Swap file is mainly used for virtual memory by the Operating System.While installing Redhat Linux you get the option of creating a swap partition.Generally, we can keep size of swap file to 1.5 the size of actual RAM. So if your RAM is 1GB then you can keep Swap partition of 1.5 GB.

But if you have not created a swap partition while installing Linux then you can follow the steps given below to create a swap file in existing file system.

You need to use dd command to create swapfile. Next you need to use mkswap command to set up a Linux swap area on a device or in a file.

a) Login as the root user

b) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288
If you would like to keep 1GB of swpafile then count will be 1048576
If you would like to keep 2GB of swpafile then count will be 2097152

c) Set up a Linux swap area by giving command :
# mkswap /swapfile1



d) Activate /swapfile1 swap space immediately:
# swapon /swapfile1

e) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab

Append following line to the fstab file :
/swapfile1 swap swap defaults 0 0

So next time Linux comes up after reboot, it enables the new swap file for you automatically.

g) How do I verify swap is activated or not?
Simply use free command:
# free -m

This will complete your configuration of making a swap file.
You can also see the usage of swap file by giving command
#top -c


Other categories

Cisco Jokes Photos Tutorials Voip Goa

The current financial crisis is growing day by day.The jobs are cutting down and the impact is being faced by the common man also.If you would like to know how this all started,
what was behind this crisis and how it is going to impact us.All this you can know from this site.The links to various topics are given.

The other interesting blog I got about Warren Buffet is this one.


Other categories

Cisco Jokes Photos Tutorials Voip Goa

Few days ago I attanded a training on PortWise SSL VPN.Here, are some important points for the same.
First, for the VPN technologies there are two options available.Those are IPSEC VPN and SSL VPN.In IPSEC VPN the client is mainly
static that means the VPN software has to be installed on the machine where you have to access VPN.So it gets pretty difficult when the user is roaming like the sales guys.
So for the roaming clients there is option available which is SSL VPN.In SSL VPN a small tiny Activex cleint gets loaded which is used for getting the access to the main VPN server through
any browser.

Here is some information on PortWise SSL VPN product.
There are mainly six stages from connection establihment to termination.

The first one is Assess the client machine from which the connection will get established.

There are some conditions which has to be satisfied before allowing the access to your internal nework via VPN.The requirements
can be a specific Antivirus software with latest virus definitions, specific Operaing System with lates patches, Specific Antispyware
with latest definitions, or a specific MAC address.If these conditions are not met then the connection does not get established between client and the VPN server.
These connections simply get refused.

The second one is Authenticate.
It supports following authentication methods
1.Integrated authentication
PortWise Web, Synchronized, Challenge, Mobile Text, and Password
2.Third party client authentication
RADIUS
3.Third party server authentication
RSA SecurID, SafeWord, Active Directory, LDAP etc.
4.Public Key Infrastructure (PKI)
Multiple Certificate Authority (CA) support
Certificate Revocation List (CRL), Control Distribution Point (CDP) support

The third one is Authorize stage.
It determines which applications a user gains access to.
It supports
Policy based authorization based on:
-Group Membership
-AuthenticationType
-Source IP Address
-Date & Time
-Assessment

It Integrates with existing infrastructure It may be Microsoft Active Directory, OpenLDAP, Novell eDirectory Services, etc.




Next stage is Access.It creates a secure encrypted network tunnel between the users device and the application
It supports Mainframe, Client/Server, Web, Terminal Server and File Server application support
Portal-based to mask complexity
Extensible API for custom development
PortWise Access Client
Native Windows, pure Java (Mac/Linux), native Symbian and Pocket PC


The next stage is Audit.
You can audit who accessed which application, when they did it, and what was downloaded
Features are
-Central logging
-Log Viewer
-Debug logging capability
-UNIX syslog/Windows event log

The last stage is Abolish.
In this stage ALL traces of access to the corporate network on completion of the session are removed.
Browsers are renowned for creating a “snail trail” of information during an access session
All traces of access including below are eradicated:
-Cookies
-URL history
-Cached Pages
-Registry Entries
-Downloadable Components

The PortWise network consists of following services.
Administration service,Access point, Policy service, and Authentication service.
These services can be run on either one server or on different servers.The best practice is to keep them on different servers.

The Administrative service provide below things
-Web-based administration interface
-Task-oriented approach
-Wizards for common tasks
-Interface adapted to features included in the license
-Context-sensitive online user assistance

Access point service Handles access decisions, Web access. WAP access, Access Client
You can configure authorization settings and set encryption level, protect specific paths with access rules

Under Policy service you can manage security policies, access rules, users.
Security policy management
-Authenticates
-Audits
-Validates certificates as well as digital signatures

Access rules
-Who wants access
-Which resource is requested
-Through which communication channel
-Which authentication method is required

-User Management

Authentication service manages authentication.The supported authentication methods are
-Web
-Mobile Text
-Challenge
-Synchronized
-Password
It also supports Radius based authentication.



Other categories

Cisco Jokes Photos Tutorials Voip Goa

Implementing password less login in Linux

1.Create a user by giving command usradd and set password by giving command passwd
2.Login with that username
3.Give command ssh-keygen - t rsa
Press Enter for below options
Enter file in which to save the key
Enter passphrase (empty for no passphrase)
Enter same passphrase again:
Then it will show the message

Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
a2:00:c1:84:d3:7a:4b:bc:52:f2:a1:e1:5d:c5:cc:40 user@machine

This will generate the rsa key for that particular user and will create 2 files in .ssh folder in that users home directory.The path will be /home/user/.ssh
the 2 files will be id_rsa and id_rsa.pub
4.We have to copy the id_rsa.pub file in the remote machine for which we need passwordless login.The same user must exist on the remote machine
and the contents of the same has to be copied in authorized_keys file
by giving
cat id_rsa.pub >> authorized_keys
command



5.Then on the remote machine we have to change the below options in sshd_config file present in the /etc/ssh directory.

RSAAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
#PasswordAuthentication yes
#PermitEmptyPasswords no
ChallengeResponseAuthentication yes
UsePAM no

These options are necessary for password less login to work.

6.Now restart the sshd service by giving the service sshd restart command.This will not terminate your existing session.
7.Try logging the user and it should go without the password.If still it is asking the password then check the file permissions for authorized_keys file
present on the remote machine.It should be 644(-rw-r--r--).

This should solve your problem of password less login.


Other categories

Cisco Jokes Photos Tutorials Voip Goa

Here, I am starting a new list for cisco commands.It is category wise built.Mostly I have included the commands from the Switching books.Lately I will include the commands for
routing also.The commands are mainly taken from Authorized BCMSN Guide,Cisco Press.


The URL is this.


Other categories

Cisco Jokes Photos Tutorials Voip Goa

This pdf contains all the protocols distribution layerwise.
The URL is this



Other categories

Cisco Jokes Photos Tutorials Voip Goa

The blogs I have subscribed in my Google reader

Last time I have given a small list of the blgs I have subscribed, now more blogs I have added in my Google Reader.For the uninitiated Google reader is a RSS reader.

1.http://6200networks.com -6200networks
2.http://vcappuccio.wordpress.com - A networker blog
3.http://ardenpackeer.com - ardenpackeer.com
4.http://www.cciecandidate.com - CCIE Candidate
5.http://ccie-in-3-months.blogspot.com - CCIE in 3 Months -Is it possible?
6.http://www.sunpenguin.net - CCIE Journey
7.http://ccielab.wordpress.com - CCIE Lab preparation
8.http://cciepursuit.wordpress.com - CCIE Pursuit Blog
9.http://ccie-chronicles.blogspot.com - Chronicles of CCIE Journey
10.http://www.ciscoblog.com - Cisco Blog
11.http://ciscohacks.com - Cisco hacks:Tips, Tricks and articles about Cisco products
12.http://blog.ioshints.info - Cisco IOs Hints and tricks
13.http://blog.sazza.de - Cisco Learning Blog
14.http://cisconac.blogspot.com - Cisoc NAC Appliance blog
15.http://ciscosolution.blogspot.com - Cisco Solution
16.http://ciscotips.wordpress.com - Cisco Tips and Tricks
17.http://www.ciscohq.com - Cisco HQ
18.http://www.colinmcnamara.com - Colin McNamara , CCIE 18233
19.http://www.djerk.nl - djerk.nl
20.http://joshualixin.spaces.live.com - EICC's space
21.http://sfarhananwar.blogspot.com - Farhan Anwar, CCIE#19871
22.http://sfarhananwar.spaces.live.com -Farhan's space
23.http://gigaom.com - GigaOM
24.http://blog.humanmodem.com - Human Modem
25.http://brokenpipes.blogspot.com - Inevitable
26.http://blog.internetworkexpert.com - CCIE blog
27.http://www.networkworld.com/community/doyle - Jeff Doyle on IP Routing (Jeff Doyle's Blog)
28.http://dorreke.wordpress.com - Kevin Dorrell's CCIE Study weblog
29.http://layer1transport.blogspot.com - Layer 1 Transport
30.http://mysecretofsuccess.wordpress.com - Mysecretofsuccess's weblog
31.http://crazyvlan.blogspot.com - Networking
32.http://packetlife.net - packetlife.net
33.http://cciejourney.wordpress.com - Routereflector's blog
34.http://ertw.com - Sean's obsessions
35.http://sesano.wordpress.com - Sesano's CCIE Dream
36.http://www.blindhog.net - blindhog.net


Other categories

Cisco Jokes Photos Tutorials Voip Goa