Index 766 Authentication POP (APOP), 436 Authentication server, 197 Automatic private IP addressing (APIPA), 323 B Bandwidth, 50–52, 89 Baseband, 242, 583 Basic rate interface (BRI), 111 WAN, 362 Bastion host, 407 Bayonet-Neill-Concelman (BNC), 48 BBSs. See Bulletin board systems Bearer code (BC) identifier, 114 BGP. See Border gateway protocol Big Brother, 418 Biometrics, 441 Bitwise ANDing, 308–310 Bluetooth, 182, 190–191 BNC. See Bayonet-Neill-Concelman Boolean operators, 308 BOOTP. See Bootstrap protocol Bootstrap protocol (BOOTP), 326, 329 Border gateway protocol (BGP), 342 BRI. See Basic rate interface Bridges, 104–105, 143 Broadband, 242, 583 Broadcast messages, 152 Broadcast traffic, 333 Buffer-overflow attacks, 444 Bulletin board systems (BBSs), 12 Bus topology, 25–26 benefit of, 26 disadvantage of, 26 C Cable modem termination system (CMTS), 109 Cable modems, 107, 109, 370–371 Cable testers for Ethernet cable, 560 and troubleshooting, 58–62, 89–90, 559 Cable ties, 67 Cables, 33, 63, 87, 90 coaxial, 47, 78, 83 and connectors, 46, 89 copper, 63–64 fiber-optic, 48, 64, 84–85 fundamentals of, 46–48 installation, 66–67 interference, 49–50 issues in length of, 588 length problems, 52–54, 588 management and termination, 67–69 physical layer problem with, 587 physical media, 47 preparing, 64–66 problems with, 587–588 purpose of, 46 repair of, 57–58 security, 54–55 troubleshooting, 56–57 twisted-pair, 47 categories, 82 color codes, 65 Caching engines, 504 Campus area network, 35 Carrier protocol, 21 Carrier sense multiple access/ collision avoidance (CSMA/CA), 184–185, 245 Carrier sense multiple access/ collision detection (CSMA/ CD), 70, 184–185, 245, 648 Centralized access control, 17 Centralized network model, 15–16 Certificate authority (CA), 457 Challenge handshake authentication protocol (CHAP), 454–455 Channel service unit/data service unit (CSU/DSU), 116–117 CHAP. See Challenge handshake authentication protocol CIA. See Confidentiality, integrity, and availability CIDR. See Classless interdomain routing CIFS. See Server message block Circuit level firewalls, 129, 393 Circuit switching, 600 WAN operating with, 358–359, 363 Cisco systems, 391 Classless interdomain routing (CIDR), 320–321 Cleartext authentication, 436 Client/server network model, 18–20 Coax networks, 73 Coaxial cable, 47, 78, 83 connectors, 76 Combo cards, 108, 263 Common Internet file system (CIFS). See Server message block Communications Assistance for Law Enforcement Act (CALEA), 491 Computers ENIAC I, 7 history on, 6–8 MARK I, 7 Confidentiality, integrity, and availability (CIA), 431, 432 Configuration management (CM), 478–493, 506–507 Configuration parameters, 328 Connection-oriented services, 605 Connectors, 45, 75, 91 BNC, 78 cabling and, 46 D connectors, 76 DIX, 77 fiber, 79–81 fundamentals of, 48–49 local connectors (LC), 80 RG and F-type, 79 RJ connectors, 76–77, 485 standard connector (SC), 48, 79 twisted-pair and coaxial cable, 76–79 Consultative Committee for International Telephony and Telegraph (CCITT), 111 Content filtering, 404 Content switches, 156–157, 163 Convergence, 99, 107 of security, 125 Copper cabling, 63–64 preparing, 64–66 Credit card adapters, 108 Crossover cable, 59–62 Crosstalk, 50, 89 CSMA/CA. See Carrier sense multiple access/collision avoidance CSMA/CD. See Carrier sense multiple access/collision detection Custom subnet mask. See Variable- length subnet masks Index 767 d D-channel signaling protocol, 362 D connectors, 76 Data link layer, 183 MAC addressing of, 593 OSI model, 242–243 troubleshooting, 591–598, 623 contention methods for, 592 polling methods for, 592 recognizing devices of, 594–595 token passing methods for, 592 Data terminal equipment (DTE) devices, 367 Data transmission rates, 368 Datagram, 604 Decimal to binary numbers, converting, 295–299 Deep packet inspection firewall. See Stateful inspection firewall Default gateway, 137 Default subnet mask, 310–311 Defense Advanced Research Projects Agency (DARPA) model. See Department of defense (DoD) model Demarc, 69 Demilitarized zone (DMZ), 129–131, 406 bastion host, 407 design, 406–413 DNS services, 408–409 e-commerce, 409, 410 data storage zone, 410, 411 financial processing network, 411 e-mail relaying, 408 FTP services, 408 IDS in, 409 Internet Web site access, 408 layered implementation, 406 multiple interface firewall implementation, 406, 407 Denial of service (DoS) attacks, 207, 210–211, 396, 429 protecting, 212 Department of defense (DoD) model, 257–265, 277–278 advantages of, 576–577 application layer of, 264–265 host-to-host transport layer, 264 Internet layer, 263–264 mapping OSI model with, 259 network interface layer of hardware/software, 262–263 MAC, 262 DHCP. See Dynamic host configura- tion protocol; Dynamic host control protocol Dial-up modem speeds, 371–372 dig command, 555–556 syntax of, 555 Digital-Intel-Xerox (DIX), 72, 648 Digital signal zeros (DS0s), 361 Digital signaling effects of attenuation on, 243 vs. analog signaling, 240–242 Digital subscriber line (DSL), 362, 368–369 asymmetric, 369 benefit of, 368 drawback of, 368 modems, 107 symmetric, 369 Direct sequence spread spectrum (DSSS), 182–183 Directory access protocol (DAP), 448 Directory number (DN), 114, 115 Directory services, 447, 448. See also Lightweight directory access protocol (LDAP) Distance vector routing protocol, 343 Distributed DoS (DDoS) attack, 429 DIX. See Digital-Intel-Xerox DMZ. See Demilitarized zone DNS. See Domain name system DoD model. See Department of defense model Domain name kiting, 429–430 Domain name system (DNS), 12, 273–274 application layer, 617 servers, 139, 203, 328, 408–409, 483 cache poisoning, 430–431 split-horizon, 409 Domain name tasting, 430 DoS attacks. See Denial of service attacks Dotted decimal notation, 294 DSL. See Digital subscriber line DS0s. See Digital signal zeros DSSS. See Direct sequence spread spectrum DTE devices. See Data terminal equipment devices Dual-homed firewall, 127 Dynamic host configuration protocol (DHCP), 139–140, 269–270, 483 application layer, 617 client service, 270 server service, 270 Dynamic host control protocol (DHCP), 201, 326 message types, 327–328 operations, 326–329 relay agents, 328–329 server, 324, 327–329 Dynamic routing protocols, 123–125, 599 E E-commerce, DMZ, 409–411 E-mail gateway, 612 EAP. See Extensible authentication protocol EAPoL. See Extensible authentication protocol over LAN EAPoW. See Extensible authentication protocol over wireless Eavesdropping, 204 protecting, 206 eDirectory, 448 EGPs. See Exterior gateway routing protocols EIGRP. See Enhanced interior gateway routing protocol Electrical numerical integrator and calculator (ENIAC I) computer, 7 Electromagnetic interference (EMI), 47, 89 Electronic-binary computer, 7 Electronic Industries Associate/ Telecommunications Industry Alliance (EIA/TIA), 484 Encapsulating protocol, 21 Enhanced interior gateway routing protocol (EIGRP), 342 ENIAC I computer. See Electrical numerical integrator and calculator computer Enterprise service provider (ESP), 135 Index 768 Eth0 interface, 554 configuration information for, 555 Ethernet, 11, 70, 263 802.3 networks, 184, 185 adapter, configuring, 555 cable, testers for, 560 crossover cable as troubleshooting tool, 558–559 gigabit, 71 Event Viewer, logs in, 494 Extended industry standard architecture (EISA), 118 Extensible authentication protocol (EAP), 198, 199, 462 per-packet authentication, 462 vulnerabilities, 463–464 Extensible authentication protocol over LAN (EAPoL), 197, 198, 460 Extensible authentication protocol over wireless (EAPoW), 198, 460 Exterior gateway routing protocols (EGPs), 342 F F-type connectors, 79 Fast Ethernet, 70 Fault tolerance, 504 FDDI. See Fiber distributed data interface Federal Communications Commis- sion (FCC), 491, 640 FHSS. See Frequency hopping spread spectrum Fiber cabling, 64 Fiber connectors, 79–81 Fiber distributed data interface (FDDI), 364–365 frame relay, 365–366 MPLS, 366 SONET, 367–368 X.25 network, 366–367 Fiber-optic cable, 48 File system drivers, 256–257 File transfer protocol (FTP), 156, 272–273 active mode, 396 application layer, 615 configuring and implementing, 273 passive mode, 396 RFC 1579 firewall-friendly, 273 Finite-state machine, 390 Firewalls, 126, 144, 392–394 application layer gateway, 393, 399–400 application level, 128–129 architecture, 126 circuit level, 129, 393 dual-homed firewall, 127 features, 129 packet-filtering. See Packet- filtering firewall packet level, 128 proxy server, 394 screened host firewall, 127 stateful inspection, 393 technologies, 392–394 types, 128 vs. IDS, 388 vs. IPSs, 388 Flooding attacks, 210–211 protecting, 212 Fluhrer, Mantin, and Shamir attack, 463 Fractional T1 access, 361 Frequency division multiplexing (FDM), 117 Frequency hopping spread spectrum (FHSS), 181–183 Fresnel zone, concept of, 178–179 FTP. See File transfer protocol Full-duplex, 63, 90 configuring connection of, 611 G Gateway services for NetWare (GSNW), 613 Gateways, 136, 144 and subnetworks, 137–138 Generic routing encapsulation (GRE) protocol, 413, 414 Geosynchronous earth orbits (GEOs), 373 GFI LANguard, 391 Gigabit Ethernet, 71 Google™, 502, 504 GRE protocol. See Generic routing encapsulation protocol GSNW. See Gateway services for NetWare h Hacker, 201, 204–206, 209–211, 214 Half-duplex, 63, 90 transmission, 609 Hardware, 3, 9–11 address. See MAC address security devices, 386–405, 467–468 Hardware compatibility list (HCL), 118 Hardware loopback adapter, 62 Health Insurance Portability and Accountability Act (HIPAA), 491 Hermes chipset, 202 HomeRF, 182 Honeynets, 403–404 Honeypot, 400–403 characteristics of, 401–402 installing, 402–403 Host IDs, 299–305 rules for, 302 Host-to-host transport layer, 264 HTTP. See Hypertext transfer protocol Hub topology. See Point-to- multipoint topology Hubs, 101–103, 142 active, 102 passive, 102 switching, 101, 103 wireless, 172 Hybrid protocols, 343 Hypertext markup language (HTML), 129 Hypertext transfer protocol (HTTP), 156, 271–272 application layer, 616–617 I IANA. See Internet Assigned Numbers Authority ICANN. See Internet Corporation for Assigned Names and Numbers ICMP. See Internet control message protocol IDS. See Intrusion detection system IEEE 802 standards, 260–261, 640–649 CSMA/CD, 648 listing of, 642–647 LLC, 647 OSI and, 641–642 Token Ring, 649 wireless network, 649 Index 769 802.1x standard, authentication, 458–461 dynamic key derivation, 199, 461 user identification and strong authentication, 199, 461 802.3 standard, 185 802.11 standard, 185, 187–190 802.11a, 188 802.11b, 187–188 802.11g, 189 802.11n, 189 authentication in, 195–200 control frames, 190 data frames, 190 management frames, 190 WEP encryption process in, 194 wireless networks, 181 802.11i authentication, 197–200 802.11w standard, 461 802.11x standard, 460 802.15 (bluetooth), 190–191 1394 (FireWire), 86 ifconfig command, 483, 545–546, 553–555 output of, 553–554 IGMP. See Internet group manage- ment protocol IGPs. See Interior gateway routing protocols IMAP. See Internet message access protocol InARP. See Inverse ARP Industry standard architecture (ISA), 118 Information age, 12–13 space age to, 8–9 Infrared, 191 communications, 29 Infrastructure network configuration, 190 Initialization vector (IV), 193, 194, 463 Institute of Electrical and Electron- ics Engineers (IEEE), 639 history and fundamentals of, 639–640 Institute of Radio Engineers (IRE), 639, 640 Integrated digital network (IDN), 111 Integrated services digital network (ISDN), 107, 143, 361–362 adapters, 107, 110 advantages, 115 BRI, 362 channels, 112 concept of, 111 devices, 113 history of, 110–112 identifiers, 114–115 interfaces, 112–113 reference points, 113–114 Intelligent hubs, 582 Interface network layer, 258–261 Interior gateway routing protocols (IGPs), 342 International Telecommunications Union (ITU), 111 Internet access methods, 368–374 ADSL, 369 cable modem, 370–371 DSL, 368–369 POTS/PSTN, 371–372 satellite, 373–374 SDSL, 369 WWAN, 372–373 Internet Assigned Numbers Authority (IANA), 322, 395 Internet control message protocol (ICMP), 210 functions of, 532 Internet Corporation for Assigned Names and Numbers (ICANN), 322 Internet engineering task force (IETF), 651, 652–655 Internet group management protocol (IGMP), 330, 331 Internet layer, 263–264 Internet message access protocol (IMAP), 271 Internet Network Information Center. See InterNIC Internet printing protocol (IPP), 268 Internet protocol (IP). See IP Internet protocol security (IPsec), 193, 416 Internet security systems (ISSs), 391 Internet service providers (ISPs), 107 Internetwork, 4–5 InterNIC, 301, 306, 322 Intrusion detection system (IDS), 136, 160, 386–388 definition, 387 in DMZ, 409 limitations of, 390 vs. firewalls, 388 Intrusion protection systems (IPSs), 388 vs. firewalls, 388 Inverse ARP (InARP), 341 IP address, 294–305, 593 host. See Host IDs to MAC address resolution, 340 multicast, 334–335, 600 network. See Network IDs strategies to conserve CIDR, 320–321 private address, 322 VLSMs, 321–322 IP helper address, 329 IP routing, 335–346 determination process, 339 packets travel from network to network, 336–337 physical address resolution, 340–341 routers, 336 static and dynamic, 342–343 table entries, 337–339 utilities, 344–346 IP spoofing, 425–426 blind spoofing attacks, 425 informed attacks, 425 ipconfig command, 483 IPP. See Internet printing protocol IPSec. See Internet protocol security IPSs. See Intrusion protection systems IPv4, 287–289 header, 288 vs. IPv6, 291–293 IPv6, 289–290 address, types, 290 benefits of, 290–291 vs. IPv4, 291–293 ISA. See Industry standard architecture ISDN. See Integrated services digital network ISP-Planet, 392 ISPs. See Internet service providers IV. See Initialization vector J Jamming attacks on wireless networks, 215–216 Index 770 K Kerberos realm, 445–447 components, 445 logon access in, 446 resource access in, 446 Key scheduling algorithm (KSA), 194 Kilobits per second (Kbps), 51 Known-plaintext attack, 196 l LANs. See Local area networks Layer 2 switch, 154 Layer 3 switch. See Multilayer switches Layer 2 tunneling protocol (L2TP), 134, 415–416 LDAP. See Lightweight directory access protocol LDAP data interchange format (LDIF), 451 LEO. See Low earth orbit Light emitting diodes (LEDs), 85, 108 Lightweight directory access protocol (LDAP), 447–448 directories, 449 naming convention, 451 objects, attributes, and schema, 450–452 organizational units, 449–450 securing, 452–454 security realm, 453 with SSL, 452, 453 Line of sight (LOS), concept of, 178–179 Link state advertisements (LSAs), 343 Link state routing protocol, 343 LLC. See Logical link control Load balancer, 141 Local area networks (LANs), 31–34, 46, 100, 141–142, 151 technologies and standards, 69–71 Local connector (LC), 48, 80 Logical link control (LLC), 153 802 standards, 647 layers, 183, 243–244 Logical network diagrams, 487 Logical networking topologies centralized, 15–16 client/server, 18–20 decentralized (distributed), 16 peer-to-peer, 16–18 VLANs, 23–24 VPN, 20–23 Loopback adapter, configuration information for, 554 Looping on bridges and switches, 596–597 LOS. See Line of sight Low earth orbit (LEO), 373 LSAs. See Link state advertisements L2TP. See Layer 2 tunneling protocol M MAC, 153, 262 layer, 183, 185 MAC address, 207–209, 223, 224, 431, 593 changing, 594 hardware, 244, 276 IP address to, 340 of NIC, 244 spoofing, 594 sublayer, 244–245, 262 addressing in data link layer, 244–245, 262 physical address in, 244 Man-in-the-middle (MITM) attacks, 212–215, 427–428, 431 Managed hub. See Intelligent hubs Managed security services providers (MSSPs), 391 Management information base (MIB), 275, 552 Manufacturer code, 593 MAPI. See Messaging application program interface MARK I computer, 7 MAU. See Media attachment unit; Multistation access units MBONE. See Multicast backbone on the Internet McAfee, 391 Mechanical transfer registered jack (MTRJ), 48, 81 Media, 3 Media access control. See MAC Media attachment unit (MAU), 72 Megabits per second (Mbps), 51 Mesh topology, 27 Messaging application program interface (MAPI), 257 Metropolitan area network, 34 MIB. See Management information base Micro channel architecture (MCA), 118 Microprocessors, 182 Microsoft Management Console (MMC), 418 Microsoft model, 253–255 MITM attacks. See Man-in- the- middle attacks MMF. See Multimode fiber Mobile networking, 14 Modems, 32, 107, 240 analog, 108–109 cable, 107, 109, 370–371 DSL, 107, 109 external, 107 internal, 108 speeds, 371–372 MPLS. See Multiprotocol label switching Multicast, 329–331 advantage of, 334 basics of, 330–331 IP address, 600 dynamic, 334–335 static, 335 traffic, 333–334. See also Broadcast traffic Multicast backbone on the Internet (MBONE), 304 Multifactor authentication, 438–439 Multilayer switches, 155–156, 163 Multimode fiber (MMF), 71 Multipath interference, 180 Multiple input/multiple output (MIMO) device, 189 Multiplexing, 117 Multiport bridging, 154 Multiport repeater. See Active hubs Multiprotocol label switching (MPLS), 499 FDDI, 365, 366 Multistation access units (MAU), 105 features of, 105 Mutual authentication, 199, 457–458 N NACK. See Negative acknowledgment NAS. See Network attached storage Index 771 NAT. See Network address translation NBMA networks. See Non- broadcast-based multiple access networks nbtstat command, 541–544 switches of, 543–544 NDIS. See Network driver interface specification Ndis.sys, 256 Negative acknowledgment (NACK), 199 NetBIOS, 333, 347 API, 257 utilizing nbtstat command to display, 543, 544 NetBIOS over TCP (NetBT), 265–266 datagram service, 266 name service, 266 session service, 266 netstat command, 538–541 command-line switches of, 538 NetStumbler, 201, 206 using, 202–204, 212 Network access problem, identifying client’s remote, 619 Network access security, 468–469 AAA, 431–432 authentication. See Authentication Network address translation (NAT), 291, 345–346, 601 Network analyzer. See Protocol analyzer Network attached storage (NAS), 138–139 Network basic input/output system (NetBIOS), 417 Network devices, 99 bridges, 104–105 historical, 100 hubs, 101–103 modern, 122 OSI model and, 100 repeaters, 103–104 routers, 122–125 security integration, 125–136 Network diagrams logical, 487 physical, 485–487 Network documentation, 561, 565 Network driver interface specification (NDIS) boundary layer, 255 Network fundamentals history on networking and communications, 5–14 logical networking topologies, 14–24 network types, 31–35 physical network models, 24–30 Network hijacking and modification, 213–214 protecting, 215 Network IDs, 299–305 class A, 303 class B, 303–304 class C, 304 class D, 304 class E, 305 rules for, 302 Network intrusion detection system (NIDS) network design with, 389–392 vs. NIPS, 388–389 Network intrusion protection system (NIPS) network design with, 389–392 vs. NIDS, 388–389 Network layer, 245–248 interface, 258–261 troubleshooting, 598–603, 623 Network layer firewalls. See Packet-filtering firewall Network management, 477, 506 baselines, 488–489 configuration management (CM), 478–493, 506–507 change control documentation, 483–484 documentation types, 479–481 documenting configurations, 481–483 load balancing, 501 network monitoring, 493–504, 507–508 notification documentation, 496–497 password lists, 495–496 policies, procedures, and configurations, 489–490 regulations, 490–492 wiring schematics, 484 Network media, 582 problems with, 587–588 Network model, 3 DoD, 257–265 OSI, 237–257 Network monitoring, 59, 493–504, 507–508 network performance optimization, 497 Network news transfer protocol (NNTP), 272 application layer, 617 Network operating systems (NOS), 3 Network performance optimization, 497 Network ports, 417–422, 468 scanning for vulnerabilities, 419–422 Network protocols, 417–422 Network segmentation, 105 Network threats, 423–424, 468 ARP poisoning, 431 spoofing, 426–427 DNS poisoning, 430–431 domain name kiting, 429–430 domain name tasting, 430 DoS attacks. See Denial of service attacks IP spoofing, 425–426 man-in-the-middle attacks, 427–428, 431 null sessions, 424–425 replay attacks, 428–429 TCP/IP hijacking, 424 Network time protocol (NTP), 274 Network transport protocols, 256 Network troubleshooting tools cable testers, 559 Ethernet crossover cable, 558–559 Linux tools, 563–564 dig command, 555–556 ifconfig command, 553–555 traceroute command, 557 netware tools, 557–558, 564 oscilloscope, 559 OSI model, 525–529 data link layer, 527 network layer, 528 physical layer, 526–527 transport layer, 528–529 Index 772 tone generator, 559 windows tools, 563 arp command, 536–538 ipconfig command, 545–546 nbtstat command, 541–544 netstat command, 538–541 nslookup command, 546–549 pathping command, 533–536 ping command, 530–531 route command, 549–551 SNMP, 551–552 tracert command, 531–533 Network voice protocol (NVP), 140 Networking interface cards (NICs), 57, 106, 117, 154, 244, 262, 431, 489, 582, 584–585 buffers, 584 driver issues, 585 installing, 118–120 types and operation, 120 updating drivers of, 585–586 wireless, 649 Networking protocols, 278–279 advantages of, 576–577 DHCP, 269–270 DNS, 12, 273–274 FTP, 272–273 HTTP, 271–272 IMAP, 271 IPP, 268 NetBT, 265–266 NNTP, 272 NTP, 274 POP, 270–271 RIP, 274 SMB, 267–268 SMTP, 270 SNMP, 274–275 Telnet, 269 WINS, 266–267 WinSock, 268–269 Networking topologies, logical, 14–24 centralized, 15–16 client/server, 18–20 decentralized (distributed), 16 peer-to-peer, 16–18 VLANs, 23–24 VPN, 20–23 Newsreader, 617 NICs. See Networking interface cards NIDS. See Network intrusion detection system NIPS. See Network intrusion protection system Nmap, 418, 419 NNTP. See Network news transfer protocol Non-broadcast-based multiple access (NBMA) networks, 341 Nonfacility associated signaling (NFAS), 113 NOS. See Network operating systems Notification documentation, 496–497 nslookup command, 546–549 command line switches of, 556 NTP. See Network time protocol Null modem cable, 558 Null sessions, 424–425 NVP. See Network voice protocol o OFDM. See Orthogonal frequency division multiplexing Onboard transceiver, 121 One-factor authentication, 434–436 Open authentication, 195 Open shortest path first (OSPF) routing protocol, 123, 331, 342, 343 Open systems interconnection (OSI) model, 100, 152, 183, 237–257, 276–277, 287, 393, 398, 399 and 802 IEEE standards, 641–642 advantages of, 576–577 application layer, 252–253 component layers applications and user mode services, 257 file system drivers, 256–257 NDIS wrapper, 256 data link layer of, 242–243 LLC sublayer, 243–244 MAC sublayer, 244–245 switches and bridges in, 527, 594 troubleshooting, 591–598, 623 encapsulation of data, 253 function of boundary layers, 255 API, 256 NDIS, 255 TDI, 256 Microsoft model, 253 network layer, 245–248 troubleshooting, 598–603, 623 physical layer of, 239–240 troubleshooting, 581–590 presentation layer, 251–252 troubleshooting, 612–614, 624 reviewing, 577–578 and switches, 152–153 transport layer, 248–249 as troubleshooting tool, 563 use of, in troubleshooting, 575–581, 622–623 establishing, 578–581 OpenLDAP, 448 Operating systems, 9–11 UNIX, 10 Optic cable fiber, 48, 64, 84–85 MMF, 85 SMF, 84–85 Optical carrier levels, 368 ORiNOCO card, 202 Orthogonal frequency division multiplexing (OFDM), 188 Oscilloscope, 59 as troubleshooting tool, 559 OSI model. See Open systems interconnection model p Pack analyzer. See Protocol analyzer Packet-filtering firewall, 393, 394–399 “allow by default” policy, 395 benefits of, 398 “deny by default” policy, 395 drawbacks of, 398 operation of, 398–399 Packet INternet Groper. See Ping command Packet level firewall, 128 Packet sequencing, 456 Packet sniffing, 453, 457, 493 Packet switching, 600 networks, 9 WAN operating with, 358–360, 363 Packet-switching exchange (PSE), 366 PAE. See Port access entity Index 773 PAN. See Personal area network PAP. See Password authentication protocol Passenger protocol, 21 Passive attacks, 200–206 Passive hubs, 102, 582 troubleshooting, 590 Password authentication protocol (PAP), 454 Password policies, 435 P A T. See Port address translation Patch panels, 68 66 block type, 68 110 block type, 69 pathping command, 533–536 PDUs. See Protocol data units Peer-to-peer network model, 16–18 Pentium 32-bit processor, 10 Per-packet authentication, 199–200 Peripheral component interconnect (PCI), 118 Personal area network (PAN), 35 Personal digital assistants (PDAs), 481 Personal identification number (PIN), 494 Physical address. See MAC address Physical layers functions of, 526 hubs and repeaters operated at, 239–240 NIC functioning at, 582 of OSI model, 239–240 troubleshooting, 583–585, 623 devices of, 588–590 NIC driver issues, 584–585 role of NIC, 584–585 Physical media, 49–58 bandwidth capacity of, 51 installing, 55–56 length of, 52–53 standards for, 71 Physical network diagrams, 485–487 Physical network models, 24–30 bus topology, 25–26 hybrid topology, 29 mesh topology, 27 point-to-multipoint topology, 27–28 point-to-point topology, 27–28 rings topology, 27–28 star topology, 26–27 wireless topology, 29–30 ping command switches of, 530–531 utilizing hostname with, 530 Ping flood, 207, 210 ping localhost command, 344 Plain old telephone service (POTS). See Public switched telephone network (PSTN) Point-to-multipoint topology, 27–28 Point-to-point protocol (PPP), 413, 454 Point-to-point topology, 27–28 Point-to-point tunneling protocol (PPTP), 134, 413–415 POP. See Post office protocol Port access entity (PAE), 197, 459 authenticator, 197 supplicant, 197 Port address translation (PAT), 291, 346 Port authentication, 160–161, 164 Port mirroring, 160 Ports, 395, 396 logical, 396 of Trojan Horses, 397 Post office protocol (POP), 270–271 Power over Ethernet (PoE), 157–158 PPP. See Point-to-point protocol PPTP. See Point-to-point tunneling protocol Presentation layer function of, 613 of OSI model, 251–252 problems finding in, 614 troubleshooting, 612–614, 624 PRI. See Primary rate interface Primary rate interface (PRI), 112 WAN, 362–363 Private branch exchange (PBX), 68, 114 Private network address, 322–329 benefits of, 324–325 class A, 323, 324 class B, 323, 324 class C, 323, 324 considerations, 324–329 DHCP operations, 326–329 relay agents, 328–329 static and dynamic assignments, 325–326 Private virtual dial-up network (PVDN), 135 PRNG. See Pseudorandom number generator Promiscuous mode, 205 Protected EAP (PEAP), advantages of, 464–466 Protected management frames, 461 Protocol analyzer, 59, 404–405 Protocol data units (PDUs), 243 Protocols, 3 Proxy ARP, 341 Proxy server, 132, 394 PSE. See Packet-switching exchange Pseudorandom number generator (PRNG), 194 Public switched telephone network (PSTN), 108, 371 q QPSK. See Quadrature phase shift keying Quadrature phase shift keying (QPSK), 188 Quality of service (QoS) protocols, 498–499 r Radio frequency interference (RFI), 47, 89 Radio frequency (RF) behaviors absorption and scattering, 177–178 gain and loss, 176 reflection and refraction, 176–177 communications, 180–181 RADIUS, 198 authentication process, 442 distributed, 441 implementation, 442–443 Juniper Networks Steel-Belted, 443 proxy, 442 server, 198 vs. TACACS+, 457 vulnerabilities, 444 RAID. See Redundant array of independent disks Index 774 RARP. See Reverse address resolution protocol RC4 encryption algorithm, 193, 223, 463 Redundant array of independent disks (RAID), 482 Redundant network, 504 Registered jack (RJ), 48 Remote access policies, 440–441 Remote access service (RAS) servers, 133 Remote access VPN, 135 Remote authentication dial-in user service. See RADIUS Repeaters, 53, 103–104, 143 Replay attacks, 428–429, 447, 456 Request for comments (RFC), 651 Resource reservation protocol (RSVP), 499 Reverse address resolution protocol (RARP), 340, 600 RFC. See Request for comments RFC 1918, 322–329 RG connectors, 79 Rings topology, 27–28 RIP. See Routing information protocol RITs. See Routing information tables RJ connectors, 76–77 RJ-11, 76–77 RJ-45, 77, 101, 485 RJ-48 and RJ-25, 77 Rogue APs, 208, 212, 213 route command, 549–551 configuration information for, 549–550 switches of, 551 Routers, 122, 144 static and dynamic, 123–125 switching, 125 Routing, 247 Routing and remote access service (RRAS), 106, 339 Routing information protocol (RIP), 124, 274, 342, 343 Routing information tables (RITs), 339 Routing loop, 602 Roving analysis port (RAP), 160 RRAS. See Routing and remote access service Rule of thumb, 580 S Sarbanes-Oxley Act of 2002, 492 Satellite, 33, 373–374 LEO, 373 Screened host firewall, 127 SDSL. See Symmetric digital subscriber line Secure sockets layer (SSL) LDAP with, 452, 453 protocol, 186 Security zones, 405–406, 469–470 DMZs, 406–413 VPN, 413–416 Server message block (SMB), 267–268 Service access point identifier (SAPI), 114 Service profile identifier (SPID), 114 Service set identifier (SSID), 190, 203, 204 Session hijacking. See Transmission control protocol/Internet protocol Session layer of OSI model, 250–251 troubleshooting, 609–610, 624 Shared-key authentications, 195–196 Shielded twisted-pair (STP), 48, 83, 92 Signal attenuation, 242 Signal degradation. See Signal attenuation Signal quality error (SQE), 87 Signature, 389 definition of, 390 Simple mail transfer protocol (SMTP) application layer, 616 Simple network management protocol (SNMP), 274–275 application layer, 615 GET message, 552 installing and configuring, 552–553 SET message, 552 as windows tool, 551–552 Simplex, 63, 90 Single-mode fiber (SMF), 71 Single sign-on (SSO), 439 Site survey, 221 Site-to-site VPNs, 133–134 Smart hubs. See Intelligent hubs Smart jack, 69 SMB. See Server message block SMF. See Single-mode fiber SMTP. See Simple mail transfer protocol SNA. See Systems network architecture Sniffing, 204–206, 221 protecting, 206 Software, security devices, 386–405, 467–468 SolarWinds IP network browser, 525 SONET. See Synchronous optical network Sourcefire, 391 Space age to information age, 8–9 Spanning tree protocol (STP), 158–159, 164 Spoke topology. See Point-to- multipoint topology Spoofing, 207–209, 447. See also IP spoofing ARP, 214, 426–427 protecting, 209 Spread spectrum technology, 181–183 Sputnik, 8 SSID. See Service set identifier SSL. See Secure sockets layer Standard connector (SC), 48, 79 Star topology, benefit of, 26–27 Stateful inspection firewall, 393 Static routing, 123–125 Storage area networks (SAN), 35, 122 STP. See Shielded twisted-pair; Spanning tree protocol Straight tip (ST) connector, 48, 80 Stream cipher, 193 Subnet masking, 308–320 creating, 312, 316, 318 custom, 311–312 default, 310–311 defining, 316–317 using host ID bits, 306 Subnets, 294, 305–307 class A, 318–319 class B, 319–320 class C, 320 defining, 316–317 Supernetting, 308, 311 Switched port analyzer (SPAN), 160 Index 775 Switches, 151 basic, 154–155, 162 content, 156–157, 163 in data link layer, 249 features, 157–161, 163–164 multilayer, 155–156, 163 multiport bridging, 154 in network layer, 249 network performance improvement with, 154–155 OSI model and, 152–153 in transport layer, 249 Switching hubs, 101, 103 Switching routers, 125, 249 Symmetric digital subscriber line (SDSL), 369 Synchronous optical network (SONET) FDDI, 367–368 Systems network architecture (SNA) gateway, 612 protocol, 136 T T-carrier line, 116, 143 TACACS, 455 TACACS+, 455–456 vs. RADIUS, 457 vulnerabilities in, 456–457 TAPI. See Telephony application program interface TCP. See Transmission control protocol TCP/IP. See Transmission control protocol/Internet protocol TDI. See Transport driver interface Telecommunications, history on, 6 Telecommunications Industry Association (TIA), 140 Telephony application program interface (TAPI), 257 Telnet, 269 application layer, 616 to troubleshoot FTP, 620–621 Temporal key integrity protocol (TKIP), 193 Terminal endpoint identifier (TEI), 114 Thinnet. See 10Base2 Three-factor authentication. See Multifactor authentication Three-way handshake, 428, 454 Ticket granting ticket (TGT), 446 Time division multiplexing (TDM), 117 Time domain reflectometer (TDR), 58, 89 TippingPoint, 391 TKIP. See Temporal key integrity protocol TLS. See Transport layer security Token Ring network, 105, 106, 591, 649 Token signal, 28 Token technology, 437 Tone generator, 58, 89 as troubleshooting tool, 559 Topology, 3 traceroute command, 557 tracert command, 531–533 Traffic shaping, 500–501 Transceivers, 86–87, 121 Translation bridge in data link layer, 594 Transmission control protocol (TCP) three-way handshake, 607 in transport layer, 605–606 Transmission control protocol/ Internet protocol (TCP/IP), 9, 122, 156, 264, 285, 428, 652 handshake, 428 hijacking, 424 stack, 287, 337 Transport driver interface (TDI), 255 boundary layer, 256 Transport layer of OSI model, 248–249 troubleshooting, 603–609, 624 TCP for, 605–606 UDP for, 606–608 Transport layer security (TLS), 452, 458, 464, 465 protocol, 186 Trap message, 552 Trojan Horse, 394 ports of, 397 Troubleshooting, 56–57 cable testers and, 58–62, 89–90 FTP, using Telnet, 620–621 methodology, 520–525, 563 analyzing and responding to problem, 522–523 for connectivity issue of computers, 523–524 gathering information about problem, 520–521 Trunk cable, 25 Trunking, 159–160 Tunneling, VPN, 21 Twisted-pair cable, 47 categories, 82 color codes, 65 Two-factor authentication, 437–438 Two-way handshake, 454 u UDP. See User datagram protocol Unauthorized attacks, 208–209 protecting, 209 Unicast traffic, 332 Uniform resource locators (URLs), 156 UNIVersal automatic computer (UNIVAC), 7–8 UNIX, operating systems, 9–11 Unshielded twisted-pair (UTP), 48, 92, 101, 484 categories, 81–83 URLs. See Uniform resource locators User datagram protocol (UDP), 264, 415, 416 in transport layer, 606–607 UTP. See Unshielded twisted-pair v Vampire tap, 54 Variable-length subnet masks (VLSMs), 311–312, 321–322 determining IP address for each new subnet, 314–315 new subnetted network IDs, 314 number of host bits, 312–313 subnet mask, 316 VCD. See Virtual collision detection Virtual collision detection (VCD), 185 Virtual local area networks (VLANs), 23–24, 159, 163, 385 configuring, 24 Virtual private networks (VPNs), 20–23, 129, 133, 145, 192, 413–416, 440, 441 remote access, 22–23 site-to-site, 21–22 [...]... protocol (WAP), 179, 186 architecture programming model, 186 Wireless devices, 185, 186 methods of synchronizing DSSS, 182–183 FHSS, 181–182 Wireless DMZs (WDMZ), 224 Wireless encryption protocol (WEP), 461, 463 Wireless hub, 172 Wireless local area networks (WLANs), 173, 179, 185, 192, 221, 222, 224 Wireless media, 86 Wireless networks, 138, 145, 649 adapter, 179, 200, 202 antenna concepts, 178– 179 architecture,... productivity, 175 protocols and operation, 185–200 radio frequency behaviors, 175–178 security, 216–220 in Windows Vista Business, 219–220 in Windows XP Professional, 216–219 wireless communication in, 179 185 radio frequency, 180–181 spectrum, 181–182 Wireless telephony application (WTA), 186 Wireless topology, 29–30 Wireless transport layer security (WTLS), 186–187 protocol, 186 Wiring schematics, 484 . 506–507 change control documentation, 483–484 documentation types, 479 481 documenting configurations, 481–483 load balancing, 501 network monitoring, 493–504, 507–508 notification documentation, 496–497 password. 76 DIX, 77 fiber, 79 81 fundamentals of, 48–49 local connectors (LC), 80 RG and F-type, 79 RJ connectors, 76–77, 485 standard connector (SC), 48, 79 twisted-pair and coaxial cable, 76 79 Consultative. local area networks (WLANs), 173, 179, 185, 192, 221, 222, 224 Wireless media, 86 Wireless networks, 138, 145, 649 adapter, 179, 200, 202 antenna concepts, 178– 179 architecture, 183–184 attacks