• End-of-year IT checklist

    28Dec
    Author: trent Categories: IT Management, Infrastructure, Security Comments: 3

    We’re finally down to the last few days of 2008.  If you’re like most places I know,  the rest of the organization has taken this week off as vacation, leaving the die-hard IT guys behind to mind the fort.  On the holiday party circuit, I’m continually surprised at the reaction when I tell folks I’m on-call over the holidays.  Apparently, many of them have jobs where time stands still when they’re out-of-the-office on break.

    Fortunately (!?), there’s plenty for us IT guys to do this week.  Here’s a quick checklist that I use to make sure things don’t get missed/forgotten:

    Read more »

    Tags:

  • Interpreting Packet Traces with Wireshark (Part 1 of n)

    26Dec
    Author: trent Categories: Infrastructure Comments: 3

    If you’ve ever been to the doctor and had an EKG test done, you know that they get super-excited about every little spike on the EKG trace.  The cardiologist stands there and “oohs” and “ahhs” over the slightest deviation from what they know to be normal.  To me, it just looks like a squiggly line.

    In the network performance world, packet traces provide the EKG equivalent to examine network health.  Anyone that’s worked with me over the last 20 years knows that the first thing I want to see when someone says they have a network performance problem is a packet trace.  The really good news is that most network engineers (and even some system administrators) are able and willing to use a tool like wireshark (formerly ethereal) or tcpdump to capture a trace.  Sadly, my experience is that once they have the trace, most folks don’t know how to “read” it — it’s the same squiggly line problem, just in the network space.

    At some level, extracting useful data from a packet trace is something that comes with experience, and perhaps is a bit of an art.  There are (literally) hundreds of interesting conditions that a packet trace can indicate, prove, or disprove.  But, success with packet trace analysis usually boils down to 3 things:

    Read more »

    Tags: , ,

  • Tips and Tricks for a Successful Application Performance Assessment

    19Dec
    Author: ben Categories: Infrastructure Comments: 0

    Every time I complete a large or complicated project, I try to consider a few lessons learned. Having recently been involved in a detailed technical performance assessment, I thought I’d share some generic thoughts here in hopes that it helps someone else. Read on for tips that might make your next performance assessment a success.

    Read more »

    Tags: ,

  • The Alternate Data Stream: a home for malware?

    12Dec
    Author: admin Categories: Ramblings, Security Comments: 0

    Can someone tell me a legitimate purpose for the Windows’ alternate data stream?

    Let’s start by looking at Wikipedia’s description of ADS:

    Alternate data streams allows files to be associated with more than one data stream. For example, a file such as text.txt can have an ADS with the name of text.txt:secret (of form filename:streamname) that can only be accessed by knowing the ADS name or by specialized directory browsing programs. Alternate streams are not detectable in the original file’s size… While ADS is a useful feature, it can also easily eat up hard disk space if unknown either through being forgotten or not being detected.

    Sounds like a pretty useful feature.  Virii(yes, ii) that infect .exe files are common,  but all leave the tell tail sign of increasing the file size of the infected executable.  Think about the beauty of a Win32 ADS virus that accomplished the following:

    Read more »

    Tags: , , ,

  • Worst ITIL Book Ever by Gerard Blokdijk

    08Dec
    Author: ned Categories: Ramblings Comments: 1

    I just survived a book that I am pretty sure was written by a computer, and regardless is probably the worst book I’ve ever read.  Whoever wrote the clever algorithm that generated random ITIL-related text in this rotten book probably deserves a neck-medal, but surely their name isn’t Blokdijk.  It appears that this horrible book, “ITIL IT Service Management: 100 Most Asked Questions, by Gerard Blokdijk,” was written by a real human, but I prefer to assume this was a result of a poor application of techology…

    Read more »

    Tags: , ,

  • Native Backup in Windows Server 2008

    04Dec
    Author: admin Categories: IT Management Comments: 0

    Those of us that have taken the fateful leap to Windows Server 2008 are starting to notice some of the big differences from Windows Server 2003 and 2000. The difference that I personally have been recently affected by the most involves the change in backup options – specifically, the loss of NTBackup. I never thought I would hear myself say this, but after getting some experience with the new Windows Server Backup features in 2008, I am actually sad to see NTBackup go.

    So what’s the big deal? Well, Windows Server Backup isn’t all bad. Microsoft’s TechNet article for Windows Server Backup shows quite the new feature list, including:

    • Faster Backup Technology
    • Simplified Restoration
    • Automatic Disk Usage Management
    • Improved Scheduling

    Read more »

    Tags: , , ,

  • Never underestimate the need for disaster recovery planning

    03Dec
    Author: beth Categories: IT Management Comments: 0

    A disaster recovery plan is something every company should have but hope it never needs to actually execute. Nonetheless, the plan must be thorough in identifying all steps necessary for keeping critical systems functional during a disaster, it must consider all possible contingencies, and it must be tested. The backup generator failure at Olive View-UCLA Medical Center in Sylmar in mid-November, a result of wildfire ravaging the area, is a good reminder that even diligent DR planning and testing cannot always guarantee that DR plans will work as intended. Despite being tested as recently as three days before the fire, the hospital’s backup power plant failed because of a fuel pump problem, jeopardizing the care of more than 200 patients.

    Read more »

    Tags:

Subscribe:

Popular Posts