Archive for September, 2010

Ip Address is a unique address assigned to each computer on a network in order to identify and communicate with each other utilizing the Internet Protocol standard (IP)

Basic Format

A IP address consists of 4 parts (known as Octet), each having three digit ranging from 0 -255 separated by a decimal point.

Example of Valid IP:

10.31.11.25

10.31.11.* (* means all numbers ranging from 0-255 in last octet)

10.31.*.* (* means all numbers ranging from 0-255 in 3rd and 4th octet)

10.31.11.25-155 (25-155 means all number ranging from 25 to 155).

Advertisements

CHKDSK —  Creates and displays a status report for a hard disk and can correct errors on the disk if required. Used without any parameters, CHKDSK simply displays the status of the disk in the current drive. Used with parameters. CHKDSK can locate bad sectors, repair the disk and recover readable information.

To see a status report of the disk, at a command prompt, type, chkdsk and press ENTER. If errors are found, any error message will appear.

To repair errors with the disk, at the command prompt, type chkdsk /f/r and press ENTER. The parameter /f fixes errors on the disk, /r locates bad sectors and recovers readable information. If  you receive a message that chkdsk cannot run because the volume is in use by another process, this probably means that you are trying to fix errors  on the disk that you are currently using. You cannot do that but the computer can repair errors at startup, and you should schedule an autostart in the bootup.

There are several advanced Command Line tools, created and intended  for Network Administrators and advanced users, If interested, try with this command line prompts;

> Bootcfg — Use this command to configure, query or change the boot.ini file settings. Be careful about making changes here !!

>Gpresult — Use this command to test group policy and obtain general information about the operating system, the user and the computer including the build number and the service pack details, user name, domain name, profile type, security privileges, disk quota information and the last time the policy was applied.

>Recover — Use this command to recover readable information from a bad or defective disk.

> Schtasks — Use this command to schedule programs to run at a specific time or at specified intervals.

To see a complete list of available commands for Windows XP including the latest editions, check the Command Line Reference.

Understanding Wi-Fi

Posted: September 20, 2010 in Wi-Fi
Tags:


The most common wireless networking technology is wireless fidelity, which is almost always shortened to Wi-Fi, and the generic Institute of Electrical and Electronics Engineers (IEEE) designation for this wireless networking

standard is 802.11. There are four main types—802.11a, 802.11b, 802.11g, and 802.11n—each of which has its own range and speed limits.

802.11b

The original 802.11 standard was published by the IEEE in 1997, but few people took it seriously because it was hobbled by a maximum transmission rate of just 2Mbps. By 1999, the IEEE had worked out not one but two new standards:

802.11a and 802.11b. The 802.11b standard became the more popular of the two. 802.11b upped the Wi-Fi data transmission rate to 11Mbps, which is just a bit faster than 10BASE-T, the original Ethernet standard, which has a maximum rate of 10Mbps. The indoor range of 802.11b is about 115 feet. 802.11b operates on the 2.4GHz radio frequency, which is an unregulated frequency often used by other consumer products such as microwave ovens, cordless telephones, and baby monitors. This keeps the price of 802.11b hardware down, but it can also cause interference problems when you attempt to access the network near another device that’s using the 2.4GHz frequency.

802.11a

The 802.11a standard was released at around the same time as the 802.11b standard. There are two key differences between these standards: 802.11a has a maximum transmission rate of 54Mbps, and it operates using the regulated 5.0GHz radio frequency band. This higher frequency band means that 802.11a devices don’t have the same interference problems as 802.11b devices, but it also means that 802.11a hardware is more expensive, offers a shorter range (about 75 feet), and has trouble penetrating solid surfaces such as walls. So, despite its impressive transmission speed, 802.11a just had too many negative factors against it, and 802.11b won the hearts of consumers and became the first true wireless networking standard.

802.11g

During the battle between 802.11a and 802.11b, it became clear that consumers and small businesses really wanted the best of both worlds. That is, they wanted a WLAN technology that was as fast and as interference free as 802.11a, but had the longer range and cheaper cost of 802.11b. Alas, “the best of both worlds” is a state

rarely achieved in the real world. However, the IEEE came close when it introduced the next version of the wireless networking standard in 2003: 802.11g. Like its 802.11a predecessor, 802.11g has a theoretical

maximum transmission rate of 54Mbps, and like 802.11b, 802.11g boasted an indoor range of about 115 feet and was cheap to manufacture. That cheapness came from its use of the 2.4GHz RF band, which means that 802.11g devices can suffer from interference from other nearby consumer devices that use the same frequency.

Despite the possibility of interference, 802.11g quickly became the most popular of the Wi-Fi standards, and almost all WLAN devices sold today support 802.11g.

802.11n

The IEEE is has a new wireless standard called 802.11n. 802.11n implements a technology called multiple-input multiple-output (MIMO) that uses multiple transmitters and receivers in each device. This enables multiple data streams on a single device, which will greatly improve WLAN performance. For example, using three transmitters and two receivers (the standard configuration), 802.11n promises a theoretical transmission speed of up to 248Mbps. It’s still not Gigabit Ethernet, but 802.11n devices could finally enable us to stream high-quality video over a wireless connection. 802.11n also promises to double the wireless range to about 230 feet. These are all impressive numbers, to be sure, and even if the real-world results are considerably less, it appears as though 802.11n devices will be about five times faster than 802.11g devices, and will offer about twice the range.


From a distance, crossover cables look identical to regular network cables. To help you identify them,

many crossover cables come with a label such as “CROSS” taped to them. If you don’t see such a label, I suggest you add your own so that you can keep the two types of cable separate. If you didn’t do that and now you’re not sure which of your cables is a crossover, there’s a way to tell. Take the connectors on each end of the cable and place them side by side so that you have a good view of the colour wires inside. (A clear plastic covering helps here.) Make sure you hold the connectors

with the same orientation (it’s usually best to have the plastic tabs facing down). If the layout of the wires is identical on both connectors, then you’ve got a regular network cable. If you see, instead, that two of the wires—specifically, the red and the green— have switched positions, then you’ve got a crossover cable.

Steps to enable BitLocker on your computer:

  1. Click Start Control Panel Security BitLocker Drive Encryption.
  2. If the User Account Control dialog box appears, verify that the proposed action is what you requested, and then click Continue.
  3. From the BitLocker Drive Encryption screen, click Turn On BitLocker on the Windows OS volume. If your TPM is not initialized, you will see the Initialize TPM Security Hardware Wizard. Follow the directions to switch on the TPM and reboot your computer. Once the TPM is initialized, click Turn On BitLocker on the system volume again.
  4. In the Save the recovery password dialog box, you will see the following options:
  • Save the password on a USB drive. Saves the password to a removable drive.
  • Save the password in a folder. Saves the password to a network drive or other location.
  • Print the password. Prints the password.
  1. Choose any of these options to preserve the recovery password.
  2. From the “Encrypt the selected disk volume” dialog box, confirm the Run BitLocker System check box is checked and click Continue.
  3. Confirm you want to reboot the computer by clicking Restart Now. The computer reboots and BitLocker ensures that the computer is BitLocker-compatible and ready for encryption. If it is not, you will see an error message alerting you to the problem before encryption starts.
  4. If it is ready for encryption, the Encryption in Progress status bar is displayed. You can monitor the ongoing completion status of the disk volume encryption by dragging your mouse cursor over the BitLocker Drive Encryption icon in the toolbar at the bottom of your screen.


BitLocker contains four main components: a single Microsoft TPM driver, an API called TPM Base Services (TBS), BitLocker Drive Encryption, and a WMI provider.

Like most hardware, a TPM chip needs a driver to expose its functionality to the operating system and, ultimately, to applications. By including the Microsoft TPM driver within Windows Vista, we gain increased stability and can more easily leverage the TPM’s security features. To use a TPM with BitLocker, you must allow Vista to use the Microsoft driver. The Microsoft driver works with TPM chips that are at version 1.2 or newer.

TPM Base Services (TBS) is an application programming interface (API) that allows applications to access the services provided by a TPM. In this aspect, even though it is part of the Windows operating system, BitLocker is an “application” that uses TBS. The advantage of this architecture is that other applications could also make use of the TPM. After Vista is in the marketplace for a while, I believe we will see other security applications that call on TBS. TBS also allows the TPM to be managed within Windows Vista from the TPM Management Console, instead of forcing users to navigate through endless BIOS screens.

BitLocker Drive Encryption, itself, is the OS component that encrypts and decrypts data on the volume, and uses the TPM to validate the pre-OS boot components. BitLocker has a number of options that can change its default behaviour, many of which are exposed through Group Policy settings.

BitLocker is also totally scriptable and manageable. In addition to Group Policy options, BitLocker and TBS both include Windows Management Interface (WMI) providers. WMI is the Windows implementation of Web-Based Enterprise Management (WBEM), so any WBEM console can also be used with BitLocker. More usefully, though, this WMI interface allows BitLocker to be scripted, and Vista includes a scripted utility called manage-bde.wsf, which allows you to configure and control BitLocker from the command line or a batch file, either locally or remotely.

It is also worth noting here, even though we talk about it in more detail later in the chapter, BitLocker integrates with Active Directory Domain Services to store TPM and BitLocker information that can be used for recovery.


Outlook Anywhere uses the HTTP protocol to encapsulate RPC information for sending

between the Outlook client (version 2003 and 2007) and the Exchange Server 2010 server. For

this service to run properly the RPC over HTTP Proxy service has to be installed on the Client

Access Server. This can be achieved either by adding this as a feature via the Server Manager,

or by entering the following command on a PowerShell Command Prompt:

ServerManagerCmd.exe -i RPC-over-HTTP-proxy

When the RPC over HTTP Proxy is installed use the following steps

to configure Outlook Anywhere:

1. Open the Exchange Management Console;

2. In the navigation pane, expand “Microsoft Exchange On-Premises”;

3. In the navigation pane, expand “Server Configuration”;

4. Click on “Client Access” and select your Client Access Server;

5. In the Actions pane, click on “Enable Outlook Anywhere”.

6. On the Enable Outlook Anywhere page enter the External host name. Make sure that

this name is also available in the certificate you created on the previous Paragraph. Select

the authentication methods used by clients, i.e. Basic Authentication or NTLM authentication.

For now leave these settings on default and click Enable to continue;

7. This will activate the Outlook Anywhere service on this service, and it may take up to 15

minutes before the service is actually useable on the Client Access Server. Click Finish to

close the wizard


Exchange Server 2010 cannot send out SMTP messages to the Internet by default. To achieve

this you’ll need to create an SMTP connector, which is a connector between one or more

Hub Transport Server and the Internet. Since this information is stored in Active Directory,

all Hub Transport Servers in the organization know of its existence and know how to route

messages via the SMTP connector to the Internet.

To create an SMTP connector to the Internet, follow these steps:

1. Logon to the Exchange Server 2010 server using a domain administrator account, and

open the Exchange Management Console;

2. Expand “Microsoft Exchange On-Premises” and then expand the Organization

Configuration.

3. Click on the Hub Transport, and then click on the “Send Connectors” tab in the middle

pane;

4. In the Actions Pane click on “New Send Connector”;

5. On the Introduction page enter a friendly name, “Internet Connector” for example,

and in the “Select the intended use for this Send connector” drop-down box select the

Internet option. Click Next to continue;

6. On the Address Space page, click on the Add button to add an address space for the

Internet Connector. In the address field enter an asterisk *, leave the cost on default and

click OK. Click Next to continue;

7. On the Network settings page you can select if the Send Connector will use its own

network DNS settings to route E-mail to other organizations, or to use a smart host.

Change this according to your own environment and click Next to continue;

8. On the source server page you can choose multiple source servers for the Send

Connector. You can compare this to Bridgehead Servers in Exchange Server 2003. When

you enter multiple Hub Transport Servers, the Exchange organization will automatically

load balance the SMTP traffic between the Hub Transport Servers. Since we have only

one Hub Transport Server installed we can leave this as default. Click Next to continue;

9. Check the Configuration Summary, and if everything is ok click on New to create the

Send Connector;

10. On the Completion page click Finish.

You have now created a Send Connector that routes messages from the internal Exchange

Server 2010 organization to the Internet.


Exchange recipients clearly need an email address for receiving email. For receiving email

from the Internet, recipients need an email address that corresponds to an accepted domain.

Recipients are either assigned an email address using an Email Address Policy, or it is also

possible to manually assign e-mail addresses to recipients.

To configure Email Address Policies follow these steps:

1. Logon to an Exchange Server 2010 server with domain administrator credentials and

open the Exchange Management Console;

2. Expand the “Microsoft Exchange On-Premises”;

3. Expand the Organization Configuration;

4. Click on Hub Transport in the left pane;

5. In the middle pane there are eight tabs, click on the on labelled E-Mail Address Policies;

6. There will be one default policy that will be applied to all recipients in your organization.

For now the default policy will be changed so that recipients will have the E-mail address

corresponding to your Accepted Domain. Click on New E-mail Address policy to create a

new policy;

7. On the Introduction page enter a new Friendly Name. Click the Browse button to select

a container or Organizational Unit in Active Directory where you want to apply the

filter. Select the Users container. Click Next to continue;

8. On the Conditions page you can select conditions on how the recipients in the container

will be queried, for example on State, Province, Department, Company etc. Do not select

anything for this demonstration, and click Next to continue;

9. On the E-mail Addresses tab click the Add button, the SMTP E-mail Address pop-up

will be shown. Leave the local part default (Use Alias) and select the “Select the accepted

domain for the e-mail address” option and click Browse;

10. Select the Accepted Domain you entered earlier , click OK twice and

click Next to continue;

11. On the Schedule page you have the option to apply the policy immediately or schedule

a deploy during, for example, non-office hours. This is useful when you have to change

thousands of recipients. For now leave it on Immediately and click Next to continue;

12. Review the settings, and if everything is ok then click New to create the policy and apply

it immediately;

13. When finished successfully click the Finish button.

You can check the E-mail address on a recipient through the EMC to confirm your policy

has been correctly applied. Expand the Recipient Configuration in the left pane of the

Exchange Management Console and click on ‘Mailbox’. In the middle pane a list of recipients

should show up, although right after installation only an administrator mailbox should be

visible. Double click on the mailbox and select the E-mail Addresses tab. The Administrator@

yourdomain.com should be the primary SMTP address.