SNA Lab File

SY
SYSTEM AND
NETWORK
ADMINISTRATIO
N
APEEJAY COLLEGE OF
ENGG.
GURGAON.
SUBMITTED BY:-
HARSH PULKIT
ROLL-058018
INFORMATION TECHNOLOGY
VII SEM
SYSTEM AND NETWORK ADMINISTRATION
EXPERIMENT NO.-1
AIM: SETTING UP OF LOCAL SECURITY POLICY.

Security policy is a combination of security settings that affect the security on a computer. You
can use Local Security Policy to edit account policies and local policies on your local computer.
With Local Security Policy, you can control:
• Who accesses your computer.

• What resources users are authorized to use on your computer.
• Whether or not a user or group's actions are recorded in the event log.
How policy is applied to a computer that is joined to a domain :
If your local computer is joined to a domain , you are subject to obtaining security policy from
the domain's policy or from the policy of any organizational unit that you are a member of. If
you are getting policy from more than one source, then any conflicts are resolved in this order of
precedence, from highest to lowest:
• Organizational unit policy

• Domain policy
• Site policy
• Local computer policy
When you modify the security settings on your local computer using Local security policy, then
you are directly modifying the settings on your computer, therefore, the settings take effect
immediately, but this may only be temporary. The settings will actually remain in effect on your
local computer until the next refresh of Group Policy security settings, when the security settings
that are received from Group Policy will override your local settings wherever there are
conflicts. The security settings are refreshed every 90 minutes on a workstation or server and
every 5 minutes on a domain controller. The settings are also refreshed every 16 hours, whether
or not there are any changes.
PROCEDURE:
2
<I> To edit local security settings
1. Open Local Security Settings.

2. Do one of the following:
o To edit Password Policy or Account Lockout Policy, in the console tree, click
Account Policies.
o To edit an Audit Policy, User Right Assignment, or Security Options, in the

console tree, click Local Policies.
3. In the details pane, double-click the policy that you want to modify.
4. Make the changes you want and click OK.
5. To change other policies, repeat the two previous steps.
3
<II>To assign user rights for your local computer
1. Open Local Security Settings.

2. In the console tree, click User Rights Assignment.
o Security Settings
o Local Policies
o User Rights Assignments
4
3. In the details pane, double-click the user right you want to change.
4. In UserRight Properties, click Add.
5. Add the user or group and click OK.
5
EXPERIMENT NO. 2
AIM: MANAGEMENT OF USERS AND GROUPS
Local Users and Groups is a tool you can use to manage local users and groups. It is available on
the following operating systems:
• Windows 2000 Professional

• Windows XP Professional
• Member servers running Windows 2000 Server
A local user or group is an account that can be granted permissions and rights from your
computer. Domain or global users and groups are managed by your network administrator. You
can add local users, global users, and global groups to local groups. However, you cannot add
local users and groups to global groups.
Local Users and Groups is an important security feature because you can limit the ability of users
and groups to perform certain actions by assigning them rights and permissions. A right
authorizes a user to perform certain actions on a computer, such as backing up files and folders
or shutting down a computer. A permission is a rule associated with an object (usually a file,
folder, or printer) and it regulates which users can have access to the object and in what manner.
Users overview
Users displays the two built-in user accounts, Administrator and Guest, as well as any user
accounts you create. The built-in user accounts are created automatically when you install
Windows 2000 or Windows XP.
To create a new user account
1. Click Start, and then click Control Panel. Click Performance and Maintenance, click
Administrative Tools, and then double-click Computer Management.
2. In the console tree, click Users.
o Computer Management
o System Tools
o Local Users and Groups
o Users
6
3. On the Action menu, click New User.
4. Type the appropriate information in the dialog box.

5. Select or clear the check boxes for:
o User must change password at next logon
o User cannot change password
o Password never expires
o Account is disabled
7
6. Click Create, and then click Close.
POINTS TO REMEMBER:-
• A user name cannot be identical to any other user or group name on the computer being
administered. It can contain up to 20 uppercase or lowercase characters except for the
following:
"/\[]:;|=,+*?<>
A user name cannot consist solely of periods (.) or spaces.
• In Password and Confirm password, you can type a password containing up to 127
characters. However, if you're using Windows 2000 or Windows XP on a network that
also has computers using Windows 95 or Windows 98, consider using passwords not
longer than 14 characters. Windows 95 and Windows 98 support passwords of up to 14
characters. If your password is longer, you may not be able to log on to your network
from those computers.
• You should not add a new user to the Administrators group unless the user will perform
only administrative tasks. For more information, click Related Topics.
To create a new local group
1. click Start, and then click Control Panel. Click Performance and Maintenance, click
Administrative Tools, and then double-click Computer Management.
2. In the console tree, click Groups.
o Computer Management
o System Tools
o Local Users and Groups
o Groups
3. Click Action, and then click New Group.
8
4. In Group name, type a name for the new group.

5. In Description, type a description of the new group.
6. Click Create, and then click Close.
EXPERIMENT NO. 3
AIM: USE OF EVENT VIEWER
Using the event logs in Event Viewer, you can gather information about hardware, software, and
system problems. You can also monitor Windows XP security events.
A computer running any version of Windows XP records events in three kinds of logs:
1. Application log
The application log contains events logged by applications or programs. For example, a database
program might record a file error in the application log. Program developers decide which events
to monitor.
9
2. Security log
The security log records events such as valid and invalid logon attempts, as well as events related
to resource use such as creating, opening, or deleting files or other objects. An administrator can
specify what events are recorded in the security log. For example, if you have enabled logon
auditing, attempts to log on to the system are recorded in the security log.
3. System log
The system log contains events logged by Windows XP system components. For example, the
failure of a driver or other system component to load during startup is recorded in the system log.
The event types logged by system components are predetermined by Windows XP.
HOW TO VIEW EVENT DETAILS

To view more details about an event
1. To open Event Viewer, click Start, click Control Panel, click Performance
and Maintenance, click Administrative Tools, and then double-click
Event Viewer
2. In the console tree, expand EVENT VIEWER, and then click the log that
contains the event that you want to view.
10
3. In the details pane,double- click the event that you want to view. The EVENT
PROPERTIES dialog box containing header info and the description of the
event is displayed.
4. To copy the details of the event , click COPY button, then open a new
document in the program you want to paste the event(e.g. Microsoft word),
and then click Paste on the EDIT menu.
5. To view the description of the previous or next event , click the UP ARROW or
DOWN ARROW.
11
EXPERIMENT NO. 4
12
AIM: USE OF PERFORMANCE MONITORING
Performance Logs and Alerts overview
With Performance Logs and Alerts you can collect performance data automatically from local or
remote computers. You can view logged counter data using System Monitor or export the data to
spreadsheet programs or databases for analysis and report generation. Performance Logs and
Alerts offers the following capabilities:
• Performance Logs and Alerts collects data in a comma-separated or tab-

separated format for easy import to spreadsheet programs. A binary log-file
format is also provided for circular logging or for logging instances such as
threads or processes that might begin after the log starts collecting data.
(Circular logging is the process of continuously logging data to a single file,
overwriting previous data with new data.)
• You can also collect data in an SQL database format. This option defines the
name of an existing SQL database and log set within the database where the
performance data will be read or written. This file format is useful when
collecting and analysing performance data at an enterprise level rather than
a per server basis.
• Counter data collected by Performance Logs and Alerts can be viewed during
collection as well as after collection has stopped.
• Because logging runs as a service, data collection occurs regardless of
whether any user is logged on to the computer being monitored.
• You can define start and stop times, file names, file sizes, and other
parameters for automatic log generation.
• You can manage multiple logging sessions from a single console window.
• You can set an alert on a counter, specifying that a message be sent, a
program be run, an entry be made to the application event log, or a log be
started when the selected counter's value exceeds or falls below a specified
setting.
Similar to System Monitor, Performance Logs and Alerts provides support for defining
performance objects, performance counters, and object instances, and setting sampling intervals
for monitoring data about hardware resources and system services. Performance Logs and Alerts
also offers other options related to recording performance data. These include:
• Start and stop logging either manually on demand, or automatically based

on a user-defined schedule.
• Configure additional settings for automatic logging, such as automatic file
renaming, and set parameters for stopping and starting a log based on the
elapsed time or the file size.
• Create trace logs. Using the default Windows XP system data provider or
another application provider, trace logs record detailed system application
events when certain activities such as a disk input/output (I/O) operation or a
page fault occurs. When the event occurs, Windows XP logs the data to a file
specified by the Performance Logs and Alerts service. This differs from the
13
operation of counter logs; when counter logs are in use, the service obtains
data from the system when the update interval has elapsed, rather than
waiting for a specific event. A parsing tool is required to interpret the trace
log output. Developers can create such a tool using application programming
interfaces (APIs) provided on the MSDN Library Web site
(http://msdn.microsoft.com/).
• You can also produce trace analysis reports from trace log output files using
the Tracerpt tool. Use this tool to process kernel, Active Directory, and other
transactional-based trace event logs, and to generate trace analysis reports
and a .csv files from binary logs.
• Define a program that runs when a log is stopped.
Starting performance logs and alerts

#Creating the counter log
1. To open Performance, click Start, click Control Panel, click Performance

and Maintenance, click Administrative Tools, and then double-click
Performance.
2. Double-click Performance Logs and Alerts, and then double-click Counter

Logs.
3. Any existing logs will be listed in the details pane. A green icon indicates that
a log is running; a red icon indicates that a log has been stopped.
14
4. Right-click a blank area of the details pane, and click New Log Settings.
5. In Name, type the name of the log, and then click OK.
15
6. On the General tab, click Add Objects and select the performance objects
you want to add, or click Add Counters to select the individual counters you
want to log.
7. If you want to change the default file and schedule information, make the
changes on the Log Files tab and the Schedule tab.
16
EXPERIMENT NO. 5
AIM: MANAGEMENT OF IIS SERVER
Internet Information Services (IIS) makes it easy for you to publish information on
the Internet or your intranet. IIS includes a broad range of administrative features
for managing Web sites and your Web server. With programmatic features like
Active Server Pages (ASP), you can create and deploy scalable, flexible Web
applications. IIS is not installed by default but can be added using the Add/Remove
Programs dialog box from the Control Panel.
IIs 6.0 is a complete Web Server that makes it possible to quickly and easily deploy
powerful websites and applications. The administrative guidance section below
provides technical guidance for securely and productively managing IIS 6.0.
#Procedure
1. Click Start, click Control Panel, and click Add or Remove Programs.
2. Click Add/Remove Windows Components. The Windows Components
Wizard appears.
3. Follow the on-screen instructions to install, remove, or add components
to IIS.
17
EXPERIMENT NO. 6
AIM: SETTING UP OF LAN
When you create a home or small office network, computers running Windows XP Professional,
or Windows XP Home Edition are connected to a local area network (LAN). When you install
Windows XP, your network adapter is detected, and a local area connection is created. It
appears, like all other connection types, in the Network Connections folder. By default, a local
area connection is always activated. A local area connection is the only type of connection that is
automatically created and activated.
If you disconnect your local area connection, the connection is no longer automatically activated.
Because your hardware profile remembers this, it accommodates your location-based needs as a
mobile user. For example, if you travel to a remote sales office and use a separate hardware
profile for that location that does not enable your local area connection, you do not waste time
waiting for your network adapter to time out. The adapter does not even try to connect.
If your computer has more than one network adapter, a local area connection icon for each
adapter is displayed in the Network Connections folder.
You can create local area networks using Ethernet, wireless, home phoneline (HPNA), cable
modems, DSL, and IrDA (Infrared), Token Ring, FDDI, IP over ATM, and ATM-emulated
LANs. Emulated LANs are based on virtual adapter drivers such as the LAN Emulation
Protocol.
If changes are made to your network, you can modify the settings of an existing local area
connection to reflect those changes. For information about modifying a connection, see To
configure a connection. With the Status menu option in Network Connections, you can view
connection information such as connection duration, speed, amounts of data transmitted and
received, and any diagnostic tools available for a particular connection. For information about
using the Status menu option, see To view the status of a local area connection.
18
If you install a new network adapter in your computer, the next time you start your computer, a
new local area connection icon appears in the Network Connections folder. Plug and Play
functionality finds the network adapter and creates a local area connection for it. You can add a
PC card while the computer is on, and you do not have to restart your computer. The local area
connection icon is immediately added to the folder. You cannot manually add local area
connections to the Network Connections folder.
You can configure multiple network adapters through the Advanced Settings menu option. You
can modify the order of adapters that are used by a connection, and the associated clients,
services, and protocols for the adapter. You can modify the provider order in which this
connection gains access to information on the network, such as networks and printers.
You configure the device a connection uses, and all of the associated clients, services, and
protocols for the connection, through the Properties menu option. Clients define the access of
the connection to computers and files on your network. Services provide features such as file and
printer sharing. Protocols, such as TCP/IP, define the language your computer uses to
communicate with other computers.
Depending on the status of your local area connection, the icon changes appearance in the
Network Connections folder, or a separate icon appears in the notification area. If a network
adapter is not detected by your computer, a local area connection icon does not appear in the
Network Connections folder.
The following table describes the different local area connection icons.
PROCEDURE
1. From the start menu, click My Network Places.
19
2. In the left pane of My Network Places window, click on the Set up a

home or small office n/w.
3. “welcome to N/W setup wizard ” window will be opened up.

4. Before proceeding first of all setup all the hardware and then click
next. Now select connection method and click other and click other
which is of con to a hub type.
a.
20
b.
c.
d.
21
e.
f.
5. Now give the comp detail and workgroup name, after that n/w ready to
apply settings.
6. Now setup is configuring and finish the wizard.

7. Now restart your computer and a new LAN conn appears in the n/w
places. Now assign IP address to your computer.
22
EXPERIMENT NO.-7
AIM: USE OF NETWORK MONITOR
Network Monitor
Unlike System Monitor, which is used to monitor anything from hardware to software, Network
Monitor focuses exclusively on network activity. To understand the traffic and behavior of your
network components, install and use Network Monitor.
Network Monitor Features
Network administrators use Microsoft Windows 2000 Network Monitor to view and detect
problems on local area networks (LANs). For example, as a network administrator, you can use
Network Monitor to diagnose hardware and software problems when two or more computers
cannot communicate. You can also copy a log of network activity into a file and then send the
file to a professional network analyst or support organization.
Network application developers can use Network Monitor to monitor and debug network
applications as they are developed.
Network Monitor monitors the network data stream which consists of all information transferred
over a network at any given time. Prior to transmission, this information is divided by the
network software into smaller pieces, called frames or packets. Each frame contains:
23
• The source address of the computer that sent the message.
• The destination address of the computer that received the frame.
• Headers from each protocol used to send the frame.
• The data or a portion of the information being sent.
The process by which Network Monitor copies frames is referred to as capturing. You can use
Network Monitor to capture all local network traffic or you can single out a subset of frames to
be captured. You can also make a capture respond to events on your network. For example, you
can make the network start an executable file when Network Monitor detects a particular set of
conditions on the network.
After you have captured data, you can view it in the Network Monitor user interface. Network
Monitor does much of the data analysis for you by translating the raw capture data into its logical
frame structure.
For security reasons, Windows 2000 Network Monitor captures only those frames, including
broadcast and multicast frames, sent to or from the local computer. Network Monitor also
displays overall network segment statistics for broadcast frames, multicast frames, network
utilization, total bytes received per second, and total frames received per second.
In addition, to help protect your network from unauthorized use of Network Monitor
installations, Network Monitor can detect other installations of Network Monitor that are running
on the local segment of your network. Network Monitor also detects all instances of the Network
Monitor driver being used remotely (by either Network Monitor from Systems Management
Server or the Network Segment object in System Monitor) to capture data on your network.
When Network Monitor detects other Network Monitor installations running on the network, it
displays the following information:
• The name of the computer
• The name of the user logged on at the computer
• The state of Network Monitor on the remote computer (running, capturing, or

transmitting)
• The adapter address of the remote computer
• The version number of Network Monitor on the remote computer
24
In some instances, your network architecture might prevent one installation of Network Monitor
from detecting another. For example, if an installation is separated from yours by a router that
does not forward multicasts, your installation cannot detect that installation.
Network Monitor uses a network driver interface specification (NDIS) feature to copy all frames
it detects to its capture buffer, a resizable storage area in memory. The default size is 1 MB; you
can adjust the size manually as needed. The buffer is a memory-mapped file and occupies disk
space.
Installing Network Monitor
To set up Network Monitor, perform two steps:
• Install the Network Monitor driver on any computer from which you want to capture data for
analysis with Network Monitor.
• Install the Network Monitor utilities on a computer running Windows 2000 Server on which
data will be captured.
You can install the driver on a computer running either Windows 2000 Professional or
Windows 2000 Server. Installing the driver also installs the Network Segment object for use in
System Monitor.
Installing the driver does not install Network Monitor itself. Instead, install the Network Monitor
Tools on a computer running Windows 2000 Server to install Network Monitor.
To install the Network Monitor driver
1 Click Start , point to Settings , click Control Panel , and then double-click
. Network and Dial-up Connections .
2 In Network and Dial-up Connections , right-click Local Area Connection ,

. and then click Properties .
3 In the Local Area Connection Properties dialog box, click Install .

.
25
4 In the Select Network Component Type dialog box, click Protocol , and then
. click Add .
5 In the Select Network Protocol dialog box, click Network Monitor Driver ,
. and then click OK .
If prompted for additional files, insert your Windows 2000 CD, or type a path to the location of
the files on a network.
To display and analyze captured data, use the following procedure to install Network Monitor
Tools on a computer running Windows 2000 Server. Network Monitor Tools installs Network
Monitor along with the Network Monitor driver. If you are running Windows 2000 Server and
are installing Network Monitor Tools, you can bypass the preceding procedure; you do not need
to install the Network Monitor driver separately.
To install Network Monitor Tools

1 Click Start , point to Settings , click Control Panel , and then double-click
. Add/Remove Programs .
2 In the Add/Remove Programs dialog box, double-click Add/Remove

. Windows Components .
3 In the Windows Component Wizard dialog box, click Next .

.
4 Under Components , click Management and Monitoring Tools , and then

. click the Details button.
5 Under Subcomponents of Management and Monitoring Tools , select the

. Network Monitor Tools check box, and then click OK .
6 Click Next to proceed with installation, and then click Finish and Close to exit.
.
26
To start Network Monitor on a computer running Windows 2000

Server
1 Click Start , point to Programs , and point to

. Administrative Tools .
2 Under Administrative Tools , click Network

. Monitor .
Running Network Monitor
After the installation process completes, you can launch Network Monitor by selecting the
Network Monitor command found on Window’s Administrative Tools menu. When Network
Monitor initially loads, you will see a dialog box asking you to select a network that you can
capture data from. Click OK and you will see the Select a Network dialog box. Simply expand
the My Computer container and then select the network adapter that you want to monitor. Click
OK to continue.
At this point, you will see the main Network Monitor screen, shown in Figure A. Right now,
Network Monitor isn’t capturing any data. It’s up to you to initiate the data capture process.
Before you do though, you might want to set up a capture filter.
27
Figure A: This is the main Network Monitor screen
The reason why filtering is so important is because there is a tremendous amount of traffic that
flows into and out of most servers. You can easily capture so much traffic that analyzing it
becomes next to impossible. To help cut down on the amount of traffic that you must analyze,
Network Monitor allows you to use filters. There are two different types of filters that you can
use; capture filters and display filters.
Capture filters allow you to specify which types of packets will be captured for analysis. For
example, you may decide that you only want to capture HTTP packets. The main advantage to
implementing a capture filter is that by filtering packets during the capture, you will use a lot less
hard disk space than you would if you captured every packet.
Display filtering works similarly to capture filtering except that all network traffic is captured.
You filter the data that you want to analyze at the time of analysis rather than at the time of
capture. Display filtering uses a lot more hard disk space than capture filtering, but you will have
the full dataset on hand just in case you decide to analyze something other than what you
originally intended.
28
Capturing Data
If you have decided that you want to filter the data being captured, select the Filter option from
the Capture menu, and configure your filter. Otherwise, you can start the capture process by
selecting the Start command found on the Capture menu. You can see what the capture process
looks like in Figure B. When you have captured the data that you want, then select the Stop
command from the Capture menu.
Figure B: This is what the capture process looks like
29
Analyzing the Data

To analyze the captured data, select the Display Captured Data command from the Capture
menu. When you do, you will see the screen shown in Figure C.
Figure C: This is a summary of the captured data
The screen shown in Figure C shows a summary of all of the captured packets in the sequence
that those packets were captured. The data that you are looking at is unfiltered. You could set up
a display filter at this point by selecting the Filter option from the Display menu.
Once you have located a packet that you are interested in, double click on the packet to see it in
greater detail. When you do, you will see the screen that’s shown in Figure D.
30
Figure D: This is the screen that you will use to analyze a packet
As you can see in the figure, the packet screen is divided into three sections. The top section is
simply a condensed view of the summary screen. You can use this section to select a different
packet to analyze without having to go back to the mail summary screen.
The second section contains the packet’s contents in a decoded, tree format. For example, in the
screen capture, you can see that the top portion of the tree says FRAME: Base Frame Properties.
If you expand this portion of the tree, you can see the date and time that the frame was captured,
the frame number, and the frame length.
The third section contains the raw data that makes up the frame. In this section, the column to the
far left shows the base address of the bytes on that line in hexadecimal format. The middle
section shows the actual hexadecimal data that makes up the frame. The hexadecimal code is
positions wide. To determine the address of any of the hex characters, start with the base address
for that line, and then count the position of the character that you are interested in. For example,
if the base address is 00000010, and the character that you are interested in is in the twelfth
position, then the character’s address would be 0000001B.
EXPERIMENT NO.-8
31
AIM: USE OF START AND STOP SERVICES
Using Services
1. Open Services.
2. In the details panel, do one of the following:
• Click the service, and then, on the Action menu, click Start,
Stop, Pause, Resume, or Restart.
• Right-click the service, and then click Start, Stop, Pause,
Resume, or Restart.
Notes
• To open Services, click Start, click Control Panel, double-click

Administrative Tools, and then double-click Services.
• To start a service with startup parameters, right-click the service, click
Properties, type the parameters in Start parameters, and then click
Start. These settings are not persistent; they are used only once, and
then the default settings are restored. (A backslash (\) is treated as an
escape character; type two backslashes for each backslash in a
parameter.)
32
33
34
35
36
Using the command line

1. Open Command Prompt.
2. Type one of the following:
• To start a service, type:
net startservice
• To stop a service, type:
net stopservice
• To pause a service, type:
net pauseservice
• To resume a service, type:
net continueservice
Value Description
net start Starts a service.
net stop Stops a service.
net pause Pauses a service.
net continue Continues a service that has been paused.
service Specifies the name of service.
37
• To open a command prompt, click Start, point to All programs, point to Accessories,
and then click Command Prompt.
• To view the complete syntax for these commands, at the command prompt, type:
net helpcommand
38
• If you stop, start, or restart a service, any dependent services are also affected. Starting a
service does not automatically restart its dependent servicesChanging the default service
settings may prevent key services from running correctly. It is especially important to use
caution when changing the Startup type and Log on as settings of services that are
configured to start automatically.
• In most cases, it is recommended that you not change the Allow service to interact with
desktop setting. If you allow the service to interact with the desktop, any information that
the service displays on the desktop will also be displayed on an interactive user's desktop.
A malicious user could then take control of the service or attack it from the interactive
desktop.
39
EXPERIMENT NO.-9
AIM: SETUP OF DHCP SERVER
Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked devices

(clients) to obtain the parameters necessary for operation in an Internet Protocol network. This
protocol reduces system administration workload, allowing devices to be added to the network
with little or no manual configuration.
Installing the DHCP Service
Before you can configure the DHCP service, you must install it on the server. DHCP is not
installed by default during a typical installation of Windows Standard Server 2003 or Windows
Enterprise Server 2003. You can install DHCP either during the initial installation of Windows
Server 2003 or after the initial installation is completed.
How to Install the DHCP Service on an Existing Server
Click Start, point to Control Panel, and then click Add or Remove Programs.
1.
2. In the Add or Remove Programs dialog box, click Add/Remove Windows Components.
3. In the Windows Components Wizard, click Networking Services in the Components list, and
then click Details.
4. In the Networking Services dialog box, click to select the Dynamic Host Configuration
Protocol (DHCP) check box, and then click OK.
5. In the Windows Components Wizard, click Next to start Setup. Insert the Windows Server
2003 CD-ROM into the computer's CD-ROM or DVD-ROM drive if you are prompted to do
so. Setup copies the DHCP server and tool files to your computer.
6. When Setup is completed, click Finish.
40
Configuring the DHCP Service
After you have installed the DHCP service and started it, you must create a scope, which is a
range of valid IP addresses that are available for lease to the DHCP client computers on the
network. Microsoft recommends that each DHCP server in your environment have at least one
scope that does not overlap with any other DHCP server scope in your environment. In Windows
Server 2003, DHCP servers in an Active Directory-based domain must be authorized to prevent
rogue DHCP servers from coming online. Any Windows Server 2003 DHCP Server that
determines itself to be unauthorized will not manage clients.
How to Create a New Scope

41
Click Start, point to Programs, point to Administrative Tools, and then click DHCP.
1.
2. In the console tree, right-click the DHCP server on which you want to create the new DHCP
scope, and then click New Scope.
3. In the New Scope Wizard, click Next, and then type a name and description for the scope.
This can be any name that you want, but it should be descriptive enough so that you can
identify the purpose of the scope on your network (for example, you can use a name such as
"Administration Building Client Addresses"). Click Next.
4. Type the range of addresses that can be leased as part of this scope (for example, use a range
of IP addresses from a starting IP address of 192.168.100.1 to an ending address of
192.168.100.100). Because these addresses are given to clients, they must all be valid
addresses for your network and not currently in use. If you want to use a different subnet
mask, type the new subnet mask. Click Next.
5. Type any IP addresses that you want to exclude from the range that you entered. This
includes any addresses in the range described in step 4 that may have already been statically
assigned to various computers in your organization. Typically, domain controllers, Web
servers, DHCP servers, Domain Name System (DNS) servers, and other servers, have
statically assigned IP addresses. Click Next.
6. Type the number of days, hours, and minutes before an IP address lease from this scope
expires. This determines how long a client can hold a leased address without renewing it.
Click Next, and then click Yes, I want to configure these options now to extend the wizard
to include settings for the most common DHCP options. Click Next.
7. Type the IP address for the default gateway that should be used by clients that obtain an IP
address from this scope. Click Add to add the default gateway address in the list, and then
click Next.
8. If you are using DNS servers on your network, type your organization's domain name in the
Parent domain box. Type the name of your DNS server, and then click Resolve to make sure
that your DHCP server can contact the DNS server and determine its address. Click Add to
include that server in the list of DNS servers that are assigned to the DHCP clients. Click
Next, and then follow the same steps if you are using a Windows Internet Naming Service
(WINS) server, by adding its name and IP address. Click Next.
9. Click Yes, I want to activate this scope now to activate the scope and allow clients to obtain
leases from it, and then click Next.
10. Click Finish.

42
11. In the console tree, click the server name, and then click Authorize on the Action menu.
The installation of the DHCP-server on Windows NT4 server (the DHCP-server

is NOT included in Windows NT4 workstation ) is very simple:
In the Network-configuration,
tab: Services, click on "Add"

and then select:
"Microsoft DHCP Server"
43
The following notice will be displayed:
The system running the DHCP-server (distributing IP-addresses to other systems)

itself MUST use a static IP-address (manually assigned) , it can NOT request
to receive an IP-address from any DHCP-server (itself or another DHCP server).
Like after all changes to the network configuration, you have to reboot:
Configuration of the DHCP-server
44
Although the DHCP-server is listed

as a Networking service, it is NOT
configured from the Network
applet
(the Properties button is grayed
out)
45
The "DHCP - Manager" has been

added to the menu for the
"Administrative Tools"
You need to define now a range of IP-

addresses
to be distributed.
This range is called: "Scope".
To be able to define Scope, click first on the

entry "Local Machine" to expand the entry,
the "+" -sign needs to change to the "-"-sign.
46
Only then you are able to select from the

menu: "Scope" the option "Create"
You assign the range of IP-addresses to be assigned by DHCP-server

( in the example: all IP-addresses between 102.54.107.1 and 192.54.107.49):
usually, an IP-address is NOT assigned permanently, but only for a limited

time, called the "Lease Duration".
On selected the "OK"-button, you will be asked on whether to activate
47
the scope, select "Yes":
The yellow light-bulb indicates, that

the scope is now active and that the
DHCP-server is ready to assign the
IP-addresses.
To display the IP-range ("Scope") for

viewing/editing, select from the menu
"Scope" the option "Properties"
Setting up a connected Windows systems to use the DHCP-server is very simple:
48
In the Network-
configuration,
select the properties for
the
TCP/IP-protocol and
just make
sure, that it defines to
"obtain an IP address
automatically"
To verify the assigned IP-address on a Windows95/98 system, run the

"WINIPCFG" program (usually from the RUN-menu)(On Windows NT, use IPCONFIG):
49
In this example, DHCP assigned the IP-address 192.54.107.1.

But there is no "Default gateway" defined !
TCP/IP requires more than just the IP-address, for communication outside
the local network-cable (the local "subnet"), it needs to know the IP-address
of the Gateway (also called Router).
DHCP can be configured to provide also this information to the clients:
50
make sure, that your Scope is selected

(highlighted in blue), then select from the
menu: "DHCP Options", then "Scope"
From the list of

"Unused Options",
select
"Router", then use
the
"Add"-button.
Once the "Router" is

an "Active Option",
click on the button
"Value" to define
the
IP-address for the
Router.
51
On the expanded
Windows,
click on "Edit
Array",
allowing then to
enter
the IP-address of the
Router, then select
the
"Add"-button to get
the
new values
displayed in
the list of IP-
addresses.
Press "OK" to exit

this
window.
52
The IP-address of
the
Router is displayed.
Press "OK" to close

the
DHCP-Options
window.
The DHCP-Mananger is now displayed

for the scope also the option for the
Router.
53
When now checking on Windows95/98 with WINIPCFG:
the IP-address for the "Default Gateway" is defined.
If your configuration requires the use of WINS, it can be also configured

as an option of the DHCP-server.
54
DHCP can also be used to assigned IP-addresses for incoming RAS-

connections:
To view the list of IP-address already

assigned, select from the menu: "Scope"
the option "Active Leases"
55
In this example, 192.54.107.1 is assign

to a LAN user, while 192.54.107.2
is assigned to the Modem to handle
incoming RAS TCP/IP-connections.
EXPERIMENT NO.-10
AIM: SETUP OF TERMINAL CLIENT SERVICES
Terminal Services enables multi-user access to Windows 2000, allowing several people to run
sessions from a single computer simultaneously. Administrators can install Windows-based
applications on a Terminal server and make these applications available to all clients who
connect to the server. Although users may have different hardware and operating systems, the
Terminal session that opens on the client desktop looks and runs the same on each device.
Administrators can also remotely administer servers. There are two types of Terminal Services
Mode:
56
1. Remote Administration Mode: Allows a limited number of administrators to remotely

manage a server. Remote Administration does not require licensing and only allows two remote
connections at a time.
2. Application Server Mode: Allows users to remotely run one or more applications.
Benefits of Terminal Services:
§ Allow Administrators to remotely administer servers.

§ Offices can be equipped with less-expensive terminals or computers.
§ Easy access to new or upgraded software. When Terminal Services is enabled on Windows
2000 Server in Application Server Mode, administrators do not have to install applications on
each desktop computer. As the application is installed on the server, clients automatically have
access to the new or upgraded software package.
Before starting task 1, you should verify that your computer is connected to a peer-to-peer
network. Setup a Client-Server network (Domain) as you do.
Task 1: Installation of Terminal Services

Remote Administration Mode
(Do this task only from Windows 2000 Server)
§ Click Start>Settings>Control panel>Add remove programs

§ Click Add remove windows components
§ Tick terminal services (if not ticked already)
§ You may be asked to insert Windows 2000 Server CD
§ Select Remote Administration Mode.
§ Terminal Services will be added to Administrative Tools.
Terminal Services client disks:
Windows 2000 includes Terminal Services Client Creator for creating installation disks for the
client software. You can use these disks to install client software on a remote computer. If you
install the software on a client computer, the client will be able to connect to a Terminal Server.
Task 2: Create Client Installation Disks

(Do this task only from Windows 2000 Server)
1. Click Start>Programs> Administration Tools> Terminal Services > Terminal Services
Client Creator.
2. Select the type of Terminal Services client software that you want to create. There are two
options:
· Terminal Services for 16-bit windows (requires 4 floppy disks)
57
· Terminal Services for 32-bit windows (requires 2 floppy disks). Select this option in the class.
3. Insert first disk into the floppy drive and follow the instructions.
4. After copying the files to the disks, close the Create Installation Disk dialog box.
5. Before installing Terminal Services Client, ensure that the client is properly configured and
connected to the network.
Task 3: Installation of Terminal Services Client

(In this Lab do this task only from Windows 2000 Professional)
1. Insert first disk into Windows 2000 Professional Computer’s floppy drive. Go to My
computer and double click A: Drive.
2. Double click on the Setup.exe file.
3. Specify and confirm the user name and the organization.
4. Read and accept the license agreement.
5. Accept the default folder or specify another destination folder.
6. Specify whether to install client software for all users of the computer or for only the current
user. Choose For all users of the computer.
Set up will copy the appropriate files from the disk to the specified folder on the client.
Task 5: Remote Connection to the Server

(Do this task only from Windows 2000 Professional, also can be done from another server)
1. Click on Start > Programs > Terminal Services Client and choose Client Connection
Manager.
2. In the Client Connection Manager window, Click on File and choose New Connection.
3. New connection Manager Wizard will come up. Click on Next.
4. In next window, type connection name (server name) and type IP address of the server (i.e.
200.200.200.x).
5. In the next window, choose the resolution and click Next.
6. Click on Enable data compression and Cache bitmaps.
7. Click on Finish after choosing some default settings.
8. To Connect to the server, click Start > Programs > Terminal Services Client and choose
Terminal Services Client.
9. In the Terminal Services Client window box, click on
Connect.
10. You will be asked to type user name (administrator) and
password (password) to log on to the Terminal server.
The Windows 2000 desktop appears in a window on the client desktop.
Task 6: Installation of Terminal Services

Application Server Mode
Repeat steps mentioned in tasks 1-5 to Install Terminal Services in Application Server Mode.
58
EXPERIMENT NO.-11
AIM: USE OF VARIOUS UTILITIES
I. PING
Ping is a computer network tool used to test whether a particular host is reachable across an IP
network; it is also used to self test the network interface card of the computer, or as a speed test.
It works by sending ICMP “echo request” packets to the target host and listening for ICMP
“echo response” replies. Ping estimates the round-trip time, generally in milliseconds, records
any packet loss, and prints a statistical summary when finished.
The word ping is also frequently used as a verb or noun, where it can refer directly to the round-
trip time, the act of running a ping program or measuring the round-trip time.
59
ICMP packet
ICMP packet
Bit 16 - Bit 24 -
Bit 0 - 7 Bit 8 - 15
23 31
Type of
Version/IHL Length
service
Identification flags et offset

IP Header
(160 bits OR 20 Time To
Protocol Checksum
Bytes) Live(TTL)
Source IP address
Destination IP address
Type of
Code Checksum
message
ICMP Payload
(64+ bits OR 8+
Quench
Bytes)
Data (optional)
Generic composition of an ICMP packet

• Header (in blue), with Protocol set to 1 and Type of Service set to 0.
• Type of ICMP message (8 bits)
• Code (8 bits)
• Checksum (16 bits), calculated with the ICMP part of the packet (the header is not used)
• The ICMP 'Quench' (32 bits) field, which in this case (ICMP echo request and replies), will be
composed of identifier (16 bits) and sequence number (16 bits).
• Data load for the different kind of answers (Can be an arbitrary length, left to implementation
detail. However must be less than the maximum MTU of the network [citation needed; what
about the ping of death ?]).
Sample pinging
60
Sample with Linux
The following is a sample output of pinging en.wikipedia.org under Linux with the iputils
version of ping:
localhost@admin# ping en.wikipedia.org

PING rr.pmtpa.wikimedia.org (66.230.200.100) 56(84) bytes of data.
64 bytes from rr.pmtpa.wikimedia.org (66.230.200.100): icmp_seq=1 ttl=52
time=87.7 ms
time=95.6 ms
time=85.4 ms
time=95.8 ms
time=87.0 ms
time=97.6 ms
--- rr.pmtpa.wikimedia.babunlaut ping statistics ---

10 packets transmitted, 10 received, 0% packet loss, time 8998ms
rtt min/avg/max/mdev = 78.162/89.213/97.695/6.836 ms
This output shows that en.wikipedia.org is a DNS CNAME record for

rr.pmtpa.wikimedia.org which then resolves to 66.230.200.100.
The output then shows the results of making 10 pings to 66.230.200.100 with the results
summarized at the end. (To stop the program in Linux or Windows, press Ctrl+C.)
• shortest round trip time was 78.162 milliseconds

• average round trip time was 89.213 milliseconds
• maximum round trip time was 97.695 milliseconds
• Standard deviation of the round-trip time was 6.836 milliseconds
Sample with Windows
The following is a sample output of pinging en.wikipedia.org under Windows (Vista used in
the following example) from within the Command Prompt:
[localhost] ping en.wikipedia.org

Pinging rr.pmtpa.wikimedia.org [66.230.200.100] with 32 bytes of data:
Reply from 66.230.200.100: bytes=32 time=57ms TTL=44
Ping statistics for 66.230.200.100:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 59ms, Average = 57ms
61
Sample with Mac OS X
The following is a sample output of pinging en.wikipedia.org under Mac OS X Leopard using
the Terminal:
Macintosh:~ user$ ping -c 10 en.wikipedia.org

PING rr.knams.wikimedia.org (91.198.174.2): 56 data bytes
64 bytes from 91.198.174.2: icmp_seq=0 ttl=53 time=40.019 ms
--- rr.knams.wikimedia.org ping statistics ---

10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 40.019/45.575/50.851/3.588 ms
II. TRACERT
Tracert is a Windows based command-line tool that you can use to trace the path that an Internet
Protocol (IP) packet takes to its destination from a source. Tracert will determine the path taken
to a destination. It does this by sending Internet Control Message Protocol (ICMP) Echo Request
messages to the destination. When sending traffic to the destination, it will incrementally
increase the Time to Live (TTL) field values to aid in finding the path taken to that destination
address. The path is outlined from this process.
Using the following illustration, let’s take a look at how tracert would function in a production
network.
62
Usage
As you saw in the last illustration, we will be sending traffic from a test workstation from Site B
to a server at another site (Site A). The packets will traverse the wide area network (WAN) that
separates the two sites over a T1 with a backup link via Integrated Services Digital Network
(ISDN). To use the tracert utility, you simply need to know what your destination IP address is
and how to use the tracert utility correctly as well as what to look for within the results.
Tracert works by manipulating the Time to Live (TTL). By increasing the TTL and then each
router decrementing as it sends it along to the next router, you will have a hop count from your
source to your destination. A router hop would be a packet sent from one router to another router
– that’s a hop. When the TTL on the packet reaches zero (0), the router sends an ICMP "Time
Exceeded" message back to the source computer. You can see an example of our sample network
here in the next illustration; with a source and destination IP address… we will be using the
workstation on Site B and a server at Site A for our test.
63
From this illustration you can see that the source IP will be 10.1.2.4 and the destination (for this
example) will be 10.1.1.6. The normal route the packets should take would be from Site B to Site
A over the higher capacity link, the T1 (1.544 Mbps). The ISDN link is 128 Kbps and is used as
a backup if the primary link fails. Tracert once fired up and used will be able to show you that
the packets sent will start from Site B, the PC at 10.1.2.4 and then traverse the T1 to 10.1.1.1.
That router will know how to send the packets to its local LAN (10.1.1.0) and ultimately to
10.1.1.6.
As the packets are sent, tracert will use the first interface on the router that it sees to report back
your router hops, so let’s take a look at our complete path before we send the test packets.
The path displayed is the list of routers in the path between a source host and a destination. One
thing that is very important to remember is that near-side interfaces are used when reporting. The
near-side interface is the interface of the router that is closest to the sending host in the path. In
this example, you can see that the path is the T1 from Site B to Site A. Lets see now why it’s
important to know this.
The way tracert works is, once launched and utilized, tracert will report (print out) a list in the
order in which it heard back from each host that it passed on its way to its intended destination.
This is good because you can learn much from this path. If you are getting ‘near side’ interfaces,
then you would see a new set of IP addresses in the next illustration (192.168.10.1 and
192.168.11.1) 10.1 is used for the ISDN link and 11.1 is used for the T1 link. Why is this
important?
When you get results back from tracert, this could be confusing to some who are not adept with
working with this tool, you will see WAN addressing instead of Site A’s default gateway router
which is 10.1.1.1. It’s the same router, but it’s a different interface. This is imperative for you to
know when testing with tracert, because if you confuse this, you will not know what you are
reading.
64
For example, the path as you see in the last illustration is from 10.1.2.4 and then to 10.1.2.1 (the
LAN’s default gateway), and then it will traverse the WAN to 10.1.1.1. The only problem here is
that you will not see that address come up. Since the T1 has an interface on Site A’s router
(11.1), and so does the ISDN link (10.1), these are the two IP address that are most important in
the results of tracert – this is because in this example, the T1 may be down and now the path is
over the ISDN link. This is working ‘as advertised’, but what happens when you bring the T1
back online – aside from feeling your network crawl from moving from a T1 at 1.544 Mbps to a
128 Kbps – is that you should not be using the ISDN link anymore. This is what we are going to
test…
The Tracert Test

Now, to use tracert, you simply need to open a command prompt. To do this, go to
Start => Run => CMD => tracert
(note – you must type tracert, as you can see traceroute only works on UNIX/Linux and other
systems such as Cisco, etc)
65
In the following example of the tracert command and its output, the packet travels through two
routers (as seen in the last illustration) to get to host 10.1.1.6. In this example, the default
gateway from Site B is 10.1.2.1 and the IP address of the router on the WAN via the T1 and
ISDN links (respectively) are 192.168.11.1 and 192.168.10.1.
Lets first see what it should look like using the T1.
C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
---------------------------------------------------
1 2 ms 3 ms 2 ms 10.1.2.1
2 25 ms 83 ms 88 ms 192.168.11.1
3 25 ms 79 ms 93 ms 10.1.1.6
Trace complete.
Now, if the T1 was down and you were using the ISDN link, you can see that there is a different
‘path’ and you can also see that it takes ‘longer’ to get there.
C:\>tracert 10.1.1.6
Tracing route to 10.1.1.6 over a maximum of 30 hops
---------------------------------------------------
1 2 ms 3 ms 2 ms 10.1.2.1
2 75 ms 83 ms 88 ms 192.168.10.1
3 75 ms 79 ms 93 ms 10.1.1.6
Trace complete.
As you can see now, using tracert will help you to determine the network path as it is laid out
through the network – AND – most importantly, how data traverses that path.
66
Using Tracert Options

To use tracert, be aware of a few options you can use with it. The most helpful is the first one.
Using the –d option is always helpful when you want to remove DNS resolution. Name servers
are helpful, but if not available or if incorrectly set or if you simply just want the IP address of
the host, use the –d option.
-d Prevents tracert from attempting to resolve the IP addresses of intermediate

routers to their names. This can speed up the display of tracert results
-h Specifies the maximum number of hops in the path to search for the target
(destination). The default is 30 hops
-j You can use this with a host list (HostList). Specifies that Echo Request messages
use the Loose Source Route option in the IP header with the set of intermediate
destinations specified in HostList. With loose source routing, successive
intermediate destinations can be separated by one or multiple routers. The
maximum number of addresses or names in the host list is 9. The HostList is a
series of IP addresses (in dotted decimal notation) separated by spaces.
-w Specifies the amount of time in milliseconds to wait for the ICMP Time Exceeded
or Echo Reply message corresponding to a given Echo Request message to be
received. If not received within the time-out, an asterisk (*) is displayed. The
default time-out is 4000 (4 seconds)
-? Displays help at the command prompt.
tracert [-d] [-h MaximumHops] [-j HostList] [-w Timeout] [TargetName]
III. NETSTAT
The netstat command is used to show network status.Traditionally, it is used more for problem
determination than for performance measurement. However, the netstat command can be used to
determine the amount of traffic on the network to ascertain whether performance problems are
due to network congestion. netstat (network statistics) is a command-line tool that displays
network connections (both incoming and outgoing), routing tables, and a number of network
interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems.
The netstat command displays information regarding traffic on the configured network
interfaces, such as the following:
67
• The address of any protocol control blocks associated with the sockets and the state of all
sockets
• The number of packets received, transmitted, and dropped in the communications

subsystem
• Cumulative statistics per interface
• Routes and their status
The netstat command displays the contents of various network-related data structures for active
connections. It is used for finding problems in the network and to determine the amount of traffic
on the network as a performance measurement.
Parameters
Parameters used with this command must be prefixed with a hyphen (-) rather than a slash (/).
-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is
listening.
68
-b : Displays the binary (executable) program's name involved in creating each connection or
listening port. (Windows only)
-e : Displays ethernet statistics, such as the number of bytes and packets sent and received. This
parameter can be combined with -s.
-f : Displays fully qualified domain names <FQDN> for foreign addresses.(not available under
Windows)
-i : Displays network interfaces and their statistics (not available under Windows)
-n : Displays active TCP connections, however, addresses and port numbers are expressed
numerically and no attempt is made to determine names.
-o : Displays active TCP connections and includes the process ID (PID) for each connection.
You can find the application based on the PID on the Processes tab in Windows Task Manager.
This parameter can be combined with -a, -n, and -p. This parameter is available on Microsoft
Windows XP, 2003 Server (not Microsoft Windows 2000)).
-p Windows: Protocol : Shows connections for the protocol specified by Protocol. In this case,
the Protocol can be tcp, udp, tcpv6, or udpv6. If this parameter is used with -s to display
statistics by protocol, Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6, or ipv6.
-p Linux: Process : Show which processes are using which sockets (similar to -b under
Windows) (you must be root to do this)
-r : Displays the contents of the IP routing table. (This is equivalent to the route print command
under Windows.)
-s : Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP, and
IP protocols. If the IPv6 protocol for Windows XP is installed, statistics are shown for the TCP
over IPv6, UDP over IPv6, ICMPv6, and IPv6 protocols. The -p parameter can be used to
specify a set of protocols.
-v : When used in conjunction with -b it will display the sequence of components involved in
creating the connection or listening port for all executables.
Interval : Redisplays the selected information every Interval seconds. Press CTRL+C to stop the
redisplay. If this parameter is omitted, netstat prints the selected information only once.
/? : Displays help at the command prompt. (only on Windows)
Statistics provided
Netstat provides statistics for the following:
69
• Proto - The name of the protocol (TCP or UDP).
• Local Address - The IP address of the local computer and the port number being used.
The name of the local computer that corresponds to the IP address and the name of the
port is shown unless the -n parameter is specified. If the port is not yet established, the
port number is shown as an asterisk (*).
• Foreign Address - The IP address and port number of the remote computer to which the
socket is connected. The names that corresponds to the IP address and the port are shown
unless the -n parameter is specified. If the port is not yet established, the port number is
shown as an asterisk (*).
• State - Indicates the state of a TCP connection. The possible states are as follows:
CLOSE_WAIT, CLOSED, ESTABLISHED, FIN_WAIT_1, FIN_WAIT_2,
LAST_ACK, LISTEN, SYN_RECEIVED, SYN_SEND, and TIME_WAIT. For more
information about the states of a TCP connection, see RFC 793.
Examples
To display the statistics for only the TCP or UDP protocols, type one of the following
commands:
netstat -s -p tcp
netstat -s -p udp
To display active TCP connections and the process IDs every 5 seconds, type the following
command (works on Microsoft XP and 2003 only):
netstat -o 5
Mac OS X version
netstat -w 5
To display active TCP connections and the process IDs using numerical form, type the following
command (works on Microsoft XP and 2003 only):
netstat -n –o
70
IV. IPCONFIG
V.
ipconfig is a commmand line utility available on all versions of Microsoft Windows starting with
Windows NT. ipconfig is designed to be run from the Windows command prompt. This utility
allows you to get the IP address information of a Windows computer. It also allows some control
over active TCP/IP connections. ipconfig is an alternative to the older 'winipcfg' utility.
Usage
71
From the command prompt, type 'ipconfig' to run the utility with default options. The
output of the default command contains the IP address, network mask and gateway for
all physical and virtual network adapters.
IPConfig Syntax
ipconfig [/? | /all | /renew adapter | /release adapter | /flushdns | /displaydns | /registerdns
| /showclassid adapter | /setclassid adapter classid
The adapter connection name can use wildcard characters (* and ?)
OPTIONS
IPCONFIG /release [adapter]

Release the IP address for the specified adapter.
IPCONFIG /renew [adapter]

Renew the IP address for the specified adapter.
IPCONFIG /flushdns Purge the DNS Resolver cache. ##
IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names. ##
IPCONFIG /displaydns Display the contents of the DNS Resolver Cache. ##

72
IPCONFIG /showclassid adapter

Display all the DHCP class IDs allowed for adapter. ##
IPCONFIG /setclassid adapter [classid]

Modify the dhcp class id. ##
VI. PATHPING
Pathping is a network utility supplied in Windows NT, Windows 2000, Windows 2003,
Windows XP and Windows Vista. It combines the functionality of Ping with that of Traceroute
(in Windows: tracert), by providing details of the path between two hosts and Ping-like statistics
for each node in the path based on samples taken over a time period, depending on how many
nodes are between the start and end host. The advantages of pathping over ping and traceroute
are that each node is pinged as the result of a single command, and that the behavior of nodes is
studied over an extended time period, rather than the Ping's default sample of four messages or
Traceroute's default single route trace. The disadvantage is that, using the default settings, it
often takes more than five minutes to produce a result.
73
Command options
This list can be displayed by typing -options (or any invalid option, such as -fkzqx) after the
command.
• -g host-list - Loose source route along host-list.

• -h maximum_hops - Maximum number of hops to search for target.
• -i address - Use the specified source address.
• -n - Do not resolve addresses to hostnames.
• -p period - Wait period milliseconds between pings.
• -q num_queries - Number of queries per hop.
• -w timeout - Wait timeout milliseconds for each reply.
• -P - Test for RSVP PATH connectivity.
• -R - Test if each hop is RSVP aware.
• -T - Test connectivity to each hop with Layer-2 priority tags.
• -4 - Force using IPv4.
• -6 - Force using IPv6.
Pathping is a TCP/IP based utility (command-line tool) that provides useful information about
network latency and network loss at intermediate hops between a source address and a
destination address. It does this by sending echo requests via ICMP and analyzing the results.
ICMP stands for Internet Control Message Protocol. ICMP is an extension to the Internet
Protocol (IP - part of the TCP/IP protocol suite) defined by RFC 792. ICMP supports packets
containing error, control and informational messages. Pathping will send multiple echo request
messages to each router between what you are attempting to ping – the source address. If your
destination is across a WAN link then it’s certain that you will be using some form of router,
most likely two, which would mean that you could test pathping across a two hop network – two
router hops. A typical network diagram is seen in the following illustration.
Typical WAN
74
This is a typical WAN setup which shows you two sites that are connected via a T1 and an
Integrated Services Digital Network (ISDN) link. What’s important to see here is that there are
multiple paths throughout the network. There is a T1 and an ISDN link. Both technologies
connect to each site. The T1 is the main link operating at 1.544 Mbps and the ISDN link is the
back up in case the primary fails. Since ISDN is a technology that allows you to pay as you use
it, it is a perfect technology to lay dormant until needed. It has less transmission speed (perhaps
64 Kbps), but at the same time, it’s only for emergency so it may be good enough for critical
services. The bandwidth drop will add more time for packets to traverse the network and add
latency or delay to the traffic. Latency is a measurement of how long it takes for a data packet to
get from one point to another. Pathping is a good testing for this element. Latency can be
measured by sending a packet as a test that will be returned back to the sender and from that time
period - the round-trip time – that is what is considered the latency.
You can use a tool like pathping to see not only if your packets are making it across the network,
but are taking the correct preferred path (the T1), or flowing over the alternate link (which would
indicate a misconfiguration or a downed link) which is ISDN and, if you have bottlenecks on
your network, to see if you have any latency issues. Lack of bandwidth and latency or delay may
cause time out issues for your data transmissions. Using the pathping tool you can send multiple
echo request messages to each router between you (the source) and your intended destination and
after a specific amount of time has elapsed, computes the results from the data that it receives
back from each router the packets traversed. Pathping will then display the results.
Syntax
To use pathping, you simply need to open a command prompt on the source system you will run
the test from. If you want to use the next illustration as an example, adding an IP address will
help you to perform the test. You can see that we have a test PC located at site B and the IP
address is 10.1.2.4. This system wants to pathping to site A, a server with an IP address of
10.1.1.5.
75
Running pathping is easy. Open a command prompt (start -> run -> cmd -> pathping) and type
pathping.
As listed here, you can see that the pathping command has many options to include
-n Prevents pathping from attempting to resolve the IP addresses of intermediate

routers to their names. You may want to consider doing this if you think you have
a name resolution issue, or if DNS for example is not configured on your system
… the time spent trying to contact a name server can be avoided using this switch.
-h Specifies the maximum number of hops in the path to search for the target
(destination). The default is 30 hops.
76
-p Specifies the number of milliseconds to wait between consecutive pings. The

default is 250 milliseconds (1/4 second).
-q Specifies the number of Echo Request messages sent to each router in the path.
The default is 100 queries.
-w Specifies the number of milliseconds to wait for each reply. The default is 3000
milliseconds (3 seconds).
/? Displays help at the command prompt
There are more options, but these are the most commonly used. You can use the help feature to
learn more about the options as they are listed in the Windows command prompt.
To use pathping, launch the pathping command from the source to the destination and let
pathping do its computation.
D:\>pathping -n server-1
Tracing route to server-1 [10.1.1.5]

over a maximum of 30 hops:
0 10.1.2.1
1 10.1.1.1
2 10.1.1.5
Computing statistics for 50 seconds...

Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 10.1.2.1
0/ 100 = 0% |
1 35ms 0/ 100 = 0% 0/ 100 = 0% 10.1.1.1
13/ 100 = 13% |
2 28ms 16/ 100 = 16% 3/ 100 = 3% 10.1.1.5
0/ 100 = 0% |
Trace complete.
(some output omitted)
Although in this example, I skimmed it down to the basics and omitted some of the text so we
can look right at what we need to know – the statistics and how to read them. In this example, we
see that there is a little latency on the second hop, which is 10.1.1.1, traversing the link to the
next hop which is 10.1.1.5. In this section we see a small amount of latency which is normal for
this size and speed link. If the milliseconds rate were at a very high number, such as 500 ms, then
you might consider having a bandwidth issue. As you can see, pathping doesn’t only ‘verify’
connectivity to a destination host, but also, it shows you how your traffic is getting there, and
how fast its going, how much resistance its encountering over the wide area network – which is a
very common choke point.
77
Here is another example, but here, I am on a production network machine using pathping to test
within a production LAN out to the Internet to a Web server.
When you run pathping, you will also have to be a little patient. Pathping will first display your
results as if you were using tracert or traceroute, which is a similar utility to be covered in a
separate article. Tracert will show you the ‘path’ through the network as well as verify
connectivity but will not show you how the packet is traversing in relation to speed, bandwidth
usage and latency. Next (and this is where patience sets in), depending on the hop count (how
many router hops that need to be analyzed), check pathping’s results for the Lost/Sent = Pct and
Address columns show that the links may either be over utilized (if you have a high drop rate)
and so on. The loss rates displayed for the links, identified as a vertical bar (|) in the Address
column, indicate link congestion that is causing the loss of packets that are being forwarded on
the path. The loss rates displayed for routers (identified by their IP addresses) indicate that these
routers may have a problem with overloading or saturation.
Note:
If you see the ‘*’ sign, don’t fret immediately – there may be a firewall blocking ICMP, so you
may not get the response although the site is up and responsive. ACL (access control lists) and
firewall rule-sets commonly throw off network testers because of this fact. Make sure you know
the layout of your network if you are going to troubleshoot it and take this into consideration as it
is commonly seen.
78
EXPERIMENT NO. 12
AIM:- INSTALLATION OF WINDOWS 200 SERVER
The following are the steps of Installation of Windows 200 server
 Insert the Bootable Windows 200 Server disc and restart the computer.
 Select the CR-ROM as the first Booting Device.
 It will ask to
79
“PERSS ANY KEY TO BOOT FROM CD…..”
Press any key.
 It will check the system and give you the following details:-
Windows 200 server setup
Welcome to setup
This Portion of the setup Program prepares Microsoft® Windows®

2000 Server to run on your computer.
• To Setup Windows 2000 Server now, Press Enter.

• To Repair Windows2000Server installation using recovery
console, Press R.
• To quit setup without installation, Press F3.
 Press Enter.
 The next page will show the License Agreement.
 Press F8 to agree the agreement, PAGEUP or PAGEDOWN to read the
agreement, or ECS if you don’t agree with the agreement.
 The next page will ask the following things:-
Windows 2000 Server setup
If one of the following windows 2000 Server installation is damaged

setup can try to repair it.
Use the UP and DOWN ARROW keys to select an installation.
• To repair the select windows 2000 server installation,

Press R.
80
• To continue installing a fresh copy of windows 2000

server without repairing, Press ESC.
 Press F3=quit R=Repair ESC=Don’t Repair

 Then it will show the following list:-
Windows 2000 Server setup
Use the UP and DOWN ARROW key to select the item in the list.
• To setup windows 2000 server on selected item press ENTER.

• To create a partition in unpartitioned space, Press C.
• To delete the selected partition, Press D.
 Press Enter.
 Then it will ask for the following:-
• To delete this partition, Press L;
CAUTION: All data on this partition will be lost.
• To return to the previous menu without deleting this partition press

ESC.
 Press L.
 Then the setup will format the partition .
 Then it will copy the files onto that partition.
 Then it ask you to REBOOT your computer by press ENTER or it will
reboot it automatically after 15 seconds.
 Then it will ask you for further advance settings like time, date, user profile,
etc.
 Install the various drivers.
81
82

SNA Lab File

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SNA Lab File

Uploaded by

Copyright:

Available Formats

SY

AIM: SETTING UP OF LOCAL SECURITY POLICY.

With Local Security Policy, you can control:

• Who accesses your computer.

How policy is applied to a computer that is joined to a domain :

• Organizational unit policy

<I> To edit local security settings

1. Open Local Security Settings.

o To edit an Audit Policy, User Right Assignment, or Security Options, in the

<II>To assign user rights for your local computer

1. Open Local Security Settings.

• Windows 2000 Professional

To create a new user account

3. On the Action menu, click New User.

4. Type the appropriate information in the dialog box.

6. Click Create, and then click Close.

A user name cannot consist solely of periods (.) or spaces.

To create a new local group

3. Click Action, and then click New Group.

4. In Group name, type a name for the new group.

6. Click Create, and then click Close.

HOW TO VIEW EVENT DETAILS

AIM: USE OF PERFORMANCE MONITORING

Performance Logs and Alerts overview

• Performance Logs and Alerts collects data in a comma-separated or tab-

• Start and stop logging either manually on demand, or automatically based

Starting performance logs and alerts

1. To open Performance, click Start, click Control Panel, click Performance

2. Double-click Performance Logs and Alerts, and then double-click Counter

2. In the left pane of My Network Places window, click on the Set up a

3. “welcome to N/W setup wizard ” window will be opened up.

6. Now setup is configuring and finish the wizard.

AIM: USE OF NETWORK MONITOR

Network Monitor Features

• The source address of the computer that sent the message.

• The destination address of the computer that received the frame.

• Headers from each protocol used to send the frame.

• The data or a portion of the information being sent.

• The name of the computer

• The name of the user logged on at the computer

• The state of Network Monitor on the remote computer (running, capturing, or

• The version number of Network Monitor on the remote computer

Installing Network Monitor

To set up Network Monitor, perform two steps:

To install the Network Monitor driver

2 In Network and Dial-up Connections , right-click Local Area Connection ,

3 In the Local Area Connection Properties dialog box, click Install .

To install Network Monitor Tools

2 In the Add/Remove Programs dialog box, double-click Add/Remove

3 In the Windows Component Wizard dialog box, click Next .

4 Under Components , click Management and Monitoring Tools , and then

5 Under Subcomponents of Management and Monitoring Tools , select the

To start Network Monitor on a computer running Windows 2000

1 Click Start , point to Programs , and point to

2 Under Administrative Tools , click Network

Running Network Monitor

Figure A: This is the main Network Monitor screen

Figure B: This is what the capture process looks like

Analyzing the Data

Figure C: This is a summary of the captured data

AIM: USE OF START AND STOP SERVICES

• To open Services, click Start, click Control Panel, double-click