Archive for category technology
Increase Virtual Hard Disk
Posted by Bloggylife in technology, troubleshooting on June 15, 2009
We’ve started with virtualization, I’ll talk about this beautiful sexy technology some other time. My hands are all over it.
When creating virtual machines, each seems to have it’s own hard disk and partitions, but in fact they all share a single storage to which the virtual server that manages the virtual machines points to.
I got one v-machine with 20 GB of hard disk space and I want to increase it. Through the setting of the machines you can increase the hard disk space. Back to the v-machine, go to computer management -> disk management, you’ll see the newly unallocated space, to partition and format.
I couldn’t extend my single primary partition with the tools available in windows, I think I’ll need third party softwares.
What I did, is clone my v-machine and as I was creating the new settings, increased the C volume space. of course, you’ll need enough space to be able to create this replica machine.
Don’t forget to, tick off the connected box in network settings, if you added a network, because you don’t want conflict issues, when powering on the new machine.
Will test it fully tomorrow, to make sure all is good. Give the same settings, IP, computer name, etc, to the newly created v-machine and shut down the original one. If all goes well after some time, delete the original one to free up some space.
Image Spam
Posted by Bloggylife in technology on May 5, 2009
Of all the emails we receive within 24 hours, around 95 % is spam! Of course we deploy a mail filter to go through all these emails and pass the legitimate ones only.
Now we are introduced to some emails that are clearly spam but get through, you’ll see the email with an image attachment of Viagra products for example.
If your filter box is text based, it won’t detect this kind of spam, the image spam. A brief overall description, of how a message is considered valid or spam, is it goes through several tests, based on the overall score, the verdict is issued.
The email can be blocked based on a number of things other than the email content, you can block all emails with images except coming from your whitelist for example, but this is not acceptable, especially if you have what I like to call the “Friends Spam”, employees using their work account as personal mailing account.
Your filter needs to include a special image filtering feature, that goes, even if not quite efficiently, through the image and detects text. I don’t think it understands the image itself, because we are still advancing in that arena.
What you can do, is add the sender’s address or domain to your blocked list.
On a lighter note, if there is a small little tiny chance that a spam message passes through, your main mail filter appliance and the end user’s email scanner, which employee’s inbox will it end up in ?????
Read More on Email Spam: Link
Fiber Specs
Posted by Bloggylife in technology on April 25, 2009
We’re about to buy a Cisco Firewall and we need fiber ports as interfaces, the technical Cisco product guy, asked what are the Fiber specifications you want?
I asked what do you mean? Don’t we just need a firewall with SPF SFP interface? – I sometimes make that mistake ;P -
He said, well type of fiber you are using and connectors.
Isn’t all the fiber used for long distance is single mode, and our fiber is terminated on LC connectors, so this is what you need right?
Well, no we need more information.
Really, like what kind?
I’m not sure, I’ll ask our other technical guy, he’s more into fiber specifications and I’ll get back to you.
Ok!
I’m still waiting for their feedback actually. What I know about fiber in general, is there are two type, single mode and multi mode. Single mode is for long distance and more expensive. Multi mode is for shorter distance and cheaper. Each has it hardware to support it. You can’t link a multi-mode to single-mode fiber without having some kind of transceiver to convert the signal. The type that they pull from the nearest exchange to buildings is single mode and if you want to pull fiber within your premises, across floors or between close buildings, you’ll use multi mode.
I’ve never seen a fiber mode convertor, but I hear they are very expensive, what they’ll do actually is have two transceivers, single mode to ethernet and multi mode to ethernet, so they’ll connect the single-mode to the first transceiver and connect the multi-mode fiber to the second transceiver and have an ethernet cable between them. From a network point of view, two points of failure! From a sales point of view, cost saving.
Check your WAN connection, are you utilizing fiber, leased lines, wireless, satellite. If you are using fiber, how is it connected to your router, is it direct or through a transceiver. If it is the first one, then your router is with a fiber interface module plugged which is more expensive then having a fast/giga-ethernet interface and having a transceiver in between.
Regarding the connectors, you know how long it took me to actually get them right, 1 year ;P ST round, SC square, MTRG big square, LC the small ones, I memorized them like that. Actually, I only used to mix up SC & ST.
Fiber cables, can come with the same connector terminated on both ends, LC-LC , or different type of connectors ST-SC. So maybe your fiber patch panel has ST connection and your switch interface has SC connection.
I’ve never dealt with Cisco firewall, so this would be interesting, firewalls all have the same concept, you just need to get familiar with how to manage it. The thing I know about Cisco, is every feature you need, you have to buy a separate product! Not all in within the same box. We’ll see what ours comes with.
Why Static IPs?
Posted by Bloggylife in technology on April 19, 2009
There are many issues with dynamic IPs for stations providing services such as web, email, FTP, etc.
- Can’t guarantee they’ll always keep the same IP.
- Changes need to be reflected on the DNS, which may have been set so that hosts can automatically register themselves or not. DNS changes take time to be propagated to other servers.
- Some applications need the IPs to be coded within them, if the IP is changed it has to be reflected as well.
- Most importantly, when you configure the firewall, it’s for that specific IP, I personally haven’t seen a firewall where the host is configured with name only and DNS is used to lookup the IP.
| Source | Destination | Service | Action |
| Any | Web Server Public IP | http | accept |
- For email, services, PTR records are created to verify that you are not a spammer and if you don’t own your IP block, you got it through an ISP which is the common case, PTR records for your IP block is pointed at their main DNS servers and not yours. So imagine the headache of everytime calling your ISP to change the public IP record. You may argue well only the private IPs are changed and mapped to the same public IP, you’d be amazed to know that some configure their public IPs direct on their servers.
- DNS servers are configured with IPs only. Example, if you are looking for x.google.com, a list of their DNS IP addresses is added (ex: 216.239.32.10) in other root DNS servers for you to go there and retrieve the correct IP.
That’s what I came up with, there may be other reasons 
Changing Networks Tips
Posted by Bloggylife in technology, troubleshooting on April 9, 2009
It can get a bit tedious when changing the design of your network, if you have an existing configured network, it’s harder to change it then implement a new one all together.
If you look at a company’s network, it’s focal point is its firewall. Behind each interface is a network or a group of networks.
On the 3-layer switch level, you’ll have the VLANs configured and on that switching level, there are routing capabilities, all is routed to the gateway. ex. users private network will be routed to a single firewall interface (172.17.1.1), where as your DMZ private network, has it’s own interface on the firewall.
When changing the network, do it one step at a time, have your design layout and let it make sense, if you have VLANs, name your VLANs correlated with the network IP settings, ex. VLAN 3 is configured for network 10.3.x.x, something to make your life easier for future troubleshooting.
Change one thing a day (VLAN/switch) and start with the least network usage department/users. Which locations, uses the network resources less, they don’t depend on the email system, Internet, etc. Most of their tasks are local to their PCs. Preferable, if it has the less users mixture, what we call direct users who are configure on another level, firewall, to use services other than the normal ones, like direct access to application servers.
Adding a new VLAN, doesn’t mean you delete the old one, keep it still, the same VLAN maybe configured somewhere else you aren’t aware of and needs to be routed.
Don’t forget to go beyond the switch level, your firewall needs to be aware of the new settings. Route the new network to the proper interface and don’t forget to add the network group on the firewall application, it has to know that this is a valid network residing behind that specific interface, ex. network 10.x.x.x is behind interface 172.17.1.1, or else the firewall will drop the packets presuming it some kind of spoofing attack. These settings are needed for users with public IPs natted to their private ones.
Check everything after each configuration, even if you think it won’t effect what you are checking, believe me with IT crazy things that don’t make sense happen all the time!
Write everything down, day and what tasks were done and build up your documentation through that.
Leave the servers network last, this is a huge headache, you can have both old and new server network, working side by side, routing between each other and gradually shift them and don’t forget to PRAY throughout the whole process
Green WiFi
Posted by Bloggylife in technology on March 13, 2009
I listened on the radio about this charity organization that provides Internet access to developing countries. I admit that I thought, do they actually need Internet access, wouldn’t they rather have food, shelter, clean water, medical care, etc.
Then they talked about how access to all the information helped the locals with their farming techniques and now more children attend schools rather than work on farms because they could afford all books online.
And since these countries have no source of electricity, this organization utilizes solar-power panels to provide power to all devices.
The Green WiFi, is committed to providing solar powered access to global information and educational resources for developing regions and K-12 school children striving for knowledge in a digitally divided world.
I was impressed and admired the founders of such organizations, the ones that give in order for others to have.
It makes me wonder, what am I doing to contribute in this world!
VeriSign & Private Domains
Posted by Bloggylife in technology on March 11, 2009
Did you know that if you required an SSL certificate for your organization, your domain information needs to be public.
When registering a domain name you can have all information related to your organization, assigned personal, address, etc. hidden under the hosting company or register.com.If this is the case, VeriSign will not issue a digital certificate. You need to make the information public, at least till you get it.
VeriSign contacts you in person after placing the request, asks a couple of questions, then forwards you the certificate files.
G-Wireless Clients & N-Wireless Routers
Posted by Bloggylife in technology, troubleshooting on March 7, 2009
After renewing our Internet subscription, I went for shopping in Hawali and got a Belkin N Wireless Router. True, our household has no devices with n-wireless cards, I just wanted it for wider coverage. To reach downstairs for the extender to work, which I didn’t try yet!
I configured it and plugged it in. I noticed that my wireless speed is 5.5 Mbps and if it reached the maximum, it’ll be around 11 Mbps. To double check, I dragged and dropped files from my laptop on our network storage and the speeds were lower than 300 KB/sec!
I know, I couldn’t expect the speed to increase over the max. 54 Mbps supported by b/g wireless network, but to improve a little because I can get a stronger signal thus increasing the speed a bit. But the opposite happened, my speed degraded.
I double checked my wireless configuration and driver updates. Then my router configuration and I configured my channel width as 40 MHz, thinking it’ll offer me more throughput, since I thought it’ll allow more data to be carried. Anyhow, this wasn’t the case.
The Channel-bonding trick can provide a 10 to 20 Mbps throughput increase, but usually works best under strong signal conditions. As signal levels drop, using channel bonding becomes much less effective in providing a throughput boost.
I configured the “bandwidth” back to the default 20 MHz and my wireless connection shows at times (48 – 54) Mbps, my file exchange is at 1.17 MB/sec.
See more details about “5 Ways To Fix Slow 802.11n Speed“
Microsoft Log Parser
Posted by Bloggylife in technology, troubleshooting, windows on March 6, 2009
I had to give up my log monitoring server, truth to be told, I had it up and running before I went on vacation and so I haven’t been using it much. Anway, gave up the powerful server for some application.
I needed to go over some audit logs that I enabled over specific folders, tens of thousands of entries, I tried filtering them in excel and it took me as far as it could and decided a small code will do the trick, then today I came across this.
Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows operating system such as the Event Log, the Registry, the file system, and Active Directory. You tell Log Parser what information you need and how you want it processed. The results of your query can be custom-formatted in text based output, or they can be persisted to more specialty targets like SQL, SYSLOG, or a chart. Most software is designed to accomplish a limited number of specific tasks. Log Parser is different… the number of ways it can be used is limited only by the needs and imagination of the user.
You can run queries which are similar to SQL, I run -h with any command or go through the help file, to come up with the right query. You can specify the input files example (csv, textfile, event logs) and the output, as far as I’ve discovered, can be in textfile, csv, charts, etc.
I had problems, figuring out the correct field names, which can be retried by a simple query or added at the top of your csv file and within the query retrieve the header. I got a bit mixed up whether to use (like, not like, =, ==, <>, !=) and if to include (‘, “). Ya3nee, my memory just needed refreshing.
All is left is to produce a report with my logs analysis and I’m done.
Who wants to bet, that the logs report next week won’t be needed 
Download Microsoft Log Parser here
Skype Request
Posted by Bloggylife in technology on February 17, 2009
Opened my email and I had a request from Skype. I’ve set my Skype account back in July (link) and had problems now and then (link), but overall I’m very pleased with it.
I was not aware that people could send email requests to Skype users. When I open my Skype application, the request isn’t displayed anywhere on the application console.
Maybe if you search for Skype users, then you’ll be able to send email requests, my privacy setting is set to only able contacts in my list which is one user, my friend that I call ;P
Recent Comments