Understanding Technology One at a Time!!!

Hello everybody .. today i have done something which i feel very proud . not a feet really and already done by many of the people who are doing this .. but when ever i see any new technology which serves me i love it .. i simply love it and will share it ..

So what the topic about ?

Nothing serious really …. i have a spare pc (windows one) and what i did was to use check point ng r 55 platform on it ..

requirement :

1. spare pc with atleast 512 mb ram
2. pc has to have two network cards (one for your internal network and other for ext)

installation is fairly simple .. you can download the trial package from checkpoint for 15 day evaluation and install it on the old pc

configure your networks and bingo you network in now being protected by checkpoint ng firewall systems .

one option to consider is to buy license from checkpoint .. if you you need to format your pc in any form and install your firewall

any doubts let me know

best regards
Rakesh

Share on Facebook

Even though done by many greats i still wanted to do this video just to help out people and simplify their life with pix / asa activation ..

i was having problems with searching activation keys ..so here iam uploading the activation key and also serial number obtained from google search ..

not this will only work pix723.bin image and i tried on other with no luck ….

Those who already knew pix emulation may skip this video …

This videos base idea has been take from blindhog.net

here’s the link to download …

I found other interesting email which i got recently from http://www.netbraintech.com/

check out their demo video it impressed me some how .. hope ccie lab proctors allows it for trouble shooting section lol

CISCO PIX UR LICENSE VIDEO (IN GNS3 SIMULATOR)

heres the video link

best regards
Rakesh

Share on Facebook

Hello iam amazed with the speed and performance of cisco pix firewall in gns3. Moving on its been fun learning whole new technologies ..

i have presently shifted my path towards security and voice way not that i will be attempting them but to gain good knowledge over all of the security and qos conepts before i take my R and S exam lab . just in case to feel extra bit of familiarity .. no hurry for me .. i still have 1.5 years to deal with R and s beast and silently waiting how cisco r and s team have been dealing with changes with the exam .

next i would be dealing with ccip track to gain high familiarity levels with bgp track .. as said iam enjoying my learning and what surprises me is that iam not learning for my certification of ccsp and ccvp tracks so it give me extra bit of edge over concepts and to take them as i wish as possible and grasp as much as i need …

installed pix over gns3 and it was real fun part .As mentioned i had problems with UR license but could solve that problem . will be posting all of those videos .. just waiting to see what i can include in my presentations.

learnt concepts about pix firewall family , pix administration , and acls .. was refreshing , object groups , nat principles and pix filtering services ..

will update you with other things ..

best regards
RaKeSh

Share on Facebook

Hello i have been trying to install pix and asa in my gns3 .. for the past day i was trying heavily to do some vpn labs but was making mistakes all around after 5-6 attempts i have mastered the art with site-site vpn and gre tunnels .

configuring sdm and acs was done on windows server 2k3 and i managed to configure site-site vpn and gre over ipsec with sdm after going through painful set of sdm where in i faced problems with loopback adapters ..

any how i could manage them . soon i will be releasing a video labs and pics

gooday

Share on Facebook

today i have decided to complete off ipsec – vpn and i have done so ..

was having problem installing sdm over gns3 .. but finally could do it ..

i will be posting a detailed screen shots of sdm installation and one very important thing to remember

available sdm versions are 2.5 which seems to be latest along with java 1.6 updates .

my advice is not to use 2.5 use 2.3 with java 1.5 updates instead other wise you are going to waste time as i did

best regards

Share on Facebook

Maximum segment size

Ethernet packet size = 1518 bytes

Ethernet II HEADER = 14bytes

ip header = 20 bytes

tcp header = 20 bytes (without options)

data area = x bytes

ethernet II trailer = crc 4 bytes

1518 bytes = 14 + 20 + 20 + x + 4

x = 1518 – 58 = 1460 bytes

there fore a data packet segment size can be a max of 1460 bytes

Share on Facebook

TCP OPTIONS

MSS = MAXIMUM SEGMENT SIZE

SACK PERMITTED = SELECTIVE ACKS

WINDOW SCALE = INCREASE WINDOW

TIMESTAMP = DETERMINE ROUND TRIP LATENCY

Share on Facebook

Urgent Pointer

This pointer will make to read / skip in reading data field as wanted

This points to where data should be read first

only used if URG bit is set to 1


ETHERNET HEADER
IP HEADER
TCP HEADER
DATA AREA * ——————————–> URG =1 ; URGENT POINTER = XXXX
ETHERNET II TRAILER CRC

Share on Facebook

Checksum on the tcp header

source ip address field value

destination ip address field value

protocol field value

length value (tcp header + Data)

Share on Facebook

Congestion Avoidance

Assumption : If we are to deal with pure technique on how tcp reacts for congestion we assume things that packets are lost not because of faluts ; packets are lost because of congestion itself

as we know that congestion windows gradually increases with increments of 1MSS from previous post or the other way to deal with increments of packets are

SEGMENT SIZE * SEGMENT SIZE /CONGESTION WINDOW

once we hit threshold windows size drops to 50% of its present value and again the process continues

Let us say a packet encountered congestion at 10000 bytes of data . now it drops back to 50% therefore the present size would 5000 bytes and process continues

Share on Facebook