“Wireshark is an award-winning network protocol analyzer developed by an international team of networking experts.”
One of the best network analyzing tools out there bar none, formerly known as Ethereal to you veterans.
Well today I get a call from a client, she has been having these issues where someone seemed to be connecting to her PC without her authorization. Winvnc is on the machine, and it is secured with a password. TCP Port is open and the Javaport is also open on a slightly different port. Part of the solution is to lock it down, so I set VNC to prompt when someone is connecting to the PC, which was fine, whoever it was always connecting cannot connect anymore. Although they still try to, she just denies it. How would one go about finding the culprit? Well I would say use Wireshark!
With Wireshark you can analyze a connection, in this case a 3Com Nic. What Wireshark will do is analyze every packet that comes through that card, so if a person or machine tries to connect to her machine, we’ll know about it. The program will analyze the packets and use DNS to convert IPs to names thus making it slightly easier. So lets say someone inside of the network is playing a joke on her… well tomorrow when I have Wireshark running and logging all connections to and from her PC, whatever IP is trying to access her PC on either of the ports in this situation will be identified via IP and hostname.
There are two revisions of Wireshark, or should I say two types, installable, and portable.
You can download them from here I myself like the portable one, you can have it on a USB stick, which installed WinPcap when in use, and uninstalls it when you quit the app.
If anyone has ANY questions please feel free to leave a comment! You can also check out the FAQ here
Well, they changed it again… I for one don’t mind the changes that much, although thousands of users do!
Here are some inserts that I found around the web.
“This format is terrible! I wonder who decided to make these changes because whomever it is, they SUCK! I think I will be changing my e-mail service provider as well,” reads a comment by a user not happy with the change.
“I wish we could have had a choice on whether we wanted our individual format to change because I surely would have declined the offer because I hate everything about it! BOOOOOO!”
While another Hotmail fan wrote: “You have to search for everything (addresses are not displayed). Some things need to be left alone. Fire the person who decided to do this. BAD IDEA.”
If people keep pushing, we may see a button on login, “Use Old Hotmail Format”. I wouldn’t care either way. Everything seems to work fine for me… in Internet Explorer 7 that is. I can drag and drop emails, I don’t have to search for names I just start typing an address and it pulls up any relevant emails or names, and the search engine works fine…
Google Chrome is another issue, some things seem to be broken, i.e. you cannot drag and drop and you cannot resize windows. I have the feeling that the people complaining may not be using Internet Explorer 7. Maybe thats the whole issue, Microsoft decided to make Hotmail only work with Internet Explorer 7, perfectly that is. If anyone has tested this with Safari, Firefox, Internet Explorer 6/8 Beta, or Opera let me know what you find.
Just configured my first set of POE switches. Funny how hard it was to find a working COM port, I wish HP would just enable some sort of USB connection to configure their switches. Ah well, I hooked up a ProCurve 2600-24-PWR to an old system I had, connected the RJ-45 to Serial adapter to the system, fired up Putty-Portable, and got connected via SERIAL connection. Once you assign an IP address to the device you can connect to it via Telnet, again through Putty-Portable.
Obviously I am not going to get into the setup of the device but I wanted to point out one crucial command that must be entered. Its called “Power Pre-Std-Detect”. This allows the detection of pre-standard PoE devices, then provides power to them; see list of supported devices in the product FAQ at www.procurve.com If this isnt enabled, its a good chance that your PoE devices will start to reboot spontaneously. Note that after updating the firmware on a 8-Port PoE switch the “power pre-std-detect” was enabled by default.
If this helps just one person then my job is done 🙂
Okay so you have about 6 network drive letters, and you plug in your USB stick, it says it found the drive okay, but you dont see it anywhere, well it is there, just hidden, and you have to go into disk management to find it and change the drive letter with a few clicks here and there, simple enough for a power user yes, but this process has now been made simple for anyone. USBDLM (Universal Serial Bus Drive Letter Management) reserve a set of drive letters, say you have network drives lettered F through L, you can specify that these drive letters are to be avoided when assigning usb drive letters, i.e. when plugging in a usb stick it will take any drive letter other then F through L. I have used this application for a couple years now and thought I would share it to everyone here.
Here is an insert from the website, you can view and download the application from this link here
USBDLM can for newly attached USB drives
check if the letter is used by a network share of the currently logged on user and assign the next letter that is really available
reserve letters, so they are not used for local drives
assign a letter from a list of new default letters, also dependent on many different criteria as the active user, drive type, connection (USB, FireWire), USB port, volume label, size and others
assign letters for a specific USB drive by putting an INI file on the drive
remove the drive letters of card readers until a card is inserted
show a balloon tip with the assigned drive letter(s)
define autorun events depending on many different criteria
many other things, see help file, available online as HTML version too
Once again I saved the day…. Win Antispyware, we’ve all seen it, we’ve all tried to clean it, but how successful can you be with automatic removal tools that never seem to do the job? Well today I used two very important tools, one was process explorer and the other was an application called autoruns, both can be found over at http://live.sysinternals.com/.
First I used Autoruns to find the rogue apps that were loading, if you are a veteran you will know which apps are the bad ones, just remove them one by one, if you have downloaded and placed process explorer into the same folder, you can right click on the name and it will pinpoint the process in process explorer.
Process Explorer can then stop or suspend the application that is responsible for the adaware you are trying to remove. Once it is stopped or suspended you locate the file in the command prompt or windows explorer and delete it. Once you have cornered all the processes responsible and gotten rid of them, remove any system restore points and create a nice new and clean one.
Process explorer can be found here
Autoruns can be found here
Each link will give you a more detailed description on the apps discussed in my blog.
Just recently I got a POE (Power-over-Ethernet) switch installed by a co-worker. Lets just say it didn’t go to well. It worked for the first day or so, but then client was complaining of network slowness and blue screens(while opening larger files) Now I am pretty diligent on updating firmware on servers and controllers, but I never figured not updating a switch’s firmware would bring down a companies VoIP and Data network. As I said in the title… I sure learned my lesson, from now on, nothing leaves the office without upgrading every possible piece of hardware! 🙂
ImgBurn is my favorite software to create images for my Vmware deployments. Nothing is easier then putting a CD in the drive, creating an ISO then putting the ISO on the ESX server to mount at will. To make this wonderful application portable, install it to your hard drive. Then locate the installation directory and copy the folder to a USB drive, that’s it, its that easy. Here is an insert from the official website. Sorry its kind of long, but i didn’t want to leave out the list of features! Go here to check out more features and to download the product, remember if you like the application and find it useful, he accepts donations…
ImgBurn supports a wide range of image file formats – including BIN, CUE, DI, DVD, GI, IMG, ISO, MDS, NRG and PDI.
It can burn Audio CD’s from any file type supported via DirectShow / ACM – including AAC, APE, FLAC, M4A, MP3, MP4, MPC, OGG, PCM, WAV, WMA and WV.
You can use it to build DVD Video discs (from a VIDEO_TS folder), HD DVD Video discs (from a HVDVD_TS folder) and Blu-ray Video discs (from a BDAV / BDMV folder) with ease.
It supports Unicode folder/file names, so you shouldn’t run in to any problems if you’re using an international character set.
ImgBurn supports all the Windows OS’s – Windows 95, 98, Me, NT4, 2000, XP, 2003, Vista and 2008 (including all the 64-bit versions). If you use Wine, it should also run on Linuxand other x86-based Unixes.
It’s a very flexible application with several advanced features that are often lacking in other tools, especially when it comes to burning DVD Video discs. It supports all the latest drives without the need for updates (including booktype / bitsetting / advanced settings on many of the major ones – i.e. BenQ, LiteOn, LG, NEC, Plextor, Samsung, Sony).
There is an image queue system for when you’re burning several images (which you can automatically share between multiple drives if you have more than one) and an easy-to-uselayer break selection screen for double layer DVD Video jobs. The Automatic Write Speed feature allows you store your favourite burn speed settings on a per ‘Media ID’ basis, right down to a drive by drive level. Data captured during the burn (write speed, buffer levels etc) can be displayed / analysed using DVDInfoPro.
Whilst ImgBurn is designed to work perfectly straight out of the box, advanced users will appreciate just how configurable it is.
Oh and let’s not forget the best thing about it…. it’s 100% FREE 😉
Well Its done, I officially racked my first HP C3000 Blade Enclosure with an MSA (Modular Smart Array). I tell you when they say you need to follow instructions to rack this beast, they were right… It took 4 techs to carry this 180lbs server, and it wasn’t even fully populated yet! First thing we had to do was remove all power supplies and spacers, then we had to unscrew the actually guts of the Blade enclosure. Once the Enclosure was completely empty, just an outer shell, it took 2 of us to rack it. After it is racked you get to put it back together. Power supplies, MSA Controller, GBE2 interconnects, then the blades themselves. It was quite an exciting time for me, as I have never actually worked with this kind of technology.
The setup follows, I am going to be quick and dirty on the description!
The C3000 Blade Enclosure has 2 Blades, each Blade has a Quad Core 2.333Ghz Processor, 16GB ram, and 2x 72GB (Raid 0) hdds. The C3000 is connected to an MSA using 2x GBE2 Interconnects. There are 2 controllers on the MSA so we were able to create redundant connections from the GBE2 switches to the MSA( just incase one port dies). The GBE2 switches were also redundantly connected to a Cisco Layer 3 switch. All of this plugged into a nice R5500VA HP Rack mounted UPS.
We are going to run ESX Foundation on each Blade, and each Blade will control 600GB LUNS on the MSA. No automatic Vmotion, but at least if a blade drops we can move the VM’s to the other store and boot them up… pretty good Redundancy for an sound price, which is withheld! This is only the beginning!
Anyways I hope I didn’t bore you guys, and I really hope I made SOME sense.
Take care and again have a great night!
They have one pro and some cons… mind you the pro is kind of all encompassing…
The pro is basically that you can have your profile on any PC in your organization. This means you don’t have to reset up outlook, favorites, desktops, etc… everything is there.
The Cons, Outlook and Outlook express can be finicky with Roaming profiles, sometimes they work and sometimes they don’t. Depending on the size of the profile, the initial sync can take a long time (if you’ve invested in a gigabit network you have that covered). A warning here, DO NOT use offline folders with roaming profiles. it is a very bad combo and I have never really had luck with it. I have come across some companies where previous consultants setup roaming profiles, OKAY, but then they have My Documents redirected to the server AND offline folders set to My Documents. I mean who does that? I just had to laugh at that, then promptly disabled Offline files. I almost forgot that you have to make sure domain users or the users account is a local admin, this usually helps with roaming profiles.
Anyways enough about that… enjoy your evening!
Okay so I have this issue… I have a PC at home, its pretty nice, Core 2 Duo with 2 GB ram, 1 TB of combined space, XFX Geforce 8800GT XXX Edition, 22″ wide monitor and one heck of a noisy powersupply!!! It wasn’t cheap either, but its noisy and sometimes I cannot sleep with the PC on. So I am on the hunt for a new powersupply… but I need to make sure its quiet. I just don’t get how all the HP systems and DELL systems are always so quiet, even the cheap ones… I took to the net and soon enough I stumbled upon the VX Series from Corsair, check out the goods here. Basically the fan is dynamic up until it really needs it, this stupid fan I have runs at the same speed 24/7 which is ridiculous… I think I will be ordering the VX550w powersupply. Once it is installed I’ll let you all know how it turned out!
Update… 10 minutes later 🙂
HX620W over at shopbot.ca (link here) got a great review and its only 100$ CDN I think ill be getting that one instead… this one is modular and can pump out more wattage at lower decibels!