You are on page 1of 77



AIM: Introduction to Asynchronous Transfer Mode (ATM)

Asynchronous Transfer Mode: A network technology for both local and wide area networks (LANs and WANs) that support real time voice and video as well as data. The topology uses switches that establish a logical circuit from end to end, which guarantees quality of service (QoS). However, unlike telephone switches that dedicate circuits end to end, unused bandwidth in ATM s logical circuits can be appropriated when needed. For example, idle bandwidth in a video conference circuit can be used to transfer data. ATM is highly scalable and supports transmission speeds of 1.5,25,100,155,622,2488 and 9953 Mbps).

Asynchronous Transfer Mode Switching: Asynchronous Transfer Mode (ATM) is International Telecommunication Union Telecommunications Standards Section (ITU-T) standards for cell rely wherein information for multiple service types, such as voice, video, or data, is conveyed in small, fixed-size cells. ATM networks are connection-oriented. This chapter provides summaries of ATM protocols, services, and operation. Figure illustrates a private ATM network and a public ATM network carrying voice, video, and data traffic.

Figure: A private ATM network and a public ATM network both can carry voice, video, and data traffic.

1.2 ATM Standards: ATM is based on the efforts of the ITU-T Broadband Services Digital Network (B-ISDN) standard. . It was originally conceived as a high-speed transfer technology for voice, video, and data over public networks. The ATM forum extended the ITU-T s vision of ATM for over public and private networks. The ATM forum has released work on the following specifications: User-to-Network Interface(UNI)2.0 UNI 3.0 UNI 3.1 UNI 4.0 Public-Network Node Interface(P-NNI) LAN Emulation(LANE) Multiprotocol over ATM

1.3 ATM Devices: An ATM network is made up of an ATM switch and ATM endpoints. An ATM switch is responsible for cell transit through an ATM network. The job of an ATM switch is well defined. It accepts the incoming cell from an ATM endpoint or another ATM switch. Then reads and updates the cell header information and quickly switches the cell to an output interface towards its destination. An ATM endpoint (or end system) contains an ATM network interface adapter. Examples of ATM endpoints are workstations, routers, digital service units (DSUs), LAN switches and video coder decoder (CODECs).The following figure illustrates an ATM networks made up of ATM switches and ATM endpoints.

Figure: comprises ATM Switches and Endpoints.

1.4 ATM Network Interfaces: An ATM network consists of a set of ATM switches interconnected by point-to-point ATM links or interfaces. ATM switches support two primary types of interfaces: UNI and NNI. The UNI connects ATM end systems (such as hosts and routers) to an ATM switch. The NNI connects two ATM switches.

Depending on whether the switch is owned and located at the customer s premises or is publicly owned and operated by the telephone company, UNI and NNI can be further subdivided into public and private UNIs and NNIs. A private UNI connects an ATM endpoint and a private ATM switch. Its public counterpart connects an ATM endpoint or private switch to a public switch. A private NNI connects two ATM switches within the same private organization. A public one connects two ATM switches witin the same public organization.

Figure: ATM interface specifications differ for private and public networks

1.5 ATM Cell Basic Format: ATM transfers information in fixed-size units called cells. Each cell consists of 53 octets, or bytes. The first 5 bytes contain cell-header information, and the remaining 48 contains the payload (user information). Small fixed-length cells are well suited to transferring voice and video traffic because such traffic is intolerant of delays that result from having to wait for a large data packet to download, among other things. Figure illustrates the basic format of an ATM cell.

Figure: An ATM Cell Consists of a Header and Payload Data

ATM Cell Header Format:

An ATM cell header can be one of two formats: UNI or NNI. The UNI header is used for communication between ATM endpoints and ATM switches in private ATM networks. The NNI header is used for communication between ATM switches. Figure depicts the basic ATM cell format, the ATM UNI cell header format, and the ATM NNI cell header format.

Figure: An ATM cell, ATM UNI cell, and ATM NNI cell header. Each contain 48 bytes of payload

Header (5 bytes)

Payload (48 bytes) GFC VPI VCI PT CLP VPI


Payload (48 bytes) VPI


Payload (48 bytes)

8 bits




Unlike the UNI, the NNI header does not include the generic flow control (GFC) field. Additionally, the NNI header has a virtual path identifier (VPI) field that occupies the first 12 bits, allowing for larger trunks b/w public ATM switches.

1.6 ATM Virtual Connections: ATM networks are fundamentally connection-oriented, which means that a virtual channel (VC) must be set up across the ATM network prior to any data transfer. (A virtual channel is roughly equivalent to virtual circuit.) Two types of ATM connections exist: VIRTUAL PATHS which are identified by virtual path identifiers, and VIRTUAL CHANNELS, which are identified by a combination of VPI and a virtual channel identifier (VCI) A virtual path is a bundle of virtual channels, all of which are switched transparently across the ATM network based on the common VPI. All VPI s and VCI s however, have only local significance across a particular link and are remapped as appropriate, at each switch. A transmission path is the physical media that transports virtual channels and virtual paths. Figure illustrates how VCs concatenate to create VPs, which in turn transverse the media or transmission path.

Figure: VCs concatenate to create VPs.

1.7 ATM Reference Model: The ATM architecture uses a logical model to describe the functionality that it supports. ATM functionality corresponds to the physical layer and part of the data link layer of the OSI reference model.

The ATM reference model is composed of the following planes ,which span all layers:

Control: This plane is responsible for generating and managing signaling requests.

User: This plane is responsible for managing the transfer of data.

Management: This plane contains two components:

-Layer management manages layer specific functions, such as the detection of failures and protocol problems. -Plane management manages and coordinates functions related to the complete system.

The ATM Reference Model is composed of the following ATM layers:

Physical Layer: Analogous to the physical layer of the OSI reference model, the ATM physical layer manages the medium-dependent transmission.

ATM Layer: Combined with the ATM Adaptation Layer, the ATM layer is roughly analogous to the Data Link Layer of the OSI Reference Model. The ATM layer is responsible for the simultaneous sharing of virtual circuits over a physical layer (Cell Multiplexing) and passing cells through the ATM network (Cell Relay). To do this, it uses the VPI and VCI information in the header of each ATM Cell.

ATM Adaption Layer: Combined with the ATM layer, the AAL is roughly analogous to Data Link Layer of the OSI model. The AAL is responsible for isolating higher-Layer protocols form the details of the ATM processes. The Adaptation Layer prepares user data for conversion into cells and segments the data into 48- bytes cell payloads.

Finally, the higher layers residing above the AAL accept user data, arrange it into packets and hand it to the AAL

Figure : ATM Reference Model


AIM: Permit spooling.

Definition of Spooling: To send files to some device or program that puts them in a queue for later processing. For e.g. controlling output of jobs to a printer, other peripherals or input devices.

Spooling: In computer science spooling is acronym for simultaneous peripheral operation online. It refers to putting jobs in a buffer, a special are in memory or a disc where a device can access them when it is ready. Spooling is useful because a device can access them at different rates. The buffer provides a waiting station where data can reside, while the shower device catches.

Print spooling: The most common spooling application is print spooling. In this documents are loaded into a buffer and then printer pulls them off. The buffer edits on rate. Because the documents are in a buffer where they can be accessed by printers. The user is forced to perform other operations on the computer.

Application: The print application creates a print job by calling GDI functions.

Winspool.drv: It is the client interface into these spool winspool.drv is installed when the driver of printer are installed.

Spool su.exe: It is the spooler s API server. It is implemented as Windows 2000 service that is started when the O.S is started. Clients of spool su.exe included winspool.drv and win 32 The module implement some API functions.

Routes: The router spool.dll determines which printer provides to call based on a printer name or hand supplied with each functions call and process the functions call to the correct provider.

Print provider: The print provides that support the specified print device. If printer hardware is local to the system on which application is running the client and server are same system. Microsoft provides the fall print providers with windows 2000 and later:-

Local dl.dll: Local print provides handles all jobs directed to printers that are managed from local server.

Win 32 spl.ddl: Windows network print provides hardless print jobs directed to remote win 32 servers when job arrives at the remote server.

Inettpp.ddl: HTTP print provides handless print jobs sent to a URL. The diagram explains it all when we have a document ready to be printed, the print command is selected from the application. The winspool.drv make an interface with the application and printer driver and sends the document to the windows spool vice. The spool service in windows is always active starts with wind itself. The spool server uses its spool.dll file to find out the printer to which the document is to be sent for printing.



What is security? Security is a field of computer science concerned with the control of risks related to computer use. The means of traditionally taken to realize this objective is to attempt to create a secure computing platform designed so that agents can only perform actions that have been allowed. This involves specifying and implementing a security policy. In a secure system the authorized users of that system are still able to do what they should be able to do.

Threats to be addressed The following section describes a number of general threats to the security of the distributed systems. The threats given here are general enough to cover most kind of actual threats.

Disclosure of information

Organisations maintain valuable information on thier computer systems. This information may be used by other paties in such a way as to damage the interest of the organization owing the information. Contamination of information This is the complement of information disclosure. Valuable information may become worthless if unauthorized information is mixed with it. Unauthorized use of resources Authorized subjects will not be allowed to use all resources of a system. Unthorized use of resources may lead to destructive, modification, loss of integrity etc. of resources. Misuse of resources Authorized use of resourcesmay give authorized individuals the apportunity to perform activities that are harmful to the organization. Misuse of resources,intentional or accidental,may be harmful to the organization through corruption,destruction,disclosure,loss or removal of resources. Unauthorized information flow In a distributed system information flow must be controlled not only between users of end-system but also between end-systems. Depending on the prevailing security policy information flow restrictions may be applied to the basis of classifications of data objects and end-systems, user cleearance, etc. Repudiation of information flow Repudiation of information flow involves denial of transmission or receipt of messages. Since such messages may carry purchasing agreement, instructions for payment etc. the scope for criminal repudiation of such messages is considerable. Denial of service Detection and prevention of denial of services must be considered as part of any security policy.

Security Services

Confidentiality Confidentiality is the protection of transmitted data from passive attack. With respect to the release of message contents, several level of protection can be identified. The broadcast service protects all user data transmitted between two users over a period of time.

Authentication The authentication services is concerned with assuring that the communication is autheatic. First, at the time of connection intiation, the services assures that two entities are authentic, that is, that each is the entity that it claims to be. Second, the service must assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purpose of unauthorized transmission or reception. Integrity Integrity can apply to a stream of messages, a single message or selected fields within a message. A connection-oriented integrity service, one that deals with a stream of messages, a single message or selected fields within a message. On the other hand, a connection-less integrity service, one that deals with individual messages only without regard to any larger context, generally provides protection against message modification only.

Non-repudiation Non-repudiation prevents either sender or receiver from denying a transmitted message. Thus, when a message is sent, the receiver can prove that the message was in fact sent by the alleged sender. Similarily, when a message is received, the sender can prove that the message was in fact received by the alleged receiver. Access control In the context of network security, access control is the ablitiy to limit and control the access to hold systems and application links. To achieve this control, each entity trying to gain access that must be identified and authenticated. Availability A variety of attacks can result in a form of reduction in availability.

Cryptography Cryptography techniques involve transforming information, scrambling it so it becomes unreadable during transmissions. The intented recipient can unscramble message, but cavesdroppers cannot.

Cryptographic Systems

Conventional Encryption: Conventional encryption, also referred to as symmetric encryption or single-key encryption, was the only type of encryption in use prior to the development of public key encryption. The original encryption intelligible message, referred to as plainters is converted into apparently random nonsense, referred to as cipher text. The encryption process consists of an algorithm and a key. The key is a value, independent of the plaintext that controls the algorithm. Public- key Encryption: The development of public- key cryptography is the greatest and perphaps the only true revolution in the entire history of cryptography. From its earliest beginnings, right down to modern times, all cryptography systems have been based on the eliminator tools of substitution and permutation. It provides a radial departure from all that has been done before. It is asymmetric, involving the use of two separate keys, in contrast to the symmetric conventional encryption, which uses only one key.

Certification The certificate is usually signed by a trusted certification authority and the contents of the certificate can be verified by any third party who knows the public key of the certification authority. The certification authority is the server that generates and applies a digital signature to the content of the certificate. Thus the certificate is authenticated.

Firewalls Connecting an organization to the internet provides a two-way flow of traffic. In order to provides some level of separation between an organization s intranet and the Internet, firewalls have been employed. A firewall is simply a group of components that collectively form a barrier between two networks.

Types of Firewalls

‡ ‡ ‡

Application Gateways Packets Filtering Hybrid Systems

Secure Network Devices

Secure Modems: Dial- Back Systems The terminal server, or network devices that provides dial-up access to your network needs to be actively administered, and its logos need to be examined for strnge behavior. These are some remote access systems that have the feature of a two-part procedure to establish a connection. The first part is the remote user dialing into the system, and providing the correct userid and password. Crypo- Capable Routers A feature that is being built into some routers is the ability to use session encryption between specified routers. Because traffic travelling across the Internet can ba seen by people in the middle who have the resources to snoop around, these are advantages for providing connectivity between two sites, such that there can be secure routers. Virtual Private Networks VPNs provide the ability for two offices to communicate with each other in such a way that it looks like they re directly connected over a private leased line. The session between them, although going over the internet, is private, and the link is convenient, because each can see each others resources without showing them off to the entire world.

EXPERIMENT NO.4 AIM: Windows XP Installation This procedure demonstrates how to install Windows XP Professional. The procedure to install Windows XP home edition is very similar to the professional edition. Since Windows XP Pro is more advanced operating system, it will be used to demonstrate the installation procedure. The best way install Windows XP is to do a clean install. It is not difficult to perform a clean installation. Before you perform the installation I recommend that you check Windows XP Compatibility List to ensure that your hardware is supported by XP. If your hardware is not on the compatibility list you can check your hardware manufactures website to download the drivers for Windows XP. Save all the necessary drivers onto floppy disks or CD before you start the installation. All versions of Windows XP CD are bootable. In order to boot from CD/DVD-ROM you need to set the boot sequence. Look for the boot sequence under your BIOS setup and make sure that the first boot device is set to CD/DVD-ROM. You can then perform the following steps to install Windows XP: Start your PC and place your Windows XP CD in your CD/DVD-ROM drive. Your PC should automatically detect the CD and you will get a message saying "Press any key to boot from CD". Step 1 - At this stage it will ask you to press F6 if you want to install a third party Raid or SCSI driver. If you are using a an IDE Hard Drive then you do not need to press F6. If you are using a SCSI or SATA Hard drive then you must press F6 otherwise Windows will not detect your Hard Drive during the installation. Please make sure you have the Raid drivers on a floppy disk. Normally the drivers are supplied on a CD which you can copy to a floppy disk ready to be installed. If you are not sure how to do this then please read your motherboard manuals for more information.

Step 2 - You will then get a Windows XP Professional Setup screen. You have the option to do a new Windows install, Repair previous install or quit. Since we are doing a new install we just press Enter to continue.

Step 3 - You will be presented with the End User Licensing Agreement. Press F8 to accept and continue

Step 4 - This step is very important. Here we will create the partition where Windows will be installed. If you have a brand new unformatted drive you will get a screen similar to below. In our case the drive size is 8190MB. We can choose to install Windows in this drive without creating a partition, hence use the entire size of the drive. If you wish to do this you can just press enter and Windows will automatically partition and format the drive as one large drive. However for this demonstration I will create two partition. The first partition will be 6000MB (C: drive) and second partition would be 2180MB (E: drive). By creating two partition we can have one which stores Windows and Applications and the other which stores our data. So in the future if anything goes wrong with our Windows install such as virus or spyware we can reinstall Windows on C: drive and our data on E: drive will not be touched. Please note you can choose whatever size partition your like. For example if you have 500GB hard drive you can have two partition of 250GB each. Press C to create a partition.

Step 5 - Windows will show the total size of the hard drive and ask you how much you want to allocate for the partition you are about to create. I will choose 6000MB. You will then get the screen below. Notice it shows C: Partition 1 followed by the size 6000 MB. This indicates the partition has been created. We still have an unpartitioned space of 2189MB. Next highlight the unpartitioned space by pressing down the arrow key. Then press C to create another partition. You will see the total space available for the new partition. Just choose all the space left over, in our case 2180MB.

Step 6- Now you will see both partition listed. Partition 1 (C: Drive) 6000MB and Partition 2 (E: Drive) 2180MB. You will also have 8MB of unpartitioned space. Don't worry about that. Just leave it how its is. Windows normally has some unpartitioned space. You might wonder what happened to D: drive. Windows has automatically allocated D: drive to CD/DVD-ROM. Select Partition 1 (C: Drive) and press Enter.

Step 7 - Choose format the partition using NTFS file system.This is the recommended file system. If the hard drive has been formatted before then you can choose quick NTFS format. We chose NTFS because it offers many security features, supports larger drive size, and bigger size files.

Windows will now start formatting drive C: and start copying setup files as shown on the two images below :

Step 8 - After the setup has completed copying the files the computer will restart. Leave the XP CD in the drive but this time DO NOT press any key when the message "Press any key to boot from CD" is displayed. In few seconds setup will continue. Windows XP Setup wizard will guide you through the setup process of gathering information about your computer.

Step 9 - Choose your region and language.

Step 10 - Type in your name and organization.

Step 11. Enter your product key.

Step 12 - Name the computer, and enter an Administrator password. Don't forget to write down your Administrator password.

Step 13 - Enter the correct date, time and choose your time zone.

Step 14 - For the network setting choose typical and press next.

Step 15 - Choose workgroup or domain name. If you are not a member of a domain then leave the default settings and press next. Windows will restart again and adjust the display.

Step 16 - Finally Windows will start and present you with a Welcome screen. Click next to continue.

Step 17 - Choose 'help protect my PC by turning on automatic updates now' and press next.

Step 18 - Will this computer connect to the internet directly, or through a network? If you are connected to a router or LAN then choose: 'Yes, this computer will connect through a local area network or home network'. If you have dal up modem choose: 'No, this computer will connect directly to the internet'. Then click Next.

Step 19 - Ready to activate Windows? Choose yes if you wish to active Windows over the internet now. Choose no if you want to activate Windows at a later stage.

Step 20 - Add users that will sign on to this computer and click next.

Step 21 - You will get a Thank you screen to confirm setup is complete. Click finish.

Step 22. Log in, to your PC for the first time.

Step 23 - You now need to check the device manager to confirm that all the drivers has been loaded or if there are any conflicts. From the start menu select Start -> Settings -> Control Panel. Click on the System icon and then from the System Properties window select the Hardware tab, then click on Device Manager.

If there are any yellow exclamation mark "!" next to any of the listed device, it means that no drivers or incorrect drivers has been loaded for that device. In our case we have a Video Controller (VGA card) which has no drivers installed. Your hardware should come with manufacturer supplied drivers. You need to install these drivers using the automatic setup program provided by the manufacturer or you need to manually install these drivers. If you do not have the drivers, check the manufacturers website to download them. To install a driver manually use the following procedure: (a) From the device manager double click on the device containing the exclamation mark. (b) This would open a device properties window. (c) Click on the Driver tab. (d) Click Update Driver button. The Wizard for updating device driver pops up as shown below:

You now get two options. The first option provides an automatic search for the required driver. The second option allows you to specify the location of the driver. If you don't know the location of the driver choose the automatic search which would find the required driver from the manufacturer supplied CD or Floppy disk. Windows would install the required driver and may ask you to restart the system for the changes to take affect. Use this procedure to install drivers for all the devices that contain an exclamation mark. Windows is completely setup when there are no more exclamation marks in the device manager.

EXPERIMENT NO.5 AIM: Windows 2000 Server Installation Step #1: Plan your installation When you run the Windows 2000 Server Setup program, you must provide information about how to install and configure the operating system. Thorough planning can make your installation of W2K more efficient by helping you to avoid potential problems during installation. An understanding of the configuration options will also help to ensure that you have properly configured your system. I won't go into that part right now but here are some of the most important things you should take into consideration when planning for your Windows Server 2000 installation: Check System Requirements Check Hardware and Software Compatibility Determine Disk Partitioning Options Choose the Appropriate File System: FAT, FAT32, NTFS Decide on a Workgroup or Domain Installation Complete a Pre-Installation Checklist After you made sure you can go on, start the installation process. Step #2: Beginning the installation process You can install Windows 2000 Server in several methods - all are valid and good, it all depends upon your needs and your limitations. Manual installations usually come in 3 flavors: Boot from CD - No existing partition is required. Boot from the 4 Setup Boot Disks, then insert the CD - No existing partition is required. Boot from an MS-DOS startup floppy, go to the command prompt, create a 4GB FAT32 partition with FDISK, reboot, format the C partition you've created, then go to the CD drive, go into the I386 folder, and run the WINNT.EXE command. Run an already installed OS, such as Windows NT 4.0 Server. From within NT 4.0 go to the I386 folder in the W2K installation CD and run the WINNT32.EXE command. If you want to upgrade a desktop OS such as Windows 98 into Windows 2000 Professional you can follow the same procedure as above (You cannot upgrade Windows 98 into W2K Server). There are other non-manual installation methods, such as using an unattended file along with a uniqueness database file, using Sysprep, using RIS or even running unattended installations from within the CD itself, but we won't go into that right now. It doesn't matter how you run the setup process, but the moment it runs - all setup methods look alike. Step #3: The text-based portion of the Setup program

The setup process begins loading a blue-looking text screen (not GUI). In that phase you will be asked to accept the EULA and choose a partition on which to install W2K, and if that partition is new, you'll be asked to format it by using either FAT, FAT32 or NTFS. Start the computer from the CD. You can press F6 if you need to install additional SCSI adapters or other mass-storage devices. If you do you will be asked to supply a floppy disk with the drivers and you CANNOT browse it (or a CD for that matter). Make sure you have one handy.

Setup will load all the needed files and drivers. Select To Setup W2K Now. If you want, and if you have a previous installation of the OS, you can try to fix it by pressing R. If not, just press ENTER.

In case your server is a new one, or it is using a new hard disk that hasn't been partitioned yet, you'll get a warning message. Read it, and if you want to continue, press C.

Read and accept the licensing agreement and press F8 if you accept it.

Select or create the partition on which you will install W2K. Depending upon your existing disk configuration choose one of the following:

If the hard disk is not yet partitioned, you can create and size the partition on which you will install Windows 2000. Press C.

If the hard disk is new and you want to create a partition that will span the entire hard disk's size - press Enter. Other optionsL If the hard disk is already partitioned, but has enough unpartitioned disk space, you can create an additional partition in the unpartitioned space. If the hard disk already has a partition that is large enough, you can install Windows 2000 on that partition. If the partition has an existing operating system, you will overwrite that operating system if you accept the default installation path. However, files other than the operating system files, such as program files and data files, will not be overwritten. If the hard disk has an existing partition, you can delete it to create more unpartitioned space for the new partition. Deleting an existing partition erases all data on that partition. If you select a new partition during Setup, create and size only the partition on which you will install Windows 2000. After installation, use Disk Management to partition the remaining space on the hard disk. Select a file system for the installation partition. After you create the partition on which you will install W2K, you can use Setup to select the file system with which to format the partition. W2K supports the NTFS file system in addition to the file allocation table (FAT) and FAT32 file systems. Windows Server 2003, Windows XP Professional, Windows 2000, and Windows NT are the only Microsoft operating systems that you can use to gain access to data on a local hard disk that is formatted with NTFS. If you plan to gain access to files that are on a local W2K partition with the Microsoft Windows 95 or Windows 98 operating systems, you should format the partition with a FAT or FAT32 file system. We will use NTFS.

Setup will then begin copying necessary files from the installation point (CD, local I386 or network share). Note: If you began the installation process from an MS-DOS floppy, make sure you have and run SMARTDRV from the floppy, otherwise the copying process will probably last more than an hour, perhaps even more. With SMARTDRV (or if setup was run by booting from CD) the copying will probably last a few minutes, no more than 5 max.

The computer will restart in graphical mode, and the installation will continue. Step #4: The GUI-based portion of the Setup program The setup process reboots and loads a GUI mode phase. It will then begin to load device drivers based upon what it finds on your computer. You don't need to do anything at this stage.

If your computer stops responding during this phase (the progress bar is stuck almost half-way, and there is no disk activity) - shut down your computer and begin removing hardware such as PCI and ISA cards. If it works for you then later try to figure out how to make that specific piece of hardware work (it's probably not in the HCL). Click Customize to change regional settings, if necessary. Current System Locale - Affects how programs display dates, times, currency, and numbers. Choose the locale that matches your location, for example, French (Canada). Current Keyboard Layout - Accommodates the special characters and symbols used in different languages. Your keyboard layout determines which characters appear when you press keys on the keyboard. If you don't need to make any changes just press Next.

If you do need to make changes press Customize and add your System Locale etc. Note for Hebrew users: In W2K it is NOT SAFE to install Hebrew language support at this phase!!! Trust me, do it later. If you don't listen to me, good chances are that you'll get ???? fonts in some Office applications such as Outlook and others. Read the Install Hebrew on Windows 2000 page for more info. Type your name and organization.

Type the product key.

If you'd like to skip this step in the future, please read Install Windows 2000 Without Supplying the CD Key.

Enter the appropriate license type and number of purchased licenses.

Type the computer name and a password for the local Administrator account. The local Administrator account resides in the SAM of the computer, not in Active Directory. If you will be installing in a domain, you need either a pre-assigned computer name for which a domain account has been created, or the right to create a computer account within the domain.

Choose which components to install or remove from the system.

Select the date, time, and time zone settings.

Setup will now install the networking components.

After a few seconds you will receive the Networking Settings window. BTW, if you have a NIC that is not in the HCL (see the What's the HCL? page) and W2K cannot detect it, or if you don't have a NIC at all, setup will skip this step and you will immediately go to the final phase of the setup process.

Press Next to accept the Typical settings option if you have one of the following situations: You have a functional DHCP on your network. You have a computer running Internet Connection Sharing (ICS). You're in a workgroup environment and do not plan to have any other servers or Active Directory at all, and all other workgroup members are configured in the same manner. Otherwise select Custom Settings and press Next to customize your network settings. Highlight the TCP/IP selection and press Properties. In the General tab enter the required information. You must specify the IP address of the computer, and if you don't know what the Subnet Mask entry should be - you can simply place your mouse pointer over the empty area in the Subnet Mask box and click it. The OS will automatically select the value it thinks is good for the IP address you provided.

Lamer note: In the above screenshot I've configured the computer with a valid IP address for MY network, along with the Default Gateway and the address of MY DNS server. Your settings may differ. If you don't know what these values mean, or if you don't know what to write in them, press cancel and select the Typical Settings option. You can easily change these values later. In the Workgroup or Domain window enter the name of your workgroup or domain. A workgroup is a small group of computers on a network that enables users to work together and does not support centralized administration. A domain is a logical grouping of computers on a network that has a central security database for storing security information. Centralized security and administration are important for computers in a domain because they enable an administrator to easily manage computers that are geographically distant from each other. A domain is administered as a unit with common rules and procedures. Each domain has a unique name, and each computer within a domain has a unique name. If you're a stand-alone computer, or if you don't know what to enter, or if you don't have the sufficient rights to join a domain - leave the default entry selected and press Next.

If you want to join a domain (NT 4.0 domain of W2K/2003 Active Directory domain) enter the domain's

na in the "Yes, make this computer a member of the following domain" box.


To successfully join a domain you need the following: The person performing the installation must have a user account in Active Directory. This account does not need to be the domain Administrator account. and The computer must have an existing computer account in the Active Directory database of the domain that the computer is joining, and the computer must be named exactly as its domain account is named. or The person performing the installation must have appropriate permission to create a domain account for the computer during installation. Also, you need to have connectivity to the domain's domain controllers (only to the PDC if on an NT 4.0 domain) and a fully functional DNS server (only in AD domains). Read the Joining a Domain in Windows XP Pro and Requirements when Joining a Domain pages for more on this issue. Enter the Active Directory domain name (in the form of xxx.yyy, for example: DPETRI.NET) or the NetBIOS name of the NT 4.0 domain (in the form of xxx, for example: DPETRI). Press Next.

Note: If you provide a wrong domain name or do not have the correct connectivity to the domain's DNS server you will get an error message. A username/password window will appear. Enter the name and password of the domain's administrator (or your own if you're the administrator on the target domain).

Note: Providing a wrong username or password will cause this phase to fail. Next the setup process will finish copying files and configuring the setup. You do not need to do anything.

After the copying and configuring phase is finished, if Windows Server 2003 finds that you have a badly configured screen resolution it will advise you to change it and ask you if you see the new settings right. Setup finishes and displays the finish window. Unfortunately, you must press Finish in order to reboot..

Windows 2000 reboots and you should get the CTRL-ALT-DEL window.

EXPERIMENT NO. 7 Installating Active Directory on Server
This article describes how to promote or demote a domain controller to a stand-alone server in Windows 2000. Promoting a server to a domain controller is the process of installing Active Directory Services on that server. Demoting a domain controller removes Active Directory and switches to using a local User Accounts System (UAS). Before promoting a server to a domain controller, you must plan your structure to best suit your organizational needs and network topologies. An administrator has the following options when promoting a server to a domain controller: ‡ ‡ ‡ ‡ ‡ Installing the first domain controller in a new forest Installing the first domain controller in a new domain tree Installing the first domain controller in a new child domain Installing an additional domain controller in a domain tree Removing Active Directory from domain controller

The Domain Name System (DNS) service is an integral part of Active Directory for name resolution. DNS defines the Windows 2000 namespace and is very flexible.

After you plan your configuration and decide which option you will be using during the promotion process, use the steps in the appropriate section below. These sections guide an administrator through the promotion proces. Installing the First Domain Controller in a New Forest NOTE: You must install a DNS server at some point before or during the promotion process. After the computer is promoted to a domain controller, it registers services in DNS that enable Lightweight Directory Access Protocol (LDAP) queries to be performed against the directory on that domain controller. ‡ Click Start, click Run, type dcpromo, and then click OK.

‡ ‡

This starts the Active Directory Installation Wizard. Click Next. The Active Directory Installation Wizard asks a series of questions to determine the role this server will have. Because you are installing this server as the first domain controller in the forest, click Domain Controller for a New Domain.

Click Next. ‡ Because this domain controller will also be the first domain controller in a new domain tree, click Create a new domain tree. Click Next. ‡ In the New Domain Name screen, type the full DNS name for your new domain in the form of a fully qualified domain(for example:

‡ ‡

In the NetBIOS Domain Name screen, the NetBIOS Name box is populated with the first part of your fully qualified domain name (for example: MICROSOFT). The Database Location and Logs Location boxes are populated with the default location (Rootdrive\Winnt\Ntds). For best performance and recoverability, store the

database and the logs on a separate hard disk. Change the Logs Location value to another

hard disk. Click Next. ‡ In the Shared System Volume screen, the default location of Rootdrive\Winnt\Sysvol is acceptable as long as the volume uses the NTFS file system. This is required for the Sysvol folder.

Click Next. ‡ If you do not have a DNS server available, a "The wizard cannot contact the DNS server that handles the name Domain Name to determine if it supports dynamic update. Confirm your DNS configuration, or install and configure a DNS server on this computer" message appears. Click Ok. In the Configure DNS screen, click Yes, install and configure DNS on this computer (recommended).


Click Next. ‡ In the Windows NT 4.0 RAS Server screen, choose whether or not you want to allow Remote Access Services (RAS) access to this server.

Click Next.


In the Directory Serviced Restore Mode Administrative Password screen, specify an administrator password to use when you start the computer in Directory Services Restore mode. You use Directory Services Restore mode when you need to recover the Active Directory database.

NOTE: Make sure you remember this password, or you cannot restore Active Directory if needed. ‡ In the Summary screen, confirm your options, and then click Next.

‡ ‡

Verify that Active Directory is installed by viewing the messages on the screen. After Active Directory is installed, click Finish to close the wizard. Restart the computer.

EXPERIMENT NO. 8 Creating a Domain User on Windows 2000 server
‡ From the Windows Start menu select Programs | Administrative Tools | Active Directory Users and Computers. If this menu item does not exist, the server is not a domain controller and you should create a local user instead.


From the Active Directory Users and Computers dialog, navigate to Users on the left panel; right click on Users and select New | User from the popup menu.


In the New Object - User dialog, enter PR-Tracker and prtracker for the First name and User logon name, respectively.

‡ ‡ ‡

In next dialog check box Password never expires and User cannot change password. Click the Create button to create the user and then click Close button. Optional steps follow: double-click the prtracker username on the right panel.

From the prtracker Properties dialog, select tab Member Of and click the Add button.From the Select Groups dialog double-click Administrators and click the

OK button. Logging on of User In this part of the roaming user profiles scenario, log on as rahul who is now a local user. ‡ ‡ ‡ Log off by clicking Start, Shutdown, and Log off Administrator. Click OK. Press the Ctrl-Alt-Del keys. Log on with the user name rahul and click OK.

EXPERIMENT NO. 9 Maintainence of Domain Users on Windows Server 2000
Restrict the access of local users from accessing folders of other local users:Imagine that you're adjusting the ACL of a folder on a member server in an Active Directory (AD) domain called is part of a Windows 2000 forest that includes two other domains. In addition, trusts a Windows NT domain called OLDNT and a

Kerberos realm called KERB1. In this case, Authenticated Users includes all local users in the member server's local SAM, all users in the domain, and all users in all other domains that are in the same forest as Authenticated Users also includes global users in the OLDNT domain and principals from the KERB1 realm. Because AD trust relationships with domains and realms outside the AD forest are intransitive, Authenticated Users doesn't include users from other domains or realms that OLDNT or KERB1 trust. To limit access to the domain users of a given domain, allow access to only that domain's Domain Users group. Win2K automatically adds every new AD user account to the Domain Users group. Because Domain Users is a global group, it will never include machine local users in a member server's or workstation's SAM or users from any other domain. To grant access to all domain users in the forest while excluding local SAM users and users in legacy NT domains or Kerberos realms, create a universal group called Forest Users. For each domain in the forest, add the Domain Users group as a member of Forest Users.

EXPERIMENT NO. 10 DATA COMPRESSION AND ITS EFFECT ON NETWORK Data compression is the process of encoding information using fewer bits (or other informationbearing units) than an uncoded representation would use, through use of specific encoding schemes. As with any communication, compressed data communication only works when both the sender and receiver of the inormation understand the encoding scheme. For example, this text makes sense only if the receiver understands that it is intended to be interpreted as characters representing the English language. Similarly, compressed data can only be understood if the decoding method is known by the receiver. Compression is useful because it helps reduce the consumption of expensive resources, such as harddisk space or transmission bandwidth. On the downside, compressed data must be decompressed to be used, and this extra processing may be detrimental to some applications. For instance, a compression scheme for video may require expensive hardware for the video to be decompressed fast enough to be viewed as it's being decompressed (the option of decompressing the video in full before watching it may be inconvenient, and requires storage space for the decompressed video). The design of data compression schemes therefore involves trade-offs among various factors, including the degree of compression, the amount of distortion introduced (if using a lossy compression scheme), and the computational resources required to compress and uncompress the data. Block Diagram of Data Compression:-

Lossless versus lossy compression Lossless compression algorithms usually exploit statistical redundancy in such a way as to represent the sender's data more concisely without error. Lossless compression is possible because most real-world data has statistical redundancy. For example, in English text, the letter 'e' is much more common than the letter 'z', and the probability that the letter 'q' will be followed by the letter 'z' is very small. Another kind of compression, called lossy data compression or perpetual encoding, is possible if some loss of fidelity is acceptable. Generally, a lossy data compression will be guided by research on how people perceive the data in question. For example, the human eye is more sensitive to subtle variations in luminance than it is to variations in color. JPEG image compression works in part by "rounding off" some of this less-important information. Lossy data compression provides a way to obtain the best fidelity for a given

amount of compression. In some cases, transparent (unnoticeable) compression is desired; in other cases, fidelity is sacrificed to reduce the amount of data as much as possible. Lossless compression schemes are reversible so that the original data can be reconstructed, while lossy schemes accept some loss of data in order to achieve higher compression.

However, lossless data compression algorithms will always fail to compress some files; indeed, any compression algorithm will necessarily fail to compress any data containing no discernible patterns. Attempts to compress data that has been compressed already will therefore usually result in an expansion, as will attempts to compress all but the most trivially encrypted data. In practice, lossy data compression will also come to a point where compressing again does not work, although an extremely lossy algorithm, like for example always removing the last byte of a file, will always compress a file up to the point where it is empty. An example of lossless vs. lossy compression is the following string: 25.888888888 This string can be compressed as: 25.[9]8 Interpreted as, "twenty five point 9 eights", the original string is perfectly recreated, just written in a smaller form. In a lossy system, using 26 instead, the exact original data is lost, at the benefit of a smaller file. Applications:The above is a very simple example of run-length encoding, wherein large runs of consecutive identical data values are replaced by a simple code with the data value and length of the run. This is an example of lossless data compression. It is often used to optimize disk space on office computers, or better use the connection bandwidth in a computer network. For symbolic data

such as spreadsheets, text, executable programs, etc., losslessness is essential because changing even a single bit cannot be tolerated (except in some limited cases). For visual and audio data, some loss of quality can be tolerated without losing the essential nature of the data. By taking advantage of the limitations of the human sensory system, a great deal of space can be saved while producing an output which is nearly indistinguishable from the original. These lossy data compression methods typically offer a three-way tradeoff between compression speed, compressed data size and quality loss. Lossy image compression is used in digital cameras, to increase storage capacities with minimal degradation of picture quality. Similarly, DVD's use the lossy MPEG-2 Videos codec for video compression. Compression of human speech is often performed with even more specialized techniques, so that "speech compresson" or "voice coding" is sometimes distinguished as a separate discipline from "audio compression". Different audio and speech compression standards are listed under audio codecs. Effect of Data Compression on VPNs:Virtual private networks (VPNs) allow two or more parties to communicate securely over a public network. Using cryptographic algorithms and protocols, VPNs provide security services such as confidentiality, host authentication and data integrity. The computation required to provide adequate security, however, can significantly degrade the performance. We characterize the extent to which data compression can alleviate this performance problem in a VPN implemented with the IP Security Protocol (IPsec). We use a system model for IPsec transactions to derive an inequality that specifies the conditions required for data compression to improve performance. We generate performance results for many combinations of network types, data types, packet sizes, and encryption, authentication and compression algorithms. We find that compression usually improves the performance when using 10 Mbps or slower networks, but compression only improves the performance in systems with 100 Mbps or 1 Gbps networks when using computationally intensive encryption algorithms. Data Compression and Data Management:Data compression is widely used in data management to save storage space and network bandwidth. In this report, we outline the performance improvements that can be achieved by exploiting data compression in query processing. The novel idea is to leave data in compressed state as long as possible, and to only uncompress data when absolutely necessary. We will show that many query processing algorithms can manipulate compressed data just as well as decompressed data, and that processing compressed data can speed query processing by a factor much larger than the compression factor.

EXPERIMENT NO. 11 SPOOLING Spooling refers to a process of transferring data by placing it in a temporary working area where another program may access it for processing at a later point in time. The normal English verb "spool" can refer to the action of a storage device that incorporates a physical spool or reel, such as a tape drive. Spooling refers to putting jobs in a buffer, a special area in memory or on a disk where a device can access them when it is ready. Spooling is useful because devices access data at different rates. The buffer provides a waiting station where data can rest while the slower device catches up. This temporary working area would normally be a file or storage device. Usual uses of the term spooling apply to situations where there is little or no direct communication between the program writing the data and the program reading it. Spooling is often used when a device writes data faster than a target device can read it, allowing the slower device to work at its own pace without requiring processing to wait for it to catch up. Data is only modified through addition or deletion at the ends of the area, i.e., there is no random access or editing. The most common spooling application is print spooling: documents formatted for printing are stored onto a buffer(usually an area on a disk) by a fast processor and retrieved and printed by a relatively slower printer at its own rate. As soon as the fast processor has written the document to the spool device it has finished with the job and is fully available for other processes. One or more processes may rapidly write several documents to a print queue without waiting for each one to print before writing the next. Spooler or print management software may allow priorities to be assigned to jobs, notify users when they have printed, distribute jobs among several printers, allow stationery to be changed or select it automatically, generate banner pages to identify and separate print jobs, etc. The temporary storage area to which E-mail is delivered by a Mail Transfer Agent and in which it waits to be picked up by a Mail User Agent is sometimes called a mail spool. Likewise, a storage area for Usenet articles may be referred to as a news spool. Unlike other spools, mail and news spools usually allow random access to individual messages. "Spool" is an acronym for simultaneous peripheral operations on-line, or as for printers: simultaneous peripheral output on line. Early mainframe computers had, by current standards, small and expensive hard disks. The spooling mechanism:The entire key to spooling is asynchronous processing, where the program is not constrained by the speed of slow devices, particularly printers. Printers are relatively slow peripherals. In comparison, disc devices and particularly CPUs are orders of magnitude faster. Without spooling print data, the speed of program operation is constrained by the slowest device, commonly printers, forcing the program to wait for the mechanical motion of the printer. Professionals say the program is 'print bound'. For example, when a city prepares payroll checks, the actual computation may take a matter of minutes or even seconds, but the printing process might take hours. If the program printed directly, computing resources (CPU, memory, peripherals) would be tied up until the program

was able to finish. The same is true of personal computers. Without spooling, a word processor would be unable to continue until printing finished. Without spooling, most programs would be relegated to patterns of fast processing and long waits, an inefficient paradigm. Magnetic recording tape wound onto a spool or reel. Diagram of Print Spooler:-