CompTIA A+ 220-1101 Topic: Book Chapter 21 – The Internet Part 2
December 14, 2022

6. FTP

Downloading a file on the Internet today is usually pretty easy. We open up a Web browser, we see some kind of link, and it says “download.” We click on it, and it goes into our download folder off of our Web browser. Now, before the Web was popular, there was another way to move files around on the Internet, called File Transfer Protocol, or FTP. Now, FTP, in its most simple mode, is using port 21, and it’s a pretty straightforward process. Now, if you’re going to be doing FTP well, first of all, you need an FTP client. Luckily for us, every Web browser on Earth is an FTP client. Here’s an example right here that I want you to look at very carefully. Look where I’m linked to. This is not http; do you see this? This says FTP. Wack. What you’re looking at here is an FTP site. As a result, almost every Web browser is an excellent FTP client in and of itself. But if you want to do really robust FTP, you’re going to have to get an FTP client. I’ve got one here called FileZilla. Now, not only do I have a robust FTP client, but I also have a much more robust FTP server. The FTP site that we just saw is basically just a download-only site. But I want to be able to upload things, and I want to make folders and do all kinds of cool stuff like that and kind of use it as a central repository. FTP was cloud storage before cloud storage was cool. Anyway, so what I’m going to do is fire up FileZilla, and I’ve actually setup a much more robust FTP server. So let’s fire up FileZilla and log into my FTP server.

So I actually have to type in either the IP address or the fully qualified domain. I’m going to make a shorter one next time. I’m going to type in port 21 because that’s the port I’m using. and I’m going to do a quick connect. Now, what you’re seeing here is my computer over here. In fact, you can even see me on my desktop right here. And you can see Timmy’s docx right there. And this is my remote connection. So I can double-click on the files here, and there are plans for world dominance. So if I want to copy something, I’ve just uploaded that file to the FTP site. So more robust FTP clients and robust FTP servers will let you do stuff like make folders on the FTP site and all kinds of cool stuff like that, which is great. However, there’s a bit of a catch, and that is that there is a situation where FTP can use a different mode called Active Mode. So what I’m going to do right here is, as you’ll notice, I have an option right now.

It’s set to passive mode, but I could set it to active mode. I’m going to cancel that for a moment. Passive mode means everything’s done on port 21. However, if you kick it into active mode, which is the traditional way FTPworks runs, something actually strange and wonderful happens. Let me show you. Here’s my FTP client, and here’s my FTP server. Now, normally, when I send an FTP request, it’s going to go out on port 21. And of course, he’ll put some other ephemeral port number as the source. So when this goes out here, the server, as most applications do, just spins it around when it sends it back. And then, as it comes back in here, the destination is going to be 1461. And then the source is going to be port 21. That’s great. But when you’re in active mode, the game changes. So what will happen is that you will have this type of connection, but another connection will take place automatically. You’ll send this on port 21, but he’ll start sending back communications on port 20. And that’s a problem because any router worth its salt is going to block this. That’s great that you started on port 21. But you didn’t initiate on port 20.

And FTP servers in active mode will start sending stuff on port 20, which is going to freak your client and your router out. Active mode is about five times faster than passive mode. But the problem you run into is that any good router is going to block this because nobody initiated a port 20 communication from inside your network. So in order to deal with this, every router on Earth has something called port triggering. and it’s pretty much just for FTP. Allow me to demonstrate port triggering. So let me get on with it. And this is definitely going to be an advanced thing. So what we need to find here—and it’s always fun to try to find this stuff—is port triggering. So what we want to tell the computer is, “Let’s see if it has FTP in here already.” No problem. We’re going to do it from scratch. So we’re going to call this active FTP. and the trigger report is that somebody is going to send something out on port 21. And we can just say everything. It’s probably TCP, but we’ll just say that to be safe. So basically we’re saying, “Look, if somebody sends something out on port 21, you need to allow incoming port 20 traffic.” Okay? And we have now set up a port trigger. So I’m using FTP as an example for port triggering, but a lot of gains require port triggering. A lot of specialty applications require port triggering. So while active FTP is a great example, if you set off something on port 21, it’s going to shoot back on port 20. Be aware that other applications may need this. The nice part is that if an application requires port-triggering, usually during the install process, they’re going to say, “Oh, you might want to go to your router and set up port-triggering in XYZ way.” So that will work.

7. E-Mail

OOH, email. It’s been around forever. We love it, we hate it, and we all use it. There was a time when we’d all have one email account, and these days it seems like I’ve got—I actually counted—around ten active email accounts, plus another 20 barely used accounts. And then I even throw away email accounts as well. So email is a big thing. And by the way, if you ever want to contact me, here’s my email address right here. Now, in order to configure email, we usually use an email client. However, in today’s world, web-based email is extremely popular. I use Gmail; I’ve got Office 365; I’ve got Yahoo; I’ve got ProtonMail; I’ve got all of these different web-based tools. However, even if you’re using a web-based tool, you still have to configure it so that it can send and receive your email. Now, for a lot of folks, this is kind of automatically configured. You fire up Gmail, you set your account settings, and boom, everything’s configured. However, there are a lot of situations where you might want to connect to a less popular one or have your own little email server.

And that’s really what I want to talk about here. So we have three different protocols. You need to deal with SMTP, which runs on port 25, POP3, which runs on port 110, and then IMAP, which runs on port 143. So why do I need three protocols to do one thing? Let me explain. SMTP is the protocol that we use to send our mail to an SMTP server. So you’re going to have to configure an SMTP server, and they usually have interesting names like mail.totalsem.com or something like that. Now you have a choice between either POP 3 or IMAP. You use one or the other. You don’t use both of these. Bring your email to your email client. Pop3 is very simplistic; it works great, but you have to set up all your own folders on the client itself. IMAP stores all of your folders and organisation so that no matter where your client is, it can simply copy that down. And today, IMAP is very, very popular. Now, there have been a lot of versions of POP and IMAP over the years. POP 3 and IMAP 4 will be the most recent versions.

So if you see IMAP or IMAP 4, it’s going to be the same thing. When it comes to configuration, if you’re going to see pop or pop 3, it’s going to be the same thing because nobody uses IMAP 2. For example, nobody uses POP 2 anymore. So don’t panic about the number at the end of these. And they always use the same port numbers, no matter what. Okay? So what I want to do is create a more traditional email account, but this time I’ll use my iPhone. So what I’m going to have to do is create an email account. And on this phone, it actually isn’t too big of a deal, but you have to know where to click. So let’s start setting up an email account on my iPhone. All right, so to set this up, I’m going to click on Settings, and then I’m going to scroll down and find my accounts. There we go: passwords and accounts. Now what I want to do is add an account, and I could use these by default, which will setup all this POP and IMAP for me automatically. But we’re going to do it this hard way and select others. And now I’m going to add a mail account, and I’m going to give it a name, and I’m going to give it an email. So I’ll type in Mike at TotalHome.com, and I’m going to type in some passwordtotal, and we’re going to fire it up. So it’s going to look up the account. Now, a lot of these things would stop right here and say, “Hey, man, there’s a problem.”

And there really is, because I’m making this up as I go. But if you take a look towards the bottom, you can see that we have an incoming mail server and an outgoing mail server. The outgoing is always going to be SMTP. So in this particular example, I’m going to type in MailTotalhome.com, and I know what to type in because somebody told me you’re not going to magically know this stuff. Now, on a lot of these SMTP services, you have to log in with a username and password. I’m going to leave that blank for now, but again, someone would tell you if you have to type this stuff in on the incoming. Now this is a little bit trickier. Let me scroll to the top. And this is how they do it on this particular interface. Notice. It mentions IMAP and POP. So if I wanted to do a pop three, I’d press on pop. If I want to do IMAP, Four, I’d select IMAP. It’s already at IMAP. So we’re in good shape here. So let’s go ahead and type in the incoming mail server. So this will just be “Mail,” “totalhome.com,” and a username. and we’ll probably just type it in under the username. We’ll just type in Mike. Now, a lot of times, it will look like this: totalhome.com, perfect. So setting up your SMTP, POP, and IMAP information isn’t that hard. I did it here on a smartphone, but you can do it on laptops, desktops, or any other device.

The trick is that you don’t know this t you don’t know thiIf someone is telling you to manually set up your mail information, they’re giving you this information. You’ve got a mail administrator who’s sending you a piece of paper with this information on it. I don’t magically know what this is. I don’t know if you also noticed, but on the SMTP server and the IMAP server, the incoming server, it was both mail totalhome.com.That’s actually very common. It’s one box that’s handling both incoming and outgoing mail. It works perfectly well. Now, the one thing I need to warn you about—and I feel that CompTIA has made a mistake here—is that for the exam, make sure you know these port numbers. However, most mail today is secured mail. You almost never see SMTP on port 25, for example. In fact, what we see today more than anything else is our port numbers. Like 587. These are secure versions of SMTP, POP, and IMAP. And even though you need to know 25, 110, and 143 for the exam, be aware in the real world that these also have secure versions that have completely different port numbers.

8. Proxy Servers

When you connect to a web server, an SSH server, an FTP server, or whatever you’re connecting to, it’s usually a direct connection with nothing between you and the server other than a bunch of routers that route your packets between the two of you. However, there is a situation where we could have somebody in between us, somebody that we want, called a proxy server. Let me explain the situation. So here I am in a network, and the network ID is 192, 168, 4, and I’m sitting on computer 192, 168, 4106 and I got a router. And here’s some server way out here with some web pages. Now, we typically navigate from our computer to the internet via the web. However, that has to go, and then it gets to the server and back. However, I’m going to add another computer and give it the address 192-1684 dot 20, and I’m going to give it the function of a proxy server.

So now, whenever I send something out to the internet, or, to be more precise, anything to the web, instead of going directly to the router, it will go through the proxy server and then out the router. Well, why in the world would we do something like this? Well, there are a lot of good reasons to use a proxy server. Number one, I could have been on that proxy server’s list of places you shouldn’t be going to. And instead of just making my firewall store all this stuff, I could put it on this proxy server. I could have it filtered for your information. For example, if you start typing in “hi,” “my name is Mike Myers,” and “my Social Security number is,” I could have it watched for stuff like that to prevent you from being evil. Equally, when data comes back, it’s going to go through the proxy server and then to your computer. So if there’s imagery I don’t like, if there are URLs you’re going to that I don’t like, if there’s verbiage there I don’t like, I can filter all this stuff. Proxy servers are extremely popular in places like schools and other institutions to protect kids from going to places they shouldn’t go. So, if we’re going to make that proxy server work, as you can see in my diagram, I’ve got to tell your web browser that whenever it starts up, we don’t need to go to the router; we need to go to the proxy server instead.

So proxy servers are application-specific. If you want to proxy web pages, you’ve got to go into your web applications and your web browsers and make some changes. If you want a SSH proxy, you’ve never heard of such a thing, but if you wanted one, you’d have to be able to go into your SSH clients and make some changes. So what we’re going to do right now is jump onto my Windows 10 system, and we’re going to make changes for the web browsers so that when they try to get out to the Internet, they’re not just going to go through my router; they’re going to go through my proxy server. Internet options is your one-stop shop for doing this in Windows. By setting these options, this works no matter what web browser you install; it all works exactly the same. So I’m going to click on Connections, and it’s down here in the Land Settings.

And you’ll see right here that it has a proxy server. So I’m going to say, “Use a proxy server,” and then I’m going to give the IP address of that proxy server, and you’ll see it’s set for port 80. Now, if I want to, I can go to advanced. You’ve got to remember that a web browser has a lot of different clients. It’s an HTTP client; it’s a secure client. It is an FTP client. And there’s something called socks, which they don’t even bother filling in anymore. I can also say not to use a proxy server for any addresses that start with, say, 192-1684. This way, if I have an in-house web server and I don’t want it to go through the proxy servers for something in-house, now you’ll look at this and go, “Wait a minute, it’s secure, and it says port 80.” Well, I can change all that if I want to. How does that look for you? Okay, so I’ve gone ahead and set up this proxy server, and now what’s going to happen is that anything that I do on any web browser after setting this up once—I don’t care if I install Firefox or Edge or whatever—they will all go through that proxy server.

The nice part about a proxy server is that not only does it filter out things we’re not really happy about, but it also has some real benefits. Number one, a proxy server can do caching. So if I’ve got web pages that everybody goes to a lot, a lot of times I’ll just set up a proxy server just so everybody can very quickly get to that web page. Now if that web page has a couple of things that update every three minutes, most proxy servers are very smart today, so they’ll only cache the static stuff and then just go out and grab that one little piece of the web page that’s updating. So it’s a very, very powerful tool. Proxy servers are not cheap things.There are some free versions, but they’re pretty static most of the time. If you’re using a proxy server, you’re paying for a service that keeps these things updated on a real-time basis. So they can be very powerful, but they also tend to be very expensive. And you want them to be because they’re watching for every bit of naughtiness that can possibly happen out there. Now, the last question people ask me is, “Wait a minute, Mike.” So we install this proxy server. Well, what if I just don’t update my proxy settings? Maybe I just want to ignore it. Yeah, we’ve got you covered there. Because of the firewall on that router, I block all outgoing traffic on port 80 unless it comes from the proxy server. So you’re going to have to use that proxy server. Got you. Music you.

9. Virtual Private Networks (VPNs)

How many different technologies does it take to turn on a light bulb? Well, the answer is three. So in this episode, what I want to do is talk about the Internet of Things, and I’m going to concentrate on home automation because that’s where we tend to see this type of stuff. When we say “internet of things,” we mean getting all kinds of things that we would never have considered internet capable before. The list of our ability to remotely control various devices simply by connecting them to the internet is endless. As a result, the internet of things was born.

This little light bulb in my hand has a microprocessor. It has an address, so it can be talked to. It has an API, so I can make it do all kinds of stuff, like change colors and things like that. I’ve got two light bulbs behind me. The one on the left is an amonochrome light bulb, so it’s just white. But this one will change into any colour of the rainbow. I’ll show you these guys in just a minute. But first of all, let’s talk about the three types of technologies we use to talk to all of these devices. Now, clearly, they need to be wireless, and almost all Internet of Things devices are wireless. So first of all, 811 is going to be a very common methodology to talk to these kinds of guys. The second is zigbee. Zigbee is used exclusively for the Internet of Things. It’s designed for home automation more than anything else. It’s been around for a while. Zigbee runs on the 2.4 GHz band. It doesn’t have a lot of bandwidth because it doesn’t need it. It’s not like we’re sending movies to our dryers. We’re just trying to tell the dryer to turn on or off, so there’s not a whole lot of bandwidth necessary. The last one is called Zwave. Zwave runs in the 900 MHz band, so it’s a much lower band. It used to be used for different types of portable phones, but now it’s a pretty quiet band area, and we’ll see that used a lot as well.

The trick to the Internet of Things is that you must first have some kind of hub, which is what I have here in front of me. So one of these is a Phillips-branded hub, which is designed to talk to, well, Philips light bulbs, but it’ll actually talk to all kinds of stuff. Then there’s a classic Google home next to me. Okay, Google, what time is it? It’s 908. So these little devices act as the primary hub for all of our many internet-connected things that we’ll see in our homes. Now it will take some configuration. For example, I can use my tablet to actually bring up an application. Now this application has two different lamps on it. So here’s my white lamp. So I’m going to click on this. Hey, my lamp is on; you watch the lamp. I’m going to turn it off now. Cool, huh? Look at me. Using all this technology to turn on a light bulb—and it’s also got a dimmer on it as well—is Now, using tools like this is great, but what really makes a lot of these home automation tools even more fun is when we bring in voice tools. For example, are you prepared? Hey, sir, turn all the studio lights green. OK, green. How cool is that? So the answer is that it takes three different types of technologies to turn on a light bulb.

10. Internet of Things (IoT)

I spent a lot of decades on the road teaching people about computers and networks. I’ve flown close to a million miles, all over the world. And as a result of that, I’ve spent a lot of time in airports wishing I was back at the office. It would be fantastic if I could be sitting with my laptop in Denver, Amsterdam, or somewhere in Canada. It would be nice if I were back in the office, where I could print to my printers, share folders, and access stuff off of my file servers. I would really like that. Well, a lot of other people do, too. And what we call that is virtual private networking, or a VPN. Essentially, we are transforming the Internet, the most public of all networks, into a forgery, a virtual private network. We’re taking the Internet, and it’s as though we’re taking a chunk of Category 6 cable from our switch all the way out to the Denver Airport and plugging me in. I’ve got an IP address just like I do at home. I can see all of my local area network’s shared resources as if I were sitting at my desk. VPN is a powerful tool, but it doesn’t happen automatically. You’ve got to set it up. Let me show you how VPNs work. So here’s Mike’s laptop sitting at Denver International Airport.

I like Denver. I like Denver. Anyway, so I’ve got a wireless connection, and I’ve probably got some address like 1011 1245 or something like that. Whatever I happen to connect to when I’m logged in and on the Internet and browsing Google, everything’s great. Well, what I’m going to do is install special software called VPN Client that’s going to do something miraculous. It will establish a direct connection between my laptop and the other side of the router at the office. So I know this IP address because we pay for a static IP address. This IP address never changes. So one of the things I’m going to have to tell the VPN client is the IP address of the outside of my router on my network. The moment that happens, this connection kind of looks like a pipe that runs all the way from my computer all the way over to this router. Now, the moment this takes place, the router kind of lets me into the network, and my DHCP server gives me an IP address. And all of a sudden I have another connection that has the same address as though I were actually a DHCP client on my network. So we call this a tunnel—a VPN tunnel—that makes this connection. Notice I have a local address. If it’s a private IP address, it still works. Folks. It’s absolutely amazing. And I can now suddenly see all my shared folders on my network, all my printers—anything that’s in my local area network appears on my computer right here.

To make this all work, you’ll need not only a VPN client, but also a router or, in some cases, a dedicated box that serves as the VPN endpoint in your local area network. Most people today will buy a special router that has VPN endpoint software built into the router itself. There are a lot of ways to do it. What we’re worried about is how we connect to our router. And to do that, we’re going to have to set up a VPN client. And we’ve got one that’s built into Windows. Now before I show you this, I need to warn you that the VPN client that’s built into Windows is pretty limited. There are lots of ways to make VPNs, and they have all these different protocol names like PPTP or L, two-way TCP or IPsec, and all these other names. And for a lot of these, you’re going to have to get a third-party tool. For example, if you get a Cisco VPN router, they will actually give you software that you install on your computer to make the VPN client get the idea. So there are multiple ways to do this. I just want to show you how to use the built-in Windows client, which actually works for a lot of different VPNs. Ready?

Let’s go. So to set this up, we’re going to head over to our network connections, and we’ll go take a look at the VPN. And what we’re going to do is add a VPN connection. So the provider in this case is just a built-in Windows one. We call it any name we want to. I like to call it Phone home. I need to know the address of the VPN router, so I have to know this. And I’ve been told that if I need a VPN, automatic is the way to go. But here’s where I’m talking about all these crazy protocols: When in doubt, leave it on automatic. You are absolutely going to have to type in a username and password. Or you might have to punch a smart card into your laptop. You might have a one-term password. You can even put a certificate on your computer that will allow you to log in. But username and password are the most common.

So I’m going to run mike passwordtotal and save this. The moment I save that VPN connection, it actually manifests as a new network card. Now you’ve got to think about this for a minute. With a VPN, I’m out on the internet somewhere with some IP address. Who knows what? So the moment I connect to my own local area network, I’m now going to get an IP address for my land. So Microsoft likes to manifest this by showing you two network cards. Let me show you. So here we go. Here’s my Ethernet card. Here’s something you’ve been ignoring for the time being. And then here’s my actual VPN connection. Now let me show you something. Right now, it’s disconnected. Right? Click on this. Go to “properties.” There you go. When it connects to your local area network, do you want it to use DHCP or do you want to assign it a static IP address? If you assign it a static IP address, it behaves exactly like a network card. Now to actually make the connection, all I’ve got to do is double-click on that, and assuming that I’ve got a good VPN server, the connection takes place, and boom, you type IP configuration. Suddenly, you’re going to have whatever your internal network is (192.168.684). It’s just there. Now though. Remember, you’re in Denver, and now you’ve got a problem. Let me show you what the problem is.

So here you are in Denver, and you’re connected to your local area network through your VPN, and everything’s great. You’re printing to the printers at the office, and you have access to the file server at the office. Everything’s super, except now all of a sudden you open up a web browser and you want to go to Google. Think about what’s about to happen if you open up a web browser. Well, remember, you’re connected to your local area network, so it’s going to go through the internet and into your network. It’s then going to go, “Oh, this is for Google.” So it’s going to go out; it’s going to head over to Google, grab that web request, bring it back down here, and then bring it all the way back in the VPN world. We call this “I forgot.” Somebody put it on the bottom of the screen. Yeah, that’s it. Okay. Now I remember. Anyway, this is a big problem you’ve run into with, say, Microsoft VPN clients. If you need more advanced settings, you’re usually going to be turning to third-party VPN clients that will take care of little issues like this and lots of others. You.

Leave a Reply

How It Works

img
Step 1. Choose Exam
on ExamLabs
Download IT Exams Questions & Answers
img
Step 2. Open Exam with
Avanset Exam Simulator
Press here to download VCE Exam Simulator that simulates real exam environment
img
Step 3. Study
& Pass
IT Exams Anywhere, Anytime!