NETWORKING ESSENTIALS (PART II)

 

THE REDIRECTOR

THE PROCESS OF FORWARDING REQUESTS IS DONE BY A REDIRECTOR. DEPENDING ON THE NETWORKING SOFTWARE, THIS REDIRECTOR MAY ALSO BE REFERRED TO AS A SHELL OR A REQUESTER. THE REDIRECTOR IS A SMALL SECTION OF CODE IN THE NETWORKING OPERATING SYSTEM THAT:

 

INSTALLING WINDOWS NT SERVER

THE INSTALLATION PROGRAM IS AN APPLICATION THAT WILL DO THE WORK OF INSTALLING THE NETWORK OPERATING SYSTEM IN A VARIETY OF WAYS, DEPENDING ON:

 

 

TCP/IP INSTALLATION

TCP/IP IS A STANDARD, ROUTABLE, ENTERPRISE NETWORKING PROTOCOL FOR WINDOWS NT. CAN BE USED ON THE INTERNET.

WHEN INSTALLING MICROSOFT TCP/IP, YOU NEED THE FOLLOWING THREE CONFIGURATION PARAMETERS TO USE IT IN A ROUTED NETWORK ENVIRONMENT.

 

DHCP (CONFIGURING TCP/IP AUTOMATICALLY)

WINDOWS NT SERVER PROVIDES A SERVICE CALLED THE DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) SERVER SERVICE. WHEN A DHCP SERVER IS CONFIGURED ON THE NETWORK, CLIENTS THAT SUPPORT DHCP (INCLUDING WINDOWS NT WORKSTATION AND WINDOWS NT SERVER) CAN REQUEST TCP/IP CONFIGURATION INFORMATION (IP ADDRESS, SUBNET MASK, DEFAULT GATEWAY, AND SO FORTH) FROM THE DHCP SERVER. THIS CAN GREATLY SIMPLIFY THE CONFIGURATION OF TCP/IP ON THE CLIENT COMPUTER.

 

TCP/IP UTILITIES

PING (PACKET INTERNET GROPER) - VERIFIES CONFIG. AND TESTS CONNECTIONS.

IPCONFIG - DISPLAYS CURRENT TCP/IP CONFIG.

NBTSTAT - DISPLAYS PROTOCOL STATS & CONNECTIONS.

NETSTAT - DISPLAYS TCP/IP PROTOCOL STATS & CONNECTIONS.

ROUTE - DISPLAYS OR MODIFIES THE LOCAL ROUTING TABLE.

TRACERT - CHECKS THE ROUTE TO A REMOTE SYSTEM.

ARP - DISPLAYS CACHE OF LOCALLY RESOLVED IP ADDRESSES TO PHYSICAL ADDRESSES.

 

SNMP (SIMPLE NETWORK MANAGEMENT PROTOCOL)

IN AN SNMP ENVIRONMENT, PROGRAMS CALLED AGENTS ARE LOADED ONTO EACH MANAGED DEVICE. THE AGENTS MONITOR NETWORK TRAFFIC AND BEHAVIOR IN THESE KEY NETWORK COMPONENTS IN ORDER TO GATHER STATISTICAL DATA. THIS DATA IS STORED IN A MANAGEMENT INFORMATION BASE (MIB).

SNMP COMPONENTS INCLUDE:

 

PLANNING FOR NETWORK SECURITY

LEVEL OF SECURITY

SETTING POLICIES

PREVENTION

AUTHENTICATION

TRAINING

 

SECURITY ENHANCEMENTS

AUDITING

AUDITING RECORDS SELECTED TYPES OF EVENTS IN THE SECURITY LOG OF A SERVER. THIS PROCESS TRACKS NETWORK ACTIVITIES BY USER ACCOUNTS. AUDITING SHOULD BE PART OF NETWORK SECURITY BECAUSE THE AUDIT RECORDS SHOW THE USERS THAT HAVE ACCESSED OR ATTEMPTED TO ACCESS SPECIFIC RESOURCES.

DISKLESS COMPUTERS

DISKLESS COMPUTERS HAVE NO FLOPPY DRIVES OR HARD DISKS. THEY CAN DO EVERYTHING A COMPUTER WITH DISK DRIVES CAN DO EXCEPT STORE DATA ON A LOCAL FLOPPY OR HARD DISK. THESE COMPUTERS ARE IDEAL FOR SECURITY BECAUSE USERS CANNOT DOWNLOAD DATA AND TAKE IT AWAY. ALSO, SOME COMPANIES USE DISKLESS COMPUTERS BECAUSE THEY ARE INEXPENSIVE COMPARED TO FULLY-EQUIPPED COMPUTERS.

DATA ENCRYPTION

A DATA ENCRYPTION UTILITY SCRAMBLES DATA BEFORE IT GOES OUT ONTO THE NETWORK. THIS MAKES THE DATA UNREADABLE EVEN IF SOMEONE TAPS THE CABLE AND READS THE DATA AS IT PASSES OVER THE NETWORK. WHEN THE DATA GETS TO THE PROPER COMPUTER, A KEY, THE CODE FOR DECIPHERING DATA, DECODES THE BITS INTO UNDERSTANDABLE INFORMATION. ADVANCED DATA ENCRYPTION SCHEMES AUTOMATE BOTH ENCRYPTION AND THE KEYS. THE BEST ENCRYPTION SYSTEMS ARE HARDWARE-BASED AND CAN BE EXPENSIVE.

VIRUS PROTECTION

DISASTROUS VIRUSES ARE BECOMING MORE COMMON PLACE. THEY MUST BE TAKEN INTO ACCOUNT WHEN DEVELOPING NETWORK SECURITY PROCEDURES. ALTHOUGH NO VIRUS PROTECTION PROGRAM CAN PREVENT ALL VIRUSES, THEY CAN DO SOME OF THE FOLLOWING:

 

TAPE BACKUP METHODS

FULL BACKUP - BACKS UP AND MARKS SELECTED FILES, WHETHER OR NOT THEY HAVE CHANGED SINCE THE LAST BACKUP.

COPY - BACKS UP ALL SELECTED FILES WITHOUT MARKING THEM AS BEING BACKED UP.

INCREMENTAL BACKUP - BACKS UP AND MARKS SELECTED FILES ONLY IF THEY HAVE CHANGED SINCE THE LAST TIME THEY WERE BACKED UP.

DAILY COPY - BACKS UP ONLY THOSE FILES THAT HAVE BEEN MODIFIED THAT DAY, WITHOUT MARKING THEM AS BEING BACKED UP.

DIFFERENTIAL BACKUP - BACKS UP SELECTED FILES ONLY IF THEY HAVE CHANGED SINCE THE LAST TIME THEY WERE BACKED UP, WITHOUT MARKING THEM AS BEING BACKED UP.

 

FAULT TOLERANCE AND DISK ADMINISTRATOR

DISK ADMINISTRATOR IS USED TO CREATE A VARIOUS DISK CONFIGURATIONS, INCLUDING:

 

MODEM

COMPUTERS CANNOT SIMPLY CONNECT OVER A TELEPHONE LINE BECAUSE THE COMPUTER COMMUNICATES IN DIGITAL ELETRONIC PULSES (ELETRONIC SIGNALS) AND A TELEPHONE LINE CAN ONLY SEND ANALOG PULSES (SOUND). A MODEM AT THE SENDING END CONVERTS THE COMPUTER'S DIGITAL SIGNALS INTO ANALOG AND TRANSMITS THE ANALOG SIGNALS ONTO THE TELEPHONE LINE. A MODEM AT THE RECEIVING END CONVERTS THE INCOMING ANALOG SIGNALS BACK INTO DIGITAL SIGNALS FOR THE RECEIVING COMPUTER.

 

MODEM HARDWARE

MODEMS ARE KNOWN AS DATA COMMUNICATIONS EQUIPMENT (DCE) AND SHARE THE FOLLOWING CHARACTERISTICS:

 

TYPES OF MODEMS

ASYNCHRONOUS COMMUNICATIONS (ASYNC)

ASYNCHRONOUS MAY BE THE MOST WIDESPREAD FORM OF CONNECTIVITY IN THE WORLD. THIS IS BECAUSE ASYNC WAS DEVELOPED SO IT COULD USE COMMON TELEPHONE LINES. THIS CHECKS FOR ERRORS ON THE DATA.

SYNCHRONOUS COMMUNICATION

SYNCHRONOUS COMMUNICATION RELIES ON A TIMING SCHEME COORDINATED BETWEEN TWO DEVICES TO SEPARATE GROUPS OF BITS AND TRANSMIT THEM IN BLOCKS KNOWN AS FRAMES. SPECIAL CHARACTERS ARE USED TO BEGIN THE SYNCHRONIZATION AND CHECK ITS ACCURACY PERIODICALLY. IF THERE IS AN ERROR, THE SYNCHRONOUS ERROR DETECTION AND CORRECTION SCHEME SIMPLY IMPLEMENTS A RETRANSMISSION.

 

PPTP (POINT-TO-POINT TUNNELING PROTOCOL)

PPTP PROVIDES A WAY TO ROUTE IP, IPX, OR NETBEUI PPP PACKETS OVER A TCP/IP NETWORK. PPTP ALLOWS FOR MULTIPROTOCOL ENCAPSULATION THAT ENABLE ANY OF THESE PACKETS TO BE SENT OVER THE TCP/IP NETWORK. THE EXISTING CORPORATE OR ORGANIZATIONAL LAN IS TREATED AS IF IT WERE A PSTN, ISDN, OR X.25 NETWORK. THIS VIRTUAL WAN IS SUPPORTED THROUGH THE PUBLIC NETWORKS SUCH AS THE INTERNET.

 

NETWORK COMPONENTS

REPEATERS

A REPEATER TAKES A WEAK SIGNAL FROM ONE SEGMENT, REGENERATES IT, AND PASSES IT TO THE NEXT SEGMENT. TO PASS DATA THROUGH THE REPEATER IN A USABLE FASHION FROM ONE SEGMENT TO THE NEXT, THE PACKETS AND THE LOGICAL LINK CONTROL (LLC) PROTOCOLS MUST BE THE SAME ON EACH SEGMENT. THIS MEANS THAT A REPEATER WILL NOT ENABLE COMMUNICATION BETWEEN AN 802.3 LAN (ETHERNET) AND AN 802.5 LAN (TOKEN RING).

REPEATERS DO NOT TRANSLATE OR FILTER ANYTHING. FOR A REPEATER TO WORK, BOTH SEGMENTS THAT THE REPEATER JOINS MUST HAVE THE SAME ACCESS METHOD. THE TWO MOST COMMON ACCESS METHODS ARE CSMA/CD AND TOKEN PASSING. A REPEATER CANNOT CONNECT A SEGMENT USING CSMA/CD TO A SEGMENT USING TOKEN PASSING. THAT IS, THEY CANNOT TRANSLATE AN ETHERNET PACKET INTO A TOKEN RING PACKET.

 

BRIDGES

LIKE A REPEATER, A BRIDGE CAN JOIN SEGMENTS OR WORKGROUP LANS. HOWEVER, A BRIDGE CAN ALSO DIVIDE A NETWORK TO ISOLATE TRAFFIC OR PROBLEMS. IF THE VOLUME OF TRAFFIC FROM ONE OR TWO COMPUTERS OR A SINGLE DEPARTMENT IS FLODDING THE NETWORK WITH DATA AND SLOWING DOWN THE ENTIRE OPERATION, A BRIDGE COULD ISOLATE THOSE COMPUTERS OR THAT DEPARTMENT. BRIDGES WORK AT THE DATA LINK LAYER OF THE OSI MODEL.

BRIDGES CAN:

A BRIDGE CAN TAKE AN OVERLOADED NETWORK AND SPLIT IT INTO TWO SEPARATE NETWORKS, REDUCING THE AMOUNT OF TRAFFIC ON EACH SEGMENT AND MAKING EACH NETWORK MORE EFFICIENT.

 

ROUTERS

ROUTERS HAVE ACCESS TO MORE INFORMATION IN PACKETS THAN BRIDGES, AND USE THIS INFORMATION TO IMPROVE PACKET DELIVERIES. ROUTERS ARE USED IN COMPLEX NETWORK SITUATIONS BECAUSE THEY PROVIDE BETTER TRAFFIC MANAGEMENT THAN BRIDGES AND DO NOT PASS BROADCAST TRAFFIC. ROUTERS CAN SHARE STATUS AND ROUTING INFORMATION WITH ONE PASS BROADCAST TRAFFIC. ROUTERS CAN SHARE STATUS AND ROUTING INFORMATION WITH ONE ANOTHER AND USE THIS INFORMATION TO BYPASS SLOW OR MALFUNCTIONAING CONNECTIONS.

ROUTERS CAN PROVIDE THE FOLLOWING FUNCTIONS OF A BRIDGE:

 

BROUTERS

A BROUTER COMBINES THE BEST QUALITIES OF BOTH A BRIDGE AND A ROUTER. A BROUTER CAN ACT LIKE A ROUTER FOR ONE PROTOCOL AND BRIDGE ALL OF THE OTHERS.

BROUTERS CAN:

 

GATEWAYS

GATEWAYS MAKE COMMUNICATION POSSIBLE BETWEEN DIFFERENT ARCHITECTURES AND ENVIRONMENTS. THEY REPACKAGE AND CONVERT DATA GOING FROM ONE ENVIRONMENT TO ANOTHER SO THAT EACH ENVIRONMENT CAN UNDERSTAND THE OTHER ENVIRONMENT'S DATA. A GATEWAY REPACKAGES INFORMATION TO MATCH THE REQUIREMENTS OF THE DESTINATION SYSTEM. GATEWAYS CAN CHANGE THE FORMAT OF A MESSAGE SO THAT IT WILL CONFORM TO THE APPLICATION PROGRAM AT THE RECEIVING END OF THE TRANSFER. FOR EXAMPLE, ELECTRONIC MAIL GATEWAYS, SUCH AS THE X.400 GATEWAY, RECEIVE MESSAGES IN A ONE FORMAT, TRANSLATE IT, AND FORWARD IN X.400 FORMAT USED BY THE RECEIVER, AND VICE VERSA.

A GATEWAY LINKS TWO SYSTEMS THAT DO NOT USE THE SAME:

 

 

MULTIPLE PATHS

A BRIDGE CAN ONLY RECOGNIZE ONE PATH BETWEEN NETWORKS. A ROUTER CAN SEARCH AMONG MULTIPLE ACTIVE PATHS AND DETERMINE THE BEST PATH FOR THAT PARTICULAR MOMENT.