|< Day Day Up >||
The current A+ Operating Systems Technologies exam will most likely focus on your ability to configure network settings and protocols from within the Windows 2000 Professional operating system. The configurations of Windows 2000 Server and Advanced Server operating systems for network support are beyond the scope of this book. However, the exam will expect you to have a general understanding of network services such as WINS (Windows Internet Naming Service), DNS (Domain
In the previous operating system chapters, we have discussed protocols in some detail. In Chapter 12, you learned how to install protocols and services from within the Network applet of Control Panel. In Windows 2000 Professional, protocols and services are installed in much the same way, with the exception that they are installed from a different location. To install protocols and services, simply right-click on My Network Places, right-click on Local Area Connection, and select Properties. You will be presented with the General tab from which you can configure NICs, protocols, and services.
Following are the most important protocols and services that you may have to identify on the A+ exam:
Windows Internet Naming Service (WINS). WINS is used to determine the NetBIOS computer name associated with a particular IP address on a network. This process is known as name resolution . The WINS database resides on a server or servers on a network.
Domain Name Service (DNS).
DNS is a name resolution service that resolves Internet or fully qualified network domain names to an IP address. You can change what is known as the DNS server search order on client computers by adding DNS server IP address entries on the client systems. To navigate to this section, right-click on My Network Places and select Properties, right-click on Local Area Connection and Properties. Select Internet Protocol (TCP/IP) and click the Properties button, click the Advanced button, select the DNS tab, and select Add under the DNS Server addresses in the order of use section. Enter the IP addresses of the DNS servers you wish to use to resolve domain
Dynamic Host Configuration Protocol (DHCP). DHCP is a protocol used to assign IP addresses automatically on a TCP/IP network. The DHCP server hands out IP addresses to client computers configured to use DHCP. The alternative to DHCP is configuring your system to use a static IP address. To use a static IP address, you will need an IP address, a default gateway, and a subnet mask. If you are using DHCP and need to renew your current dynamically assigned IP address, you should enter the following at a Windows 2000 command prompt:
Internet Connection Sharing (ICS) . ICS is a feature of dial-up networking that allows all the computers in a home or small business to share one connection to the Internet. In Windows 2000 Professional, ICS can be configured by selecting Start > Settings > Network and Dial-up Connections, right-clicking on a icon configured for an Internet connection, selecting Properties, selecting the Sharing tab, and clicking Enable Internet Connection Sharing for This Connection. You will then be presented with settings that you can customize for your connection.
It is very important for you to remember that ICS is available in Windows 98 SE, Windows 2000, Windows Me, and Windows XP. ICS allows two or more connected computers to share one Internet connection, whether it be a dial-up, DSL, cable, ISDN, satellite, or T1 connection.
Automatic Private IP Addressing (APIPA).
APIPA is a service used with Windows 98 and Windows 2000 Professional that allows client computers to configure
Hypertext Transfer Protocol (HTTP). HTTP is an Internet protocol used to define consistent connections.
Hypertext Transfer Protocol Secure (HTTPS). HTTPS is a secure protocol used to transmit information over the Internet. To access a secure Internet site, such as ChristopherCrayton.com, you would need a URL entry of HTTPS://ChristopherCrayton.com.
SSL (Secure Sockets Layer). SSL is a protocol that uses public and private keys to secure data transmitted over the Internet. With SSL, a secured connection is established between a client and a server. SSL is a commonly used security protocol that provides transport security through Internet browsers provided by Netscape and Microsoft. SSL is a session-based X.509 digital certificate supporting protocol that uses a public and private key exchange to encrypt the passing of data between client and server systems. The SSL protocol supports RSA, DES, IDEA, 3DES, and MD5. SSL can be used by services such as HTTP, FTP, SMTP, IMAP, POP, and Telnet.
SSL uses a combination of the SSL Record protocol and the SSL Handshake protocol to provide security. The Handshake protocol provides authentication services, while the Record protocol provides for a secure connection. Many Internet Web sites utilize SSL as a secure means of obtaining confidential customer information, such as bank account and other personal information. It provides confidential Web sessions and authentication services for Web servers.
Simple Mail Transport Protocol (SMTP). SMTP is a protocol used for transferring e-mail between client computers and e-mail severs. For a client to send e-mail messages using SMTP successfully, a client computer should be configured with an IMAP (Internet Message Access Protocol) or POP (Post Office Protocol) server address. POP and IMAP accounts use SMTP to allow a person using a dial-up or Internet connection to gain access to mail on a mail server computer. In most cases, SMTP is used for sending mail only. This is based on its inability to handle message queuing properly at the mail-receiving end. In order to receive stored messages properly from a mail server, most client side systems are set up for POP or IMAP.
You send mail with SMTP. You download or receive mail with POP or IMAP.
SMTP is most often used with TCP port 25. SMTP Relay is when an intermediary mail server (relay server) is used to accept any incoming mail and forward it to another mail server or final destination. This final destination is typically the e-mail server where the
The problem here is that mail servers that implement SMTP Relay usually accept most mail received and deliver or relay outgoing mail without verifying or authenticating the sender or receiver. Spammers, spoofers and unauthorized users can take advantage of this vulnerability by faking a sender’s address, and using just about any receiving address they wish. This can cause great a
A common problem among companies that use improperly configured e-mail and SMTP Relay servers is that they are unknowingly being used as hosts to spam other servers and
NNTP (Network News Transfer Protocol).
NNTP is a protocol included with Internet browsers such as Internet Explorer and Netscape, which allows
File Transfer Protocol (FTP). FTP is a protocol used to transfer data between computers on a TCP/IP network. Special file servers known as FTP servers are used to handle FTP functions. Users are typically authenticated anonymously on FTP file servers, which means that users can read and update information stored on the FTP server without being authenticated or authorized to access the server. The FTP server does care who the user is.
Here are some good practices when configuring and using FTP:
Configure your FTP server to run FTP services only; do not run unnecessary services that can be exploited.
Do not store
Use a secure file transfer package, such as SSL, and encrypt all important data.
Disallow unnecessary access to your FTP server; do not use a ‘blind’ or anonymous FTP.
Audit and log events on your FTP server.
TFTP (Trivial File Transfer Protocol). TFTP is a scaled down, simplistic version of FTP. Instead of using the TCP (Transmission Control Protocol) that FTP uses, TFTP use the UDP (User Datagram Protocol). Unlike FTP, TFTP does not use authentication and doesn’t provide any security features whatsoever. It is commonly used by servers as a mechanism to reboot diskless systems and X-terminals.
There are many third-party programs available today that assist in making your FTP server more secure. Many of these programs are Java based and allow for an SSL encrypted connection to your FTP server. For very secure FTP, X.509 certificates and the use of asymmetric public key cryptography is often used to encrypt public keys. For larger file transmissions, symmetric keys are used to encrypt and decrypt data sessions. There are many algorithms that are used in securing FTP. A few of these include: DES, 3DES, and Blowfish. In conclusion, S/FTP is
If you have installed Windows 2000 Professional and are not currently attached to a workgroup or domain, you can join your system to a workgroup or domain, or change your system’s name by right-clicking on the My Computer icon, selecting the Network Identification tab, and choosing the Properties button. You will then have the options of changing your computer name or becoming a member of a workgroup or a domain. In order to join your system to a workgroup or domain, you must have administrative privileges.
Configuring your system to connect to the Internet is not difficult. You need a Local Area Connection, TCP/IP, an Internet browser (such as Internet Explorer or Netscape Navigator), a modem, and an ISP.
You can use the Internet Connection Wizard to connect your system to the Internet. To do this, right-click on the Internet Explorer icon located on the Desktop, select Properties, select the Connections tab, and click the Setup button. You will be
Computer viruses are becoming more and more of a threat to the integrity of computer systems and computer data. If a virus has wiped out your important personal information or
Viruses are easily spread via the Internet, through e-mail attachments, infected floppy disks, and network shares. The most common types of viruses are the following:
Trojan. A virus that comes disguised as a useful file or program, the file or program is used to deliver the Trojan virus to the system.
Often spread through e-mail, a macro virus is one that infects programs, files, and templates associated with applications such as Microsoft Word or Excel. Macro viruses usually insert
. These viruses
Polymorphic . This is a very popular type of virus that mutates so that it is virtually undetectable by antivirus software.
File infectors. These types of viruses typically attach to executable programs, such as files with a .COM or .EXE extensions.
Worm . A worm virus resides in computer memory and duplicates itself until it finally consumes enough system resources to render the system inoperative.
Stealth . A stealth virus can infect partition tables, boot sectors, and executable programs, and hides from antivirus detection software.
The recommended way to clean a virus from an infected computer is to boot the system to a virus-scanned boot disk that includes an updated DAT (virus definition) file, and which cleans the virus from the infected system by running the antivirus cleaning software program from the boot disk.
The current A+ operating system technologies exam is likely to test your knowledge regarding the types of media and software that can actually be infected by viruses. For the exam, please note that floppies cannot be infected when they are write-protected, CD-ROMs cannot be infected, hard drive boot sectors can be infected, system and network files can be infected.
|< Day Day Up >||