should I set for Router to make Windows XP Remote Desktop work?
What is DHCP (Dynamic Host Configuration Protocol)?
is Dynamic IP Address?
is Fixed IP Address?
is TCP (Transmission Control Protocol)?
is IP (Internet Protocol)?
is ICMP Protocol and ping?
is MAC Address?
is UDP Protocol (User Datagram Protocol)?
is Subnet Mask?
is DNS (Domain Name Server)?
is default gateway?
is NAT (Network Address Translation)?
What is Firewall?
are Hacker and Cracker?
is DoS (Denial of Service Attack)?
is IP Spoofing?
is Packet Filtering?
is Load Balancing?
is Mapped IP?
is Virtual Server?
server can be installed in DMZ?
I already have an Ethernet connected by a router to Internet,
how to test another new
already have a PC connected to an ADSL Modem to Internet,
how to insert a broadband
router between PC and ADSL modem?
to use ping command?
do I know my IP address in Windows?
should I set for Router to make Windows XP Remote Desktop work?
Remote Desktop, you just need to setup PC in Virtual Server port
3389. (Example setting
on your XP, you must setup your accounts password and enable
Remote Desktop Control function from system Remote tag.
What is DHCP (Dynamic Host Configuration Protocol)?
is Dynamic Host Configuration Protocol, which is a protocol that
lets network administrators manage and allocate Internet Protocol
(IP) addresses in a network. Every computer has to have an IP
address in order to communicate with each other in a TCP/IP based
network. Without DHCP, each computer must be entered in manually the
IP address. DHCP enables the network administrators to assign the IP
from a central location and each computer receives an IP address
upon plugged with the Ethernet cable everywhere on the network.
a computer with no fixed IP address starts up, it asks the DHCP
server for a temporary IP address.
The DHCP server allocates an IP address, which falls within
the same sub-network as the DHCP server and does not conflict with
other computers on the network, to the client.
What is Dynamic IP Address?
IP address that is assigned automatically to a client station in a
TCP/IP network by a DHCP server.
What is Fixed IP Address?
IP address that is fixed assigned by the network administrator.
the IP address is officially registered and managed on the internet,
we call it public IP address. Everybody on the internet can reach
you by public IP address.
the IP address is not officially registered and managed only inside
your network, we call it private IP address. Nobody can reach you
through your own private IP address, because only you know its
address and not managed on the internet. There are three IP address
blocks that have been assigned as private IP address space.
What is TCP/IP?
is Transmission Control Protocol/ Internet Protocol. The basic
communication language or protocol of the Internet. It can also be
used as a communications protocol in a private network, i.e.
intranet or internet. When you set up with direct access to the
Internet, your computer is provided with a copy of the TCP/IP
program just as every other computer that you may send messages to
or get information from also has a copy of TCP/IP.
What is TCP (Transmission Control Protocol)?
is a connection-oriented protocol it establishes a logical
connection between two computers.
Before transferring data, the two computers exchange control
messages to make sure a connection has been established, this
process is called handshaking.
TCP sets up control functions in the Flag field of the
Compared to UDP, TCP is a very reliable protocol, and uses
PAR (Positive Acknowledgment with Re-transmission) to guarantee that
data from one host computer can reach the other host computer safely
What is IP (Internet Protocol)?
stands for Internet Protocol. IP address uniquely identifies a host
computer connected to the Internet from other Internet hosts, for
the purposes of communication through the transfer of packets.
IP has following features:
Defining data packet structure, packet is the basic unit of data
Addressing data packets.
Moving data between Network layer and Transport layer.
Routing packets from the sender to the destination network.
Breaking messages into packets and reassembling the packets into
the original message.
What is ICMP Protocol and ping?
stands for Internet Control Message Protocol, it is a Network
layer of Internet protocol that reports errors and provides other
information relevant to IP packet processing. ICMP sends the
following messages: Flow Control, Destination Unreachable,
Redirecting Routes and Echo Message. For example, the UNIX command
Ping is based on ICMP to test whether a particular computer is
connected to the Internet.
What is MAC Address?
network interface card has a unique six bytes long identification
number that has been assigned in the factory.
When a data packet arrives, the network card matches the
destination address on the data packet with its own MAC address to
decide whether to receive or discard the packet.
What is UDP Protocol (User Datagram Protocol)?
Datagram Protocol is a transport layer protocol in the TCP/IP
UDP uses application program to pack user data into packets,
and IP transfer these packets into their destination.
Under UDP, applications can exchange messages with least
UDP is an unreliable, connectionless protocol.
Unreliable means that this protocol has no specification to
exchange datagram with guaranteed delivery, but it does transfer
data correctly over network.
UDP used source port, and destination port, in the message
header to transfer message to the right application.
What is Subnet Mask?
method used for splitting IP networks into a series of sub-groups,
or subnets. The mask is a binary pattern that is matched up with the
IP address to turn part of the host ID address field into a field
Mask is used to segment a network into 2, 4, 8, etc sub-networks.
For example, take a Class B network with network number
172.16.0.0 and subnet mask 255.255.244.0. The first two numbers
represents network number after segmentation.
The first 3 bits of the third number is the Subnet Number.
There are 2^3= 8 sub networks. The remaining five bits plus
the eight bits of fourth number, thirteen bits in total, are the
networks addresses available for each sub-network. Each sub-network
can have 2^13=8192 networks addresses.
What is DNS (Domain Name Server)?
Domain Name Server (DNS) services all request from other TCP/IP
clients, routers or other servers to resolve a domain name into IP
address or vice versa. For example, if you type www.yahoo.com
in URL address line, it needs a DNS server to resolve into IP
address like 184.108.40.206.
What is default gateway?
TCP/IP node needs to know who is the next to send IP packet, if it
has no information where to send that packet, then there is an
assigned IP address who will transfer your packet to the proper
receiver. That assigned IP address is the default gateway of this
node. For example, if all workstations, servers and routers
connected on the same Ethernet, all the stations Ethernet LAN IP
address are in the same network (ex: 192.168.1.xxx), there is no
problem to send from 192.168.1.111 to 192.168.1.222. If there is a
request to send from 192.168.1.111 to 220.127.116.11 which is not the
IP address in the same Ethernet, then there is a router required to
route it to Internet. The router (192.168.1.1) is the default
gateway of all nodes in this Ethernet network.
What is NAT (Network Address Translation)?
is the translation of IP addresses between internal or private
networks and the public IP addresses on the Internet. There are
three IP address blocks that have been assigned as private IP
Class A block:
Class B block:
Class C block:
the NAT mechanism, an enterprises internal networks can use any
IP addresses that fall in the three private spaces. Note that,
private IP addresses cannot pass through routers directly to their
destinations, so there is a network address translation from private
IP to public IP required. This NAT mechanism is a natural firewall
of the LAN users.
What is Router?
two networks, there is a router required to let them communicate to
each other. These two network are in two different addresses. For
example, network 192.168.1.xxx and 192.168.2.xxx are two different
networks. LAN and WAN are two different networks, too. To
communicate between LAN and WAN, there is a broadband router
required. The modern broadband router is not only routing data
packet, it is usually added with many functions like DHCP Server,
NAT, Firewall, Security control as well as many application
What is Firewall?
firewall has three basic functions:
data to enter at a control point.
2.Restrict data to flow out at a control point.
3.Keep attackers away from servers.
standard interfaces are
(WAN) network also known as Un-trusted Network
2.Internal (LAN) network also known as Trusted Network
3.DMZ network also known as De-Militarized Network
Add-on values of firewall are:
to provide company with enough IP addresses.
the risk of exposing server to the outside world.
3.Record Internet usages effectively
4.Alarm the administrator to take emergency step in a timely fashion
5.Encrypt sensitive data to transfer them safely across internet
Firewall has following restriction:
block hackers attacks from inside.
2.Cant monitor connection that doesnt pass through firewall
3.Cant prevent new type of threats.
prevent viruss attacks.
What are Hacker and Cracker?
are those smart and aggressive programmers who actually initiate the
recent computer revolution. These programmers are crazy about
exploring new technology to solve problems and create new
Their objectives are to construct solid networks and not to
destroy other computer systems.
on the other hand are programmers who attack private networks, but
dont steal or destroy data. Phrackers are people who use stolen data to enter computer
systems illegally to make damage.
What is DoS (Denial of Service Attack)?
attacks disables the servers abilities to serve, makes system
connections impossible, and prevents system from providing services
to any legal or illegal users. In other word, DoSs objective is
to kick the server under attacked out of the network.
are four known types of DoS attacks:
Consumption: Attackers use wider bandwidth to flood victims
bandwidth with garbage data. For example, using a T1 (1.511Mbps)
leased line to attack 56k or 128k leased line, or using several
56k sites to stuff a T3 (45Mbps).
Resource Exhaustion: This attack exhausts the victims systems
resources, such as CPU usage, memory, file system quota or other
The attack can bring down the system or slow down the
program: Attackers use programs to generate exception condition
that cant be handled by applications, systems, or embedded
hardware to cause system failure.
In many occasions, attackers send weird (system can not
identify) packet to targeted systems to cause core dumps and
attacker issue commands that has privileges to destroy the
systems in the mean time.
Router and DNS attacks: Attacker alter routing table and cause
legal requests to servers be rejected. This kind of attack
redirects user requests to an enterprises DNS to specific
addresses or black holes, usually un-existing addresses.
What is IP Spoofing?
packets sent is from a fake source address. If the
firewalls policy does not restrict these packets from passing
through, they could be used to attack internal servers easily.
What is Packet Filtering?
Filters check the headers of IP, TCP and ICMP packets to gather
information, such as sources addresses, source ports, destination
addresses, and destination ports.
It also checks the relationships between packets to decide
whether a packet is for normal connection. In this way, attacks can
be detected and blocked.
What is DMZ?
is the network between the firewalls external interface and
routers. DMZs network number is allocated by ISPs. For example,
when the network number an ISP provides is 18.104.22.168 and subnet
mask is 255.255.255.240. Machines inside DMZ can have IP addresses ranged from
22.214.171.124 to 126.96.36.199, sixteen different IP addresses.
However, only thirteen of the sixteen IP addresses ranged from
188.8.131.52 to 184.108.40.206 are useable. 128 is the network
number, 143 is the Broadcasting Address, and 142 is used by router.
Because DMZ is located at the outside of a firewall and is
not protected by firewall, it is considered to be insecure. To fix the loophole, more firewall products provide a
dedicate DMZ interface to provide protection for DMZ connections.
In the previous example, the system manager segments the
network into two sub-networks, 220.127.116.11/29 and
18.104.22.168/29 respectively. Since the routes IP is 22.214.171.124, the external
interfaces IP must be one of 126.96.36.199/29, and DMZ
interfaces IP must belong to 188.8.131.52/29. As the following
What is Load Balancing?
Balancing is a function that Virtual Servers provide.
It allows a Virtual Server to be mapped to more than one
physical server, which provide the specific service at the same
When a Virtual Server receives data packets, it forwards the
packet to the first physical server, and the next packet to the next
The INTERNET FIREWALL uses Least Connection for load
Connection: Because each physical server has different processing
speeds, Least Connection forwards data packets to the physical
server with the least number of connections at that time. In this
way, each packet can have the least waiting time, and the number of
packets a server receives is proportional to its processing
What is Mapped IP?
Mapped IP and Virtual Server use IP mapping mechanism to allow
outside users access internal servers through the firewall.
They are different in following ways:
Server has Load balance feature, and Mapped IP has not.
Server has a one-to-many mapping relationship to physical
servers and Mapped IP is mapped to physical servers in
one-to-one fashion. A virtual server can be mapped to only one
service, such as SMTP, HTTP or FTP. A Mapped IP can be mapped to
all services provided by a physical server.
What is Service?
protocol and UDP protocol provided different services. Each service
has a TCP port number and a UDP port number, such as TELNET(23),
FTP(21), SMTP(25), POP3(110), etc. This system supports two kinds of
services: standard services and user defined services. The most
popular TCP and UDP services are already defined in standard
services table, and can not be modified or deleted. Users can setup
their own services with proper TCP and UDP port numbers if
necessary. When setting up a user defined service, the clients
port number range is 1024:65535, and servers is 0:1023.
What is Virtual Server?
router separates an enterprises Intranet and Internet into
internal networks and external networks respectively. Generally
speaking, in order to allocate enough IP addresses for all
computers, an enterprise assigns each computer a private IP address,
and converts it into a real IP address through the firewalls NAT
(Network Address Translation) function. If a server is located in
the internal network, outside users cant directly connect to it
by specifying the servers private IP address. First, we set the
real IP address of an external network interface to the actual IP
address of a Virtual Server. Through IP translation of the Virtual
Server, outside users can access the servers of the internal
Which server can be installed in DMZ?
Internet router provides three Interface Ports to divide the
enterprises networks into internal networks, external networks,
and DMZ. The internal networks use private IP addresses, which
routers cant transfer. Therefore servers IP address needs to
be a real IP address instead of a private one. External Internet
users cant connect to any server with private IP address in the
internal networks directly. DMZ employs real IP addresses. By
setting the permission in DMZ policies to allow packets to flow
through, servers inside DMZ can exchange packet with any Internet IP
address. There is no restriction about which kind of server is
used in DMZ.
What is Throughput?
amount of data transferred successfully from one point to another in
a given period of time.
For Ethernet CSMA/CD protocol, the protocol overhead as follows:
There is a minimum Frame Gap between packets: 96 Bit Time
There is a Preamble required: 64 Bit Time
There is a CRC required: 32 Bit Time
So, for transmitting 60-byte packet, the overhead is (12 + 8 + 4) /
(12 + 8 + 60 + 4) = 28.57 %
transmission 1,024-byte packet, the overhead is (12 + 8 + 4) / (12 +
8 + 1024 + 4) = 2.29 %
transmission 1,514-byte packet, the overhead is (12 + 8 + 4) / (12 +
8 + 1514 + 4) = 1.56 %
means physically for 100Mbps, transmission 1K bytes packet
throughput maximum is 97.71Mbps.
But considering the other interface overhead between hardware bus,
software driver, lower to upper layer protocols and other factors,
the Fast Ethernet throughput maybe up to 80 to 90 Mbps is the
sealing of the number.
If I already have an Ethernet connected by a router to Internet, how
to test another new router?
router is usually shipped from factory with:
port set as automatically get dynamic IP address from a DHCP server.
2.LAN port set as DHCP server enabled to assign IP addresses to
just need to connect WAN port to the existing Ethernet and check if
WAN LED light correctly.
Then connect a Windows PC (automatically get IP address) to the LAN
port of router and check LAN LED light.
It is almost plug and play, then you may browse Internet from PC
There is one thing maybe need to be verified, the router LAN IP
address cannot be the same as the other router.
I already have a PC connected to an ADSL Modem to Internet, how to
insert a broadband
router between PC and ADSL modem?
set hardware as follows:
Modem LAN port connects to the router WAN port and check if WAN LED
2.PC LAN port connects to the router LAN port and check if LAN LED
set software as follows:
PC Windows to get IP address automatically from router.
(Ex: Router IP is 192.168.1.1; PC IP address is
2.Open PCs Web browser to URL address of Router IP address
3.Login with default administrator password, it is usually
admin for most routers.
4.Setup WAN connection with your ADSL account/password
(PPPoE or PPTP depends on what your ISP supplied).
5.Save WAN settings and reboot the router to make it active.
is one thing need to be noticed, if your ISP does not supply DNS
server setting automatically, you may enter DNS server manually.
Most of the case is that you can ping to Internet by IP address, but
can not use domain name for browsing.
How to use ping command?
is very easy to make sure Internet connection by ping command.
Windows DOS prompt, jut type ping and its options then press enter
to get result message of ping.
2.For example, if your PC
connected to a router with IP address 192.168.1.1, after you type
C:>ping 192.168.1.1 you get reply from that IP address, that
means your PC is connected to the router.
3.For example, if you type
C:>ping 184.108.40.206 you get reply from 220.127.116.11, that means
your PC is routed through router to the 18.104.22.168 web server.
4.If you type C:>ping www.yahoo.com
then you get reply from 22.214.171.124, that means your PC set up with
working DNS server. If you can not get reply that means your DNS
maybe not setup correctly.
5.Other ping command options as
follows: (please type ping /? To see detail)
ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r
count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout]
How do I know my IP address in Windows?
are different ways to know your IP address:
XP: Click Start -> Setting -> Network,
double click LAN Card Connection-> Support.
2.Windows 2000, open DOS Prompt, type command ipconfig
3.Window 98/Me, Click Start -> Run -> type
Technologies, Inc. is a dedicated data communication and networking
company. With professional experiences in design, production,
marketing and service support, we deliver the full range networking
products including Gigabit Ethernet, Fiber Optic, Wireless LAN,
Switches, Hubs, LAN cards, PCMCIA adapters, Converter, Transceivers.
As well as Internet Telephony Gateway, Print Servers, Broadband Router
and many others.
EUSSO Technologies, Inc. 2003