(NOTE: Each chapter concludes with a Summary.)
Preface.
Acknowledgments.
I. HOW AND WHY PACKETS MOVE ON THE NETWORK.
0. A quick introduction to TCP/IP.
To debug and understand your network, trace the packets.
Networks can be easier than stand-alone machines.
TCP/IP consists of separate building blocks.
TCP/IP traffic is made up of packets.
1. The tcpdump packet sniffer -- your eyes and ears on the network.
How tcpdump works.
How to run tcpdump.
How to select just the packets you're interested in.
Common problems with tcpdump.
2. How packets move on the local wire.
IP address and netmask -- how to get a packet to your machine.
Netmask -- the range of my directly connected network.
Ethernet networking: moving packets along the local wire.
ARP -- how my machine finds the Ethernet address of your machine.
Viewing and manipulating ARP entries.
Using ping to generate test traffic between two machines.
Lab -- building the simplest network possible: hubs and cabling.
Hubs v. switches.
Lab -- software configuration: Windows.
Verifying your settings -- Windows.
Lab -- software configuration: Linux(r).
Lab -- building the simplest network possible: implement and test.
How to diagnose a problem with your network: hop by hop and step by step.
3.Basic routing -- how packets move from this network to another network connected to it.
The fundamental IP routing decision.
Telling a router to forward a packet.
The third crucial networking parameter: default gateway router.
Setting your default gateway -- Windows-NT(r).
Setting your default gateway -- Linux.
Lab -- building the simplest possible inter-network (1).
Lab -- building the simplest possible inter-network (2).
Lab -- tracing packets across a router using tcpdump.
The traceroute program.
Using traceroute.
Error reporting from a LAN PC.
4. IPaddressing and netmasks in detail.
How TCP/IP identifies networks.
The historical IP address classes.
From address classes to netmasks.
How netmasks specify ranges of IP addresses.
Specifying different sizes of network range.
Table of netmasks.
Examples of the use of netmasks.
Netmask calculations.
Special IP numbers (1) -- private addresses.
Special IP numbers (2) -- IP broadcast addresses.
Special IP numbers (3) -- multicast, network, and loopback addresses.
5. Routing in detail -- controlling how and where packets pass in and out of your networks.
Routing tables direct the movement of packets on your networks.
Routing table details -- Linux.
Linux routing tables (1) -- adding routes.
Linux routing tables (2) -- deleting routes; common problems.
Routing table details -- Windows.
Windows routing tables (1) -- displaying and adding routes.
Windows routing tables (2) -- deleting routes; common problems.
Creating routes for directly connected networks and default gateways.
Multiple default gateways.
ICMP redirects affect routing tables and simplify LAN configuration.
ICMP redirects implementations; automatic routing protocols.
Lab -- test network to demonstrate ICMP redirects.
More about traceroute.
Troubleshooting (1) -- netmasks and addresses.
Troubleshooting (2) -- routing.
6. Routing in practice.
Hosts using multiple routers.
Lab -- building a network with multiple routers.
Lab -- multiple networks on the same local wire.
Lab -- multiple networks on the same local wire -- Linux.
How to embed a test network in your live LAN.
Dividing your network into sub-nets -- motivation.
Lab -- creating simple sub-nets (1) -- the wrong way.
Lab -- creating simple sub-nets (2) -- the right way.
Lab -- complex sub-nets (1) -- planning.
Lab -- complex sub-nets (2a) -- calculate ranges.
Lab -- complex sub-nets (2b) calculate ranges (contd).
Complex sub-nets (3) -- assign IP numbers.
Complex sub-nets (4) -- implementation.
Routing to connect remote sites.
7. The DNS-- names instead of IPaddresses.
DNS -- the domain name system.
The DNS client -- how an application 'resolves' a name.
Configuring your PC to use DNS -- DNS server addresses.
Lab -- configuring Linux to use the DNS.
Lab -- configuring your Windows PC to use DNS.
Lab -- interrogating the DNS -- nslookup and host.
Other information contained in the DNS.
Contents of DNS packets and how tcpdump shows them.
Lab -- interrogating the DNS -- nslookup command debug options.
Lab -- interrogating the DNS -- host command debug options.
8. The DNS (2) -- how the servers work.
Domains and domain names.
The DNS database is distributed.
Delegation and zones -- top-level domains.
Delegation and zones -- lower-down domains.
Delegation -- tracing the packets.
Delegation -- how the packets flow.
Delegation -- iterative and recursive queries; subdomains.
Types of server (1) -- root, primary, secondary.
Where primary and secondary servers are located.
DNS servers cache query results but clients don't.
Types of server (2) -- caching-only; forwarders.
Types of server (3) -- servers for internal names.
DNS for internal names -- client configuration.
Lab -- configuring your PC to use DNS (2) -- domain name (and hostname).
Lab -- configuring your PC to use DNS (3) -- the 'searchlist' .
How reverse lookups work.
9. Troubleshooting the DNS.
Troubleshooting -- identifying a problem.
Debug output for a failed name resolution.
DNS problems and causes.
Interference from other name resolution systems.
II. END-USER AND SYSTEM APPLICATIONS.
10. The TCP protocol; the applications layer and the telnet application.
Why we need TCP and transport protocols.
How TCP provides a reliable connection over unreliable IP.
TCP connections and ports.
TCP connections are identified by ports.
Viewing connections with the netstat command.
The telnet application.
Lab -- using telnet as the universal TCP client.
The life-cycle of a TCP connection (1).
The life-cycle of a TCP connection (2).
More about ports and servers.
11. E-mail -- SMTP and POP3.
Overview of Internet e-mail.
Locating the destination mail server -- MX records.
MX records for resilience.
MX records for intermittent connections; mail delivery problems.
Lab -- using telnet to send an SMTP message.
Components of an SMTP session (1) -- the envelope.
Components of an SMTP session (2) -- the message body.
Mail headers.
POP3 clients and servers.
Lab -- using telnet to retrieve messages from your POP server.
Lab -- configuring your e-mail client's POP and SMTP server settings.
Troubleshooting (1) -- you can't send to a remote site.
Troubleshooting (2) -- a remote site can't send to you.
Security problems with e-mail: spoofing, spamming, relaying.
12. E-mail -- MIME, IMAP; other mail systems.
Sending and receiving non-text messages.
E-mail attachments and MIME.
MIME headers (1) -- Content-Type.
MIME headers (2) -- Content-Transfer-Encoding, etc..
IMAP -- the Internet Message Access Protocol.
Other mail systems.
13. The ethereal protocol analyzer and ngrep packet sniffer.
What ethereal is and how it compares with tcpdump.
How to start ethereal and select the packets you want.
Lab -- a typical ethereal session.
Using display filters.
ethereal -- other features.
Tips and tricks.
The ngrep packet sniffer.
ngrep search patterns -- regular expressions.
14. HTTP and the World Wide Web.
HTTP -- the Hypertext Transfer Protocol.
What a Web browser does.
Lab -- components of a very simple HTTP session.
The different versions of HTTP.
HTTP/1.0 and 1.1 -- requests and response headers.
Request and response headers (contd).
Lab -- more advanced HTTP sessions.
How MIME fits in with HTTP.
Lab -- HTTP/1.1 -- persistent TCP connections.
URLs, machine names, and the DNS.
URLs and Web page names.
Web proxy servers.
Why use a Web proxy server?
Lab -- configuring your browser to use a proxy server, Internet Explorer.
Lab -- configuring your browser to use a proxy server, Netscape Navigator.
Caching in the browser.
Security -- authentication.
Miscellaneous Web topics.
Troubleshooting an HTTP connection.
15. UDP and other protocols.
UDP is a connection-less and 'unreliable' transport protocol.
Applications that use UDP.
UDP ports.
How the protocols relate to each other.
16. DHCP -- automating your TCP/IPclient management.
Why DHCP is needed.
How DHCP works (1).
How DHCP works (2).
Lab -- configuring a client to use DHCP (Windows).
Lab -- configuring a client to use DHCP (Linux).
Large networks: DHCP relay; ISP dial-up addresses.
17. Other applications and their protocols.
Daytime, echo, discard, and chargen services.
FTP -- File Transfer Protocol.
How FTP connections are established.
netcat (or nc) -- the TCP/IP Swiss army knife.
Lab -- two FTP sessions using telnet as client.
X window system.
LDAP -- Lightweight Directory Access Protocol; overview.
LDAP -- directories and database considerations.
Lab -- using LDAP to find e-mail addresses.
SNMP -- Simple Network Management Protocol.
Lab -- using SNMP.
Other useful services -- Syslog; LPR printing.
NTP -- Network Time Protocol.
NFS -- the Network File System.
NFS -- implementation details.
Lab -- sniffing an NFS session.
III. Microsoft Windows Networking on a TCP/IPnetwork.
18. MS-Windows Networking -- introduction.
An overview of Microsoft Windows Networking.
Microsoft Windows Networking -- architecture.
Windows Networking implementation.
Windows Networking implementation over TCP/IP.
Windows Networking implementation -- NT Services.
Lab -- the Windows Network Monitor, overview.
Lab -- Network Monitor -- capture filter by protocol.
Lab -- Network Monitor -- capture filter by address.
Lab -- Network Monitor -- display filters.
Windows Network Monitor -- tips and tricks.
19. Windows Networking -- name resolution.
NetBIOS names and name resolution -- overview.
NetBIOS names.
Method 1: broadcasts.
Method 2: WINS -- the NetBIOS name server.
WINS server configuration.
Other WINS issues: non-WINS clients; database replication.
Method 3: using the DNS as NetBIOS name server instead of using WINS.
Methods 4, 6: HOSTS files and NetBIOS cache.
Method 5: LMHOSTS -- the LAN Manager hosts file.
'Node type' and NetBIOS name resolution order.
Choosing a node type.
Troubleshooting NetBIOS name resolution.
20. Windows Networking -- logon and domains.
Overview of NT domains and security.
The logon prompt and local and network logons.
Local logon. Encrypting the password.
Logon over the network -- overview.
Logon over the network (1a) -- 'discover' a domain controller.
Logon over the network (1b) -- the computer account.
Logon over the network (1b contd) -- PC authenticates and creates a secure channel.
Logon over the network (2) -- sending the password securely.
Different logon types: terminology (1).
Different logon types: terminology (2).
Logon and controlling access to network resources.
Domain controllers.
21. Windows Networking -- browsing the network.
Overview.
The client announces itself to the server(s).
How the client locates a browse server.
Retrieving the browse list.
Client browsing more than one domain.
Different types of browse server.
Deciding which PC takes on which role; elections.
Lab -- line-by-line trace of an election.
Multiple-segment browsing and the domain master browser.
Miscellaneous.
What Find Computer does.
Troubleshooting.
22. Using Windows Networking.
Using Windows Explorer.
Lab -- using Windows Networking over a routed network.
Troubleshooting.
Samba.
IV. Connecting to the Internet, and Internet security.
23. Connecting your site to the Internet.
First steps -- deciding what you need.
Network Address Translation (NAT) -- overview.
Consequences of using NAT.
NAT -- port translation; one-to-one NAT.
Planning your implementation.
Internet connection types, NAT, firewalls, and LAN: IP addressing for preliminary testing.
IP addressing for the live network.
Implementation (1).
Implementation (2).
Implementation (3).
Other ways to connect your site to the Internet.
Backup Internet connections.
24. Firewalls.
What a firewall is and why you want one.
How firewalls work (1) -- packet-filtering firewalls; rule ordering.
How firewalls work (2) -- stateful packet inspection.
Stateful packet inspection and resource usage.
How firewalls work (3) -- application-level gateways.
Using a demilitarized zone (DMZ) on a firewall.
Choosing a firewall.
Implementing a firewall.
Troubleshooting with a firewall in place.
25. Other security services.
Proxy servers; other security components.
Virus scanning and content filtering.
Web URL filtering.
E-mail: proxy and filtering servers.
26. Dial-up networking and PPP.
Dial-up networking -- overview.
Overview of Windows dial-up networking.
Connect a modem to your Windows-NT PC.
Install dial-up software on your PC.
Configure PC with details of your ISP account.
Configure PC with ISP TCP/IP addressing details.
Dialing up.
Monitoring the connection status.
Troubleshooting.
Configure the PC's dial-up default gateway and other routing.
Dial-up PC connecting to HQ's network.
Miscellaneous.
27. VPN -- virtual private networking.
What VPN is and why you want it.
IPsec -- the IP security protocol.
IPsec concepts -- manual keying.
IPsec manual keying example.
VPN implementation details.
IKE -- Internet Key Exchange (automated keying).
IKE example.
Protecting dial-up VPN.
VPN troubleshooting.
Building a test network for VPN.
Epilog.
Appendices.
1. Layers, the protocol stack, and network reference models.
2. RFCs and Internet standards.
3. Ethernet Hubs and switches.
4. tcpdump command summary.
5. tcpdump man page in full.
6. Making network settings permanent -- Debian Linux.
7. UTP and null-modem wiring.
8. Windows-NT route command manpage.
9. Example of working network diagram.
10. Our on-site toolkit.
11. nslookup man page in full.
12. host man page summary.
13. Base64 encoding.
14. Nested MIME attachments.
15. Example of an IMAP session.
16. Installing ethereal; ethereal field names.
17. HTTP/1.1 server response codes.
18. IP Protocol numbers.
19. nc (netcat) man page in full.
20. Controlling network services.
21. NetBIOS names.
22. DNS and NetBIOS name resolution order in Windows.
23. Windows name resolution worksheet.
24. The BROWSTAT command.
25. Worksheet for testing a new Internet connection.
26. Organizing your software downloads.
Index. 0201750783T11202002
