Friday, July 17, 2009

How to Find your DNS Server Address

The Domain Name System (DNS) is the naming system for computer services or other resources that connect to the World Wide Web. The DNS renames the IP addresses of the visited websites to a more user-friendly name. For instance, the DNS will rename the IP address 64.233.189.147 to www.google.com. Internet domain names are simple unlike IP addresses which are hard to remember. The DNS also stores other types of information. It also identifies DNS protocol as part of the Internet Protocol (TCP/IP). The users rely on the Domain Name System to rename the IP addresses of the visited websites. This is why the DNS is vital to the computers connected to the Internet.

Materials Needed:
- A desktop or a laptop running on a Windows Operating System
- Internet connection
- network adapter
Step 1
Click on the “Start” menu to display the applications and options. Next, click the “Run” option to display a small pop-up application.
Step 2
On the “Run” option, type the command line “cmd” and press the “Enter” key. This will display another pop-up window, the command prompt.
Step 3
At the command prompt, type the line “ipconfig /all”. The command prompt will display the entire Local Area Network adapter present at the computer. The local area adapter with a connection to the Internet will show the DNS server address of the computer. For another method, proceed to step four.
Step 4
Open the Control Panel menu. To do this, click on the “Start” menu to see the applications and options available. The Control Panel is located on the right side of the Start menu. Double click on “Control Panel” icon to enter the Control Panel.
Step 5
On the Control Panel menu, there are many icons that are on display, look for the icon of the Network Connections menu. Double click on the “Network Connections” icon and the current window will redirect to another window.
Step 6
At the Network Connections menu, choose the active local area connection. Double click on the “local area connection” icon to pop up a display option.
Step 7
On the display option of the local area connection, click the “properties” button to pop up another display option.
Step 8
At the pop-up display option, there will be different item used for the Internet connection. Select the Internet Protocol (TCP/IP) and click on “properties” to display another option.
Step 9
On the Internet Protocol (TCP/IP), look for the preferred DNS server. This is the DNS server address the computer uses

Thursday, July 16, 2009

Simple mail Transfer Protocol(SMTP)

Simple Mail Transfer protocol is a send the E-mail inside the network, Mostly more mail send from Internet use Simple Mail Transfer protocol to send massage from server. Generally used to Simple Mail Transfer Protocol is a send the massage from a client to mail server.
An important feature of SMTP is its capability to relay mail across transport service environments. A transport service provides an interprocess communication environment (IPCE). An IPCE may cover one network, several networks, or a subset of a network. It is important to realize that transport systems (or IPCEs) are not one-to-one with networks. A process can communicate directly with another process through any mutually known IPCE. Mail is an application or use of interprocess communication. Mail can be communicated between processes in different IPCEs by relaying through a process connected to two (or more) IPCEs. More specifically, mail can be relayed between hosts on different transport systems by a host on both transport systems.


Simple Mail Transfer Protocol Contents are :-
a,Outgoing mail SMTP server
b,Sample communications
c,Security and spamming
d,Other protocols for e-mail
e,Related Requests For Comments (RFCs)
f, External links .
Simple Mail Transfer Protocol (SMTP) Outgoing Mail Server:-
Simple Mail Transfer Protocol outgoing mail servers support for Yahoo com,com cast, MSN,SBC, Version and Third party Internet Service Providers. When a company is purchased by another company, the POP3 and SMTP server names often change. Simple Mail Transfer Protocol one of th limitations original is that has no facility for authentications of senders. Spam it is enables by several factors.
Client to mail server E-mail is handed off usually using Simple Mail Transfer Protocol, From here is the MSA delivers to mail to an MTA ,running on the same machine.
Simple Mail Transport Protocol Related Requests For Comments(RFCs):-
RFC 1123 – Requirements for Internet Hosts -- Application and Support (STD 3)
RFC 1870 – SMTP Service Extension for Message Size Declaration (оbsoletes: RFC 1653)
RFC 2476 – Message Submission
RFC 2505 – Anti-Spam Recommendations for SMTP MTAs
RFC 2920 – SMTP Service Extension for Command Pipelining
RFC 3030 – SMTP Service Extensions for Transmission of Large and Binary MIME Messages
RFC 3207 – SMTP Service Extension for Secure SMTP over Transport Layer Security
RFC 3461 – SMTP Service Extension for Delivery Status Notifications
RFC 3462 – The Multi part/Report Content Type for the Reporting of Mail System Administrative Messages (obsoletes RFC 1892)
RFC 3463 – Enhanced Status Codes for SMTP (obsoletes RFC 1893 )
RFC 3464 – An Extensible Message Format for Delivery Status Notifications (obsoletes RFC 1894)
RFC 3834 – Recommendations for Automatic Responses to Electronic Mail
RFC 4409 – Message Submission for Mail (obsoletes RFC 2476)
RFC 4952 – Overview and Framework for Internationalized E-mail
RFC 4954 – SMTP Service Extension for Authentication (obsoletes RFC 2554)
RFC 5068 – E-mail Submission Operations: Access and Accountability Requirements (BCP 134)
RFC 5321 – The Simple Mail Transfer Protocol (obsoletes RFC 821 aka STD 10, RFC 974, RFC 1869, RFC 2821)
RFC 5322 – Internet Message Format
Simple Mail Transfer Protocol it is the important protocol for email through sending Internet, The important advantage of Simple Mail Transfer Protocol is that email message are sent more efficiently.

Friday, July 10, 2009

Server 2003 Active directory

Introduction : Active directory service provides the means to manage the identities and relationships that make up network environments. Active directory as is
Stores information about object in a Windows server 2003 network and makes this information easy for administrators ans users to find and use and Microsoft active directory as is Given the importance of Microsoft Active Directory to your Windows environment, keeping it safe and secure is naturally a top priority for Windows administrators

There are two types of Active Directory groups :-
1) Security group and distribution group.
1) Security group :- These group can be assigned permission and consist of :User, group, and computer.
2: Distribution group : Distribution group used to group users for applications such as mail.

There are two types of Active directory structure:-
I) Logical Structure.
2) Physical Structure.
The logical structure of active directory include forest,domains,tree,OUS and global catalogs.
Domain : a group of computer and other resources that are part of a windows server2003 network and share a common directory database.

Global catalog : Global catalog used to catch information about all object in a forest , the global catalog enables users and applications to find object in an active directory domain tree if the user or application knows one or more attributes of the target object.
Tree : Tree as is collection of Active directory Domain, that means the trust relationship can be used by all other domain in the forest as a means to access the domain.

Organization Unit - Organization Unit is a Active directory container into which object can be grouped for per mission management.
Forest : Active directory forest as due to represents the external boundary of the directory service.
These are two types of active directory forest :-
I) Single Forest
2) Multiple forest

Some of these Active Directory includes part :-
Internet information services (IIS) :Internet information services used to webser,A built in component of windows server 2003 that allows access to resources on the server through various Internet protocols, such as POP3 IMAP4,HTTP SMTP and FTP.
Domain Naming Services (DNS) : Network services used to TCP/IP network to translated host name(Host name means computer name) to ip address.DNS resolve to host name to ip address for forward lookup Zone, and ip address to computer name for reverse lookup zone.
Transmission control protocol and Internet protocol(TCP/IP):-
This is a Microsoft product, transmission protocol is a connection and reailabe protocol,without Tcp/ip we can not Internet access, tcp/ip bydefult installed 2003 but IPversion 6 in not automatically install so we manually install in ip version6.The Transmission Control Protocol (TCP) is one of the core protocols of the Internet Protocol Suite.

Wednesday, July 8, 2009

FSMO(Flexible Single Master Operation) roles

While Active Directory in general uses a multimaster replication scheme for replicating the directory database between domain controllers, there are certain directory functions that require they be performed on some specific domain controller. These functions are defined by flexible single master operations (FSMO) roles (pronounced "fiz-moe roles") and at any time these roles are uniquely assigned to specific domain controllers in different Active Directory domains. By default GCS (Global Catalog Server) is having all the roles.

If each one of them fails then below are the effects of the same:-

Schema Master – Schema updates are not available – These are generally planned changes and the first step when doing a schema change is normally something like "make sure your environment is healthy". There isn't any urgency if the schema master fails, having it offline is largely irrelevant until you want to make a schema change.
Domain Naming Master – No new domains or application partitions can be added – This sort of falls into the same "healthy environment" bucket as the schema master. I don't know of anyone who has just randomly decided to add a new domain to a forest without much thought or planning...of course, then again, I don't know all that many people either... You might wonder why I mentioned app partitions there as well...personal experience. When we upgraded the first DC to a beta Server 2003 OS which included the code to create the DNS application partitions, we couldn't figure why they weren't instantiated...until we realized that the server hosting the DNM was offline (being upgraded) at the same time. Sure enough, it came online and there they were... But I've never said we were perfect here.
Infrastructure Master – No cross domain updates, can't run any domain preps – Domain preps are planned (again). But no cross-domain updates. That could be important if you have a multi-domain environment with a lot of changes occurring.
RID Master – New RID pools unable to be issued to DC's – This gets a bit more complicated, but let me see if I can make it easy. Every DC is initially issued 500 RID's. When it gets down to 50% (250) it requests a second pool of RID's from the RID master. So when the RID master goes offline, every DC has anywhere between 250 and 750 RIDs available (depending on whether it's hit 50% and received the new pool).
PDC – Time, logins, password changes, trusts – So we made it to the bottom of the list, and by this point you've figured that the PDC has to be the most urgent FSMO role holder to get back online. The rest of them can be offline for varying amounts of time with no impact at all. Users may see funky behavior if they changed their password, but replication will probably have completed before they call the help desk so nothing to worry about, and trust go back to that whole "healthy forest" thing again.

Tuesday, July 7, 2009

Securing IIS 6.0 Web Server on Windows 2003

In present, web servers running on Internet Information Services Internet information service 6.0 are highly popular worldwide - thanks to the .NET and AJAX revolution for designing web applications. Unfortunately, it is also makes Internet Information Services web servers a popular target amongst hacking groups and almost every day we read about the new exploits being traced out and patched. That does not mean that Windows is not as secured as Linux. In fact, it's good that we see so many patches being released for Windows platform as it clearly shows that the vulnerabilities have been identified and blocked.
Many tools are available on the Internet which allows an experienced or a beginner hacker to identify an exploit and gain access to a web server. The most common of them are:
Secure the Operating System:
The first step is to secure the operating system which runs the web server. Ensure that the Windows 2003 Server is running the latest service pack which includes a number of key security enhancements.
UNICODE and CGI-Decode - where the hacker uses the browser on his or her computer to run malicious scripts on the targeted server. The script is executed using the IUSR_ account also called the "anonymous account" in IIS. Using this type of scripts a directory transversal attack can be performed to gain further access to the system.
IPP (Internet Printing Protocol) - which makes use of the IPP buffer overflow. The hacking application sends out an actual string that overflows the stack and opens up a window to execute custom shell code. It connects the CMD.EXE file to a specified port on the attacker's side and the hacker is provided with a command shell and system access.
Always use NTFS File System:
NTFS file system provides granular control over user permissions and lets you give users only access to what they absolutely need on a file or inside a folder.
Remove Unwanted Applications and Services:
The more applications and services that you run on a server, the larger the attack surface for a potential intruder. For example, if you do not need File and Printer sharing capabilities on your shared hosting platform, disable that service.
Use Least Privileged Accounts for Service:
Always use the local system account for starting services. By default Windows Server 2003 has reduced the need for service accounts in many instances, but they are still necessary for some third-party applications. Use local system accounts in this case rather than using a domain account. Using a local system account means you are containing a breach to a single server.
Rename Administrator and Disable Guest:
Ensure that the default account called Guest is disabled even though this is a less privileged account. Moreover, the Administrator account is the favorite targets for hackers and most of the malicious scripts out there use this to exploit and vulnerable server. Rename the administrator account to something else so that the scripts or programs that have a check for these accounts hard-coded fail.
Run MBSA Scan:
This is one of the best way to identify security issues on your servers. Download the Microsoft Base Line Security tool and run it on the server. It will give you details of security issues with user accounts, permissions, missing patches and updates and much more.
Latest Patches and Updates:
Ensure that the latest patches, updates and service packs have been installed for .NET Framework. These patches and updates fix lot of issues which enhances the security of the web server.
Permissions for Web Content:
Ensure that Script Source Access is never enabled under a web site's property. If this option is enabled, users can access source files. If Read is selected, source can be read; if Write is selected, source can be written to. To ensure that it is disabled, open IIS, right click the Websites folder and select Properties. Clear the check box if it is enabled and propagate it to all child websites.
Use Application Isolation:
I like this feature in IIS 6.0 which allows you to isolate applications in application pools. By creating new application pools and assigning web sites and applications to them, you can make your server more efficient and reliable as it ensures that other applications or sites do not get affected due to a faulty application running under that pool.
Summary
All of the aforementioned IIS tips and tools are natively available in Windows. Don't forget to try just one at a time before you test your Web accessibility. It could be disastrous if all of these were implemented at the same time making you wonder what is causing a problem in case you start having issues.
Final tip: Go to your Web server and Run "netstat -an" (without quotes) at the command line. Observe how many different IP addresses are trying to gain connectivity to your machine, mostly via port 80. If you see that you have IP addresses established at a number of higher ports, then you've already got a bit of investigating to do.

Friday, July 3, 2009

Internet Information Service on Windows Server 2003

Internet information services used for web server, Internet Information Service built in component of windows server 2003 that it is allows access to resources on the server through various Internet protocols, such as POP3 IMAP4,HTTP SMTP and FTP.IIS server provide the services of Simple Mail Transport Protocol,we can send emails using SMTP. Internet Information Service it is used to make your computer a web server,
Internet information server is a world wide web server,Internet Information Service means that you can publish WWW pages and extend into the realm of Active Server Pages where by Java or VB script can generate the pages on the fly. Internet Information Service 7.5 as support operating system windows server 2008, it is latest update to the Internet information service 7.0 server
Internet Information Service contents are :-
1Versions
2 History
3 Microsoft Web Platform Installer
4 Security
5 Authentication Mechanisms
6 Version 7.0
7 Version 7.5
8 IIS Media Pack
9 See also
10 References
11 External links

Internet Information Service Support Versions are :-
IIS 1.0, Windows NT 3.51 available as a free add-on
IIS 2.0, Windows NT 4.0
IIS 3.0, Windows NT 4.0 Service Pack 3
IIS 4.0, Windows NT 4.0 Option Pack
IIS 5.0, Windows 2000
IIS 5.1, Windows XP Professional, Windows XP Media Center Edition
IIS 6.0, Windows Server 2003 and Windows XP Professional x64 Edition
IIS 7.0, Windows Server 2008 and Windows Vista (Business, Enterprise, Ultimate Editions)
IIS 7.5, Windows Server 2008 R2 (Beta) and Windows 7 (Beta)
Microsoft Internet Information Service 7.0 is latest version of their web server, Internet information service has been designed to most secure and flexible web and application plat form from Microsoft.
Internet Information Service media Pack is a set of a free modules for forwarding digital audio and video files from Internet information service 7.0 web server. The Internet Information service media pack provides cost saving and control benefit of streaming media server to web server to delivery of medial files.
Microsoft Web Platform Installer :
Microsoft Web Installer platform is a simple tool that installs Microsoft's entire Web Platform including are :
IIS
Visual Web Developer 2008 Express Edition
SQL Server 2008 Express Edition
Microsoft .NET Framework
Silver light Tools for Visual Studio
Supported Operating Systems as is : Windows Vista RTM, Windows Vista SP1, Windows XP, Windows Server 2003, Windows Server 2008 Supported Architectures: x86 and 64-bit
Authentication Mechanisms:-
Internet Information Service support the following authentication mechanisms :
Basic access authentication
Digest access authentication
Integrated Windows Authentication
.NET Passport Authentication
How to Install Internet Information Service: Go to control panel and select Add Remove programs,From that windows select Add Remove Windows Component, After you can see Internet Information Service check box,then select this then press OK........Installation will be started.......After some time installation process will be done. Internet Information can be used.

Wednesday, July 1, 2009

File Server,How to install a File Server on windows server 2003

A file server is a computer and storage device dedicated to storing files. Any user on the network can store files on the server, as it manages and shared application and data, Or A file server as a computer on the network which contains primary files or applications and shares them as requested with the other computers on the network.
Using File server can provide the follwowing benefits :-
It is provide storage server to accept important documents.
It is used as a load-balancing between servers
File Server Preferences : Any server you can connect to and upload to in finder apple file sharing servers ,windows sharing and webdav.
File Server contents as is :-
1)History of file servers
2) Types of file servers
3) Design of the file servers:- storege, filters, security
4) References


How to install a File Server on windows server 2003 :-
1) First step you Open the start menu and then click administrator and after that configure the server.
2) After that click next
3) Again next.
4) Then click file server in the server role box and then click next, on the file server disk quotas page configure any quotas you need to disk space usage on the server and then click Next. after that on the file server indexing service page you need to click indexing configuration that appropriate for you server and then click Next.
5) And choose the next and after it Finish.
6) The share folder wizard starts and then click.
7) click the Browse items and then OK.
8) And then Next.
9) you can type the share name for the folder that you want to share , and then click OK.
10) click Next.
11) Click the one of the basic permission for the folder, after that finish.
How to Manually Install a File Server on windows server 2003 :-
1)Click start and then click windows explorer.
2) that you want to share, Right click the folder and then click sharing and security.
3) Click the share this folder .and then accept default name for the sahare.
4) Configure the number of users who can connect and you configure permission for this folder, after that Ok.
5) Windows explorer windows to indicate that the folder is begin shared.
 
Blog Directory 001 Subscribe My Feed