Unit 1 - 1 Computer Application-III-1

SKILLS FOR INDIA
Overview of Networking
Basics of Networking
An overview of computer networking which introduces

many key concepts and terminology. Sets the stage for
future topics.
2
A network consists of 2 or more computers connected
together, and they can communicate and share resources
(e.g. information)
3
 Communications – activity associated with distributing or exchanging
information
 Telecommunications – technology of communications at a distance that
permits information to be created any where and used everywhere with
little delay
 A network is a way to get “stuff” between 2 or more “things”
 Examples: Mail, phone system, conversations, railroad system,
highways and roads
4
 Must have a message
 Message must have a transmitter
 Message must have a medium
 Message must be understood
 Message must have some level of security
Source System Destination System
Source  Transmitter  Transmission  Receiver  Destination

1 2 3 4 5
Workstation/PC Medium Workstation/PC
5
Essentials for Network
1. Text input information

2. Input data digital bit stream
3. Transmitted analog signal
4. Received analog signal
5. Output data digital bit stream
6. Text output information
6
A typical network
7
SKILLS FOR INDIA
Topologies
Bus Topology
 Bus: each node is daisy-chained (connected one right after the other)
along the same backbone. Information sent from a node travels along the
backbone until it reaches its destination node. Each end of a bus network
must be terminated with a resistor (terminator) at each end. If the
message is missed or not recognized, it reaches the end of the cabling
and dissipates at the terminator.
9
Ring Topology
 Similar to a bus network, rings have
nodes daisy chained, but the end of
the network in a ring topology comes
back around to the first node, creating
a complete circuit. Each node takes a
turn sending and receiving
information through the use of a
token. The token along with any data
is sent from the first node to the
second node which extracts the data
addressed to it and adds any data it
wishes to send. Then second node
passes the token and data to the third
node, etc. until it comes back around
to the first node again. Only the node
with the token is allowed to send data
. All other nodes must wait for the
token to come to them.
10
Star Topology
 In a star network, each node is

connected to a central device called a
hub. The hub takes a signal that comes
from any node and passes it along to all
the other nodes in the network
 A hub does not perform any type of
filtering or routing of the data
 A hub is a junction that joins all the
different nodes together
11
HybridTopology
 It is a type of network that is

composed of one or more
interconnections of twor or more
networks that are based upon
different physical topologies or a
type of network.
 Nodes in particular areas are
connected to hubs (and create star
topology), and hubs are connected
together along the network
backbone (like a bus network)
 Often you have stars nested
within stars
 Star bus topology can also be
said.
12
Mesh Topology
 It is also called a point-to-point
topology
 Each device is connected
directly to all other network
devices
 It provides fault tolerance
 It provides security as data
travels dedicated line.
 Hardware is expensive and mesh
of wiring can be difficult and
installation is complex.
13
Tree or Hierarchical Network Topology
 In Network topology, a central
root node, the top of the
hierarchy is connected to
second level network and
second level network is
connected to the lower level
network.
 A tree topology may be define
as a combination of star and
bus topology where multiple
networks are connected
through a single back bone
connection.
 Each node in a hierarchy level
has point to point links with
each adjacent node on its
below level. 14
SKILLS FOR INDIA
Network Components
Hubs
 A hub or network hub connects the computers and devices and sends
messages and data from one device to all others.
 If the computer in the network want to send the message to laptop
through the hub, the message will get sent by the hub to all the
computers and devices on the network. They need to identify that
message is not for them. And the laptop receiver will accept the message
as it was intended for the same.
printer
hub
Desktop computer
16
Routers
 A router is a device or a software in a computer that determines the next

network point to which a packet should be forwarded toward its
destination
 Allow different networks to communicate with each other
 A router creates and maintain a table of the available routes and their
conditions and uses this information along with distance and cost
algorithms to determine the best route for a given packet
 A packet will travel through a number of network points with routers
before arriving at its destination
17
Routers
internet
router
printer
switch
Desktop computer
18
Switch
 The switch connects the computer network components and it knows the
address of each item and so when the desktop computer wants to talk to the
laptop it only sends the message to the laptop and nothing else.
printer
switch laptop
Desktop computer database

19
SKILLS FOR INDIA
Types of Network
Major Categories of Networks
Local Area Network

Metropolitan Area network
Wide area network
The internet
Personal Area Network
21
Local Area Network
A Local Area Network (LAN) is a relatively small network that is confined

to a small geographic area, such as a single office or a building. Laptops,
desktops, servers, printers, and other networked devices that make up a
LAN are located relatively close to each other. A key characteristic is that
all of the equipment that comprises a LAN, is owned by a single entity.
22
Metropolitan Area Network
The term Metropolitan Area Network (MAN) is typically used to describe a

network that spans a citywide area or a town. MANs are larger than
traditional LANs and predominantly use high-speed media, such as fiber
optic cable, for their backbones. MANs are common in organizations that
need to connect several smaller facilities together for information sharing.
This is often the case for hospitals that need to connect treatment facilities,
outpatient facilities, doctor's offices, labs, and research offices for access to
centralized patient and treatment information. MANs share many of the
same security threats as LANs, but on a larger scale. The plight of an
administrator in a central location granting access to countless offices that
are scattered within a city is a difficult one that demands strict access
control mechanisms to protect against unauthorized information access.
23
MAN Architecture
24
Wide Area Network
A Wide Area Network (WAN) covers a significantly larger geographic area

than LANs or MANs. A WAN uses public networks, telephone lines, and
leased lines to tie together smaller networks such as LANs and MANs over a
geographically dispersed area. Connecting devices in different geographic
areas together for information sharing, WANs are an important piece of
enterprise networks. For example, consider the VisaNet global network used
by Visa International. The VisaNet network connects locations throughout
150 countries to validate and debit credit-card transactions at over 24 million
locations. By providing security and simplicity over a standard-based WAN
architecture, Visa International relies on their network infrastructure to
provide reliable access to merchants who accept Visa credit cards for
transactions.
25
WAN Architecture
26
Personal Area Network
A more recent term used to describe a type of network is a Personal Area

Network (PAN). PAN networks are usually wireless, established in an on-
demand or ad-hoc fashion when needed to communicate between two or more
devices. PAN networks can be used between devices owned by two different
parties, or between two devices owned by one person, such as a PDA and a
laptop or mobile phone. These networks are usually characterized as short-
range, often limited to 10 meters or less in range.
An example of a PAN technology is Bluetooth wireless networking. Bluetooth

is designed as a cable-replacement technology, allowing users to discard the
serial and USB cables used by many of today's peripheral devices and rely on
a Bluetooth PAN for communication. Bluetooth PANs support up to 7 devices
in a single network and can be used for proprietary protocols (such as PDA
synchronization) or standards-based protocols, including Internet access over
IP and the Bluetooth Network Encapsulation Protocol (BNEP).
27
PAN Architecture
28
Other types of Area Networks
 Wireless Loca Area Network: A LAN based on wi-fi

wireless newtwork technology.
 Camputs Area Network: A network spanning multiple LANs
but smaller than a MAN, such as on a university or local
business campus.
 Storage Area Network: It is connecting servers to data
storage devices through a technology like fibre channel.
 System Area Network: It links high performance computers
with high speed connections in a cluster configuration. Also
known as cluster area network.
29
Data Flow
 Communication between two devices can be simplex, half duplex or full

duplex.
 Simplex: In simplex mode, the communication is unidirectional, as on a

one way street. Only one of the two devices on a link can transmit the other
can only receive .
 Keyboard and traditional moniters are examples of simplex devices.
Direction of data
keyboard desktop
30
Data Flow
 Half Duplex: In half duplex mode, each station or node can transmit and
receive but not at the same time.
 When one device is sending the other can only receive and vice versa.
 Walkie talkies are the good example of halp duplex mode.
31
Data Flow
 Full Duplex: In full duplex mode, both stations can transmit and receive
simultaneously.
 The full duplex mode is like a two way street with traffic following in both
directions at the same time. The capacity of the channel is divided between
signals travelling in both directions.
32
SKILLS FOR INDIA
OSI Model
ISO/OSI Reference Model
 Open Systems Interconnection

 No one really uses this in the real world.
 A reference model so others can develop detailed interfaces
 Value: The reference model defines 7 layers of functions that take place
at each end of communication and with each layer adding its own set of
special related functions
 Flow of data through each layer at one
34
ISO/OSI Reference Model
File Transfer, Email, Remote Login 
ASCII Text, Sound (syntax layer) 
Establish/manage connection 
End-to-end control & error checking
(ensure complete data transfer): TCP 
Routing and Forwarding Address: IP 
Two party communication: Ethernet 
How to transmit signal; coding Hardware

means of sending an receiving data on a carrier
35
Layer 1: Physical layer
The physical layer defines electrical and physical specifications for devices.
In particular, it defines the relationship between a device and a transmission
medium, such as a copper or fiber optical cable.
The major functions and services performed by the physical layer are:
Establishment and termination of a connection to
a communications medium
Participation in the process whereby the communication resources are
effectively shared among multiple users. For example, contention resolution
and flow control
36
Modulation, or conversion between the representation of digital data in
user equipment and the corresponding signals transmitted over a
communications channel. These are signals operating over the physical
cabling (such as copper and optical fiber) or over aradio link
Parallel SCSI buses operate in this layer, although it must be remembered

that the logical SCSI protocol is a transport layer protocol that runs over this
bus. Various physical-layer Ethernet standards are also in this layer; Ethernet
incorporates both this layer and the data link layer. The same applies to other
local-area networks, such as token ring, FDDI, ITU-T G.hn and IEEE
802.11, as well as personal area networks such as Bluetooth and IEEE
802.15.4.
37
Layer 2: Data link layer
The data link layer provides the functional and procedural means to transfer
data between network entities and to detect and possibly correct errors that
may occur in the physical layer. Originally, this layer was intended for point-
to-point and point-to-multipoint media, characteristic of wide area media in
the telephone system. Local area network architecture, which included
broadcast-capable multi access media, was developed independently of the
ISO work in IEEE Project 802. IEEE work assumed sub-layering and
management functions not required for WAN use. In modern practice, only
error detection, not flow control using sliding window, is present in data link
protocols such as Point-to-Point Protocol (PPP), and, on local area networks,
the IEEE 802.2 LLC layer is not used for most protocols on the Ethernet,
and on other local area networks, its flow control and acknowledgment
mechanisms are rarely used. Sliding window flow control and
acknowledgment is used at the transport layer by protocols such as TCP, but
is still used in niches where X.25 offers performance advantages.
38
The ITU-T G.hn standard, which provides high-speed local area
networking over existing wires (power lines, phone lines and coaxial
cables), includes a complete data link layer which provides both error
correction and flow control by means of a selective repeat Sliding
Window Protocol.
Both WAN and LAN service arrange bits, from the physical layer, into
logical sequences called frames. Not all physical layer bits necessarily
go into frames, as some of these bits are purely intended for physical
layer functions. For example, every fifth bit of the FDDI bit stream is
not used by the layer.
39
Layer 3: Network layer
The network layer provides the functional and procedural means of

transferring variable length data sequences from a source host on one network
to a destination host on a different network (in contrast to the data link layer
which connects hosts within the same network), while maintaining the quality
of service requested by the transport layer. The network layer performs
network routing functions, and might also perform fragmentation and
reassembly, and report delivery errors. Routers operate at this layer, sending
data throughout the extended network and making the Internet possible. This is
a logical addressing scheme – values are chosen by the network engineer. The
addressing scheme is not hierarchical.
40
Layer 3: Network layer
The network layer may be divided into three sub layers:

Sub network access – that considers protocols that deal with the interface to
networks, such as X.25;
Sub network-dependent convergence – when it is necessary to bring the level
of a transit network up to the level of networks on either side
Sub network-independent convergence – handles transfer across multiple
networks
41
An example of this latter case is CLNP, or IPv6 ISO 8473. It manages
the connectionless transfer of data one hop at a time, from end system
to ingress router, router to router, and from egress router to destination end
system. It is not responsible for reliable delivery to a next hop, but only for
the detection of erroneous packets so they may be discarded. In this scheme,
IPv4 and IPv6 would have to be classed with X.25 as subnet access
protocols because they carry interface addresses rather than node addresses.
A number of layer-management protocols, a function defined in the

Management Annex, ISO 7498/4, belong to the network layer. These include
routing protocols, multicast group management, network-layer information
and error, and network-layer address assignment. It is the function of the
payload that makes these belong to the network layer, not the protocol that
carries
42
Layer 4: Transport layer
The transport layer provides transparent transfer of data between end users,
providing reliable data transfer services to the upper layers. The transport
layer controls the reliability of a given link through flow control,
segmentation/desegmentation, and error control. Some protocols are state-
and connection-oriented. This means that the transport layer can keep track
of the segments and retransmit those that fail. The transport layer also
provides the acknowledgement of the successful data transmission and
sends the next data if no errors occurred.
43
OSI defines five classes of connection-mode transport protocols ranging
from class 0 (which is also known as TP0 and provides the least features) to
class 4 (TP4, designed for less reliable networks, similar to the Internet).
Class 0 contains no error recovery, and was designed for use on network
layers that provide error-free connections. Class 4 is closest to TCP,
although TCP contains functions, such as the graceful close, which OSI
assigns to the session layer. Also, all OSI TP connection-mode protocol
classes provide expedited data and preservation of record boundaries.
Although not developed under the OSI Reference Model and not strictly
conforming to the OSI definition of the transport layer, the Transmission
Control Protocol (TCP) and the User Datagram Protocol (UDP) of the
Internet Protocol Suite are commonly categorized as layer-4 protocols
within OSI.
44
Layer 5: Session layer
The session layer controls the dialogues (connections) between computers. It

establishes, manages and terminates the connections between the local and
remote application. It provides for full-duplex, half-duplex,
or simplex operation, and establishes checkpointing, adjournment,
termination, and restart procedures. The OSI model made this layer
responsible for graceful close of sessions, which is a property of
the Transmission Control Protocol, and also for session check pointing and
recovery, which is not usually used in the Internet Protocol Suite. The
session layer is commonly implemented explicitly in application
environments that use remote procedure calls. On this level, Inter-
Process_(computing) communication happen (SIGHUP, SIGKILL, End
Process, etc.).
45
Layer 6: Presentation layer
The presentation layer establishes context between application-layer entities,

in which the higher-layer entities may use different syntax and semantics if
the presentation service provides a mapping between them. If a mapping is
available, presentation service data units are encapsulated into session
protocol data units, and passed down the stack.
This layer provides independence from data representation (e.g., encryption)
by translating between application and network formats. The presentation
layer transforms data into the form that the application accepts. This layer
formats and encrypts data to be sent across a network. It is sometimes called
the syntax layer.
The original presentation structure used the basic encoding rules of Abstract
Syntax Notation One (ASN.1), with capabilities such as converting
an EBCDIC-coded text file to an ASCII-coded file,
or serialization of objects and other data structures from and to XML.
46
Layer 7: Application layer
The application layer is the OSI layer closest to the end user, which means
that both the OSI application layer and the user interact directly with the
software application. This layer interacts with software applications that
implement a communicating component. Such application programs fall
outside the scope of the OSI model. Application-layer functions typically
include identifying communication partners, determining resource
availability, and synchronizing communication. When identifying
communication partners, the application layer determines the identity and
availability of communication partners for an application with data to
transmit. When determining resource availability, the application layer must
decide whether sufficient network or the requested communication exist. In
synchronizing communication, all communication between applications
requires cooperation that is managed by the application layer.
47
Comparison with TCP/IP Model
In the TCP/IP model of the Internet, protocols are deliberately not as rigidly
designed into strict layers as in the OSI model.[10] RFC 3439 contains a
section entitled "Layering considered harmful (section link here )."
However, TCP/IP does recognize four broad layers of functionality which
are derived from the operating scope of their contained protocols, namely
the scope of the software application, the end-to-end transport connection,
the internetworking range, and the scope of the direct links to other nodes on
the local network.
Even though the concept is different from the OSI model, these layers are
nevertheless often compared with the OSI layering scheme in the following
way: The Internet application layer includes the OSI application layer,
presentation layer, and most of the session layer. Its end-to-end transport
layer includes the graceful close function of the OSI session layer as well as
the OSI transport layer.
48
The internetworking layer (Internet layer) is a subset of the OSI network
layer (see above), while the link layer includes the OSI data link and
physical layers, as well as parts of OSI's network layer. These comparisons
are based on the original seven-layer protocol model as defined in ISO 7498,
rather than refinements in such things as the internal organization of the
network layer document.
The presumably strict peer layering of the OSI model as it is usually

described does not present contradictions in TCP/IP, as it is permissible that
protocol usage does not follow the hierarchy implied in a layered model.
Such examples exist in some routing protocols (e.g., OSPF), or in the
description of tunneling protocols, which provide a link layer for an
application, although the tunnel host protocol may well be a transport or
even an application layer protocol in its own right.
49
Inter Vlan Communication
After creating Vlans, each Vlan has own broadcast domain. If we want
communication from one Vlan to another Vlan then we need to
perform routing. There are three methods for inter vlan
communication.
(1) Inter Vlan using multi-interface router
(2) Inter Vlan using router on a stick method
(3) Inter Vlan using layer 3 switch
1751, 2621 routers supports Vlan
(1) Inter Vlan using multi-interface router
In this case, we have to connect one interface of router in each Vlan.
This interface will act as gateway for the corresponding vlan. Each
Vlan has to use different n/w addresses. Data from one Vlan to another
Vlan will travel by router.
50
Inter Vlan Communication
(2) Inter Vlan using router on a stick method

In this method a special router is used for Inter Vlan. In this router, we
can create one interface for each Vlan. The physical interface of router
will be connected on trunk port switch. This router will route traffic on
the same interface by swapping vlan id information with the help of
frame tagging protocol.
51
Configuration on Router
Router#config ter
Router(config)#interface fastethernet 0/0
Router(config-if)#no ip address
Router(config-if)#no sh
Router(config-if)#exit
Router(config)#interface fastethernet 0/0.1
Router(config-if)#encapsulation dot1q 1
Router(config-if)#ip address 10.0.0.1 255.0.0.0
52
Configuration on Router
53
Configuration on Core switch
(1) Configure switch as VTP server
(2) Create Vlans
(3) Configure interface connected to router as Trunk
(4) Configure interfaces connected to other switches as trunk (if
required)
Configuration on Distribution layer switches

(1) Configure switch as VTP client
(2) Configure required interface as Trunk (optional)
(3) Add ports to Vlan
Configuration on Pc
Configure IP and Gateway
54
VTP provides the following benefits:
VLAN configuration consistency across the network
Mapping scheme that allows a VLAN to be trunked over mixed media
Accurate tracking and monitoring of VLANs
Dynamic reporting of added VLANs across the network
Plug-and-play configuration when adding new VLANs
55
As beneficial as VTP can be, it does have disadvantages that are normally
related to the spanning tree protocol (STP) as a bridging loop propagating
throughout the network can occur. Cisco switches run an instance of STP for
each VLAN, and since VTP propagates VLANs across the campus LAN,
VTP effectively creates more opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will propagate via VTP, a VTP
domain must first be set up. A VTP domain for a network is a set of all
contiguously trunked switches with the same VTP domain name. All
switches in the same management domain share their VLAN information
with each other, and a switch can participate in only one VTP management
domain. Switches in different domains do not share VTP information.
Using VTP, each Catalyst Family Switch advertises the following on its trunk
ports:
Management domain
Configuration revision number
Known VLANs and their specific parameters
56
Document Amendment History

S.No Description Author Version Date
1
57
T H A N K Y O U. . .
All information, including graphical representations, etc provided in this presentation is for exclusive use of current Globsyn
Skills students and faculty. No part of the document may be reproduced in any form or by any means, electronic or otherwise,
without written permission of the owner.
58
SKILLS FOR INDIA
Network Storage
A network storage system maintains copies of digital data across high-
speed local area network (LAN) connections. It is designed to back up files,
databases and other data to a central location that can easily accessed via
standard network protocols and tools.
Importance of Network Storage
Storage is an essential aspect of any computer. Hard drives and USB keys,
for example, are designed to hold the data generated by individuals on their
PCs, but when these types of local storage fail, the data is lost. Additionally,
the process of sharing local data with other computers can be time-
consuming, and sometimes the amount of local storage available is
insufficient to store everything desired. Network storage addresses these
problems by providing a reliable, external data repository for all computers
on the LAN to share efficiently. Besides freeing up local storage space,
network storage systems also typically support automated backup programs
to prevent critical data loss.
60
Evolution in Storage Architecture
61
Network-attached storage
Network-accessed storage (NAS) is file-level computer data

storage connected to a computer network providing data access
to heterogeneous clients. NAS not only operates as a file server, but is
specialized for this task either by its hardware, software, or configuration of
those elements. NAS is often made as a computer appliance – a specialized
computer built from the ground up for storing and serving files – rather than
simply a general purpose computer being used for the role.
As of 2010 NAS devices are gaining popularity, as a convenient method of
sharing files among multiple computers. Potential benefits of network-
attached storage, compared to file servers, include faster data access, easier
administration, and simple configuration.
NAS systems are networked appliances which contain one or more hard
drives, often arranged into logical, redundant storage containers
or RAID arrays. Network-attached storage removes the responsibility of file
serving from other servers on the network. They typically provide access to
files using network file sharing protocols such as NFS,SMB/CIFS, or AFP.
62
Network-Attached Storage(NAS)
63
NAS
 Scalability: good
 Availability: as long as the LAN and NAS device work,
generally good
 Performance: limited by speed of LAN, traffic conflicts,
inefficient protocol
 Management: OK
 Connection: homogeneous vs. heterogeneous
64
What is SAN about
 Data is Asset
 How to Store Data
 How to Access Data
 How to Manage Data Storage
65
Storage Area Network (SAN)
66
Storage Area Network (SAN)
 SAN is created by using

the Fibre Channel to link
peripheral devices such as
disk storage and tape
libraries
67
SAN vs. NAS
 Dedicated Fibre Channel Network for Storage

 More efficient protocol
 ==> higher availability
 ==> reduce traffic conflict
 ==> longer distance (up to 10 km)
68
Fibre Channel
 Provides high-performance, any-to-any interconnection

 Server to server
 Server to storage
 Storage to storage
 Combines the characteristics of networks (large address space,
scalability) and I/O channels (high speed, low latency, hardware error
detection) together
69
Benefits of SAN
 Scalability ==> Fibre Channel networks allow the number of attached

nodes to increase without loss of performance because as switches are
added, switching capacity grows. The limitations on the number of
attached devices typical of channel interconnection disappears
 High Performance ==> Fibre Channel fabrics provide a switched
100Mbytes/second full duplex interconnect
 Storage Management ==> SAN-attached storage allows the entire
investment in storage to be managed in a uniform way
70
Easy Migration to SAN
 Host Bus Adapters (HBAs) -- connect servers to the SAN

 Fibre Channel storage -- connects directly to the SAN
 SCSI-FC bridge -- allows SCSI (disk and tape) components to be
attached to the SAN
 SAN Network Components -- Fibre Channel switches
71

1
72
73
SKILLS FOR INDIA
Network Operating System

Operating System
 Program that manages the computer hardware

 Provides a basis for application programs and acts as an
 Intermediary between the user and the hardware
 Offers a reasonable way to solve the problem of creating a usable
computing system
Types of Operating Systems: Windows Vista

Linux and Unix
Microsoft Windows
Mac OS X
75
User 1 User 2 User 3 User n
Compiler Assembler Text editor Databases

System
System and Application Programs
Operating System
Computer Hardware
Figure: Abstract view of the components of a computer system 76

Network Operating System
 Provides an environment in which users, who are aware of multiplicity

of machines, can access remote resources either:
 Logging in to the remote machine* or
 Transferring data from the remote machine to their own
machines
 Mostly used with local area networks and wide area networks
*Remote machine: refers to a computer connected to the network which a

user is using
77
Features
 Provides basic operating system features; support for processors,

protocols, automatic hardware detection, support multi-processing of
applications
 Security features; authentication, authorization, access control
 Provides names and directory services
 Provides files, print, web services, back-up and replication services
78
 Supports Internetworking such as routing and WAN ports
 User management and support for login and logoff, remote access,
system management
 Clustering capabilities, fault tolerant and and high availability systems
Cluster: = group of linked computers working together closely, connected

to LAN
79
Remote Login with an example
 Important function of a NOS is to allow users to log in remotely

 Internet provides the telnet facility for this purpose
 Example: A user at westminster college wishes to compute
on “cs.Yale.Edu,“ a computer that is located at yale
University
 User must have a valid account on that machine
to log in remotely the user issues the command:
telnet cs.yale.edu
Command results in the formation of a socket connection between

the local machine at
Westminster College and the “cs.yale.edu“ computer
80
 Connection has been established
 Transparent, bidirectional link that all characters entered by the user
are sent to a process “cs.yale.edu“
 All the output from that process is sent back to the user
81
Remote File Transfer
 Provide a mechanism for remote file transfer from one machine to

another
 Each computer maintains its own local file system
 User: “cs.uvm.edu“ wants to access a file located on another computer
“cs.yale.edu“ file must be copied from the computer at Yale to the PC
at Uni of Vermont
 Internet provides the transfer with file transfer protocol (FTP) program
82
Example:
 User on “cs.uvm.edu“ -> copy Java program Server.java that resides

on “cs.yale.edu“
 Invoke FTP program ftp cs.yale.edu
 Login name and password
 Correct information has been received, user must connect to the file
Server.java and after copy the file by executing get Server.java
83
 File location is not transparent to the user
 No real file sharing
 Remember: User at the Uni of Vermont must have login permission on
“cs.yale.edu“
 FTP provides a way to allow a user to copy files remotely
 Remote copying is accomplished through “anonymous FTP“ method
84
Anonymous FTP Method
 File to be copied (Server.java) must be placed in a subdirectory (ftp)

with the protection set to allow the public to read the file
 User uses ftp command
 Login name – “anonymous“ and password
 Anonymous login is accomplished
 User is allowed to access only those files that are in the directory tree
of user “anonymous“
85
www.trainsignaltraining.com/.../ftp_iis7_10.png
86
 FTP mechanism is implemented (similar to telnet implementation)
 Daemon on remote site -> watches for connection requests to system„s
FTP port
 Login authentication is accomplished ->user can execute commands
remotely
 Telnet daemon executes any command for user
 FTP daemon responds to a predefined set of file-related commands
87
 Get: transfer a file from the remote machine to the local machine
 Put: transfer from the local machine to the remote machine
 Ls or dir: list files in the current directory on the remote machine
 Cd: change the current directory on the remote machine
88
Network and Operating System Security
 OS: system must protect itself

 Runway process could constitute an accidental denial-of-service attack
 Query to service could reveal passwords
 Stack overflow could allow the launching of an unauthorized process
 List of possible breaches is almost endless
89
 Travels over private leased lines, shared lines like the internet, wireless
connections, or dial-up lines
 Intercepting these data could be harmful as breaking into a computer
 Interruption of communications could constitute a remote denial-of-
service attack
 Diminishing user„s use of and trust in
the system
90
Novell NetWare
 Is a NOS
 Used cooperative multitasking to run several services on a PC
 File sharing instead of disk sharing
 NDS (Novell Directory Services)
 Server administration
 Desktop Management
 Software distribution
 Integrated cache
 Enhanced security
91
Novell NetWare Protocols
 Are widely used for PC LANs

 Windows XP Nwlink protocol connects the NetBIOs to NetWare
networks
 In combination with a redirector this protocol enables a Windows XP
client to connect to a NetWare server
 Some NOSs for DOS and Windows system include Novell NetWare:
Windows NT and 2000 OS/2 etc.
92
93
Linux
 Free OS based on Unix standards

 Provides a programming interface and user interface
 Core Linux OS kernel is original, but allows much existing free Unix
software to run
 Multiuser system, providing protection between processes and running
multiple processes according to a time-sharing (or multitasking)
scheduler
 Multiple networking protocols can be accessed simultaneously through
socket interface
94
95
SKILLS FOR INDIA
Installation of the Network Operating

Systems
Windows XP Installation
Assuming system is able to boot from a CD-ROM

Inserting Windows XP installation CD-ROM and power-
on/restart your system
97
98
When you get the message to
"press any key to boot from CD...", press any key.
Once the boot from CD-ROM has started, it will display at the top of the
screen :
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
Setup will configure then your screen resolution.
The system will try to connect via the Internet to the Microsoft website, you can select to "Skip" that step.
You will be prompted to enter the first Usernames (which will be defined as Administrators)
and you will get the new XP Welcome screen :
119
ALL SET TO GO………
120
Step By Step Windows Server 2003 Installation
Guide
121
Windows Server 2003 operating systems take the best of Windows 2000
Server technology and make it easier to deploy, manage, and use. The
result: a highly productive infrastructure that helps make your network a
strategic asset for your organization .
Windows Server 2003 SP2 provides enhanced security, increased
reliability, and a simplified administration to help enterprise customers
across all industries.
122
Microsoft Windows Server 2003 R2 Standard Edition Requirements
Computer and processor
PC with a 133-MHz processor required; 550-MHz or faster processor
recommended; support for up to four processors on one server
Memory
128 MB of RAM required; 256 MB or more recommended; 4 GB maximum
Hard disk
1.2 GB for network install; 2.9 GB for CD install
Drive
CD-ROM or DVD-ROM drive
Display
VGA or hardware that supports console redirection required; Super VGA
supporting 800 x 600 or higher-resolution monitor recommended
123
 Check System Requirements
 Check Hardware and Software Compatibility
 Determine Disk Partitioning Options
 Choose the Appropriate File System: FAT, FAT32, NTFS
 Decide on a Workgroup or Domain Installation
 Complete a Pre-Installation Checklist
 After you made sure you can go on, start the installation process
 Beginning the installation process
 You can install Windows Server 2003 in several methods – all are valid
and good, it all depends upon your needs and your limitations
 In this tutorial we are installing directly from a CD by booting your
computer with the CD
 Start the computer from the CD 124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

1
149
150
SKILLS FOR INDIA
Linux Installation
Installation Requirements
152
Linux installation requirements
 Minimum installation
 80386SX or better
 2 MB RAM
 Floppy disk drive
 40MB hard drive
 Video card
 Monitor
153
Linux installation requirements
 Realistic installation
 Text based
• 80386 or better
• 8 MB RAM
 GUI based
• 80486 or Pentium class
• 16 MB RAM
154
Linux recommended hardware
 Motherboards - ISA, EISA, PCI, VESA

 RAM – 2 MB will work, 16 is best
 Multi-user – 4 MB per user
 Hard disk – IDE, EIDE, ESDI, RLL, SCSI
 If using SCSI, only uses most common
 Video – Almost any
 Mouse – Any
 Tape – Any SCSI
 Removable media – Most SCSI
 Printer – Almost any parallel or serial port
 Modem – Most serial, if DOS can use it, Linux can too
 NIC – 3Com, Novell, HP, Intel
 Clones are NOT recommended!
155
RedHat Linux 6.2 Installation Notes
 Before installation
 Check hardware compatibility!!!
• www.redhat.com/support/hardware
 Make sure you have enough disk space
 Decide which installation method to use
 CD-ROM
 Hard Drive
 Ftp
 Http
156
 Decide how to start the installation
 Bootable CD-ROM
 Local media boot disk
 Included with Official RedHat Linux 6.2 set
 Network boot disk
 PCMCIA boot disk
• Used if CD-ROM drive is attached to PC
through PCMCIA card
157
A Note on Workstation Installations
 There are two types available, we will choose KDE for this
presentation
 GNOME
• www.gnome.org
 KDE
• www.kde.org
158
RedHat Installation
 Insert RedHat CD into CD-ROM drive

 After a short delay, a screen containing the boot: prompt should appear
 Press ENTER to continue and install graphically
 The next screen will ask you to determine which installation method
you would like to use
Note: All screenshots courtesy of redhat.com

159
 Choose the option for CD-ROM and select OK
 The installation program will probe your system and attempt to
identify your CD-ROM drive
 Using a common CD-ROM drive will prevent any problems
 The next screen will ask you to select a language – Choose English
and click Next
160
 Choose the keyboard that best fits your system – If no exact match,
choose the best GENERIC match and click Next
161
 Choose the mouse that best fits your system – If no exact match,
choose the best GENERIC match and click Next
162
 Read over the help text in the left and then click Next
163
 Choose to Install and select KDE Workstation and click Next
164
 For ease of installation, continue with Automatic Partitioning and click
Next
 Note: everything will be erased!
165
 Again, for ease of installation and use, leave defaults selected and click
Next
166
 Choose your Network device type, then enter your IP Address,
Netmask, Network, and Broadcast addresses and click Next
 Unsure? Ask your network administrator
167
 Choose your time zone by clicking on the map, ex. Pacific – Tijuana,
and click Next
168
 Set the ROOT PASSWORD - Write it down and keep it in a secure
place!
 You can add Users at this time too, then click Next
169
 Continue with the option detected for your system and click Next
170
 Choose the monitor that best fits your system - If none exist, choose
the best GENERIC monitor and click Next
171
 Continue with the video hardware detected for you unless you know it
is incorrect (change it) and click Next
You can test the Configuration if

you are not sure
Make sure USE GRAPHICAL

LOGIN is selected
172
 Almost done!!! Click Next
 If you would rather quit, this is your last chance! – You can reboot
and safely exit the installation now
Be sure
to read
the
Caution
Note!
173
 At this point, you can sit back and relax while RedHat is installed
 Depending on the speed of your system, the installation will take
from about 15 minutes to 1 hour
174
 Insert a blank, formatted disk into the floppy drive and click Next
175
 Congratulations!!!
 You can now click Exit to reboot your system and start to use
Linux
176

1
177
178
SKILLS FOR INDIA
Introduction to the DNS system

Purpose of Naming
 Addresses are used to locate objects

 Names are easier to remember than numbers
 You would like to get to the address or other objects using a name
 DNS provides a mapping from names to resources of several types
180
Names and addresses in general
 An address is how you get to an endpoint

 Typically, hierarchical (for scaling):
• 950 Charter Street, Redwood City CA, 94063
• 204.152.187.11, +1-650-381-6003
 A “name” is how an endpoint is referenced
 Typically, no structurally significant hierarchy
• “David”, “Tokyo”, “itu.int”
181
Naming History
 1970‟s ARPANET
 Host.Txt maintained by the SRI-NIC
 Pulled from a single machine
 Problems
• Traffic and load
• Name collisions
• Consistency
 DNS related in 1983 by paul mock-apetris (rfcs 1034 and 1035),
modified, updated, and enhanced by a myriad of subsequent rfcs
182
DNS
 A lookup mechanism for translating objects into other objects

 A globally distributed, loosely coherent, scalable, reliable, dynamic
database
 Comprised of three components
• A “name space”
• Servers making that name space available
• Resolvers (clients) which query the servers about the name space
183
DNS Features: Global Distribution
 Data is maintained locally, but retrievable globally

 No single computer has all DNS data
 DNS lookups can be performed by any device
 Remote DNS data is locally catchable to improve performance
184
DNS Features: Loose Coherency
 The database is always internally consistent

 Each version of a subset of the database (a zone) has a serial number
• The serial number is incremented on each database change
 Changes to the master copy of the database are replicated according to
timing set by the zone administrator
 Cached data expires according to timeout set by zone administrator
185
DNS Features: Scalability
 No limit to the size of the database

 One server has over 20,000,000 names
• Not a particularly good idea
 No limit to the number of queries
 24,000 queries per second handled easily
 Queries distributed among masters, slaves, and caches
186
DNS Features: Reliability
 Data is replicated
 Data from master is copied to multiple slaves
 Clients can query
 Master server
 Any of the copies at slave servers
 Clients will typically query local caches
 DNS protocols can use either UDP or TCP
 If UDP, DNS protocol handles retransmission, sequencing, etc.
187
DNS Features: Dynamicity
 Database can be updated dynamically

 Add/delete/modify of any record
 Modification of the master database triggers replication
 Only master can be dynamically updated
• Creates a single point of failure
188

1
189
190
SKILLS FOR INDIA
Dynamic Host Configuration Protocol (DHCP)
191
Dynamic Assignment of IP addresses
 Dynamic assignment of IP addresses is desirable for several reasons:

 IP addresses are assigned on-demand
 Avoid manual IP configuration
 Support mobility of laptops
192
Solutions for dynamic assignment of IP
addresses
 Reverse Address Resolution Protocol (RARP)

 Works similar to ARP
 Broadcast a request for the IP address associated with a given MAC
address
 RARP server responds with an IP address
 Only assigns IP address (not the default router and subnet mask)
ARP Ethernet MAC

IP address
address
(32 bit)
(48 bit)
RARP
193
BOOTP
 BOOT strap Protocol (BOOTP)

From 1985
Host can configure its IP parameters at boot time
3 services:
• IP address assignment
• Detection of the IP address for a serving machine
• The name of a file to be loaded and executed by the client machine
(boot file name)
 Not only assign IP address, but also default router, network mask, etc.
 Sent as UDP messages (UDP Port 67 (server) and 68 (host))
 Use limited broadcast address (255.255.255.255):
These addresses are never forwarded
194
DHCP
 Dynamic Host Configuration Protocol (DHCP)

 From 1993
 An extension of BOOTP, very similar to DHCP
 Same port numbers as BOOTP
 Extensions:
• Supports temporary allocation (“leases”) of IP addresses
• DHCP client can acquire all IP configuration parameters needed to
operate
 DHCP is the preferred mechanism for dynamic assignment of IP
addresses
 DHCP can interoperate with BOOTP clients
195
BOOTP Interaction
(b)
(a)
Argon Argon
00:a0:24:71:e4:44 BOOTP Server 128.143.137.144
00:a0:24:71:e4:44 DHCP Server
BOOTP Request BOOTP Response:
00:a0:24:71:e4:44 IP address: 128.143.137.144
Sent to 255.255.255.255 Server IP address: 128.143.137.100
Boot file name: filename
(c)
 BOOTP can be used for
downloading memory image for
diskless workstations
 Assignment of IP addresses to hosts
is static
196
DHCP Interaction (simplified)
Argon
128.143.137.144
DHCP Response:
IP address: 128.143.137.144
Default gateway: 128.143.137.1
Netmask: 255.255.0.0
197
BOOTP/DHCP Message Format
Hardware Address
OpCode Hardware Type Hop Count
Length
Unused (in BOOTP)
Number of Seconds
Flags (in DHCP)
Transaction ID
Client IP address
Your IP address
Server IP address
Gateway IP address
Client hardware address (16 bytes)
Server host name (64 bytes)
Boot file name (128 bytes)
Options
(There are >100 different options)

198
DHCP Message Type
 Message type is sent as an Value Message Type

option.
1 DHCPDISCOVER
2 DHCPOFFER
3 DHCPREQUEST
4 DHCPDECLINE
5 DHCPACK
6 DHCPNAK
7 DHCPRELEASE
8 DHCPINFORM
199
Message Types
 DHCPDISCOVER: Broadcast by a client to find available DHCP servers

 DHCPOFFER: Response from a server to a DHCPDISCOVER and offering
IP address and other parameters
 DHCPREQUEST: Message from a client to servers that does one of the
following:
 Requests the parameters offered by one of the servers and declines all
other offers
 Verifies a previously allocated address after a system or network change
(a reboot for example)
 Requests the extension of a lease on a particular address
200
DHCPACK: Acknowledgement from server to client with parameters,
including IP address.
DHCPNACK: Negative acknowledgement from server to client,
indicating that the client's lease has expired or that a requested IP address is
incorrect.
DHCPDECLINE: Message from client to server indicating that the
offered address is already in use.
DHCPRELEASE: Message from client to server canceling remainder of a
lease and relinquishing network address.
DHCPINFORM: Message from a client that already has an IP address
(manually configured for example), requesting further configuration
parameters from the DHCP server.
201
DHCP Operation
DHCP Client
DHCPDISCOVER
 DCHP DISCOVER Sent to 255.255.255.255
DHCP Server
DHCP Client
00:a0:24:71:e4:44 DHCPOFFER DHCP Server
DHCPOFFER
 DCHP OFFER
DHCP Server
202
DHCP Operation
DHCP Client
DHCPREQUEST
DCHP DISCOVER DHCPACK
At this time, the DHCP DHCP Server
client can start to use the

IP address
DHCP Client
Renewing a Lease
DHCPREQUEST
(sent when 50% of lease
DHCPACK
has expired)
If DHCP server sends
DHCPNACK, then
DHCP Server
address is released.
203
DHCP Operation
DHCP Client
DHCPRELEASE
DCHP RELEASE
At this time, the DHCP client DHCP Server
has released the IP address
204
Client Server Interactions
 The client broadcasts a DHCPDISCOVER message on its local physical

subnet
 The DHCPDISCOVER message may include some options such as
network address suggestion or lease duration
 Each server may respond with a DHCPOFFER message that includes an
available network address (your IP address) and other configuration options
 The servers record the address as offered to the client to prevent the
same address being offered to other clients in the event of further
DHCPDISCOVER messages being received before the first client has
completed its configuration
205
 The client receives one or more DHCPOFFER messages from one or
more servers
 The client chooses one based on the configuration parameters
offered and broadcasts a DHCPREQUEST message that includes
the server identifier option to indicate which message it has selected
and the requested IP address option, taken from your IP address in
the selected offer
 In the event that no offers are received, if the client has knowledge
of a previous network address, the client may reuse that address if its
lease is still valid, until the lease expires
206
 The servers receive the DHCPREQUEST broadcast from the client
 Those servers not selected by the DHCPREQUEST message use
the message as notification that the client has declined that server's
offer
 The server selected in the DHCPREQUEST message commits the
binding for the client to persistent storage and responds with a
DHCPACK message containing the configuration parameters for
the requesting client
207
The combination of client hardware and assigned network address constitute
a unique identifier for the client's lease and are used by both the client and
server to identify a lease referred to in any DHCP messages.
The your IP address field in the DHCPACK messages is filled in with the
selected network address. The client receives the DHCPACK message with
configuration parameters. The client performs a final check on the
parameters, for example with ARP for allocated network address, and notes
the duration of the lease and the lease identification cookie specified in the
DHCPACK message. At this point, the client is configured.If the client
detects a problem with the parameters in the DHCPACK message (the
address is already in use on the network, for example), the client sends a
DHCPDECLINE message to the server and restarts the configuration
process.
208
The client should wait a minimum of ten seconds before restarting the
configuration process to avoid excessive network traffic in case of looping.
On receipt of a DHCPDECLINE, the server must mark the offered address
as unavailable (and possibly inform the system administrator that there is a
configuration problem).
If the client receives a DHCPNAK message, the client restarts the
configuration process.
The client may choose to relinquish its lease on a network address by
sending a DHCPRELEASE message to the server.
The client identifies the lease to be released by including its network
address and its hardware address.
209
DHCP Pros
 It relieves the network administrator of a great deal of manual

configuration work
 The ability for a device to be moved from network to network and to
automatically obtain valid configuration parameters for the current network
can be of great benefit to mobile users
 Because IP addresses are only allocated when clients are actually active, it
is possible, by the use of reasonably short lease times and the fact that
mobile clients do not need to be allocated more than one address, to reduce
the total number of addresses in use in an organization
210
DHCP Cons
 Uses UDP, an unreliable and insecure protocol

 DNS cannot be used for DHCP configured hosts
211

1
212
213
SKILLS FOR INDIA
Network Design and Implementation

Message transfer agent
Within Internet message handling services (MHS), a message transfer

agent or mail transfer agent (MTA) or mail relay is software that transfers
electronic mail messages from one computer to another using a client–
server application architecture. An MTA implements both the client
(sending) and server (receiving) portions of the Simple Mail Transfer
Protocol.
The terms mail server, mail exchanger, and MX host may also refer to
a computer performing the MTA function. The Domain Name
System (DNS) associates a mail server to a domain with mail
exchanger (MX) resource records containing the domain name of a host
providing MTA services.
A mail server is a computer that serves as an electronic post office for email.
Mail exchanged across networks is passed between mail servers that run
specially designed software. This software is built around agreed-upon,
standardized protocols for handling mail messages and the graphics they
might contain. 215
Operation
A message transfer agent receives mail from either another MTA, a mail
submission agent (MSA), or a mail user agent (MUA). The transmission
details are specified by the Simple Mail Transfer Protocol (SMTP). When a
recipient mailbox of a message is not hosted locally, the message is relayed,
that is, forwarded to another MTA. Every time an MTA receives an email
message, it adds aReceived trace header field to the top of the header of the
message,[4] thereby building a sequential record of MTAs handling the
message. The process of choosing a target MTA for the next hop is also
described in SMTP, but can usually be overridden by configuring the MTA
software with specific routes.
216
A MTA works in the background, while the user usually interacts directly
with a mail user agent. One may distinguish initial submission as first
passing through an MSA – port 587 is used for communication between an
MUA and an MSA while port 25 is used for communication between
MTAs, or from an MSA to an MTA, this distinction is first made in RFC
2476.
For recipients hosted locally, the final delivery of email to a recipient
mailbox is the task of a message delivery agent (MDA). For this purpose
the MTA transfers the message to the message handling service component
of the message delivery agent. Upon final delivery, the Return-Path field is
added to the envelope to record the return path.
217
Install a Windows Server 2003 Print Server
Click Start, point to Administrative Tools, and then click Configure

Your Server Wizard
Click Next
Click Next
Click Print server in the Server role box, and then click Next
On the "Printers and Printer Drivers" page, click the types of
Windows clients that your print server will support, and then click Next
Click Next
On the "Add Printer Wizard Welcome" page, click Next
218
Click Local printer attached to this computer, click to clear
the Automatically detect and install my Plug and Play printer check box,
and then click Next
Click the port for your printer, and then click Next
Click the printer make and model or provide the drivers from the printer
manufacturer media, and then click Next
NOTE: If you are prompted to keep or not keep your existing printer driver,
either keep the existing driver or replace the existing driver. If you replace
the driver, you must provide the manufacturer driver for this printer.
Click Next to continue.
•Accept the default name of the printer or provide a different name, and then
click Next.
•Click the Share as option, type the share name, and then click Next.
219

1
220
221
SKILLS FOR INDIA
Network Security & Troubleshooting

Backup
In information technology, a backup or the process of backing up is

making copies of data which may be used to restore the original after a data
loss event. The verb form is back up in two words, whereas the noun
is backup.
Backups have two distinct purposes. The primary purpose is to recover data
after its loss, be it by data deletion or corruption. Data loss can be a common
experience of computer users. A 2008 survey found that 66% of respondents
had lost files on their home PC. The secondary purpose of backups is to
recover data from an earlier time, according to a user-defined data
retention policy, typically configured within a backup application for how
long copies of data are required. Though backups popularly represent a
simple form of disaster recovery, and should be part of a disaster recovery
plan, by themselves, backups should not alone be considered disaster
recovery.
223
Since a backup system contains at least one copy of all data worth saving,
the data storage requirements are considerable. Organizing this storage
space and managing the backup process is a complicated undertaking. A
data repository model can be used to provide structure to the storage. In the
modern era of computing there are many different types of data storage
devices that are useful for making backups. There are also many different
ways in which these devices can be arranged to provide geographic
redundancy, data security, and portability.
224
Types of Backup
 There are five types of back up
Normal
Copy
Incremental
Differential
Daily Backup
225
 Selecting Backup Devices and Media
 Many tools are available for backing up data. Some are fast and
expensive. Others are slow but very reliable. The backup solution that's
right for your organization depends on many factors, including
 Capacity The amount of data that you need to back up on a routine
basis. Can the backup hardware support the required load given your
time and resource constraints?
 Reliability The reliability of the backup hardware and media. Can
you afford to sacrifice reliability to meet budget or time needs?
 Extensibility The extensibility of the backup solution. Will this
solution meet your needs as the organization grows?
 Speed The speed with which data can be backed up and recovered.
Can you afford to sacrifice speed to reduce costs?
 Cost The cost of the backup solution. Does it fit into your budget?
226
Recovering Data Using the Restore Wizard
 Make sure that the backup set you want to work with is loaded into the
library system, if possible.
 Start Backup. In the Welcome tab, click Restore Wizard, and then click
Next.
227
Select the check box next to any drive, folder, or file that you want to
restore. If the media set you want to work with isn't shown, click Import
File, and then type the path to the catalog for the backup.
To restore system state data, select the check box for System State as well as
other data you want to restore. If you're restoring to the original location, the
current system state will be replaced by the system state data you're
restoring. If you restore to an alternate location, only the registry, Sysvol,
and system boot files are restored. You can only restore system state data on
a local system.
Tip By default, Active Directory and other replicated data, such as Sysvol,
aren't restored on domain controllers. This information is instead replicated
to the domain controller after you restart it, which prevents accidental
overwriting of essential domain information. To learn how to restore Active
Directory, see the "Restoring Active Directory" section of this chapter.
228
Click Next. Click Advanced if you want to override default options, and
then follow steps 5–7. Otherwise, skip to step 8.
Select the restore location using one of the following options:
Original Location Restores data to the folder or files it was in when it was
backed up.
Alternate Location Restores data to a folder that you designate, preserving
the directory structure. After selecting this option, enter the folder path to
use or click Browse to select the folder path.
Single Folder Restores all files to a single folder without preserving the
directory structure. After selecting this option, enter the folder path to use or
click Browse to select the folder path.
Do Not Replace The Files On My Computer (Recommended) Select this
option if you don't want to copy over existing files.
Replace The File On Disk Only If the File On Disk Is Older Select this
option to replace older files on disk with newer files from the backup.
Always Replace The File On My Computer Select this option to replace
all the files on disk with files from the backup.
229
If they're available, you can choose to restore security and system files using
the following options:
Restore Security:Restores security settings for files and folders on
NTFS volumes.
Restore Removable Storage Database:Restores the Removable
Storage configuration if you archived SystemRoot%\System32\
Ntmsdata. Choosing this option will delete existing Removable Storage
information.
Restore Junction Points, Not The Folder And File Data They
Restores network drive mappings but doesn't restore the actual data to
the mapped network drive. Essentially, you're restoring the folder that
references the network drive.
Click Next, and then click Finish. If prompted, type the path and name of the
backup set to use. You can cancel the backup by clicking Cancel in the
Operation Status and Restore Progress dialog boxes.
When the restore is completed, click Close to complete the process or click
Report to view a backup log containing information about the restore
operation. 230
231
SKILLS FOR INDIA
Access Control List

An access control list (ACL), with respect to a computer file system, is a list
of permissions attached to an object. An ACL specifies which users or
system processes are granted access to objects, as well as what operations
are allowed on given objects. Each entry in a typical ACL specifies a subject
and an operation. For instance, if a file has an ACL that contains (Alice,
delete), this would give Alice permission to delete the file.
ACL are the basic security feature that is required in any network to control
the flow of traffic. Most of time our network may have servers and clients
for which traffic control is required.
We can also use ACL to classify the traffic. ACLs are used in features like
QOS (Quality of Service), Prioritize traffic and interesting traffic for ISDN.
233
Classification Access Control List
Types of ACL based on Protocol: -
(1) IP Access Control List
(2) IPX Access Control List
(3) Apple talk Access Control List
Types of ACL based on Feature: -

(1) Standard ACL
(2) Extended ACL
Types of ACL based on Access mode: -

(1) Numbered ACL
(2) Named ACL
234
Classification Access Control List
Types of ACL based on Order of rules: -
(1) Deny, permit
(2) Permit, deny
Types of ACL based on direction of implementation: -

(1) Inbound ACL
(2) Outbound ACL
235
Flow chart of Inbound ACL
A Packet is received
Is there any Access-

No The packet
is passed to
list applied on Routing
interface in Inbound Engine
direction?
Yes
No
Is there any The packet
macthine rule in ACL is dropped.
from top-down
order?
Yes
The packet Yes No
Is it The packet
is passed to
permit is dropped.
RE
? 236
IP Standard ACL (Numbered)
In Standard ACL, we are only able to specify source address for the
filtering of packets. The syntax to create IP standard ACL are: -
Router#conf ter
Router(config)#access-list <no> <permit|deny> <source>
Router(config)#exit
<source> Single pc host 192.168.10.5
192.168.10.5
192.168.10.5 0.0.0.0
N/w 200.100.100.0 0.0.0.255
Subnet 200.100.100.32 0.0.0.15
All any
237
Example: - 172.16.0.16 – 18 should not access Internet; rest of all other pc
should access Internet.
Internet
Router
172.16.0.1
172.16.x.x
Router#conf ter
Router(config)#access-list 30 deny 172.16.0.16
Router(config)#access-list 30 permit any
Router(config)#exit
238
IP Standard ACL (Named)
In Numbered ACL editing feature is not available that is we are not
able to delete single rule from the ACL. In Named ACL editing
feature is available.
Router#config ter
Router(config)#ip access-list standard <name>
Router(config-std-nacl)#<deny|permit> <source>
Router(config-std-nacl)#exit
Router#conf ter
Router(config)#ip access-list standard abc
Router(config-std-nacl)#deny 172.16.0.16
Router(config-std-nacl)#permit any
Router(config-std-nacl)#exit
239
To control Telnet access using ACL
If we want to control telnet with the help of ACL then we can create
a standard ACL and apply this ACL on vty port. The ACL that we
will create for vty will be permit – deny order.
Example: - suppose we want to allow telnet to our router from

192.168.10.5 & 192.168.10.30 pc.
Router#conf ter
Router(config)#access-list 50 permit 192.168.10.5
Router(config)#access-list 50 permit 192.168.10.30
Router(config)#line vty 0 4
Router(config-line)#access-class 50 in
Router(config)#exit
240
IP Extended ACL (Numbered)
Extended ACL are advanced ACL. ACL,
which can control traffic flow on the basis
of five different parameters that are: -
(i) Source address
(ii) Destination address
(iii) Source port
(iv) Destination port
(v) Protocol (layer 3/layer 4)
241
The syntax to create Extended ACL
Router#conf ter
Router(config)#access-list <no> <deny|permit> <protocol>
<source> [<s.port>]
<destination> [<d.port>]
router(config)#exit
<no> -> 100 to 199
<protocol> -> layer ¾
IP
TCP
UDP
ICMP
IGRP
242
The syntax to create Extended ACL
<Source port> no (1 to 65535) or
<Destination port> telnet/www/ftp etc.
<Source> Single pc
<Destination> 192.168.10.4 0.0.0.0
host 192.168.10.4
N/w
200.100.100.0 0.0.0.255
Subnet
172.30.0.32 0.0.0.7
All
Any
243
To display ACL
Router#show access-lists or
Router#show access-list <no>
To display ACL applied on interface

Router#show ip interface
Router#show ip interface <type> <no>
Router#show ip interface Ethernet 0
244
Switch port ACL
You can only apply port ACLs to layer 2 interfaces on your switches
because they are only supported on physical layer 2 interfaces. You
can apply them as only inbound lists on your interfaces, and you can
use only named lists as well.
Extended IP access lists use both source and destination addresses as

well as optional protocol information and port number. There are
also MAC extended access lists that use source and destination MAC
addresses and optional protocol type information.
Switches scrutinize all inbound ACLs applied to a certain interface

and decide to allow traffic through depending on whether the traffic
is a good match to the ACL or not. ACLs can also be used to control
traffic on VLANs. You just need to apply a port ACL to a trunk port.
245
Switch#conf ter
Switch(config)#mac access-list extended abc
Switch(config-ext-mac)#deny any host 000d.29bd.4b85
Switch(config-ext-mac)#permit any any
Switch(config-ext-mac)#do show access-list
Switch(config-ext-mac)#int f0/6
Switch(config-if)#mac access-group abc
246
Lock and Key (Dynamic ACLs)
These ACLs depends on either remote or local Telnet authentication in
combination with extended ACLs. Before you can configure a dynamic
ACL, you need to apply an extended ACL on your router to stop the flow
of traffic through it.
Reflexive ACLs
These ACLs filter IP packets depending upon upper-layer session

information, and they often permit outbound traffic to pass but place
limitations on inbound traffic. You can not define reflexive ACLs with
numbered or standard IP ACLs, or any other protocol ACLs. They can be
used along with other standard or static extended ACLs, but they are only
defined with extended named IP ACLs.
247
Time-Based ACLs
In this you can specify a certain time of day and week and then
identity that particular period by giving it a name referenced by a
task. The reference function will fall under whatever time constraints
you have dictated. The time period is based upon the router‟s clock,
but it is highly recommended that using it in conjunction with
Network Time Protocol (NTP) synchronization.
Router#conf ter
Router(config)#time-range no-http
Router(config-time-range)#periodic
<Wednesday|weekdays|weekend> 06:00 to 12:00
Router(config-time-range)#exit
Router(config)#time-range tcp-yes
Router(config-time-range)#periodic weekend 06:00 to 12:00
Router(config-time-range)#exit
248
Router(config)ip access-list extended time
Router(config-ext-nacl)#deny tcp any any eq www time-range
no-http
Router(config-ext-nacl)#permit tcp any any time-range tcp-yes
Router(config-ext-nacl)#interface f0/0
Router(config-if)#ip access-group time in
Router(config-if)#do show time-range
249

1
250
251

Unit 1 - 1 Computer Application-III-1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unit 1 - 1 Computer Application-III-1

Uploaded by

Copyright:

Available Formats

SKILLS FOR INDIA

An overview of computer networking which introduces

Source System Destination System

Source  Transmitter  Transmission  Receiver  Destination

Workstation/PC Medium Workstation/PC

1. Text input information

 In a star network, each node is

 It is a type of network that is

 A router is a device or a software in a computer that determines the next

Desktop computer database

Local Area Network

A Local Area Network (LAN) is a relatively small network that is confined

The term Metropolitan Area Network (MAN) is typically used to describe a

A Wide Area Network (WAN) covers a significantly larger geographic area

A more recent term used to describe a type of network is a Personal Area

An example of a PAN technology is Bluetooth wireless networking. Bluetooth

 Wireless Loca Area Network: A LAN based on wi-fi

 Communication between two devices can be simplex, half duplex or full

 Simplex: In simplex mode, the communication is unidirectional, as on a

 Open Systems Interconnection

File Transfer, Email, Remote Login 

ASCII Text, Sound (syntax layer) 

Routing and Forwarding Address: IP 

Two party communication: Ethernet 

How to transmit signal; coding Hardware

Parallel SCSI buses operate in this layer, although it must be remembered

The network layer provides the functional and procedural means of

The network layer may be divided into three sub layers:

A number of layer-management protocols, a function defined in the

The session layer controls the dialogues (connections) between computers. It

The presentation layer establishes context between application-layer entities,

The presumably strict peer layering of the OSI model as it is usually

(2) Inter Vlan using router on a stick method

Configuration on Distribution layer switches

Document Amendment History

Importance of Network Storage

Network-accessed storage (NAS) is file-level computer data

 SAN is created by using

 Dedicated Fibre Channel Network for Storage

 Provides high-performance, any-to-any interconnection

 Scalability ==> Fibre Channel networks allow the number of attached

 Host Bus Adapters (HBAs) -- connect servers to the SAN

Document Amendment History

Network Operating System

 Program that manages the computer hardware

Types of Operating Systems: Windows Vista

Compiler Assembler Text editor Databases

Figure: Abstract view of the components of a computer system 76

 Provides an environment in which users, who are aware of multiplicity

*Remote machine: refers to a computer connected to the network which a

 Provides basic operating system features; support for processors,

Cluster: = group of linked computers working together closely, connected

 Important function of a NOS is to allow users to log in remotely

Command results in the formation of a socket connection between

 Provide a mechanism for remote file transfer from one machine to

 User on “cs.uvm.edu“ -> copy Java program Server.java that resides

 File to be copied (Server.java) must be placed in a subdirectory (ftp)

 OS: system must protect itself

 Are widely used for PC LANs

 Free OS based on Unix standards

Installation of the Network Operating

Assuming system is able to boot from a CD-ROM

Document Amendment History