Windows 2003 is Microsoft's latest server version of the operating system, arguably the Windows XP Server version upgrade, but for security issues, the same can not be ignored.
Windows 2003 is a relatively new system, not like the Windows 2000 SP 4 patches, but it's still based on IIS server component as the core, like the "Blaster" virus, etc. It can also hurt it, so it is necessary to check the upgrade regularly and patch the server system.
"Network Monitor" is from a monitoring network traffic situation to start Windows 2000 Server introduced a server component, which can be detailed to monitor the specific content of a data packet for the user Learn more about the server's data flow. Use Network Monitor to help the network administrator view network failures and detect hacker attacks.
Click "Network Monitor" in the Windows Server 2003 desktop [Start] → [Programs] → [Administrative Tools] (Be sure to ensure that the network monitor is installed before running Network Monitor, by default network The monitor is not installed as a component of 2003. You need to add "Network Monitor" in "Add/Remove Windows Components" in Control Panel to start Network Monitor.
After entering the main menu of the monitor, click the triangle (similar to [Play]) button in the toolbar to start monitoring the communication of the specified network card. Network Monitor provides network communication monitoring functions such as “Network Utilization”, “Frames Per Second”, “Bytes Per Second”, and “Broadcasts Per Second” (Figure 5). These parameters are for network troubleshooting. And network monitoring has a very important role.
Among them, "network utilization" is the ratio of the current load of the network to the maximum theoretical load. Taking shared Ethernet as an example, its maximum network utilization is only about 50%. If this value is exceeded, the network will be saturated and the network speed will be very slow. The maximum utilization of switched Ethernet (using switches) will be Up to 80%. The number of broadcasts per second is the number of broadcast frames sent and received by the monitored network card. Normally, the number of broadcast frames per second is relatively small, depending on the number of computers on the network; In the case of a storm, the number of broadcast frames per second is very high, up to 1000 frames per second.
3. DHCP assigns IP addresses to clients
Using dynamic DHCP IP allocation, you can use dynamic IP for clients in your managed LAN, which is an effective means of blocking LAN attacks.
in personal and home-based Windows XP system, Microsoft is not a member DHCP and other network components, Windows Server 2003 and re-joined the service. The usage is as follows: Go to the “Control Panel” and open the “DHCP” network service in the “Administrative Tools”. In the tree structure on the left side of the DHCP window, select the current server, right click and select “New Scope”. The domain is the range of IP addresses that DHCP assigns to clients.
The first is to enter the "scope name", this item is just to prompt the user, you can fill in any content. However, to set the assignable IP address range, you must plan the IP address according to the network size. For example, if there are 20 clients, you can enter the initial IP address as "192.168.0.8" and the end as IP "192.168.0.28". The subnet mask and length below are the default "255.255.255.0" and "24" (Figure 6).
The next step is to enter the excluded IP. Sometimes, you want to leave one or a part of the IP address segment. If you want to use it for servers that provide other services, you need to exclude the IP address. Enter the individual IP address or IP address segment to be reserved. After inputting, click [Add], which allows you to enter multiple excluded IP addresses. You can also skip the "Exclude IP" wizard directly [Next].
After using the DHCP function, when setting the computer to which the IP is assigned, the default setting can be used, and both IP and DNS are selected as "automatically obtained" if the IP and other network setting addresses are previously specified. All should be reset to "automatically obtain" to avoid causing network address conflict errors.
in Windows XP applicable safety measures apply equally on Windows 2003, after all, they come from the same core.
0