CONTENTS

Unit Contents Page No.

1 SETUP A CLIENT 1-18

2 SETUP A LAN 19-32

3 CONNECT A LAN TO THE INTERNET 33-45

4 SHARE AN INTERNET CONNECTION ACROSS A LAN 46-55

5 SHARE RESOURCES OVER A LAN 56-70

6 HOST A WEBSITE 71-87

7 SETUP SUPPORT SERVERS 88-117

 Information Security
Administration

UNIT - I
SETUP A CLIENT
NOTES

1.1 Introduction
1.2 Objective
1.3 Introduction to client-side devices
1.4 Setup
1.5 Manage and Secure a Desktop PC Setup
1.6 Manage and Secure a Mobile Device
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

1.1 INTRODUCTION

Today’s world adopts information technology and it has become necessity

for every person to be familiar with it. Computer is an electronic device which
is been designed to work with Information, which accepts data input, processes
the data input, and generates the output which is called as information. If you
have sensitive information stored in your desktop, then it is recommended to
invest more time and resources to protecting it. You should look after hardware
and software configuration, security plan and software license. The purpose of
this chapter is to understand business application of client side devices, security
policies of desktop PC and mobile devices.

1.2 OBJECTIVE

After going through this unit, you would be able to

• To study all client side devices.
• Understand desktop PC’s setup.
• To be aware about security policies of desktop PC and mobile devices. Setup a Client 1
 Information Security
Administration
1.3 INTRODUCTION TO CLIENT-SIDE DEVICES
NOTES
The term computer is derived from the Latin term ‘computare’, this means
to calculate or programmable machine. Computer is an electronic device that is
designed to work with Information. Computer cannot do anything without a
program. The first full-sized digital computer in history was developed in 1944
called the Mark I, this computer was used only for calculations and weighted
five tons. Despite its size and limited ability it was the first of many that would
start. Functions of digital computer are;
• Step 1 – Accept the data as input.
• Step 2 − Stores the data/instructions in its memory (storage devices) and
uses them as required.
• Step 3 − Processes the data and converts it into useful information.
• Step 4 − Generates the output.
• Step 5 − Controls all the above four steps.

Fig : Functions of digital computer

A computer is an electronic data processing device, which accepts and stores
data input, processes the data input, and generates the output in a required format.
Computer has some client side devices, which are categorized into two types.
1. Input devices
2. Output devices

Input devices
An input unit for a computer allows you to enter information. An input
device is any hardware device that sends data to a computer, allowing you to
interact with and control it. Keyboard and mouse are two essential input devices
for you to interact with your computer. Many other input devices exist for
entering other types of information, such as images, audios and videos.

1. Keyboard
Keyboard is the most common and very popular input device which helps
to input data to the computer. The layout of the keyboard is like that of traditional
2 Setup a Client
typewriter, although there are some additional keys provided for performing Information Security
additional functions. Administration

Keyboards are of two sizes 84 keys or 101/102 keys, but now keyboards
with 104 keys or 108 keys are also available for Windows and Internet. NOTES

Fig : Keyboard
The keys on the keyboard are as follows
• Typing Keys: Letter keys (A-Z) and digit keys (09) which generally give
the same layout as that of typewriters.
• Numeric Keypad: It consists of a set of 17 keys that are laid out in the
same configuration used by most adding machines and calculators.
• Function Keys: The twelve function keys are present on the keyboard
which is arranged in a row at the top of the keyboard. Each function key
has a unique meaning and is used for some specific purpose
• Control keys: These keys provide cursor and screen control. It includes
four directional arrow keys. Control keys also include Home, End, Insert,
Delete, Page Up, Page Down, Control(Ctrl), Alternate(Alt), Escape(Esc).
• Special Purpose Keys: Keyboard contains some special purpose keys
such as Enter, Shift, Caps Lock, Num Lock, Space bar, Tab, and Print
Screen.

2. Mouse
Mouse is a very famous cursor-control pointing device having a small palm
size box with a round ball at its base, which senses the movement of the mouse
and sends corresponding signals to the CPU when the mouse buttons are pressed.
Generally, it has two buttons called the left and the right button and a wheel is
present between the buttons. A mouse can be used to control the position of the
cursor on the screen, but it cannot be used to enter text into the computer.

Setup a Client 3
 Information Security
Administration

NOTES

Fig : Mouse

Functions of a mouse
Below is a list of each of the computer mouse functions that help a user use
their computer and gives you an idea of all of the things a mouse is capable of
doing.
1. Move cursor - The primary function is to move the mouse cursor on
the screen.
2. Open or execute a program - Once you've moved the cursor to an icon,
folder, or other object clicking or double clicking that object opens the
document or executes the program.
3. Select - A mouse also allows you to select text or a file or highlight
and select multiple files at once.
4. Drag-and-drop - Once something is selected it can also be moved using
the drag-and-drop method.
5. Hover - Moving the mouse cursor over objects with additional hover
information can help to discover the function of each object on the
screen. For example, hover the mouse over the hover link to see an
example.
6. Scroll - When working with a long document or viewing a long web
page you may need to scroll up or down which can be done using the
mouse wheel or clicking and dragging the scroll bar.
3. Joystick: Joystick is a pointing device, which is used to move the
cursor position on a monitor screen. It is a stick having a spherical ball
at its both lower and upper ends. The lower spherical ball moves in a
socket. The joystick can be moved in all four directions. The function
of the joystick is similar to that of a mouse. It is mainly used in
Computer Aided Designing (CAD) and playing computer games.

4 Setup a Client
 Information Security
Administration

NOTES

Fig : Joystick
4. Light Pen: Light pen is a pointing device similar to a pen. It is used to
select a displayed menu item or draw pictures on the monitor screen.
It consists of a photocell and an optical system placed in a small tube.
When the tip of a light pen is moved over the monitor screen and the
pen button is pressed, its photocell sensing element detects the screen
location and sends the corresponding signal to the CPU.

Fig : Light pen

5. Track Ball: Track ball is an input device that is mostly used in
notebook or laptop computer, instead of a mouse. This is a ball which
is half inserted and by moving fingers on the ball, the pointer can be
moved. A track ball requires less space than a mouse since whole
device is not moved. A track ball comes in various shapes like a ball,
a button, or a square.

Fig : Track ball

Setup a Client 5
 Information Security 6. Scanner: Scanner is an input device, which works more like a
Administration photocopy machine. It is used when some information is available on
paper and it is to be transferred to the hard disk of the computer for
further manipulation. There are a few different kinds of scanners. The
NOTES
most common types are: flatbed scanners, sheetfed scanners, photo
scanners, and portable scanners.
• Flatbed Scanners: Flatbed scanners look like miniature printers
with a flip-up cover protecting the glass platen. A flatbed scanner
can fit standard or legal-sized documents, and the flexible cover
allows you to scan large items such as books. These scanners are
great for scanning the newspaper article, book chapter,
photograph or bulky items such as the cover of a DVD. Flatbed
scanners are often built into multifunction printers (MFPs).

Fig : Flatbed scanner

• Sheetfed Scanners: Sheetfed scanners are smaller as compare
with flatbed scanners; as the name implies, you feed a document
or photo into the scanner's automatic document feeder, or ADF,
rather than place it on top of the platen one photo or document at
a time. With a flatbed scanner, you’ll have to scan one page at a
time however, in sheetfed scanner you can feed bunches of
documents with an automatic document feeder. Sheetfed scanners
are more expensive, depending on speed and features.

6 Setup a Client Fig : Sheetfed scanners

 • Photo Scanners: Scanning documents doesn’t require high Information Security
resolution or color depth; but photos require high resolution and Administration
color also. Photo scanners include specialized technology so that
they can deal with slides and negatives; and they scan at high NOTES
resolutions, compared to other types of scanners. It has built-in
software to clean up old photos. A photo scanner is a better and
very expensive as compare with other scanner.

Fig : Photo Scanners

• Portable Scanners: Portable scanners are small enough to bring
and to put in your pocket. Pen scanners are just a bit bigger than
fountain pens and can scan the text of a document line by line.
Page scanner is as wide as a page and roll easily down the page.
Portable scanners are not going to give high-resolution scans and
so aren’t good for scanning photographs or other applications
where you need a high-quality result.

Fig : Portable scanners

7. Voice recognition system: Voice recognition is a technique from which
specialized software and systems are created to identify and
authenticate the voice of an individual speaker. Voice recognition
evaluates the voice biometrics of an individual, such as the frequency
and flow of their voice and their natural accent. As voice recognition
improves, it is being implemented in more places. The basic principle
of voice recognition involves the fact that speech or words spoken by Setup a Client 7
 Information Security any human being cause vibrations in air, known as sound waves. These
Administration continuous or analog waves are digitized and processed and then
decoded to appropriate words and then appropriate sentences. Voice
NOTES recognition implies the process of recognizing human speech and
decoding it into text form.
A speech recognition system generally consists of
1. A speech capturing device: basically a microphone and a Analog
to Digital Converter, which samples and digitizes the analog
sound signals.
2. A Digital Signal Processor (DSP) module: which process the
digital signal to convert it from time domain to frequency
domain, it will retain the original information.
3. A Preprocessed signal storage system: a memory card to carry
out predefined speech patterns stored in the memory as reference
for matching.
4. A pattern matching algorithm: for comparing the incoming
speech signals with the reference speech pattern.

Voice recognition system used in

1. Automated phone systems - Today many companies today use
phone systems that help direct the caller to the correct
department. If you press number 2 for support and you say "2,"
you used voice recognition.
2. Google Voice - Google voice is a service that allows you to search
and ask questions on your computer, tablet, and phone.
3. Car Bluetooth - For cars with Bluetooth or Handsfree phone
pairing you can use voice recognition to make commands such
as "call my office" to make calls without taking your eyes off the
road.
8. Vision input system: Allow computer to accept input just by seeing an
object. Input data is normally an object’s shape and features in the form
of an image. Mainly used today in factories for designing industrial
robots that are used for quality-control and assembly processes
9. Touch screen: A touch screen is a display device that allows the user
to interact with a computer by using their finger. Touch screen is an
alternative to a mouse or keyboard for navigating a graphical user
interface (GUI). Touch screens are used on a variety of devices such
as computer, laptop, smart phones, tablets, ATM machine, and
information kiosks. Functions of touch screens are,
• Tap - A single touch or tap on the screen with a finger opens an
app or select an object. A tap is the same as clicking with a mouse.
8 Setup a Client
 • Double-tap - A double-tap can screen zooms in at the tap location. Information Security
Double-tapping in a text editor can be used to select a word or Administration
section of words.
• Touch and hold - Pressing and holding your finger to a touch NOTES
screen selects or highlights an object.
• Drag - If you press and hold your finger on an object, you can
move your finger to "pull" the object to a different location.

Output devices
The output coming from the CPU is in the form of binary signals which
needs conversion in human readable format which can be easily understood by
human beings. This function of conversion is performed by output units. Output
Units do not compute or process anything; those devices just display the results
in hard copy or soft copy.
1. Monitors: A monitor is an electronic visual display for computers. The
display device in modern monitors is typically a thin film transistor
liquid crystal display (TFT-LCD) thin panel, while older monitors used
a cathode ray tube (CRT) about as deep as the screen size. The Organic
light-emitting diode (OLED) monitors provide higher contrast and
better viewing angles than LCDs but they require more power when
displaying documents with white or bright backgrounds.
• Cathode Ray Tube (CRT): CRT monitor uses a Cathode Ray Tube
(CRT). CRT tube creates an image on the screen using a beam of
electrons. It consists of one or more guns that fire a beam of
electrons inside the screen. CRT in color monitors consists of
three guns which generate red, green and blue (RGB) colors and
other colors are generated with a combination of these three
colors. The screen is coated with very tiny Phosphor dots from
inside. The beam of electrons falls on the surface of screen.

Fig : CRT monitor

Setup a Client 9
 Information Security • Flat Panel Monitors: Flat Panel Monitors requires less space and
Administration are lightweight. These monitors use much less power than CRTs.
It does not emit harmful radiations. It is much expensive than
NOTES CRT. Notebook computers, PDA and cellular phones use flat
panel monitors. Flat panel monitors are available in different sizes
such as 15”, 17”, 18” & 19” etc. Flat panel display is made up of
two plates of glass. These plates contain a substance between
them.
• Liquid Crystal Display: Liquid crystal display screen contains a
substance called liquid crystal. The molecules of this substance
line up in such a way that the light behind the screens blocked or
allowed to create an image. LCDs provide a sharper picture than
CRTs and emit less radiation. LCD displays requires less power
and take up less space than CRT.
• Gas plasma Display: Gas plasma display uses gas plasma
technology. This technology uses a layer of gas between two glass
plates. The gas release ultraviolet light when voltage is applied.
The pixels on the screen glow due to this ultraviolet light and
form an image. Plasma display is available in the sizes of upto
150 inches wide. It provides richer colors than LCD monitors but
is more expensive. That is why, it is not commonly used. It
provides higher display quality. This type of monitor can hand
directly on a wall.
• Touch Screen Monitors: Touch screen monitors are used for input
as well as output. A touch screen is a special type of visual display
unit. It has a grid of light beams or fine wires on the screen. It
lets the user to interact with a computer by the touch of a finger
rather than typing on a keyboard or moving a mouse. The user
enters data by touching icons or menus identified on the screen.
• Most touch screen computers use sensors to detect touch of a
finger. Touch screen is well suited for simple applications like
ATM. It has also become common in department stores and
supermarkets.
2. Printers: Printers are Output devices used to prepare permanent output
on paper. Printers can be divided into two main categories
• Impact printers: In this hammers or pins strike against a ribbon
and paper to print the text. This mechanism is known as electro-
mechanical mechanism.
o Character Printer: It prints only one character at a time. It has
relatively slower speed. Eg. Of them is Dot matrix printers.
o Dot Matrix Printer: It prints characters as combination of dots.
Dot matrix printers are the most popular among serial printers.
10 Setup a Client
 These have a matrix of pins on the print head of the printer which Information Security
form the character. The computer memory sends one character at Administration
a time to be printed by the printer. There is a carbon between the
pins & the paper. The words get printed on the paper when the NOTES
pin strikes the carbon. There are generally 24 pins.
• Non-Impact Printers: There printers use non-Impact technology
such as ink-jet or laser technology. There printers provide better
quality of O/P at higher speed. These printers are of two types :
o Ink-Jet Printer: It prints characters by spraying patterns of ink on
the paper from a nozzle or jet. It prints from nozzles having very
fine holes, from which a specially made ink is pumped out to
create various letters and shapes. The ink comes out of the nozzle
in a form of vapors. After passing through a reflecting plate, it
forms the desired letter/shape at the desired place.
o Laser Printer: It is a type of printer that utilizes a laser beam to
produce an image on a drum. The light of the laser alters the
electrical charge on the drum wherever it hits. The drum is then
rolled through a reservoir of toner, which is picked up by the
charged portions of the drum. Finally, the toner is transferred to
the paper through a combination of heat and pressure.

1.4 SETUP

1. Essential components.
1. CPU (Central Processing Unit): This may be all you have if you
just purchased a tower. If that's the case, you will need to obtain
a monitor, mouse, and keyboard before you can use the computer.
The task of performing operations like arithmetic and logical
operations is called processing. The Central Processing Unit
(CPU) takes data and instructions from the storage unit and
makes all sorts of calculations based on the instructions given
and the type of data provided. It is then sent back to the storage
unit. CPU includes Arithmetic logic unit (ALU) and control unit
(CU).
• Arithmetic Logic Unit: It performs arithmetic functions like
addition, subtraction, multiplication, division and also logical
operations like greater than, less than and equal to etc.
• Control Unit: It takes care of step by step processing of all
operations inside the computer. Controlling of all operations like
input, processing and output are performed by control unit.

Setup a Client 11
 Information Security
Administration

NOTES

Fig : Block diagram of a computer

2. Monitor: A monitor is an electronic visual display for computers.
3. Mouse: Mouse is a pointing device , which senses the movement
and sends corresponding signals to the CPU when the mouse
buttons are pressed
4. Keyboard: Keyboard is the most common and very popular input
device which helps to input data to the computer.
5. Speakers: These are sometimes built into monitor, and are not
always included.
6. Printer: Printers are output devices used to prepare permanent
output on paper.

Fig: Essential components of computer

2. Computers ports: Computers have a combination of the ports shown,
and it is beneficial to familiarize yourself with them even if your
12 Setup a Client current computer does not have them all.
 Information Security
Administration

NOTES

Fig : Computer ports

• Serial port: Used for PDAs and serial devices.
• Parallel port: Used for printers and data.
• VGA port: Used to connect external monitor.
• S-Video: Used for video in/out.
• PS/2 port: Used to connect mouse and keyboard.
• Games port: Used to connect joysticks.
• Audio Sockets: Used to connect microphone, Stero in/out,
subwoofer etc.
• Ethernet/ RJ45: Used to connect internet.
• Modem/RJ14: Used to connect internet via phone line.
• USB: Used to connect USB devices.
3. Connect the monitor to the CPU. Plug the monitor into one of the
monitor ports on the back of the tower.
4. Plug in the mouse and keyboard. For new PC, you can connect mouse
and keyboards via USB. If you are setting up an exceptionally old PC,
you may need to connect the mouse and keyboard via the PS/2
connectors.
5. Connect any speakers. Plug your speakers into the back of the
computer using the color codes as guides. Ensure that all the channels
are placed on the correct sides, and that the speakers are plugged into
an outlet if necessary.
6. Turn on the computer. Press the Power button on the front of the
computer to turn it on. If your computer did not come with an
operating system preinstalled (this is rare), you will need to install it
yourself.

Setup a Client 13
 Information Security 7. Connect to a network: You can connect to your router or modem via
Administration Ethernet. If you want to connect via Ethernet, connect the Ethernet
cable to your computer and to your router or modem.
NOTES 8. Install your essential programs: Installing your essential programs will
help keep your computer running smoother.
• Antivirus - An antivirus helps protect your computer against
malware and other malicious software, and is essential if your
computer is connected to the internet.
• Favorite browser - There are a variety to choose from, including
Chrome, Firefox, and Opera.
• Word processor/productivity - Most people use their computers
as a home office, which includes installing a word processor and
possibly a spreadsheet program. Microsoft Office is designed to
integrate into Windows, and you may have a trial already
installed on your computer.

1.5 MANAGE AND SECURE A DESKTOP PC SETUP

Desktop PCs present a huge headache during its security. If you have
sensitive information stored in your desktop, then it is recommended to invest
more time and resources to protecting it. You should look after hardware and
software configuration, security, software licenses etc. following technologies
can make this job easier.
• Keep updates: Operating System as well as all software should be kept
up-to-date. Because the software that you run on your computer could
potentially have fault, hackers found this vulnerabilities and get access
to compromise the program run on your desktop or even your entire
computer.
• Keep away from fake update: Fake update might be used by hackers to
influence you to click a link or enter credentials to getting access of your
device.
• Enable a firewall: Firewall acts as a barrier between your computer and
outside world. It protects your computer from threats and stop to spread
malware into your devices. A firewall acts as a security door of our house;
it defense from strangers. The firewall will allow only trusted applications
and external devices.
• Adjust browser settings: Most browsers have options that adjust the
privacy and security. These can help lower the risk of malware infections
reaching your computer from network.

14 Setup a Client
 • Install antivirus and anti spyware software: Every machine connected to Information Security
the internet is open door for virus attacks. Spyware is a specific type of Administration
malware that is designed to secretly infect a computer. Antivirus software
can help to defense from virus, malware or Trojan attacks. NOTES
• Password protection: Hackers could try getting access of your actual
computer. A simple line of defense here is to have a strong computer
password to at least make it more difficult for them to crack and enter
into your device.
• Encrypt your data: Your computer have sentimental data like files,
database, photos and videos, if it fall into the wrong hands then you will
be in trouble. To protect such data, you should use encryption technique.
Encrypted data will require resources to decrypt it which is not easy to
get; this alone might be enough to prevent your data from hacker.
• Use a VPN: A Virtual Private Network is an outstanding way to boost
your security. While browsing online, it encrypts your internet traffic and
tunneled through an intermediary server in a separate location. VPN
replace your IP with different one, so that your Internet Service Provider
can no longer monitor your activity. Additionally, a VPN can browse
securely while using open wifi networks.

1.6 MANAGE AND SECURE A MOBILE DEVICE

In just recent years, employees are bringing their own devices to their
workplaces and connecting to secure corporate networks under “bring your own
device” (BYOD) policy. Every employee’s mobile service providers are different,
and their devices run varied operating systems. Employees enjoy the flexibility
with lower equipment costs. But BYOD comes with new problems of security,
connectivity, privacy and management.
To overcome with is security concern , today’s IT companies have been
using mobile device management (MDM) software to monitor, manage, and
secure employees' personal (mobile) devices that are being used in the workplace.
MDM have become essential in the modern workplace environment where
BYOD is allowed. Mobile devices face numerous security threats, including:
• Insecure or fraudulent wireless access points
• Email-based mobile phishing campaigns
• Malicious applications masquerading as legitimate applications
• Device and data theft
MDM and MTD technique provide security tools to make sure mobile
devices protection and protect the networks and applications that they access.
Setup a Client 15
 Information Security MDM (Mobile device management): MDM provides basic security
Administration management of the device that implements security policies. Just like:
• Update your equipment, applications, functions, and policies
NOTES
• Monitor your equipment as well as application performance
• Audit for regulatory compliance
• Encrypt your email and files
• Tracking activity and status of you devices.
• Creating separate and secured environments for mobile device use.
MTD (Mobile threat detection): MTD can identify suspicious device
behaviour and detect man-in-the-middle attacks over Wi-Fi. MTD is designed to
detect malware and harmful mobile applications as well as mobile phishing
attacks. Mobile threat detection solution just use for:
• Monitor a device’s configuration and system parameters and look for
suspicious activity.
• Check the integrity of Secure Sockets Layer (SSL) connections.
• Check deactivate suspicious connections
• Diagnose applications that leakage user data.
• Detect malicious apps through reputation scanning, code analysis, and
malware filtering

Mobile device management and security

Organizations can improve the security of their mobile devices by applying
these best practices
• Create a custom app store: When we download apps from public sites,
they may gain malware in addition to the app. Employers can eliminate
this threat by creating a custom app store with only “clean” apps that the
IT department examine, and by preventing downloads from other sites.
• Implement automated device management: Deploy MDM and MTD
solutions and keep work place information separate from personal
activities.
• Provide virtual private network: Limit exposure to public Wi-Fi networks
by installing VPN software on devices that need access to sensitive data.
• Increase employee awareness: Employee negligence is one of the vital
reasons of data breach, so employee awareness about mobile device
security is important.

Sum Up
Today, keeping data and devices safe from network hackers are big
16 Setup a Client challenge. A company has to constantly monitor what goes on inside their
offices, what comes in through their networks, and what is happening in the Information Security
outside world. The better they prepare, the more secure their data will be. MDM Administration
and MTD technique provide security tools protect mobile devices and the
networks that they access. NOTES
In this Unit, an attempt has been made to explain to you the client side
devices, how to manage and secure a desktop as well as how to manage and
secure mobile devices while working in BYOD policy. It is hoped that all my
students can understand the concept.

Questions
Q1. Describe types of client side devices.
Q2. What is mobile device security? Illustrate its needs.
Q3. Discuss the use of USB ports with an example.
Q4. Explain the setup of desktop PC.

MCQ’s
Q1. Employees are bringing their own devices to their workplaces is called
as ____policy
a. BTOD b. BOYD
c. BYOD d. BODY
Q2. IT companies have been using ____ software to monitor, manage, and
secure employees' personal devices.
a. Mobile device management
b. Mobile threat detection
c. Mobile data management
d. Mobile device detection

Q3. _____ can identify suspicious device behavior

a. Mobile device management
b. Mobile data management
c. Mobile threat detection
d. Mobile device detection

Q4. ____ encrypts your internet traffic and tunneled through an

intermediary server in a separate location.
a. Virtual Protected Network
b. Virtual Public Network
c. Virtual Peer Network
d. Virtual Private Network Setup a Client 17
 Information Security Q5. Fake update might be used by ____ to influence you to click a link or
Administration
enter credentials to getting access of your device
a. System analyst
NOTES b. hackers
c. System developer
d. All
Answer:
Q1.→c Q2.→a Q3.→c Q4.→d Q5.→b

Work Assignment
A1. Find out any one organization worked under BYOD policy. And Find,
a) What type of services that organization provides and access?
b) What are the advantages of BYOD policy for an organization?
c) Discuss importance of mobile device security within an
organization, and suggest that how organization can protect its
sensitive data.
Keywords
• ALU: Arithmetic Logic Unit
• ATM: Automated Trailer Machine
• BYOD: Bring Your Own Device
• CAD: Computer Aided Designing
• CPU: Central Processing Unit
• CRT: Cathode Ray Tube
• DSP: Digital Signal Processor
• MDM: Mobile Device Management
• MTD: Mobile Threat Detection
• OLED: Organic Light-Emitting Diode
• RGB: Red, Green and Blue
• SSL: Secure Sockets Layer
• TFT-LCD: Transistor- Liquid Crystal Display
• USB : Universal Serial Bus
• VPN: Virtual Private Network
References for further reading
https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
https://tutorialsha.com
https://wikieducator.org/User:Singhpreeti/DIFFERENCE_BETWEEN_INP
UT_AND_OUTPUT_DEVICE
*****
18 Setup a Client
 Information Security
Administration

UNIT - II
SETUP A LAN
NOTES

2.1 Introduction
2.2 Objective
2.3 Introduction to LAN devices
2.4 Simulate a LAN
2.5 Setup
2.6 Manage and Secure a Local Area Network
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

2.1 INTRODUCTION

Computer Network is a collection of distributed machines that are connected

with each other for the purpose of data sharing, communication and sharing of
computer resources like a printer, fax machine, an internet connection etc.
Computer network also referred as a data network which can transmit, receive
and exchange data, voice and video traffic. According to scope of network area
it can be categorized as PAN, LAN, MAN and WAN. The purpose of this chapter
is to understand Local Area Network setup step by step with an example.

2.2 OBJECTIVE

After going through this unit, you would be able to:

• To familiar with LAN devices.
• To study LAN setup.
• Understand LAN installation and it’s working.
Setup a LAN 19
 Information Security
Administration
2.3 INTRODUCTION TO LAN DEVICES
NOTES
Local area network is also called LAN and designed for small physical areas
such as an office, group of buildings or a factory. LANs are used widely because
it is easy to design and to troubleshoot. Personal computers and workstations are
connected to each other through LANs. We can use different types of topologies
through LAN, these are Star, Ring, Bus, Tree etc.
LAN can be a simple network like connecting two computers, to share files
and network among each other while it can also be as complex as interconnecting
an entire building. LAN networks are also widely used to share resources like
printers, shared hard-drive etc. Common LAN/WAN devices are repeaters, hubs,
bridges, switches, and routers.
1. Repeater –The job of repeater is to be redeveloping the signal over the
same network at the physical layer. It can extend the week signal
before it becomes too weak or corrupted. Remember that repeater can’t
amplify the signal instead of that it copies the weak signal bit by bit
and regenerate it at the original strength.

Fig : Repeater
2. Hub – A hub is a multiport repeater. It can connect multiple wires
coming from different branches, for example, the connector in star
topology which connects different stations. Hubs do not have
intelligence to find out best path to data packets, thus it sent data
packets to all connected devices which leads inefficiencies. There are
two types of hub
• Active Hub:- Active hub have their own power supply. It can
clean, amplify and transmit the signal and used to extend the
maximum distance between nodes.
• Passive Hub :- Passive hubs collect wiring from nodes and power
supply from active hub. These hubs transmit signals onto the
network without cleaning and amplifying. It can’t be used to
extend the distance between nodes.
20 Setup a LAN
 Information Security
Administration

NOTES

Fig : Hub
3. Bridge – A bridge is a 2 port data link layer device which has single
input and single output port. It is used to interconnect two LANs which
are working on same protocol. A bridge acts as a repeater; with add
on the functionality of filtering content by reading the MAC addresses
of source and destination.

Fig : Bridge
4. Switch – A switch is a data link layer multiport device. It can boost
efficiency and performance of network, because a large number of
ports imply less traffic. The switch can perform error checking before
forwarding data, so that it does not forward errors packets. Switches
do not allow wireless devices to connect; it can use for hardwired
LANs or to extend the number of ports available to the router.

Fig : Switch

Setup a LAN 21
 Information Security Characteristics of LAN
Administration
• LAN's are private networks, not subject to tariffs or other regulatory
controls.
NOTES
• There are different types of Media Access Control methods in a LAN,
the prominent ones are Ethernet, Token ring.
• It connects computers in a single building or campus in a restricted
geographical area.

Advantages of LAN
• Resource Sharing: Computer resources like printers, modems, DVD-
ROM drives and hard disks can be shared with the help of local area
networks. Thus LAN connected recourses can reduces cost and hardware
purchases.
• Software Applications sharing: Single server can share the software over
network instead of purchasing separate licensed software for each client
a network.
• Easy and Cheap Communication: Data and messages can easily be
transferred over networked computers.
• Centralized Data: The data of all network users can be saved on hard disk
of the server computer. This will help users to use any workstation in a
network to access same data stored on hard disk.
• Data Security: Data is stored on server computer centrally, it will be easy
to manage data at only one place and the data will be more secure too.
• Internet Sharing: Local Area Network provides the facility to share a
single internet connection among all the LAN users. i.e. In Net Cafes,
single internet connection sharing system keeps the internet expenses
cheaper.

Disadvantages of LAN
• High Setup Cost: the initial setup costs of installing Local Area Networks
is high.
• Privacy Violations: the LAN administrator has the rights to check the
personal data files of each and every LAN user. Moreover he can check
the internet history and computer use history of the LAN user.
• Data Security Threat: unauthorized users can access important data of an
organization if centralized data repository is not secured properly by the
LAN administrator.
• Covers Limited Area: Local Area Network covers a small area like one
office, one building or a group of nearby buildings.

22 Setup a LAN
 Information Security
Administration
2.4 SIMULATE A LAN
NOTES
Local area networks are smaller networks. LAN is used to connect resources
in limited area inside one building. The computing resources can be computers,
printers, servers, hub, bridge, switch or routers. Connections between the
workstations are physical, with cables, and all the office resources are shared and
distributed between the network workstations and each device has a unique IP
address. Computers are connected to a switch with Ethernet cables. As shown in
diagram below:
• Hub: Used to connect 3 PC (PC1,PC2,PC3)
• Switch: Used to create LAN 1 and LAN2.
• Bridge: Used to connect LAN 2 with LAN 3.
• Router: Used to connect LAN 1 and LAN 2 with internet.

Fig : LAN

2.5 SETUP

1. Identify how many devices will have to connect to the network. Each
device, server or workstation will require a unique address.
2. A wired LAN is always better and more secure than a wireless LAN.
Use standard Ethernet cables to connect servers, printers, IP phones
or work locations.
Setup a LAN 23
 Information Security 3. Select and purchase router or switch.
Administration
• A router is good to connect four or less computers in LAN. If you
wish to connect your network with internet, you'll need a router
NOTES that can broadcast a wireless network. A router will automatically
handle assigning IP addresses to each device on the network.
• For more than four computers, you will need to purchase a
switch. To extend the number of ports available on your router,
plug an Ethernet cable into any LAN port on the router and any
LAN port on the switch. Switches will not connect your network
with internet and it will not automatically assign IP addresses.
4. Installing Local Area Network on your device: Using following steps,
install LAN on each PC which is connected in LAN.
Step 1 and 2: Click on Start and Control Panel

Step 3: Click on Administrative Tools

24 Setup a LAN
Step 4: Click on Computer Management Information Security
Administration

NOTES

Step 5: Click on Device Manger, click on Network adapters, click

on Action menu and select Add legacy hardware as shown below.

Step 6: Click on Next, select Install the hardware that I manually

select from a list (Advanced) and again click on Next.

Setup a LAN 25
 Information Security Step 7: Click on Network adapters and again click on Next.
Administration

NOTES

Step 8: Select Microsoft, then select Microsoft Loopback Adapter

and finally click on Next.

26 Setup a LAN
 Finally: Click on Next, Next and Finish. It will install Microsoft Information Security
loopback adapter on you device. Administration

NOTES

5. Setting up one computer as a DHCP (Dynamic Host Configuration

Protocol) server:
DHCP server will allow all of the connected computers to easily obtain
IP addresses. Provide start IP address number (like 192.168.1.1) , that
means 1st PC assigned IP address 192.168.1.1, 2nd PC assigned IP
address 192.168.1.2, 20th PC assigned IP address 192.168.1.20

In the image, Start IP address is 192.168.1.80 and End IP address is

192.168.1.90, that means 1st PC assigned IP address 192.168.1.80,
2nd PC assigned IP address 192.168.1.81 and last PC assigned IP
address 192.168.1.90

Setup a LAN 27
 Information Security • Otherwise assign IP addresses to each device manually as given
Administration below in
Step 1: Click on start, Type run in text area and press enter key.
NOTES

Step 2: Type ncpa.cpl in text area and click on OK. It will open
network connections window.

Step 3: Right click on newly created Local Area Connection (For my

device, it is Local Area Connection 3) and then click on Properties.

28 Setup a LAN
 Step 4: Click on Internet Protocol Version 4 (TCP/IPv4), and then click Information Security
on Properties Administration

NOTES

Step 5: Select Use the following IP address option and type IP address,
subnet mask and default gateway as shown below for first device (PC),
and then click on OK

6. Test the LAN connectivity.

Setup a LAN 29
 Information Security
Administration
2.6 MANAGE AND SECURE A LOCAL AREA NETWORK
NOTES
Network security is a set of policy implemented to prevent
unauthorized access, modification, misuse of data and resources. Unsecured
network is vulnerable and helpless to malicious use or accidental damage.
Following are some major steps that would important for Local area network
security.
• Use Ethernet cables: To connect each computer to router or switch in
LAN use Ethernet cables less than 100 m, because transfer data not
reliably at lengths larger than 100m (328 ft).
• Acquire higher-quality routers: The basic routers are cheap ones having
low-level firewall. However, a high quality router comes with stronger
firewalls having intrusion detection or intrusion protection systems built
into them and also have an ability to handle more devices.
• Deactivate the unused ports on the router: There are often USB or
Ethernet ports on a router that are not in use, these ports are one more
entry point to destroy LAN security, turn them off if you can.
• Add MAC address filtering: MAC address filtering only allows those
devices that the organization is aware of to connect to the network. if a
hacker try to access the network, they wouldn’t be able to gain access
without having one of the identified MAC addresses.

Sum Up
Local area network is designed for small physical areas to connecting two
or more computers in network. LANs are used widely because it is easy to design
and to troubleshoot. LAN networks are also widely used to share resources like
printers, shared hard-drive etc. Through this unit, student can able to create a
LAN (Local Area Network) step by step, this allows connected computers and
devices to talk to each other.

Questions
Q1. What is Network? Describe local area network.
Q2. Describe LAN devices.
Q3. Discuss how to assign IP address manually.
Q4. What is the task of DHCP server?
Q5. Explain LAN security measures.

30 Setup a LAN
MCQ’s: Information Security
Administration
Q1. ____ is the interconnection between devices within a range of 10
meters.
NOTES
a. PAN b. LAN
c. WAN d. MAN

Q2. _____ copies the weak signal bit by bit and regenerate it at the
original strength.
a. Repeater b. Hub
c. Bridge d. Switch

Q3. A ______ is a 2 port data link layer device.

a. Hub b. Switch
c. Router d. Bridge

Q4. A _____ is a data link layer multiport device.

a. Repeater b. Switch
c. Bridge d. Router

Q5. _____server will allow all of the connected computers to easily obtain
IP addresses.
a. DHCP b. TCP
c. IP d. All
Answer:
Q1.→b Q2.→a Q3.→d Q4.→b Q5.→a

Work Assignment
A1. Create a LAN setup as shown in diagram.
a) Connect 4 personal computer, 1 printer and server with modem
through switch.
b) Assign IP address as shown in diagram like (1st PC- 192.168.1.1,
2nd PC- 192.168.1.2, 3rd PC- 192.168.1.3 and 4th PC-
192.168.1.4.
c) Install LAN and run the network.

Setup a LAN 31
 Information Security
Administration

NOTES

Fig : Required setup (Assignment 1)

Keywords
• DHCP: Dynamic Host Configuration Protocol
• IP : Internet Protocol
• LAN: Local Area Network
• MAC: media access control
• MAN: Metropolitan Area Network
• PAN: Personal Area Network
• WAN : Wide Area Network

References for further reading

https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
www.youtube.com
https://www.bca-point.xyz/2020/02/local-area-network

*****

32 Setup a LAN
 Information Security
Administration

UNIT - III
CONNECT A LAN TO
NOTES

THE INTERNET

3.1 Introduction
3.2 Objective
3.3 Introduction to WAN devices
3.4 Setup
3.5 Manage and Secure a connection to the Internet
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

3.1 INTRODUCTION

WAN is typically a network of many LANs, MANs and WANs. It is used

for the network that covers large distance such as cover states of a country. The
most common example of WAN is the Internet. Through this chapter students
can able to understand how Local Area Network connects with Internet with an
example.

3.2 OBJECTIVE

After going through this unit, you would be able:

• To familiar with WAN devices.
• To study WAN setup.
• Understand LAN connectivity with Internet and its working.
Connect a LAN to
the Internet 33
 Information Security
Administration
3.3 INTRODUCTION TO WAN DEVICES
NOTES
WAN or Wide Area Network is spread over a country or many countries.
WAN is typically a network of many LANs, MANs and WANs. It is used for the
network that covers large distance such as cover states of a country. It is not easy
to design and maintain. Network is set up using wired or wireless connections,
depending on availability and reliability. The most common example of WAN is
the Internet. Common LAN/WAN devices are repeaters, hubs, bridges, switches,
and routers.

Fig: WAN
1. Modems- Modems is a hardware component used for data modulation
and demodulation. It is used for data transfer from one computer
network to another computer network through telephone lines. It
converts digital data into analog form to send through medium during
transmission and again convert analog data into digital form while
receiving. A voice band modem converts the digital signals of
computer i.e. 1s and 0s into voice frequencies that can be transmitted
over the analog lines of the telephone network. On the other side of
the connection, another modem converts the voice frequencies back
into a digital signal i.e. 1s and 0s. Modem is used to connect computer
, router or switch, to the Internet.
• Modulation: converts information from digital mode to analog
mode at the transmitting end and
• Demodulation: converts the same from analog to digital at
receiving end.
Connect a LAN to
34 the Internet • DTE: terminal or a computer.
 Information Security
Administration

NOTES

Fig: Modulation and Demodulation process

Types of modem
• Dial-up modem: Dial-up modem had to dial a phone number to
connect with an Internet Service Provider. It operated over
standard analog phone lines and used the same frequencies as
telephone calls, thus voice calls would interrupt the Internet
connection.
• DSL Modern: DSL modems operate over standard telephone
lines, but use a wider frequency range thus voice calls would
interrupt the Internet connection. It is used for higher data transfer
rates than dial-up modem.
• CSU/DSU (Channel Service Unit / Data Service Unit): This is a
sort of modem which is used for monitoring clocking and frame
synchronization on a line. It also performs error detection at the
physical layer.
2. Access server- Concentrates dial-in and dial-out user communications.
An access server may have a mixture of analog and digital interfaces
and support hundreds of simultaneous users.
3. WAN Switch- A switch is a data link layer multiport device. It can boost
efficiency and performance of network, because a large number of ports
imply less traffic. The switch can perform error checking before
forwarding data, so that it does not forward errors packets. Switches
do not allow wireless devices to connect; it can use for hardwired LANs
or to extend the number of ports available to the router.

Fig: WAN switch Connect a LAN to

the Internet 35
 Information Security 4. Router– A router is a Network Layer device which is used to connect
Administration LANs and WANs together. It acts as a switch that routes data packets
based on their IP addresses. If you want to connect all devices with an
NOTES internet, you'll need a router. If you don't need network connection,
you can just use a switch.

Fig: Router

Characteristics of WAN
• It generally covers large distances (states, countries, continents).
• Communication medium used are satellite, public telephone networks
which are connected by routers.

Advantages of WAN
• Covers a large geographical area so long distance business can connect
on the one network.
• Shares software and resources with connecting workstations.
• Messages can be sent very quickly to anyone else on the network. These
messages can have picture, sounds or data included with them (called
attachments).
• Expensive things (such as printers or phone lines to the internet) can be
shared by all the computers on the network without buying a different
peripheral for each computer.
• Everyone on the network can use the same data. This avoids problems
where some users may have older information than others.

Disadvantages of WAN
• Need a good firewall to restrict outsiders from entering and disrupting
the network.
• Setting up a network can be an expensive, slow and complicated. The
bigger the network the more expensive it is.
• Once set up, maintaining a network is a full-time job which requires
network supervisors and technicians to be employed.
Connect a LAN to
36 the Internet
 • Security is a real issue when many different people have the ability to Information Security
use information from anywhere so protection against hackers and viruses Administration
adds more complexity and expense.
NOTES

3.4 SETUP

1. Identify how many devices you will have to connect to the network.
Each device will require a unique IP address; one device will work as
DNS server and remaining will work as workstation.
2. A wired LAN is always better and more secure than a wireless LAN.
Use standard Ethernet cables to connect servers, machines, switch and
router.
3. Select and purchase router or switch.
• A router is used to connect your network with internet; you'll need
a router that can broadcast a wireless network. A router will
automatically handle assigning IP addresses to each device on
the network.
• For more than four computers, you will need to purchase a
switch. To extend the number of ports available on your router.
4. Perches a broadband connection which you can share with your LAN
devices.

Fig: LAN devices (One DNS server, 3 PC’s, one switch

and broadband connection)
5. Create a Server machine work as DNS server, so that other machines
of LAN can access broadband connection from server machine.

Connect a LAN to
the Internet 37
 Information Security Step 1: Click on start, Type run in text area and press enter key.
Administration

NOTES

Step 2: Type ncpa.cpl in text area and click on OK. It will open
network connections window.

Step 3: Right click on your Broadband and then click on Properties. It

will open new window having Sharing menu.
Enable: Allow other network users to connect through this computer’s
network connection.
Disable: Establish a dial up connection whenever computer is on my
network attempts to access the internet.
Disable: Allow other network users to control or disable the shared
internet connection.

Click on OK
Step 4: Right click on your Broadband and then click on Properties. It
will open new window having Networking menu, select Internet
protocol version 4 and click on Properties. It will open new window,
select Use the following IP address and type IP address which will
used by other PC as DNS server address. Finally click on OK button.

Connect a LAN to
38 the Internet
 Information Security
Administration

NOTES

5. Connect other machines with Server machine to access the internet

connection from it.
• Assign unique IP address to each machine using given steps.
Step 1: Click on start, Type run in text area and press enter key.

Step 2: Type ncpa.cpl in text area and click on OK. It will open
network connections window.

Step 3: Right click on your Broadband and then click on Properties. It

will open new window having Networking menu. Click on Internet
Protocol Version 4 (TCP/IPv4), and then click on Properties

Connect a LAN to
the Internet 39
 Information Security
Administration

NOTES

Step 4: Select Use the following IP address option and type IP address,
subnet mask and default gateway as shown below for 2nd device (PC),
and then click on OK.

Repeat step 1 to 5 for PC3

Connect a LAN to
40 the Internet
 Information Security
Administration

NOTES
Repeat step 1 to 5 for PC4

5. Test the services and Internet connectivity.

3.5 MANAGE AND SECURE A CONNECTION TO THE INTERNET

Unsecured network is vulnerable and helpless to malicious use or accidental

damage. Network security is a set of policy implemented to prevent
unauthorized access, modification, misuse of data and resources. Today we are
adopting technology and used it to send and receive any form of data like audio,
videos, texts, and images around the world without thinking how securely this
data is being transmitted or received without any leakage of information. The
scope of network and cyber security is required for E-Government services,
banking sector, telecommunications, corporations and other businesses which
store a large amount of confidential information on computers and exchange
this data over the internet for their official use. The majority of network attacks
are designed to get access to information of users, rather than to damage the
network. But attacker can be able to damage users’ devices or manipulate system
to get physical access of organization’s resources. Security policy of network Connect a LAN to
the Internet 41
 Information Security defines a set of system, considering all relevant aspects of confidentiality,
Administration integrity and availability (CIA).
• Confidentiality: It refers to ensuring that the data and resources
NOTES are secure not accessible by any unauthorized user.
• Integrity: The data should be in original format, means that information
is not being altered or destroyed by un-authorized person.
• Availability: The information should be available at any time at any place
depending on the business needs, while ensuring integrity and
confidentiality.
Internet security is nothing but a combination of confidentiality, availability
and integrity of data. Data security ensures that the data should be accurate,
reliable and it should be available when authorized access needs it. Following
elements cover security control regulations:
• Policies that govern network services – This section contain how should
handle the remote access and configuration of IP addresses. It also covers
the security of network components like routers and switches.
• Vulnerability scanning–It is important to find any vulnerabilities in a
LAN infrastructure before hackers do. Since hackers will scan for
vulnerabilities, a company should have a routine in place for checking
its own networks regularly.
• Data security policies – The security configuration of all essential servers
and operating systems, Firewall, database and antivirus policies.
• The response to incidents– This includes the evaluation and reporting of
the incident as well as how to solve the problems leading to it to prevent
the issue from reoccurring.
• Account control and monitor – Keeping track to monitor and control user
accounts carefully, which would prevent this illegal activity from
occurring.

Sum Up
Local area network is designed for small physical areas to connecting two
or more computers in network. WAN is typically a network of many LANs,
MANs and WANs. Typically, a WAN consists of two or more local-area networks
(LANs). Computers connected to a wide area network are often connected
through public networks, such as the Internet. Through this unit, we can
understand how to connect LAN with the internet connection which will allows
us to connect each computers and devices with internet.

Questions
Q1. What is WAN? Describe WAN devices.
Connect a LAN to Q3. Discuss how to create DNS server.
42 the Internet
 Q4. Discuss how to share internet connection with other devices connected Information Security
in LAN. Administration

Q5. Explain WAN security measures.

NOTES
MCQ’s:
Q1. _____ networks are also widely used to share resources like printers,
shared hard-drive etc.
a. PAN b. LAN
c. WAN d. MAN

Q3. WAN is larger than a _____ and spread over several kilometers.
a. PAN b. LAN
c. MAN d. PAN, LAN and MAN

Q3. An information is not being altered or destroyed by un-authorized

person is called as _______
a. Integrity b. Security
c. Confidentiality d. Privacy

Q4. _____ performs error detection at the physical layer.

a. Dial up modem b. CSU/DSU
c. DSL modem d. External modem

Q5. DNS is call as.

a. Domain Name Server
b. Domain Name Specification
c. Domain Name System
d. Domain Name State

Answer:
Q1.→b Q2.→d Q3.→a Q4.→b Q5.→c

Work Assignment
A1. Create an Internet setup as shown in diagram.
a) Connect 4 personal computers, 1 printer and 1 DNS server
through switch.
b) Connect modem/broadband connection with switch.
c) Assign DNS server IP address as 192.168.100.1
Connect a LAN to
d) Assign IP address to four PC’s as shown in diagram like (1st PC- the Internet 43
 Information Security 192.168.1.1, 2nd PC- 192.168.1.2, 3rd PC- 192.168.1.3 and 4th
Administration PC- 192.168.1.4.

NOTES

Fig : Required setup (Assignment 1)

A2. Create an Internet setup as shown in diagram.

a) Hub: Used to connect 3 PC (PC1,PC2,PC3)
b) Switch: Used to create LAN 1 and LAN2.
c) Bridge: Used to connect LAN 2 with LAN 3.
d) Router: Used to connect LAN 1 and LAN 2 with internet.

Fig : Required setup (Assignment 2)

Keywords
• CSU: Channel Service Unit
• DSN: Domain Name System
• DSL : Digital Subscriber Line
Connect a LAN to
• DSU :Data Service Unit
44 the Internet
 • IP : Internet Protocol Information Security
Administration
• LAN: Local Area Network
• MAC: media access control
NOTES
• MAN: Metropolitan Area Network
• PAN: Personal Area Network
• WAN : Wide Area Network

References for further reading

https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
www.youtube.com
*****

Connect a LAN to
the Internet 45
 Information Security
Administration

UNIT - IV
NOTES
SHARE AN INTERNET
CONNECTION ACROSS A LAN

4.1 Introduction
4.2 Objective
4.3 Introduction to Internet Connection sharing
4.4 Introduction to NAT and PAT Setup
4.5 Manage and Secure a Proxy Server
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

4.1 INTRODUCTION

Internet connection sharing (ICS) is a method for connecting multiple

computers in a LAN to the Internet through a single connection and a single IP
address. ICS typically uses NAT technologies to achieve this and works. The
purpose of this chapter is to understand Internet connection sharing techniques
which will make it easy for you to get connected to the Internet and to share an
Internet connection with other computers in your network.

4.2 OBJECTIVE

After going through this unit, you would be able to:

• To study internet connection sharing.
• Understand NAT-PAT.
Share an Internet
• To practice proxy server setup.
Connection
46 across a LAN
 Information Security
Administration
4.3 INTRODUCTION TO INTERNET CONNECTION SHARING
NOTES
Internet connection sharing (ICS) is a method for connecting multiple
computers in a LAN to the Internet through a single connection and a single IP
address. ICS typically uses NAT technologies to achieve this and works with
most connection technologies, including DSL, cable, ISDN, dial-up and satellite.
The device with the modem or broadband interface that establishes the
connection to the Internet is called the ICS host or gateway while the other
devices that connect the Internet via network and the ICS host are called ICS
clients. If the ICS host fails, then all of the ICS clients lose their Internet
connection.
Sharing an Internet connection can be achieved through either software or
hardware solutions. Hardware solutions involve a NAT-based hardware router
that is connected directly to the Internet connection adapter, and each ICS client
is then connected to the router. Microsoft and Windows 7 make it easy for you
to get connected to the Internet and to share an Internet connection with other
computers in your network.
• Specification: Windows 7 OS, internet connection.
Follow these steps to set up the Windows 7 Internet Connection
Sharing feature:
Step 1: Click on Start and Control Panel

Step 2: Click on Network and Sharing Center

Share an Internet
Connection
across a LAN 47
 Information Security Step 3: Click on Manage wireless networks
Administration

NOTES

Step 4: Select a connection which you wish to share and then click the
Adapter Properties link.

Step 5: Click the Sharing tab. Select the Allow other network users to
connect through this computer’s Internet connection check box.

Share an Internet
Connection
48 across a LAN
 You might also be able to select the Allow other network users to Information Security
control or disable the shared Internet connection check box (Optional). Administration
This setting lets other people on your network control the shared
Internet connection by enabling or disabling it. NOTES
Step 6: Click OK and then close the Manage Wireless Networks
window to save the shared connection settings.
Before start using shared connection, users on shared network need to
configure their TCP/IP settings so that they get an IP connection
automatically. Follow these steps to use shared Internet Connection
Step 7: Click on start, Type run in text area and press enter key. Type
ncpa.cpl in text area and click on OK. It will open network connections
window.

4.4 INTRODUCTION TO NAT AND PAT SETUP

NAT: Network Address Translation is a process of changing the source and

destination IP addresses and ports. Address translation reduces the need for IPv4
public addresses and hides private network address ranges. This process is usually
done by routers or firewalls.

Share an Internet
Connection
Fig : NAT communication process across a LAN 49
 Information Security Host A request a web page from server S1. Private IP addresses are not
Administration routable on the Internet hence Host A’s private IP address has been changed by
the router as public IP address. Router R1 receives the request from Host A,
NOTES changes the A’s private IP address to its public IP address and sends the packet
to server S1. Server S1 receives the packet and replies to router R1. Router R1
receives the packet, changes the destination IP addresses to the private IP address
of Host A and sends the packet to Host A.
There are three types of address translation, Static NAT and Dynamic NAT
and PAT.
1. Static NAT is a one-to-one IP address mapping (one private IP address
to one public IP address)
2. Dynamic NAT is using many public IP addresses in a NAT address
pool.
3. Port Address Translation uses one public IP address for all internal
devices, but a different port is assigned to each private IP address.
Static and Dynamic NAT require large number of IP public addresses
therefore they cannot be used to provide internet access to inside users.
PAT: Port Address Translation is also known as NAT overload. PAT is
another Network Address Translation (NAT) technology, which can be used to
provide internet access to inside users. PAT use a single public IP address for all
internal private IP addresses, but a different port is assigned to each private IP
address. This type of NAT is also known as NAT Overload. PAT allows you to
support many hosts with only few public IP addresses. It works by creating
dynamic NAT mapping, in which a global (public) IP address and a unique port
number are selected. The router keeps a NAT table entry for every unique
combination of the private IP address and port, with translation to the global
address and a unique port number.

Fig : PAT communication process

Share an Internet
Connection
50 across a LAN
 As you can see in the picture above request from A to S1 and response from Information Security
S1 to A, PAT uses unique source port numbers on the inside global (public) IP Administration
address to distinguish between translations.
For example, if the host with the IP address of 10.0.0.101 wants to access NOTES
the server S1 on the Internet, the host’s private IP address will be translated by
R1 to 155.4.12.1:1056 and the request will be sent to S1. S1 will respond to
155.4.12.1:1056. R1 will receive that response, as shown below.
• A Request to S1:
A To R110.0.0.101:1056
R1 will receive request from A and send To S1 155.4.12.1:1056
• S1 Responses to A:
S1 To R1 155.4.12.1:1056
R1 will receive response from S1 and send To A 10.0.0.101:1056

To configure PAT, the following commands are required

Step 1 : configure the router’s inside interface using the ip nat inside
command.
Step 2: configure the router’s outside interface using the ip nat outside
command.
Step 3: configure an access list that includes a list of the inside source
addresses that should be translated.
Step 4: enable PAT with the ip nat inside source list ACL_NUMBER
interface TYPE overload global configuration command.
Here’s how we would configure PAT for the network picture above.
Step 1: Define an inside interfaces on R1:
R1(config)#int Gi0/0
R1(config-if)#ip nat inside
Step 2: Define an outside interfaces on R1:
R1(config-if)#int Gi0/1
R1(config-if)#ip nat outside
Step 3: Define an access list that will include all private IP addresses we
would like to translate:
The access list defined above includes all IP addresses from the 10.0.0.0 –
10.0.0.255 range.
R1(config-if)#access-list 1 permit 10.0.0.0 0.0.0.255
Step 4: Enable NAT and refer to the ACL created in the previous step and Share an Internet
to the interface whose IP address will be used for translations: Connection
across a LAN 51
 Information Security R1(config)#ip nat inside source list 1 interface Gi0/1 overload
Administration
To verify the NAT translations, we can use the show ip nat translations
command after hosts request a web resource from S1:
NOTES
R1#show ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 155.4.12.1:1024 10.0.0.100:1025 155.4.12.5:80 155.4.12.5:80
tcp 155.4.12.1:1025 10.0.0.101:1025 155.4.12.5:80 155.4.12.5:80
tcp 155.4.12.1:1026 10.0.0.102:1025 155.4.12.5:80 155.4.12.5:80

Notice that the same IP address (155.4.12.1) has been used to translate three
private IP addresses (10.0.0.100, 10.0.0.101, and 10.0.0.102). The port number
of the public IP address is unique for each connection. So when S1 responds to
155.4.12.1:1026, R1 look into its NAT translations table and forward the response
to 10.0.0.102:1025

4.5 MANAGE AND SECURE A PROXY SERVER

A proxy server acts as an intermediary between a web browser (computer)

with a private IP address and another server on the Internet. A proxy server has
its own address, an IP address. One primary job of a proxy server is to hide your
IP address. The proxy server has its own IP, which acts as a shield by masking
the user’s IP. The proxy server can provide extra layer of protection for your
sensitive core business data. Request running through a proxy server shields end
user identity by shielding the identity (IP address) of your computer. Proxy
servers can face the internet and relay requests from computers outside the
network thus it is act as a buffer. Proxy server can control which devices have
access to the network and which sites those devices can visit. Network
administrator can block undesirable content, as well as any sites you don’t want
to use.
Share an Internet
Connection
52 across a LAN
How to setup a proxy with Internet Explorer Information Security
Administration
Start Control Panel Internet Options Connections LAN Settings Use a
proxy server for your LAN Type IP address and Port OK
NOTES

How to setup a proxy with Google Chrome

Customize and Control Button (button with the wrench picture in upper
right corner) Settings Open your computer’s proxy settings

Connections LAN Settings Use a proxy server for your LAN Type IP
address and Port OK

Sum Up
Internet Connection Sharing provides the ability for one computer to share
its Internet connection with another computer. In this Unit, an attempt has been
made to explain to you the concept of internet connection sharing and NAT –
PAT technique. It is hoped that all my students can understand this concept.

Share an Internet
Connection
across a LAN 53
 Information Security
Administration

NOTES

Questions
Q1. Describe NAT and PAT settings.
Q2. What is proxy server? Discuss proxy server setup.
Q3. Discuss Internet connection sharing.

MCQ’s
Q1. ______ is a method for connecting multiple computers in a LAN to
the Internet through a single connection and a single IP address
a. Internal connection sharing
b. Internal communication sharing
c. Internet connection sharing
d. Internet communication sharing
Q2. ______ is a process of changing the source and destination IP
addresses and ports.
a. Network Address Translation
b. Port Address Translation
c. NAT Overload
d. Mobile device detection
Q3. ____ use a single public IP address for all internal private IP addresses,
but a different port is assigned to each private IP address.
a. Network Address Translation
b. NAT Overload
c. Port Address Translation
d. b and c both
Share an Internet Answer:
Connection
54 across a LAN Q1.→c Q2.→a Q3.→d
Work Assignment Information Security
Administration
A1. Create a LAN setup of four computers to share internet connection.
A2. Create a proxy server setup for Google Chrome browser.
NOTES
Keywords
• ICS: Internet connection sharing
• NAT: Network Address Translation
• PAT: Port Address Translation

References for further reading

https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
www.youtube.com

*****

Share an Internet
Connection
across a LAN 55
 Information Security
Administration

UNIT - V
SHARE RESOURCES
NOTES

OVER A LAN

5.1 Introduction
5.2 Objective
5.3 Setup
5.4 Manage and Secure a Print Server
5.5 Setup
5.6 Manage and Secure a File server
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

5.1 INTRODUCTION

A local area network (LAN) consists of two or more computers connected

in network. In a local area network, you can use shared resources from other
computers. For example, you can print documents on a network printer. Also you
can open a document on your own computer from other computer in a network.
This chapter covers how to setup print server and file server to share printer and
files in network. Before starting of resource sharing, let us understand network
resources constraint, as follows:
• Security: Organizations should maintain security mechanisms to avoid
unauthorized access of shared resources.
• Compatibility: Client computer must have a compatible Operating
System so that client an access shared resources without any
communication delays.
• Mapping: Any shared resource may be accessed via destination address
Share resources and naming conventions that are called as mapping.
56 over a LAN
 Information Security
Administration
5.2 OBJECTIVE
NOTES
After going through this unit, you would be able to:
• Understand resource sharing concepts.
• Share printer in LAN.
• Share Files in LAN.

5.3 SETUP

A print server allows us to share a printer with multiple computers in a

network. The printer can then be accessed by multiple devices as a network
printer. A print server is a computer in a network that controls one or more
printers. It is a computer that can process and control print-related jobs on a
network, it perform a printing job without having to move files to the computer
connected directly to the printer.
Advantage of print server
• Every machine in the LAN can share the networked printer
• Less maintenance needed as there is single printer for each person.

Disadvantages of a print server compared to a local printer

• If print server fails then everyone is affected as compared to individual
printers
• It requires some administration and care.
• Printer is shared by many peoples, so you have to wait a long time to get
through.
Go through the following steps to make network printer step by step.
1. Make a setup as shown in diagram:
Connect printer to any one PC of the LAN, so that other PC’s available
in LAN can share this printer for printing purpose.
• Specification: LAN connection, four computers, one printer and
network switch.
• Printer connect to the PC1 having IP address 192.168.1.1
• PC1 (IP address 192.168.1.2) , PC2 (IP address 192.168.1.2),
PC3 (IP address 192.168.1.3) and PC4 (IP address 192.168.1.4)
should be in LAN. Share resources
over a LAN 57
 Information Security
Administration

NOTES

Fig: Required setup

2. Performed following steps to share a printer.

Step 1: Click on start and select Device and Printers.

Step 2: Right click on your installed printer (I have Canon LBP560

printer) and select Printer properties.

Share resources Step 3: Click on Sharing menu and select Share this Printer (It will
58 over a LAN display the name of printer which is going to be shared).
• If your LAN contains PC’s having same version of window, then Information Security
click on Apply and OK. Administration

• If your LAN contains PC’s having different version of window,

then click on Additional Drivers (It will open new window of NOTES
driver installation) to install. Once you install additional drivers
while printer sharing, user easily connect with shared printer.
Otherwise they have to find printer driver when they connect to
the shared printer.

Step 4: Select the checkbox of Processor which you want to install and
click on OK.

Share resources
over a LAN 59
 Information Security In this demo, I select both processor, so that installation process ask
Administration for printer driver of Itanium processor and x64 processor

NOTES

Finally: Click on OK. After completion of sharing process of a printer,

printer will display with share icon as shown in following diagram

4. Use the printer at client side (PC2, PC3 and PC4) which is connected
with print server.
Follow the given steps at PC2, PC3 and at PC4 to access printer.
Step 1: Click on start, Type run in text area and press enter key.

Step 2: Type IP address of print server (192.168.0.1) in text area and

Share resources click on OK. It will open shared printer on PC2.
60 over a LAN
 Information Security
Administration

NOTES

Step 3: Print any document of PC2, PC3 and PC4.

Advantage of network printer

• When you install printer on each machine, it take up space on each
machine. Network printer will save this space.
• A printer per person is cost effective as each one needs maintaining.
Network printer reduces maintenance cost.
• Avoid buying expense of multiple printers.

5.4 MANAGE AND SECURE A PRINT SERVER

During deal with printer, driver installation is very important to support

client processor without any interrupt. You can add driver at the time of
installation or you can update the printer driver for a printer as discussed below.
1. Add drivers for client computers running 32-bit or 64-bit versions of
Windows: To support different processor architectures than the print
server, you must install additional drivers. For example, if your print
server is running a 64-bit version of Windows and you want to support
client computers running 32-bit versions of Windows, you must add
x86-based drivers for each printer.
2. Update or change printer drivers: To update or change the printer
drivers for a printer, use the following procedure.
1. Open Print Management.

Share resources
over a LAN 61
 Information Security 2. In the left pane, click Print Servers, and then click Printers.
Administration
3. In the centre pane, right-click the printer with the driver that you
want to change or update, and then click Properties.
NOTES
4. Click the Advanced tab and click New Driver to install a new
printer driver.

Printer security
You can secure a print server by granting specific rights to users or groups
of users. For each user or group of users, you can grant or deny permission to:
a. Print documents
b. Manage printers
c. Manage documents
d. Special permission

To set permissions for print servers, follow given steps

1. Open Print Management.

2. In the left pane, click on Print Servers, right-click the applicable printer
and then click Properties. On the Security tab, under Group or users
names, click a user or group for which you want to set permissions.
Under Permissions for <user or group name>, select the Allow or Deny
Share resources check boxes for the permissions listed as needed.
62 over a LAN
 Information Security
Administration

NOTES

3. To edit Special permissions, click on Advanced. On the Permissions

tab, click a user group, and then click Edit. In the Permission Entry
dialog box, select the Allow or Deny check boxes for the permissions
that you want to edit.

5.5 SETUP

A file server is a central server in a computer network which is accessible

to all authorized clients. Here, the server administrator defines strict rules
regarding which users have which access rights. Admin has a right to set access
rule. Access rules decided which files can be read, write, edit and delete by a
certain user or user group. All modern operating systems such as Windows,
Linux, or macOS can be used on a file server, although the devices available in
the network need to be compatible with the operating system. File server is not
only useful for file sharing; it is also worked as a backup server. Benefits of file
server are as below
Share resources
over a LAN 63
 Information Security • File stored on centralized server can accessed by only authorized network
Administration participant.
• Conflicts between different versions of a document can be practically
NOTES ruled out, as certain actions – such as editing or deleting – are blocked
for other users as soon as you open a file.
• File servers are reduces the strain on client resources.
• On file server, backups can be stored.
• If the file server is configured for remote access over the internet, the
files are also accessible like an online storage service.
Go through following steps to make file server step by step.
1. All PC’s should be in LAN.
Make a setup as shown in diagram: Share folder (e.g Demo) from File
Server of the LAN, so that other PC’s available in LAN can access
this folder contents.
• Specification: LAN connection, five computers and network
switch.
• Folder share from File Server having IP address 192.168.100.1
• PC1 (IP address 192.168.1.1) , PC2 (IP address 192.168.1.2),
PC3 (IP address 192.168.1.3) and PC4 (IP address 192.168.1.4)
should be in LAN.

Fig : Required setup

Share resources
64 over a LAN
2. Performed following steps to share a printer. Information Security
Administration
Step 1: Create Demo folder on any drive which you want to share from
File Server.
NOTES

Step 2: Right click on Demo folder, Right click on Share with and
select Specific people.

Step 3: Click on dropdown list, select Everyone and click on Add

button.

Share resources
over a LAN 65
 Information Security Step 4: Select Read/Write permission and click on Share
Administration

NOTES

Finally: Click on Done to complete share process.

3. Access share contents at client side (PC1, PC2, PC3 and PC4) which
is connected in LAN with File server.
• Follow the given steps at PC1, PC2, PC3 and at PC4 to access
shared folder.
Step 1: Click on start, Type run in text area and press enter key.

Share resources
66 over a LAN
 Step 2: Type IP address of File server followed with shared folder Information Security
name (\\192.168.100.1\Demo) in text area and click on OK. It Administration
will open shared folder on PC.
NOTES

• Result: Demo folder access at client machine (PC1, PC2, PC3

and PC4).

5.6 MANAGE AND SECURE A FILE SERVER

Some practical applications for managing and securing file server include:
• Monitor a selected group of users for attempts to save unauthorized files.
• Use File Classification Infrastructure with the Dynamic Access Control
scenario to create a policy that grants access to files and folders based
on the way files are classified on the file server.
• Limit the extension that can be stored on shared files. For example, you
can create a file screen that does not allow files with an MP3 extension
to be stored in shared folders on a file server
• Schedule a report that runs every Sunday night at midnight that generates
a list of the most recently accessed files from the previous two days. This
can help you to determine the weekend storage activity and plan your
server downtime accordingly. Share resources
over a LAN 67
 Information Security Sum Up
Administration
In this Unit, an attempt has been made to explain to you the concept of
`Resource Sharing in a LAN'. Resource sharing opens up a wide range of
NOTES resources for use by large number of users in a network. It is hoped that
information furnished in this unit would be helpful to the students to understand
the concept of resource sharing.

Questions
Q1. What is print server? Describe its benefits.
Q2. What is task of file server?
Q3. Discuss steps to share folder from file server.
Q4. Explain print server security measures.

MCQ’s
Q1. What can be shared over a network?
a. Printer b. Keyboard
c. Mouse d. All
Q2. Bank work in _____ network having many branches around the country.
a. Local area b. Wide area
c. Personal area d. Live area

Q3. For each user or group of users, you can grant or deny permission to
a. Print documents b. Manage documents
c. Manage printers d. All
Q4. A file server is a ______ in a computer network which is accessible to
all authorized clients.
a. Central server b. Control server
c. Secured server d. Remote Server

Q5. A _______ allows us to share a printer with multiple computers in a

network
a. File server b. Print Server
c. Backup Server d. All
Answer:
Q1.→a Q2.→b Q3.→d Q4.→a Q5.→b
Share resources
68 over a LAN
Work Assignment Information Security
Administration
A1. Create a LAN setup as shown in diagram and share printer from print
server.
NOTES
a) Connect 8 personal computers, 1 print server through switch.
b) Assign IP address as shown in diagram like (1st PC- 192.168.1.1,
2nd PC- 192.168.1.2, 3rd PC- 192.168.1.3 4th PC- 192.168.1.4,
5th PC- 192.168.1.5, 6th PC- 192.168.1.6, 7th PC- 192.168.1.7
and 8th PC- 192.168.1.8.
c) Share printer connected with print server having IP address –
192.168.1.10.
d) Print the documents from PC1 to PC8.

Fig : Required setup (Assignment 1)

A2. Create a LAN setup as shown in diagram and share Test folder from
file server.
a) Connect 8 personal computers, 1 file server through switch.
b) Assign IP address as shown in diagram like (1st PC- 192.168.1.1,
2nd PC- 192.168.1.2, 3rd PC- 192.168.1.3 4th PC- 192.168.1.4,
5th PC- 192.168.1.5, 6th PC- 192.168.1.6, 7th PC- 192.168.1.7
and 8th PC- 192.168.1.8.
c) Share folder from file server having IP address – 192.168.1.10.
d) Access folder contents at PC1 to PC8

Share resources
over a LAN 69
 Information Security
Administration

NOTES

Fig: Required setup (Assignment 2)

Keywords
• IP : Internet Protocol
• LAN: Local Area Network

References for further reading

https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
www.youtube.com

*****

Share resources
70 over a LAN
 Information Security
Administration

UNIT - VI
HOST A WEBSITE
NOTES

6.1 Introduction
6.2 Objective
6.3 Introduction to website hosting
6.4 Setup
6.5 Manage and Secure a Web Server
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

6.1 INTRODUCTION

Web hosting is a service in which storage space is provided to websites of

individuals or organizations on web server, so that the websites are accessible
via World Wide Web. Web hosting is very easy to understand, only you have to
know what you need to host a website. In this unit I’ll explain it using real world
example to clear some of the beginner’s misconceptions.

6.2 OBJECTIVE

After going through this unit, you would be able to:

• Understand the concepts of web hosting.
• Familiar with general web hosting terms.
• Go through the process of web hosting.

Host a Website 71
 Information Security
Administration
6.3 INTRODUCTION TO WEBSITE HOSTING
NOTES
Web hosting is a service in which storage space is provided to websites of
individuals or organizations on web server, so that the websites are accessible
via World Wide Web. Today billions websites currently online and millions of
people all over the world access those websites. Web hosting means, you have
some server space where you store your website’s files and you have a complete
control over it.

Fig : Web server storage space

Website hosting provider

The web hosting provider is the third party between client and server. They
provide space on the web server where your website is stored, so that user can
view on the Internet. Web hosting providers also provide add-on services like:
data backup, firewall protection, technical support, email services, domain name
registration, website building tools, and applications.

Evaluate the web hosting provider and its services

When you choose a host plane, most common question disturbs your mind.
Sometime web hosts provider offer, different plans/packages to choose from.
Before going through host plan, you should ask the question that, “Can I trust a
certain hosting company? What will happen with my website when my customers
are increased? Should I sign up for the biggest package right away? etc.”. Let’s
answer these questions and find out the best option for your website.
What is a domain name?
Domain name is nothing but a website address, which is used to type in the
browser to open your website worldwide. For example,
• Domain name for Rediffmail is rediffmail.com ,
• Domain name for Facebook is facebook.com and
• Domain name for Gmail is gmail.com .
72 Host a Website
 Domain name is unique name for every websites, so that people can find it Information Security
online. Domain name is a brand identity of your organization in the real world Administration
and it is most important parts of your online identity thus getting the right domain
name is very important. While choosing a domain name keep in mind: NOTES
• Unique name – Name should be unique one, not site similar to existing
sites.
• Make it easy to type - you don’t want your visitors to incorrectly type in
your name.
• Focus your brand - your domain name will be your brand.
• Shorter is good- instead of Bharati vidyapeeth University’s Self Learning
Material. edu go with bvuslm.com.
• Avoid numbers and hyphens - stay away from them at all costs.

Fig : Web server storage space for domain name

Decision you have to take before Hosting your Website

1. Decide Type of your Website
There are 2 types of websites depend on their contents:

• Static Websites: Static websites are simple websites which cannot

be modified dynamically. Static websites can have one or more
HTML web pages. You can build static web pages on your
computer and host’s them on server using any FTP software (like:
FileZilla). Whenever you need to make changes to your website,
you’ll have to edit the pages on your computer and upload them
again. Static websites are cheaper as compare with dynamic
websites. It has limited functionality so that it is unuseful for e-
commerce.
• Dynamic Websites: Dynamic websites can change and modify
their database after every transaction and allow user to directly Host a Website 73
 Information Security add and edit the content (i.e. text, design, photos, and videos).
Administration Example of dynamic websites are E-commerce and social
networking sites. These websites allow users to have individual
NOTES accounts and provide a customized response for each user.
Dynamic websites are ideal for e-commerce businesses
application.

2. Choose hosting server for your websites

Static HTML sites can be hosted on any web servers. When you
think about dynamic websites, you will have two types of hosting
platforms. Depending on your hosting needs, you can choose
from:
• Linux Hosting: Linux hosting platform allows running websites
created in PHP, Perl, Python and other Unix-originated languages
which supports PostgreSQL and MySQL databases.
• Windows Hosting: Windows Hosting allows running websites
created in ASP.NET and other Microsoft technologies which is
supports Microsoft SQL Server and Access database.

3. Select Your Web Hosting Plan

You will typically find a wide range of services in web hosting, such as:
• Shared Hosting: Shared hosting is very affordable because one
server physically shares with more websites and cost of operating
is shared between all. Every website owner will have their own
separate account which is secured with login credentials. In
shared hosting, website will be sharing server resources with
other sites. If another site on the same server has request traffic,
it will down performance of your website.
• VPS Hosting (Virtual Private Server Hosting): In VPS hosting,
every website is stored on a very powerful server that is divided
into several virtual compartments with high-security concerns.
VPS hosting is a step above shared hosting and great option for
higher traffic websites which need enough resources. VPS
hosting will not share your resources with other websites thus it
will not affect on performance of your site. VPS hosting facilitate
with more disk space, bandwidth, higher uptimes, and faster
loading speeds.
• Dedicated Hosting: Dedicated Hosting has enterprise-level
hosting capabilities and offers an entire server for yourself
making your websites faster and secure. This hosting type is
reserved for large websites that are more tech-savvy and want
complete control over server settings and hosting environment.
Dedicated servers give you the majority of resources and
74 Host a Website
 therefore it improve the performance. This is the most expensive Information Security
type of web hosting as compare with shared hosting and VPS Administration
hosting.
• Cloud Hosting: In cloud hosting, your website will be run NOTES
through multiple virtual servers (clouds). A cloud-hosting is not
limited to a single server thus depending on traffic of websites it
can dynamically expand resources allocation which can decline
unexpected downtimes due to heavy traffic or server issues. It’s
a good option for e-commerce websites, newsletters and blogs
where customers are accessing services 24/7 without any
interrupt. Cloud hosting is a better than shared hosting and
cheaper than a VPS hosting.

6.4 SETUP

We are now going to take a look at web hosting setup. Hosting can be
roughly separated in following five steps: In this part, we are going to explain
how to access and use some of the essential services like ,
1. Purchase Domain Name
2. Host your website
3. Change Your DNS Address:
4. Upload Your Website
5. View your website

Let us see one by one.

• Specification: Windows 7 OS, internet connection, your own web page
(website).
1. Purchase Domain Name: Purchase Domain Name from any domain
name provider (I purchase Domain from bigrock.in)
Step 1: Select Domain and Domain Name Registration

Host a Website 75
 Information Security Step 2: Type your expected domain name and search
Administration

NOTES

Step 3: After searching, it will display all available domain name. You
can buy any one from list and click on CHECKOUT

Step 4: After on CHECKOUT, it will display you bill amount. Click

on NEXT to proceed.

76 Host a Website
Step 5: Click on CONTINUE to create a new account. Information Security
Administration

NOTES

Step 6: Fill information and create account.

Step 7: Select payment option and complete the transaction to buy your
domain name.

Host a Website 77
 Information Security 2. Web Hosting: Host your website (For demo purpose, I host my website
Administration through freehosting.com)
Step 1: Open freehosting.com, select free hosting option of WEB
NOTES HOSTING.

Step 2: Click on SIGN UP FOR FREE.

Step 3: We already purchase domain name from bigrock.in, so select

I will use my existing domain and update my nameserver , type
your purchased domain name (bvussm.online) in text box and
click on Use button

78 Host a Website
Step 4: This page will show configuration setting, just click on Information Security
Continue button Administration

NOTES

Step 5: This page will show order summary (our web hosting is free),
just click on Checkout button

Step 6: Fill personal information, as we know our web hosting is free

so just select pay later option of payment and Complete Order.

Host a Website 79
 Information Security Step 7: After order competition process, Order confirmation page will
Administration show Your Order Number

NOTES

Step 8: Now check your registered email account and open mail
received from FREEHOSTING. Click on provided link to verify
your email address and complete your free web hosting
registration process.

Step 9: After click on provided link, you will redirect on Login page.
Fill login details and Login into your freehosting account.

Step 10: After Login, welcome page will shows your Services. Click
on Services to view your web hosting service status. Still status
is pending because it will take time few minutes to activate your
service.

80 Host a Website
 Information Security
Administration

NOTES

After few minutes your service will activated as shown below.

Step 11: After you have purchased your web hosting, you will get
Name Servers. Check your email account and open mail received
from freehosting. This mail contains your account information
(Username and password) and nameserver details.
** Note: nameserver is used to connect your domain name with web hosting

Host a Website 81
 Information Security 3. Change Your DNS Address: To get your website up and working, you
Administration will need to change the Name Servers of your domain. It’s a simple
but mandatory step for you to get started.
NOTES Step 1: Go to your Domain Registration site via http://bigrock.in/login.
Enter your registered email address and password.

Step 2: Click on your domain name (bvussm.online) for which you

need to change the Name Servers. In the Domain Registration
section, click on the Name Servers option.

Step 3: Replace the existing Name Servers with the ones provided by
your current web host, and click on the Update Name Servers
button. After you have changed your DNS, it will take about 24-
48 hours for your website to start.

4. Upload Your Website: You can now upload your website to your
account by connecting to the server using cPanel’s File Manager after
which your website will go live.
A control panel, in web hosting, is a web-based interface provided by the
hosting company that allows customers to manage their various hosted services
in a single place. One of the widely used and well known control panel is cPanel.
82 Host a Website
Step 1: Log in to your cPanel using your hosting URL e.g Information Security
(www.buvssm.online/cpanel). It will open your cpanel, Click on Administration
the icon titled File Manager.
NOTES

Step 2: Select Web Root and click on Go. Add all the files and folders
under public_html and their respective domain folder.

Step 3: When you click on upload a new window will be open with
upload option. Select the file that you want to upload and hit the
submit button.

5. View your website: Open web browser and type your domain e.g
(www.bvussm.online)

Host a Website 83
 Information Security
Administration
6.5 MANAGE AND SECURE A WEB SERVER
NOTES
When it comes to taking care of web server, a few rules should be applied.
Set up backup server to protect your server in case things go wrong. Keep root
users account information in safe place and not easy to guess, so hackers can’t
get in. Keep the software up to date. In this part, I am going to explain more
security measures to protect our web server from cyber attack.
1. Use a Secure Connection: Establish a secure channel for
communication while connecting to a remote server, it is essential to
use SSH(Secure Shell) Protocol to establish a protected connection
because SSH encrypts all data transmitted in the exchange.
2. Use SSH Keys Authentication: Use SSH key authentication Instead of
a traditional password. SSH server using a pair of SSH keys which is
better than traditional logins. SSH keys carry many more bits than a
password and are not easily cracked by most modern computers.
3. Secure File Transfer Protocol: To transfer files to and from a server
without danger of hackers compromising or stealing data, use File
Transfer Protocol. FTP encrypts data files and your authentication
information during transfer. As soon as they reach the server, the data
is no longer encrypted. For this reason, encrypting the files before
sending them adds another layer of security.
4. Secure Sockets Layer Certificates: Websites that have the SSL
certificate have HTTPS in the URL, indicating they are secure. Secure
Socket Layer (SSL) guard your sensitive information (like: IDs, credit
card numbers, password, and other personal information) passed
between client and server. Not only does the certificate encrypt data,
but it is also used for user
5. Use Virtual Private Networks: A Virtual private network is one another
way to ensure secure communications. Private networks use a private
IP to establish lonely communication channels between servers within
the same range.
6. Monitor Login Attempts: Use intrusion prevention software to monitor
login attempts to protect your server against brute force attacks.
Intrusion prevention software oversees all log files and detects if there
are suspicious login attempts. If the number of attempts exceeds,
intrusion prevention software blocks the IP address for a certain period
of time.
7. Manage Users: Every server has a root user who can execute any
command he has the most power, hence hackers focus to try cracking
password of that root user to gaining access on server. To protect server
84 Host a Website
 from outsiders so that they do not misuse root privileges, you can Information Security
create a limited user account having ability to perform administrative Administration
tasks but this account does not have the same authority as the root. For
security reason, you can use limited user account to manage and NOTES
control most of the tasks and use the root account only when necessary.
8. Use Passphrases for Server Passwords: passphrase is longer than
password and contains spaces between the words. It can be a sentence
containing upper and lower case letters, numbers, and unique
characters. It contains 49 characters, hence more difficult to crack.
For example, a passphrase will be: Mylove@ToEatPizza786SFCmall.
The given example is longer than a usual password; besides, it is much
easier to remember a passphrase than a string of random letters.
9. Regular Software Updating: To keeping safe your server from hackers,
it is crucial step to update the software on a server. Outdated software
is open for hackers to harm your system. If you keep everything up-
to-date, you ensure that it is updated to protect itself in the first line of
defense. Each new release includes security patches to fix known
security issues.
10. Hide Server Information: The less is known about the server is better
for protection. Try to provide very little information about server
infrastructure as possible. Hide version numbers of any software you
have installed on the server, because hackers can search for
weaknesses of software by getting exact release date.
11. Use Intrusion Detection Systems: Intrusion Detection Systems
monitors processes running on your server and detect any unauthorized
activities. You may set it to check day-to-day operations, run periodical
automated scans, or decide to run the IDS manually.
12. File Auditing: File auditing is one of the good ways to discover
unwanted changes on your system.
It is keeping a record of all the characteristics of your system when it
is in a good, “healthy,” state and comparing it to the current state. By
comparing the previous versions and current version of the same
system, you can detect all the changeability and track their origin.
13. Set Up and Maintain a Firewall: Set up a firewall during the initial
server setup or when you make changes to the services the server
offers. Secure your server by controlling and restricting access to your
system. Using CSF (ConfigServer and Firewall) is essential in
tightening up security on your server.
14. Back up Server: To secure data of your server, it is crucial to have a
backup of the system in case something goes wrong.

Host a Website 85
 Information Security 15. Create Multi-Server Environments: Database servers and web
Administration application servers should be separate, because separate execution
environments are beneficial to larger scale businesses that cannot
NOTES afford any security breaches. Independent database servers secure
sensitive information and system files from hackers that manage to
gain access to administrative accounts. Isolation is one of the best
types of server protection.

Sum Up
In this Unit, an attempt has been made to explain to you the concept of web
hosting. It is an attempt to expand and explain some things in more details, tell
you more about domain names and how to choose a good one, and explain web
hosting technologies with example. It is hoped that information furnished in this
unit would be helpful to the students to understand the concept.

Questions
Q1. What is web hosting? Describe its types.
Q2. Describe how to register domain name.
Q3. Differentiate between VPS hosting and dedicated hosting.
Q4. Discuss steps of web hosting.
Q5. Explain web server security measures.

MCQ’s
Q1. _____ is unique name for every websites
a. Web name b. URL
c. Domain name d. Destination name
Q2. You have some server space where you store your website’s files is
called as.
a. Shared hosting b. Web hosting
c. VPN hosting d. Email hosting
Q3. _____ will not share your resources with other websites.
a. VPS hosting b. Dedicated hosting
c. Shared hosting d. Cloud hosting
Q4. In ____, website runs through multiple virtual servers.
a. Linux hosting b. Cloud hosting
c. Dedicated hosting d. Windows hosting

86 Host a Website
 Q5. Websites that have the SSL certificate have _____ in the URL Information Security
Administration
a. ftp b. http
c. www d. https
NOTES
Answer:
Q1.→c Q2.→b Q3.→a Q4.→b Q5.→d

Work Assignment
A1. Create a website for your business promotion and host it on
Godaddy.com
a) Website contain Home page, Customer care page, Product
description page, Contact us page.
b) Register your domain name Like: carbiz.com (You can choose
as you like)
c) Open you C panel and upload your WebPages.
d) Access your website remotely.

Keywords
• FTP :File Transfer Protocol
• HTML: Hyper Text Markup Language
• HTTP: Hyper Text Transfer Protocol
• IP : Internet Protocol
• ISD: Intrusion Detection Systems
• SSH: Secure Shell Protocol
• SSL: Secure Socket Layer
• URL: Uniform Resource Locator
• VPN: Virtual Private Networks
• VPS: Virtual Private Server

References for further reading

https://www.tutorialspoint.com
https://www.guru99.com
https://study.com
www.youtube.com

*****

Host a Website 87
 Information Security
Administration

UNIT - VII
SETUP SUPPORT SERVERS
NOTES

7.1 Introduction
7.2 Objective
7.3 Setup
7.4 Manage and Secure a Mail Server
7.5 Setup
7.6 Manage and Secure a FTP Server
7.7 Setup
7.8 Manage and Secure a Boot Server
7.9 Setup
7.10 Manage and Secure a DNS Server
Sum Up
Questions
MCQs
Work Assignment
Keywords
References for further reading

7.1 INTRODUCTION

Today’s world adopts information technology and it has become a necessity

for every person to be familiar with it. You can learn more about the role of Mail
server, FTP server, Boot server and DNS server. A mail server receives and
delivers e-mail over a network. The FTP server is used for copying the files
between servers over the Internet. Boot server is the server used for booting a
computer from a network rather than a local drive. DNS server converts domain
names into their corresponding numerical IP addresses, which is responsible for
the smooth communication of computers within the network to locate websites
on the Internet. Purpose of this chapter is to understand function and an
installation process of the mail server, FTP server, boot server, DNS server.
Setup Support
88 Servers
 Information Security
Administration
7.2 OBJECTIVE
NOTES
After going through this unit, you would be able to:
• To understand Mail server, FTP server, Boot server and DNS server.
• To study an installation process of the Mail server, FTP server, Boot
server and DNS server.

7.3 SETUP

A mail server is a server that receives and delivers e-mail over a network.
A mail server can receive e-mails from client computers and deliver them to other
mail servers at receiver sides’ client computer. A client computer is a computer
where receiver can read e-mails; the computer may be at home or in your office.
Now a day Smartphone can also read e-mails with e-mail capabilities.

Fig: Working of Mail server

• SMTP server: Simple Mail Transfer Protocol is a protocol that is used
when e-mails are delivered from clients to servers and from servers to
other servers. After sending your e-mail, the program will connect to a
server on the network / Internet that is called an SMTP server.
• POP3 server: When you download e-mails to your e-mail program the
program will connect to a server on the net that is known as a POP3
server.

Working of Mail Server

After sending an email, mail server will extract the domain name of the e-
mail address and use it to locate the mail server that your receiver's client
computer communicates with. The domain name is found after the "@" character
in an e-mail address. For example an e-mail address is
[email protected], here domain name is bharatividyapeeth.edu.
By using this domain name as an address the mail server will find which mail
server on the Internet to deliver the e-mail message to. When the server has been Setup Support
identified and it has responded that it will accept an e-mail delivery, the e-mail Servers 89
 Information Security is sent to this server. And next time your receiver logs on to the POP3 server via
Administration his/her client computer, your e-mail will be downloaded to the person's e-mail
program.
NOTES
Mail server Installation
• Specification: Windows 7 OS, internet connection.
Mail server installation on your machine needed following steps.
Step 1: Download hmail server.

Step 2: After downloading, double click on hMailServer setup and to click

on Next to run the setup.

Setup Support
90 Servers
Step 3: Accept license agreement and click on Next to continue the setup. Information Security
Administration

NOTES

Step 4: To continue with default folder, click on Next to button.

Step 5: Select components Server , Administrative tools and click on Next

to button.

Setup Support
Servers 91
 Information Security Step 6: Select Use built-in database engine and click on Next to button.
Administration

NOTES

Step 7: Click on Next to button.

Step 8: Enter Password and confirm it. Click on Next to button.

Setup Support
92 Servers
Step 9 : Click on Install to button. Information Security
Administration

NOTES

Step 10 : After installation , click on Finish to button.

Step 11 : After installation , click on Connect to connect with hMailServer.

Setup Support
Servers 93
 Information Security Step 12 : Enter hMailServer password which you used while installation
Administration process.

NOTES

Step 13 : Click on Add domain button.

Step 14 : Enter your domain name.

Step 15 : Click on newly added domain Accounts.

Step 16 : Click on General menu and enter domain Address and Passwords.

Setup Support
94 Servers
Step 17: Click on Setting and Advanced, Enter Default domain as localhost. Information Security
Administration

NOTES

Step 18: Click on Setting and Advanced and Auto-ban, click on Enabled.

Step 19: Click on Utility and Diagnostics and select the domain which you
want to run and click on Start

Setup Support
Servers 95
 Information Security Step 20: Your domain is running.
Administration

NOTES

7.4 MANAGE AND SECURE A MAIL SERVER

• Configure mail relay options carefully to avoid being an Open Relay: It’s
very important to configure your mail relay parameter to be very
restrictive. All mail servers have this option, where you can specify which
domains or IP addresses your mail server will relay mail for
• Set up SMTP authentication to control user access: SMTP Authentication
forces the people who use your server to obtain permission to send mail
by first supplying a username and password.
• Limit connections to protect your server against DoS attacks: The number
of connections to your SMTP server should be limited. This could be
very helpful to mitigate spam floods and DoS attacks that target your
network infrastructure.
• Activate Reverse DNS to block bogus senders: Reverse DNS Lookup
verifies that the senders IP address matches both the host and domain
names that were submitted by the SMTP client in the EHLO/HELO
command. This is very valuable for blocking messages that fail the
address matching test.

7.5 SETUP OF FTP SERVER

The File Transfer Protocol (FTP) is used for copying files between servers
over the Internet. Most of the Web-based download sites using the built-in FTP
services of Web browsers, therefore, now a day server oriented operating systems
generally include an FTP server application as part of the software suite, FTP is
a part of all operating systems and Web browsers. FTP can have enormous benefit
Setup Support to collaborative computing in which files need to be shared between business
96 Servers partners. FTP uses pair of TCP ports as connection channels to get the job done.
 1. TCP Port 21 (control channel) : TCP control channel handles all Information Security
commands send by you, as well as all server’s responses to those Administration
commands.
8 TCP Port 20 (data channel) : TCP data channel handles all subsequent NOTES
data transfers between the client and server.

FTP Installation
• Specification: Windows 7 OS, internet connection.
FTP installation on your machine needed following five tasks. Let we see
this step by step.
1 Check IP address of your machine
2 Create one folder on any drive which you want to share through FTP
3 Enable FTP Server
4 Configure IIS Manager
5 Open and share FTP folder
1. Check IP address of your machine
Step 1: Click on start, Type run in text area and press enter key.

Step 2: Type cmd in text area and click on OK. It will open command
prompt.

Step 3: Type ipconfig and press enter; it will show IP address of users’
machine as below.
IP address is : 192.168.43.194

Setup Support
Servers 97
 Information Security 2. Create one folder on any drive which you want to share through FTP
Administration
Example: Create folder name (FTP_Folder) on desktop having files
which is going to be share
NOTES
Step 1: Right click on desktop, Click on New, then Folder

Step 2: Rename the folder (FTP_Folder).

Step 3: Copy and Paste the files (content) which you wish to share in
this folder (FTP_Folder)

Setup Support
98 Servers
3. Enable FTP Server Information Security
Administration
Step 1 and 2: Click on Start and Control Panel

NOTES

Step 3: Select Programs and Features

Step 4: Click on Turn Windows Features on or off

Setup Support
Servers 99
 Information Security Step 5: Enable Internet Information Services and click on + to expand
Administration it.

NOTES

Step 6: Enable FTP Server, then click on + to expand it and enable

FTP Services.

Finally: Click on OK and wait to enable FTP services on your machine.

Setup Support
100 Servers
4. Configure IIS Manager Information Security
Administration
Step 1: Click on Start. Type IIS in text area, it will show Internet
Information Services (IIS) Manager. Click on it to open.
NOTES

Step 2: Click on machine name (SHABNAM_PC), Right click on Sites

and select Add FTP Sites.

Step 3: Type FTP site name ( like : MyFTP), Click on brows to select
Physical path of the folder which you wish to share through FTP and
click on OK.

Setup Support
Servers 101
 Information Security
Administration

NOTES

Step 4: Click on Next.

Step 5: Type IP Address of your machine, type Port number 21 and

click on No SSL (Because we don’t have SSL certificate. Click on
Next.

Setup Support
102 Servers
 Step 6: Click on Basic, Select Specified users from dropdown list, type Information Security
user name of your machine, Assign Permission (Read /Write). Click Administration
on Finish.
NOTES

Finally : It will create FTP site (MyFTP) on your machine

5. Open and share FTP folder

Step 1: Type ftp://IP Address like (ftp://192.168.43.194), Type user
name and password and sign in.

Setup Support
Servers 103
 Information Security Finally: It will show the shared file content of the FTP_Folder
Administration

NOTES

7.6 MANAGE AND SECURE A FTP SERVER

• Disable Standard FTP: FTP lacks privacy and integrity and makes it easy
for a hacker to gain access and capture or modify your data while it’s in
transit. It is suggest, you should disable it after file transmission.
• Use Strong Encryption and Hashing: Use stronger ciphers like AES or
TDES. The cipher is a complex algorithm that takes the original data and
along with the key, produces the encrypted data to transmit.
• Implement IP Blacklists and Whitelists: An IP blacklist denies a range of
IP addresses from accessing the system; another method is to whitelist
only specified IP addresses to access the system, such as your trading
partners. The difficulty is that this only works well if the trading partner
uses fixed IPs.
• Utilize Good Account Management: Do not allow the anonymous users
or shared accounts. Set some rules, like account user names should be at
least 7 characters in length and accounts should be automatically disabled
after 6 login failures or 90 days of inactivity.
• Use Strong Passwords: Passwords should be at least 7 characters in
length, contain both numeric and alphanumeric characters, and include
at least one special character.
• Controlled Administration: Administration of your server should be
tightly controlled. Restrict admin duties to a limited number of users and
require them to use multi-factor authentication. Don’t use common admin
user IDs like “root” or “admin” – that’s the first thing a hacker will try.

Setup Support
104 Servers
 Information Security
Administration
7.7 SETUP OF BOOT SERVER
NOTES
The boot server is used for diskless computers booting process. PXE boot
server (Preboot eXecution Environment or Pre-Execution Environment) is a
combination of a DHCP server and TFTP server. It responds requests from
diskless stations over network, allocates IP addresses via DHCP for them, pushes
necessary data to these stations so that they can boot on LAN even without a
hard disk.

How to configure windows PXE boot server

Power on -> BIOS -> PXE stack built-in the NIC (Network Information
Center)-> NBP (Network Boot Program) downloading from server to client's
RAM by TFTP-> NBP's responsibility to perform the next step (a.k.a. 2nd stage
boot).

Benefits of PXE boot server

• Reduce initial capital and implementation costs.
• Reduce power and cooling requirements.
• Reduce complexity and risk.
• Accelerate deployments, upgrades, and server repurposing.
• Implement enhanced Disaster Recovery solutions.

Installation of diskless boot Window 7 with CCBoot

iSCSI boot technology can be used to diskless boot Windows 7 for
computers without local hard, so it's also known as diskless boot. As a Windows
based iSCSI boot software, CCBoot is compatible with windows 7 LAN boot,
and support install windows 7 over network.
The process of diskless boot Window 7 with CCBoot is as bellow. Let we
see this step by step.
1 Install and Initialize iSCSI Boot Server with CCBoot.
2 Upload Win7 System Image for iSCSI Booting.
3 iSCSI Boot Windows 7 on LAN.

1. Check IP address of your machine

Step 1: Download iSCSI boot software - CCBoot server installation
package from -http://www.ccboot.com/download.htm.

Setup Support
Servers 105
 Information Security Step 2: Double click on ccbootsetup.exe and click on next button to
Administration run.

NOTES

Step 3: CCBoot uses the following ports - 67 (DHCP), 69 (TFTP),

3260 (iSCSI), 1000 (Image Upload), 8001 (Service Control). Please
open these ports on the server firewall to make sure client PC can
diskless boot successfully. Since CCBoot v2.1, you also need to open
port 66. V2.1 uses port 66 as DHCP backup. To make sure client PCs
can diskless boot well, please shut down the other DHCP services on
the LAN especially the DHCP service in the router.

Setup Support
106 Servers
Step 4: Open the iSCSI boot software - CCBoot, "Options"->"Options Information Security
Wizard" and configure step by step as bellow: Administration

Server IP: 192.168.1.10

NOTES
Gateway: 192.168.1.1
DNS Address: 192.168.1.1
IP Mask: 255.255.255.0
DHCP Range: 192.168.1.101-192.168.1.254
Press "Scan DHCP" to check if there are other DHCP services on the
LAN. If yes, shut them down so that client PC can get IP address from
CCBoot DHCP and then diskless boot Windows 7

Step 5: Set Server IP Address same as DHCP Server IP (as same as

Step 4), Set Write-back File Path as you want which is used to store
the diskless booted clients. Set Image Save Path as you want which is
used to store the iSCSI boot images.

Setup Support
Servers 107
 Information Security Step 6: Keep default values as it is in Server Cache Settings and click
Administration on Next.

NOTES

2. Upload Win7 System Image for iSCSI Booting.

To diskless boot Win 7, we need to create a system image for Win7
and save it on the CCBoot server.
• Choose one client PC as master PC used for uploading iSCSI
boot image. Attach a hard disk on the PC.
• Delete all partitions first. Allocate a small MBR partition about
40G size and leave the rest unallocated. Format the 40G partition
with NTFS. Install Window 7 into this partition.
• Install only NIC driver, chips driver and other low level drivers
on this master PC.
Step 1: Open the local area connection network, Select Internet
Protocol (TCP/IP) and click Properties. Select Obtain an IP address
automatically and Obtain DNS server address automatically, then click
"OK" to save.

Setup Support
108 Servers
Step 2: On the CCBoot server you will find a client , that was added Information Security
by CCBoot automatically when the client PC got IP address from the Administration
CCBoot DHCP service. Double click the client (PC101) to edit and
check both "Enable Upload Image" and "Keep Write-back File" NOTES

Step 3: Enable Upload Image and Keep Write-back File. Click on Save
button, it will ask you "Are you sure to delete write-back file?" Just
press "No".

Step 4: Download CCBoot client installation package from:

http://www.ccboot.com/download.htm. Open ccbootsetupclient.exe
and keep press the next button to the end. Then launch CCBoot client
and you will see the main interface as bellow. Press the Install CCBoot
Client button. After finished, it will require reboot system. Reboot the
client PC.

Setup Support
Servers 109
 Information Security Step 5: After reboot, Open CCBootClient again, input the correct
Administration "Server IP address", it should be the IP address of the PC on which
CCBoot server has been located. Input the Image File Name as you
NOTES wish. Press the Upload Image button to upload the image to the
CCBoot server. Then CCBoot will create an iSCSI boot image in the
server Image Save Path.

3. iSCSI Boot Windows 7 on LAN

Step 1: On CCBoot server, double click PC101, to open the master
PC’s properties dialog box, uncheck Enable Upload Image and Keep
Write-back File.

Step 2: Remove the HDD from the master PC, set it firstly boot from
LAN (or network, PXE rom, or some similar settings) in BIOS settings
so that it will start diskless boot.
Step 3: The first time diskless booting the master PC, you can modify
its computer name as PC101 and press enter key to boot it.

Setup Support
110 Servers
 Note: the first time you diskless boot Windows 7, you will get a startup Information Security
list just like has not shut down computer normally. That’s just because Administration
we uploaded the iSCSI boot image during Win 7 is running. Bellow is
how to prevent from this situation for future booting. NOTES
1) Select "Start Windows 7 Normally" to boot.
2) When this client PC diskless boot OK, shut it down. On the
CCBoot server, press "Save to Image" in this client's properties.
Now, clients can diskless boot Windows 7 from this image normally.
Step 4: On CCBoot server, "Options" -> "Settings" -> "Default Client
Settings" -> "Disk Group" -> press the ">>" button, select
"Win7.vmdk" as the default boot image in "System Image Selection"
section.
Step 5: Do the same as Step 2 and Step 3 for other diskless PCs with
the same specifications as the master PC to diskless boot Win7 for
them.

7.8 MANAGE AND SECURE A BOOT SERVER

Secure Boot is a security standard developed by a members of the PC

industry to help make sure that your PC boots using only software that is trusted
by the PC manufacturer. It is supported on modern versions of Windows, it
requires Windows 8.0 or higher. When the PC starts, the firmware checks the
signature If the signatures are good, the PC boots, and the firmware gives control
to the operating system.

Enable Secure Boot step by step

Step 1: Access the BIOS Setup Utility menus - Boot into the system
settings by powering on the system and using the manufacturer’s
method for accessing the system settings. On an HP device, this is
often F10 and for a Dell it is F2.
Step 2: On the Main Menu screen, select Security and press Enter.
Step 3: On the Security Settings screen, select Secure Boot and press
Enter.
Step 4: On the Secure Boot screen, select Secure Boot and press Enter.
Do one of the following:
• Select Enabled to enable UEFI Secure Boot. Continue with the
next step to manage policy variables.
• Select Disabled to disable UEFI Secure Boot. Continue with Step
6 to save changes and exit from the BIOS Setup Utility. Setup Support
Servers 111
 Information Security When enabled, Secure Boot allows you to manage Secure Boot policy
Administration variables.
Step 5: To manage Secure Boot policy variables, select Key
NOTES Management and press Enter.
The Key Management screen provides options to provision factory default
Secure Boot keys or to enroll an Extensible Firmware Interface (EFI) image.
• To provision factory default keys –
• Select Enabled to allow the provisioning of factory default Secure
Boot keys when the system is in Setup Mode. When enabled, you
can select Install Factory Default Keys to force the system to User
Mode and install all the factory default Secure Boot keys.
• Select Disabled to disable the provisioning of factory default
Secure Boot keys. When disabled, you can select Delete all
Secure Boot Variables to remove all Secure Boot keys from the
system. Selecting this option also resets the system to Setup
Mode.
• To enroll an EFI image –
• If you want to enroll an EFI image, select Enroll Efi Image and
press Enter
a) On the Select a File System screen, Scroll through the list and
select the file system that contains the EFI file and press Enter.
b) On the Select File screen, scroll through the list and select the
EFI file (or another available file) and press Enter.
c) On the next Select File screen, scroll through the list and select
the image file that you want to run in Secure Boot mode and press
Enter.
d) To save all Secure Boot policy variables, select Save all Secure
Boot variables and press Enter.
e) On the Select a File System screen, select a file system where
you want to save the EFI file and press Enter. The Secure Boot
policy variables are saved to the root folder in the target file
system.
Step 6: Press the F10 key to save the changes and exit the BIOS Setup
Utility.

Setup Support
112 Servers
 Information Security
Administration
7.9 SETUP DNS SERVER
NOTES
The Domain Name System (DNS) is one of the largest databases in the
world, DNS servers converts domain names into their corresponding numerical
IP addresses, which is responsible for the smooth communication of computers
within network to locate websites on the Internet. DNS servers are divided into
public and private. Public DNS servers are run by Internet Service Providers.
The private DNS servers are highly recommended for private home network
which includes more than few computers. With a DNS Server set up for your
private home network you can centralize the management of host information
and track the host file for every client in your network. Let us see step by step
DNS server setup as follows.
Note: You can go to Control Panel, Click Network and Internet > Network
and Sharing Center > Change adapter settings. OR you can follow Step 1 and 2.
Step 1: Click on start, Type run in text area and press enter key.

Step 2: Type ncpa.cpl in text area and click on OK. It will open
network connections window.

Note: You can go to Control Panel, Click Network and Internet >
Network and Sharing Center > Change adapter settings.
Step 3: Select the connection for which you want to configure DNS.
For example:
• To change the settings for an Ethernet Connection, right-click the
Ethernet interface and select Properties. Setup Support
Servers 113
 Information Security • To change the settings for a Broadband Connection, right-click
Administration the Broadband interface and select Properties.

NOTES

Step 4: Select the Networking tab. selects Internet Protocol Version 4

(TCP/IPv4) and then click Properties.

Step 5: Select Use the following DNS server addresses. Type Preferred
DNS server or Alternate DNS server, and then click on OK
The Google Public DNS IP addresses (IPv4) are as follows:
• 8.8.8.8
• 8.8.4.4
You can use either address as your primary or secondary DNS server.

Setup Support Step 6: Test that your setup is working correctly.

114 Servers
 Information Security
Administration

NOTES

7.10 MANAGE AND SECURE A DNS SERVER

DNS server is a preferred target of hackers, which can lead to security

problems. Here are some of the most effective ways to lock down DNS servers.
• Use DNS forwarders: A DNS forwarder is a DNS server that performs
DNS queries on behalf of another DNS server. Another benefit of using
a DNS forwarder is that it prevents the DNS server forwarding the
requests from interacting with Internet DNS servers.
• Use caching-only DNS servers: Using your own caching-only DNS
servers as forwarders improves security because you don't have to depend
on your ISP's DNS servers as forwarders when you're unsure of the
security configuration of your ISP's DNS servers.
• Use DNS resolvers: DNS resolver is a DNS server that is dedicated to
resolving Internet host names. You can make the DNS resolver available
to only your internal users, you can make it available only to your
external users to provide a secure alternative to using a DNS server
outside of your administrative control, or you can allow both internal and
external users access to the DNS resolver.
• Protect DNS from cache pollution: DNS cache pollution is an
increasingly common problem. If the DNS server cache is "polluted" with
bogus DNS entries, users can subsequently be forwarded to malicious
Web sites instead of the sites they intended to visit. Most DNS servers Setup Support
can be configured to prevent cache pollution. Servers 115
 Information Security • Use firewalls to control DNS access: Firewalls can be used to gain access
Administration control over who can connect to your DNS servers. Configure firewalls
to block connections from external hosts.
NOTES • Set access controls on DNS registry entries: On Windows-based DNS
servers, you should configure access controls on the DNS server-related
Registry settings so that only the accounts that require access to them are
allowed to read or change those Registry settings.
• Set access control on DNS file system entries: On Windows-based DNS
servers, you should configure access controls on the DNS server-related
file system entries so that only the accounts that require access to them
are allowed to read or change those files.

Sum Up
A server is a computer that provides functionality to the other computers
on a local area network (LAN) or a wide area network (WAN) over the Internet.
Many types of servers exist; including mail servers, file servers, boot server, DNS
server. Each type of server runs specific software. In this Unit, an attempt has
been made to explain an installation process of these servers. It is hoped that all
my students can understand it better.

Questions
Q1. What is Mail server? Describe its working.
Q2. Describe the Boot server installation process.
Q3. What is FTP server? Illustrate its needs.
Q4. Describe the use of DNS server.

MCQ’s
Q1. By default FTP uses ___ and ____ port number for their services.
a. 80 and 90 b. 80 and 21
c. 21 and 20 d. 20 and 80

Q2. A ____ is a server that receives and delivers e-mail over a network
a. Mail server b. DNS server
c. Boot server d. FTP server

Q3. ______ converts domain names into their corresponding numerical IP

addresses
a. Mail server b. Boot server
c. DNS server d. FTP server
Answer:
Setup Support
116 Servers Q1.→b Q2.→a Q3.→c
Work Assignment Information Security
Administration
A1. Practice Mail server, Boot server and DNS server setup.
A2. Make a DEMO folder on your pc and share it in LAN.
NOTES

Keywords
• DNS: Domain Name System
• IIS Manager: Internet Information Service Manager
• FTP: File Transfer Protocol
• SMTP : Simple Mail Transfer Protocol
• SSL certificate : Secured Socket Layer certificate
• TCP : Transmission Control Protocol

References for further reading

https://www.tutorialspoint.com
https://www.ccboot.com/boot-windows-7.htm
https://docs.oracle.com/cd/E72463_01/html/E72474/grifw.html

*****

Setup Support
Servers 117