November 20, 2010

Attack of the Local Failures


You read that correctly. It is a 82 GB mailbox filled with Local Failure messages. Jon Jeffels spotted this when we couldn't figure out why his Outlook client kept crashing and hanging. Read his full post here:

November 15, 2010

Trend Micro WFBS UPX Packed Updates

I had a client with a myriad of issues related to some infected machines on the network. While digging through the firewall logs (SonicWALL TZ-170 or 190 I believe), I found this entry:

November 04, 2010

Case-sensitive DNS? Believe it.

DNS is not case-sensitive, that's what you thought, right? Me too, but apparently somebody disagrees.

September 08, 2010

End Users are Funny Pt II

Here's another conversation during a remote support session today:

Client: "So Paul, have you seen the internet today?"

Me: "Well, I've been on the internet today, does that count?"

Client: "Take a look at the front page of the internet when you can. There is this crazy looking guy on the front page."

August 20, 2010

5 Things I Learned from Air Force Networks

After completing what may very well be my last tour as a Cyber Systems Operator with the Air Force Reserves, I'd like to offer this (unclassified and possibly incorrect) insight into the wonderful system that is the Air Force Global Information Grid (AF-GIG):

July 26, 2010

Secunia Half-Year Report 2010

I usually try to avoid reposting information from others, but Secunia has a great security report that has some down to earth information relevant to every computer user:
https://docs.google.com/viewer?url=http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf

Among the interesting statistics?


  • A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year.
  • In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010 to 760.
  • During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached.
  • A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010.
  • An Windows end-user can patch 35% of vulnerabilities with one tool from Microsoft, but requires another 13 to patch most of the rest.
Also, in terms of the raw number of vulnerabilities, Apple has shot past Microsoft and Oracle to claim the #1 spot. However, this doesn't take into account how severe the vulnerabilities are or how quickly a patch is released.


June 10, 2010

Symantec Installation Failure

We've been looking for alternatives to Trend Micro WFBS lately, and I thought I'd give Symantec Endpoint Protection another shot. I spent several hours fighting with the installation package and Symantec Support, but continually had issues with a VBS file that is supposed to run in the setup. A week and several pots of coffee later, I found the problem.

May 25, 2010

End Users are Funny

I have a client who submits tickets and e-mails to me in haiku.

Paul I have a problem,

   our e-mail is not working ...

can you call me please?

I have not decided if this is intentional or not.

 Can you please help me?

 Susan cannot print today ...

     and reports are due.

But it is certainly relaxing to read.

April 28, 2010

Facebook Accounts Are Almost Worthless

How much would your Facebook account bring you if you sold it? According to VeriSign, just a couple of pennies. I spotted an article on Dark Reading the other day detailing a recent black market advertisement for over a million Facebook accounts, sold in 1,000 unit increments for $25-$45. About 2 to 4 cents per account, which highlights how easy it has become for these accounts to get compromised and used to spread malicious software.

April 20, 2010

Secure the Edge: Protecting Exchange 2007 Connectors

Many small companies employ a service such as AppRiver to provide affordable messaging security, but not many take the time to properly secure their Exchange connectors afterwards.

March 20, 2010

Reflections on Google Apps


I just completed our first deployment to Google Apps Premier for a client and a had a great time with it. I've already moved my domain (paulhite.com) over to it and I highly recommend anyone who needs a mail system for their domain to consider it. Here are a couple thoughts on the overall process and results:


March 02, 2010

Procrastinator's Recipe for a Great Project Paper

I'm currently at step 6, and so was born this post.

1. Remove one great idea from brain. Put aside for several weeks.
2. Try really hard to remember what that great idea was. Decide on a different mediocre idea instead and write it down this time.
3. Let the idea simmer until one week before the project is due. Victory will taste sweeter this way.
4. Start preparing project paper. Don't research anything, it just slows you down. Stream of consciousness is most effective. Continue until you run out of thoughts, or approximately 500 words into the paper.
5. Ctrl+A, Delete. Repeat Step 4, that introduction page sucked anyways.
6. Mix 1 part great idea with 9 parts alcohol. Maintain the Balmer Peak for 72 hours and write 30 pages of really awesome sounding techno-babble.
7. Suddenly remember that great idea when you sober up. Repeat step 5 & 6.
8. Remove project paper from hard drive. Serve to reviewers at room temperature and really hope that none of them actually knows what "deep packet inspection" means.
9. Celebrate your success by repeating step 6. Great idea is optional at this point.

That's it. Good luck out there, WGU grads!

February 22, 2010

Notification: WSB Can Do Notifications

I had a client who, much to my dismay, purchased a new server from Dell and opted not to go with Backup Exec but rather the free Yosemite Backup application that ships with the RD1000 drives. Not a huge deal until I discovered after a good deal of troubleshooting that Yosemite does not work with Server 2008 R2. Long story short, we were left with no option but to use Windows Server Backup and find a way to configure e-mail notifications.

February 11, 2010

AOL Can Break Rules

While testing an SMTP connection to AOL's mail servers, I got this awesome syntax error response when I forgot to put a space between "MAIL" and "FROM":

220-mtain-mi12.r1000.mx.aol.com ESMTP Internet Inbound

220-America Online (AOL) and its affiliated companies do not
220-authorize the use of its proprietary computers and compuer
220-networks to accept, transmit, or distribute unsolicited bulk
220-e-mail sent from the internet
220-
220-Effective immediately:
220-AOL may no longer accept connections from IP addresses
220 which no do not have reverse-DNS (PTR records) assigned.
HELO paulhite.com
250 mtain-mi12.r1000.mx.aol.com
MAILFROM:test@paulhite.com
221 2.7.0 Error: I can break rules, too. Goodbye.
Connection to host lost.

Yes you can.

February 09, 2010

Study Time!

Updates to the blog will be more sporadic than usual as I concentrate on my last few months of college, my final design exam for the MCSE, and the upcoming Cisco course. Phew!

January 26, 2010

Does your network stink? Make a sniffer!


Sometimes there is just no substitute for looking at raw packet capture data when infiltrating troubleshooting a network. In normal situations, I'm content with loading Wireshark or Network Monitor up on a system that sits in-line with the data I require (e.g. sniffing packets from a DHCP server when you have clients that cannot get an IP address). However, there are many times when you cannot load sniffing software on the device in question, or don't want to. Perhaps you want to monitor inbound traffic to your ISP to a border router, or watch for packets leaving a device you don't manage. In these situations, you need a passive network tap to capture the traffic without touching the two end points to be monitored.

January 22, 2010

Configuring a Hyper-V R2 Core Installation

A little deal I stumbled across online landed a Core 2 Quad Q9400 with 8GB of RAM in my lap for a good price. After struggling with a deep seated desire to put a decent video card in it and lock myself in the office playing video games, I finally decided that putting together a test network would be a much healthier choice. I still locked myself in the office though.

January 13, 2010

Mozy Programmer Humor

Several of our customers use MozyPro as an offsite backup solution, whose programmers apparently have a sense of humor and nostalgia.

While running a backup for a new Mozy user today, I spotted this message while the backup was initializing:

January 05, 2010

Panda Steak!

But for dinner only :(




- Posted using BlogPress from my iPhone. Isn't that just spiffy.

January 01, 2010

They had candy too...

Gassing up in Houston, my pump invites me inside for a treat:




Tempting.

- Posted using BlogPress from my iPhone. Isn't that just spiffy.

Red Flags and the Value of Experience

One of the things I hear often said, and something I subscribe to as well, is the idea that a lot of technical knowledge in the world of IT ...