O’zbekiston respublikasi axborot texnologiyalari va kommunikatsiyalarini rivojlantirish vazirligi muhammad al-xorazmiy nomidagi toshkent axborot texnologiyalari


tarmoqdagi komp’yuterlar daryo.uz saytiga kirishga ruxsat berilsin, boshqa serverlarga kirish cheklansin



Download 4,13 Mb.
bet24/72
Sana14.07.2022
Hajmi4,13 Mb.
#799383
1   ...   20   21   22   23   24   25   26   27   ...   72
Bog'liq
METODICHKA Tarmoq xavfsizligi

192.168.1.0 tarmoqdagi komp’yuterlar daryo.uz saytiga kirishga ruxsat berilsin, boshqa serverlarga kirish cheklansin;

  • 192.168.2.0 tarmoqdagi kompyuterlar soft.uz saytiga kirishga ruxsat berilsin, boshqa serverlarga kirish cheklansin;

  • 192.168.3.0 tarmoqdagi komp’yuterlar mail.ru saytiga kirishga ruxsat berilsin, boshqa serverlarga kirish cheklansin;

  • 192.168.3.0 tarmoqdagi komp’yuterlar ftp ga kirishga ruxsat berilsin, boshqa serverlarga kirish cheklangan bodishi kerak;

    Yuqoridagi shartlarni bajarish uchun Assess list ning kengaytirilgan ACL dan foydalanamiz.
    Ishni bajarish tartibi
    Serverlarni vlan 50 ga biriktiramiz.
    Switch 1 ni sozlash
    Switch>enable Switch#conf t
    Switch(config)#hostname Sw1 Sw1 (config)#vlan 50 Sw1 (config-vlan)#exit
    Sw1 (config)#interface range fastEthernet 0/1-4 Sw1 (config-if-range)#switchport mode access Sw1 (config-if-range)#switchport access vlan 50 Sw1 (config-if-range) #exit Sw1 (config)#int fa0/5 Sw1 (config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 50 Switch (config-if) #exit
    Switch 2 sozlash
    Switch>en Switch#conf t
    Switch(config)#hostname Sw2
    Sw2 (config)#vlan 10
    Sw2 (config-vlan)#vlan 20
    Sw2(config-vlan)#vlan 30
    Sw2(config-vlan)#vlan 40
    Sw2 (config-vlan)#vlan 50
    Sw2 (config-vlan)#exit
    Sw2(config)# interface fastEthernet 0/1
    Sw2(config-if)#switchport mode trunk
    Sw2(config-if)#switchport trunk allowed vlan 50
    Sw2(config-if) #exit
    Sw2(config)# interface fastEthernet 0/3 Sw2(config-if)#switchport mode access Sw2(config-if)#switchport access vlan 10 Sw2(config-if) #exit
    Sw2(config)#interface fastEthernet 0/4 Sw2(config-if)#switchport mode access Sw2(config-if)#switchport access vlan 20 Sw2(config-if) #exit
    Sw2(config)# interface fastEthernet 0/5 Sw2(config-if)#switchport mode access Sw2(config-if)#switchport access vlan 30 Sw2(config-if) #exit
    Sw2(config)# interface fastEthernet 0/6 Sw2(config-if)#switchport mode access Sw2(config-if)#switchport access vlan 40 Sw2(config-if #exit
    Sw2(config)# interface fastEthernet 0/2 Sw2(config-if)#switchport mode trunk Sw2(config-if)#switchport trunk allowed vlan 10,20,30,40,50 Sw2(config-if #exit
    Router ni sozlash
    Router>en
    Router#configure terminal
    Router(config)#intfa 0/0
    Router(config-if)#no shutdown
    Router(config-if)#exit
    Router(config)#int fa 0/0.10
    Router(config-subif)#encapsulation dot1Q 10
    Router(config-subif)#ip address 192.168.1.1 255.255.255.0
    Router(config-subif)#exit
    Router(config)#int fa 0/0.20
    Router(config-subif)#encapsulation dot1Q 20
    Router(config-subif)#ip address 192.168.2.1 255.255.255.0
    Router(config-subif)#exit
    Router(config)#int fa 0/0.30
    Router(config-subif)#encapsulation dot1Q 30
    Router(config-subif)#ip address 192.168.3.1 255.255.255.0
    Router(config-subif) #exit
    Router(config)#int fa 0/0.40
    Router(config-subif)#encapsulation dot1Q 40
    Router(config-subif)#ip address 192.168.4.1 255.255.255.0
    Router(config-subif)#exit
    Router(config)#int fa 0/0.50
    Router(config-subif)#encapsulation dot1Q 50
    Router(config-subif)#ip address 192.168.5.1 255.255.255.0
    Router(config-subif)#exit
    Routerga quyidagi buyruqlar yoziladi:
    Router(config)#
    Router(config)#ip access-list extended TEST Router(config-ext-nacl)#permit icmp any any
    Router(config-ext-nacl)#permit tcp 192.168.1.0 0.0.0.255 host 192.168.5.2 eq 80
    Router(config-ext-nacl)#permit tcp 192.168.2.0 0.0.0.255 host 192.168.5.3 eq 80
    Router(config-ext-nacl)#permit tcp 192.168.3.0 0.0.0.255 host 192.168.5.4 eq 20
    Router(config-ext-nacl)#permit tcp 192.168.3.0 0.0.0.255 host 192.168.5.4 eq 21
    Router(config-ext-nacl)#permit tcp 192.168.4.0 0.0.0.255 host 192.168.5.5 eq 80




    Download 4,13 Mb.

    Do'stlaringiz bilan baham:
    • 1   ...   20   21   22   23   24   25   26   27   ...   72



    Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
    ma'muriyatiga murojaat qiling
    kiriting | ro'yxatdan o'tish
        Bosh sahifa
    юртда тантана
    Боғда битган
    Бугун юртда
    Эшитганлар жилманглар
    Эшитмадим деманглар
    битган бодомлар
    Yangiariq tumani
    qitish marakazi
    Raqamli texnologiyalar
    ilishida muhokamadan
    tasdiqqa tavsiya
    tavsiya etilgan
    iqtisodiyot kafedrasi
    steiermarkischen landesregierung
    asarlaringizni yuboring
    o'zingizning asarlaringizni
    Iltimos faqat
    faqat o'zingizning
    steierm rkischen
    landesregierung fachabteilung
    rkischen landesregierung
    hamshira loyihasi
    loyihasi mavsum
    faolyatining oqibatlari
    asosiy adabiyotlar
    fakulteti ahborot
    ahborot havfsizligi
    havfsizligi kafedrasi
    fanidan bo’yicha
    fakulteti iqtisodiyot
    boshqaruv fakulteti
    chiqarishda boshqaruv
    ishlab chiqarishda
    iqtisodiyot fakultet
    multiservis tarmoqlari
    fanidan asosiy
    Uzbek fanidan
    mavzulari potok
    asosidagi multiservis
    'aliyyil a'ziym
    billahil 'aliyyil
    illaa billahil
    quvvata illaa
    falah' deganida
    Kompyuter savodxonligi
    bo’yicha mustaqil
    'alal falah'
    Hayya 'alal
    'alas soloh
    Hayya 'alas
    mavsum boyicha

    yuklab olish