Netzwerk Infrastruktur eines Windows 2000 Netzwerks

Ich habe hier einige Stichwörter und Informationen als Spickzettel oder Lehrnhilfe zur MCP Prüfung 70-216 (Win2K Netzwerk Infrastruktur) zusammengetragen.


Inhaltsverzeichnis


TCP/IP-Referenzmodell

TCP/IP-Schicht Protokolle (Auswahl) OSI-Schicht
Anwendung FTP SMTP Telnet DNS SNMP 7
Transport TCP UDP 4
Netzwerk IP,ICMP,RIP,OSPF 3
ARP, RARP
Netzzugang Ethernet TokenBus Token Ring FDDI WLAN 2
1

Andwendung

Transportschicht

Netzwerkschicht

Netzzugangsschicht

top.gifZurück zum Inhalt


IP Adressierung / Subnet

Netzklassen

Laut RFC 1597 im Internet ungültige Adressen

Netzklassen
Class A 1.0.0.0 - 126.0.0.0Private Network
Class B128.0.0.0 - 191.255.0.0
Class C192.0.0.0 - 223.255.255.0
Class E224.0.0.0 to 239.255.255.255Multicast Protocol
Class D240.0.0.0 to 255.255.255.255Reserved

 

RFC 1918 Private Adress Space
Class A10.0.0.0 bis 10.255.255.25516,777,214
Class B172.16.0.0 bis 172.31.255.25516x 65T
Class C192.168.0.0 bis 192.168.255.255256x 254

Dezimale IP

IP = aaa.bbb.ccc.ddd Decimale IP = (aaa * 16777216) + (bbb * 65536) + (ccc * 256) + ddd

Subneting

Hier kommt folgendes: Wie funktioniert die IP Adressierund und das Subnetting / CIDR 255.255.255.0 is 11111111.11111111.11111111.00000000 in binary = 24 in CIDR

Die Subnetmaske besteht aus vier Blöcken mit je drei Ziffern zwischen 0 und 255. Eine solche Netzmaske kann so aussehen 255.255.255.0. Die Differenz zu 255 gibt die Anzahl Hosts an, welche in diesem Adressbereich sind. Wobei die 0 als Netzbezeichner und 255 für die Broadcastadresse reserviert sind.

Umrechnungstabelle
Byte2^82^72^62^52^42^32^22^12^0
Dezimal2561286432168421
Binär876543210

Die Subnetmaske kann auch mit einem Binärenwert zwischen 0 und 32 angegeben werden 255.255.255.0 = 8 + 8 + 8 + 0 = 24

Subnet MaskCIDR PrefixTotal IP'sUsable IP'sNumber of Class C networks
255.255.255.255/32111/256th
255.255.255.254/31201/128th
255.255.255.252/30421/64th
255.255.255.248/29861/32nd
255.255.255.240/2816141/16th
255.255.255.224/2732301/8th
255.255.255.192/2664621/4th
255.255.255.128/251281261 half
255.255.255.0/242562541
255.255.254.0/235125102
255.255.252.0/22102410224
255.255.248.0/21204820468
255.255.240.0/204096409416
255.255.224.0/198192819032
255.255.192.0/1816,38416,38264
255.255.128.0/1732,76832,766128
255.255.0.0/1665,53665,534256
255.254.0.0/15131,072131,070512
255.252.0.0/14262,144262,1421024
255.248.0.0/13524,288524,2862048
255.240.0.0/121,048,5761,048,5744096
255.224.0.0/112,097,1522,097,1508192
255.192.0.0/104,194,3044,194,30216,384
255.128.0.0/98,388,6088,388,60632,768
255.0.0.0/816,777,21616,777,21465,536
254.0.0.0/733,554,43233,554,430131,072
252.0.0.0/667,108,86467,108,862262,144
248.0.0.0/5134,217,728134,217,7261,048,576
240.0.0.0/4268,435,456268,435,4542,097,152
224.0.0.0/3536,870,912536,870,9104,194,304
192.0.0.0/21,073,741,8241,073,741,8228,388,608
128.0.0.0/12,147,483,6482,147,483,64616,777,216
0.0.0.0/04,294,967,2964,294,967,29433,554,432

Die wichtigsten TCP/UDP Ports

Hier die wichtigsten Ports
echo7/tcpTCP Echo
ftp-data20/tcpFTP data
ftp21/tcpFTP control
ssh22/tcpSecure Shell
telnet23/tcpTelnet
smtp25/tcpSimple Mail Transfer Protocol
domain53/tcpDomain Name Service
domain53/udpDomain Name Service
bootps67/udpDHCP Server (Bootstrap Protocol Server)
bootpc68/udpDHCP Client (Bootstrap Protocol Client)
tftp69/udpTrivial File Transfer
gopher70/tcpGopher
finger79/tcpFinger
http80/tcpHypertext Transfer Protocol
Kerberos88/tcpKerberos
Kerberos88/udpKerberos
pop3110/tcpPost Office Protocol Version 3
nntp119/tcpNetwork News Transfer Protocol
ntp123/tcpNetwork Time Protocol
epmap135/tcpDCE Endpoint Resolution
epmap135/udpDCE Endpoint Resolution
netbios-ns137/tcpNETBIOS Name Servis^ce
netbios-ns137/udpNETBIOS Name Service
netbios-dgm138/udpNETBIOS Datagram Service
netbios-ssn139/udpNETBIOS Session Service
netbios-ns137/udpNETBIOS Name Servise
imap143/tcpIMAP4
snmp161/udpSNMP - Simple Network Management Protocol
snmptrap162/udpSNMP Trap
print-srv170/tcpNetwork PostScript
bgp179/tcpBorder Gateway Protocol
irc194/tcpIRC - Internet Relay Chat Protocol
ipx213/udpIPX over IP
ldap389/tcpLightweight Directory Access Protocol
https443/tcpHTTPS
https443/udpHTTPS
microsoft-ds445/tcpMicrosoft DS
microsoft-ds445/udpMicrosoft DS
kpasswd464/tcpKerberos v5
kpasswd464/udpKerberos v5
isakmp500/udpIKE - Internet Key Exchange
printer515/tcpSpooler
ldaps636/tcpSLDAP - LDAP over TLS/SSL
kerberos-adm749/tcpKerberos Administration
kerberos-adm749/udpKerberos Administration
kerberos-iv750/tcpKerberos version IV
kpop1109/tcpKerberos POP
ms-sql-s1433/tcpMicrosoft-SQL-Server
ms-sql-s1433/udpMicrosoft-SQL-Server
ms-sql-m1434/tcpMicrosoft-SQL-Monitor
ms-sql-m1434/udpMicrosoft-SQL-Monitor
wins1512/tcpWINS - Windows Internet Name Service
wins1512/udpWINS - Windows Internet Name Service
l2tp1701/udpLayer Two Tunneling Protocol
pptp1723/tcpPoint-to-Point Tunneling Protocol
radius1812/udpRadius Authentification Protocol
radacct1813/udpRadius Accounting Protocol
nfsd2049/udpNFS Server

top.gifZurück zum Inhalt


Netwerkkarten

NDIS = Network Driver Interface Specification Protokoll NWLink : FrameType, Network Number, Internal Network Number Prüfung mit ping an default Gateway

top.gifZurück zum Inhalt


DNS

DNS Grundlagen

Subdomain / Toplevel Domain / Root domain SOA / TTL SOA = Authorative Data Source FQDN = Fully Qualified Domain Name (max. 255 Zeichen) APIPA 169.254.0.0 - 169.254.255.255 Erlaubte zeichen A-Z, a-z, 0-9 und - 192.168.1.0 --> 1.168.192.in-addr.arpa DNS Notify DDNS Zonentransfer

Recource Record Type

Recource Record Types
AHost
MXMail Exchanger
MG
MB
MINFO
NXT
KEY
MR
RP
RT
SRVSERVER
SIG
TXT
WKS
X25
CNAMECano Name
HWINFOCPU and OS Info
AFS
ATMA
AAAAIPV6 HOST
PTRPOINTER

DDNS Dynamic Domain Name System TCP und UDP Port 53 nslookup ipadress dnsserver nslookup hostname/FQDN dnsserver

top.gifZurück zum Inhalt


DHCP

dhcpdiscover with MAC Adress and Hostname dhcpoffer Client MAC Adress, IP Adresse, Subnetmask, Leasetime, IP des DHCP Servers dhcprequest dhcpack Global Options Scope Options Client Options Scope erzeugen Scope aktivieren Subnet änderung erfordert löschen des alten Scopes und muss neu angelegt werden.

bootps 67/tcp # BOOTP server bootps 67/udp bootpc 68/tcp # BOOTP client bootpc 68/udp

top.gifZurück zum Inhalt


WINS - Windows Internet Naming Service

WINS Windows Internet Naming Service Wins Client fordert eine Namenserneuerung Wins Server sendet eine Namenserneuerung mit aktualisiertem TTL Client fordert Namenslöschung Server antwortet mit einer "Name release response" (TTL des Records wird auf 0 gesetzt) Wins Proxy Agent leitet WINS anfragen an einen WINS Server weiter

WINS Update benutzt TCP Port 47

Knotentypen
00hWorkstation
03hMessenger
06hRASServer
1BhDomain Master Browser
2ChDomain Controller
1EhNormal Group Name
1FhNetsDDE
20hFileServer
BEhNetwork Monitor Agent
BFhNetwork Monitor Name

top.gifZurück zum Inhalt


RAS

Verbindungen

Modem, Frame Relay, ISDN, X25, Netzwerkverbindungen, VPN

RAS-Protokolle

Routingprotokolle

Max. 256 Ras Connections

top.gifZurück zum Inhalt


IPSec

net stop policyagent
net start policyagent

top.gifZurück zum Inhalt

VPN

Daten werden verschlüsselt und mit einem Heder mit Routinginformationen versehen Security Association -> Destianation Address / Security Protocol / Security Parameters Index (SPI) VPN: Only IPSec = Layer 3 Tunneling IAS = Internet Authentification Server (Radius) VPN = Virtual Private Network PPTP (128 Ports) Protocol 47 TCP src any dst 1723 L2TP (128 Ports) UDP src 500 dst 500 TCP src 1701 dst 1701

ICS / NAT

ICS LAN IP 192.168.0.1 ICS DHCP Beriech 192.168.0.2 - 192.168.254.254 NAT Private Bereich 192.168.0.0/24 Internet connection sharing Single check box configuration Single public IP address Fixed address range for SOHO hosts Single SOHO interface Network address translation Manual configuration Multiple public IP addresses Configurable address range for SOHO hosts Multiple SOHO interfaces Namensauflösung DNS oder WINS

top.gifZurück zum Inhalt


Certificates

Standalone CA Enterprise CA RDN Relative Distinguished Name Verschlüsselungslänge wird für Public Key angegeben LDAP max 64 Zeichen für ein Objekt

top.gifZurück zum Inhalt


Comannd Line Tools

Ipconfig
Ipconfig /allZeigt die IP Konfiguration
Ipconfig /releaseGibt die IP Adresse frei
Ipconfig /renewVersucht per DHCP eine neue IP zu erhalten

 

nbtstat
nbtstat -a remotecomuter'Lists remote machine Name table
nbtstat -c'Shows chache
nbtstat -n'Local NetBIOS names
nbtstat -r'Lists resolved names
nbtstat -R'Purge and Reload
nbtstat -s'Shows sessions

 

route
Route add [network] mask [netmask] [gateway]Adds a route
Route -p add [network] mask [netmask] [gateway]Adds a persistent route
Route delete [network] [gateway]Deletes a route
Route change [network] [gateway]Modifies a route
Route printDisplays routing table
Route -fClears all routes

 

dnscmd
DnsCmd ServerName /Config ZoneName Property Value
dnscmd /Configdnscmd /Config
dnscmd /EnumZonesEnumerate zones
dnscmd /StatisticsQuery/clear server statistics data
dnscmd /ClearCacheClear DNS server cache
dnscmd /WriteBackFilesWrite back all zone or root-hint datafile(s)
dnscmd /StartScavengingInitiates server scavenging (spülverfahren)
dnscmd /ResetListenAddresseselect server IP address(es) to serve DNS reqsts
dnscmd /ResetForwardersSet DNS servers to forward recursive queries
dnscmd /ZoneInfoView zone information
dnscmd /ZoneAddCreate a new zone on the DNS server
dnscmd /ZoneDeleteDelete a zone from DNS server or DS
dnscmd /ZonePausePause a zone
dnscmd /ZoneResumeResume a zone
dnscmd /ZoneReloadReload zone from its database (file or DS)
dnscmd /ZoneWriteBackWrite back zone to file
dnscmd /ZoneRefreshForce refresh of secondary zone from master
dnscmd /ZoneUpdateFromDsUpdate a DS integrated zone by data from DS
dnscmd /ZoneResetTypeChange zone type Primary/Secondary/DSintegrat
dnscmd /ZoneResetSecondariesReset secondary\notify information for a zone
dnscmd /ZoneResetScavengeServersReset scavenging servers for a zone
dnscmd /ZoneResetMastersReset secondary zone's master servers
dnscmd /EnumRecordsEnumerate records at a name
dnscmd /RecordAddCreate a record in zone or RootHints
dnscmd /RecordDeleteDelete a record from zone, RootHints or Cache
dnscmd /NodeDeleteDelete all records at a name
dnscmd /AgeAllRecordsForce aging on node(s) in zone

 

netsh
netsh ?Displays a list of commands
netsh aaaaChanges to the `aaaa' context (Authenitification,Authorisation, Audit)
netsh addAdds a configuration entry to a list of entries
netsh deleteDeletes a configuration entry from a list of entries
netsh dhcpChanges to the `dhcp' context
netsh dumpDisplays a configuration script
netsh execRuns a script file
netsh helpDisplays a list of commands
netsh interfaceChanges to the `interface' context
netsh rasChanges to the `ras' context
netsh routingChanges to the `routing' context
netsh setUpdates configuration settings
netsh showDisplays information
netsh winsChanges to the `wins' context.

 

cipher
cipher /EEncrypt
cipher /DDecrypt
cipher /SDirectory and Subdirectory
cipher /AFiles and Folders
cipher /IIgnore Errors
cipher /FForce
cipher /QQuiet
cipher /Knew Key for User who runs cipher
cipher /WRemoves Data from unused Disk space
cipher /X Filename Xport EFS Certificate

top.gifZurück zum Inhalt

test.bat @pushd \ @for /F %%i in ('@findstr /S /I /M /P %1 *.*') do @start notepad %%i @popd


Copyright © November 2004 - Andres Bohren, Icewolf Software