Friday, August 24, 2007
Hacking Your Password
Hacking Your Password - Password Checking Option and Clearing Chips Password Checking Option
You can use a password during the computer's startup sequence. The options are:
Always, which means every time the system is started.
Setup, which only protects the BIOS routine from being tampered with, or
Disabled.
You can still boot from a floppy and alter things with a diagnostic program, though.The original are: AMI BIOS did not encrypt the password, so any utility capable of reading the CMOS should be able to edit it. The AMI WinBIOS uses a simple substitution system.
You get three attempts to get in, after which the system will have to be rebooted. The default is usually the manufacturer's initials (try ami), or biostar, biosstar, AWARD?SW, AWARD?PW, LKWPETER, 589589, aLLy, condo, djonet, lkwpeter, j262 SWITCHES?SW, AWARD_SW, or Shift + S Y X Z for Award (before 19 Dec 96), but if this doesn't work, or you forget your own password, you must discharge the CMOS. One way to do this is simply to wait for five years until the battery discharges (ten if you've got a Dallas clock chip)! You could also remove the CMOS chip or the battery and just hang on for twenty minutes or so. Look for the chips mentioned below, under Clearing Chips.
You could try flooding the keyboard buffer to crash the password routine -just wait for the password prompt, then keep pressing esc.
Note: Since 19 Dec 96, Award Software has not used a default password, leaving it for OEMs. Discharging the battery will not clear the OEM password.
Note: When CMOS RAM loses power, a bit is set which indicates this to the BIOS during the POST test. As a result, you will normally get slightly more aggressive default values.
If your battery is soldered in, you could discharge it enough so the CMOS loses power, but make sure it is rechargeable so you can get it up to speed again. To discharge it, connect a small resistor (say 39 ohms, or a 6v lantern lamp) across the battery and leave it for about half an hour.
Some motherboards use a jumper for discharging the CMOS; it may be marked CMOS DRAIN. Sometimes, you can connect P15 of the keyboard controller (pin 32, usually) to GND and switch the machine on. This makes the POST run, which deletes the password after one diagnostic test. Then reboot.
Very much a last resort is to get a multi-meter and set it to a low resistance check (i.e. 4 ohms), place one probe on pin 1 of the chip concerned, and draw the other over the other pins. This will shock out the chip and scramble its brains. This is not for the faint hearted, and only for the desperate-use a paperclip or desolder the battery first! We assume no responsibility for damage!
The minimum standby voltage for the 146818 is 2.7v, but your settings can remain even down to around 2.2v. Usually, the clock will stop first, as the oscillator needs a higher voltage to operate. 3v across a CMOS is common with 3.6v nicad & lithium batteries, as the silicon diodes often used in the battery changeover circuit have a voltage drop of 0.6v (3.6v-.6v = 3v). If your CMOS settings get lost when you switch off and the battery is OK, the problem may be in the changeover circuit - the 146818 can be sensitive to small spikes caused by it at power down.
Clearing ChipsThe CMOS can mostly be cleared by shorting together appropriate pins with something like a bent paperclip (with the power off!). You could try a debug script if you are able to boot:
A:\DEBUG- o 70 2E- o 71 FF- q
The CMOS RAM is often incorporated into larger chips:
P82C206 (Square)
Also has 2 DMA controllers, 2 Interrupt controllers, a Timer, and RTC (Real-Time Clock). It's usually marked CHIPS, because it's made by Chips and Technologies. Clear by shorting together pins 12 and 32 on the bottom edge or pins 74 and 75 on the upper left corner.
F82C206 (Rectangular)
Usually marked OPTi (the manufacturer). Has 2 DMA Controllers, 2 Interrupt Controllers, Timer, and Real Time Clock. Clear by shorting pins 3 and 26 on the bottom edge (third pin in from left and 5th pin from right).
Dallas DS1287,DS1287A
Benchmarq bp3287MT, bq3287AMT.
The DS1287 andDS1287A (and compatible Benchmarq bp3287MT and bq3287AMT chips) have a built-in battery, which should last up to 10 years. Clear the 1287A and 3287AMT chips by shorting pins 12 and 21-you cannot clear the 1287 (and 3287MT), so replace them (with a 1287A!). Although these are 24-pin chips, the Dallas chips may be missing 5, which are unused anyway.
Motorola MC146818AP or compatible.
Rectangular 24-pin DIP chip, found on older machines. Compatibles are made by several manufacturers including Hitachi (HD146818AP) and Samsung (KS82C6818A), but the number on the chip should have 6818 in it somewhere. Although pin-compatible with the 1287/1287A, there is no built-in battery, which means it can be cleared by just removing it from the socket, but you can also short pins 12 and 24.
Dallas DS12885S or
Benchmarq bq3258S
Clear by shorting pins 12 and 20, on diagonally opposite corners; lower right and upper left (try also pins 12 and 24).
For reference, the bytes in the CMOS of an AT with ISA bus are arranged thus:
00 Real Time Clock
10-2F ISA Configuration Data
30-3F BIOS-specific information
40-7F Ext CMOS RAM/Advanced Chipset info
The AMI password is in 37h-3Fh, where the (encrypted) password is at 38h-3Fh. If byte 0Dh is set to 0, the BIOS will think the battery is dead and treat what's in the CMOS as invalid.
One other point, if you have a foreign keyboard (that is, outside the United States) - the computer expects to see a USA keyboard until your keyboard driver is loaded, so DON'T use anything in your password that is not in the USA keyboard!
You can use a password during the computer's startup sequence. The options are:
Always, which means every time the system is started.
Setup, which only protects the BIOS routine from being tampered with, or
Disabled.
You can still boot from a floppy and alter things with a diagnostic program, though.The original are: AMI BIOS did not encrypt the password, so any utility capable of reading the CMOS should be able to edit it. The AMI WinBIOS uses a simple substitution system.
You get three attempts to get in, after which the system will have to be rebooted. The default is usually the manufacturer's initials (try ami), or biostar, biosstar, AWARD?SW, AWARD?PW, LKWPETER, 589589, aLLy, condo, djonet, lkwpeter, j262 SWITCHES?SW, AWARD_SW, or Shift + S Y X Z for Award (before 19 Dec 96), but if this doesn't work, or you forget your own password, you must discharge the CMOS. One way to do this is simply to wait for five years until the battery discharges (ten if you've got a Dallas clock chip)! You could also remove the CMOS chip or the battery and just hang on for twenty minutes or so. Look for the chips mentioned below, under Clearing Chips.
You could try flooding the keyboard buffer to crash the password routine -just wait for the password prompt, then keep pressing esc.
Note: Since 19 Dec 96, Award Software has not used a default password, leaving it for OEMs. Discharging the battery will not clear the OEM password.
Note: When CMOS RAM loses power, a bit is set which indicates this to the BIOS during the POST test. As a result, you will normally get slightly more aggressive default values.
If your battery is soldered in, you could discharge it enough so the CMOS loses power, but make sure it is rechargeable so you can get it up to speed again. To discharge it, connect a small resistor (say 39 ohms, or a 6v lantern lamp) across the battery and leave it for about half an hour.
Some motherboards use a jumper for discharging the CMOS; it may be marked CMOS DRAIN. Sometimes, you can connect P15 of the keyboard controller (pin 32, usually) to GND and switch the machine on. This makes the POST run, which deletes the password after one diagnostic test. Then reboot.
Very much a last resort is to get a multi-meter and set it to a low resistance check (i.e. 4 ohms), place one probe on pin 1 of the chip concerned, and draw the other over the other pins. This will shock out the chip and scramble its brains. This is not for the faint hearted, and only for the desperate-use a paperclip or desolder the battery first! We assume no responsibility for damage!
The minimum standby voltage for the 146818 is 2.7v, but your settings can remain even down to around 2.2v. Usually, the clock will stop first, as the oscillator needs a higher voltage to operate. 3v across a CMOS is common with 3.6v nicad & lithium batteries, as the silicon diodes often used in the battery changeover circuit have a voltage drop of 0.6v (3.6v-.6v = 3v). If your CMOS settings get lost when you switch off and the battery is OK, the problem may be in the changeover circuit - the 146818 can be sensitive to small spikes caused by it at power down.
Clearing ChipsThe CMOS can mostly be cleared by shorting together appropriate pins with something like a bent paperclip (with the power off!). You could try a debug script if you are able to boot:
A:\DEBUG- o 70 2E- o 71 FF- q
The CMOS RAM is often incorporated into larger chips:
P82C206 (Square)
Also has 2 DMA controllers, 2 Interrupt controllers, a Timer, and RTC (Real-Time Clock). It's usually marked CHIPS, because it's made by Chips and Technologies. Clear by shorting together pins 12 and 32 on the bottom edge or pins 74 and 75 on the upper left corner.
F82C206 (Rectangular)
Usually marked OPTi (the manufacturer). Has 2 DMA Controllers, 2 Interrupt Controllers, Timer, and Real Time Clock. Clear by shorting pins 3 and 26 on the bottom edge (third pin in from left and 5th pin from right).
Dallas DS1287,DS1287A
Benchmarq bp3287MT, bq3287AMT.
The DS1287 andDS1287A (and compatible Benchmarq bp3287MT and bq3287AMT chips) have a built-in battery, which should last up to 10 years. Clear the 1287A and 3287AMT chips by shorting pins 12 and 21-you cannot clear the 1287 (and 3287MT), so replace them (with a 1287A!). Although these are 24-pin chips, the Dallas chips may be missing 5, which are unused anyway.
Motorola MC146818AP or compatible.
Rectangular 24-pin DIP chip, found on older machines. Compatibles are made by several manufacturers including Hitachi (HD146818AP) and Samsung (KS82C6818A), but the number on the chip should have 6818 in it somewhere. Although pin-compatible with the 1287/1287A, there is no built-in battery, which means it can be cleared by just removing it from the socket, but you can also short pins 12 and 24.
Dallas DS12885S or
Benchmarq bq3258S
Clear by shorting pins 12 and 20, on diagonally opposite corners; lower right and upper left (try also pins 12 and 24).
For reference, the bytes in the CMOS of an AT with ISA bus are arranged thus:
00 Real Time Clock
10-2F ISA Configuration Data
30-3F BIOS-specific information
40-7F Ext CMOS RAM/Advanced Chipset info
The AMI password is in 37h-3Fh, where the (encrypted) password is at 38h-3Fh. If byte 0Dh is set to 0, the BIOS will think the battery is dead and treat what's in the CMOS as invalid.
One other point, if you have a foreign keyboard (that is, outside the United States) - the computer expects to see a USA keyboard until your keyboard driver is loaded, so DON'T use anything in your password that is not in the USA keyboard!
OSI MODEL 7- layers
The OSI (Open System Interconnection) model is developed by ISO in 1984 to provide a reference model for the complex aspects related to network communication. It divides the different functions and services provided by network technology in 7 layers. This facilitates modular engineering, simplifies teaching and learning network technologies, helps to isolate problems, and allows vendors to focus on just the layer(s) in which their hardware or software is implemented and enables them to create products that are compatible, standardized, and interoperable.
APPLICATION (LAYER 7) The Application layer provides network services directly to the user's application such as a web browser or email client. This layer is said to be "closest to the user". Protocols that operate on this layer include TELNET, HTTP, FTP, TFTP, SMTP, and NTP.
PRESENTATION (LAYER 6) The Presentation layer 'represents' the data in a particular format to the Application layer. It defines encryption, compression, conversion and other coding functions. Examples of specifications defined at this layer are GIF, JPEG, MPEG, MIME, and ASCII.
SESSION (LAYER 5) The Session layer establishes, maintains, and terminates end-to-end connections (sessions) between two applications on two network nodes. It controls the dialogue between the source and destination node, which node can send when and for how long. It also provides error reporting for the Application, Presentation and Session layer. Examples of protocols/API's that operate on this layer are RPC and NETBIOS.
TRANSPORT (LAYER 4) The Transport layer converts the data received from the upper layers into segments and prepares them for transport. The Transport layer is responsible for end-to-end (source-to-destination) delivery of entire messages. It allows data to be transferred reliably and uses sequencing to guarantee that it will be delivered in the same order that it was sent. It also provides services such as error checking and flow control (in software). Examples of protocols that operate on this layer are TCP, UDP, NETBEUI, and SPX.The above Transport layer protocols are either connectionless or connection-oriented: Connection-oriented means that a connection (a virtual link) must be established before any actual data can be exchanged. This guarantees that data will arrive, and in the same order as it was sent. It guarantees delivery by sending acknowledgements back to the source when messages are received. TCP is an example of a connection-oriented transport protocol.A common example of connection-oriented communication is a telephone call. You call, the 'destination' picks up the phone and acknowledges, and you start talking (sending data). When a message or a piece of it doesn't arrive, you say: "What!?" and the sender will repeat what he said (retransmit the data).Connectionless is the opposite of connection-oriented; the sender does not establish a connection before it sends data, it just sends it without guaranteeing delivery. UDP is an example of a connectionless transport protocol.
NETWORK (LAYER 3) The Network layer converts the segments from the Transport layer into packets (or datagrams) and is responsible for path determination, routing , and the delivery of packets across internetworks. The network layer treats these packets independently, without recognizing any relationship between those individual packets. It relies on higher layers for reliable delivery and sequencing.The Network layer is also responsible for logical addressing (also known as network addressing or Layer 3 addressing) for example IP addressing. Examples of protocols defined at this layer are IP, IPX, ICMP, RIP, OSPF, and BGP. Examples of devices that operate on this layer are layer-3 switches and routers. The latter includes WAPs with built-in routing capabilities (wireless access routers).
DATA LINK (LAYER 2) The Data Links provides transparent network services to the Network layer so the Network layer can be ignorant about the underlying physical network topology. It is responsible for reassembling bits, taken of the wire by the Physical layer, to frames, and makes sure they are in the correct order and requests retransmission of frames in case an error occurs. It provides error checking by adding a CRC to the frame, and flow control. Examples of devices that operate on this layer are switches, bridges, WAPs, and NICs.
IEEE 802 Data Link sub layersAround the same time the OSI model was developed, the IEEE developed the 802-standards such as 802.5 Token Ring and 802.11 for wireless networks. Both organizations exchanged information during the development, which resulted in two compatible standards. The IEEE 802 standards define physical network components such as cabling and network interfaces, and correspond to the Data Link and/or Physical layer of the OSI model. The IEEE refined the standards and divided the Data Link layer into two sublayers: the LLC and the MAC sublayer.
- LLC sublayerLLC is short for Logical Link Control. The LLC layer is the upper sublayer of the Data Link layer and is defined in the IEEE 802.2 standard. LLC masks the underlying physical network technologies by hiding their differences to provide a single interface to the Network layer. The LLC sublayer uses Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs) to help the lower layers communicate with the Network layer protocols, acting as an intermediate between the different network protocols (IPX, TCP/IP, etc.) and the different network technologies (Ethernet, Token Ring, etc.). Additionally, this layer is responsible for sequencing and acknowledgements of individual frames.
- MAC sublayerThe Media Access Control layer takes care of physical addressing and allows upper layers access to the physical media, handles frame addressing, error checking. This layer controls and communicates directly with the physical network media through the network interface card. It converts the frames into bits to pass them on to the Physical layer who puts them on the wire (and vice versa). IEEE LAN standards such as 802.3, 802.4, 802.5, and 802.11 define standards for the MAC sublayer as well as the Physical layer.
PHYSICAL (LAYER 1) This layer communicates directly with the physical media. It is responsible for activating, maintaining and deactivating the physical link. It handles a raw bits stream and places it on the wire to be picked up by the Physical layer at the receiving node. It defines electrical and optical signaling, voltage levels, data transmission rates, as well as mechanical specifications such as cable lengths and connectors, the amount of pins and their functions. Examples of devices that operate on this layer are hubs/concentrators, repeaters, NICs, WAPs, and LAN and WAN interfaces such as RS-232, OC-3, BRI, and antennas.
APPLICATION (LAYER 7) The Application layer provides network services directly to the user's application such as a web browser or email client. This layer is said to be "closest to the user". Protocols that operate on this layer include TELNET, HTTP, FTP, TFTP, SMTP, and NTP.
PRESENTATION (LAYER 6) The Presentation layer 'represents' the data in a particular format to the Application layer. It defines encryption, compression, conversion and other coding functions. Examples of specifications defined at this layer are GIF, JPEG, MPEG, MIME, and ASCII.
SESSION (LAYER 5) The Session layer establishes, maintains, and terminates end-to-end connections (sessions) between two applications on two network nodes. It controls the dialogue between the source and destination node, which node can send when and for how long. It also provides error reporting for the Application, Presentation and Session layer. Examples of protocols/API's that operate on this layer are RPC and NETBIOS.
TRANSPORT (LAYER 4) The Transport layer converts the data received from the upper layers into segments and prepares them for transport. The Transport layer is responsible for end-to-end (source-to-destination) delivery of entire messages. It allows data to be transferred reliably and uses sequencing to guarantee that it will be delivered in the same order that it was sent. It also provides services such as error checking and flow control (in software). Examples of protocols that operate on this layer are TCP, UDP, NETBEUI, and SPX.The above Transport layer protocols are either connectionless or connection-oriented: Connection-oriented means that a connection (a virtual link) must be established before any actual data can be exchanged. This guarantees that data will arrive, and in the same order as it was sent. It guarantees delivery by sending acknowledgements back to the source when messages are received. TCP is an example of a connection-oriented transport protocol.A common example of connection-oriented communication is a telephone call. You call, the 'destination' picks up the phone and acknowledges, and you start talking (sending data). When a message or a piece of it doesn't arrive, you say: "What!?" and the sender will repeat what he said (retransmit the data).Connectionless is the opposite of connection-oriented; the sender does not establish a connection before it sends data, it just sends it without guaranteeing delivery. UDP is an example of a connectionless transport protocol.
NETWORK (LAYER 3) The Network layer converts the segments from the Transport layer into packets (or datagrams) and is responsible for path determination, routing , and the delivery of packets across internetworks. The network layer treats these packets independently, without recognizing any relationship between those individual packets. It relies on higher layers for reliable delivery and sequencing.The Network layer is also responsible for logical addressing (also known as network addressing or Layer 3 addressing) for example IP addressing. Examples of protocols defined at this layer are IP, IPX, ICMP, RIP, OSPF, and BGP. Examples of devices that operate on this layer are layer-3 switches and routers. The latter includes WAPs with built-in routing capabilities (wireless access routers).
DATA LINK (LAYER 2) The Data Links provides transparent network services to the Network layer so the Network layer can be ignorant about the underlying physical network topology. It is responsible for reassembling bits, taken of the wire by the Physical layer, to frames, and makes sure they are in the correct order and requests retransmission of frames in case an error occurs. It provides error checking by adding a CRC to the frame, and flow control. Examples of devices that operate on this layer are switches, bridges, WAPs, and NICs.
IEEE 802 Data Link sub layersAround the same time the OSI model was developed, the IEEE developed the 802-standards such as 802.5 Token Ring and 802.11 for wireless networks. Both organizations exchanged information during the development, which resulted in two compatible standards. The IEEE 802 standards define physical network components such as cabling and network interfaces, and correspond to the Data Link and/or Physical layer of the OSI model. The IEEE refined the standards and divided the Data Link layer into two sublayers: the LLC and the MAC sublayer.
- LLC sublayerLLC is short for Logical Link Control. The LLC layer is the upper sublayer of the Data Link layer and is defined in the IEEE 802.2 standard. LLC masks the underlying physical network technologies by hiding their differences to provide a single interface to the Network layer. The LLC sublayer uses Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs) to help the lower layers communicate with the Network layer protocols, acting as an intermediate between the different network protocols (IPX, TCP/IP, etc.) and the different network technologies (Ethernet, Token Ring, etc.). Additionally, this layer is responsible for sequencing and acknowledgements of individual frames.
- MAC sublayerThe Media Access Control layer takes care of physical addressing and allows upper layers access to the physical media, handles frame addressing, error checking. This layer controls and communicates directly with the physical network media through the network interface card. It converts the frames into bits to pass them on to the Physical layer who puts them on the wire (and vice versa). IEEE LAN standards such as 802.3, 802.4, 802.5, and 802.11 define standards for the MAC sublayer as well as the Physical layer.
PHYSICAL (LAYER 1) This layer communicates directly with the physical media. It is responsible for activating, maintaining and deactivating the physical link. It handles a raw bits stream and places it on the wire to be picked up by the Physical layer at the receiving node. It defines electrical and optical signaling, voltage levels, data transmission rates, as well as mechanical specifications such as cable lengths and connectors, the amount of pins and their functions. Examples of devices that operate on this layer are hubs/concentrators, repeaters, NICs, WAPs, and LAN and WAN interfaces such as RS-232, OC-3, BRI, and antennas.
Thursday, August 23, 2007
Active directory collection
Active Directory on a Windows Server 2003 Network
Active Directory is the information hub of the Windows Server 2003 operating system. The following figure shows Active Directory as the focal point of the Windows Server 2003 network used to manage identities and broker relationships between distributed resources so they can work together.
Active Directory provides:
•
A central location for network administration and delegation of administrative authority. You have access to objects representing all network users, devices, and resources and the ability to group objects for ease of management and application of security and Group Policy.
•
Information security and single sign-on for user access to network resources. Tight integration with security eliminates costly tracking of accounts for authentication and authorization between systems. A single user name and password combination can identify each network user, and this identity follows the user throughout the network.
•
Scalability. Active Directory includes one or more domains, each with one or more domain controllers, enabling you to scale the directory to meet any network requirements.
•
Flexible and global searching. Users and administrators can use desktop tools to search Active Directory. By default, searches are directed to the global catalog, which provides forest-wide search capabilities.
•
Storage for application data. Active Directory provides a central location to store data that is shared between applications and with applications that need to distribute their data across entire Windows networks.
•
Systematic synchronization of directory updates. Updates are distributed throughout the network through secure and cost-efficient replication between domain controllers.
•
Remote administration. You can connect to any domain controller remotely from any Windows-based computer that has administrative tools installed.
•
Single, modifiable, and extensible schema. The schema is a set of objects and rules that provide the structure requirements for Active Directory objects. You can modify the schema to implement new types of objects or object properties.
•
Integration of object names with Domain Name System (DNS), the Internet-standard computer location system. Active Directory uses DNS to implement an IP-based naming system so that Active Directory services and domain controllers are locatable over standard IP both on intranets and the Internet.
•
Lightweight Directory Access Protocol (LDAP) support. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
Active Directory is the information hub of the Windows Server 2003 operating system. The following figure shows Active Directory as the focal point of the Windows Server 2003 network used to manage identities and broker relationships between distributed resources so they can work together.
Active Directory provides:
•
A central location for network administration and delegation of administrative authority. You have access to objects representing all network users, devices, and resources and the ability to group objects for ease of management and application of security and Group Policy.
•
Information security and single sign-on for user access to network resources. Tight integration with security eliminates costly tracking of accounts for authentication and authorization between systems. A single user name and password combination can identify each network user, and this identity follows the user throughout the network.
•
Scalability. Active Directory includes one or more domains, each with one or more domain controllers, enabling you to scale the directory to meet any network requirements.
•
Flexible and global searching. Users and administrators can use desktop tools to search Active Directory. By default, searches are directed to the global catalog, which provides forest-wide search capabilities.
•
Storage for application data. Active Directory provides a central location to store data that is shared between applications and with applications that need to distribute their data across entire Windows networks.
•
Systematic synchronization of directory updates. Updates are distributed throughout the network through secure and cost-efficient replication between domain controllers.
•
Remote administration. You can connect to any domain controller remotely from any Windows-based computer that has administrative tools installed.
•
Single, modifiable, and extensible schema. The schema is a set of objects and rules that provide the structure requirements for Active Directory objects. You can modify the schema to implement new types of objects or object properties.
•
Integration of object names with Domain Name System (DNS), the Internet-standard computer location system. Active Directory uses DNS to implement an IP-based naming system so that Active Directory services and domain controllers are locatable over standard IP both on intranets and the Internet.
•
Lightweight Directory Access Protocol (LDAP) support. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
Seven layers
The specific description for each layer is as follows:
Layer 7: Application Layer
Defines interface to user processes for communication and data transfer in network
Provides standardized services such as virtual terminal, file and job transfer and operations
Layer 6:Presentation Layer
Masks the differences of data formats between dissimilar systems
Specifies architecture-independent data transfer format
Encodes and decodes data; Encrypts and decrypts data; Compresses and decompresses data
Layer 5:Session Layer
Manages user sessions and dialogues
Controls establishment and termination of logic links between users
Reports upper layer errors
Layer 4:Transport Layer
Manages end-to-end message delivery in network
Provides reliable and sequential packet delivery through error recovery and flow control mechanisms
Provides connectionless oriented packet delivery
Layer 3:Network Layer
Determines how data are transferred between network devices
Routes packets according to unique network device addresses
Provides flow and congestion control to prevent network resource depletion
Layer 2:Data Link Layer
Defines procedures for operating the communication links
Frames packets
Detects and corrects packets transmit errors
Layer 1:Physical Layer
Defines physical means of sending data over network devices
Interfaces between network medium and devices
Defines optical, electrical and mechanical characteristics
There are other network architecture models,. Those models will be discussed in separate documents.
The OSI 7 layer model is defined by ISO in document 7498 and ITU X.200, X.207, X.210, X.211, X.212, X.213 , X.214, X.215, X.217 and X.800. The protocols defined by ISO based on the OSI 7 layer mode.
Layer 7: Application Layer
Defines interface to user processes for communication and data transfer in network
Provides standardized services such as virtual terminal, file and job transfer and operations
Layer 6:Presentation Layer
Masks the differences of data formats between dissimilar systems
Specifies architecture-independent data transfer format
Encodes and decodes data; Encrypts and decrypts data; Compresses and decompresses data
Layer 5:Session Layer
Manages user sessions and dialogues
Controls establishment and termination of logic links between users
Reports upper layer errors
Layer 4:Transport Layer
Manages end-to-end message delivery in network
Provides reliable and sequential packet delivery through error recovery and flow control mechanisms
Provides connectionless oriented packet delivery
Layer 3:Network Layer
Determines how data are transferred between network devices
Routes packets according to unique network device addresses
Provides flow and congestion control to prevent network resource depletion
Layer 2:Data Link Layer
Defines procedures for operating the communication links
Frames packets
Detects and corrects packets transmit errors
Layer 1:Physical Layer
Defines physical means of sending data over network devices
Interfaces between network medium and devices
Defines optical, electrical and mechanical characteristics
There are other network architecture models,. Those models will be discussed in separate documents.
The OSI 7 layer model is defined by ISO in document 7498 and ITU X.200, X.207, X.210, X.211, X.212, X.213 , X.214, X.215, X.217 and X.800. The protocols defined by ISO based on the OSI 7 layer mode.
Friday, August 10, 2007
Networking faq
What is ARP?
An:- (Address Resolution Protocol) A TCP/IP protocol for determining the hardware address of a node on a local area network connect to the internet, when only the IP address is know an ARP requests send to the network.
What is BGP?
An: - Border gateway protocol. A protocol used by NSF net that is used on the external gateway protocol.
What is DLC?
An: - Data link control and a error correction protocol in the system network architecture responsible for transmission of data between two nodes are a physical link support windows NT 2000.
What is DBS?
An: - data base administrator the administrator determines the content internal structure and access strategy for a performance.
What is DHCP?
An: - Dynamic host configuration protocol. A TCP/IP protocol that enables a network connected to the internet to assign a Temporary IP address to a host automatically when the host connects to the network.
What is DFS?
An: - Distributed file system. A file management system in which in which file may be located on multiple computers connected over a local or wide area network.
What is DNS?
An: - Domain name system. The hierarchical system by which hosts on the internet have both domain name address (such as vikrantnetworkin.bolgspot.com) and IP address (192.168.1.1). The domain name address is used by human user and automatically translated in to the numerical IP add, which is used by the packet routing software. DNS names consist of a top level domain, a second level domain.
What is FAT?
An: - File allocation table. MS- dos the file allocation table is commonly know as the FAT.
What is HTTP?
An: - Hypertext transfer protocol. The protocol used to carry request from a browser to a web server and to transport pages from web server back to the requesting browser. It is not an especially secure protocol.
What is MS- Dos?
An: - Microsoft disk operating system. A single tasking, single user operating system with a command line interface, released in 1981, for IBM PC and compatibles.
What is NTFS?
An: - New technology file system. An advance file system designed for use specification with the window NT operating system. It supports longs filenames, full security access control, file system recovery, extremely large storage media, and various features for the Windows NT POSIX subsystem. It support always original application by treating all files as object with user defined and system defined attributes.
What is PPP?
An: - Point to point protocol. A widely used data link protocol for transmitting TCP/ IP packets over dialup telephone connection, such as between a computer and the internet. PPP dynamic support of IP add, provides greater protection for data integrity and security and is easier to use than SLIP, at a cost of greater overhead.
What is RAID?
An: - Redundant array or independent disks. A data storage method in which data is distributed across a group of computer disk drives that function as a single storage unit.
What is ICMP?
An: - Internet control message protocol. A network layer internet protocol that provide error correction and other information relevant to IP packet processing for ex. It can let the IP software on one machine inform anther machine about an unreachable destination.
What is IP Sec?
An: - Internet protocol security. A security mechanism under development by the IETF designed to ensure secure packet based on two levels of security.
What is ISP?
An: - Internet service provider. A business that supplies internet connectivity services to individuals, businesses, and other organization. Some ISP is large national or Multinational Corporation that offer access in many locations, while others are limited to single city or region.
What is LAN?
An: - Local area network. A group of computers and other devices dispersed over a relatively limited area and connected by a communication link that enables any device to interact with any other on the network.
What is MAU?
An: - Multi access unit. A hub device in a token ring network that connects computers in a physical hub and spokes arrangement but uses the logical ring required in token ring network.
What is RAM?
An: - Random access memory. A TCP/IP protocol for determining the IP add or a node on a local area network connected to the internet, when only the hardware address is known.
What is SMTP?
An: - Simple mail transfer protocol. A TCP/IP protocol for sending message from one computer to another on a network, this protocol is used on the internet to route e- mail.
What is TCP?
An: - Transmission control protocol. The protocol within TCP/IP that governs the breakup of data message in to packets received by IP a connection oriented reliable protocol.
What is WAN?
An: - Wide Area Network. A geographically widespread network, one that relies on communications capabilities to link the various network segments. A wan can be one large network or it can consist of a number or Linked LAN’s.
An:- (Address Resolution Protocol) A TCP/IP protocol for determining the hardware address of a node on a local area network connect to the internet, when only the IP address is know an ARP requests send to the network.
What is BGP?
An: - Border gateway protocol. A protocol used by NSF net that is used on the external gateway protocol.
What is DLC?
An: - Data link control and a error correction protocol in the system network architecture responsible for transmission of data between two nodes are a physical link support windows NT 2000.
What is DBS?
An: - data base administrator the administrator determines the content internal structure and access strategy for a performance.
What is DHCP?
An: - Dynamic host configuration protocol. A TCP/IP protocol that enables a network connected to the internet to assign a Temporary IP address to a host automatically when the host connects to the network.
What is DFS?
An: - Distributed file system. A file management system in which in which file may be located on multiple computers connected over a local or wide area network.
What is DNS?
An: - Domain name system. The hierarchical system by which hosts on the internet have both domain name address (such as vikrantnetworkin.bolgspot.com) and IP address (192.168.1.1). The domain name address is used by human user and automatically translated in to the numerical IP add, which is used by the packet routing software. DNS names consist of a top level domain, a second level domain.
What is FAT?
An: - File allocation table. MS- dos the file allocation table is commonly know as the FAT.
What is HTTP?
An: - Hypertext transfer protocol. The protocol used to carry request from a browser to a web server and to transport pages from web server back to the requesting browser. It is not an especially secure protocol.
What is MS- Dos?
An: - Microsoft disk operating system. A single tasking, single user operating system with a command line interface, released in 1981, for IBM PC and compatibles.
What is NTFS?
An: - New technology file system. An advance file system designed for use specification with the window NT operating system. It supports longs filenames, full security access control, file system recovery, extremely large storage media, and various features for the Windows NT POSIX subsystem. It support always original application by treating all files as object with user defined and system defined attributes.
What is PPP?
An: - Point to point protocol. A widely used data link protocol for transmitting TCP/ IP packets over dialup telephone connection, such as between a computer and the internet. PPP dynamic support of IP add, provides greater protection for data integrity and security and is easier to use than SLIP, at a cost of greater overhead.
What is RAID?
An: - Redundant array or independent disks. A data storage method in which data is distributed across a group of computer disk drives that function as a single storage unit.
What is ICMP?
An: - Internet control message protocol. A network layer internet protocol that provide error correction and other information relevant to IP packet processing for ex. It can let the IP software on one machine inform anther machine about an unreachable destination.
What is IP Sec?
An: - Internet protocol security. A security mechanism under development by the IETF designed to ensure secure packet based on two levels of security.
What is ISP?
An: - Internet service provider. A business that supplies internet connectivity services to individuals, businesses, and other organization. Some ISP is large national or Multinational Corporation that offer access in many locations, while others are limited to single city or region.
What is LAN?
An: - Local area network. A group of computers and other devices dispersed over a relatively limited area and connected by a communication link that enables any device to interact with any other on the network.
What is MAU?
An: - Multi access unit. A hub device in a token ring network that connects computers in a physical hub and spokes arrangement but uses the logical ring required in token ring network.
What is RAM?
An: - Random access memory. A TCP/IP protocol for determining the IP add or a node on a local area network connected to the internet, when only the hardware address is known.
What is SMTP?
An: - Simple mail transfer protocol. A TCP/IP protocol for sending message from one computer to another on a network, this protocol is used on the internet to route e- mail.
What is TCP?
An: - Transmission control protocol. The protocol within TCP/IP that governs the breakup of data message in to packets received by IP a connection oriented reliable protocol.
What is WAN?
An: - Wide Area Network. A geographically widespread network, one that relies on communications capabilities to link the various network segments. A wan can be one large network or it can consist of a number or Linked LAN’s.
Thursday, August 9, 2007
Most popular Demo of networking
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab1/samplab1.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab4/samplab4.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab5/samplab5.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab15/samplab15.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab18/samplab18.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab17/samplab17.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab14/samplab14.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab3/samplab3.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab21/samplab21.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab8/samplab8.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/sbs/sbssamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/msvirtual/ms_virtual_server_samplab.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab2/samplab2.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab11/samplab11.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/vista/vistasamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab13/samplab13.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab6/samplab6.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab19/samplab19.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/vmwareserver/VMware_Server_Samp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/aplus/aplussamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/networkplus/networkplus.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab20/samplab20.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab4/samplab4.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab5/samplab5.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab15/samplab15.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab18/samplab18.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab17/samplab17.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab14/samplab14.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab3/samplab3.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab21/samplab21.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab8/samplab8.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/sbs/sbssamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/msvirtual/ms_virtual_server_samplab.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab2/samplab2.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab11/samplab11.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/vista/vistasamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab13/samplab13.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab6/samplab6.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab19/samplab19.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/vmwareserver/VMware_Server_Samp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/aplus/aplussamp.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/networkplus/networkplus.html
http://www.trainsignaltraining.com/TrainSignal/demos/videos/lab20/samplab20.html
Forgot the Administrator's Password?
Ok, so you say you forgot your Windows administrator's password, huh? Oh well, it doesn't really matter if you did or you just say you did. The fact is that you need to gain access to a computer and you cannot "remember" the administrator's password.
How can you get out of this situation without formatting and re-installing the operating system?
Featured Product
Windows Key by LostPassword.com - Use this easy tool to reset any Windows local or domain controller password in a minute. Money-back guarantee. Download FREE version now!
One method of gaining access to the system is by trying hard to remember the forgotten password, or a password of another user which has the same level of administrative rights. However I don't think this approach will help you, otherwise you wouldn't be sitting here reading article, would you?)
Another method is by trying to restore a backed up System State (in Windows 2000/XP/2003) or a ERD (in NT 4.0) in which you do remember the password. The problem with doing so is that you'll probably lose all of the recently add users and groups, and all the changed passwords for all of your users since the last backup was made.
A third method might be to install a parallel operating system on a different partition on the same computer, then use a simple trick to gain access to the old system.
Note: If you are looking for password cracking tools that can be used for miscellaneous objectives such as password-protected PDF documents, zipped archives, Office documents, BIOS protection and so on then this pages is NOT for you. See some links at the bottom of this page for hints on where to find such tools, but I can tell you right away that Google might be a better choice for you.
The fourth option is by using 3rd party tools that will enable you to reset the lost password and logon with a blank password.
Freeware Password Recovery Tools
Here are some of these tools:
Free Windows password-cracking tools are usually Linux boot disks that have NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. This process requires physical access to the console and an available floppy drive but it works like a charm! I've done it myself several times with no glitch or problem whatsoever.
Beware!!! Resetting a user's or administrator's password on some systems (like Windows XP) might cause data loss, especially EFS-encrypted files and saved passwords from within Internet Explorer. To protect yourself against EFS-encrypted files loss you should always export your Private and Public key, along with the keys for the Recovery Agent user. . Out of the following list, the only tool that will no cause any harm to EFS-encrypted files on your hard disk is the Windows Password Recovery system.
Download links:
· cd070409.zip (~3MB) - Bootable CD image with newer drivers
· bd050303.zip (~1.1MB) - Bootdisk image, date 050303.
· sc050303.zip(~1.4MB) - SCSI-drivers (050303) (only use newest drivers with newest bootdisk, this one works with bd050303)
To write these images to a floppy disk you'll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD.
Support and Problems? Don't call me! Talk to the creator of this great tool. He also has a good FAQ set up covering most of the day-to-day questions. Read it right HERE
Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000 (except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory.
How can you get out of this situation without formatting and re-installing the operating system?
Featured Product
Windows Key by LostPassword.com - Use this easy tool to reset any Windows local or domain controller password in a minute. Money-back guarantee. Download FREE version now!
One method of gaining access to the system is by trying hard to remember the forgotten password, or a password of another user which has the same level of administrative rights. However I don't think this approach will help you, otherwise you wouldn't be sitting here reading article, would you?)
Another method is by trying to restore a backed up System State (in Windows 2000/XP/2003) or a ERD (in NT 4.0) in which you do remember the password. The problem with doing so is that you'll probably lose all of the recently add users and groups, and all the changed passwords for all of your users since the last backup was made.
A third method might be to install a parallel operating system on a different partition on the same computer, then use a simple trick to gain access to the old system.
Note: If you are looking for password cracking tools that can be used for miscellaneous objectives such as password-protected PDF documents, zipped archives, Office documents, BIOS protection and so on then this pages is NOT for you. See some links at the bottom of this page for hints on where to find such tools, but I can tell you right away that Google might be a better choice for you.
The fourth option is by using 3rd party tools that will enable you to reset the lost password and logon with a blank password.
Freeware Password Recovery Tools
Here are some of these tools:
Free Windows password-cracking tools are usually Linux boot disks that have NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. This process requires physical access to the console and an available floppy drive but it works like a charm! I've done it myself several times with no glitch or problem whatsoever.
Beware!!! Resetting a user's or administrator's password on some systems (like Windows XP) might cause data loss, especially EFS-encrypted files and saved passwords from within Internet Explorer. To protect yourself against EFS-encrypted files loss you should always export your Private and Public key, along with the keys for the Recovery Agent user. . Out of the following list, the only tool that will no cause any harm to EFS-encrypted files on your hard disk is the Windows Password Recovery system.
Download links:
· cd070409.zip (~3MB) - Bootable CD image with newer drivers
· bd050303.zip (~1.1MB) - Bootdisk image, date 050303.
· sc050303.zip(~1.4MB) - SCSI-drivers (050303) (only use newest drivers with newest bootdisk, this one works with bd050303)
To write these images to a floppy disk you'll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD.
Support and Problems? Don't call me! Talk to the creator of this great tool. He also has a good FAQ set up covering most of the day-to-day questions. Read it right HERE
Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000 (except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory.
How to Change the Serial in Windows XP
How can I change the volume licensing product key on a Windows XP SP1-Based Computer?
Because of changes in Windows XP Service Pack 1 (SP1), Windows XP-based computers that use a leaked product key that is known to be available to the general public may not be able to install SP1 or automatically obtain updates from the Windows Update Web site. For an easy and quick method of obtaining your own CD Key please read
There are two (legal) methods that you can use to change the product key with volume licensing media after installation. You can use either the Windows Activation Wizard graphical user interface (GUI) or a Windows Management Instrumentation (WMI) script.
The easier method to use is the Use the Activation Wizard method. Use this method when you only have a few computers on which to change the product key. The Use a Script method is best when you have a number of computers on which you have to change the product key.
Legal Note: Make sure you understand that this method is indeed legal. This is NO crack, NO hack, there is nothing illegal with this article. I will not, however, encourage any reader to use an illegally obtained CD Key. What you do in your own house/office is your own business, and I cannot and will not be held responsible for your actions.
Method #1: Use the Activation Wizard
If you have only a few volume licensing product keys to change, you can use the Activation Wizard.
Warning!
This document contains instructions for editing the registry. If you make any error while editing the registry, you can potentially cause Windows to fail or be unable to boot, requiring you to reinstall Windows. Edit the registry at your own risk. Always back up the registry before making any changes. If you do not feel comfortable editing the registry, do not attempt these instructions. Instead, seek the help of a trained computer specialist.
Note: Microsoft recommends that you run System Restore to create a new restore point before you complete the following steps:
Click Start, and then click Run.
In the Open box, type Regedit, and then click OK.
In the left pane, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents
In the right pane, right-click OOBETimer, and then click Modify.
Change at least one digit of this value to deactivate Windows.
Click Start, and then click Run.
In the Open box, type the following command, and then click OK.
%systemroot%\system32\oobe\msoobe.exe /a
Click Yes, I want to telephone a customer service representative to activate Windows, and then click Next.
Click Change Product key.
Type the new product key in the New key boxes, and then click Update. If you are returned to the previous window, click Remind me later, and then restart the computer.
Repeat steps 6 and 7 to verify that Windows is activated. You receive the following message:
Windows is already activated. Click OK to exit.
Click OK.
Install SP1 for Windows XP.
If you cannot restart Windows after you install SP1, press F8 when you restart the computer, select Last Known Good Configuration, and then repeat this procedure.
Method #2: Use a Script
You can create a WMI script that changes the volume licensing product key, and then deploy this script in a startup script. The sample ChangeVLKey2600.vbs script and the sample ChangeVLKeySP1 script that are described in this section use the new volume licensing key that you want to enter, in its five-part alphanumeric form, as a single argument. Microsoft recommends that you use the ChangeVLKey2600.vbs script on Windows XP-based computers that are not running SP1 and that you use the ChangeVLKeySP1.vbs script on Windows XP-based computers that are running SP1. These scripts perform the following functions:
They remove the hyphen characters (-) from the five-part alphanumeric product key.
They create an instance of the win32_WindowsProductActivation class.They call the SetProductKey method with the new volume licensing product key.
You can create a batch file or a CMD file that uses either of the following sample scripts, together with the new product key as an argument, and either deploy it as part of a startup script or run it from the command line to change the product key on a single computer.
ChangeVLKeySP1.vbs
'
' WMI Script - ChangeVLKey.vbs
'
' This script changes the product key on the computer
'
'***************************************************************************
ON ERROR RESUME NEXT
if Wscript.arguments.count<1 vol_prod_key =" Wscript.arguments.Item(0)" vol_prod_key =" Replace(VOL_PROD_KEY," impersonationlevel="impersonate}" result =" Obj.SetProductKey"> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if
Next
ChangeVLKey2600.vbs
'
' WMI Script - ChangeVLKey.vbs
'
' This script changes the product key on the computer
'
'***************************************************************************
ON ERROR RESUME NEXT
if Wscript.arguments.count<1 vol_prod_key =" Wscript.arguments.Item(0)" vol_prod_key =" Replace(VOL_PROD_KEY," wshshell =" WScript.CreateObject(" impersonationlevel="impersonate}" result =" Obj.SetProductKey"> 0 then
WScript.Echo Err.Description, "0x" & Hex(Err.Number)
Err.Clear
end if
Next
Example
The following example describes how to use the ChangeVLKeySP1.vbs script from a command line:
Click Start, and then click Run.
In the Open box, type the following command, where AB123-123AB-AB123-123AB-AB123 is the new product key that you want to use, and then click OK:
c:\changevlkeysp1.vbs ab123-123ab-ab123-123ab-ab123
Home Network Setup
On this page I will describe the 4 variants or options that one has when connecting a home or small office network to the Internet via an ADSL or Cable modem. Carefully read the pros and cons of each method and decide what's best for you.
");
//]]>-->
Need Help with your Home Network Setup Right Now?
If you are having problems setting up or troubleshooting your home network Support.com is there to help you. Our Network Setup & Troubleshooting service puts all the pieces together. Establishing a secure home network is a daunting task. We'll take the hassle out of setting up your network by implementing the latest security precautions and connecting all of your devices to your router.
Support.com Free Estimate - Network Setup & Troubleshooting
document.context='YTowOnt9';
In this page I will not go into PC configuration details.
Home Network Setup Option 1: Everything hooked to a Hub or Switch
Pros
Simple setup
No server needed
Configure each PC manually
Cons
Maximum 4 PC's
Fixed IP addresses for all 4 PC's
Dial-in required per PC
No Proxy
Hub ports = the number of PC's + 1
Only one PC at a time can be connected to the Internet
With this home network setup we connect all Ethernet cables (PC and ADSL) to a hub or switch. The hub or switch can be any model UTP based hub preferably with a uplink/MDI crossed connector. You will need the uplink connector to connect the ADSL connector. If your hub does not come with such a connector, you should buy or prepare a UTP crossed-over network cable and use that instead. Your hub should have at least the amount of PC's plus 1 (ADSL) UTP ports.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
Each PC (maximum of 4!) should be configured as a ADSL client as described by your provider. Each PC should have an unique IP address.
Home Network Setup Option 2: Everything to the Hub or Switch - one of the PCs is a server
Pros
Simple setup
No manual PC configuration
Almost no limit to the number of PC's (254)
Dialup is done automatically
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
This network setup is similar to variant 1 with one difference: we have a server which enables us to use a different IP range for PCs.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------PC4 (SERVER)10.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing (Windows 2000, XP and ME have this standard included).
Home Network Setup Option 3: All PC's to a Hub or Switch - Server connected to ADSL
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
Server needs additional network-card
Similar to option 1 and option 2 with the exception that the ADSL cable is connected to a server directly and from that server an second network connection is connected to the hub or switch. There are no limitations to the switch or hub used, this can even be a coax network if you would like so (this requires NO hub).
The ADSL network cable is connected to the server, which has 2 network-cards:
ADSL connection
LAN/hub connection
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.5 PC5 Server 192.168.0.5 PC1-------------------Switching Hub-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the server.
The second network-card of the server is connected to the hub.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing.
Home Network Setup Option 4: PC's and ADSL to Router/Switch
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
No server required
Cons
Routers can be expensive
Configuration of a router can be hard
Not all ADSL routers support RAS with VPN/PPTP
The router/switch (like the LinkSys models) is both a "server" for DHCP, firewall, DNS etc. and a hub in one.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.1 PC1------------------Router / Switch-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the router/switch.
All PC's are connected to the router/switch.
All you need to do is to configure the router for Internet Sharing.
Note: Some ADSL modems, such as the Alcatel SpeedTouch Pro, can function as routers between the Internet and the LAN. Read Upgrade from Alcatel SpeedTouch Home to Pro on how to configure your modem. In that case you will no longer require a router on your network:
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem (Configured as a router) 10.0.0.138 PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The ADSL modem is configured as a router.
The Ethernet cable from the modem is connected to the switching hub.
All PC's are connected to the switching hub.
Remember these are just a few of the options available in a home network setup.
");
//]]>-->
Need Help with your Home Network Setup Right Now?
If you are having problems setting up or troubleshooting your home network Support.com is there to help you. Our Network Setup & Troubleshooting service puts all the pieces together. Establishing a secure home network is a daunting task. We'll take the hassle out of setting up your network by implementing the latest security precautions and connecting all of your devices to your router.
Support.com Free Estimate - Network Setup & Troubleshooting
document.context='YTowOnt9';
In this page I will not go into PC configuration details.
Home Network Setup Option 1: Everything hooked to a Hub or Switch
Pros
Simple setup
No server needed
Configure each PC manually
Cons
Maximum 4 PC's
Fixed IP addresses for all 4 PC's
Dial-in required per PC
No Proxy
Hub ports = the number of PC's + 1
Only one PC at a time can be connected to the Internet
With this home network setup we connect all Ethernet cables (PC and ADSL) to a hub or switch. The hub or switch can be any model UTP based hub preferably with a uplink/MDI crossed connector. You will need the uplink connector to connect the ADSL connector. If your hub does not come with such a connector, you should buy or prepare a UTP crossed-over network cable and use that instead. Your hub should have at least the amount of PC's plus 1 (ADSL) UTP ports.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
Each PC (maximum of 4!) should be configured as a ADSL client as described by your provider. Each PC should have an unique IP address.
Home Network Setup Option 2: Everything to the Hub or Switch - one of the PCs is a server
Pros
Simple setup
No manual PC configuration
Almost no limit to the number of PC's (254)
Dialup is done automatically
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
This network setup is similar to variant 1 with one difference: we have a server which enables us to use a different IP range for PCs.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 (Crossed-over cable if hub doesn't have an uplink port) PC1-------------------Switching Hub-----------------PC4 (SERVER)10.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem either is connected to the uplink UTP connector of your hub, or - using a UTP crossed cable - to a regular UTP connector.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing (Windows 2000, XP and ME have this standard included).
Home Network Setup Option 3: All PC's to a Hub or Switch - Server connected to ADSL
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
Proxy (WinRoute or similar)
Cons
Server software (NAT or Proxy) or Microsoft Internet Connection Sharing (ICS) required
Configuring the server can be difficult
Hub ports = number PC's + 1
Server needs additional network-card
Similar to option 1 and option 2 with the exception that the ADSL cable is connected to a server directly and from that server an second network connection is connected to the hub or switch. There are no limitations to the switch or hub used, this can even be a coax network if you would like so (this requires NO hub).
The ADSL network cable is connected to the server, which has 2 network-cards:
ADSL connection
LAN/hub connection
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.5 PC5 Server 192.168.0.5 PC1-------------------Switching Hub-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the server.
The second network-card of the server is connected to the hub.
Each PC is connected to a regular UTP port of the hub/switch.
One of the PC's is to be configured as server either using software like WinRoute or Microsoft Internet Connection Sharing.
Home Network Setup Option 4: PC's and ADSL to Router/Switch
Pros
Simple setup
No manual configuration of PC's
Almost unlimited number of PC's (254)
Dialup done automatically
Separation between the Internet and the LAN
No uplink or crossed UTP cable required
Hub ports = number PC's
No server required
Cons
Routers can be expensive
Configuration of a router can be hard
Not all ADSL routers support RAS with VPN/PPTP
The router/switch (like the LinkSys models) is both a "server" for DHCP, firewall, DNS etc. and a hub in one.
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem 10.0.0.138 10.0.0.1 PC1------------------Router / Switch-----------------PC4 192.168.0.101 / \ 192.168.0.104 / \ / \ PC2 PC3 192.168.0.102 192.168.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The Ethernet cable from the modem is connected to the router/switch.
All PC's are connected to the router/switch.
All you need to do is to configure the router for Internet Sharing.
Note: Some ADSL modems, such as the Alcatel SpeedTouch Pro, can function as routers between the Internet and the LAN. Read Upgrade from Alcatel SpeedTouch Home to Pro on how to configure your modem. In that case you will no longer require a router on your network:
Layout:
Internet Splitter 212.143.143.12 (Real IP from ISP - sample) Alcatel modem (Configured as a router) 10.0.0.138 PC1-------------------Switching Hub-----------------------PC410.0.0.101 / \ 10.0.0.104 / \ / \ PC2 PC3 10.0.0.102 10.0.0.103
The ADSL cable goes to the splitter.
The ADSL modem is connected to the splitter.
The ADSL modem is configured as a router.
The Ethernet cable from the modem is connected to the switching hub.
All PC's are connected to the switching hub.
Remember these are just a few of the options available in a home network setup.
How to Install Active Directory on Windows 2003
First make sure you read and understand Active Directory Installation Requirements. If you don't comply with all the requirements of that article you will not be able to set up your AD (for example: you don't have a NIC or you're using a computer that's not connected to a LAN).
Note: This article is only good for understanding how to install the FIRST DC in a NEW AD Domain, in a NEW TREE, in a NEW FOREST. Meaning - don't do it for any other scenario, such as a new replica DC in an existing domain.
"
If you are looking to really master Active Directory, Group Policy or other Windows networking skills, I strongly recommend that you try Train Signal. I've discovered this company a few months ago and I always send people their way because the training is so good. You can see more Active Directory and windows server training with "Hands-On" video instruction at http://www.TrainSignal.com.
Daniel Petri
document.context='YTowOnt9';
Windows Server 2003 Note: If you plan to install a new Windows Server 2003 DC in an existing AD forest please read the page BEFORE you go on, otherwise you'll end up with the following error:
Here is a quick list of what you must have:
· An NTFS partition with enough free space
· An Administrator's username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows Server 2003 CD media (or at least the i386 folder)
· Brains (recommended, not required...)
This article assumes that all of the above requirements are fulfilled.
Step 1: Configure the computer's suffix
(Not mandatory, can be done via the Dcpromo process).
1. Right click My Computer and choose Properties.
2. Click the Computer Name tab, then Change.
3. Set the computer's NetBIOS name. In Windows Server 2003, this CAN be changed after the computer has been promoted to Domain Controller.
4. Click More.
5. In the Primary DNS suffix of this computer box enter the would-be domain name. Make sure you got it right. No spelling mistakes, no "oh, I thought I did it right...". Although the domain name CAN be changed after the computer has been promoted to Domain Controller, this is not a procedure that one should consider lightly, especially because on the possible consequences. Read more about it on my Windows 2003 Domain Rename Tool page.
6. Click Ok.
7. You'll get a warning window.
8. Click Ok.
9. Check your settings. See if they're correct.
10. Click Ok.
11. You'll get a warning window.
12. Click Ok to restart.
Step 2: Configuring the computer's TCP/IP settings
You must configure the would-be Domain Controller to use it's own IP address as the address of the DNS server, so it will point to itself when registering SRV records and when querying the DNS database.
Configure TCP/IP
1. Click Start, point to Settings and then click Control Panel.
2. Double-click Network and Dial-up Connections.
3. Right-click Local Area Connection, and then click Properties.
4. Click Internet Protocol (TCP/IP), and then click Properties.
5. Assign this server a static IP address, subnet mask, and gateway address. Enter the server's IP address in the Preferred DNS server box.
Note: This is true if the server itself will also be it's own DNS server.
If you have another operational Windows 2000/2003 server that is
Note: This article is only good for understanding how to install the FIRST DC in a NEW AD Domain, in a NEW TREE, in a NEW FOREST. Meaning - don't do it for any other scenario, such as a new replica DC in an existing domain.
"
If you are looking to really master Active Directory, Group Policy or other Windows networking skills, I strongly recommend that you try Train Signal. I've discovered this company a few months ago and I always send people their way because the training is so good. You can see more Active Directory and windows server training with "Hands-On" video instruction at http://www.TrainSignal.com.
Daniel Petri
document.context='YTowOnt9';
Windows Server 2003 Note: If you plan to install a new Windows Server 2003 DC in an existing AD forest please read the page BEFORE you go on, otherwise you'll end up with the following error:
Here is a quick list of what you must have:
· An NTFS partition with enough free space
· An Administrator's username and password
· The correct operating system version
· A NIC
· Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
· A network connection (to a hub or to another computer via a crossover cable)
· An operational DNS server (which can be installed on the DC itself)
· A Domain name that you want to use
· The Windows Server 2003 CD media (or at least the i386 folder)
· Brains (recommended, not required...)
This article assumes that all of the above requirements are fulfilled.
Step 1: Configure the computer's suffix
(Not mandatory, can be done via the Dcpromo process).
1. Right click My Computer and choose Properties.
2. Click the Computer Name tab, then Change.
3. Set the computer's NetBIOS name. In Windows Server 2003, this CAN be changed after the computer has been promoted to Domain Controller.
4. Click More.
5. In the Primary DNS suffix of this computer box enter the would-be domain name. Make sure you got it right. No spelling mistakes, no "oh, I thought I did it right...". Although the domain name CAN be changed after the computer has been promoted to Domain Controller, this is not a procedure that one should consider lightly, especially because on the possible consequences. Read more about it on my Windows 2003 Domain Rename Tool page.
6. Click Ok.
7. You'll get a warning window.
8. Click Ok.
9. Check your settings. See if they're correct.
10. Click Ok.
11. You'll get a warning window.
12. Click Ok to restart.
Step 2: Configuring the computer's TCP/IP settings
You must configure the would-be Domain Controller to use it's own IP address as the address of the DNS server, so it will point to itself when registering SRV records and when querying the DNS database.
Configure TCP/IP
1. Click Start, point to Settings and then click Control Panel.
2. Double-click Network and Dial-up Connections.
3. Right-click Local Area Connection, and then click Properties.
4. Click Internet Protocol (TCP/IP), and then click Properties.
5. Assign this server a static IP address, subnet mask, and gateway address. Enter the server's IP address in the Preferred DNS server box.
Note: This is true if the server itself will also be it's own DNS server.
If you have another operational Windows 2000/2003 server that is
6. Click Advanced.
7. Click the DNS Tab.
8. Select "Append primary and connection specific DNS suffixes"
9. Check "Append parent suffixes of the primary DNS suffix"
10. Check "Register this connection's addresses in DNS". If this Windows 2000/2003-based DNS server is on an intranet, it should only point to its own IP address for DNS; do not enter IP addresses for other DNS servers here. If this server needs to resolve names on the Internet, it should have a forwarder configured.
11. Click OK to close the Advanced TCP/IP Settings properties.
12. Click OK to accept the changes to your TCP/IP configuration.
13. Click OK to close the Local Area Connections properties.
Step 3: Configure the DNS Zone
(Not mandatory, can be done via the Dcpromo process).
Furthermore, it is assumed that the DC will also be it's own DNS server. If that is not the case, you MUST configure another Windows 2000/2003 server as the DNS server, and if you try to run DCPROMO without doing so, you'll end up with errors and the process will fail.
Creating a Standard Primary Forward Lookup ZoneClick Start, point to All Programs, point to Administrative Tools, and then click DNS Manager. You see two zones under your computer name:
1. Forward Lookup Zone and Reverse Lookup Zone.
2. Right click Forward Lookup Zones and choose to add a new zone.
3. Click Next. The new forward lookup zone must be a primary zone so that it can accept dynamic updates. Click Primary, and then click Next.
4. The name of the zone must be the same as the name of the Active Directory domain, or be a logical DNS container for that name. For example, if the Active Directory domain is named "lab.dpetri.net", legal zone names are "lab.dpetri.net", "dpetri.net", or "net".
Type the name of the zone, and then click Next.
5. Accept the default name for the new zone file. Click Next.
6. To be able to accept dynamic updates to this new zone, click "Allow both nonsecure and secure dynamic updates". Click Next.
7. Click Finish.
You should now make sure your computer can register itself in the new zone. Go to the Command Prompt (CMD) and run "ipconfig /registerdns" (no quotes, duh...). Go back to the DNS console, open the new zone and refresh it (F5). Notice that the computer should by now be listed as an A Record in the right pane.
If it's not there try to reboot (although if it's not there a reboot won't do much good). Check the spelling on your zone and compare it to the suffix you created in step 1. Check your IP settings.
Enable DNS Forwarding for Internet connections (Not mandatory)
1. Start the DNS Management Console.
2. Right click the DNS Server object for your server in the left pane of the console, and click Properties.
3. Click the Forwarders tab.
4. In the IP address box enter the IP address of the DNS servers you want to forward queries to - typically the DNS server of your ISP. You can also move them up or down. The one that is highest in the list gets the first try, and if it does not respond within a given time limit - the query will be forwarded to the next server in the list.
5. Click OK.
Creating a Standard Primary Reverse Lookup ZoneYou can (but you don't have to) also create a reverse lookup zone on your DNS
server. The zone's name will be the same as your TCP/IP Network ID. For example, if your IP address is 192.168.0.200, then the zone's name will be 192.168.0 (DNS will append a long name to it, don't worry about it). You should also configure the new zone to accept dynamic updates. I guess you can do it on your own by now, can't you?
Step 4: Running DCPROMO
After completing all the previous steps (remember you didn't have to do them) and after double checking your requirements you should now run Dcpromo.exe from the Run command.
1. Click Start, point to Run and type "dcpromo".
2. The wizard windows will appear. Click Next.
3. In the Operating System Compatibility windows read the requirements for the domain's clients and if you like what you see - press Next.
4. Choose Domain Controller for a new domain and click Next.
5. Choose Create a new Domain in a new forest and click Next.
6. Enter the full DNS name of the new domain, for example - kuku.co.il - this must be the same as the DNS zone you've created in step 3, and the same as the computer name suffix you've created in step 1. Click Next.
This step might take some time because the computer is searching for the DNS server and checking to see if any naming conflicts exist.
7. Accept the the down-level NetBIOS domain name, in this case it's KUKU. Click Next
8. Accept the Database and Log file location dialog box (unless you want to change them of course). The location of the files is by default %systemroot%\NTDS, and you should not change it unless you have performance issues in mind. Click Next.
9. Accept the Sysvol folder location dialog box (unless you want to change it of course). The location of the files is by default %systemroot%\SYSVOL, and you should not change it unless you have performance issues in mind. This folder must be on an NTFS v5.0 partition. This folder will hold all the GPO and scripts you'll create, and will be replicated to all other Domain Controllers. Click Next.
10. If your DNS server, zone and/or computer name suffix were not configured correctly you will get the following warning:
This means the Dcpromo wizard could not contact the DNS server, or it did contact it but could not find a zone with the name of the future domain. You should check your settings. Go back to steps 1, 2 and 3. Click Ok.
You have an option to let Dcpromo do the configuration for you. If you want, Dcpromo can install the DNS service, create the appropriate zone, configure it to accept dynamic updates, and configure the TCP/IP settings for the DNS server IP address.
To let Dcpromo do the work for you, select "Install and configure the DNS server...".
Click Next.
Otherwise, you can accept the default choice and then quit Dcpromo and check steps 1-3.
11. If your DNS settings were right, you'll get a confirmation window.
Just click Next.
12. Accept the Permissions compatible only with Windows 2000 or Windows Server 2003 settings, unless you have legacy apps running on Pre-W2K servers.
13. Enter the Restore Mode administrator's password. In Windows Server 2003 this password can be later changed via NTDSUTIL. Click Next.
14. Review your settings and if you like what you see - Click Next.
15. See the wizard going through the various stages of installing AD. Whatever you do - NEVER click Cancel!!! You'll wreck your computer if you do. If you see you made a mistake and want to undo it, you'd better let the wizard finish and then run it again to undo the AD.
16. If all went well you'll see the final confirmation window. Click Finish.
17. You must reboot in order for the AD to function properly.
18. Click Restart now. Step 5: Checking the AD installation
Step 5: Checking the AD installation
You should now check to see if the AD installation went well.
1. First, see that the Administrative Tools folder has all the AD management tools installed.
2. Run Active Directory Users and Computers (or type "dsa.msc" from the Run command). See that all OUs and Containers are there.
3. Run Active Directory Sites and Services. See that you have a site named Default-First-Site-Name, and that in it your server is listed.
4. Open the DNS console. See that you have a zone with the same name as your AD domain (the one you've just created, remember? Duh...). See that within it you have the 4 SRV record folders. They must exist.
= Good
If they don't (like in the following screenshot), your AD functions will be broken (a good sign of that is the long time it took you to log on. The "Preparing Network Connections" windows will sit on the screen for many moments, and even when you do log on many AD operations will give you errors when trying to perform them).
= BadThis might happen if you did not manually configure your DNS
server and let the DCPROMO process do it for you.
Another reason for the lack of SRV records (and of all other records for that matter) is the fact that you DID configure the DNS server manually, but you made a mistake, either with the computer suffix name or with the IP address of the DNS server (see steps 1 through 3).
To try and fix the problems first see if the zone is configured to accept dynamic updates.
1. Right-click the zone you created, and then click Properties.
2. On the General tab, under Dynamic Update, click to select "Nonsecure and secure" from the drop-down list, and then click OK to accept the change.
You should now restart the NETLOGON service to force the SRV registration.
You can do it from the Services console in Administrative tools:
Or from the command prompt type "net stop netlogon", and after it finishes, type "net start netlogon".
Let it finish, go back to the DNS console, click your zone and refresh it (F5). If all is ok you'll now see the 4 SRV record folders.
If the 4 SRV records are still not present double check the spelling of the zone in the DNS server. It should be exactly the same as the AD Domain name. Also check the computer's suffix (see step 1). You won't be able to change the computer's suffix after the AD is installed, but if you have a spelling mistake you'd be better off by removing the AD now, before you have any users, groups and other objects in place, and then after repairing the mistake - re-running DCPROMO.
5. Check the NTDS folder for the presence of the required files.
6. Check the SYSVOL folder for the presence of the required subfolders.
7. Check to see if you have the SYSVOL and NETLOGON shares, and their location.
If all of the above is ok, I think it's safe to say that your AD is properly installed.
How do configure a new Windows 2000 DNS server within an existing DNS environment
How do I install and configure a new Windows 2000 DNS server within an existing DNS environment where Active Directory is not enabled?
To create a new Windows 2000 DNS Server, you must install Windows 2000 Server or Advanced Server on a server that is attached to your network. Because DNS is not installed by default during installation of Windows 2000 Server or Advanced Server, you have to install DNS on the server. You can install the Windows 2000 DNS service either during the installation of Windows 2000 Server or Advanced Server, or after the initial installation.
");
//]]>-->
Daniel's DNS Recommendations
If you are looking to really master DNS, Active Directory or other Windows networking skills, I strongly recommend that you try Train Signal. I've discovered this company a few months ago and I always send people their way because the training is so good. You can see more DNS and windows server training with "Hands-On" video instruction at http://www.TrainSignal.com.
Daniel Petri
document.context='YTowOnt9';
If your existing environment already has a DNS domain and an existing DNS infrastructure, and Active Directory is enabled, you can delegate a sub-domain of your existing DNS domain to the Windows 2000 domain. The Windows 2000 DNS server must already be installed to complete the following step.
With an existing DNS domain, you can delegate a sub-domain from the existing DNS server to the Windows 2000 DNS server. For example, if your domain name is mycompany.com, you can create a sub-domain with the name windows2000.mycompany.com. The Windows 2000 DNS server has authority over that sub-domain.
To create the sub-domain, configure the DNS server to use one of the organization's main DNS servers as a forwarder. A forwarder provides recursive lookups for any queries that the DNS server receives that it cannot answer based on its local zones. After you set up the forwarder, the Windows 2000 DNS server is responsible for resolving any queries for computers or resources that are contained within its own local domain. Any queries beyond this range, however, are forwarded directly to the organization's main DNS servers for resolution.
To Add the Organization's Main DNS Servers to the List of Forwarders on the Windows 2000 Server:
1. Click Start, point to Programs, point to Administrative Tools, and then click DNS to start the DNS Management Console.
2. Right click the DNS Server object for your server in the left pane of the console, and click Properties.
3. Click the Forwarders tab.
4. Check the Enable forwarders check-box.
5. In the IP address box enter the IP address of the DNS servers you want to forward queries to - typically the DNS server of your ISP. You can also move them up or down. The one that is highest in the list gets the first try, and if it does not respond within a given time limit - the query will be forwarded to the next server in the list.
6. Click OK.
Links
Integrate DNS with Existing DNS Infrastructure If Active Directory Is Enabled in Windows 2000 - 301191
Setting Up the Domain Name System for Active Directory - 237675
To create a new Windows 2000 DNS Server, you must install Windows 2000 Server or Advanced Server on a server that is attached to your network. Because DNS is not installed by default during installation of Windows 2000 Server or Advanced Server, you have to install DNS on the server. You can install the Windows 2000 DNS service either during the installation of Windows 2000 Server or Advanced Server, or after the initial installation.
");
//]]>-->
Daniel's DNS Recommendations
If you are looking to really master DNS, Active Directory or other Windows networking skills, I strongly recommend that you try Train Signal. I've discovered this company a few months ago and I always send people their way because the training is so good. You can see more DNS and windows server training with "Hands-On" video instruction at http://www.TrainSignal.com.
Daniel Petri
document.context='YTowOnt9';
If your existing environment already has a DNS domain and an existing DNS infrastructure, and Active Directory is enabled, you can delegate a sub-domain of your existing DNS domain to the Windows 2000 domain. The Windows 2000 DNS server must already be installed to complete the following step.
With an existing DNS domain, you can delegate a sub-domain from the existing DNS server to the Windows 2000 DNS server. For example, if your domain name is mycompany.com, you can create a sub-domain with the name windows2000.mycompany.com. The Windows 2000 DNS server has authority over that sub-domain.
To create the sub-domain, configure the DNS server to use one of the organization's main DNS servers as a forwarder. A forwarder provides recursive lookups for any queries that the DNS server receives that it cannot answer based on its local zones. After you set up the forwarder, the Windows 2000 DNS server is responsible for resolving any queries for computers or resources that are contained within its own local domain. Any queries beyond this range, however, are forwarded directly to the organization's main DNS servers for resolution.
To Add the Organization's Main DNS Servers to the List of Forwarders on the Windows 2000 Server:
1. Click Start, point to Programs, point to Administrative Tools, and then click DNS to start the DNS Management Console.
2. Right click the DNS Server object for your server in the left pane of the console, and click Properties.
3. Click the Forwarders tab.
4. Check the Enable forwarders check-box.
5. In the IP address box enter the IP address of the DNS servers you want to forward queries to - typically the DNS server of your ISP. You can also move them up or down. The one that is highest in the list gets the first try, and if it does not respond within a given time limit - the query will be forwarded to the next server in the list.
6. Click OK.
Links
Integrate DNS with Existing DNS Infrastructure If Active Directory Is Enabled in Windows 2000 - 301191
Setting Up the Domain Name System for Active Directory - 237675
Tuesday, August 7, 2007
Networking Qustion
Write by vikrant choudhary.
Networking
Q1: How many type of simple networking?
Ans :
CAT 1 – Voice only
CAT 2 – 4 Mbps
CAT 3 – 10 Mbps
CAT 4 – 16 Mbps
CAT 5 – 100 Mbps
Thinnet (10base2) – 185 meters (607 feet) – 10 Mbps -- BNC Connector (barrel connector, terminator), RG58 cable. 5-4-3 rule (5 segments with 4 repeaters but only 3segments can have computers.)
Thicknet also known as Standard Ethernet (10base5) – 500 meters (1640 feet) – 10 Mbps – AUI (attachment unit interface) connector, transceivers, transceiver cables (connect to thin),
Twisted Pair (10baseT) – 100 meters (328 feet) – 4-100 Mbps – RJ 45 connector
90% of new installs are UTP Star.
Fiber Optic -- 2 kilometers (6562 feet) – 100 Mbps or more
10BaseFL – (2000 meters) Fiber Optic - expensive and hard to work with.
100BaseX= Fast Ethernet.
Full Duplex - data going in both directions at the same time. Half Duplex - data going in both directions, one direction at a time.Simplex - data going in one direction only.
Q2: How many Topologies for networks?
Ans:
STAR, BUS, LINEAR BUS STAR
10BaseT 10Base2 100BaseVG AnyLAN
100BaseX 10Base5
MESH – common WAN topology – remote sites over multiple communications lines. Routers determine best path.
Q3: How many type of OSI models?
Ans: seven type of OSI models-
APPLICATION – software (what you see on screen)
PRESENTATION – translation, compression
SESSION – security and name recognition to allow applications to communicate.
TRANSPORT – insures packets are delivered error free. (flow control, error handling)
NETWORK – addressing messages and translating logical addresses into physical addresses.
DATA LINK – packages bits into data frames (includes control & CRC)
PHYSICAL – electrical, optical, mechanical.
Data Link breaks down into MAC Layer and Logical Link Control Layer
Logical Link Control handles error and flow control
MAC Layer handles access control.
802 Network Model – Defines Network standard for the physical part of the network.
802.3 – CSMA/CD – LAN Ethernet
802.5 – Token Ring - LAN Token Ring
Q4: What is Baseband?
Ans: digital over single frequency.
Q5: What is broadband?
Ans: analog signal over a range of frequencies, nondiscrete unidirectional signal.
Q6: How many type of Protocols?
Ans: Protocols are-
DLC – non-routable - used for HP Printers (Jet Direct) and IBM Mainframe Connectivity.
NetBEUI – non-routable – NetBIOS extended user interface (Microsoft Networks only.)
IPX/SPX – Novell – similar to NetBEUI, only routable.
NWLINK – Microsoft version of IPX/SPX.
TCP/IP – routable – used for Internet
X.25 – Routable – used in a switching network.
XNS – Routable – used in Xerox’s Ethernet LANs before TCP/IP.
APPC - non-routable – IBM’s transport protocol (part of SNA)
Apple Talk – Routable – Apples Protocol Stack.
OSI protocol Suite – Routable – each protocol maps directly to a layer of the OSI model.
DECnet – Routable – Digital’s protocol stack – implements the DNA (Digital network architecture).
Contention – competition among stations to use a network resource or communications line.
Redirector – All Microsoft products come with a redirector that takes request from the computer and looks to see if it is local or sends to network.
PPP – Point to Point Protocol – used with dial-up adapters. Can automatically configure IP addresses.
Point to point serial communication using TCP/IP.
SLIP (Serial Line Internet Protocol) – must manually configure IP address. Must know both yours and the one you are connecting to. Point to point serial communication using TCP/IP.
Q7: What is HCL?
Ans: HCL – Hardware Compatibility List – lists all hardware that is compatible with Windows NT.
Q8: What is PDC and BDC?
Ans: PDC - Primary Domain Controller – Logins, Permissions, Scripts, Securities.
BDC - Backup Domain Controller – a computer that receives a copy of the domain’s security policy and database and authenticates network logons. (It provides a backup in case the PDC becomes unavailable. It is not required but is recommended to be a backup to the PDC.
NT allows you to decide who can and can not print.
NT Service is an application that allows you to add services MAC Service (need service to be able to connect to other OS’s).
Fax Server – manual routing – physically check faxes and forward as E-mail attachments.
OCR reader converts fax into text for use.
DID (direct inward dialing) – special phone line that forwards faxes to appropriate person.
Q9: What is centralized Computing?
Ans: Centralized Computing – terminal based computing.
Client/Server (front end/back end) .
Q10 : How many type of groups?
Ans: Global – created on PDC containing user accounts only from their own domain account database.
Local – individual user accounts have rights and permissions on local computers.
Universal:-
Special – used for internal system access to resources and permissions.
Built-in – perform common network admin and maintenance tasks.
Q11: What is SNMP?
Ans: SNMP (Simple Network Management Protocol) –
Part of TCP/IP Suite – programs called agents monitor network traffic and behavior.
Store data in MIB’s (management information database)
Records hubs, servers, NIC’s, routers.
Sends an ALERT to Network Manager If beyond certain ranges.
Q12: What is SMS?
Ans: SMS (Systems Management Server) Microsoft’s back office product allows you to monitor systems. Works with NT server only. Desktop management, Remote Control, software distribution, Inventory management (hardware and software data).
Q13:- What is network data security?
Ans:-Network Data Security
Password Protected Share (share level security) – assign password to each shared resource
Access Permissions (user level security) – user enters a logon and password at login and server checks a database and assigns security as applicable. Resources are controlled by the administrator and are allowed to the user at login.
C2 compliant – Govt. level of security
Virus checks, passwords, access rights.
Q14: what is RAID?
Ans: RAID (redundant array of inexpensive disks) – Fault Tolerance
RAID is handled through NT’s disk administrator. (Supports 1&5)
Level 0 – Disk Striping – divides data into 64K blocks and distributes evenly among all disks in an array. Provides no redundancy or fault tolerance.
Level 1 – Disk Mirroring – Write all data to two hard drives in sync, if one fails then swap.
Level 5 – Disk Striping with Parity – supports three to 32 hard drives. Allocate same amount of space on each hard drive. Divides data into 64K blocks and writes parity info evenly among all disks in an array. If one disk fails, enough parity info is written across other disks to recreate it. Parity stripe block is used to reconstruct data.
Q15: What is MODEMS?
Ans: MODEMS – converts digital PC signal to analog phone signal and back. Uses sound waves to transmit data. Telephone lines have a 33,600 Kbps max speed.
Q16: What is RAS?
Ans: RAS - (Remote Access Services) – NT can handle up to 256 calls.
Q17: How to Sending DATA across a WAN?
Ans: X.25 protocol – incorporated into packet switching network. Uses PAD. – Packet switching protocol.
PAD – packet assembler/disassembler – receives asynchronous characters from terminals and assembles into packets to be transmitted over network and back.
Frame Relay – point to point system – uses PVC – fast packet, variable length digital – digital leased lines. Provides bandwidth as needed. – Packet switching protocol
ATM – asynchronous transfer mode – fixed packets – broadband.
Speeds up to 622 Mbps – used mainly for ISP backbones because of cost.
53 byte cells instead of packets. – Packet switching protocol
ISDN – integrated services digital network
128 bits per second – 2B+D – 2 64Kbps B channels & 1 16Kbps D channel.
Voice, data, images - signaling&link mgmt. Data
FDDI – Fiber Distributed Data Interface 100Mbps
Used mainly for MAN technology – works in a double ring.
Like Token-Ring only many frames can go on the token, not just one.
SONET – synchronous Optical Network – fiber-optic – 1 Gig per second
SMDS – switched multimegabit data service. Up to 34 Mbps
Same fixed length cell relay technology as ATM.
Subscribe to:
Posts (Atom)