Network Administration

Determining the cause of Windows server hang

Fri, 16 May 2008 12:52:48 +0000

Previously in this series, we talked about why Windows server hangs occur and how to prepare to resolve the problem using a tool called the Windows Kernel Debugger, or Windbg. In this article, we'll finish up by learning how to analyze the crash dump and fixing the issue.

Preparing to troubleshoot a hung Windows server

Fri, 16 May 2008 12:36:08 +0000

Previously in this series, we looked at some of the reasons why server hangs occur in a network. Now that you have a little background, let's look at the preparation process for resolving the problem using a tool called the Windows Kernel Debugger, or Windbg.

Windows 2003 Troubleshooting: Why do Windows servers hang?

Fri, 16 May 2008 12:24:55 +0000

Troubleshooting a hung or nonresponsive Windows server can be a challenging endeavor. Simply hitting the reset button is no longer a tolerated option as more companies use these servers for business-critical operations. This three-part series will explore the reasons why a Windows server may hang and provide a cookbook approach to diagnosing the underlying issues with the Windows Kernel Debugger (Windbg).

10 things you can do when Windows XP won't boot

Wed, 23 Apr 2008 09:17:15 +0000

When your computer hardware appears to power up okay, but the Windows XP operating system won't boot properly, you have to begin a troubleshooting expedition that includes getting into the operating system, determining the problem, and then fixing it. To help you get started on this expedition, here are 10 things you can do when Windows XP won't boot.

10 ways to benchmark your Active Directory environment

Wed, 02 Apr 2008 10:00:54 +0000

Active Directory Services is the going standard for account provisioning, basic system management, and DNS authority in most environments. But having some accountability to determine what has changed over time can be a challenge. Here are some strategies for achieving accountability in your Active Directory environment. They'll help supplement your existing strategies, give you an extra dimension for testing, and provide a strong set of data to determine what has changed when you're troubleshooting issues.

Microsoft Eschews Patch, Gives Exploit Code for IIS 5.0 Bug

Thu, 07 Jun 2007 07:48:37 +0000

Saying that an Internet Information Server exploit is due to a feature, not a flaw, Microsoft has published exploit code for the flaw but no workaround or patch.

Active Directory: Questions and Answers

Tue, 28 Nov 2006 20:49:39 +0000

What is the difference between Windows 2000 Active Directory and Windows 2003 Active Directory? Is there any difference in 2000 Group Polices and 2003 Group Polices? What is meant by ADS and ADS services in Windows 2003?

Windows 2003 Active Directory introduced a number of new security features, as well as convenience features such as the ability to rename a domain controller and even an entire domain - see Microsoft's website for more details.

Windows Server 2003 also introduced numerous changes to the default settings that can be affected by Group Policy - you can see a detailed list of each available setting and which OS is required to support it by downloading the Group Policy Settings Reference.

ADS stands for Automated Deployment Services, and is used to quickly roll out identically-configured servers in large-scale enterprise environments. You can get more information from the ADS homepage.

Four steps to secured VoIP

Tue, 21 Nov 2006 00:15:22 +0000

Securing Voice over IP (VoIP) doesn't have to be a challenge for small and medium-sized businesses (SMBs).

VoIP is basically a phone call over the Internet. It offers the same promises - and pitfalls - as the Internet. The promises are cheap and easy communication over a readily available and easy-to-use public network - the Internet. The pitfalls are the same security weaknesses of that network, which wasn't originally designed for security - or phone calls, for that matter.

Define server roles, counterattack zero-day threats

Sat, 18 Nov 2006 18:01:26 +0000

Zero-day exploits are an unsettling issue for any administrator who is concerned with security. A zero-day exploit is an exploit against a previously undiscovered and undocumented vulnerability. The problem with zero-day exploits is that you are trying to protect the system against security holes that may or may not even exist. This means that you can't just apply a security patch to prevent the vulnerability from being exploited, because no one except for the hacker who exploits the vulnerability knows about it.

Harden your network services and contain zero-day threats

Sat, 18 Nov 2006 17:58:17 +0000

We all dread the thought of zero-day threats; they arrive and you have no vaccine for them. These exploits are all too common in recent months and years. Fortunately, there are some common sense steps you can take to harden your network layer against these threats.

Eliminate zero-day threats with virtual server technology

Sat, 18 Nov 2006 17:54:30 +0000

One solution when fighting zero-day attacks is to take advantage of virtual server technology. If you have several server roles that require a minimal amount of system resources, you could consolidate those roles onto a single physical server that is hosting multiple virtual servers. Doing so provides better security than hosting all of the server roles under a common operating system (OS) because each virtual OS functions as an isolated environment.

Permitting Ping: ICMP Exceptions

Thu, 16 Nov 2006 18:42:13 +0000

When Windows Firewall first appeared in XP SP2, I started getting odd questions on email. They all went something like, "Hey, something's weird on my system now that I'm running SP2. I've got two computers, A and B. A can ping B, but B can't ping A. What's going on?" What was going on was that system A was running XP SP2 with Windows Firewall enabled by default, and system B was a Windows 2000 system without any firewalls.

Eight daily steps to a more secure network

Thu, 16 Nov 2006 18:07:04 +0000

While many companies have a 9-to-5 security staff, hackers don't punch a clock. However, your network can still remain secure in the 16 hours in-between - you just need to focus activities to provide maximum coverage for the network.

What you need to know about OSPF

Thu, 09 Nov 2006 11:36:39 +0000

As I mentioned in the "What you need to know about EIGRP" article, EIGRP and Open Shortest Path First (OSPF) are the two most popular routing protocols for today's midsize and large companies—both offer a huge breadth of features that can cover just about any routing scenario such companies would need. That article answered some common questions about EIGRP, but what about OSPF?

What you need to know about EIGRP

Thu, 09 Nov 2006 11:21:05 +0000

When it comes to internal routing protocols, the two most popular in use today at midsize and large companies are Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF). Both of these routing protocols offer a huge breadth of features that can cover just about any routing scenario that a midsize or large company would require.