Professional Documents
Culture Documents
Network Infrastructure (Slide)
Network Infrastructure (Slide)
BY
SURATH KASEMBUNSIRI
Go to E-Learning:
copy
in your local computer
Com1
Hub2
Hub3
Hub4
Com2
Hub5
Com3
Switch1
Com1
Com2
Switch3
Switch2
Com3
Switch cascade() 2
Com1 >Com 3 Ok..
Com1 > Com5 Not Ok..
Com4
Switch4
Com5
Com6
Trunking
100 mb
Switch1
100 mb
com1
.
.
100 mb
com2
Switch2
Switch3
Set Trunk 10
1 > 100 mb
Trunk 10
10 x 100 mb >> 1G
com3
LAN Topologies
Bus
Star
Ring
Tree
Topology
Bus
Topology
Star
Topology
Ring
Topology
Star-Bus
Topology
Star-Star
Topology
Token Passing
T
T
Step
WinNT ,Win98
Cache (nbtstat -c)> Wins > Broadcast >
LMHost > Hosts > DNS > Cannot connect
Win2000,XP,2003
Cache (nbtstat -c)> Host > DNS >
Wins> LMHost > Broadcast > Cannot
connect
C:\WINDOWS\system32\drivers\etc
Domain
DC (Domain controller)
Active Directory
work group
set > set AD
Work Group
Default
Work group
client (100 up)
admin add
user set policy..(start
>run > gpedit.msc)
Concept ...
RRAS
Company
modem
modem
RRAS
.
Server
.
modem
Telecom
System
modem
Hacker Home
(
)
VPN
Server
Telecom
System
Public IP
modem
Hacker Home
(
)
Local
NAT
202.44.33.1120
Private IP
10.Xxx
172.16-32.x.x
192.168.x.x
Private
Public
192.168.1.12
203.44.33.11
192.168.1.15
203.44.33.12
Local
PAT
202.44.33.11
Private IP
10.Xxx
172.16-32.x.x
192.168.x.x
Private
Public
port
192.168.1.12
203.44.33.11
5240
192.168.1.15
203.44.33.12
1067
OSI Model
Application
Encapsulation
Presentation
, ASCII, Unicode,
Session
Session Simplex,
Half duplex, Full Duplex
Transport
Ack
Network
Router
Data Link
0,1
Ethernet, Token Ring, ATM 2
Mac, Logical Link layer
Physical
TCP/IP Suite
Application
Presentation
Application
Session
Transport
Transport
Network
Internet
DataLink
Physical
Network Interface
TCP/IP Suite
Application
TCP
Transport
Internet
UDP
ICMP, IGMP
IP
ARP
Network Interface
Ethernet, Token Ring, etc
Application
Transport
Internet
Network
Interface
File
Transfer
Terminal
Emulator
File
Transfer
Client/
Server
Network
Management
Application
FTP
STD0010
/
RFC 959
SMTP
STD0010
/
RFC 2821
Telnet
STD0008
/
RFC 854
TFTP
STD0033
RFC 1350
NFS
RFC
3010
2057
SMB
SNMP
RFC 1157
Presentation
IP
STD0005 RFC0791
(Updated by
RFC2474)
ARP/RARP
RFC 826/903
Session
Transport
Network
DataLink
Transmission Media
Physical
Transport
Internet
Network Interface
UTP,
LAN WAN
Internet Layer
Application
ARP, IP,
ICMP
-ARP Address Resolution
Protocols
-IP Internet Protocol
-ICMP Internet Control Message
Protocol
Transport
ICMP
IP
ARP
Network Interface
Transport Layer
Application
TCP
UDP
Internet
Network Interface
TCP UDP
-TCP Transmission Control
Protocol
-UDP User Datagram Protocol
Application Layer
Application
Transport
Internet
Network Interface
TCP/IP
Sender
Application
Transport
Internet
Header
Header
Trailer
Network Interface
Header
Data Transmission
Application
Transport
Internet
Network Interface
Application
Transport
Internet
Network Interface
Receiver
Application
Transport
Internet
Network Interface
Network Interface
Application
Transport
4
Internet
Network Interface
8
Preamble
MAC Address
XXXXXX XXXXXX
IEEE Assigned Vendor Assigned
0001AB6 1532FBA
MAC Address
(Media Access Control)
48 Bits
12
6
IEEE Assign
6
Vendor Assign
2(48)=281,474,976,710,656
Application
Transport
Internet
FCS=3ACD
Network Interface
Application
Receiver
Transport
Internet
FCS= 3ACD
()
Network Interface
FCS=3ACD
()
Application
Transport
Internet
FCS=3ACD
Network Interface
Application
Receiver
Transport
Reject
FCS= A534
()
Internet
Network Interface
FCS=3ACD
()
Internet Layer
Application
Transport
ICMP
IP
ARP
Network Interface
Header
IP Address MAC Address
ARP
Cache
Transport
ARP Cache
IP
ARP
MAC Address
172.16.0.109
Application
Application
Application
Transport
Application
Transport
Transport
Internet
Transport
Internet
Application
Transport
Internet
Network Interface
172.16.0.101
0100AB4352FE1
Internet
Network Interface
Internet
Network Interface
Network Interface
Network Interface
IP: 172.16.0.109
MAC: 000000 000000
( FFFFFF FFFFFF)
172.16.0.109
0100AB4342345
172.16.0.109
-
Application
ARP Cache
Transport
Internet
Network Interface
172.16.0.101
0100AB4352FE1
Application
Application
Application
Transport
Application
Transport
Transport
Internet
Transport
Internet
Internet
Network Interface
Internet
Network Interface
Network Interface
Network Interface
IP: 172.16.0.109
MAC: 0100AB4342345
ARP Cache
172.16.0.109
0100AB4342345
ARP Cache
172.16.0.102 0100AB4352FF3
172.16.0.109 0100AB4342345
172.16.0.103 0100AB4344335
Application
Transport
Transport
Internet
Network Interface
0.0.0.0
Internet
0100AB4352FE1
MAC: 0100AB4352FE1
IP: 0.0.0.0
Network Interface
172.16.0.11
0100AB88888F
Application
Transport
Transport
Internet
Network Interface
0.0.0.0
Internet
0100AB4352FE1
Network Interface
MAC: 0100AB4352FE1
IP: 172.16.0.110
0.0.0.0
172.16.0.11
0100AB88888F
IP (Internet Protocol)
Application
Transport
IP
IP Header
Network Interface
IP Header
Bit 0
Version
(4)
Bit 15 16
Header
Length
Identification (16)
Time To Live (8)
Bit 31
Protocol (8)
20
Bytes
Transport
ICMP
IP
ARP
MAC Address
-Destination Unreachable
-Timeout
-Redirect
-Parameter Problem
-Echo, Echo reply, Timestamp, Time
stamp reply, Information request,
Address request, Address reply
ICMP Header
Bit 0
Bit 15 16
Type
Code
Identifier
Bit 31
Checksum
Sequence Number
Address Mask
12
Bytes
Protocol
Application
UDP
TCP
6
17
ICMP
IP
1
ARP
MAC Address
IP
Header
IP
-IP
0
-ICMP 1
-TCP
6
-UDP 17
Header Checksum
Reject
Application
Transport
Application
Checksum=2A
Internet
172.16.0.101
Transport
Internet
192.168.1.15
Network Interface
FCS
Network Interface
Checksum=1B
FCS
Transport
Application
UDP
TCP
ICMP
IP
ARP
MAC Address
Header
Port Number
Application
Layer
Transport
Layer
F
T
P
T
e
l
n
e
t
S
M
T
P
D
N
S
T
F
T
P
S
N
M
P
R
I
P
20/
21
23
25
53
69
161
520
TCP
UDP
TCP
TCP Header
ICMP
IP
ARP
MAC Address
TCP Header
Bit 15 16
Bit 0
Source Port (16)
Bit 31
Destination Port (16)
Reserved
(6)
Code Bits
(6)
Checksum (16)
Window (16)
Urgent (16)
Options (0 or 32)
Data (varies)
20 Bytes
- Port ,
- Segment (Sequence No.)
- (Acknowledge No.)
- Window
- Checksum
-
Application
Application
Transport
Transport
Internet
Internet
Network Interface
Network Interface
Three-way Handshake
1
SYN
(seq=100 cb=S)
SYN
2
SYN, ACK
(seq=300, ack=101 cb=S,A)
Application
Transport
Transport
Internet
Network Interface
Internet
Network Interface
1033
1033
80
80
100
101
Dest.
Port
Seq. #
301
1
80
1033
300
301
101
80
1033
302
102
302
Application
Transport
Ack. #
Application
Window Size = 1
Transport
Internet
Internet
Network Interface
Network Interface
ACK 5
Window Size=2
Application
Application
Transport
Transport
Internet
Internet
Network Interface
Network Interface
UDP
ICMP
IP
ARP
MAC Address
UDP Header
UDP Header
Bit 15 16
Bit 0
Bit 31
Length (16)
Checksum (16)
Data (varies)
8 Bytes
Connectionless (UDP)
- Port ,
- Checksum
-
Application
Application
Transport
Transport
Internet
Internet
Network Interface
Network Interface
UDP Connection
Source
Port
Dest.
Port
Check
sum
Data
Checksum
AC
1033
138
138
80
100
AC
Data
1
138
138
AC
Application
Application
Transport
Transport
Internet
Internet
Network Interface
Network Interface
Data
Application
FTP
HTTP Etc.
Winsock
NetBIOS
/DS
UDP
TCP
ICMP
IP
ARP
MAC Address
Internet
60
Internet
>> IP
http://www.iab.org
IAB
Research Task Force
IRTF
IRSGIRSGIRSG IRSG
Research Steering Group
IETF
www.iana.org
Whois > IP address
Name space
AFNIC
APNIC
ARIN
199.xx
Japan Thai
202.xx
203.xx
Sing
RIPE
201.xx
LACNIC
www.icann.org
Whois : Name space
www.internic.net
ICANN
Internic
GTLD
CCTLD
Registrar
.th
www.thnic.net
.com
.net
.gov
.jp
IP Address ?
17
18
202.128.202.
19
Network IDs
172.16.0.0
172.18.0.0
192.168.2.0
192.168.3.0
192.168.1.0
172.17.0.0
10.0.0.0
Host Addresses
172.16.1.101
172.16.2.201
172.16.3.151
Network ID
172.16.0.0
10.100.1.101
172.16.0.1
10.0.0.1
10.200.2.201
10.150.3.301
Network ID
10.0.0.0
IP Addressing
32 bits
Dotted
Decimal
Maximum
Network
255
255
Host
255
255
IP Addressing
32 bits
Dotted
Decimal
Network
16 17
255
24 25
32
11111111 11111111
11111111 11111111
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
8 9
255
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
Binary
255
255
Maximum
Host
IP Addressing
32 bits
Dotted
Decimal
Network
16 17
255
24 25
32
11111111 11111111
11111111 11111111
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
8 9
255
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
Binary
255
255
Maximum
Host
Example
172
16
122
204
Decimal
Example 10101100 00010000 01111010 11001100
Binary
IP Address 255?
2 32
IP Address
10000010100000001100101011111111
4 4
22222222
128+64+32+16+8+4+2+1
255
IP Address Classes
8 bits
8 bits
8 bits
8 bits
Host
Host
Host
Host
Host
Class A:
Network
Class B:
Network Network
Class C:
Class D:
Multicast
Class E:
Research
Host
Classes
Class
Class A,B,C
Web Online
Class D
,
website class
Router block
broadcast IP class
A,B,C
Host Addresses
172.16.2.2
10.1.1.1
10.6.24.2
E1
172.16.3.10
E0
172.16.2.1
10.250.8.11
172.16.12.12
172.16
Network
12 . 12
Host
10.180.30.118
Routing Table
Network
Interface
172.16.0.0
E0
10.0.0.0
E1
...
...
N
1
2
3
...
16
16
15
14
13
12
11
10
9
8
7
6
5
4
3
2
1
172
Host
11111111 11111101
11111111 11111110
11111111 11111111
65534
65535
65536
2
65534
192.6.141.2
130.113.64.16
256.241.201.10
Class
Network
Host
Class
10.2.1.1
10.0.0.0
0.2.1.1
128.63.2.100
128.63.0.0
0.0.2.100
201.222.5.64
201.222.5.0
0.0.0.64
192.6.141.2
192.6.141.0
0.0.0.2
130.113.64.16
130.113.0.0
0.0.64.16
256.241.201.10
Nonexistent
Network
Host
172.16.255.253 172.16.255.254
...
172.16.0.0
Network 172.16.0.0
172.16.3.0
172.16.4.0
172.16.1.0
172.16.2.0
Network 172.16.0.0
Subnet Addressing
172.16.2.200
172.16.3.5
172.16.3.1
E1
172.16.2.2
E0
172.16.2.1
172.16.3.100
172.16.2.160
172.16
Network
172.16.3.150
2 . 160
Host
172.16.0.0
E0
172.16.0.0
E1
Subnet Addressing
172.16.2.200
172.16.3.5
172.16.3.1
E1
E0
172.16.2.1
172.16.2.2
172.16.3.100
172.16.2.160
172.16
Network
172.16.3.150
160
Subnet Host
E0
172.16.3.0
E1
172.16.0.0/16
Network ID=
172.16.0.0
Host
172.16.0.1172.16.255.254
Network ID
Router
Situation 1 SW Hub
172.16.0.0/16
Network ID=
172.16.0.0
Host
172.16.0.1172.16.255.254
SW, Hub
R (172.16.0.1-254)
IT (172.16.1.1-254)
Situation 2
Router
172.16.0.0/16
Default HR
IT
assign
subnet
255.255.0.0 > 255.255.255.0
HR 172.16.0.0/24 >
NW>172.16.0.0
Router
HR (172.16.0.1-254)
IT 172.16.1.0/24 >
NW>172.16.1.0
IT (172.16.1.1-254)
Subnet Mask
Network
IP
Address
172
Host
16
Network
Default
Subnet
Mask
8-bit
Subnet
Mask
255
0
Host
255
11111111
11111111
00000000
00000000
Also written as /16 where 16 represents the number of 1s
in the mask.
Network
Subnet
Host
255
255
255
32
16
128
192
224
240
248
252
254
255
Host
172.16.2.160
10101100
00010000
00000010
10100000
255.255.0.0
11111111
11111111
00000000
00000000
10101100
00010000
00000000
00000000
172
16
Network
Number
Host
10101100
00010000
00000010
10100000
11111111
11111111
11111111
00000000
10101100
00010000
00000010
00000000
172
16
128
192
224
240
248
252
254
255
255.255.255.0
Subnet
Network
Number
255.255.255.192
Network
Number
Host
10101100
00010000
00000010
10100000
11111111
11111111
11111111
11000000
10101100
00010000
00000010
10000000
128
192
224
240
248
252
254
255
172.16.2.160
Subnet
128
192
224
240
248
252
254
255
Network
172
16
128
Address
Subnet Mask
172.16.2.10
255.255.255.0
10.6.24.20
255.255.240.0
10.30.36.12
255.255.255.0
Class
Network
Number
Address
Subnet Mask
Class
Network
Number
172.16.2.10
255.255.255.0
172.16.2.0
10.6.24.20
255.255.240.0
10.6.16.0
10.30.36.12
255.255.255.0
10.30.36.0
172.16.2.160
255.255.255.192
172
16
10101100
00010000
160
Mask
Network
4
Number
Broadcast
First
Last
172.16.2.160
255.255.255.192
172
16
10101100
00010000
11111111
11111111
160
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10000000 Number 4
Broadcast
First
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10000000 Number 4
10111111 Broadcast
5
First
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10000000 Number 4
10111111 Broadcast
5
10000001 First
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10000000 Number 4
10111111 Broadcast
5
10000001 First
10111110 Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10101100
00010000
10101100
00010000
10101100
00010000
5
00000010 10000001 First
10101100
00010000
Network
16
160
3
10101100
00010000
255.255.255.192 11111111
8
9
172.16.2.128
10101100
11111111
00010000
10101100
00010000
172.16.2.160
172.16.2.191
Network
172.16.2.129
10101100
00010000
5
00000010 10000001 First
172.16.2.190
10101100
00010000
Network
Subnet
Host
172.16.2.121: 10101100
00010000
00000010
01111001
255.255.255.0: 11111111
11111111
11111111
00000000
Subnet: 10101100
00010000
00000010
00000000
Broadcast: 10101100
00010000
00000010
11111111
Network
192.168.5.121: 11000000
10101000
00000101
01111001
255.255.255.248: 11111111
11111111
11111111
11111000
Subnet: 11000000
Broadcast: 11000000
10101000
00000101
01111000
10101000
00000101
01111111
Address
Subnet Mask
201.222.10.60
255.255.255.248
15.16.193.6
255.255.248.0
128.16.32.13
255.255.255.252
153.50.6.27
255.255.255.128
Class
Subnet
Broadcast
Subnet Mask
Class
Network
Number
Broadcast
201.222.10.60 255.255.255.248
201.222.10.56
201.222.10.63
15.16.193.6
255.255.248.0
15.16.192.0
15.16.199.255
128.16.32.13
255.255.255.252
128.16.32.12
128.16.32.15
153.50.6.27
255.255.255.128
153.50.6.0
153.50.6.127
Com1
Com2
1. com1
IP> 192.168.x.2
subnet mask > 255.255.255.192
com2
IP> 192.168.x.126
subnet mask > 255.255.255.0
2. com1 ping com2
what is message? >>
3. com2 ping com1
what is message? >>
4. Network ID of Com1? >>
5. Network ID of Com2? >>
SW1
Com1
Com2
192.168.x.2
255.255.255.192
NW= 192.168.x.0
192.168.x.126
255.255.255.0
NW= 192.168.x.0
SW1
Com1
Com2
com2
IP> 192.168.x.250
subnet mask > 255.255.255.224
2. com1 ping com2
what is message? >>
3. com2 ping com1
what is message? >>
4. Network ID of Com1? >>
5. Network ID of Com2? >>
SW1
Com1
Com2
192.168.x.254
255.255.255.0
NW= 192.168.x.0
192.168.x.250
255.255.255.224.
NW= 192.168.x.224
Private IP Address
Case Study
IP 172.16.0.1-254
subnet : 255.255.?.?
IP Address
Network Subnetting
nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhh
nnnnnnnn.nnnnnnnn.ssshhhhh.hhhhhhh
Subnet Mask
Host Subnet Mask
Network
Host
Network Monitor
Tracert ip
Visual Route
Ping
Ping Paremeter
DNS
Domain name service >
website URL
www.yahoo.com
IP
DNS Record
Record.domain.zone
Com1
Yahoo
Sanook
www
egat
.Com
.net
.org
.co.th
DNS (Client)
cache
Forwarder
Hello.com
DNS2
3
DNS1
Client
www.hello.com
Secondary Zone
Reload from master
Hello.com
DNS2
Hello.com
DNS1
Client
www.hello.com
Stub Zone
Load only
detail of
Hello.com
DNS1
Client
Hello.com
DNS2
www.hello.com
Situation 1
Bang
kok
surath.com
Demo.com
CL1
Chiangmai
CL1000
Situation 2
Bang
kok
100M
Chiangmai
100M
surath.com
Demo.com
CL1
2M
CL1000
Situation 3
Bang
kok
100M
Chiangmai
100M
surath.com
Demo.com
CL1
2M
CL1000
Surath.com
POP3/SMTP
Server
com1
com2
admin
user1
Surath.com
POP3/SMTP
Server
2
1
DNS1
com1
admin
DNS2
POP3/SMTP
Server
7
com2
user1
IP
Security Fake mail
hacker mail
check
IP ..
DNS Data
Default
c:\windows\system32\dns
Cache DnS
2
client > cmd > ipconfig /displaydns
server > DNS > view > advanced
DNS workgroup
DNS
Primary zone
Secondary zone
Stub Zone
Forwarder
Root Hint
Cache Server
DNS Domain
Active Directory Integreted
Demo.com
Demo.com
DC1,DNS1
Demo.com
DC2,DNS2
Demo.com
DC3,DNS3
replicate DNS Forest
replicate DC Forest
replicate DC domain
replicate active directory
partition
com1
Result
ping com1.surath.com
ping com1.com
com1
Result
ping com1.prayoth.com
ping com1.hello.com
Ping com1.egat.co.th
Yahoo.com
address
register
DNS
connection
register
suffix
Register
DNS
DNS
Proxy.egat.co.th 10.20.222.36
Proxy.egat.co.th 202.10.10.100
Proxy Server
10.20.222.36
Internal
202.10.10.100
Public
proxy: proxy.egat.co.th
CLient1
Proxy server register
DNS Internal
.ORG (1)
demo.org(1)
.NET (1)
demo.net(1)
DNS
.COM (1)
demo.com(1)
.
Root
. com
. org
. net
. th
. AC.TH
Yahoo.COM
KU.AC.TH
SOA of Zone
set refresh,
Retry expire
load
secondary zone
set TTL(Total
Time to live) DNS
cache record zone
(default=1
)
Set IP
2
1. (Manual)
1.1 set local area connection
1.2 set command (netsh)
Netsh interface ip set address local
static 192.168.1.2 255.255.255.0
192.168.1.1 1
Netsh interface ip set dns local static
192.168.1.1
2. (DHCP )
DHCP
IP
Overview DHCP
10.20.
93.1
10.20.93.7
10.20.93.0
10.20.
94.1
DHCP
Server
Scope1 10.20.93.0
Scope2 10.20.94.0
10.20.94.0
Router block
Broadcast client request
IP broadcast
NW=10.20.94.0 Rourter block
How to do???
10.20.93.7
10.20.93.0
DHCP
Server
Scope1 10.20.93.0
Scope2 10.20.94.0
10.20.
94.1
10.20.94.0
>> 2
1. Router BootP
2. NW server
DHCP Relay agent.
10.20.93.7
10.20.93.0
DHCP
Server
Scope1 10.20.93.0
Scope2 10.20.94.0
10.20.
94.1
10.20.94.0
10.20.93.7
10.20.93.0
DHCP
Server
Scope1 10.20.93.0
Scope2 10.20.94.0
10.20.
94.1
10.20.94.0
10.20.93.7
10.20.93.0
DHCP
Server
Scope1 10.20.93.0
Scope2 10.20.94.0
3
2
CL1
10.20.
94.1
DHCP
Relay Agent
1 broadcast
10.20.94.0
4
Server Option
Reserv Option
Scope3 Option
Scope 1 Option
Scope2 Option
Super Scope
scope
Backup DHCP
Go to
c:\windows\system32\dchp\backup
compact DB DHCP
jetpack
Package of DHCP ()
Discover
Offer
CL1
Request
Ack
Server
Package of DHCP ()
Request
CL1
Ack
Server
Log
C:\windows\system32\DHCP\
IP
Command
ipconfig /release
>>>
ipconfig /renew
>>> ,
Graphic
VMWare
VMWare
Host >
Guest >
Key Control
Ctrl +Alt + Insert Ctrl +Alt +Del
Ctrl +Alt + Enter > ,
Ctrl +Alt > mouse VMware
Routing Table
Router
Router
disable function
add routing table
Nw
GW
(NW )
Broadcast
Local Loop
back
Router
192.168.1.0/24 192.168.1.70
192.168.1.69
Host
202.44.33.0/24
202.44.33.71
202.44.33.72
Server2
Config service
Routing Table
Router
Router set Dynamic
Routing
Router set
Static Routing add routing
table
Dynamic Routing
2
1. RIP
-
- 15 hop
-
2. OSPF
-
- Link State Database (
)
Routing Protocol
NAT
IP (Private)
Public IP
Remark : Function
Router Private
IP > Public IP
Local
NAT
202.44.33.1120
Private IP
10.Xxx
172.16-32.x.x
192.168.x.x
Private
Public
192.168.1.12
203.44.33.11
192.168.1.15
203.44.33.12
Site Bangkok
CL1
modem
RRAS
Site Chiengmai
CL2
I want to
Contact to Site
Chiengmai
Sever Demand
dial Routing ()
VPN
RRAS
Company
modem
modem
RRAS
.
Server
.
modem
Telecom
System
modem
Hacker Home
(
)
XP
ICS
Internt
SW, Hub
modem
XP
XP
XP
set IP
DHCP
Radius Server
Others..
windows
CISCO
Radius Server
Windows
US Robotic
windows
Cisco
Radius Server
>> microsoft
IAS (Internet Authentication Service)
Company
Public IP
VPN
Server
Internet
System
Public IP
modem
Hacker Home
(
)
VPN
IPSec
Lan
Hacker
set (Lan)
IPSec
IPSec
set set policy
IP Security (IPSec)
IP Sec
authentication 3
1. windows authen >>> Kerberos v.5
domain
2. CA >>>
3. Presharekey >> set
work
IP Security (IPSec)
Authentication
AH (Authentication Header)
MD5, SHA1
Encryption
DES, 3DES
ESP (Encapsulation Security Payload)
Key Management
IKE (Internet Key Exchange)
Good Password
3 4
1. a,b,c,.,z
2. A,B,C,
3. 0,1,2,3
4. !,@,#,$.%....
p@ssw0rd
Remark 7
NTLM
Workgroup
share
Server
CL1
authentication
Windows
resource share authenti
cation
Kerberos
Domain
share
2
AD
DC
1
Login
2
User Ticket
CLient1
Service Ticket
Server
check
Ticket
Use DC
User
Contact
Mail to
surath@itcompanion.co.th
www.itcompanion.co.th