Installing Exchange 2010 Mailbox Role

Shared via AddThis

OvisGate SSL VPN Server 2.0 616.1

Shared via AddThis

Acer 3D Notebook Coming in October

Shared via AddThis

HP showcases 20 inch entertainment notebook

Shared via AddThis

Videora Ipod Converter

Shared via AddThis

Microsoft is investigating claims that thousands of Hotmail passwords have been hacked and posted online.

Shared via AddThis

ZTE C79 (MetroPCS)

Shared via AddThis

What's New

Cisco Home Network Administration Protocol (HNAP)

New Cisco HNAP Enabled Devices

Unable to Establish a Remote Access VPN Connection

• Cause: The machine name of the client computer is the same as the machine name of another computer on the network.
  
  Solution: Verify that the machine names of all computers on the network and connecting to the network are using unique machine names.
• Cause: The Routing and Remote Access service is not started on the VPN server.
  
  Solution: Verify the state of the Routing and Remote Access service on the VPN server.
  
  See Windows 2000 online Help for more information about how to monitor the Routing and Remote Access service, and how to start and stop the Routing and Remote Access service.
• Cause: Remote access is not enabled on the VPN server.
  
  Solution: Enable remote access on the VPN server.
  
  See Windows 2000 online Help for more information about how to enable the remote access server.
• Cause: PPTP or L2TP ports are not enabled for inbound remote access requests.
  
  Solution: Enable PPTP or L2TP ports, or both, for inbound remote access requests.
  
  See Windows 2000 online Help for more information about how to configure ports for remote access.
• Cause: The LAN protocols used by the VPN clients are not enabled for remote access on the VPN server.
  
  Solution: Enable the LAN protocols used by the VPN clients for remote access on the VPN server.
  
  See Windows 2000 online Help for more information about how to view properties of the remote access server.
• Cause: All of the PPTP or L2TP ports on the VPN server are already being used by currently connected remote access clients or demand-dial routers.
  
  Solution: Verify that all of the PPTP or L2TP ports on the VPN server are not already being used by clicking Ports in Routing and Remote Access. If necessary, change the number of PPTP or L2TP ports to allow more concurrent connections.
  
  See Windows 2000 online Help for more information about how to add PPTP or L2TP ports.
• Cause: the VPN server does not support The tunneling protocol of the VPN client.
  
  By default, Windows 2000 remote access VPN clients use the Automatic server type option, which means that they try to establish an L2TP over IPSec-based VPN connection first, and then they try a PPTP-based VPN connection. If VPN clients use either the Point-to-Point Tunneling Protocol (PPTP) or Layer-2 Tunneling Protocol (L2TP) server type option, verify that the selected tunneling protocol is supported by the VPN server.
  
  By default, a computer running Windows 2000 Server and the Routing and Remote Access service is a PPTP and L2TP server with five L2TP ports and five PPTP ports. To create a PPTP-only server, set the number of L2TP ports to zero. To create an L2TP-only server, set the number of PPTP ports to zero.
  
  Solution: Verify that the appropriate number of PPTP or L2TP ports is configured.
  
  See Windows 2000 online Help for more information about how to add PPTP or L2TP ports.
• Cause: The VPN client and the VPN server in conjunction with a remote access policy are not configured to use at least one common authentication method.
  
  Solution: Configure the VPN client and the VPN server in conjunction with a remote access policy to use at least one common authentication method.
  
  See Windows 2000 online Help for more information about how to configure authentication.
• Cause: The VPN client and the VPN server in conjunction with a remote access policy are not configured to use at least one common encryption method.
  
  Solution: Configure the VPN client and the VPN server in conjunction with a remote access policy to use at least one common encryption method.
  
  See Windows 2000 online Help for more information about how to configure encryption.
• Cause: The VPN connection does not have the appropriate permissions through dial-in properties of the user account and remote access policies.
  
  Solution: Verify that the VPN connection has the appropriate permissions through dial-in properties of the user account and remote access policies. In order for the connection to be established, the settings of the connection attempt must:
  
  
  • Match all of the conditions of at least one remote access policy.
  • Be granted remote access permission through the user account (set to Allow access) or through the user account (set to Control access through Remote Access Policy) and the remote access permission of the matching remote access policy (set to Grant remote access permission).
  • Match all the settings of the profile.
  • Match all the settings of the dial-in properties of the user account.
  See Windows 2000 online Help for an introduction to remote access policies, and for more information about how to accept a connection attempt.
• Cause: The settings of the remote access policy profile are in conflict with properties of the VPN server.
  
  The properties of the remote access policy profile and the properties of the VPN server both contain settings for:
  
  
  • Multilink
  • Bandwidth allocation protocol
  • Authentication protocols
  If the settings of the profile of the matching remote access policy are in conflict with the settings of the VPN server, the connection attempt is rejected. For example, if the matching remote access policy profile specifies that the EAP-TLS authentication protocol must be used and EAP is not enabled on the VPN server, the connection attempt is rejected.
  
  Solution: Verify that the settings of the remote access policy profile are not in conflict with properties of the VPN server.
  
  See Windows 2000 online Help for more information about how to enable authentication protocols, and how to configure authentication.
• Cause: The answering router is unable to validate the credentials of the calling router (user name, password, and domain name).
  
  Solution: Verify that the credentials of the VPN client (user name, password, and domain name) are correct and can be validated by the VPN server.
• Cause: There are not enough addresses in the static IP address pool.
  
  Solution: If the VPN server is configured with a static IP address pool, verify that there are enough addresses in the pool. If all of the addresses in the static pool have been allocated to connected VPN clients, the VPN server is unable to allocate an IP address, and the connection attempt is rejected. Modify the static IP address pool if needed. See Windows 2000 online Help for more information about TCP/IP and remote access, and how to create a static IP address pool.
• Cause: The VPN client is configured to request its own IPX node number and the VPN server is not configured to allow IPX clients to request their own IPX node number.
  
  Solution: Configure the VPN server to allow IPX clients to request their own IPX node number.
  
  See Windows 2000 online Help for more information about IPX and remote access.
• Cause: The VPN server is configured with a range of IPX network numbers that are being used elsewhere on your IPX network.
  
  Solution: Configure the VPN server with a range of IPX network numbers that is unique to your IPX network.
  
  See Windows 2000 online Help for more information about IPX and remote access.
• Cause: The authentication provider of the VPN server is improperly configured.
  
  Solution: Verify the configuration of the authentication provider. You can configure the VPN server to use either Windows 2000 or RADIUS to authenticate the credentials of the VPN client.
  
  See Windows 2000 online Help for more information about authentication and accounting providers, and how to use RADIUS authentication.
• Cause: The VPN server cannot access Active Directory.
  
  
  Solution: For a VPN server that is a member server in a mixed-mode or native-mode Windows 2000 domain that is configured for Windows 2000 authentication, verify the following:
  
  
  • The RAS and IAS Servers security group exists. If not, create the group and set the group type to Security and the group scope to Domain local.
  • The RAS and IAS Servers security group has Read permission to the RAS and IAS Servers Access Check object.
  • The computer account of the VPN server computer is a member of the RAS and IAS Servers security group. You can use the netsh ras show registeredserver command to view the current registration. You can use the "netsh ras add registeredserver" command to register the server in a specified domain.
    
    If you add (or remove) the VPN server computer to the RAS and IAS Servers security group, the change does not take effect immediately (due to the way that Windows 2000 caches Active Directory information). To immediately effect this change, you need to restart the VPN server computer.
  • For a native-mode domain, the VPN server has joined the domain.
  See Windows 2000 online Help for more information about how to add a group, how to verify permissions for the RAS and IAS security group, and about NetShell commands for remote access.
• Cause: A Windows NT 4.0 VPN server cannot validate connection requests.
  
  Solution: If VPN clients are dialing in to a VPN server running Windows NT 4.0 that is a member of a Windows 2000 mixed-mode domain, verify that the Everyone group is added to the Pre-Windows 2000 Compatible Access group with the following command:
  "net localgroup "Pre-Windows 2000 Compatible Access""
  If not, type the following command at a command prompt on a domain controller computer, and then restart the domain controller computer:
  net localgroup "Pre-Windows 2000 Compatible Access" everyone /add
  See Windows 2000 online Help for more information about Windows NT 4.0 remote access server in a Windows 2000 domain.
• Cause: The VPN server is unable to communicate with the configured RADIUS server.
  
  Solution: If your RADIUS server is only reachable through your Internet interface, add an input filter and an output filter to the Internet interface for UDP port 1812 (based on RFC 2138, "Remote Authentication Dial-In User Service (RADIUS)"), or UDP port 1645 (for older RADIUS servers) for RADIUS authentication and UDP port 1813 (based on RFC 2139, "RADIUS Accounting"), or UDP port 1646 (for older RADIUS servers) for RADIUS accounting.
  
  See Windows 2000 online Help for more information about how to add a packet filter.
• Cause:Cannot connect to the VPN server over the Internet using the Ping.exe utility.
  
  Solution: Due to the PPTP and L2TP over IPSec packet filtering that is configured on the Internet interface of the VPN server, Internet Control Message Protocol (ICMP) packets used by the ping command are filtered out. To enable the VPN server to respond to ICMP (ping) packets, you need to add an input filter and an output filter that allow traffic for IP protocol 1 (ICMP traffic).
  
  See Windows 2000 online Help for more information about how to add a packet filter.

Troubleshooting Router-to-Router VPNs

Unable to Establish a Router-to-Router VPN Connection

• Cause: The Routing and Remote Access service is not started on the VPN client (the calling router) and the VPN server (the answering router).
  
  Solution: Verify the state of the Routing and Remote Access service on the VPN client and the VPN server.
  
  See Windows 2000 online Help for more information about how to monitor the Routing and Remote Access service, and how to start and stop the Routing and Remote Access service.
• Cause: LAN and WAN routing is not enabled on the calling router and the answering router.
  
  Solution: Enable Local and remote routing (LAN and WAN router) on the calling router and the answering router.
  
  See Windows 2000 online Help for more information about how to enable LAN and WAN routing.
• Cause: PPTP or L2TP ports are not enabled for inbound and outbound demand-dial routing connections.
  
  Solution: Enable PPTP or L2TP ports, or both, for inbound and outbound demand-dial routing connections.
  
  See Windows 2000 online Help for more information about how to enable routing on ports.
• Cause: All of the PPTP or L2TP ports on the calling or answering router are currently in use by connected remote access clients or demand-dial routers.
  
  Solution: Verify that all of the PPTP or L2TP ports on the VPN server are not already being used by clicking Ports in Routing and Remote Access. If necessary, change the number of PPTP or L2TP ports to allow more concurrent connections.
  
  See Windows 2000 online Help for more information about how to add PPTP or L2TP ports.
• Cause: The answering router does not support the tunneling protocol used by the calling router.
  
  By default, Windows 2000 demand-dial interfaces use the Automatic server type option, which means that they attempt to establish an L2TP over IPSec-based VPN connection first, and then a PPTP-based VPN connection. If calling routers use either the Point-to-Point Tunneling Protocol (PPTP) or Layer-2 Tunneling Protocol (L2TP) server type option, verify that the selected tunneling protocol is supported by the answering router.
  
  By default, a computer running Windows 2000 Server and the Routing and Remote Access service is a PPTP and L2TP-capable demand dial router with five L2TP ports and five PPTP ports. To create a PPTP-only router, set the number of L2TP ports to zero. To create an L2TP-only router, set the number of PPTP ports to zero.
  
  Solution: Verify that the appropriate number of PPTP or L2TP ports is configured on the calling router and the answering router.
  
  See Windows 2000 online Help for more information about how to add PPTP or L2TP ports.
• Cause: The calling router and the answering router in conjunction with a remote access policy are not configured to use at least one common authentication method.
  
  Solution: Configure the calling router and the answering router in conjunction with a remote access policy to use at least one common authentication method.
  
  See Windows 2000 online Help for more information about how to configure authentication.
• Cause: The calling router and the answering router in conjunction with a remote access policy are not configured to use at least one common encryption method.
  
  Solution: Configure the calling router and the answering router in conjunction with a remote access policy to use at least one common encryption method.
  
  See Windows 2000 online Help for more information about how to configure encryption.
• Cause: The VPN connection does not have the appropriate permissions through dial-in properties of the user account and remote access policies.
  
  Solution: Verify that the VPN connection has the appropriate permissions through dial-in properties of the user account and remote access policies. In order for the connection to be established, the settings of the connection attempt must:
  
  
  • Match all of the conditions of at least one remote access policy.
  • Be granted remote access permission through the user account (set to Allow access) or through the user account (set to Control access through Remote Access Policy) and the remote access permission of the matching remote access policy (set to Grant remote access permission).
  • Match all the settings of the profile.
  • Match all the settings of the dial-in properties of the user account.
  See Windows 2000 online Help for an introduction to remote access policies, and for more information about how to accept a connection attempt.
• Cause: The settings of the remote access policy profile are in conflict with properties of the answering router. The properties of the remote access policy profile and the properties of the answering router both contain settings for:
  
  
  • Multilink
  • Bandwidth allocation protocol
  • Authentication protocols
  If the settings of the profile of the matching remote access policy are in conflict with the settings of the answering router, the connection attempt is rejected. For example, if the matching remote access policy profile specifies that the EAP-TLS authentication protocol must be used and EAP is not enabled on the answering router, the connection attempt is rejected.
  
  Solution: Verify that the settings of the remote access policy profile are not in conflict with properties of the remote access router.
  
  See Windows 2000 online Help for more information about how to enable authentication protocols, and how to configure authentication.
• Cause: The credentials of the calling router (user name, password, and domain name) are incorrect and cannot be validated by the answering router.
  
  Solution: Verify that the credentials of the calling router (user name, password, and domain name) are correct and can be validated by the answering router.
• Cause: There are not enough addresses in the static IP address pool.
  
  Solution: If the answering router is configured with a static IP address pool, verify that there are enough addresses in the pool. If all of the addresses in the static pool have been allocated to connected remote access clients or demand-dial routers, the answering router is unable to allocate an IP address, and the connection attempt is rejected. Modify the static IP address pool if needed.
  
  See Windows 2000 online Help for more information about TCP/IP and remote access, and how to create a static IP address pool.
• Cause: The answering router is configured with a range of IPX network numbers that are in use elsewhere on your IPX network.
  
  Solution: Configure the answering router with a range of IPX network numbers that are unique to your IPX network.
  
  See Windows 2000 online Help for more information about IPX and remote access.
• Cause: The authentication provider of the answering router is incorrectly configured.
  
  Solution: Verify the configuration of the authentication provider. You can configure the answering router to use either Windows 2000 or RADIUS to authenticate the credentials of the VPN client.
  
  See Windows 2000 online Help for more information about authentication and accounting providers, and how to use RADIUS authentication.
• Cause: The answering router cannot access Active Directory.
  
  Solution: For an answering router that is a member server in mixed-mode or native-mode Windows 2000 domain that is configured for Windows 2000 authentication, verify that:
  
  
  • The RAS and IAS Servers security group exists. If not, then create the group and set the group type to Security and the group scope to Domain local.
  • The RAS and IAS Servers security group has Read permission to the RAS and IAS Servers Access Check object.
  • The computer account of the answering router computer is a member of the RAS and IAS Servers security group. You can use the following command to view the current registration:
    "netsh ras show registeredserver"
    You can use the following command to register the server in a specified domain:
    "netsh ras add registeredserver"
    If you add the answering router computer to, or remove the answering router computer from the RAS and IAS Servers security group, the change does not take effect immediately (due to the way that Windows 2000 caches Active Directory information). For the change to take effect immediately, you must restart the answering router computer.
  • For a native-mode domain, the answering router has joined the domain.
  See Windows 2000 online Help for more information about how to add a group, how to verify permissions for the RAS and IAS security group, and about the NetShell commands for remote access.
• Cause: An answering router running Windows NT 4.0 with the Routing and Remote Access Service (RRAS) cannot validate connection requests.
  
  Solution: If calling routers are dialing in to an answering router running Windows NT 4.0 with RRAS that is a member of a Windows 2000 mixed-mode domain, verify that the Everyone group is added to the Pre-Windows 2000 Compatible Access group with the following command:
  "net localgroup "Pre-Windows 2000 Compatible Access""
  If not, type the following command at a command prompt on a domain controller computer and then restart the domain controller computer:
  "net localgroup "Pre-Windows 2000 Compatible Access" everyone /add"
  See Windows 2000 online Help for more information about Windows NT 4.0 remote access server in a Windows 2000 domain.
• Cause: The answering router is unable to communicate with the configured RADIUS server.
  
  Solution: If your RADIUS server is only reachable through your Internet interface, add an input filter and an output filter to the Internet interface for UDP port 1812 (based on RFC 2138, "Remote Authentication Dial-In User Service (RADIUS)") or to UDP port 1645 (for older RADIUS servers) for RADIUS authentication and UDP port 1813 (based on RFC 2139, "RADIUS Accounting") or to UDP port 1646 (for older RADIUS servers) for RADIUS accounting.
  
  See Windows 2000 online Help for more information about how to add a packet filter.
• Cause: Cannot connect to the answering router from the Internet by using the Ping.exe utility.
  
  Solution: Due to the PPTP and L2TP over IPSec packet filtering that is configured on the Internet interface of the answering router, Internet Control Message Protocol (ICMP) packets used by the Ping command are filtered out. To enable the answering router to respond to ICMP packets, you must add an input filter and an output filter that allow traffic for IP protocol 1 (ICMP traffic).
  
  See Windows 2000 online Help for more information about how to add a packet filter.

Unable to Send and Receive Data

• Cause: The appropriate demand-dial interface has not been added to the protocol being routed.
  
  Solution: Add the appropriate demand-dial interface to the protocol being routed.
  
  See Windows 2000 online Help for more information about how to add a routing interface.
• Cause: There are no routes on both sides of the router-to-router VPN connection that support the two-way exchange of traffic.
  
  Solution: Unlike a remote access VPN connection, a router-to-router VPN connection does not automatically create a default route. You need to create routes on both sides of the router-to-router VPN connection so that traffic can be routed to and from the other side of the router-to-router VPN connection.
  
  You can manually add static routes to the routing table, or you can add static routes through routing protocols. For persistent VPN connections, you can enable Open Shortest Path First (OSPF) or Routing Information Protocol (RIP) across the VPN connection. For on-demand VPN connections, you can automatically update routes through an auto-static RIP update. See Windows 2000 online Help for more information about how to add an IP routing protocol, how to add a static route, and how to perform auto-static updates
• Cause: A two-way initiated, the answering router as a remote access connection is interpreting router-to-router VPN connection.
  
  Solution: If the user name in the credentials of the calling router appears under Dial-In Clients in Routing and Remote Access, the answering router may interpret the calling router as a remote access client. Verify that the user name in the credentials of the calling router matches the name of a demand-dial interface on the answering router. If the incoming caller is a router, the port on which the call was received shows a status of Active and the corresponding demand-dial interface is in a Connected state.
  
  See Windows 2000 online Help for more information about how to check the status of the port on the answering router, and how to check the status of the demand-dial interface.
• Cause: Packet filters on the demand-dial interfaces of the calling router and answering router are preventing the flow of traffic.
  
  Solution: Verify that there are no packet filters on the demand-dial interfaces of the calling router and answering router that prevent the sending or receiving of traffic. You can configure each demand-dial interface with IP and IPX input and output filters to control the exact nature of TCP/IP and IPX traffic that is allowed into and out of the demand-dial interface.
  
  See Windows 2000 online Help for more information about how to manage packet filters.
• Cause: Packet filters on the remote access policy profile are preventing the flow of IP traffic.
  
  Solution: Verify that there are no configured TCP/IP packet filters on the profile properties of the remote access policies on the VPN server (or the RADIUS server if Internet Authentication Service is used) that are preventing the sending or receiving of TCP/IP traffic. You can use remote access policies to configure TCP/IP input and output packet filters that control the exact nature of TCP/IP traffic allowed on the VPN connection. Verify that the profile TCP/IP packet filters are not preventing the flow of needed traffic.
  
  See Windows 2000 online Help for more information about how to configure IP options.

Overview of VPN

A virtual private network (VPN) is a means of connecting to a private network (such as your office network) by way of a public network, such as the Internet. This combines the virtues of a dial-up connection to a dial-up server with the ease and flexibility of an Internet connection. By using an Internet connection, you can travel worldwide and still, in most places, connect to your office with a local call to the nearest Internet access phone number. If you have a high-speed Internet connection (such as cable or DSL) at your computer (and at your office), you can communicate with your office at full Internet speed, which is much faster than any dial-up connection using an analog modem.

VPNs use authenticated links to ensure that only authorized users can connect to your network, and they use encryption to ensure that data that travels over the Internet can't be intercepted and used by others. Windows achieves this security using Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP).

VPN technology also allows a corporation to connect to its branch offices or to other companies over a public network (such as the Internet) while maintaining secure communications. The VPN connection across the Internet logically operates as a dedicated wide area network (WAN) link.

Components of a VPN

A VPN in Windows 2000 consists of a VPN server, a VPN client, a VPN connection (the portion of the connection in which the data is encrypted), and the tunnel (the portion of the connection in which the data is encapsulated). The tunneling is done through one of the tunneling protocols included with Windows 2000, both of which are installed with Routing and Remote Access. The two tunneling protocols included with Windows 2000 are:

• Point-to-Point Tunneling Protocol (PPTP): Provides data encryption using Microsoft Point-to-Point Encryption.
• Layer Two Tunneling Protocol (L2TP): Provides data encryption, authentication, and integrity using IPSec.

Your connection to the Internet should use a dedicated line such as T1, Fractional T1, or Frame Relay. The WAN adapter must be configured with the IP address and subnet mask assigned for your domain or supplied by an Internet service provider (ISP), as well as the default gateway of the ISP router.

NOTE: To enable VPN, you must be logged on using an account that has administrative rights.

How to Install and Enable VPN

To install and enable a VPN server, follow these steps:

1. On the Microsoft Windows 2000 VPN computer, confirm that both the connection to the Internet and the connection to your local area network (LAN) are correctly configured.
2. Click Start, point to Administrative Tools, and then click Routing and Remote Access.
3. Click the server name in the tree, and click Configure and Enable Routing and Remote Access on the Action menu, and then click Next.
4. In the Common Configurations dialog box, click Virtual private network (VPN server), and then click Next.
5. In the Remote Client Protocols dialog box, confirm that TCP/IP is included in the list, click Yes, all of the available protocols are on this list, and then click Next.
6. In the Internet Connection dialog box, select the Internet connection that will connect to the Internet, and then click Next.
7. In the IP Address Assignment dialog box, select Automatically in order to use the DHCP server on your subnet to assign IP addresses to dialup clients and to the server.
8. In the Managing Multiple Remote Access Servers dialog box, confirm that the No, I don't want to set up this server to use RADIUS now checkbox is selected.
9. Click Next, and then click Finish.
10. Right click the Ports node, and then click Properties.
11. In the Ports Properties dialog box, click the WAN Miniport (PPTP) device, and then click Configure.
12. In the Configure Device - WAN Miniport (PPTP) dialog box, do one of the following:
    • If you do not want to support direct user dialup VPN to modems installed on the server, click to clear the Demand-Dial Routing Connections (Inbound and Outbound) check box.
    • If you do want to support direct user dialup VPN to modems installed on the server, click to select the Demand-Dial Routing Connections (Inbound and Outbound) check box.
13. Type the maximum number of simultaneous PPTP connections that you want to allow in the Maximum Ports text box. (This may depend on the number of available IP addresses.
14. Repeat steps 11 through 13 for the L2TP device, and then click OK.

How to Configure the VPN Server

To further configure the VPN server as required, follow these steps.

Configuring the Remote Access Server as a Router

For the remote access server to forward traffic properly inside your network, you must configure it as a router with either static routes or routing protocols, so that all of the locations in the intranet are reachable from the remote access server.

To configure the server as a router:

1. Click Start, point to Administrative Tools, and then click Routing and Remote Access.
2. Right-click the server name, and then click Properties.
3. On the General tab, click to select Enable This Computer As A Router.
4. Select either Local area network (LAN) routing only or LAN and demand-dial routing, and then click OK to close the Properties dialog box.

How to Configure PPTP Ports

Confirm the number of PPTP ports that you need. To verify the number of ports or to add ports, follow these steps:

1. Click Start, point to Administrative Tools, and then click Routing and Remote Access.
2. In the console tree, expand Routing and Remote Access, expand the server name, and then click Ports.
3. Right-click Ports, and then click Properties.
4. In the Ports Properties dialog box, click WAN Miniport (PPTP), and then click Configure.
5. In the Configure Device dialog box, select the maximum number of ports for the device, and then select the options to specify whether the device accepts incoming connections only, or both incoming and outgoing connections.

How to Manage Addresses and Name Servers

The VPN server must have IP addresses available in order to assign them to the VPN server's virtual interface and to VPN clients during the IP Control Protocol (IPCP) negotiation phase of the connection process. The IP address assigned to the VPN client is assigned to the virtual interface of the VPN client.

For Windows 2000-based VPN servers, the IP addresses assigned to VPN clients are obtained through DHCP by default. You can also configure a static IP address pool. The VPN server must also be configured with name resolution servers, typically DNS and WINS server addresses, to assign to the VPN client during IPCP negotiation.

How to Manage Access

Configure the dial-in properties on user accounts and remote access policies to manage access for dial-up networking and VPN connections.

NOTE: By default, users are denied access to dial-up.

Access by User Account

If you are managing remote access on a user basis, click Allow Access on the Dial-In tab of the user's Properties dialog box for those user accounts that are allowed to create VPN connections. If the VPN server is allowing only VPN connections, delete the default remote access policy called "Allow Access If Dial-In Permission Is Enabled." Then create a new remote access policy with a descriptive name, such as VPN Access If Allowed By User Account. For more information, see Windows 2000 Help.

CAUTION: After you delete the default policy, a dial-up client that does not match at least one of the policy configurations you create will be denied access.

If the VPN server is also allowing dial-up remote access services, do not delete the default policy, but move it so that it is the last policy to be evaluated.

Access by Group Membership

If you are managing remote access on a group basis, click the Control access through remote access policy radio button on all user accounts by using the Active Directory Users and Computers Console in Administrator Tools or MMC snap-in. Create a Windows 2000 group with members who are allowed to create VPN connections. If the VPN server allows only VPN connections, delete the default remote access policy called Allow Access If Dial-In Permission Is Enabled. Next, create a new remote access policy with a descriptive name such as VPN Access If Member Of VPN-Allowed Group, and then assign the Windows 2000 group to the policy.

If the VPN server also allows dial-up networking remote access services, do not delete the default policy; instead move it so that it is the last policy to be evaluated.

How to Configure the VPN Server

To further configure the VPN server as required, follow these steps.

Configuring the Remote Access Server as a Router

For the remote access server to forward traffic properly inside your network, you must configure it as a router with either static routes or routing protocols, so that all of the locations in the intranet are reachable from the remote access server.

To configure the server as a router:

1. Click Start, point to Administrative Tools, and then click Routing and Remote Access.
2. Right-click the server name, and then click Properties.
3. On the General tab, click to select Enable This Computer As A Router.
4. Select either Local area network (LAN) routing only or LAN and demand-dial routing, and then click OK to close the Properties dialog box.

How to Configure PPTP Ports

Confirm the number of PPTP ports that you need. To verify the number of ports or to add ports, follow these steps:

1. Click Start, point to Administrative Tools, and then click Routing and Remote Access.
2. In the console tree, expand Routing and Remote Access, expand the server name, and then click Ports.
3. Right-click Ports, and then click Properties.
4. In the Ports Properties dialog box, click WAN Miniport (PPTP), and then click Configure.
5. In the Configure Device dialog box, select the maximum number of ports for the device, and then select the options to specify whether the device accepts incoming connections only, or both incoming and outgoing connections.

How to Manage Addresses and Name Servers

The VPN server must have IP addresses available in order to assign them to the VPN server's virtual interface and to VPN clients during the IP Control Protocol (IPCP) negotiation phase of the connection process. The IP address assigned to the VPN client is assigned to the virtual interface of the VPN client.

For Windows 2000-based VPN servers, the IP addresses assigned to VPN clients are obtained through DHCP by default. You can also configure a static IP address pool. The VPN server must also be configured with name resolution servers, typically DNS and WINS server addresses, to assign to the VPN client during IPCP negotiation.

How to Manage Access

Configure the dial-in properties on user accounts and remote access policies to manage access for dial-up networking and VPN connections.

NOTE: By default, users are denied access to dial-up.

Access by User Account

If you are managing remote access on a user basis, click Allow Access on the Dial-In tab of the user's Properties dialog box for those user accounts that are allowed to create VPN connections. If the VPN server is allowing only VPN connections, delete the default remote access policy called "Allow Access If Dial-In Permission Is Enabled." Then create a new remote access policy with a descriptive name, such as VPN Access If Allowed By User Account. For more information, see Windows 2000 Help.

CAUTION: After you delete the default policy, a dial-up client that does not match at least one of the policy configurations you create will be denied access.

If the VPN server is also allowing dial-up remote access services, do not delete the default policy, but move it so that it is the last policy to be evaluated.

Access by Group Membership

If you are managing remote access on a group basis, click the Control access through remote access policy radio button on all user accounts by using the Active Directory Users and Computers Console in Administrator Tools or MMC snap-in. Create a Windows 2000 group with members who are allowed to create VPN connections. If the VPN server allows only VPN connections, delete the default remote access policy called Allow Access If Dial-In Permission Is Enabled. Next, create a new remote access policy with a descriptive name such as VPN Access If Member Of VPN-Allowed Group, and then assign the Windows 2000 group to the policy.

If the VPN server also allows dial-up networking remote access services, do not delete the default policy; instead move it so that it is the last policy to be evaluated.

How to Configure a VPN Connection from a Client Computer

To set up a connection to a VPN:

1. On the client computer, confirm that the connection to the Internet is correctly configured.
2. Click Start, point to Settings, and then click Network And Dial-Up Connections.
3. Double-click Make New Connection.
4. Click Next, and then click Connect To A Private Network Through The Internet, and then click Next.
5. Do one of the following:
   • If you use a dial-up connection to connect to the Internet, click Automatically Dial This Initial Connection and then select your dial-up Internet connection from the list.
   • If you use a full-time connection (such as a cable modem), click Do Not Dial The Initial Connection.
6. Click Next.
7. Type the host name (for example, Microsoft.com) or the IP address (for example, 123.123.123.123) of the computer to which you want to connect, and then click Next.
8. Click to select For All Users if you want the connection to be available to anyone who logs on to the computer, or click to select Only For Myself to make it available only when you log onto the computer, and then click Next.
9. Type a descriptive name for the connection, and then click Finish.
   
   NOTE: This option is available only if you are logged on as a member of the Administrators group.
10. Click Start, point to Settings, and then click Network And Dial-Up Connections.
11. Double-click the new connection.
12. Click Properties to further configure options for the connection:
    
    • If you are connecting to a domain, click the Options tab, and then click to select the Include Windows logon domain check box to specify whether to request Windows 2000 logon domain information before attempting to connect.
    • If you want the connection to be redialed if the line is dropped, click the Options tab, and then click to select the Redial if line is dropped check box.

To use the connection:

1. Click Start, point to Settings, and then click Network And Dial-Up Connections.
2. Double-click the new connection.
3. If you do not currently have a connection to the Internet, Windows offers to connect to the Internet.
4. Once the connection to the Internet is made, the VPN server prompts you for your user name and password. Enter your user name and password, click Connect, and your network resources should be available to you in the same way they are when you connect directly to the network.NOTE: To disconnect from the VPN, right-click the connection's icon, and then click Disconnect.

• User Permission. Enable a user to access the VPN. To do this, go to AD Users and Computers, select the user who need to access the VPN, click Dial-in. Check Allow access on the Remote Access Permission (Dial-in or VPN).

• IP Configuration. The VPN server should have a static IP address and assign the arrange IP addresses to VPN clients. The VPN server must also be configured with DNS and WINS server addresses to assign to the VPN client during the connection.

• Data Encryption. Data carried on the public network should be rendered unreadable to unauthorized clients on the network.

• Protocol Support. The TCP/IP is common protocols used in the public network. The VPN also include IP, Internetwork Packet Exchange (IPX), NetBEUI and so on.

• Firewall Ports. When you place a VPN server behind your firewall, be sure to enable IP protocol 47 (GRE) and TCP port 1723.

• Interface(s) for VPN server. If your network doesn't have a router or the VPN is also a gateway, your computer must have at least two interfaces, one connecting to the Internet and another connecting to the LAN. If it is behind a router, you just need one NIC.

• One interface for VPN client. The interface can be a dial-in modem, or a dedicated connection to the Internet.

This step-by-step article describes how to configure a virtual private network (VPN) connection to your corporate network in Microsoft Windows XP Professional. A VPN connection is a connection that uses both private and public networks to create a network connection.

Both Point-to-Point Tunneling protocol (PPTP) or Layer Two Tunneling Protocol (L2TP) are automatically installed on your Windows XP-based computer. These protocols help provide security when you access resources on a network by connecting to a remote access server through the Internet or other network. This kind of connection is known as a VPN connection.

How to create a new VPN connection

1. Click Start, click Control Panel, click Network and Internet Connections, and then click Network Connections.
2. Click Create a new connection, and then click Next.
3. Click Connect to the network at my workplace, and then click Next.
4. Click Virtual Private Network connection, and then click Next.
5. Type a descriptive name for your company, and then click Next.
6. Click Do not dial the initial connection, and then click Next.
7. Type the host name or IP address of the computer where you are connecting, and then click Next.
8. Use one of the following methods:
   • Click Anyone's use if you want to share the connection with all users.
   • Click My use only if you do not want to share the connection.
9. Click Next, and then click Finish.
   

Note This method works when you are connected to the Internet only.

How to modify an existing dial-up connection

You may have to modify some of the parameters in your dial-up connection to successfully connect to the Internet. To make these modifications, follow these steps:

1. To open an existing connection, click Start, click Control Panel, click Network and Internet Connections, and then click Network Connections.
2. Click the connection, and then click Change settings of this connection.
   • On the General tab, you can change the server name or IP address.
   • On the Networking tab, you can change the type of secure protocol.
   • On the Advanced tab, you can enable Internet Connection Firewall protection to prevent access to your computer from the Internet.
     
     To do this, select the Protect my computer and network by limiting and preventing access to this computer from the Internet check box.
     
     Note When you enable Internet Connection Firewall protection to prevent access to your computer from the Internet, you may also create problems with the connection to your server. After you enable Internet Connection Firewall protection, verify that the connection to your server is still working.
     
     A firewall is designed to help protect your computer from attack by malicious users or by malicious software such as viruses that use unsolicited incoming network traffic to attack your computer. If the connection to your server is working and you decide to disable your firewall, you must disconnect your computer from all networks including the Internet.

Any backup is only as reliable as its ability to restore business data and applications when they are needed most. The SonicWALL® Continuous Data Protection (CDP) Series offers the only complete end-to-end backup and recovery solution for SMBs. An ideal replacement for tape-based systems, CDP provides foolproof, intuitive, continual protection. No other solution offers such comprehensive protection while still being so easy-to-manage. The key features and benefits of a SonicWALL backup and recovery solution are:
Automatic Transparent Backup

CDP delivers automatic, transparent backup that ensures data, applications and systems are reliably protected from common user error, hardware failure, deletion, potential disaster and malicious attack. An ideal replacement for tape-based systems, CDP solutions provides foolproof, intuitive continual protection.
Low-Touch Administration

CDP automates tedious backup administrative tasks, providing an easy-to-manage, low-touch solution. CDP solutions ensure reliability and speed recovery by automatically generating e-mail alerts on any compromised connectivity and regularly-scheduled reports on backup activity.
Flexible Disaster Recovery Options

CDP provides flexible disaster recovery options, including SonicWALL Offsite Data Backup, SonicWALL Site-to-Site Data Backup and SonicWALL Local Archiving, as well as SonicWALL Bare Metal Recovery of complete systems—OS, files, applications, databases and settings—in just minutes. Extensible across multiple platforms including Windows and Linux®, CDP solutions can instantly recover data, applications or entire workstation or server systems onto original, new or virtual devices with SonicWALL Universal Restore.
User-Directed Restore

By enabling end-users to securely restore their own files, CDP increases user satisfaction and productivity while freeing IT resources.
Enforce Policy-Based Backup

Enforcing policy-based backup ensures control of all business critical data, while avoiding the increased costs of backing up non-business related files such as personal music, videos and pictures. Administrators can easily pre-configure set policies to ensure that specific business-critical files, folders or applications are backed up, and to assign end-users rights to allow them to retrieve their own data.
Models to Fit Any SMB Need

SonicWALL offers a wide range of CDP appliance models scaled to fit the budget, performance, and capacity needs of any SMB. With capacity up to 9 TB at typical 2:1 compression, GbE connectivity, RAID 5 and replaceable components, CDP solutions are designed to meet today’s demanding requirements for performance and reliability.
Instant Recovery and File Versions

With CDP, all files are instantly continually available in multiple historic versions, and all servers and server applications—including, Exchange, SQL Server and Active Directory—are protected with multiple-point-in-time recovery in case of disaster. CDP version catalogs minimize downtime by enabling easy, instant, pick-and-click data recovery of files.
Remote Management

Administrators can log in to Enterprise Manager on a CDP appliance from any remote location to manage policy and settings, view statistics, and pre-set backup of files, folders or applications, resulting in more flexible disaster recovery and increased service levels. CDP solutions secure data using industry-standard encryption anytime it is transmitted off site, offering complete business information availability for servers, desktops and mobile laptops.

New CCNA certifications and their contents is changing.According to cisco, the new CCNA will contain two exams.CCNA Discovery and CCNA exploration. IGRP will be removed and some wireless, VoIP and dsl configuration with linksys routers will be added



http://rapidshare.com/files/150631476/CCNA.Discovery.v4.0.rar
http://rapidshare.com/files/150648139/CCNA.Discovery2.v4.0.rar
http://rapidshare.com/files/150658079/CCNA.Discovery3.v4.0.rar
http://rapidshare.com/files/150766803/CCNA.Discovery4.v4.0.rar

http://rapidshare.com/files/150777420/CCNA.Exploration.v4.0.rar
http://rapidshare.com/files/150788037/CCNA.Exploration2.v4.0.rar
http://rapidshare.com/files/150608170/CCNA.Exploration3.v4.0.rar
http://rapidshare.com/files/150621353/CCNA.Exploration4.v4.0.rar


Exams:
Semester 1:
Code:

http://rapidshare.com/files/156998036/CCNA_test_Sem1_1-9_.rar

Semester 2:
Code:

http://rapidshare.com/files/156998039/CCNA_test_Sem2_1-4_.rar

Sybex.MCITP.Microsoft.Exchange.Server.2007.Messaging.Design.and.Deployment.Study.Guide.Jan.2008


syngress_configuring_exchange_server_2007


Sybex_Mastering_Microsoft_Exchange_Server_2007



CBT_Nuggets_70-236_-_Configuring_Exchange_Server_2007.part1


CBT_Nuggets_70-236_-_Configuring_Exchange_Server_2007.part2

DOWNLOAD:

http://rapidshare.com/files/145977202/SNIA.pdf

VTC_Red_Hat_Certified_Engineer_RHCE.part1

VTC_Red_Hat_Certified_Engineer_RHCE.part2

VTC_Red_Hat_Certified_Engineer_RHCE.part3


VTC_Red_Hat_Certified_Engineer_RHCE.part4

VTC_Red_Hat_Certified_Engineer_RHCE.part5

VTC_Red_Hat_Certified_Engineer_RHCE.part6

VTC_Red_Hat_Certified_Engineer_RHCE.part7

http://rapidshare.com/files/44521580/LinuxCBT_IPv6_Edition.nfo.html
http://rapidshare.com/files/44521686/LinuxCBT.IPv6.Edition.sfv.html
http://rapidshare.com/files/44527716/LinuxCBT.IPv6.Edition.rar.html
http://rapidshare.com/files/44548346/LinuxCBT.IPv6.Edition.r00.html
http://rapidshare.com/files/44562437/LinuxCBT.IPv6.Edition.r01.html
http://rapidshare.com/files/44617742/LinuxCBT.IPv6.Edition.r02.html
http://rapidshare.com/files/44706825/LinuxCBT.IPv6.Edition.r03.html
http://rapidshare.com/files/44819836/LinuxCBT.IPv6.Edition.r04.html
http://rapidshare.com/files/44846543/LinuxCBT.IPv6.Edition.r05.html
http://rapidshare.com/files/44902016/LinuxCBT.IPv6.Edition.r06.html
http://rapidshare.com/files/44925386/LinuxCBT.IPv6.Edition.r07.html
http://rapidshare.com/files/44921393/LinuxCBT.IPv6.Edition.r08.html

Rank Noodle

1. System Error (0-499)
2. System Error (500-999)
3. System Error (1000-1299)
4. System Error (1300-1699)
5. System Error (1700-3999)
6. System Error (4000-5999)
7. System Error (6000-8199)
8. System Error (8200-8999)
9. System Error (9000-11999)
10. System Error (12000-15999)

Click here.

1. Freelance
2. Rent a Coder

The Solaris Operating System—supported on over 1000 x86 and SPARC platforms—delivers the performance, stability and security your users and customers demand. With more applications available than for any other open operating system, one OS can span your entire enterprise: the Web tier, the data warehouse, and the most demanding technical compute applications. Moving to Solaris 10 is easy, whether you're upgrading from an older Solaris release or migrating from another OS.

For more info: Click Here

Click Here

Linux is an operating system that was initially created as a hobby by a young student, Linus Torvalds, at the University of Helsinki in Finland. Linus had an interest in Minix, a small UNIX system, and decided to develop a system that exceeded the Minix standards. He began his work in 1991 when he released version 0.02 and worked steadily until 1994 when version 1.0 of the Linux Kernel was released. The kernel, at the heart of all Linux systems, is developed and released under the GNU General Public License and its source code is freely available to everyone. It is this kernel that forms the base around which a Linux operating system is developed. There are now literally hundreds of companies and organizations and an equal number of individuals that have released their own versions of operating systems based on the Linux kernel. More information on the kernel can be found at our sister site, LinuxHQ and at the official Linux Kernel Archives. The current full-featured version is 2.6 (released December 2003) and development continues.

Apart from the fact that it's freely distributed, Linux's functionality, adaptability and robustness, has made it the main alternative for proprietary Unix and Microsoft operating systems. IBM, Hewlett-Packard and other giants of the computing world have embraced Linux and support its ongoing development. Well into its second decade of existence, Linux has been adopted worldwide primarily as a server platform. Its use as a home and office desktop operating system is also on the rise. The operating system can also be incorporated directly into microchips in a process called "embedding" and is increasingly being used this way in appliances and devices.

Throughout most of the 1990's, tech pundits, largely unaware of Linux's potential, dismissed it as a computer hobbyist project, unsuitable for the general public's computing needs. Through the efforts of developers of desktop management systems such as KDE and GNOME, office suite project OpenOffice.org and the Mozilla web browser project, to name only a few, there are now a wide range of applications that run on Linux and it can be used by anyone regardless of his/her knowledge of computers. Those curious to see the capabilities of Linux can download a live CD version called Knoppix . It comes with everything you might need to carry out day-to-day tasks on the computer and it needs no installation. It will run from a CD in a computer capable of booting from the CD drive. Those choosing to continue using Linux can find a variety of versions or "distributions" of Linux that are easy to install, configure and use. Information on these products is available in our distribution section and can be found by selecting the mainstream/general public category.

Additional Information

If you're interested in learning about Linux, need help with some aspect of its use or are enthusiastic about it and want to help foster its adoption, you may want to get in touch with a Linux User Group in your area. There are groups in practically every country, region and city in the world, so there is likely to be one near you.

Each day, Linux use is increasing in every sector of our society. We have information about Linux deployments in government, industry and the arts.

Linux has an official mascot, Tux, the Linux penguin, which was selected by Linus Torvalds to represent the image he associates with the operating system. Tux was created by Larry Ewing and Larry has generously given it to the community to be freely used to promote Linux. More information on use of the image can be found on his webpage. More links to variations on the image and alternative logos can be found on our logo page

Many people are not sure of the pronunciation of the word Linux. Although many variations of the word exist, often due to native language factors, it is normally pronounced with a short " i " and with the first syllable stressed, as in LIH-nucks. You can hear how Linux creator Linus Torvalds pronounces the word in Swedish and in English .

More information on Linus Torvalds, can be found on our short biography page.

If you're interested in the history of Linux, we have a timeline page that features important milestones in the development of the operating system.

1. How to Increase Hard Disk Performance
2. Windows XP Trick - Increase Performance of PC, XP Tricks
3. Windows XP tricks
4. How to make your Computer FASTER Wnidows XP and VISTA
5. How To Make Your Computer Faster (No Download Required)
6. Make Your Internet 3x Faster in 3 mins.

Regardless of the size of business you are in – whether a large corporation, a small company, or even a home-based business – effective communication skills are essential for success.

The articles in this section of Mind Tools help you to understand how to communicate your message in the best possible way. After completing this section, you should have a better understanding of how to communicate effectively – to individuals and groups, and using spoken, written and electronic communication.

These articles are further supported by the additional career development resources found elsewhere on the Mind Tools web site.

Take a look around this section of Mind Tools, and then visit these other sections, all researched and written by the Mind Tools team, who share a strong commitment to helping you achieve lifelong success and happiness in your career.

Wireless IP-Relay for BlackBerry

Wireless IP-Relay allows Deaf and Hard-of-Hearing individuals the ability to communicate while they are mobile. Place IP-Relay calls from your BlackBerry phone book and view up to 10 previous conversations from your call log! The new application requires no APN set up.
View the features
Downloading Wireless IP-Relay
Wireless IP-Relay works with:

* Verizon®
* Sprint®
* Alltel®
* T-Mobile®
* Cingular®
* SunCom®

Over-the-Air Download

We recommend that you download Wireless IP-Relay using the OTA (Over-the-Air) method described below. You will only need to download and install this application once in order to use the service.

1. From your Home screen, launch the Internet Browser
2. Select Go To using your navigation wheel
3. Type in the following web address:
4. http://www.bb-relay.com You will be asked if you want to download the application
5. Click Yes
6. You will be notified once the application is successfully installed on your handheld. A double arrow IP-Relay logo will appear on your menu.

Desktop Manager
To install the application manually using your desktop PC follow these instructions.

1. Download the following file to your PC: http://www.bb-relay.com/IPRelay.zip
2. Unzip the file into a folder on your PC
3. Connect your BlackBerry with the USB cable to your PC
4. Launch the BlackBerry Desktop Manager software
5. Double click on the Application Loader icon
6. Select "Add" from the application list and browser to the IPRelay.alx from the zip file
7. Complete the wizard and the IP-Relay icon will appear on your BlackBerry.

Click Here to Buy a BlackBerry with Wireless IP-Relay Pre-Installed!
Using Wireless IP-Relay on BlackBerry devices

1. Download and install the application on your device.
2. From the Home screen, click the IP-Relay application.
3. A window will appear where you can type in the number you wish to call or select from previously called numbers.
4. When you have entered the number, click the wheel and select "call number"
5. You will then be connected to an operator who will process your call.
6. To end the call, type END CALL, SKSK, or just close the application.

Questions
Questions about Wireless IP-Relay on BlackBerry Devices email us here
Upgrade to BlackBerry Operating System (OS) 4.1 Questions

*You should have BlackBerry OS 4.0 or later on your device and in some instances BlackBerry 4.1 Go to Options on your home page and then "Applications" and then check to see what version of BlackBerry you are running. If it is not BlackBerry 4.0 at least, then download 4.1 at:
https://www.blackberry.com/Downloads/entry.do?code=A8BAA56554F96369AB93E4F3BB068C22

Please select BlackBerry Desktop Software V 4.1 from the pull down menu. Once you download the software to your PC, connect your BlackBerry to your PC. The PC will then sync the newest version to your BlackBerry.

Earlier this week, the Texas state Senate gave preliminary approval to a policy that would forbid the installation of Windows Vista on government computers.


Everyone, including Microsoft, knows that Windows Vista isn’t the most appreciated of operating systems. Large businesses have chosen to stick with Windows XP for support issues, and some consumers shy away from Windows Vista based on performance and other things they have heard.

Even though Windows 7 is nearly upon us, the Texas state Senate gave preliminary approval to a budget that would include a policy to ban the use of Windows Vista on government computers.

ComputerWorld reports that Sen. Juan Hinojosa proposed the bill because "of the many reports of problems with Vista."

"We are not in any way, shape or form trying to pick on Microsoft, but the problems with this particular [operating] system are known nationwide," Hinojosa said. "And the XP operating system is working very well."

While the bill also outlines that agencies who have a use for Windows Vista would have to first get the written approval of the Legislative Budget Board.

Microsoft was predictably disappointed by the proposal. "We're surprised that the Texas Senate Finance Committee adopted a rider which, in effect, singles out a specific corporation and product for unequal treatment,” a spokeswoman wrote. “We hope as the budget continues to go through the process, this language will be removed."

Texas Department of Information Resources spokesman David Duncan said that the department’s 265 employees remain on Windows XP and Mac OS X, and might skip straight to Windows 7 at the next upgrade. "We're not holding off as a reaction to what Microsoft is producing," he said, adding that Windows 7 also fits better with the agency’s upgrade cycle.

This still another black mark on Windows Vista, but fortunately for Microsoft, Windows 7 is the next big thing.

Computer-virus infections don't cause your machine to crash anymore.

Nowadays, the criminals behind the infections usually want your computer operating in top form so you don't know something's wrong. That way, they can log your keystrokes and steal any passwords or credit-card numbers you enter at Web sites, or they can link your infected computer with others to send out spam.

Here are some signs your computer is infected, tapped to serve as part of "botnet" armies run by criminals:

• You experience new, prolonged slowdowns. This can be a sign that a malicious program is running in the background.

• You continually get pop-up ads that you can't make go away. This is a sure sign you have "adware," and possibly more, on your machine.

• You're being directed to sites you didn't intend to visit, or your search results are coming back funky. This is another sign that hackers have gotten to your machine.

So what do you do?

• Having anti-virus software here is hugely helpful. For one, it can identify known malicious programs and disable them. If the virus that has infected your machine isn't detected, many anti-virus vendors offer a service in which they can remotely take over your computer and delete the malware for a fee.

• Some anti-virus vendors also offer free, online virus-scanning services.

• You may have to reinstall your operating system if your computer is still experiencing problems. It's a good idea even if you believe you've cleaned up the mess because malware can still be hidden on your machine. You will need to back up your files before you do this.

How do I know what information has been taken?

• It's very hard to tell what's been taken. Not every infection steals your data. Some just serve unwanted ads. Others poison your search result or steer you to Web sites you don't want to see. Others log your every keystroke. The anti-virus vendors have extensive databases about what the known infections do and don't do. Comparing the results from your virus scans to those entries will give you a good idea about what criminals may have snatched up.