294 Chapter 5 • Working with System Tools ; After Disk Cleanup has run it is advised to consecutively run the Disk Defragmenter, which will not only defragment the volumes, but also keep free space defragmentation under control. Note that free space fragmentation speeds up file fragmentation. Of course, you can only run Disk Cleanup if you have Administrator rights. Transferring Files and Settings between Computers ; The Files And Settings Transfer Wizard allows you to migrate files and settings from any Windows system to a Windows XP system.The advantage of this System tool is not so much in the transfer of files, which can also be achieved by the Backup Utility, but the fact that (nearly) all personal settings can be reinstated on the Windows XP system, which saves a lot of time and annoyance. ; This wizard consists out of a Sender and a Recipient part.The Sender can make the transfer to a file on a networked storage that is accessible by both sender and recipient or removable medium.At a later point, the Recipient can retrieve this information. It is also possible to let the Sender and Recipient directly communicate with each other by means of a serial cable or local network. In this case, the transferred files are only temporarily stored for transfer. ; Among the settings that can be transferred (migrated) are Internet Explorer settings, Outlook Express settings, network printers and drives, dial-up connections, regional settings, and Microsoft Office settings. Because the wizard allows the custom tuning of files and settings that need to be transferred, it is possible to only transfer the files and settings that are needed or desired. For example, a customized transfer could select all MPG files to be transferred, but the AVI files will not be moved to the Windows XP system. ; You can also use the Files And Settings Transfer Wizard to quickly configure new systems.This is done by first creating a Windows XP system that contains all the correct settings and shared data.This system can be the template for other files.This saves a lot of time because individual systems do not need to be separately configured. Using backups or ghost images to copy files and settings may not only be in conflict with license agreements, but may also interfere with the Windows Product Activation (WPA). www.syngress.com 189_XP_05.qxd 11/9/01 2:35 PM Page 294 Working with System Tools • Chapter 5 295 Scheduling Tasks ; The Task Scheduler and Scheduled Tasks Explorer make it possible to periodically run applications/tools without an administrator or user with administrator rights to intervene.The requirement is that theses applications/ tools are automated and can run unattended, thus not requiring user interaction. Often batch scripts are created that contain one or more command-line version of existing tools. ; Perhaps the biggest advantage is not so much the fact that an administrator does not need to be around to start these applications, but that they can be started at a time of day the system is not in use, thereby not interfering with the regular use of the system.The Task Scheduler is even so flexible that you can configure it in a way that the execution of a scheduled job is postponed if the system is still actively used by another application. ; Windows XP also has a command-line version of the Scheduled Task Explorer, called schtasks.exe that enables the administrator to create batch scripts that can manage existing and new scheduled tasks. ; Scheduled tasks can be remotely managed, preventing the need for an administrator to physically have access to that computer.The requirements are that the Tasks folder and the system volume of that system are made shared.Additionally, it is not possible to create new tasks on the remote system; therefore a scheduled task must first be created locally and then copied to the remote system. Backing Up Your Files ; The Backup Utility that comes with Windows XP is a full-featured tool for a standalone environment. It consists of three primary wizards: the Backup Wizard, the Restore Wizard, and the Automated System Recovery Preparation Wizard.Additionally, you can switch from Wizard Mode to Advanced Mode and back.The Wizard Mode is the Backup Or Restore Wizard that simplifies the backup and restore process even further. ; For backup purposes, you can use the Backup Utility from a Calendar approach. Besides the possibility to select the folders and files that need to be backed up during the backup job, you can also explicitly back up www.syngress.com 189_XP_05.qxd 11/9/01 2:35 PM Page 295 296 Chapter 5 • Working with System Tools the System State—consisting of the System/Boot files, COM+ Class Registration Database, and Registry. Scheduled backup jobs use the command-line application ntbackup.exe. ; The restore process is, of course, the reversed process of the backup, only the restore can be done by selecting the folders/files that need to be restored from different backup files.This is enhanced by the use of on- disk catalogs of the backup files. It is possible to restore a complete volume in one go, by selecting the last Normal (Full) backup and the subsequent Incremental backups that have been made. ; The Automated System Recovery Preparation Wizard (ASR Wizard), is a combination of the Create Emergency Recovery Disk, known from previous Windows versions, and a Normal backup of the full system. In case of a permanent system failure, it is not necessary to reinstall the system first, instead the Normal backup made by the ASR Wizard can be used restore the system back to a far more recent installation state. Additional restores can bring the system back to a point close to the moment it failed. Restoring Your System ; The System Restore tool is a new feature in Windows XP that has not been available before. Under a number of conditions, for example before the installation of an Automatic Update, software installation using Windows Installer or InstallShield, every 24-hour period or installation of a unsigned device driver, the System State, called System Restore Checkpoints, is saved. In case the system becomes instable after a system modification, the system can be rolled back to a previous State, undoing the destabilizing modifications. ; Windows XP reserves a limited amount of disk space to store these System Restore Checkpoints.These checkpoints need to be periodically removed, using Disk Cleanup. If this is not done and the system runs out of storage, Restore Checkpoints will no longer be saved, and this will also invalidate the Restore Checkpoints that where previously made. ; After the system is rolled back to a previous System Restore Checkpoint, an application that was installed after the date of the checkpoint that was restored will no longer be functioning properly. www.syngress.com 189_XP_05.qxd 11/9/01 2:35 PM Page 296 Working with System Tools • Chapter 5 297 Although System Restore leaves the application untouched, it does restore the Registry that does not contain the Registry information of that application. Q: How can I prevent disk fragmentation from happening altogether? A: Disk fragmentation can never be prevented.The good news is that you can keep it under control. However, you need an understanding of the system and the way fragmentation occurs.To help you out in limiting disk defragmenta- tion, you should follow these guidelines: If you want to install Windows XP, never upgrade your system, but make a clean install. If you have just one system, make it into a multiboot system.After installation of Windows XP, perform a Disk Cleanup and subsequent Disk Defragmenter.Then increase the pagefile and MFT Zone size, as described in this chapter. Next install the applications, and because most applications have compressed files, it will likely use a lot of temporary files, hence trigger fragmentation. If you install large applications it cannot hurt to run a Disk Cleanup and at least use Disk Defragmenter to analyze if defragmentation is needed after each installation. By placing personal data on a different volume as the system/application, you can also control increased fragmentation.And if you regularly install applica- tions for testing or curiosity purposes, do it also on a separate volume.The reason is that in all three cases different storage usage behavior can be identi- fied.And at least run a defrag on a weekly basis.And if you get tired of the limitations of Disk Defragmenter, you can always consider buying its bigger brother, Diskeeper 6. Q: What happens if a backup fails? A: Not much.That is, the Backup Utility will activate a rollback (undo) proce- dure, undoing all the changes made to the backup media, the folder/files www.syngress.com Frequently Asked Questions The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the “Ask the Author” form. 189_XP_05.qxd 11/9/01 2:35 PM Page 297 298 Chapter 5 • Working with System Tools Archive bit, on-disk catalogs and temporary files on disk. Because you will probably use volume Shadow Copy, because it is active by default, the Backup does not touch any file, except for the Archive bit.You can redo the backup as if nothing has happened. Q: What should I do if a restore of a backup file crashed halfway? Am I able to resume the restore? A: The restore does not perform a rollback, however, it can rely on a Restore Checkpoint if necessary.A Restore process that breaks is not completed The best thing to do is to perform a chkdsk on that volume; if that is the system volume, you need to schedule the chkdsk and reboot the system. If the system also was brought down by the crashing restore process, you have no choice other than rebooting and the chkdsk will run automatically. If restoring the system state was part of the restore, you should restore the System Checkpoint that was made just before the restore started. Once this is all done, you need to redo the restore and there is no simple way of deter- mining where the restore left off.You have to do the complete restore again. But because you do not know what triggered the crash, you better stay alert and present with the restore to see if things now go smoothly. It is very well possible that a corrupt backup will bring the system to its knees. If you are able to catch it, you can circumvent restoring the folder that holds this file. Q: How do I know for sure if a restoration of a System Checkpoint solves the problem? A: You don’t. Only by doing the System Checkpoint restore you can find out if the problems disappear.You have to realize that the System Checkpoint restoration only restores a limited number of files, if the problems originate from another place, you can only kill the problem by other means, like unin- stalling an application and reinstalling it again, performing a chkdsk /F,or even restoring the system from a previous backup.The “trick” of the System Restore is primarily that it restores the Registry and the COM+ Class Registration database, making the system mute for the application or driver that causes the problem.The files of the application or driver are still present, but because they are no longer part of the Registry and/or COM+ Class Registration database,Windows XP no longer knows of its existence.The use a System Restore is for the more advanced Windows users or administrators who can make the proper assessment of the problem. www.syngress.com 189_XP_05.qxd 11/9/01 2:35 PM Page 298 Windows XP Networking Solutions in this chapter: ■ Overview of Networking Technologies ■ Configuring Network Interfaces ■ Network Client and Protocol Considerations ■ Working with RAS and VPN ■ Sharing Your Internet Connection ■ Filtering and Firewalls ■ Wireless Connectivity ; Summary ; Solutions Fast Track ; Frequently Asked Questions Chapter 6 299 189_XP_06.qxd 11/12/01 9:26 AM Page 299 300 Chapter 6 • Windows XP Networking Introduction For most computer users, being able to connect to the Internet or other computers is a necessary requirement of any operating system.As the Microsoft family of operating systems has matured, so has implementation of networking capabilities of those operating systems.With the release of Windows for Workgroups 3.11, Microsoft made networking capability a fundamental element of all its operating systems, for both home and corporate use. However, the implementation of net- working capabilities in Windows for Workgroups 3.11 was somewhat primitive by today’s standards. For example, to install the TCP/IP protocol, which is necessary to communicate on the Internet, you had to manually install additional software. Thankfully, for most users, that situation no longer exists. Instead of being an adjunct or add-on to the operating system, network capability is installed as a fun- damental part of any recent Microsoft operating system, putting it on par with the parts of the operating system that make possible the operating system’s capability to communicate with storage devices such as hard drives and CD-ROMs. With Windows XP, Microsoft continues its drive to improve the integration of networking capabilities with the operating system and to provide greater func- tionality of its networking.TCP/IP, for example, is now a core component of the operating system and cannot be uninstalled. Windows XP supports a wide range of hardware devices to enable communi- cation with other computers.There is wide support for traditional network devices, such as network interface cards (NICs), and modems. For the home user, there is support for Host Phoneline Network Adaptors (HPNA), which allow people to use their existing telephone lines inside their house as a medium for computers to communicate with one another. In addition, there is support for wireless devices that allow you to use infrared or radio frequencies as media for computers to communicate with one another.Therefore, whether you are a cor- porate administrator or a home user,Windows XP should make it easier for you to set up or use an existing infrastructure to enable networking. Windows XP also provides enhancements to the functionality of its net- working capabilities. It is possible, for example, to use Windows XP as a network bridge between networks that use different kinds of devices, such as NICs and HPNAs. For connecting to the Internet,Windows XP provides a number of useful features.You will find it easy, for example, to create a connection to your Internet service provider (ISP) using Point-to-Point over Ethernet (PPPoE) pro- tocols, should you have the misfortune of having no other choice for a broad- band connection to the Internet in your area.There is also support for Internet www.syngress.com 189_XP_06.qxd 11/12/01 9:26 AM Page 300 www.syngress.com Connection Sharing (ICS), which makes it possible for multiple computers to share a single connection to the Internet through a single computer running XP. ICS has been around for a while and is familiar to many people. However, new to Windows XP is the Internet Connection Firewall (ICF).This feature provides your computer and those that may rely on it for ICS with some very good pro- tection from unwanted and potentially harmful inbound traffic from the Internet. If you have to work away from the office, you will find some very good sup- port for creating secure connections to your workplace using virtual private net- works (VPNs).VPN support in Windows XP extends to both of the popular standards for VPNs: Point to Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP).You can even configure Windows XP to allow others to dial in to your computer or to connect via infrared or Parallel cable. In this chapter, you will learn about some of the basic theory of networking that will assist you if you have to troubleshoot problems with network connec- tivity.You will also learn information that will allow you to configure the various networking components in Windows XP. Overview of Networking Technologies For the most part, installing Windows XP and getting it to communicate with the other computers on your network or the Internet will be trouble free.Windows XP can properly detect a variety of networking-capable devices, including those that use USB and IEEE 1394 (FireWire). In addition, with XP’s support for Universal Plug and Play Control Point (UPnP) applications that will make it transparently easy for clients to discover a computer running ICS, home users and administrators alike will find connecting a computer to a network a simple matter of ensuring physical connectivity and making a few appropriate mouse clicks. ICS itself has been enhanced with Network Address Translation (NAT) Traversal, which will make it possible to use more applications through ICS. Unfortunately, problems with network communications can occur in spite of (or sometimes because of) the facility with which Windows XP can detect the correct components and automatically install and configure the appropriate soft- ware.When there are problems with network communications, people often find themselves at a loss to develop an effective troubleshooting strategy to resolve the problem. In these situations, it is helpful to have some basic knowledge of the underlying theory and principles of networking technologies. In the simplest terms, the necessary conditions for any two computers to com- municate with one another are some physical medium (cable, radio frequencies, Windows XP Networking • Chapter 6 301 189_XP_06.qxd 11/12/01 9:26 AM Page 301 302 Chapter 6 • Windows XP Networking etc.) over which communication can occur, the appropriate hardware and software for the computer to send and receive signals over the communications medium, and the mutual capability for each computer to understand the other (protocols such as TCP/IP or IPX/SPX).This is analogous to what we need to communicate with one another using speech.We need a physical medium (air) by which sound can propagate, the ability to send signals (create subtle changes in air pressure) and to receive and interpret those signals (detect and convert changes in air pressure to a signal that the brain can understand), and a common language, such as English, French, and so on. In a typical network, computers will usually communicate with one another over some form of cabling (most commonly 10BaseT) using standard protocols, such as Ethernet and TCP/IP.When two computers communicate with each other, the sending computer will divide the data into frames, units of standard length and structure, and transmit them on the wire as differences in voltage using a transceiver (NIC).The receiving computer’s NIC will detect those changes in voltage, convert them to bits, and reconstruct the frames for further processing. If we have many computers sending and receiving information on the same segment, we need some way to control the communications to ensure that mes- sages intended for one computer are not delivered to the wrong computer, or that one message doesn’t get mixed up with another. For most computer net- works, that means using Ethernet as a standard for network communications. The Ethernet standards define the length and the structure of the frames that are used for network communications. Ethernet standards also define how flow www.syngress.com Ethernet Standards The Institute of Electronics and Electronics Engineers, Inc. (IEEE) estab- lishes and maintains consensus-based standards for Ethernet and other technologies, such as FireWire (IEEE 1394). The IEEE 802 designation is used to define standards for local and municipal area networks (LAN/MAN). These include standards for Ethernet networks (IEEE 802.3) and wireless networks (IEEE 802.11). For more information on IEEE 802, go to http://standards.ieee.org/getieee802/about.html. Designing & Planning… 189_XP_06.qxd 11/12/01 9:26 AM Page 302 Windows XP Networking • Chapter 6 303 control is handled to prevent data loss that could result from many computers communicating at the same time.The Ethernet IEEE 802.3 standard, for example, defines a mechanism called Carrier Sense Multiple Access with Collision Detection (CSMA/CD) to guard against data loss on 10 megabits per second (Mbps) and some 100 Mbps networks (those that use hubs rather than switches). Before the transceiver sends a signal on the wire, it listens to see if there is a carrier (signal) present. If there isn’t, it will transmit the frame. On CSMA/ CD networks, transceivers will retransmit the data if they detect a collision. In addition to defining mechanisms to deal with collisions, the IEEE 802.3 standard also defines the speeds at which networks can operate: 10 Mbps, 100 Mbps, 1 gigabit per second (Gbps), and 10 Gbps. A number of different types of frame types will be required for different types of hardware; for example,Token Ring, which will use the frame type defined by IEEE 802.5. For the TCP/IP suite of protocols, the underlying frame type is Ethernet_II, or Ethernet Type 2.The Ethernet_II frame type was in use before IEEE defined the IEEE 802.3 standard and is almost identical to it, the difference being a 2-byte field of the frame called the Type field. Both frame types can easily coexist on the same network. The frame contains the data that needs to be transmitted, and information within structured fields of a predefined length to make communication possible. Two of these structured fields are used for Media Access Control (MAC) addresses of the source and the destination network devices.The MAC address is a unique 6-byte number usually burned into the ROM of the NIC.You will often see this MAC address expressed as a 12-digit hexadecimal number. When one computer wants to establish communication with another, it will use some mechanism to discover the MAC address of the receiving computer if it is on the same physical network (if the destination computer is on a different network, the source computer will try to discover the MAC address of the router that will forward the traffic to its final destination). On a computer that uses TCP/IP, the discovery mechanism will be Address Resolution Protocol (ARP). Once the sending computer learns the MAC address of the destination on its cable segment, it can put frames on the wire containing that address.All com- puters on the segment will “hear” the frame, but they will discard it when they determine that the MAC address in the Destination field does not match theirs. Only the computer with a matching MAC address will process the frame up the protocol stack. www.syngress.com 189_XP_06.qxd 11/12/01 9:26 AM Page 303 [...]... the host and the network portions of the address For example, a subnet mask that is expressed as 255 . 255 . 255 .0 will tell TCP/IP that the first three octets are used for the network portion of the address, and the last octet is used for the host portion of the address.Therefore, given a subnet mask of 255 . 255 . 255 .0, a computer with an address of 172.16.17.2 and anopther with an address of 172.16. 25. 8 would... become standard practice to use classless address notation when referring to a TCP/IP address With classless notation, we indicate the number of contiguous bits used for the subnet mask immediately following the TCP/IP address For example, an IP address of 172.16.33.6 that uses a subnet mask of 255 . 255 .0.0 is expressed as 172.16.33.6/16 If the subnet mask were 255 . 255 . 255 .0, the address would be expressed... with a redirector that uses NCP In the next section, we look at installing Microsoft and Novell clients and configuring the protocols they use:TCP/IP and IPX/SPX www.syngress.com 189 _XP_ 06.qxd 11/12/01 9:26 AM Page 317 Windows XP Networking • Chapter 6 Configuring Microsoft and Novell Clients When you install Windows XP, the Client for Microsoft Networks is installed by default.The client is equivalent... FTP and HTTP, or messaging applications, such as SMTP www.syngress.com 3 05 189 _XP_ 06.qxd 306 11/12/01 9:26 AM Page 306 Chapter 6 • Windows XP Networking When a computer wants to send data from an application, the Application layer will add a header containing instructions to the data and send the data and the header down to the Presentation layer, which will add another header and send the data and. .. little information and don’t provide you with interfaces for installing and removing components So, where do you install and remove those components? You install the component through the Properties page of the network bridge, as Figure 6 .5 shows Figure 6 .5 Properties of the Network Bridge Object www.syngress.com 3 15 189 _XP_ 06.qxd 316 11/12/01 9:26 AM Page 316 Chapter 6 • Windows XP Networking As you... later in the chapter Figure 6.2 also shows two additional tabs, Authentication and Advanced.We examine the settings for these in more detail later in the chapter as well www.syngress.com 311 189 _XP_ 06.qxd 312 11/12/01 9:26 AM Page 312 Chapter 6 • Windows XP Networking Using Loopback Adapters Because Windows XP ,Windows 2000, and NT so closely integrate networking capability into the operating system,... “masked” by the subnet mask changes (172.16.17 and 172.16. 25) However, if we were to change the subnet mask to 255 . 255 .0.0, both computers would be seen by TCP/IP to be on the same network, because the portion of the address “masked” by the subnet mask (172.16) does not change Computers use binary numbers (0s and 1s).This is true of TCP/IP as well— computer names and dotted decimal notation are something... use to make it www.syngress.com 321 189 _XP_ 06.qxd 322 11/12/01 9:26 AM Page 322 Chapter 6 • Windows XP Networking easier to remember addresses and work with numbers.When one computer tries to communicate with another using TCP/IP, it will AND its subnet mask with its own IP address and the IP address of the remote computer ANDing is analogous to multiplication and is the process of performing a bitwise... communicate through your Windows XP computer .Windows XP, like the workstation products that preceded it, cannot be configured as a router Routing, if you remember, works at Layer 3 of the OSI model Instead, Microsoft employs a technology that works at Layer 2 of the OSI model, the Data Link layer To begin, you install and configure an HPNA device and a network adaptor in your Windows XP computer.You then... Connection, and click Properties Figure 6.8 shows the default configuration for TCP/IP on Windows XP, which is to receive IP address configuration automatically using DHCP.You can www.syngress.com 323 189 _XP_ 06.qxd 324 11/12/01 9:26 AM Page 324 Chapter 6 • Windows XP Networking override these settings for both the IP address and DNS configuration by clicking on the appropriate radio button and entering . select the folders and files that need to be backed up during the backup job, you can also explicitly back up www.syngress.com 189 _XP_ 05. qxd 11/9/01 2: 35 PM Page 2 95 296 Chapter 5 • Working with. rights. Transferring Files and Settings between Computers ; The Files And Settings Transfer Wizard allows you to migrate files and settings from any Windows system to a Windows XP system.The advantage. to www.syngress.com/solutions and click on the “Ask the Author” form. 189 _XP_ 05. qxd 11/9/01 2: 35 PM Page 297 298 Chapter 5 • Working with System Tools Archive bit, on-disk catalogs and temporary files on