TRAINING MTCNA

Assalamualaikum Wr. Wb

A. PENDAHULUAN

Selamat datang di blog IRVAN KURNIAWAN

mari kita berbagi ilmu atau tukar pikiran untuk menambah wawasan.

B.WAKTU PELAKSANAAN

08.00 – 18.00 WIB

PEMBAHASAN

PORT KNOCKING

==============

-PING, address-list

- browser, address-list

- ip-winbox = accept = apabila sama dengan dengan address source address-list langkah kedua

- drop all traffid

konfigurasi port knocking

/ip firewall filter

add action=add-src-to-address-list address-list=icmp address-list-timeout=5m\

chain = input in-interface=ether2 protocol = icmp.

add action=add-scr-to-address-list address-list=HTTP address-list-timeout=5m\

chain=input dst-port=80 in-interface=ether2 protocol = tcp src-address-list=\

ICMP

add action=accept chain=input dst-port =8921 in-interface=ether2 protocol=tcp\

src-address-list=HTTP

add action=drop chain=input in-interface=ether2

NAT (network address translation)

========================

- modifikasi header address/port suatu ip packet

- soureceNAT = modifikasi header soure addres/port suatu ip packet

- destinasitionNAT = modifikasi header destination address/port suatu ip packet

* port forwading

* transparent proxy

QOS (Quality of service)

=================

- management bandwidth

- shaping, prioritasia

- dual limitation :

“ maxsimum information rate (MIR), up-to limit bandwidth, max-limit

“ comitted informasition rate (CIR), guarantee bandwidth, limit-at

indihome = 10M

A = max-limit=5M, limit-at=1M, priority=2

B = max-limit=5M, limit-at=1M, priority=3

B = max-limit=5M, limit-at=1M, priority=8

A = 1M + 4M =5M

B = 1M + 3M =3M

C = + = 1M

Membatasi bandwidth dari pc qiem

PCQ = one simple queue for the whole network

PCQ rate = max limit

jika hanya 0 maka bandwidth dibagi sama rata

BRUSTING

=========

nilai maxsimum yang diperoleh jika nilai terpenuhi.

Syarat :

rata-rata nilai trafik dibawah brust time (jendela waktu untuk menghitung rata-rata trafik)

TUNNEL

=======

-vpn ? (cara untuk memperluas jaringan private melalui infrastruktur pihak ke-3, atau jaringan provider melalui MPLS

-poin-to-point protocol (ppp, pppoe. Pptp, sstp, 12tp, ovpn)

“authentication

“encryption = MPPPE-128 bit

“compression = VJ algorythm

“ip distribution

-PPPoE

SSTP

====

- tcp 443

- ssi certificate

- tidak perlu nat helper

- kompatibilitas

- emal

PENUTUP

sekian dari saya, bila ada salah kata atau kalimat saya mohon maaf.

Kritik,saran atau ulasan yang lain bisa ditulis di kolom komentar,

TRIMA KASIH

Wassalamualaikum Wr. Wb

Irvan kurniawan

Cari Blog Ini

TRAINING MTCNA

Komentar

Posting Komentar