General Networking Articles

Article / Updated 08-31-2023

As an IT professional, cybersecurity is the thing most likely to keep you awake at night. You must consider two basic elements as part of your cybersecurity plan: Prevention: The first pillar of cybersecurity is technology that you can deploy to prevent bad actors from penetrating your network and stealing or damaging your data. This technology includes firewalls that block unwelcome access, antivirus programs that detect malicious software, patch management tools that keep your software up to date, and antispam programs that keep suspicious email from reaching your users’ inboxes. The most important part of the prevention pillar is the human firewall. Technology can only go so far in preventing successful cyber attacks. Most successful attacks are the result of users opening email attachments or clicking web links that they should have known were dangerous. Thus, in addition to providing technology to prevent attacks, you also need to make sure your users know how to spot and avoid suspicious email attachments and web links. Recovery: The second pillar of cybersecurity is necessary because the first pillar isn’t always successful. Successful cyber attacks are inevitable, so you need to have technology and plans in place to quickly recover from them when you do.

Article / Updated 08-31-2023

Security techniques and technology — physical security, user account security, server security, and locking down your servers — are child’s play compared with the most difficult job of network security: securing your network’s users. All the best-laid security plans are for naught if your users write down their passwords on sticky notes and post them on their computers and click every link that shows up in their email. The key to securing your network users is to empower your users to realize that they’re an important part of your company’s cybersecurity plan, and then show them what they can do to become an effective human firewall. This necessarily involves training, and of course IT training is usually the most dreaded type of training there is. So, do your best to make the training fun and engaging rather than dull and boring. If training isn’t your thing, search the web. You’ll find plenty of inexpensive options for online cybersecurity training, ranging from simple and short videos to full-length online courses. You’ll also need to establish a written cybersecurity policy and stick to it. Have a meeting with everyone to go over the security policy to make sure that everyone understands the rules. Also, make sure to have consequences when violations occur. Here are some suggestions for some basic security rules you can incorporate into your security policy: Never write down your password or give it to someone else. Accounts should not be shared. Never use someone else’s account to access a resource that you can’t access under your own account. If you need access to some network resource that isn’t available to you, you should formally request access under your own account. Likewise, never give your account information to a co-worker so that he or she can access a needed resource. Your co-worker should instead formally request access under his or her own account. Don’t install any software or hardware on your computer — especially wireless access devices or modems — without first obtaining permission. Don’t enable file and printer sharing on workstations without first getting permission. Never attempt to disable or bypass the network’s security features.

Article / Updated 09-30-2022

As a network administrator, the Internet is your best friend for networking resources, solutions, news, and guidance. Here are some websites for you to visit often. To register domains: InterNIC Network Solutions register.com To check your TCP/IP configuration: DNSstuff To see if your email server has been blocklisted: DNSBL.info To stay current in the industry, try these standards organizations: Institute of Electrical and Electronics Engineers International Organization for Standardization Internet Engineering Task Force Internet Society

Article / Updated 08-01-2022

Transmission control protocol/Internet protocol (TCP/IP), the protocol on which the Internet is built, is actually not a single protocol but rather an entire suite of related protocols. TCP is even older than Ethernet. It was first conceived in 1969 by the Department of Defense. Currently, the Internet Engineering Task Force, or IETF, manages the TCP/IP protocol suite. The TCP/IP suite is based on a four-layer model of networking that is similar to the seven-layer open systems interconnection (OSI) model. The following illustration shows how the TCP/IP model matches up with the OSI model and where some of the key TCP/IP protocols fit into the model. As you can see, the lowest layer of the model, the Network Interface layer, corresponds to the OSI model’s Physical and Data Link layers. TCP/IP can run over a wide variety of Network Interface layer protocols, including Ethernet, as well as other protocols, such as Token Ring and FDDI (an older standard for fiber-optic networks). The Application layer of the TCP/IP model corresponds to the upper three layers of the OSI model — that is, the Session, Presentation, and Application layers. Many protocols can be used at this level. A few of the most popular are HTTP, FTP, Telnet, SMTP, DNS, and SNMP. IP IP is a network layer protocol that is responsible for delivering packets to network devices. The IP protocol uses logical IP addresses to refer to individual devices rather than physical (MAC) addresses. A protocol called ARP (for address resolution protocol) handles the task of converting IP addresses to MAC addresses. Because IP addresses consist of a network part and a host part, IP is a routable protocol. As a result, IP can forward a packet to another network if the host is not on the current network. (The ability to route packets across networks is where IP gets its name. An Internet is a series of two or more connected TCP/IP networks that can be reached by routing.) TCP TCP is a connection-oriented transport layer protocol. TCP lets a device reliably send a packet to another device on the same network or on a different network. TCP ensures that each packet is delivered if at all possible. It does so by establishing a connection with the receiving device and then sending the packets. If a packet doesn’t arrive, TCP resends the packet. The connection is closed only after the packet has been successfully delivered or an unrecoverable error condition has occurred. One key aspect of TCP is that it’s always used for one-to-one communications. In other words, TCP allows a single network device to exchange data with another single network device. TCP isn’t used to broadcast messages to multiple network recipients. Instead, the user datagram protocol (UDP) is used for that purpose. Many well-known application layer protocols rely on TCP. For example, when a web browser requests a page, the browser uses HTTP to send a request via TCP to the web server. When the web server receives the request, it uses HTTP to fulfill the request, again via TCP. Other Application layer protocols that use TCP include Telnet (for terminal emulation), FTP (for file exchange), and SMTP (for e-mail). UDP The user datagram protocol is a connectionless transport layer protocol that is used when the overhead of a connection isn't required. After UDP has placed a packet on the network (via the IP protocol), it forgets about it. UDP doesn't guarantee that the packet actually arrives at its destination. Most applications that use UDP simply wait for any replies expected as a result of packets sent via UDP. If a reply doesn't arrive within a certain period of time, the application either sends the packet again or gives up. Probably the best-known application layer protocol that uses UDP is the domain name system (DNS). When an application needs to access a domain name such as www.dummies.com, DNS sends a UDP packet to a DNS server to look up the domain. When the server finds the domain, it returns the domain's IP address in another UDP packet.

Cheat Sheet / Updated 03-01-2022

To create and configure a Cisco network, you need to know about routers and switches to develop and manage secure Cisco systems. Become acquainted with Cisco network devices and code listings; and find out how to manage static routing and view routing information.

Cheat Sheet / Updated 02-28-2022

As a network administrator, you know that TCP/IP is the glue that holds the Internet and the Web together. As well as being familiar with security terms and general definitions, you need to pay attention to RFCs (Requests for Comment) published by the Internet Engineering Task Force. You can comment on, learn from, and submit RFCs yourself.

Cheat Sheet / Updated 02-03-2022

PowerShell 5.1 is the version of Windows PowerShell that ships with Windows Server 2022, Windows Server 2019, and Windows Server 2016. It’s available for installation on Windows Server 2008 R2 with Service Pack1, Windows Server 2012, and Windows Server 2012 R2. The last three operating systems must have Windows Management Framework 5.1 installed to support PowerShell 5.1. You can upgrade to PowerShell 7.2 fairly easily (the more recent version from Microsoft), though the examples on this Cheat Sheet were only tested in PowerShell 5.1.

Article / Updated 12-27-2021

When you first create a file share on your network, all users are granted read-only access to the share. If you want to allow users to modify files in the share or allow them to create new files, you need to add permissions. Here’s how to do this using Windows Explorer: Open Windows Explorer by pressing the Windows key and clicking Computer; then browse to the folder whose permissions you want to manage. Right-click the folder you want to manage and then choose Properties from the contextual menu. The Properties dialog box for the folder appears. Click the Sharing tab; then click Advanced Sharing. The Advanced Sharing dialog box appears. Click Permissions. The dialog box shown appears. This dialog box lists all the users and groups to whom you’ve granted permission for the folder. Initially, read permissions are granted to a group called Everyone, which means that anyone can view files in the share but no one can create, modify, or delete files in the share. When you select a user or group from the list, the check boxes at the bottom of the list change to indicate which specific permissions you’ve assigned to each user or group. Click the Add button. The dialog box shown appears. Enter the name of the user or group to whom you want to grant permission and then click OK. If you’re not sure of the name, click the Advanced button. This action brings up a dialog box from which you can search for existing users. When you click OK, you return to the Share Permissions tab, with the new user or group added. Select the appropriate Allow and Deny check boxes to specify which permissions to allow for the user or group. Repeat Steps 5–7 for any other permissions that you want to add. When you’re done, click OK. Here are a few other thoughts to ponder concerning adding permissions: If you want to grant full access to everyone for this folder, don’t bother adding another permission. Instead, select the Everyone group and then select the Allow check box for each permission type. You can remove a permission by selecting the permission and then clicking the Remove button. If you’d rather not fuss with the Share and Storage Management console, you can set the permissions from My Computer. Right-click the shared folder, choose Sharing and Security from the contextual menu, and then click Permissions. Then you can follow the preceding procedure, picking up at Step 5. The permissions assigned in this procedure apply only to the share itself. The underlying folder can also have permissions assigned to it. If that’s the case, whichever of the restrictions is most restrictive always applies. If the share permissions grant a user Full Control permission but the folder permission grants the user only Read permission, for example, the user has only Read permission for the folder.

Article / Updated 12-27-2021

Although an occasional sacrifice to the Office gods may make your networking life a bit easier, a template isn’t a place of worship. Rather, a template is a special type of document file that holds formatting information, boilerplate text, and other customized settings that you can use as the basis for new documents. Three Office programs — Word, Excel, and PowerPoint — enable you to specify a template whenever you create a new document. When you create a new document in Word, Excel, or PowerPoint by choosing File → New, you see a dialog box that lets you choose a template for the new document. Office comes with a set of templates for the most common types of documents. These templates are grouped under the various tabs that appear across the top of the New dialog box. In addition to the templates that come with Office, you can create your own templates in Word, Excel, and PowerPoint. Creating your own templates is especially useful if you want to establish a consistent look for documents prepared by your network users. For example, you can create a Letter template that includes your company’s letterhead or a Proposal template that includes a company logo. Office enables you to store templates in two locations. Where you put them depends on what you want to do with them: The User Templates folder on each user’s local disk drive: If a particular user needs a specialized template, put it here. The Workgroup Templates folder on a shared network drive: If you have templates that you want to make available to all network users on the network server, put them here. This arrangement still allows each user to create templates that aren’t available to other network users. When you use both a User Templates folder and a Workgroup Templates folder, Office combines the templates from both folders and lists them in alphabetical order in the New dialog box. For example, the User Templates folder may contain templates named Blank Document and web Page, and the Workgroup Templates folder may contain a template named Company Letterhead. In this case, three templates appear in the New dialog box, in this order: Blank Document, Company Letterhead, and web Page. To set the location of the User Templates and Workgroup Templates folders, follow these steps in Microsoft Word: In Word, create a new document or open an existing document. It doesn't matter which document you use. This step is required simply because word doesn't let you access the template folder locations unless a document is open. Choose File, and then Options. The Word Options dialog box opens. Click the Advanced tab. The Advanced options appear. Scroll down to the General section and then click the File Locations button. The File Locations dialog box appears. Double-click the Workgroup Templates item. This step opens a dialog box that lets you browse to the location of your template files. Browse to the template files and then click OK. You return to the File Locations dialog box. Click OK to dismiss the File Locations dialog box. You return to the Word Options dialog box. Click OK again. The Word Options dialog box is dismissed. Although the User Templates and Workgroup Templates settings affect Word, Excel, and PowerPoint, you can change these settings only from Word. The Options dialog boxes in Excel and PowerPoint don’t show the User Templates or Workgroup Templates options. When you install Office, the standard templates that come with Office are copied into a folder on the computer’s local disk drive, and the User Templates option is set to this folder. The Workgroup Templates option is left blank. You can set the Workgroup Templates folder to a shared network folder by clicking Network Templates, clicking the Modify button, and specifying a shared network folder that contains your workgroup templates.

Step by Step / Updated 12-27-2021

User accounts are among the basic tools for managing a Windows server. As a network administrator, you’ll spend a large percentage of your time dealing with user accounts To create a new domain user account in Active Directory, follow these steps: