Index
766

Authentication POP (APOP), 436
Authentication server, 197
Automatic private IP addressing
(APIPA), 323
B
Bandwidth, 50–52, 89
Baseband, 242, 583
Basic rate interface (BRI), 111
WAN, 362
Bastion host, 407
Bayonet-Neill-Concelman (BNC),
48
BBSs. See Bulletin board systems
Bearer code (BC) identifier, 114
BGP. See Border gateway protocol
Big Brother, 418
Biometrics, 441
Bitwise ANDing, 308–310
Bluetooth, 182, 190–191
BNC. See Bayonet-Neill-Concelman
Boolean operators, 308
BOOTP. See Bootstrap protocol
Bootstrap protocol (BOOTP), 326,
329
Border gateway protocol (BGP),
342
BRI. See Basic rate interface
Bridges, 104–105, 143

587
physical media, 47
preparing, 64–66
problems with, 587–588
purpose of, 46
repair of, 57–58
security, 54–55
troubleshooting, 56–57
twisted-pair, 47
categories, 82
color codes, 65
Caching engines, 504
Campus area network, 35
Carrier protocol, 21
Carrier sense multiple access/
collision avoidance
(CSMA/CA), 184–185, 245
Carrier sense multiple access/
collision detection (CSMA/
CD), 70, 184–185, 245, 648
Centralized access control, 17
Centralized network model, 15–16
Certificate authority (CA), 457
Challenge handshake authentication
protocol (CHAP), 454–455
Channel service unit/data
service unit (CSU/DSU),
116–117
CHAP. See Challenge handshake
authentication protocol

Configuration management (CM),
478–493, 506–507
Configuration parameters, 328
Connection-oriented services,
605
Connectors, 45, 75, 91
BNC, 78
cabling and, 46
D connectors, 76
DIX, 77
fiber, 79–81
fundamentals of, 48–49
local connectors (LC), 80
RG and F-type, 79
RJ connectors, 76–77, 485
standard connector (SC), 48,
79
twisted-pair and coaxial cable,
76–79
Consultative Committee for
International Telephony and
Telegraph (CCITT), 111
Content filtering, 404
Content switches, 156–157, 163
Convergence, 99, 107
of security, 125
Copper cabling, 63–64
preparing, 64–66
Credit card adapters, 108
Crossover cable, 59–62

Stateful inspection firewall
Default gateway, 137
Default subnet mask, 310–311
Defense Advanced Research Projects
Agency (DARPA) model. See
Department of defense (DoD)
model
Demarc, 69
Demilitarized zone (DMZ),
129–131, 406
bastion host, 407
design, 406–413
DNS services, 408–409
e-commerce, 409, 410
data storage zone, 410, 411
financial processing network,
411
e-mail relaying, 408
FTP services, 408
IDS in, 409
Internet Web site access, 408
layered implementation, 406
multiple interface firewall
implementation, 406, 407
Denial of service (DoS) attacks, 207,
210–211, 396, 429
protecting, 212
Department of defense (DoD)
model, 257–265, 277–278
advantages of, 576–577

Directory services, 447, 448. See
also Lightweight directory
access protocol (LDAP)
Distance vector routing protocol,
343
Distributed DoS (DDoS) attack,
429
DIX. See Digital-Intel-Xerox
DMZ. See Demilitarized zone
DNS. See Domain name system
DoD model. See Department of
defense model
Domain name kiting, 429–430
Domain name system (DNS), 12,
273–274
application layer, 617
servers, 139, 203, 328, 408–409,
483
cache poisoning, 430–431
split-horizon, 409
Domain name tasting, 430
DoS attacks. See Denial of service
attacks
Dotted decimal notation, 294
DSL. See Digital subscriber line
DS0s. See Digital signal zeros
DSSS. See Direct sequence spread
spectrum
DTE devices. See Data terminal
equipment devices

gateway routing protocol
Electrical numerical integrator
and calculator (ENIAC I)
computer, 7
Electromagnetic interference (EMI),
47, 89
Electronic-binary computer, 7
Electronic Industries Associate/
Telecommunications Industry
Alliance (EIA/TIA), 484
Encapsulating protocol, 21
Enhanced interior gateway routing
protocol (EIGRP), 342
ENIAC I computer. See Electrical
numerical integrator and
calculator computer
Enterprise service provider (ESP),
135
Index
768

Eth0 interface, 554
configuration information for, 555
Ethernet, 11, 70, 263
802.3 networks, 184, 185
adapter, configuring, 555
cable, testers for, 560
crossover cable as troubleshooting
tool, 558–559
gigabit, 71

MPLS, 366
SONET, 367–368
X.25 network, 366–367
Fiber-optic cable, 48
File system drivers, 256–257
File transfer protocol (FTP), 156,
272–273
active mode, 396
application layer, 615
configuring and implementing,
273
passive mode, 396
RFC 1579 firewall-friendly, 273
Finite-state machine, 390
Firewalls, 126, 144, 392–394
application layer gateway, 393,
399–400
application level, 128–129
architecture, 126
circuit level, 129, 393
dual-homed firewall, 127
features, 129
packet-filtering. See Packet-
filtering firewall
packet level, 128
proxy server, 394
screened host firewall, 127
stateful inspection, 393
technologies, 392–394
types, 128

NetWare
h
Hacker, 201, 204–206, 209–211,
214
Half-duplex, 63, 90
transmission, 609
Hardware, 3, 9–11
address. See MAC address
security devices, 386–405,
467–468
Hardware compatibility list (HCL),
118
Hardware loopback adapter, 62
Health Insurance Portability and
Accountability Act (HIPAA),
491
Hermes chipset, 202
HomeRF, 182
Honeynets, 403–404
Honeypot, 400–403
characteristics of, 401–402
installing, 402–403
Host IDs, 299–305
rules for, 302
Host-to-host transport layer, 264
HTTP. See Hypertext transfer
protocol
Hub topology. See Point-to-
multipoint topology
Hubs, 101–103, 142

802.1x standard, authentication,
458–461
dynamic key derivation, 199,
461
user identification and strong
authentication, 199, 461
802.3 standard, 185
802.11 standard, 185, 187–190
802.11a, 188
802.11b, 187–188
802.11g, 189
802.11n, 189
authentication in, 195–200
control frames, 190
data frames, 190
management frames, 190
WEP encryption process in,
194
wireless networks, 181
802.11i authentication, 197–200
802.11w standard, 461
802.11x standard, 460
802.15 (bluetooth), 190–191
1394 (FireWire), 86
ifconfig command, 483, 545–546,
553–555
output of, 553–554
IGMP. See Internet group manage-
ment protocol
IGPs. See Interior gateway routing

identifiers, 114–115
interfaces, 112–113
reference points, 113–114
Intelligent hubs, 582
Interface network layer, 258–261
Interior gateway routing protocols
(IGPs), 342
International Telecommunications
Union (ITU), 111
Internet access methods, 368–374
ADSL, 369
cable modem, 370–371
DSL, 368–369
POTS/PSTN, 371–372
satellite, 373–374
SDSL, 369
WWAN, 372–373
Internet Assigned Numbers
Authority (IANA), 322, 395
Internet control message protocol
(ICMP), 210
functions of, 532
Internet Corporation for Assigned
Names and Numbers
(ICANN), 322
Internet engineering task force
(IETF), 651, 652–655
Internet group management
protocol (IGMP), 330, 331
Internet layer, 263–264

strategies to conserve
CIDR, 320–321
private address, 322
VLSMs, 321–322
IP helper address, 329
IP routing, 335–346
determination process,
339
packets travel from network to
network, 336–337
physical address resolution,
340–341
routers, 336
static and dynamic, 342–343
table entries, 337–339
utilities, 344–346
IP spoofing, 425–426
blind spoofing attacks, 425
informed attacks, 425
ipconfig command, 483
IPP. See Internet printing protocol
IPSec. See Internet protocol security
IPSs. See Intrusion protection
systems
IPv4, 287–289
header, 288
vs. IPv6, 291–293
IPv6, 289–290
address, types, 290
benefits of, 290–291

access protocol
LDAP data interchange format
(LDIF), 451
LEO. See Low earth orbit
Light emitting diodes (LEDs), 85, 108
Lightweight directory access
protocol (LDAP), 447–448
directories, 449
naming convention, 451
objects, attributes, and schema,
450–452
organizational units, 449–450
securing, 452–454
security realm, 453
with SSL, 452, 453
Line of sight (LOS), concept of,
178–179
Link state advertisements (LSAs), 343
Link state routing protocol, 343
LLC. See Logical link control
Load balancer, 141
Local area networks (LANs), 31–34,
46, 100, 141–142, 151
technologies and standards,
69–71
Local connector (LC), 48, 80
Logical link control (LLC), 153
802 standards, 647
layers, 183, 243–244
Logical network diagrams, 487

212–215, 427–428, 431
Managed hub. See Intelligent hubs
Managed security services providers
(MSSPs), 391
Management information base
(MIB), 275, 552
Manufacturer code, 593
MAPI. See Messaging application
program interface
MARK I computer, 7
MAU. See Media attachment unit;
Multistation access units
MBONE. See Multicast backbone
on the Internet
McAfee, 391
Mechanical transfer registered jack
(MTRJ), 48, 81
Media, 3
Media access control. See MAC
Media attachment unit (MAU), 72
Megabits per second (Mbps), 51
Mesh topology, 27
Messaging application program
interface (MAPI), 257
Metropolitan area network, 34
MIB. See Management information
base
Micro channel architecture (MCA),
118
Microprocessors, 182

Multimode fiber (MMF), 71
Multipath interference, 180
Multiple input/multiple output
(MIMO) device, 189
Multiplexing, 117
Multiport bridging, 154
Multiport repeater. See Active hubs
Multiprotocol label switching
(MPLS), 499
FDDI, 365, 366
Multistation access units (MAU),
105
features of, 105
Mutual authentication, 199,
457–458
N
NACK. See Negative
acknowledgment
NAS. See Network attached storage
Index 771
NAT. See Network address
translation
NBMA networks. See Non-
broadcast-based multiple
access networks
nbtstat command, 541–544
switches of, 543–544
NDIS. See Network driver interface
specification
Ndis.sys, 256

Network devices, 99
bridges, 104–105
historical, 100
hubs, 101–103
modern, 122
OSI model and, 100
repeaters, 103–104
routers, 122–125
security integration, 125–136
Network diagrams
logical, 487
physical, 485–487
Network documentation, 561, 565
Network driver interface
specification (NDIS)
boundary layer, 255
Network fundamentals
history on networking and
communications, 5–14
logical networking topologies,
14–24
network types, 31–35
physical network models, 24–30
Network hijacking and
modification, 213–214
protecting, 215
Network IDs, 299–305
class A, 303
class B, 303–304
class C, 304

496–497
password lists, 495–496
policies, procedures, and
configurations, 489–490
regulations, 490–492
wiring schematics, 484
Network media, 582
problems with, 587–588
Network model, 3
DoD, 257–265
OSI, 237–257
Network monitoring, 59, 493–504,
507–508
network performance
optimization, 497
Network news transfer protocol
(NNTP), 272
application layer, 617
Network operating systems (NOS), 3
Network performance optimization,
497
Network ports, 417–422, 468
scanning for vulnerabilities,
419–422
Network protocols, 417–422
Network segmentation, 105
Network threats, 423–424, 468
ARP
poisoning, 431
spoofing, 426–427

772

tone generator, 559
windows tools, 563
arp command, 536–538
ipconfig command, 545–546
nbtstat command, 541–544
netstat command, 538–541
nslookup command, 546–549
pathping command, 533–536
ping command, 530–531
route command, 549–551
SNMP, 551–552
tracert command, 531–533
Network voice protocol (NVP),
140
Networking interface cards (NICs),
57, 106, 117, 154, 244, 262,
431, 489, 582, 584–585
buffers, 584
driver issues, 585
installing, 118–120
types and operation, 120
updating drivers of, 585–586
wireless, 649
Networking protocols, 278–279
advantages of, 576–577
DHCP, 269–270
DNS, 12, 273–274
FTP, 272–273

NNTP. See Network news transfer
protocol
Non-broadcast-based multiple
access (NBMA) networks, 341
Nonfacility associated signaling
(NFAS), 113
NOS. See Network operating systems
Notification documentation, 496–497
nslookup command, 546–549
command line switches of, 556
NTP. See Network time protocol
Null modem cable, 558
Null sessions, 424–425
NVP. See Network voice protocol
o
OFDM. See Orthogonal frequency
division multiplexing
Onboard transceiver, 121
One-factor authentication, 434–436
Open authentication, 195
Open shortest path first (OSPF)
routing protocol, 123, 331,
342, 343
Open systems interconnection
(OSI) model, 100, 152, 183,
237–257, 276–277, 287, 393,
398, 399
and 802 IEEE standards,
641–642
advantages of, 576–577

use of, in troubleshooting,
575–581, 622–623
establishing, 578–581
OpenLDAP, 448
Operating systems, 9–11
UNIX, 10
Optic cable
fiber, 48, 64, 84–85
MMF, 85
SMF, 84–85
Optical carrier levels, 368
ORiNOCO card, 202
Orthogonal frequency division
multiplexing (OFDM), 188
Oscilloscope, 59
as troubleshooting tool, 559
OSI model. See Open systems
interconnection model
p
Pack analyzer. See Protocol analyzer
Packet-filtering firewall, 393,
394–399
“allow by default” policy, 395
benefits of, 398
“deny by default” policy, 395
drawbacks of, 398
operation of, 398–399
Packet INternet Groper. See Ping
command
Packet level firewall, 128

(PCI), 118
Personal area network (PAN), 35
Personal digital assistants (PDAs),
481
Personal identification number
(PIN), 494
Physical address. See MAC address
Physical layers
functions of, 526
hubs and repeaters operated at,
239–240
NIC functioning at, 582
of OSI model, 239–240
troubleshooting, 583–585,
623
devices of, 588–590
NIC driver issues, 584–585
role of NIC, 584–585
Physical media, 49–58
bandwidth capacity of, 51
installing, 55–56
length of, 52–53
standards for, 71
Physical network diagrams,
485–487
Physical network models, 24–30
bus topology, 25–26
hybrid topology, 29
mesh topology, 27
point-to-multipoint topology,

Post office protocol (POP), 270–271
Power over Ethernet (PoE), 157–158
PPP. See Point-to-point protocol
PPTP. See Point-to-point tunneling
protocol
Presentation layer
function of, 613
of OSI model, 251–252
problems finding in, 614
troubleshooting, 612–614, 624
PRI. See Primary rate interface
Primary rate interface (PRI), 112
WAN, 362–363
Private branch exchange (PBX), 68,
114
Private network address, 322–329
benefits of, 324–325
class A, 323, 324
class B, 323, 324
class C, 323, 324
considerations, 324–329
DHCP
operations, 326–329
relay agents, 328–329
static and dynamic assignments,
325–326
Private virtual dial-up network
(PVDN), 135
PRNG. See Pseudorandom number
generator

reflection and refraction,
176–177
communications, 180–181
RADIUS, 198
authentication process,
442
distributed, 441
implementation, 442–443
Juniper Networks Steel-Belted,
443
proxy, 442
server, 198
vs. TACACS+, 457
vulnerabilities, 444
RAID. See Redundant array of
independent disks
Index
774

RARP. See Reverse address
resolution protocol
RC4 encryption algorithm, 193,
223, 463
Redundant array of independent
disks (RAID), 482
Redundant network, 504
Registered jack (RJ), 48
Remote access policies, 440–441
Remote access service (RAS) servers,
133

Routing, 247
Routing and remote access service
(RRAS), 106, 339
Routing information protocol (RIP),
124, 274, 342, 343
Routing information tables (RITs),
339
Routing loop, 602
Roving analysis port (RAP), 160
RRAS. See Routing and remote
access service
Rule of thumb, 580
S
Sarbanes-Oxley Act of 2002, 492
Satellite, 33, 373–374
LEO, 373
Screened host firewall, 127
SDSL. See Symmetric digital
subscriber line
Secure sockets layer (SSL)
LDAP with, 452, 453
protocol, 186
Security zones, 405–406, 469–470
DMZs, 406–413
VPN, 413–416
Server message block (SMB),
267–268
Service access point identifier
(SAPI), 114
Service profile identifier (SPID), 114

Single-mode fiber (SMF), 71
Single sign-on (SSO), 439
Site survey, 221
Site-to-site VPNs, 133–134
Smart hubs. See Intelligent hubs
Smart jack, 69
SMB. See Server message block
SMF. See Single-mode fiber
SMTP. See Simple mail transfer
protocol
SNA. See Systems network
architecture
Sniffing, 204–206, 221
protecting, 206
Software, security devices, 386–405,
467–468
SolarWinds IP network browser, 525
SONET. See Synchronous optical
network
Sourcefire, 391
Space age to information age, 8–9
Spanning tree protocol (STP),
158–159, 164
Spoke topology. See Point-to-
multipoint topology
Spoofing, 207–209, 447. See also IP
spoofing
ARP, 214, 426–427
protecting, 209
Spread spectrum technology,

content, 156–157, 163
in data link layer, 249
features, 157–161, 163–164
multilayer, 155–156, 163
multiport bridging, 154
in network layer, 249
network performance
improvement with, 154–155
OSI model and, 152–153
in transport layer, 249
Switching hubs, 101, 103
Switching routers, 125, 249
Symmetric digital subscriber line
(SDSL), 369
Synchronous optical network
(SONET)
FDDI, 367–368
Systems network architecture (SNA)
gateway, 612
protocol, 136
T
T-carrier line, 116, 143
TACACS, 455
TACACS+, 455–456
vs. RADIUS, 457
vulnerabilities in, 456–457
TAPI. See Telephony application
program interface
TCP. See Transmission control
protocol

Token signal, 28
Token technology, 437
Tone generator, 58, 89
as troubleshooting tool, 559
Topology, 3
traceroute command, 557
tracert command, 531–533
Traffic shaping, 500–501
Transceivers, 86–87, 121
Translation bridge in data link layer,
594
Transmission control protocol (TCP)
three-way handshake, 607
in transport layer, 605–606
Transmission control protocol/
Internet protocol (TCP/IP), 9,
122, 156, 264, 285, 428, 652
handshake, 428
hijacking, 424
stack, 287, 337
Transport driver interface (TDI), 255
boundary layer, 256
Transport layer
of OSI model, 248–249
troubleshooting, 603–609, 624
TCP for, 605–606
UDP for, 606–608
Transport layer security (TLS), 452,
458, 464, 465
protocol, 186

UNIX, operating systems, 9–11
Unshielded twisted-pair (UTP), 48,
92, 101, 484
categories, 81–83
URLs. See Uniform resource
locators
User datagram protocol (UDP), 264,
415, 416
in transport layer, 606–607
UTP. See Unshielded twisted-pair
v
Vampire tap, 54
Variable-length subnet masks
(VLSMs), 311–312, 321–322
determining
IP address for each new
subnet, 314–315
new subnetted network IDs,
314
number of host bits, 312–313
subnet mask, 316
VCD. See Virtual collision detection
Virtual collision detection (VCD),
185
Virtual local area networks
(VLANs), 23–24, 159, 163,
385
configuring, 24
Virtual private networks (VPNs),
20–23, 129, 133, 145, 192,

operating with packet switching,
359–360, 363
PRI, 362–363
protocols and properties,
360–368
FDDI, 364–365
ISDN, 361–363
T/E carrier, 360–361
wireless, 372–373
X.25, 366–367
WIFI protected access 2 (WPA2),
193–195
WIMAX. See Worldwide interoper-
ability for microwave access
Windows Internet name service
(WINS), 266–267
client service, 267
server, 267, 328
Windows server system, 106
Windows VISTA Business, wireless
network in, 219–220
Windows Vista device manager,
586
Windows XP Professional, WEP and
802.1x security in, 217–219
WINS. See Windows Internet name
service
WinSock, API, 257, 268–269
Wire map tester, 59
Wired access drops, 172

attacks on
active, 207–212
DoS, 210–212
flooding, 210–212
jamming, 215–216
MITM, 212–215
network hijacking and
modification, 213–215
passive, 200–206
sniffing, 204–206
spoofing, 208–209
unauthorized access, 208–209
convenience, 171–175
flexibility, 172–173
mobility, 174–175
roaming, 173–174
detecting, 201–202
using NetStumbler, 201–204
productivity, 175
protocols and operation,
185–200
radio frequency behaviors,
175–178
security, 216–220
in Windows Vista Business,
219–220
in Windows XP Professional,
216–219
wireless communication in,
179–185