
Building configuration...

Current configuration : 7667 bytes
!
! Last configuration change at 20:56:50 Berlin Sun Nov 4 2007 by tobias
! NVRAM config last updated at 00:07:59 Berlin Sat Nov 3 2007 by tobias
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname router1
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 131072 debugging
enable secret 5 *****
!
clock timezone Berlin 1
clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local 
aaa session-id common
ip subnet-zero
no ip source-route
!
!
!
!
ip tcp synwait-time 10
ip cef
ip domain name *****
no ip bootp server
ip inspect audit-trail
ip inspect tcp max-incomplete host 50 block-time 30
ip inspect name mypolicy esmtp
ip inspect name mypolicy http
ip inspect name mypolicy cuseeme
ip inspect name mypolicy netshow
ip inspect name mypolicy realaudio
ip inspect name mypolicy rtsp
ip inspect name mypolicy streamworks
ip inspect name mypolicy vdolive
ip inspect name mypolicy h323
ip inspect name mypolicy skinny
ip inspect name mypolicy sip
ip inspect name mypolicy sqlnet
ip inspect name mypolicy ftp
ip inspect name mypolicy tftp
ip inspect name mypolicy rcmd
ip inspect name mypolicy icmp
ip inspect name mypolicy fragment maximum 256 timeout 1
ip inspect name mypolicy tcp
ip inspect name mypolicy udp
ip ips sdf location flash://attack-drop.sdf
ip ips fail closed
ip ips notify SDEE
ip ips po max-events 100
ip ips name sdm_ips_rule
vpdn enable
!
vpdn-group 1
 request-dialin
  protocol pppoe
!
no ftp-server write-enable
!
isdn switch-type basic-net3
!
!
username tobias privilege 15 view root password 7 *****
!
! 
no crypto isakmp ccm
!
!
!
interface Null0
 no ip unreachables
!
interface BRI0
 description Alternatives ISDN-Interface
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip ips sdm_ips_rule in
 ip ips sdm_ips_rule out
 ip virtual-reassembly
 ip route-cache flow
 shutdown
 isdn switch-type basic-net3
 no cdp enable
!
interface FastEthernet0
 description Anschlu§ des DSL-Modems$ETH-WAN$
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 speed auto
 half-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface FastEthernet1
 no cdp enable
!
interface FastEthernet2
 no cdp enable
!
interface FastEthernet3
 no cdp enable
!
interface FastEthernet4
 no cdp enable
!
interface Vlan1
 description LAN$FW_INSIDE$
 ip address 149.88.100.89 255.255.255.248
 ip access-group sdm_vlan1_in in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip ips sdm_ips_rule in
 ip ips sdm_ips_rule out
 ip virtual-reassembly
 ip route-cache flow
!
interface Dialer1
 description T-DSL dialer$FW_OUTSIDE$
 ip address negotiated
 ip access-group 102 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip inspect mypolicy in
 ip ips sdm_ips_rule in
 ip ips sdm_ips_rule out
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp chap refuse
 ppp pap sent-username ***** password 7 *****
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http access-class 9
ip http authentication local
ip http secure-server
!
!
!
!
ip access-list extended sdm_vlan1_in
 remark SDM_ACL Category=1
 remark Allow own traffic to the Internet
 permit ip 149.88.100.88 0.0.0.7 any log
 remark Stop illegal outgoing traffic
 deny   ip any any
access-list 9 permit 149.88.100.88 0.0.0.7
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 149.88.100.88 0.0.0.7 any
access-list 100 deny   ip any any
access-list 101 permit ip any any
access-list 102 remark SDM_ACL Category=17
access-list 102 remark Auto generated by SDM for NTP (123) 17.72.133.42
access-list 102 permit udp host 17.72.133.42 eq ntp any eq ntp
access-list 102 remark Apple Remote Desktop
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq 3283 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 3283 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq 5900 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 5900 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 5432 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 5988 log
access-list 102 remark Apple Remote Desktop
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 5989 log
access-list 102 remark SSH
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 22 log
access-list 102 remark SSH
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq 22 log
access-list 102 remark Telnet
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq 23 log
access-list 102 remark Telnet
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq telnet log
access-list 102 remark TFTP
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq tftp log
access-list 102 remark SFTP
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 115 log
access-list 102 remark Server Admin
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 311 log
access-list 102 remark Entfernter Verzeichniszugriff
access-list 102 deny   tcp any 149.88.100.88 0.0.0.7 eq 625 log
access-list 102 remark Seriennummerunterst^Otzung
access-list 102 deny   udp any 149.88.100.88 0.0.0.7 eq 626 log
access-list 102 remark Prevent networks claiming to be me
access-list 102 deny   ip 149.88.100.88 0.0.0.7 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip host 0.0.0.0 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip 10.0.0.0 0.255.255.255 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip 127.0.0.0 0.255.255.255 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip 172.16.0.0 0.15.255.255 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip 192.168.0.0 0.0.255.255 149.88.100.88 0.0.0.7 log
access-list 102 remark Stop illegal traffic
access-list 102 deny   ip 224.0.0.0 15.255.255.255 149.88.100.88 0.0.0.7 log
access-list 102 permit ip any any
dialer-list 1 protocol ip list 101
no cdp run
!
!
control-plane
!
banner login ^CWelcome to ***** !
This is a private system; access is prohibited.
Contact for inquiries: *****
-------------------------------------------
Willkommen bei ***** !
Dies ist ein privates System; Zugriff nicht gestattet.
Kontakt fŸr Anfragen: *****^C
!
line con 0
 password 7 *****
 login authentication local_authen
 transport output telnet
line aux 0
 login authentication local_authen
 transport output telnet
line vty 0 4
 access-class 100 in
 exec-timeout 30 0
 password 7 *****
 authorization exec local_author
 login authentication local_authen
 transport input ssh
!
scheduler allocate 4000 1000
scheduler interval 500
ntp clock-period 17179935
ntp server 17.72.133.42
end