Académique Documents
Professionnel Documents
Culture Documents
NETWORK CONFIGURATION
AIM:
Run the following commands and write the use of each command
Ipconfig
ping
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] destination-list
Options:
-t Ping the specified host until stopped.
To see statistics and continue - type Control-Br
To stop - type Control-C.
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-l size Send buffer size.
-f Set Don't Fragment flag in packet.
-i TTL Time To Live.
-v TOS Type Of Service.
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host-list.
-k host-list Strict source route along host-list.
-w timeout Timeout in milliseconds to wait for each reply.
telnet
Microsoft Telnet>
diskperf
Physical Disk Performance counters on this system are currently set to start
at
boot.
netdiag
netstat
Active Connections
pathping
ftp
tftp
3
Transfers files to and from a remote computer running the TFTP service.
sfc
Scans all protected system files and replaces incorrect versions with correct
Microsoft versions.
nbtstat
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its
4
IP address.
-c (cache) Lists NBT's cache of remote [machine] names and their
IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP
addresses
-s (sessions) Lists sessions table converting destination IP
addresses to computer NETBIOS names.
-RR (ReleaseRefresh) Sends Name Release packets to WINs and then, starts
Refresh
RemoteName Remote host machine name.
IP address Dotted decimal representation of the IP address.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press Ctrl+C to stop redisplaying
statistics.
rcp
lpr
Usage: lpr -S server -P printer [-C class] [-J job] [-o option] [-x] [-d]
filename
Options:
-S server Name or ipaddress of the host providing lpd service
5
tracert
Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name
Options:
-d Do not resolve addresses to hostnames.
-h maximum_hops Maximum number of hops to search for target.
-j host-list Loose source route along host-list.
-w timeout Wait timeout milliseconds for each reply.
verifier
nslookup
route
All symbolic names used for destination are looked up in the network database
file NETWORKS. The symbolic names for gateway are looked up in the host name
database file HOSTS.
Invalid MASK generates an error, that is when (DEST & MASK) != DEST.
Example> route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1
Examples:
lpq
7
Options:
-S server Name or ipaddress of the host providing lpd service
-P printer Name of the print queue
-l verbose output
net session
drivers
nettime
rsh
chkdsk
hostname
C:\Documents and Settings\Administrator>hostname
Amb
net account
arp
AIM:
AIM:
Show tcp/ip
AIM:
Configure interfaces:
netsh>set
netsh>set mode
Parameters:
Tag Value
mode - One of the following values:
online: Commit changes immediately
offline: Delay commit until explicitly requested
Remarks:
Sets the current mode to online or offline.
netsh>set machine
10
AIM:
Important
Note
AIM:
AIM:
Make subdirectories called uni and linu in home directory Made? Now delete
the subdirectory called uni
Mkdir uni
Mkdir linu
Rmdir linu
AIM:
Create a file called “ignou.txt”.Now copy this file and paste to other
directory . Copied move the file also from one directory to other
AIM:
AIM:
Find the files in home directory those names are starting with s and redirect
the output into a file redirecting.txt
Ls –l s* >redirecting.txt
AIM:
Change the password and write down the restrictions for given password
Passwd
Enter new password:
Re enter new password:
Restrictions to password
1.different from previous password
2.Have atleast 6 characters
12
AIM:
Execute sleep 25 in the foregound, suspend it with Ctrl-z and then put it
into the backgound with bg.show all process running in background, bring any
process back into the foregound with fg. Repeat the same exercise using kill
to terminate the process and use & for sending into backgound.
Sleep 25 –s
AIM:
Write a shell script which returns the PID of a process and accept the name
of process
Ps e | grep init
Echo $a | cut –f1 –d “ “
AIM:
Send a message to all users which are online. Make provision so that you can
send messages to other users but others cannot. Use talk to send messages.
Mesg n
AIM:
Send a mail to yourself, and include ignou.txt inside the mail. Read the
mail you have sent to yourself. Save the piece of message and file into some
folder. Reply to yourself.
AIM:
AIM:
Use the ls command and grep to display all names starting with “s”
Ls|grep[^s]
13
AIM:
Write a message to inform all user “they should shut down their
machine after completing the lab exercise”
Wall “they should shut down their machine after completing the lab
exercise”
14
Computer Management
Use Computer Management to manage local or remote computers using a single,
consolidated desktop tool. It combines several Windows 2000 administration
utilities into a single console tree, providing easy access to a specific
computer's administrative properties and tools. Use Computer Management to:
Monitor system events such as logon times and application errors.
Create and manage shares.
View a list of users connected to a local or remote computer.
Start and stop system services such as the Task Scheduler and the
Spooler.
Set properties for storage devices.
View device configurations and add new device drivers.
Manage server applications and services such as the Domain Name System
(DNS) service or the Dynamic Host Configuration Protocol (DHCP)
service.
Event Viewer
Using the event logs in Event Viewer, you can gather information about
hardware, software, and system problems and monitor Windows 2000 security
events.
Windows 2000 records events in three kinds of logs:
The system log contains events logged by the Windows 2000 system components.
For example, the failure of a driver or other system component to load during
startup is recorded in the system log. The event types logged by system
components are predetermined.
The security log can record security events such as valid and invalid logon
attempts, as well as events related to resource use, such as creating,
opening, or deleting files. An administrator can specify what events are
recorded in the security log. For example, if you have enabled logon
auditing, attempts to log on to the system are recorded in the security log.
Services
Using Services, you can start, stop, pause, or resume services on remote and
local computers, and configure startup and recovery options. You can also
enable or disable services for a particular hardware profile.
With Services, you can:
Manage services on local and remote computers, including remote
computers running Windows NT 4.0.
Set up recovery actions to take place if a service fails, such as
restarting the service automatically or restarting the computer (on
computers running Windows 2000 only).
Create custom names and descriptions for services so that you can
easily identify them (on computers running Windows 2000 only).
16
Backup
The Backup utility helps you protect data from accidental loss due to
hardware or storage media failure. For example, using Backup you can create a
duplicate copy of the data on your hard disk by backing up the data to
another storage device such as a hard disk or a tape. In the event that the
original data on your hard disk is accidentally erased or overwritten, or
becomes inaccessible because of a hard disk malfunction, you can easily
restore the data from the backed up copy.
Using Backup, you can:
Back up selected files and folders on your hard disk.
Restore the backed up files and folders to your hard disk or any other
disk you can access.
Create an Emergency Repair Disk (ERD), which will help you repair
system files in the event they get corrupted or are accidentally
erased.
Make a copy of any Remote Storage data and any data stored in mounted
drives.
Make a copy of your computer's System State, which includes such things
as the registry, the boot files, and the system files.
Back up services on servers and domain controllers, including such
things as the Active Directory service database, the Certificate
Services database, and the File Replication service SYSVOL directory.
Schedule regular backups to keep your backed up data up to date.
You can use Backup to back up and restore data on either FAT or NTFS volumes.
However, if you have backed up data from an NTFS volume used in Windows 2000,
it is recommended that you restore the data to an NTFS volume used in Windows
2000, or you could lose data as well as some file and folder features. For
example, permissions, encrypting file system (EFS) settings, disk quota
information, mounted drive information, and Remote Storage information will
17
be lost if you back up data from an NTFS volume used in Windows 2000 and then
restore it to a FAT volume or an NTFS volume used in Windows NT 4.0.
Disk Defragmenter
When a volume contains a lot of fragmented files and folders, Windows takes
longer to gain access to them because it requires several additional disk
drive reads to collect the various pieces. Creating new files and folders
also takes longer because the free space available on the volume is
scattered. Windows must then save new files and folders to various locations
on the volume.
Disk Defragmenter moves the pieces of each file or folder to one location on
the volume, so that each occupies a single, contiguous space on the disk
drive. As a result, your system can gain access to your files and folders and
save new ones more efficiently. By consolidating your files and folders, Disk
Defragmenter also consolidates your free space, making it less likely that
new files will be fragmented.
Disk Defragmenter can defragment FAT, FAT32, and NTFS formatted volumes.
For more information, see Related Topics.
System Information
You can use the View menu to switch between the display of Basic and Advanced
information. The Advanced view shows all of the information in the Basic view
plus additional information that may be of interest to the more advanced user
or to Microsoft Product Support Services.
19
AIM:
Notes
Read
Change
Full Control
Full Control is the default permission applied to any new shares you create.
It allows all Read and Change permissions, plus:
o Changing permissions (NTFS files and folders only).
o Taking ownership (NTFS files and folders only).
Note
When a folder is shared, the default is to grant Full Access permissions to
the Everyone group.
20
AIM:
5. Name the printer and Set to share the Printer if it has to be available in
the Network.
21
6. After giving Location command and Print the test page. If all are ok,
Finalise the setting and complete the wizard.
22
AIM:
1. Open Printers.
2. Double-click Add Printer to start the Add Printer wizard, and then
click Next.
3. Click Network printer, and then click Next.
4. Connect to the desired printer by:
o Searching for it in the Active Directory.
o Typing its name using the following format, or clicking Next to
locate the printer on the network:
o Typing its URL using the following format:
5. Follow the instructions on the screen to finish connecting to the
network printer.
Notes
AIM:
Windows 2000 Active Directory and Domain controller.
The Active Directory (AD) of Windows 2000 Server and Windows Server
2003 basically manages all the information that is relevant in the network's
operation. This includes connections, applications, databases, printers,
users and groups. Microsoft's text describes it concisely: Active Directory
provides a standard way to name, describe, localize, manage, secure and
access these resources.
The dcpromo command is used to raise the level of the server to become an
Active Directory controller. The process takes approximately ten minutes and
is described briefly in the following.
We assume that there are no other servers in your network and therefore, we
want a controller for a new Active Directory infrastructure
24
Active Directory uses its own database system in order to manage the
described information efficiently. Provided your environment could grow
quickly and the server could take on additional tasks, the database as well
as the log files should be swapped out to a separate hard disk in order to
keep system performance as high as possible.
25
The SYSVOL folder is another specialty of the Active Directory because its
contents are replicated by all the Active Directory controllers in a domain.
This includes login scripts, group policies and other things that must be
available on other servers as well. The location of this folder can of
course be changed according to need.
After Installing Forward Lookup zone, We have to install Reverse lookup zone
also.
The last thing we still need is a pointer, which points to our subnet
192.168.1.0.
27
AIM:
AIM:
AIM:
Properties of TCP/IP
Enter Ip address, Subnet Mask, Default Gateway, and DNS Server entries.
AIM:
Install a caching DNS server and find out how it reduces the network traffic
AIM:
subdomains. A DNS zone administrator sets up one or more name servers for the
zone.
31
The VPN Client on a remote PC, communicating with a Cisco VPN device at
an enterprise or service provider, creates a secure connection over the
Internet that lets you access a private network as if you were an on-site
user. This secure connection is a Virtual Private Network (VPN).
System Requirements
To install the VPN Client on any system, you need–CD-ROM drive (if you are
installing from CD-ROM) –Administrator privileges •The following table indicates the system
requirements to install the VPN Client on each of the supported platforms.
Computer Operating System Requirements
Computer with •Microsoft® Windows® 98 or •Microsoft TCP/IP installed.
a Pentium®- Windows 98 (second edition) (Confirm via Start > Settings >
class •Windows ME Control Panel > Network >
processor or •Windows NT® 4.0 (with Protocols or Configuration.)
greater Service Pack 6, or higher) •50 MB hard disk space.
•Windows 2000 •RAM:
•Windows XP –32 MB for Windows 98
–64 MB for Windows NT and
Windows ME
–64 MB for Windows 2000
(128 MB recommended)
–128 MB for Windows XP
(256 MB recommended)
Computer with RedHat Version 6.2 or later •32 MB Ram
and Intel x86 Linux (Intel), or compatible •50 MB hard disk space
processor libraries with glibc Version
2.1.1-6 or later, using
kernel Versions 2.2.12 or
later
Note The VPN Client does
not support SMP
(multiprocessor) or 64-bit
processor kernels.
Sun UltraSPARC 32-bit or 64-bit Solaris • 32 MB Ram
computer kernel OS Version 2.6 or • 50 MB hard disk space
later
Macintosh Mac OS X, Version 10.2.0 or 50 MB hard disk space
computer later
Installation Notes
The following notes are important for users who are upgrading to
Windows XP and users who want to downgrade to an earlier version of the VPN
Client software.
If you are using the MSI installer, you must have Windows NT-based
products such as Windows NT 4.0 (with SP6), Windows 2000, or Windows XP.
Installing with MSI also requires Administrator privileges.
When installing the Windows MSI installation package, the user must
manually uninstall the previous VPN Client if it is older than version 4.6.
The version 4.6 MSI installer does not detect older versions, and the
installer will attempt to install before aborting gracefully. Once a version
4.6 MSI package has been installed, future client versions will be able to
detect the existing version 4.6 installation and automatically begin the
uninstallation process.
VPN Client Installation Using Windows Installer (MSI) Requires Windows NT SP6
33
When you attempt to install the VPN Client using MSI install
(vpnclient_en.exe) on NT SP3, SP4, or SP5, the error messages do not indicate
that the VPN Client cannot be installed on those operating systems because
they are unsupported. Once the errors occur, no other messages are displayed
and the installation is aborted.
"Cannot find the file instmsiw.exe (or one of its components). Make
sure the path and filename are correct and that all the required libraries
are available."
-then-
"Cannot find the file MSIEXEC (or one of its components). Make sure the
path and filename are correct and that all the required libraries are
available."
The following sections describe actions you must take when installing
the VPN Client on a Solaris platform.
If you have a previous version of the VPN Client running under Solaris,
you must uninstall the older VPN Client before installing a new VPN Client.
You are not required to uninstall an old VPN Client, if one is present,
before installing a new VPN Client for Linux or Mac OS X.
Disable the ipfilter Firewall Kernel Module Before Installing the VPN Client
on a Solaris Platform
•To use the VPN Client, you need –Direct network connection (cable or DSL
modem and network adapter/interface card), or –Internal or external modem,
and
•To connect using a digital certificate for authentication, you need a
digital certificate signed by one of the following Certificate Authorities
(CAs) installed on your PC: –Baltimore Technologies
(www.baltimoretechnologies.com) –Entrust Technologies (www.entrust.com) –
Netscape (www.netscape.com) –Verisign, Inc. (www.verisign.com) –Microsoft
Certificate Services — Windows 2000 –A digital certificate stored on a smart
card. The VPN Client supports smart cards via the MS CAPI Interface.
34
Windows 2000 includes a Firewall to protect your system against unwanted "visitors" from the
Internet ( but not controlling connections from your system to the Internet, for which you would
need to install a Non-Microsoft Firewall, like ZoneAlarm ) , which is configured using the
Properties
of the modem-connection :( using the Firewall on a LAN connection will cause network access
problems to your system )
tab : Services
tab : ICMP
Advanced Setup:
In case you have the Internet
Information Server
(maybe including the FTP-
server) installed and you
like to allow access from the
Internet, then you
need to place the Check-marks
(you are prompted
to confirm the system allowed
to be accessed)
tab: ICMP
AIM:
Note that you cannot block ICMP messages, even if you select Permit
Only in the IP Protocols column and you do not include IP protocol
1.
TCP/IP Filtering can filter only inbound traffic. This feature does not
affect outbound traffic or response ports that are created to accept
responses from outbound requests. Use IPSec Policies or packet filtering if
you require more control over outbound access.
38
AIM:
Command Purpose
Router# mrinfo [hostname | Query a multicast router about which
address] [source-address | neighboring multicast routers are
interface] peering with it.
Router# mstat source Display IP multicast packet rate and
[destination] [group] loss information.
Traces the path from a source to a
Router# mtrace source
destination branch for a multicast
[destination][group]
distribution tree for a given group.
AIM:
2. Click Next.
4. Clear the Activate the default response rule check box, and then click
Next.
5. Make sure the Edit Properties check box is selected (it is by default),
and then click Finish.
6. In the Properties dialog box for the policy you have just created,
ensure that Use Add Wizard check box in the lower-right corner is selected,
and then click Add to start the Security Rule Wizard.
7. Click Next to proceed through the Security Rule Wizard, which you
started at the end of the previous section.
8. Select This rule does not specify a tunnel, (selected by default) and
then click Next.
Notes
To start Active Directory Users and Computers, open a Remote Desk Top
connection to either a Windows 2000 domain controller or a member
server that has Windows 2000 Administration Tools installed. You must
log on to the server as a domain administrator in order to complete
this procedure.
By default, only domain administrators, enterprise administrators,
Group Policy Creator Owners, and the operating system can create new
Group Policy Objects. If the domain administrator wants a
nonadministrator or a group to be able to create Group Policy objects,
that user or group can be added to the Group Policy Creator Owners
security group. When a user who is not an administrator, but who is a
member of the Group Policy Creator Owners group, creates a Group Policy
object, that user becomes the creator and owner of the Group Policy
object; therefore, that user can edit the Group Policy object. Being a
member of the Group Policy Creator Owners group gives the user full
control of only those Group Policy objects that the user creates or
those Group Policy objects that are explicitly delegated to that user.
It does not give the nonadministrator user any additional rights over
other Group Policy objects for the domain—these users are not granted
rights over Group Policy objects that they did not create.
When an administrator creates a Group Policy object, the Domain
Administrators group becomes the Creator Owner of the Group Policy
object.
When you delegate this task to nonadministrators, also consider
delegating the ability to manage the links for a specific
organizational unit. The reason for this is that, by default,
nonadministrators cannot manage links, and the inability to manage
links prevents them from being able to use the Active Directory Users
and Computers snap-in to create a Group Policy object.
40
AIM:
Notes
To open Windows Explorer, click Start, point to All Programs, point to
Accessories, and then click Windows Explorer.
You can return the backup version of the decrypted file or folder to
the user as an e-mail attachment, on a floppy disk, or on a network
share.
You can also physically transport the recovery agent's private key and
certificate, import the private key and certificate, decrypt the file
or folder, and then delete the imported private key and certificate.
This procedure exposes the private key more than the procedure above
but does not require any backup or restore operations or file
transportation.
If you are the recovery agent, use the Export command from Certificates
in Microsoft Management Console (MMC) to export the file recovery
certificate and private key to a floppy disk. Keep the floppy disk in a
secure location. Then, if the file recovery certificate or private key
on your computer is ever damaged or deleted, you can use the Import
command from Certificates in MMC to replace the damaged or deleted
certificate and private key with the ones you have backed up on the
floppy disk.
For more information about using Certificates in MMC, see Related
Topics.