IT Trenches

July 2, 2008  2:33 PM

Did you see this? – The Great SPAM diet results are in

Troy Tate Profile: Troy Tate

See my previous post on The Great SPAM Diet. The results are now in and darkReading has the scoop.

McAfee’s Great Spam Experiment, Unplugged

Many spam messages sent to participants in the study were phishing emails or contained malware or links to malware-ridden sites

Did anyone doubt that these would be the results? Thanks for your time. Let’s be good network citizens together & practice safe networking!

July 2, 2008  1:57 PM

If no one is answering the front door – try the back door

Troy Tate Profile: Troy Tate

I recently went to Target and was going to look at my daughter’s wedding registry to see what she and her fiance had selected. When I got to the registry kiosks, there was a Target team member and a customer having problems getting into the service. The Target team member was on the phone apparently with another store or technical support. I heard things like “This is happening at all of the stores.” “We can’t get it to work.” “How do you reset this thing?”

Since there was another open kiosk, I thought I would try my luck and see what errors may appear. The main kiosk user page is intuitive and I immediately found the wedding registry icon and clicked it as any customer would. The application immediately responded with an error page describing some issues with scripting or something. Ahhhh… so I was receiving the same error as the other customer.

Well, the IT detective side came out in me and I started back over at the kiosk home page. Target designed this page with lots of options and ways to get to information that a customer may be looking for. Along the side of this page I found another link to get into the various registry areas, baby, wedding, etc. I clicked on that topic, navigated my way to the wedding registry and lo and behold… I was able to print out my daughter’s wedding registry while the other customer and the Target team members were still grumbling about the other kiosk.

I want to commend Target for providing multiple navigation means around their website. I would hope this experience would encourage more of the same for other vendors. I know, in IT, we like to restrict how many paths a user can go through an application to get to the same information, but in this case, Target did the right thing and provided good customer service.

June 25, 2008  3:09 PM

Researching Network TAPs – Implementation Day (part 5)

Troy Tate Profile: Troy Tate

Hopefully you have been reading about my adventures with implementing a network tap to end network blindness. If not, take a look back at previous entries found here.

When I last left you on this topic, there was a problem plugging in the tap between the router and the LAN switch. I was informed by technical support that the devices needed to be configured with auto-detect network settings. Those settings have now been made and the network tap is now installed and functioning well!

One interesting thing I discovered about the Datacom Systems Singlestream 102 device  is that it will permit network injection through the tap port. What this means is that you can have a host running ntop and listening on the tap, for example, that you can get to without having to install a second nic and publishing on that nic. This is a great thing! It simplifies the configuration of the monitoring host.

So, it looks like my monitoring need has been met and now the real challenge of discovery and ongoing traffic management. Such is life in the network management world.

I will pass on any updates about this network tap as any new information arises from my implementation.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

June 18, 2008  7:25 PM

Did you see this? – 10 Cool Powershell scripts virtual lab

Troy Tate Profile: Troy Tate

Microsoft has some great virtual labs which can give an administrator some quick education over a lunch hour or a short period of time. One of these virtual labs is the 10 Cool Powershell Scripts lab. If you have not started with Powershell, then this may help you get moving in the same direction that Microsoft is moving… back to the command line!

Enjoy & keep your skills fresh.

June 18, 2008  7:20 PM

Did you see this? – Microsoft Assessment & Planning Toolkit 3.1 Beta

Troy Tate Profile: Troy Tate

The Microsoft Assessment and Planning (MAP) Toolkit is an integrated platform with tools and guidance that make it easier for you to assess your current IT infrastructure and determine the right Microsoft technologies for your IT needs. It offers easy inventory, powerful assessment and actionable recommendations for Windows Server 2008, Windows Server Hyper-V, Virtual Server 2005 R2, Microsoft Application Virtualization (formerly SoftGrid), System Center Virtual Machine Manager, Windows Vista, 2007 Microsoft Office, and SQL Server. The popular Windows Vista Hardware Assessment readiness tool has now been replaced by the MAP toolkit platform.

June 18, 2008  7:15 PM

Did you see this? – Sysinternals LIVE!!

Troy Tate Profile: Troy Tate

If you’re a fan of the Sysinternals tools, check out the beta of Sysinternals Live, a service that makes it easy for you to execute Sysinternals tools directly from the web without hunting for and manually downloading them. Simply enter a tool’s Sysinternals live path into Windows Explorer, or at the command prompt as \\\tools\<toolname> or view the entire Sysinternals Live tools directory in a browser.

If you have not used these tools yet, then you are definitely missing a critical item for being successful in your IT position. Check them out… it may save your reputation some time!

June 18, 2008  5:26 PM

Did you see this? – Infosecurity Magazine RSS feed

Troy Tate Profile: Troy Tate

Infosecurity Magazine has a very good RSS feed to keep yourself up to date on events/issues and technologies. Check it out!

June 17, 2008  2:33 PM

Did you see this? – can MY browser do this?

Troy Tate Profile: Troy Tate

Here’s a great website for testing your browser functionality and understanding the different features of each application.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

June 17, 2008  2:28 PM

Certificates – who do YOU trust?

Troy Tate Profile: Troy Tate

We are currently going through design and implementation of an Exchange 2007 environment in my organization. Our current e-mail architecture is varied and does not have any version of mail services newer than 6 years old. So, we are learning a lot about Exchange and how it can fit our environment of over 2,200 users globally.

Part of our requirements includes providing access to downlevel clients (Windows 2000 and below) as well as access to remote users. This will be easily accomplished through Outlook Web Access (OWA). As you know, OWA login is usually done on a page with an https or secure sockets layer (SSL) address. The SSL encryption is provided by a certificate hosted on that server. The certificate can be self-signed by the server, signed by an authorized certificate authority (CA) in the organization or by a trusted third-party provider like Verisign or Thawte.

If the certificate is self-signed by the server or by an organizational CA, then somehow the clients need to know about the trusted root or they need to accept the warning that the browser gives when they login to the website. You want the users to understand what trust means or take the question out all together. I vote for the latter. Remove doubt that the certificate is from a trusted source.

For the external OWA connections, we are purchasing certificates from a recognized third-party. I have gone through several iterations of getting certificates though since this is my first time getting these for an Exchange environment. There is a particular “flavor” of certificate known as a subject alternative name (SAN) or unified communications certificate. A great article on this can be found here. (Take note of the root website here. It is one of the best and most readable Exchange resources you will find since it comes from the Microsoft Exchange product team.)

So, I am now in the process of getting these SAN certificates and will be implementing them this week so the errors will go away when users login to these portals since they know and trust the root certificate authority.

The next challenge is to address this same issue on internal private OWA servers. We will be implementing a two-tier enterprise CA architecture using an offline root and a single enterprise CA. We will be publishing this through Active Directory so the clients recognize this as an internal trusted root. We are then positioned to use this CA for other uses: digital signatures, S/MIME, 802.1x, device authentication and other uses.

As you can tell, this has been a lot of education and work for my company. We have had some help in these efforts since this is entirely new to us and we have to implement it successfully the first time. I will let you know how things go.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

June 17, 2008  2:05 PM

Did you see this? – Online e-book library

Troy Tate Profile: Troy Tate

Check out this digital online library for IT professionals. Bet you can’t read just one!

Thanks for your time. Let’s be good network citizens together & practice safe networking!

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: