bogdi19

In this lesson you will learn how to create an Internet Protocol Security (IPSec) filter list. IP Filter list specifies what traffic the system should secure using IPSec. IP filter lists can be specified based on IP addresses, protocols, and port numbers. An IP filter list is configured on the IP Filter List tab in the Properties dialog box of an IPSec rule of an IPSec policy. Click "Add" button "New Rule Properties" IP Filter List tab. "IP Filter List" dialog box will fire up. Enter a meaning-ful name and description. Remember to uncheck the "Use Add Wizard". Click "Add" button to create a new filter list to filter all Telnet Traffic to domain controller. In Source address combo box, select "Any IP Address" and in Destination address combo box, select "My IP Address". To automatically create two filters based on configured filter settings going to and coming from the specific Destination address, select the Mirrored check box. Now click the "Protocol" tab. Select TCP as the protocol and "To this port" as 23. Remember, Telnet is listening at TCP port number 23. Click "OK" to create a new IP filter list. Click "OK" to finish. The new filter list "Block All Telnet" will be listed in the IP filter lists tab. You have created a new IPSec IP filter list (Block All Telnet) to filter Telnet Traffic from all computers to the domain controller SERV03.omnisecu.com. Now you have to specify a filter action for this filter list. Click the filter action tab of "New Rule properties" Dialog box This lesson will teach you how to associate the IPSec IP filter list you have created in the previous lesson to an IPSec filter action. This filter action will block all Telnet traffic to the domain controller SERV03.omnisecu.com. We have created a IPSec filter list "Block All Telnet" which filter all Telnet traffic originating from any IP address to the domain controller SERV03.omnisecu.com. We need to associate a filter action "Block" with this filter list. when any traffic matches "Block All Telnet" filter list arrives at the domain controller, it will be blocked. Select the new filter list "Block All Telnet" you have created in last lesson by selecting the radio button. Now click the filter action tab, to associate a filter action with this filter list. To add IPSec block filter action, Uncheck the "Use Add Wizard" and Click "Add". Select "Block" radio button inside "New Filter Action Properties". Click "General" tab, enter a meaning-ful name for the filter action, and a description. Click "OK". New filter action "Block Telnet" will be listed, select it by clicking the radio button. Click "Apply" and "Close". You can see the new "Block All Telnet" rule listed in the Rules tab of the IPSec policies. New IPSec rule is created. There are three more tabs in the rule properties dialog box. 1) Authentication Methods - Lists the IPSec authentication methods. Three possible authentication methods are Kerberos: Kerberos 5 is the default authentication method in a Windows Server 2003 domain. Users running the Kerberos protocol within a trusted domain can authenticate using this method. Certificates: Digital certificates can be used for authentication, if a trusted certificate authority is available. Shared Key: A Pre-shared key can be used for authentication when kerberos is not available. A pre-shared key is a string value which is configured on each computer and must be the same on both computers. 2) Tunnel Setting - Specifies whether this is in Tunnel mode or Transport mode. You need to specify the end-point of the tunnel also. "This rule does not specify an IPSec tunnel" option is the Transport mode. 3) Connection Type - Determines for which types of connections the rule will be applied: LAN, Remote Access, or All Network Connections. You have created a IPSec rule to block all telnet traffic to the domain controller. Now you need create a IPSec rule allowing SERV04.omnisecu.com to allow secure telnet access. Follow the steps we did before except a few changes. Click the "Add" tab in the Secure Telnet IPSec policy to add a new rule. Click "Add" button in the "New Rule Properties" dialog box, to add an IPSec IP filter list. Type a meaning-ful name and description for the IPSec IP filter list. Click "Add" button to add an IPSec IP filter. Select "A specific IP Address" from the combo box of Source address and enter the IP address od SERV4.omnisecu.com (192.168.1.12), to which we need to enable secure telnet communication using IPSec. Enter Destination address as "My IP address". Click Protocol tab. Enter the protocol and port nunmber to enable secure traffic. Click "OK". Select the new filter list "Allow SERV04" and click filter action tab. Select "Require Security" filter action to enable secure IPSec communication between SERV03.omnisecu.com and SERV04.omnisecu.com. Click "Apply" and "Close". Refer next lesson how to configure IPSec encryption algorithm, hashing algorithm and other settings. The two rules you have created are listed in the "Secure Telnet" policy properties. At this point you may wondering about these two conflicting rules. "Block all Telnet" rule is defined to block all telnet traffic to the domain controller SERV03.omnisecu.com and "Allow Serv04" is defined to allow secure telnet traffic from SERV04.omnisecu.com. The IPSec rules are automatically ordered from the most specific to the least specific. Here "Allow SERV04" IPSec rule is most specific, because we have specified the IP address of SERV04.omnisecu.com (192.168.1.12). You have learned how to associate an IPSec IP filter list with a filter action. You have created two rules, one rule will block all IP traffic and other rule enable secure Telnet traffic betwee SERV03.omnisecu.com and SERV04.omnisecu.com.

IPSec policies determines which IP traffic should be secured and which IP packets should be not be secured, what type of security should be appplied to the IP packets. IPSec polices contain IPSec rules and IPSec rules contain filter lists and filter actions. There are three default IPSec policies in Windows Server 2003. We can assign only one policy at a time. Client (Respond Only): Client (Respond Only) IPSec policy allows the computer to attempt unsecured communications first and switch to secured communications if requested.. This policy contains the default response rule, which creates dynamic IPSec filters for inbound and outbound traffic based on the requested protocol and port traffic for the communication the system is securing. Server (Request Security): Server (Request Security) IPSec policy configured systems can request secure IP communications whenever possible but will fall back to clear-text IP communication if non IPSec-aware computers or systems not configured using a Client (Respond Only) policy request communication. Secure Server (Require Security): Systems configured with a Secure Server (Require Security) IPSec policy require secure communications. The filters for this policy require all communication from the given system to be secure, with the exception of the initial inbound communication request. Non IPSec aware devices and the devices which are not configured with Client (Respond Only) IPSec policy will not be able to communicate with a device configured with Server (Request Security) IPSec policy. The default polices can be viewed at group policy editor. If you are working in a Windows 2003 Domain Controller, select Start > Programs > Administrative Tools > Domain Controller Security Policy. In this lesson and following lessons you will learn how to configure Internet Protocol Security (IPSec) in a Windows 2003 network and how to secure Telnet traffic using Internet Protocol Security (IPSec). Telnet is a network protocol and is commonly used to refer to an application that uses that protocol. The application is used to connect to remote computers. Telnet listens at TCP well known port 23. Telnet is a terminal emulator software and is used to gain access to a command-line interface on a remote machine. Securing Telnet Traffic using Internet Protocol Security (IPSec) - Scenario You have four Windows 2003 servers, SERV03.omnisecu.com is a domain controller and SERV01.omnisecu.com, SERV02.omnisecu.com and SERV04.omnisecu.com are member servers. Figure 10: Scenario - Configure Internet Protocol Security in a Windows 2003 network. You want to allow Internet Protocol Security (IPSec) secure Telnet traffic to your Windows 2003 domain controller SERV03.omnisecu.com from SERV04.omnisecu.com, which is a windows 2003 member server and to block Telnet access from all other servers to Windows 2003 domain controller SERV03.omnisecu.com. You cannot use the default IPSec policies, because there is no default Internet Protocol Security (IPSec) policy to block Telnet traffic specifically. Here we need to create a new Internet Protocol Security (IPSec) policy to permit secure Telnet access to the domain controller SERV03.omnisecu.com only from SERV04.omnisecu.com, and block Telnet traffic from all other servers. In this lesson, you have learned an overview about telnet. You have four Windows 2003 servers. One is a Windows 2003 domain controller and other three are member servers. You want to allow only secure Telnet traffic to Windows 2003 domain controller from member server, SERV04.omnisecu.com. Click "Next" to continue. In this lesson, you will learn how to create Internet Protocol Security (IPSec), in Windows 2003 domain controller (SERV03.omnisecu.com). You can learn how to secure Telnet traffic from a member server (SERV04.omnisecu.com) and block Telnet traffic from all other servers using Internet Protocol Security (IPSec) in coming lessons. Login to domain controller (SERV03.omnisecu.com) as Administrator and open "Domain Controller Security Policy" MMC snap-in from "Administrative Tools". (Select Start > Programs > Administrative Tools > Domain Controller Security Policy). Right click IP Security Policies on Active Directory and select "Create IP Security Policy" from the context menu. (Domain Controller Security Policy is selected because SERV03.omnisecu.com is a domain controller. You have to select appropriate Group Policy when you configure IPSec for a different situation) "Welcome to the IP Security Policy Wizard" will fire up. Click "Next" in IP Security Policy Wizard to continue. Insert a meaning-ful name for the IPSec Policy and description here and click "Next" IP Security Policy Wizard to continue. In "Requests for Secure Communications" screen of IP Security Policy Wizard, uncheck the "Activate the default response rule" checkbox. "Default Response rule" is an IPSec rule that is used to ensure that the computer responds to requests for secure communication. If the active IPSec policy does not have a rule defined for a computer that is requesting secure communication, the default response rule is applied for secure IPSec communication. Click "Next" to continue. Uncheck "Edit Properties" checkbox (We will edit these settings later) and click "Finish" to complete IPSec policy wizard. You can now see the new "Secure Telnet" Internet Protocol Security (IPSec) policy, you have just created in the MMC snap-in. You have learned how to create an Internet Porotocol Security (IPSec) policy on a windows 2003 domain controller. You will learn how to create a Internet Porotocol Security (IPSec) Policy Rule in next lesson. In this lesson , you will learn how to create Internet Protocol Security (IPSec) rule, in a Windows 2003 Server. An Internet Protocol Security (IPSec) rule consists of IP filter list, filter action, Authentication methods, Tunnel endpoint and Connection type. Internet Protocol Security (IPSec) rules specifies when and how the computer should use IPSec. We can assign only one Internet Protocol Security (IPSec) policy at a time, but an Internet Protocol Security (IPSec) policy can contain more than one Internet Protocol Security (IPSec) rule. Here we will create two rules, one rule will block all the Telnet Traffic from all the computers to the domain controller SERV03.omnisecu.com, and other will allow secure traffic from member server SERV04.omnisecu.com. To create a new Internet Protocol Security (IPSec), right click the new Internet Protocol Security (IPSec) policy you have created and select the "Properties" from the context menu. Properties box of the "Secure Telnet" Internet Protocol Security (IPSec) policy will fire up, as shown below. Remember to unckeck "Use Add Wizard" checkbox. Click "Add" button to create a new Internet Protocol Security (IPSec) rule. Once again, Internet Protocol Security (IPSec) rule consists of IP Filter List, Filter Action, Authentication methods, Tunnel endpoint and Connection type. . "New Rule Properties" box will fire up. There are five tabs in "New Rule Properties" box. 1) IP Filter Lists 2) Filter Action 3) Authentication Methods 4) Tunnel Setting 5) Connection Type In this lesson you have started learning how to create an Internet Protocol Security (IPSec) rule. Internet Protocol Security (IPSec) rule contains IP filter lists and filter actions. Next lesson you will learn how to create an IP filter list. Click "Next" to continue.

Internet Protocol Security (IPSec) - What is IPSec? This Lesson explains what is Internet Protocol Security (IPSec), goals of Internet Protocol Security (IPSec) and different ways of implemeting Internet Protocol Security (IPSec). Internet Protocol has many weaknesses. The following points describe some of the weaknesses of Internet Protocol. • IP data packet (Internet Protocol Datagram) contains the logical addressing information (IP addresses). It is easy to forge the logical addresses of IP datagram. • It is possible to view the contents of an IP datagram, since there is no inbuilt encryption for IP datagram. • It is possible to modify the contents of IP datagram. •Replay attack is a type of network attack in which attackers capture packets whenever packets pass between two hosts on a network. The packets are then analyzed and passwords, encryption keys, or digital signatures are extracted from the captured packets. Later the attacker can send the captured password to the host and gain authentication. Hence we cannot make sure that the IP datagram’s received by a computer are from the claimed sender, the data received is not tampered by an attacker and the datagram was not inspected by the attacker while the packet was travelling the network. The purpose of Internet Protocol Security or IPsec is for protecting communications over Internet Protocol (IP) communications using cryptographic security services. IPsec is a security tunneling protocol, de?ning a mechanism that allows a device to encrypt and/or authenticate data packets and encapsulate the data packets. Internet Protocol Security (IPsec) enhances your network security to a very high level. Goals of Internet Protocol Security (IPSec) 1) Authentication – Prove we are who we say we are. 2) Integrity – The data has not been tampered with. 3) Confidentiality – The confidential data cannot be inspected by others. The term confidentiality means the data expected to remain private should be seen only by those who should see it. Different ways of implemeting Internet Protocol Security (IPsec) • IPsec can be integrated into the TCP/IP protocol suit. • IPsec can be added below the TCP/IP protocol suit. • IPsec can be implemented as a stand-alone device, and can be implemented as a part of the router or firewall. Key protocols associated with IPSec Internet Protocol Security (IPsec) consists of three key protocols. Authentication Header (AH): AH is a protocol that provides data origin authentication, data integrity, and anti-replay protection. Encapsulating Security Payload (ESP): ESP is a a protocol that provides data origin authentication, data integrity, and anti-replay protection and it provides confidentiality by encrypting the traffic. Internet Key Exchange (IKE): IKE is a protocol that provides the key-management function. IKE helps in setting up Security Associations. In this lesson you have learned what is Internet Protocol Security (IPsec), why we need Internet Protocol Security (IPsec), the goals of Internet Protocol Security (IPsec) and the ways Internet Protocol Security (IPsec) can be implemented. Authentication Header (AH), Encapsulating Security Payload (ESP and Internet Key Exchange (IKE) are the key protocols associated with Internet Protocol Security (IPSec). Click "Next" to continue. Security Association Security Association (SA) form the basis of Internet Protocol Security (IPSec). A Security Association (SA) is a simplex (one-way channel) and logical connection that provides relationship between two or more systems to build a unique secure connection. A Security Association (SA) can be viewed as an agreement between two devices about how to protect information during transit. The Security Association (SA) are one way (simplex). If two devices, Dev-A and Dev-B, are communicating using IPSec, then the DevA will have two Security Association's. One Security Association is used for processing out-bound packets and other Security Association is used for processing inbound packets. A Security Association (SA) consists of three things. 1) A Security Parameter Index (SPI) 2) An IP destination address 3) A IPSec Protocol Identifier. IPSec protocols are Authentication Header (AH) and Encapsulating Security Payload (ESP). The protocol Internet Key Exchange (IKE or IKEv2) is used to set up Security Associations (SAs) between two devices. IKE uses a Diffie-Hellman key exchange to set up a shared secret key, from which cryptographic keys are derived. Diffie-Hellman (developed by Whitfield Diffie and Martin Hellman) algorithm is a method for securely exchanging a shared secret (key) between two devices over an untrusted network. The secret key is generated at two devices and it is never transmitted over the network. Internet Key Exchange (IKE) protocol used for generating Security Association is a two-phase process. The first phase (also known as Main Mode negotiation) is a policy negotiation phase in which four parameters are negotiated. • The encryption algorithm (DES or 3DES). • The hash algorithm (MD5 (Message Digest 5) or SHA (Secure Hash Algorithm)). • The authentication method (Certificate, Pre-shared key, or Kerberos). • The exchange of DH material for key generation. In the second phase (also known as Quick Mode negotiation), the following parameters are negotiated. • The IPSec protocol (AH or ESP). • The hash algorithm (MD5 of SHA). • The algorithm for encryption, if requested (DES or 3DES). After Main Mode and Quick Mode negotiations, common agreement is reached, and two Security Associations (SAs) are established. One Security Association (SA) is for inbound communication and the other Security Association (SA) is for outbound communication. As part of the second phase (Quick Mode), session key material is refreshed, and a new pair of keys is generated. This can prevent the cracking of session key by an attacker. The Security Parameter Index (SPI) is a very important element in the SA. An SPI is a 32-bit number that is used to uniquely identify a particular SA for any connected device. A Security Association (SA) is an agreement between two devices about how to protect information during communication. It also indicates the parameters, such as keys and algorithms. SPI provides a mechanism for the destination to identify which SA to use to check the security of the received packet. The SPI is provided to map the incoming packet to an SA at the destination The SPI is a 32-bit random number generated by the sender to identify the SA to the recipient. It is worth knowing two other terms related with IPSec. Security Policy Database (SPD) IPSec Policies are maintained in the Security Policy Database (SPD). IPSec Policies de?ne which traffic to be protected, how it is to be protected, and with whom to protect it. The sending host determines what policy is appropriate for the packet, depending on various "Selectors" by checking in the Security Policy Database (SPD). "Selectors" can include Source and Destination IP Addresses, Name (User ID ir a System Name), Transport Layer Protocols (TCP or UDP) or Source and Destination Ports. The Security Policy Database (SPD) indicates what the policy is for a particular packet. If the packet requires IPsec processing, it will be it is passed to the IPsec module for the required processing. Security Association Database (SAD) IPSec Security Associations are stored in the Security Association Database (SAD). Each Security Association has an entry in the Security Association Database (SAD). The Security Association entries in the Security Association Database (SAD) are indexed by the three Security Association properties. 1) Destination IP address 2) IPSec protocol 3) Security Parameter Index (SPI). In this lesson, you will learn what is Transport Mode, what type of data can be protected using Transport Mode. IPsec Transport mode protects upper-layer protocols (Ex: TCP or UDP) and Transport mode is used to secure end-to-end (device to device) communications. Figure 1: End-to-end data transmission security using Transport Mode When IPSec is enabled, the transport layer packets (TCP Segments and UDP Datagrams) reach the IPSec module. When IPSec is implemented as a part of TCP/IP protocol suit, the IPSec module is a of the network layer (OSI Layer 3). The IPSec then adds the Authentication Header (AH), Encapsulating Security Payload (ESP), or both headers, and then IP header is added. IPSec Transport Mode When IPSec is operating at Transport mode, IPSec header is inserted between the IP header and the Transport Layer protocol header (TCP or UDP). Figure 2: In Transport mode, IPSec Header is inserted between IP header and TCP Header In Transport Mode, if the packet needs to be secured using both Authentication Header (AH) and Encapsulating Security Payload (ESP), the packet is first protected using Encapsulating Security Payload (ESP) and then it is secured using Authentication Header. This helps to bring the data integrity to the Encapsulating Security Payload (ESP) payload also. Figure 3: Transport mode - AH and ESP together IPSec Tunnel mode is used to secure gateway-to-gateway traffic. IPSec Tunnel mode is used when the final destination of the data packet is different from the security termination point. IPsec Tunnel mode protects the entire contents of the tunneled packets. As we learned in previous lesson, Transport mode is a good option securing host-to-host communication and Tunnel mode is the option for Virtual Private Network (VPN). The IPSec Tunnel mode data packets sent from the source device are accepted by the security gateway (a router or a server) and forwarded to the other end of the tunnel, where the original packets are extracted and then forwarded to their final destination device. Figure 4: Gateway-to-gateway security using IPSec Tunnel mode When we use IPSec Tunnel mode, the IP datagram is encapsulated in another IP datagram and an IPSec header is inserted between two IP headers. Figure 5: IP Datagram secured using IPSec Tunnel mode. An IPSec tunneled mode packet has outer IP header and inner IP header. The inner header is the host IP header itself and the outer header is added by the security gateway. The Authentication Header (AH) is an IPSec protocol that provides data integrity, data origin authentication, and optional anti-replay services to IP. Authentication Header (AH) does not provide any data confidentiality (Data encryption). Since Authentication Header (AH) does not provide confidentiality, there is no need for an encryption algorithm. AH protocol is specified in RFC 2402. Authentication Header (AH) is an IP protocol and has been assigned the protocol number 51 by IANA. In the IP header of Authentication Header (AH) protected datagram, the 8-bit protocol field will be 51, indicating that following the IP header is an Authentication Header (AH) header. Figure 6: Authentication Header (AH) - Header Next Header: Next header field points to next protocol header that follows the AH header. It can be a Encapsulating Security Payload (ESP) header, a TCP header or a UDP header (depending on the network application). Payload Length: specifies the length of AH in 32-bit words (4-byte units), minus 2. RESERVED: This field is currently set to 0, reserved for future use. Security Parameter Index (SPI): The Security Parameter Index (SPI) field contains the Security Parameter Index, is used to identify the security association used to authenticate this packet. Sequence Number: Sequence Number field is the number of messages sent from the sender to the receiver using the current SA. The initial value of the counter is 1. The function of this field is to enable replay protection, if required. Authentication Data: The Authentication Data field contains the result of the Integrity Check Value calculation, that can be used by the receiver to check the authentication and integrity of the packet. This field is padded to make total length of the AH is an exact number of 32-bit words. RFC 2402 requires that all AH implementations support at least HMAC-MD5-96 and HMAC-SHA1-96. This lesson explains Encapsulating Security Payload (ESP), Encapsulating Security Payload (ESP) Header and trailer, Encapsulating Security Payload (ESP) Header and trailer fields description. The Encapsulating Security Payload (ESP) protocol provides all the functions of Authentication Header (Authentication, Data Integrity, and anti-replay protection). The difference here is that the Encapsulating Security Payload (ESP) provides the most critical security function, data confidentiality. The benifits of using Encapsulating Security Payload (ESP) are listed below. 1) Confidentiality of Datagrams through encryption. 2) Traffic flow confidentiality using security gateways. 3) Authentication of data origin using digital certificates. 4) Anti-replay services using sequence number mechanism. Figure 7: Encapsulating Security Payload (ESP) Header Security Parameter Index (SPI): Security Parameter Index (SPI) field in the Encapsulating Security Payload (ESP) header along with the destination address, and the IPsec protocol are used to uniquely identify the SA that applies to this packet. Sequence Number: The sequence number in the Encapsulating Security Payload (ESP) header provides antireplay services to Encapsulating Security Payload (ESP). Protected Data: Protected Data field in the Encapsulating Security Payload (ESP) heade is the actual data being protected by Encapsulating Security Payload (ESP). The length of this field is variable and depends on the size of the data. The protected data field also contain any initialization vector for encryption algorithm. Padding: Block ciphers require that plaintext be padded to a multiple of the block size. If any padding is needed, it follows immediately after the payload data in the padding field. Pad Length: Pad Length specifies the length of the padding. Next Header: The next header field indicates what type of data is in the payload data field. Authentication Data: The authentication data field contains an integrity check value for the Encapsulating Security Payload (ESP) packet. Following are some of the features of Windows 2003 IPSec implementaion. Windows 2003 IPSec implementaion is policy based. Administrators need to work in Group Policy to configure IPSec in Windows 2003. Windows 2003 IPSec implementaion can use Kerberos v5, a digital certificate, or a shared secret (string) for user authentication. IPSec mutually authenticates computers prior to any data being exchanged. Windows 2003 IPSec implementaion uses Data Encryption Standard (DES) or Triple DES (3DES) for encryption. Windows 2003 IPSec implementaion uses MD5 (Message Digest) or SHA1 (Secure Hash Algorithm) algorithm for data hashing. IPSec is transparant to users. IPSec operate at OSI Layer 3 and there is no need for users and applications to directly interact with IPSec. IPSec Monitor tool is available as a MMC snap-in. Windows 2003 IPSec implementaion supports 2048 bit Diffie-Hellman key exchange, generating more secure keys. Sursa: Free Networking tutorials, System Administration Tutorials and Security Tutorials

Advances in Computers (Nanotechnology).pdf http://www.ehow.com/list_6510310_nanotechnology-science-projects.html http://aaai.org/AITopics/Systems http://www.scribd.com/doc/30978322/Nano-Computer-Architectronics-and-Nanotechnology http://research.microsoft.com/en-us/projects/dna/ Sau asta

http://www.youtube.com/watch?v=6KpoJl1QnAk

http://www.youtube.com/watch?v=W3TqWjOXFJ4

http://www.youtube.com/watch?v=GTCvci-aX_o

http://www.youtube.com/watch?v=UjpBoS_xo2I

http://www.youtube.com/watch?v=US8-hIsA9Zs

http://www.youtube.com/watch?v=p2_F2pTzUxc

http://www.youtube.com/watch?v=yK8Tbf5b1is

http://www.youtube.com/watch?v=58P2P3qIWF4

http://www.youtube.com/watch?v=3dzEkpC-iu8

http://www.youtube.com/watch?v=1QCoyQGlyBc

Download: https://rapidshare.com/#!download|15tl6|3454936370|Advanced_Wireless_Networks_-_4G_Technologies.rar|12856|R~CC2A29D0FEFC42C7F3E84D34CCA92CE3|0|0 Password: www.handsomepentagonal.blogspot.com

Posibilitatea de a sterge istoria Google s-a dovedit insuficienta pentru multi utilizatori ai motorului de cautare. Un start-up propune o solutie dedicata deocamdata doar utilizatorilor de Firefox, dar care poate tine departe Google de informatiile personale. Protected Search, cumparat de Abine sub numele de GoogleSharing, ofera utilizatorilor de Mozilla Firefox o solutie pentru apararea dreptului la intimitate, scrie WallStreetJournal. Cautarile online cu motorul de cautare sau folosirea Google Maps devin 100% anonime, insa add-on-ul pentru Firefox nu poate impiedica Google sa adune informatii despre utilizatori atunci cand sunt logati pentru a folosi Gmail sau Google+. Aplicatia Protected Search opreste in browser toate tentativele de obtinere de informatii lansate de Google prin cookies si le redirectioneaza catre un proxy special. Descarca Keep your searches private with Protected Search Sursa: Hit.ro - Stiri IT, Jocuri, Gadgeturi, Download programe

Cel mai simplu il conectezi la pc si-l bagi in Itunes.Vezi daca-l recunoaste,eventual poti incerca sa-i faci un update.Dar daca apple storeu' si gpsu' iti cer sa instalezi java cand incerci sa le accesezi,e clar.

Nu-mi imaginez cum a putut sa fie atat de serios in timpul clipului.

Incearca un soft update cu Ovi.

Are cumva placa video nvidia?

@dixongsm multumesc pentru sugestie,am sa incerc in seara asta si revin cu un raspuns. @Oake acela este un calculator care merge numai pe platforma DCT4 nu si pe BB5.

Tocmai asta-i problema,codul mi-l cere la pornire.Am mai incercat cu un bb5 unlocker da' nici un rezultat.

Dupa cum spune titlul,mi-am uitat codul de siguranta.Am incercat cu un generator pe baza de imei dar nimic. Orice ajutor este binevenit. Multumesc anticipat!

Beginning in privileged EXEC mode, follow these steps to enable port security: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter interface configuration mode for the port you want to secure. Step 3 switchport port-security Enable basic port security on the interface. Step 4 switchport port-security maximum max_addrsSet the maximum number of MAC addresses that is allowed on this interface. Step 5 switchport port-security violation {shutdown | restrict | protect}Set the security violation mode for the interface.The default is shutdown.For mode, select one of these keywords: • shutdown—The interface is shut down immediately following a security violation. • restrict—A security violation sends a trap to the network management station. • protect—When the port secure addresses reach the allowed limit on the port, all packets with unknown addresses are dropped. Step 6 end Return to privileged EXEC mode. Step 7 show port security [interface interface-id | address] Verify the entry. Disabling Port Security: no switchport port-security Note: If the port link goes down, all the dynamically learned addresses are removed. Enabling Port Security Sursa: .?l?.?l?. Network

The EtherChannel is composed of individual Fast Ethernet or Gigabit Ethernet links bundled into a single logical link as shown in Figure 10-1. The EtherChannel provides full-duplex bandwidth up to 800 Mbps (Fast EtherChannel) or 2 Gbps (Gigabit EtherChannel) between your switch and another switch or host. Note The network device to which your switch is connected can impose its own limits on the number of interfaces in the EtherChannel. For Catalyst 2950 switches, the number of EtherChannels is limited to six with eight ports per EtherChannel. Each EtherChannel can consist of up to eight compatibly configured Ethernet interfaces. All interfaces in each EtherChannel must be the same speed, and all must be configured as Layer 2 interfaces. If a link within an EtherChannel fails, traffic previously carried over that failed link changes to the remaining links within the EtherChannel. A trap is sent for a failure, identifying the switch, the EtherChannel, and the failed link. Inbound broadcast and multicast packets on one link in an EtherChannel are blocked from returning on any other link of the EtherChannel. Understanding Port-Channel Interfaces When you create an EtherChannel for Layer 2 interfaces, a logical interface is dynamically created. You then manually assign an interface to the EtherChannel by using the channel-group interface configuration command as shown in Figure 10-2. Each EtherChannel has a logical port-channel interface numbered from 1 to 6. After you configure an EtherChannel, configuration changes applied to the port-channel interface apply to all the physical interfaces assigned to the port-channel interface. Configuration changes applied to the physical interface affect only the interface where you apply the configuration. To change the parameters of all ports in an EtherChannel, apply configuration commands to the port-channel interface, for example, Spanning Tree Protocol (STP) commands or commands to configure a Layer 2 EtherChannel as a trunk. Understanding the Port Aggregation Protocol The Port Aggregation Protocol (PAgP) facilitates the automatic creation of EtherChannels by exchanging packets between Ethernet interfaces. By using PAgP, the switch learns the identity of partners capable of supporting PAgP and learns the capabilities of each interface. It then dynamically groups similarly configured interfaces into a single logical link (channel or aggregate port); these interfaces are grouped based on hardware, administrative, and port parameter constraints. For example, PAgP groups the interfaces with the same speed, duplex mode, native VLAN, VLAN range, and trunking status and type. After grouping the links into an EtherChannel, PAgP adds the group to the spanning tree as a single switch port. PAgP Modes Table 10-1 shows the user-configurable EtherChannel modes for the channel-group interface configuration command: on, auto, and desirable. Switch interfaces exchange PAgP packets only with partner interfaces configured in the auto or desirable modes; interfaces configured in the on mode do not exchange PAgP packets. Table 10-1 EtherChannel Modes Mode Description auto Places an interface into a passive negotiating state, in which the interface responds to PAgP packets it receives but does not initiate PAgP packet negotiation. This setting minimizes the transmission of PAgP packets. desirable Places an interface into an active negotiating state, in which the interface initiates negotiations with other interfaces by sending PAgP packets. on Forces the interface to channel without PAgP. With the on mode, a usable EtherChannel exists only when an interface group in the on mode is connected to another interface group in the on mode. Both the auto and desirable modes allow interfaces to negotiate with partner interfaces to determine if they can form an EtherChannel based on criteria such as interface speed and, for Layer 2 EtherChannels, trunking state and VLAN numbers. Interfaces can form an EtherChannel when they are in different PAgP modes as long as the modes are compatible. For example: • An interface in desirable mode can form an EtherChannel with another interface that is in desirable or auto mode. • An interface in auto mode can form an EtherChannel with another interface in desirable mode. • An interface in auto mode cannot form an EtherChannel with another interface that is also in auto mode because neither interface initiates PAgP negotiation. An interface in the on mode that is added to a port channel is forced to have the same characteristics as the already existing on mode interfaces in the channel. Caution:You should exercise care when setting the mode to on (manual configuration). All ports configured in the on mode are bundled in the same group and are forced to have similar characteristics. If the group is misconfigured, packet loss or STP loops might occur. If your switch is connected to a partner that is PAgP-capable, you can configure the switch interface for nonsilent operation by using the non-silent keyword. If you do not specify non-silent with the auto or desirable mode, silent mode is assumed. The silent mode is used when the switch is connected to a device that is not PAgP-capable and seldom, if ever, transmits packets. An example of a silent partner is a file server or a packet analyzer that is not generating traffic. In this case, running PAgP on a physical port connected to a silent partner prevents that switch port from ever becoming operational; however, the silent setting allows PAgP to operate, to attach the interface to a channel group, and to use the interface for transmission. Physical Learners and Aggregate-Port Learners Network devices are classified as PAgP physical learners or aggregate-port learners. A device is a physical learner if it learns addresses by physical ports and directs transmissions based on that learning. A device is an aggregate-port learner if it learns addresses by aggregate (logical) ports. When a device and its partner are both aggregate-port learners, they learn the address on the logical port-channel. The device transmits packets to the source by using any of the interfaces in the EtherChannel. With aggregate-port learning, it is not important on which physical port the packet arrives. The Catalyst 2950 switch uses source-MAC address distribution for a channel if it is connected to a physical learner even if the user configures destination-MAC address distribution. These frame distribution mechanisms are possible for frame transmission: • Port selection based on the source-MAC address of the packet • Port selection based on the destination- MAC address of the packet Catalyst 2950 switches support a maximum of eight ports to a PAgP group. PAgP Interaction with Other Features The Dynamic Trunking Protocol (DTP) and Cisco Discovery Protocol (CDP) send and receive packets over the physical interfaces in the EtherChannel. Trunk ports send and receive PAgP protocol data units (PDUs) on the lowest numbered VLAN. STP sends packets over a single physical interface in the EtherChannel. Spanning tree regards the EtherChannel as one port. PAgP sends and receives PAgP PDUs only from interfaces that are up and have PAgP enabled for auto or desirable modes. Understanding Load Balancing and Forwarding Methods EtherChannel balances the traffic load across the links in a channel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel. EtherChannel load balancing can use either source-MAC or destination-MAC address forwarding. With source-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the source-MAC address of the incoming packet. Therefore, to provide load balancing, packets from different hosts use different ports in the channel, but packets from the same host use the same port in the channel (and the MAC address learned by the switch does not change). With destination-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the destination host’s MAC address of the incoming packet. Therefore, packets to the same destination are forwarded over the same port, and packets to a different destination are sent on a different port in the channel. You configure the load balancing and forwarding method by using the port-channel load-balance global configuration command. In Figure 10-3, an EtherChannel of four workstations communicates with a router. Because the router is a single-MAC-address device, source-based forwarding on the switch EtherChannel ensures that the switch uses all available bandwidth to the router. The router is configured for destination-based forwarding because the large number of workstations ensures that the traffic is evenly distributed from the router EtherChannel. Use the option that provides the greatest variety in your configuration. For example, if the traffic on a channel is going only to a single MAC address, using the destination-MAC address always chooses the same link in the channel; using source addresses might result in better load balancing.