Aim 1: To study the NETWORK COMMANDS 1.

PING Ping is a computer network administration utility used to test whether a particular host is reachable across an Internet Protocol (IP) network and to measure the round-trip time for packets sent from the local host to a destination computer, including the local host's own interfaces.
Ping operates by sending Internet Control Message. Protocol (ICMP) echo

request packets to the target host and waits for an ICMP response, sometimes casually called a pong.
Ping Program was written By Michael John Muuss in December 1983. Ping local

host .Pings the local host, this will allow you to see if the computer is able to send information out and receive the information back. Note that this does not send information over a network but may allow you to see if the card is being seen. ping xxx.xxx.xxx.xxx Allows you to ping another computer where the x's are located are where you would place the IP address of the computer you are attempting to ping. If this is not able to complete, this should relay back an unsuccessful message, which could be an indication of cable issues, network card issues, hub issue, etc. ping computerhope.com 1. PING computerhope.com (204.228.150.3) 56(84) bytes of data. 64 bytes from www.computerhope.com (204.228.150.3): icmp_seq=1 ttl=63 time=0.267ms 2. c:\>ping Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] target name To see statistics and continue - type Control-Break; To stop - type Control-C. Options:

-t -a -n count -l size

- Ping the specified host until stopped. - Resolve addresses to hostnames. - Number of echo requests to send. - Send buffer size.
1

-f -i TTL -v TOS -r count -s count -j host-list -k host-list -w timeout

- Set Don't Fragment flag in packet. - Time To Live. - Type Of Service. - Record route for count hops. - Timestamp for count hops. - Loose source route along host-list. - Strict source route along host-list. - Timeout in milliseconds to wait for each reply.

C:\>ping t 127.0.0.1

C:\>ping a 127.0.0.1

C:\>ping n 5 127.0.0.1

C:\>ping l 5 127.0.0.1

C:\>ping f 127.0.0.1

C:\>ping i 8 127.0.0.1

C:\>ping v 3 127.0.0.1

C:\>ping r 5 127.0.0.1

C:\>ping s 4 127.0.0.1

C:\>ping w 2 127.0.0.1

Example PING -n 1 -w 7500 Server_06 PING -w 7500 MyHost && ECHO MyHost found PING -w 7500 MyHost || ECHO MyHost not found PING -n 5 www.microsoft.com PING -n 5 -w 7500 microsoft.com

Troubleshooting with ping Ping the IP address of your local loopback, using the command ping 127.0.0.1. Ping the assigned IP address of your local network interface card (NIC). Ping the IP address of another known good system on your local network. Verify connectivity to a remote network by sending a ping to the IP address of the default gateway. Verify remote connectivity by sending a ping to the IP address of a system on a remote network.

2. IPCONFIG The ipconfig command is a technician's best friend when it comes to viewing the TCP/IP configuration of a Windows system. ipconfig (internet protocol configuration) in Microsoft Windows is a console application that displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol DHCP and Domain Name System DNS settings. The standard path is %WINDIR%\System32\ipconfig.exe which to C:\WINDOWS\System32\ipconfig.exe usually resolves

the ipconfig command shows basic information such as the name of the network interface, the IP address, the subnet mask, and the default gateway.

C:\Documents and Settings\patni>ipconfig/all

ipconfig Switches Switch ? /all /release /renew Symptom Description Displays the ipconfig help screen Displays additional IP configuration information Releases the IP address of the specified adapter Renews the IP address of a specified adapter Field to Check in ipconfig Output

User is unable to connect to any other Make sure the TCP/IP address and subnet mask are system. correct. If the network uses DHCP, make sure DHCP is enabled. User is able to connect to another system on Make sure the default gateway is correctly the same subnet but is not able to connect to configured. a remote system. User is unable to browse the Internet. Make sure the DNS server parameters are configured correctly.

User is unable to browse across remote Make sure the WINS or DNS server parameters are subnets. configured correctly.

On a Windows 98 Second Edition and Windows Me systems, the winipcfg command is used in addition to the ipconfig command. The difference between the two utilities is that winipcfg is a graphical utility. IPconfig performs the same function as ipconfig, but on a Linux, UNIX, or Macintosh system. Because Linux relies more heavily on command-line utilities than Windows, the Linux and UNIX version of ifconfig provides much more functionality than ipconfig. A console application is a computer program designed to be used via a text-only computer interface, such as a text terminal, the command line interface of some operating systems.

The loopback is a special function within the protocol stack that is supplied for troubleshooting purposes. The Class A IP address 127.X.X.X is reserved for the loopback; although convention dictates that you use127.0.0.1, you can use any address in the 127.X.X.Xrange, except for the network number itself (127.0.0.0) and the broadcast address (127.255.255.255). You can also ping by using the default hostname for the local system, which is called local host. (for example, ping localhost). C:\>ipconfig 127.0.0.1

10

>ipconfig

it shows the information

C:\>ipconfig /?

11

>ipconfig /?

..it is used to display this help message

12

bit offset

03

47

815

1618

1931

Version

Header length

(-v) Differentiated Total Length Services Flags (-f ) Protocol

32 64 96 128 160 160 or 192+

Identification Time to Live ( -i ) Source Address Destination Address Options ( if Header Length > 5 )

Fragment Offset

Header Checksum

Data

13

3. TRACE ROUTE The trace route utility does exactly what its name implies it traces the route between two hosts. It does this by using Internet Control Message Protocol (ICMP) echo packets to report information back at every step in the journey. Each of the common network operating systems provides a trace route utility, but the name of the command and the output vary slightly on each. Trace route provides a lot of useful information, including the IP address of every router connection it passes through and, in many cases, the name of the router (although this depends on the router's configuration). Trace route also reports the length, in milliseconds, of the round-trip the packet made from the source location to the router and back. This information can help identify where network bottlenecks or breakdowns might be. Trace Route Utility Commands Operating System Windows Server 2000/2003 Novell NetWare Linux/UNIX Macintosh Trace Route Command Syntax tracert <IP address> iptrace traceroute <IP address> traceroute <IP address>

C:\>tracert Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name Options: -d -h -j do not resolve addresses to hostnames. maximum_hops host-list Maximum number of hops to search for target. loose source route along host-list. Wait timeout milliseconds for each reply.

-w timeout

Example C:\>tracert 24.7.70.37

14

The tracert display on a Windows-based system includes several columns of information. The first column represents the hop number. You may recall that 'hop' is the term used to describe a step in the path a packet takes as it crosses the network. The next three columns indicate the round-trip time, in milliseconds, that a packet takes in its attempts to reach the destination. The last column is the hostname and the IP address of the responding device. The following is the output from a tracert command on a Windows Server 2003 system that doesn't manage to get to the remote host:
15

C:\>tracert comptia.org

In this example, the trace route request only gets to the seventh hop, at which point it fails; this failure indicates that the problem lies on the far side of the device in step 7 or on the near side of the device in step 8. In other words, the device at step 7 is functioning but might not be able to make the next hop. The cause of the problem could be a range of things, such as an error in the routing table or a faulty connection. Alternatively, the seventh device might be operating 100%, but device 8 might not be functioning at all. In any case, you can isolate the problem to just one or two devices. The trace route utility can also help you isolate a heavily congested network. In the following example, the trace route packets fail in the midst of the tracert from a Windows Server 2003 system, but subsequently are able to continue.Trace route utilities allow you to identify the

16

location of a problem in the connectivity between two devices. After you have determined this location, you might need to use a utility such as ping to continue troubleshooting. In many cases, as in the example, the routers might be on a network such as the Internet and therefore not within your control. In that case, there is little you can do except inform your ISP of the problem.

17

4. NET STAT The net stat command displays the protocol statistics and current TCP/IP connections on the local system. Used without any switches, the net stat command shows the active connections for all outbound TCP/IP connections. In addition, several switches information netstat displays. are available that change the type of

Switch -a -e -n -p -r -s interval

Description Displays the current connections and listening ports Displays Ethernet statistics Lists addresses and port numbers in numerical form Shows connections for the specified protocol Shows the routing table Lists per-protocol statistics Specifies the length of time to wait before redisplaying statistics

The netstat utility is used to show the port activity for both TCP and UDP connections, showing the inbound and outbound connections. When used without switches, the netstat utility has four information headings.

Proto Lists the protocol being used, either UDP or TCP. Local address Specifies the local address and port being used. Foreign address identifies the destination address and the port being State specifies whether the connection is established.

used.

The netstat command shows outbound connections that have been established by TCP. The following shows a sample output from a netstat command without using any switches: C:\>netstat

18

The netstat -e command shows the activity for the NIC and displays the number of packets that have been both sent and received. C:\>netstat e

19

The netstat -e command shows more than just the packets that have been sent and received:

Bytes The number of bytes that have been sent or received by the NIC since the computer was turned on. Unicast packets Packets sent and received directly to this interface. Non-unicast packets Broadcast or multicast packets that were picked up by the NIC. Discards the number of packets rejected by the NIC, perhaps because they were damaged. Errors The errors that occurred during either the sending or receiving process. As you would expect, this column should be a low number. If it is not, it could indicate a problem with the NIC. Unknown protocols the number of packets that were not recognizable by the system.

20

The netstat -a command displays statistics for both TCP and User Datagram Protocol (UDP). Here is an example of the netstat -a command C:\WINDOWS>netstat a The following list briefly explains the information provided by the netstat -a command Proto The protocol used by the connection. Local Address The IP address of the local computer system and the port number it is using. If the entry in the local address field is an asterisk (*), it indicates that the port has not yet been established. Foreign Address The IP address of a remote computer system and the associated port. When a port has not been established, as with the UDP connections, *:* appears in the column. State The current state of the TCP connection. Possible states include established, listening, closed, and waiting.

The output includes four columns, which show the protocol, the local address, the foreign address, and the state of the port. The TCP connections show the local and foreign destination addresses and the current state of the connection. UDP, however, is a little different; it does not list a state status because UDP is a connectionless protocol and does not establish connections.

21

22

The netstat -r command is often used to view the routing table for a system. A system uses a routing table to determine routing information for TCP/IP traffic. The following is an example of the netstat -r command from a Windows Me system: C:\WINDOWS >netstat -r

The netstat -s command displays a number of statistics related to the TCP/IP protocol suite. Understanding the purpose of every field in the output is for your reference, sample output from the netstat -s command is shown here C:\>netstat -s
23

24

Aim: 2 To study communication guiding system and connectors

Communication guiding system Network Cabling Cable is the medium through which information usually moves from one network device to another. There are several types of cable which are commonly used with LANs. In some cases, a network will utilize only one type of cable, other networks will use a variety of cable types. The type of cable chosen for a network is related to the network's topology, protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of a network is necessary for the development of a successful network. The following sections discuss the types of cables used in networks and other related topics.

Unshielded Twisted Pair (UTP) Cable Shielded Twisted Pair (STP) Cable Coaxial Cable Fiber Optic Cable Cable Installation Guides Wireless LANs

Unshielded Twisted Pair (UTP) Cable Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular and is generally the best option for school networks (See fig. 1).

Fig.1. Unshielded twisted pair The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help eliminate interference from adjacent pairs and other electrical devices. The tighter the twisting, the higher the supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire (additional categories are emerging). Categories of Unshielded Twisted Pair
25

Category

Speed 1 Mbps 4 Mbps 16 Mbps 20 Mbps 100 Mbps (2 pair) 1000 Mbps (4 pair) 1,000 Mbps 10,000 Mbps

Use Voice Only (Telephone Wire) LocalTalk & Telephone (Rarely used) 10BaseT Ethernet Token Ring (Rarely used) 100BaseT Ethernet Gigabit Ethernet Gigabit Ethernet Gigabit Ethernet

Unshielded Twisted Pair Connector The standard connector for unshielded twisted pair cabling is an RJ-45 connector. This is a plastic connector that looks like a large telephone-style connector (See fig. 2). A slot allows the RJ-45 to be inserted only one way. RJ stands for Registered Jack, implying that the connector follows a standard borrowed from the telephone industry. This standard designates which wire goes with each pin inside the connector.

Fig. 2. RJ-45 connector Shielded Twisted Pair (STP) Cable Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the electrical

26

current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the maximum distance of the cables. Shielded twisted pair cable is available in three different configurations: 1. Each pair of wires is individually shielded with foil. 2. There is a foil or braid shield inside the jacket covering all wires (as a group). 3. There is a shield around each individual pair, as well as around the entire group of wires (referred to as double shield twisted pair). Coaxial Cable Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation between the center conductor and a braided metal shield (See fig. 3). The metal shield helps to block any outside interference from

Fig. 3. Coaxial cable Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support greater cable lengths between network devices than twisted pair cable. The two types of coaxial Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin coaxial cable carrying Ethernet signals. The 2 refers to the approximate maximum segment length being 200 meters. In actual fact the maximum segment length is 185 meters. Thin coaxial cable has been popular in Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great choice when running longer lengths in a linear bus network. One disadvantage of thick coaxial is that it does Coaxial Cable Connectors The most common type of connector used with coaxial cables is the Bayone-NeillConcelman (BNC) connector (See fig. 4). Different types of adapters are available for BNC connectors, including a T-connector, barrel connector, and terminator. Connectors on the cable are the weakest points in any network. To help avoid problems with your network, always use the BNC connectors that crimp, rather

27

Fig. 4. BNC connector Fiber Optic Cable Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials (See fig. 5). It transmits light rather than electronic signals eliminating the problem of electrical interference. This makes it ideal for certain environments that contain a large amount of electrical interference. It has also made it the standard for connecting networks between Fiber optic cable has the ability to transmit signals over much longer distances than coaxial and twisted pair. It also has the capability to carry information at vastly greater speeds. This capacity broadens communication possibilities to include services such as video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it is The center core of fiber cables is made from glass or plastic fibers (see fig 5). A plastic coating then cushions the fiber center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon or PVC.

Fig. 5. Fiber optic cable There are two common types of fiber cables -- single mode and multimode. Multimode cable has a larger diameter; however, both cables provide high bandwidth at high speeds. Single mode can provide more distance, but it is more expensive. Ethernet Cable Summary Specification 10BaseT 10Base2 10Base5 Cable Type Unshielded Twisted Pair Thin Coaxial Thick Coaxial

28

100BaseT 100BaseFX 100BaseBX 100BaseSX 1000BaseT 1000BaseFX 1000BaseBX 1000BaseSX

Unshielded Twisted Pair Fiber Optic Single mode Fiber Multimode Fiber Unshielded Twisted Pair Fiber Optic Single mode Fiber Multimode Fiber

Installing Cable - Some Guidelines When running cable, it is best to follow a few simple rules:

Always use more cable than you need. Leave plenty of slack. Test every part of a network as you install it. Even if it is brand new, it may have problems that will be difficult to isolate later. Stay at least 3 feet away from fluorescent light boxes and other sources of electrical interference. If it is necessary to run cable across the floor, cover the cable with cable protectors. Label both ends of each cable. Use cable ties (not tape) to keep cables in the same location together.

Wireless LANs

More and more networks are operating without cables, in the wireless mode. Wireless LANs use high frequency radio signals, infrared light beams, or lasers to communicate between the workstations and the file server or hubs. Each workstation and file server on a wireless network has some sort of transceiver/antenna to send and receive the data. Information is relayed between transceivers as if they were physically connected. For longer distance,
29

wireless communications can also take place through cellular telephone technology, microwave transmission, or by satellite. Wireless networks are great for allowing laptop computers or remote computers to connect to the LAN. Wireless networks are also beneficial in older buildings where it may be difficult or impossible to install cables. The two most common types of infrared communications used in schools are line-of-sight and scattered broadcast. Line-of-sight communication means that there must be an unblocked direct line between the workstation and the transceiver. If a person walks within the line-ofsight while there is a transmission, the information would need to be sent again. This kind of obstruction can slow down the wireless network. Scattered infrared communication is a broadcast of infrared transmissions sent out in multiple directions that bounces off walls and ceilings until it eventually hits the receiver. Networking communications with laser are virtually the same as line-of-sight infrared networks. Wireless standards and speeds The Wi-Fi Alliance is a global, non-profit organization that helps to ensure standards and interoperability for wireless networks, and wireless networks are often referred to as WiFi (Wireless Fidelity). The original Wi-Fi standard (IEEE 802.11) was adopted in 1997. Since then many variations have emerged (and will continue to emerge). Wi-Fi networks use the Ethernet protocol. Standard 802.11a 802.11b 802.11g Max Speed 54 Mbps 11 Mbps 54 Mbps Typical Range 150 feet 300 feet 300 feet

Advantages of wireless networks:

Mobility - With a laptop computer or mobile device, access can be available throughout a school, at the mall, on an airplane, etc. More an more businesses are also offering free WiFi access. Fast setup - If your computer has a wireless adapter, locating a wireless network can be as simple as clicking "Connect to a Network" -- in some cases, you will connect automatically to networks within range. Cost - Setting up a wireless network can be much more cost effective than buying and installing cables. Expandability - Adding new computers to a wireless network is as easy as turning the computer on (as long as you do not exceed the maximum number of devices).

Disadvantages of wireless networks:

30

Security - Wireless networks are much more susceptible to unauthorized use. If you set up a wireless network, be sure to include maximum security. You should always enable WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access), which will improve security and help to prevent virtual intruders and freeloaders. Interference - Because wireless networks use radio signals and similar techniques for transmission, they are susceptible to interference from lights and electronic devices. Inconsistent connections - How many times have you hears "Wait a minute, I just lost my connection?" Because of the interference caused by electrical devices and/or items blocking the path of transmission, wireless connections are not nearly as stable as those through a dedicated cable. Power consumption - The wireless transmitter in a laptop requires a significant amount of power; therefore, the battery life of laptops can be adversely impacted. If you are planning a laptop project in your classroom, be sure to have power plugs and/or additional batteries available. Speed - The transmission speed of wireless networks is improving; however, faster options (such as gigabit Ethernet) are available via cables. In addition, if set up a wireless network at home, and you are connecting to the Internet via a DSL modem (at perhaps 3 Mbps), your wireless access to the Internet will have a maximum of 3 Mbps connection speed.

Input/output connectors The computer's motherboard has a certain number of input-ouput connectors located on the "rear panel."

Most motherboards have the following connectors:

Serial port, which uses a DB9 connector, for connecting older devices; Parallel port, which uses a DB25 connector, mainly for connecting old printers; USB ports (1.1, low-speed, or 2.0, high-speed), for connecting more recent peripherals; RJ45 connector (called the LAN port or Ethernet port), for connecting the computer to a network. It interfaces with a network card built into the motherboard; VGA connector (called SUB-D15), used for hooking up a monitor. This connector interfaces with the built-in graphics card; Jacks (Line-In, Line-Out and microphone), for connecting speakers or a hi-fi sound system, as well as a microphone. This connector interfaces with the built-in sound card.

31

Aim 3: To study network topology i.e. Bus, Star, Ring etc. NETWORK TOPOLOGY The term topology in the context of communication network refers to the way the computers or workstations in the network are linked together. According to the physical arrangements of workstations and nature of work, there are three major types of network topology. They are star topology, bus topology and ring topology. Star topology In star topology a number of workstations (or nodes) are directly linked to a central node (see, Fig. 4.3). Any communication between stations on a star LAN must pass through the central node. There is bi-directional communication between various nodes. The central node controls all the activities of the nodes. The advantages of the star topology are:

It offers flexibility of adding or deleting of workstations from the network. Breakdown of one station does not affect any other device on the network.

The major disadvantage of star topology is that failure of the central node disables communication throughout the whole network.

Fig. 4.3: Star Topology Bus Topology In bus topology all workstations are connected to a single communication line called bus. In this type of network topology there is no central node as in star topology. Transmission from any station travels the length of the bus in both directions and can be received by all workstations. The advantage of the bus topology is that

It is quite easy to set up. If one station of the topology fails it does not affect the entire system.

The disadvantage of bus topology is that any break in the bus is difficult to identify.

32

Fig. 4.4: Bus Topology

Ring Topology In ring topology each station is attached nearby stations on a point to point basis so that the entire system is in the form of a ring. In this topology data is transmitted in one direction only. Thus the data packets circulate along the ring in either clockwise or anti-clockwise direction. The advantage of this topology is that any signal transmitted on the network passes through all the LAN stations. The disadvantage of ring network is that the breakdown of any one station on the ring can disable the entire system.

Fig. 4.5: Ring Topology

Aim:4 To study various types of error correcting techniques

Once error is detected, the error must be corrected

33

Error correction techniques 1. Retransmission (Backward error correction) Simplest, most effective, least expensive, most commonly used Corrected by retransmission of the data

2. Receiver, when detecting an error, asks the sender to retransmit the message Often called Automatic Repeat Request (ARQ)

3. Forward Error Correction Receiving device can correct incoming messages itself

Automatic Repeat Request (ARQ) Process of requesting that a data transmission be resent Main ARQ protocols Stop and Wait ARQ (A half duplex technique) Sender sends a message and waits for acknowledgment, then sends the next message Receiver receives the message and sends an acknowledgement, then waits for the next message Continuous ARQ (A full duplex technique) Sender continues sending packets without waiting for the receiver to acknowledge Receiver continues receiving messages without acknowledging them right away

Stop and wait protocol-

34

Continuous ARQ-

Aim:5
35

To study various types of framing methods A point-to-point connection between two computers or devices consists of a wire in which data is transmitted as a stream of bits. However, these bits must be framed into discernible blocks of information. Framing is a function of the data link layer. It provides a way for a sender to transmit a set of bits that are meaningful to the receiver. Ethernet, token ring, frame relay, and other data link layer technologies have their own frame structures. Frames have headers that contain information such as error-checking codes. There are three different types of framing, each of which provides a way for the sender to tell the receiver where the block of data begins and ends:

Byte-oriented framing Computer data is normally stored as alphanumeric characters that are encoded with a combination of 8 bits (1 byte). This type of framing differentiates one byte from another. It is an older style of framing that was used in the terminal/mainframe environment. Examples of byte-oriented framing include IBM's BISYNC protocol. Bit-oriented framing This type of framing allows the sender to transmit a long string of bits at one time. IBM's SDLC (Synchronous Data Link Control) and HDLC (High-level Data Link Control) are examples of bit-oriented protocols. Most LANs use bit-oriented framing. There is usually a maximum frame size. For example, Ethernet has a maximum frame size of 1,526 bytes. The beginning and end of a frame is signaled with a special bit sequence (01111110 for HDLC). If no data is being transmitted, this same sequence is continuously transmitted so the end systems remain synchronized. Clock-based framing In a clock-based system, a series of repetitive pulses are used to maintain a constant bit rate and keep the digital bits aligned in the data stream. SONET (Synchronous Optical Network) is a synchronous system in which all the clocks in the network are synchronized back to a master clock reference. SONET frames are then positioned within the clocked stream.

The advantage of using frames is that data is broken up into recoverable chunks that can easily be checked for corruption. A glitch in the line during the transmission will corrupt some frames. Only the lost frames and not the entire set of data needs to be retransmitted.

36

Aim6: Study of Serial Line Internet Protocol (SLIP) and Point-To-Point Protocol (PPP)Data link layer protocols. Serial Line Internet Protocol (SLIP) Serial Line Interface Protocol (SLIP) is a TCP/IP protocol used for communication between two machines that are previously configured for communication with each other. For example, the Internet server provider may provide the user with a SLIP connection so that the provider's server can respond to requests, pass them on to the Internet and forwards requested Internet responses back to the user. The dial-up connection to the server is typically on a slower serial line rather than on the parallel or multiplex lines such as a line of the network the user is hooking up to. It is commonly used on dedicated serial links and dial-up connections that operate at speeds between 1200bps and 56Kbps. SLIP modifies a standard Internet datagram by appending a special SLIP END character to it, which allows datagrams to be distinguished as separate. SLIP requires a port configuration of 8 data bits, no parity, and EIA or hardware flow control. SLIP does not provide error detection, being reliant on other high-layer protocols for this. Over a particularly error-prone dial-up link therefore, SLIP on its own would not be satisfactory. A SLIP connection needs to have its IP address configuration set each time before it is established whereas Point-to-Point Protocol (PPP) can determine it automatically once it has started. The Serial Line Internet Protocol (SLIP) is a mostly obsolete encapsulation of the Internet Protocol designed to work over serial ports and modem connections. It is documented in RFC 1055. SLIP has been largely replaced by the Point-to-Point Protocol (PPP), which is better engineered, has more features and does not require its IP address configuration to be set before it is established. A version of SLIP with header compression is called CSLIP (Compressed SLIP). SLIP is a STREAMS-based computer networking facility that provides for the transmission and reception of IP packets over serial lines. SLIP allows the use of TCP/IP networking applications such as rlogin and telnet over serial lines. SCO SLIP is an implementation of the Serial Line Internet Protocol (SLIP) as defined in RFC 1055 and RFC 1144. SLIP can be used to connect one host to another via a single, physical serial line connection between serial ports or over longer distances using a modem at each end of a telephone line. A computer that is running SLIP over one or more serial lines and that is also connected to a computer network (such as an Ethernet) can serve as a communication gateway between computers on a network and computers at the far end of each serial line. How SLIP framing works? An IP datagram is passed down to SLIP, which breaks it into bytes and sends them one at a time over the link. After the last byte of the datagram, a special byte value is sent that tells the receiving device that the datagram has ended. This is called the SLIP END character , and has a byte value of 192 decimal (C0 hexadecimal, 11000000 binary). And that's basically it:
37

take the whole datagram, send it one byte at a time, and then send the byte 192 to delimit the end of the datagram. A minor enhancement to this basic operation is to precede the datagram by an END character as well. The benefit of this is that, it clearly separates the start of the datagram from anything that preceded it. To see why this might be needed, suppose at a particular time one has only one datagram to send, datagram #1. So, the user sends #1 and then sends the END character to delimit it. Now, suppose there is a pause before the next datagram shows up. During that time, there is no transmission, but if there is line noise, the other device might pick up spurious bytes here and there. If the user later receives datagram #2 and just starts sending it, the receiving device might think the noise bytes were part of datagram #2. Starting datagram #2 off with an END character tells the recipient that anything received between this END character and the previous one is a separate datagram. If that's just noise, then this noise datagram is just gibberish that will be rejected at the IP layer. Meanwhile, it doesn't corrupt the real datagram one wishes to send. If no noise occurred on the line between datagrams, then the recipient will just see the END at the start of datagram #2 right after the one at the end of #1 and will ignore the null datagram between the two.

Point-To-Point Protocol (PPP) In networking, the Point-to-Point Protocol, or PPP, is a data link protocol commonly used to establish a direct connection between two networking nodes. It can provide connection authentication, transmission encryption privacy, and compression. PPP is used over many types of physical networks including serial cable, phone line, trunk line, cellular telephone, specialized radio links, and fiber optic links such as SONET. Most Internet service providers (ISPs) use PPP for customer dial-up access to the Internet. Two encapsulated forms of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used by Internet Service Providers (ISPs) to connect Digital Subscriber Line (DSL) Internet service. PPP is commonly used as a data link layer protocol for connection over synchronous and asynchronous circuits, where it has largely superseded the older, non-standard Serial Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25 protocol suite). PPP was designed to work with numerous network layer protocols, including Internet Protocol (IP), Novell's Internetwork Packet Exchange (IPX), NBF and AppleTalk. PPP is also used over broadband connections. RFC 2516 describes Point-to-Point Protocol over Ethernet (PPPoE), a method for transmitting PPP over Ethernet that is sometimes used with DSL. RFC 2364 describes Point-to-Point Protocol over ATM (PPPoA), a method for transmitting PPP over ATM Adaptation Layer 5 (AAL5), which is also sometimes used with DSL.
38

PPP Features The PPP follows an address notification system and using this IP address the dial up client works and the IP address established for the particular link is also requested by their networks. All this takes place automatically in the PPP. The PPP provides two methods of authentication; one is the Password Authentication Protocol that uses a password to authenticate or the Challenge Handshake Authentication Protocol which uses the handshake of the server with the dial up as an authentication. The PPP allows different types of protocols to function on its platform and on the same link. The PPP also additionally checks the link established by the protocol and includes something called the link level echo facility which checks if the link is operating properly. The main tasks of the Point to Point Protocol are to check if the condition of the line or the telephone line that it is operating on is OK. The Point to Point Protocol also checks the password and after going through all these initial checks it establishes the connection with the internet service provider servers and requests for an IP address. This IP address is used by the PPP on the internet to communicate with all other network protocols and servers as long as the connection lasts. The PPP also transports the packets of information from one server to the other and uses the same IP address to address the computer which has requested for the information. PPP Frames There are many protocols that are included in the PPP frame that work in tandem to send and receive data on a network. The packages of data that are being sent and received on the network is called frame. The Point to Point Protocol usually follows a general and a standard format for all the frames that it sends or receives. In order to understand the network and its functionalities and later trouble shoot a network administrator should be able to understand these frames to be able to diagnose issues related to the protocols. The Point to Point Protocol follows specified set of formats for different purposes on the network. The formats that are commonly used by the Point to Point Protocol are Link Control Protocol, and other authentication protocols like PAP and CHAP. The Point to Point Protocol also has a varied version called the PPP multilink protocol. All these protocols are used to transport the small bits of data over the link.

39

Aim 7: Study of IP Routing IP Routing is an umbrella term for the set of protocols that determine the path that data follows in order to travel across multiple networks from its source to its destination. Data is routed from its source to its destination through a series of routers, and across multiple networks. The IP Routing protocols enable routers to build up a forwarding table that correlates final destinations with next hop addresses. These protocols include: 1. BGP (Border Gateway Protocol) IS-IS (Intermediate System - Intermediate System) OSPF (Open Shortest Path First) RIP (Routing Information Protocol) When an IP packet is to be forwarded, a router uses its forwarding table to determine the next hop for the packet's destination (based on the destination IP address in the IP packet header), and forwards the packet appropriately. The next router then repeats this process using its own forwarding table, and so on until the packet reaches its destination. At each stage, the IP address in the packet header is sufficient information to determine the next hop; no additional protocol headers are required. The Internet, for the purpose of routing, is divided into Autonomous Systems (ASs). An AS is a group of routers that are under the control of a single administration and exchange routing information using a common routing protocol. For example, a corporate intranet or an ISP network can usually be regarded as an individual AS. The Internet can be visualized as a partial mesh of ASs. An AS can be classified as one of the following three types. A Stub AS has a single connection to one other AS. Any data sent to, or received from, a destination outside the AS must travel over that connection. A small campus network is an example of a stub AS. A Transit AS has multiple connections to one or more ASs, which permits data that is not destined for a node within that AS to travel through it. An ISP network is an example of a transit AS. A Multihomed AS also has multiple connections to one or more ASs, but it does not permit data received over one of these connections to be forwarded out of the AS again. In other words, it does not provide a transit service to other ASs. A Multihomed AS is similar to a Stub AS, except that the ingress and egress points for data traveling to or from the AS can be chosen from one of a number of connections, depending on which connection offers the shortest route to the eventual destination. A large enterprise network would normally be a multihomed AS.

40

An Interior Gateway Protocol (IGP) calculates routes within a single AS. The IGP enables nodes on different networks within an AS to send data to one another. The IGP also enables data to be forwarded across an AS from ingress to egress, when the AS is providing transit services. Routes are distributed between ASs by an Exterior Gateway Protocol (EGP). The EGP enables routers within an AS to choose the best point of egress from the AS for the data they are trying to route. The EGP and the IGPs running within each AS cooperate to route data across the Internet. The EGP determines the ASs that data must cross in order to reach its destination, and the IGP determines the path within each AS that data must follow to get from the point of ingress (or the point of origin) to the point of egress (or the final destination). The diagram below illustrates the different types of AS in a network. OSPF, IS-IS and RIP are IGPs used within the individual ASs; BGP is the EGP used between ASs.

41

Aim 8: Study of Open Shortest Path First (OSPF) Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. Specifically, it is a link-state routing protocol and falls into the group of interior gateway protocols, operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.[1] The updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008). OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large enterprise networks; IS-IS, another link-state routing protocol, is more common in large service provider networks. The most widely-used exterior gateway protocol is the Border Gateway Protocol (BGP), the principal routing protocol between autonomous systems on the Internet. OSPF has two primary characteristics. The first is that the protocol is open, which means that its specification is in the public domain. The OSPF specification is published as Request For Comments (RFC) 1247. The second principal characteristic is that OSPF is based on the SPF algorithm, which sometimes is referred to as the Dijkstra algorithm, named for the person credited with its creation. OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs) to all other routers within the same hierarchical area. Information on attached interfaces, metrics used, and other variables is included in OSPF LSAs. As OSPF routers accumulate link-state information, they use the SPF algorithm to calculate the shortest path to each node. As a link-state routing protocol, OSPF contrasts with RIP and IGRP, which are distancevector routing protocols. Routers running the distance-vector algorithm send all or a portion of their routing tables in routing-update messages to their neighbors. Packet Format Version number Type Packet length Router ID Area ID Checksum Authentication type Authentication Data

42

OSPF packets consist of nine fields. The following descriptions summarize the header fields illustrated above Version Number: - Identifies the OSPF version used. Type:- Identifies the OSPF packet type as one of the following: i. Hello: Establishes and maintains neighbor relationships. ii. Database Description: Describes the contents of the topological database. These messages are exchanged when an adjacency is initialized. iii. Link-state Request: Requests pieces of the topological database from neighbor routers. These messages are exchanged after a router discovers (by examining database-description packets) that parts of its topological database are out of date. iv. Link-state Update: Responds to a link-state request packet. These messages also are used for the regular dispersal of LSAs. Several LSAs can be included within a single link-state update packet. v. Link-state Acknowledgment: Acknowledges link-state update packets.
Packet LengthSpecifies the packet length, including the OSPF header,

in bytes.
Router IDIdentifies the source of the packet. Area IDIdentifies the area to which the packet belongs. All OSPF packets are

associated with a single area. ChecksumChecks the entire packet contents for any damage suffered in transit. Authentication TypeContains the authentication type. All OSPF protocol exchanges are authenticated. The Authentication Type is configurable on a per-area basis. AuthenticationContains authentication information. DataContains encapsulated upper-layer information.

43

Aim 9: Study of Supernetting and Subnetting Supernetting A supernet is an Internet Protocol (IP) network that is formed from the combination of two or more networks (or subnets) with a common Classless Inter-Domain Routing (CIDR) routing prefix. The new routing prefix for the combined network aggregates the prefixes of the constituent networks. It must not contain other prefixes of networks that do not lie in the same routing path. The process of forming a supernet is often called supernetting, route aggregation, or route summarization. Supernetting within the Internet serves as a preventative strategy to avoid topological fragmentation of the IP address space by using a hierarchical allocation system that delegates control of segments of address space to regional network service providers.[1] This method facilitates regional route aggregation. The benefits of supernetting are conservation of address space and efficiencies gained in routers in terms of memory storage of route information and processing overhead when matching routes. In Internet networking terminology, a supernet is a block of contiguous subnetworks addressed as a single subnet. Supernets always have masks that are smaller than the masks of the component networks. Supernetting alleviates some of the issues, such as excessively large route tables which increase router latency, with the original classful addressing scheme for IP addresses by allowing multiple networks address ranges to be combined, either to create a single larger network, or just for route aggregation to keep the "Internet Routing Table" (or any routing table) from growing too large. Supernetting combines a group of routes into a single route advertisement. The number of subnets and network addresses contained in Internet routing tables is rapidly increasing due to the rapid expansion of the Internet. This growth has had a negative impact on CPU resources, bandwidth, and memory used to maintain routing tables. Therefore, route summarization was introduced to reduce the size of network routing tables. If configured properly, supernetting can reduce the latency associated with router hop, since the average speed for routing table lookup will be increased due to the reduced number of entries. The overhead for routing protocols can also be reduced since fewer routing entries are being advertised. Subnetting A subnetwork, or subnet, is a logically visible, distinctly addressed part of a single Internet Protocol network.[1] The process of subnetting is the division of a computer network into groups of computers that have a common, designated IP address routing prefix. Subnetting breaks a network into smaller realms that may use existing address space more efficiently, and, when physically separated, may prevent excessive rates of Ethernet packet collision in a larger network. The subnets may be arranged logically in a hierarchical architecture, partitioning the organization's network address space (see also Autonomous
44

System) into a tree-like routing structure. Routers are used to interchange traffic between subnetworks and constitute logical or physical borders between the subnets. They manage traffic between subnets based on the high-order bit sequence (routing prefix) of the addresses. A routing prefix is the sequence of leading (most-significant) bits of an IP address that precede the portion of the address used as host identifier and, if applicable, the set of bits that designate the subnet number. Routing prefixes are expressed in CIDR notation, which uses the first address of a network followed by the bit-length of the prefix, separated by a slash (/) character. For example, 192.168.1.0/24 is the prefix of the IPv4 network starting at the given address, having 24 bits allocated for the network number, and the rest (8 bits) reserved for host addressing. The IPv6 address specification 2001:db8::/32 is a large network for 296 hosts, having a 32-bit routing prefix. In IPv4 networks, the routing prefix is traditionally expressed as a subnet mask, which is the prefix bit mask expressed in quad-dotted decimal representation. For example, 255.255.255.0 is the subnet mask for the 192.168.1.0/24 prefix. All hosts within a subnet can be reached in one routing hop, implying that all hosts in a subnet are connected to the same link. A typical subnet is a physical network served by one router, for instance an Ethernet network, possibly consisting of one or several Ethernet segments or local area networks, interconnected by network switches and network bridges) or a Virtual Local Area Network (VLAN). However, subnetting allows the network to be logically divided regardless of the physical layout of a network, since it is possible to divide a physical network into several subnets by configuring different host computers to use different routers.

Aim 10:
45

Write the case study of DOMAIN NAME SYSTEM (DNS) The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide. An often-used analogy to explain the Domain Name System is that it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. For example, www.example.com translates to 192.0.32.10. The Domain Name System makes it possible to assign domain names to groups of .Internet users in a meaningful way, independent of each user's physical location. Because of this, World Wide Web (WWW) hyperlinks and Internet contact information can remain consistent and constant even if the current Internet routing arrangements change or the participant uses a mobile device. The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated. In general, the Domain Name System also stores other types of information, such as the list of mail servers that accept email for a given Internet domain. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet. Other identifiers such as RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all potentially utilize DNS.The Domain Name System also defines the technical underpinnings of the functionality of this database service. For this purpose it defines the DNS protocol, a detailed specification of the data structures and communication exchanges used in DNS, as part of the Internet Protocol Suite (TCP/IP).

Applications Hostnames and IP addresses do not necessarily match on a one-to-one basis. Many hostnames may correspond to a single IP address: combined with virtual hosting, this allows a single machine to serve many web sites. Alternatively a single hostname may correspond to many IP addresses: this can facilitate fault tolerance and load distribution, and also allows a site to move physical location seamlessly. There are many uses of DNS besides translating names to IP addresses. For instance, Mail transfer agents use DNS to find out where to deliver e-mail for a particular address. The domain to mail exchanger mapping provided by MX records accommodates another layer of fault tolerance and load distribution on top of the name to IP address mapping.
46

 E-mail Blacklists: The DNS system is used for efficient storage and distribution of IP addresses of blacklisted e-mail hosts. The usual method is putting the IP address of the subject host into the sub-domain of a higher level domain name, and resolve that name to different records to indicate a positive or a negative. A hypothetical example using blacklist.com 102.3.4.5 is blacklisted => Creates 5.4.3.102.blacklist.com and resolves to 127.0.0.1 102.3.4.6 is not => 6.4.3.102.blacklist.com is not found, or default to 127.0.0.2 E-mail servers can then query blacklist.com through the DNS mechanism to find out if a specific host connecting to them is in the blacklist. Today many of such blacklists, either free or subscription-based, are available mainly for use by email administrators and anti-spam software. Software Updates: many anti-virus and commercial software now use the DNS system to store version numbers of the latest software updates so client computers do not need to connect to the update servers every time. For these types of applications, the cache time of the DNS records are usually shorter. Sender Policy Framework and DomainKeys, instead of creating their own record types, were designed to take advantage of another DNS record type, the TXT record. To provide resilience in the event of computer failure, multiple DNS servers are usually provided for coverage of each domain, and at the top level, thirteen very powerful root servers exist, with additional "copies" of several of them distributed worldwide via Anycast. Dynamic DNS (also referred to as DDNS) provides clients the ability to update their IP address in the DNS after it changes due to mobility. Protocol details DNS primarily uses User Datagram Protocol (UDP) on port number 53 to serve requests. DNS queries consist of a single UDP request from the client followed by a single UDP reply from the server. The Transmission Control Protocol (TCP) is used when the response data size exceeds 512 bytes, or for tasks such as zone transfers. Some operating systems, such as HP-UX, are known to have resolver implementations that use TCP for all queries, even when UDP would suffice. DNS resource records A Resource Record (RR) is the basic data element in the domain name system. Each record has a type (A, MX, etc.), an expiration time limit, a class, and some type-specific data. Resource records of the same type define a resource record set. The order of resource records in a set, returned by a resolver to an application, is undefined, but often servers implement round-robin ordering to achieve load balancing. DNSSEC, however, works on complete resource record sets in a canonical order. RR (Resource record) fields
47

Field NAME TYPE CLASS TTL RDLENGTH RDATA

Description Name of the node to which this record pertains. Type of RR. For example, MX is type 15. Class code. Unsigned time in seconds that RR stays valid, maximum is 2147483647. Length of RDATA field. Additional RR-specific data.

Length (octets) (variable) 2 2 4 4 (variable)

NAME is the fully qualified domain name of the node in the tree. On the wire, the name may be shortened using label compression where ends of domain names mentioned earlier in the packet can be substituted for the end of the current domain name. TYPE is the record type. It indicates the format of the data and it gives a hint of its intended use. For example, the A record is used to translate from a domain name to an IPv4 address, the NS record lists which name servers can answer lookups on a DNS zone, and the MX record specifies the mail server used to handle mail for a domain specified in an e-mail address (see also List of DNS record types). RDATA is data of type-specific relevance, such as the IP address for address records, or the priority and hostname for MX records. Well known record types may use label compression in the RDATA field, but "unknown" record types must not (RFC 3597). The CLASS of a record is set to IN (for Internet) for common DNS records involving Internet hostnames, servers, or IP addresses. In addition, the classes CH (Chaos) and HS (Hesiod) exist. Each class is a completely independent tree with potentially different delegations of DNS zones.

48

Aim 11: Write the case study of SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) Simple Network Management Protocol (SNMP) is a UDP-based network protocol. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects. SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications. Basic components An SNMP-managed network consists of three key components: Managed device = Slave device Agent = software which runs on Slave device Network management system (NMS) = software which runs on Master A managed device is a network node that implements an SNMP interface that allows unidirectional (read-only) or bidirectional access to node-specific information. Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, including, but not limited to, routers, access servers, switches, bridges, hubs, IP telephones, IP video cameras, computer hosts, and printers. An agent is a network-management software module that resides on a managed device. An agent has local knowledge of management information and translates that information to or from an SNMP specific form. A network management system (NMS) executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs may exist on any managed network. Protocol Details SNMPv1 and SMI-specific data types:The first version of the SMI (SMIv1) specifies the use of a number of SMI-specific data types, which are divided into two categories: Simple data types.
49

Three simple data types are defined in the SNMPv1 SMI, all of which are unique values: The integer data type is a signed integer in the range of -231 to 231-1. Octet strings are ordered sequences of 0 to 65,535 octets. Object IDs come from the set of all object identifiers allocated according to the rules specified in ASN.1. Application-wide data types. The following application-wide data types exist in the SNMPv1 SMI:Network addresses represent addresses from a particular protocol family. SMIv1 supports only 32-bit (IPv4) addresses (SMIv2 uses Octet Strings to represent i. ii. iii. addresses generically, and thus are usable in SMIv1 too. SMIv1 had an explicit IPv4 address datatype.) Counters are non-negative integers that increase until they reach a maximum value and then roll over to zero. SNMPv1 specifies a counter size of 32 bits. Gauges are non-negative integers that can increase or decrease between specified minimum and maximum values. Whenever the system property represented by the gauge is outside of that range, the value of the gauge itself will vary no further than the respective maximum or minimum, as specified in RFC 2578. Time ticks represent time since some event, measured in hundredths of a second. Opaques represent an arbitrary encoding that is used to pass arbitrary information strings that do not conform to the strict data typing used by the SMI. Integers represent signed integer-valued information. This data type redefines the integer data type, which has arbitrary precision in ASN.1 but bounded precision in the SMI. Unsigned integers represent unsigned integer-valued information, which is useful when values are always non-negative. This data type redefines the integer data type, which has arbitrary precision in ASN.1 but bounded precision in the SMI.

iv. v. vi.

vii.

Security implications SNMP versions 1 and 2c are subject to packet sniffing of the clear text community string from the network traffic, because they do not implement encryption. All versions of SNMP are subject to brute force and dictionary attacks for guessing the community strings, authentication strings, authentication keys, encryption strings, or encryption keys, because they do not implement a challenge-response handshake. Entropy is an important consideration when selecting keys, passwords and/or algorithms.

50

 Although SNMP works over TCP and other protocols, it is most commonly used over UDP that is connectionless and vulnerable to IP spoofing attacks. Thus, all versions are subject to bypassing device access lists that might have been implemented to restrict SNMP access, though SNMPv3's other security mechanisms should prevent a successful attack. SNMP's powerful configuration (write) capabilities are not being fully utilized by many vendors, partly due to lack of security in SNMP versions before SNMPv3 and partly due to the fact that many devices simply are not capable of being configured via individual MIB object changes. SNMP tops the list of the SANS Institute's Common Default Configuration Issues with the issue of default SNMP community strings set to public and private and was number ten on the SANS Top 10 Most Critical Internet Security Threats for the year 2000.

51

52