Archive for the ‘System Information’ Category

Windows Server 2008 Auditing Overview

Posted: June 21, 2011 in Active Directory, Server, Server 2008, System Information
Tags: , ,
0

Windows Server 2008 provides several categories of events that you can audit, as described in the following list:

 

■ Account Logon Events:  Track user logon and logoff via a user account.

■ Account Management:  Track when a user account or group is created, changed, or

deleted; a user account is renamed, enabled, or disabled; or a password is set or changed.

■ Directory Service Access:  Track access to Active Directory.

■ Logon Events:  Track nonlocal authentication events such as network use of a resource or a remote

service that is logging on by using the local system account.

■ Object Access:  Track when objects are accessed and the type of access performed—for example,

track use of a folder, file, or printer. Configure auditing of specific events through the object’s

properties (such as the Security tab for a folder or file).

■ Policy Change:  Track changes to user rights or audit policies.

■ Privilege Use:  Track when a user exercises a right other than those associated with logon and

logoff.

■ Process Tracking:  Track events related to process execution, such as program execution.

■ System Events:  Track system events such as restart, startup, shutdown, or events that affect

system security or the security log.

Securing remote registry access

Posted: June 21, 2011 in Bios, Registry, Server, Server 2008, System Information
Tags: ,
0

A good security step to take to prevent hackers and others from making unauthorized changes to a system’s registry is to prevent remote access to a system’s registry. When a user attempts to connect to a registry remotely, Windows Server 2008 checks the ACL for the following registry key:

 

HKLM\System\ControlSet001\Control\SecurePipeServers\winreg

 

If this key is missing, all users can access the registry subject to the permissions assigned to individual keys. If the key exists, Windows Server 2008 checks the permissions on the key to determine whether or not the remote user can gain access to the registry (and levels of access). Individual keys then determine what these remote users can do with a given key. Therefore, winreg is the first line of defense, and individual key ACLs are the second line of defense. If you want to prevent all remote access to the registry, make sure you set the permissions on the winreg key accordingly.

Data Source Name – DSNs

Posted: June 17, 2011 in Active Directory, Server 2008, System Information
Tags: , ,
0


You make data sources available to clients by creating a Data Source Name (DSN). Three types of DSNs exist:

 

> User.                    A user DSN is visible only to the user who is logged on when the DSN is created.

> System.              A system DSN is visible to all local services on a computer and all users who log on locally to the                                                       computer.

> File.                     A file DSN can be shared by all users who have the same drivers installed and who

have the necessary permissions to access the DSN. Unlike user and system DSNs, file

DSNs are stored in text files, rather than the registry.

 

The DSN identifies the data source, the driver associated with a data source, and other properties that define the interaction between the client and the data source, such as timeout, read-only mode, and so on. You use the same process to create a DSN for most database types. The exception is SQL Server, which provides a wizard for setting up a data source.

 

Defining a data source

To create a data source, you first open the ODBC Data Source Administrator. To do so, click Start _ All Programs _ Administrative Tools _ Data Sources (ODBC). In the ODBC Data Source Administrator, click the tab for the DSN type you want to create and then click Add. Select the desired data source type and click Finish. Except in the case of the SQL Server driver, ODBC prompts you for information, which varies according to the driver selected. Define settings as desired and click OK to create the DSN.

Important Telephone- and VoIP-Related Terms

Posted: June 3, 2011 in Internet, Internet Protocol, System Information
Tags: ,
0

Before delving into VoIP configurations, a brief introduction with terminology is necessary:

 

  • Public Switched Telephone Network (PSTN) —PSTN is the world’s collection of interconnected public voice telephone networks. It is also known as the Plain Old Telephone Service (POTS). It is set up and managed by the government and commercial organizations. It has evolved from the early days of Alexander Graham Bell to mostly digital, circuit-switched telephone network.
  • Private branch exchange (PBX) —This is a device located within an organization that routes telephone calls to internal extensions or to the PSTN. It provides additional features such as voicemail and call-forwarding. A PBX is less expensive than connecting an external line to every telephone. Numbers within the PBX (internal numbers) can be dialed using the last few numbers of the entire phone number and without going through the PSTN. A PBX usually has more than 125 ports.
  • Key telephone system —This is used like a PBX in small offices where far fewer phones are required. Each key telephone system supports up to a hundred ports.
  • Software IP phones —These consist of a headset that plugs into the USB or serial interface of a PC. The PC needs client software that supports IP telephony.
  • Hardware IP phones —These look like regular telephone sets, but they are plugged into a LAN switch. Most IP phones get power from the switch (power over Ethernet or PoE) and encapsulate voice data into IP frames for transmission over the LAN.
  • H.323—This was approved by the International Telecommunications Union (ITU) in 1996 as a standard for multimedia and audiovisual transmission across disparate networks. In 1998, it was followed by version 2. It also includes several functions such as bandwidth management, call control, multimedia management, and interoperability between different network types. H.323 has come to be the most popular protocol for VoIP.
  • Session initiation protocol (SIP)—SIP is IETF’s standard for multimedia communication over IP networks. It is an application-layer control protocol that initiates, manages, and terminates calls between two or more terminals. It is picking up as an alternative to H.323.

System Area Networks (SANs)

Posted: June 3, 2011 in Networking, System Information
Tags:
0

 

System area networks (SANs) represent an area of computer architecture that has evolved quickly. The term SAN in this section refers to “system” (not “storage”) area networks. After various competing standardization efforts starting in the late 1990s, the state of the SAN field became temporarily unclear. However, the technology has emerged with a richer set of

features that promise to impact the server and clustering arena.

 

A SAN uses high-speed connections to attach high-performance computers in a cluster configuration. The configuration delivers very high bandwidth of 1+ GB/sec with very low latency. They are switched, with a typical hub What’s Next 579 supporting 4 to 8 nodes. Larger SANs are built with cascading hubs with cable length limitations that vary from a few meters to a few kilometers.

 

Interconnections in a SAN differ from other existing high-performance media (such as gigabit Ethernet and ATM) in several ways. SAN adapters implement reliable transport services that are similar to TCP or SPX, but directly in hardware. SANs have very low error rates. SANs are often made highly available by deploying redundant interconnect fabrics.

 

SANs provide bulk data transfer through a remote direct memory access (RDMA) mechanism. The performance within a SAN resembles more that of a memory subsystem than a traditional network (such as an Ethernet LAN). The initiator specifies a buffer on the local system and a buffer on the remote system. Data is then transferred directly between the local and remote systems by the network adapters without involving either of the host CPUs. Both read and write operations are supported in this manner.

 

 

Subnet Masks

Posted: June 1, 2011 in Internet Protocol, Networking, System Information
Tags: ,
0

Subnetting is a technique of dividing a full Class A, B, or C network into smaller networks. It defines how 1 or more bits are taken from the host portion and added to the network portion. Following are the advantages of this technique:

 

  •  Saves IP addresses —Avoids the need to assign an entire IP range within a network to one location.
  •  Simplifies network management—Smaller, independent subnets can be created by routers. Internal networks can be restructured without impacting DMZ or external networks.
  •  Reduces network traffic —Links with high network traffic can be isolated to a subnet. Examples are NFS and backup subnets. NFS client (such as a filer) interfaces can be on a one subnet and backup server and dedicated client NICs on another.
  •  Improves security —It is easy to keep DMZ and front-facing networks separated from internal networks.

 

Subnetting requires taking a bit from the host portion and giving it to the network portion. The more bits we steal from host portion, the more the number of subnets. But more subnets come at the expense of IPs that would otherwise be used for hosts. Each new subnet requires two IP addresses: one for the network ID and the other for its broadcast ID.

Hubs versus Switches

Posted: June 1, 2011 in Cables, Networking, Switch, System Basics, System Information
Tags: ,
0

Hubs and switches are similar in many ways. Both contain connection ports into which twisted-pair RJ-45 connectors (similar to phone RJ-11 jacks) plug. They can be administered remotely. Either can be used to create a LAN, and they funnel messages to the network backbones.

 

There are salient differences between hubs and switches, however:

 

  • Shared or dedicated bandwidth —The main distinction is how they operate. Hosts in a hub-based network share the full bandwidth, but a switch is capable of creating independent full-speed connections for any two devices on the LAN that must communicate. Each connection operates at the full switch bandwidth.
  • How they handle signals —A hub acts like a repeater. It takes an incoming frame and retransmits it to all other attached hosts. Each hub port has a single host connected to it. Hubs are dumb devices and cannot learn. Switches examine incoming frames and immediately transmit them to one or more other ports. This process is very fast. Each switch port can have a single host or a LAN segment connected to it. Switches learn media access control (MAC) addresses and build a contentaddressable memory (CAM) table.
  •  Cost —Switches are more expensive than hubs for the same number of ports because they have more powerful hardware and software capabilities. Switches have more memory, a CPU, and a complete suite of software tools to manage them. Hubs have a trimmed-down version of the firmware code.

 

Like switches, bridges are also layer 2 devices. They learn MAC addresses, filter and forward frames, and can be used to segment LANs. However, they usually have 16 or fewer ports. Much of the functionality of bridges has been moved to routers.

 

Just as routers have replaced bridges at layer 3, switches (as their cost continues to fall) may eventually replace hubs at layer 2, but that has not happened yet. Hubs, it must be pointed out, have become smarter, less expensive, and easier to set up and manage. As more and more LANs are being set up, network managers continue to deploy hubs as an easy and inexpensive way to connect printers, low-traffic servers, PCs, and management consoles. The number of installed hubs is increasing mainly because of cost and simplicity.

Smart Card Deployment Considerations

Posted: June 1, 2011 in Active Directory, Server, Server 2003, System Information
Tags: , ,
0

Smart card logon is supported for Windows 2000 and Windows Server 2003. To implement smart cards, you must deploy an enterprise certification authority rather than a stand-alone or third-party certification authority to support smart card logon to Windows Server 2003 domains. Windows Server 2003 supports industry standard Personal Computer/Smart Card (PC/SC)–compliant smart cards and readers and provides drivers for commercially available plug and play smart card readers. Windows Server 2003 does not support non-PC/SC-compliant or non–plug and play smart card readers. Some manufacturers might provide drivers for non–plug and play smart card readers that work with Windows Server 2003; however, it is recommended that you purchase only plug and play PC/SC-compliant smart card readers.

The cost of administering a smart card program depends on several factors, including:

■ The number of users enrolled in the smart card program and their location.

■ Your organization’s practices for issuing smart cards to users, including the requirements for verifying user identities. For example, will you require users to simply present a valid personal identification card or will you require a back-ground investigation? Your policies affect the level of security provided as well as the actual cost.

■ Your organization’s practices for users who lose or misplace their smart cards. For example, will you issue temporary smart cards, authorize temporary alternate logon to the network, or make users go home to retrieve their smart cards? Your policies affect how much worker time is lost and how much help desk support is needed.

Your smart card authentication strategy must describe the network logon and authentication methods you use, including:

■ Identify network logon and authentication strategies you want to deploy.

■ Describe smart card deployment considerations and issues.

■ Describe PKI certificate services required to support smart cards.

In addition to smart cards, third-party vendors offer a variety of security products to provide two-factor authentication, such as “security tokens” and biometric accessories. These accessories use extensible features of the Windows Server 2003 graphical logon user interface to provide alternate methods of user authentication.

Shutdown Event Tracker

Posted: March 29, 2011 in Active Directory, System Information, System Modifications, System Tricks
Tags: , ,
0

You have probably noticed that Windows Server 2003 has a new feature that requests a shutdown reason each time you restart the server. This feature is called the Shutdown Event Tracker.

You might choose to disable this feature to avoid the hassle of typing in a reason each time you restart.

To disable this feature, you can perform the following steps:

1. Click Start, click Run, and type gpedit.msc and press Enter.

2. Expand the Computer Configuration and then Administrative Templates objects. Click on the System object. In the right-hand pane you’ll see several settings appear.

3. Locate and double-click that Display Shutdown Event Tracker setting. The Display Shutdown Event Tracker Properties dialog box opens.

4. Click the Disabled radio button to disable the Shutdown Event Tracker. Click OK. Close the Group Policy Editor console. Now when you shut down this server, you won’t be asked to enter a reason.

 

← Back

Thank you for your response. ✨

Active Directory Naming and LDAP

Posted: March 4, 2011 in Active Directory, Exchange Server, Server 2003, Server 2008, System Information
Tags: , ,
1

 

The LDAP is a standardized protocol used by clients to look up information in a directory. An LDAP-aware directory service (such as Active Directory) indexes all the attributes of all the objects stored in the directory and publishes them. LDAP-aware clients can query the server in a wide variety of ways.

 

Every object in Active Directory is an instance of a class defined in the Active Directory

schema. Each class has attributes that ensure unique identification of every object in

the directory. To accomplish this, Active Directory relies on a naming convention that

lets objects be stored logically and accessed by clients by a standardized method. Both

users and applications are affected by the naming conventions that a directory uses. To

locate a network resource, you’ll need to know its name or one of its properties. Active

Directory supports several types of names for the different formats that can access

Active Directory.

 

These names include:

■ Relative Distinguished Names

■ Distinguished Names

■ User Principal Names

■ Canonical Names

 

Older Entries
Newer Entries