to communicate.   SNMP community string is best described as a string value used for the password check for the NMS before the managed device will allow it to access or manipulate the agent process.   SNMP Protocol Data Unit (PDU). The actual communication of information in the SNMP Protocol is performed through the exchange of SNMP messages. These messages are sometimes called protocol data units or PDUs. The PDU is the higher-layer data that SNMP encapsulates; The values applied to this field represent various PDU types and formats.   See SNMP Versions for SNMP PDUs     […]

The post SNMP appeared first on The IP Zone.

]]>
 

Application-layer management protocol used for monitoring and administration. SNMP operates by sending information to Network Management Servers (NMS). The NMS learns about problems in the network by receiving traps or inform messages generated by the individual device running SNMP or what is more commonly called the managed device.

 

SNMP Operations

– Agents listen to UDP port 161 for messages sent by the NMS

– Responses are sent back to the originating NMS port from a dynamic port. Many agents use port 161 also for this target

– Traps are received on port 162 of a NMS

 

The first two variants of SNMP have pretty much the same protocol structure.  (V3 is shown below.) This means that each of them will encapsulate the same general message format into a UDP packet. This message will be similar to this:

 

clip_image002

SNMP Message Sequence Diag

 

clip_image004

SNMP Message Diagram

 

clip_image006

Shark Capture showing Version, String and PDU

 

SNMP Version field will be an integer value and it should be noted that both the NMS and the agent must agree on the version of SNMP being used to communicate.

 

SNMP community string is best described as a string value used for the password check for the NMS before the managed device will allow it to access or manipulate the agent process.

 

SNMP Protocol Data Unit (PDU).

The actual communication of information in the SNMP Protocol is performed through the exchange of SNMP messages. These messages are sometimes called protocol data units or PDUs. The PDU is the higher-layer data that SNMP encapsulates; The values applied to this field represent various PDU types and formats.

 

See SNMP Versions for SNMP PDUs

 

clip_image008

 

 

SNMP Versions

 

SNMP V1:

          Simple request/response model protocol. GetRequest and GetResponse message types

          The NMS issues requests and the managed devices supplied responses.

          Community strings that operate via plain text.

          Read Only (RO) and Read Write (RW). RO community only allows information to be gathered from the designated SNMP agent, and RW community accomplishes the same as the RO but adds the ability to set values and implement control.

          Access-list to define what hosts can query or control the managed device.

 

SNMP V1 PDUs

PDU Type 0

GetRequest

PDU Type 1

GetNextRequest

PDU Type 2

GetResponse

PDU Type 3

SetRequest

PDU Type 4

Trap

 

 

SNMP V2

          New trap operation (GetInform) requires packet acknowledgement.

          New trap operation (GetBulk) retrieves large blocks of data.

          Community strings supports encrypted passwords. Note operational data is not encrypted.

 

 

SNMP V2 PDUs

PDU Type 0

GetRequest

PDU Type 1

GetNextRequest

PDU Type 2

GetResponse

PDU Type 3

SetRequest

PDU Type 4

Obsolete

PDU Type 5

GetBulkRequest

PDU Type 6

InformRequest

PDU Type 7

SNMPv2-Trap

PDU Type 8

SNMPReport  (defined in the RFC but not deployed in Cisco IOS)

 

SNMP V3

 

clip_image009

 

          New message format has security field that includes authentication and privacy, authorization and access control (password security, authentication and encryption).

          Ability to dynamically configure the SNMP agent using SNMP SET commands. This can be addition, deletion, and modification of configuration entries either locally or remotely.

          An Administrative Framework that allows us to define: entities with names, people and policies, username and role based management, notification destination, proxy relationships, remote configuration via SNMP operations

 

SNMP V3 PDUs

PDU Type 0

GetRequest

PDU Type 1

GetNextRequest

PDU Type 2

GetResponse

PDU Type 3

SetRequest

PDU Type 4

Obsolete

PDU Type 5

GetBulkRequest

PDU Type 6

InformRequest

PDU Type 7

SNMPv2-Trap

PDU Type 8

SNMPReport  (allows SNMP engines to communicate with one another)

clip_image011

 

Auth: Specified the process of authenticating a packet without encrypting it.

noAuth: Specifies that no authentication process takes place on SNMP packets.

Priv: Specifies that the contents of a SNMP packet is “scrambled” or encrypted.

noPriv: Specifies that no SNMP packets will be “scrambled” or encrypted.

 

Security model ensures:

          Ensure that packets have not been manipulated in transit

          Verify that the packets are arriving from a valid source

          Capability to scramble the contents of a packet to keep unauthorized sources from seeing its contents

 

Data Collection

Two processes (polling and notification) define how an NMS will learn the condition of its managed devices.

 

Polling

snmp-server community community [ro|rw] [ipv6 acl] [acl]

 

The NMS will either poll the agent periodically using RO or RW community strings,

clip_image013

 

Notification

snmp-server enable traps

snmp-server host [traps|informs]

 

The agent itself will actively notify the NMS about changes through the use of traps or informs.

 

clip_image015

 

V3 SNMP Poling/Notification

snmp-server group gname [auth|noauth|priv] [access [ipv6] acl]

snmp-server group uname [auth md5|sha] [priv des|3des|aes] [access [ipv6] acl]

 

Managed Information Base

These monitored values are defined in a hierarchical database that contains system information. This includes things like temperature, location, interface status or interface utilization.

 

The MIB is set up like a directory that defines standard monitoring variables. These variables are referenced for interpretation by a sending and receiving system based on the use of Object Identifiers (OID).

 

An OID is a number that is used to represent the identity of a given MIB entry as well as clarify where in the hierarchical structure that given entry can be found.

 

 

clip_image017

 

 

Source:

IP Expert VOD

blog.ipexpert.com/2012/06/11/snmp-theory-and-operation/

The post SNMP appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/09/27/snmp/feed/ 0
Filtering Routes on IOS http://theipzone.com/blog/2013/09/27/filtering-routes-on-ios/ http://theipzone.com/blog/2013/09/27/filtering-routes-on-ios/#respond Fri, 27 Sep 2013 01:00:00 +0000 http://theipzone.com/?p=93 Route filtering with RIP & RIPNG– Passive interface (passive-interface)– Distribute-list (distribute-list 2 [in|out])– Offset list (offset-list)– Administrative distance (distance) Route filtering with EIGRP & EIGRP V6– Passive interface (passive-interface)– Distribute-list [in|out] – IPV4 ACLs only– Prefix-list (prefix prefix-list-name[in|out])– Route-map  (route-map map-tag [permit|deny] [sequence-number])– Administrative distance (distance) Route filtering with OSPF– Stub area (area stub & area nssa)– LSA Type 3 filtering (area filter-list) – IPV4 only– Summarization (area range/summary address [not-advertise])– Redistribution (redistribute protocol route-map) Route filtering with BGP & BGP for IPV6– Prefix list (neighbor prefix list [in|out])– Distribute list (neighbor distribute list [in|out])– Filter list (neighbor filter list [in|out])– Route maps (neighbor route-map [in|out]) Regex characters on IOS“.”         – match any character“|”         – concatenates constructs. matches one of the characters or character patterns on either side of the vertical bar.“[]”        – matches the character following the backslash“[0-9]”   – match any single digit“[a-z]”   – match any lower case“[A-Z]   – match any upper case“_”        – replaces a long regular expression list by matching a comma (,), left brace ({), right brace (}), the beginning of the input string, the end of the input string, a space or the end of an AS Path.“^”       – match the beginning of a string.“$”       – match the end of a string“\”        – matches the character following the backslash and also escapes special characters. Regex Occurrence Modifiers on IOS“?”     – means 0 or 1 times. matches zero or one occurrence of the pattern“*”     – mean 0 or any times. matches zero or one occurrence of the pattern“+”     – means 1 or any times. matches zero or one occurrence of the pattern Source:IP Expert VODCisco Doc: Additional and Legacy Protocols/Terminal Services Configuration Guide, Cisco IOS Release

The post Filtering Routes on IOS appeared first on The IP Zone.

]]>
Route filtering with RIP & RIPNG
– Passive interface (passive-interface)
– Distribute-list (distribute-list 2 [in|out])
– Offset list (offset-list)
– Administrative distance (distance)

Route filtering with EIGRP & EIGRP V6
– Passive interface (passive-interface)
– Distribute-list [in|out] – IPV4 ACLs only
– Prefix-list (prefix prefix-list-name[in|out])
– Route-map  (route-map map-tag [permit|deny] [sequence-number])
– Administrative distance (distance)

Route filtering with OSPF
– Stub area (area stub & area nssa)
– LSA Type 3 filtering (area filter-list) – IPV4 only
– Summarization (area range/summary address [not-advertise])
– Redistribution (redistribute protocol route-map)

Route filtering with BGP & BGP for IPV6
– Prefix list (neighbor prefix list [in|out])
– Distribute list (neighbor distribute list [in|out])
– Filter list (neighbor filter list [in|out])
– Route maps (neighbor route-map [in|out])

Regex characters on IOS
“.”         – match any character
“|”         – concatenates constructs. matches one of the characters or character patterns on either side of the vertical bar.
“[]”        – matches the character following the backslash
“[0-9]”   – match any single digit
“[a-z]”   – match any lower case
“[A-Z]   – match any upper case
“_”        – replaces a long regular expression list by matching a comma (,), left brace ({), right brace (}), the beginning of the input string, the end of the input string, a space or the end of an AS Path.
“^”       – match the beginning of a string.
“$”       – match the end of a string
“\”        – matches the character following the backslash and also escapes special characters.

Regex Occurrence Modifiers on IOS
“?”     – means 0 or 1 times. matches zero or one occurrence of the pattern
“*”     – mean 0 or any times. matches zero or one occurrence of the pattern
“+”     – means 1 or any times. matches zero or one occurrence of the pattern

Source:
IP Expert VOD
Cisco Doc: Additional and Legacy Protocols/Terminal Services Configuration Guide, Cisco IOS Release

The post Filtering Routes on IOS appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/09/27/filtering-routes-on-ios/feed/ 0
Switching To Ubuntu http://theipzone.com/blog/2013/09/26/switching-to-ubuntu/ http://theipzone.com/blog/2013/09/26/switching-to-ubuntu/#respond Thu, 26 Sep 2013 01:22:00 +0000 http://theipzone.com/?p=89 Table of Equivalent Commands Below is a table of equivalent commands for package management on both Ubuntu/Debian and Red Hat/Fedora systems. Task Red Hat/Fedora Ubuntu Adding, Removing and Upgrading Packages Refresh list of available packages Yum refreshes each time it’s used apt-get update Install a package from a repository yum install package_name apt-get install package_name Install a package file yum install package.rpm rpm -i package.rpm dpkg –install package.deb Remove a package rpm -e package_name apt-get remove package_name Check for package upgrades yum check-update apt-get -s upgrade apt-get -s dist-upgrade Upgrade packages yum update rpm -Uvh [args] apt-get upgrade Upgrade the entire system yum upgrade apt-get dist-upgrade Package Information Get information about an available package yum search package_name apt-cache search package_name Show available packages yum list available apt-cache dumpavail List all installed packages yum list installed rpm -qa dpkg –list Get information about a package yum info package_name apt-cache show package_name Get information about an installed package rpm -qi package_name dpkg –status package_name List files in an installed package rpm -ql package_name dpkg –listfiles package_name List documentation files in an installed package rpm -qd package_name – List configuration files in an installed package rpm -qc package_name dpkg-query –show -f ‘${Conffiles}\n’package_name Show the packages a given package depends on rpm -qR package_name apt-cache depends Show other packages that depend on a given package (reverse dependency) rpm -q -whatrequires [args] apt-cache rdepends Package File Information Get information about a package file rpm -qpi package.rpm dpkg –info package.deb List files in a package file rpm -qpl package.rpm dpkg –contents package.deb List documentation files in a package file rpm -qpd package.rpm – List configuration files in a package file rpm -qpc package.rpm – Extract files in a package rpm2cpio package.rpm | […]

The post Switching To Ubuntu appeared first on The IP Zone.

]]>
Table of Equivalent Commands

Below is a table of equivalent commands for package management on both Ubuntu/Debian and Red Hat/Fedora systems.

Task

Red Hat/Fedora

Ubuntu

Adding, Removing and Upgrading Packages

Refresh list of available packages

Yum refreshes each time it’s used

apt-get update

Install a package from a repository

yum install package_name

apt-get install package_name

Install a package file

yum install package.rpm 
rpm -i package.rpm

dpkg –install package.deb

Remove a package

rpm -e package_name

apt-get remove package_name

Check for package upgrades

yum check-update

apt-get -s upgrade
apt-get -s dist-upgrade

Upgrade packages

yum update
rpm -Uvh [args]

apt-get upgrade

Upgrade the entire system

yum upgrade

apt-get dist-upgrade

Package Information

Get information about an available package

yum search package_name

apt-cache search package_name

Show available packages

yum list available

apt-cache dumpavail

List all installed packages

yum list installed
rpm -qa

dpkg –list

Get information about a package

yum info package_name

apt-cache show package_name

Get information about an installed package

rpm -qi package_name

dpkg –status package_name

List files in an installed package

rpm -ql package_name

dpkg –listfiles package_name

List documentation files in an installed package

rpm -qd package_name

List configuration files in an installed package

rpm -qc package_name

dpkg-query –show -f ‘${Conffiles}\n’package_name

Show the packages a given package depends on

rpm -qR package_name

apt-cache depends

Show other packages that depend on a
given package (reverse dependency)

rpm -q -whatrequires [args]

apt-cache rdepends

Package File Information

Get information about a package file

rpm -qpi package.rpm

dpkg –info package.deb

List files in a package file

rpm -qpl package.rpm

dpkg –contents package.deb

List documentation files in a package file

rpm -qpd package.rpm

List configuration files in a package file

rpm -qpc package.rpm

Extract files in a package

rpm2cpio package.rpm | cpio -vid

dpkg-deb –extract package.deb dir-to-extract-to

Find package that installed a file

rpm -qf filename

dpkg –search filename

Find package that provides a particular file

yum provides filename

apt-file search filename

Misc. Packaging System Tools

Show stats about the package cache

apt-cache stats

Verify all installed packages

rpm -Va

debsums

Remove packages from the local cache directory

yum clean packages

apt-get clean

Remove only obsolete packages from the local cache directory

apt-get autoclean

Remove header files from the local cache directory
(forcing a new download of same on next use)

yum clean headers

apt-file purge

General Packaging System Information

Package file extension

*.rpm

*.deb

Repository location configuration

/etc/yum.conf

/etc/apt/sources.list

Some of the information in this table was derived (with permission) from APT and RPM Packager Lookup Tables.

 

Below is a table of example commands for managing services. The apache/httpd service is used as an example.

Task

Red Hat / Fedora

Ubuntu

Ubuntu 
(with sysv-rc-conf or sysvconfig)

Starting/stopping services immediately

service httpd start

invoke-rc.d apache start

service apache start

Enabling a service at boot

chkconfig httpd on

update-rc.d apache defaults

sysv-rc-conf apache on

Disabling a service at boot

chkconfig httpd off

update-rc.d apache purge

sysv-rc-conf apache off

Note: Whereas Red Hat and Fedora servers boot into runlevel 3 by default, Ubuntu servers default to runlevel 2.

Note: The service and invoke-rc.d commands call init scripts to do the actual work. You can also start and stop services by doing e.g. /etc/init.d/apache start on Ubuntu, or /etc/init.d/httpd start on Red Hat/Fedora.

 

Source:

https://help.ubuntu.com/community/SwitchingToUbuntu/FromLinux/RedHatEnterpriseLinuxAndFedora

The post Switching To Ubuntu appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/09/26/switching-to-ubuntu/feed/ 0
RIP Authentication http://theipzone.com/blog/2013/09/04/rip-authentication/ http://theipzone.com/blog/2013/09/04/rip-authentication/#respond Wed, 04 Sep 2013 21:30:21 +0000 http://theipzone.com/?p=62 RIPv1 does not support authentication. If you are sending and receiving RIP v2 packets, you can enable RIP authentication on an interface. The key chain determines the set of keys that can be used on the interface. Authentication, including default authentication, is performed on that interface only if a key chain is configured. Cisco supports two modes of authentication on an interface on which RIP is enabled: plain-text authentication and message digest algorithm 5 (MD5) authentication. Plain-text authentication is the default authentication in every RIPv2 packet. Do not use plain text authentication in RIP packets for security purposes, because the unencrypted authentication key is sent in every RIPv2 packet. Use plain-text authentication when security is not an issue; for example, you can use plain-text authentication to ensure that misconfigured hosts do not participate in routing. Specifying a RIP Version and Enabling Authentication Configuration example: ! router rip version {1 | 2} interface type number ip rip send version [1] [2] ip rip receive version [1] [2] ip rip authentication key-chain name-of-chain ip rip authentication mode {text | md5} ! Note: Key Chain needs to be configured for this to work. Troubleshoot: debug ip rip

The post RIP Authentication appeared first on The IP Zone.

]]>
RIPv1 does not support authentication. If you are sending and receiving RIP v2 packets, you can enable RIP authentication on an interface.

The key chain determines the set of keys that can be used on the interface. Authentication, including default authentication, is performed on that interface only if a key chain is configured.

Cisco supports two modes of authentication on an interface on which RIP is enabled: plain-text authentication and message digest algorithm 5 (MD5) authentication. Plain-text authentication is the default authentication in every RIPv2 packet.

Do not use plain text authentication in RIP packets for security purposes, because the unencrypted authentication key is sent in every RIPv2 packet. Use plain-text authentication when security is not an issue; for example, you can use plain-text authentication to ensure that misconfigured hosts do not participate in routing.

Specifying a RIP Version and Enabling Authentication

Configuration example:

!
router rip 
version {1 | 2} 
interface type number 
ip rip send version [1] [2] 
ip rip receive version [1] [2] 
ip rip authentication key-chain name-of-chain 
ip rip authentication mode {text | md5} 
!

Note: Key Chain needs to be configured for this to work.

Troubleshoot:

debug ip rip

The post RIP Authentication appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/09/04/rip-authentication/feed/ 0
Cisco Key Chains http://theipzone.com/blog/2013/09/04/cisco-key-chains/ http://theipzone.com/blog/2013/09/04/cisco-key-chains/#respond Wed, 04 Sep 2013 21:06:00 +0000 http://theipzone.com/?p=59 To define an authentication, a key chain needed to enable authentication for routing protocols. To enter key-chain configuration mode, use the `key chain` command in global configuration mode. Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains. It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time, based on the accept-lifetime and send-lifetime key chain key command settings. If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key key chain commandkey chain name-of-chain no key chain name-of-chain  Configuration example ! key chain MD5 key 1 key-string MD5HASH accept-lifetime 13:30:00 Jan 25 1996 duration 7200 send-lifetime 14:00:00 Jan 25 1996 duration 3600 exit ! key chain TEXT key 1 key-string CLEARTEXT key 2 key-string KEY2 !

The post Cisco Key Chains appeared first on The IP Zone.

]]>
To define an authentication, a key chain needed to enable authentication for routing protocols. To enter key-chain configuration mode, use the `key chain` command in global configuration mode. Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains.

It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time, based on the accept-lifetime and send-lifetime key chain key command settings. If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key

key chain commandkey chain name-of-chain
no key chain name-of-chain 

Configuration example

!
key chain MD5
key 1
  key-string MD5HASH
  accept-lifetime 13:30:00 Jan 25 1996 duration 7200
  send-lifetime 14:00:00 Jan 25 1996 duration 3600
  exit
!   
key chain TEXT
key 1
  key-string CLEARTEXT
key 2
  key-string KEY2
!

The post Cisco Key Chains appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/09/04/cisco-key-chains/feed/ 0
TMUX http://theipzone.com/blog/2013/08/16/tmux/ http://theipzone.com/blog/2013/08/16/tmux/#respond Fri, 16 Aug 2013 18:51:00 +0000 http://theipzone.com/?p=54 Shell CMDS – From any shell prompt: start new:tmux start new with session name:tmux new -s myname attach:tmux a  #  (or at, or attach) attach to named:tmux a -t myname list sessions:tmux ls kill session:` TMUX CMDS – In tmux, hit the prefix ctrl+b and then: Sessions :new<CR>  new sessions  list sessions$  name session Windows (tabs) c  new windoww  list windowsf  find window,  name window&  kill window Panes (splits) %  vertical split”  horizontal splito  swap panesq  show pane numbersx  kill pane+  break pane into window (e.g. to select text by mouse to copy)–  restore pane from window⍽  space – toggle between layoutsPREFIX q (Show pane numbers, when the numbers show up type the key to goto that pane)PREFIX { (Move the current pane left)PREFIX } (Move the current pane right) Resizing Panes You can also resize panes if you don’t like the layout defaults. I use the mouse to resize PREFIX : resize-pane (By default it resizes the current pane down)PREFIX : resize-pane -U (Resizes the current pane upward)PREFIX : resize-pane -L (Resizes the current pane left)PREFIX : resize-pane -R (Resizes the current pane right)PREFIX : resize-pane 20 (Resizes the current pane down by 20 cells)PREFIX : resize-pane -U 20 (Resizes the current pane upward by 20 cells)PREFIX : resize-pane -L 20 (Resizes the current pane left by 20 cells)PREFIX : resize-pane -R 20 (Resizes the current pane right by 20 cells)PREFIX : resize-pane -t 2 20 (Resizes the pane with the id of 2 down by 20 cells)PREFIX : resize-pane -t -L 20 (Resizes the pane with the id of 2 left by 20 cells) Misc d  detacht  big clock?  list shortcuts:  prompt z zoom How do I copy and paste when the mouse […]

The post TMUX appeared first on The IP Zone.

]]>
Shell CMDS – From any shell prompt:

start new:
tmux

start new with session name:
tmux new -s myname

attach:
tmux a  #  (or at, or attach)

attach to named:
tmux a -t myname

list sessions:
tmux ls

kill session:
`

TMUX CMDS – In tmux, hit the prefix ctrl+b and then:

Sessions

:new<CR>  new session
s  list sessions
$  name session

Windows (tabs)

c  new window
w  list windows
f  find window
,  name window
&  kill window

Panes (splits)

%  vertical split
”  horizontal split
o  swap panes
q  show pane numbers
x  kill pane
+  break pane into window (e.g. to select text by mouse to copy)
–  restore pane from window
  space – toggle between layouts
PREFIX q (Show pane numbers, when the numbers show up type the key to goto that pane)
PREFIX { (Move the current pane left)
PREFIX } (Move the current pane right)

Resizing Panes

You can also resize panes if you don’t like the layout defaults. I use the mouse to resize

PREFIX : resize-pane (By default it resizes the current pane down)
PREFIX : resize-pane -U (Resizes the current pane upward)
PREFIX : resize-pane -L (Resizes the current pane left)
PREFIX : resize-pane -R (Resizes the current pane right)
PREFIX : resize-pane 20 (Resizes the current pane down by 20 cells)
PREFIX : resize-pane -U 20 (Resizes the current pane upward by 20 cells)
PREFIX : resize-pane -L 20 (Resizes the current pane left by 20 cells)
PREFIX : resize-pane -R 20 (Resizes the current pane right by 20 cells)
PREFIX : resize-pane -t 2 20 (Resizes the pane with the id of 2 down by 20 cells)
PREFIX : resize-pane -t -L 20 (Resizes the pane with the id of 2 left by 20 cells)

Misc

d  detach
t  big clock
?  list shortcuts
:  prompt
z zoom

How do I copy and paste when the mouse select plane is enabled?
To copy/paste text in xterm running tmux on mac you simply hold down the option key and highlight the text you want to copy. On PC you hold down the shift key. If you are running split plane windows then you can zoom into the window you are interesting in copying text from using C-b z (prefix: z)

If you are a mac user an easier approach is to use Iterm2 and then under the preference, go to the general tab and check the allow clipboard access to terminal apps.

 

CONFIGURATIONS OPTIONS:
# Just click it
set-option -g mouse-select-pane on
set-option -g mouse-select-window on
set-option -g mouse-resize-pane on

# Sane scrolling
set -g mode-mouse on

# Set the base index for windows to 1 instead of 0
set -g base-index 1

# Set the base index for panes to 1 instead of 0
setw -g pane-base-index 1

# set colors for the active window
setw -g window-status-current-fg white
setw -g window-status-current-bg red
setw -g window-status-current-attr bright

# pane colors
set -g pane-border-fg green
set -g pane-border-bg black
set -g pane-active-border-fg white
set -g pane-active-border-bg red

# Command / message line
set -g message-fg white
set -g message-bg black
set -g message-attr bright

# better mnemonics for splitting panes!
bind | split-window -h
bind \ split-window -h
bind – split-window -v
bind _ split-window -v

# Justify Status bar
set -g status-justify centre
setw -g monitor-activity on
set -g visual-activity on

# toggle statusbar
bind-key s set status

# scrollback buffer n lines
set -g history-limit 10000

# enable activity alerts
setw -g monitor-activity on
set -g visual-activity on

# reload settings
bind-key R source-file ~/.tmux.conf

# tell tmux to use 256 colour terminal
set -g default-terminal “screen-256color”

# instructs tmux to expect UTF-8 sequences
setw -g utf8 on

# listen for activity on all windows
set -g bell-action any

# open a man page in new window
bind-key / command-prompt “split-window ‘exec man %%'”

# Broadcast input
bind-key S setw synchronize-panes

 

Source:
http://blog.yjl.im/2009/11/migrating-to-tmux-from-gnuscreen.html
http://blog.hawkhost.com/2010/06/28/tmux-the-terminal-multiplexer/
http://blog.hawkhost.com/2010/07/02/tmux-%E2%80%93-the-terminal-multiplexer-part-2/
http://www.dayid.org/os/notes/tm.html
https://gist.github.com/shinzui/866897
https://gist.github.com/MohamedAlaa/2961058

 

 

The post TMUX appeared first on The IP Zone.

]]>
http://theipzone.com/blog/2013/08/16/tmux/feed/ 0