hardware

Monitoring Windows Server CPU performance

I didn’t realize how much I really didn’t know about CPU performance monitoring until I read this Microsoft Technet blog on Interpreting CPU Utilization for Performance Analysis. As the article says: If you rely on CPU utilization as a crucial performance metric, you could be making some big mistakes interpreting the data.

Take some time and review this recent (August 2009) posting on this issue. If you manage/monitor Windows servers and watch server performance, this article will give you a better understanding of the ins/outs of interpreting CPU utilization.

Here’s 4 of the top 9 takeaways that you will learn by reading this article:

Summary of Key Takeaways

Key takeaway #1: Processor of type A @ 100% utilization IS NOT EQUAL TO Processor of type B @ 100% utilization

Key takeaway #2: 2 HW threads on the same package @ 100% utilization IS NOT EQUAL TO 2 HW threads on different packages @ 100% utilization (for better or worse)

Key takeaway #3: 2 HW threads on the same logical core @ 100% utilization IS NOT EQUAL TO 2 HW threads on different logical cores @ 100% utilization (for better or worse)

Key takeaway #4: 2 HW threads on the same NUMA node @ 100% utilization IS NOT EQUAL TO 2 HW threads on different NUMA nodes @ 100% utilization (for better or worse)

Thanks for reading and let’s continue to be good network citizens!

Would you click if it showed on the NY Times website? - Really would you?

Yesterday Fierce CIO reported that New York Times falls victim to rogue ad. This is a trend that seems to be happening more frequently. Rogue malware ads are appearing in a lot of places these days in areas most people would trust as authoritative and reliable sources of information. It is unknown how much the rogue malware “seller” may have gotten by putting the ad on the NY Times website but they likely made something from unsuspecting users. The NY Times did suffer some amount of loss since they disabled all third party ads until the rogue ad was removed. What would you do if an ad popped up on a trusted website saying your computer was infected? Most IT professionals would disregard the message as their systems SHOULD already be protected. However, how much of the general population is not an IT professional (at least outside of their own home )?

What can and should the security industry do to educate users about these social engineering tactics? Should computers be “licensed” or “permitted” to be on the internet to reduce threats to unsuspecting users? That’s a thought for you… what governing body would issue these computer use permits? What would the rate infrastructure be like - based on processor/memory or bandwidth? Where would the permit fees go? Would there be some internet oversight body that uses the fees to have inline malware filters?

Thinking out loud here folks - offer some suggestions. Your input is welcome and appreciated.

Thanks for reading and let’s continue to be good network citizens!

=========================

20090918 Update:

E-Week reports that there is a surge in click fraud. According to the article this is similar to the NY Times advertisement malware threat discussed above. I fear this trend will only get worse. What is a legitimate advertiser or web services organization to do?

Another threat to watch out for - Ants in the keyboard!

On Friday I posted a tongue-in-cheek type posting about a worm taking down a laptop. Not necessarily big news but something different to see as a risk to computing equipment.

Another similar story came to my attention today. It has to do with ants in a membrane switch type keyboard. Check out the article Ant Farm In The Keyboard. Hey… isn’t it about sharing troubleshooting information between peers? wink-wink - nudge-nudge

Thanks for reading. Have a great day and let’s continue to be good network citizens!

Friday news alert - Worm causes computer crash! - Troubleshooting tip

Well… that’s probably news every day somewhere but in this case it was a real worm and I’m not talking about an electronic worm! I guess I need to ensure I don’t leave my computer out on the patio on the swing. I need to also watch my cat.

Check out the story Worm Causes Computer to Crash. You will see what I am saying is true.

Thanks for reading and let’s continue to be good network citizens.

Pandemic preparation, risk and business continuity

I’m not the kind to run around thinking the sky is falling or that the swine or bird flu risk is non-existent. I take a lot of these warnings with a grain of salt. However, the pandemic watches of the past few years should obviously have organizations thinking about their risks and business continuity plans. In fact, my organization has a few sites in Mexico and along the border with Mexico. So, this situation has the potential to directly affect our employees.

I wanted to bring your attention to a recent posting on the excellent SANS organization website about the pandemic watch of 2009. This posting is titled Pandemic Watch April 2009. This has very good explanations of the current situation and the potential health risks.

The section that I think is most appropriate to IT folks (actually to everyone) describes a skeleton plan for companies to help deal with the situation. The following is an excerpt from the SANS website.

Don’t Panic!

Initial monitoring stage (where we are right now)

* If you’re sick, stay home
* Family is sick, stay home
* Close contact with someone showing symptoms, stay home
* Wash your hands, cover your cough

Then, if multiple cases in your area,

* Think about telling non-essential workers to stay home
* Recommend workers take kids out of daycare

Pandemic stage

* Everyone will be staying home, how will you handle it?
* Do you have enough laptops?
* Can your VPN concentrators handle the load

I would recommend taking some time to read the summary about the health risks of the various flu strains. Let’s continue to keep our thoughts and best wishes for those who have already been affected by this most recent health issue.

Thanks for reading and let’s continue to be good network citizens - stay healthy too and if you are not healthy, then please contact a health care organization as soon as you can. Get well soon!

Security news - Videos from Hack In The Box 2008 Malaysia available for download

The videos from HITBSecConf2008 - Malaysia are now available for download!

Day 1

=====

http://thepiratebay.org/torrent/4654588/HITBSecConf2008_-_Malaysia_Videos___Day_1

Keynote Address 1: The Art of Click-Jacking - Jeremiah Grossman Keynote Address 2: Cyberwar is Bullshit - Marcus Ranum

Presentations:

- Delivering Identity Management 2.0 by Leveraging OPSS

- Bluepilling the Xen Hypervisor

- Pass the Hash Toolkit for Windows

- Internet Explorer 8 - Trustworthy Engineering and Browsing

- Full Process Reconsitution from Memory

- Hacking Internet Kiosks

- Analysis and Visualization of Common Packers

- A Fox in the Hen House - UPnP IGD

- MoocherHunting

- Browser Exploits: A New Model for Browser Security

- Time for a Free Hardware Foundation?

- Mac OS Xploitation

- Hacking a Bird in The Sky 2.0

- How the Leopard Hides His Spots - OS X Anti-Forensics Techniques

Day 2

=====

http://thepiratebay.org/torrent/4654974/HITBSecConf2008_-_Malaysia_Videos___Day_2

Keynote Address 3: Dissolving an Industry as a Hobby - THE PIRATE BAY

Presentations:

- Pushing the Camel Through the Eye of a Needle

- An Effective Methodology to Enable Security Evaluation at RTL Level

- Remote Code Execution Through Intel CPU Bugs

- Next Generation Reverse Shell

- Build Your Own Password Cracker with a Disassembler and VM Magic

- Decompilers and Beyond

- Cracking into Embedded Devices and Beyond!

- Client-side Security

- Top 10 Web 2.0 Attacks

===

On a related note, the registration for HITBSecConf2009 - Dubai (20th - 23rd April) is now open!

http://conference.hitb.org/hitbsecconf2009dubai/

The Call for Papers (CFP) for HITBSecConf2009 - Malaysia (October 5th -

8th) will open in March 2009.

Microsoft’s environmental campaign - XP goes green

Microsoft has a special section of their website dedicated to fostering environmental sustainability. To that end, they have released a product called Edison PC Power Management software. The application will work on XP and Windows Vista. According to the Microsoft Environment website features include:

• Scheduling. Identify work and non-work schedules to optimize power schemes based on when your PC is in use or on standby.
• Settings. Choose from among several options for power savings and settings.
• Estimated Savings Reports. Find information that shows how PC power settings correlate to money, kWh and CO2 savings.
• Intuitive User Interface. Drag easy-to-use sliding bars to choose settings and instantly see the power and monetary savings. Clearly marked tabs make the interface easy to navigate.

So… if you want to reduce your carbon footprint in 2009, check this out. I know I will.

Did you see this? - IBM creates Microsoft-free linux virtual desktop

Many IT trade publications are reporting that IBM is launching alternative to Microsoft-centric software and the bloated hardware required by recent operating system releases.

The Virtual Linux Desktop ranges in price from $59 to $289 per user, depending on level of software and service desired, according to the report. IBM estimates that the software package could save corporate customers up to $800 per user, when compared with the cost of maintaining Microsoft’s Vista operating system, Office suite, and collaboration tools, the newspaper said.

For more information see:

Wall Street Journal -IBM Creates ‘Microsoft-Free’ Desktop: Applications for Thin Clients Would Operate From Back-Office Server

VNUNet

Silicon.com

What do you think? Can Big Blue pull it off?