網頁

2009年6月28日 星期日

2009.6.28 98年成功盃全國心算數學大賽中華民國國手選拔賽

009.6.28(日) 這天在劍潭海外青年活動中心舉辦98年成功盃全國心算數學大賽中華民國國手選拔賽.

在2009.6.14(Sun)剛通過全國珠算九級及心算九級測驗, 珠算是80分, 心算是100分.

這回頭一次參加成功盃全國心算數學大賽. 後來兩個項目都拿到殿軍. 整個過程都蠻新鮮的.

尚恩目前是大班, 學珠心算過半個年頭了.

想趁著還沒入小學, 課業壓力還小的時候, 在晚上先學一些些的珠心算. 這種讓小朋友去才藝班上課的舉動另一方面也是因為父母親都有上班, 而下班時間都偏晚, 去接小孩的時間都不一定, 與其讓小孩下課後無聊的待在褓姆家看電視, 那還不如送去安親才藝班學東西. 這也是很多很多家庭都會遇到同樣的問題(晚下班), 所以安親才藝班才會在街頭巷尾都看得到.

學珠心算的結果只會對計算及專注力會有幫助. 台灣的學校教育, 很不幸的是只著重計算, 所以呢學珠心算剛好可以派得上用場.

謝謝主辦單位, 提供第四名殿軍的名額讓父母親可以得到安慰.

下面是當天用手機拍的一些情景.

20090628108

20090628111 幼初組心算第四名. 幼初00054是尚恩

不懂為什麼從380分之後的都沒有印出分數出來.

這是第二張的成績單, 沒有拍第一張.第一張有第一名500分滿分的名單, 第一名共七位, 七位中的四位是同一家補習班教出來的, 單位編號是51.

20090628120 幼童組數學第四名.數000008是尚恩

這裡也是一樣的情況, 370分之後的也沒有印出分數.

20090628118

20090628122

賽後感言:

從兩份成績單來看, 尚恩的成績剛好都在殿軍的車頭, 離季軍就差個十分二十分, 等於是再答對一兩題就進去了. 繼續分析一下, 可以說成專注度還要再提高一層, 少錯一題兩題才能擠進前三名. 所以呢, 往後在練習時, 要從旁協助如何提高專注度.

而 另一項要研究的是速度. 尚恩的心算速度比珠算快, 兩位數的心算, 題目練完時答案就出來了, 而珠算的速度要如何提高…, 指法是對的, 似乎只剩練習再練習. 心算雖然速度快, 但正確率不是頂好的, 那要如何去弭補這一塊. 心算是用空撥的方式計算出來, 珠算指法只要是對的, 那麼空撥撥法也是對的, 所以還是練習再練習囉…….

要練習多久, 一天要練多久, 一個禮拜要練多久, 這就 牽扯到父母將小孩送到才藝班的目的是甚麼? 如果只是不想讓他在褓姆家看電視, 那目前這樣的練習量及今天看到的成績已經很足夠了; 而如果是要讓小孩拿更好的成績, 那尚恩現在的成績還必須再鞭策, 要再嚴格, 要再盯緊……等等, 但這不是我們要的. 所以下一步還是想辦法從旁提高專注度即可.

後續:

後來在8月16的那個禮拜,蘆洲鮑金秀林老師帶班上全國前三名的小朋友到韓國比賽了!


2009年6月26日 星期五

2009.6.26 IOS kron occurrence

我自己的範例:

kron occurrence ClearTcpTcbSchedule at 4:00 recurring
policy-list ClearTcp

kron policy-list ClearTcp
cli terminal monitor
cli debug kron all
cli clear tcp tcb *
cli u all
exit

此例子為每天04:00時,會去執行clear tcp tcb *的指令

---------------------------------------------------------------------------------------------------------------------------------------------------------

kron occurrence

To specify schedule parameters for a Command Scheduler occurrence and enter kron-occurrence configuration mode, use the kron occurrence command in global configuration mode. To delete a Command Scheduler occurrence, use the no form of this command.

kron occurrence occurrence-name [user username] {in [[numdays:] numhours:] nummin | at hours:min [[month] day-of-month] [day-of-week]} {oneshot | recurring | system-startup}

no kron occurrence occurrence-name [user username] {in [[numdays:] numhours:] nummin | at hours:min [[month] day-of-month] [day-of-week]} {oneshot | recurring | system-startup}

Examples

The following example shows how to create a Command Scheduler occurrence named info-three and schedule it to run every three days, 10 hours, and 50 minutes. The EXEC CLI in the policy named three-day-list is configured to run as part of occurrence info-three.

Router(config)# kron occurrence info-three user IT2 in 3:10:50 recurring
Router(config-kron-occurrence)# policy-list three-day-list

The following example shows how to create a Command Scheduler occurrence named auto-mkt and schedule it to run once on June 4 at 5:30 a.m. The EXEC CLI in the policies named mkt-list and mkt-list2 are configured to run as part of occurrence auto-mkt.

Router(config)# kron occurrence auto-mkt user marketing at 5:30 jun 4 oneshot
Router(config-kron-occurrence)# policy-list mkt-list
Router(config-kron-occurrence)# policy-list mkt-list2

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

kron policy-list

To specify a name for a Command Scheduler policy and enter kron-policy configuration mode, use the kron policy-list command in global configuration mode. To delete the policy list, use the no form of this command.

kron policy-list list-name

no kron policy-list list-name

Syntax Description

list-name

String from 1 to 31 characters that specifies the name of the policy.

Examples

The following example shows how to create a policy named sales-may and configure EXEC CLI commands to run the CNS command that retrieves an image from a server:

Router(config)# kron policy-list sales-may
Router(config-kron-policy)# cli cns image retrieve server https://10.21.2.3/imgsvr/ status
https://10.21.2.5/status/

2009年6月25日 星期四

2009.6.25 Upgrading Firewalls in Failover Mode—Active-Standby

以下的步驟非常的清楚明瞭

  1. Download the new OS image into the primary firewall
  2. Save the running configuration on the primary unit
  3. Power off the primary unit and remove its network connections
  4. Restore power to the primary unit
    • Verify that the new operating system release is loaded and that it appears to run correctly
  5. Power the primary unit off again and reconnect its interface connections.
  6. Download the new OS image into the secondary unit
  7. Power off the secondary unit and restore power to the primary unit
  8. Remove network connections to the secondary unit
  9. Restore power to the secondary unit
    • Verify that the new operating system release is loaded and that it appears to run correctly
  10. Power off the secondary unit again, and then reconnect its interface connections.
  11. Restore power to the secondary unit again
  12. The secondary unit should boot up and assume the standby failover role.

2009年6月19日 星期五

2009.6.19 Some well known Ethernet multicast addresses

2009.6.19 Some well known Ethernet multicast addresses

Ethernet multicast address Type Field Usage

01-00-0C-CC-CC-CC 0x0802 CDP (Cisco Discovery Protocol), VTP (VLAN Trunking Protocol)

01-00-0C-CC-CC-CD 0x0802 Cisco Shared Spanning Tree Protocol Address

01-80-C2-00-00-00 0x0802 Spanning Tree Protocol (for bridges) IEEE 802.1D

01-80-C2-00-00-02 0x0809 Ethernet OAM Protocol IEEE 802.3ah

01-00-5E-xx-xx-xx 0x0800 IPv4 IGMP Multicast Address

33-33-00-00-00-00 0x86DD IPv6 Neighbor Discovery

33-33-xx-xx-xx-xx 0x86DD IPv6 Multicast Address (RFC 3307)

image

2009.6.19 Reserved address blocks

2009.6.19 Reserved address blocks

image

2009年6月17日 星期三

2009.6.17 Protect your router from a dictionary DoS attack

You may not realize it, but a dictionary denial of service (DoS) attack on Telnet, SSH, or HTTP ports could hit your Cisco router. In fact, I bet most network administrators have at least one, if not more, of these ports open for router management.

Of course, having these ports open to a public network is much more dangerous than leaving them open on a private network. But either way, you need to do whatever you can to protect your routers from a dictionary DoS attack, which attackers could use to gain access to your router or simply create a service outage on your network.

Thanks to login enhancements in IOS 12.3(4)T and later, you can provide your routers with additional protection. These new login enhancements offer the following benefits:

  • Create delays between successive login attempts.
  • Disallow login if there are too many failed login attempts.
  • Create messages in the system log or send SNMP traps that alert/record additional information about the failed and disallowed logins.

How do you know if your router contains the appropriate code? The simplest way to find out is to go to Global Configuration Mode and enter login ? This command returns a list of choices, as shown below:

block-for       Set quiet-mode active time period
delay Set delay between successive fail login
on-failure Set options for failed login attempt
on-success Set options for successful login attempt
quiet-mode Set quiet-mode options

If you don't have this code in your IOS, it will return an "Unrecognized command" error.

If you don't have the feature, use the Cisco IOS Feature Navigator to find the code for your router that has this feature. (Look for Cisco IOS Login Enhancements.) You can also use this tool to search for other features that you need. Keep in mind that a Cisco maintenance contract is necessary to download IOS code and access the Feature Navigator.

The only command required to configure the most basic form of these features is the login block-for command. Once you've enabled this command, there's a default login delay of one second. The system will deny all logins for a specified number of seconds if the maximum number of tries occurs within the time you indicate.

In global configuration mode, execute the following:

login block-for 
attempts within number of seconds>

Here's an example:

login block-for 120 attempts 5 within 60

This command configures the system to deny all logins to the router if there are five failed login attempts within 60 seconds. Then, if you enter show login, you'll receive the following output:

A default login delay of 1 second is applied.
No Quiet-Mode access list has been configured.


Router enabled to watch for login attacks.
If more than 5 login failures occur in 60 seconds or less,
logins will be disabled for 120 seconds.


Router presently in Normal-Mode.
Current Watch Window remaining time 54 seconds.
Present login failure count 0.

This shows you the setting you've configured, including the default login delay of one second, along with additional information. It also tells you that the router is in Normal Mode, which means that the router is currently allowing logins.

The router goes into Quiet Mode when it believes something has attacked it, and it begins denying all logins. You can also configure an ACL that will serve as an exclusion list of hosts/networks that the router will allow, regardless of whether it's in Quiet Mode.

Here are some options to configure some of these other commands:

  • login delay : Add the number of seconds of delay between failed logins. You can choose one to 10 seconds.
  • login on-failure and login on-success: This allows you to choose the type of logging/SNMP alerts when there are failed and successful logins.
  • login quiet-mode access-class : Add the ACL number, and this allows you to enter an exclusion list of hosts/networks allowed to log in to the router, regardless of whether the router is in Quiet or Normal Mode.

In general, I suggest enabling login block-for on all routers for security purposes. These new features will help better secure your routers.

And while you're at it--if you haven't already--consider enabling only SSH on your routers and only allowing access to that from the internal network. SSH encrypts all traffic between a PC and a router (including usernames and passwords).

For the complete command reference on these new features, check out the Cisco IOS Login Enhancements Documentation.

2009.6.17 12 great new features in Cisco IOS 12.3

Cisco IOS 12.3在2005年就出來了.

同樣的內容也可以在TechRepublic看到

-------------------------------------------------------------------------------------------------

12 great new features in Cisco IOS 12.3
Version 1.0
Feb. 4, 2005

by David Davis, CCIE, MCSE

There may be a few network engineers out there who jump at the chance
to upgrade Cisco routers to the latest software and drool on IOS
release notes. However, I suspect that for most of you, "investigate
and upgrade to the latest router IOS" is right up there with
"reorganize file cabinet" and "clean out storage room." As a
result, I am willing to bet that most of you haven't upgraded your
routers to the latest version of Cisco IOS 12.3.

The first release of IOS 12.3 was in 2003. Since then, Cisco has made a
number of minor releases that have included some very useful features.
So, whether you don't have any idea what version of code you are
running or you ran out and upgraded to 12.3 when it first came out and
have ignored the subsequent releases, you should take a close look at
the new features that are included in this IOS release.

I am going to highlight some of the major features included in IOS
12.3. I won't talk about the new IPv6 firewall that next-to-no-one is
going to use. Below is a list of 12 features I found most important,
but there are literally hundreds of other features. You can find out
more about the various features in Cisco's IOS 12.3 documentation.

<http://www.cisco.com/warp/public/732/releases/release123/major/>

Author's note: The name of each of the new features is linked to
Cisco's configuration documentation for that feature.

1. Network Admission Control (NAC)

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_8/gt_nac.htm>

Cisco's NAC runs on Cisco routers (running NAC on a switch is coming
soon). With NAC, you also have client software on every PC on your
network (the Cisco Trust Agent). A Cisco Secure Access Control Sever
(ACS) is required to be on the network. Before the PC can have network
access, its antivirus definition version is checked (you can have NAC
check other software versions as well). If the PC does not have the
required version, it is never given access to the network. Instead, it
can be quarantined to a private network to perform the necessary
upgrades. Microsoft has been working on a similar product called
Network Access Protection (NAP). Fortunately, the two companies have
gotten together to try to make their competing products compatible. For
more information on that, read "Cisco and Microsoft Join Forces to Help
Customers Address Security Threats."

<http://www.microsoft.com/presspass/press/2004/oct04/10-18CiscoSecurityPR.asp>

2. Intrusion Prevention System

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_8/gt_fwids.htm>

In IOS 12.0(5)T, Cisco introduced an Intrusion Detection System (IDS).
This version offered only 59 signatures to identify intrusions. These
signatures were not updateable. Thus, as new types of intrusions were
developed, the IOS did not protect against them.

In IOS 12.3(11)T Cisco now offers an Intrusion Prevention System (IPS)
with 118 signatures. The important difference in the new IPS is that it
allows customers to add new signatures as new attacks are developed. It
does this by using a Signature Definition File (SDF), located on the
router's flash. Customers can sign up for new IPS Alerts and read
about existing alerts at Cisco's Intrusion Prevention Alert Center.

<http://www.cisco.com/pcgi-bin/front.x/ipsalerts/ipsalertsHome.pl>

When a packet comes through the router that matches a signature, the
router can be configured to either alert the network administrator or
drop the packet and send an alert. Cisco claims that, due to the new
design, this can be done without affecting router performance.

3. Optimized Edge Routing (OER)

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_8/gt_oer1.htm>

OER is a new feature that allows load distribution at the WAN edge. At
my company, we have two T1 circuits to the Internet running BGP
best-path routing. (I detailed this in "How to use BGP to achieve
Internet redundancy.")

<http://techrepublic.com.com/5100-6265_11-1039765.html>

While it does give us redundancy, it does a poor job of load balancing.
This is because one provider is a Tier 1 and the other is a Tier 2. The
Tier 1 provider almost always offers shorter paths and almost all the
traffic goes across that circuit. We have tried to load-balance using
weight and MED, but it doesn't always work.

OER should be able to solve this type of load-balancing issue. With
OER, you define the policy for your latency, throughput, and link cost
parameters. The router uses this policy to determine how to balance the
load across your multiple WAN links. Most likely, these are Internet
links, but they could be other types of WAN links. OER supports both
static routing and BGP. All this can be configured on the router's
IOS. If you want to have a graphical interface to control a more
complex OER environment, you can buy an add-on OER Linux-based product
called OER Master Controller Engine.

4. Transparent Firewall

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gt_trans.htm>

Say that you want to add a firewall between two networks. Normally,
just like a router, each interface of a firewall has to be on a
different network. This sounds like a large network change, right?
Perhaps it doesn't have to be so complicated anymore.

With IOS 12.3(7)T, Cisco introduced the Transparent Firewall. The
benefits of the Transparent Firewall, as it works at Layer 2, are that
it can be added to an existing network with minimal configuration, and
it provides firewall security for that network. In fact, you can run a
Layer 2 Transparent Firewall on the same router that's running the
Layer 3 Firewall feature. In its most basic form, the Transparent
Firewall works like this: You create a bridge group, put your
interfaces in it, enable "ip inspect" (the firewall) on one of the
interfaces, create an access-list that will be applied to the other
interface, and voila, your Transparent Firewall is done.

5. Warm Upgrade

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_11/gtwarmup.htm>

Warm Upgrade allows a running router to read an IOS image, decompress
it, and immediately boot it. This keeps the router from having to shut
down, go back to ROMMON, load the image, and decompress the image.
Cisco says that this feature, which complements the Warm Reload feature
introduced in IOS 12.3(2)T, will cut down the time for router reboot
from four minutes to two minutes.

6. AutoQoS for the Enterprise

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_11/ft_aqose.htm>

AutoQoS (Quality of Service) is a new feature that discovers the types
of traffic on your network and the speeds of your interfaces, and then
configures the proper network quality for that traffic according to
best practices. This feature is primarily designed to assist in voice
and video quality over the WAN but can be used for a variety of other
things. AutoQoS can do in a few minutes what it could take a network
expert a few hours to do. The downside is that AutoQoS is not full of
options, it does not react to any future changes in the network, and
once it is configured, you still need a network expert to analyze its
results and make sure that it is working properly.

7. AutoSecure

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/ftatosec.htm>

AutoSecure analyzes your router's security settings and can make
changes for you. I won't go into detail on AutoSecure because I wrote
a full article on it for TechProGuild called "Automate Security
Configurations with IOS 12.3."

<https://techrepublic-secure.com.com/5143-22-22-21307.html>

8. CallManager Express (CME)

<http://www.cisco.com/univercd/cc/td/doc/product/access/ip_ph/ip_ks/cme32/cme32sa/cme32ovr.htm>

and Survivable Remote Site Telephony (SRST)

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_11/srst32ad/srs_over.htm>

CallManager Express (CME) has evolved from allowing a router to be a
very limited, stand-alone, Voice-over-IP (VoIP) phone system to a
nicely featured small to medium enterprise (SME) phone system (on a
router).

Concerning SRST, picture a large corporation that has a centrally
managed CallManager (a Cisco VoIP phone system) with many remote
locations. At these remote locations, the routers would have SRST
configured so that if the WAN connection to the central CallManager was
lost, the SRST-enabled router could provide limited calling features
for the remote phones.

9. Dynamic Multipoint VPN (DMVPN)

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftgreips.htm>

Okay, you got me: Technically, this feature came out in 12.2(13)T, but
it is so cool that I wanted to point it out. DMVPN allows routers to
dynamically bring up, as needed, VPN tunnels to each other over the
Internet. Better yet, these tunnels require only a very simple
configuration. In the past, to create a fully meshed VPN network, there
would have to be a fair amount of configuration on every router (or VPN
concentrator) for every remote site. As the number of remote sites
grew, these always-up VPN tunnels became very cumbersome to scale and
the configurations were unmanageable. With DMVPN, a fully meshed VPN
network can scale, and VPN tunnels are brought up only if needed.

10. IPSec Stateful Failover

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_11/gt_topht.htm>

This feature does exactly what it says it does. You have two routers,
both with IPSec tunnels, being contacted on the LAN with Hot Standby
Routing Protocol (HSRP). If one router goes down, in either a planned
or unplanned situation, the backup router takes over and the IPSec
tunnels never go down. While this has been available on higher-end VPN
concentrators, including it free in the router's IOS is a very nice
addition.

11. Network-Based Application Recognition (NBAR)

Most routers just look at traffic at Layer 3. With NBAR, a router can
look at Layers 4 through 7. That means that a router can recognize
applications. Once it can recognize the applications, it can then take
some action to ensure that that application gets higher priority, drop
packets from that application, or take some other action. NBAR has been
around since IOS 12.0, but it recognized only a small number of
applications. What is new in IOS 12.3 is that NBAR can now recognize
many more applications and new applications can be dynamically added
using a PDLM (Packet Description Language Module). Cisco regularly
releases new PDLMs for new applications. You can find that list at
their PDLM Web page (valid CCO login required).

<http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm>

12. Cisco Security Device Manager (SDM)

<http://www.cisco.com/en/US/products/sw/secursw/ps5318/>

SDM is a free Java management tool for routers. It requires IOS 12.2 or
12.3, depending on your router's model. I did a full article on SDM
so I won't go into what it offers. For more information, check out
the TechProGuild article "Use the free Cisco Security Device Manager to
work with routers."

<https://techrepublic-secure.com.com/5143-22-22-21307.html>

Final analysis

I hate to sound like those lawyers on TV commercials pitching their
services, but here are some things you need to know:

Upgrading your IOS requires that you are either under Cisco SmartNet
Maintenance program or you buy the latest IOS from a Cisco reseller.

Some of the features mentioned here are available only in certain
versions of the IOS. That version of the IOS may not function on all
routers due to CPU, RAM, and flash requirements. Visit the Cisco IOS
Upgrade Planner (valid CCO login required) to see the latest version of
the IOS that your router supports.

<http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi?majorRel>=

Once you know the latest IOS that your router supports, you can find
out if the features you want are in that IOS. To do that, browse the
release notes for that IOS at Cisco IOS New Feature Documentation.

<http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/index.htm>

Perhaps there are some features in IOS 12.3 that can make your life
easier or make your network more secure. I have ordered additional
flash memory for my core Internet router just to do the upgrade and get
the OER routing. I hope that you find some of the new Cisco IOS
features as exciting as I do. Upgrading your Cisco routers may seem
like a pretty mundane chore, but the new features make it well worth
the effort.

Additional resources

Cisco IOS 12.3 Major Release page (Flash presentation and a 40-page
PowerPoint)

<http://www.cisco.com/warp/public/732/releases/release123/major/>

Cisco IOS 12.3(11)T Release page (Flash presentation, video, and
customer Q&A)

<http://www.cisco.com/warp/public/732/releases/release123/123t/>

TechRepublic: Cisco Internetwork Operating System (IOS) Fundamentals

<http://techrepublic.com.com/5138-6249-729126.html>

ITPapers: Cisco Internet Operating System

<http://itpapers.techrepublic.com/abstract.aspx?docid=46092>

ITPapers: How to Choose a Cisco IOS Software Release

<http://itpapers.techrepublic.com/abstract.aspx?docid=99777>

Version history

1.0
Bug fixes - None
Feature changes - None

To see more downloads and get your free TechRepublic membership, please
visit

<http://techrepublic.com.com/2001-6240-0.html>

2009年6月14日 星期日

2009.6.14(Sun) 訂購的脈動式鼻腔水療器,下午收到了

中午到大葉吃午飯及逛街!

Timberland專櫃逛了一下, 看上一雙休閒鞋, 但沒下手! 廖小姐剛好又休假! 轉到四樓無印良品逛. 先前有用過無印的手帕及毛巾, 很合我的胃口, 所以各添一條! 而商務襯衫呢, 挑了一件短袖直條紋,它的標籤寫著新疆綿ストライプ(條紋的意思) 另外一行寫ボタンダウンシャツ(意思好像是釦子襯衫), 這件シャツ(襯衫)定價1390元, 比我之前買商務襯衫還便宜, 所以試買一件穿穿看. 這時旁邊的女王就在念念念!

回家後,先睡個午覺! 後來貨到了, 將使用指引讀完後, 先使用清溫水, 最弱的強度, 試洗一下! 先試右鼻孔, 鼻子很快就能適應, 但頭皮覺得發麻, 這感覺不知是對還是錯, 先暫停一會! 改洗左鼻孔, 頭皮還是覺得發麻! 將500cc溫水洗完後, 頭皮發麻感覺就沒了! 不過呢, 都沒有洗出髒東西出來!

然後改用加鹽巴的洗法再洗一次! 每一鼻孔要各洗250cc的鹽水, 還是用最弱的強度, 這回洗也沒有頭皮發麻的感覺, 洗的過程都很順利! 洗完後,鼻孔感覺還蠻清爽的!

洗一個禮拜後再來寫心得!

2009.6.14(Sun) 第一次認識陳衍寧的油畫畫作, 很美!

生於1945的廣東廣州人.

我不會寫評論.

下面是隨意挑選的畫作!

春宵

紅蜻蜓

雨後


2009年6月12日 星期五

2009.6.12(Fri) 善鼻脈動式水療洗鼻器

鑒於第二位醫生說我鼻子過敏, 所以比較容易感冒, 這種的感冒叫做過敏性感冒!
平常打羽球, 騎腳踏車這種所鍛練的體力, 還有吃維他命C等於都沒有用..........殘念!
於是今天打了一通到台中的電話,訂了一台脈動式水療洗鼻器. 說星期日就能收到!
到時在試用看看吧!


善鼻脈動式洗鼻器
善鼻 洗鼻鹽




2012.11.30 update
之前忘記寫心得, 在這裡補充一下.
會買這台洗鼻器, 詳細事情是這樣:
本來先感冒了(喉嚨痛, 咳嗽, 沒發燒, 沒頭痛, 有沒有鼻涕忘記了), 因為很輕微, 沒看醫生, 但一個禮拜後, 只剩乾咳, 兩個禮拜後, 還是乾咳, 於是就去看醫生.
三天藥吃完後, 還是乾咳.
去看第二次醫生, 醫生幫我改配方. 三天藥吃完後, 還是乾咳.
第三次去找醫生, 醫生很那悶也說很奇怪, 說要幫我打針, 並吃藥.
三天後, 依然乾咳........
後來想到醫生說我是過敏感冒.....於是就不找醫生了.
我去買了脈動式水療洗鼻器.
然後連續用兩個禮拜, 然後奇蹟的事發生了!
竟然沒咳了......
這兩個禮拜都沒吃藥喔, 就這樣洗鼻子, 就好了!
好神奇喔, 而且後續還有更神奇的事......
---------------------------------------------------------
我以往一年約感冒三到四次, 每一次感冒都沒發燒, 有時不看醫生, 有時有看醫生, 最久也是兩個禮拜感冒就會痊癒, 大部分都一個禮拜痊癒.
第一次這樣折騰約一個月, 受不了了, 我就認真想...........
我自己從過去的感冒到最近的一次, 為什麼會感冒, 我都有喝水, 吃維他命, 運動, 不因該一年會感冒三到四次, 後來又想到醫生說過的事, 我是過敏性感冒.
於是我的結論就是, 我都是過敏性感冒.
於是我就買脈動式水療洗鼻器來試.
---------------------------------------------------------
後來過了三年, 我每年過敏性感冒次數降到一到兩次, 而且這一兩次都不用看醫生
久一點的一個禮拜自然好, 快一點三四天就好.
偶而會嚴重, 這時才看醫生.

=======================================================================
2011年發現兩個小孩, 起床時都會咳嗽, 女王說是喉嚨有痰. 於是沒放在心上.
但都過快一年了, 起床咳嗽毛病還是有, 我內心想會不會也是鼻子過敏.
於是前天我開始先幫一位小孩洗鼻子.
等兩個禮拜後, 再來看情況如何!
---------------------------------------------------------
這小朋友都不聽話, 洗個兩天, 就不想洗了!
---------------------------------------------------------
2013.1 去台南露營前, 小四的孩子有感冒, 看了醫生, 後來剩咳嗽
過了兩三個禮拜, 還是咳嗽, 後來就動用洗鼻器, 前後洗了一個禮拜(中間有斷掉過, 沒有連續一個禮拜), 就這樣好了!
2013.2.27 老婆娘家有三個人都會鼻子過敏, 衛生紙用很兇. 老婆知道洗鼻器效用, 最近向娘家大力推薦

2009.6.12(Fri) Cisco Layer 2 traceroute

這個Layer 2 traceroute的指令,之前有讀過,但一直到今天才初次使用.

此功能可以檢查source mac到destination mac沿路經過switch的哪些介面,都能清楚的顯示出來.

所需具備的條件是swtich cdp要打開, switch也都要支援layer 2 traceroute才能完成此指令的工作.

例如:

cp2960#traceroute mac 0001.e686.8171 0004.acd3.296f
Source 0001.e686.8171 found on cp2960
1 cp2960 (10.141.6.11) : Fa0/10 => Fa0/2
2 FXXX-1-4006 (10.141.200.150) : Fa3/19 => Po1
3 FXXX-2-4006 (10.141.200.213) : Po1 => Fa3/24
Destination 0004.acd3.296f found on FXXX-2-4006
Layer 2 trace completed

或:

cp2960#traceroute mac 0001.e686.8171 0004.acd3.296f detail
Source 0001.e686.8171 found on cp2960[WS-C2960-24TT-L] (10.141.6.11)
1 cp2960 / WS-C2960-24TT-L / 10.141.6.11 :
Fa0/10 [auto, auto] => Fa0/2 [auto, auto]
2 FXXX-1-4006 / WS-C4006 / 10.141.200.150 :
Fa3/19 [auto, auto] => Po1 [auto, auto]
3 FXXX-2-4006 / WS-C4006 / 10.141.200.213 :
Po1 [auto, auto] => Fa3/24 [auto, auto]
Destination 0004.acd3.296f found on FXXX-2-4006[WS-C4006] (10.141.200.213)
Layer 2 trace completed.

2009.6.12 3560與2950的Fiber界接,一直有CRC error!

1. 3560設備上的兩個光纖介面1000BaseLX SFP,分別接到29501000BaseLX GBIC
每個月都會有85000 framesCRC error


2. 3560的位置前身是2948G-L3,光纖介面是GBIC
以前這兩台互接時並不會產生CRC error。是自從35602948G-L3取代後才發生有大量的CRC error。樓層光纖外線並沒有問題、2950到收容箱的光纖線也沒問題。

3. 雖然一直有大量的CRC error,很奇怪也很慶幸的是網路沒有造成任何的問題,這一直是我納悶的地方。

4. 為了解決這個問題,試過很多方法,如:speed nonegotiate、換GBIC、換SFP、換3560到光纖收容箱這一邊的短接線(ST to LC)光纖、或者拿不同型號的設備來交叉測試,就只有29503560對接時才有CRC error,其他對接都沒問題(ex:2560 to 35603560 to 29483560 to 35602960 to 3560)

5. 從發現有CRC error的五個月後,後來才想到是否為DTP(Dynamic Trunking Protocol)協定影響,於是在兩端設備銜接的界面上下了switchport nonegotaite指令後,才解決此問題。

Dynamic Trunking Protocol (DTP). If a port can become a trunk, it may also have the ability to trunk automatically, and in some cases even negotiate what type of trunking to use on the port. DTP provides this ability to negotiate the trunking method with the other device.

2009年6月10日 星期三

2009.6.10 過敏性感冒

今天到一家沒有人推薦的診所看病.

跟醫生說:我這兩個月來, 反覆性咳嗽, 流鼻水, 有痰, 沒有鼻塞, 沒有發燒.

醫生先用聽診器探勘完後, 說是過敏性感冒, 不是一般感冒. 這與前一家的醫生說法一致, 同時也說了要遠離灰塵, 煙味, 塵蹣. 但開了不一樣的藥給我吃, 其中有一種藥是睡覺前吃, 說是降低過敏.

2009年6月9日 星期二

2009.6.9 (Tue)人體的酸性化是『百 病 之 源』

以下內容擷取自圓光部落格

-------------------------------------------------------------------------------------------------

人體的酸性化是『百 病 之 源』

2007/06/27 09:54

人體的酸性化 百 病 之 源

韋  馬  犬

健 康人的血液是呈弱鹼性的,大概 PH 值是 7.35 到 7.45 之間,一般初生嬰兒也都屬弱鹼性體液,但隨著體外環境污染及不正常生活及飲食習慣,使我們的體質逐漸轉為酸性。據一項都市人群健康調查發現,在生活水平較 高的大城市裡,80 % 以上的人體液 PH 值經常處於較低的一端,使身體呈現不健康的酸性體質。

人體的體液偏酸的話,細胞的功能就會變弱,人體的新陳代謝就會減慢,廢物就不易排出,腎臟、肝臟的負擔就會加大。

所以“酸性體質”者常會感到身體疲乏、記憶力減退、腰酸腿痛、四肢無力、頭昏、耳鳴、睡眠不實、失眠、腹瀉、便秘等,到醫院檢查不出什麼毛病,如不注意改善,繼續發展就會形成疾病。

日本著名醫學博士柳澤文正曾做過一個實驗:找 100 個癌症病患者抽血檢查,結果 100 個癌症患者的血液,都呈酸性。據統計,85% 的痛風、高血壓、癌症、高脂血症患者,也都是酸性體質。因此,醫學專家提出:人體的酸性化是“百病之源”。

由於酸性過多而引起的成年人病大致分為四類:

1. 強酸與鈣、鎂等鹼性礦物質結合為鹽類,即固體酸性物,導致骨質疏鬆症等 疾病。

2. 強酸或酸性鹽堆積在關節或器官內引起相應炎症,導致動脈硬化、腎結石、關節炎、痛風等疾病。

3. 酸性廢棄物堆積,使附近的毛細血管被堵,血液循環不暢,導致糖血尿、腎炎及各種癌症。

4. 胃腸道酸性過多引起便秘、慢性腹瀉、尿酸、四肢酸痛,胃酸過多導致燒心、反酸、胃潰瘍等。另外,酸性體質會影響孩子的智力。

六大原因造成現代人身體酸性化:

1. 飲食結構不合理:

專家指出,科學的飲食習慣是酸鹼食物比例為 1:3,但是現代人飲食中的主食往往是精米、白麵、雞、鴨、魚、肉、蛋,而這些都是酸性食物,據分析這樣的飲食習慣其酸鹼比例卻正好相反,為 3:1。因此,長期攝入過多的酸性食物是導致人體酸性化的原因之一。

2. 運動不足:

在陽光下多做運動多出汗,可幫助排除體內多餘的酸性物質。但現代人以車代步現象愈來愈多,運動量大大減少,長久便會導致酸性代謝物長期滯留在體內,導致體質的酸性化。

3. 過重的心理負擔:

由於現代生活節奏的加快,人們在日常生活、工作和感情上承擔著不同的壓力。當這種壓力得不到釋放的時候,便會對身體造成影響,從而導致體質的酸性化。

4. 不良嗜好:

煙、酒等都是典型的酸性食品,毫無節制的抽煙飲酒等,易導致人體的酸性化。

5. 生活不規律:

唱卡拉 OK、打麻將等夜不歸宿的無規律生活,都會加重體質酸化。

6. 環境的嚴重污染:

由於飲用水、農作物、家禽魚蛋等造成嚴重污染,人們攝入這些含有有害元素的飲水、食物和吸入有害空氣后,其中的酸性物質會滯留在體內造成體質酸性化。

自 主“ 減酸 ”,走向健康:若想擁有一個健康的體質,適度的運動和良好的。飲食是不可缺少的,所以平時要多做有氧運動,勤鍛煉,保持良好的生活習慣和樂觀、開朗、積極 的心態。當然,最有效的方法還是從改善自己的飲食習慣入手。簡單地說,就是通過多吃鹼性食物、少吃酸性食物能直接糾正酸性內環境。

那些食物最能改善體內的酸性環境呢?海帶可以說是鹼性食物之王,多吃海帶能很好地糾正酸性體質。所以平時感到勞累、疲乏、渾身酸痛的時候,不妨吃些海帶。此外,人們常說喝茶能解乏,除了茶葉中的興奮成分外,茶鹼“ 中和 ”體內的酸性物質,也起到緩解疲乏的作用。

酸性體質是人體大量攝入高脂肪、高蛋白、高熱量食物的結果,那麼平時就盡量少吃這些食物。實在想吃時可以把它們和鹼性食物一起搭配,譬如燉肉時放些海帶,燒牛肉時加些蘿葡等等。

★常見食物的酸鹼性:

⊙強酸性:蛋黃、乳酪、白糖、西點、柿子、烏魚子、柴魚等。

⊙中酸性:火腿、雞肉、鮪魚、豬肉、鰻魚、牛肉、麵包、小麥、奶油、馬 肉等。

⊙弱酸性:白米、花生、啤酒、油炸豆腐、海苔、文蛤(蜆)、章魚、泥鰍等。

⊙弱鹼性:紅豆、蘿葡、蘋果、甘藍菜、洋蔥、豆腐等。

⊙中鹼性:蘿葡乾、大豆、胡蘿葡、番茄、香蕉、橘子、番瓜、草莓、蛋白、梅乾、檸檬、菠菜等。

⊙強鹼性:葡萄、茶葉、葡萄酒、海帶、天然綠藻類。

◆那些人的身體容易“發酸”:

⊙熬夜一族:

晚 上 1:00 以後不睡覺,人體的代謝作用由內分泌燃燒,用內分泌燃燒產生的毒素會很多,會使體質變酸,通常熬夜的人得慢性疾病的機率比抽煙或喝酒的人都來得高。所以每 天盡量在晚上 12:00 以前睡覺,不要常熬夜,若非要熬夜,一星期以一次為限!熬夜時不要吃肉,盡量吃碳水化合物,這樣隔天才不至於很累,可把傷害減至最低。

⊙宵夜一族:

凡是晚上 八 時以後再進食者就稱做宵夜。吃宵夜隔天會疲倦,爬不起床,肝也會受損,因為睡覺時,人體各器官活動力低,處於休息狀態,因此食物留在腸子裡會變酸、發酵、產生毒素傷害身體。

⊙早餐的“逃兵”:

一天三餐中,早餐最重要,但許多人普遍不吃早餐,一早空著肚子,體內沒有動力,會自動使用甲狀腺、副甲狀腺、下腦垂體等腺體,去燃燒組織,造成腺體亢進、體質變酸,長期導致慢性病。

⊙“ 精食 ”一族:

少 運動且整天坐在辦公室的上班族最容易犯這種錯誤,因為吃的少,刻意選擇很精緻的食物而少吃粗糧,這種人的腸子老化的特別快,肝功能差,大便是黑色的而且會 常便秘。因為精致食物缺乏纖維素,會導致腸子功能變差,甚至萎縮,你所吃的食物變成了毒素,使你體質變酸,慢性病也開始了。

◆測測你的體質是否“發酸”了:

1. 早起精神不佳﹔ 2. 夜裡睡不適服(失眠)﹔ 3. 整天都感到很累﹔ 4. 工作想速戰速決,沒有持久力﹔ 5. 情緒不穩定,容易發怒﹔ 6. 易被蟲咬﹔ 7. 容易得皮膚病﹔ 8. 容易發燒或感冒﹔ 9. 有高血壓、低血壓、肝臟病﹔ 10. 有糖尿病、腎臟病、痛風﹔ 11. 經常頭疼、腿痛、肩酸、腰酸﹔ 12. 身體肥胖﹔ 13. 有胃病、胃潰瘍﹔ 14. 有過敏症、便秘﹔ 15. 有哮喘病、失眠症、神經衰弱﹔ 16. 食欲不振﹔ 17. 牙齦易出血﹔ 18. 傷口易化濃﹔ 19. 喜歡喝(碳酸)飲料﹔ 20. 喜歡吃肉食、油膩食物﹔ 21. 喜歡喝酒﹔ 22. 喜歡吃甜食﹔ 23. 喜歡吸煙。

有人說,當你 25 歲時,身體血液就已開始酸化,如果你到了 30 歲,已出現了上述的 6 ~ 8 種情況,那你的酸性體質已到了相當的程度,怎麼辦?盡快採取措施減酸,許給自己一個健康的人生。

2009年6月5日 星期五

2009.6.5(Fri) 精胺酸L-arginine的妙用

看了一本雜誌, 有人在討論常搭飛機出國的人, 要如何快速調整時差的問題, 最後是補充說可吃含L-精胺酸(L-Arginine)營養品, 可幫助腦部學習及記憶.

但沒有想到精胺酸還有許多的用法.

以下內容引用自:

精胺酸L-arginine的妙用

1998 年諾貝爾醫學獎研究主題一氧化氮 (NO, nitric oxide) 是個具有像雙魚座兩條魚游向不同方向特質的矛盾分子,他的表兄弟可能比他有名,像笑氣(N2O) 和硝化甘油。

L-精胺酸(L-Arginine)是一種珍貴的胺基酸補充劑,雖然精胺酸並非必須胺基酸(人體不能自行合成的胺基酸稱之為必需胺基酸),但是精胺酸對於人體健康卻有特別的意義,精胺酸是人體一氧化氮的來源,一氧化氮傳導信息的功能隨製造其出來的地方而不同。主要有三種功能
(1) 在血管內皮是使血管的平滑肌細胞放鬆而擴張血管,而可以降低高血壓,當這作用在陰莖海綿體則可促進陰莖
勃起。(2) 在神經突觸則是當作神經傳導因子,和腦部學習及記憶有關。(3) 在巨噬細胞則可損壞腫瘤細胞而將其殺死或停止其繁殖

精胺酸除了可作為蛋白質合成之用,還可作為內在性血管擴張劑的前區物質,而這種表皮內壁生成素擴張因子(EDRF)確實被人發現,存在於血管管壁上。

目 前科學家已證實表皮內壁生成素擴張因子(EDRF)在化學結構上屬於一氧化氮,它是一種自由基的氣體,以往被認為存在於巨噬細胞,它被認為可調和數個細胞 的毒性作用。科學家已經證實一氧化氮就是等於表皮內壁生成素(EDRF),這個內在的物質在人體內廣泛性的生理過程中,的確扮演了關鍵性的角色

一 氧化氮(NO)能促使血管舒張,促進血液循環,醫學臨床研究強烈支持,精胺酸補充劑有效的降低心肌梗塞的發生率,同時具有舒張血管,降血壓,促進血液循環 順暢的作用,對於心血管疾病的預防及動脈硬化患者,心肌梗塞的發生率具有明顯的降低作用。人們早就知道可以用製造炸藥的硝化甘油來治療心肌梗塞。但是據說 諾貝爾晚年拒絕用硝化甘油來治療他的疾病,他認為這是個諷刺.

精胺酸也具有抗氧化作用,可以降低低密度脂蛋白(LDL)氧化,形成血管內層乳糜沉殿的作用,因此對於心臟小血管阻塞,造成心肌壞死的機率下降,同時臨床證實,早晚補充1000毫克(1公克)的精胺酸,可以有效降低心絞痛的發生率。

精胺酸同時被多項醫學臨床研究證實,具有改善性功能障礙,及有效提高精子數量及活動力的臨床作用,每天服用4-5公克的精胺酸,持續半年的研究發現,約有20~35%的夫妻可以懷孕。

精胺酸可有效提高免疫力,促進免疫系統分泌自然殺手細胞,吞噬細胞,白血球內烯素(interleukin-1)等內生性物質,有利於對抗癌細胞及預防病毒感染,另外,精胺酸是鳥氨酸(L-ornithine)及脯氨酸(L-proline)的前驅物.

精胺酸(L-arginine)可以應用在臨床上幾種情況,第一,心血管疾病尤其是心絞痛,第二,糖尿病合併腎動脈硬化症,第三,精蟲減少引發不孕症,第四,男性性功能障礙者。

近年來精胺酸(L-arginine)加上抗氧化劑,所組合而成的營養食品逐漸上市,高藥師最近讀到一篇用碧蘿芷和左旋精胺酸(L-arginine)的2003年的報告,讓高藥師來帶大家導讀一下。

Treatment of Erectile Dysfunction with Pycnogenol and L-Arginine. Journal of sex & Marital Therapy,29(3):207-213,2003

這 個實驗主要是將受試者分成三組,第一組是25~45歲,有勃起困難的時間約5.3年,首先第一個月先讓他們單純吃三公克的左旋精胺酸只有5%的受試者得到 改善;但是如果第二個月除了三公克的左旋精胺酸以外另外再加上80豪克的碧蘿芷,居然就有80%的改善;如果第三個月除了三公克的左旋精胺酸以外另外再加 上120豪克的碧蘿芷,居然有95%的人有改善!!

第二組的病人大於45歲,提供她們吃複方的碧蘿芷加上左旋精胺酸一年,有80%的老人恢復性功能,而且整個實驗無副作用,一年的期間可以改善精液而且讓42%的配偶懷孕.

第三組的病人是30到60歲,針對37位中度勃起功能障礙的病患,給予六周的碧蘿芷加上左旋精胺酸的成分.六週後81%判斷有效.70%的受試者認為可以增加陰莖硬度.73%的男性報告更容易勃起,65%報告增加早上勃起力.

附 註:最近轟動全球的威而鋼的藥理也是運用到一氧化氮。PDE5 (phosphodiesterase type 5 第五型磷酸二脂酉每) 會促進陰莖海綿體 cGMP 的代謝消耗,當陰莖海綿體 cGMP 的量被消耗而不足時,陰莖將會軟攤無法勃起。威而鋼藉著抑制 PDE5 來減少陰莖海綿體 cGMP 的代謝消耗以增強一氧化氮的功能,而促進陰莖勃起。所以如果體內不能製造陰莖海綿體 cGMP,再多的威而鋼也無法使陰莖勃起威而鋼。

追蹤者