What is DNS ?

DNS - Domain Name System

(1) Short for Domain Name System (or Service or Server), anInternet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.example.com might translate to198.105.232.4.

The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.

(2) Short for digital nervous system,a term coined by Bill Gates to describe a network of personal computers that make it easier to obtain and understand information.

Windows 2012 Server Different GUI Levels

I do have to say after using Windows 2012 server for a while in my lab and to host several Hyper-V machines for research and testing I do have to say I like it. It is a lot less resource intensive that Windows 2008 and Windows 2008 R2 are, the use of WinRM for Remote Management and the Server Manager interface makes administrating several servers a breeze, the best part of all is that I can administer the server completely with Windows PowerShell and for those cases that I need the GUI I can install and remove it to save a couple of MB of memory and reduce the attack surface of the box. 

The main reason that the GUI can be modified is that the components for it are now features of the OS:

• Graphical Management Tools and Infrastructure (Server-Gui-Mgmt-Infra):  provides a minimal server interface and server management tools. The components for it are:
  • Server Manager
  • Microsoft Management Console (MMC) and snap-ins
  • Subset of Control Panel
• Server Graphical Shell (Server-Gui-Shell): it  is dependent on the first feature and provides the rest of the GUI experience. The component of it are:
  • Desktop
  • Start screen
  • Windows Explorer
  • Internet Explorer

In he blog post I will cover how to use PowerShell for adding and removing of the features since PowerShell is available in server core with none of the components installed.

Here is Windows 2012 Server Core default install after logging on as administrator:

The terminal it provides is cmd.exe so to get to Windows PowerShell we need to type powershell and press enter.  In PowerShell we can use the Windows Feature functions to add and remove features. To list them we can use the Get-Command cmdlet:

PS C:\Users\Administrator> Get-Command *windowsfeature* -Type function,cmdlet

CommandType     Name                                               ModuleName
-----------     ----                                               ----------
Function        Get-WindowsFeature                                 ServerManager
Function        Install-WindowsFeature                             ServerManager
Function        Uninstall-WindowsFeature                           ServerManager

We find that we can get the Windows Features currently installed on the system, we can Install and Uninstall Windows Features also. to get a list of the options and examples of use for each we can use Get-Help cmdlet with the –Full paramter:

Get-Help Install-WindowsFeature -Full

Lets start by installing only the Graphical Management Tools and Infrastructure (Server-Gui-Mgmt-Infra), this will give us the tools for only managing the server but not for browsing the web or doing some activities that might cause the server to fall for a client side attack.  To install we just use the Install-WindowsFeaturefunction and give it the parameter to restart the server after it is installed:

Install-WindowsFeature Server-Gui-Mgmt-Infra –Restart

Once it is ran PowerShell will show the progress of the installation:

Once the server starts and one logs on we can see that. Once the server reboots and one logs one Server Manager will come up automatically and can be used for management tasks.

If we want the full desktop experience and the addition of Internet Explorer we just need to run the following command to add that component:

Install-WindowsFeature Server-Gui-Shell –Restart

One shortcut to install all if you are in Core enumerate the features with the word GUI and since PowerShell is an Object Based shell we can pass the objects it returns to the Install-WindowsFeture function to install those:

Get-WindowsFeature *gui* | Install-WindowsFeature -Restart

Once the server reboots and the user logs in they should have a full GUI experience:

One thing to take in to account on this system with no GUI as a Core only server default install memory use was around 322MB of memory, with the Infrastructure Management Tool support only it was around436MB of memory and with the full GUI Experience it was around 527MB of memory. I would recommend only having Server-Gui-Mgmt-Infra installed as a mid point of usability and reduces attack surface on the server.

I hope you found the information on the blog post useful.

Difference between Internet and Intranet

Internet

1. Internet is wide network of computers and is open for all.
2. Internet itself contains a large number of intranets.
3. The number of users who use internet is Unlimited.
4. The Visitors traffic is unlimited.
5. Internet contains different source of information and is available for all.

Intranet

1. Intranet is also a network of computers designed for a specific group of users.
2. Intranet can be accessed from Internet but with restrictions.
3. The number of users is limited.
4. The traffic allowed is also limited.
5. Intranet contains only specific group information.
Therefore the Internet is an open, public space, while an intranet is designed to be a private space. An intranet may be accessible from the Internet, but it is protected by a password and accessible only to authorized users.

NIC Teaming in Windows Server 2012

Introduction

Windows Server 2012 has a number of great new features. One of the most welcome new features is the ability to create NIC teams. A NIC team is a collection of network interfaces (NICs) that work together as one. There are many benefits to building a NIC team. The main benefit is bandwidth aggregation. NIC teaming allows the bandwidth of every NIC in the team to be combined, thereby delivering more bandwidth than any single NIC in the team would be able to handle by itself.
Another noteworthy benefit to NIC teaming is redundancy. NIC teaming protects the server against NIC failures. If a NIC within a NIC team fails then the team is able to continue functioning in spite of the failure, but at a reduced capacity.
Technically speaking, NIC teaming isn’t an entirely new feature. Previous versions of Windows Server supported NIC teaming, but only with some very significant restrictions. The main restriction was that the NIC team had to be implemented at the hardware level, not the software level. This meant that you had to purchase server hardware and NICs that natively supported NIC teaming. Furthermore, the server and the NICs had to be provided by the same vendor. Needless to say, this approach to NIC teaming was expensive to say the least.
These limitations are gone in Windows Server 2012. Now NIC teaming can be implemented at the software level, so there is no need to purchase specialized server hardware. Furthermore, the NIC team does not need to be vendor consistent. You can create a NIC team consisting of NICs from multiple vendors.
Another benefit is that a NIC team can be huge. You can combine up to 32 physical NICs into a NIC team. Imagine for a moment that you built a team of 32 ten gigabit NICs. That would be the functional equivalent to having a 320 gigabit connection (minus overhead).

NIC Team Uses

Right about now you might be wondering under what circumstances you can use a NIC team. Generally speaking, a NIC team can be used in any situation that a physical NIC would be used in. NIC teams can handle normal server level traffic, but they can also be used by virtual machines. Having said that, there are a few exceptions. NIC teaming does not work with the following:
SR-IOV
Remote Direct Memory Access (RDMA)
TCP Chimney
Microsoft doesn’t really explain why TCP Chimney isn’t supported (at least not that I have found), but they do indicate that that the reason SR-IOV and RDMA aren’t supported is because these technologies send traffic directly to the network adapter and completely bypass the networking stack, which means that SR-IOV and RDMA are unable to detect the NIC team.

Building a NIC Team

Creating a NIC team is an easy process. To do so, open the Server Manager and click on Local Server. Next, locate the NIC Teaming option in the Properties section and then check to see if NIC Teaming is enabled or disabled, as shown in Figure A.

Figure A: Check to see whether NIC Teaming is enabled or disabled.
Assuming that NIC Teaming is disabled, click on the Disabled link and the NIC Teaming window will open, as shown in Figure B.

Figure B: NIC teams are created through the NIC Teaming console.
Now, go to the console’s Teams section and click on the Task drop down. Select the New Team option. When you do, you will see the NIC Teaming dialog box, shown in Figure C.

Figure C: Use the NIC Teaming dialog box to create the NIC Team.
As you can see in the figure, the dialog box is pretty simple. You can create a NIC team by entering a name for the team and then picking the network adapters that are included in the team. In the figure above I stuck with the default names for the network adapters that were installed in my server, but if you do rename your network adapters then the custom names that you have assigned will show up in this dialog box.
Before you create the NIC team, it is a good idea to define some additional properties. While this certainly isn’t a requirement, doing so gives you more control over the team’s functionality. If you look at the figure above, you will notice that there is an Additional Properties drop down near the bottom of the figure. If you click this drop down, you will be presented with some additional options, as shown in Figure D.

Figure D: There are some additional properties that you can configure.

Teaming Mode

The first option on the list is the teaming mode. You can choose from three different teaming modes. The default option is Switch Independent. As the name implies, switch independent mode lets you build a NIC team without having to worry about your network switches. The NICs that make up the team can even be connected to multiple network switches.
The next option is called Static Teaming. Static teaming is a switch dependent mode. This mode requires you to configure both the computer and the network switch so as to identify the links that make up the team.
The third teaming mode is also switch dependent. It is called LACP, and is based on link aggregation. The advantage to using this type of NIC teaming is that you can dynamically reconfigure the NIC team by adding or removing NICs as your needs dictate.

Load Balancing Mode

The next option on the list is load balancing mode. Load balancing mode lets you choose between two options – Address Hash or Hyper-V port. The Address Hash option is usually the best choice because it allows traffic to be load balanced across all of the NICs in the team.
The Hyper-V Port option balances traffic on a per virtual machine basis. This type of load balancing assigns each virtual machine’s traffic to a specific NIC. The problem with this approach is that virtual machines are unable to take advantage of distributing traffic across multiple NICs.

Standby Adapter

The last option is Standby Adapter. As the name suggests, the Standby Adapter option lets you designate a NIC as a standby spare. That way, if a NIC in the team were to fail then a spare is on hand to take over. It is worth noting however, that you can only designate one NIC as a standby adapter. Windows does not support having multiple spare adapters.

Conclusion

As you can see, NIC teams are relatively easy to set up and configure. The nice part is the degree of flexability that Microsoft gives you when setting up a NIC team. It is up to you for example, if you want to define a standby adapter or not. You might be wondering however, what happens if you choose not to configure any of the additional properties. In this type of situation, Windows takes a one size fits all approach to NIC teaming. The team mode is set to Switch Independent, the load balancing mode is set to Address Hash, and there is no standby adapter defined.