Microsoft has an excellent free tool for checking the health of your IT environment in small to medium size networks (up to 20 servers and 500 clients). This tool will scan the environment and report on health items such as:
- Network connectivity between servers
- Active Directory health – sites, subnets, replication
- File replication – sysvol issues
- DNS health
- Network adapter configuration
- Domain controller health
- Network Time Protocol (NTP)
- Exchange server configuration
- Event log entries
The tool can be found on the Microsoft Downloads website. It is a very simple tool to install and run. The process goes something like this.
I recently blogged about an online Nmap training video and referenced some movies that featured the Nmap application. It’s not just movies that feature information technology. Television features it’s share of information technology also. However, like anything you see on TV or in the movies, you have to consider accuracy of the information source. TV shows are not meant to be educational unless marketed as such, even then sources should be verified and established as credible. A recent Numb3ers show featured a segment about IRC or internet relay chat. According to the video below from YouTube, that is about all that was accurate about this information technology reference.
[kml_flashembed movie="http://www.youtube.com/v/wXW-HnRSrbQ" width="425" height="350" wmode="transparent" /]
Thanks for reading & let’s continue to be good network citizens.
Nmap has been around a long time. It has become an indispensable tool for identifying systems, services and vulnerabilities on a network. It has also been featured in movies like The Matrix Reloaded, Bourne Ultimatum and Die Hard 4. What other network tool do you have in your toolkit that is a movie star?
I came across a great training resource for Nmap. It is a video by the author of Nmap, Gordon “Fyodor” Lyon. This particular video is from Defcon 16 Black Hat Briefings 2008. It is a great video because you learn some tips and tricks from the Nmap master. Take some time and learn about scan timing settings in Nmap that can get you results much faster. Learn also about analyzing responses of firewalled hosts versus non-firewalled hosts. The tips I learned in this video made a big difference in getting my job done.
The CosmoLearning website has a lot of excellent computer science content. This is a website to bookmark if you are a computer professional or student. You will find something of interest whether it be artificial intelligence, computer graphics, programming theory, or robotics.
Thanks for reading & let’s continue to be good network citizens!
In that realm of odd and unusual news stories, a recent story on Wired tells about a Texas A&M production of Shakespeare’s A Midsummer Night’s Dream using robot flying fairies alongside the rest of the carbon based cast. So, it seems like the classics are just that, the themes and stories also work well in today’s world. Isn’t that the definition of a classic, that it speaks to us today as effectively as it did to others in the past?
This story just made me wonder what technologies of today Shakespeare would have used in his plays.
In Hamlet, would Shakespeare have used the techniques and tools that the Ghost Hunters on Syfy use for detecting the ghost of Hamlet’s father?
In Macbeth, would the three witches have met using Cisco’s Telepresence?
Would CSI have been called in to investigate all of the deaths of King Lear’s daughters?
What technology elements or themes do you think Shakespeare would have used if he had available then what is available today?
Thanks for reading & let’s continue to be good network citizens!
I recently came across an excellent IT education resource that is free. It is the eTutorials.org website. According to the website it is a source of thousands online tutorials, useful tips, articles, and researched recommendations.
Some of the content on eTutorials includes topics like:
- Adobe Illustrator CS
- Adobe Photoshop 7. How to
- Adobe Premiere 6.5. Teach yourself in 24 hours
- Adobe Indesign CS2. Professional Typography
- Lan switching fundamentals
- Router firewall security
- Wireless lan security
- Integrated cisco and unix network architectures
- Lan switching first-step
- Mpls VPN security
- Beginner’s guide to wi-fi wireless networking
- 802.11 security. wi-fi protected access and 802.11i
- Wimax Technology for broadband wireless access
- Wireless community networks
- Network security assessment
- Network security hacks
- Network Management
- Wireless networks first-step
- LAN switching first-step
- A programmer’s guide to java certification
- CCNP BSCI Official Exam Certification Guide
- Sun certified solaris 9.0 system and network administrator all-in-one exam guide
- Advanced DBA Certification Guide and Reference
Other technology sections include:
- Server Administration
- Microsoft Products
- Mac OS
- Linux systems
- Mobile devices
An example of the table of contents in the CCNP BSCI Official Exam Certification Guide tutorial includes the following sections:
CCNP BSCI Official Exam Certification Guide, Fourth Edition – Graphically Rich Book
Each chapter includes:
“Do I Know This Already?” Quiz
Part I: Introduction to Scalable Networks
Chapter 1. Network Design
Chapter 2. IP Address Planning and Summarization
Part II: EIGRP
Chapter 3. EIGRP Principles
Chapter 4. Scalable EIGRP
Part III: OSPF
Chapter 5. Understanding Simple Single-Area OSPF
Chapter 6. OSPF Network Topologies
Chapter 7. Using OSPF Across Multiple Areas
Chapter 8. OSPF Advanced Topics
Part IV: IS-IS
Chapter 9. Fundamentals of the Integrated IS-IS Protocol
Chapter 10. Configuring Integrated IS-IS
Part V: Cisco IOS Routing Features
Chapter 11. Implementing Redistribution and Controlling Routing Updates
Chapter 12. Controlling Redistribution with Route Maps
Chapter 13. Dynamic Host Control Protocol
Part VI: BGP
Chapter 14. BGP Concepts
Chapter 15. BGP Neighbors
Chapter 16. Controlling BGP Route Selection
Part VII: Multicasting
Chapter 17. What Is Multicasting?
Chapter 18. IGMP
Chapter 19. Configuring Multicast
Part VIII: IPv6
Chapter 20. Introduction to IPv6 and IPv6 Addressing
Chapter 21. IPv6 Routing Protocols, Configuration, and Transitioning from IPv4
Appendix A. Answers to Chapter “Do I Know This Already?” Quizzes and Q&A Sections
There is a LOT of tutorial content on this website! I would highly recommend using this resource for reference materials and increasing your knowledge in the technology topics offered.
Thanks for reading and please share with other IT Trenches readers what online tutorial resources you use for reference or education.
As Michael Morisy of ITKE recently posted, New SSL security hole allows man-in-the-middle attacks, a new SSL vulnerability has been announced. What you need to know about this vulnerability is that it most affects TLS (transport layer security) sessions using client authentication certificates. This is a vulnerability at the protocol level which makes it very difficult to fix where a recent previous SSL vulnerability had to do with certificate formats and content.
For specific details from the original researchers, visit the ExtendedSubset.com website. The summary of the announcement is shown below:
v1.1 November 4, 2009
Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications. Cases not involving client certificates have been demonstrated as well. Although this research has focused on the implications specifically for HTTP as the application protocol, the research is ongoing and many of these attacks are expected to generalize well to other protocols layered on TLS.
There are three general attacks against HTTPS discussed here, each with slightly different characteristics, all of which yield the same result: the attacker is able to execute an HTTP transaction of his choice, authenticated by a legitimate user (the victim of the MITM attack). Some attacks result in the attacker-supplied request generating a response document which is then presented to the client without any certificate warning or other indication to the user. Other techniques allow the attacker to forward or re-purpose client certificate authentication credentials.
Visit the website for details including:
extendedsubset.comThe full document in pdf format: Renegotiating_TLS.pdf
Some helpful protocol diagrams: Renegotiating_TLS_pd.pdf
Packet captures: renegotiating_tls_20091104_pub.zip
This one is definitely going to be interesting to watch. The excitement never ends in the security world. Leave a comment and let other ITKE readers know if you foresee any issues on this vulnerability or if you have taken any specific actions to address the risk. Thanks for reading and let’s continue to be good network citizens.
A web based tool I frequently use is called Network-Tools.com. I frequently use the site to lookup names associated with IP addresses and whois information and ping to the addresses. A recent notice on the page raised my concern. The notice says:
Interesting stuff, huh? So why would this suit be raised? According to the page tracking the lawsuit:
The lawsuit claims that Comcast, Microsoft, and Cisco collected information about Smith’s IP addresses and either put them on a “blacklist” or gave them a poor “Reputation Score.” Comcast even blocked his communication link with a mail server he operates outside the Comcast network. The suit claims that in order to collect this information in the first place Comcast, Cisco and Microsoft violated eavesdropping laws. The suit goes on to claim that Comcast, Microsoft, and Cisco failed to adhere to their privacy policies. Continued »
One of the tools I frequently use is called Startup Control Panel. This is a free tool from Mike Lin. It is a portable tool so it does not require any client installation and may be run from a USB memory stick. This tool is similar to the excellent Autoruns & Autorunsc tools from Sysinternals. This is a good method to get at and manage those items that startup when your system starts.
The Startup Control panel tool window looks like the window below:
Using the application:
I have successfully run this utility on both XP and Vista. The dialog contains six to seven tabs, depending on your system configuration. Each tab represents one place where a program can be registered to run at system startup. These include:
- Startup (user) – the current user’s Startup folder in the Start Menu.
- Startup (common) – the common (all users) Startup folder in the Start Menu.
- HKLM / Run – the Run registry key located in HKEY_LOCAL_MACHINE. These apply for all users.
- HKCU / Run – the Run registry key located in HKEY_CURRENT_USER. These apply for the current user only.
- Services – system services that are started before the user logs in. This appears only in Win9x; on NT/2000/XP, use the Services control panel, or the Services item in Computer Management.
- Run Once – started once and once only at the next system startup.
- Deleted – programs go to the Deleted tab when you remove them from another location. They will not run at system startup, but will merely be stored should you ever want to use them again. If you delete an item from the Deleted tab, it is removed permanently.
Each page contains a list of the programs registered at that location. Use the checkbox to enable or disable individual items. Additional operations are available by right-clicking an item. You can select multiple items using the Shift and Control keys. Options include:
- New… – create a new entry. You can also drag & drop files from My Computer or Explorer.
- Edit… – edit an existing entry.
- Delete – delete the currently selected entry.
- Disable / Enable – disable or enable the selected entry. A disabled program will appear in the list with a special icon, and will not run at system startup. You can also use the checkbox next to an item to enable or disable it.
- Run Now – executes the program now.
- Send To – moves the entry from the current location to another.
- Press F5 to refresh the list at any time.
Hope you find this tool as useful as I do. Thanks for reading and let’s continue to be good network citizens.
I just came across an excellent resource for IT professionals working with Microsoft products. It is called RunAs Radio. There are weekly podcasts about topics of interest to those of us who support Microsoft products. The podcasts are in multiple formats such as mp3, wma & AAC (iPod). I was particularly interested in the presentations on performance management. There are several presentations on this one topic. Some sample topics include:
Clint Huffman Analyzes PerfMon Logs! Mr. Huffman is the creator of the Performance Analysis of Logs tool found at Codeplex. I have found this tool very useful in tracking down server issues to show folks “it’s not the network!”
Shane Creamer Goes Deep on Performance Monitor! This is a very interesting presentation. There is a link to the video presentation portion and another link to the various audio formats. The video presentation has a very long gap in audio at the beginning (almost 12 minutes). This is because the video portion is only capturing the presenter’s audio portion and not the commentators’. You really should download both audio and video to get the full impact of the presentation.
Other topics that might be of interest includes SQL, Active Directory, IIS, cloud (Azure), Powershell, virtualization, SharePoint, information security, and many other Microsoft-centric technologies. I have subscribed to the RSS feed so I can keep up with new presentations as they are released. If you run any Microsoft technologies, or you just want to learn about some recommended best practices, then check out this resource. There might be something here that will help you “save the day”.
Thanks for reading and let’s continue to be good network citizens!
Free Training – Laura Chappell presents: Wireshark 201 Jumpstart – Filtering on the Good, the Bad, the Ugly
Laura Chappel, the BitGirl, is at it again with another in her series of Wireshark Jumpstart webinars. The next one is called Wireshark Jumpstart 201: Filtering on the Good, the Bad, the Ugly. It will be held on October 27 – 10:00am-11:00am PDT (GMT-7). If you manage networks or want to manage a network, a good understanding of protocol and packet analysis will help you immensely with your career.
Some things you will learn in this webinar:
- Using the Default Capture and Display Filters
- Creating a Few Hot Capture Filters
- Filtering Tips and Tricks for Troubleshooting
- Filtering Tips and Tricks for Security
Even if you are very familiar with Wireshark or other packet capture and protocol decode tools, Laura’s seminars are well worth attending. You might even find out a little tidbit here or there because Repetition is one of the keys of learning. Unfortunately I will not be able to attend this webinar since I will be on a golf vacation in North Carolina. So, if you attend this event, please come back and share with me and other IT Trenches readers what you learned and how valuable the webinar was for you.
Thanks for reading and let’s continue to be good network citizens!