tracert -d %1.blah.foobar.com >>c:\mailte$t\%username%.txt echo. >> c:\mailte$t\%username%.txt : : ping with max sized ICMP packets echo PINGING to %1 >>c:\mailte$t\%username%.txt : : unwrap the next two lines ping -L 1472 %1.blah.foobar.com | find /i "Reply from" >>c:\mailte$t\%username%.txt : echo. >> c:\mailte$t\%username%.txt echo. >> c:\mailte$t\%username%.txt : : Now ftp it to the 2.104 server using the script file : C:\ftpcmd.txt : ftp -s:c:\ftpcmd.txt x.x.2.104 exit Contents of ftpcmd.txt file: cisco cisco1 put c:\mailte$t\*.txt bye exit Basically, it's username password ftp command ftp command etc. etc. ****************************************************************** ******** From: Question 76 Subject: Where can I find a list of undocumented IOS commands? http://www.boerland.com/dotu/ ****************************************************************** ******** From: Question 77 Subject: Where can I find information on securing or hardening Cisco routers? Cisco Router Hardening Step-by-Step http://rr.sans.org/firewall/router2.php Improving Security on Cisco Routers: http://www.cisco.com/warp/public/707/21.html Cisco PSIRT Advisories http://www.cisco.com/warp/public/707/advisory.html Cisco's Security Technical Tips http://www.cisco.com/warp/public/707/index.shtml Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks http://www.cisco.com/warp/public/707/newsflash.html Characterizing and Tracing Packet Floods Using Cisco Routers http://www.cisco.com/warp/public/707/22.html Denial of Service (DoS) Attack Resources http://www.denialinfo.com/ ****************************************************************** ******** From: Question 78 Subject: How can I connect two Cisco routers back to back through the AUX ports? Connecting Routers Back-to-Back Through the AUX Ports http://www.cisco.com/warp/public/793/access_dial/auxback.html Configuring AUX-to-AUX Port Async Backup with Dialer Watch http://www.cisco.com/warp/public/471/aux-aux-watch.html Using the AUX Port on Cisco Routers for IP/IPX Router Communications http://www.networkingunlimited.com/white006.html ****************************************************************** ******** From: Question 79 Subject: How do I use Secure Shell (SSH) on Cisco devices? Configuring Secure Shell (SSH) on Cisco IOS® Routers http://www.cisco.com/warp/public/707/ssh.shtml How to Configure SSH on Catalyst Switches Running CatOS http://www.cisco.com/warp/public/707/ssh_cat_switches.html ****************************************************************** ******** From: Question 80 Subject: Can I use a /31 address space for my serial point-to-point interfaces? It depends. If you have 12.2.x release of IOS, you can use /31 address. For example: interface Serial5/1 ip address 192.168.1.1 255.255.255.254 See the following for more information: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t /122t2/ft31addr.htm ****************************************************************** ******** From: Question 81 Subject: How do i see log messages on the router console? Log messages are broken into 7 levels, and they can go to 3 places: - Console (console logging) - Monitor (any line configured with "monitor" or with the "terninal monitor" exec command) - trap (syslog) The command to turn up log messages is "logging (place) (level)" In your case, you probably want logging console informational for minumum messages or logging console debug for debugging messages. Tip: console logging is disabled by default because the console serial port makes 1 interrupt per character, and has the highest prioriy of any interrupt on the box. If you want to do console logging, you should probably also rate limit the messages, since an uncontrolled flood of messages to the console can literally cause the box to slow to a crawl and fail. In most cases, it is a better idea to telnet to the box, and debug using 'monitor' logging and "terminal monitor" on the vty. ****************************************************************** ******** From: Question 82 Subject: What is my overhead of using IPSec IPSec Overhead [ from another net posting ] esp-des = 24 bytes esp-3des = 24 bytes ah-sha-hmac = 24 bytes ah-md5-hmac = 24 bytes esp-md5-hmac = 12 bytes esp-sha-hmac = 12 bytes standard header = 20 bytes esp-des/esp-md5-hmac = 56 bytes esp-3des/esp-sha-hmac = 56 bytes esp-des/ah-sha-hmac = 68 bytes esp-des/ah-md5-hmac = 68 bytes esp-des/ah-sha-hmac/esp-sha-hmac = 80 bytes other gre = 24 bytes For example I use ESP over AH with a GRE tunnel in tunnel mode. 20 (IP header) + 24 (AH header) + 16 (ESP header) + 4 (GRE) +2 (ESP trailer) My MTU is 1500 - 66 = 1434 ****************************************************************** ******** From: Question 83 Subject: What is the pinout for the DB9 to RJ45 connector? ok, I just tested the pinouts of a DB9-RJ45 adapter that I have her this is what I found: DB9 RJ45 1 - nothing 2 - 6 3 - 3 4 - 2 5 - 4&5 together 6 - 7 7 - 1 8 - 8 9 - nothing ****************************************************************** ******** From: Question 84 Subject: Should I use a T1, Cable modem or DSL for Internet connections? This question comes up often enough it probably should be in the FAQ. Each has its advantages and each has its weaknesses. Which is best will depend upon the specific business requirements and how the network is used. T1/E1 - Providers tend to treat T1's as serious business products. They tend to be better managed and service response to outages is usually quick. Data rate is a constant, if you order 1.544Mbps, you get 1.544 Mbps in both directions. (Note: fractional T1 may be available with asymmetric capacity provisioned). DSL - Providers consider this a "consumer grade" offering. Users experience has been more frequent outages. More important, response to failures that do occur tends to be slow, particularly if the local telco providing the copper is competing with the DSL provider. ADSL provides asymmetric data rates, but "business grade" offerings, such as IDSL and SDSL provide the same data rates both upstream and downstream. High data rates are only available to users close to the telephone central office. Cable - Shared medium subject to fluctuating bandwidth availability. Reliability will depend upon the local cable company, and can vary widely. On average, tends to be about as available as DSL. Only available in areas wired for cable TV, which could limit availability in business parks and other non-residencial areas. Also only available where the cable franchise has chosen to offer the service. Other Considerations (feel free to add ones I've missed) Provisioning of redundant connectivity for servers offered to the public versus internal users browsing the Internet versus VPNs for cost savings all have very different requirements and solutions suitable for one may not work with the others. BGP support for multihoming is typically only available on T1 links. But then again, if you're only surfing or VPNing there are easier ways to get redundancy that do not require BGP. In most markets, you can buy a lot of ISDN backup for the price difference between DSL/Cable and T1. Many DSL/Cable providers will block VPN and inbound traffic to your servers unless you purchase their premium "business" service. Make sure the conditions of service are compatible with your needs. DSL is rarely good backup for T1 because both share the same single points of failure in the telco local loop provisioning. Cable can provide more diversity as a backup, but may still be sharing common single points of failure such as power poles. ****************************************************************** ******** From: Question 85 Subject: How do I change the time length of 15 mins that is used when displaying the Show ISDN history command? You can try the command isdn-mib retain-timer ****************************************************************** ******** From: Question 86 Subject: Why do I see "double" characters when I telnet into my router? >I have a 2500 router, and it's display double commands as shown below. >cclloocckk rraattee 6644000000 >what can I do to fix it. Thanks. Looks to me like you have local echoing configured on your terminal emulator. Turn it off and let the router do all the echoing. ****************************************************************** ******** From: Question 87 Subject: How do I see power-supply failures via SNMP? you need two commands . hardening Cisco routers? Cisco Router Hardening Step-by-Step http://rr.sans.org/firewall/router2.php Improving Security on Cisco Routers: http://www .cisco. com/warp/public/707/21.html Cisco PSIRT. on Cisco devices? Configuring Secure Shell (SSH) on Cisco IOS® Routers http://www .cisco. com/warp/public/707/ssh.shtml How to Configure SSH on Catalyst Switches Running CatOS http://www .cisco. com/warp/public/707/ssh_cat_switches.html. of Service (DDoS) Attacks http://www .cisco. com/warp/public/707/newsflash.html Characterizing and Tracing Packet Floods Using Cisco Routers http://www .cisco. com/warp/public/707/22.html Denial