My very own N+ Blog!!

Discussion in 'Network+' started by Malnomates, Jan 7, 2007.

  1. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    Thanks Blue 8)

    IPsec is one that I missed in that thread. IPsec is a widely implemented and secure protocol suite that implements authentication and encryption through two main modes, TUNNEL mode and TRANSPORT mode. The difference between the two modes is mainly that TUNNEL mode encrypts the entire IP packet whereas TRANSPORT mode encrypts only the actual message within the packet. Security is based on AH and ESP, though the details of both escape me right now. I will make further investigation into IPsec and make a seperate post dedicated to security protocols in more detail.

    You know what? I think sall this stuff is finally sinking in!, how about you?
     
    Certifications: A+ Network+
  2. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    Just about everything we've seen so far involves manipulation of softwrae, manipulation of hardware, installation of this, configuration of that, but there is another aspect that we should cover and one that I can present first hand experience of. So pack your panties, rub in the chocolate body paint and get ready for the next exciting rollercoaster ride through ......

    OI MUSH!That's MY server!!!!

    Securing your network doesn't just mean a tickbox here and a policy there, NO!!-it also means looking after the physical ASWELL AS the less physical side of things.I am not entirely certain that this subject would appear in an N+ exam but nonethless it is an important one and has some poignant points, so shut up, quit complaining and read on....

    Physical Security

    You have all seen them, those spooky, cold server rooms and IT cubbyholes that your company 'geekmeister general' inhabits. Short of castle ramparts and crocodile infested moats, these rooms are usually well secured, well policed and with good reason, for they contain some of-if not THE-most valuable assets within any organisation-DATA.....UUUGGHHH!!!

    If you have the job of securing your hardware, as a network administrator, then do just that! There are a plethora of ways to secure it, but secure it you must. Whether it is a simple lock and key scenario or the use of high-end biometric access decices, YOU carry the can if something goes missing, no exceptions!

    -set up your users diligently, make sure your users/groups have only the permissions necessary to carry out their allotted tasks.

    -set up, document, monitor and maintain a workable PASSWORD policy. Passwords need to be strong, a combination of letters and alphanumerics and AT LEAST eight characters long. Passwords won't stay secret for long so ensure your passwords are changed with at least some regularity.

    -implement 'POLICIES'accordingly. Policies a akin to permissions but have nothing to do with folder permissions. Policies allow an administrator to control services by issuing policies. For example you might find that your workstation, or indeed ALL of the workstations in your group may not be able to enter a command prompt, or maybe not be able to change wallpaper or background settings. These restrictions are typical of POLICIES and group POLICIES and give you, as the administrator, tighter controls over the ability of your users (or rather the users' workstations) to perform or not perform certain services.

    -Know that LINUX has NO POLICIES persay

    -Implement PORT FILTERING if necessary and remember that a proxy can use dynamic ports, so for example a user may access HTTP through port 80 but the response (the web page itself) may come in through port 180. Proxies can change both IP and PORTS but at the cost of network speed. Roters perform NAT and act in a faster manner when doing so (argue the case on this one).

    NAT, PROXY SERVERS & PORT FILTERING are all FIREWALLS

    -Use encryption for your data transfers and implement the strongest encryption that is suitable for your purposes.

    -PUBLIC KEYS use strong encryption, typically 128 bit encryption

    -PRIVATE KEYS A sender transmits a public key to the node that wishes to send that user data, the PRIVATE KEY then uses encryption to decode the data.

    -DIGITAL SIGNATURES runs a key called a HASH on PRIVATE KEYS, the reciever of the signature uses the PUBLIC KEY to generate a 'DIGEST' and compares the values to see if they match. I'm going to admit I may well be totally off the mark here, but I'm doing my best boss, honest I am!

    -DIGITAL CERTIFICATES typically issued (but not always issued ) by VERISIGN. A website that is awarded a digital certificate falls in the "this is a trusted website and your privacy is our concern" bracket. In other words it is a good thing to have since digital certificates verify a webpages integrity in terms of your private information, anonymity and content, thats my interpretation so far anyway.

    -VLANS virtual lans i've covered in a previous post if I remember rightly but for those that missed it--a virtual lan or VLAN is a way of splitting an existing network up into multiple networks and creating seperate collision and broadcast domains. If you have a lot of broadcasts flooding your network you could implement a VLAN and have ONLY the members of that VLAN talking to each other, to the point where no one outside of the VLAN can see them! This means broadcasts only hit the members of that particular VLAN thus increasing efficiency within your managed network. Further study of VLANS is advisable.
     
    Certifications: A+ Network+
  3. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Mal you are on fire!

    This statement could cause some argument among the pedantic.

    This is my take on them..

    To truly be classed as a firewall a product should protect the internal network from the outside and control what traffic is allowed to go out on any port. To do this effectively it needs t be able to look inside the packets and check to see if there is any dodgy looking stuff in there. This is known as SPI or Statesful Packet Inspection. A proper firewall checks for known DoS (Denial of Service) attacks etc. A proper firewall will have rules which either allow or deny the use of specific protocols, at specified times by specific users or groups to specific sites and services and it will dynamically open the required ports for the duration of the session only then shut them closed again - gotta love ISA!

    NAT certainly does offer some protection to the local LAN, it's primary function though is to share one public IP address with multiple internal addresses - the internal addresses will be in a private range and hence not routable on the Internet. Nat is not actually a firewall though.

    Proxy servers can control web traffic, they also locally cache copies of the pages visited, which can actually speed up the browsing experience of the users, hence ISA (Internet Security and ACCELERATION server). Proxies are not firewalls, they control specific traffic typically browsing on port 80/443, FTP, Gopher etc.

    Port filtering just blocks or allows specific ports, so it's not intelligent in any way and the only time you could say you were secure is if you blocked all ports, then you might as well just stop paying your ISP :biggrin
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  4. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Brilliant stuff, Mal :thumbleft

    I thought I'd dig out this thread as an additional resource alongside your excellent info here. I remember being knocked out by it at the time, so thanks to the original poster of the film.

    Warriors of the Internet
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  5. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Mal, this thread rocks! :biggrin

    Must agree with Blues last post though, “NAT, PROXY SERVERS & PORT FILTERING are all FIREWALLS” isn’t always the case.

    Let’s say your firewall is the gateway for your LAN onto the internet then it is definitely the port filtering device (it should be anyway!). If it hooked up to a ADSL modem with one RJ45 device patched into the firewall then that could the NAT device as well. I have seen a few botched network installs where the ASDL modem is the NAT device AND the firewall and that’s isnt good! Make one device enabled for NAT to use your public IP(s).

    Proxy servers are there for two reasons, to speed up internet access for the clients on the LAN and possibly for content filtering\monitoring as well.

    Hope this helps!
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  6. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Adding to what Sparky has just said, and your statement above.

    A router does not perform NAT - a router, routes packets between different subnets using information in it's routing table.

    A NAT device maps a single public IP address to multiple private IP addresses.

    They are two different things.

    The confusion comes from the fact that many so-called routers these days perform a mixed bag of functions. For example, my so-called D-Link router is..

    1) A router, as it routes packets between two or more different subnets.

    2) It is also a NAT device - it can share one public IP addy with up to 5 internal private IP nodes.

    3) It is an ADSL modem

    4) It is a DHCP server

    5) It can act as a DNS proxy

    6) It has a built in SPI firewall

    7) It is a wireless AP


    These are all different functions but with so many modern pieces kit it lumps them all in the same little plastic box.

    Saying routers perform NAT, is like saying Routers are DHCP servers - that is simply not true.

    You could compare my router to a music centre, and say my CD player is a radio. Clearly that isn't true in the same way that a router is not the same as a NAT device
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  7. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    Again I thank you fella's, I'll be picking up some more studying in the firewalls department and NAT. Jakamoko, nice link, I know what you mean when you said that stuff blew you away first time you saw it. It's all falling into place nicely though, a little here-a little there and I may consider booking my exam soon..eek :eek:
     
    Certifications: A+ Network+
  8. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    How many times have I heard friends, at the point of despair, telling me that their hard drive has gone south ,all those precious photo's ,all those work documents ,the kids' homework ,ten gazillion trillobites of music? And my first reply is "Don't worry, I'll restore them all from your backup. You do have a backup don't you?"...

    90% of the time the answer is a simple "No", followed by howls of agony, much thumping of fists on walls, threats of torture from the better half and finally the classic retort -"I've never done one, what is a bar cup?"

    Let's venture into geekdom with this little trip through the old favourite...

    Disaster, what disaster?

    For any redundancy of data you need a contingency plan, ranging from a simple backup of your most precious data to full on mega-redundancy in the form of hot sites, warm sites and cold sites.

    Hot sites

    No, not bigboobs.com, that's certainly a hot site but not the kind you should know about for your N+! A HOT SITE is a duplicate, independant location that will have ALL of the functionality of the site for which it provides total redundancy.This includes Identical servers, identical software, identical communications, identical furniture, toilet seats, the whole kit and kaboodle.Why? Should disaster strike at site A, then the HOT SITE (site B) can take over completely, without undue disruption. Hot sites are the ultimate redundancy for a network, but as you can imagine they tend to be a bit pricey, but what is the data worth?

    Warm sites

    Unlike hot sites, a warm site will have enough hardware to get a contigency operation up and running, but not immediatly since backups, software and configuration will need to be implemented to some degree.

    Cold sites

    A cold site is prettymuch and empty space really, capable of supporting the backup plan but the implementation of backup would typically mean installing the necessary hardware, configuration, implementation and backup recovery.In a cold site you would effectively be setting up your backup from scratch.

    Talking of backups, here are the backup types that we must be familiar with and I mean 'familiar with'! Not knowing the backup types and how they differ will cost you dearly in any IT exam so get busy my friends, it's all up to you.

    Full or Normal

    All selected files are backed up and after backup the archive bit is turned OFF.

    Copy Backup

    Performs the same backup as Full/Normal except the archive bit remains ON, allowing for further copies of the backup to be made.

    Incremental

    Backs up all of the files that have changed since the last backup, whether that be a full or incremental backup.After backup the archive bit is swithced OFF.

    Differential

    Backs up all the files that have changed since the last full backup, but leaves the archive switch on.


    Confuddled? I was at first but it is fairly easy to grasp once you know the types and how they work. The trick here is memorise what happens to the archive bit during each type of backup. Here's Mals 'backup made easy peasy' explanation...

    -The archive bit is either on or off, no exceptions. If a file is changed at any point the archive bit switches on, this tells the backup that this file is in some way different from the last time it was backed up, in other words the file becomes 'flagged' for backup.

    -Since Copy Backup leaves the archive bit ON, you can make copies of your backup, simple huh?

    -Since Incremental backups turn the archive bit OFF, it only backs up newly changed files that have changed since the last back up.The size of an incremental backup is small compared to differential since only the files changed and flagged (have their archive bit turned on) since the last backup are backed up. However you need a full backup and all of the incremental backups to date to restore maximum data. Did I mention backup?

    -Since differential backups leave the archive bit ON,they backup everything including any new 'flagged' files that have the archive bit turned on.The size of a differential backup will increase as more backups are performed, however you would only need one full backup and your latest differential backup to restore maximum data.

    The low-down? ...

    Incremental backups take less time to backup but MORE time to restore from backup.

    Differential backups take longer to backup but LESS time to restore from backup.


    You should know that back up media is best kept in a locked safe or similar and most definately OFFSITE (easy marks on the exam if you get the right question!).

    The bottom line with backing up your data is that you are providing data redundancy in the event of a disaster..that's it.
     
    Certifications: A+ Network+
  9. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Class as always, Mal ...


    ..may I add one little thing that helped me recall this section:

    Differential backup: Fast restore - eg, only files changed since last back up are changed.

    Incremental backup - archive bit is cleared (so, by definition, slow restore)


    OK, a little contrived, but it helped clarified this topic for me, as my walls still have head-shaped dents in them to this day !!! :)
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  10. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    WoW! nice one GAV, that's a great way to remember it fella..:thumbleft

    From this point onwards I'm going to try and expand what I've learned so far. I think I've covered most of the necessary topics so far but in very brief detail and I'd hate to think the job is only half done!!

    Maybe the best way to approach this, given that I'd estimate that about 75% of you who actually read this thread are currently studying for or are about to embark on the N+ 2005 objectives, is to get you all a little more involved while at the same time helping me in my studies. One thing that I've done here is to almost abandon the pen & paper approach to writing out bullet-notes and scribbles of information on the toilet door and to apply what I know in a structured way that can be best understood by the person reading it the most, namely me! I'm not suggesting we all do the same but if it works...it works, right?

    Back to the plot Mal....

    I don't really want to repeat everything I've written here word for word, so I don't really want to repeat what I've written here word for word...so perhaps you'd like to suggest which subject YOU want to expand on and I'll do just that, helping you to help me, cool or what?8)
     
    Certifications: A+ Network+
  11. paradoxni

    paradoxni Nibble Poster

    58
    2
    32
    excellent blog mal, its got me convinced that network+ is the next cert for me! :)
     
    Certifications: A+, Network+, MCP, MCDST, CCENT
    WIP: Server+
  12. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    Glad you like it and I hope it helps you with your N+.
     
    Certifications: A+ Network+
  13. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    We now know the ins, outs, why's and wherefore regarding our networks. But how do we approach a problem in a structured nd logical manner?, a way in which we can implement a diagnosis and repair?

    here's how..

    My way or the highway!!

    CompTIA have a set of troubleshooting standards that they will expect YOU to know, not what YOU think is right but what THEY SAY is right, get used to it and learn it!

    The deal is this..

    1) SYMPTOM-Establish the symptoms,obviously!!

    2)AREA-Establish the area affected, is it a local issue or a wider reaching issue?

    3)CHANGE-Establish what has changed since the last good working state.

    4)PROBABLE-Identify the probable cause.

    5)IMPLEMENT-Implement your plan of action, the proposed solution.

    6)TEST-Test the results of the implemented plan.

    7)EFFECT-Examine and document the effects of the implemented plan.

    8 )DOCUMENT-Document the final results.

    Now repeat the buzzwords, go on!

    You may feel like a bit of a tit at this point and the pointing and laughing from other members of your household is mere humour at your attempt to become N+ qualified. But titter ye not meagre fellows! Just remember this phrase..

    SACPITED -(pronounced sack-pitted), see? No? Look again, it is my acronym for the eight steps of troubleshooting that you are required to follow for this exam, each letter representing the blue highlighted word at the beginning of each step, how clever am I? :rolleyes: SACPITED.
     
    Certifications: A+ Network+
  14. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67
    Had enough yet?

    D-Day!!!!!

    Ok, so I've covered a lot of technical stuff so far and some not so technical stuff too, but what about the one thing that all this stuff is pointing to?EXAM DAY:blink :blink :blink

    During the next few weeks I will be reading the Meyers tome one last time and spending time on my practice tests. My methods are common and I make no secret of them, studying is to be taken seriously if you want the result that you are aiming for!

    Heres what I do and maybe this can help guide you too..

    1) Read your study material TWICE. In the case of the All In One book I have read it once from cover to cover, then read it a second time concentrating on only the 'TEST SPECIFIC' chapters and the end of chapter tests.

    2) Bullet notes are a must and as you gain experience in taking certification exams you get to know the points that need attention and the points that simply 'fill the gaps'. Make structured notes and use them to study from.

    3)Know your enemy!!! Get the OBJECTIVES from CompTIA and READ THEM!! This is a great way to test your scope of knowledge and a great way to ensure that you have at least some understanding of all of the required subjects. DO NOT SKIP ANY-CompTIA can and will test you on all/any of those objectives and you simply cannot afford to drop points through complacency, can you?:deal

    4) Don't be afraid to ask! CF are well known throughout the whole IT community for their commitment and help through the forums. If you have a question, regardless of how trivial you feel it is, then ask.

    5)Know the STATS. Make tables of the common statistics that are covered, like cable statistics, IP addresses, backup types and common ports. Before I start any exam I ALWAYS write down these tables (yes you do get a dry-wipe board and pen to jot notes down in the exam).DON'T waste EXAM TIME writing them down, sit down, clear your head of thoughts of nude ladies and/or blokes and write them down, they will be the statistics that get you through this exam, no doubt about it!


    6)This is NOT a RACE!! How many times have I seen posts (mainly on other sites I'll add) of some little oik boasting how he got through his exam in 9 seconds flat and barely passed? YOU set your own pace here..sit down..take a few moments to clear your head..calm your nerves (and we ALL get nervy) and jot down your notes and tables. You are allowed to take bottled drinks into some exam centres so take advantage of this since nerves will give you a dry throat and annoy the hell out of other students who are being disturbed by your dry coughing and clearing of said throat! Whe YOU are ready, take the tour of the test engine and start your exam.

    7)Take your time! Read EVERY question thoroughly and know what is being asked, eliminate the wrong answers and if you are unsure of the correct answers MARK the question for review later on. If you have prepared well for this exam you will have more than enough time to go over ALL of your answers a second time, BUT-be careful with this since your first answer may very well be correct and changing your answer will cost you? Be absolutley sure you want to change your original answer.

    8)Don't believe the HYPE!...CompTIA are not out to fail you through 'trick' questions, they WANT you to pass (and I give you that statement from the horses mouth) and the questions (arguably) are straightforward as are most of the answers (from my A+ experience anyways). Don't over analyse a question and think you have a better answer, trust your instinct and use the force young padewan.

    9)The result..you will be given your result there and then , usually after answering a few marketing questions and you will recieve a report of the exam from the test centre on your departure. Remember to be courteous, whatever the result and leave quietly since others are still taking tests around you.

    Finally, pass or fail, use your test report to see where you went wrong and use that as a guide for your knowledge and future exams.

    CompTIA exams are far from 'easy' in my opinion and you only get out of them what you put into them, so set yourself a high target right?
     
    Certifications: A+ Network+
  15. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    This approach is very good and logical, it is also closely aligned with the way in which I trouble shoot a problem. The only thing that I can see that CompTIA have missed out, is that not all faults will be resolved once you get to No. 8 - In fact there is a very good chance that exactly the same problem will still be staring you in the face. That is the true nature of fault finding.

    So what have they missed? Well, if the fault is still there, it is not back to the drawing board (No. 1).

    Because, by process of elimination you have proved to yourself that it wasn't the probable cause you thought in No.4 - The next logical step is to start again at No.4 and make another educated guess at the probable cause, based on the extra information gained from your first attempt. Then continue to No. 8 and keep going from 4 to 8 until you fix the problem and can move on to No. 9.

    No. 9 Have a beer :berrr
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  16. paradoxni

    paradoxni Nibble Poster

    58
    2
    32
    i find jumping to step 9 between every other step is a good way to go too :p
     
    Certifications: A+, Network+, MCP, MCDST, CCENT
    WIP: Server+
  17. wizard

    wizard Petabyte Poster

    5,767
    42
    174
    No 10 - get someone else in to fix it and go down the pub :D
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  18. Malnomates

    Malnomates Megabyte Poster

    667
    25
    67

    ...anmd THEN go back to No.9..
     
    Certifications: A+ Network+
  19. mondos

    mondos Kilobyte Poster

    335
    4
    37
    I must say, this is the funniest , most informative thread I've read in my short time on CF.Who needs books when they've got you lot educating others with humour and intelect.keep up the good work guys hic..yes I've had a few beers which makes it all the more humourous and I'll be having a few more.:alc
     
    Certifications: A+
    WIP: N+, MCDST and finding a job!
  20. frankthetek

    frankthetek New Member

    3
    0
    1
    Not long joined, just begining N+ study and came across this.
    What an excellent read!!!:D
    Very entertaining & encouraging!!
    So glad I stumbled upon CF:biggrin
    frankthetek
     

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.