Introduction to Intranets
What exactly is an intranet? It's one of those terms that's more thrown nearby than understood, and has come to be more of a buzzword than a commonly understood idea. Simply put, an intranet is a private network with Internet technology used as the basal architecture. An intranet is built using the Internet's Tcp/Ip protocols for communications. Tcp/Ip protocols can be run on many hardware platforms and cabling schemes. The basal hardware is not what makes an intranet-it's the software protocols that matter.
Hardware Monitoring Software
Intranets can co-exist with other local area networking technology. In many companies, existing "legacy systems" including mainframes, Novell networks, minicomputers, and various databases, are being integrated into an intranet. A wide collection of tools allow this to happen. Coarse Gateway Interface (Cgi) scripting is often used to passage inheritance databases from an intranet. The Java programming language can be used to passage inheritance databases as well.
Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting: 2 Best
Rate This Product :
Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting: 2 Overview
Today's system administrators deal with a vast number of situations, operating systems, software packages, and problems. Those who are in the know have kept their copy of Linux Server Hacks close at hand to ease their burden. And while this helps, it's not enough: any sys admin knows there are many more hacks, cool tips, and ways of solving problems than can fit in a single volume (one that mere mortals can lift, that is).
Which is why we created Linux Server Hacks, Volume Two, a second collection of incredibly useful tips and tricks for finding and using dozens of open source tools you can apply to solve your sys admin problems. The power and flexibility of Linux and Open Source means that there is an astounding amount of great software out there waiting to be applied to your sys admin problems -- if only you knew about it and had enough information to get started. Hence, Linux Server Hacks, Volume Two.
This handy reference offers 100 completely new server management tips and techniques designed to improve your productivity and sharpen your administrative skills. Each hack represents a clever way to accomplish a specific task, saving you countless hours of searching for the right answer. No more sifting through man pages, HOWTO websites, or source code comments -- the only resource you need is right here. And you don't have to be a system administrator with hundreds of boxen to get something useful from this book as many of the hacks apply equally well to a single system or a home network.
Compiled by experts, these hacks not only give you the step-by-step instructions necessary to implement the software, but they also provide the context to truly enable you to learn the technology. Topics include:
- Authentication
- Remote GUI connectivity
- Storage management
- File sharing and synchronizing resources
- Security/lockdown instruction
- Log files and monitoring
- Troubleshooting
- System rescue, recovery, and repair
Whether they help you recover lost data, collect information from distributed clients, or synchronize administrative environments, the solutions found in Linux Server Hacks, Volume Two will simplify your life as a system administrator.
Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting: 2 Specifications
Today's system administrators deal with a vast number of situations, operating systems, software packages, and problems. Those who are in the know have kept their copy of Linux Server Hacks close at hand to ease their burden. And while this helps, it's not enough: any sys admin knows there are many more hacks, cool tips, and ways of solving problems than can fit in a single volume (one that mere mortals can lift, that is).
Which is why we created Linux Server Hacks, Volume Two, a second collection of incredibly useful tips and tricks for finding and using dozens of open source tools you can apply to solve your sys admin problems. The power and flexibility of Linux and Open Source means that there is an astounding amount of great software out there waiting to be applied to your sys admin problems -- if only you knew about it and had enough information to get started. Hence, Linux Server Hacks, Volume Two.
This handy reference offers 100 completely new server management tips and techniques designed to improve your productivity and sharpen your administrative skills. Each hack represents a clever way to accomplish a specific task, saving you countless hours of searching for the right answer. No more sifting through man pages, HOWTO websites, or source code comments -- the only resource you need is right here. And you don't have to be a system administrator with hundreds of boxen to get something useful from this book as many of the hacks apply equally well to a single system or a home network.
Compiled by experts, these hacks not only give you the step-by-step instructions necessary to implement the software, but they also provide the context to truly enable you to learn the technology. Topics include:
- Authentication
- Remote GUI connectivity
- Storage management
- File sharing and synchronizing resources
- Security/lockdown instruction
- Log files and monitoring
- Troubleshooting
- System rescue, recovery, and repair
Whether they help you recover lost data, collect information from distributed clients, or synchronize administrative environments, the solutions found in Linux Server Hacks, Volume Two will simplify your life as a system administrator.
Customer Reviews
*** Product Information and Prices Stored: Jan 09, 2012 00:32:19
With the great growth of the Internet, an expanding amount of habitancy in corporations use the Internet for communicating with the covering world, for conference information, and for doing business. It didn't take long for habitancy to identify that the components that worked so well on the Internet could be equally principal internally and that is why intranets are becoming so popular. Some corporations do not have Tcp/Ip networks, the protocol required to passage the resources of the Internet. Creating an intranet in which all the data and resources can be used seamlessly has many benefits. Tcp/Ip-based networks make it easy for habitancy to passage the network remotely, such as from home or while traveling. Dialing into an intranet in this way is much like connecting to the Internet, except that you're connecting to a private network instead of to a collective Internet provider. Interoperability in the middle of networks is an additional one great bonus.
Security systems detach an intranet from the Internet. A company's intranet is protected by firewalls-hardware and software combinations that allow only positive habitancy to passage the intranet for exact purposes.
Intranets can be used for whatever that existing networks are used for-and more. The ease of publishing data on the World Wide Web has made them beloved places for posting corporate data such as firm news or firm procedures. Corporate databases with easy-to-build front-ends use the Web and programming languages such as Java.
Intranets allow habitancy to work together more categorically and more effectively. Software known as groupware is an additional one prominent part of intranets. It allows habitancy to collaborate on projects; to share information; to do videoconferencing; and to invent regain procedures for yield work. Free server and client software and the multitude of services, like newsgroups, stimulated the Internet's growth. The consequence of that growth stimulated and fueled the growth of intranets. The ease with which data can be shared, and with which habitancy can delineate with one an additional one will continue to drive the building of intranets.
A Global View of an Intranet
An intranet is a private corporate or educational network that uses the Internet's Tcp/Ip protocols for its basal transport. The protocols can run on a collection of network hardware, and can also co-exist with other network protocols, such as Ipx. habitancy from inside an intranet can get at the larger Internet resources, but those on the Internet cannot get into the intranet, which allows only restricted passage from the Internet.
- Videoconferencing is an prominent application that requires sending heavy quantities of data. Intranets can be built using components that allow the very high bandwidths required for transferring such information.
- Often an intranet is composed of a amount of separate networks inside a corporation that all delineate with one an additional one via Tcp/Ip. These detach networks are often referred to as subnets.
- Software that allows habitancy to delineate with each other via e-mail and collective message boards and to collaborate on work using workgroup software is among the most grand intranet programs. Applications that allow separate corporate departments to post information, and for habitancy to fill out corporate forms, such as time sheets, and for tapping into corporate financial data are very popular.
- Much of the software used on intranets is standard, off-the-shelf Internet software such as the Netscape Navigator and the Microsoft Explorer Web browsers. And customized programs are often built, using the Java programming language and Cgi scripting.
- Intranets can also be used to allow fellowships to do business-to-business transactions, such as ordering parts, sending invoices, and making payments. For extra security, these intranet-to-intranet transactions need never go out over the collective Internet, but can travel over private leased lines instead.
- Intranets are a grand system for allowing a firm to do firm online, for example, to allow whatever on the Internet to order products. When man orders a product on the Internet, data is sent in a regain manner from the collective Internet to the company's intranet, where the order is processed and completed.
- In order to protect sensitive corporate information, and to ensure that hackers don't damage computer systems and data, protection barriers called firewalls protect an intranet from the Internet. Firewall technology uses a blend of routers, servers and other hardware and software to allow habitancy on an intranet to use Internet resources, but blocks outsiders from getting into the intranet.
- Many intranets have to join together to "legacy systems"-hardware and databases that were built before an intranet was constructed. inheritance systems often use older technology not based on the intranet's Tpc/Ip protocols. There are a collection of ways in which intranets can tie to inheritance systems. A Coarse way is to use Cgi scripts to passage the database data and pour that data into Html formatted text, making it ready to a Web browser.
- Information sent over an intranet is sent to the proper destination by routers, which survey each Tcp/Ip packet for the Ip address and determine the packet's destination. It then sends the packet to the next router closest to the destination. If the packet is to be delivered to an address on the same subnetwork of the intranet it was sent from, the packet may be able to be delivered directly without having to go through any other routers. If it is to be sent to an additional one subnetwork on the intranet, it will be sent to an additional one internal router address. If the packet is to be sent to a destination covering the intranet-in other words, to an Internet destination-the packet is sent to a router that connects to the Internet
How Tcp/Ip and Ipx Work on Intranets
What distinguishes an intranet from any other kind of private network is that it is based on Tcp/Ip-the same protocols that apply to the Internet. Tcp/Ip refers to two protocols that work together to deliver data: the Transmission control Protocol (Tcp) and the Internet Protocol (Ip). When you send data over an intranet, the data is broken into small packets. The packets are sent independently through a series of switches called routers. Once all the packets arrive at their destination, they are recombined into their traditional form. The Transmission control Protocol breaks the data into packets and recombines them on the receiving end. The Internet Protocol handles the routing of the data and makes sure it gets sent to the proper destination.
- In some companies, there may be a mix of Tcp/Ip-based intranets and networks based on other networking technology, such as NetWare. In that instance, the Tcp/Ip technology of an intranet can be used to send data in the middle of NetWare or other networks, using a technique called Ip tunneling. In this instance, we'll look at data being sent from one NetWare network to another, via an intranet. NetWare networks use the Ipx (Internet Packet Exchange) protocol as a way to deliver data-and Tcp/Ip networks can't identify that protocol. To get nearby this, when an Ipx packet is to be sent over an intranet, it is first encapsulated inside an Ip packet by a NetWare server specifically for and dedicated to providing the Ip vehicle mechanism for Ipx packets.
- Data sent within an intranet must be broken up into packets of less than 1,500 characters each. Tcp breaks the data into packets. As it creates each packet, it calculates and adds a checksum to the packet. The checksum is based on the byte values, that is, the precise amount of data in the packet.
- Each packet, along with the checksum, is put into detach Ip wrappers or "envelopes." These wrappers consist of data that details exactly where on the intranet-or the Internet-the data is to be sent. All of the wrappers for a given piece of data have the same addressing data so that they can all be sent to the same location for reassembly.
- The packets travel in the middle of networks by intranet routers. Routers survey all Ip wrappers and look at their addresses. These routers determine the most efficient path for sending each packet to its final destination. Since the traffic load on an intranet often changes, the packets may be sent along separate routes, and the packets may arrive out of order. If the router sees the address is one located inside the intranet, the packet may be sent directly to its destination, or it may instead be sent to an additional one router. If the address is located out on the Internet, it will be sent to an additional one router so it can be sent over the Internet.
- As the packets arrive at their destination, Tcp calculates a checksum for each packet. It then compares this checksum with the checksum that has been sent in the packet. If the checksums don't match, Tcp knows that the data in the packet has been corrupted during transmission. It then discards the packet and asks that the traditional packet be retransmitted.
- Tcp includes the quality to check packets and to determine that all the packets have been received. When all the non-corrupt packets are received, Tcp assembles them into their original, unified form. The header data of the packets relays the sequence of how to reassemble the packets.
- An intranet treats the Ip packet as it would any other, and routes the packet to the receiving NetWare network. On the receiving NetWare network, a NetWare Tcp/Ip server decapsulates the Ip packet-it discards the Ip packet, and reads the traditional Ipx packet. It can now use the Ipx protocol to deliver the data to the proper destination.
How the Osi Model Works
A group called the International Standards society (Iso) has put together the Open Systems Interconnect (Osi) Reference Model, which is a model that describes seven layers of protocols for computer communications. These layers don't know or care what is on adjacent layers. Each layer, essentially, only sees the reciprocal layer on the other side. The sending application layer sees and talks to the application layer on the destination side. That conversation takes place irrespective of, for example, what buildings exists at the corporeal layer, such as Ethernet or Token Ring. Tcp combines the Osi model's application, presentation, and session layers into one which is also called the application layer.
- The application layer refers to application interfaces, not programs like word processing. Mhs (Message Handling Service) is such an interface and it operates at this level of the Osi model. Again, this segmentation and interface coming means that a collection of email programs can be used on an intranet so long as they conform to the Mhs standard at this application interface level.
- The presentation layer typically Simply provides a standard interface in the middle of the application layer and the network layers. This type of segmentation allows for the great flexibility of the Osi model since applications can vary endlessly, but, as long as the results conform to this standard interface, the applications need not be concerned with any of the other layers.
- The session layer allows for the communication in the middle of sender and destination. These conversations avoid obscuring by speaking in turn. A token is passed to control and to indicate which side is allowed to speak. This layer executes transactions, like recovery a file. If something prevents it from completing the save, the session layer, which has a description of the traditional state, returns to the traditional state rather than allowing a corrupt or incomplete transaction to occur.
- The vehicle layer segments the data into standard packet sizes and is responsible for data integrity of packet segments. There are some levels of assistance that can be implemented at this layer, including segmenting and reassembly, error recovery, flow control, and others.
- The Ip wrapper is put nearby the packet at the network or Internet layer. The header includes the source and destination addresses, the sequence order, and other data principal for precise routing and rebuilding at the destination.
- The data-link layer frames the packets-for example, for use with the Ppp (Point to Point). It also includes the logical link part of the Mac sublayer of the Ieee 802.2, 802.3 and other standards.
- Ethernet and Token Ring are the two most Coarse corporeal layer protocols. They function at the Mac (Media passage Control) level and move the data over the cables based on the corporeal address on each Nic (Network Interface Card). The corporeal layer includes the corporeal components of the Ieee 802.3 and other specifications.
How Tcp/Ip Packets Are Processed
Protocols such as Tcp/Ip determine how computers delineate with each other over networks such as the Internet. These protocols work in concert with each other, and are layered on top of one an additional one in what is commonly referred to as a protocol stack. Each layer of the protocol is designed to accomplish a exact purpose on both the sending and receiving computers. The Tcp stack combines the application, presentation, and the session layers into a particular layer also called the application layer. Other than that change, it follows the Osi model. The illustration below shows the wrapping process that occurs to transmit data.
- The Tcp application layer formats the data being sent so that the layer below it, the vehicle layer, can send the data. The Tcp application layer performs the equivalent actions that the top three layers of Osi perform: the application, presentation, and session layers.
- The next layer down is the vehicle layer, which is responsible for transferring the data, and ensures that the data sent and the data received are in fact the same data-in other words, that there have been no errors introduced during the sending of the data. Tcp divides the data it gets from the application layer into segments. It attaches a header to each segment. The header contains data that will be used on the receiving end to ensure that the data hasn't been altered en route, and that the segments can be properly recombined into their traditional form.
- The third layer prepares the data for delivery by putting them into Ip datagrams, and determining the proper Internet address for those datagrams. The Ip protocol works in the Internet layer, also called the network layer. It puts an Ip wrapper with a header onto each segment. The Ip header includes data such as the Ip address of the sending and receiving computers, and the length of the datagram, and the sequence order of the datagram. The sequence order is added because the datagram could conceivably exceed the size allowed for network packets, and so would need to be broken into smaller packets. including the sequence order will allow them to be recombined properly.
- The Internet layer checks the Ip header and checks to see either the packet is a fragment. If it is, it puts together fragments back into the traditional datagram. It strips off the Ip header, and then sends the datagram to the vehicle layer.
- The vehicle layer looks at the remaining header to determine which application layer protocol-Tcp or Udp-should get the data. Then the proper protocol strips off the header and sends the data to the receiving application.
- The application layer gets the data and performs, in this case, an Http request.
- The next layer down, the data link layer, uses protocols such as the Point-to-Point Protocol (Ppp) to put the Ip datagram into a frame. This is done by putting a header-the third header, after the Tcp header and the Ip header-and a footer nearby the Ip datagram to fra-me it. Included in the frame header is a Crc check that checks for errors in the data as the data travels over the network.
- The data-link layer ensures that the Crc for the frame is right, and that the data hasn't been altered while it was sent. It strips off the frame header and the Crc, and sends the frame to the Internet layer.
- On the receiving computer, the packet travels through the stack, but in the opposite order from which the packet was created. In other words, it starts at the lowest layer, and moves its way up through the protocol stack. As it moves up, each layer strips off the header data that was added by the Tcp/Ip stack of the sending computer.
- The final layer is the corporeal network layer, which specifies the corporeal characteristics of the network being used to send data. It describes the actual hardware standards, such as the Ethernet specification. The layer receives the frames from the data link layer, and translates the Ip addresses there into the hardware addresses required for the exact network being used. Finally, the layer sends the frame over the network.
- The corporeal network layer receives the packet. It translates the hardware address of the sender and receiver into Ip addresses. Then it sends the frame up to the data link layer.
How Bridges Work
Bridges are hardware and software combinations that join together separate parts of a particular network, such as separate sections of an intranet. They join together local area networks (Lans) to each other. They are commonly not used, however, for connecting entire networks to each other, for example, for connecting an intranet to the Internet, or an intranet to an intranet, or to join together an entire subnetwork to an entire subnetwork. To do that, more sophisticated pieces of technology called routers are used.
- When there is a great amount of traffic on an Ethernet local area network, packets can collide with one another, reducing the efficiency of the network, and slowing down network traffic. Packets can collide because so much of the traffic is routed among all the workstations on the network.
- In order to cut down on the collision rate, a particular Lan can be subdivided into two or more Lans. For example, a particular Lan can be subdivided into some departmental Lans. Most of the traffic in each departmental Lan stays within the agency Lan, and so it needn't travel through all the workstations on all the Lans on the network. In this way, collisions are reduced. Bridges are used to link the Lans. The only traffic that needs to travel over bridges is traffic bound for an additional one Lan. Any traffic within the Lan need not travel over a bridge.
- Each packet of data on an intranet has more data in it than just the Ip information. It also includes addressing data required for other basal network architecture, such as for an Ethernet network. Bridges look at this outer network addressing data and deliver the packet to the proper address on a Lan
- Bridges consult a studying table that has the addresses of all the network nodes in it. If a bridge finds that a packet belongs on its own Lan, it keeps the packet inside the Lan. If it finds that the workstation is on an additional one Lan, it forwards the packet. The bridge permanently updates the studying table as it monitors and routes traffic.
- Bridges can join together Lans in a collection of separate ways. They can join together Lans using serial connections over traditional phone lines and modems, over Isdn lines, and over direct cable connections. Csu/Dsu units are used to join together bridges to telephone lines for remote connectivity.
- Bridges and routers are sometimes combined into a particular product called a brouter. A brouter handles both bridging and routing tasks. If the data needs to be sent only to an additional one Lan on the network or subnetwork, it will act only as a bridge delivering the data based on the Ethernet address. If the destination is an additional one network entirely, it will act as a router, examining the Ip packets and routing the data based on the Ip address.
How Intranet Routers Work
Just as routers direct traffic on the Internet, sending data to its proper destination, and routers on an intranet accomplish the same function. Routers-equipment that is a blend of hardware and software-can send the data to a computer on the same sub network inside the intranet, to an additional one network on the intranet, or covering to the Internet. They do this by examining header data in Ip packets, and then sending the data on its way. Typically, a router will send the packet to the next router closest to the final destination, which in turn sends it to an even closer router, and so on, until the data reaches its intended recipient.
- A router has input ports for receiving Ip packets, and yield ports for sending those packets toward their destination. When a packet comes to the input port, the router examines the packet header, and checks the destination in it against a routing table-a database that tells the router how to send packets to various destinations.
- Based on the data in the routing table, the packet is sent to a particular yield port, which sends the packet to the next closest router to the packet's destination.
- If packets come to the input port more fast than the router can process them, they are sent to a retention area called an input queue. The router then processes packets from the queue in the order they were received. If the amount of packets received exceeds the capacity of the queue (called the length of the queue), packets may be lost. When this happens, the Tcp protocol on the sending and receiving computers will have the packets re-sent.
- In a simple intranet that is a single, thoroughly self-contained network, and in which there are no connections to any other network or the intranet, only minimal routing need be done, and so the routing table in the router is exceedingly simple with very few entries, and is constructed automatically by a program called ifconfig.
- In a slightly more complex intranet which is composed of a amount of Tcp/Ip-based networks, and connects to a puny amount of Tcp/Ip-based networks, static routing will be required. In static routing, the routing table has exact ways of routing data to other networks. Only those pathways can be used. Intranet administrators can add routes to the routing table. Static routing is more flexible than minimal routing, but it can't change routes as network traffic changes, and so isn't favorable for many intranets.
- In more complex intranets, dynamic routing will be required. Dynamic routing is used to permit many routes for a packet to reach its final destination. Dynamic routing also allows routers to change the way they route data based on the amount of network traffic on some paths and routers. In dynamic routing, the routing table is called a dynamic routing table and changes as network conditions change. The tables are built dynamically by routing protocols, and so permanently change agreeing to network traffic and conditions.
- There are two broad types of routing protocols: interior and exterior. Interior routing protocols are typically used on internal routers inside an intranet that routes traffic bound only for inside the intranet. A Coarse interior routing protocol is the Routing data Protocol (Rip). covering protocols are typically used for external routers on the Internet. AÊcommon covering protocol is the covering Gateway Protocol (Egp).
Intranets come in separate sizes. In a small company, an intranet can be composed of only a handful of computers. In a medium-sized business, it may consist of dozens or hundreds of computers. And in a large corporation, there may be thousands of computers spread over the globe, all linked to a particular intranet. When intranets get large, they need to be subdivided into individual subnets or subnetworks.
To understand how subnetting works, you first need to understand Ip addresses. Every Ip address is a 32-bit numeric address that uniquely identifies a network and then a exact host on that network. The Ip address is divided into two sections: the network section, called the netid, and the host section, called the hostid.
Each 32-bit Ip address is handled differently, agreeing to what class of network the address refers to. There are three main classes of network addresses: Class A, Class B, and Class C. In some classes, more of the 32-bit address space is devoted to the netid, while in others, more of the address space is devoted to the hostid. In a Class A network, the netid is composed of 8 bits, while the hostid is composed of 24 bits. In a Class B network, both the netid and the hostid are composed of 16 bits. In a Class C network, the netid is composed of 24 bits, while the hostid is composed of 8 bits. There's a simple way of knowing what class a network is in. If the first amount of the Ip address is less than 128, the network is a Class A address. If the first amount is from 128 to 191, it's a Class B network. If the first amount is from 192 to 223, it's a Class C network. Numbers above 223 are reserved for other purposes. The smaller the netid, the fewer amount of networks that can be subnetted, but the larger amount of hosts on the network. A Class A rating is best for large networks while a Class C is best for small ones.
To originate a subnet, the demarcation line on the Ip address is moved in the middle of the netid and the hostid, to give the netid more bits to work with and to take away bits from the hostid. To do this, a special amount called a subnet mask is used.
Subnetting is used when intranets grow over a positive size and they begin to have problems. One qoute is management of host Ip addresses-making sure that every computer on the network has a proper, modern host address, and that old host addresses are put out of use until needed in the future. In a corporation spread out over some locations-or over the world-it's difficult, if not impossible, to have one man responsible for managing the host addresses at every location and agency in the company.
Another qoute has to do with a collection of hardware limitations of networks. separate networks may all be part of an intranet. An intranet may have some sections that are Ethernet, other sections that are Token Ring networks, and conceivably other sections that use separate networking technologies altogether. There is no easy way for an intranet router to link these separate networks together and route the data to the proper places.
Another set of problems has to do with the corporeal limitations of network technology. In some kinds of networks, there are some precise limitations on how far cables can increase in the network. In other words, you can't go over a positive length of cabling without using repeaters or routers. A "thick" Ethernet cable, for example, can only be extended to 500 meters, while a "thin" Ethernet cable can only go to 300 meters. Routers can be used to link these cables together, so that an intranet can be extended well beyond those distances. But when that is done, each length of wire is essentially thought about its own subnetwork.
Yet one more set of problems has to do with the volume of traffic that travels over an intranet. Often in a corporation, in a given department, most of the traffic is intradepartmental traffic-in other words, mail and other data that habitancy within a agency send to each another. The volume of traffic covering to other departments is considerably less. What's called for is a way to confine intradepartmental traffic inside the departments, to cut down on the amount of data that needs to be routed and managed over the entire intranet.
Subnetting solves all these problems and more. When an intranet is divided into subnets, one central administrator doesn't have to carry on every aspect of the entire intranet. Instead, each subnet can take care of its own administration. That means smaller organizations within the larger society can take care of problems such as address management and a collection of troubleshooting chores. If an intranet is subnetted by divisions or departments, it means that each agency or agency can guide the improvement of its own network, while adhering to normal intranet architecture. Doing this allows departments or divisions more free time to use technology to pursue their firm goals.
Subnets also get nearby problems that arise when an intranet has within it separate kinds of network architecture, such as Ethernet and Token Ring technologies. Normally-if there is no subnetting-a router can't link these separate networks together because they don't have their own addresses. However, if each of the separate networks is its own subnet-and so has its own network address-routers can then link them together and properly route intranet traffic.
Subnetting can also cut down on the traffic traveling over the intranet and its routers. Since much network traffic may be confined within departments, having each agency be its own subnet means that all that traffic need never cross an intranet router and cross the intranet-it will stay within its own subnet.
Subnetting can also growth the protection on an intranet. If the payroll department, for example, were on its own subnet, then much of its traffic would not have to travel over an intranet. Having its data traveling over the intranet could mean that man could conceivably hack into the data to read it. Confining the data to its own subnet makes that much less likely to happen.
Dividing an intranet into subnets can also make the entire intranet more stable. If an intranet is divided in this way, then if one subnet goes down or is often unstable, it won't work on the rest of the intranet.
This all may sound rather confusing. To see how it's done, let's take a look at a network, and see how to use the Ip address to originate subnets. Let's say we have a Class B network. That network is assigned the address of 130.97.0.0. When a network is given an address, it is assigned the netid numbers-in this case, the 130.97-and it can assign the host numbers (in this case, 0.0) in any way that it chooses.
The 130.97.0.0 network is a particular intranet. It's getting too large to manage, though, and we've decided to divide it into two subnets. What we do is fairly straightforward. We take a amount from the hostid field and use it to identify each of the subnets. So one subnet gets the address 130.97.1.0, and the other gets the address 130.97.2.0. individual machines on the first subnet get addresses of 130.97.1.1, 130.97.1.2, and so on. individual machines on the second subnet get addresses of 130.97.2.1, 130.97.2.2 and so on.
Sounds simple. But we have a problem. The Internet doesn't identify 130.97.1.0 and 130.97.2.0 as detach networks. It treats them both as 130.97.0.0 since the "1" and "2" that we're using as a netid is only known to the Internet as a hostid. So our intranet router will not be able to route incoming traffic to the proper network.
To solve the problem, a subnet mask is used. A subnet mask is a 32-bit amount in Ip form used by intranet routers and hosts that will help routers understand how to route data to the proper subnet. To the covering Internet, there is still only one network, but the subnet mask allows routers inside the intranet to send traffic to the proper host.
A subnet mask is a amount such as 255.255.255.0 (the built-in default for Class C addresses; the Class B default is 255.255.0.0 and the default for Class A is 255.0.0.0). A router takes the subnet mask and applies that amount against the Ip amount of incoming mail to the network by using it to accomplish a calculation. Based on the resulting Ip number, it will route mail to the proper subnet, and then to a particular computer on the subnet. For consistency, everybody in a particular intranet will use the same subnet mask.
Subnetting an Intranet
When intranets are over a positive size, or are spread over some geographical locations, it becomes difficult to carry on them as a particular network. To solve the problem, the particular intranet can be subdivided into some subnets, subsections of an intranet that make them easier to manage. To the covering world, the intranet still looks as if it's a particular network.
- If you're building an intranet and want it to be linked to the Internet, you'll need a unique Ip address for your intranet network, which the InterNic Registration Services will handle. There are three classes of intranet you can have: Class A, Class B, or Class C. Generally, a Class A rating is best for the largest networks, while a Class C is best for the smallest. A Class A network can be composed of 127 networks, and a total of 16,777,214 nodes on the network. A Class B network can be composed of 16,383 networks, and a total of 65,534 nodes. A Class C network can be composed of 2,097,151 networks, and 254 nodes.
- When an intranet is assigned an address, it is assigned the first two Ip numbers of the Internet numeric address (called the netid field) and the remaining two numbers (called the hostid field) are left blank, so that the intranet itself can assign them, such as 147.106.0.0. The hostid field consists of a amount for a subnet and a host number.
- When an intranet is linked to the Internet, a router handles the job of sending packets into the intranet from the Internet. In our example, all incoming mail and data comes to a router for a network with the netid of 147.106.0.0.
- When intranets grow-for example, if there is a agency located in an additional one building, city, or country-there needs to be some way to carry on network traffic. It may be impractical and physically impossible to route all the data principal among many separate computers spread over a building or the world. A second network-called a subnetwork or subnet-needs to be created.
- In order to have a router deal with all incoming traffic for a subnetted intranet, the first byte of the hostid field is used. The bits that are used to distinguish among subnets are called subnet numbers. In our example, there are two subnets on the intranet. To the covering world, there appears to be only one network.
- Each computer on each subnet gets its own Ip address, as in a normal intranet. The blend of the netid field, the subnet number, and then finally a host number, forms the Ip address.
- The router must be informed that the hostid field in subnets must be treated differently than non-subnetted hostid fields, otherwise it won't be able to properly route data. In order to do this, a subnet mask is used. A subnet mask is a 32-bit amount such as 255.255.0.0 that is used in concert with the numbers in the hostid field. When a calculation is performed using the subnet mask and the Ip address, the router knows where to route the mail. The subnet mask is put in people's network configuration files.
Overview of an Intranet protection System
Any intranet is vulnerable to attack by habitancy intent on destruction or on stealing corporate data. The open nature of the Internet and Tcp/Ip protocols expose a corporation to attack. Intranets need a collection of protection measures, including hardware and software combinations that supply control of traffic; encryption and passwords to validate users; and software tools to prevent and cure viruses, block objectionable sites, and monitor traffic.
- The generic term for a line of defense against intruders is a firewall. A firewall is a hardware/software blend that controls the type of services allowed to or from the intranet.
- Proxy servers are an additional one Coarse tool used in building a firewall. A proxy server allows system administrators to track all traffic arrival in and out of an intranet.
- A bastion server firewall is configured to withstand and prevent unauthorized passage or services. It is typically segmented from the rest of the intranet in its own subnet or perimeter network. In this way, if the server is broken into, the rest of the intranet won't be compromised.
- Server-based virus-checking software can check every file arrival into the intranet to make sure that it's virus-free.
- Authentication systems are an prominent part of any intranet protection scheme. Authentication systems are used to ensure that whatever trying to log into the intranet or any of its resources is the man they claim to be. Authentication systems typically use user names, passwords, and encryption systems.
- Server-based site-blocking software can bar habitancy on an intranet from getting objectionable material. Monitoring software tracks where habitancy have gone and what services they have used, such as Http for Web access.
- One way of ensuring that the wrong habitancy or erroneous data can't get into the intranet is to use a filtering router. This is a special kind of router that examines the Ip address and header data in every packet arrival into the network, and allows in only those packets that have addresses or other data, like e-mail, that the system administrator has decided should be allowed into the intranet.
All intranets are vulnerable to attack. Their basal Tcp/Ip architecture is same to that of the Internet. Since the Internet was built for maximum openness and communication, there are countless techniques that can be used to attack intranets. Attacks can involve the theft of vital firm data and even cash. Attacks can destroy or deny a company's computing resources and services. Attackers can break in or pose as a firm laborer to use the company's intranet resources.
Firewalls are hardware and software combinations that block intruders from passage to an intranet while still allowing habitancy on the intranet to passage the resources of the Internet. Depending on how regain a site needs to be, and on how much time, money, and resources can be spent on a firewall, there are many kinds that can be built. Most of them, though, are built using only a few elements. Servers and routers are the traditional components of firewalls.
Most firewalls use some kind of packet filtering. In packet filtering, a screening router or filtering router looks at every packet of data traveling in the middle of an intranet and the Internet.
Proxy servers on an intranet are used when man from the intranet wants to passage a server on the Internet. A invite from the user's computer is sent to the proxy server instead of directly to the Internet. The proxy server contacts the server on the Internet, receives the data from the Internet, and then sends the data to the requester on the intranet. By acting as a go-between like this, proxy servers can filter traffic and declare protection as well as log all traffic in the middle of the Internet and the network.
Bastion hosts are heavily fortified servers that deal with all incoming requests from the Internet, such as Ftp requests. A particular bastion host handling incoming requests makes it easier to declare protection and track attacks. In the event of a break in, only that particular host has been compromised, instead of the entire network. In some firewalls, many bastion hosts can be used, one for each separate kind of intranet assistance request.
How Firewalls Work
Firewalls protect intranets from any attacks launched against them from the Internet. They are designed to protect an intranet from unauthorized passage to corporate information, and damaging or denying computer resources and services. They are also designed to stop habitancy on the intranet from accessing Internet services that can be dangerous, such as Ftp.
- Intranet computers are allowed passage to the Internet only after passing through a firewall. Requests have to pass through an internal screening router, also called an internal filtering routeror choke router. This router prevents packet traffic from being sniffed remotely. A choke router examines all pack-ets for data such as the source and destination of the packet.
- The router compares the data it finds to rules in a filtering table, and passes or drops the packets based on those rules. For example, some services, such as rlogin, may not be allowed to run. The router also might not allow any packets to be sent to exact suspicious Internet locations. A router can also block every packet traveling in the middle of the Internet and the internal network, except for e-mail. system administrators set the rules for determining which packets to allow in and which to block.
- When an intranet is protected by a firewall, the usual internal intranet services are available-such as e-mail, passage to corporate databases and Web services, and the use of groupware.
- Screened subnet firewalls have one more way to protect the intranet-an covering screening router, also called an covering filtering router or an passage router. This router screens packets in the middle of the Internet and the perimeter network using the same kind of technology that the interior screening router uses. It can screen packets based on the same rules that apply to the internal screening router and can protect the network even if the internal router fails. It also, however, may have supplementary rules for screening packets specifically designed to protect the bastion host.
- As a way to supplementary protect an intranet from attack, the bastion host is located in a perimeter network-a subnet-inside the firewall. If the bastion host was on the intranet instead of a perimeter network and was broken into, the intruder could gain passage to the intranet.
- A bastion host is the main point of contact for connections arrival in from the Internet for all services such as e-mail, Ftp access, and any other data and requests. The bastion host services all those requests-people on the intranet contact only this one server, and they don't directly contact any other intranet servers. In this way, intranet servers are protected from attack.
3DMark Vantage Entry Preset.Full system specs: CPU: Intel Core i7 920 C0 @ 4200MHz (21x200) 1.49V + Arctic Silver 5 (HT enabled) CPU Cooler: Noctua NH-U12P SE1366 + SilverStone 800~2600rpm 107.9 CFM GPU: Club3D ATi Radeon HD 5770 @ default clocks and with default cooling Motherboard: Asus P6T X58 RAM: Corsair XMS3 3x2GB DDR3 1203MHz 8-8-8-20 PSU: Corsair HX1000W HDD's - 2x Western Digital 10000rpm 37GB raptors in Raid0 (OS) + 300GB Maxtor 7200rpm (storage) DVD Drive: LG GSA-H55L 20x DVD writer Hardcano 13 fan controller + 4x temp- sensors Case: Chieftec GH-01BW-OP 1x 120mm fan (back) and 2x 80mm fans (front) Logitech G15 keyboard Logitech G9 mouse Samsung T240 - 24 inch 1920x1200 5ms 20000:1 Dynamic Contrast Graphics driver: ATi Catalyst 9.12 hotfix Operating System: Microsoft Windows 7 Ultimate 64bit Camera used to record the video in 1280x720 (720p): Sony DSC-W290 Monitoring software used: CPU-Z version 1.52.2 (CPU specifications) TechPowerUp GPU-Z version 0.3.8 (GPU specifications, voltages and idle temperatures) MSI Afterburner v1.4.0 hardware monitor (GPU load temperatures, GPU usage and fan speed) ATi Catalyst Control Center (showing that GPU fan speed is at automatic) RealTemp 3.00 (CPU idle and load temperatures) Windows Task Manager (CPU usage) If you have any questions feel free to ask them!
Keywords: 3dmark, Vantage, Entry, preset, 3d, mark, arvutihull, ati, radeon, hd, 5770, hd5770, gpu, intel, core, i7, 920, oc, cpu, overclocking, overclock, club3d, club, brand, high, score, world, youtube, record, fastest, performance, extreme, xtreme, settings, amd, nvidia, geforce, phenom, black, edition, i5, i3, i9, 980x, 975, 965, 950, 940, 975x, xeon, lga, 1366, lga1366, gf, 100, 104, gf100, gf104, dx11, dx, 11, directx, directx11, tesselation, cuda, physx, off, stream, havok, fps, 5970, 5870, 5850, 5750, 5670, 5650, graphics, test, hx1000w, hx, 1000w, xms3, ht, ddr3, memory, ram
No comments:
Post a Comment