Internet Technologies, Communication Protocols, Network Security, And Essay.

TCP/IP Protocol

1.1 Critically evaluate different internet technologies and communication protocols
                
1.2 Critically compare different internet services and internetworking servers
                
1.3 Discuss network management concerns and make recommendations to sustain network security, reliability and performance
                
2.1 Critically analyse different internet server technologies and their performance
                
2.2 Explain the hardware and software components of an internet server
                
3.1 Produce a system specification to meet a given requirement
                
3.2 Evaluate the suitability of internet server components
                
3.3 Build and configure an internet server including services to meet a given requirement
                
3.4 Critically review and test an internet server
            
4.1 Install and manage websites and services to meet a given requirement
                
4.2 Implement secure network access to meet a given requirement
                
4.3 Monitor and troubleshoot an internet server and services
                
4.4 Critically evaluate the performance of an internet server
 

Internet technologies and related communication protocols. Also, compare different Internet services and internetworking servers as well as their related security

TCP/IP   is a also called stream protocol, connection which is created between the server and client. Any of the data transfer between the two points which will guarantee to land, thus is the so-called protocol which is lossless. Since TCP protocol is known as short form, which is connected in the two of the endpoints, it is known as peer-to-peer of the protocol.

Domain Name System (DNS) is the hierarchical and the distributed system for the computers, any resource which will be connected to Internet or to the private network.  Numerical of the IP addresses will be needed for purpose of the services which are computer and devices are worldwide

Dynamic Host Configuration Protocol (DHCP) is the standardized protocol of the network which will be used on the networks of Internet Protocol (IP) for dynamically which will be distributing the configuration of network parameters. (Vangie, 2013)

The Simple Network Management Protocol (SNMP) is used to manage the protocol of Internet-standard for managing the devices on IP networks. Devices which are naturally support SNMP for example routers,

The Routing and Remote Access Service (RRAS) is the Microsoft API and used for software of server for access of routing and remote able to give service of the capabilities of operating system, which will function as the network router.

Telnet is used for the network protocol on the networks of local area, this give the bidirectional interactive of the text-oriented announcement facility using the connection of virtual terminal.

Internet Corporation for the Assigned Names and Numbers (ICANN)   which is responsible for coordination of the methodology and maintenance of several databases for the unique identifiers which are related to namespaces of Internet.

A supernetwork, or supernet, is Internet Protocol which is created on combination of the two or more networks with the common Classless Routing of Inter-Domain. The process which is involved in forming a supernet is also supernetting,

Domain Name System (DNS)

Electronic mail, is the technique of exchanging the messages which are digital from an person to one or more person Electronic commerce, in another also called  E-commerce or ecommerce, mean to sell  products or services from the  computer networks, such as the Internet

Instant messaging (IM) is the kind of the online chat which offers instantly text the transmission over the Internet, where a message works in the similar way over the local area network.

Certificate servers have keys which contain encryption algorithms that help us to secure communication for the user.

The World Wide Web (WWW, W3) - It has as well usually become recognized simply as Web. Individual manuscript pages on internet which are known as web pages and will be accessed with application of software running on user's computer, commonly known as web browser.

File Transfer Protocol (FTP) is used for transferring the file from one host to another.

Database server is the computer program which will gives database services on other computer Database management systems regularly give database server the functionality, and some of the DBMS reply completely on client–server model for the database access.

Microsoft Commerce Server is the product of Microsoft for construction of e-commerce systems   Microsoft .NET technology. This is the list of the mail servers: agents of mail transfer, agents of mail delivery, and some other computer software which give e-mail inside Internet message handling services (MHS).

In the networks computer, the proxy server is server which will acts as the intermediary for the requests from seeking the clients resources from other servers.

A directory service is the system which will stores and will organizes, and which gives access to data on the directory of the computer operating systems. In the software engineering, the directory is the map between values and names.

Ethernet hub, active hub, network hub, repeater hub, multiport repeater or hub are device for the connecting multiple devices of Ethernet which will bring together which will act as the segment single network. It consist of the multiple ports of input/output (I/O), in with the signal taken  at input of any port which will appears at output of every port apart from the original incoming.

A network switch  is a computer networking device that connects devices together on a computer network, by  getting the packet switching to receive, process and forward data to the destination device..^[2

Routing is the process to use to get paths in the network then .afterward function described as simply forwarding. Routing is performed for many kinds of networks, which include the telephone network (circuit switching), electronic data networks 

Network security consists of provisions and policies taken by a network administrator to stop and unauthorized access, to the, network- resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator.

 Firewall is used in system of network security which controls the network of outgoing and incoming traffic based on the set of applied rule. Firewalls will exist both as the software solution and as the hardware appliance.

SI and TCP/IP Reference Models

The architecture of TCP/IP is the functionally which is equivalent to OSI reference model.

Both models which will contain the transport, application, and the network/Internet layer for systems

The model of TCP/IP does consist of the session layer or the presentation layer.

Models consist of the layer which is lower that always connects with  upper layers to network of actual physical. OSI reference model, the layer which is lower is known as the physical layer. TCP/IP , the layer which is lower was known as layer of host-to-network.

Dynamic Host Configuration Protocol (DHCP)

Sub layer is known as medium access control (MAC) sub layer along with the Layer 1 to give connectivity over wireless link. Virtually all features of wireless equipment which will appraise operate at physical, data link, and layers of network of OSI and TCP/IP reference models.

 Peer Protocols

Protocols of Peer run across on Internet which give communication only between processes of same-layer. One example of communication process of same-layer is the Hypertext Transfer Protocol (HTTP).  HTTP browser obtains the information from the peer web server which will run on application layer on another network.

Application Layer Protocols and Functions

The layer of application is where end user programs will run like, Telnet, Simple Mail Transfer Protocol (SMTP), File Transfer Protocol (FTP), and HTTP live examples of protocols of application layer. Wireless equipment will works on same network software of management which will operates at application layer level.

Transport Layer Protocols and Functions

The transport layer's  job is to provide the reliable interactions from application to applications despite of lower-layer communications link and protocols. The transport layer will send data from application layer and will pass it  to  network layer. Distinctive transport layer protocols are the TCP and the User Datagram Protocol (UDP).

Network Layer Protocols and Functions

Network layer protocol is IP which utilizes routing protocols such the Routing Information Protocol (RIP) and the Border Gateway Protocol (BGP).

Data Link Layer Protocols and Functions

The data link layer has a logical link control (LLC) sub layer and MAC sub layer. The layer of data link will work and will performs a variety of range functions, which will include segmenting bit stream into the frames, handling of error, control of flow, and the access control.

Physical Layer Protocols and Functions

Physical layer of transports store the data from the data link layer and send wirelessly to distant network. (Charles, 2005)

internet server is a  processes to  requests using  HTTP,which is used to send  information on  World Wide Web. ^[1]

The server components  are in IIS 7 are the  blocks  which  request  the processing combine the application pools, different  modules, handler mappings, and ISAPI filters.

This section includes:

Application Pools

Modules

Handler Mappings

ISAPI Filters

Application Pools

An application pool are used to groups applications together separating them from applications in other application pools for the another process boundaries

In IIS 7, application pools on two modes which are: Classic mode and integrated mode. The pool of application mode will affects Web server processes of requests  which comes  from managed code  However, another if  managed application runs is running on the  application pool with  like  ISAPI mode, then  requests of Web server  route for managed the code to the Aspnet_isapi.dll,

Web server, is the important part for the webapplicaiton we need to  configuration  settings to problem in the server contact  we need to follow certain  precautions in order to secure server .

The categories behind rationale are as follows:

Updates and Patches

Threats to security are created by the vulnerabilities which  are extensively published and will be well know to everybody  when the new vulnerability will be discovered, code are the exploit and it will be posted on  boards of Internet bulletin.

Simple Network Management Protocol (SNMP)

Services

The services are major vulnerability points of the attackers who will take capabilities and privileges of the service to right to use local Web server or other servers of downstream.

Protocols

Please avoid this protocols that are inherently which is insecure, take suitable measures to give secure communication and authentication.

Directories and Files

Secure all directories and files with restricted permissions of NTFS that only permit access to important user accounts and Windows services. Use auditing of Windows to permit you to notice when unauthorized or suspicious activity the occurs.

Ports

The services which run on server for specific ports so they provide respond to all the incoming requests. With all the ports on your server which will ensure that an insecure and inactive service is not working.

Auditing and Logging

Auditing is a tools for which identifying intruders attacks in progress, and evidence of attacks that have occurred.

Virtual and Sites Directories

Virtual and Sites directories are straight exposed to Internet. Even though the configuration of secure firewall and defensive ISAPI filters the defence in the depth strategy which is recommended.

Script Mappings

Remove all the script mappings from the server that include all the unnecessary files

ISAPI Filters

remove all the ISAPi filter this harm the security setting of the server.

IIS Metabase

IIS metabase used to maintain the IIS configuration  

Machine.config

File of Machine.config save all the configuration settings of machine-level used in the application of .NET Framework as well asp.net security

Implement the following Installation technologies

Website and active directory

Open IIS Manager. For information about opening

Open Connections pane, -click Sites node , and then click Add Web Site.

Add the Web Site  name for the Web site in Web site name 

In Physical path box, type physical path of folder of Web site's and then browse button (...) to navigate file system

Default  IP address box is set to All Unassigned.  

Virtual directory:

Open the Internet Information Services (IIS) Manager:

If Windows Server 2012 or Windows Server 2012 R2 will be used then:

Click the Server Manager, then the Tools, and Internet Information Services (IIS) Manager.

On taskbar, click Start, point Administrative Tools, and then on Internet Information Services (IIS) Manager.

In  Actions pane, just use View Virtual Directories, and then Add Virtual Directory...

Create Ftp: click the IIS Manager   then click on the Sites node in tree.

set  a folder at "%SystemDrive%inetpubftproot"

give the  permissions to allow anonymous access:

Ans 4 . Configure your Web Server including the following technologies/services

IIS  itself provides an FTP service, which allow users  to work as remote computer systems used to copy files to and  from the server in network

In IIS 6.0, FTP service will allow to isolate the users at site level, the feature called as FTP user isolation, which will help administrators commercialize and secure their Internet sites. Because of easy availability and broad adoption of the FTP

SMTP:

The SMTP service in IIS processes for sending  messages using  SMTP , which used  a TCP/IP protocol it help to send and receive messages from one computer another computer  network.

Routing and Remote Access Service (RRAS)

Ans 5. Manage World Wide Web server security. Web servers have different security considerations from those of standard Microsoft Windows servers. You have two levels of security:

Windows security: At level of operating system, we will create the user accounts, and configure admission permissions for the directories and files, and set the policies.

IIS security At level of the Internet Information Services (IIS), you will set permissions of content, controls of authentication, and privileges of operator.

Before setting permissions of IIS security, you will use security settings of operating system to do following tasks:

Manage and Create accounts for groups and users

Configure permissions of access for folders and files

create  User and Group Accounts

IIS User and Group Essentials

Group and User accounts will be set on local computer level or on the domain level. As the Local accounts which will precise to the individual computer, you will specifically or grant the permissions.

Local accounts use  IIS servers which are not   part of the  domain or you will want to limit the access to the specific computer. Use domain accounts when servers are part of the Windows domain and users wants to be able to admission resources throughout domain.

Local System  all IIS and Indexing Service users log on using the local system account.

Logon Accounts of Indexing Service and Managing IIS

Indexing Service and IIS are used by account of local system to log on to server. Using account of local system which will allow services to run the system processes and it will perform the system-level tasks.

Figure 5-1: Use the Log On tab to configure the service logon account.

Generally user account is by default is local user account

Managing the Internet Guest Account

 the user account to use for anonymous access. Normally, anonymous access is  at the site level, and all files and directories within site use this settings. You can change this behaviour for individual files and directories as necessary.

user account is managed. Either you manage the password of IIS manages In the Internet Information Services -click the icon of the computer you want to work with, and then select Properties. This show a Properties dialog box.

The Username field specifies the account used  anonymous access to the resource.  you want to use  Windows security level you perform all other account management tasks, including :Enabling or disabling accounts Unlocking the account after it has been locked out.

Managing the Web Application Account

At the IIS security level, we use  Component Services snap-in to specify the account used by out-of-process applications .use  MMC in the Open field  This opens the Microsoft Management Console (MMC)

Click on Component Services, and then on Add.

Close Add Standalone Snap-In dialog box by just clicking Close, and then OK.

Expand node for computer and then expand COM+ Applications node.

Right-click on IIS Out-Of-Process Pooled Applications, select the Properties, and then on the Identity tab. (Kale, 1991)

In Password and Confirm Password fields, type password for account..

To maintain and manage the health of a Web server.

When you will ensure the server's health, you will perform numerous functions either independently or all once. You will also decide whether to notify the problems, or to contain the problems which are automatically corrected. Server health checks will be performed for the entire virtual server at one time. You will be the administrator of virtual server, or have

Manage Server Health will always  right to run the server health check.

Verify continuation of Web sites. This will check and verifies whether subwebs on the root webwhich will exist in file structure. It will looks through file of services.cnf in root web which will find the subwebs should survive, and then verify the file system which will see if they do. If the directory or subweb does not survive, and this will identify that will fix the problem, the file of services.cnf will be updated to reproduce fact that subweb does not survive or that folder is not the subweb. This process will be repeated for each subweb of root web.

Check roles of the configuration.

Check that user setting of role will be enforced. This will check detects and repairs probable problems with the roles, including following: the user record has invalid format, Reapply the file system security.

This option looks at the user and roles permissions you have created for your Web site, and then applies those settings to the file system. Tighten security.

This will check guarantee that all necessary Web site directories and files will be present, and that users with proper permissions have access to them

Check access of anonymous.

This help to  Check Server Health

you use the check operation.

owsadm.exe –o check

The check operation runs the server health check;

RepairDB   Synchronize the database option in HTML Administration pages)

ValidateServicesCnf (corresponds to Verify existence of webs 

CheckRolesConfig (corresponds to Check roles

TightenSecurity (corresponds to Tighten security option in HTML Administration pages)

owsadm.exe –o setproperty –pn

RepairDB –pv fix -p 80

References:

1. Vangie Beal, 2012, DHCP – Dynamic Host Configuration Protocol, https://www.webopedia.com/TERM/D/DHCP.html

2. C. Kale, 1991, A TCP/IP Tutorial, https://tools.ietf.org/html/rfc1180

3. Vangie Beal, 2013, TCP/IP, https://www.webopedia.com/TERM/T/TCP_IP.html

4. Justin Ellingwood, 2014, An Introduction to SNMP, https://www.digitalocean.com/community/tutorials/an-introduction-to-snmp-simple-network-management-protocol

5. Microsoft, 2003, What is SNMP, https://technet.microsoft.com/en-us/library/cc776379(v=ws.10).aspx

6. Charles M. Kozierok, 2005, The TCP/IP Guide, https://www.tcpipguide.com/free/t_TransportLayerLayer4.html