Cisco port security

SW1# conf t

SW1(config)# interface fastethernet0/1

SW1(config-if)# switchport mode access

SW1(config-if)# switchport port-security

SW1(config-if)# switchport port-security maximum 2

SW1(config-if)# switchport port-security violation restrict

SW1(config-if)# switchport port-security mac-address xxxx.xxxx.xxxa

SW1(config-if)# switchport port-security mac-address xxxx.xxxx.xxxb

Cisco port mirroring

conf t

monitor session 1 source interface fa1/0/1

monitor session 1 destination interface fa1/0/15

if your switch doesn't support the monitor session syntax, you will need

to do the following:

interface FastEthernet0/x

port monitor FastEthernet0/a

port monitor FastEthernet0/b

fa0/x is the port your sniffer is plugged into, 0/a and 0/b would be any

ports u want to sniff.

Setup Vyatta dnsmasq

vyatta@vyatta:~$ configure

vyatta@vyatta# set service dns forwarding listen-on eth1

vyatta@vyatta# set service dns forwarding name-server 192.168.1.1

vyatta@vyatta# commit

vyatta@vyatta# save

Setup Vyatta NAT

vyatta@vyatta:~$ configure

vyatta@vyatta# set service nat rule 1 source address 10.10.10.1/24

vyatta@vyatta# set service nat rule 1 outbound-interface eth0

vyatta@vyatta# set service nat rule 1 type masquerade

vyatta@vyatta# commit

vyatta@vyatta# save

setup Vyatta interfaces, ssh and https access

configure

set interfaces ethernet eth0 address dhcp

set interfaces ethernet eth1 address 192.168.1.1/24

set service ssh

set service https

commit

exit

Install Vyatta on hdd

Download VC6.1 - Virtualization.iso from http://www.vyatta.org/downloads

Create VM 256MB memory and 1Gb HDD

1. boot livecd (default login: vyatta/vyatta)
2. install-system
3. remove CD and reboot
4. "show version" to verify boot via disk
5. configure
6. save
7. reboot