What is DNS? well, it means “Domain Name System” and it relates to the fact that no matter how good our memory is, it is easier for us to remember names than numbers. Since any computer/device that is attached to a network, no matter if the network is local or external (Internet), that computer has an IP address (which is how any device is being recognized and attached to the network). Since it might be easy to remember one address (maybe), if you have more than one computer on the network this trick might become a bit complex, so the solution is to turn network IP into names.

DNS is what this is all about, the DNS is a table that translates between network address IP’s to names. The names usually relate to domain names, since on the internet and the way servers work, domain names enable better organizing the naming way. The domain is usually a “name.ext” like google.com. Since we all know from the internet that most of the addresses are divided into 3 parts like www.google.com, the 3 parts enable better dividing of the groups (called the domain) and it’s children. What it means is the WWW is part of the domain called google.com.

There are different types of child names but the most common ones are the WWW (World Wide Web) which is being used for websites on the internet, there are ftp.google.com which will be the FTP of Google (File Transfer Protocol) used for hosting files, or another common full DNS name is the MAIL (e-mails) like mail.google.com – where the mail relates to mail servers for transferring e-mails. So now you can see all of those names actually reside in google.com which means they are all related to the same domain.

Now, DNS servers can reside on your network (local DNS server), which will translate your local network addresses into domain names, and connect the local DNS to a worldwide one. DNS server can also reside on the internet in a hosting, which you can access (usually the ISP will provide you with DNS will translate internet addresses), using the ISP’s DNS will enable you to browse the internet, and by adding it to your local DNS, your company will be able to browse the internet using domain names.

Creating your own DNS:

1. One of the easiest ways if you know Linux – is to create a DNS server based on a Linux operating system. There are some basics already built within Linux that you only need to configure, and then change your DNS IP relations to that Linux DNS server you have created. You might want to use a whole DNS program called BIND9, which is a more sophisticated DNS server software that can be easily installed on any of your Linux operating systems.
   • http://www.aboutdebian.com/dns.htm
   • http://www.linux.org/docs/ldp/howto/DNS-HOWTO.html
   • http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS
   • http://www.linux.org/docs/ldp/howto/Chroot-BIND-HOWTO.html
   • http://linux.justinhartman.com/DNS_Installation_and_Setup_using_BIND9
2. Microsoft Windows servers and operating systems also can enable DNS servers. You can use local DNS using the HOSTS file (which is like a translation table for translating addresses to names, this file is a default file windows uses, so if you define it, windows will check it and use it before other DNS servers) and you can create an actual DNS server.
   • Installing DNS Services on WINDOWS 2003 SERVER
   • Installing DNS Services on WINDOWS 2008 SERVER
   • Server 2008 DNS Manual Setup – Video
   • Windows Server 2008 Training – Configuring DNS – Video
   • 

Now I believe you understand DNS better, what it is and what is it used for. Also, I believe you have some examples to give you some idea on how DNS is being created both on Linux and on Windows operating systems and networks.

When you want to protect your internal network, either your business network or your home network and you want to install the firewall yourself, there is an option to use a Linux firewall application. Linux has many benefits about installing applications by yourself, of course you need to learn some Linux to do so, but that is one of the reasons why it might be a good idea to get to know Linux. You can install almost anything that you might need, and it’s free.

I am specifying a couple of good ones, but there are many more. I set a link at the bottom of this article, that links to a very long list of firewall options 🙂

Firestarter – When you’re using a desktop version of the Linux operating system, you can use this graphic firewall application.
•    Easy to use graphic interface (might ease configuration if you have some basic understanding of how firewalls work).
•    This application is of course an open source application, and free.
•    The firewall enables more than one station to be connected to it and of course be protected.
•    You can easily define inbound and outbound traffic – which are of course the core of firewall designation – defining who can exit and who can access the services from the internet.
•    The firewall includes – white-list & black-list traffic – who is allowed and who isn’t
•    You can monitor the traffic, see what is passing through your firewall and online events.

Endian Firewall – This firewall is based on the open source most common command line Linux firewall called IPCOP, This firewall includes web filtering (Web Proxy), SIP Proxy (for Switchboards), VPN, Content Filtering, Mail gateway, Anti-virus, Anti-spyware, Anti-fishing etc…
Some of it features are:
•    There is an easy to use web interface – web management service to configure it.
•    It supports Routing and NAT (for configuring what is allowed and disallow to pass through the firewall.
•    Port forwarding
•    Network traffic logs, Reporting system.
•    IPSec VPN – for VPN secured access from outside the network.
•    Anti -Virus is based on the Clam AV mechanism.
•    Traffic monitoring is by using the nTop.
•    SPAM Protection using pyzor
•    Dynamic DNS support
•    Dnsmasq – is used for the DHCP and DNS.
•    There is also Windows based support – Samba, LDAP, RADIUS.

SmoothWall Express – This firewall offers a good security firewall, for minimal hardware, which can be fitted well on old computers with old slow configurations. This firewall is being configured using a web based management console. You can configure ADSL, ISDN, Web Proxy, DHCP configurations.
There is a nice video that shows and explains about the Smooth-Wall.

There are many other options which you can read on at this link 🙂

Active Directory is a package designed by Microsoft to manage an organizational network, this package is using different tools to organize and manage the corporate network. Basically before we get into specifics, the Active Directory is creating a managerial environment, where all of the network clients (end users) are connected to it, and anyone who connects to it is registered and monitored by the Active Directory system. That enables it, to manage the end users, what they are allowed to do, what they can’t, which resources will be available to whom. It creates groups and give those groups policies (group of rules) which binds that group into those rules, and every end user that is defined within this group is bind by it rules, and accordingly can or can’t do things within the network.

The Active Directory, has been built inside the windows servers (server 2003, 2008) and the Active Directory is it’s source of organization. Anyone who connects to the server is actually connected to the Active Directory, and through that can use the network resources, as defined in the Active Directory rules.

So how does it work ?
The tools that Active Directory uses, are the LDAP (lightweight directory access protocol) which is basically a library service. There is the authentication protocol based on Kerberos (authentication protocol for client/server services that enables connection and communication using secret encrypted codes over the internet), then there is the DNS (domain name system, which translate names like website addresses into IP addresses) and finally the group enforcement, making sure the group rules are working properly.

The Active Directory has a Physical aspect which includes a database that is residing on DC (DomainControllers), those DCs can do various operations and purposes, or the same operation for redundancy and loading performance and separations, where each change in domain is replicated using a replication mechanism, to the other domains and of course updating the whole organization accordingly. The Logical aspect of it is hierarchical concepts, like a pyramid, the higher structure is a forest, which is containing trees which resemble a collection of DCs. The forest is actually any object on the network, anything connected to it, and the rules apply using that hierarchy.

Each object on the network is an “Entity” and each entity has its own definitions which divides into 3 types: resources, services & users. Every object has it’s unique GUID (ID), which identifies against the library (the LDAP) and that is how it gets identified.

This is the basic operation of the Active Directory. It’s use and functionality is to centralize manage all of the computerized resources in the organization. The policy can be implemented using a management tool called GPO (group policy) which can manage the policies given to different groups in the organization’s network.

This whole concept enable the network administrator to obtain control over the whole network from one computer (DC) and  to define what type of desktop will a user have, which directories he can access, what tools he can use etc…