Suraj Dhungel

बिद्युतिय अथवा प्रविधिको माध्यमबाट प्रविधिमै निर्भर रहने सिस्टम्स, नेटर्वकस, प्रोग्राम्समा मानबिय त्रुटी/अज्ञानता/अचेतना अथवा प्रविधि भित्रको छिद्रको सहयाताले अनधिकृत रुपमा गरिने आक्रमणलाई साइबर अट्याक भन्न सकिन्छ । यसरी सिस्टम्स, नेटवर्कस र प्रोग्राममा हुन सक्ने आक्रमणबाट जोगाउन अपनाईने प्रविधि तथा मानविय चेतनालाई साईबर सेक्युरिटि भनिन्छ । प्रविधिको प्रयोगबाट हुन सक्ने आक्रमणलाई प्रविधिकै प्रयोग गरेर रोक्नु मात्र साईबर सेक्युरिटि होइन दोहो¥याएर पढ्नुहोस् प्रविधिको प्रयोगबाट हुन सक्ने आक्रमणलाई प्रविधिकै प्रयोग गरेर रोक्नु मात्र साईबर सेक्युरिटि होइन । यसले बिभिन्न उपकरण तथा पक्षबाट संकलन गरिएको लग तथा अलर्टको विश्लेषण गरी आवश्यक कदम चाल्न सक्ने क्षमतालाई समेत जनाउदछ र साईबर सेक्युरिटि शब्दले प्रविधिको प्रयोग गर्ने व्यक्तिको सूचना प्रविधि प्रयोग सम्बन्धि चेतना, ज्ञान, बोध आदी समेतलाई समेटदछ । साईबर अट्याक मूलत अनधिकृत रुपमा कुनै सिस्टम्स, नेटर्वकस र प्रोग्राम भित्र छिर्न, त्यहाँ रहेको डाटा परिवर्तन गर्न तथा भएको डाटालाई हटाउन बिगार्न तथा कुनै संस्थाले प्रदान गर्ने सेवा, सुविधा, सुचना...

Around one year ago one of our customer ( A Leading “A class” Commercial Bank of Nepal) ask us to design, configure BGP on their network. I was the responsible person to handle this project. Resources. 1. They had two routers for redundancy. One router should work as a Primary and another router should work as a Secondary for fail-over.   2. They had /23 Subnets which is provided by IANA. For Confidentiality I’m going to use 193.168.0.0/23 Subnet in this blog instead of real Subnet they are currently using .   3. They were planning to connect with two ISP for BGP upstream.   4. Because of router incapability global routing table cannot be received from ISP so we had to plan accordingly.   Scenario. 1. I had to configure one Router as a Primary and another Router as a Secondary. For that I can use Multi Exit Discriminator Attribute of BGP but I had decided to use HSRP. 2. I had to Subnet to /23 network in two different /24 network because I ...

1. Configure IP Address as shown in the diagram 2. Configure Loopback Address as shown in the diagram 3. Configure AS number as shown in the diagram 4. Configure eBGP between AS 5. Configure OSPF in AS 1 6. Configure AS 1 in such a way so R1, R10 and R11 should be in the AS 64512 and R9, R12 and R13 should be in the AS 64534 Other AS should see only AS1 not Private AS Number when they receives routes Inside Sub-AS i.e. 64512 and 64534 full-mesh iBGP should be configured with the most scalable manner Hint (R1 and R9 should be Route-Reflector for the AS 64512 and 64534) Configure eBGP between R11 and R12 7. AS 2 have 192.168.120.0/24 network on his AS and Currently this network is propagating in BGP from AS 2. For some reason a part of that network (192.168.120.248/29) belongs to AS1 configure the needed router to achieve the goal with keeping this informaiton on mind. 8. By default AS1 is the shortest path to go to AS3 from AS2. Because of Bandwidth L...

Site-to-Site IPSec VPN Cisco-Juniper :   Scenario! Here in this LAB we have seven routers. R1, R2 and R3 routers represents Branch Router. R1 is working here as the HQ router and R2 and R3 as the Branch Router. R1 and R2 routers are from Juniper Networks and R3 router is from Cisco Inc. R4 router is working as an internet router. Other routers (R5 to R7) are working here as an end device. Task 1.       Configure Policy-based site-to-site VPN. 2.       Consider R4’s loopback address as internet route. 3.       R5 and R6 are configured as server so these servers should be reached from Branch Office too. 4.       Both Branch i.e. R2 and R3 should get internet from HQ i.e. R1 5.       In HQ router we have three zones named SERVER, INTERNET and INTRANET. SERVER Zones belongs to R5 and R6. INTERNET Zone belongs to R4 and INTRANET Zone belongs to the i...