Professional Documents
Culture Documents
Module 11 - Mwsa
Module 11 - Mwsa
Module 11 - Mwsa
REMOTE ACCESS
11.2 ICS, NAT, DHCP RELAY AGENT
ICS
• Internet Connection Sharing (ICS) is the use of a device with Internet access such
as 3G cellular service, broadband via Ethernet, or other Internet gateway as an
access point for other devices.
• It was implemented by Microsoft as a feature of its Windows operating system
(as of Windows 98 Second Edition and later) for sharing a single Internet
connection on one computer between other computers on the same local area
network.
• It makes use of DHCP and network address translation (NAT).
• ICS offers configuration for other standard services and some configuration of
NAT.
NAT
• Let’s say that there is a laptop connected to a home router. Someone uses the
laptop to search for directions to their favorite restaurant. The laptop sends this
request in a packet to the router, which passes it along to the web. But first, the
router changes the outgoing IP address from a private local address to a public
address.
• If the packet keeps a private address, the receiving server won’t know where to
send the information back to
• By using NAT, the information will make it back to the laptop using the router’s
public address, not the laptop’s private one.
DHCP Relay Agent
• A VPN works by using encryption protocols to funnel all your internet traffic
through an encrypted tunnel — a virtual private network — between your
computer and a remote VPN server.
• This hides your IP address and secures your data, preventing others from
intercepting it.
• Without a VPN, all your internet traffic is potentially exposed to your internet
service provider (ISP), the government, advertisers, or other people on your
network. That’s why VPN connections boost your privacy and security online.
What does VPN stand for?
• The Point-to-Point Tunneling Protocol (PPTP) is a VPN protocol used to secure the
connection between your device and a VPN server.
• One of the oldest VPN protocols, PPTP is plagued by multiple security issues and
is now considered obsolete.
• Despite this, its broad compatibility with a huge range of legacy software and
hardware, its ease of setup, and its lightweight nature enable its widespread use.
How it works
• PPTP is a tunneling protocol, not in itself, a complete VPN protocol. Encryption
and authentication are handled by the Point-to-Point Protocol (PPP), but PPP
includes no routing mechanism to direct packets to their destination.
• PPTP establishes a TCP connection to the VPN server over port 1723, repackaging
the PPP IP packets using Generic Routing Encapsulation (GRE).
• These packets are encrypted with Microsoft Point-to-Point Encryption (MPPE),
which uses an RSA RC4 stream cipher with a maximum key size of 128-bits.
L2TP