Computer Networks FAQs

Computer Networking, Security and Hacking FAQs
NOTE : This is just a quick effort to have some probable questions which can be asked
during your CNI viva. This is not an alternative to your reference books but just a
supplement. Some questions are repeated and have multiple answers. So be alert while
reading it. And just don’t blame me for any errors found on this document.
-------ALL THE BEST-----------
Q.)What is the difference between a Hub, Switch, and Router
Ans: Hubs operate at ISO layer 1 - physical layer, Switches operates at ISO layer 2 - data
link layer, and Routers operate at ISO layer 3 - network layer.
HUB
When Ethernet was originally designed it used a single fat coax called a backbone.
Individual hosts were physically connected to the backbone. This created a party line.
Each host has to listen for the backbone to be idle before it started talking. It is possible
more then one host will start talking at the same time, in that case the messages collide
making them unintelligible. This condition is detected each transmitter stops talking and
waits a variable interval before attempting to talk again.
The Ethernet network is called a collision domain, since all devices must wait until the
line is clear, and may inadvertently interfere with one another.
When Ethernet was modified to run over Unshielded Twisted Pair (UTP) Category rated
wiring the original coax backbone was shrunk within the hub, called a collapsed
backbone. Functionally a hub operates exactly as the old coax backbone. The ports on the
hub provide a point-to-point connection to the Ethernet interface in each computer. With
a hub each node must wait for the network to be idle and detect collisions between
multiple nodes.
SWITCH
As Ethernet networks grew in speed and size the party line nature was recognized as a
performance limitation. Switches eliminate the collision domain and work much like the
telephone switching system.
When an Ethernet packet arrives at the switch the destination MAC address is examined
and the packet is switched to the proper port. Each Ethernet interface has a Media Access
Controller (MAC) 48-bit address assigned by the hardware vendor. The switch
remembers which MAC addresses are connected to each port. If the Switch does not
know which port to use it floods the packet to all ports. When it gets a response it updates
its internal MAC address table.
This means Port A can talk to C at the same time F is taking to B. This greatly increases
overall performance even though it does not change the speed of individual connections.
Because the collision domain is eliminated connections are able to use full duplex, hosts
can transmit and receive at the same time improving performance even more.
ROUTER
A router is used to interconnect multiple networks.
The Internet is literally “Inter-network” ,a network of networks. Internet router’s work
on IP addresses to determine how best to interconnect the sender to the destination.
Because router’s work at the IP layer different physical networks can be interconnected,
Ethernet, Token Ring, Sonet, even RS232 serial used for dialup can carry IP packets.
Routers intended for home use include Network Address Translation (NAT). This allows
a single address assigned by the ISP to be shared by multiple hosts connected to the local
network.
Q.)Who Created the Internet Network?
Ans: Development of the technologies that became the Internet began decades ago. The
development of the World Wide Web (WWW) portion of the Internet happened much
later, although many people consider this synonymous with creating the Internet itself.
No single person or organization created the modern Internet, including Al Gore,
Lyndon Johnson, or any other individual. Instead, multiple people developed the key
technologies that later grew to become the Internet:
• Email - Long before the World Wide Web, email was the dominant
communication method on the Internet. Ray Tomlinson developed in 1971 the
first email system that worked over the early Internet.
• Ethernet - The physical communication technology underlying the Internet,

Ethernet was created by Robert Metcalfe and David Boggs in 1973.
• TCP/IP - In May, 1974, the Institute of Electrical and Electronic Engineers

(IEEE) published a paper titled "A Protocol for Packet Network Interconnection."
The paper's authors - Vinton Cerf and Robert Kahn - described a protocol called
TCP that incorporated both connection-oriented and datagram services.
This protocol later became known as TCP/IP.
Q.)What are TCP Ports?
ANS: Data transmitted over a network using the Transport Control Protocol/Internet
Protocol (TCP/IP), such as the Internet, includes address information that identifies the
computer (32-bit IP address) and a port. Ports number (16-bit number) the ends of
logical connections used for long-term data transfers between applications.
For example port 80 is the standard File Transfer Protocol (FTP) port used by Hyper
Text Transfer Protocol (HTTP) to send and retrieve web pages. Service contact ports or
"well-known ports" are used to provide services to unknown callers. Port numbers are
divided into three categories and ranges:
• Well Known Ports are those from 0 through 1023

• Registered Ports are those from 1024 through 49151
• Dynamic and/or Private Ports are those from 49152 through
65535
The list of TCP and User Datagram Protocol (UDP) ports is

maintained by the Internet Assigned Numbers Authority (IANA).
Q.)What are the differences between Category 3, 4, 5, etc. cable

ratings?
Ans: Level 1: Basic telecommunications and power limited circuit cable.
Level 2: Up to to 1 MHz.
Category 3 (CAT3) is rated for transmission frequencies up to 16MHz.
It is typically used for voice and data transmission rates up 10 Mbps (mega bits per
second).
Twisted-pair (not flat) phone wire.
CAT 4: frequencies up to 20 MHz... Voice and data transmission rates up to 16 Mbps.
CAT 5: frequencies up to 100 MHz... Voice and data transmission rates up to 100Mbps.
CAT 5e: frequencies up to 100 MHz. CAT 5e components have better transmission
performance characteristics than CAT 5 and are most suitable for use in high-speed
Gigabit Ethernets. Yes, 100 Mhz.
CAT 6 Supports transmissions up to 250 MHz.
Q.)What is the difference between an Ethernet hub and switch?
ANS: Although hubs and switches both glue the PCs in a network together, a switch is
more expensive and a network built with switches is generally considered faster than one
built with hubs.
When a hub receives a packet (chunk) of data ( frame int the Ethernet lingo)on the
network, it transmits (repeats) the packet to all of its ports and, thus, to all of the other
PCs on the network.
If two or more PCs on the network try to send packets at the same time a collision is said
to occur. When that happens all of the PCs have to go though a routine to resolve the
conflict. The process is prescribed in the Ethernet Carrier Sense Multiple Access with
Collision Detection (CSMA/CD) protocol. Each Ethernet Adapter has both a receiver and
a transmitter. If the adapters didn't have to listen with their receivers for collisions they
would be able to send data at the same time they are receiving it (full duplex). Because
they have to operate at half duplex (data flows one way at a time) and a hub retransmits
data from one PC to all of the PCs, the maximum bandwidth is 100 Mhz and that
bandwidth is shared by all of the PC's connected to the hub. The result is when a person
using a computer on a hub downloads a large file or group of files from another computer
the network becomes congested. In a 10 Mhz 10Base-T network the affect is to slow the
network to nearly a crawl. The affect on a small, 100 Mbps (million bits per scond), 5-
port network is not as significant.
Two computers can be connected directly together in an Ethernet with a crossover

cable. A crossover cable doesn't have a collision problem. It hardwires the Ethernet
transmitter on one computer to the receiver on the other. Most 100BASE-TX Ethernet
Adapters can detect when listening for collisions is not required with a process known as
auto-negotiation and will operate in a full duplex mode when it is permitted. The result is
a crossover cable doesn't have delays caused by collisions, data can be sent in both
directions simultaneously, the maximum available bandwidth is 200 Mbps, 100 Mbps
each way, and there are no other PC's with which the bandwidth must be shared.
An Ethernet switch automatically divides the network into multiple segments, acts as a
high-speed, selective bridge between the segments, and supports simultaneous
connections of multiple pairs of computers which don't compete with other pairs of
computers for network bandwidth. It accomplishes this by maintaining a table of each
destination address and its port. When the switch receives a packet, it reads the
destination address from the header information in the packet, establishes a temporary
connection between the source and destination ports, sends the packet on its way, and
then terminates the connection.
Picture a switch as making multiple temporary crossover cable connections between pairs
of computers (the cables are actually straight-thru cables; the crossover function is done
inside the switch). High-speed electronics in the switch automatically connect the end of
one cable (source port) from a sending computer to the end of another cable (destination
port) going to the receiving computer on a per packet basis. Multiple connections like
this can occur simultaneously. It's as simple as that. And like a crossover cable between
two PCs, PC's on an Ethernet switch do not share the transmission media, do not
experience collisions or have to listen for them, can operate in a full-duplex mode, have
bandwidth as high as 200 Mbps, 100 Mbps each way, and do not share this bandwidth
with other PCs on the switch. In short, a switch is "more better."
Q.)Is CAT 5 (and CAT 5e, 6) network cable a good choice for audio applications;
e.g., connecting speakers to an amplifier?
Ans. I have not used network cable for audio other than telephones, but I understand that
it is an excellent choice for audio (analog and digital) and even video applications. Here
are some references.
CAT-5 wiring for analog and digital signals in broadcast ...
"In a recent article, Steve Lampen, a senior audio video specialist for Beldin Wire &
Cable writes, "Digital audio cables make the absolute best analog cables. You can go
farther with flatter frequency response than with any cable designed for analog". This is
because due to it's characteristic low capacitance, data cable is designed to transmit data
at high velocity and wide bandwidths. At audio frequencies, these characteristics will
yield exceptionally flat frequency response, even over very long cable lengths."
Additional info for those contemplating the installation of network cable:
I would use solid core cable for audio work.
See Attaching CAT 5 Network Cable to Studs and Joists.
See http://duxcw.com/digest/Howto/network/cable/cable9.htm for other cabling rules. Be

sure the cable meets your local building codes. Some may require plenum cable. I would
not mix audio/telephone wires with network wires on the same cable or split cables. I
would not install them on the same stud with electric power cables.
As a matter of possible interest, there are all in one cables that have two CAT 5e cables
and two RG-6 cables in them. The last price I saw was $.67/foot. There also cables that
have these cables plus a fiber optic cable for somewhere in the neighborhood of three
times that price. There are probably other cables with “CAT 6” cables. I use “” around
CAT 6 because as far as I know there is no CAT 6 standard yet (but I have not checked in
a couple of months or so). CAT 5e will work for the Gigabit Ethernet (1000BASE-TX) ,
but CAT 6 is supposed to provide more headroom (call it room for error).
Q.)What is an Ethernet MAC address?
Ans. MAC = Media Access Control. Each and every Ethernet device interface to the
network media (e.g., network adapter, port on a hub) has a unique MAC address, which is
"burned" into the hardware when it is manufactured. MAC addresses uniquely identify
each node in a network at the Media Access Control layer, the lowest network layer, the
one that directly interfaces with the media, such as the actual wires in a twisted-pair
Ethernet. In modern Ethernets the MAC address consists of six bytes which are usually
displayed in hexadecimal; e.g.,
00-0A-CC-32-FO-FD
The first three bytes (e.g., 00-0A-CC) are the manufacturer's code and can be used to
identify the manufacturer. The last three are the unique station ID or serial number for
the interface. One can determine the MAC address of an operating Network Interface
Card (NIC or network adapter) in Windows 9X/Me with Start, Run, enter winipcfg, and
select the adapter. In Windows NT, 2000, and XP it can be determined by opening a
DOS Window/Prompt (Start, Programs, Accessories...) and typing:
C:\>ipconfig /all
The MAC address/station ID may be printed on the NIC.
Many broadband routers can clone a NIC MAC address. That is, make the Wide Area
Network (WAN) Ethernet interface going to a cable or DSL MODEM look like a NIC in
a PC. This is useful in that many MODEMs marry themselves to a specific MAC address
when they are first installed and it can be rather difficult to get them to marry themselves
to a new MAC address. The WAN port MAC address on some routers can be manually
changed (e.g., the SMC7004ABR).
It is possible to change/override the MAC address with Windows, etc.
A vendor/Ethernet MAC address lookup service is available at

http://coffer.com/mac_find/.
Q.)What is the cause of most network problems?
Ans. Cables. Sometime ago, I read that about 70% of network problems are caused by
faulty cables. This figure may have been a holdover from older coaxial thin wire
Ethernet networks (http://duxcw.com/faq/network/thinwire.htm), which were notorious,
and one of the reasons twisted-pair networks were developed; however, my experience
shows the problem has not been entirely solved, by any means, and that cabling still
accounts for the bulk of network problems, and especially when installing new networks.
My experience also shows that that percentage is probably higher than 70% when
crossover cables (http://duxcw.com/digest/Howto/network/cable/cable6.htm) are
involved because many of them are custom made by people who do not know how to
make them, use the wrong kind of cable/connectors, do not have proper tools, and do not
test them (http://duxcw.com/faq/network/catest.htm) at Ethernet frequencies.
Understanding and following the instructions at
http://duxcw.com/digest/Howto/network/cable/cable1.htm and other guidance in these
FAQs can help avoid most of these problems. Anyone who sells an untested custom cable
grossly lacks professional acumen is not worthy of future business. Larry
Test Those Patch Cords. 'Recent patch cord testing shows 70% of Category 5e cords
and 83% of Category 6 cords fail to meet TIA requirements... Most patch cord assembly
houses could not afford the equipment or personnel to test cords... cords are usually only
tested for continuity and wire mapping.' Which does not support the TIA answer to this
FAQ: Will contractors be able to make their own patch cords?
Q.)What is DHCP?
A. DHCP = Dynamic Host Configuration Protocol is an Internet protocol. It resides in a

DHCP server and clients that use the server. Simply put, a DHCP server supplies
Internet Protocol (IP) addresses when requested by client computers on a TCP/IP network
that have TCP/IP configured to obtain their IP addresses automatically. A DHCP server
is configured to use a range of IP addresses known as its scope. It automatically and
dynamically manages the allocation of IP addresses within its scope. IP addresses are
assigned to clients under a lease arrangement that can be set for to expire after a given
time.
More DHCP Questions and Answers.
Does it come with windows 2000 when you install it? No.
Is it part of the Operating System? It depends how you define Operating System. The
client is part of the TCP/IP protocol. A DHCP server may come with the Operating
System software.
When you have a cable MODEM from an ISP is the DHCP sitting at the ISP site?
Yes, one of them is. A DOCSIS (Data Over Cable Service Interface Specification) cable
MODEM also has a DHCP server which supplies a local IP address that is used to
connect to the ISP DHCP server top obtain an IP for the Internet.
Is DHCP part part of the Windows 2000 Server the operating system? A DHCP server is
included as a service with Windows NT/2000 Server.
Windows 2000, 98 SE/Me, etc. Internet Connection Server (ICS) software includes a
DHCP server.
Refs:http://www.dhcp.org/
Q.)What are private IP addresses?
Ans. The Internet Assigned Numbers Authority (IANA) has reserved the following three
blocks of the IP address space for private internets (local networks):
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
Also, IP addresses in the range of 169.254.0.0 -169.254.255.255 are reserved for

Automatic Private IP Addressing.
These IP's should not be used on the Internet.
I usually use 192.168.0.1, 192.168.0.2, etc. and a subnet mask of 255.255.255.0 when
assigning static IP addresses to computers on a small Local Area Networks (LANs). If a
DHCP server is also on the LAN it's scope (range of IP addresses that it can assign to
computers on the LAN set to obtain their IP addresses automatically) should be adjusted
so it does not interfere with locally assigned static IP addresses.
Q.)What is Automatic Private IP Addressing (APIPA)?
Ans. Windows 98, 98 SE, Me, and 2000 have an Automatic Private IP Addressing
(APIPA) feature that will automatically assign an Internet Protocol address to a computer
on which it installed. This occurs when the TCP/IP protocol is installed, set to obtain it's
IP address automatically from a Dynamic Host Configuration Protocol server, and when
there is no DHCP server present or the DHCP server is not available. The Internet
Assigned Numbers Authority (IANA) has reserved private IP addresses in the range of
169.254.0.0 -169.254.255.255 for Automatic Private IP Addressing.
After the network adapter has been assigned an automatic IP address, a computer can
communicate with any other computers on the local network that are also configured by
APIPA or have static IP address manually set to the 169.254.x.y (where x.y is the client's
unique identifier) address range with a subnet mask of 255.255.0.0.
You may want to turn-off this feature if...
• Your network uses routers, including broadband routers with built-in DHCP
servers).
• Your network is connected to the Internet without a NAT or proxy server.
Use Start, Run, enter winipcfg, select the adapter for Windows 98, 98 SE, Me to detect
APIPA and to release and renew the automaitc IP when a DHCP server becomes
available. The windows 2000 equivalent is ipconfig. Use Start, Run, enter cmd and then
enter ipconfig at the command prompt. Enter...
c:\>ipconfig /?
... to obtain a list of command options.
See Microsoft Knowledgebase Article Q220874, Automatic Windows 98/Me TCP/IP

Addressing Without a DHCP Server for more information and how to turn-off this
feature.
Q.)What are 10BASE2 and 10BASE5 Ethernet Networks?
Ans. 10BASE2 (or "thinwire" Ethernet or “Cheapernet”) is denotes the IEEE 802.3
physical Layer specification for a 10 Mbits/sec. data rate, baseband network with a 185-
meter maximum segment length. It uses RG-58/AU stranded core coaxial cable.
10base5 (or "thickwire" Ethernet) is the physical Layer Specification for a 10 Mbps
baseband network with a 500-meter maximum segment length. It uses double-shielded
RG-11 coaxial cable.
Q.)How can I test twisted-pair Ethernet cables?
Ans. Twisted--pair cable testers capable of certifying twisted-pair cables for operation at
Ethernet speeds cost in the neighborhood of $3,000 to $5,000. Simple continuity testers,
which are relatively inexpensive ($30-$50, or probably less at Radio Shack, etc.), send a
tone down the line and/or perform a roundtrip DC resistance test. They do not measure
impedance/line capacitive loading at RF frequencies, noise, and some of the more
esoteric cable properties. They are not adequate tests for certifying cables and do not
guarantee, by any means, that an Ethernet cable will operate at Ethernet speeds. Ethernet
adapters automatically perform a better test than continuity testers as they send multiple
pulses down the line and Link LEDs on them will not light-up unless the cables are wired
so that the correct Ethernet transmitter pins are connected to the correct Ethernet
Receiver pins. However, the Link LEDs can be lit and the cable may still not work.
Short of expensive test equipment, downloading and running Xixia's
QCheck will provide a good indication of whether or not you have a
marginal cable. This program is free and will measure network
throughput at the tcp level. I get a throughputs of 82 to 84 Mbps
between computers connected to a broadband router and total wire
distances of about 120 feet. That is quite good considering the
network protocol overhead. The program runs on Windows Me, NT,
2000, XP, and Linux. It must be running on both computers at the
ends of the cables being tested.
Another test is to substitute a cable to be tested for another one in an

existing network and copy 100 MBytes from the hard disk on one
computer through the cable and network to the hard disk on another
computer. It should take 45 seconds to 1 minute and 15 seconds,
depending on how fast the computers are, especially the hard disk
drives. If it takes minutes, you most likely have a defective cable. I
copy the cab files on the Windows 98 upgrade (d:\win98\*.*) CD
(after copying them from the CD to the hard disk), which are stored
on my file server. If 100 MBytes are transmitted in a reasonable time,
you will have a cable that can send many files without excessive
retransmissions caused by corrupted packets. If you don’t have a
network yet, then first check the Link LEDS, and then perform the copy
test. I have done this many times. The adapter diagnostics and
c:\>net diag are other available tests
Q.)How do I test an Ethernet network interface card (NIC)?
Ans. Most NICs or network adapters come with one or more floppy disks containing
drivers, etc. for various operating systems. These floppies also usually include a
diagnostic program to test the NIC. Many of these programs are DOS-Based and must be
run by booting the computer to DOS or from a DOS window in Windows. Unless you
have a loopback plug installed, the loopback test will probably fail. A loopback plug
directs signals from the NIC's transmitter back to it's receiver. An indicator that a NIC
and cabling is functioning is to check the LINK (sometimes labeled LNK, etc.) and
Activity (ACT, etc.) LEDs, if there are any, on the NIC and on the device at the other end
of the cable. The LINK should be solid with no flickering and the ACTIVITY should be
blinking, which indicates, of course, network activity. This indication is not as thorough
a test as the diagnostics program and it is not foolproof (see Why would the Link (or
LNK) LEDs be on solid, if there is a faulty cable connecting two Ethernet devices?).
The diagnostics program and LED observations may not conclusively show that the NIC
is fully functional in Windows. Look for exclamation marks beside the NIC driver in the
Windows 9x/Me Device Manager (click Start, Settings, Control Panel, System, Device
Manger...), which indicate a resource conflict and run the Windows Resource Conflict
Troubleshooter if you find any. Look for multiple instances of the NIC driver in the
network configuration (click Start, Settings, Control Panel, Network and remove all of
them, if you find any, restart Windows and reinstall the driver, etc. Run hwinfo (click
Start, Run, and enter hwinfo /ui). To help narrow-down problems, click View in the
main menu and select Devices with Problems. Once these steps are completed and the
NIC passes, try copying about 100 MBytes of files to another computer on the network.
Net diag and ping are useful tools for further testing a NIC and a network. For more info,
open a DOS windows and type:
C:\>ping /?
and
C:\>net /?
Ping requires that the TCP/IP protocol be installed, and IP addresses be assigned at both
ends of the network segment to be tested.
net diag is a useful low-level network test.
Q.)How is Network Performance Measured?

ANS. The measure of computer network performance is commonly given in units of
bits per second (bps). This quantity can represent either an actual data rate or a theoretical
limit to available network bandwidth.
Modern networks support very large numbers of bits per second. Instead of quoting
10,000 bps or 100,000 bps, networkers normally express these quantities in terms of
larger quantities like "kilobits," "megabits," and "gigabits."
The following equations define the mathematics behind these terms:
• 1 Kbps = 1 kbps = 1 kilobit per second = 1,000 bits per second

• 1 Mbps = 1,000 Kbps
• 1 Gbps = 1,000 Mbps
In networking, both "kbps" with a lowercase 'k' and "Kbps" with an uppercase 'K' can be
used interchangeably.
Technically, network speed can also be expressed in units of bytes per second,
abbreviated as "Bps" with a capital 'B'. Use of these quantities is discouraged in
networking to avoid confusion with the bits per second standard:
• 1 KBps = 1 kBps = 1 kilobyte per second = 8,000 bits per second
The conventions used for measuring the capacity of computer disks and memory might
appear similar at first to those for networks. Do not confuse these conventions.
Capacity is normally measured in units of "kilobytes," "megabytes," and "gigabytes." In

this non-network usage, 'K' represents a multiplier of 1,024 and 'k' represents a multiplier
of 1,000 capacity. The following equations define the mathematics behind these terms:
• 1 KB = 1,024 bytes
• 1 kB = 1,000 bytes
• 1 MB = 1,024 KB
• 1 GB = 1,024 MB
Q.)What is the difference between Port Forwarding and Port Triggering? (#5799)
Port forwarding:
New connections from the outside to a certain port or port range go to a designated LAN
machine. The ports are determined by the kind of server you want to run, (e.g. 80 for a
web server) and the IP is the private LAN IP of your web server.
Port triggering: new connections from the outside to a certain port go to whatever LAN
machine made a certain outgoing connection (as defined by destination port).
Example: You define port 25 as trigger and 113 as port. If any of your LAN machines
creates a outgoing connection (=trigger) to port 25 (e.g. to send mail), all incoming
connections to port 113 will temporarily go that that machine. After a timeout, new 113
connections will again be dropped as in case (1).
No port forwarding defined:

Only return traffic of connections established from the LAN side can make it to the LAN.
They go to the machine that requested the packet according to the dynamic NAT table in
the router. This mode is sufficient for typical internet use (browsing, e-mail,
downloading, etc.). All new connection attempts from the outside are dropped, because
they were not requested by anyone. (There are more complicated cases, e.g. with ftp, but
a good router will be able to take care of the secondary connections by special algorithms
(ftp-alg).
What is the maximum length of an ethernet cable (AKA segment) ? (#7800)
COPPER (UTP & COAXIAL) LENGTHS:
Gigabit Ethernet (over copper), 1000baseT

Length: 100 Meters
Cable: UTP (Cat5 and up ONLY)
Fast Ethernet, 100BaseTX

Length: 100 Meters
Cable: UTP (Cat5 and up ONLY)
Twisted Pair Ethernet, 10BaseT

Length: 100 Meters
Cable: UTP (Cat 3 and up)
Thin Ethernet, 10Base2

Length: 185 Meters
Cable: RG-58 type coax
Thick Ethernet, 10Base5

Length: 500 Meters
Cable: RG-58 type coax
FIBRE OPTIC LENGTHS:
10BaseFL (Multimode fibre)

Length: 2000m or 2km
100BaseFX Half-duplex (Multimode fibre)

Length: 412m
100BaseFX Full-duplex (Multimode fibre)

Length: 2000m or 2km
100BaseFX Full-Duplex ONLY (Singlemode fibre)

Length: 2-40,000m or 2-40km *(see note)
1000Base-LX
Length: 550m (62.5 or 50 multimode fibre)
3000m (10 singlemode fibre)
1000Base-SX
Length: 250m (62.5 multimode fibre)
550m (50 multimode fibre)
1000Base-CX
Length: 25m (requires new type of shielded cable)
*NOTE: These lengths can vary by equipment vendor. Some products enable 100Mbps
Full Duplex over 100km now (or 60Miles).
What is an IP address?
2004-12-22: an IP address (Internet Protocol address) is a unique identifier that

distinguishes one device from any other on a TCP/IP-based computer network, such as
the Internet. The IP address provides enough information to route data to that specific
computer from any other computer on the network. In the case of the Internet, this
enables you to communicate with web servers, instant messaging servers and other
computers all over the world.
IP addresses are usually not entered directly by end users. Instead, DNS servers are used
to map permanent and user-friendly names like boutell.com to unfriendly and
impermanent IP addresses, such as 64.246.52.10.
An IP address is made up of four numbers, each between 0 and 255. For instance, as of
this writing, the IP address of boutell.com is:
64.246.52.10
The most general information is conveyed by the first number, and the specific
identification of a single computer within a single network is usually made by the last
number. In general, delegation of responsibility for various portions of the IP address
space is carried out by the Asia Pacific Network Information Centre (APNIC), the
American Registry for Internet Numbers (ARIN), the Latin-American And Caribbean
Internet Addresses Registry (LACNIC), and the RIPE Network Coordination Centre
(RIPE NCC).
The above description applies to IPv4, the most commonly used version of the IP
protocol that underlies the Internet and similar networks. A newer system, IPV6,
addresses the fact that the number of IPv4 addresses is limited to approximately four
billion (256 to the fourth power), with the practical maximum considerably lower than
that due to the ways in which addresses are assigned. When much of the Earth's
population begins to use the Internet from a variety of devices, this limitation becomes a
serious problem. IPv6 addresses have a vastly greater range, inexhaustible for all
practical purposes.
You will not always have the same IP address, unless you have specifically arranged for a
fixed IP address, typically from a cable modem, DSL or other high-speed provider.
Therefore, your IP address usually does not uniquely identify you as an individual. When
you dial into your Internet service provider with your modem, an IP address is
temporarily assigned to your computer for the duration of the call. Even web servers such
as boutell.com will typically change their IP address when they move from one hosting
facility to another; DNS servers make this transparent for the end user by automatically
translating domain names to IP addresses. With the exception of the "root" DNS servers,
which are used to resolve the IP addresses of all other DNS servers, all IP addresses are
subject to potential change.
Those who use the Internet at work, or who have a connection-sharing router at home, do
not truly have an Internet IP address for their individual computer. Instead, the
connection-sharing router holds the Internet IP address, carries out the requests made by
the various personal computers "behind" the router, and appears to the rest of the Internet
to be a single, very busy computer. The personal computers "behind" the router have IP
addresses on an intranet. Such IP addresses typically resemble 192.168.2.2 or 10.1.1.7,
because the prefixes 192.168. and 10. are universally reserved for such private networks
and are guaranteed never to be assigned to systems on the Internet.
This lack of a true Internet IP address for each personal computer can be a very good
thing, because it prevents incoming connections to individual PCs, providing some
protection from certain types of attacks. Unfortunately, there are many other ways for
computers to become infected by viruses, spyware and similar software. For more
information, see can my computer catch a virus from a web page? and why is my web
browser broken?
Such setups can also have a downside: if you wish to run a server on one of the
computers behind the connection-sharing router, you must explicitly configure your
router to forward connections on certain ports to that particular computer.
What is a dynamic IP address?
2006-11-26: A dynamic IP address is a TCP/IP protocol address which is assigned on the

spot when you "dial in" to your dialup, cable modem, DSL, or other Internet service
provider.
If your ISP provides dynamic IP address service, you can expect your IP address to
change each time you reconnect.
Contrary to popular belief, you do not need a static IP address in order to run a server on
your own computer. Dynamic DNS services provide a way to give your computer an
Internet hostname that does not change, such as example.is-a-geek.com. These services
automatically update the IP address that corresponds to your hostname every time your IP
address changes. For more information about dynamic DNS services, see my article how
do I get a hostname for my own computer?
See also what is TCP/IP, what is a protocol, what is a static IP address, what is an IP
address, should I host my own web server at home, how do I host my own web server at
home.
What is a URL?
2003-09-04: look up at the top of this web page. Above the page you will see the
"location bar" of your web browser, which should contain something very like this:
http://www.boutell.com/newfaq/definitions/url.html
This is the Uniform Resource Locator (URL) of the web page you are looking at right
now. A URL can be thought of as the "address" of a web page and is sometimes referred
to informally as a "web address."
URLs are used to write links linking one page to another; for an example, see the HTML
entry.
A URL is made up of several parts. The first part is the protocol, which tells the web
browser what sort of server it will be talking to in order to fetch the URL. In this
example, the protocol is http.
The remaining parts vary depending on the protocol, but the vast majority of URLs you
will encounter use the http protocol; exceptions include file URLs, which link to local
files on your own hard drive, ftp URLs, which work just like http URLs but link to
things on FTP servers rather than web servers, and mailto URLs, which can be used to
invite a user to write an email message to a particular email address.
The second part of the example URL above is the fully qualified domain name of the
website to connect to. In this case, the fully qualified domain name is www.boutell.com.
This name identifies the web site containing the page. The term "fully qualified domain
name" refers to a complete website or other computer's name on the Internet. The term
"domain name" usually refers only to the last part of the name, in this case boutell.com,
which has been registered for that particular company's exclusive use. For more
information about registering domain names, see the setting up websites entry.
The third part of the example URL is the path at which this particular web page is
located on the web server. In this case, the path is /newfaq/basic/url.html. Similar to a
filename, a path usually indicates where the web page is located within the web space of
the website; in this case it is located in the basic sub-folder of the newfaq folder, which is
located in the top-level web page directory of our website.
For more information, see a beginner's guide to URLs, as well as my article what is my
URL?
What is a domain name?
2004-06-01: The term "domain name" usually refers to a particular organization's

registered name on the Internet, such as example.com, boutell.com or udel.edu. There
may be many distinct computers within a single domain, or there may be only one. The
term "fully qualified domain name" refers to a complete website or other computer's
name on the Internet, such as www.boutell.com or ip2039.cleveland.myisp.com. The
holder of a domain name may delegate almost any number of names within that domain,
such as www1.example.com, www2.example.com, whimsical.example.com, and so on.
Registered domain names are themselves part of a "top-level domain." See the top-level
domains entry for more information about top-level domains such as .com, .edu, .mx, .fr
and so on.
For more information about registering domain names, see how do I register a domain
name, how do I register a .edu domain name, and how do I set up a website.
» What do I need to start a computer network?

At least two computers, or one computer and a broadband Internet connection. The most
common home network is 2 PCs that want to share one Internet connection. When you
add printers, more PCs, laptops, etc., then you will want to network all those so that you
can share and distribute information.
» How do I share an Internet connection between 2 or more computers?

The easiest way to connect two or more PCs is with an Ethernet switch. An Ethernet
switch is a device that allows multiple Ethernet enabled devices to communicate with
each over a network.
» How do I make sure my computer is safe on the Internet?

The best solution is to have a firewall. You can choose a software firewall, which is a
program that runs on your PC and monitors all your network traffic for possible breaches
of security. Another type of firewall is a hardware-based firewall, which we recommend
because this stops possible breaches of security before anything actually reaches your
PCs. A hardware firewall also doesn’t take up any resources on your PCs and can handle
multiple PCs rather than having a software firewall on every PC on the network.
» How do I upgrade my network to wireless?

Upgrading your network to use wireless (a.k.a. Wi-Fi) communications is simpler than it
may seem. The most basic of wireless network setups involve one wireless access point
and one wireless adapter for the PC or laptop. The wireless access point broadcasts the
wireless signal and the wireless adapter picks up the signal and sends data back to the
wireless access point thus simulating a wired data connection.
» How much does computer networking cost?

Prices vary between providers, but our rates are competitive and fair.
» How do I share a printer between 2 or more computers?

There are a couple ways to do this. First, you can have the printer directly connected to
PC #1, and for PC #2 to be able to print from it, both computers would need to be
connected to each other (usually via an Ethernet switch). Then PC #1 would need to
enable sharing of the printer so PC #2 would be able to use that printer. The other option
is to have the printer hooked up to a print server. The print server will then control the
access from all PCs on the network to that printer, thus eliminating the need to always
have PC #1 on in order for PC #2 to be able to print. This method also shifts the resources
usage away from the computers and onto the print server.
» How can I keep my kids safe with "parental controls"?

There are some broadband routers that can provide adequate parental controls. This
means you can tell your broadband router to not allow (for example) certain websites
with adult keywords in their domain name to be able to come through to PCs on the
network. There are also software programs that enable parents to set restrictions as to
what types of sites their children can view, or not view. Based on your needs we can
suggest a method that will work best for you.
Any method you choose should always be combined with the best parental control there
is- educating your children about the dangers you want to protect them from, and staying
in touch with their computer usage habits. Any child, no matter the age or their
precociousness, may be able to subvert your hardware or software parental controls, and
unless they know what to avoid and why, and that you are monitoring their computer
usage, your child is still at risk.
Difference between the communication and transmission.Transmission is a physical

movement of inform
Difference between the communication and transmission.Transmission is a physical
movement of information and concern issues like bit polarity, synchronisation, clock
etc.Communication means the meaning full exchange of information between two
communication media.
What is Protocol Data Unit?

The data unit in the LLC level is called the protocol data unit (PDU). The PDU contains
of four fields a destination service access point (DSAP), a source service access point
(SSAP), a control field and an information field. DSAP, SSAP are addresses used by the
LLC to identify the protocol stacks on the receiving and sending machines that are
generating and using the data. The control field specifies whether the PDU frame is a
information frame (I - frame) or a supervisory frame (S - frame) or a unnumbered frame
(U - frame).
Q.)What are FTP and SFTP?
2006-10-15: FTP (File Transfer Protocol) is an older protocol for moving files back and
forth over the Internet and other networks. All modern web browsers still speak FTP,
which was sometimes used as a substitute for HTTP in the early days of the web. FTP is
still used often as a means of downloading large files.
Many web hosts still offer FTP as the preferred way of uploading new web pages to a
website. However, because there is no encryption of your password, FTP is not the best
choice for this purpose. And since there is no encryption of the files being moved, FTP is
a poor choice indeed for more sensitive information.
SFTP (Secure FTP) is a popular replacement. Built on SSL, SFTP is just as secure as
HTTPS. And most modern FTP clients, such as the free, high-quality FileZilla program
for Windows, support both FTP and SFTP. SFTP offers a set of features quite similar to
FTP and will be immediately familiar to FTP users, although it works quite differently
"under the hood."
Every Windows, MacOS X and Linux system comes standard with a simple command
line FTP client program. And MacOS X and Linux also have command line SFTP clients
as standard equipment. In addition, MacOS X supports connections to FTP servers in a
user-friendly way, right out of the box (you can find a great tutorial on creativemac.com).
Q.)Binary Mode and ASCII Mode in FTP

"Classic," non-secure FTP can move files in two major ways: "binary mode" and "ASCII
mode." Binary mode just moves the file down the wire without modifying anything... and
this is, almost always, what we want today.
"ASCII mode" is sometimes used for plain-text (usually, .txt) files. ASCII mode, named
for the American Standard Code for Information Interchange which determines what byte
stands for each letter, number or other character in text, corrects for differences in the
way line endings are stored in text files. Windows traditionally uses a carriage return
(represented by an ASCII value of 13) followed by a line feed (represented by 10). Unix
typically expects just the line feed. And MacOS, at least prior to MacOS X, preferred a
carriage return only.
Today, though, most text-editing and viewing programs can view text files that follow
any of these three conventions (including Microsoft Word, and the free WordPad
program that comes with Windows, but excluding a few annoying holdovers like
Windows Notepad). So ASCII mode doesn't do us much good. These days ASCII mode
is mostly an annoyance, something people accidentally leave on in a very old fashioned
command-line FTP program, or accidentally turn on in a newer one. And when you're
moving a program, an image or anything else with an exact file format that must not be
modified, that means you get garbage instead of the file you wanted.
The norm today is for FTP to simply ship files unchanged in binary mode.
Once upon a time there was also something called "TENEX mode," to move files
between computers that didn't even use the same number of bits to represent a byte. Yes,
FTP has been around that long! But TENEX mode doesn't come up as an issue these
days, and we're all happier for it.
Q.)What is DORA process?`

DORA stands for discover , offer , request and acknowledgement
when we install a dhcp server into our network then dhcp server works on the basis of
dora process
first dhcp server sends a hello message in to the network to discover the clients pc and
when any client pc found in the network then , dhcp server offers the IP to client pc.
When client pc select any IP from dhcp server then client pc request for selected IP to
dhcp server then dhcp server provide that IP to client pc and both send ackonledgement
to each other.
This process is called DORA process on the basis of this process DHCP server works to
provide IP's dynamically to client pc's in network
Q.)What is HTTPS?
2006-09-11: HTTPS is HTTP over SSL. Now, let me explain that in English!
HTTP, the HyperText Transfer Protocol, is the language or "protocol" that all web
browsers speak when talking to web servers. And SSL, which stands for Secure Sockets
Layer, is a protocol that provides secure communication. When two programs talk to
each other using HTTP, but do it using SSL's secure communications instead of talking
"in the clear," they are speaking HTTPS.
When two programs communicate via HTTPS, they need a way to verify each other's
identity and agree on a method of encryption. They do this via SSL certificates. See what
is an SSL certificate? for more information.
HTTPS URLs can be recognized by the additional s after http. By default, HTTPS
communication happens on TCP/IP port number 443 instead of port 80.
Q.)How can you assign two ip addresses to a single network cards?
Ans:This is possible in Linux based system's. IP's can be splitted in two IP's !! And it can
be achieved from single NIC card !!
Answer
Sure you can .. if you are using Windows you can configure the TCP/IP Protocol in your
Network Properties and then you can add additional IP addresses
Answer
'''Windows XP''' * Control Panel -> Network Connections -> Local Area Connection ->
Properties -> Internet Protocol (TCP/IP) * Type in a static ip address * Then click
Advanced * Under the "Ip address" group box, click add to add more ip addresses.
You would need to do this in the case where you need to connect to more then one
different subnet where proper routing has not been set up.
Q.)How do you configure Proxy Server in Windows

To configure proxy server in windows first install the 2 lan cards
one for internet connection and another one for sharing internet connection to clients pc .
now first configure Internet connection and then give the IP to 2nd lan card for ex.
192.168.0.1 to
2nd lan card now
Now attach the cat 5 cable to the 2nd lan card to switch to give connectivity to ur network
and do this configuration on client computers
now right click on internet explorer then go to properties and then go to connections
and click there lan settings buttons and then in proxy server give the ip of 2nd lan card of
proxy server
Q.)What is router?
A router is a device that forwards data packets along networks. A router is connected to
at least two networks, commonly two LANs or WANs or a LAN and its ISP's network.
Routers are located at gateways, the places where two or more networks connect, and are
the critical device that keeps data flowing between networks and keeps the networks
connected to the Internet. When data is sent between locations on one network or from
one network to a second network the data is always seen and directed to the correct
location by the router. They accomplish his by using headers and forwarding tables to
determine the best path for forwarding the data packets, and they use protocols such as
ICMP to communicate with each other and configure the best route between any two
hosts. The Internet itself is a global network connecting millions of computers and
smaller networks — so you can see how crucial the role of a router is to our way of
communicating and computing.
What is router?
Router is a layer 3 device.Routers are used to connects networks together.Routers routes
packets of data from one network to another.Routers breaks up broadcast domain (it is
the set of all devices on a n/w segment that hears all broadcast sent on that
segment).breaking up a broadcast domain is important because when host or server sends
a n/w broadcast,every device on n/w must read and process that broadcast.but when
router interface receives this broadcast then router discards this broadcast without
forwarding it to another network.
Routers can filter network based on layer 3 information.
Domain Name System

DNS, the Domain Name Service, as you would know, is used to help us resolve Fully
Qualified Domain Names (FQDN) to IP addresses. There are different versions of DNS
systems running all over the Internet, mainly ranging between Windows (which use the
Windows DNS server) and Linux/Unix (using BIND DNS services).
Considering there are some very popular Web sites which serve millions of DNS queries
per day e.g., Google.com, Hotmail.com, it is logical that these domain names cannot
solely rely on one single DNS server, cause if that fails, the whole domain could become
unreachable!
It is, for this reason, a fault-tolerant DNS service is put in place, which shares the DNS
queries amongst several different DNS servers. All servers are configured to either
randomly provide clients with IP addresses from a specific pool, or -- by using a round
robin method -- cycle between the pool of IP addresses. This is what gives a DNS name
multiple IP addresses.
What is a Database Server?

With a database server, the client passes SQL requests as messages to the database server.
The results of each SQL command are returned over the network. The server uses its own
processing power to find the request data instead of passing all the records back to the
client and then getting it find its own data. The result is a much more efficient use of
distributed processing power. It is also known as SQL engine.
What is a File server?

File servers are useful for sharing files across a network. With a file server, the client
passes requests for file records over nerwork to file server.
File Server are those servers in which we can share files (in simple...)we can giv security
permissions to all those files in fileservers...
File server is a server that contain all data of a network which require to each user.
All drive shared of that server and map on client. computers.
Security & permission also created on that for userÂ secure administration.
What is Client/Server?
Clients and Servers are separate logical entities that work together over a network to
accomplish a task. Many systems with very different architectures that are connected
together are also called Client/Server.
Client/server describes the relationship between two computer programs in which one
program, the client, makes a service request from another program, the server, which
fulfills the request.
Server is computer that provide sservice.client is another computer that use service the
server which can give a service to requested system.
The Client is that which can take the service to a severs.
What is SSL?
2006-09-11: SSL (Secure Sockets Layer), also known as TLS (Transport Layer Security),
is a protocol that allows two programs to communicate with each other in a secure way.
Like TCP/IP, SSL allows programs to create "sockets," endpoints for communication,
and make connections between those sockets. But SSL, which is built on top of TCP,
adds the additional capability of encryption. The HTTPS protocol spoken by web
browsers when communicating with secure sites is simply the usual World Wide Web
HTTP protocol, "spoken" over SSL instead of directly over TCP.
In addition to providing privacy, SSL encryption also allows us to verify the identity of
the party we are talking to. This can be very important if we don't trust the Internet.
While it is unlikely in practice that the root DNS servers of the Internet will be subverted,
a "man in the middle" attack elsewhere on the network could substitute the address of one
Internet site for another. SSL prevents this scenario by providing a mathematically sound
way to verify the other program's identity. When you log on to your bank's website, you
want to be very, very sure you are talking to your bank!
How SSL Works

SSL provides both privacy and security using a technique called "public/private key
encryption" (often called "asymmetric encryption" or simply "public key encryption").
A "public key" is a string of letters and numbers that can be used to encrypt a message so
that only the owner of the public key can read it. This is possible because every public
key has a corresponding private key that is kept secret by the owner of the public key.
How exactly are the public and private key related? That depends on the algorithm
(mathematical method) used. SSL allows several algorithms, of which the most famous is
the RSA algorithm invented by Ron Rivest, Adi Shamir and Len Adleman of MIT in
1977.
Several algorithms, including RSA, depend on properties of very large prime numbers.
For instance, it is very difficult to difficult to factor a number that is a product of two
large primes, unless you already know one of the primes.
Public and private keys can also be used in the opposite way: a message encrypted with
the private key can only be decrypted (read) with the public key. This comes in handy at
the beginning of the conversation, as a way of verifying the other program's identity.
The SSL Handshake: Identity and Privacy

Let's suppose Jane wants to log into www.examplebank.com. When Jane's web browser
makes an HTTPS connection to www.examplebank.com, her browser sends the bank's
server a string of randomly generated data, which we'll call the "greeting."
The web server responds with two things: its own public key encoded in an SSL
certificate, which we'll examine more closely later, and the "greeting" encrypted with its
private key.
Jane's web browser then decrypts the greeting with the bank's public key. If the decrypted
greeting matches the original greeting sent by the browser, then Jane's browser can be
sure it is really talking to the owner of the private key - because only the holder of the
private key can encrypt a message in such a way that the corresponding public key will
decrypt it.
Now, let's suppose Bob is monitoring this traffic on the Internet. He has the bank's public
key, and Jane's greeting. But he doesn't have the bank's private key. So he can't encrypt
the greeting and send it back. That means Jane can't be fooled by Bob.
The Identity Problem

But what if Bob inserts himself into the picture even before Jane's browser connects to
the bank? What if Jane's browser is actually talking to Bob's server from the very
beginning? Then Bob can substitute his own public and private keys, encrypt the greeting
successfully, and convince Jane's browser that his computer is the bank's. Not good!
That's why the complete SSL handshake includes more than just the bank's public key.
The public key is part of an SSL certificate issued by a certificate authority that Jane's
browser already trusts.
How does this work? When web browser software is installed on a computer, it already
contains the public keys of several certificate authorities, such as GoDaddy, VeriSign and
Thawte. Companies that want their secure sites to be "trusted" by web browsers must
purchase an SSL certificate from one of these authorities.
But what is the certificate, exactly? The SSL certificate consists essentially of the bank's
public key and a statement identifying the bank, encrypted with the certificate authority's
private key.
When the bank's web server sends its certificate to Jane's browser, Jane's browser
decrypts it with the public key of the certificate authority. If the certificate is fake, the
decryption results in garbage. If the certificate is valid, out pops the bank's public key,
along with the identifying statement. And if that statement doesn't include, among other
information, the same hostname that Jane connected to, Jane receives an appropriate
warning message and decides not to continue the connection.
Now, let's return to Bob. Can he substitute himself convincingly for the bank? No, he
can't, because he doesn't have the certificate authority's private key. That means he can't
sign a certificate claiming that he is the bank.
Now that Jane's browser is thoroughly convinced that the bank is what it appears to be,
the conversation can continue.
After the Handshake: Symmetric Key Encryption

Jane's browser and the bank could continue to communicate with public key encryption.
But public key encryption is very processor-intensive - it makes both computers work
hard. And that slows down both systems. Jane's browser might not matter, since Jane's
computer is probably only talking to one site at a time. But the bank's server is
communicating with hundreds of customers and can't afford to do the math!
Fortunately, now that Jane's browser trusts the bank's server, there's an easier way. Jane's
browser simply tells the bank's server that the rest of the conversation should be carried
out using a "symmetrical" cipher - a method of encryption that is simpler than
public/private key, or "asymmetrical," encryption. "Symmetric" ciphers use a single key
that is shared by both sides. Jane's browser picks a cipher (an "algorithm," or
mathematical method, of encryption, such as the AES Advanced Encryption Standard)
and randomly generates the key to be used. Finally, Jane's browser tells the bank's server
what the cipher and key will be, encrypting this information with the bank's public key,
and the conversation continues using symmetric encryption.
But what if Bob is still listening? Bob might receive the symmetric key from Jane, but
that information is itself encrypted with the bank's public key... and can only be
decrypted with the bank's private key. Which Bob doesn't have. So
Jane and the bank now share a symmetric key, also known as a "master secret," that no
one else can know. And this allows them to continue communicating secretly.
Additional Reading
Here I've discussed what a typical SSL conversation looks like and addressed the
essential features of public key cryptography. I've tried to cover the important features
while keeping things understandable. But for simplicity's sake, I've glossed over quite a
bit.
If you're interested in understanding the mathematical details and the many encryption
algorithms that can be employed, you can find a more technical discussion on Wikipedia.
provided by server.It means there are relationship between two system
What is TLS?
2006-09-11: TLS, or Transport Layer Security, is another name for the SSL encryption
protocol, version 3 or later. See what is SSL?
What is HTTP?
2003-09-23: In order to fetch a web page for you, your web browser must "talk" to a web
server somewhere else. When web browsers talk to web servers, they speak a language
known as HTTP, which stands for HyperText Transfer Protocol. This language is actually
very simple and understandable and is not difficult for the human eye to follow.
A Simple HTTP Example

The browser says:
GET / HTTP/1.0
Host: www.boutell.com
And the server replies:

HTTP/1.0 200 OK
Content-Type: text/html
<head>
<title>Welcome to Boutell.Com, Inc.!</title>
</head>
<body>
The rest of Boutell.Com's home page appears here
</body>
The first line of the browser's request, GET / HTTP/1.0, indicates that the browser wants
to see the home page of the site, and that the browser is using version 1.0 of the HTTP
protocol. The second line, Host: www.boutell.com, indicates the website that the browser
is asking for. This is required because many websites may share the same IP address on
the Internet and be hosted by a single computer. The Host: line was added a few years
after the original release of HTTP 1.0 in order to accommodate this.
The first line of the server's reply, HTTP/1.0 200 OK, indicates that the server is also
speaking version 1.0 of the HTTP protocol, and that the request was successful. If the
page the browser asked for did not exist, the response would read HTTP/1.0 404 Not
Found. The second line of the server's reply, Content-Type: text/html, tells the browser
that the object it is about to receive is a web page. This is how the browser knows what to
do with the response from the server. If this line were Content-Type: image/png, the
browser would know to expect a PNG image file rather than a web page, and would
display it accordingly.
A modern web browser would say a bit more using the HTTP 1.1 protocol, and a modern
web server would respond with a bit more information, but the differences are not
dramatic and the above transaction is still perfectly valid; if a browser made a request
exactly like the one above today, it would still be accepted by any web server, and the
response above would still be accepted by any browser. This simplicity is typical of most
of the protocols that grew up around the Internet.
Human Beings Can Speak HTTP

In fact, you can try being a web browser yourself, if you are a patient typist. If you are
using Windows, click the Start menu, select "Run," and type "telnet
www.mywebsitename.com 80" in the dialog that appears. Then click OK. Users of other
operating systems can do the same thing; just start your own telnet program and connect
to your website as the host and 80 as the port number. When the connection is made,
type:
GET / HTTP/1.0
Host: www.mywebsitename.com
Make sure you press ENTER twice after the Host: line to end your HTTP headers.
Your telnet program probably will not show you what you are typing, but after you press
ENTER the second time, you should receive your website's home page in HTML after a
short pause. Congratulations, you have carried out your very own simple HTTP
transaction.
HTTP 1.1 Differences

Originally, web browsers made a separate HTTP request like this for each and every
page, and for each and every image or other component of the page. While this is still
often the case, most web servers and browsers now support HTTP 1.1 and can negotiate
to keep the connection open and transfer all of the page components without hanging up
and opening new connections. For the complete HTTP 1.1 specification, see the W3C
Consortium's HTTP-related pages.
HTTP itself is "layered" on top of another protocol, TCP. For more information, see the
article what is TCP/IP?
What is a firewall?
2003-06-30: a firewall sits between your computer and the rest of the Internet, filtering
out unwanted traffic and foiling attempts to interfere with or take over your computer.
Firewalls can be separate devices, which is very common today, or simply pieces of
software for your own computer, which is also fairly common. Separate firewall devices
are often preferable because their very simplicity makes them less likely to have
unknown security problems; however, it is still important to keep up with "firmware
updates" released by the manufacturer, otherwise your firewall may be vulnerable to
attack. "Cable/DSL routers" and similar devices sold by companies like Linksys provide
simple firewall capabilities which are adequate for most home users.
What are browser plug-ins?
2004-03-25: Web browser plug-ins (sometimes just spelled plugins) are additional pieces
of software that add extra capabilities to your web browser, such as the ability to view
movies, run Java applets, or see Flash animations. Unfortunately, since plug-ins run with
all the privileges of real applications, they can do absolutely anything to your computer.
That means you should never, ever agree to install a plug-in unless you have very
good reason to trust the source. Keep in mind that the Flash plug-in comes with your
computer, and most systems also come with a Java plug-in. Other mainstream plug-ins
include RealPlayer. You will almost never have a good reason to install a plug-in that
isn't one of these, so say "no" when your browser asks you to install one, unless you have
an excellent reason to do otherwise. See what is ActiveX? for more information on this
subject.
What are spyware and adware?
2004-08-17: Programs that cause your computer to display ads even when you are not
using the program in question for its intended purpose, as well as those that report
information about your web browsing activities to an advertising firm, are commonly
known as "spyware." Typical examples are programs like "WeatherBug" and
"MemoryMeter." These claim to serve a useful purpose and, in some cases, actually
provide some service, but their main goal is to present annoying and unwanted
advertising throughout your web browsing experience. They are very difficult to remove
manually. Fortunately, there are excellent free tools available to do the job correctly. For
more information, see why is my web browser broken?
Adware programs, strictly speaking, are well-behaved applications that happen to display
some advertising in that program, while you are using that program. Usually this is
offered as an alternative to paying for the software. This is a perfectly legitimate practice,
but with the exception of a few well-known programs like the Opera web browser, true
adware has become quite rare, crowded out by aggressive spyware.
What is ActiveX?
2004-08-17: ActiveX is Microsoft's technology for signing plug-ins that add additional
software to your computer when a web page is accessed. If all goes well, you will be
asked whether you want to trust a plug-in from that particular company and you will have
the option of saying no. In principle, this is a useful way to allow the installation of
worthwhile add-ons, such as Adobe Acrobat Reader, Macromedia Flash Player and
RealPlayer. However, if you do not run Windows Update regularly, all will not go well --
there have been security flaws in Internet Explorer in the past that have resulted in
software being able to install itself without permission.
If you do not have a specific, clear reason to want and trust the software you are
being asked to install -- that is, if it is not the Macromedia Flash Player or the Adobe
Acrobat PDF Reader or something similarly crucial that you really need -- SAY NO!
Many nasty pieces of awful spyware are properly signed and will ask permission to
install, knowing that some people will naively give it. You do NOT, for instance, want to
say yes to installing things like "WeatherBug" or "MemoryMeter," among many others.
For more information about removing such programs you may have installed by mistake,
see why is my web browser broken?
What is DNS?
2003-09-04: every time you follow a link or type in the name of a website, such as
www.boutell.com, that name must be translated into an IP address on the Internet. This
translation is done by the domain name system. A DNS server is a program that
participates in the task of providing this service. Some DNS servers respond to queries
from web browsers and other programs, make further inquiries, and return IP addresses,
such as 208.27.35.236, which is the current IP address of www.boutell.com. Other DNS
servers have primary responsibility for answering DNS inquiries about names within a
particular domain, such as the boutell.com domain. Every time a new domain is
registered, a DNS server must be configured to give out address information for that
domain, so that users can actually find websites in that domain. In most cases, web
hosting companies provide this service for the domains that they host; it is rare for
webmasters to run their own DNS servers. For more information, see setting up websites.
How DNS Usually Works

Let's say you want to visit www.google.com. Your computer hasn't already looked up
www.google.com since it was turned on. Or it has kept that information for long enough
that it considers it appropriate to check again. So your computer asks the DNS server of
your ISP (Internet Service Provider - the people who sell you an Internet connection,
companies such as Comcast and Earthlink).
The DNS server of your ISP first talks to one of thirteen "root" DNS servers. The root
DNS servers answer questions at the highest level possible: the top-level domain. For
instance, "who is in charge of DNS for the com domain?"
In practice, your ISP's DNS server caches (remembers) this information for a significant
period of time, and does not contantly harrass the root servers just in case responsibility
for com has changed in the last five seconds. Similarly, your ISP's DNS server
remembers other informaton for appropriate lengths of time as well to avoid extra
queries. But let's assume, just for fun, that no one has ever asked your ISP for the IP
address of www.google.com before!
Now your ISP's DNS server knows which DNS servers are responsible for the com top-
level domain. So your ISP's DNS server reaches out and contacts one of those servers and
asks the next question: who is responsible for DNS in the google.com domain?
The response will list two or more DNS servers that have authority over the google.com
domain.
Finally, your ISP's DNS server contacts one of those DNS servers and asks for the
address of www.google.com, and hands the response back to your computer.
As mentioned above, in real life your ISP's DNS server will remember all of this
information. That means that a typical user will get an immediate response when asking
for the address of a frequently-visited site like Google.
But how long is it safe to remember that information? After all, the IP addresses of
servers do change, though usually not often. Fortunately, your ISP's DNS server doesn't
have to guess! The DNS records that come back from the "upstream" DNS servers
include an "expire" field that indicates how long the information can be kept before the
authoritative server should be asked again.
What is an IP address?
2004-12-22: an IP address (Internet Protocol address) is a unique identifier that

distinguishes one device from any other on a TCP/IP-based computer network, such as
the Internet. The IP address provides enough information to route data to that specific
computer from any other computer on the network. In the case of the Internet, this
enables you to communicate with web servers, instant messaging servers and other
computers all over the world.
IP addresses are usually not entered directly by end users. Instead, DNS servers are used
to map permanent and user-friendly names like boutell.com to unfriendly and
impermanent IP addresses, such as 64.246.52.10.
An IP address is made up of four numbers, each between 0 and 255. For instance, as of
this writing, the IP address of boutell.com is:
64.246.52.10
The most general information is conveyed by the first number, and the specific
identification of a single computer within a single network is usually made by the last
number. In general, delegation of responsibility for various portions of the IP address
space is carried out by the Asia Pacific Network Information Centre (APNIC), the
American Registry for Internet Numbers (ARIN), the Latin-American And Caribbean
Internet Addresses Registry (LACNIC), and the RIPE Network Coordination Centre
(RIPE NCC).
The above description applies to IPv4, the most commonly used version of the IP
protocol that underlies the Internet and similar networks. A newer system, IPV6,
addresses the fact that the number of IPv4 addresses is limited to approximately four
billion (256 to the fourth power), with the practical maximum considerably lower than
that due to the ways in which addresses are assigned. When much of the Earth's
population begins to use the Internet from a variety of devices, this limitation becomes a
serious problem. IPv6 addresses have a vastly greater range, inexhaustible for all
practical purposes.
You will not always have the same IP address, unless you have specifically arranged for a
fixed IP address, typically from a cable modem, DSL or other high-speed provider.
Therefore, your IP address usually does not uniquely identify you as an individual. When
you dial into your Internet service provider with your modem, an IP address is
temporarily assigned to your computer for the duration of the call. Even web servers such
as boutell.com will typically change their IP address when they move from one hosting
facility to another; DNS servers make this transparent for the end user by automatically
translating domain names to IP addresses. With the exception of the "root" DNS servers,
which are used to resolve the IP addresses of all other DNS servers, all IP addresses are
subject to potential change.
Those who use the Internet at work, or who have a connection-sharing router at home, do
not truly have an Internet IP address for their individual computer. Instead, the
connection-sharing router holds the Internet IP address, carries out the requests made by
the various personal computers "behind" the router, and appears to the rest of the Internet
to be a single, very busy computer. The personal computers "behind" the router have IP
addresses on an intranet. Such IP addresses typically resemble 192.168.2.2 or 10.1.1.7,
because the prefixes 192.168. and 10. are universally reserved for such private networks
and are guaranteed never to be assigned to systems on the Internet.
This lack of a true Internet IP address for each personal computer can be a very good
thing, because it prevents incoming connections to individual PCs, providing some
protection from certain types of attacks. Unfortunately, there are many other ways for
computers to become infected by viruses, spyware and similar software. For more
information, see can my computer catch a virus from a web page? and why is my web
browser broken?
Such setups can also have a downside: if you wish to run a server on one of the
computers behind the connection-sharing router, you must explicitly configure your
router to forward connections on certain ports to that particular computer.
What is a dynamic IP address?
2006-11-26: A dynamic IP address is a TCP/IP protocol address which is assigned on the

spot when you "dial in" to your dialup, cable modem, DSL, or other Internet service
provider.
If your ISP provides dynamic IP address service, you can expect your IP address to
change each time you reconnect.
home.
What is a static IP address?
2006-11-26: A static IP address is a TCP/IP protocol address that does not change.
If your ISP provides static IP address service, you can expect your IP address to stay the
same even if you disconnect from the Internet and reconnect to it later.
Static IP addresses are required only for those who intend to run their own DNS servers.
In this case, at least two static IP addresses are required. You will still probably want to
pay for another company with a more reliable connection to run your DNS, as this is very
inexpensive. See the article how do I host a real domain name at home? for more
information.
home.
What is a secure site?
2006-09-11: a site that uses the HTTPS protocol to ensure that your information cannot
be stolen by a third party between the sender and the receiver. For a detailed discussion
of how HTTPS works, see what is HTTPS? and what is an SSL certificate? See also is it
safe to shop online?
What is "caching?"
2004-04-29: Caching refers to the strategy of keeping a copy of a page or image you have
already seen; web browsers typically cache files that they display for you, and simply ask
the server if the page has actually changed rather than always downloading the entire
thing. This speeds up your next visit to the page.
Since caching everything forever would take up too much space, web browsers typically
delete the least recently used file in the cache when a certain total cache size is reached.
Caching also occurs in other places. You may be using a proxy server, in which case the
proxy server is probably caching pages on behalf of you and other users to save trips to
the real Internet.
Users typically become aware of caching when things don't work as expected. For
instance, you might make a change to your own web page, open up your web page in
your web browser, and not see the change until you click the "reload" button, telling your
browser to discard the cached copy of that page.
Of course, some things, such as credit card transactions, should not be cached.
Fortunately, the HTTP protocol that web browsers and servers use to communicate
includes ways for the web server to specify how long a page may be safely cached, if at
all. But sometimes browsers do not perfectly obey such directives. The problem that is
made worse by the tendency of websites built in PHP, ASP or other dynamic web
programming languages to tell the web browser not to cache anything. This problem is
not inherent to those languages, but it is a common result of poorly-thought-out site
design.
Caching can potentially be a privacy issue for those who share their computers; cached
copies of pages on your hard drive can reveal information about your browsing habits.
What is a proxy server?
2004-04-29: proxy servers are specialized web servers that allow web browsers to receive
web pages from web servers without communicating with them directly. Proxy servers
are often used to provide more secure web access in organizations; the proxy server is
allowed to connect to the Internet, but the individual web browsers are only allowed to
"talk" to the proxy server. When there are many users sharing a single proxy server, the
proxy server can also speed up web browsing by caching popular pages.
The HTTP protocol used by web browsers and web servers contains provisions for proxy
servers. In addition, most major Internet Service Providers (ISPs) now run "transparent"
proxy servers without your browser being directly aware of it. This is done by
intercepting Internet packets that are recognized to be part of the HTTP protocol and
silently redirecting them to the proxy server rather than sending them directly to the
intended web server. When an ISP such as America Online has many customers, this can
result in a significant speed increase, because pages can be cached "closer" to the users. It
also provides an opportunity to work around slow modem speeds; the proxy server can
convert large image files to a more compact format, at a considerable cost in quality, and
send those lower-quality images on much more quickly to web browsers that request the
original images.
What are the top-level domains?
2004-05-15: "top-level domains" (TLDs) are the last part of every domain name. In other
words, the top-level domains are .com, .org, .edu, .uk, .net, and so on.
There are two types of top-level domains: two-letter country domains, such as .uk
(United Kingdom), and three-letter domains, such as .com, .org, and .net. National
domain names follow the ISO 3166 standard two-letter codes for each country. The
International Standards Organization adds new two-letter codes to the ISO 3166 list when
the United Nations publishes an updated bulletin of country and region codes. You can
learn more about this on the website of the International Standards Organization.
Once a two-letter code has been assigned, the Internet Assigned Numbers Authority then
identifies the responsible authority within that country that should be permitted to register
subdomains within that country's domain. Some national domains, such as .tv (Tuvalu, a
small island in the Pacific), have become available for commercial registration.
"Generic" domains, such as .com, .org, .edu and .net, are created and overseen by the
ICANN (Internet Corporation for Assigned Names and Numbers). The original generic
domains were .com, .edu, .gov, .int, .mil, .net, and .org. Additional top-level domains
added in recent years are .biz, .info, .name, .pro, .aero, .coop, and .museum.
Any entity can register a domain in .com, .net, .biz, .info, and .org, although .org is
typically used by nonprofit organizations and .net is typically used by Internet Service
Providers. .com is what most people assume when they can't remember the name of your
site, so it is the preferred choice for businesses of all kinds. The .edu domain is reserved
for accredited four-year academic institutions, and registration is handled solely by
educause. .aero is reserved for the international aviation community, .coop is reserved for
cooperative businesses, .museum is reserved for mseums, .name is reserved for
individuals, and .pro is reserved for "licensed professionals," such as lawyers, doctors and
accountants.
For more information about each of the generic domains and an extensive list of
registrars available, see the ICANN accredited registrars page.
What is a search engine?
2004-08-02: since no one is in charge of the Web as a whole, there is a business

opportunity for anyone to create an index of its contents and an interface for searching
that index. Such interfaces are known as search engines. Typically the user will type in a
few words that relate to what he or she is looking for and click a search button, at which
point the search engine will present a links to web pages which are, hopefully, relevant to
that search.
While some early indexes of the web were created by hand, modern search engines rely
on automated exploring, or "spidering," of the web by specialized programs that behave
somewhat like web browsers but do not require a human operator.
As of this writing, Google remains the most popular search engine by a large margin.
MSN Search is also a significant player.
What is World Wide Web accessibility?
2004-08-26: a site that is easily used by individuals with disabilities, especially blindness
and vision impairment, is known as an "accessible" site. There are at least three good
reasons to design your pages to accommodate such users:
• Because it's the right thing to do.

• Because you will reach more customers.
• Because search engines experience the web much as blind users do: through text.
If it's not there in easily accessible text, it's not helping anyone search for your
site.
• Because users of new web browsing devices, such as wireless handhelds and cell
phones, experience the web the way blind users do. (They may be able to see
some images, but only with difficulty and frustration.)
For tips on how to achieve accessibility, see how do I make my website more accessible?
What is a blog?
2004-09-14: a web page that presents short journal entries in chronological order, newest
first, is typically referred to as a "blog" or "weblog." Most blogs emphasize links to other
pages and sites, and most entries are short commentaries or even simple one-sentence
links to an interesting page somewhere else. Many blogs are concerned with current news
events and often provide unabashedly partisan commentary. "Blogging," of course, is the
act of writing a blog; those who write blogs are sometimes referred to as "bloggers."
The term "weblog" was apparently coined by John Barger in 1999. The term was
contracted to "blog" later that same year by Peter Merholz.
For more information about blogging, see "how do I create a blog?"
What is XML?
2004-09-14: XML, the Extensible Markup Language, is a general-purpose markup

language for all applications that manipulate text. XML is derived from an older standard
known as SGML. XHTML (which supersedes HTML) is one example of a specific
markup language which is complies with the rules of XML. RSS is another such
example. While XHTML is the best-known example, XML can be used to represent
almost any kind of information. The existence of a standard markup language makes it
possible for anyone to write software that can successfully extract specific information
from any valid XML document. See the W3C Consortium website for further information
and the complete XML specification.
What is RSS?
2004-09-14: RSS is an HTML-like, XML-compliant format for blogs. RSS is usually said
to stand for "Really Simple Syndication." RSS was originally invented by Netscape
Communications Corporation as a format for "channels," a feature of the Netscape 3.0
web browser. While channels did not take the world by storm, the format became the
basis for a good idea: by publishing an RSS "feed" and giving the world permission to
reproduce it, anyone can contribute to a virtual "newswire" service. RSS aggregators can
then bring the latest stories from many blogs together in chronological order.
While blogging appears to take control of formatting and presentation away from the
author, the reality is that blog entries (or "items") are typically short summaries or
"teasers" associated with a link to the author's website or another site relevant to the story
in question. In this way, RSS feeds help to bring new readers to many websites.
Despite the fundamental simplicity of the idea, the RSS "industry" is crowded with
competing standards and conflicting histories. Important RSS "standards" in use today
include:
1. RSS 0.91. The original Netscape channels specification. Generated by blosxom and
other tools. Very simple and direct. Entries can contain HTML elements for formatting
and additional links.
1. RSS 1.0. Standardized by the RSS-DEV working group. A very complete standard,
including namespaces, extension mechanisms, and various things perhaps lacking in RSS
0.91. Despite the name, this is NOT related to RSS 2.0, and indeed it is not a superset of
RSS 0.91.
1. RSS 2.0. Published by the Berkman Center at Harvard Law. A much simpler standard
completely unrelated to RSS 1.0, RSS 2.0 attempts to maintain the spirit of RSS 0.91
while filling in gaps.
Perhaps at some future date a single RSS standard will emerge as the preferred format. In
the meantime, however, the major syndication services accept well-formed and not-so-
well-formed blogs in all of the above formats, and more. You may choose any of the
above, with good results. I presently use both RSS 0.91, for Innards, and RSS 1.0, for the
RSS feed of the WWW FAQ.
For a particularly thorough effort to make sense of the history of RSS, see Ronan Waide's
RSS presentation notes.
What is Gopher?
2004-10-12: Gopher is an older distributed information retrieval system, similar to but

much simpler than the World Wide Web as we know it. Gopher did not offer a way to
create free-form hypertext documents similar to HTML, and its growth was also stunted
by attempts to limit the technology to paying customers only. Gopher did offer a very
structured and useful approach to retrieving information and searching across many
Gopher sites.
Technically, the World Wide Web includes Gopher. Part of Tim Berners-Lee and Robert
Cailliau's vision for the Web was to incorporate existing technologies for sharing
information via the Internet by allowing links to Gopher sites, via gopher:// URLs.
Web browsers supported the Gopher protocol for several years. However, support for
Gopher in Microsoft Internet Explorer ended in 2002 and support in other browsers is
moribund. Very few Gopher servers survive today. For more information, see the
Wikipedia entry on Gopher.
What are MIME types?
2004-10-19: similar to file extensions but more universally accepted, "MIME types" are
used to identify the type of information that a file contains. While the file extension .html
is informally understood to mean that the file is an HTML page, there is no requirement
that it mean this, and many HTML pages have different file extensions.
In the HTTP protocol used by web browsers to talk to web servers, the "file extension" of
the URL is not used to determine the type of information that the server will return.
Indeed, there may be no file extension at all at the end of the URL.
Instead, the web server specifies the correct MIME type using a Content-type: header
when it responds to the web browser's HTTP request.
Here are some examples of common mime types seen on the web:
Common File
Type Purpose
Extension
text/html .html Web Page
image/png .png PNG-format image
image/jpeg .jpeg JPEG-format image
audio/mpeg .mp3 MPEG Audio File
application/octet- Best for downloads that should just be
.exe
stream saved to disk
The Internet Assigned Numbers Authority website offers a complete listing of the official
IANA-registered MIME types.
MIME stands for "Multimedia Internet Mail Extensions." MIME was originally invented
to solve a similar problem for email attachments.
What is phishing?
2004-12-09: "phishing" is the act of sending out email messages that are more or less
exact copies of legitimate HTML emails that well-known companies such as Amazon
send out. Exactly the same in every way... except that the actual site to be reached by
clicking on the link in the email is the site of the criminals doing the "phishing." That site
then makes every effort to look an awful lot like Amazon, and the uninformed fish will
bite, typing in their Amazon username and password, credit card number or other
requested information when asked to do so.
The best way to avoid phishing: don't click on links in email messages! Go to the site in
question yourself, by using one of your favorites or bookmarks or by typing in the site
name in the location bar at the top of your browser window. Also be sure to heed any
warnings about specific phishing scams in progress that may be mentioned on the home
pages of your bank, Amazon, eBay, and other frequent phishing targets.
What is the difference between a web browser and a web server?
2006-06-01: A web browser is what you're probably looking at right now: a program on
your computer that shows you stuff that's on the web. A web server is a program on a
server computer, somewhere out on the Internet, that delivers web pages to web
browsers.
The term web server also refers to an actual, physical computer that is running web server
software.
What are HTTP "cookies?"
2006-07-26: A "cookie" is a small piece of information that a website stores on your

computer. When you visit a website, that website can try to store a small amount of
information on your computer. If your computer accepts the cookie, then your web
browser will keep sending the cookie back to the website every time you access it.
Cookies are used for two main purposes: session management and long-term user
identification.
Cookies and Session Management

Some websites require users to log in to access certain features. The website behaves
differently depending on who is logged in. Everything that happens between logging in to
the website and logging out is called a "session." Two good examples you might be
familiar with MySpace and LiveJournal. Once you log in, the website has to keep track of
who you are at all times, so that it can show you your personal pages, not someone else's.
Websites can do this in three ways:
1. The website can keep track of who you are by placing a special identifier in every
single URL on the site. But that makes the programming of the site painful and creates
URLs that only work for one user. It's also tricky to make those URLs work again later if
the user bookmarks them.
2. The website can use HTTP authentication, an "old-fashioned" way of forcing users to
log in to a website. But while HTTP authentication works, the browser doesn't give the
designer any control over the appearance of the logon prompt, and there's no way to
create a "log out" button. Also, it's not very secure - your password goes out again with
every single request sent to the web server. So most designers don't use HTTP
authentication, except for simple internal sits.
3. The website can simply set a cookie when you first log in. After that, every request
from your web browser contains the cookie, and the website can just look at the cookie to
confirm that you are who you say you are. No ugly links or broken bookmarks required.
And since the cookie can be generated at random and deleted from the server after, let's
say, 24 hours, it's much more secure than the second method.
Cookies like these usually last only for your current "session" of using your computer.
Most websites also offer a "Log Out" button that will delete the cookie right away.
"Session cookies" like these are both harmless and useful, and it's generally a good idea
for your web browser to accept them. Security and privacy are real concerns, but refusing
to accept any cookies is too drastic. Many useful websites won't work without session
cookies.
Cookies and Long-Term User Identification

The other type of cookie is a user identification cookie. This is a bit like a session cookie,
except that it is not deleted at the end of your computer session. Many websites set such
permanent cookies as a convenience to save you the trouble of logging in again every
time you visit the site.
This isn't a terrible idea - as long as your computer is private. You don't want that on a
public computer! That's why most sites make it an optional checkbox on the login page.
Other websites set permanent cookies as a way to keep track of your identity, even
though they don't require users to log on. That means that even though the people running
the site might not know your real name, they do know your habits.
When sites that don't require you to log on share cookie data with sites that do, they can
build a complete picture of what you do on the Internet. And that's not good for your
personal privacy.
That's why you may prefer to set your browser to store session cookies only, and reject
cookies if the website insists on storing them for longer periods of time. For more
information, see How do I configure my web browser to accept or reject cookies?
What is a protocol?
2006-08-07: On the Internet, the word "protocol" refers to a set of rules for
communicating. Two programs or computers that follow the same rules are able to
exchange information, even if they don't run the same operating system and are not made
by the same company.
Sometimes protocols are "layered" on top of other protocols, taking advantage of what's
already there and adding additional capabilities.
Examples of Internet protocols include the HTTP protocol spoken by web browsers and
web servers, the FTP protocol for transferring files, and the TCP/IP protocols on which
both of these are based.
What does IP stand for?
2007-01-02: "IP" stands for Internet Protocol. This is why we refer to a computer's
numeric address on the Internet as an "IP address."
For a more complete explanation, see my articles what is TCP/IP? and what is an IP
address?
"IP" also stands for "Intellectual Property." A book, a web page, an image, a movie, an
idea - anything that might conceivably be covered by copyright or patent law.
What is TCP/IP?
2006-08-07: TCP/IP (Transmission Control Protocol / Internet Protocol) is the protocol -

the set of rules for communicating - that underlies all communications on the Internet.
The HTTP protocol spoken by web browsers and web servers is layered on top of
TCP/IP.
There are several sub-protocols within TCP/IP:
1. Internet Protocol (IP), which covers fundamentals like IP addresses and routing of
packets of data from one place to another, but doesn't address issues like reliability and
delivery in the correct order.
2. Transmission Control Protocol (TCP), which adds the idea of a reliable connection that
always delivers a stream of data in the correct order. Telephone modems, Ethernet
networks and other physical connections used on the Internet might not be 100% reliable,
and some types of connections don't guarantee that the second packet won't arrive before
the first one. TCP provides rules for checking the order of the data and for resending
anything that is not received. This is the protocol that HTTP, FTP most other Internet
protocols you are familiar with are built on top of.
3. User Datagram Protocol (UDP) is a simple wrapper around the basic features of
Internet Protocl (IP). UDP is useful when you don't care about reliability or in-order
delivery, and you can't afford the extra time that TCP takes to ensure them. When you
browse the World Wide Web, you are using the DNS protocol to look up the names of
websites. DNS is layered on top of UDP. Online gaming is another popular application of
UDP.
What is an SSL certificate?
2006-09-11: An SSL certificate is a means by which web servers prove their identity to
web browsers, allowing a secure site to communicate privately with the web browser via
the HTTPS protocol.
An SSL certificate is digitally "signed" by a certificate authority, such as GoDaddy or

Thawte, that web browsers already trust. This allows the web browser to verify the
identity of a secure site before sending private personal information, such as bank
account or credit card numbers. Webmasters can purchase certificates from the certificate
authorities, which verify the webmaster's identity to varying degrees.
What does 404 Not Found mean?
2006-11-06: 404 Not Found is the HTTP status code produced by a web server when the
page or file you are trying to access does not exist. If you try to access, for instance,
http://www.example.com/xyzabc, you will get a 404 Not Found error, unless the
webmaster has deliberately set up the web server to redirect you to another page instead.
For a complete list of standard HTTP status codes, see the W3 Consortium's website.
What does 401 Unauthorized mean?
2007-05-16: 401 Unauthorized (sometimes mislabeled as 401 Forbidden) is the HTTP

status code produced by a web server when you don't have the right credentials to access
the page or file you have asked for. The web server sends your browser the 401
Unauthorized response when you access a password-protected page without presenting a
password. Normally the web browser automatically recognizes this situation and displays
a password prompt at this point. However, if you don't know the correct username and
password and click "Cancel" rather than trying again, the browser may show you the 401
Unauthorized error message directly. .
What does 403 Forbidden mean?
2007-05-16: 403 Forbidden is the HTTP status code produced by a web server when you
are not permitted to access a particular URL. Usually a 403 Forbidden error means that
the page in question does exist but cannot be accessed by you.
Some websites are locked down so that only those on the local company or school
network can access parts of the site. You will often see 403 Forbidden errors when
browsing such sites from "off-campus."
Sometimes webmasters try to set up dynamic web programming features like PHP or
Perl/CGI but fail to do so correctly. This can also result in 403 Forbidden errors until the
web server is correctly configured.
403 Forbidden can appear in other situations at the discretion of the webmaster, so you
may see it in scenarios other than these.
What is a UseNet newsgroup?
2007-03-12: UseNet (User's Network) is a collection of online forums, known as

"newsgroups," that are automatically shared among many thousands of servers all around
the Internet. These servers speak a protocol called NNTP (Network News Transfer
Protocol) which allows messages to be shared with every server. Users post via their
local NNTP server (provided by their ISP, if their ISP participates in UseNet), and that
server talks to other NNTP servers which propagate the message outward to the world.
UseNet newsgroups are older than the World Wide Web. At one point they were the
preferred means of online communication with the general public (as opposed to private
email).
Today website forums have largely replaced UseNet, and most newcomers have never
used UseNet. This is due in part to spam problems and an unenforceable moderation
system which have made UseNet more or less unmanageable as the Internet-using public
grows.
Also, in the early days of UseNet, the idea of thousands or millions of users contacting a
single server to fetch messages was impractical. Internet links were slow - or nonexistent.
Some sites on UseNet were not connected 24/7 to the Internet. And servers weren't able
to handle connections from thousands of people at once. But today's most powerful web
servers can handle thousands of forum visitors simultaneously, though this is still a
challenge for the most popular social networking services. So the need to distribute
messages to multiple servers has been greatly reduced.
However, UseNet newsgroups are still somewhat common today as a means of

communication for smaller groups. For example: the Netscape newsgroups used to
discuss the development of the Firefox web browser and related software.
What is a CAPTCHA?
2007-05-08: CAPTCHA stands for Completely Automated Public Turing test to tell
Computers and Humans Apart. CAPTCHA systems are used to prevent the automated
misuse of popular websites. The goal is to ensure that the website is talking to a real
human being, and not to an automated program.
Why Do We Need CAPTCHAs?

Websites like Hotmail (or GMail, or Yahoo) are useful. Lots of people like them. But
there's a problem: spammers like them too! Hotmail accounts are convenient for sending
unwanted junk mail.
So, spammers create bogus Hotmail accounts to spam us with. And they create as many
as possible, as quickly as they can. That's a pain in the butt for everybody, including
Microsoft (the owners of Hotmail).
How CAPTCHAs Usually Work

The traditional solution is to display a picture which contains letters and numbers turned
at funny angles, distorted, and so forth. Everyone has seen this on Yahoo, GMail or
Hotmail while applying for an account. The idea is that people can read them, but
computers... hopefully... can not.
Websites like Hotmail require people to type in these letters and numbers before they are
allowed to apply for a new account.
Captchas Are Not Perfect... Not Even Close

Sounds like a good idea - so what's the catch? Well, there are several problems:
1. Computers can break 'em anyway... although amateur programmers won't have an easy
time doing so. Greg Mori and Jitendra Mailk's Breaking a Visual CAPTCHA discusses
advanced techniques that can be used to crack even fairly sophisticated captcha systems.
2. Some humans can't break 'em! Obviously, blind users can't solve a visual captcha.
Better captcha systems also offer an audio-based option. Even then, deafblind users
(those who are both deaf and blind) are locked out. Sites employing captchas should at
least consider offering special accounts to those with special needs in this area. One
solution is to offer a telephone number - and make sure you accept TDD relay calls!
These are voice calls placed through an interpreter. Your telephone support staff should
be educated about this and encouraged to create accounts or carry out other captcha-
protected tasks on behalf of legitimate users who contact you via phone.
3. Captchas can take up extensive CPU resources (that is, slow down your web server
generating all of those images).
4. Bad guys will, in some cases, hire humans to do the data entry instead, or at least to do
the captcha-solving part. If your troublemakers are determined to get past the captcha,
they can.
How To Add A Captcha To Your Site

Now that you know what a CAPTCHA is, you might want to add one to your own site.
To learn how to do that, just check out my separate article how do I add a CAPTCHA to
my web form? There I provide a complete CAPTCHA solution and discuss how it works.
What is the difference between a web browser and a search engine?
2007-05-17: Web browsers and search engines both talk to web servers in order to
retrieve web pages. But while a web browser then shows that page directly to a human
being, a search engine does not. Instead, the search engine analyzes the page, looking for
uncommon words and indexing the content so that users can search for the pages they
want.
What is streaming audio?
2007-05-30: Streaming audio is audio (speech, music, et cetera) that plays back as it is
downloaded. In other words, when you click on the link to hear the song, the song starts
playing right away - or at least before the entire song has been sent to your computer.
Streaming playback was invented to solve a problem: downloading an entire song or

album takes time, and users get tired of waiting. Early web browsers always played music
in "external player" programs - and they always downloaded the entire file before
launching those programs. So there was nothing to do in the meantime except wait!
Early audio players, like the first versions of the RealAudio Player, worked around this
problem by using "metafiles." Rather than linking directly to the actual audio file, a
website would link to a special "metafile." These were simply text files containing the
URLs of one or more audio files. When the user clicked on the link to the metafile, the
web browser would launch the external player program and hand it the tiny metafile - at
which point the external player would open the first URL in the text file and start
streaming the music.
For the most part, this technique is no longer necessary. Modern web browsers "hand
over" the audio data to the player program as the data arrives, allowing the music to start
playing much sooner. And many music websites use Flash-based music players, taking
advantage of the built-in streaming features of Flash. However, .m3u files are still
popular as a simple way to create a "playlist" that works with just about any player that
can handle MP3 files.
Streaming Audio Problems

There's one big catch with streaming audio: your Internet connection has to be fast
enough to keep up. Here's how it works: an MP3 audio stream requires a certain number
of bytes per second. And if your Internet connection isn't at least that fast, it isn't possible
to play the audio as it arrives without "stuttering."
Even if the user's Internet connection is fast enough, it is still possible for the web server's
connection to be overwhelmed. Multiply the bytes per second for the MP3 file by 100
simultaneous listeners and you're looking at a lot of bytes!
But if the user's connection is fast enough, and the web server's connection is fast enough,
then you're all set... right? Well, not quite. There's one more bottleneck: the Internet
itself. With more and more people listening to streaming audio and watching streaming
video, the "backbone" Internet connections that tie everything together can also become
overwhelmed at times. This is why it is important to keep improving the infrastructure of
the Internet.
For More Information

To learn how to embed streaming audio in your own web pages, see my article how do I
embed sound and music in a web page?
What is MP3?
2007-05-30: MP3 is the most popular format for audio (sound and music) on the Internet.
Technically known as MPEG-1 Audio Layer 3, the MP3 format is a "lossy" format. That
means that an MP3 file does not contain 100% of the original audio information. Instead,
MP3 files use "perceptual coding." In English, that means that the stuff your ear doesn't
notice gets thrown away to make the file smaller.
Why are "lossy" formats useful? Because "raw" audio files are much too large to travel
quickly over the Internet. Audio CDs - which store the original, complete audio without
loss - require 176,000 bytes per second. That "maxes out" a typical high-speed Internet
connection. Just forget about a low-cost DSL or old-fashioned dialup modem!
But MP3 can compress by a factor of ten to one without much noticeable loss. And
17,600 bytes per second is much more reasonable. DSL and cable modem users can listen
to it "on the fly" as streaming audio, and even dialup users don't have to wait an
unbearably long time to download the song and then begin listening.
MP3 files can be compressed (shrunk) even more, but quality begins to suffer as the
compression rate is increased.
Legal Issues
The algorithm (mathematical technique) used to encode and decode MP3 files has been
patented. That means that MP3 files can't be created or played back without paying
license fees to the appropriate companies - at least, not in countries where software
patents are legal. However, the primary patent holders (Thomson Consumer Electronics
and Fraunhofer IIS) have largely chosen to leave individual users alone and pursue patent
claims against software companies. As a result, there is a general belief that MP3 files are
"free," which has led to popularity for the format - even though truly free alternatives like
Ogg Vorbis offer better quality without legal worries.
Patents relating to MP3 are expected to expire in 2011, 20 years after the publication of
the MP3 standard.
For More Information

For a more technical discussion, see A Digital Audio Primer on the TeamCom books
website. See also the Wikipedia entry on MP3. For patent licensing information, see
mp3licensing.com (however, please note that other companies not represented by that site
have made MP3-related patent claims).
What is PHP?
2007-06-26: PHP is a popular programming language for extending web pages with
dynamic features. While plain-vanilla HTML can lay out an attractive page and perhaps
present forms for users to enter information, HTML can't actually do anything with the
data that the user enters in the form. This is where web server extension languages like
PHP come in, providing a way to handle form submissions and other user requests by
accessing databases, sending email, generating images on the fly and performing other
actions.
PHP is currently the most popular web server extension language, used by many websites
both large and small. Its popularity is partly due to its free, open-source nature and partly
due to its friendliness and convenience. Tasks such as reading an entire file and
outputting it to the web browser can be accomplished with a single line of PHP code.
And PHP programmers can begin by sprinkling a small amount of code into a page
otherwise made up entirely of HTML— a convenience also available in Microsoft's
ASP.NET and other extension languages.
For more information, visit www.php.net, PHP's home on the web. See also my article
how can I receive form submissions, which provides a quick overview of PHP
programming.
"But what does PHP stand for?"
PHP stands for "PHP Hypertext Preprocessor." Yes, you read that right— "PHP" does
appear in its own expansion. Recursive acronyms like this one are a popular inside joke
in the open source community.
What are ASP and ASP.NET?
2007-12-05: ASP (Active Server Pages) and ASP.NET are server-side dynamic web
programming languages. Webmasters use them to extend their web sites by
communicating with databases, collecting form submissions from users, and generating
content on the fly. ASP and ASP.NET offer capabilities similar to PHP. Unlike PHP,
ASP and ASP.NET are products of Microsoft. You can find Microsoft's official "portal
site" for ASP.NET programmers at www.asp.net.
"How are ASP and ASP.NET different?"
ASP was Microsoft's original server-side web programming language, based on their
earlier Visual BASIC language. ASP.NET is part of Microsoft's new family of ".NET"
programming languages, which are thoroughly object-oriented and substantially different
from what went before. Since Microsoft strongly recommends ASP.NET over ASP, I do
not recommend starting new projects in ASP.
Bear in mind that all server-side dynamic web programming languages are the same as
far as the end user is concerned. That's because what ultimately reaches the web browser
is just HTML anyway. That means you can build your site in PHP (which is available for
free server operating systems like Linux) and reach just as many people as you would
with an ASP.NET site. So use the language that works best for you and your client.
What's this XHTML stuff? What happened to HTML?

XHTML is the latest generation of HTML. HTML was originally intended to be an
instance of SGML, a general-purpose markup language. But many HTML pages do not
comply with the requirements of SGML, which makes HTML tougher for computers to
work with in useful ways.
In more recent years, the World Wide Web Consortium has taken steps to correct the
problem. SGML has been largely replaced by XML (Extensible Markup Language), a
new general-purpose markup language that is easier to work with than SGML. And
XHTML, which replaces HTML, is a newer standard which complies fully with the
requirements of XML but remains compatible with older web browsers.
A Simple Example
Here is a simple example of a valid XHTML document. To try this out for yourself,
simply create a new file called mypage.html with any text editor, such as Windows
notepad. Paste in the HTML below, make any changes that please you, and save the
document. Then pick "open" from the File menu of your web browser, locate the file you
have just made, and open it. If you make further changes, you will need to "save" again
and then click "reload" or "refresh" in your browser to see the results.
Of course, this is just a simple example. XHTML can do far, far more than this. A
complete tutorial can be found at Dave's HTML Guide.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Title of My Page Goes Here</title>
</head>
<body>
<h1>Heading Of My Page Goes Here</h1>
<p>
<a href="http://news.google.com/">Follow this link to Google News</a>
</p>
<p>
Here is a picture of my cat:
</p>
<p>
<img src="cat.jpg" alt="Photograph of my cat"/>
</p>
</body>
</html>
What's That DOCTYPE About?

Good grief! Most of this looks friendly enough, but what's that scary "DOCTYPE" line
all about?
The DOCTYPE tells the web browser what version of XHTML we're using. In this case
I've specified XHTML 1.0 Strict, because this code is 100% compliant with the rules of
XHTML. You don't need to understand this line in detail - just know that you should
include it if you plan to write standards-compliant web pages. And you should.
Those who must use HTML elements that aren't included in strict XHTML can use the
"transitional DTD" (Data Type Declaration) instead:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
Understanding XHTML: A Basic Introduction

The XHTML elements in the page above are nearly self-explanatory. All elements that
describe the page but are not actually part of the content appear inside the head element.
All of the elements that actually make up the visible page itself are part of the body
element. Everything between the opening <head> "tag" and the closing </head> "tag" is
considered a part of the head element. The same goes for body. And everything should be
contained within a single html element.
The text between <h1> and </h1> is displayed as a "level one heading," which is
typically a very large, bold font.
The p element encloses a paragraph. In strict XHTML, most elements such as images and
links must be enclosed in a paragraph or another "block-level" element.
The text between the opening and closing <a> and </a> "tags" becomes a link to another
web page; the URL of the web page to be linked to is found in the HREF attribute of the
<a> element as shown in the example above.
The <img> element includes an image in the page; the image is displayed at that point in
the page, as long as the image file specified by the URL in the src attribute actualy exists.
Since the src attribute I used here contains a simple filename, the cat picture will be
shown as long as the file cat.jpg is in the same directory as the page. The same trick can
be used in href attributes in <a> elements, to conveniently link to pages in the same
directory. For more information about images and how to create them in formats
appropriate for the web, see the image file formats entry.
The alt attribute of the img element contains text to be displayed to blind users. XHTML
requires it, and since this text is also read by search engines like Google, it's important to
include it - Google probably won't know your page is about cats if there is no text about
cats on the page!
The "alt text" should describe the image in a useful way for those (including both
computers and people) who cannot otherwise see it.
The <img> element has a / before the > to signify that it is not a container and that no
closing </img> is expected.
What To Do With Your XHTML Page

Of course, a web page sitting in a file on your own computer is not yet visible to anyone
in the outside world. See the setting up websites entry to learn more about how to create
websites that others can see.
What are Cascading Style Sheets (CSS)?
2004-09-29: cascading style sheets are the recommended method of expressing the
precise "look and feel" of a web page. By associating a CSS file with a web page, the
exact appearance and behavior of every HTML element can be specified.
For instance, if the file main.css contains the following:
a{
text-decoration: none;
}
And the web page page.html contains the following <link> element within its <head>
element:
<link href="/main.css" rel="stylesheet" type="text/css">
Then any <a> elements (ordinary links) in the page will not be underlined as they
otherwise would be in most browsers.
You can also attach a style to a specific HTML element in the page itself, like so:
<a href="something.html" style="text-decoration: none;">

All modern web browsers support CSS, though CSS support is rarely perfect and testing
with a variety of browsers is recommended.
For a complete reference guide to CSS, see the W3 Schools site.
Why do style sheets exist? Why are they separate from HTML?
HTML was always intended to express the content and structure of web pages, rather
than their appearance. The original HTML specification offered elements like <cite> (for
citations), <a> (anchor, for links), and <p> (paragraph). These express the structure and
meaning of a document's parts, but not the way those parts are expected to appear. The
look and feel was left up to the programmers of the web browser and the preferences of
the reader.
Of course, designers clamored for better control over the appearance of web pages.
Various "quick fixes" were introduced, like the <font> and <center> elements, which are
now discouraged. The difficulty with elements like these is that they do not express
anything about the meaning of the page. What if the user is blind? What if the browser is
actually a site-indexing program? Knowing that the text should be "red, and 24 pixels
tall" doesn't convey as much to these users as <cite> or <h1>.
A better solution is to let HTML elements express the structure of the document in a way
that all users and programs can understand, and let cascading style sheets express the
exact appearance the designer prefers for each element -- when the web browser is
actually capable of displaying such things.
what is the difference between domain & workgroup?

Domain:
1) Centralized Administration.
2) Security of Data, User & Groups
3)Server & Clients Based
4)Windows 2000 & 2003 Server or Advance Support For Server Configuration
5)File, Folder & User & Group Permission we can assign.
WORKGROUP:
1)No Centralized Administration.
2)Not much security for Data, User & Groups. (Depends on Configuration)
3)No Server & Client Matter..Each pc reacts like a Client as well as Server.
4)Basically Windows 98 & XP is going to used in Clients side.
5)We can assign permission to drives & folder & files but much security than Domain
What is a Multi-homed Host?

If more than one NICs (Network Interface Card/ Network Adapter) are installed having
different IP Addresses onto it, The Pc Becomes a Multihomed Host.
What is the difference between simplex and duplex....

Ans:-
simplex-one way transmission.only transmission will takes place here.

duplex- two way transmission.Both transmission and reception takes place.
2 types of duplex:
1)Half duplex
2)Full duplex
Half duplex:-both transmission and reception takes place,bt nt at d same time.single

channel is used .
Full duplex:-both txn and recep...takes place simultaneously using 2 different
channels.one for txn and other 4 reception.
What is Private IP? Give an example?

Three blocks of IP addresses are reserved for private use and are not routed over the
Internet. Companies can assign these addresses to nodes on their private LANs at any
time without conflict.
EXAMPLE:
CIDR
From To Representation
10.0.0.0 10.255.255.255 10/8
172.16.0.0 172.31.255.255 172.16/12
192.168.0.0 192.168.255.255 192.168/16
What is MUX and explain how mux works?
It selects one of many analog or digital data sources and outputs that source
into a single channel.
An electronic multiplexer functions as multiple input, single output switch. A

multiplexer has multiple inputs and a selector that connects a specific input to
the single output.
In telecommunications, a multiplexor is a device that performs multiplexing,

i.e. that combines multiple analog message signals or digital data streams into
one signal.
how to change in domain name?

This article describes how to change a computer's Domain Name System (DNS) server or
servers from the command line, either locally or remotely. This operation requires you to
use the Regfind.exe tool from either the Microsoft Windows NT Server Resource Kit or
the Microsoft Windows 2000 Server Resource Kit.
MORE INFORMATION
To change a computer's Domain Name System (DNS) server or servers from the
command line, type: regfind -p
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipparameters "old
DNS value" -r "new DNS value(s)"
Where old DNS value is the value the server currently has, and new DNS value(s) is the
new value you want to use. The format is dotted decimal notation.
You can also perform the same operation to a computer remotely by typing the following
command: regfind -m \computer name -p
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipparameters "old
DNS value" -r "new DNS value(s)"
Where computer name is the NetBIOS name or the Internet Protocol (IP) address of the
remote computer.
what is the difference between physical address an...

Obtaining a physical address that is ultimately needed to perform an operation. All
instructions executing at the machine level require a physical memory, storage or
network node address when referencing the actual hardware. Machine addresses are
derived using table lookups and/or algorithms.In a network, a "where is?" request is
broadcast onto the network, and the logical address (name) is turned into a physical
address (machine number), either by the recipient node or by a router that maintains a list
of address translations.This is through ARP.
Physical Addres: It Is a physical address that we can't change, It is present in NIC Card,
Given by INTERNIC Organization.
Logical Address: It Can be changed as you like, used for assigning a ip address to clients.
A Physical address is a 48-bit flat address burned into the ROM of the NIC card which is
a Layer1 device of the OSI model. This is divided into 24-bit vendor code and 24-bit
serial address. This is unique for each system and cannot be changed.
A Logical address is a 32- bit address assigned to each system in a network. This works
in Layer-3 of OSI Model. This would be generally the IP address.
physical address is MAC address of nic and logical address is ip address.
Physical Address is nothing but your actual real address like MAC. for that Storage
device should be required. Physical Address can't be changed. It is present in NIC Card.
Logical Address is noting but your IP address which is used to create client. It will
change whenever change required.
What are the two types of transmission technology ...

There are basically 2 types of transmission technologies
1.Broadband :In this type .Every host sends the packet/message to all the host.
The message has a source address and a destination address. Destination address helps
the host to identify whether the message is indeed for them or somebody else
the source address allows them to identify from whom the message has come.
2.Point to Point :In this type of technology there are multiple connections (transmission
lines) between 2 hosts. so the packet can take different routes if a particular route is
congested.
What is point-to-point protocol

In networking, the Point-to-Point Protocol is commonly used to establish a direct
connection between two nodes. Its primary use has been to connect computers using a
phone line, though it is also occasionally used over broadband connections.
PPP works at the data link layer it is a path (leased line /ISDN line ) through which two
dissimilar networks (wan connections) can be joined.
What protocol is used by DNS name servers?

DNS uses UDP for communication between servers. It is a better choice than TCP
because of the improved speed a connectionless protocol offers. Of course,
transmission reliability suffers with UDP.
What is OSPF?
It is an Internet routing protocol that scales well, can route traffic along multiple paths,
and uses knowledge of an Internet's topology to make accurate routing decisions.
OSPF is Open shortest path first, basically comes into the category that uses link state as
the routing info communication. OSPF is used in a particular Autonomous system, not
used on the internet but its limited to internal routing in an organization.
On top of OSPF we run BGP to facilitate the communication across multiple autonomous
systems in the internet.
What is Kerberos?
It is an authentication service developed at the Massachusetts Institute of Technology.
Kerberos uses encryption to prevent intruders from discovering passwords and gaining
unauthorized access to files.
Kerberos is an authentication service, it has really robust architecture built in it.
The basic components in kerberos include the Key distribution service from which the
client communicates to get a token to reach a server, this enables the way to keep the
passwords secure from not transferred a lot of times across the network.
Once u get a key to interact to the servers you use that session key with an encryption on
it, so its really a cool authentication service.
Default port no. for Telnet, SNTP, FTP.
Default port no. for Telnet, SNMP, FTP are follows:-
Telnet - 23
SNMP - 161
FTP - 21
What is the subnet mask of this network if interface address is 130.237.14.25/23
- what is the subnet mask of this network
- how many usable IP address in this network
- what is the Subnet ID(IP) of this network
-
what is broadcast IP of this network
Subnet Mask: 255.255.254.0

No. of IP addresses assigned in that subnet: 2^9 -2=510
Subnet ID: 130.237.14.0/23
Broadcast ID: 130.237.15.255
What is file system?

File system is depending on Operating systems & hard Disk sizes.
At the time 1990 there were only dos which supports only FAT16 (File allocation table)
Upto MS-DOS 6.22 & Windows 3.1 & 3.11 It works only on FAT16
FAT16 Has it's limitation that it can't support more than 2.1 GB partition at a time.
After that windows 95 & Windows 98
That supported FAT16 & FAT32 only.

Windows NT supports
FAT16 as well as It develops new file systems HPFS i.e. (High Performance File System)
Later i.e. is called as NTFS (New Technology File System)

NTFS is now a largest support for us.
Why WINS server is required?

Windows Internet Naming Service (WINS) is an older network service (a protocol) that
takes computer names as input and returns the numeric IP address of the computer with
that name or vice versa. WINS was designed to replace the LMHOSTS file functionality
that was used previously on computers and networks utilizing NetBIOS and NetBIOS
names. WINS is considered to be a dynamic protocol because it allows hosts, services
and users to be registered in the WINS database on the WINS server automatically when
they connect to the network. This saved Network Administrators a great deal of time over
having to update and maintain separate LMHOSTS files all over the network.
: What is a TCP connection table?

The TCP connection table contains information about the entity's existing TCP
connections.
What is the difference between POP3 and IMAP Mail .

Post Office Protocol 3 POP3 works by reviewing the inbox on the mail server, and
downloading the new messages to your computer. IMAP(Internet Message Access
Protocol) downloads the headers of the new messages on the server, then retrieves the
message you want to read when you click on it. When using POP3, your mail is stored on
your PC. When using IMAP, the mail is stored on the mail server. Unless you copy a
message to a "Local Folder" the messages are never copied to your PC. works by
reviewing the inbox on the mail server, and downloading the new messages to your
computer. IMAP downloads the headers of the new messages on the server, then retrieves
the message you want to read when you click on it
POP3 is Email clients download your emails onto your computer. Using a specialized
email program such as Outlook Express or Apple Mail has the advantage of giving you
complete control over your email; every email you receive is placed on your computer
and you can keep as many large file attachments as you want.
IMAP is protocol that is being used in webmail. Checking your email through our
webmail is similar to using Hotmail or YAHOO! Mail. You never actually copy your
messages to your computer; in fact, you are looking at them through your web browser
on somebody else's computer. When you are not online, you are not able to see your
email.
What is frame relay, in which layer it comes?
Frame relay is a high-performance WAN protocol that operates at the physical and data
link layers of the OSI reference model. Frame Relay originally was designed for use
across Integrated Services Digital Network (ISDN) interfaces. Today, it is used over a
variety of other network interfaces as well. This chapter focuses on Frame Relay's
specifications and applications in the context of WAN services.
Frame Relay is an example of a packet-switched technology. Packet-switched networks

enable end stations to dynamically share the network medium and the available
bandwidth. The following two techniques are used in packet-switching technology:
• Variable-length packets
• Statistical multiplexing
Variable-length packets are used for more efficient and flexible data transfers. These
packets are switched between the various segments in the network until the destination is
reached.
What is a network router, a network gateway, and a firewall? Do I need them?
A network router is a computer device that connects users and networks by buffering and
forwarding information to a particular place. The network gateway serves as a data
transfer point between the internet and a private network. Most routers contain a network
gateway, however, many computers these days also contain a server that can function as a
gateway. The firewall is a security device used in software or hardware forms as a means
of playing guard to incoming information. The firewall permits, denies, and proxies data
as per instructions by a computer user or computer security settings. Each of these
devices work together to provide connection to the internet and security while connected.
If you want to connect to the internet, especially with today's wireless options then you'll
need them. You'll have to go out and buy a router. The router will generally have a
network gateway, as mentioned, your PC might have one as well.
LAN, MAN, CAN, and WAN: What are the differences? What is each one used
for?
LAN, MAN, CAN, and WAN are all different types of networks used when connecting
to the internet and/or other computers. LAN is a local area network used in small areas
such as homes or offices. LANs offer quick data transferring due to its small area and
transfer area. Additionally, LANs don't need an external telecom device in order to be
accessed. MANs are metropolitan area networks, so they are used for larger areas, such
as entire cities. CANs are a type of MAN meaning campus area network. As the name
implies, they are commonly used on academic campuses, but can also be used in most
any moderate area. WAN is a wide area network and is good for a larger area. WAN are
often compared to LAN connections. They have a slower data transfer due to the wide
range. WANs are commonly used in large organizations due to their extensive area.
Network Topologies: What are they? And what are the characteristics?
Network topologies are the way in which a network is arranged. More specifically, how
different nodes are shaped. Nodes are devices in a network that are connected. Thus, the
shape of these devices connection is what is called the "network topology." There are
several different types of topologies, some of which are bus, mesh, ring, tree, and star. So
what exactly are these network communication shapes?
A Bus is a network topology that is connected by a "backbone" or a line from which all
nodes are connected. This means that all the data that is transmitted over a bus network is
sent over the same transmission medium, this being the "backbone."
A Mesh network topology is a shape in which different nodes are connected by

interconnected similar lines. The shape of the mesh is rather like two different
overlapping triangles that allow interaction between nodes.
A Ring device is named after its very apparent and obvious ring shape. All the nodes are
enclosed within the ring shape creating a communications loop.
A Star network topology is connected through a central connection, meaning a central

node rests in the middle while all other nodes communicate through it.
A Tree is a form of network topology that utilizes different forms of network topology
within its own. The tree configuration is comprised of groups of star network topologies
that are connected to one another through a single line that resembles the backbone of the
bus network shape.
SECTION 1.
1.1. What is networking?
In this document, the term "network" will refer to a connection between

two computers, the 200LX and a "desktop" computer. This is an
"Ethernet" connection. It resembles a direct connection via a serial or
parallel port (something you might accomplish with LapLink) except
that it requires a special adapter board, has different cabling, and is much
faster.
1.2. What does the term "Ethernet" mean?
It refers to the physical way the network is wired, as well as the

protocols used to transmit data over those wires. Other network types
include "ARCnet" or "Token Ring." Most
networks nowadays use the Ethernet standard, and use the 10BASET
(ten-base-tee) wiring scheme. In this scheme, twisted-pair wiring is run
from each computer on the network to a central hub, which links all of
the computers together. "Twisted pair" cabling is similar to telephone
wire, but with eight wires instead of four. (The wires are grouped into
four pairs, and each pair consists of two wires twisted around each other
-- hence the name "twisted pair.") Each end of a twisted pair cable has an
RJ-45 connector on it, which looks like a larger version of a telephone
cord plug.
1.3. So what good is Ethernet on the 200LX, anyway?
Perhaps most important, you can run backups. This is not as important
for palmtops with small internal RAM drives, because the software
needed to run effective backups will take up proportionally more room,
and besides, a small flash card will do the job nicely and be more
portable and probably less expensive. If you have NO money, you can
still do a serial port backup to your hard drive in a relatively short
amount of time. However, for larger palmtop RAM drives, such as
32MB, the backup problem becomes critical. A flash card big enough to
hold all of the data on your RAM drive is fairly expensive, and who
wants to waste 32MB of flash card? Serial port backups are way too
slow for a full 32MB backup. This is where the Ethernet card shines. It
is relatively inexpensive compared to a flash card, and yet allows high-
speed backups.
But backups are only one of the many applications of palmtop Ethernet!
What you can do depends largely on what software you can run, and is
covered more fully in section 3. For now, suffice it to say that you can
run remote applications, print to other printers, communicate via e-mail,
run network diagnostics, and... well, pretty much any reason you'd wish
to be connected to another computer in the first place!
1.4. What are the advantages/disadvantages of Ethernet over using a

modem in the 200LX?
The advantages of using an Ethernet connection over a modem

connection are that it is much faster (on the order of twenty times as
fast), it takes up less power than a modem. The
disadvantages are that you need special hardware; you cannot make an
Ethernet connection over a regular phone line.
Additionally, the distance between you and the computer you are
communicating with must be fairly short-- a few hundred feet at most.
(Unless, of course, your remote computer is hooked up to another
network with a longer range, such as the Internet, and can redirect you.
In that manner, you can go around the world via Ethernet. However,
direct computer-to- computer connections are fairly limited in distance.)
All things considered, comparing a modem connection with an Ethernet
connection is like comparing apples and oranges. Each has its own use.
1.5. What are the advantages/disadvantages of Ethernet over using a

direct serial or parallel cable connection in the 200LX?
Serial connections are often used with programs like LapLink to transfer
files from desktop to palmtop, or vice-versa. It's a simple matter to buy
a cable and set up some file transfer software so you can copy things to
and from your 200LX.
Most every desktop PC has a serial port you can hook up your cable to,
so the serial connection is probably the most common. The
disadvantage here is that it's the slowest type of connection; the best you
can do is 115,000 bps, which translates to roughly 10K per second (and
that's if you're extremely lucky).
Parallel connections on the palmtop are much rarer, because the 200LX
has no parallel port built in. There are at least two parallel port cards
that work in the 200LX, the better of which seems to the be Transdigital
card. With one of these, it is possible to connect (via LapLink or
InterSvr or other connection software) and do transfers at speeds from
2-5 times faster than a serial connection. Not bad at all, but still not as
fast as we'd like.
Ethernet connections are the fastest of the bunch, with a theoretical

maximum of 10Mbps (bits per second, not bytes), or roughly eighty
times faster than a serial connection, and seventeen times faster than a
parallel connection. Real conditions will yield less speed than this, but it
is still extremely fast. On the palmtop, measured speed is around 100KB
(bytes, not bits) per second, or about 8% of the theoretical maximum.
This is probably mostly due to the palmtop's limited processing power,
because although even Pentium II computers never seem to achieve
10Mbps, they come a lot closer than the 200LX.
Even so, it is obvious that a palmtop with an Ethernet connection is

capable of transferring data at a very high rate of speed!
HARDWARE
2.1. What sort of Ethernet hardware will work in the palmtop?
The most obvious requirement for an Ethernet adapter that will work in
the palmtop is that it be a PCMCIA card. Second, it must not draw more
power than the palmtop can supply, or
roughly 150 milliamps. Finally, it must have drivers that allow it to
work with the palmtop's non-standard PCMCIA hardware.
Unfortunately, this eliminates the vast majority of PCMCIA Ethernet

adapters. Although many of them meet the power requirements, there
are almost none that have drivers that allow them to work with the
200LX.
The only two types of Ethernet card that work with the 200LX are the
Silicom Ethernet Card (www.silicom.co.il) and the Accton
(www.accton.com) EN2212/6 cards.
The Silicom card was specifically designed with drivers from the
company to work in the HP DOS palmtops. It ships with all necessary
drivers and documentation to allow you to use packet-driver applications
(more on this later) or log in to a NetWare server. The card itself has a
female jack on it, and a proprietary twisted-pair cable with an RJ-45
connector on the end of it comes with the card. This allows you to plug
directly into a wall jack; perhaps not the most elegant of solutions, since
the cable is not very long and, if damaged, the user must buy a new one
from Silicom. (There have been at least two reported cases of the
Silicom cable being defective and needing to be exchanged.) The other
disadvantage of the Silicom card is that the drivers do not work with a
double-speed palmtop; the memory on the card reports as damaged in
the double-speed unit. Silicom has no plans to fix this problem.
The Accton EN2212 and EN2216 cards were not factory designed with
the 200LX in mind. However, there are drivers available on SUPER
(www.palmtop.net) called LXETHER3 which allow use of this card in
the palmtop. The EN2216-1 is the recommended model for palmtop
usage. The card itself has a female jack on it, where a proprietary
breakout box plugs in. This box has a female RJ-45 jack on it, so you
can plug your own twisted-pair cable into it. This breakout box is much
shorter and more durable than the Silicom cable, and provides the
advantage of having LEDs for connection and data movement. Also, the
drivers for the Accton cards work on both single- and double-speed
palmtops. The disadvantage of the Accton card is that it only includes
support for packet- driver applications. Other functions, such as logging
in to a NetWare server, must run over the packet driver if desired,
leading to greater complexity.
It is worth noting that there are numerous cards (such as some made by
USLogic, a brand sold by Computer City) which are identical to the
Accton cards and which will work with the drivers on the SUPER site.
2.2. How much will these cards cost me?
The Silicom card can be had for between $100-$150, depending on

where you find it. A reliable source is Precision Guesswork
(www.guesswork.com). The Accton cards can be found many places.
Try Internet Shopping Network (www.isn.com), or CompUSA Online
(www.compusa.com). The EN2216-1 is the one you want; it should be
around $70.
2.3. What is the difference between the EN2216-1 and the EN2216-2?
The cards themselves are identical, but the breakout boxes are different.
The EN2216-1 includes just an RJ-45 jack, while the EN2216-2 includes
both an RJ-45 jack and a coaxial cable
connector. The -2 model is therefore larger in size, weight, and probably
current usage. For the palmtop, you can't use a coaxial cable network
anyway; it draws too much current. Hence, stick with the 2216-1.
2.4. What hardware will I need to connect to another computer?
The computer you want to connect to must either be on a LAN and have
an Ethernet connection to a hub, or at least an Ethernet card installed. If
you are only going to be connecting your 200LX to your
otherwise-isolated computer, you will probably not have an Ethernet
card installed and will need to buy and install one. Something like the a
Dlink SN2000 (for ISA bus) or 530-TX (for PCI bus) would be a good,
low-cost solution. These cards generally run from $30-$50 and can be
found at almost any computer store.
If you are trying to connect to a computer that's already on a LAN, such

as a work computer, you will need an RJ-45 jack that hooks into the
LAN. From there, you can access the
other computer. If you have a spare data jack near your desktop, that's
good. If not, you can buy a cheap hub (which is kind of a "splitter" to
join several different cables) and plug your network connection into the
"uplink" port. Then run two more twisted-pair cables, one to your
desktop and one for the palmtop. Presto! You now have a connection
for your palmtop, and your desktop is still connected.
SOFTWARE
3.1. Okay, what software can I run now that I have my hardware
installed?
First, let's cover some basics. To run ANYTHING, you need to be able
to see the Ethernet card in the palmtop. Unfortunately, the drivers for
most cards won't see them in the palmtop, because the 200LX does not
use a standard Intel PCIC compatible controller for its socket.
Enter the enablers. Both the Silicom and Accton cards need to have
enablers run before you can do anything with them. Basically, these
enabler programs allow other applications to see the card and talk to it--
much like CIC100 allows programs to see and talk to modems.
The enabler for the Silicom card is called SEHP.EXE. You put the
Silicom card in the socket and run SEHP and it enables the card. After
that, you can run the packet driver, or the NetWare ODI driver.
The enabler for the Accton card is OP2216.EXE. It works the same as
the Silicom enabler; place the card in the socket and run OP2216.
These enablers are not TSR's like CIC100 is; there is no resident code,
so they take up no memory. They merely configure the card and the
palmtop and then exit.
One consequence of running the enablers is that you cannot thereafter

place other cards in the socket without turning off the machine, or
rebooting.
3.2. Okay, so after I run the enabler, what then?
Then you can run the actual drivers for the card, whatever they may be.
Probably the most common driver type is a packet driver. A packet
driver is a TSR that will transfer data to and from the card. Other driver
types include ODI drivers (for logging in to a NetWare server) or NDIS
drivers (for use with MS LanMan and other SMB clients). There are
many others
that I won't get into because, frankly, it's getting late.
These drivers must be specifically designed for the palmtop! Just

because you've run the enabler, don't think you can just run any driver
and have it work. It must be specifically tuned for the palmtop. The
Silicom card comes with a compatible packet driver and an ODI driver.
The Accton card has a packet driver only.
3.3. Okay, so what does THAT let me do?
A lot. The ODI driver will allow you to log in to a NetWare server,
which is extremely useful-- but only if you have a NetWare server to log
in to. In this day of Windows NT, those are becoming more and more
rare. Still, if you do have a NetWare server, you then have access to the
server's drive and can do backups, run other programs, etc. Very useful.
The packet driver, however, is even better. There are ton of applications
that can run over a packet driver, including telnet clients, FTP clients,
web browsing applications, e-mail
programs, etc. Of course, you must consider their system requirements;
a 32-bit graphical web browser won't run on the palmtop. Best of all
would be a SysMan compliant program. One example of this is PNR. It
is designed for a modem and PPP, but can be run over an Ethernet
packet driver instead of a PPP packet driver. In this way, you can get
full SysMan
compliance and the super-speed of Ethernet.
Other applications that run over a packet driver include:
- LanWatch, sold by Precision Guesswork. A network analyzer; turns

your 200LX into a fantastic network diagnostic tool.
- NFS clients. If you have a Unix machine on your network, or are

running NFS on your NetWare, or have an NFS server on your WinNT
or 95 desktop, you can mount drives on your
200LX and do backups.
- Printer clients. With the right server running, these can be mounted by
NFS software, and allow you to print to remote printers.
- Windows 95/98 network clients. With these, you can login to your
Win95/98 drives and printers.
- NetWare login clients. Although the Accton cards do not come with an
ODI client, you can still log in to a NetWare server by running PDIPX
from Intel.
- FTP, Telnet, ping, IRC, and other TCP/IP clients and servers.
3.4. Okay, okay, I get the picture. Are there any palmtop- specific
programs in the works that take advantage of Ethernet?
There is a rumor of a project to make WWW/LX Plus support Ethernet

as well as modem connectivity. This would greatly speed up
downloading e-mail off of local POP3 servers, as well as increase web
browsing speed.
TROUBLESHOOTING
4.1. Help! I installed a network card in the palmtop, and in the desktop,
and ran a cable between them, but they don't see each other! The
connection light is not even on!
For a direct connection (i.e. without a hub) between two computers, you
need to use a special "crossover" cable. This is analogous to the
"null-modem" serial cable that programs like LapLink need to establish
a serial connection. The theory is that you must connect the transmit pin
of one side to the receive pin of the other, and the receive pin to the
transmit pin, to get communication.
You can buy these crossover cables, or make one yourself if you have
RJ-45 ends (available at Radio Shack and most electronics stores) and a
crimper. You must cross over the following wires:
RJ45 pin to RJ45 pin

-------- --------
13
26
31
62
Pin 1 would be the first one on the left when looking at the RJ- 45
connector from the bottom.
Q1 Piggybacking Suggests
attaching an acknowledge to an outgoing data frame
Q2 The network address made available to the transport layer should use a
uniform numbering plan
In a session
What is the range of addresses in the classes of internet addresses?

Class A 0.0.0.0 - 127.255.255.255
Class B 128.0.0.0 - 191.255.255.255
Class C 192.0.0.0 - 223.255.255.255
Class D 224.0.0.0 - 239.255.255.255
Class E 240.0.0.0 - 247.255.255.255
Answer:
Class A 0 - 126 255.0.0.0 (127 is loopback)
Class B 128 - 191. 255.255.0.0
Class C 192 - 223. 255.255.255.0
Class D Multicast
Class E Reserved
class A 1 - 126 .
class B 128 - 191.
class C 192 - 223.
class D 224 - 239.

class E 240 - 246.
What is the default subnet mask for an ipv6 address ?

Default Subnet mask for IPV6 is 255.255.255.255.0
What is the default subnet mask for an ipv4 addresses...

A default subnet mask 255.0.0.0 for Class A, 255.255.0.0 for class B, 255.255.255.0 for
Class C.
What is the difference between routable and non- routable protocols?

Routable protocols can work with a router and can be used to build large networks. Non-
Routable protocols are designed to work on small, local networks and cannot be used
with a router
What is port address

Port address is transport layer ID (simillar to IP in Network Layer)Â which identify the
application on the host.
What is MAC address

What Is a MAC Address?The MAC address is a unique value associated with a network
adapter. MAC addresses are also known as hardware addresses or physical addresses.
They uniquely identify an adapter on a LAN.MAC addresses are 12-digit hexadecimal
numbers (48 bits in length). By convention, MAC addresses are usually written in one of
the following two formats: MM:MM:MM:SS:SS:SS MM-MM-MM-SS-SS-SSThe first
half of a MAC address contains the ID number of the adapter manufacturer. These IDs
are regulated by an Internet standards body (see sidebar). The second half of a MAC
address represents the serial number assigned to the adapter by the manufacturer. In the
example, 00:A0:C9:14:C8:29The prefix 00A0C9indicates the manufacturer is Intel
Corporation.
Short for Media Access Control address, a hardware address that uniquely identifies each
node of a network. In IEEE 802 networks, the Data Link Control (DLC) layer of the OSI
Reference Model is divided into two sublayers: the Logical Link Control (LLC) layer and
the Media Access Control (MAC) layer. The MAC layer interfaces directly with the
network medium. Consequently, each different type of network medium requires a
different MAC layer.
On networks that do not conform to the IEEE 802 standards but do conform to the OSI
Reference Model, the node address is called the Data Link Control (DLC) address.
See a breakdown of the seven OSI layers in the Quick Reference section of Webopedia.
How does a LAN works?
LANs
• A Local Area Network is a small network which is usually contained within one
building or campus. It is usually a private network, unlike the public internet. An
Administrator in charge controlls file sharing, access and many other factors.
LANs can be connected to public networks like the Internet, with some
precautions (against hackers, viruses etc). Usually a firewall/proxy server/router
acts as the gateway between the LAN and the Public Network. A popular wired
LAN technology is the Ethernet (Sometimes called IEEE 802.3). These days
Wireless LANs are becoming popular. They are collectively known as IEEE
802.11 LANs.
• I could spend hours going into detail about this question, but I won't. Basically the
proxy server will go to internet to pull a webpage for the client requesting it. It
also will store a copy of this page (cache) for future requests. Another function of
the proxy is that is hides the clients IP address from the "outside world", and uses
its own. Therefore, the webmaster of the webpage cant see the IP of the client
requesting the page because in actuallity the proxy is requesting the page.
How can you connect a router and 2 switch hub in a network?
Answer
You need to use "crossover" cable. Search on google and you can find the schematics.
Router <==> Switch ===Regular Cat 5 Switch <==> Switch === Crossover cable Router
<==> Router === Crossover cable
Crossover PIN layout of RJ-45 1 Rx+ 3 Tx+ 2 Rc- 6 Tx- 3 Tx+ 1 Rc+ 6 Tx- 2 Rc-
Is cordless networking cheaper?
Answer
The hardware initially is more expensive slightly. However, the cost of the cable you
need to run can quickly overcome this initial price difference. Add to that the labor cost
of running cable, and the cost usually works out to be at least even, if not cheaper, for
wireless networking.
Answer
yes
What can be done to make a network run

faster?
Answer
Networks can run slowly for a variety of reasons. I assume that your network is running
slowly because you have a lot of traffic. The best way to speed up an overloaded network
is to segment it. In other words, divide it into two networks. Then each network will
support only half the traffic.
You need two hubs/switches to be able to do this. Each hub/switch will support one of
the networks. If you have multiple servers, one of your servers should probably be
"multi-homed". That means it should have two network cards and be attached to both
networks. Then it can serve as a "router". A "router" will pass packets from one network
to the other if they need passing.
How do you network two computers that are about 150 ft apart?
You could hard wire the two together but it's easier to go wireless. each computer
must be capable of wireless reception, if they are not go buy one or two usb adapters for
hooking up to the computer. They come with software that takes you step by step to
install the software so no worries there. Also buy a wireless router, linksys, dlink, belkin,
netgear etc., plug ethernet line from cable modem into router instead of computer. You
can install the software (sometime they want you to install it first before hooking up the
router but you can just go to 192.168.0.1 or 192.168.1.1 in your web browser and go from
there. Just remember you would probably want to enable encryption, 64 bit is fine. Enter
a SSID unique to your desires 9Just name it something you like) and the generate the
keys there'll be for rows of key number and letters remember the first row because you'll
need it to log on next time you want to join you new network. There is a checkbox so that
the key will be remembered so that you won't have to re-enter it every time you join your
network. It'll do it automatically but no one outside of your two computer will get in.
Tada!
Answer
You need: ethernet card cable cat5 4 port hub
Put the ethernet card in the computer. Then connect the cables from both computers to
the hub and then from the cable modem to the hub. That should do it.
Answer
if you both want to be able to use the internet access, then the easiest way is purchase a
network card(ethernet), some CAT5 cable(as previously mentioned), and a router(linksys,
d-link, etc). first install the network card in the machine without one. then connect the
cable modem to the routers WAN port, it should be labeled that. then in ports 2 and 3, use
the CAT5 cable to connect to the yours and your partners computers. after that follow the
instructions in the routers manual on final configurations(should be mostly automatic),
and you're done.
Answer
While wireless is a great, inexpensive, and easy way to network, its speed and throughput
is limited (56kbps-108kbps on average for 'turbo mode' links). So you could use the 1
gigabit ethernet copper wire solution (1000kbps) and get more potential speed, but if you
have enterprise grade servers on a business campus say, buildings apart, that need more
speed and throughput than 1Gb ethernet can provide, you can connect your servers using
10GbE fiberoptic links, using 10GbE fiber PCIe cards. The IEEE standard for 1000base-
LX (long range) fiber is about 5km distance, and the 1000base-SX (short range) fiber can
reach around 550m distance using the larger diameter 50 micron fiber. Keep in mind that
most people's average computer uses a PCI bus for add-in cards, and the regular 32-bit
PCI bus is not even fast enough to keep up with true 1Gb speeds, so that is why they only
make the 10GbE cards to fit computers with PCIe buses on the motherboards. The rest of
the computer needs to be pretty beefy too, in order to even be able to run even near the
speeds that the network card is capable of.
What cable should you use to connect a laptop with a PC?
Answer
You need what is called a crossover cable. This cable is special because there are a few
wires switched that allow the computer to send and receive all has to do with the network
card and how communication is done. Don't want to get to blah blah
How can you run multiple computers off one IP address?
Answer
Use a router.
Connect your cable or DSL modem to router, router to hub. Some cable and DSL
modems have built-in capabilities to act as a router and perform Network Address
Translation (NAT). The router can assign separate IPs for each computer, but all will
access the Internet through the 1 IP address assigned to the port of the router/modem
connected to the Internet service provider's network.
If you are using a slower dial-up modem, the computer connected to the Internet using
the modem can have 'Internet Connection Sharing' turned on. This computer will connect
to other computers in your home using a hub/switch. The other computers will use the
modem connected computer as their Default Gateway.
Alternatively... We can have same ip address on two or more computers in the SAME
network. They should be in same collision domain. Let their MAC address be same first
& then assign them same ip address. You can do it by installing a cheap network hub.
Watch my associated video on www.metacafe.com/channels/austinium2002/
How does TCP and IP address works on networking?
Answer
NetBIOS is a protocol that allows computers running windows operating systems before
Windows 2000 to join a Windows 2000(or later) network.
Older operating systems ran NetBIOS over IPX/SPX or IEEE 802.2 (NBF).
NETBIOS is an acronym for Network Basic Input/Output System. The NetBIOS API
allows applications on separate computers to communicate over a LAN. In modern
networks, it normally runs over TCP/IP(NBT), giving each computer in the network both
a NetBIOS name and an IP address corresponding to a (possibly different) host name
What are the types of modems?
Answer
There are lots of types of modems. Modem stands for MOdulator/DEModulator. A cable
modem really is a modem because it modulates and demodulates RF on coax cabling. a
phone modem does this using audible tones over a copper pair.
Answer
A V.32 modem supports 9600 baud data communications. It is unlikely that any of these
are still for sale, but many are still in use at companies. IBM got into a lot of trouble at
the Olympics in Atlanta when foreign news organizations came with modems that could
only do 9600 baud to a system that expected a higher rate of data transfer. A V.32 bis
modem supports 14,400 baud data communications. This is a good solid middle of the
road standard unit. Data compression and error recovery typically use V.42 bis protocol.
A V.34 is the latest standard. It supports communications at 28,800 baud. Vendors spent
the last few months developing and testing hardware. Now volume production has begun
and these units are beginning to appear in stores. Expect pricing around $250. Some
modems run a bit faster than 28,800. There is no standard here, so you have to buy the
same type of modem at both ends of the connection. Otherwise, they will fall back to the
V.34 standard. Though not strictly a modem, an ISDN adapter can be used with ISDN
digital phone service if it is offered by the local phone company. This can provide
support speeds of 64000 bits per second. More will be said about this option later on.
What is the minimum number of pins of COM port needed to make a serial network
between two computers?
Answer
Four.
Answer
Four pins ie.,TXD,RXD,RTS and CTS. U wil need to use the others in case of devices
like modem ,etc.For communication between 2 computers u can avoid thm.
How do you install the Network Operating Systems and server and which one is best
for a network with less than 10 computers?
Answer
With a network that has less than 10 computers, you really dont need a server. Installing
network operating systems is the same as installing any operating system, insert the cd
and install.
For a network with less than 10 computers, a peer to peer networking topology would be
the best.
Why is the transport layer not present inside the network?
Answer
The transport layer provides additional function to compensate for the limitations and
impairments of the network layer, in order to meet requirements (e.g. QoS) of the upper
layer. For example in TCP/IP, IP provides only best effort service. To provide the reliable
service required by some applications - that is, to compensate for the shortcomings of
best effort service - TCP establishes connections and implements flow control and
congestion control on an end-to-end basis.
How does a DNS resolve an IP address?
Answer
A DNS client "resolves" an IP address by sending a specially-formatted request to a DNS

server. The client has to know the address of one or more DNS servers in advance. The
reply from the server may be a direct reply with the IP address associated with the
hostname, a referral to another DNS server, or a response indicating the requested name
can't be found in DNS.
Typically, the request will ask the server to "recurse", i.e. if it cannot answer the question
from it's own local memory, it should go ask other servers on behalf of the client. This
behavior helps the local server build up it's own cache of addresses frequently looked up.
Can multiple computers be connected wireless?
Answer
sure, just get 2 wireless NIC Cards and install them both into the computers, then get a
Wireless Router, and depending on your operating system, you may need to install more
networking protocols. As far as having them both use A dial up connection. that i have
never done before, but you should be able to do that using Internet Connection sharing
If you have installed two network cards in your PC will your PC have two IP
addresses?
Answer
Yes. Each MAC address (each network card has its own MAC address) requires an
individual IP address on a network.
In XP you can bridge the connections in Network Connections, but I have never actually
figured out why this is preferrable (perhaps if each card is connected to separate
networks).
How do you get the MAC address of another computer in a Novell network?
Answer
If you are using novell server with windows workstations and you know the IP address of
the PC, then you can type nbtstat -A in a dos window.
How do you network three computers without a hub?
Answer
The only possible solution is setting up ad hoc wireless network between these 3
computers, but you will need 3 wireless adapters.
Setting Up Ad Hoc Wireless Network in Windows XP http://www.home-network-

help.com/ad-hoc-wireless-network.html
Answer
Without a hub, you will have to use crossover cables (not standard or 'patch' cables).
Answer
It is very possible and it is facilitated if you have windows XP on the muiltihomed

computer, basicaly bridge the two network conections (done auto in winxp) otherwise if
the multihome computer doesnt have win xp you have two create two different networks
with different ip address then then bind both NIC to both networks, thats each NIC
should have two IP addresses. More simply use the center computer as the gate way
under the default gateway. REMEMBER ALL THE CABLES INVOLVED ARE
CROSSLINKED.
Answer
If the computers all have NIC cards then you would probably be better off by using a
switch or a router even a wireless router they don't cost more than 40 or 60 dollars. You
don't want to use a Hub they are passe.(No Good Any More)
How can you access a com port on a network from one PC to the next?
Answer
There generally r 2 com ports, com1 and com2. They are RS232 ports which r serial
ports.one way to communicate between 2 PCs is to use a software called
hyperterminal..its there in evry computer.( accessories-> communication tools). if not u
can also install it. u can find more infomation on it online..in case.. 1> u can either use an
RS232 to IR converter device connected to the respective ports of both the comps to
communicate.u'l be usin IR communication in dis case. 2> u can connect a cable between
these two ports of both the comps( female-female...as RS232 is a male port).but ure
comps wud need to b in close proximity for a physical connection like dis.
u can get back to me for any further clarification on the same.
Can you share a wireless connection through a router or hub?
Answer
YES, the first thing to understand is that there is a vast difference in the two. HUB and
ROUTERS (Hub is a Traffic Cop, that is able to focus on the job at hand and perform
exactly as needed with traffic. A router is merely a traffic light that performs exactly as
commanded.) Now any wireless hub or router will connect any wireless device, but to
share a high speed intenet (Cable or DSL)you MUST have a HUB. Hubs are designed to
recieve a broadband carrier and wireless traffic. But if you having difficulty connecting
most likely your wireless devices are not finding or detecting the wireless router or hub.
Winxp is unusual, but the best fail safe here is install software for all devices and
SHUTDOWN everything! Broadband modems, wireless hub/router and all connected
computers. Disconnect power to Broadband modems and wireless hub/router. Wait 10-15
seconds then Plug in power to Braodband modem first. Then wait about 5 seconds and
plug in wireless hub/router. Once bioth devices are light up normall
How can you learn networking in a very short time?
Answer
Set up your own network at home by getting the help from networking book or website.
This is the most useful and faster way to learn networking with hands-on experience.
Check out this site to start setting up your home network and learn networking:
http://www.home-network-help.com
Answer
I recommend the book "Networking Complete" published by Sybex. It is inexpensive,

comprehensive, and easy to follow.
Answer
you might check out learntosubnet.com
Answer
I do not think that you can learn networking in a very short time unless you are the next
Einstein, but you local bookstore like Barns &Noble or Waldenbooks has a lot of easy to
follow refrences. I think the book Teach Yourself Visually Networking 2nd Edition by
Visual, is a very good starter book.
Answer
Comptia's Network+ certification is non-vendor specific, and covers most local area
networking theory and some wide area networking. Look for guides and documentation
for this certification to learn the right stuff quickly.
Does networking 2 PCs make them run at half speed?
Answer
It's slightly ambiguous as to whether you're referring to computer processing speed, or

network bandwidth. I shall attempt to answer both questions and hopefully this will help.
1) Networked computers are obviously going to allocate some system resources to the
task; however, for any normal network task I doubt you'd notice the difference when
using the computer. If you're planning on using multiple NICs, in, for example, bridging
two networks (see the other FAQs), this will be a more significant drain on resources, and
it's not usually the best way of setting up a network.
2) Networking bandwidth (the speed files can be transmitted) is really dependent on how
you have your network wired up. If you're using co-axial cable to daisy-chain computers
(in a series connection), then you're correct, each extra computer will halve the available
networking speed. This is pretty old fashioned though - it's much more likely you're using
CAT5 (twisted pair) cable (the ends kinda look like US phone plugs). In this case the
speed depends mainly on the speed of your network adaptor (the card in your pc: 10, 100
or 1000MB/s for wired connections). If you're connecting 2 pcs the simplest solution is
just a cross-over cable (see the other FAQ). If it's for 3 or more, it's best to use some sort
of central hub, which all the computers connect to - the more connected, the slower the
network will run, due to packet loss etc. It's better to use a switch, which routes packets
more intelligently, only sending data to the computers that request it.
What do you need to set up a network for five buildings three floors high with about
1850 users?
Answer
Contact an IT solutions company. This is way to big of a job for anyone without
extensive knowledge in the field. It will likely require multiple servers, operating
systems, lots of wiring, lots of computers, backup solutions, multiple internet connections
w/routers, probably some wireless access points, tight security, etc. Depending on the
configuration, the hardware alone will easily exceed a million dollars, and labor will
likely run $100+ per hour. With that much money being thrown around, contract the
initial installation and hire an internal IT department for day-to-day matters and to assist
in the set-up. This system will cost a few hundred thousand per year to keep up, too, with
the staff for the department.
Answer
Unfortunatley, I have to completely agree with the answer the previous user submitted, I
wish I had better news for you, buddy
Answer
I would suggest mini server rooms in each building, local network cabinets on each floor,
each buliding connected to each other by at least two links for redundancy. You would
need from the infrastructure point of view, switches, routers, cabling, ports.
From the computer point of view you would need servers and workstations. You would
need to consider Backups and replication, patch management and Anti virus, licencing
software and firewalls.
What is difference between switch & hub?
Hub is a Physical layer devices that are really just multiple port repeaters. When an
electronic digital
signal is received on a port, the signal is reamplified or regenerated and forwarded out all
segments except the segment from which the signal was received.
switch (1) In networking, a device responsible for multiple functions such as filtering,
flooding,
and sending frames. It works using the destination address of individual frames. Switches
operate
at the Data Link layer of the OSI model. (2) Broadly, any electronic/mechanical device
allowing
connections to be established as needed and terminated if no longer necessary.
BOOTP helps a diskless workstation boot. How does it get a message to the network
looking for its IP address and the location of its operating system boot files
BOOTP sends a UDP message with a subnetwork broadcast address and waits for a reply
from a server that gives it the IP address. The same message might contain the name of
the machine that has the boot files on it. If the boot image location is not specified, the
workstation sends another UDP message to query the server.
Roles of Network administrator
Here is a very short list of basic tasks for which a network administrator may be
responsible:
• Setting up and configuring network hardware and software

• Installing and configuring network media and connections
• Connecting user nodes and peripherals of all kinds to the network
• Adding users to and removing users from the network
• Managing user accounts, such as passwords, storage space, and file-access
privileges
• Creating and maintaining a system for backing up data and program files
• Ensuring the security of the network
• Managing the organization's e-mail system
• Managing users' ability to access the Internet via the network
• Training users to utilize the network's resources
Can you use 2 Mac addresses from one cable at the same time with a splitter if both
Mac addresses are provisioned?
Answer
MAC address are hard coded on network cards and network devices. A HUB acts as a
splitter, so yes.
What is the difference between distributed systems and computer networks?
Answer
A distributed system shares the work to be done among several computers. There is
usually a control process that manages all of the various sub processes to ensure they are
performed in the proper sequence. Although these computers are networked together, the
network is usually unavailable to other systems and users; and it is usually extremely fast.
A computer network allows computers on the same network to communicate with each
other. There is no indication these computers will share any work simply beacuse they
have been networked together.
Why would the network LAN card shut the power on and off the computer?
Answer
It might have something to do with Wake On Lan, this is something that can be disabled
in the BIOS. try to disable Wake On Lan or WOL within bios and see if that fixes it, it so,
download a bios update
Can you hook more than one computer to one DSL modem?
Answer
No, unless you set up a network with router. Check here:
Answer
No, but you can network more than one computer on the same DSL modem.
Why can't you open very many websites?
Answer
This is a layman's answer, but I think it's basically correct: If you open several web pages
at once, your computer (or maybe just your web browser) will eventually crash, for the
same reason that you cannot run numerous programs at once without eventually crashing.
You are limited by how much RAM your computer has. RAM is the memory that is
actively being used when a program is running, or window is displayed on your screen,
image is displayed, etc. Gradually this is used up until you run out, and then you crash.
So if you have a lot of RAM you can run more programs at once, or view more web
pages at once. But there's always a limit.
List six types of communication media and give examples of situation where and
why?
Answer
• Wire - Cheap, simple, compatable with old equipment, must be amplified for long
distances
• Optical - Fast, long distance, high bandwidth, can carry multiple data streams on
one cable, expensive, can break easily
• Wireless RF - Simple, no cables, expandable, no line-of-sight required, long
distance
• Wireless IR - Cheap, line-of-sight required
That's all folks! I honestly don't think there are any other network medias. Unless you
split wire into coax (thick copper), UTP (Unshielded Twisted Pair), STP (Shielded
Twisted Pair), etc. But I may be wrong.
Big bandwidth, slow response
Let's think "outside the box" for a moment:
Nobody ever said this question was about "data" communication between digital devices.
There are many other well-known media for information communication, including air
and other fluids, using numerous different signalling means:
Don't forget the "communication channel" of physical delivery of pre-recorded media! It

is often MUCH cheaper and efficient to send a taxi full of CDROMS across town (or
mail it some arbitrary distance) than to create a point-to-point microwave highway or
complicated digital network to deliver the same data, if you don't care when it gets there.
Plus, you have the advantage of keeping your expensive digital bandwidth available for
time-sensitive data. This is Information Theory 101.
Also, where does satellite fit in? It would be wireless RF (microwave), line of sight,
thousands of miles up and back.
• Let's not forget "audio" media for communication, sonic and ultra-sonic, as well
as
• "visible" using air or fluids (not fibers) as medium (blinking light, flags, etc),
• pressure signals are often used in hydraulic or pneumatic systems;
• mechanical signals are used for communication of status or RPM information;
• thermal signals can communicate information through various media (although
not always quickly);
• paper is a medium often used for communication, such as things we used to call
"books" or "newspapers".
What is the difference between centralized and distributed networks?
Answer
Centralized would be a network in one specific location and distributed would be a

network that is spread out over more than one location.
How can a network with 6 segments still comply to the 5-4-3

rule?
Answer
It's been awhile, but here goes:
The 5-4-3 rule is part of the 802.3 spec for Ethernet networks. Originally written to
define timing for end to end signal propagation in a 10Base-5 network. A station
transmitting at one end of the network must be able to detect a collision that occurred at
the far end of the network before it's timer allows it to transmit again. The spec says 5
segments of 500 meters separated by 4 repeaters (worst case). Under these conditions,
adding a 6th segment would put the network out of spec. If the 5 segments were 50
meters, theoretically the network would functional, but be out of compliance with 802.3's
5-4-3.
A more modern day example would be a 10Base-t or 100Base-T network with a

backbone hub (Hub1) and 5 uplinked hubs (Hub2-Hub6)
Although there are 6 segments, Station1 (connected to Hub2) and Station2 (connected to
Hub6) communication would be in 5-4-3 compliance because it only crosses 3 segments
and 3 repeaters. (Hub2--Hub1--Hub6)
How do you connect two differnet LANs with a single router?
Answer
Have each LAN run to a seperate switch. Then connect each switch to an interface on the
router.
What are advantages of client server?
Answer
File protection and security compared to peer to peer.
How do you know the IP address of each computer and the corresponding name of
the computer within the LAN?
Answer
well....depending on whether you're using a router or not you have 2 options that I can
think of right off
1st option is to run ipconfig on each computer and it will tell you the ip address of the
computer you are on. To get the name of the computer you can go to the network
configuration settings which I will explain in a bit how to get to.
2nd option type in the IP address of the router in the web browser of the one of the
computers connected to it, log in to the router with the username and password you used
to set it up with, and depending on the router you have you're going to want to look at the
log or look around in the different settings to see if you can't find a list of currently
connected devices almost eveyr router I've seen to date has had a list somewhere of the
devices connected to it
anyways back to option 1....in order to run ipconfig on your computer go to Start menu ->
Run (or hold the windows key and press r) type in ipconfig in the box that pops up....if
that doesn't work then try typing cmd in the box....you should get an msdos looking
window that pops up....from there type in ipconfig....after that look for the IP Address it
will be clearly listed there
now as for getting to the name of the computers....I'm not sure about other operating
systems but I'm pretty sure it's quite similar across all windows operating systems but I
will give you the exact instructions from Windows 2000 Professional which is what OS I
happen to run:
1. right click on the My Computer icon which is located on the desktop
2. left click on properties
3. Go to the Network Identification tab
4. Click the properties button
5. Look at the value in the Computer Name box
6. Now you know what the computer's name is
How do you move a file from one client to another by an application running on a
server?
one of the ways: Install a simple task automation application (such as Robo Task,
Robo Copy) on a server (i'm assuming that both clients have access to the server) and use
that to move a file from one PC to another.
What is the difference between Serial and Parallel Communication?
Number of channels
Serial Communications and Parallel communications both define a way of transporation

of data over networks.
• In Serial devices: transmit data bit-after-bit, serially over time. When 8 bits are
received, after 8 bit-times (plus a little extra for signal synchronization), they are
assembled back into a byte and delivered to the software.
• In Parallel communication: a word of some data length, say like 8 bits, travels all
at once, along multiple parallel channels (one channel per bit position). At the
receiver, an 8-bit byte is received every "bit time". In effect, you have 8 serial
channels transmitting and receiving data simultaneously, making it (by definition)
at least 8 times faster than a single serial channel using the same transceiver
technology.
From a system perspective, you can also refer to "parallel" channels for redundancy of
critical serial streams, where multiple identical copies of data are sent simultaneously,
and the receiver decides which data is valid, often by "voting" after detecting errors in the
data on one or more channels. In this case, the parallel channels provide no increase in
data throughput (compared to a single error-free channel), other than by reducing the
need for time-consuming re-transmissions when errors are detected. It is a trade-off
between speed and reliability.
Answer
A parallel link transmits several streams of data (perhaps representing particular bits of a
stream of bytes) along multiple channels (wires, printed circuit tracks, optical fibres.
A serial link transmits a single stream of data.
Can you see the IP address when you are using a dial up connection?
Answer
Copy and paste this link. http://www.ipchicken.com/ When you connect you will see
your address.
What is the difference between a Wireless Access Point and a Wireless Router?
Answer
A wireless Access Point (AP) connects a group of wireless stations to an adjacent wired
(Typically, Ethernet) LAN. An AP is like an Ethernet hub - except that a hub relays LAN
frames only to other 802.3 stations, whereas an AP relays 802.11 frames to all other
802.11 or 802.3 stations in the same subnet. (In English: "it allows communication
between wired and wireless..")
A wireless router connects a group of wireless stations to an adjacent wired (Typically,

Ethernet) LAN. A wireless router is a wireless AP combined with an Ethernet router. A
wireless router forwards IP packets between your wireless subnet and any other subnet.
Most routers also have a built-in firewall, and built-in Ethernet ports. (In English: same as
an AP, but you can network different subnets or networks (Example: your home network
and the Internet [Modem also required typically!] )
The secure socket layer protocol uses what port?
Answer
It depends on what SSL is being used for (HTTP, as in secure web pages; FTP; Telnet;
etc.). Below is a non-exhaustive list of various port numbers used for protocols with SSL
implemented:
• HTTP: Port 443

• FTP (Data): Port 989
• FTP (Control): Port 990
• Telnet: Port 992
• IRC: Port 994
• pop3: Port 995
What is the maximum number of IP addresses you can assign to a single network
card?
Answer
only one ip address we can assign to a single NIC
Answer
It varies depending on the operating system.
DOS, likely just 1.
Windows 2000, for example, can have at least hundreds of addresses assigned, but only
51 reliably work (51 total, spread out over all your nics, weather you have one or
several). After the 52nd is added, Active Directory takes a dump and bad things happen.
In Linux, it will vary by kernel version. Older kernels may be limited to 30 or so, whereas
newer ones will be much higher.
For the *BSD's, they'll generally handle more than Linux (and more efficiently), but I'm
not sure what the actual limit is.
Solaris on a 64 bit Sun platform probably would handle even more.
I've heard of people running thousands and thousands of IP addresses in certain network
simulation applications.
What do u exactly mean by end to end delivery of p...

hai
actually end to end delivery of packets is done by network layer. Network layer is
responsible for the packets to be delivered with reliability for every link i.e for every
routers it come across its path.so packet is delivered with reliability from source to
destination.
where as transport layer is reaponsible for process to process reliability.it gets the
packets from network layer demutiplex it to sen it to corresponding application
(FTP,Email,...) depending upon the portnumber that is specified.
how can we create VPN to connect to branch office ...

first of all what is VPN." VPN " stand for Virtual Private Network .Next how it works
and where it is used . VPN works when the IP Conficts and IP is conflict because we dont
use the PUBLIC IP means the IP we use is may be used by onther Company or Branch
then we use VPN it works in the MAC address principal means it doesnot work on the IP
it works Over the IP . And COMPUTER ,INTERNET or INTRANET, DHCP is required
for the VPN .
Please disregard the published answer to this question. This was not answer the
interviewer looking for. The question is how do you use VPN to connect branch office to
the other office. Not asking for explanation about VPN. Whoever who wrote the response
has absolutely no knowledge about MAC address and IP address. He doesn't even know
MAC addresses do not cross the segment and no knowledge about NAT (Network
Address Translation) when he talks about IP address conflicts. Best way to connect
branch offices via VPN is to have VPN concentrator (Cisco, Nortel or a SOHO VPN
enabled routers) installed and create LAN-to-LAN VPN tunnels between the offices.
There are so many ways to accomplish this at varying costs.
What MAU?
Short for Multistation Access Unit (also abbreviated as MSAU), a token-ring network
device that physically connects network computers in a star topology while retaining the
logical ring structure. One of the problems with the token-ring topology is that a single
non-operating node can break the ring. The MAU solves this problem because it has the
ability to short out non-operating nodes and maintain the ring structure. A MAU is a
special type of hub.
What is the difference between collision domain and broadcast domain?

Broadcast Domain is shows number of host is available.
Collision domain is the group of hosts in which collision can occur, but broadcast domain
consists of all the groups of hosts that can proceed the broadcast frame. Broadcast
domain may be collision domain but Collision domain may not be broadcast domain.
Broadcast Domain: A set of all devices that receive broadcast frames originating from
any device within the set. Broadcast domains are typically bounded by routers (or, in a
switched network, by VLANs) because routers do not forward broadcast frames.
Collision Domain: In Ethernet, the network area within which frames that have collided
are propagated. Repeaters and Hubs propagate collisions, LAN switches and bridges do
not.
What is the advantage and disadvantage of local area networks?

LAN Advantages:• Workstations can share peripheral devices like printers. This is
cheaper than buying a printer for every workstations. • Workstations do not necessarily
need their own hard disk or CD-ROM drives which make them cheaper to buy than
stand-alone PCs. • User can save their work centrally on the network’s file server. This
means that they can retrieve their work from any workstation on the network. • They
don’t need to go back to the same workstation all the time. • Users can communicate with
each other and transfer data between workstations very easily. • One copy of each
application package such as a word processor, spreadsheet etc. can be loaded onto the file
and shared by all users. • When a new version comes out, it only has to be loaded onto
the server instead of onto every workstation.LAN Disadvantages:Answer:• Special
security measures are needed to stop users from using programs and data that they should
not have access to; • Networks are difficult to set up and need to be maintained by skilled
technicians. • If the file server develops a serious fault, all the users are affected, rather
than just one user in the case of a stand-alone machine.
Which protocol is used for retrieving mails?
POP3 and IMAP4 are used to retrieve mails.
POST OFFICE PROTOCOL VERSION 3
INTERNET MESSAGE ACCESS PROTOCOL VERSION 4
IMAP4 stores a copy of message on the server whereas POP3 does not.
What is a Bridge? When is it used? How is a bridge configured? What are the
software and hardware components of a bridge?
A bridge is an layer 2 device - it works based on mac address. bridge is s/w based.
It is usually used to bridge 2 networks (or even more in recent times)
Bridge is configured by having the the mac address of the switches connected directly to
it.
Bridge is just like an connecting device in the inter network systems. It is work on the
mac layer and software based. It is used at the time of interupting the device from one
topology to another topology. Software components are making the connection between
the device and routing the device.
Bridge which is used to segment the network. So it reduces the network traffic between
the two segments.
Bridge are data link layer devices! Store and forward devices.Many organisation have
multiple LANs.LANs can b connected by devices called Bridges.
What is EGP (Exterior Gateway Protocol)?

It is the protocol the routers in neighboring autonomous systems use to identify the set of
networks that can be reached within or via each autonomous system.
What is autonomous system?

It is a collection of routers under the control of a single administrative authority and that
uses a common Interior Gateway Protocol.
Autonomous system has been assigned a number which differentiates it from other
autonomous systems to communicate. there is BGP working at to communicate with
other AS
What is piggy backing?

Piggybacking is gaining access to restricted communication channel by using session that
another user has already established. Piggybacking can be defeated by logging off before
leaving a workstation or terminal or by initiating a protected mode, such as via a
screensaver, that requires re-authentication before access can be resumed.
In this context,it simply sending the data with acknowledgement or something like
sequence no. , so both the things are encapsulated to form a packet and it s sent to the
destination
The technique of temporary delaying outgoing acknowledgements so that they can be

hooked onto next outgoing data frame is known as Piggybacking.(done to use bandwidth
effectively)
What is BGP (Border Gateway Protocol)?

It is a protocol used to advertise the set of networks that can be reached with in an
autonomous system. BGP enables this information to be shared with the autonomous
system. This is newer than EGP (Exterior Gateway Protocol).
In the BGP,the criterion is the policy,which can be set by the Administrator .the policy
defines what paths should be chosen.
BGP stands for Border Gateway Protocol. It is an inter-AS ( Autonomous System

Routing Protocol ). BGP is the routing protocol that runs the Internet. BGP is used to
interconnect network islands ( ASs ) together. BGP is the only IP routing protocol that
runs on TCP instead of IP like the other routing protocols, OSPF, RIP, EIGRP.
Also BGP is also known as a path vector protocol as it not only tells you how to get to a
network IP prefix, but it shows you an AS path of the reachable network.
There are two versions of the BGP protocol. EBGP ( External Border Gateway Protocol )
and IBGP ( Internal Border Gateway Protocol ).
Whats are the core differences Between TCP and UDP...
TCP-transmission control protocol, its a connection-oriented protocol and it is

synchronous in nature.
UDP-user datagram protocol, its a connectionless protocol, it is asynchrnous in nature.
TCP is connection oriented Protocol and UDP is not. in other words v say that in TCP we
recf. acknoledgment of any msg. but not in UDP.
In transport layer two protocols are working TCP , transmission control protocol and
UDP , user datagram protocol , TCP is also know as reliable protocol , means it is using
handshake process , where client requtest to server then establish the connection and then
transfer the packet then terminates it. In UDP , no relaibilty but packets are safe. when
long RTO is there that time packtes use to UDP.
TCP udpconnection oriented connection lesswaitng for acknowledgement not waiting

more secure less secure
TCP deals with packets and UDP deals with datagrams
TCP:
1.Connection oriented - 3 way handshake
2.all packets transferred between a client and server takes the same path
3.Reliable packet delevery
4.Error reporting mechanism available
5.Slow process as it waits for ack before sending next packet
6.Ordered delivery of packets
UDP
1.Connectionless
2.Each packet between a client and server may take various paths
3.Unreliable delivery
4.Datagram loss cannot be identified
5.Faster
6.Out of order delivery
What are the Advantages and Disadvantages of DHCP?...
Advantages
1. All the IP configuration information gets automatically configured for your client
machine by the DHCP server.
2. If you move your client machine to a different subnet, the client will send out its
discover message at boot time and work as usual. However, when you first boot
up there you will not be able to get back the IP address you had at your previous
location regardless of how little time has passed.
Disadvantage
Your machine name does not change when you get a new IP address. The DNS (Domain
Name System) name is associated with your IP address and therefore does change. This
only presents a problem if other clients try to access your machine by its DNS name.
DHCP Dynamic Host Configuration ProtocolAdvantageIf their are more than 100
Computers and if you want to assign ip address it is difficult so we use to simply
administrator work to assign IP Address automatcically.DisadvantageIf their is a DNS
AND WINS Server every time IP address changes had it will work according to Lease If
a client request a IP Address Automatically and if the DHCP Server is unable to contact it
will assign a APIPA Address.
DHCP is dynamic host configuratio protocol. It is assing automatic ip address to client

machine.
Advantage :- It minimize the administrative burden. By using DHCP there is no chance

to conflict ip address. DHCP support multiple scope like Unicast,multicast and
superscope. By using DHCP relay agent u r provide ip address to another network.
Disadvntage :- When client make query to DHCP server (DHCP Discover) it is UDP
query it consume more bandwidth. When DHCP server is unavaliable client unable to
access entrprises network.
What is difference between baseband and broadband transmission?

In a baseband transmission, the entire bandwidth of the cable is consumed by a single
signal. In broadband transmission, signals are sent on multiple frequencies, allowing
multiple signals to be sent simultaneously.
Baseband Signalling:
1)Uses digital signalling
2)No frequency-division multiplexing
3 Bi-directional transmission
)
4)Signal travels over short distances
Broadband Signalling:
1)Uses analog signalling
2)Unidirectional transmission
3)Frequency-division multiplexing is possible
4)Signal can travel over long distances before being attenuated

Baseband can carry both analog and digital signal where as broadband carries analog
signal.
Baseband is like point to point communication and broadband to is point to multipoint

communication.
base will carry single signal in a medium but broadband can carry multisignals through
single medium with shared bandwidth
what does CIDR stand for?

You can think of the Internet as one big network. As such, each device on the network
needs its own unique IP address. In the early days of the Internet, every device would
receive a registered IP address. As the Internet grew, however, it became apparent that
the number of hosts would quickly exceed the number of possible IP addresses. One
solution to the problem is Classless Interdomain Routing (CIDR). Classfull addresses are
IP addresses that use the default subnet mask. They are classfull because the default
subnet mask is used to identify the network and host portions of the address. Classless
addresses are those that use a custom mask value to separate network and host portions of
the IP address. CIDR allows for variable length subnet masking (VLSM) and enables the
following features:Subnetting, dividing a network address into multiple smaller subnets.
For example, this allows a single Class B or Class C addresses to be divided and used by
multiple organizations. Supernetting, combining multiple network addresses into a single
larger subnet. For example, this allows multiple Class C addresses to be combined into a
single network. Route aggregation (also called route summarization), where multiple
routes are combined in a routing table as a single route. CIDR routers use the following
information to identify networks. The beginning network address in the range The
number of bits used in the subnet mask For example, the routing table represents the
address as 199.70.0.0/21, where 21 is the number of bits in the custom subnet mask.In
addition to CIDR, the following other solutions were put into place to make efficient use
of available IP addresses:IP version 6. IPv6 uses 128-bit addresses instead of the 32-bit
addresses used with IPv4. IPv6 is not yet used on the Internet. Private addressing with
address translation. With private addressing, hosts are assigned an unregistered address in
a predefined range. All hosts on the private network use a single registered IP address to
connect to the Internet. A special router (called a network address translation or NAT
router) translates the multiple private addresses into the single registered IP address.
What is SLIP (Serial Line Interface Protocol)?
The need for a data link layer protocol to let IP operate over serial links was identified
very early on in the development of TCP/IP. Engineers working on the Internet Protocol
needed a way to send IP datagrams over serial connections linking computers together.
To solve the problem they created a very simple protocol that would frame IP datagrams
for transmission across the serial line. This protocol is called the Serial Line Internet
Protocol, or SLIP for short.
SLIP performs only one function: framing of data for transmission. It does nothing else
What is RIP (Routing Information Protocol)?

RIP is one of the most enduring of all routing protocols. RIP is also one of the more
easily confused protocols because a variety of RIP-like routing protocols proliferated,
some of which even used the same name! RIP and the myriad RIP-like protocols were
based on the same set of algorithms that use distance vectors to mathematically compare
routes to identify the best path to any given destination address.
What is subnetting? why is it used?

A portion of a network that shares a common address component. On TCP/IP networks,
subnets are defined as all devices whose IP Address have the same prefix. For example,
all devices with IP addresses that start with 100.100.100. would be part of the same
subnet. Dividing a network into subnets is useful for both security and performance
reasons. IP networks are divided using a subnet mask
A portion of a network that shares a common address component. On TCP/IP networks,

subnets are defined as all devices whose IP Address have the same prefix. For example,
all devices with IP addresses that start with 100.100.100. would be part of the same
subnet. Dividing a network into subnets is useful for both security and performance
reasons. IP networks are divided using a subnet mask
Subnetting is a way to divide ur n/w in the best possible way so the ip add do not get
wasted.
eg- a Class C n/w has 254 hosts but if ur n/w only needs 154 ip add ie 100 are wasted so
u can divide that as per ur need.
Allows the flow of ntw traffic b/w hoststo be segregate based on ntw config.. By
organizing hosts into logical groups, subnetting can improve ntw security & performance.
What difference between a directory and active directory?
Directory:In IT terminology Directory means a pouch where documents are

kept.Like,director consists of files & Documnets etc.
Active Directory:AD is related to servers.It is directory where all

users,groups,computers,network resources,list of users Admins and specialised users are
recorded.Like AD is Centralised database where the managable data is fed and all the
database elements,objects and classes are managed
What is Ipsec tunneling, how it works?

IP tunneling (IP encapsulation) is a technique to encapsulate IP datagram within IP
datagrams, which allows datagrams destined for one IP address to be wrapped and
redirected to another IP address. IP encapsulation is now commonly used in Extranet,
Mobile-IP, IP-Multicast, tunneled host or network.
What is the Pros and Cons of layer design?

I know only the advantages of Layered design. We can treat each layer as a problem area.
Say for example, data link layer, people can concentrate only on the device driver only,
they dont need to worry about the network related meaning how the packet can be routed
etc. The only responsiblility of the device driver layer is to grab the packet destined to the
local MAC and pass the frame to the network layer. Similary the network layer doesnt
need to worry about how the packet is reached to the local machine. Its only
responsibility is to check whether the packet belongs to the local machine or to be
forwarded. Also build the routing table to forward the packet. This way, each forum can
precisely concentrate on one problem/layer.
Name three network tools used to determine where a network connectivity is lost
between two sites A&B?
PING
TRACERT
PATHPING
What is the HELLO protocol used for?

The HELLO protocol uses time instead of distance to determine optimal routing. It is an
alternative to the Routing Information Protocol.
it is used to discover neighbours,when a hello packet is recieved it gives its IP address

which is matianed in routing tables..
what is an email client? what is differnce between email client and web mail.
Email Client
Email clients download your emails onto your computer. Using a specialized email
program such as Outlook Express or Apple Mail has the advantage of giving you
complete control over your email; every email you receive is placed on your computer
and you can keep as many large file attachments as you want.
Webmail
If you host with Needmore Designs, you have a limited amount of space available for
your web mailbox. For daily use, you will want to use an email client. Nevertheless, you
might find that you want to check your email while traveling.
Checking your email through our webmail is similar to using Hotmail or YAHOO! Mail.
You never actually copy your messages to your computer; in fact, you are looking at
them through your web browser on somebody else's computer. When you are not online,
you are not able to see your email.
What is a Network cable?
A Network cable is a 8-pin high speed cable used to transmit data through computer
networks, LAN, ISDN, & T1 connections. These cables are also called Ethernet cables,
Cat5 cables, Cat5e cables, Cat6 cables, & RJ45 cables
What is a Cat5 cable?
A Cat5 cable provides minimum performance of 100 MHz. Most commonly used for
networks with data transfer rates up to 100 Mbps. Used with 10BASE-T and 100BASE-T
networks.
What is a Cat5e cable?
A Cat5e cable provides minimum performance of 125 MHz and maximum performance
up to 350 Mhz. Enhanced version of CAT 5 (specifications added for far-end crosstalk).
Used with 10BASE-T, 100 BASE-T and 1000BASE-T networks (gigabit Ethernet).
What is a Cat6 cable?
A Cat6 cable provides minimum performance of 250 MHz and maximum performance
up to 550 Mhz. Used with 10BASE-T, 100 BASE-T, 1000BASE-T (Gigabit), &
10000BASE-T (10 Gigabit) networks.
When do I need a Cat5e cable?
Cat 5e cables are suitable for 10Mbps networks, 100Mbps networks, and 1Gbps
networks. Although Cat5e cables will work with 1Gbps networks, you may need Cat6
cables if you plan on expanding your network in the future because Cat5e cables will not
support 10Gbps networks.
When do I need a Cat6 cable?
Cat6 cables can provide your network with higher bandwidth. We recommend Cat6
cables for 1G networks and above. If you are installing a 10G network you must use
Cat6 cables.
What does Mbps and Gbps mean?
Mbps and Gbps are units used to measure data transfer rates.
Mbps = Megabits Per Second.
Gbps = Gigabits Per Second.
OK, well what is Mhz?

Mhz stands for Megahertz and refers to the frequency the cable transmits data on. For
example, on a 1000BASE-T (1 Gbps) network a Cat6 cable might transmit data at 1 Gbps
on a 400 Mhz frequency.
Will Cat6 cables work with Cat5 and Cat5e applications?
Yes. Cat6 cables are backwards compatible and will work with Cat5 & Cat5e
applications. This is called backwards compatible because Cat6 is compatible with all
previous standards.
What is an unshielded network cable?
Unshielded twisted pair (UTP) cables are made up of 8 internal wires and are the correct
solution for most applications.
What is a shielded network cable?
Shielded cables are used for increased protection from interference and crosstalk and are
typically used in electrically noisy environments. There are two main types of shielded
network cables:
FTP (Foiled Twisted Pair) - The UTP cable is surrounded by an outer foil shield.
S-FTP (Shielded and Foiled Twisted Pair) - The FTP cable is surrounded by an
outer conductor of braided shielding.
When do I need a shielded cable & which type do I need?
Shielded network cables are usually used when running cables near any equipment or
other cable that might cause interference with your signal. Common sources of
interference are radio towers, high-powered electrical conduit, or any other device
emitting electro-magnetic or radio frequency signals.
Are your cables terminated with the 568A or 568B wiring scheme?
Our network cables are terminated with the 568B wiring scheme.
Is the 568-A Standard different from the 568A wiring scheme?
Yes. The 568-A Standard is a set of specifications for network cables. It has nothing to do
with the 568A wiring scheme. Network cables from dCables are compliant with the 568-
A Standard set of specifications.
What is a Stranded cable?
A stranded cable is made of hundreds of thin copper wires within a jacket.
What is a Solid cable?

A solid cable is one solid piece of copper wire within a jacket .
Which type do I need, solid or stranded?
Solid and stranded cables both carry the same signal strength (up to 350Mhz for Cat5e
and up to 550Mhz for Cat6). Stranded cables are known for their flexibility and are used
for patch cables that are constantly being plugged, unplugged, bent or installed. All of
our patch cables are stranded cables. All of our bulk cable is solid because solid cable is
more suitable for long cable runs.
What is a plenum rated cable?
Plenum rated means that the cables meet the correct specifications for being run behind a
wall, in an air duct, plenum, or ceiling without a being in a conduit.
Can I run non-plenum rated cables behind a wall or in a ceiling?
Yes. If you need to run a non-plenum rated cable behind a wall, we recommend using a
PVC or steel conduit. This keeps unwanted persons or objects away from the cable itself.
What is a Crossover cable?
A crossover cable is a network cable that is terminated differently on one end (green and
orange pairs switched). This cable is used to connect two computers together without a
switch. It is also used to directly access some network hardware.
What is the maximum length ?
The maximum recommended length for Cat5e and Cat6 cables without a repeater is 295
feet or 90 meters.
What is RJ45?
RJ45 (registered jack 45) is the name of the connector used on computer networking
cables. Another industry name for the RJ45 connector is
8P8C
: short for "eight positions, eight conductors." This is a picture of a male RJ45 connector:
What is wide-mouth frog
Wide-mouth frog is the simplest known key distribution center (KDC) authentication
protocol.
it is used in cryptography, a key distribution center (KDC) is part of a cryptosystem

intended to reduce the risks inherent in exchanging keys.
Name any field of IP header that can prevent a packet to loop infinitely ?
It s time to live(TTL) of ip header
it fixes up a time to reach,if it s not reached within that stipulated time,it is being killed
by the auto timer...
What is difference between ARP and RARP?

The address resolution protocol (ARP) is used to associate the 32 bit IP address with the
48 bit physical address, used by a host or a router to find the physical address of another
host on its network by sending a ARP query packet that includes the IP address of the
receiver.
The reverse address resolution protocol (RARP) allows a host to discover its Internet
address when it knows only its physical address.
What is MTU of a link ?

Maximum Transmission Unit is the largest physical packet size, measured in bytes, that
a network can transmit. Any messages larger than the MTU are divided into smaller
packets before being sent.
Every network has a different MTU, which is set by the network administrator. On
Windows 95, you can also set the MTU of your machine. This defines the maximum size
of the packets sent from your computer onto the network. Ideally, you want the MTU to
be the same as the smallest MTU of all the networks between your machine and a
message's final destination. Otherwise, if your messages are larger than one of the
intervening MTUs, they will get broken up (fragmented), which slows down transmission
speeds.
Trial and error is the only sure way of finding the optimal MTU, but there are some
guidelines that can help. For example, the MTU of many PPP connections is 576, so if
you connect to the Internet via PPP, you might want to set your machine's MTU to 576
too. Most Ethernet networks, on the other hand, have an MTU of 1500, which is the
default MTU setting for Windows 95.
What is the difference between TFTP and FTP application layer protocols?
The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a
remote host but does not provide reliability or security. It uses the fundamental packet
delivery services offered by UDP.
The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for
copying a file from one host to another. It uses the services offered by TCP and so is
reliable and secure. It establishes two connections (virtual circuits) between the hosts, one
for data transfer and another for control information.
Describe a 3-way TCP/IP Handshake.
The communication b/w two tcp host are established by using 3-way handshaking.these
are request , acknowldgement ,and data transfer.
transmitting host sent request to receiving host,receiving host sent ACK to senting host
and then data is transfer from source to destination.
To establish a connection, TCP uses a 3-way handshake. Before a client attempts to

connect with a server, the server must first bind to a port to open it up for connections:
this is called a passive open. Once the passive open is established then a client may
initiate an active open. To establish a connection, the 3-way (or 3-step) handshake
occurs:
1. The active open is performed by sending a SYN to the server.

2. In response, the server replies with a SYN-ACK.
3. Finally the client sends an ACK back to the server.
At this point, both the client and server have received an acknowledgement of the
connection.
What is PING utility?PING stands Packet Internet Gopher. This is a utility for ensuring
connectivity between computers . ICMP protocol works behind this utility. Under it ,
sending node sends packets to destination node and reply is received if there is proper
communication between two.
can we use static and dynamic routing in one network.
W can use static and Dynamic Routing in one network. However Dyanmic Routing is
used to have the best path no matter what the status of the physical links.All routing
protocols have some sort of shortest-path or lowest-cost or best-choice algorithm to help
you weigh all the options available.
Static routing can be used in a small network to reduce the work of the network
administrator or to use a particular route only to forward the packet; we need static
routing.
What is the Network Time Protocol...

The Network Time Protocol (NTP) is a protocol for synchronising the clocks of computer
systems over packet-switched, variable-latency data networks. NTP uses UDP as its
transport layer. It is designed particularly to resist the effects of variable latency.
What are the types of Transmission media?

Signals are usually transmitted over some transmission media that are broadly classified
in to two categories.
Guided Media:
These are those that provide a conduit from one device to another that include twisted-
pair, coaxial cable and fiber-optic cable. A signal traveling along any of these media is
directed and is contained by the physical limits of the medium. Twisted-pair and coaxial
cable use metallic that accept and transport signals in the form of electrical current.
Optical fiber is a glass or plastic cable that accepts and transports signals in the form of
light.
Unguided Media:
This is the wireless media that transport electromagnetic waves without using a physical
conductor. Signals are broadcast either through air. This is done through radio
communication, satellite communication and cellular telephony.
What is redirector?
Redirector is software that intercepts file or prints I/O requests and translates them into
network requests. This comes under presentation layer.
What are the data units at different layers of the TCP / IP protocol suite?
The data unit created at the application layer is called a message, at the transport layer the
data unit created is called either a segment or an user datagram, at the network layer the
data unit created is called the datagram, at the data link layer the datagram is
encapsulated in to a frame and finally transmitted as signals along the transmission
media.
data unit in application layer is called data or message.
data unit in transport layer is called segment.
data unit in network layer is called packet.
data unit in data link layer is called frame.
data unit in physical layer is called bits.
What are 10Base2, 10Base5 and 10BaseT Ethernet LANs?
10Base2—An Ethernet term meaning a maximum transfer rate of 10 Megabits per

second that uses baseband signaling, with a contiguous cable segment length of 100
meters and a maximum of 2 segments.

second that uses baseband signaling, with 5 continuous segments not exceeding 100
meters per segment.
10BaseT—An Ethernet term meaning a maximum transfer rate of 10 Megabits per

second that uses baseband signaling and twisted pair cabling.

second that uses baseband signaling, with a coxial cable segment length of 185 meters
and this is thinnet cable.

second that uses baseband signaling, with not exceeding 500 meters per segment,use in
coxial cable this is thicknet cable.
10BaseT—An Ethernet term meaning a maximum transfer rate of 10 Megabits per
second that uses baseband signaling and twisted pair cabling.and distance doesnot exceed
more than 100 meters.
What are major types of networks and explain?

Server-based network
Peer-to-peer network
Peer-to-peer network, computers can act as both servers sharing resources and as clients
using the resources.
Server-based networks provide centralized control of network resources and rely on
server computers to provide security and network administration
What is terminal emulation, in which layer it comes?

Telnet is also called as terminal emulation. It belongs to application layer.
What is Beaconing?
The process that allows a network to self-repair networks problems. The stations on the
network notify the other stations on the ring when they are not receiving the
transmissions. Beaconing is used in Token ring and FDDI networks.
What do you meant by "triple X" in Networks?

The function of PAD (Packet Assembler Disassembler) is described in a document
known as X.3. The standard protocol has been defined between the terminal and the
PAD, called X.28; another standard protocol exists between hte PAD and the network,
called X.29. Together, these three recommendations are often called "triple X"
What is Project 802?

It is a project started by IEEE to set standards that enable intercommunication between
equipment from a variety of manufacturers. It is a way for specifying functions of the
physical layer, the data link layer and to some extent the network layer to allow for
interconnectivity of major LAN protocols.
It consists of the following:
802.1 is an internetworking standard for compatibility of different LANs and MANs
across protocols.
802.2 Logical link control (LLC) is the upper sublayer of the data link layer which is
non-architecture-specific, that is remains the same for all IEEE-defined LANs.
Media access control (MAC) is the lower sublayer of the data link layer that contains
some distinct modules each carrying proprietary information specific to the LAN product
being used. The modules are Ethernet LAN (802.3), Token ring LAN (802.4), Token bus
LAN (802.5).
802.6 is distributed queue dual bus (DQDB) designed to be used in MANs.
What is cladding?
A layer of a glass surrounding the center fiber of glass inside a fiber-optic cable.
What is attenuation?
The degeneration of a signal over distance on a network cable is called attenuation.
Difference between bit rate and baud rate.Bit rate is the number of bits transmitted
during one sec
Difference between bit rate and baud rate.Bit rate is the number of bits transmitted during
one second whereas baud rate refers to the number of signal units per second that are
required to represent those bits.baud rate = bit rate / N where N is no-of-bits represented
by each signal shift.
What is ICMP?
ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite
used by hosts and gateways to send notification of datagram problems back to the sender.
It uses the echo test / reply to test whether a destination is reachable and responding. It
also handles both control and error messages.
What is NETBIOS and NETBEUI?

NETBIOS is a programming interface that allows I/O requests to be sent to and received
from a remote computer and it hides the networking hardware from applications.
NETBEUI is NetBIOS extended user interface. A transport protocol designed by
microsoft and IBM for the use on small subnets.
What are the different type of networking / internet working devices?

Repeater:
Also called a regenerator, it is an electronic device that operates only at physical layer. It
receives the signal in the network before it becomes weak, regenerates the original bit
pattern and puts the refreshed copy back in to the link.
Bridges:
These operate both in the physical and data link layers of LANs of same type. They
divide a larger network in to smaller segments. They contain logic that allow them to
keep the traffic for each segment separate and thus are repeaters that relay a frame only
the side of the segment containing the intended recipent and control congestion.
Routers:
They relay packets among multiple interconnected networks (i.e. LANs of different type).
They operate in the physical, data link and network layers. They contain software that
enable them to determine which of the several possible paths is the best for a particular
transmission.
Gateways:
They relay packets among networks that have different protocols (e.g. between a LAN
and a WAN). They accept a packet formatted for one protocol and convert it to a packet
formatted for another protocol before forwarding it. They operate in all seven layers of
the OSI model.
What is passive topology?

When the computers on the network simply listen and receive the signal, they are referred
to as passive because they don’t amplify the signal in any way. Example for passive
topology - linear bus.
What are the important topologies for networks?
BUS topology:
In this each computer is directly connected to primary network cable in a single line.
Advantages:
Inexpensive, easy to install, simple to understand, easy to extend.
STAR topology:
In this all computers are connected using a central hub.
Advantages:
Can be inexpensive, easy to install and reconfigure and easy to trouble shoot physical
problems.
RING topology:
In this all computers are connected in loop.
Advantages:
All computers have equal access to network media, installation can be simple, and signal
does not degrade as much as in other topologies because each computer regenerates it.
What is the minimum and maximum length of the header in the TCP segment and
IP datagram?
The header should have a minimum length of 20 bytes and can have a maximum length
of 60 bytes.
Explain 5-4-3 rule?Subscribe In a Ethernet network, between any two points on the
network, there can be no more than five network segments or four repeaters, and of those
five segments only three of segments can be populated.
What is logical link control?

One of two sublayers of the data link layer of OSI reference model, as defined by the
IEEE 802 standard. This sublayer is responsible for maintaining the link between
computers when they are sending data across the physical network connection.
What is virtual channel?Subscribe Virtual channel is normally a connection from one

source to one destination, although multicast connections are also permitted. The other
name for virtual channel is virtual circuit.
What is virtual path?Subscribe Along any transmission path from a given source to a
given destination, a group of virtual circuits can be grouped together into what is called
path.
What is packet filter?

Packet filter is a standard router equipped with some extra functionality. The extra
functionality allows every incoming or outgoing packet to be inspected. Packets meeting
some criterion are forwarded normally. Those that fail the test are dropped.
What is traffic shaping?

One of the main causes of congestion is that traffic is often busy. If hosts could be made
to transmit at a uniform rate, congestion would be less common. Another open loop
method to help manage congestion is forcing the packet to be transmitted at a more
predictable rate. This is called traffic shaping.
What is region?
When hierarchical routing is used, the routers are divided into what we call regions, with
each router knowing all the details about how to route packets to destinations within its
own region, but knowing nothing about the internal structure of other regions.
What is multicast routing?Subscribe Sending a message to a group is called

multicasting, and its routing algorithm is called multicast routing.
What is silly window syndrome?

It is a problem that can ruin TCP performance. This problem occurs when data are passed
to the sending TCP entity in large blocks, but an interactive application on the receiving
side reads 1 byte at a time.
What are the advantages and disadvantages of the three types of routing tables?
The three types of routing tables are fixed, dynamic, and fixed central. The fixed table
must be manually modified every time there is a change. A dynamic table changes its
information based on network traffic, reducing the amount of manual maintenance. A
fixed central table lets a manager modify only one table, which is then read by other
devices. The fixed central table reduces the need to update each machine's table, as with
the fixed table. Usually a dynamic table causes the fewest problems for a network
administrator, although the table's contents can change without the administrator being
aware of the change.
What is a pseudo tty?Subscribe A pseudo tty or false terminal enables external

machines to connect through Telnet or rlogin. Without a pseudo tty, no connection can
take place.
How many computer networking formats or protocols are there?

In: Computer Networking
Answer
That's like asking "How many ways can you get from the library to the post office?".
There is no limit. There may be only a few efficient ways for getting directly from the
library to the post office, but if you want to go by the bank on the way, you will invent
your own path. Anyone can create their own protocols. New ones are created every day
and most of them are hardly ever used, or may only be used by one person. There are
common ones that you hear about like FTP, SMTP, etc. For a list of those, look in the
RFCs ( http://www.rfc-editor.org/rfc-index.html ). I know one of them has a list of all the
protocols. Not sure what it is, but I'll look that up and then post it here.
 What is the difference between a patch cable and a cross-over cable?

A patch cable is basically your common everyday cable. It is used to connect your NICs
or other devices to your hub/switch or what have you. With a patch cable the signal goes
straight through.
A cross over cable is a specialized cable. It basically has three roles: 1) It is used if you
wish to connect two computers together without using a hub. 2) It can be used to uplink
one hub to another in situations where an uplink port isn't available. 3) It is can be used to
daisy chain on a network device like a Cable modem in some situation.
When constructing a network it is a good idea to use a different color of network cable
for Cross-over cables. This helps prevent potential confusion. Go to Top
 What's the longest distance I can go between two points on my 100base-T or

10base-T network using Cat5 (UTP)?
Between any two points the max length is 100 meters (~328 feet). If you wish to go
beyond this, you can do so by using two cables of 100 meters or less and placing a
repeater between them. Hubs will function as repeaters. Go to Top
 Can I add an older system with a 10baseT card to my 100baseT network?

Yes, most 100baseT hubs and switches support both 10Mbps and 100Mbps standards.
The majority of newer hubs will adjusts to either 10Mbps or 100Mbps speeds by port.
With these systems you can freely add and remove the older 10Mbps devices without
worry. A few older hubs will adjust the speed of every port to the lowest speed of an
attached device. With these, every system is slowed down to 10Mbps when one 10Mbps
system is attached. Go to Top
 What is a NIC?
NIC is short for Network Interface Card. A NIC allows you to connect to connect to a
network, or network device. They come in a variety of shapes, sizes, and network support
lists. The most common network cards are PCI 10/100 ethernet network cards in desktop
systems, and PCMCIA 10/100 ethernet cards in laptops. NICs can be integrated into a
motherboard, or other device. This may be referred to as Onboard LAN. Go to Top
I have a few systems, and just got DSL. Do I just need a hub to share the connection
or will I end up needing a router/switch/another hub?
A hub won't do what you're looking for. You really have two options:
1. Have one computer w/ two NICs and use Windows Internet Connection Sharing to
route traffic to the network. (You can also use software like Wingate if ICS doesn't work
right for you).
(1 NIC connects to DSL modem, 1 NIC connects to hub, and the rest of the computers
connect to the hub. If you have two computers you can have two nics on one, and connect
the other computer via a cross over instead of using a hub)
2. Purchase a Cable/DSL router. These come in two forms. Some like the Netgear RT314
act as both a router to share the connection, and as a hub/switch. Others may require you
to use a hub in addition to the router.
Basically: With a Cable/DSL router w/integrated hub/switch the DSL modem connects to
the router, and the router connects to each computer.
One good thing about using a router is that it isn't dependent on a single computer to be
on in order to connect.
For more general information on this please see the guide:

How to build a Home Network?
Go to Top
 What do the CAT ratings mean for network cable?

The CAT rating tell you the frequency rating of the cable. Additionally it can give you an
idea of the typical use for it.
Types:
CAT 1. Lowest grade of cable. No Frequency rating. (1Mbs)
Typical use: Alarm systems, Intercom Systems.
CAT 2. Typical phone cable. Frequency max: 1mhz (4Mbps)
Typical use: Phone systems.
CAT 3. Typical 10base-T cable. Frequency max: 16mhz (10Mbps)
Typical use: 10base-T networks, 4Mbs token ring networks
CAT 4: Typical Token ring cable. Frequency max: 20mhz (16Mbps)
Typical use: 16Mbs Token ring networks.
Cat 5: Most common type. Frequency max: 100mhz (100Mbps)
Typical use: 100base-T networks / 10base-T networks
Cat 5e/6: High Speed cable. Frequency ~350+mhz
Typical use: 1000base-T over copper. (Gigabit Ethernet)
It's fine to use a cable type greater then what you need. You could for instance use Cat 5
cable for a phone system. It's actually good to use cable better then what you think you
 What is NAT?
NAT is short for Network Address Translation. In a nutshell, NAT allows a group of
computers to use a single IP address to communicate with the outside world or another
network. Additionally it separates External IP addresses from Internal network IP
addresses.
A device or program using NAT sits between the Internet and the network. It rewrites IP
addresses and port numbers on the fly so every packets appears to be coming from (or
going to) the single IP address of the NAT device instead of the actual source or
destination. This allows more then one system to access the Internet at the same time, and
it allows a measure of safety as the outside site never sees the internal IP address for the
system it's sending to. In this way, NAT also acts as a simple firewall. Go to Top
 I'm trying to setup a small network in my home. Is there anyway I can get out of
stringing all this ethernet cable from room to room?
Sure. You may want to consider building either a wireless network or a phoneline
network. Phone-line network adapters let you use the phoneline network that already
exists in your home to network computers in different rooms with access to wall phone
jackets. (They typically do not effect modem or phone usage). Wireless networks have
obvious benefits in that they have no cords and are ideally suited to mixed networks that
contain laptop/notebook systems. The draw back is that they are typically more expensive
than phoneline or ethernet applications.
1. What are the two types of transmission technology available?
(i) Broadcast and (ii) point-to-point
2. What is subnet?
A generic term for section of a large networks usually separated by a bridge or router.
3. Difference between the communication and transmission.
Transmission is a physical movement of information and concern issues like bit polarity,
synchronisation, clock etc.
Communication means the meaning full exchange of information between two

communication media.
4. What are the possible ways of data exchange?
(i) Simplex (ii) Half-duplex (iii) Full-duplex.
5. What is SAP?
Series of interface points that allow other computers to communicate with the other
layers of network protocol stack.
6. What do you meant by "triple X" in Networks?
The function of PAD (Packet Assembler Disassembler) is described in a document

known as X.3. The standard protocol has been defined between the terminal and the
PAD, called X.28; another standard protocol exists between hte PAD and the network,
called X.29. Together, these three recommendations are often called "triple X"
7. What is frame relay, in which layer it comes?
Frame relay is a packet switching technology. It will operate in the data link layer.
8.What is terminal emulation, in which layer it comes?
Telnet is also called as terminal emulation. It belongs to application layer.
9. What is Beaconing?
The process that allows a network to self-repair networks problems. The stations on the
network notify the other stations on the ring when they are not receiving the
transmissions. Beaconing is used in Token ring and FDDI networks.
10. What is redirector?

Redirector is software that intercepts file or prints I/O requests and translates them into
network requests. This comes under presentation layer.
Q: Why do some books specify that certain software components, such as

redirectors, operate at the Application layer, while others say that redirectors work
at the Presentation layer?
A: There are a few reasons for the discrepancy. First, there are many different types of
network redirectors, some of which are part of the operating system, and others (such as
the Novell Client 32 software for connecting a Windows machine to a NetWare network)
made by third parties. Additionally, some books reference the OSI networking model,
which consists of seven layers, while others are basing their statements on the DoD
model, which only has four. A component that operates at the Presentation layer of the
OSI model would be operating at the Application (or Application/Process) layer of the
DoD model.
Q: It's called TCP/IP. What are all those other protocols, and what are they for?
A: TCP and IP are the "core" protocols (sometimes called the "protocol stack"), but an
entire suite of useful protocols has grown up around them. Some of these provide for
basic functionality in performing such common network tasks as transferring files
between two computers (FTP) or running applications on a remote computer (Telnet).
Others are used for information gathering (SNMP, NETSTAT, IPCONFIG), and many
are troubleshooting tools that also allow you to perform basic configuration tasks (ARP,
ROUTE).
Q: What is the difference between TCP and UDP if they both operate at the
Transport layer?
A: Although both TCP and UDP are Transport layer protocols and provide the same basic
function, TCP is a connection-oriented protocol, which means a session is established
before data is transmitted, and acknowledgments are sent back to the sending computer to
verify that the data did arrive and was accurate and complete. UDP is connectionless; no
session, or one-to-one connection, is established prior to data transmission. This makes
UDP the faster of the two, and TCP the more reliable.
Q: What is the purpose of a networking model? How will knowing this theoretical
stuff help me in administering my TCP/IP network?
A: The models give us a way to understand the process that takes place when computers
communicate with each other across the network, the order in which tasks are processed,
and which protocols are responsible for handling which duties. Understanding the models
will help you to narrow down the source of your TCP/IP connectivity problems. For
example, if you know that the data is being sent but is not arriving at the correct
destination, you will know to start troubleshooting by examining what is happening at the
Network layer, since that's where addressing and routing takes place.
Q: Why do we need three different networking models? Why can't everyone use the
same one?
A: Actually, that was the plan when the ISO developed the Open Systems
Interconnection model. It was to be the common standard used by all vendors and
software developers in describing the network communication process. The DoD model
actually predates the OSI, and the seven-layer OSI model builds on (and further breaks
down) the components of the DoD model. However, individual vendors such as
Microsoft still use their own models, which map more closely to their software (such as
the Windows NT/2000 model), although they also use the OSI model as a guideline.
Q: What is a gateway, and why would I need one?
A: The word gateway has many different meanings in the IT world. A protocol
translating gateway translates between different protocols. Think of it as the United
Nations interpreter of the networking world. If the president of the United States needs to
exchange information with the president of France, but neither speaks the other's
language, they can call in someone who is fluent in both to help them get their messages
across. Similarly, if a mainframe system and a Windows 2000 computer need to
communicate with one another-perhaps the mainframe has important files that need to be
accessed by the PC-but they don't know how to "talk" to each other, you can install a
gateway to clear up the confusion. The gateway is even more skilled than the interpreter
is; it actually fools the mainframe into believing it's communicating with another
mainframe, and makes the PC think it is having a "conversation" with a fellow PC.
Gateway is also the term used to refer to the address of a router that connects your
network to another, acting as the gateway to the "outside world.
Q:
What is a Hardware Address (a.k.a. MAC Address or Physical Address)?
A:
Every Ethernet Network card that has ever been made is supposed to have a unique
Hardware Address. The Hardware Address is customarily hard coded into the network
card and is not normally allowed to change. Network switches use the Hardware Address
to direct communications. Network routers track the relationship between IP Addresses
and Hardware Addresses to direct communications.
A typical hardware address will look something like this '00:00:0C:0F:35:04' - there are
six pairs of hexadecimal (0-9,A-F) numbers in a hardware address, in this example they
are separated by colons, but can also be separated by dashes or periods, or the hardware
address can be presented in a single long string. See the following examples:
00-00-0C-0F-35-04
0000.0C0F.3504
00000C0F3504
The first 3 pairs (or first six numbers and letters) are known as the 'Vendor Code', the last
three pairs are the host code. You can check
[ http://standards.ieee.org/regauth/oui/oui.txt ] this list if you're ever interested in learning
who made a network card; in the above example the card was made by Cisco.
Remedy prefers the colons as separators. When searching in Remedy, or in the

[ http://control-center.oit.unc.edu/servlet/Router?mod=monitor&mod2=blox ] Blox
Monitor , searching on the Hardware Address is often the most reliable. You can find the
Hardware Address on a Windows system by running the command 'ipconfig /all' from the
'Command Prompt' or by doing:
'Start'->'Run'->'cmd /c ipconfig /all && pause'
Q:
What is an IP Address?
A:
As mentioned above every network card in the world should have a unique Hardware
Address that does not change. At any given time, on any given network, each computer
should be using a unique IP Address. Unlike the Hardware Address the IP Address is
subject to change and is controlled by the computer's operating system. Many computers
at UNC use DHCP to get a dynamically assigned IP Address each time they start up.
Most IP Addresses at UNC will start with 152.2, 152.19, or 152.23 and will look
something like 152.23.175.10.
There are both public and private IP Addresses. Public Addresses are assigned by the
authorities who control the Internet and are unique to each computer connected to the
Internet. Private addresses are assigned by the authorities who control the local network.
The 152.2, 152.19, and 152.23 addresses are public addresses. Some examples of private
addresses are those that start with 192.168., 172.29, 169.254., and 10.250. (See
http://www.faqs.org/rfcs/rfc1918.html for more details.)
Q:
What is NMap?
A:
NMap is a port scanning tool that the Security office uses to look at the ports a remote
system is using and to help determine which program is using each port. NMap output
will often be included in the Remedy worklog. Suspicious ports being open are often a
sign of infection or compromise of a computer. Programs like FPort and Vision can help
you to explore locally which program opened a port.
Q:
What is Snort?
A:
Snort is an Intrusion Detection System. UNC-Chapel Hill's Snort system watches a copy
of network traffic and looks for traffic that matches something from a set of Signatures.
These Signatures are designed to look for infected computers and attempts to
compromise computers. UNC has been using Snort for over 4 years and it continues to
help us daily in the detection of Security problems.
Q:
What is Tipping Point?
A:
Tipping Point is an Intrusion Prevention System. Unlike Snort which watches a copy of
the traffic, Tipping Point is a network device that has traffic passing through it. Tipping
Point also inspects network traffic for matches to its own set of Filters. If Tipping Point
sees traffic that is known to be bad, then the unit will stop that traffic and will not allow
the bad traffic over that part of the network. Any good traffic from the same computer is
still allowed to pass through. These Filters are very different from the Signatures that
Snort uses and because they are looking for different problems, the two systems
complement each other very well. UNC-Chapel Hill has been using Tipping Point since
the summer of 2003.
Q:
What is ASM?
A:
ASM is the Automated Security Manager from Enterasys, the company that makes many
of the network switches we use at UNC-Chapel Hill. ASM is one component of a larger
network management suite of programs. Networking and Security have implemented a
system where certain bad events, when seen by the Tipping Point, send a special message
to ASM. When ASM sees this message it will automatically find the user and either
remove them from the network or put them in the Self-Help VLAN. The Security office
is very careful about the events that Tipping Point uses to send messages to ASM; all are
events that have consistently indicated an infected machine.
Q:
What is the Self-Help VLAN?
A:
The Self-Help VLAN is a tool that has been developed by the Control Center, ITRC,
Networking, ResNet and Security. When we see a computer system having a problem,
one of the options we now have available to help them is to put the computer in the Self-
Help VLAN.
If a computer is in the Self-Help VLAN then its access to other computers and the
Internet is restricted. If the user opens a web browser they should see a special web page
with directions; any website that they try to visit will be redirected to this Self-Help page.
For example, if Google is their normal start page when they open their browser they will
see the Self-Help VLAN page instead of the Google page. The user should attempt to
follow the directions provided on this page. Any of the steps that they are able to perform
themselves will help their ticket to be resolved sooner. Another way to diagnose if a user
is in the Self-Help VLAN is by looking at their IP Address. If they have an IP Address
that starts with 10.250. they have been restricted to the Self-Help VLAN. To see a current
version of what a user in the Self-Help VLAN will see, you can visit:
[ http://help.unc.edu/?id=5665 ] http://help.unc.edu/?id=5665 .
Q:
What is StealthWatch?
A:
StealthWatch is another Intrusion Detection System. It is a new device to UNC-Chapel

Hill. Unlike Snort which looks for Signature matches, StealthWatch looks for machines
behaving differently than they normally do. This method of anomaly detection is another
way for Security to detect problems with computer systems, but since this is a new
product we still need to explore its capabilities.
Q:
What's the difference between Viruses and Worms?
A:
Viruses and worms are malicious programs that infect and often damage computer
systems. To be infected with a virus, the user has to perform some action, like opening an
email attachment or clicking on a link. Unlike a virus, a Worm can spread itself without
the user doing anything.
Many companies and administrators use the terms Virus and Worm interchangeably;
most often referring to a Worm as a Virus or by saying that it is a Virus that displays
Worm behavior. Some of these malicious programs do have multiple infection vectors
that are both Virus type infections where the user has to do something, and Worm type
infections where the user simply has to have a vulnerable computer system. The
infections we have seen in the past year were normally these types that have multiple
ways of spreading.
Q:
What is a Trojan?
A:
A Trojan is a malicious program that often allows a remote user access or control of an
infected computer system. A Trojan program often is very good at hiding itself. Because
many Trojan programs are well hidden and difficult to remove the ITRC upgrade to a
fresh operating system is often the best way to remove the infection.
Trojan programs are of particular concern because at any given time the remote user
could decide to erase all the data on an infected computer, to steal data from an infected
computer, or to use the infected computer to attack other computers.
Q:
What is a Spam Relay?
A:
A Spam Relay is another type of malicious program that is often very well hidden on the
computer and is often installed without the computer user's knowledge or permission.
Spam Relay programs turn infected computer systems into special mail servers that are
used to send unsolicited commercial email to huge lists of people. When a computer at
UNC-Chapel Hill becomes a Spam Relay it can result in other administrators blocking all
mail from all UNC computers. This could prevent your email from reaching other email
services. Like Trojan programs, Spam Relays are also often well hidden and difficult to
remove, so often the best way to clean them is an upgrade to a fresh operating system at
the ITRC.
Q:
What happened to the Penalty Box and Source Blocking?
A:
The Network Migration in the summer of 2004 resulted in some fundamental changes to
the way UNC-Chapel Hill's Networking group handles computers. Many of these
changes are a huge improvement to the network, but they also mean that the Penalty Box
and Source Blocking no longer exist. Those tools were special in the way the old network
saw computers; as outlined above, the new network views them differently.
Anti-virus Software
What is it?
Anti-virus software protects email, instant messages, and other files by removing viruses
and worms. It may also quarantine infected files to keep a virus from spreading on your
computer and can repair infected files so you can use them without fear of damaging your
computer or spreading a virus to others.
What risks are involved?

If your computer isn't fortified against the most recent viruses, you leave your system
wide open for every bug, worm, and virus floating around the Internet. These debilitating
bugs and viruses can cause your computer to malfunction. They may also make your
computer vulnerable to identity thieves and hackers.
What can I do to protect myself?

Install anti-virus software on your computer and run daily updates. Sophos anti-virus is
free to all UC Davis students, faculty and staff, and can be used on home and work
computers. See the Software License Coordination web site to download Sophos.
How do I know if I have anti-virus software on my computer?

A computer with a properly installed anti-virus software will generally prompt you to
update the program every once and a while. If your computer doesn't ask you to update
virus definitions, you may not have virus software properly installed. Some of the most
common antivirus packages include: Sophos, McAfee, and TrendMicro.
Confidential Data Storage
What is it?
Confidential data is any information you don't want others to obtain without your
permission, including (but not limited to) your social security number, home address,
phone numbers of friends/family/colleagues/students, your drivers license or bank
account numbers, a list of all your passwords, your home address or phone numbers, your
employee ID number, digital images, word documents containing personal text, etc. Most
people store confidential data of some kind on their computers within Word files, address
books, or application settings.

If unauthorized persons gain access to the confidential information you are storing, they
could alter the information or use it to commit identity theft.
• Only store confidential information on your computer if it is absolutely necessary.

• Store confidential information on portable media, such as a CD, flashdrive, ZIP
disk or floppy disk. Secure the portable media in a locked cabinet when it is not
being used.
• Encrypt files containing confidential data. Encryption is available on some
operating systems. Refer to your operating system help center for instructions.
• Physically secure your computer (laptop or desktop) to the desk where it sits. You
can purchase a simple cable lock (similar to a bike lock) at any tech-supply store
for around $30 that will deter and usually prevent theft.
• Set your computer to ask you for an account password at login. If someone else is
sneaking onto your computer, this will prevent them from gaining access to your
files. For instructions on setting passwords, refer to your operating system help
center.
• Be sure to disable the "Guest" account, as use of this account is likely to be
untraceable.
Data Backups
What is it?
To back up your files, simply create a second copy of your important documents
somewhere other than your computer's hard drive.

If you don't back up your data, you run the risk of losing it. Your files could disappear
due to a virus, computer crash, accidental keystroke, theft, or external disaster.
• Back up critical and essential files on a daily basis and non-critical files on a
weekly or monthly basis. You can back up your data to a CD, to an online back
up service (for a small monthly fee), flash drive, USB key, or to a server, if you
can get access to one from your Internet Service Provider or commercial vendor.
Some companies offer automatic backups when you purchase their programs.
• Keep all your critical files in one place so you can easily create a duplicate copy.
• Store your backup media (CDs, disks, backup server, etc.) in a safe and secure
place away from your computer, in case of fire or theft.
• Periodically test the capability to restore from the backup media. It's of little value
to have a backup that is unreadable. To ensure that your backup files are reliable,
simply upload the files to your computer.
• Faculty/Staff: Check with your department's Technical Support Coordinator
(TSC) to find out if he or she runs regular backups of departmental computers.
DNS Security Enhancement
What is DNS?
DNS stands for Domain Name System. DNS servers are a critical part of the campus
network infrastructure and the Internet because they allow information on the Internet to
be available when you enter a URL in your Web browser. UC Davis disabled one
capability of the DNS servers --recursive DNS - to help improve security.
What is recursive DNS?

One example of recursive DNS is when someone who subscribes to an ISP (e.g.
Comcast) configures their computer to use the UC Davis DNS servers rather than their
ISP DNS servers to access the Internet.
How do I know if I'm using the UC Davis DNS servers?

If your DNS configuration uses 169.237.250.250 or 169.237.1.250, you are using the UC
Davis DNS servers.
Why are my DNS server settings blank?

Most ISPs provide DNS server information automatically, so you won't see anything in
the DNS server settings even though your computer is properly configured. Check with
your ISP to be sure.
What security risks are involved in recursive DNS?
1. Cache poisoning: An attacker could redirect users attempting to reach one site,
say a bank site, to a malicious site without their knowledge. For more information
about this type of attack, see http://www.lurhq.com/dnscache.pdf.
2. Recursive DDoS attacks: An attacker can send streams of DNS queries to caching
servers. As all of these servers answer the queries, the victim host is targeted with
a massive distributed denial-of-service attack (DDoS). For more information, see
http://www.us-cert.gov/reading_room/DNS-recursion033006.pdf.
Email Attachment Restrictions
What are email attachment restrictions?

To help prevent the spread of viruses, the campus prevents certain attachment types from
entering the campus email system. If someone sends you an email message with a file
attached and that file is one of the restricted file types, you will not receive the
attachment, but you will still receive the email message.
How will I know if attachments are removed from email messages I send/receive?
Recipients will receive a message clearly stating that an attachment was removed, the
name of the attachment, why the attachment was removed, and options for resending the
attachment as an unrestricted file type. However, senders of restricted file types will not
receive notification that the attachment was removed.
Is there a list of file types that are being restricted?

Yes. See Attachment Restrictions page.
What can I do if a file type I want to send is on the restricted file type list?
If you need to share a file type that is on the restricted list, consider renaming the file to
an unrestricted file type or using Web-based file sharing (such as MySpace, the file
sharing section of MyUCDavis) or removable media (e.g. CD, Zip).
Does this mean that all attachments I receive will be safe?

No. You should continue to use caution when opening email attachments. Do not open
attachments you were not expecting or from senders you don't know. Attachment
restrictions reduce but may not eliminate the number of virus-infected attachments that
reach the campus.
Email Virus Filtering
What kind of email virus protection does UC Davis offer email users?
The virus filtering software detects and deletes known viruses attached to all the
incoming and outgoing email messages that are processed through the central campus
email servers.
Who benefits from this email filtering service?

All those who send or receive email through the central campus email servers will benefit
from this service.
Why is email virus filtering necessary?

Not only are viruses annoying, but they can corrupt essential data stored on your
computer, thereby compromising the integrity of your computing system. Since 87% of
viruses originate or transmit themselves via email, the campus considers email filtering
an important part of computer security.
How does the virus filtering system work? What do I have to do?
As an email user, you don't have to do anything to benefit from this service. Here's how it
works: When you send an email, it always travels through an email server where it is
routed to the recipient (the person to whom you're sending it). The servers with this new
filtering software will act as "checkpoints," searching all incoming and outgoing email
messages for known viruses.
What happens if I send a virus-infected email message?

If a known virus is attached to your message, the software on the server will detect it and
delete it, protecting the recipient of your message from receiving the virus. As the sender
of the infected message, you will receive a short message notifying you of the virus
attached to your outgoing message.
What should I do if I get a notification message that I sent a virus-infected email?
• Be aware that the message and any attachment in question will not have been sent
to the intended recipient.
• While the virus infection will be removed from the email, the infected computer
from which the email originated will continue to be infected until virus removal
efforts are complete. Check for virus conditions on your computer by running
anti-virus software.
• Since certain viruses are clever enough to forge sender names, you might not
actually have a virus on your computer. Contact IT Express (754-HELP) or your
department's TSC for advice.
How do I know if my email goes through the central campus servers where this
virus-scanning occurs?
If you have been receiving email at an "@ucdavis.edu" address, you will automatically
benefit from this filtering service. If you receive email at an address that contains the
name of a department (such as "@dept.ucdavis.edu"), your email processes through a
separate department server.
My email doesn't go through the central campus servers. How do I find out what
kind of protection my department email server provides me?
Contact your department's Technology Support Coordinator. If you don't know who your
TSC is, visit the TSC directory to find out.
What else can I do to keep my personal computer virus-free?

The email filtering system will catch viruses in your email, but it is up to you to make
sure your computer is protected. The best way to do this is to:
• Configure your computer to seek virus definition updates from your anti-virus
software vendor on a daily basis. For more advice, contact IT Express at
(530)754-HELP.
• Not open any attachment to an email that has a suspicious subject line, file name,
or message. Remember: some viruses can forge themselves to appear as if they
are from someone you know; therefore, the "from" line alone cannot be trusted.
Encryption Basics
What kinds of information should be encrypted?

Restricted information such as:
1. Identity information (Social Security numbers, California driver’s license or

identification card numbers)
2. Financial account information (checking, savings and credit card account
numbers)
3. Student record information (grades, financial aid information)
4. Medical record information (diagnoses, treatment information, identity
information included in medical records)
Why should I protect restricted information?

Several federal and state laws say that you must. Several UC and UC Davis policies say
that you must. Failing to protect restricted information can have serious consequences,
including financial penalties for you, the campus and the University.
What is encryption software and what does it do?

Whole disk encryption software – like Pointsec for PC – garbles information stored on
computers so that it cannot be understood if accessed without using the password (or key)
that you use to un-garble (or decrypt) the information. If your computer is lost or stolen
and you have encryption activated, information on the computer will not be readable by
individuals who try to access it.
Will Pointsec for PC work on my computer?

At this time, Pointsec only works on computers running Windows XP, Windows 2000
and Windows Vista operating systems.
What will I see after Pointsec for PC is installed on my computer?
Once installed, Pointsec for PC encryption software is virtually invisible except when
you boot or power on your computer. Whenever you boot your computer, you will need
to enter your password.
If I have Pointsec for PC installed, is my computer encrypted whenever I’m not

using it?
No. Your information is encrypted only when your computer is off or hibernating, or
when you have turned on your computer but not yet entered your Pointsec password. To
ensure your data is protected by encryption without shutting down completely, select
Hibernate.
How do I know if Pointsec encryption is right for me?

If you must store restricted information on your computer for business purposes, you
may need to use encryption. To help you determine if encryption is the right solution for
you, please contact your technical support staff for assistance. If local technical support
is not available, Desktop Enterprise Solutions (DES) is available on a re-charge basis.
Contact desktop@ucdavis.edu or (530) 757-8907.
If I have my technical support person install Pointsec on my computer, will they

have access to data on my computer?
Your technical support person will have access to data on your computer only if they also
have a valid Windows account on your system.
Will my technical support person know my password?

No. Normally, the user account name and password are both reset during the first login.
What should I do if I forget my Pointsec password?

Contact your technical support person or cybersecurity@ucdavis.edu (UC Davis faculty
and staff only) to help you reset your password.
Can I get help on campus with Pointsec ME and/or Pointsec for Linux?
These items are available but not supported at this time.
What types of files can Pointsec ME encrypt?

Pointsec ME will encrypt almost any file type. If you have difficulty encrypting a file
using Pointsec for ME, please contact cybersecurity@ucdavis.edu.
Do I have to purchase Pointsec through campus Software Licensing Coordination?

The UCOP agreement requires a minimum order of 25 licenses. If you are ordering 25
licenses or more, you may purchase directly or via Software Licensing. If you are
ordering fewer than 25 licenses, you should purchase through campus Software Licensing
Coordination (https://my.ucdavis.edu/software).
Firewalls
What is a firewall?
A firewall acts as a protective barrier between your computer and the internet, monitoring
all incoming and/or outgoing traffic and allowing only the network traffic you permit.
Firewalls come in the form of software, which nestles itself between your operating
system and your network card. They also come in the form of hardware; for many home
and small office users, it is a simple router device that sits between your computer's
network jack and the wall connection. You can customize the level of protection the
firewall gives you, setting it to filter information flow from specific domain names,
addresses or types of network traffic.
How does a firewall work?

Hackers search the Internet in a way akin to dialing random phone numbers. They send
out pings (calls) to random computers and wait for responses. Firewalls prevent your
computer from responding to these random calls. If your computer doesn't respond,
hackers won't know it's there.
What are the risks of not having a firewall?

If your computer, like most, is automatically set to enable file sharing or to keep network
ports open while you are online, you could be susceptible to a variety of attacks. If you
don't have a firewall, which will monitor ports to stop unwanted traffic from slipping
through, you have to know how to manually close ports and disable file sharing in order
to control risky traffic from coming in to your computer.
What do I need to know before installing a firewall?
• A firewall is not the single solution to computer problems. As with other

computer security measures, malicious programs disguised as friendly ones can
circumvent a firewall.
• Like any add-on to your computer, a firewall can interfere with other applications
on your system.
• Firewalls may prevent campus vulnerability scanners from alerting you of a
problem on your computer.
• Depending upon which department and network you belong to, there may be
restrictions on the use of personal hardware firewalls/routers.
• If your computer comes with basic firewall capability or if you are thinking of
installing a firewall, you should contact your tech-support person first.
• Faculty and staff should consult with their department's Technical Support
Coordinator (TSC) before installing a firewall. Students can contact IT Express
(754-HELP).
Does UC Davis use a firewall?

Campus departments may now purchase Netscreen firewall products through Corsa at a
35% discount. To receive this discount, purchases must reference the UC Davis blanket
purchase order number. For additional information, visit the firewalls page.
Identity Theft
What is identity theft?

Identity theft occurs when personal information is obtained by unauthorized individuals
who then use that information to commit a crime such as fraud or theft.
Who is at risk for identity theft?
Everyone. Careful management of personal information, identification, and passwords
can help minimize your risk.
What are the risks?

Victims of identity theft often have to spend time and money cleaning up their personal
and financial records. In the meantime, they may be refused loans, housing or cars, or
even get arrested for crimes they didn't commit.
What is the campus doing to protect my personal information?

No matter what your affiliation with the campus, your personal information resides on at
least one campus computer system. The campus minimizes the number of systems on
which personal information resides and mandates a high level of security on these
systems. Individuals will be notified in the event that their information is obtained via a
security breach.
How can I protect my personal information?
• Order a copy of your credit report from each of the three major credit bureaus -
Equifax, Experian, and TransUnion. Make sure it's accurate and includes only
those activities you've authorized. California residents can order one free copy of
their credit report from each bureau annually. For more information on how to
obtain your free credit report, visit the California Office of Privacy Protection.
• Place hard-to-guess passwords on your credit card, bank, and phone accounts.
Keep your passwords and PIN numbers secret. Don't share your Kerberos
password!
• Use a shredder when discarding documents containing personal identification.
• Don't send personal information via email.
• When shopping online, make sure the site is secure by looking for the padlock
icon in the corner of the page that asks you to input your personal information.
• Don't keep personal information stored on computers unless necessary and
encrypted.
• Ask about information security procedures in your workplace.
IRC Bots
What are they?

IRC is short for Internet Relay Chat. IRC appears in software such as AOL Instant
Messenger, Yahoo! Messenger, and ICQ.
A bot, or robot, is automated software set to perform certain functions. Many programs
feature bots, which are not always malicious programs. An example of a peaceful IRC
bot is a digital chat room moderator that boots and bans users who flood the channel with
spam. Over the years, however, many malicious IRC bots have integrated themselves into
popular programs and are proving to be a growing security risk.

A malicious bot could record everything you type in your IM program. Should you
mention sensitive information such as credit card or bank account numbers, you are at
risk for identity theft. Bots can also create backdoors on your computer, giving hackers
quick access to your system.

Malicious bots tend to be both partnered with unofficial modifications to the IRC and
integrated into spyware applications. To avoid these bots, never download an unofficial
addition to a legitimate program and be sure to:
• Run an anti-spyware program on a weekly basis

• Virus scan all files on a weekly basis
• Download and install the latest operating system patches
• Enable Windows Firewall and/or purchase a third party firewall program
How do I know if I have an IRC bot on my computer?

You may not notice the presence of some bots. Others may slow your computer or show
symptoms similar to those of spyware and viruses.
The CERT-In: Indian Computer Emergency Response Team site explains the functions
of an IRC bot in detail and lists a technique to help Windows users locate IRC bots that
may be running on their systems.
Securityspace.com offers a free malicious IRC bot vulnerability test for registered users
(registration is free) at http://www.securityspace.com/smysecure/catid.html?id=14841.
Passwords
Are passwords really an important part of security?

Yes, strong passwords can prevent unauthorized people from accessing the information
you store on your computer, the applications you use that allow you access to others’
information and to services you use online (e.g. banking and shopping).
What is a strong password?

Strong passwords are those that would be difficult for others to guess – even those who
know you well. Let’s face it, most of us choose passwords that we can easily remember,
which usually means that we use a word, phrase or name we use in our daily lives. These
are weak passwords because anyone who knows you could probably guess them.
How do I create a strong password?

To create a strong password, use a combination of uppercase and lowercase letters,
numbers and symbols. The strongest passwords are 14 characters or longer. Avoid
repeating characters or using sequences.
How do I know if a password is strong?

There are a number of password checkers available on the web, including Microsoft’s
Password Checker: http://www.microsoft.com/protect/yourself/password/checker.mspx.
Phishing
What is it?
The term "phishing" (pronounced "fishing") refers to a form of fraud that uses email
messages that appear to be from a reputable business (often a financial institution) in an
attempt to gain personal or account information. The email message typically includes a
link to a fake Web site that appears identical to a legitimate page. The fake Web page is
used to collect the requested information. This information is then used for fraudulent
purposes.

Once personal or account information is obtained, "phishers" may access your bank or
credit card accounts, open new accounts in your name, or cash counterfeit checks on your
account.
• Be suspicious of messages requesting personal or account information.

• Be suspicious of messages threatening to close or suspend your account on short
notice.
• Do not click on links in email messages. The text you see as the link may not be
where the link takes you. Instead, type the Web page address in your browser.
• Check the authenticity of email messages by calling a company phone number
known to be genuine.
• Use caution when making donations online.
• File a complaint with the Internet Fraud Complaint Center.
Software Patch Updates
What is it?
Patches are updates that "fix" flaws in your operating system, the basic program that runs
your computer (e.g.Windows 2000, Windows XP, Windows Vista or Macintosh OS X).
Patches are released on an as-needed basis from your operating system vendor (such as
Microsoft or Apple) and should be installed as they become available.

If your operating system goes unpatched, it leaves your computer vulnerable to hackers
as well as viruses.
• Windows users: Set your computer to download operating system updates on a

regular basis. Look in your Control Panel and find System or Automatic Updates.
You can also find Windows updates in the Tools menu in Internet Explorer, or by
visiting Microsoft's Web site at http://windowsupdate.microsoft.com/.
• Mac OS X users: Consult the "software update" pane in the System Preferences
utility to manually or automatically schedule updates.
What is UC Davis doing to protect me?

UC Davis provides resources to assist you in protecting your computer.
• The IT Express Help Desk will help you configure settings for automatic updates
or help you with manual updates.
• Announcements are posted on TechNews and the Computer and Network
Security Web site when new patches are released.
• Technical Support Coordinators (TSC) are available for faculty and staff in
departments across campus.
Spam Filtering Basics
What is spam?
Spam is unsolicited commercial email, or that junk mail that you get in your email inbox.
What is spam filtering?

Spam filtering helps reduce the amount of spam you receive in your email inbox. There
are a number of ways this can be done.
Does UC Davis filter spam?

Yes, UC Davis uses a number of techniques to identify and filter spam, and enables you
to customize spam filtering for your campus email account.
How does the campus spam filtering service work?

UC Davis employs several different methods for identifying spam. These methods work
together to assign scores to potential spam email messages. The scores assigned are
based on lists of characteristics of known spam messages.
Does every email message receive a spam score?

Most email messages will receive a spam score, but not all. Messages receiving a score of
4 or lower are more likely to be legitimate email messages.
Can spam filtering accidentally delete legitimate messages?

Spam filtering is not 100% accurate, so you may want to check your UCD-spam folder
for false-positives. Through Geckomail or MyUCDavis, click UCD-spam from the list of
folders on the left. Your UCD-spam folder is not accessible from email client like
Outlook or Eudora unless you use IMAP.
Can I change the way the campus filters spam to my email account?
Yes, you can customize the way the campus filters spam to your email account by
visiting http://email.ucdavis.edu/secure/spamfilter.php. You can change the point at
which spam is filtered to your UCD-spam folder and when it is automatically rejected.
You can also create allow and deny lists.
I have my campus email redirected to a non-UC Davis email account. Will the
campus filter my email before it is redirected?
No, email is redirected before it is filtered.
My email is redirected to a departmental account at UC Davis. Will the campus

filter my email before it is redirected?
No. Not unless your department's system administrator or Technology Support
Coordinator is using the campus scanning and tagging service. Nonetheless, consult your
administrator, as they may have local filtering.
How will these measures affect class mailing lists or other address lists that go to UC
recipients?
List owners who have configured their lists to filter spam should see less spam get
through. People posting from off-campus may have difficulty if they're routing mail
through blocked mail servers, but that would be just as true if they were trying to mail an
individual on campus--the fact that the addressee is a mailing list rather than an
individual is not a factor.
Does UC Davis provide specially tailored filtering rules that I can use with my email
program, as an alternative to using the central campus spam filtering utility?
UC Davis not provide specific spam filtering rules, but does provide instructions for
setting up spam filtering on campus-supported email programs. You may access these
instructions and learn more about spam filtering options by visiting the Campus Spam
Filtering page.
What can I do if spam filtering set-up instructions are not available for my email
program?
Most email programs allow you to set up filters. You should consult help resources for
your program to see what anti-spam measures they offer.
If all messages with a high score are sent to a spam folder that is only accessible
through MyUCDavis and Geckomail, how can I make sure that the spam filter is
not sending legitimate email to this folder if I never use MyUCDavis or Geckomail?
The folder will be visible to any IMAP client; Geckomail is merely one example of an
IET-supported IMAP client. If a user has an email program configured to connect to their
server via IMAP, then no change in behavior will be required. Those who have
configured their email program to POP can change that configuration to IMAP. For more
information about POP and IMAP configurations, see The IT Express Knowledge Base
article on POP and IMAP.
Spam: Allow/Deny Lists
What are allow and deny lists?

Allow and deny lists enable you to further customize the campus spam filtering service.
All email originating from addresses on an individual’s deny list is prevented from
reaching that individual’s inbox. All email originating from addresses on the individual’s
allow list is permitted to reach that individual’s inbox, even if it would otherwise have
been marked as spam and filtered away from the inbox.
Why implement Allow/Deny Lists?

No single spam filtering measure filters 100% of spam. Allow and deny lists add an extra
layer of protection against spam. Legitimate email messages from news lists or
subscriptions to professional online magazines or other publications may be filtered as
spam (a “false positive”). By placing the sender’s email address on their allow lists,
recipients of these types of messages ensure that they will not be filtered as spam.
How do I create allow and deny lists?
Go to http://email.ucdavis.edu/secure/spamfilter.php.
Can I change allow and deny lists at any time?

Yes, and changes to accept and deny lists are effective immediately.
Can I add @ucdavis.edu addresses to my allow and deny lists?

Yes, campus email addresses can be added to allow and deny lists.
Can I add a domain to an allow list?

Yes. If you receive email from a particular domain (@ucdavis.edu, for example) that you
do not want the campus spam filters to scan (and possibly send to your UCD-spam folder
or delete), you can add it to your allow list. This will ensure that you get all email from
that domain.
Can I add a domain to a deny list?

Yes. If you receive email from a particular domain (@ucdavis.edu, for example) that you
always want the campus to send to your UCD-spam folder, you can add it to your deny
list. This will ensure that no email from that domain will reach your inbox.
Sample Spam Settings*
Cautious
Reject Spam** Aggressive** (Campus Defaults) Deliver A
Filter spam Yes Yes Yes No
To UCD-spam folder None 5 5 None
Summary No Yes Yes No
Delete Spam 5 10 15 15
What you can expect if All spam scoring 5 or Most spam will be Most spam will be You will
you choose these above will be rejected rejected automatically, either rejected or sent spam sco
settings. automatically. No email but some will be stored to your UCD-spam than15 th
will be sent to your in your UCD-spam folder. your ema
UCD-spam folder. folder.
Individuals who have Individuals who have Most of the campus Individua
previously used the previously used the community will find receive a
Who might want to campus spam filtering campus spam filtering that these settings directed
choose these settings? service and found that service and found that provide the greatest account,
moderate-scoring spam moderate-scoring spam level of accuracy with whether
could be rejected rather could be rejected rather the least amount of
than stored in their than stored in their spam delivered.
UCD-spam folder. UCD-spam folder
Set up allow lists to Set up allow/deny lists Set up allow/deny lists Set up sp
exempt certain email to further customize to further customize using yo
Other considerations addresses or domains. your email filter. your email filter. program’
Set up deny lists if you spam con
repeatedly receive spam
scoring less than 5 from
a particular address or
domain.
*You may want to make incremental changes to these settings until you find your desired
combination. Messages receiving a score of 4 or lower may be legitimate email
messages, so please use caution when filtering or deleting messages with very low scores.
** Please be aware that the more aggressively you filter spam, the more likely you are to
receive false positives.
Spyware
What is it?
Spyware is software that gathers information about your Web-surfing habits for
marketing purposes. Spyware "piggybacks" on programs you choose to download.
Tucked away in the fine print of user agreements for many "free" downloads and services
is a stipulation that the company will use spyware to monitor your web habits for
business research purposes.

Spyware takes up memory and space on your computer. It can slow down your machine,
transmit information without your knowledge, and lead to general computer malfunction.
You may choose to keep certain spyware programs on your computer in exchange for the
free services that accompany them, but you should be aware of how that might affect
your computer.
• Closely read user agreements for free programs before clicking, "I accept." Watch
for allusions to spyware and adware in user agreements.
• Regularly scan your computer with an anti-spyware program.
Viruses
What are they?

Malicious small programs that easily replicate themselves, infect your computer, and
often spread to others' computers via email attachments or network traffic.

Virus programs can delete files, format disks, attack other computers or slow your
system. They can also create "back doors" that allow hackers to run programs on your
computer or to gain access to your files.
How do I know if I have a computer virus?
A computer infected with a virus may suddenly act in unexpected ways. For example, it
may take longer to access files or to start up programs, or it may lock up often. You may
also notice uncommon sounds being played from your speakers, a variety of images
popping up on the screen, or problems starting your computer. These are all signs that
your computer could be infected with a virus.
• Install anti-virus software on your computer and run daily updates. Sophos Anti-
virus is available to all UC Davis students, faculty and staff for free on the
Software Web site.
• Install "patches" at your operating system's Web site to keep your computer
fortified against possible attack.
o Mac users: http://www.apple.com/support.
o Windows users: http://v4.windowsupdate.microsoft.com/en/default.asp.
• Visit the Vulnerability Self-Test page to scan your computer for the virus
infections and other critical security risks for which the campus scans.
• Do not open email attachments with suspicious subject lines, file names, or
messages. Some viruses can forge themselves to appear as if they are from
someone you know, therefore, the "from" line alone cannot be trusted.
• Be aware that viruses may come to you in links sent via Instant Messaging, email
attachments, infected disks, freeware, shareware, or file-sharing.
What is UC Davis doing to protect me?

Virus filtering software checks every incoming and outgoing @ucdavis.edu email
message for viruses. Widely-recognized viruses will automatically be filtered out of your
incoming email. New viruses may still sneak through until the filter is trained to
recognize them, which usually takes no more than 24 hours.
Vulnerability Scanning and Remediation
What is vulnerability scanning?

The campus scans computers that are attempting to connect to secure campus services,
(i.e., those requiring Kerberos passwords for authentication) and then denies access to
those determined to be vulnerable or infected. If no vulnerability or infection is found, the
user will be logged into the network without interruption. Most people may not even
realize that their computers have been scanned.
What will happen if my computer is vulnerable?

If an infection or high potential for infection is found on your computer, you will not be
allowed to access the campus network. Instructions for solving the problem and regaining
access will then be provided to you.
What happens if the campus encounters a problem on my computer that cannot be

fixed?
The campus may occasionally scan for critical problems for which no fix is yet available.
In this case, you may be warned of the problem; however, access to the campus network
will not be denied until a fix is available.
Will the campus scan my computer if I am attempting to connect to the campus

network from off-campus?
No, the campus only scans computers attempting to access the campus network from a
campus location.
What is the Self-scan service?

It allows you to test your computer for major viruses and vulnerabilities. Information for
repairing any vulnerabilities and/or infections found are provided as needed when the
scan is complete. To scan your computer, visit selfscan.ucdavis.edu and click "Test My
Computer."
Where can I get more detailed information about this service?

Additional information is available at
http://security.ucdavis.edu/secure/sysadminresource/vulnscan_faq.cfm. Access to this
page is restricted to campus system administrators. To request access, contact
itsecurity@ucdavis.edu.
Wireless
What is it?
The freedom to browse the Internet while sitting at your favorite cafe or relaxing on the
UC Davis quad. Wireless networks are sprouting up everywhere, including UC Davis.

Because wireless access points don't require a user to plug into a port, the networks are
often more difficult to monitor and secure. Many off-campus wireless areas won't require
you to sign in with a username and password. If you're buying things online or logging on
to Internet applications, it's a lot easier for someone to record your keystrokes and steal
your identity.
• When on campus, use MoobilnetX. See http://wireless.ucdavis.edu/ for more info.

• Restrict your online shopping to wired connections.
• Don't open programs that contain identifying information while you're on a
wireless network. In fact, don't keep your social security number, driver's license
number, or bank account numbers anywhere on your computer, period.
• Keep your computer secure by applying operating system corrective patches when
they are released by the software manufacturer and keeping your anti-virus
program up to date. Other computers participating in the wireless connection
could be infected or compromised and may attempt to spread virus infections or
attempt to hack into peer computers attached to the wireless network.
• Disable file sharing so that others can't help themselves to files on your computer.
For instructions, refer to your operating system help center.
What is hacking, and what is a hacker?
Movies like "War Games" and "The Matrix" have hacking as a major theme and although
great entertainment these movies are just that, ENTERTAINMENT!!!! Hacking in the
old school techno geek sense, is playing with all kinds of hardware and software to see
what makes it work. For example in the process of learning how a computer works, often
it is possible to screw up a computer configuration (so that it is unstable and prone to
crash, by default Micro$oft Windoze is unstable and prone to crash so in this case ya
have to hack a system to make it stable and useable), or access data by using a few simple
tricks (i.e. in UNIX the default settings allow users to access everything, so to secure a
network with UNIX you have to change the defaults in order to limit a users access).
A hacker is someone who enjoys the challenge of making a computer do something cool,
which is contrary to popular stereotypes in the media which depict a hacker as some sort
of social misfit who breaks into computers to steal credit card information or deface web
sites. If a hacker does explore a network the rules to live by is one "do no harm" and two
"don't get caught."
What is a cracker?
A cracker (sometimes called a black hat) is a hacker who turned to the dark side. Often
times crackers are immature individual who seek the excitement and notoriety of
cracking a system for tagging (i.e. deface a web site) or a cracker is someone motivated
by financial gain, (i.e. someone who gets into a computer network to steal credit card
information).
What is a script kiddy?
A script kiddy is a wantabe cracker. These individuals lack knowledge of how a

computer really works but they use well-known easy-to-find techniques and programs or
scripts to break into a computer to steal porn, music files, SPAM, etc.
What skill set do you need to be a hacker?
There is no magic to hacking, but like anything else that is worthwhile it takes dedication,
a willingness to learn, and most of all patients.
If you have old hardware, or software, try taking it apart and putting it back together (in
the process you will learn how the two interface). I use to play around with old 8088
machines I'd pick up at thrift stores for just such a purpose. Once you have a basic idea of
how hardware and software interface, the skill set is transferable to any system such as:
CPM, DOS, Windoze, UNIX, a MAC, etc......
The next skill you will need to pick up is basic programming (I suggest C, although you
can begin with other languages such as fortran, pascal, basic, etc.). Again you are not
interested in the specifics of a language, you are interested in the skill set of learning
about, loops, testing for conditions, setting up arrays in memory, etc.
When you have a basic idea of how a computer works and basic programming skills, it
becomes easier to understand TCP/IP and PERL, two important skill sets needed if you
want to be a "web hacker."
The next step up from web hacking is IT security, and here ya really have to know all
sorts of skills cause real money is on the line (i.e. someone is working for a bank, credit
card company, etc.). For an IT professional, the crucial things to know are ATM
technology, fiber optics, and a firm understanding of layers.
FYI ATM technology has replaced SONET (synchronous optical network) as the banking
machine technology that prevents people from breaking into the system and rerouting
your financial information, it's the technology used in North America's major backbones.
To get information from one location to another, fiber optics is used because it is more
difficult to intercept than consumer technology like WiFi. Having a math or physics
background is helpful understanding concepts like DWDM (dense wave division
multiplexing). DWDM is an optical technology used to increase bandwidth over existing
fiber-optic backbones, and sometimes to make the backbone more secure. It is basically
the division of a fiber-optic line into 32, 64 or 128 different channels or wavelengths.
Detectors are used for each wavelength within the fiber and therefore are totally separate
(and secure) from other wavelengths. This processes of using discrete wavelengths and
detectors in effect multiplies the information capacity of a fiber.
Understanding the layers of technology and how they interact is the third critical thing to
know for an IT professional. Basically the lower the number the more formal the
training...
Layer 1 - Link
(This layer defines the network hardware and device drivers)
Layer 2 - Network
(This layer is used for basic communication, addressing and routing. TCP/IP uses IP and
ICMP protocols at the network layer)
Layer 3 - Transport
(Handles communication among programs on a network. TCP and UDP falls within this
layer)
Layer 4 - Application
(End-user applications reside at this layer. Commonly used applications include NFS,
DNS, arp, rlogin, talk, ftp, ntp and traceroute)
Knowing how to find information and use information is often an overlooked hacker skill
(there is lots of information on the web, the problem is finding and making use of the
information out there).
If you master these skills and have a sense of maturity, then hacking a computer becomes
nothing more than using tricks you pick up over the years.
What kind of computer do you use?
You can use any kind of computer to hack (when ya think about it a computer is just a
tool, actually the most important tool ya have in hacking is your mind) but if you are
asking what I use, then the answer is a Mac. I use a Mac because the OS is better thought
out than the Windoze OS and the Mac has less bloat than Windows. I don't use Linux
cause I don't want to fool around with configuring every little item (out of the box the
Mac simply works).
With a Mac I have the best of all worlds, if I need to check out a program only available
in windows, then I would use "Virtual PC" a windows software emulator. If I need to
play around with UNIX, I would just switch to the terminal mode in OS X (the MAC OS
is now based on UNIX). One other nice feature about staying Micro$oft free is I do not
have to worry about a web based virus like "I love you" that takes advantage of the fact
that most users of windoze and office keep the factory default configuration.
The Mac may cost more than a typical Windoze or Linux box, but the difference is
something akin driving a Land Cruiser and a Ford F150 in the bush (both vehicles will
take you from point A to point B, but the Land Cruiser is a whole lot nicer to drive than a
Ford F150).
What's the best way to learn how to hack?
Like the Nike ad campaign said "just do it."
These days it has never been easier to learn how to hack and at the same time never more
dangerous.
The good news is, as time goes on computer hardware/software keeps on getting less
expensive and the processing power keeps on going up. At the same time there are
published books on the subject of hacking, lots of information on the web as well as
organized hacker conventions like defcon or toorcon (ya never know what kind of
interesting info you could pick up that might be useful at some future date). These are
just a few reasons why it easier to learn how to hack now as compared to the past.
Now for the bad news. Hacking networks for the simple pleasure of increasing ones
knowledge is frowned upon by politicians and corporate types who don't understand the
technology enuf to secure sensitive info. And after 9/11 there is a pretty paranoid mindset
with the powers that be, that the whole world is out to get them.
If the world was an ideal place hackers might be looked upon as magicians performing
"tricks" with computers, I kind of like this analogy of hackers and magicians cause both
groups break into or out of things and fool the masses.
How do you secure a computer, a network, etc?
Learn as much as you can about your own computer, network, etc. When you configure
something, keep things as simple as possible and resist feature creep.
You may discover that program interaction can cause a system to crash, for example a
compiler may work fine with a certain OS, a memory manager may work fine with a
certain OS, but if you combine the compiler and memory manager with a certain OS then
you may discover the system may be more unstable.
If you are tasked with securing a system, you may think that crackers are the biggest
threat. In reality the biggest threat to a system comes from within (for example if a
system is not idiot proofed you may get one user over writing their own files, over
writing another users files or maliciously altering data which may be scientific or
financial in nature). Other potential problems with authorized users are weak passwords
and some kind of computer virus.
To poke around a computer ya might also want to look into forensic software which is
used by various law enforcement agencies to get evidence of bad guys (like anything else
this topic is a double edge sword, ya want to keep your data secure from the bad guys but
if bad guys know how to secure data and cover their trail then it will be more difficult for
law enforcement agencies to catch bad guys).
If ya need to build a simple bullet proof web site that won't be hacked, the best choice
IMHO is a Mac using a basic OS9 install (the last non UNIX based Mac OS) and
WebSTAR. The reason this configuration is hack proof is because there is no there is no
command line interface hence no way to pipe data.
The best way to protect your computer is to separating data and software, which is what
the people in the know like the NSA do. Essentially the NSA maintains "air gaps"
between "red" machines which are dangerous (like those connected to the web), and
"green" ones which are safe. No software may go between the color-coded networks.
In any case it is important to always backup everything, and keep a backup of backup
(just in case you need to restore data on a system).
What's up with Linux vs. Windoze?
What good is the fastest processor in the world if ya don't have an operating system. All
operating system like Linux, Windoze, Mac, Unix, etc., when ya think about it pretty
much have the same basic operations, like copy files, save files, etc. The frills come in
when ya try to multi-task, when ya try an handle lots of data, etc.
So you're asking what's the big deal with Linux when Bill and his big old marketing firm
for the most part succeed in getting the public to use IMHO a piece of shit OS. Well the
reason most people stick to windoze is because micro$oft writes applications people use
every day (like explorer for browsing, word for doing word processing, excel for spread
sheets, power point for presentations, etc.). Furthermore windoze gives people the
impression of being a bargain (by that I mean micro$oft throws in all sorts of junk like a
media player, games like solitaire, etc.). For the most part Windoze is OK if all ya want
to do is run off the shelf software, and it tries to make installing said warez easy to install
and use.
The problem with windoze is that you can't scale things up, by that I mean could you
imagine keeping California's sale tax records on a PC running windoze, or something
even bigger like the IRS dbase and windoze is not stable "Blue Screen of Death," nuf
said! Unix and its variant OS's were designed from the ground up to run on main frames,
where resources could be scaled up and shared and it is a lot more stable than windoze
(when configured properly).
Basically windoze has its roots in the desk top computer, where typical users want ease of
use, and Unix has its roots in mainframes where serving information to larges numbers of
users with reliable was the basic design goal.
The basic reason a hacker must know Unix, Linux, etc. is because it is the key to
understanding how to do interesting tricks like breaking into a web site (among other
things). The problem with Unix, Linux, etc. is it is not all that easy to grasp its power, let
alone install (because there are literally millions of ways you can configure a system).
If you are running Windoze and want to learn about Linux, try getting partition software
so you an duel boot your machine, and install "red hat," "Lindow" (a company started by
the dude who also started MP3.com and is trying to make using linux as easy to use as
windoze), or ya might even want to check out the NSA which has a version of linux
which is optimized for security.
What the heck is a port? And why are they important?

So ya want to find out about ports eh? To check ports ya can use a port scanner which is
just a tool that allows you to check what ports are open, it is kind of like going to a
random building and turning all the door knobs and pushing up all the windows to see if
anyone of them is unlocked.
A port scanner is a legitimate tool when used by web masters or IT administrators to see
if a computer is locked down, it other words it can be used like a guard at a building to
see if non public areas are secure. Taking the analogy of building security a bit further,
lets compare a site or network to a storefront or museum. Port 80 is the basis of the web,
it basically is the http:// protocol, sort of like the public area of a storefront or museum.
In a store front or museum there are areas that store owners or museum curators don't
want to give the public general access to for obvious reasons, like storage areas, office
space, loading docks, etc. Now if ya get what I'm trying to say, then a port scanner can be
used to see if it is possible to access non public areas like the loading dock (ports 21, 20
which is FTP or a file transfer service), administrative offices (port 23 which is TELNET
and allows remote login), etc.
FYI there are 65536 ports available for use in TCP (Transmission Control Protocol) or
UDP (User Datagram Protocol) which are divided into three ranges. The Internet
Assigned Numbers Authority (IANA) manages the first range of 1024 ports (0 through
1023). The second range is the Registered Port Numbers which contain ports 1024
through 49151. The Registered Port Numbers can be used by ordinary programs and
users (basically these ports are generally used transiently when needed). The third range
is the Dynamic or Private Port Numbers which range from 49152 through 65535. These
last range can be used by applications and processes initiated by the user (but this is
uncommon).
There is lots of stuff you can do once you have access to a non public area of a building
or computer, for example if you are in building ya might be able to crawl through an air
duct to reach really secure parts of a building (but for the most part the only experience
most people have of checking out an air duct to reach a "secretive and secure location" is
done vicariously in a Hollywood movie).
When ya have access to a non public part of a computer system that is not yours, ya can
do all sort of stuff if you're cleaver enuf, like pipe various parameters into a program to
access even more parts of a system, find your way down to the ROOT, so you can
monitor everything just like the owner of the system and even erase or alter logs to cover
any evidence that you were in the system.
To illustrate an example what exploits are possible, ports 137, 139, and 445 run a piece of
software called "windows Management Port" which is ON all the time, but it is only need
when Windows sends data to the printer or looks for a machine in or office or home to
share files. If you hook up a broadband modem directly to the net, you expose these three
ports on your PC to be exploited. To prevent this exploit you can hook up your
broadband modem to a router, which then limits worms to only those ports you are going
out on (i.e. port 80 which is http:// or normal browser traffic).
What is a war dialer?
War dialers were first popularized when the movie "War Games" came out. To make a
long story short, most of them were written in some sort of "basic" language, when 2400
baud was considered high end.
Back in the day ToneLoc short for Tone Locator was the tool of choice to look for
carriers (like an ordinary wardialer) and to check out PBXs. Another golden oldie DOS
program of the era is BlueBeep an all-purpose phreaking/hacking tool.
What up with WiFi?
802.11 or WiFi is a neat way to network computers, this is because no wires are needed
to connect computers. Apple computer was the first major maker of computers to push
this concept, and soon after makers of other personal computers followed Apple's lead.
Coffee houses (like starbucks), have installed wireless networks because it is another way
for them to sucker in customers.
One way to achieve reasonable anonymity surfing the web is to find a free WiFi access
point (called a hotspot) that does not require a password or a subscription. Because
anyone can access the wireless network without identifying herself or himself first, free
hot spots in theory are perfect for terrorists, porn perverts and for individuals who
download music (because lawyers from the RIAA would have difficulty tracking down
individual users).
One file-distribution system that is trying to conceal even its users IP addresses is the
venerable Freenet, which breaks from the traditional mold of peer-to-peer networks by
cloaking the identities of both the people distributing copies of a file and those
downloading it. Because Freenet is intended to provide a near-uncensorable and
encrypted way to communicate, its designers specified that individuals may not even
know what files are stored on their hard drives. The downside: Freenet remains more
difficult to search and offers less content than do the most popular file-swapping
networks.
The major down side of wirless networks is that it is pretty easy to find out what other
users are up to since pretty much everthing is sent in the clear.... besides that WEP (first
generation WiFi security) can be cracked in 10 minutes.
4.1 What are some password basics?
Most accounts on a computer system usually have some method of restricting access to
that account, usually in the form of a password. When accessing the system, the user has
to present a valid ID to use the system, followed by a password to use the account. Most
systems either do not echo the password back on the screen as it is typed, or they print an
asterisk in place of the real character.
On most systems,the password is typically ran through some type of algorithm to

generate a hash. The hash is usually more than just a scrambled version of the original
text that made up the password, it is usually a one-way hash. The one-way hash is a string
of characters that cannot be reversed into its original text. You see, most systems do not
"decrypt" the stored password during authentication, they store the one-way hash. During
the login process, you supply an account and password. The password is ran through an
algorithm that generates a one-way hash. This hash is compared to the hash stored on the
system. If they are the same, it is assumed the proper password was supplied.
Cryptographically speaking, some algorithms are better than others at generating a one-
way hash. The main operating systems we are covering here -- NT, Netware, and Unix --
all use an algorithm that has been made publically available and has been scrutinized to
some degree.
To crack a password requires getting a copy of the one-way hash stored on the server,
and then using the algorithm generate your own hash until you get a match. When you
get a match, whatever word you used to generate your hash will allow you to log into that
system. Since this can be rather time-consuming, automation is typically used. There are
freeware password crackers available for NT, Netware, and Unix.
4.2 Why protect the hashes?
If the one-way hashes are not the password itself but a mathematical derivative, why
should they be protected? Well, since the algorithm is already known, a password cracker
could be used to simply encrypt the possible passwords and compare the one-way hashes
until you get a match. There are two types of approaches to this -- dictionary and brute
force.
Usually the hashes are stored in a part of the system that has extra security to limit access
from potential crackers.
4.3 What is a dictionary password cracker?
A dictionary password cracker simply takes a list of dictionary words, and one at a time
encrypts them to see if they encrypt to the one way hash from the system. If the hashes
are equal, the password is considered cracked, and the word tried from the dictionary list
is the password.
Some of these dictionary crackers can "manipulate" each word in the wordlist by using
filters. These rules/filters allow you to change "idiot" to "1d10t" and other advanced
variations to get the most from a word list. The best known of these mutation filters are
the rules that come with Crack (for Unix). These filtering rules are so popular they have
been ported over to cracking software for NT.
If your dictionary cracker does not have manipulation rules, you can "pre-treat" the
wordlist. There are plenty of wordlist manipulation tools that allow all kinds of ways to
filter, expand, and alter wordlists. With a little careful planning, you can turn a small
collection of wordlists into a very large and thorough list for dictionary crackers without
those fancy word manipulations built in.
4.4 What is a brute force password cracker?
A brute force cracker simply tries all possible passwords until it gets the password. From
a cracker perspective, this is usually very time consuming. However, given enough time
and CPU power, the password eventually gets cracked.
Most modern brute force crackers allow a number of options to be specified, such as
maximum password length or characters to brute force with.
4.5 Which method is best for cracking?
It really depends on your goal, the cracking software you have, and the operating system
you are trying to crack. Let's go through several scenarios.
If you remotely retrieved the password file through some system bug, your goal may be
to simply get logged into that system. With the password file, you now have the user
accounts and the hashes. A dictionary attack seems like the quickest method, as you may
simply want access to the box. This is typical if you have a method of leveraging basic
access to gain god status.
If you already have basic access and used this access to get the password file, maybe you
have a particular account you wish to crack. While a couple of swipes with a dictionary
cracker might help, brute force may be the way to go.
If your cracking software does both dictionary and brute force, and both are quite slow,
you may just wish to kick off a brute force attack and then go about your day. By all
means, we recommend a dictionary attack with a pre-treated wordlist first, followed up
by brute force only on the accounts you really want the password to.
You should pre-treat your wordlists if the machine you are going to be cracking from
bottlenecks more at the CPU than at the disk controller. For example, some slower
computers with extremely fast drives make good candidates for large pre-treated
wordlists, but if you have the CPU cycles to spare you might want to let the cracking
program's manipulation filters do their thing.
A lot of serious hackers have a large wordlist in both regular and pre-treated form to
accommodate either need.
4.6 What is a salt?
To increase the overhead in cracking passwords, some algorithms employ salts to add
further complexity and difficulty to the cracking of passwords. These salts are typically 2
to 8 bytes in length, and algorithmically introduced to further obfuscate the one-way
hash. Of the major operating systems covered here, only NT does not use a salt. The
specifics for salts for both Unix and Netware systems are covered in their individual
password sections.
Historically, the way cracking has been done is to take a potential password, encrypt it
and produce the hash, and then compare the result to each account in the password file.
By adding a salt, you force the cracker to have to read the salt in and encrypt the potential
password with each salt present in the password file. This increases the amount of time to
break all of the passwords, although it is certainly no guarantee that the passwords can't
be cracked. Because of this most modern password crackers when dealing with salts do
give the option of checking a specific account.
4.7 What are the dangers of cracking passwords?
The dangers are quite simple, and quite real. If you are caught with a password file you
do not have legitimate access to, you are technically in possession of stolen property in
the eyes of the law. For this reason, some hackers like to run the cracking on someone
else's systems, thereby limiting their liability. I would only recommend doing this on a
system you have a legitimate or well-established account on if you wish to keep a good
eye on things, but perhaps have a way of running the cracking software under a different
account than your own. This way, if the cracking is discovered (as it often is -- cracking
is fairly CPU-intensive), it looks to belong to someone else. Obviously, you would want
to run this under system adminstrator priviledges as you may have a bit more control,
such as assigning lower priority to the cracking software, and hiding the results (making
it less obvious to the real administrator).
Being on a system you have legit access to also allows you better access to check on the
progress. Of course, if it is known you are a hacker, you'll still be the first to be blamed
whether the cracking software is yours or not!
Running the cracking software in the privacy of your own home has the advantage of
allowing you to throw any and all computing power you have at your disposal at a
password, but if caught (say you get raided) then there is little doubt whose cracking job
is running. However, there are a couple of things you can do to protect yourself: encrypt
your files. Only decrypt them when you are viewing them, and wipe and/or encrypt them
back after you are done viewing them.
4.8 Where are password hashes stored?
For information on NT passwords, see the NT Passwords section. For information on

Netware passwords, see the Netware Passwords section. For information in Unix
passwords, see the Unix Passwords section.
4.9 Are there any password schemes that are safe?
No password scheme is "safe". In both NT and Netware, you have no choices. Any
problems found with recovering the password hashes or problems in the protocols used
during logon are usually left unsolved and simply "worked around". A good example
with NT is the fact that the LanMan hash is much easier to crack. To eliminate the
LanMan hash requires a lot of work, but it still doesn't erase the fact that you can still
crack the NT hashes.
With Unix, you may have a few more choices. See the section on SRP for details.
4.10 Is there any way I can open a password-protected Microsoft Office document?
Certainly! There are plenty of commercial programs that will do this, but we give props
to Elcomsoft for fighting the DMCA.
How do I hack? - There is no easy way how to hack. Google is your best friend..
REMEMBER THAT! Read any information you can find on hacking. Read hacking
forums and check out hacking websites. Learn a programming language like C++. Get a
book like Hacking for Dummies which will teach you alot.
What do I need to be able to hack? - Firstly you need to understand how your
computers operating system works, networks and protocols works, security settings and
general PC knowledge. After you understand how it works you need hacking tools which
helps you to hack.
What is command prompt (cmd- the little dos Windows)? - Go START, RUN and type
in: "cmd"
What can I do in cmd? - You can can do various things with it like run exploits or do a
ping request.
Why does some of the hacking tools I download just close itself when I open them? -
Lot's of hacking tools are DOS based and has to be run through CMD. If you double click
on the program it will open a DOS box and automaticly close the box. From CMD you
can navigate to the directory which your hacking tool is stored in and run it from there.
Other hacking tools are GUI ( graphical user interface ) based and it will open like a
normal Windows based program.
What is a IP address?
- Every computer connected to the Internet or some network has a IP
address. Goto START, RUN and type in "cmd" then type in "ipconfig" it
will show you your IP adress or adresses. It will look something like this :
81.35.99.84. IP = internet protocol.
How do I find someone's IP adress? - Look further down in this tutorial
and use IPSTEALER
What can I do with a IP? - Well you need someone's IP before you can
hack, portscan or DOS them.
What is IP ping ? –
- It's a command you can use to check if someone's IP address is online, to check it they
connected to the Internet or a network. In command prompt type in "ping 192.168.0.21" -
this will show you something like this :
Pinging 192.168.0.21 with 32 bytes of data:
Reply from 192.168.0.21: bytes=32 time<1ms TTL=128Reply from 192.168.0.21:
bytes=32 time<1ms TTL=128Reply from 192.168.0.21: bytes=32 time<1ms
TTL=128Reply from 192.168.0.21: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.0.21:Packets: Sent = 4, Received = 4, Lost = 0 (0%
loss),Approximate round trip times in milli-seconds:Minimum = 0ms, Maximum = 0ms,
Average = 0ms
That means you can succesfully PING IP 192.168.0.21 which means the IP is online. If
you get a message "request timed out" it means the IP is not online.
Bytes=32 is the ammount of data which was sent to the host.
Time<1ms is the time the host took to reply.
Now remember that even though you cannot ping a IP, it does not mean the host is not
online, ping requests might just be blocked.
Why can't I ping a certain IP? - Either the IP is not online/ in use or the person your
trying to ping is running a firewall which blocks ping requests or maybe your firewall is
blocking outgoing ping requests
What is 127.0.0.1 IP? - It is your PC's local loopback IP address.Its default IP of ur

system.
Why do I have two IP addresses when I do a ipconfig? - Well if your on a local LAN
(Local area network) you will have a IP like 192.168.0.1. If your also connected to the
internet you will have another IP address like 80.87.34.56. 192.168.0.1 is your local IP
which you use to comunicate with your local internet network (lan) and 80.87.34.56 is
your internet IP.
What is a static and dynamic IP address? - Static means permanent set IP address -
like a website will have a static IP address, it never changes. Dynamic means temporary
IP address - dailing up to the Internet with a modem or most ADSL connections has
dynamic IP's. Everytime you logon to the Internet your ISP ( Internet Service Provider )
will issue you a new IP address.
I have sent someone a trojan but I cannot connect to their PC? - Either they are running a
firewall which blocks you from connecting to their PC, or they are connected to the
internet through a router.
What do I do when someone is behind a router and I want to control their PC with a
trojan? - You will need to use a trojan which uses reverse connections - meaning you
don't connect to the host, the host connects to you. Bifrost is a trojan which has the
mentioned function. Remember when someone is behind a router and your using
IPstealer to get hold of their IP address, you are actually getting their routers IP, not their
actual PC's IP. The router will have the persons internet IP (WAN IP) and their PC will
have a difirent IP - their LAN IP.
How do I check if my own PC is infected with a trojan? - Do a port scan on your PC and
check which ports are open. If you find any open ports in this trojan port list you might
be infected with a trojan. Download the trojan you think you might be infected with and
connect to that specified port.
What is a router?
- - A device which is used to route data on a network. a Router decides where certain
traffic should be sent to.
What is a firewall?
- - Its a software or hardware device which can block or permit certain ports or IP's or
certain kinds of data.
What is a port and what can I do with it?

- - Every program running on your PC which has some network function uses a specific
port to send an receive data though. If you do a port scan you will see which ports are
open on the host you scanned. Port 80 is normally a web server. Port 21 a FTP server ect
ect.. Trojans also uses ports. Check this list of trojan ports, if you find an open port in this
list, the host might be infected with a trojan, download the trojan and try connecting to
the port.
How do I do a port scan?

- - You need a program like superscan to do a portscan. Then all you do is add the ip you
want to scan.
Why do you want to scan ports?

- - If you scan a PC with a port scanner, it will show you which programs or services are
running on the PC.
Common ports:
Ping : 7Systat : 11Time : 13NetStat : 15SSH : 22 Telnet : 23SMTP : 25Whois :
43Finger : 79HTTP : 80POP : 110
What is a exploit?
- - It's a poorly coded piece in software which you can use to gain access to the system.
There is many exploits available for the various MS Windows's out there.
How do I use a exploit? - You first need to compile the exploit with a program like
Bloodshed C++ compiler. Then you can start the exploit through command prompt and
see if the system your trying to exploit is vulnerable to that specific exploit. Scroll down
for more information about exploits.
What is a exploit POC?

- - POC stands for proof of concept and it the proof that a exploit works.
What is a DOS attack? - It is when too much data is being sent to a host and it cannot
handle all the data and disconnects from the Internet.
How do I see what connections is currently made to my PC? - In cmd type in "netstat" - it
will show you IP addresses of connections to your PC and what port it is using. Also you
can use Currports which has a GUI to show current connections and it has option to close
the connection on a certain port.
What is a MAC address?

- - Its a hard coded number, almost like a name which is embedded into a network card. It
identifies the manufacturer of the card and a unique number for the card. No two network
cards in the world has the same MAC address.
How do I find out my own or someone else's MAC address? -
Your own MAC = Goto cmd and type in "ipconfig /all"
MAC address looks something like this : 00-13-20-A3-0B-4C
Someone else's MAC address you need their IP address and then goto cmd and type in
"nbtstat -a 192.168.0.5" or whatever IP they use. This will show you their MAC address
as well as their currently logged on user.
What is a Windows Registry and how do I access it?

- - Its where Windows stores most of the configurations of your operating system and
most programs installed. You might used it to make a trojan server file you uploaded to
the PC run automaticly when Windows starts up. To access the registry go START, RUN
and type in "regedit"
Carefull what you change in the registry, it might screw up you PC.. First make a backup
of the registry.
What is IIS?
- - It is Microsoft's web server. IIS - Internet information server. Most webservers run on
port 80.
How do I check if a website is running on IIS? - Telnet to the website URL through CMD
- "telnet www.siteyouwanttocheck.com 80"
What is telnet?
- - Program which can be used to connect to remote computers or routers and to run
commands by simply typing them in its window.
How do I hack into a Gmail, Yahoo or Hotmail email account?

- - Every now and then someone discovers a way to get into those email servers, but the
service provider fixes the security hole so fast, there is no straight answer for that. Best
way is to install a keylogger on the victims PC and get their login details. Otherwise
download THIS program which you can use to brute force a hotmail account.
How do I hack into a POP3 email account?

- - Hydra 5.3 is a program which you can use to crack POP3 accounts. You will need a
wordlist which Hydra will use to crack the POP3 password.
What is a keylogger? - It is a program you install on someone's PC which captures every
key that is pressed on their keyboard which is emailed to you or stored into a file.
How do I get the administrator account password while logged in to the PC? -
Locally run a program like Adminhack for local administrator account cracking. If you
need to do it remotely run a program like Venom or Starbrute.
What is a SAM file? - SAM file is the file which stores all the user accounts and their
password hashes like the Administrator account. SAM file is stored in
"C:\WINDOWS\system32\config" but it is locked and inaccessable while you are busy
using Windows - meaning you can't copy it while your in Windows. You need to boot up
with another operating system like NTFSDOS or Linux with NTFS support. When you
copied the SAM file you can crack the passwords stored in the SAM file with a program
like LC5. With Pwdump6 it is possible to get access to the SAM file while logged into
windows. It can also connect to a remote PC and grab the password hashes from the
SAM file. Administrator account is needed. Ophcrack live CD uses rainbow tables to
crack user account password, and it boots from a CD.
How do I reset a administrator or some other account password on

Win2K/WinXP/WinNT/Win2003? - Download Offline NT Password & Registry Editor
which you can use to create a bootup disk or CD and then boot up the PC and then you
can reset the password. Just remember that this program will not show you the password,
you can only change the password.
How do I crack a administrator password? - If you need to crack a administrator

password you will need to copy the SAM file to another machine and crack it. Download
this NTXP-Cracker program which has included everything you need to boot up the PC,
copy the SAM file and crack the SAM file on another machine.
How do I find out what operating system does my target run? Result:
C:\>detect.exe 127.0.0.1[*]------------------------------[*][*] XP/2K OS Detector [*][*] by:
illwill & phr0stic [*][*]------------------------------[*]
[+] Finding Host 127.0.0.1[+] Connected to 127.0.0.1[+] Bytes Sent: 222[?] The box
seems to be Windows XP

Computer Networks FAQs

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Computer Networks FAQs

Загружено:

Авторское право:

Доступные форматы

Computer Networking, Security and Hacking FAQs

-------ALL THE BEST-----------

Q.)What is the difference between a Hub, Switch, and Router

Q.)Who Created the Internet Network?

• Ethernet - The physical communication technology underlying the Internet,

• TCP/IP - In May, 1974, the Institute of Electrical and Electronic Engineers

This protocol later became known as TCP/IP.

Q.)What are TCP Ports?

• Well Known Ports are those from 0 through 1023

The list of TCP and User Datagram Protocol (UDP) ports is

Q.)What are the differences between Category 3, 4, 5, etc. cable

Ans: Level 1: Basic telecommunications and power limited circuit cable.

Category 3 (CAT3) is rated for transmission frequencies up to 16MHz.

Twisted-pair (not flat) phone wire.

CAT 4: frequencies up to 20 MHz... Voice and data transmission rates up to 16 Mbps.

CAT 6 Supports transmissions up to 250 MHz.

Q.)What is the difference between an Ethernet hub and switch?

Two computers can be connected directly together in an Ethernet with a crossover

CAT-5 wiring for analog and digital signals in broadcast ...

Additional info for those contemplating the installation of network cable:

I would use solid core cable for audio work.

See Attaching CAT 5 Network Cable to Studs and Joists.

See http://duxcw.com/digest/Howto/network/cable/cable9.htm for other cabling rules. Be

Q.)What is an Ethernet MAC address?

The MAC address/station ID may be printed on the NIC.

It is possible to change/override the MAC address with Windows, etc.

A vendor/Ethernet MAC address lookup service is available at

Q.)What is the cause of most network problems?

A. DHCP = Dynamic Host Configuration Protocol is an Internet protocol. It resides in a

More DHCP Questions and Answers.

Q.)What are private IP addresses?

Also, IP addresses in the range of 169.254.0.0 -169.254.255.255 are reserved for

These IP's should not be used on the Internet.

Q.)What is Automatic Private IP Addressing (APIPA)?

You may want to turn-off this feature if...

... to obtain a list of command options.

See Microsoft Knowledgebase Article Q220874, Automatic Windows 98/Me TCP/IP

Q.)What are 10BASE2 and 10BASE5 Ethernet Networks?

Q.)How can I test twisted-pair Ethernet cables?

Another test is to substitute a cable to be tested for another one in an

Q.)How do I test an Ethernet network interface card (NIC)?

net diag is a useful low-level network test.

Q.)How is Network Performance Measured?

The following equations define the mathematics behind these terms:

• 1 Kbps = 1 kbps = 1 kilobit per second = 1,000 bits per second

• 1 KBps = 1 kBps = 1 kilobyte per second = 8,000 bits per second

Capacity is normally measured in units of "kilobytes," "megabytes," and "gigabytes." In

No port forwarding defined:

What is the maximum length of an ethernet cable (AKA segment) ? (#7800)

COPPER (UTP & COAXIAL) LENGTHS:

Gigabit Ethernet (over copper), 1000baseT

Fast Ethernet, 100BaseTX

Twisted Pair Ethernet, 10BaseT

Thin Ethernet, 10Base2

Thick Ethernet, 10Base5

10BaseFL (Multimode fibre)

100BaseFX Half-duplex (Multimode fibre)

100BaseFX Full-duplex (Multimode fibre)

100BaseFX Full-Duplex ONLY (Singlemode fibre)

2004-12-22: an IP address (Internet Protocol address) is a unique identifier that

What is a dynamic IP address?

2006-11-26: A dynamic IP address is a TCP/IP protocol address which is assigned on the

What is a domain name?