The Essentials of Networking
- Network Card Troubleshooting
- Use Device Manager –> NIC properties for information/configuration.
- Change duplex and wake-on LAN settings there
- Link lights show connectivity, activity, and (sometimes) speed.
- Full-Duplex–the NIC is talking & listening at the same time.
- Half-Duplex–
- Wake-on LAN–wakes up a computer from sleeping if certain information comes in (a so-called ‘magic packet’).
- Working With Connections–NETSTAT
- The ‘netstat’ command shows important information about connections.
- Use netstat switches ‘-n’ and ‘-a’ as needed.
- Consider a 3rd-party tool, such as TCPView as an alternative to netstat.
- TCPView is from SysInternals website.
- Netstat–shows statistics for different connections (usually TCP/UDP)
- ex: Windows folder sharing–(Port 445)
- TCPView is a ‘3rd-party’ tool that is like graphical Netstat.
- shows things happening ‘in-the-moment’.
- Windows Naming
- Windows naming is designed for LANs.
- When you install Windows, you give the computer a Windows name.
- All Windows systems will be a member of a domain or a workgroup.
- A Windows system will either be a ‘workgroup’ or a ‘member’ of an ‘Active Directory’ domain (there’s no exception to this rule!).
- Homegroups are a more secure & automated organization, but still a workgroup.
- ‘Netbios’ / ‘netbt’–a Windows specific naming convention.
- ‘DNS’ is the naming convention often used.
- Working With Active Directory
- An ‘Active Directory’ domain requires a dedicated domain controller.
- Windows domains support singe sign-on.
- Domains support domain policies, login scripts & running profiles.
- We use ‘Organizational Units’ to organize the Active Directory.
- Domain admin (not to be confused with the local admin!) has the power to add any computer to the domain.
- Windows Sharing with Mac & Linux
- SMBs (Server Message Blocks) are Windows’ method for network connectivity.
- SAMBA–a Windows folder & printer sharing emulation tool built into Linux & Macs.
- SAMBA comes with Linux & Macs to connect to Windows networks.
- You need to know the workgroup or Domain name as well as give the system a computer name.
- SAMBA still requires a computer name!
- LAN manager (goes back to the 1980’s) has evolved to SMB.
- Net Command (old & complicated; allows you to do many networking things)
- The ‘NET’ command has many switches.
- ‘NET VIEW’ shows the systems & the shares in a workgroup or domain.
- ‘NET SHARE’ shares folders or views shared folders.
- The ‘NETUSE’ command accesses shared folders.
- ex: ‘net share shareit = c:\stuff
- ‘NET USER’ creates and deletes user accounts.
- Firewall Configuration
- Firewalls are common on gateway routers.
- The firewall’s “access control list” (ACL) defines what may or may not forward or filter (what people can or can’t do or access).
- Stateless firewalls block on fixed criteria, such as port number, time of day, URL, etc.
- Stateful firewalls block based on actions taking place at that moment (e.g., too many pings)
- Principle of least privilege–give people just enough access to do what they need to do. More challenging to configure, so people often use an ‘Access list/Deny List’ (aka…Blacklist/Whitelist…an increasing antiquated industry term in today’s cultural environment)
- Deny List/Blacklist–blanket list of things that you can’t go to
- Access List/Whitelist–blanket list of only things you can go to.
- DMZ (Demilitarized zone)
- careful to know what a “Real DMZ” set-up is (it has a second router separating the real internal network from things that can be publicly accessed, like file or web servers.
- 3rd party services also offer firewalls.
- Windows Firewall
- Windows Defender Firewall is a host-based firewall that comes with Windows.
- Host firewalls protect systems using host features such as filenames or process ID’s.
- Defender Firewall has three settings: Domain, Public & Private.
- You can create exceptions manually if needed.
- All operating systems have a built-in host based firewall.
- Port Forwarding
- A ‘port forward’ is when a NAT router opens incoming traffic on a certain port, access to a single system on the internal network.
- You can configure port forwarding on the NAT router.
- We often use non-standard port numbers for security.
- We use Dynamic DNS to give DNS names to port forward devices.
- Wireless Encryption
- The obsolete WEP encryption is easily cracked today and is never to be used.
- WPA introduced TKIP-personal shared key and RADIUS authentication.
- WPA2 added AES encryption.
- WPS automates encryption, but is easily crackable.
- WEP (Wired Equivalent Privacy)–used RC-4 (easily crackable)
- TKIP (Temporal Key Integrity Protocol)
- AES (Advanced Encryption Standard)
- AES is still used as the primary encryption standard
- Pre-shared key/ Personal key
- RADIUS Server
- WPA (Wi-Fi Protected Access) PSK (Personal Shared Key)
- WPA2
- TKIP is WPA and AES is WPA2
- WPS (Wi-Fi Protected Setup)–very easily hacked!
- Bottom Line–In a SOHO (Small Office/Home Office) environment you will setup encryption & that encryption will be WPA2 and its gonna be Personal Shared Key.
- Enterprise Wireless Setup
- Enterprise WAPs often use Power over Ethernet (PoE).
- Use powerful wireless analysis tools to determine WAP location.
- Enterprise networks often use RADIUS or TACACS+ protocols for authentication.
- AAA (Authorization, Authentication, Accounting)
- Two or more WAPs sharing the same SSID are known as ESSIDs.
- PoE (Power over Ethernet) eliminates need for A/C adopter.
- PoE (1st generation) and PoE+
- PoE+ provides a lot more electricity for individual devices.
- Needs an equivalent PoE-capable switch or a PoE injector
- Enterprise Wireless Configuration
- ESSID (Extended SSID)–same SSID on all the individual devices (individual WAPs) and all are a member of the same WAN.
