What references to information technology have you seen that may hurt or hinder IT professionals?

Thanks for reading & let’s continue to be good network citizens.

I came across a great training resource for Nmap. It is a video by the author of Nmap, Gordon “Fyodor” Lyon. This particular video is from Defcon 16 Black Hat Briefings 2008. It is a great video because you learn some tips and tricks from the Nmap master. Take some time and learn about scan timing settings in Nmap that can get you results much faster. Learn also about analyzing responses of firewalled hosts versus non-firewalled hosts. The tips I learned in this video made a big difference in getting my job done.

The CosmoLearning website has a lot of excellent computer science content. This is a website to bookmark if you are a computer professional or student. You will find something of interest whether it be artificial intelligence, computer graphics, programming theory, or robotics.

Thanks for reading & let’s continue to be good network citizens!

This story just made me wonder what technologies of today Shakespeare would have used in his plays.

In Hamlet, would Shakespeare have used the techniques and tools that the Ghost Hunters on Syfy use for detecting the ghost of Hamlet’s father?

In Macbeth, would the three witches have met using Cisco’s Telepresence?

Would CSI have been called in to investigate all of the deaths of King Lear’s daughters?

What technology elements or themes do you think Shakespeare would have used if he had available then what is available today?

Thanks for reading & let’s continue to be good network citizens!

Some of the content on eTutorials includes topics like:

Adobe:

• Adobe Illustrator CS
• Adobe Photoshop 7. How to
• Adobe Premiere 6.5. Teach yourself in 24 hours
• Adobe Indesign CS2. Professional Typography

Networking:

• Lan switching fundamentals
• Router firewall security
• Wireless lan security
• Integrated cisco and unix network architectures
• Lan switching first-step
• Mpls VPN security
• Beginner’s guide to wi-fi wireless networking
• 802.11 security. wi-fi protected access and 802.11i
• Wimax Technology for broadband wireless access
• Wireless community networks
• Network security assessment
• Network security hacks
• Network Management
• Wireless networks first-step
• LAN switching first-step

Certification:

• A programmer’s guide to java certification
• CCNP BSCI Official Exam Certification Guide
• Sun certified solaris 9.0 system and network administrator all-in-one exam guide
• Advanced DBA Certification Guide and Reference

Other technology sections include:

• Macromedia
• Programming
• SQL
• Server Administration
• Microsoft Products
• Mac OS
• Linux systems
• Mobile devices
• XML
• Misc

An example of the table of contents in the CCNP BSCI Official Exam Certification Guide tutorial includes the following sections:

CCNP BSCI Official Exam Certification Guide, Fourth Edition - Graphically Rich Book
Each chapter includes:
“Do I Know This Already?” Quiz
Foundation Topics
Foundation Summary
Q&A

Introduction
Part I: Introduction to Scalable Networks
Chapter 1. Network Design
Chapter 2. IP Address Planning and Summarization

Part II: EIGRP
Chapter 3. EIGRP Principles
Chapter 4. Scalable EIGRP

Part III: OSPF
Chapter 5. Understanding Simple Single-Area OSPF
Chapter 6. OSPF Network Topologies
Chapter 7. Using OSPF Across Multiple Areas
Chapter 8. OSPF Advanced Topics

Part IV: IS-IS
Chapter 9. Fundamentals of the Integrated IS-IS Protocol
Chapter 10. Configuring Integrated IS-IS

Part V: Cisco IOS Routing Features
Chapter 11. Implementing Redistribution and Controlling Routing Updates
Chapter 12. Controlling Redistribution with Route Maps
Chapter 13. Dynamic Host Control Protocol

Part VI: BGP
Chapter 14. BGP Concepts
Chapter 15. BGP Neighbors
Chapter 16. Controlling BGP Route Selection

Part VII: Multicasting
Chapter 17. What Is Multicasting?
Chapter 18. IGMP
Chapter 19. Configuring Multicast

Part VIII: IPv6
Chapter 20. Introduction to IPv6 and IPv6 Addressing
Chapter 21. IPv6 Routing Protocols, Configuration, and Transitioning from IPv4

Appendix A. Answers to Chapter “Do I Know This Already?” Quizzes and Q&A Sections

There is a LOT of tutorial content on this website! I would highly recommend using this resource for reference materials and increasing your knowledge in the technology topics offered.

Thanks for reading and please share with other IT Trenches readers what online tutorial resources you use for reference or education.

For specific details from the original researchers, visit the ExtendedSubset.com website. The summary of the announcement is shown below:

 Renegotiating_TLS.pdf

Some helpful protocol diagrams: Renegotiating_TLS_pd.pdf

Packet captures: renegotiating_tls_20091104_pub.zip

This one is definitely going to be interesting to watch. The excitement never ends in the security world. Leave a comment and let other ITKE readers know if you foresee any issues on this vulnerability or if you have taken any specific actions to address the risk. Thanks for reading and let’s continue to be good network citizens.

Network-Tools owner sues Microsoft, Cisco, Comcast and TRUSTe over IP Address Blacklisting
Suit alleges eavdropping, privacy policy fraud, breach of contract and defamation

Interesting stuff, huh? So why would this suit be raised? According to the page tracking the lawsuit:

The lawsuit claims that Comcast, Microsoft, and Cisco collected information about Smith’s IP addresses and either put them on a “blacklist” or gave them a poor “Reputation Score.” Comcast even blocked his communication link with a mail server he operates outside the Comcast network. The suit claims that in order to collect this information in the first place Comcast, Cisco and Microsoft violated eavesdropping laws. The suit goes on to claim that Comcast, Microsoft, and Cisco failed to adhere to their privacy policies. When Smith tried to use the privacy policies of Comcast, Microsoft, and Cisco to correct the spammer accusations the companies balked. Comcast even told him it didn’t matter what the privacy policy said, he wasn’t getting the information. He filed complaints with the TRUSTe organization that verifies the privacy policies of Microsoft and Comcast but that did no good.

Previous lawsuits against these “blacklists” have been brought by commercial e-mailers against organizations such as Spamhaus. In this case the accused is not a commercial e-mail, not a spammer, and has no mailing lists of any sort. The accused has even made presentations at the Federal Trade Commission against spammers and testified at the first “Spam Summit” more than 10 years ago.

This case seems to cover a lot of things: privacy; net neutrality; service blockage.  For anyone who has gotten on a blocklist or had to get an organization removed from a blocklist, you can understand some of the frustration. Mr. Smith has gone beyond frustration and is taking some specific actions. This could be a very interesting case to follow based on the defendant organizations. Hopefully information will continue to be provided as the case moves forward. A lot of the case documentation presented to the court can be found on the website. It makes for some interesting reading.

Consider also some of the relief being sought under the lawsuit (not all items requested are listed below):

• Prohibit Microsoft, Comcast and Cisco from eavesdropping on Internet communications of the citizens of New Jersey,
• Prohibit Comcast displaying or distributing false or misleading portions of the Privacy Policy, Customer Privacy Notice, Acceptable Use Policy for High-Speed Internet Services, Network Management Policy, Network Management FAQ, Spam Policy and other related information to the citizens of New Jersey,
• Prohibit Microsoft from displaying or distributing false or misleading portions of the Privacy Statement and other related information to the citizens of New Jersey,
• Prohibit Cisco from displaying or distributing false or misleading portions of the Privacy Statement and other related information to the citizens of New Jersey,
• Prohibit TRUSTe from conducting a false or misleading dispute resolutions services to the citizens of New Jersey,
• Prohibit TRUSTe from endorsing any privacy policies displayed to citizens of New Jersey,
• Prohibit TRUSTe from claiming they certify entire companies when they only certify specific web sites,
• Require Microsoft, Comcast and Cisco to provide Plaintiff with all information collected about Plaintiff’s Internet communications or any associated data or any PII and allow Plaintiff to correct any erroneous information, and
• Prohibit Microsoft, Comcast and Cisco from distributing any defamatory information about Plaintiff to any third party,
• Compensatory damages to compensate Plaintiff for being unable to communication via e-mail without disruptions,
• Compensatory damages to compensate Plaintiff for being unable to communication via e-mail without eavesdropping,
• Compensatory damages to compensate Plaintiff for being unable to correct “profiles” maintained by Defendants about Plaintiff,
• Compensatory damages to compensate Plaintiff for time lost in running his business,
• Statutory damages pursuant to the  Electronic Communications Privacy Act,

What do you think of the merits of the case? What have you experienced with regards to these organizations and their services? Please leave comments below.

Thanks for reading and let’s continue to be good network citizens! Sometimes it may require getting nasty though it seems and filing a lawsuit

The Startup Control panel tool window looks like the window below:

Startup Control Panel window

Using the application:

I have successfully run this utility on both XP and Vista. The dialog contains six to seven tabs, depending on your system configuration. Each tab represents one place where a program can be registered to run at system startup. These include:

• Startup (user) - the current user’s Startup folder in the Start Menu.
• Startup (common) - the common (all users) Startup folder in the Start Menu.
• HKLM / Run - the Run registry key located in HKEY_LOCAL_MACHINE. These apply for all users.
• HKCU / Run - the Run registry key located in HKEY_CURRENT_USER. These apply for the current user only.
• Services - system services that are started before the user logs in. This appears only in Win9x; on NT/2000/XP, use the Services control panel, or the Services item in Computer Management.
• Run Once - started once and once only at the next system startup.
• Deleted - programs go to the Deleted tab when you remove them from another location. They will not run at system startup, but will merely be stored should you ever want to use them again. If you delete an item from the Deleted tab, it is removed permanently.

Each page contains a list of the programs registered at that location. Use the checkbox to enable or disable individual items. Additional operations are available by right-clicking an item. You can select multiple items using the Shift and Control keys. Options include:

• New… - create a new entry. You can also drag & drop files from My Computer or Explorer.
• Edit… - edit an existing entry.
• Delete - delete the currently selected entry.
• Disable / Enable - disable or enable the selected entry. A disabled program will appear in the list with a special icon, and will not run at system startup. You can also use the checkbox next to an item to enable or disable it.
• Run Now - executes the program now.
• Send To - moves the entry from the current location to another.
• Press F5 to refresh the list at any time.

Hope you find this tool as useful as I do. Thanks for reading and let’s continue to be good network citizens.

Clint Huffman Analyzes PerfMon Logs! Mr. Huffman is the creator of the Performance Analysis of Logs tool found at Codeplex. I have found this tool very useful in tracking down server issues to show folks “it’s not the network!”

Shane Creamer Goes Deep on Performance Monitor! This is a very interesting presentation. There is a link to the video presentation portion and another link to the various audio formats. The video presentation has a very long gap in audio at the beginning (almost 12 minutes). This is because the video portion is only capturing the presenter’s audio portion and not the commentators’. You really should download both audio and video to get the full impact of the presentation.

Steven Choy Measures Server Performance!

Other topics that might be of interest includes SQL, Active Directory, IIS, cloud (Azure), Powershell, virtualization, SharePoint, information security, and many other Microsoft-centric technologies. I have subscribed to the RSS feed so I can keep up with new presentations as they are released. If you run any Microsoft technologies, or you just want to learn about some recommended best practices, then check out this resource. There might be something here that will help you “save the day”.

Thanks for reading and let’s continue to be good network citizens!

Some things you will learn in this webinar:

• Using the Default Capture and Display Filters
• Creating a Few Hot Capture Filters
• Filtering Tips and Tricks for Troubleshooting
• Filtering Tips and Tricks for Security

Even if you are very familiar with Wireshark or other packet capture and protocol decode tools, Laura’s seminars are well worth attending. You might even find out a little tidbit here or there because Repetition is one of the keys of learning. Unfortunately I will not be able to attend this webinar since I will be on a golf vacation in North Carolina. So, if you attend this event, please come back and share with me and other IT Trenches readers what you learned and how valuable the webinar was for you.

Thanks for reading and let’s continue to be good network citizens!

The impact on customer email services lasted more than 24 hours while Postini engineers worked to resolve the issues. So, this was not an insignificant event. During this period, messages were delayed and users were not able to get to their quarantines to release messages trapped by filters. Administrators were also unable to access the administration console. The Postini support portal was unreachable at times due to the high volume of users trying to get updates on the event. The support phone line queues were very long and it took a long time to reach a support agent. Nothing like this has happened before in all of the years we have been a Postini customer.

I just received the incident report about the service disruption and wanted to share some of the information with IT Trenches readers.

The event started at about 6:25 PM GMT Tuesday, October 13. At this time customers began experiencing severe mail delays and disruption. Some senders were receiving delivery failure notifications after multiple resend attempts failed. About an hour later, automated monitoring systems detected the mail flow issues and traffic was automatically failed over to a secondary data center. Message flow was also poor through the secondary data center.

Trying to improve message flow, message traffic was directed across both primary and secondary data centers. Also, in an attempt to reduce impact on data center resources, access to the administration and other web consoles was disabled. The engineers were able to eventually discover the causes of the message flow issues.

• A message filter update inadvertantly caused performance issues.
• Unusual malformed messages caused increased scan processing and in tandem with the bad message filter update caused issues with mail delivery.
• Processing capacity was reduced due to a power supply failure on a database storage system. This increased latency in message processing.

As you can see, this event was caused by a series of issues. The hardware was repaired and the filter update was revoked, but not before a lot of messages were either deferred or not delivered.

The corrective actions to prevent future outages due to similar conditions include:

• Create a standard procedure for reverting message filter updates. Isn’t it always a good idea to be able to back out updates?
• Improve monitoring of database server power failures. Apparently this power failure was not detected by their current monitoring process.
• Improve communication with customers during service outage events. This would help relieve some frustration and help customers understand the severity and scope of the outage.

Fortunately email services have now returned to normal. However, during this 24 hour period, there was a high level of frustration and concern about how to work around the impact on email delivery. I think most IT organizations can learn some lessons and improve service delivery when reading of incidents like this and seeing the lessons learned. I know my team will have some discussions around this event and work to improve the resiliency of service delivery.

Thanks for reading & let’s continue to be good network citizens!