There are several occasions where you will be at a public te How to bypass web filters
rminal, and require access to a particular website that is blocked for some reason or another. How to bypass these restrictions is a very common question, and will be covered here.
Lets pretend for a moment that the Internet is made up of 26 websites, A-Z. The web filter blocks your browser from accessing sites X-Z, but not sites A-W. Simply make the browser think you’re going to A-
W. There are a variety of ways to do this:
Proxy Servers:
This is a list of http proxies. These sites may not be up forever, so you may need to search for “free http proxy†or “public proxy servers†or other similar terms.
Proxy server lists:
• http://www.aliveproxy.com
• http://www.multiproxy.org
• http://www.publicproxyservers.com/index.html
• http://www.tehbox.com/proxy
• http://www.proxz.com
• http://www.proxy4free.com/index.html
• http://free-proxies.com
Now that you have a list of proxies, you would open IE (internet explorer) and click on Tools > Internet Options > Connections > LAN Settings > Advanced. Enter the address and port of one of the servers from the list in the proper area (http) and make sure the “use a proxy server for your LAN†option is selected. Remember to replace the proxy and port at your terminal to the original when you're done.
*Note: Some proxies listed may not work, and this method may decrease your surfing speed. By trying various entries, you’ll find one that works, or works faster.
The infamous translation trick:
Go to a web page translation site and use their services to “translate a page to English†thus accessing the blocked page through their trusted site.
You’ll notice that several translation sites are blocked, but by using less popular ones, this method can still be effective. Here is a list of some translation services. Again, these sites may not be up forever, so you may need to search for them.
• http://babelfish.altavista.com
• http://world.altavista.com
• http://translation.langenberg.com
• http://freetranslation.com/web.thm
Url Scripting:
Url scripting is the easiest method. It works on a select few web filters and is based on the same principal as the translation trick. By typing and address like “www.yahoo.com@www.restricted_site.com the filter will not go into effect as it recognizes the trusted site (in this case yahoo.com)
Other tricks:
Simply open the command prompt and type:
Ping restricted.com ? restricted.com obviously being the restricted site
At this point you can take down the IP address (ex. 216.109.124.73) and enter it into the browser. If access to the command prompt is also restricted, see “How to bypass restrictions to get to the command prompt.†If this article has been taken from information leak, then know that it involves anything from opening the browser, selecting view > source, then saving it as X.bat and opening it to opening a folder or browser and typing in the location of cmd.exe depending on the OS. I will not go into further, as this a completely different topic.
Use
https://restrictedsite.com
as referring to it as a secured site may confuse the filter.
Note: These are ancient methods that many new filters defend against, but still may be applicable in your situation. If not, a little history never hurt anyone.
Web based Proxies:
Another one of the easier, yet effective methods include web based proxies. These are simple in the fact that you just enter the restricted address and surf! Some of these have some restrictions, like daily usage limits, etc but you can also use another proxy (perhaps one that sucks, like a text only) to bypass their restrictions as well. Here is a list of some:
• http://proxify.com
• http://www.anonymizer.com/index.cgi
• http://www.guardster.com/
• http://anonymouse.ws/anonwww.html
• http://www.the-cloak.com/login.html
• https://www.megaproxy.com/freesurf
• http://www.anonymizer.ru
• https://nadaily.com/cgi-bin/nph-proxyb.cgi
• http://www.userbeam.de/cgi-bin/nph-userbeam.cgi
• http://www.free2.surffreedom.com/nph-free.cgi
Proxy Programs:
There are many proxy programs that allow you to surf anonymously that are more or less based on the same topics we’ve covered here. I’ve added them just to cover the topic thoroughly:
• http://www.hotscripts.com/Detailed/28480.html
• http://www.inetprivacy.com/a4proxy/anonymous-grc.htm
• http://www.orangatango.com/home/index.ie.html
• http://www.steganos.com
• http://www.anonymization.net
toolbar that requires admin rights to install
Making your own CGI proxy server:
Making your own proxy server may come in handy, but I personally find that simply uploading a txt file/w a list of proxies to a free host makes for a much easier and headache free solution. If you don’t know PERL, there is code out there to help you set it up. Check out these sites for more info:
• http://httpbridge.sourceforge.net
• http://www.jmarshall.com/tools/cgiproxy
• http://www.manageability.org/blog/stuff/open-source-personal-proxy-servers-written-in-java/view
Admin Access:
When all else fails, you can simply take over the PC and alter or delete the damn filter. This method varies according to the OS (operating system) you are dealing with. Please see “Hacking Windows NT†for more information. If this tutorial has been taken from information leak, then I will go as far as to say it involves booting the PC in another OS, copying the SAM file and cracking it using a program like saminside or LC5 rather than start a whole new topic within one.
Wednesday, January 30, 2008
Getting More Bandwidth Plus 5 Times Tcp/ip Connections, Improve internet speed, BT downloads, online games and media streaming
Windows by default reserves 20% available Internet bandwidth.
To release this reserved bandwidth carry out the steps below:
Click "Start" button.
Click "Run" and in the "Open:" column enter gpedit.msc and click "OK"
Double click "Computer Configuration"
Double click "Administrative Templates"
Double click "Network"
Double click "QoS Packet Scheduler"
Double click "Limit reservable bandwidth"
Select "Enable" and set the "Bandwidth limit (%) to zero; click Apply and OK.
To increase TCP/IP connections
Windows by default only set 10 connections for TCP/IP to prevant hackers.
To set more connections get the TCP/IP Patcher from:
Home page :
http://www.lvllord.de
Download
http://www.lvllord.de/download.php?url=en/EvID4226Patch223d-en.zip
http://www.lvllord.de/download.php?url=de/EvID4226Patch223d-de.zip
Run the patch, select "yes" to increase TCP/IP connections from 10 to 50.
When MS asks you to restore the system select "Cancel" and "Yes".
You can restore to the original setting by running the program again.
Warning Computers running Windows XP Home Edition cannot join corporate domains. For this reason, features that require machine accounts within a domain, such as Group Policy, are not available in Windows XP Home Edition.
To release this reserved bandwidth carry out the steps below:
Click "Start" button.
Click "Run" and in the "Open:" column enter gpedit.msc and click "OK"
Double click "Computer Configuration"
Double click "Administrative Templates"
Double click "Network"
Double click "QoS Packet Scheduler"
Double click "Limit reservable bandwidth"
Select "Enable" and set the "Bandwidth limit (%) to zero; click Apply and OK.
To increase TCP/IP connections
Windows by default only set 10 connections for TCP/IP to prevant hackers.
To set more connections get the TCP/IP Patcher from:
Home page :
http://www.lvllord.de
Download
http://www.lvllord.de/download.php?url=en/EvID4226Patch223d-en.zip
http://www.lvllord.de/download.php?url=de/EvID4226Patch223d-de.zip
Run the patch, select "yes" to increase TCP/IP connections from 10 to 50.
When MS asks you to restore the system select "Cancel" and "Yes".
You can restore to the original setting by running the program again.
Warning Computers running Windows XP Home Edition cannot join corporate domains. For this reason, features that require machine accounts within a domain, such as Group Policy, are not available in Windows XP Home Edition.
cbt videos for IIS,DNS,Linux monitor
Windows Server 2003 IIS and DNS
Download in Windows Media or Macromedia Flash format.
12 minutes 48 seconds by Jake
In this video, I install and configure IIS and DNS on Windows Server 2003 for virtual hosting. These procedures will work with all versions of Windows Server 2003 and possibly with Windows 2000 Server (I don't have a copy to test it out.)
Downloads: 17565
Linux Network Monitor
Download in Windows Media or Macromedia Flash format.
12 minutes 23 seconds by Jake
This video shows you how to set up ntop, a network monitoring program, on GNU/Linux. Ntop features a web interface that displays tons of information about bandwidth utilization, traffic patterns, etc. It even shows you what applications are using bandwidth on your network such as ftp, bittorrent, http, dns, etc.
Downloads: 25874
Linux DNS Server
Download in Windows Media or Macromedia Flash format.
38 minutes 28 seconds by Jake
This video explains how to set up a DNS server on a GNU/Linux server. In the video I explain a little bit about how DNS works, then I install and configure BIND in a chroot jail on 2 DNS servers in a master/slave relationship. This video is specifically tailored to setting up DNS for a web server.
Downloads: 53543
Linux Web Server
Download in Windows Media or Macromedia Flash format.
17 minutes 58 seconds by Jake
This video explains how to set up a web server on a GNU/Linux server. In the video I install and configure Apache, VSFTPD, PHP, MySQL, and PHPMyAdmin. The end result is a PHP-powered web server with ftp access and a MySQL server with a web interface.
Downloads: 51522
Windows Web Server
Download in Windows Media or Macromedia Flash format.
13 minutes 26 seconds by Jake
This video details the installation and configuration of Apache, MySQL, and PHP on Windows. This video is made specifically or those using Windows 2000 Pro, Windows XP Home, or Windows XP Pro.
download
http://cbt4free.org/videos.php
Download in Windows Media or Macromedia Flash format.
12 minutes 48 seconds by Jake
In this video, I install and configure IIS and DNS on Windows Server 2003 for virtual hosting. These procedures will work with all versions of Windows Server 2003 and possibly with Windows 2000 Server (I don't have a copy to test it out.)
Downloads: 17565
Linux Network Monitor
Download in Windows Media or Macromedia Flash format.
12 minutes 23 seconds by Jake
This video shows you how to set up ntop, a network monitoring program, on GNU/Linux. Ntop features a web interface that displays tons of information about bandwidth utilization, traffic patterns, etc. It even shows you what applications are using bandwidth on your network such as ftp, bittorrent, http, dns, etc.
Downloads: 25874
Linux DNS Server
Download in Windows Media or Macromedia Flash format.
38 minutes 28 seconds by Jake
This video explains how to set up a DNS server on a GNU/Linux server. In the video I explain a little bit about how DNS works, then I install and configure BIND in a chroot jail on 2 DNS servers in a master/slave relationship. This video is specifically tailored to setting up DNS for a web server.
Downloads: 53543
Linux Web Server
Download in Windows Media or Macromedia Flash format.
17 minutes 58 seconds by Jake
This video explains how to set up a web server on a GNU/Linux server. In the video I install and configure Apache, VSFTPD, PHP, MySQL, and PHPMyAdmin. The end result is a PHP-powered web server with ftp access and a MySQL server with a web interface.
Downloads: 51522
Windows Web Server
Download in Windows Media or Macromedia Flash format.
13 minutes 26 seconds by Jake
This video details the installation and configuration of Apache, MySQL, and PHP on Windows. This video is made specifically or those using Windows 2000 Pro, Windows XP Home, or Windows XP Pro.
download
http://cbt4free.org/videos.php
Save All Windows Updates To Your Disk
Many times you really get bugged up if you had to reformat your HDD and lose all your updates installed and you have to redownload them and reinstall for which you waste your time and money. Now I will show you how to save all Windows updates to your HDD. There are several methods and we will discuss all of them.
1st Method: Easiest and only for Windows XP with SP2. Firstly you have to configure your Automatic Updates Settings through MyComputer(right click)>>properties>>Automatic Updates.
Choose the option shown in the above shot and click ok. Your SP2 Security Center may warn you but ignore or disable it. Now connect to the net and wait for some time. You will get a notification in the system tray that Updates are available for download. Now double click on the System Tray Icon and it opens up a window and now you can see all the updates listed with their KB Article Numbers.
Now copy all the numbers to your notepad and now use the link
CODE
http://support.microsoft.com/?kbid=XXXXXX
or the link given at the bottom of the above window.
Here XXXXXX is the 6 digit number you copied earlier. From the support page you will find a link to the patch and now you can download it convieniently.
2nd Method: Work for any Windows – Best MethodYou can download all the updates that are available from Automatic Updates by using the Windows Update Catalog. For additional information about how to download updates from the Windows Update Catalog, click the following article number to view the article in the Microsoft Knowledge Base:
HOW TO: Download Windows Updates and Drivers from the Windows Update Catalog
· Visit the Windows Update(v6) Web site:
CODE
http://update.microsoft.com/
· Click Personalize Windows Update.
· Select the Display the link to the Windows Update Catalog under See Also check box.
· Click Save Settings.
· A Windows Update Catalog link appears under See Also.
· Click the Windows Update Catalog link.
· Click Find updates for Microsoft Windows operating systems.
· Click the appropriate product, and then click Search.
· Click Critical Updates and Service Packs.
· Locate the patch you want, and then click Add.
· Click Go to download basket. In the Type or browse to the download location of your choice box, type the full path for the folder in which you want to save the patch. Or, click Browse to browse to the folder. Click Download Now.
If you don’t find the link to Windows Update Catalog (as in SP2) then go to Administrator Options and there is a heading named “Update multiple operating systems†and under it link to Windows update Catalog is given.
A manual link (no guarantee on link working on diff Windows) to Windows Update Catalog is given below:
CODE
http://v4.windowsupdate.microsoft.com/catalog/en/default.asp
I used this On WinXP SP2 and it worked and plus you can download updates for any Windows i.e. you can 98 updates while running XP. This works best for Networked PC’s.
3rd Method: Works in any Windows but not always Another method to save the patch locally is to install the update ‘as usual’ from the Windows Updates page. Once the copy process is complete and the Install process is about to begin, look for the WUTemp folder in C:\ (or whatever drive you’ve installed Windows). This is the destination folder used by Windows Updates to save the hotfix. The hotfix will be deleted automatically once installed. Therefore, copy the WUTEMP directory contents to a new folder, while the install process has just started.
For Windows XP SP2, the installer is stored in a sub-folders under %Windir%\SoftwareDistribution\Download
Another Note: Sometimes you find a long named file with random characters and without an extension in %Windir%\SoftwareDistribution\Download. Try renaming the file by just adding .exe to the end of the filename. Do not modify anything else. Now right click and check its properties. It may turn out to be an update and its KB number is listed in its properties. You can now copy the update to any folder. Don’t move the update, just copy it to any location. This will work any time and even if you are not connected to the net.
Tip: After downloading the updates, save them to a CD if you’re planning to apply across multiple systems or a stand-alone system without internet connection. Before applying the downloaded updates, you can run through Windows Updates scan (don’t download yet) to know the list of Cricital Updates (Q######) pertaining to that particular computer. Note all of them to a piece of paper and install them one by one from the CD. This one works even better when combined with 2nd Method.
1st Method: Easiest and only for Windows XP with SP2. Firstly you have to configure your Automatic Updates Settings through MyComputer(right click)>>properties>>Automatic Updates.
Choose the option shown in the above shot and click ok. Your SP2 Security Center may warn you but ignore or disable it. Now connect to the net and wait for some time. You will get a notification in the system tray that Updates are available for download. Now double click on the System Tray Icon and it opens up a window and now you can see all the updates listed with their KB Article Numbers.
Now copy all the numbers to your notepad and now use the link
CODE
http://support.microsoft.com/?kbid=XXXXXX
or the link given at the bottom of the above window.
Here XXXXXX is the 6 digit number you copied earlier. From the support page you will find a link to the patch and now you can download it convieniently.
2nd Method: Work for any Windows – Best MethodYou can download all the updates that are available from Automatic Updates by using the Windows Update Catalog. For additional information about how to download updates from the Windows Update Catalog, click the following article number to view the article in the Microsoft Knowledge Base:
HOW TO: Download Windows Updates and Drivers from the Windows Update Catalog
· Visit the Windows Update(v6) Web site:
CODE
http://update.microsoft.com/
· Click Personalize Windows Update.
· Select the Display the link to the Windows Update Catalog under See Also check box.
· Click Save Settings.
· A Windows Update Catalog link appears under See Also.
· Click the Windows Update Catalog link.
· Click Find updates for Microsoft Windows operating systems.
· Click the appropriate product, and then click Search.
· Click Critical Updates and Service Packs.
· Locate the patch you want, and then click Add.
· Click Go to download basket. In the Type or browse to the download location of your choice box, type the full path for the folder in which you want to save the patch. Or, click Browse to browse to the folder. Click Download Now.
If you don’t find the link to Windows Update Catalog (as in SP2) then go to Administrator Options and there is a heading named “Update multiple operating systems†and under it link to Windows update Catalog is given.
A manual link (no guarantee on link working on diff Windows) to Windows Update Catalog is given below:
CODE
http://v4.windowsupdate.microsoft.com/catalog/en/default.asp
I used this On WinXP SP2 and it worked and plus you can download updates for any Windows i.e. you can 98 updates while running XP. This works best for Networked PC’s.
3rd Method: Works in any Windows but not always Another method to save the patch locally is to install the update ‘as usual’ from the Windows Updates page. Once the copy process is complete and the Install process is about to begin, look for the WUTemp folder in C:\ (or whatever drive you’ve installed Windows). This is the destination folder used by Windows Updates to save the hotfix. The hotfix will be deleted automatically once installed. Therefore, copy the WUTEMP directory contents to a new folder, while the install process has just started.
For Windows XP SP2, the installer is stored in a sub-folders under %Windir%\SoftwareDistribution\Download
Another Note: Sometimes you find a long named file with random characters and without an extension in %Windir%\SoftwareDistribution\Download. Try renaming the file by just adding .exe to the end of the filename. Do not modify anything else. Now right click and check its properties. It may turn out to be an update and its KB number is listed in its properties. You can now copy the update to any folder. Don’t move the update, just copy it to any location. This will work any time and even if you are not connected to the net.
Tip: After downloading the updates, save them to a CD if you’re planning to apply across multiple systems or a stand-alone system without internet connection. Before applying the downloaded updates, you can run through Windows Updates scan (don’t download yet) to know the list of Cricital Updates (Q######) pertaining to that particular computer. Note all of them to a piece of paper and install them one by one from the CD. This one works even better when combined with 2nd Method.
Cbt Exam-pack 70-350: Isa Server 2004
Implementing Microsoft Internet Security and Acceleration Server 2004
The Microsoft Internet Security and Acceleration (ISA) Server is truly a versatile and important component in any network. With the improvements ISA Server 2004 has over previous versions, trainer Jeremy Cioara explains that, among other benefits, “the firewall is light years ahead of any firewall that only handles port forwarding.â€
The modifications Microsoft has made to ISA Server since the 2000 version have changed almost everything. Some of the biggest improvements include:
- deep-packet inspection of application-layer data,
- multiple-network support,
- unique network policies for each interface of the ISA Server 2004 firewall and
- additional VPN security including the VPN Quarantine functionality, which allows you to isolate non-compliant VPN clients.
- Plus, there have been huge improvements to the management interface and monitoring functions.
Our ISA Server 2004 videos map to Microsoft Exam 70-350, which gives you elective credit towards both the MCSE and MCSA 2003 certifications, plus the :Security specialization. In addition to covering the exam objectives, this series gives you on-the-job skills for deploying ISA Server 2004 on your network from start-to-finish.
The series also teaches you how to configure the ISA Server firewall to inspect packets down to the application-layer data and filter out hard-to-catch instant messaging and peer-to-peer file sharing applications. It even gives you a side-by-side comparison of ISA Server 2004 to competitors such as Cisco PIX and Checkpoint, so you can determine which firewall will best meet the needs of your network.
Thinking about deploying ISA Server 2004? This training will give you the skills and knowledge you need.
A basic understanding of Windows 2003 networking and e-mail services such as the MCSA 2003 certification and Exchange 2003 Administration training or equivalent knowledge is recommended before viewing these videos.
download
http://pointupload.com/en/server/4067856E8/CB-IS-SER-part06-rar.html
http://pointupload.com/en/server/CE57D29D8/CB-IS-SER-part01-rar.html
http://pointupload.com/en/server/B61E542A8/CB-IS-SER-part03-rar.html
http://pointupload.com/en/server/841303348/CB-IS-SER-part02-rar.html
http://pointupload.com/en/server/DEF55A2C8/CB-IS-SER-part05-rar.html
http://pointupload.com/en/server/46A291A48/CB-IS-SER-part04-rar.html
The Microsoft Internet Security and Acceleration (ISA) Server is truly a versatile and important component in any network. With the improvements ISA Server 2004 has over previous versions, trainer Jeremy Cioara explains that, among other benefits, “the firewall is light years ahead of any firewall that only handles port forwarding.â€
The modifications Microsoft has made to ISA Server since the 2000 version have changed almost everything. Some of the biggest improvements include:
- deep-packet inspection of application-layer data,
- multiple-network support,
- unique network policies for each interface of the ISA Server 2004 firewall and
- additional VPN security including the VPN Quarantine functionality, which allows you to isolate non-compliant VPN clients.
- Plus, there have been huge improvements to the management interface and monitoring functions.
Our ISA Server 2004 videos map to Microsoft Exam 70-350, which gives you elective credit towards both the MCSE and MCSA 2003 certifications, plus the :Security specialization. In addition to covering the exam objectives, this series gives you on-the-job skills for deploying ISA Server 2004 on your network from start-to-finish.
The series also teaches you how to configure the ISA Server firewall to inspect packets down to the application-layer data and filter out hard-to-catch instant messaging and peer-to-peer file sharing applications. It even gives you a side-by-side comparison of ISA Server 2004 to competitors such as Cisco PIX and Checkpoint, so you can determine which firewall will best meet the needs of your network.
Thinking about deploying ISA Server 2004? This training will give you the skills and knowledge you need.
A basic understanding of Windows 2003 networking and e-mail services such as the MCSA 2003 certification and Exchange 2003 Administration training or equivalent knowledge is recommended before viewing these videos.
download
http://pointupload.com/en/server/4067856E8/CB-IS-SER-part06-rar.html
http://pointupload.com/en/server/CE57D29D8/CB-IS-SER-part01-rar.html
http://pointupload.com/en/server/B61E542A8/CB-IS-SER-part03-rar.html
http://pointupload.com/en/server/841303348/CB-IS-SER-part02-rar.html
http://pointupload.com/en/server/DEF55A2C8/CB-IS-SER-part05-rar.html
http://pointupload.com/en/server/46A291A48/CB-IS-SER-part04-rar.html
Tuesday, January 29, 2008
Ip Addresses, IP Addresses Explained
What is an IP address?
Okay, first things first. Think of an IP address like you do a mailing address. It's basically the exact same thing. Consider this, when you send out a letter, what do you do? You put that letter in an envelope, write the address, put a stamp on it, stick in the mailbox and put that red flag up on your mailbox, right?
Apply this to computers: that letter is data, the envelope is the TCP/IP header which is actually wrapped around the packet, just like an envelope. The address would be the IP address, located on that header. You stick that in your mailbox, or in the computer world, a buffer, and it gets sent off to the recipient.
All the traveling that a letter goes through, a packet goes through. A letter sent through the mail is taken from your mailbox to your local post office. From there, it's sent to a state post office distribution center. Then it gets sent to a regional center. If it's an international letter goes to one of the national ones. The letter then goes back down this chain until it's in the recipient's mailbox. At each stop, a decision is made on whether or not that that particular distribution center should send it to a higher level, or if it can put that letter in a bin at it's location which will be sent to the next lower level.
Lets say I want to send you a letter, we both live in Texas but in different cities. I send out the letter, my local post office looks at the address and determines that it can't deliver the letter to the recipient so it sends it to the state post office. The state post office says yes, I can deliver this to the letter bin that belongs to that city and it'll go out with the next truck. Your city post office gets the letter and sees the address, says yeah he's in our area so we can definately send this to him. It gets put on a truck with other letters for people in your area and the driver puts it in your mailbox.
Same thing happens with a packet, except there are no internet truck drivers and it happens a helluva lot quicker. Your packet gets sent to your ISP who routes it back to a local address if it can, or sends it to the next higher ISP until it's on the Internet Backbone . Once there, if the recipient is still in your country, it'll go to his regional ISP, and so on and so forth until he gets it.
Why all this talk about regular mail? Again, an IP address is nothing more, nothing less than an address. What about routers, we have internal IP addresses! Ahh good question, think of an internal IP address the same as having a post office box. The post office gets it and decides to route it to you that way, your physical address obscured to the sender.
How the addressing scheme works
Okay, now that we've established what an IP Address is I'll show you how addresses are assigned.
IP addresses are broken up into several classes, A - E.
Class A addresses are 1.xxx.xxx.xxx - 126.xxx.xxx.xxx
Class B addresses are 128.XXX.xxx.xxx - 191.XXX.xxx.xxx
Class C addresses are 192.XXX.XXX.xxx - 223.XXX.XXX.xxx
Class D addresses are 224.xxx.xxx.xxx - 239.xxx.xxx.xxx
Class E addresses are 240.xxx.xxx.xxx - 254.xxx.xxx.xxx
Okay, what the hell is all that? I'll explain:
IPv4 address consist of 4 octets. For an A Class address, the first octet, ranging from 1 - 126, describes the network you're sending a packet to. The rest of the octets describe the node. (Kind of like a City, and a Mailbox, respectively.) (A node is just another name for a device connected to the network.)
In a Class B address, the first two octets represent the network and the last two describe the node.
Wait a minute! What happened to 127?!?!? Addresses starting with 127 are loopback addresses. That means it points to your computer. Go ahead, ping 127.xxx.xxx.xxx where the xxx is between 1 and 255. It will resolve to 127.0.0.1 and give you a reply that's hopefully less than 1 milisecond.
Anyway, Class C addresses are start with 192, go up to 223, and the first three octets describe the network and the last octet describes the node.
Okay, break for a second. A network with only 254 nodes?!? (0 is used kind of like a wildcard and 255 is broadcast.) That's right, Class C networks are usually given to small time ISP's and organizations who only have a few nodes on their network. Big companies like IBM and the government are given Class A addresses because they're bound to have lots of nodes. When the internet first kicked off, lots companies were told that certain address ranges would be reserved for them. This has caused problems because 1) Those companies aren't using nearly all of those addresses and 2) we're running out of addresses to assign people. The solution for this is IPv6, where we have 6 octets instead of 4, increasing the number of addresses exponentially.
Alrighty, back to classes. Class D addresses are for multicasting and Class E addresses are reserved for future use.
Ports
If I had a dime for every time I've heard, "I scanned xyz and found this many open ports!! How do I exploit them!?!?!?" I swear I'd be rich.
Ports are logical addresses on a computer where applications send and receive data. That's it, just like IP addresses, ports are nothing more and nothing less than addresses. To put it in the same perspective as regular mail, think of your computer as an office building and applications on your computer as different companies within that office building. Now your office building isn't going to have different mailrooms for each company. They'll receive mail and put it in your company's bin and you come and get it. Your computer has 66,536 some odd ports, plenty for all of your applications, so your office building has some 66,536 odd mail bins for companies in your building. Will you use all of these ports? Most definately not.
So you scanned a computer and lets say it has 100 ports open. Great, that just means that your "office building" has 100 mail bins, it doesn't mean that there are companies in your "office building" who use those mail bins. You have to have some kind of application running that relies on a service that uses that port in order to do ANYTHING with it. Just because you found xyz port open, that doesn't mean that you're getting instant access to their computer. If there's no service listening to that port, you're doing the same thing as sending letters to a mailbox that no one checks. Yeah, nice job.
Also, think of a Firewall as a person in the basement mailroom analyzing each letter to determine whether it's junkmail or something that a company doesn't want. Either that or he can hold all mail for that company until instructed otherwise.
Exploiting Services
I'm going to touch briefly on this subject for two reasons. 1) I'm not the most knowledgeable person on the subject and 2) It's illegal unless you own the computer you're exploiting or have the expressed permission of it's owner.
Okay in order to exploit a service, you first have to find a vulnerability. That isn't always easy because the remote computer more than likely isn't going to just give you the source code for the service running on a port you want to attack. So if you're wanting to find vulnerabilities in their service, you're going to have to guesstimate what kind of service is running on that port and get your own and analyze it's code. There's other methods of testing for vulnerabilities. Most well known vulnerabilities (read: ones you find on the internet) are patched already. You can test these and see if they're patched, but chances are that if the admin on the other side is even a little vigilant, he'll keep his software updated.
Okay, so he is vigilant and all known vulnerabilities are patched, what now? You poke around and see if you can find one of your own. This varies from service to service and application to application so I'm not going to go into it. (That and I don't know that much about the subject myself.)
Once you find a vulnerability, you'll need to exploit it. Depending on what kind of service it is, this is usually going to involve some code writing. And more often than not, you're going to have to do it their way, meaning write code that the remote service will understand. Again, this varies from service to service and application to application.
Packets
Okay, now that we know a little bit about an IP address, I'm going to go a little more into depth. If having an IP address is like having a mailbox, then it'd be pretty useless unless we sent or received letters, right? That's basically what packets are.
A packet can be broken up into a few sections. The first section is the header, which contains a bunch of info. The most obvious is the destination IP address, duh. Some others are version, source address, TTL, type, and others.
Some are obvious, some aren't. TTL is an abbreviation of Time To Live. It's a value in milliseconds describing how long that packet has to live before it "dies" or gets discarded. The thing with the internet is, it's not extremely reliable. You get disconnects, reroutes and all kinds of crazy stuff that happens. If packets didn't have a TTL, we'd have a crapload of lost packets floating around aimlessly looking for a host which could very well have found its way to a dumpster, especially if it was made by Dell. The best way we've found to avoid these lost packets is to have them commit suicide if they can't find their destination. Kinda depressing, huh?
Anyway, there's about as many different types of packets as there are protocols, which is a bunch so I'm not going to list many. Some are: TCP, UDP, IMCP, SCTP, RTP, etc.
There's an ID number for each packet. That's so the host can know how to rearrange them so that the application using that data can understand it. One thing I almost forgot to explain. When you send data over the wire, it's not exactly streamed. It's broken up into chunks (packets), so that in the likely event that one of those packets becomes corrupted, your computer resends that one packet instead of the whole file again. Makes sense, right?
Alright, then there's the body or payload of the packet. Guess what goes in there? If you guessed data you're right! That's not all that can go in there though. With error checking, one of the things checked is the size of the packet. Now if the last packet only has 10 bytes of data in it, and it's sent like that, the host looks at it, says "That's a lot smaller than the others, something's wrong, send it again" to your computer. So in addition to data, you have what's called 'padding' to fill the void and make the packet the appropriate size.
The trailer (or footer, depending on how you look at it) contains some error checking information and signifies the end of the packet.
Types of packets
Okay, there's bunches of these but I'm only going to list a few, when I start getting paid to write tutorials, I'll quit being so effing lazy, alright?
TCP, probably the most common type of packet out there. It stands for Transmission Control Protocol and is your basic payload packet with error checking. Want more? Go buy a 2 inch book on it, I've only got so much time before I fall asleep typing.
UDP, User Datagram Protocol. It's kinda the same as TCP but without error checking. Now why on earth would I want a protocol that doesn't use error checking?!?!? You may ask. Cool, I'll tell ya in two words, then explain: STREAMING MEDIA. If you miss a frame or two from a streaming video, you probably won't even notice, right? UDP is widely used in online games, media streaming and other applications where all the data doesn't have to be uncorrupted all the time, if you can think of any. Ever play a game and get that annoying "There is a problem with your connection...." message? Yeah and then your helicopter suddenly appears upside down and an inch from the ground? Yeah I hate that too but that's because you're losing a lot of UDP packets for whatever reason.
ICMP otherwise known as the Internet Control Message Protocol. This is how your ping application works. That's not its only use though. It's used to send error messages, timestamps, and address masks.
RTP, Realtime Transport Protocol. Alright, all I knew about this was it was like UDP in the aspect that it deals with media. Come to find out, it deals largely with VOIP (Voice Over IP) and was originally designed for multicasting. Gotta love Wikipedia.
Packet switching and Circuit Switching
Briefly, packet switching is basically using multiple routes and let the packets find their own way. This is your normal flavor of internet. This way, if one of those routes closes due to a sledge being taken to a stubborn server, the packets just take another route.
Circuit switching is when your computer finds what is supposidly the best path to a destination and sends the packets down that route. ATM (Asynchronous Transfer Mode) uses this by sending really tiny packets and it's supposed to be really really fast. The obvious downsides are that 1) your computer has to find the route first and 2) you know what happens when that route closes.
Traceroute
Speaking of routes, there's a program on most PC's called tracert which determines how many hops a packet takes to get from your computer to it's destination. A "hop" is when your packet goes from one server to another. The thing with hops is, they slow you down. RIP, I think, is the routing protocol that only allows 15 hops or something. I degress, the more hops, the more processing that has to be done forwarding your packet and that's why you slow down.
So anyway, traceroute tells you how many hops it takes to get to a destination and it can even list the servers on which your packets hop. It works by incrimenting a packet's TTL by one second each time it hits a server. When a server receives a traceroute packet with a TTL of one second, it sends an ICMP packet back, letting traceroute know the who/when/where.
For more info on Traceroute, visit
CODE
http://lwn.net/Articles/89597/.
They go into much much more detail than I will.
CODE
References:
http://www.ralphb.net/IPSubnet/ipaddr.html
http://www.wikipedia.org
http://lwn.net/Articles/89597/
Okay, first things first. Think of an IP address like you do a mailing address. It's basically the exact same thing. Consider this, when you send out a letter, what do you do? You put that letter in an envelope, write the address, put a stamp on it, stick in the mailbox and put that red flag up on your mailbox, right?
Apply this to computers: that letter is data, the envelope is the TCP/IP header which is actually wrapped around the packet, just like an envelope. The address would be the IP address, located on that header. You stick that in your mailbox, or in the computer world, a buffer, and it gets sent off to the recipient.
All the traveling that a letter goes through, a packet goes through. A letter sent through the mail is taken from your mailbox to your local post office. From there, it's sent to a state post office distribution center. Then it gets sent to a regional center. If it's an international letter goes to one of the national ones. The letter then goes back down this chain until it's in the recipient's mailbox. At each stop, a decision is made on whether or not that that particular distribution center should send it to a higher level, or if it can put that letter in a bin at it's location which will be sent to the next lower level.
Lets say I want to send you a letter, we both live in Texas but in different cities. I send out the letter, my local post office looks at the address and determines that it can't deliver the letter to the recipient so it sends it to the state post office. The state post office says yes, I can deliver this to the letter bin that belongs to that city and it'll go out with the next truck. Your city post office gets the letter and sees the address, says yeah he's in our area so we can definately send this to him. It gets put on a truck with other letters for people in your area and the driver puts it in your mailbox.
Same thing happens with a packet, except there are no internet truck drivers and it happens a helluva lot quicker. Your packet gets sent to your ISP who routes it back to a local address if it can, or sends it to the next higher ISP until it's on the Internet Backbone . Once there, if the recipient is still in your country, it'll go to his regional ISP, and so on and so forth until he gets it.
Why all this talk about regular mail? Again, an IP address is nothing more, nothing less than an address. What about routers, we have internal IP addresses! Ahh good question, think of an internal IP address the same as having a post office box. The post office gets it and decides to route it to you that way, your physical address obscured to the sender.
How the addressing scheme works
Okay, now that we've established what an IP Address is I'll show you how addresses are assigned.
IP addresses are broken up into several classes, A - E.
Class A addresses are 1.xxx.xxx.xxx - 126.xxx.xxx.xxx
Class B addresses are 128.XXX.xxx.xxx - 191.XXX.xxx.xxx
Class C addresses are 192.XXX.XXX.xxx - 223.XXX.XXX.xxx
Class D addresses are 224.xxx.xxx.xxx - 239.xxx.xxx.xxx
Class E addresses are 240.xxx.xxx.xxx - 254.xxx.xxx.xxx
Okay, what the hell is all that? I'll explain:
IPv4 address consist of 4 octets. For an A Class address, the first octet, ranging from 1 - 126, describes the network you're sending a packet to. The rest of the octets describe the node. (Kind of like a City, and a Mailbox, respectively.) (A node is just another name for a device connected to the network.)
In a Class B address, the first two octets represent the network and the last two describe the node.
Wait a minute! What happened to 127?!?!? Addresses starting with 127 are loopback addresses. That means it points to your computer. Go ahead, ping 127.xxx.xxx.xxx where the xxx is between 1 and 255. It will resolve to 127.0.0.1 and give you a reply that's hopefully less than 1 milisecond.
Anyway, Class C addresses are start with 192, go up to 223, and the first three octets describe the network and the last octet describes the node.
Okay, break for a second. A network with only 254 nodes?!? (0 is used kind of like a wildcard and 255 is broadcast.) That's right, Class C networks are usually given to small time ISP's and organizations who only have a few nodes on their network. Big companies like IBM and the government are given Class A addresses because they're bound to have lots of nodes. When the internet first kicked off, lots companies were told that certain address ranges would be reserved for them. This has caused problems because 1) Those companies aren't using nearly all of those addresses and 2) we're running out of addresses to assign people. The solution for this is IPv6, where we have 6 octets instead of 4, increasing the number of addresses exponentially.
Alrighty, back to classes. Class D addresses are for multicasting and Class E addresses are reserved for future use.
Ports
If I had a dime for every time I've heard, "I scanned xyz and found this many open ports!! How do I exploit them!?!?!?" I swear I'd be rich.
Ports are logical addresses on a computer where applications send and receive data. That's it, just like IP addresses, ports are nothing more and nothing less than addresses. To put it in the same perspective as regular mail, think of your computer as an office building and applications on your computer as different companies within that office building. Now your office building isn't going to have different mailrooms for each company. They'll receive mail and put it in your company's bin and you come and get it. Your computer has 66,536 some odd ports, plenty for all of your applications, so your office building has some 66,536 odd mail bins for companies in your building. Will you use all of these ports? Most definately not.
So you scanned a computer and lets say it has 100 ports open. Great, that just means that your "office building" has 100 mail bins, it doesn't mean that there are companies in your "office building" who use those mail bins. You have to have some kind of application running that relies on a service that uses that port in order to do ANYTHING with it. Just because you found xyz port open, that doesn't mean that you're getting instant access to their computer. If there's no service listening to that port, you're doing the same thing as sending letters to a mailbox that no one checks. Yeah, nice job.
Also, think of a Firewall as a person in the basement mailroom analyzing each letter to determine whether it's junkmail or something that a company doesn't want. Either that or he can hold all mail for that company until instructed otherwise.
Exploiting Services
I'm going to touch briefly on this subject for two reasons. 1) I'm not the most knowledgeable person on the subject and 2) It's illegal unless you own the computer you're exploiting or have the expressed permission of it's owner.
Okay in order to exploit a service, you first have to find a vulnerability. That isn't always easy because the remote computer more than likely isn't going to just give you the source code for the service running on a port you want to attack. So if you're wanting to find vulnerabilities in their service, you're going to have to guesstimate what kind of service is running on that port and get your own and analyze it's code. There's other methods of testing for vulnerabilities. Most well known vulnerabilities (read: ones you find on the internet) are patched already. You can test these and see if they're patched, but chances are that if the admin on the other side is even a little vigilant, he'll keep his software updated.
Okay, so he is vigilant and all known vulnerabilities are patched, what now? You poke around and see if you can find one of your own. This varies from service to service and application to application so I'm not going to go into it. (That and I don't know that much about the subject myself.)
Once you find a vulnerability, you'll need to exploit it. Depending on what kind of service it is, this is usually going to involve some code writing. And more often than not, you're going to have to do it their way, meaning write code that the remote service will understand. Again, this varies from service to service and application to application.
Packets
Okay, now that we know a little bit about an IP address, I'm going to go a little more into depth. If having an IP address is like having a mailbox, then it'd be pretty useless unless we sent or received letters, right? That's basically what packets are.
A packet can be broken up into a few sections. The first section is the header, which contains a bunch of info. The most obvious is the destination IP address, duh. Some others are version, source address, TTL, type, and others.
Some are obvious, some aren't. TTL is an abbreviation of Time To Live. It's a value in milliseconds describing how long that packet has to live before it "dies" or gets discarded. The thing with the internet is, it's not extremely reliable. You get disconnects, reroutes and all kinds of crazy stuff that happens. If packets didn't have a TTL, we'd have a crapload of lost packets floating around aimlessly looking for a host which could very well have found its way to a dumpster, especially if it was made by Dell. The best way we've found to avoid these lost packets is to have them commit suicide if they can't find their destination. Kinda depressing, huh?
Anyway, there's about as many different types of packets as there are protocols, which is a bunch so I'm not going to list many. Some are: TCP, UDP, IMCP, SCTP, RTP, etc.
There's an ID number for each packet. That's so the host can know how to rearrange them so that the application using that data can understand it. One thing I almost forgot to explain. When you send data over the wire, it's not exactly streamed. It's broken up into chunks (packets), so that in the likely event that one of those packets becomes corrupted, your computer resends that one packet instead of the whole file again. Makes sense, right?
Alright, then there's the body or payload of the packet. Guess what goes in there? If you guessed data you're right! That's not all that can go in there though. With error checking, one of the things checked is the size of the packet. Now if the last packet only has 10 bytes of data in it, and it's sent like that, the host looks at it, says "That's a lot smaller than the others, something's wrong, send it again" to your computer. So in addition to data, you have what's called 'padding' to fill the void and make the packet the appropriate size.
The trailer (or footer, depending on how you look at it) contains some error checking information and signifies the end of the packet.
Types of packets
Okay, there's bunches of these but I'm only going to list a few, when I start getting paid to write tutorials, I'll quit being so effing lazy, alright?
TCP, probably the most common type of packet out there. It stands for Transmission Control Protocol and is your basic payload packet with error checking. Want more? Go buy a 2 inch book on it, I've only got so much time before I fall asleep typing.
UDP, User Datagram Protocol. It's kinda the same as TCP but without error checking. Now why on earth would I want a protocol that doesn't use error checking?!?!? You may ask. Cool, I'll tell ya in two words, then explain: STREAMING MEDIA. If you miss a frame or two from a streaming video, you probably won't even notice, right? UDP is widely used in online games, media streaming and other applications where all the data doesn't have to be uncorrupted all the time, if you can think of any. Ever play a game and get that annoying "There is a problem with your connection...." message? Yeah and then your helicopter suddenly appears upside down and an inch from the ground? Yeah I hate that too but that's because you're losing a lot of UDP packets for whatever reason.
ICMP otherwise known as the Internet Control Message Protocol. This is how your ping application works. That's not its only use though. It's used to send error messages, timestamps, and address masks.
RTP, Realtime Transport Protocol. Alright, all I knew about this was it was like UDP in the aspect that it deals with media. Come to find out, it deals largely with VOIP (Voice Over IP) and was originally designed for multicasting. Gotta love Wikipedia.
Packet switching and Circuit Switching
Briefly, packet switching is basically using multiple routes and let the packets find their own way. This is your normal flavor of internet. This way, if one of those routes closes due to a sledge being taken to a stubborn server, the packets just take another route.
Circuit switching is when your computer finds what is supposidly the best path to a destination and sends the packets down that route. ATM (Asynchronous Transfer Mode) uses this by sending really tiny packets and it's supposed to be really really fast. The obvious downsides are that 1) your computer has to find the route first and 2) you know what happens when that route closes.
Traceroute
Speaking of routes, there's a program on most PC's called tracert which determines how many hops a packet takes to get from your computer to it's destination. A "hop" is when your packet goes from one server to another. The thing with hops is, they slow you down. RIP, I think, is the routing protocol that only allows 15 hops or something. I degress, the more hops, the more processing that has to be done forwarding your packet and that's why you slow down.
So anyway, traceroute tells you how many hops it takes to get to a destination and it can even list the servers on which your packets hop. It works by incrimenting a packet's TTL by one second each time it hits a server. When a server receives a traceroute packet with a TTL of one second, it sends an ICMP packet back, letting traceroute know the who/when/where.
For more info on Traceroute, visit
CODE
http://lwn.net/Articles/89597/.
They go into much much more detail than I will.
CODE
References:
http://www.ralphb.net/IPSubnet/ipaddr.html
http://www.wikipedia.org
http://lwn.net/Articles/89597/
119 Tips For Passing Xp 70-270, XP Professional Study guide
119 Tips for Passing the Microsoft Windows
XP Professional 70-270
1. The minimum installation requirement for processors is a Pentium 233MHz or higher.
2. Installation requires 1500MB free disk space on a 2000MB Partition.
3. Dual-booting is supported for Windows 95, Windows 98, Windows NT 4.0 (Service
Pack 4.0 or greater is required), Windows NT 3.51, Windows for Workgroups 3.11,
Windows 3.1, MS-DOS, OS/2, Windows 2000 Server, Windows 2003 Server and other
installations of Windows 2000 .
4. Two executable setup files exist: Winnt.exe (for command-prompt and 16-bit
environment) and Winnt32.exe (for 32-bit operating systems such 98,2000,…)
5.Windows XP works with NTFS V 5, FAT, and FAT32 file systems. FAT is needed for
MS-DOS, the Windows 3.x operating systems, and the first release of Windows 95.
6. Unattended installations allow you to configure the operating system with little or no
human intervention. There are three primary methods of unattended installations: RIS
(Remote Installation Service) is a service that runs on a Windows 2003 Server. The
System Preparation Tool (Sysprep.exe) is used to prepare an ideal Windows XP
Professional workstation to have an image made of it. Setup Manager is used to create
answer files (known as Uniqueness Database Files, or UDFs) for automatically providing
computer or user information during
7.When using an answer file on a diskette it must be named Winnt.sif, not Unattend.txt.
8. Upgrades can be done from Windows 98, Windows NT Workstation 4.0, and
Windows NT Workstation 3.51.
9. Winnt32.exe initiates the upgrade from most other operating systems.
10.You cannot upgrade if start setup by Boot From CD-ROM
11. A service pack is a self-running program that modifies your operating system.
Upgrades to Windows XP come in the form of service packs. Each service pack contains
patches and fixes to operating systems components that need such, as well as additional
features.
12.The /duprepare switch prepares the downloaded update files to be used during an
installation with the /dushare switch.
13.We should use the "/SOS switch in the boot.ini startup file. This switch causes the
names of drivers to be displayed as they load during boot.
14.The /fastdetect switch is used by default. It makes the early boot process,
NTDETECT, skip the detection of parallel and serial devices (Plug and Play will find
them). This makes booting faster. You cannot configure the /fastdetect switch to log
information on device drivers.
15.To use RIS the computer must be configured to boot from the network.
16.RIS does not need to run on a domain controller. A RIS server must be authorized in
Active Directory before it is running.
17. The CONVERT.EXE utility allows you to convert a FAT or FAT32 file system to
NTFS without losing data.
18.Windows XP includes an uninstall feature which allows us to uninstall Windows XP
after upgrade and return to the previous operating system.
19..The bootcfg command is a Microsoft Windows XP Recovery Console command that
manipulates the Boot.ini file.
20.Windows XP doesn’t have a driver for the SCSI-controller and so can’t find a hard
disk to install onto. Therefore, you must install SCSI driver during setup.
21.Each account has a different Security Identifier (SID). The permissions on the files are
specific to the SID of the user account.
22.The minimum recommended setting of the page file is 1.5 times the physical memory.
23.The Fixboot command writes a new partition boot sector to the system partition.
24.Using the system volume for the paging file will slow the performance.
25.If the system is unable to start after installing a troublesome driver, the first step in
troubleshooting is to start the computer with the Last Known Good Configuration.
26.The fax service is not able to receive faxes by default.
27.The scanstate and loadstate tools are part of the User State Migration Tool.
These tools can be used to collect user data and settings from one machine and load them
on to another machine.
28.only one web site is supported on Windows XP/2000 Professional IIS.
29.To create a striped volume, the disks must be converted to dynamic disks.
30.The backup operators group has permission to access storage devices and to bypass
file permissions to backup files.
31. The permissions, attributes, and characteristics of files and folders depend greatly on
the file system on which Windows XP is install.
32. Share permissions apply only when a user is accessing a file or folder through the
network.
33. Local permissions and attributes are used to protect the file when users are local.
34. The NTFS permissions for a folder are located on the Security tab of its Properties
dialog box.
35. With NTFS, permissions can be individually allowed or denied on a per-folder basis.
You can assign any combination of these values: Full Control, Modify, Read & Execute,
List Folder Contents, Read, and write
36. The Advanced command button enables you to configure auditing and ownership
properties.
37. NTFS file permissions are: Full Control, Modify, Read+Execute, Read, and Write.
38. The Deny permission overrides all other permissions. In the absence of Deny, rights
accumulate through individual and group assignments, as well as through folder and file
assignments. (In the case of a conflict, file permissions override folder permissions.)
39. Moving or copying a file to a new directory could change the permissions on an
NTFS file.
40. Using the NTFS file system, it is possible to configure files and folders for file-level
compression if you have Write permissions. Compression conserves disk space but does
not reduce the estimation of how much space the user is utilizing when computing disk
quotas.
42. Encryption and compression settings appear in the same frame on the dialog box. The
two features are mutually exclusive: You cannot compress encrypted files or encrypt
compressed files.
43. Share permissions differ significantly from NTFS permissions: 1) They apply to users
accessing the resource remotely and not locally. 2) They work with Windows and DOSbased
file systems (NTFS, FAT, or FAT32). 3) They work in conjunction with other
permissions.
44. Folder share permissions are: Full Control, Change, Read.
45. A folder can be shared under an unlimited number of names after it has been shared
the first time. This is used to set another permission for one resource.
46. NET SHARE enables you to create shares from the command prompt.
47. You can "hide" a share (prevent it from appearing in My Network Places) by adding a
dollar sign ($) to the end of the share name.
48. For every Windows XP computer, three hidden shares are created automatically: 1)
C$ is the root of the computer's drive. A similar share (such as D$, E$, and so on) will be
created for each hard drive partition on a system. 2) ADMIN$ is the root of the partition
on which Windows 2000 has been installed. 3) IPC$ is the remote IPC (InterProcess
Connect) share used for networking.
49. To reach the Print Server Properties dialog box, open the Printers folder, and then
choose File, Server Properties.
50. For the Internet printer option, you must specify an URL within the Setup Wizard to
go on to the next dialog box.
51.Internet printing require IIS .
52.By default, anyone with Allow-Print permission can manage their own print jobs.
53.Unreadable text usually indicates an incorrect printer driver. We need to install the
correct driver.
54. Bi-directional support allows the printer to send unsolicited messages (such as "Out
of Paper" or "Low on Toner") to the workstation. The Printer Priority defaults to 1, but it
can be any number between 1 and 99
55. When more than one printer is printing to the same printing device, it is useful to
change priorities (to allow the one with the highest priority to print first).
56. Separator Page lets you choose one of three predefined separator pages or create one
of your own. By default, Windows XP does not separate print jobs or use a separator
page.
57. A printer pool is a single logical printer that prints to more than one printing device. It
prints jobs sent to it to the first available printing device and provides the throughput of
multiple printing devices with the simplicity of a single printer definition.
58. The Computer Management utility offers a storage component that provides the basis
for working with disk devices.
59. The heart of most disk operations resides in the Disk Management tool. You must be
a member of Administrators to access this tool.
60. The System volume holds the files needed to boot the system (the boot files); the
Boot volume holds the files needed by Windows 2000 Professional (the system files).
61. Formatting the drive deletes all data on it. Converting the drive to NTFS (using the
Convert.exe utility) does not delete the data.
62. The disadvantages and limitations of converting to dynamic disks are: 1) Cannot
contain partitions or logical drives; 2) Cannot be accessed by operating systems other
than Windows XP; 3) Dynamic disks are not supported on portable computers.
63. Windows XP Professional, like Windows 98, supports the use of more than one
monitor for creating the output display. Up to 10 monitors can be combined, with the
desktop display divided between them—each capable of having different resolution and
color depth.
64. Windows XP uses ACPI for all power management, from shutdown when low on
battery to startup at the touch of a keyboard key. The options that can be configured from
the Power Options applet in Control Panel are: Power Schemes (allows you to choose the
role of the machine), Advanced (choose whether power-related icons should appear in the
taskbar), Hibernate (choose whether this stage is available).
65.Hibernation is an ACPI feature.
66.. System Information is useful for obtaining a quick snapshot of the system. Beneath
Hardware Resources are six subcomponents that offer the system resource overview:
Conflicts/Sharing, DMA, Forced Hardware, I/O, IRQs, and Memory.
67. If Microsoft can verify that executable files do not behave erratically or cause system
problems or identifiable failures, Microsoft signs the file digitally.
68. When an administrator or user attempts to install a new component, the system
automatically looks for the signature. By default, a system always looks for a driver
signature; this feature is known as System File Protection.
69. SIGVERIF.EXE looks for files that are not digitally signed.
70. The System File Checker utility keeps the operating system alive and well. SFC.EXE
automatically verifies system files after a reboot to see whether they were changed to
unprotected copies. Storing system files in two locations consumes a large amount of disk
space.
71. Task Scheduler allows you to configure jobs to run automatically. For a job to run in
unattended mode, a username and associated password with proper permissions to run the
application must be provided.
72. When you select the Make Available Offline choice, the Offline File Wizard starts.
You can have reminders pop up regularly when you are working offline to tell you that
you are not connected to the network.
73.Enabling offline files is a two step process. First, it must be enabled on the shared files
by allowing the caching of the files.
74. The Synchronization Manager offers three tabs: Logon/Logoff (allows you to
configure whether synchronization should occur when you log on and/or log off or
whether you should always be prompted before you take any action), On Idle (allows you
to configure the items to be updated when the system is idle), and Scheduled (allows you
to define synchronization jobs).
75.A baseline is a history of performance over time and is used to compare against
current activity.
76. Within the System Monitor, the workstation is divided into a number of different
objects. The following objects are normally found in System Monitor: Browser, Cache,
IP, LogicalDisk, Memory, Network Interface, Objects, Paging File, PhysicalDisk,
Process, Processor, Redirector, Server, Server Work Queues, System, TCP, Telephony,
Thread, and UDP.
77. For each object, System Monitor has one or more counters (subsets of the overall
object). There are two types of counters: actual (a true number or an average) and
percentage (from 0 to 100).
78. Performance Logs and Alerts fall into three sections: Counter logs, trace logs, alerts.
79. The five common areas of bottlenecks include: memory, processor, disk, network,
and applications.
80. If the amount of RAM you want to allot to the OS is less than what is installed in
your system, you must use the /MAXMEM switch in the BOOT.INI file.
81.DiskPart is a Windows XP Professional tool which allows the administrator to handle
disk administrative tasks from a command prompt. Diskpart enhances the Disk
Administrator graphical user interface (GUI).
82. Most desktop computers should have only one hardware profile because the hardware
will not deviate greatly. The hardware connected to a laptop/mobile computer can differ
from day to day, based on where it is being used.
83. If a system has multiple hardware profiles, a menu of the choices will appear during
the boot process.
84. The User Profile is the portion of the Registry that is customizable for every user and
is stored in NTUSER.DAT. Whenever a user logs in to a system, he or she automatically
creates a local profile on that system, by default.
85. The profile will be found in {root drive}:\Documents and Settings\{username}.
Profiles can contain the following desktop-related items: Application information,
Cookies, Favorites, Files saved on the desktop, Local settings, My documents, My
pictures, Nethood, Printhood, Recent, Send to, Shortcuts, Start Menu, and Template
items.
86. To configure a user account to use a roaming profile, set the profile path in the
Properties dialog box for that account. A roaming profile enables a user to have the same
desktop regardless of the machine he or she uses. You can copy or delete profiles and
change their type from the System applet.
87. A mandatory profile is a deviation on a roaming profile. It's configured like a
roaming profile, but the file is renamed from NTUSER.DAT to NTUSER.MAN.
88. Multiple Language Support allows you to create documents that can be read in
different languages and to change the information text presented in Windows XP Pro. To
enable multiple languages, you must be a member of the Administrators group; open the
Regional Options applet in Control Panel.
89. Windows Installer is divided into two components: an installer service for the client
(MSIEXEC.EXE) and package files (which have the extension .MSI). .MSI files are the
applications themselves and most often come from software vendors, but can be created
internally by developers.
90.Always wait for the network at computer startup and logon policy. This would force
the Windows XP clients to process the GPOs synchronously which guarantee that they
are all applied.
91. MSI files contain relational databases (multiple tables) of instructions that need to be
carried out. Windows Installer is a component of IntelliMirror and is tightly integrated
with Group Policy. IntelliMirror also includes the ability to administer user settings,
perform remote installation, and mirror data between the network and local machines.
92. The Accessibility Options applet allows you to configure the system for use by
individuals with physical disabilities. Configuration can be done in areas related to the
keyboard, mouse, display, or sound. Accessibility features automatically turn off after a
set time. (Five minutes is the default.)
93. Name resolution is the process of translating user-friendly computer names to IP
addresses. On a very small network, a static file named HOSTS can be used to translate
host names to IP addresses in place of DNS.
94.The /flushdns switch of the Ipconfig command flushes the list of locally cached DNS
names.
95. On a very small network, a static file named LMHOSTS can be used to translate
NetBIOS names to IP addresses in place of WINS. The Import LMHOSTS button allows
WINS to convert your static file to the WINS service.
96. DHCP automatically centralizes and manages the allocation of the TCP/IP settings
required for proper network functionality for computers that have been configured as
DHCP clients.
97.The ping command sends a series of ICMP echo requests to the specified computer.
98.The Alternative configuration feature enables mobile computers to have two different
IP configurations, for example one at the office and one at home.
99. To determine the network settings a DHCP server has leased to your computer, type
IPCONFIG /all at a command prompt.
100. Windows XP offers new parameters for IPCONFIG: /DISPLAYDNS (shows the
contents of the DNS cache), /FLUSHDNS (flushes the contents of the DNS cache),
/REGISTERDNS (renews all leases and DNS configuration), /SETCLASSID (changes
the DHCP class ID), and /SHOWCLASSID (shows the DHCP class ID for all adapters).
101. If systems are on different subnets and cannot communicate, remember that TCP/IP
requires routing to communicate between subnets.
102. NBTSTAT is a command-line utility that enables you to check the resolution of
NetBIOS names to TCP/IP addresses. NETSTAT is a command-line utility that enables
you to check the status of current IP connections. Executing NETSTAT without switches
displays protocol statistics and current TCP/IP connections.
103. The Universal Naming Convention (UNC) is a standardized way of specifying a
share name on a specific computer. Share names can refer to folders or printers. The
UNC path takes the form of \\computer_name\share_name. Share names commonly are
limited to 15 characters.
104. Many 16-bit applications do not work with UNC paths. If you need to work with a
16-bit application that doesn't work with UNC paths, you must map a drive letter to the
shared folder or connect a port to the network printer.
105. You can view the currently shared resources from the command prompt by typing
NET VIEW. You can assign network resources to drive letters from the command prompt
by using the Net Use command and the UNC path of the resource.
106. The following authentication protocols are supported to make your connections as
secure as possible: CHAP, EAP, MS-CHAP, MS-CHAPv2, PAP, SPAP, and smart cards.
107. CHAP is the Challenge Handshake Authentication Protocol, while MS-CHAP is the
Microsoft Challenge Handshake Authentication Protocol (requires the communication to
be between a Microsoft client and a Microsoft server). MS-CHAPv2 also requires the
communication to be between a Microsoft client and a Microsoft server.
108. EAP is the Extensible Authentication Protocol; PAP is the Password Authentication
Protocol (uses clear-text authentication).
109. Smart cards provide a certificate-based authentication.
110. The Encrypting File System (EFS) encrypts and protects file or folder contents. To
use EFS, the file system must be NTFS, and the files must not be compressed. Some files
(system files in particular) cannot be compressed. If you move/copy an encrypted file to
one of these partitions, it becomes unencrypted.
111. Settings that are configured under Computer Configuration apply to the computer,
regardless of who is using it. Settings configured under User Configuration apply only if
the specified user is logged on.
112. In Windows XP, a user can be granted rights and permissions to resources in two
ways: Individually (she is explicitly assigned a right or permission through her account),
or as a group (she is a member of a group that has a right or permission).
113. The Profile Path designates a specific location on a specified server where the user's
profile is going to be stored. The user profile contains the user portion of the Registry in
the file NTUSER.DAT.
114. The most common path entered for the user profile is
\\{SERVER}\{PROFILESHARE}\%USERNAME%, where {SERVER} is replaced by
the name of your server, and {PROFILESHARE} by the name of a folder for that user's
profile. The %USERNAME% variable will expand to the name of the user, which makes
it ideal for use in a template.
115. The logon script allows an administrator to configure common drive mappings, run
central batch files, and configure the system.
116. Account policies are divided into two subsections: Password Policy and Account
Lockout Policy.
117. Password Policy settings apply to all users on the system. It is not possible to have
separate settings by group, user, and so on. Account Lockout Policies are settings that can
be used to automatically lock the account should suspicious activity occur.
118. Auditing can be configured on nine pre-defined system events through the Local
Security Policy shortcut within the Administrative Tools folder of the Control Panel:
Audit Account Logon Events, Audit Account Management, Audit Directory Service
Access, Audit Logon Events, Audit Object Access, Audit Policy Change, Audit Privilege
Use, Audit Process Tracking, and Audit System Events.
119. When auditing is configured, entries are written to the Security log, which can be
viewed with the Event Viewer.
url
http://www.mcseworld.com/forums/showthread.php?t=8014
XP Professional 70-270
1. The minimum installation requirement for processors is a Pentium 233MHz or higher.
2. Installation requires 1500MB free disk space on a 2000MB Partition.
3. Dual-booting is supported for Windows 95, Windows 98, Windows NT 4.0 (Service
Pack 4.0 or greater is required), Windows NT 3.51, Windows for Workgroups 3.11,
Windows 3.1, MS-DOS, OS/2, Windows 2000 Server, Windows 2003 Server and other
installations of Windows 2000 .
4. Two executable setup files exist: Winnt.exe (for command-prompt and 16-bit
environment) and Winnt32.exe (for 32-bit operating systems such 98,2000,…)
5.Windows XP works with NTFS V 5, FAT, and FAT32 file systems. FAT is needed for
MS-DOS, the Windows 3.x operating systems, and the first release of Windows 95.
6. Unattended installations allow you to configure the operating system with little or no
human intervention. There are three primary methods of unattended installations: RIS
(Remote Installation Service) is a service that runs on a Windows 2003 Server. The
System Preparation Tool (Sysprep.exe) is used to prepare an ideal Windows XP
Professional workstation to have an image made of it. Setup Manager is used to create
answer files (known as Uniqueness Database Files, or UDFs) for automatically providing
computer or user information during
7.When using an answer file on a diskette it must be named Winnt.sif, not Unattend.txt.
8. Upgrades can be done from Windows 98, Windows NT Workstation 4.0, and
Windows NT Workstation 3.51.
9. Winnt32.exe initiates the upgrade from most other operating systems.
10.You cannot upgrade if start setup by Boot From CD-ROM
11. A service pack is a self-running program that modifies your operating system.
Upgrades to Windows XP come in the form of service packs. Each service pack contains
patches and fixes to operating systems components that need such, as well as additional
features.
12.The /duprepare switch prepares the downloaded update files to be used during an
installation with the /dushare switch.
13.We should use the "/SOS switch in the boot.ini startup file. This switch causes the
names of drivers to be displayed as they load during boot.
14.The /fastdetect switch is used by default. It makes the early boot process,
NTDETECT, skip the detection of parallel and serial devices (Plug and Play will find
them). This makes booting faster. You cannot configure the /fastdetect switch to log
information on device drivers.
15.To use RIS the computer must be configured to boot from the network.
16.RIS does not need to run on a domain controller. A RIS server must be authorized in
Active Directory before it is running.
17. The CONVERT.EXE utility allows you to convert a FAT or FAT32 file system to
NTFS without losing data.
18.Windows XP includes an uninstall feature which allows us to uninstall Windows XP
after upgrade and return to the previous operating system.
19..The bootcfg command is a Microsoft Windows XP Recovery Console command that
manipulates the Boot.ini file.
20.Windows XP doesn’t have a driver for the SCSI-controller and so can’t find a hard
disk to install onto. Therefore, you must install SCSI driver during setup.
21.Each account has a different Security Identifier (SID). The permissions on the files are
specific to the SID of the user account.
22.The minimum recommended setting of the page file is 1.5 times the physical memory.
23.The Fixboot command writes a new partition boot sector to the system partition.
24.Using the system volume for the paging file will slow the performance.
25.If the system is unable to start after installing a troublesome driver, the first step in
troubleshooting is to start the computer with the Last Known Good Configuration.
26.The fax service is not able to receive faxes by default.
27.The scanstate and loadstate tools are part of the User State Migration Tool.
These tools can be used to collect user data and settings from one machine and load them
on to another machine.
28.only one web site is supported on Windows XP/2000 Professional IIS.
29.To create a striped volume, the disks must be converted to dynamic disks.
30.The backup operators group has permission to access storage devices and to bypass
file permissions to backup files.
31. The permissions, attributes, and characteristics of files and folders depend greatly on
the file system on which Windows XP is install.
32. Share permissions apply only when a user is accessing a file or folder through the
network.
33. Local permissions and attributes are used to protect the file when users are local.
34. The NTFS permissions for a folder are located on the Security tab of its Properties
dialog box.
35. With NTFS, permissions can be individually allowed or denied on a per-folder basis.
You can assign any combination of these values: Full Control, Modify, Read & Execute,
List Folder Contents, Read, and write
36. The Advanced command button enables you to configure auditing and ownership
properties.
37. NTFS file permissions are: Full Control, Modify, Read+Execute, Read, and Write.
38. The Deny permission overrides all other permissions. In the absence of Deny, rights
accumulate through individual and group assignments, as well as through folder and file
assignments. (In the case of a conflict, file permissions override folder permissions.)
39. Moving or copying a file to a new directory could change the permissions on an
NTFS file.
40. Using the NTFS file system, it is possible to configure files and folders for file-level
compression if you have Write permissions. Compression conserves disk space but does
not reduce the estimation of how much space the user is utilizing when computing disk
quotas.
42. Encryption and compression settings appear in the same frame on the dialog box. The
two features are mutually exclusive: You cannot compress encrypted files or encrypt
compressed files.
43. Share permissions differ significantly from NTFS permissions: 1) They apply to users
accessing the resource remotely and not locally. 2) They work with Windows and DOSbased
file systems (NTFS, FAT, or FAT32). 3) They work in conjunction with other
permissions.
44. Folder share permissions are: Full Control, Change, Read.
45. A folder can be shared under an unlimited number of names after it has been shared
the first time. This is used to set another permission for one resource.
46. NET SHARE enables you to create shares from the command prompt.
47. You can "hide" a share (prevent it from appearing in My Network Places) by adding a
dollar sign ($) to the end of the share name.
48. For every Windows XP computer, three hidden shares are created automatically: 1)
C$ is the root of the computer's drive. A similar share (such as D$, E$, and so on) will be
created for each hard drive partition on a system. 2) ADMIN$ is the root of the partition
on which Windows 2000 has been installed. 3) IPC$ is the remote IPC (InterProcess
Connect) share used for networking.
49. To reach the Print Server Properties dialog box, open the Printers folder, and then
choose File, Server Properties.
50. For the Internet printer option, you must specify an URL within the Setup Wizard to
go on to the next dialog box.
51.Internet printing require IIS .
52.By default, anyone with Allow-Print permission can manage their own print jobs.
53.Unreadable text usually indicates an incorrect printer driver. We need to install the
correct driver.
54. Bi-directional support allows the printer to send unsolicited messages (such as "Out
of Paper" or "Low on Toner") to the workstation. The Printer Priority defaults to 1, but it
can be any number between 1 and 99
55. When more than one printer is printing to the same printing device, it is useful to
change priorities (to allow the one with the highest priority to print first).
56. Separator Page lets you choose one of three predefined separator pages or create one
of your own. By default, Windows XP does not separate print jobs or use a separator
page.
57. A printer pool is a single logical printer that prints to more than one printing device. It
prints jobs sent to it to the first available printing device and provides the throughput of
multiple printing devices with the simplicity of a single printer definition.
58. The Computer Management utility offers a storage component that provides the basis
for working with disk devices.
59. The heart of most disk operations resides in the Disk Management tool. You must be
a member of Administrators to access this tool.
60. The System volume holds the files needed to boot the system (the boot files); the
Boot volume holds the files needed by Windows 2000 Professional (the system files).
61. Formatting the drive deletes all data on it. Converting the drive to NTFS (using the
Convert.exe utility) does not delete the data.
62. The disadvantages and limitations of converting to dynamic disks are: 1) Cannot
contain partitions or logical drives; 2) Cannot be accessed by operating systems other
than Windows XP; 3) Dynamic disks are not supported on portable computers.
63. Windows XP Professional, like Windows 98, supports the use of more than one
monitor for creating the output display. Up to 10 monitors can be combined, with the
desktop display divided between them—each capable of having different resolution and
color depth.
64. Windows XP uses ACPI for all power management, from shutdown when low on
battery to startup at the touch of a keyboard key. The options that can be configured from
the Power Options applet in Control Panel are: Power Schemes (allows you to choose the
role of the machine), Advanced (choose whether power-related icons should appear in the
taskbar), Hibernate (choose whether this stage is available).
65.Hibernation is an ACPI feature.
66.. System Information is useful for obtaining a quick snapshot of the system. Beneath
Hardware Resources are six subcomponents that offer the system resource overview:
Conflicts/Sharing, DMA, Forced Hardware, I/O, IRQs, and Memory.
67. If Microsoft can verify that executable files do not behave erratically or cause system
problems or identifiable failures, Microsoft signs the file digitally.
68. When an administrator or user attempts to install a new component, the system
automatically looks for the signature. By default, a system always looks for a driver
signature; this feature is known as System File Protection.
69. SIGVERIF.EXE looks for files that are not digitally signed.
70. The System File Checker utility keeps the operating system alive and well. SFC.EXE
automatically verifies system files after a reboot to see whether they were changed to
unprotected copies. Storing system files in two locations consumes a large amount of disk
space.
71. Task Scheduler allows you to configure jobs to run automatically. For a job to run in
unattended mode, a username and associated password with proper permissions to run the
application must be provided.
72. When you select the Make Available Offline choice, the Offline File Wizard starts.
You can have reminders pop up regularly when you are working offline to tell you that
you are not connected to the network.
73.Enabling offline files is a two step process. First, it must be enabled on the shared files
by allowing the caching of the files.
74. The Synchronization Manager offers three tabs: Logon/Logoff (allows you to
configure whether synchronization should occur when you log on and/or log off or
whether you should always be prompted before you take any action), On Idle (allows you
to configure the items to be updated when the system is idle), and Scheduled (allows you
to define synchronization jobs).
75.A baseline is a history of performance over time and is used to compare against
current activity.
76. Within the System Monitor, the workstation is divided into a number of different
objects. The following objects are normally found in System Monitor: Browser, Cache,
IP, LogicalDisk, Memory, Network Interface, Objects, Paging File, PhysicalDisk,
Process, Processor, Redirector, Server, Server Work Queues, System, TCP, Telephony,
Thread, and UDP.
77. For each object, System Monitor has one or more counters (subsets of the overall
object). There are two types of counters: actual (a true number or an average) and
percentage (from 0 to 100).
78. Performance Logs and Alerts fall into three sections: Counter logs, trace logs, alerts.
79. The five common areas of bottlenecks include: memory, processor, disk, network,
and applications.
80. If the amount of RAM you want to allot to the OS is less than what is installed in
your system, you must use the /MAXMEM switch in the BOOT.INI file.
81.DiskPart is a Windows XP Professional tool which allows the administrator to handle
disk administrative tasks from a command prompt. Diskpart enhances the Disk
Administrator graphical user interface (GUI).
82. Most desktop computers should have only one hardware profile because the hardware
will not deviate greatly. The hardware connected to a laptop/mobile computer can differ
from day to day, based on where it is being used.
83. If a system has multiple hardware profiles, a menu of the choices will appear during
the boot process.
84. The User Profile is the portion of the Registry that is customizable for every user and
is stored in NTUSER.DAT. Whenever a user logs in to a system, he or she automatically
creates a local profile on that system, by default.
85. The profile will be found in {root drive}:\Documents and Settings\{username}.
Profiles can contain the following desktop-related items: Application information,
Cookies, Favorites, Files saved on the desktop, Local settings, My documents, My
pictures, Nethood, Printhood, Recent, Send to, Shortcuts, Start Menu, and Template
items.
86. To configure a user account to use a roaming profile, set the profile path in the
Properties dialog box for that account. A roaming profile enables a user to have the same
desktop regardless of the machine he or she uses. You can copy or delete profiles and
change their type from the System applet.
87. A mandatory profile is a deviation on a roaming profile. It's configured like a
roaming profile, but the file is renamed from NTUSER.DAT to NTUSER.MAN.
88. Multiple Language Support allows you to create documents that can be read in
different languages and to change the information text presented in Windows XP Pro. To
enable multiple languages, you must be a member of the Administrators group; open the
Regional Options applet in Control Panel.
89. Windows Installer is divided into two components: an installer service for the client
(MSIEXEC.EXE) and package files (which have the extension .MSI). .MSI files are the
applications themselves and most often come from software vendors, but can be created
internally by developers.
90.Always wait for the network at computer startup and logon policy. This would force
the Windows XP clients to process the GPOs synchronously which guarantee that they
are all applied.
91. MSI files contain relational databases (multiple tables) of instructions that need to be
carried out. Windows Installer is a component of IntelliMirror and is tightly integrated
with Group Policy. IntelliMirror also includes the ability to administer user settings,
perform remote installation, and mirror data between the network and local machines.
92. The Accessibility Options applet allows you to configure the system for use by
individuals with physical disabilities. Configuration can be done in areas related to the
keyboard, mouse, display, or sound. Accessibility features automatically turn off after a
set time. (Five minutes is the default.)
93. Name resolution is the process of translating user-friendly computer names to IP
addresses. On a very small network, a static file named HOSTS can be used to translate
host names to IP addresses in place of DNS.
94.The /flushdns switch of the Ipconfig command flushes the list of locally cached DNS
names.
95. On a very small network, a static file named LMHOSTS can be used to translate
NetBIOS names to IP addresses in place of WINS. The Import LMHOSTS button allows
WINS to convert your static file to the WINS service.
96. DHCP automatically centralizes and manages the allocation of the TCP/IP settings
required for proper network functionality for computers that have been configured as
DHCP clients.
97.The ping command sends a series of ICMP echo requests to the specified computer.
98.The Alternative configuration feature enables mobile computers to have two different
IP configurations, for example one at the office and one at home.
99. To determine the network settings a DHCP server has leased to your computer, type
IPCONFIG /all at a command prompt.
100. Windows XP offers new parameters for IPCONFIG: /DISPLAYDNS (shows the
contents of the DNS cache), /FLUSHDNS (flushes the contents of the DNS cache),
/REGISTERDNS (renews all leases and DNS configuration), /SETCLASSID (changes
the DHCP class ID), and /SHOWCLASSID (shows the DHCP class ID for all adapters).
101. If systems are on different subnets and cannot communicate, remember that TCP/IP
requires routing to communicate between subnets.
102. NBTSTAT is a command-line utility that enables you to check the resolution of
NetBIOS names to TCP/IP addresses. NETSTAT is a command-line utility that enables
you to check the status of current IP connections. Executing NETSTAT without switches
displays protocol statistics and current TCP/IP connections.
103. The Universal Naming Convention (UNC) is a standardized way of specifying a
share name on a specific computer. Share names can refer to folders or printers. The
UNC path takes the form of \\computer_name\share_name. Share names commonly are
limited to 15 characters.
104. Many 16-bit applications do not work with UNC paths. If you need to work with a
16-bit application that doesn't work with UNC paths, you must map a drive letter to the
shared folder or connect a port to the network printer.
105. You can view the currently shared resources from the command prompt by typing
NET VIEW. You can assign network resources to drive letters from the command prompt
by using the Net Use command and the UNC path of the resource.
106. The following authentication protocols are supported to make your connections as
secure as possible: CHAP, EAP, MS-CHAP, MS-CHAPv2, PAP, SPAP, and smart cards.
107. CHAP is the Challenge Handshake Authentication Protocol, while MS-CHAP is the
Microsoft Challenge Handshake Authentication Protocol (requires the communication to
be between a Microsoft client and a Microsoft server). MS-CHAPv2 also requires the
communication to be between a Microsoft client and a Microsoft server.
108. EAP is the Extensible Authentication Protocol; PAP is the Password Authentication
Protocol (uses clear-text authentication).
109. Smart cards provide a certificate-based authentication.
110. The Encrypting File System (EFS) encrypts and protects file or folder contents. To
use EFS, the file system must be NTFS, and the files must not be compressed. Some files
(system files in particular) cannot be compressed. If you move/copy an encrypted file to
one of these partitions, it becomes unencrypted.
111. Settings that are configured under Computer Configuration apply to the computer,
regardless of who is using it. Settings configured under User Configuration apply only if
the specified user is logged on.
112. In Windows XP, a user can be granted rights and permissions to resources in two
ways: Individually (she is explicitly assigned a right or permission through her account),
or as a group (she is a member of a group that has a right or permission).
113. The Profile Path designates a specific location on a specified server where the user's
profile is going to be stored. The user profile contains the user portion of the Registry in
the file NTUSER.DAT.
114. The most common path entered for the user profile is
\\{SERVER}\{PROFILESHARE}\%USERNAME%, where {SERVER} is replaced by
the name of your server, and {PROFILESHARE} by the name of a folder for that user's
profile. The %USERNAME% variable will expand to the name of the user, which makes
it ideal for use in a template.
115. The logon script allows an administrator to configure common drive mappings, run
central batch files, and configure the system.
116. Account policies are divided into two subsections: Password Policy and Account
Lockout Policy.
117. Password Policy settings apply to all users on the system. It is not possible to have
separate settings by group, user, and so on. Account Lockout Policies are settings that can
be used to automatically lock the account should suspicious activity occur.
118. Auditing can be configured on nine pre-defined system events through the Local
Security Policy shortcut within the Administrative Tools folder of the Control Panel:
Audit Account Logon Events, Audit Account Management, Audit Directory Service
Access, Audit Logon Events, Audit Object Access, Audit Policy Change, Audit Privilege
Use, Audit Process Tracking, and Audit System Events.
119. When auditing is configured, entries are written to the Security log, which can be
viewed with the Event Viewer.
url
http://www.mcseworld.com/forums/showthread.php?t=8014
Subscribe to:
Posts (Atom)