NOTES:
FTP 20/21
SSH 22
Telnet 23
SMTP 25
DNS 53
DHCP 67/68
TFTP
69
HTTP 80
POP3 110
NetBios 137/139
IMAP 143
SNMP 161/162
LDAP 389
HTTPS 443
SMB
445
RDP
3389
Mail protocols:
SMTP is the only protocol used to send emails over TCP 25. POP3 and IMAP are used to receive
emails. The post office protocol (POP3) is used to access email messages stored in a mailbox on
a remote server over TCP 110. The server usually deletes messages once the client has
downloaded them. The internet message access protocol (IMAP) is used to access email
messages stored in a mailbox on a remote server using TCP 143. Unlike POP3, messages persist
on the server after the client has downloaded them. IMAP also supports mailbox management
functions, such as creating subfolders and access to the same mailbox by more than one client
at the same time.
Network Troubleshooting notes:
It's Broke!
Identify the Problem (gather info)
Establish a Theory (question the obvious)
Test the theory
(confirm it is the issue)
Establish a Plan of Action and Implement the Plan
Verify Full System Functionlity
Document Findings
It works!
LCD (Liquid Crystal Display) technologies:
TN (Twisted Nematic) LCD- The original LCD, fast response time, poor viewing angles- color shift
IPS (In Plane Switching) LCD- Excellent color representation, more expensive than TN
VA (Vertical Alignment) LCD- Good color representation, slower response than TN (in-between
TN and IPS)
LCD monitors require a backlight. Older backlights were CCFL- Cold Cathode Fluorescent Lamp.
New backlights are LED, can be an array of LED's behind the screen or around the edge. LCD
displays need an inverter for the CCFL backlights. The inverter turns DC into AC. Troubleshoot
display issues by looking closely and using a flashlight. If you can make out an image the issue
may be with the inverter.
OLED (Organic Light Emitting Diode):
Organic compound emits light when receiving an electrical current. Thinner and Lighter, flexible
and mobile- no glass needed. No backlights, the organic compound provides the light. Found on
Tablets, phones, and smart watches. Very accurate color representation but higher cost than
LCD.
SDN (Software Defined Network):
Infrastructure layer/Data plane- Process the network frames and packets; forwarding, trunking,
encrypting, NAT
Control layer/Control plane- Manages the actions of the data plane; routing tables, session
tables, NAT tables; Dynamic routing protocol updates
Application layer/Management plane- Configure and manage the device; ssh, browser, API
DHCP:
DORA- Discover, Offer, Request, Acknowledge
Discover- find a DHCP server
Offer- get an IP address offer from the DHCP server
Request- accept the offer from the DHCP server
Acknowledge- DHCP server confirms request and assigns IP address
Hard Drive (HDD) Speeds:
5,400rpm
7,200rpm
10,000rpm
15,000rpm
Raid (Redundant Array of Inexpensive Drives):
Type
Drives
Raid 0- striping
Raid 1- mirroring
Raid 5- striping w/ parity
Failure Condition
2 or more
A single drive failure breaks the array with data loss
2 or more
3 or more
Raid 10- striping w/ mirroring 4 or more
DVI (Digital Visual Interface) cables:
Array will work as long as one drive is operational
Need all drives operational but one
Can lose all but one from each set of mirrors
DVI-A this is an Analog cable 3.7 Gbps HDTV up to 60fps
DVI-D this is a Digital cable (dual link available at 7.4 Gbps HDTV up to 85fps)
DVI-I this is an Integrated cable providing both Analog and Digital (dual link available)
PCIe slot size:
PCIe x1 - NIC or WI-FI network cards
PCIe x4 - M.2 NVMe drives
PCIe x16 - Graphics Cards
Motherboard form factors:
ATX- standard-ATX size 12 x 9.6
mATX- micro-ATX size 9.6 x 9.6
mITX- mini-ITX size 6.7 x 6.7
OS tech:
32-bit (x86) cannot run 64-bit apps
64-bit (x64) can run 32-bit apps
ARM- Advanced RISC Machine; less power needed, less heat, mostly IoT and mobile devices
Multithreading:
Hyper-Threading Technology (HTT)- one CPU core acting like 2 CPU cores; Not actually as fast as
2 but gives at 15-30% performance improvement
Printers:
MFD- multifunction devices; these devices can be printers/scanners/fax/network/phone
line/web print
PCL- Printer Command Language; created by Hewlett-Packard very common across the industry,
faster output with lower quality
PostScript- created by Adobe Systems, popular with high end printers, higher quality with
slower output
Duplex- saves paper and prints on both sides of the paper
Laser printer- combines a laser, high voltage, charged ions, powdered ink, heat, and paper
Imaging drum- image is drawn onto a photosensitive drum with a laser, picks up toner and
transfers to the paper, can be separate from the toner cartridge or combined
Fuser assembly- heat and pressure to melt plastic toner powder and permanently bond toner to
the paper
Transfer belts and roller- used for multi color laser printers; usually 4 separate cartridges (cyan,
yellow, magenta, black). The image is transferred from all cartridges to the single belt and then
to the single transfer roller
Pickup rollers- pickup paper; should be a single page picked up, should be cleaned periodically
during maintenance process
Separation pad- pull just the top sheet from the paper tray, small and inexpensive; used with
the pickup rollers
Duplexing- able to print on both sides; printing on one side then turning page over without
intervention to print second side
7 steps for laser printing:
Step 1: Processing (nothing moving; sending data to printer and prints after job has completely
rendered in memory)
Step 2: Charging (A corona wire or charge roller applies a negative charge to imaging drum)
Step 3: Exposing (The laser applies a positive charge; writing the image to the imaging drum)
Step 4: Developing (a negatively charged toner is applied to the positively charged sections on
the photo sensitive drum)
Step 5: Transferring (toner is transferred from the photo sensitive drum to the paper)
Step 6: Fusing (the paper passes through the fuser and it melts the toner to the paper
permanently)
Step 7: Cleaning (removes any excess toner from the drum)
Inkjet printer- relatively inexpensive, quiet, high-resolution, ink is usually proprietary and
expensive. Fades rapidly overtime (not good for archiving) and can clog easily. 4 colors CMYK:
cyan, magenta, yellow, key (black)
Print heads- drips the ink onto the paper; some printers combine the inkjet cartridge with a
print head
Feed rollers- pick up and feed paper
Carriage and belt- ink cartridges are moved over the paper via the carriage (which may have its
own print head), the belt moves the carriage back and forth
inkjet calibration- align nozzles to the paper, lines should be crisp and colors should align.
Thermal printer- special coated white paper turns black when heated; no ink required, very
quiet, fades overtime (not good for archiving)
Feed assembly- pulls paper through the printer via a cylinder feed assembly
Heating element- full-length heating element, no moving print head
Thermal paper- paper covered with a chemical; thermochromic paper
Impact printer- Dot-matrix printers are impact printers. print heads with a small matrix of pins
press against a ribbon to make a mark on the paper, great for carbon/multiple copies. poor
graphics with low cost but very loud
Dot-matrix printer head- moves back and forth, pins hit the ribbon and paper. print head
includes are large heat sink due to heat generated from strikes of the pins on the paper
Printer ribbon- very long ribbon, made of fabric and easy to replace; proprietary sizes for each
model
Tractor feed- continuous paper feed with perforations between pages, paper can be pulled
through holes on the sides instead of using friction
3D printers- "print" in three dimensions, create a 3D item based on electronic model; additive
manufacturing builds in layers to create the object, no machining process required. Used in
rapid prototyping, design and create relatively quickly and inexpensively. Can be used anywhere
in the world and in space
Filament printing- Fused Deposition Modeling (FDM), melt filament to print 3D objects. Most
common form of 3D printing; Print a layer, move up, print another, and so on. Good all-around
printer with larger print bed than resin printers, easy to manager filament, minimum mess, and
fewer disposal issues
Resin printing- Stereolithography (SLA) 3D printing, smooth and finely detailed 3D prints. Resin
is hardened using a light source. Ultraviolet light or a laser hardens the resin, layers are added
to the bottom. The entire print hangs from the build platform and is lowered into the resin.
Resin must be handled properly, wear protective gear and take unused resin to hazardous
material disposal.
Print Bed- a flat adhesive surface, the foundation of 3D printing. Must be level and clean.
Virtualization:
Type 1 hypervisor, also known as bare metal, uses a specialized hypervisor OS to run the virtual
machines (such as VM Ware's ESXi)
Type 2 hypervisor runs on top of an existing operating system.
VM escaping- Malware recognizes it's on a VM, Malware compromises the hypervisor, Malware
jumps from one guest OS to another
Rogue VM's- bad actors try to install their own system
VM sprawl- VM sprawl is the uncontrolled deployment of more and more VMs.
Resource pooling- Resource pooling refers to the concept that allows a virtual environment to
allocate memory and processing capacity for a VMs use.
Rapid elasticity can be a security threat to your organization's data due to data remanences.
Data remanence is the residual representation of digital data that remains even after attempts
have been made to remove or erase it. So, when a cloud resource is deprovisioned and returned
to the cloud service provider, it can be issued to another organization for use. If the data was
not properly erased from the underlying storage, it could be exposed to the other organization.
For this reason, all cloud-based storage drives should be encrypted by default to prevent data
remanence from being read by others.
Virtual Network Requirements:
Shared network address- The VM shares the same IP address as the physical host, uses a private
IP address internally, Uses NAT to convert to the physical host IP
Bridged network address- The VM is a device on the physical network, each VM gets its own IP
address
Private address- The VM does not communicate outside of the virtual network.
Troubleshooting:
"OS not found" - The "OS not found" error at boot time is an indication that the MBR (Master
Boot Record) or GPT (Globally Unique ID Partition Table) is corrupted or faulty. If this occurs, you
should reboot into the Windows recovery mode and use the 'bootrec /fixboot' command to fix
the GPT. This issue may occur if one or more of the following conditions are true: (1) the basic
input/output system (BIOS) does not detect the hard disk, (2) the hard disk is damaged, (3)
sector 0 of the physical hard disk drive has an incorrect or malformed master boot record
(MBR), (4) an incompatible partition is marked as Active, or (5) a partition that contains the
MBR is no longer active.
LCD Burn in- image sticking can be removed by displaying a white screen for an extended period
ipconfig /flushdns - The ipconfig /flushdns command provides you with a means to flush and
reset the contents of the DNS client resolver cache. During DNS troubleshooting, if necessary,
you can use this procedure to discard negative cache entries from the cache, as well as, any
other dynamically added entries. Resetting the cache does not eliminate entries that are
preloaded from the local Hosts file. To eliminate those entries from the cache, remove them
from the hosts file instead
Additional notes:
VRAM- video RAM
Virtual Memory- Virtual memory is an area on the hard disk allocated to contain pages of
memory. When the operating system doesn't have sufficient physical memory (RAM) to perform
a task, pages of memory are swapped to the paging file. This frees physical RAM to enable the
task to be completed. When the paged RAM is needed again, it is re-read into memory.
Digitizer- use a stylus or finger to draw on a screen by converting analog input into digital signals
for the computer.
Bluetooth- Bluetooth is a wireless technology standard used for exchanging data between fixed
and mobile devices over short distances using UHF radio waves in the industrial, scientific, and
medical radio bands from 2.402 GHz to 2.480 GHz and building a personal area network (PAN).
Jitter- time between frames, excessive jitter from variable intervals between frames can cause
"choppy" voice calls
Latency- a delay between the request and the response
NFC- Near-field communication (NFC) is a set of communication protocols that enable two
electronic devices, one of which is usually a portable device such as a smartphone, to establish
communication by bringing them within 4 cm of each other. This is commonly used for
contactless payment systems, transferring contacts, or transferring a file from one device to
another.
SAN- Storage Area Network; looks and feels like a local storage device, block-level access, very
efficient reading and writing.
Inverters- turn DC power for laptop into AC power for LCD displays. These power the backlight,
one way to determine if the inverter is not working is to shine a flashlight on the screen and see
if you can make out any of the image being displayed.
Perimeter network- (formerly called a Demilitarized Zone or DMZ) is a portion of a private
network connected to the Internet and protected against intrusion. Certain services may need
to be made publicly accessible from the Internet (such as a web, email, or Minecraft server) and
they should be installed in the perimeter network instead of in your intranet. If communication
is required between hosts on either side of a perimeter network, then a host within the
perimeter network will act as a proxy to take the request. If the request is valid, it re-transmits it
to the destination. External hosts have no idea about what is behind the perimeter network so
that the intranet remains secure. A perimeter network can be implemented using either two
firewalls (screened subnet) or a single three-legged firewall (one with three network ports)