Diary of a Network Geek

Speaking of free software…

Many of you know that I’ve long been a proponent of the spectacular free office suite, Open Office.  Well, there’ve been some shake-ups in the free software world and Oracle and the developers of Open Office have had a bit of a falling-out.  Nothing too serious, really, but enough of a difference of opinion about the future of Open Office that they forked the project.  Now, what that means to you and me is that they’ve taken the open source code to date and started their open development of it under a new name.  The new project is called “LibreOffice” and is being supported by the Document Foundation, who’s sole purpose seems to be continuing development of this fantastic office suite.
Follow that link and you can download the latest version to try for yourself.  I suggest you do because you may never buy another revision of Microsoft Office again.
Seriously.

I was going to share this right before Halloween, but something better came up, so consider this a “Halloween Chaser” to clear your palate.

If you’re like me, you have a lot of computer systems floating around and the one thing they all have in common is that they could use some more drive space.  So, again, if you’re like me, that means you end up buying all kinds of storage space, in one form or another, to meet that need.  Now, you can do it as economically as possible thanks to Gigs4Less.  No matter what kind of storage you need, from compact flash to hard drives, they list everything they can find on the web and sort it by price, price per megabyte, and any other way you can think of sorting it.
So stop wasting money and hit this site to find the biggest drive you can afford, for less!

And be safe out there trick or treating, okay, kids?

Yeah, I know, I’m not really a huge fan of Micro$oft Office either, but, what can you do when it’s become the defacto standard?

Make the most of it!
So, back in the day, the reason I originally got into computers at all was due to writing.  I know, crazy, right?  Well, I discovered how much easier it was to edit documents without having to retype the whole thing and I was hooked.  Then, as I wrote more, I got really into moving whole sentences and paragraphs and, yes, even entire, multi-page sections of text from one part of my work to another.  It was pretty fantastic, really.  In any case, copying and moving text is one of the things that Word is really good for and there’s even a secret feature to make your editing job easier; The Spike.
With the Spike, you can copy or cut multiple sections of text and then paste them all into the same section all at once!  You can even take text from multiple documents and copy it to the Clipboard and then paste it into a new document with the Spike!  How fantastic is that?

So, go check out the link and see how to leverage all that power for yourself.
Enjoy!

I spent two days trying to teach someone just part of this once.

Now, you may think my failure in this regard is due to me being a bad teacher.  Sadly, it was not.  Two other people, one of whom I had already taught about RAID, and more specifically, SCSI RAID configurations, couldn’t teach this to my failed student either.  Shockingly, when I was “encouraged to find other opportunities to excel”, outside that company, naturally, that student took over my job.  Oddly enough, a few years later, I heard the person who had made that organizational choice had also been encourage to find other opportunities to excel.  Funny how that works.

So, now, in part to make up for not being able to educate that person, and also to spare someone the same teaching fate I faced, here are two articles about RAID.
First, from ExtremeTech, RAID 101, Understanding Multiple Drive Storage.
And, secondly, from TechRepublic, Choose A RAID Level that works for you!

You can go to those articles and get lots of detail, but I’ll break it down for you in brief here.
Something that people tend to forget, for some reason, is that RAID stands for Redundant Array of Inexpensive Disks.  That’s not as true as it used to be, thanks to server pricing and how cheap SATA drives have become compared to SCSI drives.  Back in the day, we always used SCSI and I still do for server systems, mostly, because it tends to be faster and more reliable than anything else.  That’s not as true as it used to be thanks to improvements in SATA, but if you still want to do a BIG array of disks, SCSI is pretty much the only real option.
There are a bunch of RAID “levels”, but, realistically, you’re mostly going to deal with three or four: RAID 0, RAID 1, RAID 5 and, maybe, RAID 10.

RAID 0 is generally referred to as “disk striping”.
In a nutshell, what this configuration does is stripe data across multiple drives.  Generally, this is done to make more available disk space and improve performance.  The down-side is that there is no redundancy.  In other words, with RAID 0, you can take several disks and make them perform like one larger, faster drive, but if one disk crashes, they all do.

RAID 1 is generally referred to as “disk mirroring.”
And, that’s essentially what it is, a system which saves everything to a duplicate drive or drives.  Most often in server configurations, you’ll find the operating system on two drives that are mirrored.  That means that if one drive goes bad, the admin can reconfigure the other drive to take over running the server.  In theory, this works pretty well.  In practice, it takes a little finagling sometimes to get that mirror drive reconfigured as the primary.  The other thing to remember is that the second drive is essentially lost storage.  In other words, if you put two 1 terabyte drives in a RAID 1 array, you only have 1 terabyte of available storage when the system is running.
This is pretty much bare-bones, bottom-of-the-barrel redundancy.

RAID 5 is what most people think of when you talk about RAID arrays.
In RAID 5, data bits and “pairity” bits are striped across three or more drives.  Basically, data is broken up and written to multiple drives and then another, sort of “record-keeping” bit of data is written, too, so that the RAID 5 system knows where all the pieces of the data are.  Now, that’s a bit of an oversimplification, but, what it means is that if one of the drives in a RAID 5 array fails, the array keeps running and no data is lost.  Also, when a replacement drive is put into place, the RAID 5 array automatically rebuilds the missing drive on the replacement!  This, my friends, is like system administration magic!  Somehow, with a lot of really big math, that I frankly don’t understand, they can tell what the missing bit is based on the stuff they do have and fill it in.  This is the best invention since sliced bread!
Also, an option on many RAID 5 systems is something called the “hot spare”.  The hot spare is a drive that is part of the array but not active, until one of the other drives fails.  Then, the hot spare becomes active and will automatically start to rebuild the missing data on that new drive.  That means that the system admin and order a new replacement drive at their leisure and actually schedule down-time to replace it.  What a concept!  Not always doing things at the last minute or under fire, but planning ahead and taking your time.  It’s unheard of!
Finally, the best option available on many RAID arrays is the “hot swapable” drive.  In that case, you don’t need to schedule downtime at all, but only need to pull the damaged drive out of the array and pop the replacement right in.  All without even shutting the production system down for even a minute!  Again, this is like magic!

The last “common” RAID level is RAID 10.
Basically, this is a combination of RAID 1 and RAID 0.  In other words, it’s a set of mirrored arrays.  This setup requires at least four drives and is fairly pricey.  It’s mainly used for redundancy and speed and, realistically, is almost only used for database servers.  In fact, I can’t think of any other instance that I’ve heard of this being used, outside of database servers.

There are other levels, too, of course, but you can hit the articles for more info about them.  They’re pretty uncommon outside of really high-end or experimental configurations of one kind or another.
Oh, one last thing…  RAID can be implemented either via hardware or software.  In general, software RAID, such as you might find in Linux, is cheaper, but is slower and more prone to having issues if something goes wrong.  Hardware RAID is faster, a little more expensive, but a far more robust solution.

So, there you have it, RAID in a nutshell.
And, yes, for those of you who have noticed, articles like this are me turning this blog back toward its roots as a technical blog.  I hope to have more basic info like this as well as some new projects over the next 18 months or so.  Certainly, more than there have been in the past two or three years.
I hope you’ll keep coming back for more!

Wow, even computer crime is a “family” business these days!

Hey, look, I’m from Chicago, where you can’t hardly swing a dead cat and not hit a mobster, but this surprised even me!  Apparently, according to an article that ran on CNet, 85% of all stolen data last year was linked to some kind of organized crime.  And, 38% of data breaches used stolen credentials.

But, also, people are getting rich protecting us from the threats they create!  Seriously!  According to this article at eWeek, that’s just what some of the botnet crooks are doing.  And, remember, this is BIG business.  We’re not talking about a couple hundred infected PCs, we’re talking about tens of thousands.  There are websites dedicated to the buying and selling of the data these things collect and renting out the zombie PCs to do your dirty work, like send spam.  It’s big business and where there is big money to be made doing illegal things, there’s always been organized crime.

More and more, life is becoming like a William Gibson novel…

Remember, these are “administrator utilities” not “hacker tools”.

In my business, it pays to make the distinction.
When people call me for help outside the office, the calls usually fall into a couple categories; a virus, a slow computer, a lost password and “how do I do X?”  Sadly, I’ve been doing a lot of virus and spyware removal, but, also, lately, I’ve had a couple of “lost password” calls.  I actually love getting those, for a couple reasons.
First, lost passwords are surprisingly easy to recover if you have physical access to the machine.  It’s funny to me how few people get that.
Secondly, I find recovering passwords fun.  In a way, it was one of the first things that drew me into the business.  I was one of those guys who got hooked by the security bug not by War Games, but by Sneakers.  Yeah, I know, most guys my age especially will tell you it was War Games that really got them hooked.  What can I tell you?  I’ve always been kind of a late bloomer.  And, my dirty, little secret is that after seeing Sneakers, I wanted to be Marty Bishop.  Seriously.

Anyway, my recent experience with Windows password recovery requests gave me an opportunity to refresh my tools.  After Googling a bit, I found a handy About.com page titled “Top 6 Free Windows Password Recovery Tools“.  I downloaded several, most of which were based on bootable CDs of one kind or another.  I like those kinds of toolkits because they don’t require even limited access to operating system, just the ability to reboot the machine from the CD toolkit.
In the end, I tried two; 0phcrack and the Offline NT Password & Registry Editor.

Now, I’m not positive, but I’m pretty sure that 0phcrack is the free, opensource fork of l0phtcrack.  Now, for an old-timer like me, l0phtcrack was THE password cracker to have, back in the day.  Created by a group of well-known hackers, some of whom famously testified before Congress, it was not free.  At least, theoretically.  If you knew where to look, you could get copies.  And, yes, I  them.  But, this version IS free and seems like it had some improvements.
For one thing, the old version had a slightly clumsy text-based interface.  This version has a much nicer interface that seems to use X-Windows.  It’s also far more intuitive to use.  It ran pretty fast, really, though, sadly, didn’t seem to be able to crack the non-dictionary word used as a password on the Windows 7 box I was using it against.

On the other hand, the Offline NT Password & Registry Editor has been around for several years, and had several updates, though it retains the text-based interface.  I don’t remember when I used this the first time, but, so far, it hasn’t let me down in a pinch.  This time was no different.  So, yes, even though it has “NT” in the name, I’ve used it on everything from Windows 2000 through Windows 7 without a hitch.  Of course, your results may vary.  The bonus of this product is also it’s most potentially dangerous drawback; it directly edits the registry and password files.  This is dangerous, in a way, because if something goes wrong, this could, theoretically, lock you out of your machine permanently.  In practice, this has never actually happened to me.
One advantage of this utility is that you can change or simply remove the password for any active user on the system.  Also, you can use it to promote an active user to being an administrator equivalent.  Now, by “active user” what the developers mean is any account that is not disabled.  Though, I think there may be the option to activate a deactivated account.  I’m not positive, though, because I’ve never had to look for it or try to use it.  And, yes, this worked like a charm to simply blank the password on the Windows 7 machine that had apparently forgotten its own password.

So, there you have it.  Two tools to recover lost Windows passwords.
Oh, and, just a quick disclaimer here.  I’m not responsible for any damage you might accidentally do to your machines with these utilities.  Nor am I advocating using them to break into your ex-spouse’s computer to read their adulterous e-mail to their lover.
I’m just sayin’….

Lifehacker loves iPhone apps almost as much as I do!

No, seriously, I use this thing for everything.  Not too long ago, I showed you a ToDo app that makes life easier for you when trying to keep track of all the things you need to do.  I’ve talked about other apps before, and, of course, earlier this week, I mentioned that people are using their iPhone as a security testing tool.  Really, there’s no end to what you can do with today’s smart phones, though I happen to prefer the iPhone, obviously.

In any case, Lifehacker has put together a list of apps that they recommend, most of which are free.  And, the few that aren’t are only a couple of dollars a piece.  If  you’re a heavy iPhone user, it’s worth it to go take a look at their selection of “must have” iPhone apps: Lifehacker Pack for iPhone.

Hey, I missed letting everyone know about System Admin Day this year, but, I think this will make up for it.

I’ll be honest, one of the reasons I missed that this year is because I’m so overworked and over-stressed it’s like I was married to the Queen of the Damned again!  Seriously!  I haven’t been this frazzled since my divorce!  In any case, I imagine there are a lot of other server administrators out there with less free time than they’d like, too.  So, I’m sharing a blog post from Tech Republic; 10 Must Have Windows Server Tools.  I don’t know about “must have”, but they are handy for Windows admins, anyway.   I’ll need to scout around and find something similar for Unix admins.  After all, I can’t forget my bearded brethren!

So, hope that helps free up some time for you all, but now I’ve got to get back to work!

Good morning, Spammers, this quick note is just for you:

In response to your many SPAM comments and e-mails, no, we cannot exchange links.  I do not care to support your website that has nothing at all to do with anything I’m remotely interested in.  What’s more, I think you spammy, bottom-feeding, marketers of the lowest-common-denominator are the scourge of the internet and should be beaten.  Regularly.  When I link to a website, it’s either because I’ve used their product and liked it, it’s something I think is cool, or it’s run by a friend.  Anything else that is linked to from this website is part of one of the advertising programs that help pay for it.  It’s not free, and I found them.  They didn’t spam me with links and requests based on the fact that I rank well in Google.

So, no, I won’t participate in some random link-exchange with you, you parasites, and your anonymous, automated e-mails and comments will be deleted.

Thanks for asking!

But, slow is fast.

I’m not sure where I heard that first, but boy is it true.
I’ve never served in the military, but I used to hang out with a lot of guys who did and, frankly, were pretty intense about it, when I was younger.  And, yes, I do love me some action movies with big guns blazing, so there’s no telling where I picked up that little bit of military wisdom.  I tend to associate it with BUD/S training, which is better known to the general public as the SEAL program.  In essence, the idea is this; the faster you try to rush something along, the more mistakes you make and the longer it takes to actually achieve your goal.  But, it also has some other connotations.  The one that I forgot to take to heart this past week was to not let circumstances rush me into doing a sloppy job.

This past week I was supposed to get a new server installed and configured for a sister company.  It’s a startup, really, so there’s not an existing network, which means I’m basically setting everything up from scratch.  Now, in some ways, this makes things easier.  I don’t have to worry about conflicts as much, for instance.  I mean, however I configure the first equipment will determine the entire network configuration.  Whatever naming conventions I set will be carried forward.  I’m working with a blank slate.
But, that blank slate has its disadvantages, too.  As an example, there is NO infrastructure in place at all.  So, not only do I have to setup the server, but also the switches, the firewall, and even the rack and UPS that will hold it all!  Luckily, I didn’t have to run the actual cable, but, pretty much everything else will be something I install myself.  Not that it’s all bad to do it myself, either, because I don’t have to worry about someone else doing it the wrong way or undoing something I’ve already done.  But, it does all take time.

Again, I’ve done this before.  Not only have I been a “department of one”, as it were, but I’ve setup networks from scratch for years.  I’ve been doing this since 1992, so, for the past 18 years, I’ve networked all kinds of crazy things together.  And, some of that was back in the old days before Windows clients and GUI interfaces made it all work together right out of the box!  Still, I forget things sometimes.
I forget that I should get help racking servers, for instance.  Getting the weight up into the rack isn’t so difficult, but doing that and getting those damn little pins into the recessed slots on the rails at the same time can prove challenging.  I should know that.  But, this week, giving into the pressures from end-users at a startup, I tried to rush things.  What ended up happening was me losing my grip on a server and twisting a rail all out of shape.  Luckily, I never throw out spares and I had another set of rails that I could use as a replacement.  And, the second time around, I was smart enough to get help to rack that server.  And the APC SMART-UPS 5000VA UPS that weighs in at about 130 pounds and has sharp edges.  With that help, nothing else got out of hand and I didn’t have to replace any more rails.
Of course, when I went to set everything up, it turned out to have the wrong power adapters to plug my servers into.  Why?  Because I was in a hurry and didn’t double-check the specs and trusted that someone else would do their job right.  So, now, @Dellcares on Twitter, who heard my rage at having the wrong UPS, is helping me get things straight.

Did I get the server installed?  Well, yes, I plugged directly into the wall long enough to setup and configure the server to meet my deadline for next week, but, I struggled with one of my most basic character defects first; sometimes, I just need to ask for help.
Of course, I also lost sight of one of the most basic principles of IT, which seems so counter-intuitive in such a fast-paced industry:
Fast is slow; Slow is fast!

Advice from your Uncle Jim:
"The indispensable first step to getting the things you want out of life is this; decide what you want."
   --Ben Stein