Install and Configure Windows 2003 DNS   March 26th, 2010

Domain Name System (DNS) is one of the most important technologies that a windows domain network is built on. A properly configured DNS infrastructure can allow a user to perform all daily tasks completely independent of the size and nature of the network, and allow an admin to concentrate on more important matters other than the numerous help desk calls that will appear as soon as www.hotmail.com becomes an unknown host.

The subject of DNS is vast, there are so many different configurations, techniques and possible domain structures that there is no one definitive method that would fit all. In my opinion, the 2 things to remember when configuring DNS are: redundancy and hierarchy. It is a good idea to draw your network and plan for where there will be heavy network use especially if you have many remote sites, a separate DNS server at each site is preferable but not always cost efficient, to keep things simple an “Active Directory Integrated” DNS zone on every Domain Controller is the easiest way implement DNS.

I will cover 3 different DNS configurations:

1 – The efficient and secure “Active Directory Integrated” DNS

2 – The standalone Primary DNS Infrastructure and

3 – The network efficient Caching-Only DNS Infrastructure

i will also give an explanation of other useful DNS Information

The Active Directory Integrated Zone Read the rest of this entry »

Tags: , ,
Posted in MCSE, Networking | No Comments »

Install and Configure Windows 2003 DHCP   March 26th, 2010

The following tutorials run consecutively:

Install DHCP Components

Open the Windows Components section of Add/Remove programs: Read the rest of this entry »

Tags: , ,
Posted in MCSE, Networking | 1 Comment »

Install and Configure Windows 2003 Active Directory   March 26th, 2010

Active Directory Requirements:

  • An NTFS partition with approximately 2Gb free Space
  • An Administrator’s username and password and separate Directory Services Restore Mode Password.
  • Properly configured TCP/IP network connection, with IP Address , Subnet mask and Default Gateway.
  • An operational DNS server (which can be installed on the DC itself)
  • A Domain name

Installing Active Directory on the first Domain Controller:

Start the install from the “Configure Your Server” wizard or by typing DCPromo from the Run prompt: Read the rest of this entry »

Tags:
Posted in MCSE, Networking | 4 Comments »

Install and Configure Windows 2003 Remote Installation Services (RIS)   March 26th, 2010

RIS is Microsoft’s version of 3rd party imaging software such as Symantec’s Ghost. RIS uses various technologies, such as PXE and DHCP to install clean installations, (not upgrade), of several operation systems. The PXE protocol is a combination of DHCP and TFTP, where DHCP is used to locate a boot server or servers, with TFTP used to download the initial bootstrap program and additional files. The bootstrap program can then begin the OS installation.

The process of installing and configuring RIS is described below:

Step 1 – Install the Remote Installation Service Read the rest of this entry »

Tags: , , ,
Posted in MCSE, Networking, Uncategorized | No Comments »

Enable automatic defence aganist SSH attacks on FreeBSD using PF   March 9th, 2010

For a long time I use to see reports of brute force SSH attacks aganist my FreeBSD machines in mailbox every morning. Finnaly I got fed up not that they were even getting close to getting in but just tired of getting these huge reports. So I decided it was time to do something about it. First let me say I run PF (BSD Packet Filter) on all my FreeBSD machines. Its quite easy to setup so I will start there.

  1. Rebuild your kernel to enable ALTQ being able to trottle bandwidth is pretty cool (optional)
    1. Create a folder in /root called /kernels

      [root@test] [/usr/src/sys/i386/conf]# mkdir /root/kernels
    2. Make a copy of the GENERIC kernerl profile and place it in the /root/kernels directory. Keep in mind that if your running say an AMD64 this directory will be slightly different. 
      [root@test] [/usr/src/sys/i386/conf]# cp GENERIC /root/kernels/
    3. Rename the file to something else like GENERIC-PF

      [root@test] [/usr/src/sys/i386/conf]# mv /root/kernels/GENERIC /root/kernles/GENERIC-PF
    4. Link the new kernel file to directory where your kernel configuration files exist. 
      [root@test] [/usr/src/sys/i386/conf]# ln -s /root/kernels/GENERIC-PF
    5. Open the file in your favorite editor (vi for me) 
      [root@test] [/usr/src/sys/i386/conf]# vi GENERIC-PF

      You may want to change the ident so that it reflects the changes you make to the kernel as well.

      ident         GENERIC-PF

      and add the following lines below the last line that starts with option and above the first line that beings with device.

      options         ALTQ
options         ALTQ_CBQ        # Class Bases Queuing (CBQ)
options         ALTQ_RED        # Random Early Detection (RED)
options         ALTQ_RIO        # RED In/Out
options         ALTQ_HFSC       # Hierarchical Packet Scheduler (HFSC)
options         ALTQ_PRIQ       # Priority Queuing (PRIQ)
options         ALTQ_NOPCC      # Required for SMP build
    6. Rebuild your kernel
      [root@test] [/usr/src/sys/i386/conf]# cd ../../../ Read the rest of this entry »

Tags: , , ,
Posted in feebsd, linux, Networking | 7 Comments »
« Older Entries