Monday, December 26, 2011

Four Reasons to Upgrade Your DNS Server to Windows Server 2008 R2

Several new features included in the Windows Server 2008 R2 server and Windows 7 DNS client that increase the security and performance of your DNS infrastructure.

By: Deb Shinder

Introduction

DNS is the backbone of network communications. Without DNS you would be forced to memorize the IP addresses of all the clients and servers on your network. That might have been something you could have done in 1985, but it’s really not realistic as we enter into the second decade of the 21st century. And DNS is going to be even more important as we slowly transition from IPv4 to IPv6. While some talented administrators could realistically remember the dotted quad addresses for dozens or maybe even hundreds of servers, that just isn’t going to happen with IPv6; where the IP addresses are 128bit hexadecimal numbers. IPv6 is going to bring DNS back to the forefront of your awareness.

Saturday, December 24, 2011

Using Advanced Group Policy Management to Protect your GPOs

The new Advanced Group Policy Management (AGPM) tool from Microsoft.

Most companies today are utilizing Group Policy to control almost every aspect and area of their desktop environment. In some cases, Group Policy is also being utilized to control servers. With such a heavy reliance on Group Policy, every effort possible should be made to protect the Group Policy Objects that are performing these configurations. The new Advanced Group Policy Management (AGPM) tool from Microsoft can help with this and more.

Proxy Servers Tutorial - About Proxy Servers

Introduction to Proxy Servers

Some home networks, corporate intranets, and Internet Service Providers (ISPs) use proxy servers (also known as proxies). Proxy servers act as a "middleman" or broker between the two ends of a client/server network connection. Proxy servers work with Web browsers and servers, or other applications, by supporting underlying network protocols like HTTP.

Proxy Servers and Browsers

Proxy servers work with specific networking protocols. Obviously HTTP will be the most critical one to configure for Web page access, but browsers also utilize these other protocols:

S-HTTP (also called "Secure" or "Security" in the browser)
FTP
SOCKS
Gopher
WAIS

S-HTTP

Proxy Servers and Microsoft Internet Explorer

To take advantage of a proxy server's capabilities, Web browsers like Internet Explorer (IE) must be configured to explicitly use it. In many proxied environments, the client computers do not have direct Internet access, and browsers generally are not configured to use proxies "out of the box." Clients will be unable to access public Web sites in this scenario until proxy settings have been correctly made.

Monday, December 19, 2011

DNS Design Guidelines

Split-Brain DNS

Executive Summary:Split-brain DNS is a Domain Name System (DNS) configuration method that enables proper name resolution of local resources from both inside and outside of your local network. Use split-brain DNS when your edge router or firewall is configured to drop packets when it sees one of its connected networks trying to send information to itself. You configure a new primary DNS zone with the New Zone Wizard to set up split-brain DNS.

Sunday, December 18, 2011

50 Web Directories You Can Submit Your Website To

Back in the day if you wanted your website or blog to get indexed fast by the search engines, you would submit it to website directories. Are they still worth submitting to today? For the most part yes. Submitting your site to website directories can still be an effective way at building back links that’ll help you rank higher in search results and should be part of your overall SEO strategy. This is especially true for new websites and blogs were getting back links from other webmasters can be difficult. Below I’ve put together a list of 50 website directories that are SEO friendly. These are all general web directories, meaning that they don’t cater to any one particular niche, location or audience. Hope this list helps, please stumble or digg it if it does. Also let me know of any of the directories listed below don’t work or are no longer aweb directory so I can keep this list up to date.

Sunday, December 11, 2011

Configure Windows 2008 Core server with a GUI

Windows Server Core is a stripped down version of 2008. It has no explorer, and most GUI functionality is removed.

A great solution when you don’t want any extra software running on a production server.

Soo much is missing that it can get frustrating when you just want to make a few changes before you put the server into production.

Saturday, December 10, 2011

Improving Network Performance

So-called speed tests measure the bandwidth of an Internet connection. You can employ various tweaks on a computer and home network to increase their overall performance. Other tools and techniques also exist for improving performance of specific applications.

Friday, December 9, 2011

How do I know if my computer has been hacked?

How do I know if my computer has been hacked?

Dec,09,2011

Most computer problems are not caused by computer hackers, it is more common for a computer to be hijacked then hacked. It can be difficult to detect a hacker on a computer because generally nothing changes to help disguise the hack. Below are the most common things that change after a computer is hacked.

Wednesday, December 7, 2011

Internet Safety: How do I keep my computer safe on the internet?

Internet Safety: How do I keep my computer safe on the internet?

Dec,08,2011 by Leo A. Notenboom

Internet Safety is difficult. yet critical. Here are the seven key steps to internet safety - steps to keep your computer safe on the internet.

Viruses & Spyware & Worms ... oh my!

These days "Internet Safety" almost seems like an oxymoron.

It seems like not a day goes by where we don't hear about some new kind of threat aimed at wreaking havoc across machines connected to the internet.

How can I tell if my computer is being hacked?

How can I tell if my computer is being hacked?

Dec,08,2011

Unfortunately, it's extremely difficult for an average user to tell if a hack is in progress. I'll touch on a few ways and discuss prevention as best.

by Leo A. Notenboom

How can I tell if my computer is being hacked?

You can't.

Oh, there are some clues which you might look for, and I'll review a few of those, but ultimately, there's no way for the average computer user to know with absolute certainty that a hacker's not in the process of weaseling in, or that they haven't already.

Perhaps now you understand why I talk so much about prevention.

How to Delete Undeletable Files in Windows

How to Delete Undeletable Files in Windows

Dec,07.2011

Many times when trying to remove an unwanted program, especially a piece of adware or spyware, you may run across a file that is undeletable by any normal method. When you try to remove it you'll receive the error message shown below telling you "access denied" and explaining the file may be in use. You may also receive one of the following messages.

Cannot delete file: Access is denied
There has been a sharing violation.
The source or destination file may be in use.
The file is in use by another program or user.
Make sure the disk is not full or write-protected and that the file is not currently in use.
So if the file is in use, how do you delete it?
I'll show you several ways of removing these types of files and even some freeware programs that help you remove these pesky undeletable files.

Top tips to keep your system faster

Top tips to keep your system faster

Dec,07,2011

These tips will definitely help you make your PC much faster and more reliable!

Wallpapers: They slow your whole system down, so if you're willing to compromise, have a basic plain one instead!
Drivers: Update your hardware drivers as frequently as possible. New drivers tend to increase system speed especially in the case of graphics cards, their drivers are updated by the manufacturer very frequently!

Minimizing: If you want to use several programs at the same time then minimize those you are not using. This helps reduce the overload on RAM.

Monday, December 5, 2011

VPN servers and firewall configuration

VPN servers and firewall configuration

There are two approaches to using a firewall with a VPN server:

VPN server in front of the firewall. The VPN server is attached to the Internet, and the firewall is between the VPN server and the intranet.

VPN server behind the firewall. The firewall is attached to the Internet, and the VPN server is between the firewall and the intranet.

A dial-up router-to-router VPN connection

A dial-up router-to-router VPN connection

A router-to-router VPN connection is typically used to connect remote offices together when both routers are connected to the Internet through permanent WAN links, such as T1 or Frame Relay. In this configuration, the VPN connection is always available. However, when a permanent WAN link is not possible or practical, you can configure a dial-up router-to-router VPN connection.

Properties of VPN connections

Properties of VPN connections

VPN connections that use PPTP and L2TP/IPSec have the following properties:

Encapsulation

Authentication

Data encryption

Encapsulation

With VPN technology, private data is encapsulated with a header that provides routing information, which allows the data to traverse the transit internetwork. For examples of encapsulation, see Understanding VPN Tunneling Protocols.

Components of virtual private networks

Components of virtual private networks

A VPN connection includes the following components:

VPN server

A computer that accepts VPN connections from VPN clients.

VPN client

A computer that initiates a VPN connection to a VPN server. A VPN client can be an individual computer or a router.

Sunday, December 4, 2011

Layer Two Tunneling Protocol

Layer Two Tunneling Protocol

Layer Two Tunneling Protocol (L2TP) is an RFC-based tunneling protocol that is an industry standard and was first supported in the Windows 2000 client and server operating systems. Unlike PPTP, L2TP in servers running Windows Server 2003 does not utilize Microsoft Point-to-Point Encryption (MPPE) to encrypt Point-to-Point Protocol (PPP) datagrams. L2TP relies on Internet Protocol security (IPSec) for encryption services. The combination of L2TP and IPSec is known as L2TP/IPSec. L2TP/IPSec provides the primary virtual private network (VPN) services of encapsulation and encryption of private data.

Internet-based VPNs

Types of virtual private networks

You can use VPN connections whenever you need a secure point-to-point connection to connect users or networks. Typical VPN connections are either Internet-based or intranet-based. This section covers:

Internet-based VPNs

By using an Internet-based VPN connection, you can avoid long-distance and 1-800 telephone charges while taking advantage of the global availability of the Internet.

Remote access over the Internet

Rather than making a long distance or 1-800 call to a corporate or outsourced network access server (NAS), a remote access client can call a local ISP. By using the established physical connection to the local ISP,

Saturday, December 3, 2011

Remote access VPN connection

Remote access VPN connection

A remote access client (a single user computer) makes a remote access VPN connection that connects to a private network. The VPN server provides access to the entire network to which the VPN server is attached. The packets sent from the remote client across the VPN connection originate at the remote access client computer.

Router-to-router VPN connection

Router-to-router VPN connection

A router makes a router-to-router VPN connection that connects two portions of a private network. The VPN server provides a routed connection to the network to which the VPN server is attached. On a router-to-router VPN connection, the packets sent from either router across the VPN connection typically do not originate at the routers.

Point-to-Point Tunneling Protocol

Point-to-Point Tunneling Protocol

Point-to-Point Tunneling Protocol (PPTP) is a tunneling protocol first supported in Windows NT 4.0 and Windows 98. PPTP is an extension of Point-to-Point Protocol (PPP) and leverages the authentication, compression, and encryption mechanisms of PPP. Client support for PPTP is built-in to the Windows XP remote access client.

New features for virtual private networks

The Microsoft® Windows® Server 2003 family provides the following new features for virtual private networks (VPNs):

Network address translation (NAT) transparency

VPN servers running Windows Server 2003 support Layer Two Tunneling Protocol over Internet Protocol security (L2TP/IPSec) traffic that originates from VPN clients behind NATs. For this feature to function properly, the client computer must support the following IPSec Protocol Working Group Internet drafts:

Security issues for VPN

Security information for VPN

It is important to follow best practices for security when using VPN servers on your network. For more information, see Best practices for security.

If your VPN servers are configured as Remote Authentication Dial-In User Service (RADIUS) clients, see Security information for IAS.

Introduction to virtual private networks

Virtual private networks

A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. With a VPN, you can send data between two computers across a shared or public network in a manner that emulates a point-to-point private link. Virtual private networking is the act of creating and configuring a virtual private network.

Friday, December 2, 2011

Wired vs Wireless Networking

Wired vs Wireless Networking

Computer networks for the home and small business can be built using either wired or wireless technology. Wired Ethernet has been the traditional choice in homes, but Wi-Fi wireless technologies are gaining ground fast. Both wired and wireless can claim advantages over the other; both represent viable options for home and other local area networks (LANs).

Hybrid Ethernet Router / Wireless Access Point Network Diagram

Hybrid Ethernet Router / Wireless Access Point Network Diagram

This diagram illustrates use of a hybrid wired network router / wireless access point home network. See below for a detailed description of this layout.

Key Considerations - Most (but not all) wired network routers allow up to four devices to be connected via Ethernet cable.

Wednesday, November 30, 2011

Fundamentals of Backup

Determining a Backup Strategy :

After selecting the files to back up and specifying the backup destination, there is at least one more critical choice to make. Click Start Backup, then click Advanced, and the Advanced Backup Options dialog box appears, allowing you to specify the backup type. The backup type determines which of your selected files is in fact transferred to the destination media.

Sunday, November 27, 2011

Firewall and Proxy Facts

Firewall and Proxy Facts

Keep in mind the following facts about firewalls and proxy servers.

A firewall prevents invalid communications from entering a network while allowing valid communications to travel in and out.
TCP/IP Filtering is a form of a very basic firewall.

Saturday, November 26, 2011

Managing the backup process

Managing the backup process

It is important to understand that backing up is a process. As long as new data is being created and changes are being made, backups will need to be updated.

Manipulation of data and dataset optimization

Manipulation of data and dataset optimization

It is frequently useful or required to manipulate the data being backed up to optimize the backup process. These manipulations can provide many benefits including improved backup speed, restore speed, data security, media usage and/or reduced bandwidth requirements.

Selection and extraction of data

Selection and extraction of data

A successful backup job starts with selecting and extracting coherent units of data. Most data on modern

computer systems is stored in discrete units, known as files. These files are organized into filesystems. Files that are actively being updated can be thought of as "live" and present a

Storage, the base of a backup system

Data repository models

Any backup strategy starts with a concept of a data repository. The backup data needs to be stored somehow and probably should be organized to a degree.

Backup

Backup

In information technology, a backup or the process of backing up is making copies of data which may be used to restore the original after a data loss event. The verb form is back up in two words, whereas the noun is backup.^[1]

10 Tips for Successful Business Networking

Effective business networking is the linking together of individuals who, through trust and relationship building, become walking, talking advertisements for one another.

Keep in mind that networking is about being genuine and authentic, building trust and relationships, and seeing how you can help others.
Ask yourself what your goals are in participating in networking meetings so that you will pick groups that will help you get what you are looking for. Some meetings are based more on learning, making contacts, and/or volunteering rather than on strictly making business connections.
Visit as many groups as possible that spark your interest. Notice the tone and attitude of the group. Do the people sound supportive of one another? Does the leadership appear competent? Many groups will allow you to visit two times before joining.
Hold volunteer positions in organizations. This is a great way to stay visible and give back to groups that have helped you.

Thursday, November 24, 2011

IP Routing Frequently Asked Questions

Introduction

This document provides answers to some of the more frequently asked questions about IP Routing.

Note: For information on document conventions, refer to

Cisco Technical Tips Conventions.

Q. What does it mean to have fast or autonomous switching "enabled" and "disabled" on the same interface?

A. Look at this example:

Ethernet 6 is up, line protocol is up
      Internet address is 192.192.15.1, subnet mask is 255.255.255.0       
      Broadcast address is 192.192.15.255
      Address determined by non-volatile memory MTU is 1500 bytes
      Helper address is 192.192.12.5
      Outgoing access list is not set

IP Address Subnetting Tutorial

This talk will cover the basics of IP addressing and subnetting.
Topics covered will include:

What is an IP Address?

What are Classes?

What is a Network Address?

What are Subnet Masks and Subnet Addresses?

How are Subnet Masks defined and used?

How can all this be applied?

What is CIDR?

How can I get more information?

Wednesday, November 23, 2011

DNS Zone Types

DNS plays an important role in creating an effective Windows 2000 Active Directory (AD) implementation. AD requires DNS and uses it for name resolution and, with the help of a new Resource Record (RR) type called SRV Records, for service location. Because AD relies on DNS for these services, Win2K offers a more scalable and efficient solution than Windows NT 4.0, which uses WINS. A DNS database known as a zone file contains RRs to link host names with their corresponding IP addresses. Win2K DNS supports two kinds of zone files, standard and AD integrated.

DNS Client Settings

DNS uses fully qualified domain names (FQDN) to identify a computer. FQDNs are composed of the host name and the domain name (also called a suffix). Windows client computers can be identified using two different DNS suffixes:

Primary suffix, set through the System properties.
Connection-specific suffix, configured through the TCP/IP properties for the network adapter.

With dynamic DNS, client computers can update the DNS database with their host name. Keep in mind the following facts about client dynamic updates:

DNS Name Resolution Process

You should be familiar with the DNS name resolution process:

When a DNS name resolution request is forwarded to a DNS server, the DNS server examines its local DNS cache for the IP address.
If the IP address is not in the DNS server's cache, it checks its Hosts file. (Since the Hosts file is a static text file, it is not commonly used.)
If the DNS server is not authoritative and configured for forwarding, the DNS server forwards the request to a higher-level DNS server.
If the DNS server cannot forward the request, or if forwarding fails, the DNS server uses its Root Hints file (also known as Cache.dns). The Root Hints file lists the 13 root DNS servers.

Dynamic DNS Facts

For a Windows 2000/XP/2003 client, the following process is used to dynamically update the DNS database.

The client boots and receives an IP address from the DHCP server.
The client sends a DNS update request to update the forward lookup record.
The DHCP server sends an update request to update the reverse lookup record.

For non-dynamic update clients, the DHCP server sends both the forward and reverse lookup updates. You can also configure the DHCP server to perform both tasks for Windows clients.

To enable dynamic updates, use the following steps:
On the Windows DNS server, open the Zone Properties dialog box and enable dynamic updates.

In the TCP/IP Properties of the client, make sure dynamic DNS is enabled (enabled is the default setting).

DNS Namespace Planning

SUMMARY

The resolution of names through the use of Domain Name System (DNS) is central to Windows operation. Without proper name resolution, users cannot locate resources on the network. It is critical that the design of the DNS namespace be created with Active Directory in mind and that the namespace that exists on the Internet not conflict with an organization's internal namespace.

MOREINFORMATION

The recommended approach to DNS design in an Active Directory environment is to design the Active Directory environment first and then support that design with the DNS structure. However, in some cases, the DNS namespace may already be in place. In such a configuration, the Active Directory environment should be designed independently and then implemented either as a totally separate namespace or as a subdomain of the existing namespace. If the namespace you choose already exists on the Internet, it may cause name resolution problems for internal clients.

Split-Brain Domain Name Services for Communications Server

There is much to think about in the design of your network perimeter for Office Communications Server-several services are offered in the perimeter network through the Edge Servers. The primary goal when implementing a split-brain DNS solution is to provide a near total disassociation of the internal DNS servers and the perimeter DNS servers. This provides easier and faster resolution for clients and prohibits an external DNS server from initiating communications with your internal DNS. This article explores several design considerations and explains why it is important to include a perimeter DNS server in your network topology.

Subscribe to: Posts (Atom)