-dhcp - dynamic host config prot, is a system of centralized n/w config mgmt.
-in dhcp, a central server is dedicated to distribute ip addr, setup default route, connect client to dns server, etc..
-the ip addr distribution is a 'lease' to the clients.
-dhcp simplifies n/w config mgmt by centralizing the config for clients. clients refresh their info at boot time.
-dhcp is opensource from ISC (Internet Systems Consortium, isc.org).
-dhcp version 4 (latest) supports ipv6.
-dhcp is a successor and superset to bootp, a protocol originally designed for diskless Unix clients.
-dhcp server daemon is called dhcpd and client daemon is dhclient.
-dhcpd config file is /etc/dhcpd.conf.
-routing = ip forwarding.
-if routing is enabled on a linux system:
. it receives pkts, matches them to a gateway and retransmits them.
-unless there are multiple interfaces on a system, it is advisable to turn routing off.
-smurf attack is a type of denial of service attack using ping at the networks broadcast address.
-packet filter is another name for firewall.
-it is not recommended to have workstations act as packet filters.
-this is because, even with meticulous hardening, full fledged os are too complex to be trustworthy packet filters.
-dedicated n/w equipment are simpler and more reliable--even if they secretly run linux..
-vpn are logical networks of smaller networks that are connected via encrypted tunnels on the Internet.
-this is especially relevant in case the smaller networks are separated geographically.
-vpn can be implemented above or below ip layer.
-vpn below ip layer is ipsec based and is older.
-vpn above ip layer is ssl based and is newer. these are simpler than ipsec and more popular.
-both ipsec and ssl are standards from ietf.
-besides, there are variety of proprietary vpn implementations, but they cant talk with opensource vpns.
-ppp - mainly seen in dial-up or cellular networks.
-ppp is basically a virtual network of two hosts.
-/etc/hosts file can have ipv6 addresses as well.
-routing is performed by ip layer.
-/etc/resolv.conf holds nameserver info for dns.
-most of the n/w configuration happens at boot time.
-in dhcp, a central server is dedicated to distribute ip addr, setup default route, connect client to dns server, etc..
-the ip addr distribution is a 'lease' to the clients.
-dhcp simplifies n/w config mgmt by centralizing the config for clients. clients refresh their info at boot time.
-dhcp is opensource from ISC (Internet Systems Consortium, isc.org).
-dhcp version 4 (latest) supports ipv6.
-dhcp is a successor and superset to bootp, a protocol originally designed for diskless Unix clients.
-dhcp server daemon is called dhcpd and client daemon is dhclient.
-dhcpd config file is /etc/dhcpd.conf.
-routing = ip forwarding.
-if routing is enabled on a linux system:
. it receives pkts, matches them to a gateway and retransmits them.
-unless there are multiple interfaces on a system, it is advisable to turn routing off.
-smurf attack is a type of denial of service attack using ping at the networks broadcast address.
-packet filter is another name for firewall.
-it is not recommended to have workstations act as packet filters.
-this is because, even with meticulous hardening, full fledged os are too complex to be trustworthy packet filters.
-dedicated n/w equipment are simpler and more reliable--even if they secretly run linux..
-vpn are logical networks of smaller networks that are connected via encrypted tunnels on the Internet.
-this is especially relevant in case the smaller networks are separated geographically.
-vpn can be implemented above or below ip layer.
-vpn below ip layer is ipsec based and is older.
-vpn above ip layer is ssl based and is newer. these are simpler than ipsec and more popular.
-both ipsec and ssl are standards from ietf.
-besides, there are variety of proprietary vpn implementations, but they cant talk with opensource vpns.
-ppp - mainly seen in dial-up or cellular networks.
-ppp is basically a virtual network of two hosts.
-/etc/hosts file can have ipv6 addresses as well.
-routing is performed by ip layer.
-/etc/resolv.conf holds nameserver info for dns.
-most of the n/w configuration happens at boot time.
No comments:
Post a Comment