Computer Oriented Project
|
|
- Claud Brooks
- 5 years ago
- Views:
Transcription
1 Computer Oriented Project Server Implementations on Campus Wide Networks BITS Goa Case Study Aalap Tripathy Faculty Guide : Mr Mangesh Bedekar
2 Agenda Introduction to networks IP Addressing & Packet Analysis Brief Description of the servers installed DNS Server DHCP Server Proxy Server Incomplete Assignments LDAP server Packet Analysis on our network Q&A
3 Basics The internet works using two main address units: the IP Address and the port. For example, I want to load it starts by asking the IP address of for the webpage. asks s IP address on port 80--the universal webpage port. Our computer instructs the response to be sent back to our IP address on some port that we opened to recieve that data. By using ports, our computer can keep track of which stream of data belongs to what. Our Computer s Instructions : main text content be sent back to it on port and the image be sent back on recieving instant messages on other ports and s on yet other ports The ports here don't matter because our computer just makes them up on the fly. all of the ports from are set aside for such standardization.
4 two types of addresses public IP addresses Public IP addresses are those addresses that are routable on the internet. private IP addresses Addresses that begin with 10.x.y.z or x.y (where x, y, and z can be anything 0-255) are strictly private addresses and cannot exist on the internet. 127.x.y.z is set asside as the local loop back address There are only 2^32 possible IP addresses, and worldwide there are many more than 2^32 devices (computers, printers, scanners, etc) that would like to have internet IP addresses.
5 4,294,967,296
6 Private Addresses and, more specifically, NAT were setup to solve the problem of a limited number of IP addresses. The new IP Protocol specification, IPv6 intends to solve this problem by increasing the number of addresses. Ipv6 is something BITS Pilani is spearhearding research on. Why not we have a lecture on this? Someone volunteering??
7 NAT can be done on a router example the one you see infront of you or on a PC Let s see how it is done!!!
8 WRT54G Wi-Fi Router firmware source code released to satisfy the obligations of the GNU GPL. All models come standard with a 4+1 ports network switch (the Internet/WAN port is also in the same switch, but on a different VLAN) and a wireless chipset by Broadcom which provides Wi-Fi connectivity. The devices have two removable antennas connected through Reverse Polarity TNC connectors
9
10 A Little Primer on IP Addressing We write them in decimal form to make it more readable for humans. `the network - meaning all 256 addresses from to network' which meant all addresses from to Each number between the dots in an IP address is actually 8 binary digits ( to )
11 A Little Primer on IP Addressing We usually don't write ` '. Instead, we shorten it to ` /16'. The `/16' means that the first 16 binary digits is the network address, in other words, the `1.2.' part is the the network So what is /8? A Big Network or small Network? What is the range of IP Addresses
12 A Little Primer on IP Addressing We usually don't write ` '. Instead, we shorten it to ` /16'. The `/16' means that the first 16 binary digits is the network address, in other words, the `1.2.' part is the the network So what is /8? A Big Network or small Network? What is the range of IP Addresses
13 A Little Primer on IP Addressing ` /8' is a big network Contains any address from to (over 16 million addresses!) /16 is smaller, containing only IP addresses from to /24 is smaller still, containing addresses to
14 BITS IP Addressing ` /8' is a description of the BITS Goa Network!!! Contains any address from to (over 16 million addresses!) /16 is mostly 1 hostel or a combination of nearby hostels /24 is most generally closest rooms in a hostel or classroom/faculty chambers in a corridor
15 Let s get the concepts clear!!
16
17
18
19
20
21 ICANN The Internet Corporation for Assigned Names and Numbers
22 Root Servers There are 13 root authoritative DNS servers (super duper authorities) that all DNS servers query first. These root servers know all the authoritative DNS servers for all the main domains -.com,.net, and the rest. This layer of servers keep track of all the DNS servers that Web site systems administrators have assigned for their sub domains.
23
24 Root Servers
25 Only one of the root servers that direct traffic and serve as the Internet's master directories is located outside the US -- in Tokyo, Japan US monopoly over the internet. We should have a debate sometime!!! Twelve of the 13 root servers that make the Internet run are located in the United States.
26 Many different Web sites can map to a single IP address, but the reverse isn't true; an IP address can map to only one FQDN. Default Server: dns3.bits-goa.ac.in Address: Why??? > yahoo.com Server: dns3.bits-goa.ac.in Address: Non-authoritative answer: Name: yahoo.com Addresses: , > Server: dns3.bits-goa.ac.in Address: Name: w2.rc.vip.dcn.yahoo.com Address: Forward Lookup Reverse Lookup
27
28
29 Ascii of a is 97 = 61 in hex Everything is Logical!!!
30
31
32 DHCP Dynamic Host Control Protocol
33
34
35 Let s ask Ok got it What is its ip address???
36 External DNS
37
38
39
40
41
42 Internal DNS Primary
43 Relevant configuration details for configuring Authoritative Zone zone "bits-goa.ac.in" IN { type master; file "bits-goa.zone"; notify yes; allow-query {any;}; allow-update {any;}; allow-transfer { ;}; };
44 Example of A Reverse Zone Authoritative Zone Definition zone " in-addr.arpa" IN { type master; notify yes; file "pri in-addr.arpa"; allow-transfer { ;}; };
45 The Full Zone file ; ; Zone File for bits-goa.ac.in ; The Full Zone File ; $TTL IN SOA ns1.bits-goa.ac.in. admin.bits-goa.ac.in.( ; Serial 3600 ; Refresh seconds 3600 ; retry, seconds 3600 ; expire, seconds 3600) ; minimum, seconds NS www A studentnet A orion A proxy A proxy A proxy A titan A glimpses06 A library A S1 A S2 A dns4.bits-goa.ac.in. mailbox A bits-goa.ac.in IN MX 10 mailbox.bits-goa.ac.in. dns3 A dns4 A dakiya A central A mail CNAME dakiya
46 A Sample Reverse Zone file ; ; Reverse Zone File for bits-goa.ac.in ; Note Made By Aalap as Internal DNS server only ; ; The Full Reverse Zone File ; $TTL IN SOA ns1.bits-goa.ac.in. admin.bits-goa.ac.in.( ; Serial 3600 ; Refresh seconds 3600 ; retry, seconds 3600 ; expire, seconds 3600) ; minimum, seconds NS dns4.bits-goa.ac.in.; 61 PTR dns3.bits-goa.ac.in. 62 PTR dns4.bits-goa.ac.in. 222 PTR studentnet.bits-goa.ac.in 223 PTR orion.bits-goa.ac.in 225 PTR titan.bits-goa.ac.in 220 PTR library.bits-goa.ac.in Remember FQDN?!?!?!?
47
48 Internal DNS Secondary
49 How is the Secondary DNS Config Different Because I never make the entries which it finally answers on it It is supposed to prefetch the primary DNS Servers entries as and when they change and keep onto local cache. My named.conf configuration is critical here
50 The Critical Lines in named.conf // query-source address * port 53; allow-notify { ;}; recursive-clients 6000; // the above line was added by RJ/AS/RS on 27/10/2006 }; // // a caching only nameserver config // controls { inet allow { any; } keys { rndckey; }; };
51 Definition of what it is the authoritative zone for it // Segment added to make This m/c a slave for bits-goa.ac.in Internal Zone It seeks its addresses from which is defined to be the master zone "bits-goa.ac.in" IN { type slave; file "slaves/bits-goa.zone"; masters { ; }; };
52 Similarly defining reverse lookup for authoritative zones zone " in-addr.arpa" IN { type slave; file "slaves/pri in-addr.arpa"; masters { ; }; };
53 Remember.. We made a transfer entry on the primary server zone " in-addr.arpa" IN { type master; notify yes; file "pri in-addr.arpa"; allow-transfer { ;}; };
54 A Jail!!! This is a Technology Lecture right??? Ensures that if the system is ever compromised, the attacker will not have access to the entire file system. The attacker might feel that he has compromised the system but actually he has just exposed himself as his activity has been logged!!
55
56
57 Making the chroot Jail Effective This is important because running it as root defeats the purpose of the jail, and using a different user id that already exists on the system can allows services to access each others' resources. Check the /etc/passwd and /etc/group files for a free UID/GID number available. In my case, I used number 53 and the name named. [root@dns4] /#useradd -c DNS Server -u 53 -s /bin/false -r -d /chroot/named named 2>/dev/null :
58 Client Browser Proxy Web Server Proxies Types & Applications
59 Proxies Web Traditional Caching CGI Proxies Reverse SSL HTTPS to create an encrypted tunnel There are privacy concerns with SSL proxies. Split a pair of proxies installed across two computers. Ex - Google Web Accelerator Open accept client connections from any IP address make connections to any Internet resource. Intercepting often incorrectly called transparent proxy (also known as a forced proxy) combines a proxy server with NAT. it is not possible to use user authentication, since the browser does not know there is a proxy in the middle, so it will not send any authentication headers.
60 Reverse Proxies Instead of delivering pages for internal users, it delivers them for external users. It can be used to take some load off web servers and provide an additional layer of protection. This proxy placed outside the firewall as a stand-in for the content server. When outside clients try to access the content server, they are sent to the proxy server instead.
61 Web Proxy
62
63 Why Web Proxy?? Improve Performance: it saves the results of all requests for a certain amount of time (caching) Filter Requests: Pages to be accessed can be limited Ports / Services Accessed can be controlled Timing of Web Access can be controlled Bandwidth Control: Most Important Mandate in the system currently setup on campus
64 Caching how is it done? expiration algorithm Two simple cache algorithms are Least Recently Used (LRU) and Least Frequently Used (LFU). LRU removes the documents that have been left the longest, while LFU removes the least popular documents. The algorithms can also be combined.
65 CGI proxies A special case of web proxies These are web sites which allow a user to access a site through them. They generally use PHP or CGI to implement the proxying functionality. Since they also hide the user's own IP address from the web sites they access through the proxy, they are sometimes also used to gain a degree of anonymity, called "Proxy Avoidance."
66
67 We use Squid Web Proxy which is... a full-featured Web proxy cache free, open-source software the result of many contributions by unpaid (and paid) volunteers
68 Some Relevant Proxy Configuration Entries http_port :8080 # The socket addresses where Squid will listen for HTTP client requests. cache_mem 100 MB # maximum_object_size KB #Objects larger than this size will NOT be saved on disk. # minimum_object_size 0 KB # Knowingly done so that everything is actually stored. This is for faster operation visible_hostname BITSGOA
69 Some Relevant Proxy Configuration Entries cache_replacement_policy lru memory_replacement_policy lru # cache_access_log /var/log/squid/access.log # TAG: cache_access_log # Logs the client request activity. Contains an entry for # every HTTP and ICP queries received. To disable, enter "none". log_fqdn on Remember fqdn??
70 Critical Proxy Configuration Lines auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd auth_param basic children 300 auth_param basic realm BITS GOA PROXY auth_param basic credentialsttl 1 minute
71 Access Control & Definition on the Proxy Server # ACCESS CONTROLS acl ncsa_users proxy_auth REQUIRED acl all src / acl labs src / / acl hostels src / / acl SSL_ports port acl Safe_ports port 80 # http acl day_time time 8:30-17:30 acl night_time time 17:30-24:00 0:00-8:30 acl other_time time 17:30-21:00
72 http_access directives Most Critical instructions http_access allow ncsa_users http_access allow labs day_time other_time http_access allow hostels night_time http_access deny banned http_access deny!safe_ports #http_access deny all #Last line. By default. The final directive is the reverse of the last okayed directive
73 The actual configuration file Squid.conf
74
75
76
77 What I didn t cover The deep intricacies in the working of servers Many configuration settings : Secret!! Setting services on/off. Autorun facilities avaliable on the Linux platform
78 Future Objectives In house Mail Server Development LDAP Server Deployment Cascading Proxies & Atleast one proxy per hostel Decentralization of the website
79 Bored??? Let s have some The Net is very very slow??? questions? Well if the bandwidth is too less and he user s too many that s what happens Proxy can handle only limited traffic. Future plans : One Proxy Per hostel My Net isn t working?? Ensure that you give the correct proxy name i.e. proxy and port 8080 In case you give the ip address there is no guarentee that it will work always Come on More.????? Let us confine ourselves to the Server configurations only.
Course Outline: Linux Professional Institute-LPI 202. Learning Method: Instructor-led Classroom Learning. Duration: 5.00 Day(s)/ 40 hrs.
Course Outline: Linux Professional Institute-LPI 202 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: The LPI certification is a vendor-neutral Linux credential
More informationWeb Server rpm. Web Server. #rpm q apache apache sis. package apache not installed CD-ROM
7 Server Web Server Web Server rpm #rpm q apache apache-1.3.20-16+sis package apache not installed CD-ROM Linux Redhat, Linux SiS Linux rpm I apache-1.3.20-16+sis /etc/httpd/conf/httpd.conf ServerRoot
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationRHCE BOOT CAMP BIND. Wednesday, November 28, 12
RHCE BOOT CAMP BIND CONFIG FILES BIND basically has two types of configuration files: BIND configuration file, specific to BIND and it s features Database files, or zone files, which contain DNS resource
More informationDomain Name System - Advanced Computer Networks
- Advanced Computer Networks Saurabh Barjatiya International Institute Of Information Technology, Hyderabad 26 August, 2011 Contents 1 Distributed database, highly volatile Domain names Top level domains
More informationCS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS
: Computer Networks Lecture 6: Apr 5, 2004 Naming and DNS Any problem in computer science can be solved with another layer of indirection David Wheeler Naming is a layer of indirection What problems does
More informationWeb Portal User Manual for
Web Portal User Manual for Copyright 2009 Afilias Limited Contents 1. Introduction... 1 1.1 About Afilias Managed DNS Service... 1 1.2 Afilias Managed DNS Service Website Help... 1 1.3 Support... 2 2.
More informationFeatures of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy
Que: -Proxy server Introduction: Proxy simply means acting on someone other s behalf. A Proxy acts on behalf of the client or user to provide access to a network service, and it shields each side from
More informationRoot Servers. Root hints file come in many names (db.cache, named.root, named.cache, named.ca) See root-servers.org for more detail
What is DNS? Systems to convert domain names into ip addresses: For an instance; www.tashicell.com 118.103.136.66 Reverse: 118.103.136.66 www.tashicell.com DNS Hierarchy Root Servers The top of the DNS
More informationDNS. Introduction To. everything you never wanted to know about IP directory services
Introduction To DNS everything you never wanted to know about IP directory services Linux Users Victoria, April 3 rd 2007 what is the domain name system anyway? it's like a phone book...kinda DNS is (1)
More informationHow to Add Domains and DNS Records
Configure the Barracuda NextGen X-Series Firewall to be the authoritative DNS server for your domains or subdomains to take advantage of Split DNS or dead link detection. Step 1. Make the X-Series Firewall
More informationConfigure IBM Security Identity Manager Virtual Appliance in Cloud
Configure IBM Security Identity Manager Virtual Appliance in Cloud Rahul Relan rarelan3@in.ibm.com Nnaemeka Emejulu eemejulu@us.ibm.com Parag Gokhale parag.gokhale@in.ibm.com Abstract: Installing IBM Security
More informationDNS Configuration Guide. Open Telekom Cloud
DNS Configuration Guide Open Telekom Cloud www.telekom.de/opentelekomcloud For this guide we assume that two subnets are already configured. In our example the subnets are called subnet_dns01 (in AZ eu-de-01)
More informationLesson 9: Configuring DNS Records. MOAC : Administering Windows Server 2012
Lesson 9: Configuring DNS Records MOAC 70-411: Administering Windows Server 2012 Overview Exam Objective 3.2: Configure DNS Records Configuring DNS Record Types Using the DNSCMD Command to Manage Resource
More informationOverview. Last Lecture. This Lecture. Next Lecture. Scheduled tasks and log management. DNS and BIND Reference: DNS and BIND, 4 th Edition, O Reilly
Last Lecture Overview Scheduled tasks and log management This Lecture DNS and BIND Reference: DNS and BIND, 4 th Edition, O Reilly Next Lecture Address assignment (DHCP) TELE 301 Lecture 11: DNS 1 TELE
More informationHow to Configure DNS Zones
The Barracuda NG Firewall DNS configuration object contains two predefined zones: _template and '.' To be able to edit and specify DNS zones within the Barracuda NG Firewall DNS configuration, you must
More informationECE 435 Network Engineering Lecture 7
ECE 435 Network Engineering Lecture 7 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 25 September 2018 HW#3 was Posted Announcements 1 HW#2 Review C code will be discussed next
More informationLocal DNS Attack Lab. 1 Lab Overview. 2 Lab Environment. 2.1 Install and configure the DNS server. SEED Labs Local DNS Attack Lab 1
SEED Labs Local DNS Attack Lab 1 Local DNS Attack Lab Copyright c 2006-2015 Wenliang Du, Syracuse University. The development of this document is partially funded by the National Science Foundation s Course,
More informationICS 351: Networking Protocols
ICS 351: Networking Protocols IP packet forwarding application layer: DNS, HTTP transport layer: TCP and UDP network layer: IP, ICMP, ARP data-link layer: Ethernet, WiFi 1 Networking concepts each protocol
More informationMCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 5 Introduction to DNS in Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008 Objectives Discuss the basics of the Domain Name System (DNS) and its
More informationOversimplified DNS. ... or, even a rocket scientist can understand DNS. Step 1 - Verify WHOIS information
Oversimplified DNS... or, even a rocket scientist can understand DNS Step 1 - Verify WHOIS information GOALS: Make sure that WHOIS reports every name server you have, and doesn't report any that aren't
More informationIntroduction to Network. Topics
Introduction to Network Security Chapter 7 Transport Layer Protocols 1 TCP Layer Topics Responsible for reliable end-to-end transfer of application data. TCP vulnerabilities UDP UDP vulnerabilities DNS
More informationDNS & DHCP CONFIGURATION
WELCOME DNS & DHCP CONFIGURATION Group Members Anmol Nazakat Ameena Fatima Shakeel ur Rehman Gulraiz Azam Irfan Ullah 1 2 3 4 5 BSIT-F14-E78 BSIT-F14-E100 BSIT-F14-E66 BSIT-F14-E69 BSIT-F14-E79 3 Today
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Dynamic
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationDNS and HTTP. A High-Level Overview of how the Internet works
DNS and HTTP A High-Level Overview of how the Internet works Adam Portier Fall 2017 How do I Google? Smaller problems you need to solve 1. Where is Google? 2. How do I access the Google webpage? 3. How
More informationInternet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide
Peplink Balance Internet Load Balancing Solution Guide http://www.peplink.com Copyright 2010 Peplink Internet Load Balancing Instant Improvement to Your Network Introduction Introduction Understanding
More informationOPS535 Lab 5. Dynamic DNS. RFC 2136 Dynamic Updates in the Domain Name System (DNS UPDATE)
OPS535 Lab 5 Dynamic DNS Overview In this lab, you add a forward lookup zone and a reverse lookup zone to your primary DNS server and configure both zones to support dynamic updates. Dynamic DNS zone accepts
More information[Optional] File Transfer and Web Caching
[Optional] File Transfer and Web Caching COSC301 Laboratory Manual Contents 1 File Transfer Protocol (FTP)........................ 1 2 Web Caching with Squid.......................... 4 In this lab, we
More informationAPNIC elearning: DNS Concepts
APNIC elearning: DNS Concepts 27 MAY 2015 11:00 AM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationManaging Caching DNS Server
This chapter explains how to set the Caching DNS server parameters. Before you proceed with the tasks in this chapter, see Introduction to the Domain Name System which explains the basics of DNS. Configuring
More informationExpanding ISP and Enterprise Connectivity with Cisco IOS NAT
1 Expanding ISP and Enterprise Connectivity with Cisco IOS Session 2 Presentation_ID.scr 1 Agenda Benefits Definition Availability Terminology s of Translations Overlapping Networks Example 3 Motivation
More informationProxying. Why and How. Alon Altman. Haifa Linux Club. Proxying p.1/24
Proxying p.1/24 Proxying Why and How Alon Altman alon@haifux.org Haifa Linux Club Proxying p.2/24 Definition proxy \Prox"y\, n.; pl. Proxies. The agency for another who acts through the agent; authority
More informationComputer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1
Computer Networks Domain Name System Jianping Pan Spring 2017 1/25/17 CSC361 1 Review: Web/HTTP Web URI/URL, HTML tags embedded/linked objects HTTP request and response persistence, statefulness web caching,
More informationCIA Lab Assignment: Domain Name System (1)
CIA Lab Assignment: Domain Name System (1) A. Bakker N. Sijm J. van der Ham M. Pouw Feedback deadline: September 22, 2015 10:00 CET Abstract The Domain Name System (DNS) is a hierarchical, distributed
More informationIdentity Firewall. About the Identity Firewall
This chapter describes how to configure the ASA for the. About the, on page 1 Guidelines for the, on page 7 Prerequisites for the, on page 9 Configure the, on page 10 Monitoring the, on page 16 History
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Application Layer III Dmitri Loguinov Texas A&M University February 8, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross 1 Chapter
More informationThis time. Digging into. Networking. Protocols. Naming DNS & DHCP
This time Digging into Networking Protocols Naming DNS & DHCP Naming IP addresses allow global connectivity But they re pretty useless for humans! Can t be expected to pick their own IP address Can t be
More informationInformation Security Laboratory Assignment No. 08 Proxy Server Installation, Configuration, Functioning, etc.
Information Security Laboratory Assignment No. 08 Proxy Server Installation, Configuration, Functioning, etc. -Ashwin Tumma ashwin.tumma23@gmail.com Following document contains detailed steps for installing
More informationLinux Network Administration
Linux Network Administration Objective Describe the organization of the namespace Define the top-level subdomains of the Describe the process of converting IP addresses into names Define the concept of
More informationHow to Configure the DNS Server
Make the Barracuda Link Balancer an Authoritative DNS host and configure the DNS Server for inbound load balancing. Step 1. Enable Authoritative DNS Enable Authoritative DNS on the Barracuda Link Balancer
More informationReverse DNS Overview
Reverse DNS Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures IPv6 reverse delegations Current status 1 Creating reverse zones Same as creating a forward zone
More informationCSc 450/550 Computer Networks Domain Name System
CSc 450/550 Computer Networks Domain Name System Jianping Pan Summer 2007 5/28/07 CSc 450/550 1 Review: Web/HTTP Web URI/URL, HTML tags, embedded objects HTTP request and response persistence, statefulness
More informationSeminar on. By Sai Rahul Reddy P. 2/2/2005 Web Caching 1
Seminar on By Sai Rahul Reddy P 2/2/2005 Web Caching 1 Topics covered 1. Why Caching 2. Advantages of Caching 3. Disadvantages of Caching 4. Cache-Control HTTP Headers 5. Proxy Caching 6. Caching architectures
More informationEndian Proxy / Firewall
Endian Proxy / Firewall Created October 27, 2006 by Bruce A. Westbrook Revisions: Introduction This document describes the step by step process of installing and configuring the Endian Firewall, Community
More informationDNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific
DNS/DNSSEC Workshop In Collaboration with APNIC and HKIRC Hong Kong Champika Wijayatunga Regional Security Engagement Manager Asia Pacific 22-24 January 2018 1 Agenda 1 2 3 Introduction to DNS DNS Features
More informationQuestion 1. Question 2
CS144 Practice Problems For Final Fall 2010 Note: These problems cover a subset of the material that we expect you to be familiar with for the final. In particular, these problems primarily cover material
More informationAdvanced iscsi Management April, 2008
April, 2008 Gene Nagle, istor Networks SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and
More informationOutline NET 412 NETWORK SECURITY PROTOCOLS. Reference: Lecture 7: DNS Security 3/28/2016
Networks and Communication Department NET 412 NETWORK SECURITY PROTOCOLS Lecture 7: DNS Security 2 Outline Part I: DNS Overview of DNS DNS Components DNS Transactions Attack on DNS Part II: DNS Security
More informationConfiguration of Authoritative Nameservice
Configuration of Authoritative Nameservice AfCHIX 2011 Blantyre, Malawi (based on slides from Brian Candler for NSRC) Recap DNS is a distributed database Resolver asks Cache for information Cache traverses
More informationDNS Management with Blue Cat Networks at PSU
DNS Management with Blue Cat Networks at PSU Network and System Administrators at Penn State can make their own DNS changes, live, using the Blue Cat Proteus web-based interface. Proteus will be used by
More informationip dhcp-client network-discovery through ip nat sip-sbc
ip dhcp-client network-discovery through ip nat sip-sbc ip dhcp-client network-discovery, page 3 ip dhcp-client update dns, page 5 ip dhcp drop-inform, page 8 ip dhcp-relay information option server-override,
More informationWireless LAN Controller Web Authentication Configuration Example
Wireless LAN Controller Web Authentication Configuration Example Document ID: 69340 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Web Authentication Process
More informationCS514: Intermediate Course in Computer Systems
CS514: Intermediate Course in Computer Systems Lecture 4: January 27, 2003 Introduction to Naming Any problem in computer science can be solved with another layer of indirection David Wheeler 1 Naming
More informationConfiguring Caching Services
CHAPTER 8 This chapter describes how to configure conventional caching services (HTTP, FTP [FTP-over-HTTP caching and native FTP caching], HTTPS, and DNS caching) for centrally managed Content Engines.
More informationFireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.
Fireware-Essentials Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.0 http://www.gratisexam.com/ Fireware Essentials Fireware Essentials Exam Exam A QUESTION 1 Which
More informationSecured Dynamic Updates
Secured Dynamic Updates Caution Portions of this slide set present features that do not appear in BIND until BIND 9.3 Snapshot code is available for this BIND 9.2 can perform most of the dynamic update
More informationDHCP and DDNS Services
This chapter describes how to configure the DHCP server or DHCP relay as well as dynamic DNS (DDNS) update methods. About, page 1 Guidelines for, page 3 Configure the DHCP Server, page 4 Configure the
More informationApplication Session (Hands-on) Athanassios Liakopoulos (GRNET) version 1.01
Application Session (Hands-on) Athanassios Liakopoulos (GRNET) aliako@grnet.gr version 1.01 1. Lab information Network Topology The network topology is shown in Figure 1. PCs belong to different VLANs,
More informationWelcome! Acknowledgements. Introduction to DNS. cctld DNS Workshop October 2004, Bangkok, Thailand
Welcome! cctld DNS Workshop 8-11 October 2004, Bangkok, Thailand Champika Wijayatunga, APNIC Acknowledgements Bill Manning Ed Lewis Joe Abley Olaf M. Kolkman EP.NET Introduction to
More informationDNS & Iodine. Christian Grothoff.
DNS & Iodine christian@grothoff.org http://grothoff.org/christian/ The Domain Name System is the Achilles heel of the Web. Tim Berners-Lee 1 DNS: Domain Name System Unique Distributed Database Application-layer
More informationECE 435 Network Engineering Lecture 14
ECE 435 Network Engineering Lecture 14 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 25 October 2018 Announcements HW#6 was due HW#7 will be posted 1 IPv4 Catastrophe 2 Out of
More informationConfiguration Guide. BlackBerry UEM Cloud
Configuration Guide BlackBerry UEM Cloud Published: 2018-04-18 SWD-20180411125526296 Contents About this guide... 7 Getting started... 8 Configuring BlackBerry UEM Cloud for the first time... 8 Administrator
More informationDomain Name System (DNS) Session-1: Fundamentals. Joe Abley AfNOG Workshop, AIS 2017, Nairobi
Domain Name System (DNS) Session-1: Fundamentals Joe Abley AfNOG Workshop, AIS 2017, Nairobi Computers use IP addresses. Why do we need names? Names are easier for people to remember Computers may be moved
More informationPrepared by Shiba Ratna Tamrakar
Lab on Package management with RPM and Yum 1. to install the package bind-utils #rpm -hiv bind-utils* Note: i for install, h for hash, v for verbose 2. to install the package bind-utils from URL ftp://www.xyz.com/rpms
More informationGoal of this session
DNS refresher Overview Goal of this session What is DNS? How is DNS built and how does it work? How does a query work? Record types Caching and Authoritative Delegation: domains vs zones Finding the error:
More informationIntroduction to the Domain Name System
The Domain Name System (DNS) handles the growing number of Internet users. DNS translates names, such as www.cisco.com, into IP addresses, such as 192.168.40.0 (or the more extended IPv6 addresses), so
More informationNetworking Applications
Networking Dr. Ayman A. Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport 1 Outline Introduction Name Space concepts Domain Name Space
More informationDomain Name System (DNS) Session-1: Fundamentals. Computers use IP addresses. Why do we need names? hosts.txt does not scale
Domain Name System (DNS) Computers use IP addresses. Why do we need names? Names are easier for people to remember Session-1: Fundamentals Computers may be moved between networks, in which case their IP
More informationDomain Name System (DNS)
Domain Name System (DNS) Computer Networks Lecture 9 http://goo.gl/pze5o8 Domain Name System Naming service used in the Internet Accomplishes mapping of logical ("domain") names to IP addresses (and other
More informationDefending Yourself Against The Wily Wireless Hacker
Defending Yourself Against The Wily Wireless Hacker Brian S. Walden NYCWireless Presentation October 27, 2004 http://wifidefense.cuzuco.com/ What You Expect Common Hacker Techniques Direct Break-In Man-In-The-Middle
More informationConfiguring Request Authentication and Authorization
CHAPTER 15 Configuring Request Authentication and Authorization Request authentication and authorization is a means to manage employee use of the Internet and restrict access to online content. This chapter
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationDNS Session 2: DNS cache operation and DNS debugging. Joe Abley AfNOG 2006 workshop
DNS Session 2: DNS cache operation and DNS debugging Joe Abley AfNOG 2006 workshop How caching NS works (1) If we've dealt with this query before recently, answer is already in the cache easy! Resolver
More informationWireless Network Video Recorder
LD2R/LD2R500 Wireless Network Video Recorder User Guide Version 1.0 PREFACE Thank you for purchasing the Wireless Network Video Recorder, an IP based device that installed on your network, which can be
More informationRunning the Setup Web UI
The Cisco Prime IP Express setup interview in the web UI takes you through a series of consecutive pages to set up a basic configuration. For an introduction and details on the basic navigation for the
More informationTable of Contents. Cisco How NAT Works
Table of Contents How NAT Works...1 This document contains Flash animation...1 Introduction...1 Behind the Mask...2 Dynamic NAT and Overloading Examples...5 Security and Administration...7 Multi Homing...9
More informationToday: Naming. Example: File Names
Today: Naming Names are used to share resources, uniquely identify entities and refer to locations Need to map from name to the entity it refers to E.g., Browser access to www.cnn.com Use name resolution
More informationDomain Name System (DNS) DNS Fundamentals. Computers use IP addresses. Why do we need names? hosts.txt does not scale. The old solution: HOSTS.
Domain Name System (DNS) Computers use IP addresses. Why do we need names? Names are easier for people to remember DNS Fundamentals Computers may be moved between networks, in which case their IP address
More informationCHATCORREO NOPERMITIR SQUID.CONF. correo.misena.edu.co hotmail.com
CHATCORREO correo.misena.edu.co hotmail.com www.hotmail.com NOPERMITIR www.facebook.com facebook.com www.youtube.com youtube.com chatenabled.mail.google.com SQUID.CONF acl manager proto cache_object acl
More informationNew Topic: Naming. Differences in naming in distributed and non-distributed systems. How to name mobile entities?
New Topic: Naming Names are used to share resources, uniquely identify entities and refer to locations Need to map from name to the entity it refers to E.g., Browser access to www.cnn.com Use name resolution
More informationAgha Mohammad Haidari General ICT Manager in Ministry of Communication & IT Cell#
Install a DNS server in Windows Server 2008 IT administrators who have little or no experience with Domain Name System (DNS), can learn to install, configure and troubleshoot a Windows Server 2008 DNS
More informationSoftware. Linux. Squid Windows
Proxy Server Introduction A proxy server services client requests by forwarding : the requests to the destination server. The requests appear to come from the proxy server and not from the client. the
More informationProblem Max. Points Act. Points Grader
Networks and Protocols Course: 320301 Jacobs University Bremen Date: 2007-12-12 Dr. Jürgen Schönwälder Duration: 90 minutes Final Examination The Jacobs University s Code of Academic Integrity applies
More informationConfiguring F5 for SSL Intercept
Configuring F5 for Welcome to the F5 deployment guide for configuring the BIG-IP system for SSL intercept (formerly called with Air Gap Egress Inspection). This document contains guidance on configuring
More informationNetwork+ Guide to Networks, Seventh Edition Chapter 2, Solutions
Network+ Guide to Networks, Seventh Edition Chapter 2, Solutions Review Questions 1. Which part of a MAC address is unique to each manufacturer? A. The network identifier B. The OUI C. The device identifier
More informationEthane: taking control of the enterprise
Ethane: taking control of the enterprise Martin Casado et al Giang Nguyen Motivation Enterprise networks are large, and complex, and management is distributed. Requires substantial manual configuration.
More informationDNS. A Massively Distributed Database. Justin Scott December 12, 2018
DNS A Massively Distributed Database Justin Scott December 12, 2018 What is DNS? Translates Hostnames to IP Addresses What is DNS? Example: www.serverlogic.com 23.185.0.4 What is DNS? Example: www.serverlogic.com
More informationDistributed Naming. EECS 591 Farnam Jahanian University of Michigan. Reading List
Distributed Naming EECS 591 Farnam Jahanian University of Michigan Reading List Tanenbaum Chapter 4.1-4.2, 4.3(optional) Any problem in computer science can be solved with another layer of indirection
More informationDNS Concepts. Acknowledgements July 2005, Thimphu, Bhutan. In conjunction with SANOG VI. Bill Manning Ed Lewis Joe Abley Olaf M.
16-20 July 2005, Thimphu, Bhutan In conjunction with SANOG VI DNS Concepts Acknowledgements Bill Manning Ed Lewis Joe Abley Olaf M. Kolkman NeuStar 1 Purpose of naming Addresses are used to locate objects
More informationComputer Center, CS, NCTU. Outline. Installation Basic Configuration
BIND Part 1 pschiu Outline Installation Basic Configuration 2 Installing ISC BIND Step # pkg install bind911 or # cd /usr/ports/dns/bind911 # make install clean or # yum install bind.x86_64 # yum install
More informationIdentity Firewall. About the Identity Firewall. This chapter describes how to configure the ASA for the Identity Firewall.
This chapter describes how to configure the ASA for the. About the, page 1 Guidelines for the, page 7 Prerequisites for the, page 9 Configure the, page 10 Collect User Statistics, page 19 Examples for
More informationHikCentral V1.3 for Windows Hardening Guide
HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationAdministrator's Guide
Administrator's Guide Administrator's Guide Welcome to the Administrator's Guide. For a printable PDF copy of this guide, click here. Note: Not all features mentioned in this Administrator's Guide are
More informationMTA_98-366_Vindicator930
MTA_98-366_Vindicator930 Number: 98-366 Passing Score: 700 Time Limit: 45 min File Version: 1.0 http://www.gratisexam.com/ Microsoft Technology Associate Networking Fundamentals MTA 98-366 Exam A QUESTION
More informationUser Guide TL-R470T+/TL-R480T REV9.0.2
User Guide TL-R470T+/TL-R480T+ 1910012468 REV9.0.2 September 2018 CONTENTS About This Guide Intended Readers... 1 Conventions... 1 More Information... 1 Accessing the Router Overview... 3 Web Interface
More informationTestOut Server Pro 2016: Networking - English 4.0.x LESSON PLAN
TestOut Server Pro 2016: Networking - English 4.0.x LESSON PLAN Revised 2018-06-29 Table of Contents Introduction Section 0.1: Server Pro 2016: Networking Introduction... 4 Section 0.2: The TestOut Simulator...
More informationIP Training Programme. Module 1: IP Generic Session 3: IP Services
IP Training Programme Module 1: IP Generic Session 3: IP Services Subjects Review The IP Address continued Routing protocols (Concept) Firewalll and NAT DNS server and DNS operation concept DHCP server
More informationCOMPUTER SCIENCE E-1 EXAM I BRIEFING. Understanding Computers & the Internet
COMPUTER SCIENCE E-1 Understanding Computers & the Internet EXAM I BRIEFING Our rst exam will take place on Monday, March 11 from 5:30pm 7:30pm EST. You will have two hours to complete the exam. is exam
More information