TCP/IP protocol

• TCP is an industry-standard suite of protocols
• It is routable and works over most network topologies
• It is the protocol that forms the foundation of the Internet
• It is Installed by default in Windows XP
• Can be used to connect dissimilar systems
• Uses Microsoft Windows Sockets interface (Winsock)
• IP addresses can be entered manually or be provided automatically by a DHCP server
• DNS is used to resolve computer hostnames to IP addresses
• WINS is used to resolve a NetBIOS name to an IP address
• Subnet mask - A value that is used to distinguish the network ID portion of the IP address from the host ID
• Default gateway - A TCP/IP address for the host (typically a router) which you would send packets for routing elsewhere on the network

Automatic Private IP Addressing
Windows 98, Windows ME, Windows 2000 and Windows XP support this feature.
When "Obtain An IP Address Automatically" is enabled, but the client cannot obtain
an IP address, Automatic Private IP addressing takes over:
• IP address is generated in the form of 169.254.x.y (where x.y is the computer's identifier) and a 16-bit subnet mask (255.255.0.0)
• The computer broadcasts this address to its local subnet
• If no other computer responds to the address, the first system assigns this address to itself
• When using the Auto Private IP, it can only communicate with other computers on the same subnet that also use the 169.254.x.y range with a 16-bit mask
• The 169.254.0.0 - 169.254.255.255 range has been set aside for this purpose by the Internet Assigned Numbers Authority

Alternate TCP/IP Configurations
Windows XP lets you provide an alternate TCP/IP configuration for each network interface in the event the interface is unable to obtain an IP address from a DHCP server. You can choose to use Automatic Private IP Addressing (the default) or to manually specify a configuration instead.

TCP/IP Client Utilities
• Telnet client - Can be used to open a text based console on UNIX, Linux and Windows XP systems (run telnet servername)
• FTP client - Command line based - simple and powerful (run ftp servername)
• Internet Explorer 6 - Microsoft's powerful and thoroughly integrated Web browser
• Outlook Express 6 - SMTP, POP3, IMAP4, NNTP, HTTP, and LDAP complaint Email package.

TCP/IP Server Utilities
• Telnet server - Windows XP includes a telnet server service (net start tlntsvr) that is limited to a command line text interface and two concurrent users. Set security on your telnet server by running the admin tool, tlntadmn.
• Web Server - stripped version of IIS5 Web server. Limited to 10 connections. Must be installed and the service started before sharing your printers using Web printing or Internet printing. Can be managed using IIS snap-in or Personal Web Manager, a "dumbed-down" GUI for novice users.
• FTP Server - stripped version of Internet Information Server 5 (IIS5) FTP server. Limited to 10 connections but is administered just like the server version using IIS snap-in or the Personal Web Manager.
• FrontPage 2000 Server Extensions - extends the functionality of the Web server and is included in WINXP Pro for developing and testing Web sites before deploying them to a production server. SMTP Server - does not appear to have limitations on connections but this is most likely because of its integration with LDAP and Active Directory replication. Also works with the form handlers in FrontPage Server Extensions.

Internet Explorer 6
Here are important changes to Internet Explorer 6 to note for the exam:
• The default cipher strength is now 128-bit.
• The Microsoft Virtual Machine for Java is not bundled in with XP thanks to continued legal bickering between MS and Sun Microsystems. The missing component is configured as an “Automatic Download.” The first time users attempt to use a java-enabled page that requires the Virtual Machine, they will be prompted to download it from Microsoft’s site.
• Internet Explorer now features a Media Toolbar that integrates Windows Media Player into your browser. This new toolbar deftly combines the worst features of both products.
• Microsoft has built a new privacy feature into Internet Explorer based upon the Platform for Privacy Preferences (P3P) standard. By default, all cookies from third-party Web sites that do not contain XML formatted privacy policy information are blocked.

Windows Messenger
MSN Messenger is being re-branded as “Windows Messenger”. This is a full featured text chat and videoconferencing client. It is completely integrated into the operating system and plays a pivotal role in Microsoft’s Passport/Hailstore/.NET initiative. Windows Messenger makes use of the Session Initiation Protocol (SIP) support builtinto Windows XP. (RFC 2543, 2848, 2976, 3050, 3087) While Windows Messenger is backwards compatible with your contacts who are using MSN Messenger, the following features will only work between Windows XP Desktops running Windows Messenger:
• Remote Assistance requests
• Videoconferencing

Internet Connection Sharing (ICS)

Internet Connection Sharing is a watered down version of Network Address Translation (NAT) and is intended for small networks, such as those typically found in the home or small business.

Using ICS, one computer, called the ICS host, shares its Internet connection with the rest of the computers on the private network. Other computers on the private network can force the ICS host to initiate a connection to the Internet (if not already active) by beginning a task that requires Internet access, such as starting Internet Explorer or Outlook Express.

The ICS host must have at least one Network Interface Card (NIC) connected to the rest of the private network through a switch or hub and one other network interface that connects to the Internet. This can be either broadband (Cable, DSL, etc.) or a standard dial-up modem.

When ICS is enabled, it will reassign the private adapter the IP address of 192.168.0.1 with a subnet mask of 255.255.255.0. All of the computers inside the private network must be configured to request IP addresses using DHCP. The ICS host will act as its own DHCP and DNS server for the internal private network. When configuring ICS you can enable the “Internet Discovery and Control” feature. This allows all ICS clients that support Internet Discovery and Control to monitor and manage their ICS connection and even force the ICS server to disconnect from the Internet, if need be. Windows XP clients support Internet Discovery and Control by default. Support for Internet Discovery and Control can be added to Windows 98 or higher clients running IE5 and up by running the Network Setup Wizard (available on the XP product CD) on them.

Internet Connection Firewall (ICF)

Internet Connection Firewall is Microsoft’s answer to securing single computers and small networks from the threats inherent today with usage of the Internet. ICF is directly related to Internet Connection Sharing, but the two may be used independently of each other (when used with ICS on the ICS host it can protect your entire network).

ICF is considered a "stateful" firewall—that is to say that it monitors all communications that happen to cross its boundaries and in doing do inspects the source and destination IP address of each message that it sees. To prevent unsolicited traffic from the public (Internet) side of the connection from entering the private side, ICF makes a table that tracks all communications that originate at the

ICF computer (in the case of a single computer) or the ICF/ICS host computer (when used in conjunction with ICS) and from all private network computers. All inbound traffic from the Internet is compared against the entries in the table and is only allowed to arrive at the computers in the private network when there is a matching entry in the table showing that the communication exchange began from within the private network.

Communications that originate from a source outside the ICF computer, such as the Internet, are dropped by the firewall unless an entry in the SERVICES tab is made to allow passage. Rather than sending you notifications about activity, ICF silently discards unsolicited communications, stopping common hacking attempts such as port scanning.

When dealing with ICF, there are three important items that you need to understand:

1. To configure ICF, you must be logged on locally as an administrator (or with administrative access). Neither Power Users nor the new security group Network Configuration Operators have the required privileges to modify ICF settings.

2. You should not enable ICF on the network adapter of a machine that does not connect directly to the Internet, as it will interfere with communications between that client and other clients on your network. It is for this reason that the Network Setup Wizard will not allow ICF to be configured on the private connection (the NIC that connects to the internal network) of an ICS configured machine.

3. Certain programs (Outlook 2000 for example) that rely on RPC messages from a server to the client (for new e-mail notification in this case) will not function correctly from behind ICF. This is because the RPC message originates unsolicited from outside the private network (at the ISP’s Microsoft Exchange Server in this case). ICF will not be able to find a corresponding entry in its routing table and thus the RPC messages will not be allowed to cross the firewall boundary. The message will be dropped and the user will not be notified of new e-mail. You can send and receive e-mail normally, but you would have to manually check for new e-mail.

To start configuration on ICF: Start > Settings> Network Connections > Local Area Connection (as applicable, as you can rename it) > Properties > Advanced. Place a check in the check box next to “Protect my computer…”. After this is accomplished, click on Settings. Doing this opens a new window with three tabs: Services, Security Logging and ICMP.

If your internal network is running any kind of Internet accessible services then the SERVICES tab should definitely get your attention. The default settings allow for none of the available services to be enabled; however you can easily modify this as your situation dictates. If a particular service that you need to support is not listed, you can simply add it.

The Security Logging tab deals primarily with what to log, how much to log and where to keep the log. The default settings enable a log located either at C:\WINNT\pfirewall.log (if upgrading from a Windows 2000 Professional or Windows NT 4.0 installation) or C:\WINDOWS\pfirewall.log (if upgrading from Windows 9x/Me or performing a clean installation). The default log size is 4096KB and can be changed to fit the needs of your situation, though. By default, logging is not in effect.

The last tab is ICMP settings. By default, none of the options are checked. This results in the most secure configuration possible. It may be useful to enable the first option “Allow incoming echo request” as this will enable the use of the PING command against the interface that ICF is configured on.

Network Bridging

Network Bridging is a new feature in Windows XP that allows you to combine several different network adapters for different networks into a single bridged network adapter that behaves as a single network. Bridging takes place at layer two of the OSI Network model, or Data Link layer. Windows XP treats the bridge as a physically installed device and it is configured in pretty much the same way other installed network devices are, as shown in Figure

Remote Desktop Connections

Windows XP Professional ships with a Remote Desktop Connection client installed by default. As well, it includes its own limited version of Terminal Services (called Remote Desktop Connection under Windows XP) that allows users and administrators to remotely work with and administer Windows XP Professional.

Connecting to a remote server

You can access the Remote Desktop Connection client by clicking Start > Programs > Accessories > Communications > Remote Desktop Connections. This brings up the Remote Connection Dialog box.

Enter the Computer Name, IP address, or Fully Qualified Domain Name (FQDN) of the computer you wish to connect to and click the Connect button. Use the Options button to configure some additional parameters for your connection:

• Display settings can include colour depth (if not overridden at the server end) and display size (640x480 to full screen).
• Remote sounds can be redirected to the local system.
• You can choose whether or not to redirect devices on the remote computer such as printer ports, serial ports, and disk drives to your local system.
• Choose a level of user experience that includes connection speed, themes, desktop background, bitmap caching, etc.

Connecting to Windows XP Professional

Here are the important points to know for the exam:

• Windows XP Professional only supports a single Remote Desktop Connection. When a remote user connects to a Windows XP Professional system the desktop on the local console automatically locks. Unlocking the desktop forces the remote session to disconnect immediately.
• Windows 95/98/ME, Windows NT 4, and Windows 2000 systems can remotely connect to a Windows XP Remote Desktop Connection session using either the 32-bit Terminal Services Client that ships with Windows 2000 or by installing the Remote Desktop Connection client that is included on the Windows XP product CD.
• To install the Remote Desktop Connection on an older Windows operating system, insert the Windows XP product CD, choose Perform additional tasks from the menu, and then Set up Remote Desktop Connection.
• Remote Desktop Connections require that port TCP/IP port 3389 for Remote Desktop Protocol be opened.
• Remote Desktop also supports Remote Desktop Web Connection – this is essentially the same as the Terminal Services Advanced Client available for Windows 2000. Clients require IE4 or higher with a special ActiveX control installed. The Windows XP system offering Remote Desktop Web Connection will need to be configured with the limited version of IIS5 that is included by default. Also ensure that the Remote Desktop Web Connection files are copied to the \Web\TSWeb directory of the Web server.

Troubleshooting:

• Ipconfig and Ipconfig /all - displays current TCP/IP configuration
• Nbtstat - displays statistics for connections using NetBIOS over TCP/IP
• Netstat - displays statistics and connections for TCP/IP protocol
• Ping - tests connections and verifies configurations
• Tracert - checks a route to a remote system
• Common TCP/IP problems are caused by incorrect subnet masks and gateways
• If an IP address works but a hostname doesn’t, check DNS settings

NWLink (IPX/SPX) and NetWare Interoperability

• NWLink (MS's version of the IPX/SPX protocol) is the protocol used by Windows XP to allow Netware systems to access its resources.
• NWLink is all that you need to run in order to allow a Windows XP system to run client/server applications from a NetWare server.
• To allow file and print sharing between NT and a NetWare server, CSNW (Client Services for NetWare) must be installed on the Windows XP system. In a Netware 5 environment, the Microsoft client does not support connection to a Netware Server over TCP/IP. You will have to use IPX/SPX or install the Novell NetWare client.
• Gateway Services for NetWare can be implemented on your Windows 2000 Server to provide a MS client system to access your NetWare server by using the Windows 2000 Server as a gateway.
• Frame types for the NWLink protocol must match the computer that the Windows XP system is trying to connect with. Unmatched frame types will cause connectivity problems between the two systems.
• When NWLink is set to autodetect the frame type, it will only detect one type and will go in this order: 802.2, 802.3, ETHERNET_II and 802.5 (Token Ring).
• Netware 3 servers uses Bindery Emulation (Preferred Server in CSNW). Netware 4.x and higher servers use NDS (Default Tree and Context.)
• There are two ways to change a password on a Netware server - SETPASS.EXE and the Change Password option (from the CTRL-ALT-DEL dialog box). The Change Password option is only available to Netware 4.x and higher servers using NDS.

Other protocols

• DLC is a special-purpose, non-routable protocol used by Windows XP to talk with IBM mainframes, AS400s and Hewlett Packard JetDirect printers.
• The NetBEUI protocol is not installed in Windows XP by default – it can be installed from the \VALUEADD\MSFT\NET\NETBEUI directory on the product CD-ROM.
• Windows XP does not support AppleTalk. If you are upgrading a previous version of Windows with AppleTalk installed, this protocol will be removed during the installation process.