How to Configure a Router to Use DHCP

Steps to configure router to use DHCP:

1. Connect to your router (by typing 192.168.0.1 or 192.168.1.1 into the URL bar) and log in. Check your user manual or documentation if you do not know the log-in credentials.

2. Make sure you are in the Setup -> Basic Setup category.

3. Scroll down until you see 'DHCP Server' - if it is disabled, select 'Enable'

4. If you want, you can change the number that the DHCP IP assigning starts. This is optional, and is totally dependant on personal preference.In this picture, the maximum number of DHCP clients is 3. You may need to increase this number according to how many people will need a dynamic IP address on your network. Once the max is reached, no one else can get an address until one expires!

5. Use the DNS servers provided to you by your ISP, or use the following DNS servers: 205.152.37.254, 205.152.132.235, 205.152.132.23; There are many DNS servers out there. It's best to use your ISP's if possible.

6. Scroll down and click 'Save Settings'.

7. Open up the network configurations for the computers on your network (Control Panel -> Network Connections -> Local Area Connection or Wireless Connection) and select 'Obtain IP address automatically'

Related Post:

How to Troubleshoot a DHCP Server?
Installation of DHCP Server in 2008

Source: wikihow

How to Enable DHCP Server Logging?

To enable enhanced DHCP logging, perform the following steps:

1. Start the DHCP administration tool (go to Start, Programs, Administrative Tools, and click DHCP).
2. Right-click the DHCP server, and select Properties from the context menu.
3. Select the General tab.
4. Select the "Enable DHCP audit logging" check box.
5. Click OK.

Windows 2000 will now create a DHCP log file in the %systemroot%\system32\dhcp directory for each day using a DhcpSrvLog.XXX file format.

Common audit codes that might appear in the log include

* 00—The log was started.
* 01—The log was stopped.
* 02—The log was temporarily paused due to low disk space.
* 10—A new IP address was leased to a client.
* 11—A lease was renewed by a client.
* 12—A lease was released by a client.
* 13—An IP address was found to be in use on the network.
* 14—A lease request could not be satisfied because the scope's address pool was exhausted.
* 15—A lease was denied.
* 16—A lease was deleted.
* 17—A lease was expired.
* 20—A BOOTP address was leased to a client.
* 21—A dynamic BOOTP address was leased to a client.
* 22—A BOOTP request could not be satisfied because the scope's address pool for BOOTP was exhausted.
* 23—A BOOTP IP address was deleted after verifying that it wasn't in use.

The DHCP Server uses codes above 50 for Rogue Server Detection information.

windowsitpro.com

Tools for diagnosing server problems remotely

Today I want to talk to you about some ways that you can remotely manage server room and not be dependent on platform or vendors.

IP-based Power Distribution Unit

One way to avoid that inconvenient commute to restart a stalled server is with an IP-based Power Distribution Unit (PDU).

APC makes pretty good IP-based PDUs with nice Web interfaces. If you're looking at other brands, you'll want to make sure they offer the ability to stagger "power-on" timings. This will prevent all the servers from powering on at the same time should there be an extended black-out - possibly tripping the circuits or damaging your servers.

The more advanced models will also display the power drain by outlet or as an entire unit. This could help you diagnose power-related problems remotely, and let you better estimate the load on your UPS.

Serial-IP adapter

Despite the shift towards IP-based appliances, there remains some server room equipment that still requires serial connectivity. The common ones would be your humble analog or GSM modems.

Equinox--now under Avocent--makes serial hubs that can connect directly to your serial-port based devices. The output comes in the form of an Ethernet port that connects to your network. You can install a free software driver on servers that need to access the serial devices, which also transparently creates the appropriate COM port.

Other companies such as Digi International and Axis Communications manufacture and sell such devices as well.

Using a serial hub is superior to the traditional method of installing a PC-based adapter board. Since your serial devices are now on the network, it's very useful in terms of business continuity (BC). Rather than having to run back to the office in the event of a hardware failure to swap out a hardware card or cable, it's now possible to remotely set up another server to take over the serial devices over the network.

Video Extender

The Video Extender is a class of device by itself. It's entirely possible to place a computer monitor as far as 150m away from a server or desktop machine.

Video Extender can prove incredibly useful in a factory or retail setting in which the display has to be placed in a server closet far from the server.

Full info here: http://www.zdnetasia.com/techguide/network/0,3800010800,62038162,00.htm

How to Troubleshoot a DHCP Server?

If you use DHCP servers to automatically configure the TCP/IP settings for workstations in your organization, a DHCP failure can lead to a major disruption in service. After all, if a workstation is not able to acquire an IP address, then it will have no way of accessing any of the resources on your private network or on the Internet. In this article, I will discuss some techniques that you can use to troubleshoot DHCP server failures.

Inappropriate Address Assignment

One very common DHCP related issue is the assignment of an unexpected IP address. For example, suppose that your DHCP server was configured with an IP address scope of 192.168.0.1 to 192.1680.50. You would expect network hosts to be assigned IP addresses in this range. Now, suppose that a workstation on your network appeared to be having problems communicating with network servers. You issue an IPCONFIG /ALL command to view the workstation’s IP address configuration. Instead of the expected address range, the workstation has been assigned an address beginning with 169.254.

So what happened? If a host on your network is unexpectedly assigned an address beginning with 169.254, you can rest assured that the address was not assigned by your DHCP server. What actually has happened, is that the workstation has failed to contact a DHCP server. When this occurs, the workstation will assign itself an IP address using a Windows feature known as Automatic Private IP Addressing (APIPA).

Common DHCP Server Problems

If multiple workstations are experiencing problems with leasing IP addresses, then the problem is most likely related to the DHCP server itself. If you suspect that the DHCP server is the cause of the problem, then you might start off by doing some ping tests to verify that the DHCP server is able to communicate across the network.

If the DHCP server is able to communicate with other computers on the network, then I recommend verifying that the DHCP server has an IP address that is compatible with the scope that the server is configured to assign addresses from. For example, if the DHCP server’s scope consists of addresses from 192.168.0.1 to 192.168.0.50, then the server will not actually be able to assign those addresses unless the server itself has been assigned a static address in the same subnet range, such as 192.168.0.0 or 192.168.0.51.

IP Address Conflicts

Another problem that I have seen on occasions involves IP address conflicts among dynamically configured addresses. When you create a DHCP scope, it is the DHCP server’s responsibility to make sure that addresses within the scope are only leased to one client at a time. If that’s the case, then how is it possible to have an IP address conflict for dynamically assigned addresses?

There are two situations that I’ve run into that can cause this problem. The first time that I ever ran into this problem, I was able to determine which PCs had been assigned at the duplicate addresses. When I checked the TCP/IP configuration on those machines, I found that one of the machine’s IP addresses had been manually configured. It’s kind of a long story, but that machine’s user was running an unauthorized application that required a static IP address. The user got tired of having to reconfigure the application every time they used it, so they took the address that had been dynamically assigned to them, and entered it as a static address.

Full Information here

How to Setup a DNS Server in Ubuntu

Assumptions

Enough with the DNS background. Let’s now start configuring our own DNS server. Let’s assume that we have the following: we want to create a private internal domain name called mydomain.com, our private internal network is 192.168.0.x and our router and gateway is set at 192.168.0.1. Let’s assume all devices are going to be configured with static IP addresses. Normally, most computer systems nowadays are configured to automatically obtain IP addresses from the DHCP server/router. In this example, we will use static IP addresses to show how DNS works. Finally, we have 3 computers connected to our network:

• Ubuntu Server, the DNS server - 192.168.0.9
• Ubuntu Desktop - 192.168.0.10
• PC - 192.168.0.11

Instructions

1. To install the DNS server, we need to install Bind 9.

sudo apt-get install bind9

2. Let’s configure Bind. We need to touch 5 files.

We will edit 3 files.

• /etc/bind/named.conf.local
• /etc/bind/named.conf.options
• /etc/resolv.conf

We will create 2 files.

• /etc/bind/zones/mydomain.com.db
• /etc/bind/zones/rev.0.168.192.in-addr.arpa

A. First step. Lets add our domain zone - mydomain.com.

sudo vi /etc/bind/named.conf.local

# Our domain zone
zone "mydomain.com" {
 type master;
 file "/etc/bind/zones/mydomain.com.db";
};

# For reverse DNS 
zone "0.168.192.in-addr.arpa" {
 type master;
 file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};

Save file. Exit.

We just created a new domain. Please note: later we will create two files named mydomain.com.db and rev.0.168.192.in-addr.arpa files. Also, notice the reverse IP address sequence in the reverse DNS section.

B. Let’s add the DNS servers from your ISP. In my case, I’m using Comcast DNS servers. You can place the primary and secondary DNS servers here separated by semicolons.

sudo vi /etc/bind/named.conf.options

forwarders {
 68.87.76.178;
};

Save file. Exit.

C. Now, let’s modify the resolv.conf file found in /etc and place the IP address of our DNS server which is set to 192.168.0.9.

$ sudo vi /etc/resolv.conf

search mydomain.com.
nameserver 192.168.0.9

D. Now, let’s define the zones.

sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/mydomain.com.db

$TTL 3D
@ IN SOA ns.mydomain.com. admin.mydomain.com. (
 2007062001
 28800
 3600
 604800
 38400
);
mydomain.com.  IN      NS         ns.mydomain.com.
ubuntudesktop  IN      A          192.168.0.10
www            IN      CNAME      ubuntudesktop
pc             IN      A          192.168.0.11
gw             IN      A          192.168.0.1
                     TXT        "Network Gateway"

The TTL or time to live is set for 3 days
The ns.mydomain.com nameserver is defined
ubuntudesktop, pc and gateway are entered as an A record
An alias of www is assigned to ubuntudesktop using CNAME

E. Let’s create a “rev.0.168.192.in-addr.arpa” file for reverse lookup.

sudo vi /etc/bind/zones/rev.0.168.192.in-addr.arpa

$TTL 3D
@       IN      SOA     ns.mydomain.com. admin.mydomain.com. (
              2007062001
              28800
              604800
              604800
              86400
)
      IN      NS      ns.mydomain.com.
1       IN      PTR     gw.mydomain.com.
10      IN      PTR     ubuntudesktop.mydomain.com.
11      IN      PTR     pc.mydomain.com.

3. Let’s restart Bind to activate our latest changes.

sudo /etc/init.d/bind9 restart

4. Finally, let’s test our new domain and DNS entries.

Dig

$ dig mydomain.com

Nslookup

nslookup gw

5. That’s it.

Source

Howto find DNS Server Version remotely using fpdns

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behaviour of different DNS implementations is expected to be the same.

The reality is quite different though. fpdns uses a series of borderline DNS queries to determine the vendor, product and version of a nameserver.

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behaviour of different DNS implementations is expected to be the same.

Requirements for protocol behaviour of DNS implementations is widely documented in the case of ‘common’ dns messages. The DNS protocol is over 20 years old and since its inception, there have been over 40 independent DNS implementations, while some implementations have over 20 versions.

The methodology used to identify individual nameserver implementations is based on “borderline” protocol behaviour. The DNS protocol offers a multitude of message bits, response types, opcodes, classes, query types and label types in a fashion that makes some mutually exclusive while some are not used in a query messages at all. Not every implementation offers the full set of features the DNS protocol set currently has. Some implementations offer features outside the protocol set, and there are implementations that do not conform to standards.

Also, new features added to - or bugs removed allow for differentiations between versions of an implementation.

Install fpdns in Ubuntu

sudo aptitude install fpdns

This will complete the installation

Using fpdns

fpdns [-c] [-d] [-f] [-p port] [-Q srcaddr] [-r retry] [-s] [-t timeout] [-v] server

Where: server is an ip address or a resolvable name
or ‘-’ to read list of servers from stdin
-c (where appropriate check CH TXT version) [off]
-d (debug) [off]
-f (force check CH TXT version) [off]
-F (maximum forked processes) [10]
-p port (nameserver is on this port) [53]
-Q srcaddr (source IP address) [0.0.0.0]
-r retry (set number of attempts) [1]
-s (short form) [off]
-t time (set query timeout) [5]
-v (show version)

fpdns Examples

BIND Version 8 Example

fpdns -D google.com

fingerprint (google.com, 216.239.34.10): ISC BIND 8.3.0-RC1 — 8.4.4
fingerprint (google.com, 216.239.36.10): ISC BIND 8.3.0-RC1 — 8.4.4
fingerprint (google.com, 216.239.38.10): ISC BIND 8.3.0-RC1 — 8.4.4
fingerprint (google.com, 216.239.32.10): ISC BIND 8.3.0-RC1 — 8.4.4

BIND Version 9 Example

fpdns -D debianhelp.co.uk

fingerprint (debianhelp.co.uk, 212.67.202.2): ISC BIND 9.2.3rc1 — 9.4.0a0 [recursion enabled]
fingerprint (debianhelp.co.uk, 212.67.203.246): ISC BIND 9.2.3rc1 — 9.4.0a0 [recursion enabled]

TinyDNS Example

fpdns ns1.eu.dedicatedserver.com.

fingerprint (ns1.eu.dedicatedserver.com., 213.198.65.226): DJ Bernstein TinyDNS 1.05

Microsoft windows 2003 Example
fpdns -D microsoft.com

Source: http://www.ubuntugeek.com/howto-find-dns-server-version-remotely-using-fpdns-fingerprinting-dns-servers.html

DNS Servers Are Under Fire

The number and severity of domain name service server attacks have risen sharply on networks around the globe, as phishers, pharmers and other malicious code writers embrace the latest way to circumvent traditional forms of mitigation.

Sandvine has observed an increase in server attacks, particularly DNS attacks on broadband networks. DNS server are suddenly overwhelmed by a glut of spoofed DNS requests and responses, causing the server to process requests slower and slower until it eventually fails entirely - impacting subscribers' ability to use the Internet for the duration of the attack.

Sandvine Security Operations Services team has identified increases where single attackers performed over 1000 times the normal amount of lookups on a DNS server in a 12-hour period. These attackers are engaging in a form of DNS attack called DNS poisoning - the act of tainting the server's cache with incorrect routing information so illegitimate sites appear in a browser despite a legitimate web address being requested.

One successful poisoning attempt could affect many thousands of users, and result in droves of subscribers being taken to exploitive sites that bilk them of their personal information, steal their identity, download malware (worms, spyware, adware, etc.) onto their computers, or bombard them with irrelevant advertisements - even though they typed in the correct URL into their browser or followed the right hyperlink. Poisoning can be accomplished by individual computers or by networks of 'zombie' computers directly on the ISP's network or spread around the world.

As threatening as DNS attacks and poisoning are to the personal- information integrity of subscribers, the damage is compounded for broadband service provider networks. DNS attacks are responsible for overwhelming DNS servers to the point of failure, causing massive, wide-scale service outages. This results in subscriber churn, destroys brand equity, and can cost millions in subscriber refunds, not to mention the substantial financial burden of trying to identify and alleviate the problem.

"Broadband service providers must protect their network and subscribers with multi-layered, network-based approaches," said Don Bowman, VP, Consulting Systems Engineering, Sandvine Incorporated. "Attacks and malicious code are becoming more and more evasive and targeted. Service providers need to proactively monitor their networks for threats and respond in real-time to shut down these attacks."

Source: http://news.softpedia.com/news/DNS-Servers-Are-Under-Fire-2226.shtml

Installation of DHCP Server in 2008

Installing DHCP server in Windows 2008 Infrastructure

DHCP plays a very important role in leasing out the IP addresses to clients, when you are running this service into your server. In Windows 2008 Server there have been some improvements over Windows 2003 Server, especially major improvements in backup and restore.

Understanding DHCP process

Workstation boots up and broadcast is sent to all nodes on a subnet. This broadcast works on UDP port 68 and server is listening to these broadcasts on UDP port 67.
Installing DHCP server in Windows 2008

1. Go to start, Programs, Administrative tools in that Server Manager
2. Select Roles node in Server Manager, then click Add roles and select DHCP Server
3. Verify the network Bindings option.
4. Then IP v4 Settings page will come, Provide domain name and DNS IP address.
5. IF wins is required in your environment provide those details also.
6. Then Enter Start IP and End IP address range along with SM and gateway
7. In DHCP v6 stateless mode select enable if it's required
8. After the above steps you will see your DHCP server has just been configured.

Improvements in Windows 2008 DHCP (Backup and Restore)

In Windows 2008 DHCP Server you no longer need to export those registry keys or manually move database to different server, because backup and restore can be performed from DHCP console.

To Backup DHCP database

1. Open DHCP manager
2. Right Click on server name and choose backup
3. Give the path where it has to be stored

To restore DHCP database

1. Go to the server where DHCP has to be restored
2. Right click on server name and restore, give the path from where it has to be restored
3. It will ask to stop and start the services. Select Yes.

Source:symantec.com

iYogi Acquires Clean Machine Inc.

Larry Gordon, Founder of Clean Machine appointed as President Global Channel Sales at iYogi

New York, NY, May 11th, 2009 : iYogi, a global direct to consumer and small business technical support provider, today announced it’s acquisition of Clean Machine Inc, a provider of remotely administered PC security and performance management services. Clean Machine will operate as a separate brand under the iYogi services umbrella along with the recently lunched Support Dock (www.supportdock.com) and its comprehensive range of 24/7 technical support services for computers, printers, MP3 players, digital camera, routers, servers and more than 100 software applications. Larry Gordon, Founder of Clean Machine is appointed as the President of Global Channel Sales for iYogi.

iYogi will integrate technology and innovation that Clean Machine Inc. has developed for delivering an enhanced service experience by proactively managing the health and security for PC's and Apple Computers. This acquisition also broadens iYogi's access to key markets through Clean Machine's existing partnerships. Larry Gordon's past experience and successful track record will accelerate iYogi's expansion through his focus on global alliances.
Commenting on the acquisition of Clean Machine Inc., Uday Challu, CEO & Co-founder of iYogi, said,

"This acquisition will help iYogi to enhance our customer experience and extend our market reach to the millions of consumers that are challenged by the increasingly complex technology environment. Clean Machine's proactive maintenance and management of PCs in home and small business environment will be our launch platform for building the next generation of managed services for consumers."

"We are delighted to have Larry spearheading partnerships and global alliances for iYogi. His incredible experience in marketing, sales and building global alliances will help forge partnerships with retailers, multiple service operators, software publishers, original equipment manufacturers (OEM) and other such companies that are at the frontlines for managing tech support issues for consumers and small businesses",

added Challu.

With more than 20 years of experience, Larry Gordon has played a variety of strategic roles in marketing, sales and building alliances. Larry was the Executive Vice President at Capgemini and Kanbay. He was also VP of Global Marketing for Cognizant (Nasdaq: CTSH), a leader in global IT services and Director of Marketing for New York based Information Builders.

"I am excited to join a company that shares a common mission to Clean Machine in creating a global brand for delivering the best technical support to consumers and small businesses. We also share a common approach of utilizing highly skilled talent with leading edge tools, thereby delivering services at incredible price-points, with high margins for our partners",

said Larry Gordon, the newly appointed President of Global Channel Sales at iYogi.

ABOUT IYOGI

Headquartered in Gurgaon, India with offices in New York, USA, iYogi provides personalized computer support for consumers and small businesses in United States, United Kingdom, Canada and Australia. IYogi's 24/7 phone and remote technical assistance, spans across a comprehensive range of technologies we use every day from a wide range of vendors. Utilizing its proprietary technology iMantra , and highly qualified technicians, iYogi delivers amongst the highest benchmarks for resolution and customer satisfaction. iYogi is privately held and funded by SAP Ventures, Canaan Partners, and SVB India Capital Partners. iYogi was recently awarded the Red Herring Global 100 Award, recognizing it as one of the 100 most innovative private companies driving the future of technology. For more information on iYogi and a detailed list of technologies supported, visit: www.iyogi.net.

ABOUT CLEAN MACHINE

Clean Machine Inc. is a NJ-based and incorporated company that helps consumers and small business owners easily manage and protect their computing environments safely and cost effectively. The company is has a unique, powerful and inexpensive PC concierge service. Specifically, each customer is assigned a highly-trained tech concierge who remotely examines their computer system on a scheduled and very secure basis. The PC concierge will immediately fix software-based problems and prevent new threats to the customer's computing environment including offensive pop-ups, browser redirects and slow performance, and then provides a detailed report. Clean Machine's proprietary Radar(TM) technology (Remote Access Detection Audit and Repair) allows its expert technicians to remotely resolve any problems, eliminating the need for customers to go through the frustrating process of speaking with a tech support expert, and still having to do the work themselves. In other words, the Clean Machine PC concierges do it all. For more information on Clean Machine please visit www.pccleanmachine.com.

How the DHCP Server Callout API Operates?

A internal table is maintain by Microsoft DHCP Server on the occurence of dhcp protocol, trigger third-party DLL function calls. Developers register to have occurrence of these events call their functions by creating a specified registry entry that Microsoft DHCP Server reads upon startup.

The location of the registry entry is:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCPServer\Parameters

The following registry key values must be specified for this entry in order to enable the callout server:

Key Name	Key Datatype	Value
CalloutDlls	REG_MULTI_SZ	String that contains the local path to the DHCP callout DLL. For example: "C:\Program Files\MyCalloutServer\my_dhcp.dll"
CalloutEnabled	DWORD	32-bit unsigned integer value that specifies 0 if the DHCP callout server is not enabled, and 1 if it is.

How Microsoft DHCP Server loads and handles third-party DLLs impacts third-party DLL developers. Microsoft DHCP Server takes the following steps in loading third-party DLLs:

1. Microsoft DHCP Server checks the previously defined registry location for the presence of third-party DLLs.
2. If no registry entries are found, the DHCP Server internal hook table remains empty, and no DHCP Server event notifications are sent.
3. If one or more registry entries is found, Microsoft DHCP Server reads the first registry entry, in alphabetical order, and attempts to load the corresponding third-party DLL. If the DLL loads successfully, Microsoft DHCP Server ceases checking for additional third-party DLLs.
4. Microsoft DHCP Server calls the DhcpServerCalloutEntry function in the loaded third-party DLL, retrieving the associated DHCP_CALLOUT_TABLE function and thereby determining which events initiate notification to the third-party DLL. Notification comes in the form of corresponding third-party functions: one or more of which can be included in the third-party DLL, and each of which are defined in the following DHCP Server API reference pages.
   

Because the DHCP Server API enables developers to hook into the core functionality of Microsoft DHCP Server, use care when writing the third-party DLL functions. Several events that result in third-party DLL function calls occur when locks are held by the DHCP Server, and therefore, poorly written hooks can destroy DHCP Server heaps and critical information in Microsoft DHCP Server structures.

Source: msdn.microsoft.com

Importance of Public DNS Servers

The purpose of a DNS server is to enable people and applications to lookup records in DNS tables. Most DNS servers are now private, meaning that they are configured to only provide service to the people and organizations who own and maintain them.

A few domain name servers on the Internet provide DNS resolutions for anyone who requests it of them. These are known as "Public DNS Servers."

Most public DNS servers are public on purpose. A few public DNS servers are public only because they have been misconfigured by their system administrators. Those DNS servers tend to eventually be fixed.

Public DNS Servers

Level 3 Communications (Broomfield, CO, US)
4.2.2.1
4.2.2.2
4.2.2.3
4.2.2.4
4.2.2.5
4.2.2.6
Verizon (Reston, VA, US)
151.197.0.38
151.197.0.39
151.202.0.84
151.202.0.85
151.202.0.85
151.203.0.84
151.203.0.85
199.45.32.37
199.45.32.38
199.45.32.40
199.45.32.43
GTE (Irving, TX, US)
192.76.85.133
206.124.64.1
One Connect IP (Albuquerque, NM, US)
67.138.54.100
OpenDNS (San Francisco, CA, US)
208.67.222.222
208.67.220.220
Exetel (Sydney, AU)
220.233.167.31
VRx Network Services (New York, NY, US)
199.166.31.3
SpeakEasy (Seattle, WA, US)
66.93.87.2
216.231.41.2
216.254.95.2
64.81.45.2
64.81.111.2
64.81.127.2
64.81.79.2
64.81.159.2
66.92.64.2
66.92.224.2
66.92.159.2
64.81.79.2
64.81.159.2
64.81.127.2
64.81.45.2
216.27.175.2
66.92.159.2
66.93.87.2
Sprintlink (Overland Park, KS, US)
199.2.252.10
204.97.212.10
204.117.214.10
Cisco (San Jose, CA, US)
64.102.255.44
128.107.241.185

Source: tech-faq.com

How to Secure Network from Kaminsky's DNS Cache Poisoning Flaw

The seriousness of the recent DNS cache poisoning vulnerability, discovered by security researcher Dan Kaminsky, raises the bar for network security administrators and should provoke development of a comprehensive plan to address this insidious threat. Every enterprise has a caching DNS server and is thus a target of the Kaminsky DNS cache poisoning flaw.

A Kaminsky DNS cache poisoning attack consists of two steps:

Step No. 1: The attacker sends fake DNS queries, or questions, to internal caching DNS servers. These queries are for domains that the caching server will not have cached, so it will have to generate subsequent queries to authoritative servers on the Internet.

Step No. 2: The attacker then sends a barrage of fake answers to each fake question, attempting to spoof the answer from the authoritative server. To succeed, the attacker has to correctly guess various query parameters—such as Transaction ID and User Datagram Protocol (UDP) source port—before a valid response from the legitimate authoritative server reaches the caching DNS server. There are some additional technical details about the fake answer that will be discussed later in this article.

If the attacker succeeds in getting his or her fake answer accepted by the caching DNS server, the consequences are quite serious. The poisoned DNS entry can be used to redirect Web traffic, e-mail or any other IP application to a malicious server controlled by an attacker. Since the DNS points users to their destinations, it is completely unaware that the traffic is being diverted.

Protecting against the Kaminsky attack

As with any security vulnerability, the best approach for protecting against the Kaminsky attack is to employ multiple defenses. In this case, traditional firewalls and intrusion prevention systems (IPS) can be part of the solution, providing an initial defensive shield that will reduce the number of fake DNS query requests and responses.

But most firewalls and IPS will not stop a fake DNS response from poisoning the DNS cache if the DNS query parameters match. This means it is a primary consideration to ensure that the DNS server itself employs the best possible defenses. Put another way, DNS security starts with the DNS server.

Source: eweek.com

Open-source server distro builds on Ubuntu

Zaragoza, Spain-based eBox Technologies announced the availability of version 1.0 of its Ubuntu Linux-based eBox server distribution.The open source eBox 1.0 features LDAP, DHCP, NTP, DNS, and email servers, among other features, and provides a new development framework for building add-on modules, says the company.

Aimed primarily at small- and medium-sized business, but also supporting home and enterprise users, eBox combines numerous open source packages under an umbrella framework that is said to ease network management. Most of eBox's code works to manage the internal communication among otherwise-independent network services, says eBox Technologies. As a result, administrators can more easily manage IT infrastructure as a single unit, claims the company. For example, the object-based network management system is said to enable high-level management of IP addresses, easing the administration of the firewalls and other tools.

Major features listed for eBox 1.0 include:

* User management center -- The eBox OpenLDAP-based LDAP server stores sharable user and group accounts, and its primary domain controller enables Windows machines to authenticate against it, and provides roaming profiles.

* Shared resource manager -- Based on Samba and CUPS, the file and print servers support Windows networks with features including data backup, as well as assignment of user and group permissions levels.

* Communication center -- Features include email serving, storing mailboxes, filtering mail and viruses, relaying mail with selected filters, and instant messaging using the Jabber IM network. Other communications components are based on Postfix, Spamassassin, and ClamAV.

* Network gateway -- Network management features are said to include creating virtual interfaces and 802.1q-enabled trunk interfaces, as well as setting up a default gateway, static routes, and DNS server. eBox offers load balancing and traffic shaping features, as well as the ability to filter packets, perform NAT, and manage the access to all eBox services, says the company. Its caching HTTP proxy is said to accelerate web browsing and enable filtering pages based on content and black lists. Gateway components include Squid, DansGuardian, Netfilter/Iptables, and Iproute2.

* Infrastructure manager -- Compatible with the 802.1q switching protocol, eBox enables administrators to deploy network interfaces on several VLANs through one physical network interface, says the company. Its DHCP server enables the management and assignment of IP addresses, while the NTP server can sync its time and date with external NTP servers. eBox's DNS server provides for customizable name resolution, and the Apache web server shares public information by users using HTTP and Samba. A certificate authority enables the configuration of VPNs. The various servers and components are based on ISC DHCP, NTP, Bind, Apache, OpenSSL, and OpenVPN.

Source: desktoplinux.com/news/NS3601094260.html

Ways To Protect Your Network

Here are three free tricks to increase your network's security:-

1. Use OpenDNS

Use OpenDNS Internet traffic gets routed through IP addresses; the text you type as a URL only sits on top of those numbers. Normally, when you type pcworld.com, it gets referenced in a domain name server directory, which then routes you to the actual IP address. But what happens if that structure is compromised and an attacker can send your request to a different IP address?

Domain name servers and operating systems were eventually patched to protect against this attack. But the OpenDNS server already anticipated the problem and is quick to react to threats. Use it instead of relying on your ISP's DNS servers.

On the client side, you can open the Network Connections Control Panel. Right-click the active connection, and pick Properties. Select Internet Protocol (TCP/IP), and click Properties. Click the radio button to Use the following DNS server addresses and enter 208.67.222.222 and 208.67.220.220.

Or you can enable it on your router, sending DHCP clients these details without additional intervention. The specific process varies, but you'll essentially log in and enter those IP addresses in the NAT area.

2. Update Your Router Firmware

Psyb0t is a worm that was written to attack router hardware directly, embedding itself inside. It simply guesses the login and password for a range of routers, starting with the defaults. At the very least, you should be using a strong password, especially since many low-end routers don't let you change the login ID.

Just like your operating system, hardware companies typically patch routers over time, especially when security flaws are discovered. Look up your specific model and see if there's a firmware update. If so, download, and apply the revision; it'll likely protect you from many attacks.

3. Disable Remote Administration

In addition to updating your router firmware and giving it a strong password, you can close another door by disabling remote administration. This option is often off by default, but check your router's settings to tell for sure.

With remote administration on, someone can log in from offsite. They'll typically need a valid password, although this access presents another weak point in your defenses.

If you need to administrate the network remotely, set up a secure connection to a VPN gateway at your network, instead of connecting in that open method.

Source: .pcworld.com

DNS Physical Structure in Support of Active Directory

Source: http://technet.microsoft.com/

How to use DNS with Active Directory?

Active Directory relies heavily on DNS to function, but not just any DNS. Active Directory requires the DNS service found on Windows 2000 Server or Windows Server 2003 systems or equivalents.

If your network will be connected to the Internet in some way, you need to design and prepare your internal DNS structure to support Internet access (inbound, outbound or both). You have several options, including:

• Deploy a new fully qualified domain name hierarchy (i.e., namespace) on your internal network that is registered with the InterNIC. This means your internal LAN and the Internet have no logical distinction.
• Expand an existing InterNIC registered namespace, such as one for a Web or e-mail server, and expand it to support your private network. This is basically a variation of the first option.
• Use a sub-domain of an existing InterNIC registered namespace that is not currently being used on the Internet.
• Use a local namespace that exists only within your private network and that is not connected to a namespace on the Internet.
  

Using a namespace that exists both on your private network and on the Internet is not the most secure configuration. This configuration allows malicious users to easily obtain the names of your network servers and direct attacks against them. A simple NSLOOKUP command can provide anyone with a list of your registered systems. One method to help reduce this threat is to deploy dual DNS servers. Both DNS servers should be configured with primary zone authority over your namespace. Place one of the DNS servers inside your network (i.e., inside the firewall) and include all of your domain controllers and Internet servers in that zone. Place the other DNS server outside of your network and exclude all domain controllers from its zone.

Source: http://searchwinit.techtarget.com/tip/0,289483,sid1_gci891162,00.html

How to Use Dynamic DNS in Windows 2000 Professional

Windows 2000 Professional has a feature called Dynamic DNS (DDNS) that enables host records to be updated automatically in a Windows 2000 DNS server when the client address changes. This enables host records to remain accurate even when clients receive their address assignments through DHCP, for example.

A Windows 2000 Professional client can request an update to its host (A) record in the DNS server when its IP address or host name changes. A Windows 2000 DHCP server can also request an update to the associated pointer (PTR) record on behalf of its DHCP clients.

To configure a client for DDNS, follow these steps:

1. Open the Properties sheet for the network connection through the Network And Dial-Up Connections folder.
2. Double-click TCP/IP.
3. Go to Advanced | DNS.
4. Select the Register This Connection’s Addresses In DNS option to enable DDNS for the client.
   
5. Note: The Use This Connection’s DNS Suffix In DNS Registration option, if selected, registers the client using the first part of the computer name specified in the System properties along with the DNS suffix specified by the DNS Suffix For This Connection option.

Source: blogs.techrepublic.com.com

DNS server Trojan Flush.M spotted in the pipe

Flush.M 2.0 sets the DHCP lease time to just one hour and does not specify a DNS Domain Name, does not contain PAD options after the END option, and does set the BootP Broadcast Bit. BootP is typically used for configuring diskless workstations or for rolling out PC installations across a large network. SANS recommends monitoring network traffic for signs that systems are attempting to connect to any unapproved DNS server other than the one approved by the local DHCP server.

Security experts warned this week that they have seen a new variant of the DNS-changing Trojan.Flush.M malware that resembles a cyberattack from December.

The earlier version, which attempted to install a rogue DHCP server, allows cybercriminals to monitor traffic from the infected IP addresses in an organization network and direct other machines to visit malicious websites, security experts said.

The new variant is more sophisticated and hides the fake DHCP more effectively than the previous version did, experts said.

Cyberattacks, such as DNS-changing malware exploits, grew considerably in 2008. Security experts are warning that 2009 will be a year of constantly growing and changing cyberthreats, which has the potential to breach network security.

The new Trojan poses a measured risk to network security as its capable of affecting traffic flowing to and from systems that are themselves immune to the exploit Flush.M leverages

Source: mxlogic & arstechnica.com

Microsoft Discovered Domain Name System CVE-2009-0233 & CVE-2009-0234

Recently, Microsoft Corp. discovered two new Domain Name System cache poisoning threats, CVE-2009-0233 and CVE-2009-0234.

According to Check Point, IPS products are updated by Check Point’s update services, providing continuous and real time protection against DNS attacks for companies. The solutions are available on dedicated platforms or integrated into Check Point gateways.

With the help of a suite of DNS cache poisoning protections, Check Point IPS solutions preemptively protect against the two new threats. These preemptive protections have the ability to detect specific attempts to exploit the newly announced vulnerabilities.

“At the heart of the Internet are DNS servers. We trust DNS servers to direct our entered URLs to the intended Websites, so any vulnerability affecting the integrity of DNS servers is of great concern,” said Oded Gonda, vice president of network security products at Check Point. “In less than a year there have been three major DNS exploits and more are likely to follow.”

The vulnerabilities in the Microsoft DNS servers attack the way it handles caching of queries and responses. An attacker tricks a DNS server into making unnecessary lookups, by flooding a DNS server, or large servers that convert domain names into numeric IP addresses with specially crafted queries. With these unnecessary lookups, an attacker will have more chances of inserting incorrect responses into the DNS server’s cache.

Source: sip-trunking.tmcnet.com

Authorize a Windows 2000 DHCP server

Suppose someone sets up another DHCP server with different IP addresses. As you recall, clients will select the server that responds first. If some unauthorized (”rogue”) server is chosen, clients will get incorrect IP addresses and other TCP/IP configuration data and will be unable to communicate with other computers on the network.

To prevent such rogue DHCP servers from leasing wrong configuration data on the network, Windows 2000 Server requires the authorization of all Windows 2000 DHCP servers. When a Windows 2000 DHCP server starts, it queries the Active Directory. If it finds out that it’s not authorized, it will not start the DHCP service. If it is authorized, it will start the DHCP service and provide TCP/IP configuration to clients.

To authorize a Windows 2000 DHCP server you have to be a member of the Enterprise Admins group. Here’s how to give yourself permissions:

1. Open the DHCP console.
2. Right-click on DHCP.
3. Select Manage Authorized Server.
4. Click on Authorize and type the name or IP address of the DHCP server you want to authorize.

Source:http://blogs.techrepublic.com.com/datacenter/?p=185

DCHP Relay Agent settings in Windows 2000 Server

After you install and configure DHCP Relay Agent on your Windows 2000 Server, you might also want to optimize it for your network environment.

First you need to find the listing of available DHCP server. Right-click DHCP Relay Agent in the console and select Properties. This list contains all DHCP servers that will receive DHCP packets from the DHCP Relay Agent.

Other settings are located on the Properties window of each interface. Right-click the interface under DHCP Relay Agent in the console and select Properties. The window displaying the interface’s properties will be displayed, where you’ll be able to configure three options.

The first is the Relay DHCP Traffic setting. This setting basically allows you to enable or disable the DHCP Relay Agent on a given interface.

Next is the Hop-Count Threshold setting, which will let you specify the maximum number of DHCP Relay Agents between this Relay Agent and the DHCP server.

The last setting you can configure is the Boot Threshold (Seconds) setting. Here you can specify how long DHCP Relay Agent will wait before forwarding the DHCP messages to the DCHP server.

Related Post:

How to Install the DHCP Relay Agent in Windows 2000 Server?
How To Install and Configure a DHCP Server in a Workgroup in Windows Server 2003

Source: http://blogs.techrepublic.com.com/datacenter/?p=189&tag=rbxccnbtr1

Windows 2000 Server DHCP options

A client uses a local broadcast address when it first tries to contact a Windows 2000 Server DHCP server, since this is the only way to get in touch with a DHCP server without having an IP address. Problems can develop, however, when you have multiple network segments separated by routers.

Routers typically don’t pass DHCP traffic. If you have such routers and don’t have a DHCP server on every segment, your DHCP clients will get the TCP/IP configuration from any DHCP server.

To prevent this from happening, you can choose from three options. The first is to install a DHCP server on every network segment. This requires a DCHP machine and additional configuration on the server. If you have several network segments, this option doesn’t make sense. A second solution is to enable BOOTP/DHCP message traffic on your RFC 1542-compliant routers.

If you don’t have such routers or a DHCP serveron every network segment, your only option is to install DHCP Relay Agent on every network segment. DHCP Relay Agent will listen for DHCP traffic on the local network and forward these packets to a real DHCP server on another network segment.

Source:http://blogs.techrepublic.com.com/datacenter/?p=186&tag=rbxccnbtr1

How to Install the DHCP Relay Agent in Windows 2000 Server?

The DHCP Relay Agent is a special service running on Windows 2000 Server that listens to the DHCP traffic on a local network. When it hears something, it waits for a configured amount of time. This configured time allows DHCP servers from the local network to answer a client discover packet.

If no DHCP server answers, the DHCP Relay Agent will forward the DHCP traffic to a configured DHCP server on some other network segment. When a DHCP server answers the query, the query is then sent to the DHCP Relay Agent, which then forwards the packets to the local network where the client resides.

You can configure your Windows 2000 Server as a DHCP Relay Agent from the Routing And Remote Access Service console.

In this console:

Open IP Routing, right-click General, and select New Routing Protocol. Select DHCP Relay Agent and click OK. This will install the agent.

From: http://blogs.techrepublic.com.com/datacenter/?p=187&tag=rbxccnbtr1

Steps for Installing DHCP Server

The DHCP Server service is an optional Windows Component, so you can install it using the Add or Remove Programs applet in the Control Panel. There are no configuration options when you install the DHCP Server, so installation is a breeze. After you've installed the service, you'll need to authorize the server, if you have an Active Directory environment.

Using a graphical user interface

1. From the Control Panel, open the Add or Remove Programs applet.
2. Click Add/Remove Windows Components.
3. Double-click Network Services.
4. Check the box beside Dynamic Host Configuration Protocol (DHCP).
5. Click OK.
6. Click Next.
7. Click Finish.

Using a command-line interface

First, create a file using a text editor such as Notepad with the following contents:

[netoptionalcomponents]
dhcpserver=1

Next, use the sysocmgr.exe utility with the following parameters (assuming the file you just created is named c:\dhcp_install.txt):

> sysocmgr /i:%windir%\inf\sysoc.inf /u:c:\dhcp_install.txt

If the server you installed DHCP on is multihomed (i.e., has multiple active network adapters), you'll want to make sure the correct network adapters are enabled for use by the DHCP Server. You can enable or disable adapters for use by DHCP Server by doing the following:

1. Open the DHCP snap-in.
2. In the left pane, click on the server node.
3. From the menu, select Action > Properties.
4. Select the Advanced tab.
5. Click the Bindings button.
6. Make sure the interfaces where the DHCP Server should respond are checked.
7. Click OK until all dialog boxes are closed.

Source: http://www.xiitec.com/blog/?p=157

How To Install and Configure a DHCP Server in a Workgroup in Windows Server 2003

How to Install the DHCP Service

Before you can configure the DHCP service, you must install it on the server. DHCP is not installed by default during a typical installation of Windows Standard Server 2003 or Windows Enterprise Server 2003. You can install DHCP either during the initial installation of Windows Server 2003 or after the initial installation is completed.

How to Install the DHCP Service on an Existing Server

1. Click Start, point to Control Panel, and then click Add or Remove Programs.
2. In the Add or Remove Programs dialog box, click Add/Remove Windows Components.
3. In the Windows Components Wizard, click Networking Services in the Components list, and then click Details.
4. In the Networking Services dialog box, click to select the Dynamic Host Configuration Protocol (DHCP) check box, and then click OK.
5. In the Windows Components Wizard, click Next to start Setup. Insert the Windows Server 2003 CD-ROM into the computer's CD-ROM or DVD-ROM drive if you are prompted to do so. Setup copies the DHCP server and tool files to your computer.
6. When Setup is completed, click Finish.

How to Configure the DHCP Service

After you have installed the DHCP service and started it, you must create a scope, which is a range of valid IP addresses that are available for lease to the DHCP client computers on the network. Microsoft recommends that each DHCP server in your environment have at least one scope that does not overlap with any other DHCP server scope in your environment. In Windows Server 2003, DHCP servers in an Active Directory-based domain must be authorized to prevent rogue DHCP servers from coming online. Any Windows Server 2003 DHCP Server that determines itself to be unauthorized will not manage clients.

How to Create a New Scope

1. Click Start, point to Programs, point to Administrative Tools, and then click DHCP.
2. In the console tree, right-click the DHCP server on which you want to create the new DHCP scope, and then click New Scope.
3. In the New Scope Wizard, click Next, and then type a name and description for the scope. This can be any name that you want, but it should be descriptive enough so that you can identify the purpose of the scope on your network (for example, you can use a name such as "Administration Building Client Addresses"). Click Next.
4. Type the range of addresses that can be leased as part of this scope (for example, use a range of IP addresses from a starting IP address of 192.168.100.1 to an ending address of 192.168.100.100). Because these addresses are given to clients, they must all be valid addresses for your network and not currently in use. If you want to use a different subnet mask, type the new subnet mask. Click Next.
5. Type any IP addresses that you want to exclude from the range that you entered. This includes any addresses in the range described in step 4 that may have already been statically assigned to various computers in your organization. Typically, domain controllers, Web servers, DHCP servers, Domain Name System (DNS) servers, and other servers, have statically assigned IP addresses. Click Next.
6. Type the number of days, hours, and minutes before an IP address lease from this scope expires. This determines how long a client can hold a leased address without renewing it. Click Next, and then click Yes, I want to configure these options now to extend the wizard to include settings for the most common DHCP options. Click Next.
7. Type the IP address for the default gateway that should be used by clients that obtain an IP address from this scope. Click Add to add the default gateway address in the list, and then click Next.
8. If you are using DNS servers on your network, type your organization's domain name in the Parent domain box. Type the name of your DNS server, and then click Resolve to make sure that your DHCP server can contact the DNS server and determine its address. Click Add to include that server in the list of DNS servers that are assigned to the DHCP clients. Click Next, and then follow the same steps if you are using a Windows Internet Naming Service (WINS) server, by adding its name and IP address. Click Next.
9. Click Yes, I want to activate this scope now to activate the scope and allow clients to obtain leases from it, and then click Next.
10. Click Finish.
11. In the console tree, click the server name, and then click Authorize on the Action menu.

Troubleshooting

The following sections explain how to troubleshoot some of the issues that you may experience when you try to install and configure a Windows Server 2003-based DHCP server in a workgroup.
Clients Cannot Obtain an IP Address
If a DHCP client does not have a configured IP address, this typically indicates that the client was not able to contact a DHCP server. This can be caused by a network problem, or because the DHCP server is unavailable. If the DHCP server started and other clients can obtain valid addresses, verify that the client has a valid network connection and that all the related client hardware devices (including cables and network adapters) are working properly.

The DHCP Server Is Unavailable

If a DHCP server does not provide leased addresses to clients, it is frequently because the DHCP service did not start. If this is the case, the server may not be authorized to operate on the network. If you were previously able to start the DHCP service, but it has since stopped, use Event Viewer to check the System log for any entries that may explain why you cannot start the DHCP service.

To restart the DHCP service:

1. Click Start, and then click Run.
2. Type cmd, and then press ENTER.
3. Type net start dhcpserver, and then press ENTER.

-or-

1. Click Start, point to Control Panel, point to Administrative Tools, and then click Computer Management.
2. Expand Services and Applications, and then click Services.
3. Locate and then double-click DHCP Server.
4. Verify that Startup is set to Automatic and that Service Status is set to Started. If not, click Start.
5. Click OK, and then close the Computer Management window.

Source: http://support.microsoft.com/kb/323416

Procedure to Start/Stop An Iterative DNS Server

The following procedure explains how to Start/Stop An Iterative DNS Server. Procedure - Start/Stop An Iterative DNS Server

1. Click on the System Services menu if it is not already expanded.
2. Click on the DNS Server submenu if it is not already expanded.
3. Click on the Overview item.
4. You should now be looking at the DNS Management controls in the main content area.
5. Locate the Active DNS Services (Iterative) section.
6. Click the checkbox next to the IP you want to update.
7. Select Start or Stop from the dropdown menu below the IP list depending on what you want to do.
8. The page will reload and You will see the following message at the top of the screen: » Settings updated successfully.

Procedure - Flush An Iterative DNS Server

1. Click on the System Services menu if it is not already expanded.
2. Click on the DNS Server submenu if it is not already expanded.
3. Click on the Overview item.
4. You should now be looking at the DNS Management controls in the main content area.
5. Locate the Active DNS Services (Iterative) section.
6. Click the checkbox next to the IP you want to update.
7. Select Flush from the dropdown menu below the IP list.
8. The page will reload and You will see the following message at the top of the screen: » Settings updated successfully.

Procedure - Remove An Iterative DNS Server From an IP Address

1. Click on the System Services menu if it is not already expanded.
2. Click on the DNS Server submenu if it is not already expanded.
3. Click on the Overview item.
4. You should now be looking at the DNS Management controls in the main content area.
5. Locate the Active DNS Services (Iterative) section.
6. Click the checkbox next to the IP you want to update.
7. Select Remove from the dropdown menu below the IP list.
8. The page will reload and You will see the following message at the top of the screen: » Settings updated successfully.

Procedure - Restart An Iterative DNS Server From an IP Address

1. Click on the System Services menu if it is not already expanded.
2. Click on the DNS Server submenu if it is not already expanded.
3. Click on the Overview item.
4. You should now be looking at the DNS Management controls in the main content area.
5. Locate the Active DNS Services (Iterative) section.
6. Click the checkbox next to the IP you want to update.
7. Select Restart from the dropdown menu below the IP list.
8. The page will reload and You will see the following message at the top of the screen: » Settings updated successfully.

Procedure - Install An Iterative DNS Server on an IP Address

1. Click on the System Services menu if it is not already expanded.
2. Click on the DNS Server submenu if it is not already expanded.
3. Click on the Overview item.
4. You should now be looking at the DNS Management controls in the main content area.
5. Locate the IP Addresses Without DNS Services section.
6. Click the checkbox next to the IP you want to update.
7. Select restart from the dropdown menu below the IP list.
8. The page will reload and You will see the following message at the top of the screen: » Settings updated successfully.

Source: http://www.interworx.com/support/docs/iworx-cp/sysadmin/system-services/dns/howto-iterative-server

iYogi Awarded Red Herring Top 100 Global Company

Recognizing the first, global, direct to consumers and small business technical support service from India

New York, January 21st, 2009 - iYogi (www.iyogi.net), today announced that it has been awarded as one of the Red Herring Top 100 Companies. Red Herring Top 100 Global Companies are chosen from winners and finalists of the previous Red Herring Top 100 Companies from North America, Europe and Asia Red Herring Top 100 Companies. Winning and finalist companies from the previous three years are were eligible for this outstanding award. Out of 1,800 successful and highly eligible companies, the Red Herring editorial team deployed a detailed process to drill-down the best companies first to 200 finalists, then to the top 100 winners of this global award. Evaluations were made on both quantitative and qualitative criteria, such as financial performance, innovation, management, global strategy, and ecosystem integration. The announcement of the winners was made at the Red Herring 100 Global, which took place in San Diego from January 14-16, 2009. Present among the finalists were elite executives and venture capital leaders from around the world.

"We were so pleased to announce iYogi as a Red Herring Top 100 Global Company," commented Red Herring publisher Alex Vieux."

"iYogi has proven to be a company excelling in their industry and its ripples have turned into waves. It was difficult for us to narrow down, but we are pleased to have included iYogi in our list of promising companies. We look forward to the changes it makes to its industry in the future".

"iYogi set out to introduce a new kind of service that would change the way technical support is delivered to consumers and small businesses. We are proud to be recognized by Red Herring's editorial team for our innovation and dedication to solve everyday problems faced by millions of consumers who are challenged by the increasingly complex computing environment," commented Uday Challu, CEO, iyogi.
iYogi delivers technical support services directly to consumers and small businesses and is the first, global, technical support brand based out of India. The company offers its customers an unlimited, annual service subscription for $139.99 per desktop that includes support for a wide range of technologies, including PC hardware Microsoft Windows Operating System, software applications, peripherals and multifunctional devices. iYogi recently launched Support Dock, a comprehensive desktop application suite with PC recovery, data backup, anti-virus and spyware removal , PC optimization, and home networking tools. Small businesses are serviced by iYogi's dedicated services group offering managed IT services enabling owners to increase productivity and maximize their return on investment.

About Red Herring

Red Herring is a global media company, which unites the world's best high technology innovators, venture investors and business decision makers in a variety of forums: a leading innovation magazine, an online daily technology news service, technology newsletters and major events for technology leaders around the globe. Red Herring provides an insider's access to the global innovation economy, featuring unparalleled insights on the emerging technologies driving the economy. More information about Red Herring is available on the Internet at www.redherring.com.

About iYogi

iYogi delivers live, comprehensive, 24/7 technical support services directly to consumers and small businesses and is the first, global, technical support brand based out of India. Providing an annual unlimited subscription to technical support, iYogi now boasts of more than 50,000 customers. The company employs 600 professionals servicing customers in the U.S., U.K., Canada, Australia and fast expanding to 12 new geographies across the globe. iYogi's resolution rate of 86 percent and customer satisfaction rate of 95 percent are amongst the highest published benchmarks in the industry. For further information, please visit - www.iyogi.net.


iYogi Contact:

Vishal Dhar
iYogi, Inc.
Phone: 212-229-0901
Email: vishal@iyogi.net

Red Herring Contact:

Anam Alpenia
Red Herring, Inc.
Phone: 650-428-2900
Email: aalpenia@redherring.com Yvonne Caprini
Logistics Manager
Red Herring, Inc.
Phone: 1 650 428 2900 x 410
Email: ycaprini@redherring.com

How to install & Configure DHCP Server in Windows 2000

Installing the DHCP Service

You can install DHCP either during or after the initial installation of Windows 2000 Server or Advanced Server, although there must be a working DNS in the environment. To validate your DNS server, click Start, click Run, type cmd, press ENTER, type ping friendly name of an existing DNS server in your environment, and then press ENTER. An unsuccessful reply generates an "Unknown Host My DNS server name" message.

To install the DHCP Service on an existing Windows 2000 Server:

1. Click Start, click Settings, and then click Control Panel.
2. Double-click Add/Remove Programs, and then click Add/Remove Windows Components.
3. In the Windows Component Wizard, click Networking Services in the Components box, and then click Details.
4. Click to select the Dynamic Host Configuration Protocol (DHCP) check box if it is not already selected, and then click OK.
5. In the Windows Components Wizard, click Next to start Windows 2000 Setup. Insert the Windows 2000 Advanced Server CD-ROM into the CD-ROM drive if you are prompted to do so. Setup copies the DHCP server and tool files to your computer.
6. When Setup is complete, click Finish.

Configuring the DHCP Service

After you install and start the DHCP service, you must create a scope. Each DHCP server in your environment should have at least one scope that does not overlap with any other DHCP server scope in your environment. In Windows 2000, DHCP servers within an Active Directory domain environment must be authorized to prevent rogue DHCP servers from coming online and authorizing a DHCP Server.

When you install and configure the DHCP service on a domain controller, the server is typically authorized the first time that you add the server to the DHCP console. However, when you install and configure the DHCP service on a member server, you need to authorize the DHCP server.

Note A stand-alone DHCP server cannot be authorized against an existing Windows Active Directory.

To authorize a DHCP server:

1. Click Start, click Programs, click Administrative Tools, and then click DHCP.
   
2. In the console tree of the DHCP snap-in, select the new DHCP server. If there is a red arrow in the bottom-right corner of the server object, the server has not yet been authorized.
3. Right-click the server, and then click Authorize.
4. After a few moments, right-click the server again and then click Refresh. The server should display a green arrow in the bottom-right corner to indicate that the server has been authorized.

To create a new scope:

1. Click Start, click Programs, point to Administrative Tools, and then click DHCP.
2. Right-click the server, and then click New Scope. In the New Scope Wizard, click Next, and then type a name and description for the scope. This can be any name that you choose, but it should be descriptive enough to identify the purpose of the scope on your network. For example, you might use Administration Building Client Addresses.
3. Type the range of addresses that can be leased as part of this scope, for example, a starting IP address of 192.168.100.1 to an ending address of 192.168.100.100. Because these addresses are given to clients, they should all be valid addresses for your network and not currently in use. If you want to use a different subnet mask, type the new subnet mask. Click Next.
4. Type any IP addresses that you want to exclude from the range you entered. This includes any addresses that may have already been statically assigned to various computers in your organization. Click Next.
5. Type the number of days, hours, and minutes before an IP address lease from this scope expires. This determines the length of time that a client can hold a leased address without renewing it. Click Next to select Yes, I want to configure these options now, and then extend the wizard to include settings for the most common DHCP options. Click Next.
6. Type the IP address for the default gateway that should be used by clients that obtain an IP address from this scope. Click Add to place the default gateway address into the list, and then click Next.
7. Click Yes, I want to activate this scope now, to activate the scope and allow clients to obtain leases from it, and then click Next. Click Finish.

Source: http://support.microsoft.com/kb/300429

Configuration of ISA Firewall to Support Dynamic DNS Services

Dynamic DNS (DDNS) services enable users with dynamic IP addresses to register domain names users on the Internet can use to reach published resources. These DDNS services are a tremendous boon to small and home business users who would like to take the reins and run their own Internet accessible services. Examples of services you can make available over the Internet include:

Examples of services you can make available over the Internet include:

• Exchange Outlook Web Access (OWA)
• Exchange Outlook Mobile Access (OMA)
• Exchange ActiveSync (EAS)
• SMTP servers
• POP3 servers
• IMAP4 servers
• Web servers
• FTP servers
• NNTP (news) servers
• VPN servers
• And lots more!

DDNS services solve the problem of being able to reach servers on your network from the Internet when your public IP address changes. For example, you might want to use the ISA firewall’s fantastic secure Exchange RPC publishing feature so that you can use the native Outlook MAPI client without incurring the overhead of upgrading to Exchange 2003 and Outlook 2003 just to get RPC over HTTP. The ISA firewall’s advanced RPC filter insures that you can connect securely over the Internet using the native Outlook client, regardless of what version of Outlook you might be using.

The secure Exchange RPC filter allows you to connect to any version of Exchange from any version of Outlook. I use it every time I’m on the road from airports and hotel broadband networks and I can assure you, once you deploy it, you’ll wonder how you ever lived without it. The secure Exchange RPC publishing feature is one of the ISA firewall’s features that confirms the ISA firewall stands head and shoulder’s above any other firewall when it comes to providing secure remote access to Exchange Server services. In fact, you do yourself and your organization a disservice if you allow remote access to Exchange without an ISA firewall in front of it.

The challenge for small and home business users is that when their IP address changes, they have no simple mechanism for determining what the new IP address is and subsequently they’re not able to connect to resources on their network.

For example, suppose you’re about to go on a trip and want to connect to the Exchange Server on your home office network. You create OWA and secure Exchange RPC publishing rules so you can reach the Exchange Server from your hotel and airport. You note down the IP address you currently have and configure Outlook to use that address and also to use it for OWA.

TZO is a DDNS service I’ve been using since the late 1990s and I consider one of the best, if not the best, DDNS provider available. We’ve had zero downtime with TZO and registering new domains with them is quite easy. For more information about their service, check out www.tzo.com

Source:http://www.isaserver.org/tutorials/2004TZO.html

Infoblox Loads DNS Services onto Cisco Routers

Enterprise IT executives looking to cut costs and consolidate infrastructure might be interested in news jointly announced Monday by Infoblox and Cisco, as the vendors team to offer Infoblox DNS, DHCP and other core network services via blades designed to slide into Cisco's integrated services routers.

The technology partnership will enable network managers to put DNS, DHCP, IP address management and other core network services on blades in Cisco routers deployed at branch office locations, eliminating the need for a separate server to maintain those services. The product, developed under Cisco's Application eXtension Platform (AXP), enables customers to push network services closer to the edge and consolidate infrastructure in remote offices. Industry watchers say the partnership reflects a trend among enterprise companies to reduce infrastructure while maintaining services.

"Remember the 'Trapper Keeper?' That's what Cisco's routers are becoming for enterprise branch office: a single place to keep all critical network applications and services," says Phil Hochmuth, senior analyst at Yankee Group. "This is being enabled largely by the AXP, which allows organizations to cram as many services -- even ones beyond Cisco's own scope, such as Infoblox IP address management - onto a single platform."

According to Infoblox, enterprise companies can spend between $600 and $1,500 managing a server per branch office per month. Removing the need for a server at the branch to support core network services not only reduces that cost, but also ensures the branch will continue to have DNS, DHCP, NTP, FTTP, HTTP, TFTP and syslog proxy capabilities at the remote location - even if a connection to the data center is lost. Infoblox vNIOS Virtual Appliance software installs on a blade in Cisco's widely deployed ISR router line -- reportedly 4 million are installed today -- which Infoblox Vice President of Marketing Rick Kagan says will reinforce the vendor's message that DNS services can't be ignored even in a difficult economy.

Cisco and Infoblox also plan to showcase the joint solution at several upcoming industry events, including at a live virtual meeting this week and at Cisco Networkers later this month in Barcelona, Spain.

Source:http://www.networkworld.com/news/2009/011209-infoblox-dns.html

DNS Client Behavior in Windows Vista and Server 2008

Microsoft developers have changed the functionality of many of Windows' components. DNS is one of them. A DNS client component running on a Vista computer behaves differently than it did in previous versions of Windows.

This tip explains the behavior of the DNS client component in Windows Vista for DNS queries and registrations.

Windows Vista will need to perform two types of DNS queries: A and AAAA. The A is for IPV4 and AAAA is for IPV6. It could be that one of the endpoints or IP Addresses the DNS Server supplied is not reachable and the client retries at DNS server. This will put the load on the DNS server when multiple clients send DNS queries.

The following changes have been made to the DNS client component to minimize the impact on the DNS server:

• If the client computer has only link-local or Teredo IPV6 addresses assigned, then the DNS Client will send only a single query for its A records.
• If the client computer has at least one IPV6 address, and this is not the Teredo address, the DNS client service sends DNS query for A records and a separate query for AAAA records. If the A record query times out or returns with a negative response, the corresponding AAAA query is not re-sent.
• Windows Vista Client computers will always use IPV6 over IPV4 (e.g., AAAA Over A queries).

DNS Registration Behavior in Windows Vista and Windows Server 2008:-

The DNS Client Service in both operating systems uses DNS Dynamic update and registers the following records:

1. A records for all IPV4 addresses assigned to the interfaces configured with a DNS Server address.
2. PTR records for IPV4 addresses assigned to the interfaces.
3. AAAA records for all IPV6 addresses assigned to the interfaces configured with the DNS Server address.

Source: http://www.serverwatch.com/tutorials/article.php/3781556