SAMAHEE™'s LIFE STORY RSS FEED

일명 ACL이라고 불리는 cisco사의 보안관련 command 이다.
근데 블로그나 카페를 뒤적거려봐도 그내용이 그내용이더라구..

Standard ACL
Extended ACL

이 두개의 내용이 대부분이라서,
cisco 홈페이지에서 직접 더 많은 내용이 있는 문서를 찾았다.

Configuring IP Access Lists 문서에 나온 ACL타입은 아래와 같다.

Network Diagram
Standard ACLs
Extended ACLs
Lock and Key (Dynamic ACLs)
IP Named ACLs
Reflexive ACLs
Time−Based ACLs Using Time Ranges
Commented IP ACL Entries
Context−Based Access Control
Authentication Proxy
Turbo ACLs
Distributed Time−Based ACLs
Receive ACLs
Infrastructure Protection ACLs
Transit ACLs

그리고 ACL sample은 어떻게 사용하는지 간단한 사용법을 보여주는 문서.

필요하신 분은 다운받으세요.

2009년 10월 19일 부터 4.0이 적용된다고 한다.

프린터에서 자체 랜을 지원하지 않아서, Windows 2000에 물려서 공유형태로 사용중일 때,

웹에는 Windows XP에 대한 설명만 있어, Windows 2000 에서의 해결책을 올린다.

위의 그림은 Windows 2000에서의 공유 관련된 네트워크 프로토콜이다. vista에서 어떤 방식인지 몰라서, 기본적으로 설치되는 Microsoft 네트워크용 파일 및 프린터 공유 이외에, NWLink IPX/SPX/NetBIOS 호환 트랜스포트 프로토콜을 설치한다.
설치방법은 위의 설치 버튼을 클릭 -> 프로토콜에 들어가면 있다.

컴퓨터관리에서 로컬 사용자 및 그룹 -> 사용자 에서 guest 사용을 허용한다.
기본적으로 guest 로서 print 공유를 해 왔었다. 위 그림과 같이 "계정 사용 안함" 부분에 체크를 해제하면 guest 계정은 사용 할 수 있다. 굳이 암호를 넣을 필요는 없다.

마지막으로, C:\winnt\system32에서 spool 폴더의 권한을 변경한다. 위의 그림은 공유 부분을 클릭하면 나오는데, 보안 탭을 선택해, "추가" 버튼을 눌러 guest를 추가한다.
쓰기 권한은 허용하지 않고, 위의 3가지 정도만 허용하면 프린터 공유는 될 것이다.
고급 버튼을 클릭하면 권한 수정을 할 수 있다.

참고로, 프린터 공유만을 사용 할때 445 포트만 열어두고, 나머지 포트는 모두 닫아도 된다.

Network-attached storage (NAS)

Network-attached storage (NAS) is the name given to dedicated data storage technology that can be connected directly to a computer network to provide centralized data access and storage to heterogeneous network clients.

Contents 1 Description 2 History 3 Benefits 4 NAS applications 5 Enterprise NAS Vendors 6 External links 7 See also

Description

NAS differs from traditional file serving and Direct Attached Storage in that the operating system and other software on the NAS unit provides only the functionality of data storage, data access and the management of these functionalities. Furthermore, the NAS unit does not limit clients to only one file transfer protocol. NAS systems usually contain one or more hard disks, often arranged into logical, redundant storage containers or RAID arrays, as do traditional file servers. NAS removes the responsibility of file serving from other servers on the network and can be deployed via commercial embedded units or via standard computers running NAS software.

NAS uses file-based protocols such as NFS (popular on UNIX systems) or Common Internet File System (CIFS) (used with MS Windows systems). Contrast NAS's file-based approach and use of well-understood protocols with storage area network (SAN) which uses a block-based approach and generally runs over proprietary protocols. Minimal-functionality or stripped-down operating systems are used on NAS computers or devices which run the protocols and file applications that provide the NAS functionality. A "leaned-out" FreeBSD, is used in FreeNAS, for example, which is open source NAS software meant to be deployed on standard computer hardware. Commercial embedded devices and consumer "network appliances" may use closed source operating systems and protocol implementations.

History

Network-attached storage was introduced with the early file sharing Novell's NetWare server operating system and NCP protocol in 1983. In the UNIX world, Sun Microsystems' 1984 release of NFS allowed network servers to share their storage space with networked clients. 3Com's 3Server and 3+Share software was the first purpose-built servers (including proprietary hardware, software, and multiple disks) for open systems servers, and the company led the segment from 1985 through the early 1990s. 3Com and Microsoft would develop the LAN Manager software and protocol to further this new market. Auspex Systems was one of the first to develop a dedicated NFS server, following the 3Server's lead in the PC and MacIntosh worlds, eventually embedding both a PC and Sun server within their arrays. A group of Auspex engineers split away to create the integrated Network Appliance "filer", which supported both Windows and UNIX, in the early 1990s, starting the market for proprietary NAS arrays.

Benefits

Availability of data can potentially be increased with NAS because data access is not dependent on a server: the server can be down and users will still have access to data on the NAS. Performance can be increased by NAS because the file serving is done by the NAS and not done by a server responsibile for also doing other processing. The performance of NAS devices, though, depends heavily on the speed of and traffic on the network and on the amount of cache memory (the equivalent of RAM) on the NAS computers or devices. Scalability of NAS is not limited by the number of internal or external IO interfaces of a server as a NAS device can be connected to any available network jack. NAS can be more reliable than DAS because all the other things that can bring a server down do not affect the NAS device dedicated to file serving.

NAS applications

NAS is useful for more than just general centralized storage provided to client computers in environments with large amounts of data. NAS can enable simpler and lower cost systems such as load-balancing and fault-tolerant email and web server systems by providing storage services. The potential emerging market for NAS is the consumer market where there is a large amount of multi-media data. The price of NAS appliances has plummeted in recent years, offering flexible network based storage to the home consumer market for little more than the cost of a regular USB or FireWire external hard disk. Many of these home consumer devices are built around Processors running an Embedded Linux Operating system.^{[citation needed]}

NAS is becoming popular for home and small business use. Small-footprint appliances that excel at low-power, low-noise, and low-cost are available from commercial vendors. Free NAS servers are also available to download from the internet, and include FreeNas, NASLite and Openfiler. They are easy to configure via a Web-based Interface and run on even the slowest computers.

Enterprise NAS Vendors

Appliance-based NAS was pioneered by Auspex, based on the success of file servers from Novell, IBM, Microsoft, and Sun Microsystems.

Current vendors include:

• ONStor
• Agámi Systems
• Attune Systems
• BlueArc, www
• EMC
• Isilon
• Network Appliance
• Panasas
• Pillar Data Systems

External links

• FreeNas
• Hitachi Data Systems
• FreeNas(Chinese)
• NASLite
• Openfiler
• Darma (Please note that work on this product has been suspended)
• Network Attached Storage Appliances for Small Office/Home Office Use under US$1000

See also

• Secure Shell Filesystem - locally mount a remote directory on a server using only a secure shell login.
• File Area Network

Retrieved from "http://en.wikipedia.org/wiki/Network-attached_storage"



Doc
Default User name/passwordfor the GUI: admin/freenas
The PDF version (in english)

DOWNLOADS

FreeNAS 0.671 ISO

FreeNAS 0.671 image

FreeNAS 0.66 source  

SCREENSHOTS

Statuts Disks	Statut	Service: RSYNCD
Disks: Software RAID: Configuration	Disks: Software RAID	Service: NFS
Disks: Mount	Disks: Mount: Configuration	System: General Setup
Service: FTP	Disks: Management	Service: CIFS

FreeNAS page : http://www.freenas.org

Back|Track은 제가 사용하는 Linux LiveCD 입니다.
Back|Track에서 Snort의 간단한 설정 문서가 있어서 개인적인 테스트 용도로 사용합니다.

Back|Track LiveCD DownLoad


I thought I would give some brief instructions on configuring Snort on the Back|Track distribution.

Quote:

Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.

To configure Snort on the Back|Track distribution, follow these steps:

1) Click on the 'K' menu, Back|Track, Back|Track Services, SNORT, Setup & Initialise Snort.

2) When the Bash prompt appears, enter a password for the root & user accounts.

3) Take note of the displayed information as you need that to continue the configuration!

4) Start Mozilla and browse to http://localhost/base

5) Click on Continue.

6) Choose your language and the path to the Database - /usr/local/apache2/htdocs/base/adodb

7) Enter the following information and click Submit Query.

Pick a Database Type : MySQL
Database Name : snort
Database Host : localhost
Database User Name : snort
Database Password : The user password you configured earlier!

8) Enter the following information and click Submit Query.

Admin User Name : root
Password : The root password you configured earlier!
Full Name : Anything!

9) Click on the 'Create BASE AG' button to create the BASE database and click 'step 5'. (BASE = Basic Analysis and Security Engine)

10) You will get an error saying that snort cannot write the base_conf.php file. Copy the text on the screen into a text file and save it as /usr/local/apache2/htdocs/base/base_conf.php

11) Then take the time to delete the setup directory in /usr/local/apache2/htdocs/base/

12) Finally, click on 'Click here to access your install'. Snort is now running with the default alerts and signatures.

To learn more about Snort, please visit http://www.snort.org