blogger comment test

http://www.w3.org/TR/REC-html40">

Configure TCP/IP addressing on a server computer. Start=> control panel=> network connections=>local area connection. Servers typically use static addresses, DHCP servers must have a static address. Interface cards can have more than one address assigned this is called multihoming. Interface cards can have multiple protocols binded to them. Look for questions with incorrect subnet masks or gateways. Manage DHCP. § Manage DHCP clients and leases. § Manage DHCP Relay Agent. § Manage DHCP databases. § Manage DHCP scope options. § Manage reservations and reserved clients. Troubleshoot TCP/IP addressing. § Diagnose and resolve issues related to Automatic Private IP Addressing (APIPA). § APIPA uses 169.254.xxx.xxx range. Client knows this isn’t a real DHCP address and tries to contact DHCP server every 5 mins. Look for questions with ip addresses in this range. § Look for questions where some connectivity has been lost and the problem host has an ip 169.254.xxx.xxx, this is an APIPA address and probably means the client can’t access the DHCP server so it gives itself an APIPA § Diagnose and resolve issues related to incorrect TCP/IP configuration. § Look for questions with incorrect subnet masks or gateways. § Ipconfig /all - displays maximum info § Ipconfig /display dns - shows all resolved names in cache § Ipconfig /flushdns –clears cache. Look for questions where new hosts or ip changes result in loss of connectivity from client. If you try to connect (ping / resolve) to a host that is not connected you will get a “could not find host” message, if you then connect the host (or if you change the ip) and then ping you get the same error as the response comes from cache, ipconfog /flushdns will solve this. § § ARP resolves IP addresses to MAC addresses. § arp –a displays ARP cache, if you need to know the MAC address of a remote host (e,g to create a DHCP reservation based on a MAC address). § arp –d clears arp cache § nbtstat NetBIOS name resolution (uses case sensitive switches) § nbtstat –r shows netbios cache § nbtstat –R reload name cache § nbtstat –RR renew and refresh name cache § § netstat –a shows all ports that are established or listening. § § tracert traces the conection (route) between 2 hosts from nearest to furthest. § note: ping and tracert use ICMP echo requests, some web servers will time out as they can be set to ignore echo requests for security. Troubleshoot DHCP. § Diagnose and resolve issues related to DHCP authorization. § Verify DHCP reservation configuration. § Examine the system event log and DHCP server audit log files to find related events. § Diagnose and resolve issues related to configuration of DHCP server and scope options. § Verify that the DHCP Relay Agent is working correctly. § Look for questions where some connectivity has been lost and the problem host has an ip 169.254.xxx.xxx, this is an APIPA address and probably means the client can’t access the DHCP server so it gives itself an APIPA § § Verify database integrity. Install and configure the DNS Server service. § Configure DNS server options. § Configure DNS zone options. § Configure DNS forwarding. Manage DNS. § Manage DNS zone settings. § Manage DNS record settings. § Manage DNS server options. Monitor DNS. Tools might include System Monitor, Event Viewer, Replication Monitor, and DNS debug logs. Implement secure network administration procedures. § Implement security baseline settings and audit security settings by using security templates. § Implement the principle of least privilege. Install and configure software update infrastructure. § Install and configure software update services. § Install and configure automatic client update settings. § Configure software updates on earlier operating systems. Monitor network protocol security. Tools might include the IP Security Monitor Microsoft Management Console (MMC) snap-in and Kerberos support tools. Troubleshoot network protocol security. Tools might include the IP Security Monitor MMC snap-in, Event Viewer, and Network Monitor. Configure Routing and Remote Access user authentication. § Configure remote access authentication protocols. § Configure Internet Authentication Service (IAS) to provide authentication for Routing and Remote Access clients. § Configure Routing and Remote Access policies to permit or deny access. Manage remote access. § Manage packet filters. § Manage Routing and Remote Access routing interfaces. § Manage devices and ports. § Manage routing protocols. § Manage Routing and Remote Access clients. Manage TCP/IP routing. § Manage routing protocols. § Manage routing tables. § Manage routing ports. Implement secure access between private networks. Troubleshoot user access to remote access services. § Diagnose and resolve issues related to remote access VPNs. § Diagnose and resolve issues related to establishing a remote access connection. § Diagnose and resolve user access to resources beyond the remote access server. Troubleshoot Routing and Remote Access routing. § Troubleshoot demand-dial routing. § Troubleshoot router-to-router VPNs. Monitor network traffic. Tools might include Network Monitor and System Monitor. Troubleshoot connectivity to the Internet. Troubleshoot server services. § Diagnose and resolve issues related to service dependency. § Use service recovery options to diagnose and resolve service-related issues. http://www.microsoft.com/learning/exams/70-291.asp#top#top"> style=' path="file:///o:preferrelative=" filled="f" stroked="f"> http://www.microsoft.com/learning/exams/70-291.asp#top#top" style='width:30pt;height:15pt' o:button="t"> http://www.microsoft.com/products/shared/images/top_v1.gif"/>

Microsoft Certification Second Shot Exam Offer Details
Learn more about the 2006 Microsoft Certification Second Shot Exam offer
Now, you can get a free second shot at any Microsoft Learning IT Professional, Developer, or Microsoft Dynamics (formerly Microsoft Business Solutions) exam.

The above offer from Microsoft has given me a bit of a much needed kick up the arse and I am planning on taking the infrastructure exam by the end of June.
Full details of the off er can be found via the link below.




http://www.microsoft.com/learning/mcp/offers/2ndchance/details/

Internet Security.
A couple of weeks ago at college Big Ron gave us his guide to safer internet usage. If you shop or bank online there are some simple precautions you should take. So after reading a post on Gemmak's blog I have written it up and added some extra advice.

Big Ron's guide to Safer surfing (with extra bits added by Mick)

1. Always use a credit card not a debit card. A debit card is a way straight into your bank account, with a credit you are protected against internet fraud. If you have more than one credit card always use the same one for internet shopping. This makes it easier for you to spot any thing odd and makes it easier for the authorities to track if you are unlucky enough have any problems.
   
2. Make sure you have antivirus software installed and running. It's not enough to install your antivirus program and forget about it, you have to keep it updated with the latest virus definitions and you have to regularly run a scan on your system. If you shop or bank online you should run a scan at least once a week.
   
3. Make sure you have a firewall. The windows XP firewall is not enough!. Windows firewall will block attacks coming in but will not stop any info going out of your PC. If you use broadband you should get a router, typically these will have an in built firewall and a hardware firewall is generally better than a software one, (but have a software one aswell). Something else to do is to configure your firewall to block confidential information, I use Norton firewall and you can enter things that you would like blocked e.g account no's, credit card no's, names, addresses. When entering the info you want blocked don't enter the full card number for instance just half of it. This way you are not storing the full number.
   
4. Have at least 3 different anti-spyware programs installed, keep them up to date and run scans with them at least once a week. You can get Ad-aware, Spybot search & Destroy and the Beta of Microsoft's anti-spyware all for free. Use more than anti-spyware product as they all seem to find different things.
   
5. Keep Windows up-dated, make sure you have all the latest patches from Microsoft.
   
6. Never ever respond to or click on links in E-mails claiming to be from E-bay, Paypal, your bank or anything else you might be signed with that threaten you with account closure if you don't update your details. These are Phishing scams intended to trick you into entering confidential info on a fake website. Some of these mails are not as obvious as the threatening ones and can be a lot more subtle. For example last week I got a mail "from Ebay" inviting me to become a powerseller, all I had to do was "click here" to log in. This was to me an obvious fake because, I don't even near qualify to be a powerseller. Here's a good tip to spot the fakes. If you remember that the wording of the link is just text (e.g above where I have linked to gemmak it says "gemmak" and not the actual address of her blog) so anyone can type in https//ebay.co.uk/ login but the link will take you somewhere else (clink on the link to see). If you are using Outlook for your e-mail when you hover your mouse pointer over a link a tooltip should appear and this will reveal the actual web address (this may work in other mail applications , but as I don't use them I can't say). Remember a genuine mail from your bank or ebay or whatever will never ask for your passwords etc or issue you with threats if you don't update your details. To be safe don't click on links in e-mails, go to the site you want by typing it into your browser.
   
7. Don't save passwords or personal details on your computer. If you really can't remember them then just note cryptic reminders that no one esle would understand or know. Also don't allow windows to save your passwords.
   
8. visit http://www.grc.com/ and do their sheilds up! test. This scans your computer for open ports and gives you a rating. Anything less than 100% stealthed (all green) is not good enough. If you get less than this score you need a firewall.
   

Generally speaking shopping on the net is far safer than handing over your credit card to someone who then walks off to process it.

Don't get too paranoid, unless you indulge in file sharing, P2P or porn in which case you can't be paranoid enough.

I am seriously considering cramming and taking W2K server exam before Net Inf as this exam is supposedly much easier and should serve as useful exam technique training.
After a bit of study I'll see how I get on at the Transcenders et al.

How do these people get jobs?
Although I don't work in I.T as such, I have to deal with a lot of the clients I.T people some of which are less than impressive.
The I.T girl sent me the following configuration for a new printer, I always ask for the info to be sent in an e-mail so I'm sure it's correct and so that I can blame someone else if it's not,

Hi Mick,

As per our conversation, pls find below the details:

ip: 172.016.067.155
gate: 255.255.255.0
subnet: 172.016.067.155

I reply to her mail asking her to re-confirm the details as it appears she has made a typo*, within 5 mins she was on the phone asking me to point out her mistake as she can't see one!

This should have been blatantly obvious to any one with a basic knowledge of TCP/IP.

SNAFU.
On saturday I had to load some security and update patches on some of our print servers that run Xp embedded.
The first one went ok but the second and third went completly tits up and started giving the BSOD after applying the last patch. I discovered that somehow I'd managed to delete most of the files from the patch, which was on a memory stick, after applying it to the first machine.
fortunately I was able to restore both servers from back up and only had to reload the extra applications but I was still here 'till nearly 4 o'clock tho'

I just came across this when trying to find out why the latest Nvidia drivers have screwed up video platback on my PC

Here's something for broadband people that will really speed FireFox up:

1.Type about:config into the address bar and hit return. Scroll down and look for the following entries: network.http.pipelining network.http.proxy.pipelining network.http.pipelining.maxrequests Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.

2. Alter the entries as follows: Set "network.http.pipelining" to "true" Set "network.http.proxy.pipelining" to "true" Set "network.http.pipelining.maxrequests" to some number like 30. This means it will make 30 requests at once.

3. Lastly right-click anywhere and select New-> Integer. Name it "nglayout.initialpaint.delay" and set its value to "0". This value is the amount of time the browser waits before it acts on information it recieves. If you're using a broadband connection you'll load pages MUCH faster now!

I have no idea if this works but I'll be trying it tonight hopefully.

Gone Phishing
Which web browser do you use? Gone over to Firefox have you, to be safer? Think again.
The Register has an article about the rise in trojan horse programs. highlights include;

Of the 13 vulns affecting IE in 2004, nine were classified as "high severity". Of the 21 vulnerabilities affecting the Mozilla browsers, Symantec classified 11 as "high severity". Firefox users enjoyed an easier ride with just seven affecting "high severity" vulns over the report period.

Symantec says there have been few attacks in the wild against Mozilla, Mozilla Firefox, Opera, or Safari, but the jury is still out on whether these browsers represent a more secure alternative to IE.

The article also comments on the rise in Phishing scams, this is where you get an email asking you to confirm your account details for internet banking etc, I get a lot of these pretending to be from ebay. The email will ask you to click a link, which takes you to a fake version of the website you think you are visiting, and then log in to reset your account, at which point they grab your password etc and steal all your money.
I would imagine that a lot of even fairly web savvy people get caught like this and it is obviously lucrative judging by this statement;

Symantec also noted a marked rise in email scams over second half of 2004. The firm's BrightMail anti-spam filters blocked an average of 33 million phishing emails a week in December 2004 compared to nine million a week in July 2004.

So get yerself a firewall and antivirus software, if you use broadband get a router/firewall, visit www.grc.com and use their "shields up" utility to find out how secure your pc is, and remember no proper company will ask you for passwords etc.
Be careful out there on the interweb because here be dragons, and thieving bastards.

I will be resuming my studies after Easter so hopefully this blog might actually start having some useful content.

added link to an excellent resource site for windows security .

Information super highway.
I 've done it. I've taken the plunge. I've signed up for broadband. I actually signed up for it a few weeks ago with Tiscali as the provider but I realised afterwards that I wasn't getting the deal that I thought I was and I read a lot of bad press about Tiscali so I decided to cancel my order. I have now signed up with with Bulldog who have got a very good deal on at the moment for an unlimited 4meg connection. I should be up and running in about a week.

I really should try to get back into my studies. So busy at work, so busy at home (3 kids now!)
I spent a lot of money buying my course so I really should complete it. This year.

Here's a very worrying article about Spyware at the Register. It would seem that if you're running internet explorer you are pretty much destined to get spyware at some point, even if you are a child surfing for things of interest to an 8 yr old.
Also at the register is BOFH episode 20 , very funny.

Haloscan comment test

Trying to get a name resolution services guide written up and posted, hopefully next week.

Subnets, Subnets, Subnets
This week we covered subnetting and VLSM. Subnetting is the bane of my life, it involves maths, my maths is shite therefore my ability to work out subnet masks, no of networks, no of hosts etc is also shite.

On a plus note the redesign of my website is coming along nicely and by the end of next week I hope to have the design finished and some networking content added as well.

Carried out a bit of template changing and updating

Security
Here's an excellent article on the register from security Focus about e-mail worms / virii

testing testing testy test test