Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked devices to obtain information required to operate on an Internet Protocol network.
When a DHCP client is first switched on, it sends a broadcast packet on the network with a DHCP request. If there is a DHCP server exists in the network, this request will be picked up by the DHCP server. The DHCP server will allocate an IP address to the PC, from one of the pools of addresses it managed.
DHCP clients use a broadcast packet to find a DHCP server, so if a client is on one side of a router, and the server on the other, normally these broadcast packets will be filtered out. Many routers today include support for DHCP- forwarding, but it is not enabled by default.
Many system administrators do not realize that DHCP service can be enabled in Cisco devices. In this article, we will show the method on configuring DHCP on a Cisco router.
Friday, March 12, 2010
Thursday, March 11, 2010
Windows Clustering
Clustering is the connection of multiple computers together in such a way that to the outside world, the cluster appears to be a single system. Each computer in a cluster is referred to as a node.
Business suffers when work stops because of critical service is offline. A properly installed and configured cluster provides continued operation during hardware failure, software failure, and/or planned maintenance. Ability to recover from failed server hardware and failed software is the main benefit of clustering.
Windows Server 2003 clustering consists of two different technologies: Server Cluster and Network Load Balancing (NLB). Each of these technologies can be used to provide high availability for different types of services.
Business suffers when work stops because of critical service is offline. A properly installed and configured cluster provides continued operation during hardware failure, software failure, and/or planned maintenance. Ability to recover from failed server hardware and failed software is the main benefit of clustering.
Windows Server 2003 clustering consists of two different technologies: Server Cluster and Network Load Balancing (NLB). Each of these technologies can be used to provide high availability for different types of services.
Wednesday, March 10, 2010
The Fewer Services Your System Runs, The Better
It is only a matter of time before an unsecured system becomes contaminated and losing valuable data. In addition, poorly secured system that is compromised can be used for a number of illegal activities. It was reported that several major Internet sites were disabled by attacks that were launch through the use of thousands of these devices. To enhance security and free system resources on the system we need to disable any services that are not required.
Every running, but unused, service on a machine is an unnecessary security vulnerability. Users may not even be aware that many of these services are running. Whether it is a Windows PC, router, switch, Linux machine or network enables device, the out-of-the-box configurations must be altered to meet the security needs of most businesses with an Internet presence.
Every running, but unused, service on a machine is an unnecessary security vulnerability. Users may not even be aware that many of these services are running. Whether it is a Windows PC, router, switch, Linux machine or network enables device, the out-of-the-box configurations must be altered to meet the security needs of most businesses with an Internet presence.
Monday, November 16, 2009
Using nslookup to verify DNS registration for domain controllers
The nslookup command is a standard command-line tool provided in most DNS service implementations. It offers the ability to perform query testing of DNS servers and obtain detailed responses as the command output. This information is useful in troubleshooting name resolution problems, verifying that resource records (RRs) are added or updated correctly in a zone, and debugging other server-related problems.
When trying to join a Windows 2003 DC using NetBIOS name, you may receive this message: “A domain controller for the domain could not be contacted”. Common issue with this error may due to the DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain.
To verify DNS registration for domain controllers, we may use the nslookup command
On your Command Prompt.
Type:
nslookup
When trying to join a Windows 2003 DC using NetBIOS name, you may receive this message: “A domain controller for the domain could not be contacted”. Common issue with this error may due to the DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain.
To verify DNS registration for domain controllers, we may use the nslookup command
On your Command Prompt.
Type:
nslookup
Friday, August 14, 2009
Disable unnecessary network services for security
Whether it is a Windows PC, router, switches, Linux machine or network enable device, it is recommended to stop unnecessary services that are run by default. Every running, but unused, service on your system is an unnecessary security vulnerability. Users may not even be aware that many of these services are running. Each additional service running on it may be a possible avenue for a network cracker to penetrate the system.
It is important to know the security implication of any network service before enabling it in. For example, if the telnet service is activated, a telnet client running on another device on the network can easily establish a telnet session to the system; it needs only the address of the system and the port or socket number of the network service running on the system. The rule of thumb for TCP and UDP ports is: Turn off any services or listeners that you do not need for your application to function. One way to check the list of ports running on your system is to go to one of the many web sites that can run a remote scan of your system and tell you how secure the system.
It is important to know the security implication of any network service before enabling it in. For example, if the telnet service is activated, a telnet client running on another device on the network can easily establish a telnet session to the system; it needs only the address of the system and the port or socket number of the network service running on the system. The rule of thumb for TCP and UDP ports is: Turn off any services or listeners that you do not need for your application to function. One way to check the list of ports running on your system is to go to one of the many web sites that can run a remote scan of your system and tell you how secure the system.
Saturday, April 25, 2009
Using POP3 not SMTP to retrieve email
The Post Office Protocol version 3 (POP3) as defined in RFC1939 is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. The protocol defines how the server responds to requests sent from an e-mail client.
A POP3 mail server receives e-mails and filters them into the appropriate user folders. The POP3 service makes e-mail messages available for download from a server, enabling a server to host e-mail accounts and provide basic e-mail access. When a user connects to the mail server to retrieve his mail, the messages are downloaded from mail server to the user's hard disk. Virtually all modern e-mail clients and servers support this protocol.
POP3 works over a TCP/IP connection using TCP on network port 110. POP3 listens on this TCP port 110 for connections from e-mail clients, authenticates the client, and manages the connection with the client. The design of POP3 and its procedures supports end-users with intermittent connections (such as dial-up connections), allowing these users to retrieve e-mail when connected and then to view and manipulate the retrieved messages without needing to stay connected. Although most clients have an option to leave mail on server, e-mail clients using POP3 generally connect, retrieve all messages, store them on the user's PC as new messages, delete them from the server, and then disconnect.
A POP3 mail server receives e-mails and filters them into the appropriate user folders. The POP3 service makes e-mail messages available for download from a server, enabling a server to host e-mail accounts and provide basic e-mail access. When a user connects to the mail server to retrieve his mail, the messages are downloaded from mail server to the user's hard disk. Virtually all modern e-mail clients and servers support this protocol.
POP3 works over a TCP/IP connection using TCP on network port 110. POP3 listens on this TCP port 110 for connections from e-mail clients, authenticates the client, and manages the connection with the client. The design of POP3 and its procedures supports end-users with intermittent connections (such as dial-up connections), allowing these users to retrieve e-mail when connected and then to view and manipulate the retrieved messages without needing to stay connected. Although most clients have an option to leave mail on server, e-mail clients using POP3 generally connect, retrieve all messages, store them on the user's PC as new messages, delete them from the server, and then disconnect.
Sunday, March 29, 2009
Trouble shoot domain name issue using nslookup
nslookup is a computer program used in Windows and Unix to query Domain Name System (DNS) servers to find DNS details, including IP addresses of a particular computer, MX records for a domain and the NS servers of a domain. The name nslookup means "name server lookup".
nslookup is also use as a command-line administrative tool for testing and troubleshooting DNS servers. In the very simple usage, if you enter a domain name, you get back the IP address to which it corresponds, and if you enter an IP number, then you get back the domain name to which it corresponds.
There are two modes available in nslookup: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain. Following is an example in using interactive mode of nslookup.
nslookup is also use as a command-line administrative tool for testing and troubleshooting DNS servers. In the very simple usage, if you enter a domain name, you get back the IP address to which it corresponds, and if you enter an IP number, then you get back the domain name to which it corresponds.
There are two modes available in nslookup: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain. Following is an example in using interactive mode of nslookup.
C:\>nslookup
Default Server: dns3.maxonline.com.sg
Address: 202.156.1.58
> ipcnetworking.com
Server: dns3.maxonline.com.sg
Address: 202.156.1.58
Non-authoritative answer:
Name: ipcnetworking.com
Address: 74.220.215.82
Subscribe to:
Posts (Atom)