Blogs

The Post Christmas Portable Device iSuck

After each Christmas for the last few years, we began seeing more people bringing into their corporate and school networks, new personal devices they received as gifts. This year was no exception, and the post-Christmas 2011 season has seen an astonishing amount of new personal device purchases. New and less expensive versions by Apple of the iPad, iPhone, and iPod, made it a great gift idea this year. Not to be outdone, Amazon sold record numbers of their new Kindle Fire. Barnes & Noble also has a Nook, personal reader. The tablet market, re-energized by the iPad also saw other manufacturers introducing new devices running the Google Android operating system. The shift to a personal device and less reliance on the desktop or even laptop computer for day-to-day use has truly come to fruition over this holiday season. Most of these devices all now have mobile wireless cards in them, and some broadband wireless cards.

While we can't stop progress, we need to be wary of what the influx of these new devices with wifi capability mean to the networks we maintain. Particularly, if you have a business or organization with over 200 staff we're beginning to tap out existing IP ranges in typical IPv4 Class C, 24 bit (/24) subnet'd network configurations. While the depletion of IPv4 Public IP space is a Global concern and being addressed with the shift to IPv6, the legacy IPv4 stack is something that's going to have to be managed in the foreseeable future. IPv6 alone won't solve the entire problem, as we're going to have to maintain a dual-stack environment (IPv4 & IPv6) to access the internet as we know it today.

Creating new internal NAT ranges and doing more routing locally, will help to alleviate the problem in the short term, but this isn't without it's consequences and all new sets of problems. Policies for restricting the access of these devices to corporate and school networks also needs to be addressed. This could enforce the use of the personal device's provider network on the these devices, rather than increase the load to already stressed internal corporate wireless networks. In most production wireless environments we've dealt with, iPads and other personal devices allowed onto a traditional internal wireless network, hold their dhcp assigned address by keeping the wifi connection alive, even while on broadband, so that the assigned address becomes unusable to any other clients even while not actively using the connection. This is contributing to what we are calling this new IPv4 address iSuck, as we're seeing all of the IP's being sucked up by these new personal mobile devices.

How To Purchase Apple Macintosh Computers With An Educator Or Student Discount

Apart from this computer repair and computer services business I operate here, I've been the Network/Systems Administrator for Pittsburg Community Schools (USD 250) for several years. Before that, the District Technician for the same, with a history of involvement in the computer repair field in the Pittsburg community for quite some time. Just being involved in this public education support role, with my background and acquaintances, I am often asked by staff and others for advice on their own personal computer purchasing decisions.Apple Education Store In order to provide all the details effectively to assist in their own decision on what to buy, I've created an article here at my personal business site for those people who ask. This guidance would also apply to anyone seeking some basic advice on how to receive discounts on computer products if you are a K-12 or College level educator, or are a student at either level.

Apple StoreThis particular article is tailored specifically for those people who would like to purchase Apple Macintosh computers. If you are wanting advice for MS Windows-based PC computers please see my other article here. Your source for Apple Computers is of course, the Apple Store. Apple Computer's public sector pricing is listed on the basic Apple Store for the most popular current products, this is always a good place to start. We'll also look at the Apple Store Educator/Student Discount. One of the best sources for slightly discounted public sector pricing is MacMall however, which I've purchased from many times, and is a reputable company in my opinion. PCMall is their Windows-based PC counterpart, and they are equally as reputable. We'll compare the four best selling Apple personal computer products right now as a price comparison across these different channels and vendors.

Apple Education Store - QualificationFortunately, Apple keeps their product line fairly simple. The current basic MacBook Air lists on the Apple Store for $999, this is a great Apple laptop computer, but can be a little underpowered and have too small of a screen for more advanced home users. We'll use it however, as an example to compare some prices so that I can show you how to get the best deal. On the Apple Store page along the left you'll see a link to the Apple Education Store. At this point, you'll need to verify which school you work for.

Once you've verified which school you go to or work at, the pricing will automatically change. In the MacBook Air example, the price is now $949, you've saved $50! (so buy me a cup of coffee) I used to recommend this option to most people who asked me for advice. As more people asked me, I really got started doing more searching around, and came up with a better way to get a significant discount off of that base price.

If you want to really get a good deal, your next best option is to purchase through MacMall. MacMall can afford to sell computers at a reduced cost to the public sector because they buy their computers from Apple at a volume discount. In most cases this is even more than any standard educators' discount. They are also able add some special incentives. Like a free printer or sometimes a free ram upgrade with your purchase. This 11" MacBook Air from Macmall though this special promotion is priced at $799, that's a savings of over $199 (20%!). You have to click on the link above to go directly to that page for purchasing from MacMall, they are also including a free upgrade to the latest Mac OS Lion. This probably the most economical deal going on right now.

If you want a little larger screen, your next best option is the MacBook Pro, with a 13" screen. The upgraded model on the Apple Store, lists for $1499, promotional price on this 13" MacBook Pro from Macmall is $1,349.

The next step up on the Apple Store, is the 15", it lists for $1799, promotional savings is about 14% on this 15" Macbook Pro from Macmall at $1,549. I generally don't recommend 17" MacBook Pro's at this time, they are gigantic and almost are an oxymoron when it comes to portability. However, if you have a backpack big enough to put it in (and a wallet to match) let me know and I can update this article with links to discounted 17" models as well.

How To Install Dell System Update Utility For Red Hat Linux on CentOS

After a failed drive on a RAID 5 set, on one of our Dell PowerEdge 2650's we needed a way to view the progress of the RAID controller in the GUI while the replacement drive rebuilt without rebooting the server and using "Ctrl-A" to enter the PERC3/di controller software which is available right after the BIOS post screen, this would kick everyone off and take the server offline.

Dell provides an OpenManage software suite which has a number of tools for updating bios and other system software as well as software that allows you to configure your RAID controller in your OS GUI. The Dell tools are natively built for Red Hat Enterprise Linux (RHEL) or Windows 2000/2003/2008 Server. If you still have an OpenManage subscription for any one of your servers, they'll continue to send you the latest revision of their software for both Linux and Windows platforms, VMWare versions of their software are now also being included, which is very handy, more about this is available here.

Unfortunately, the latest version (6.5.5 as of this writing) will not allow us to configure the PERC3/di controller on a Dell PowereEdge 2650, it's considered obsolete hardware within this software revision. While trying to install the OpenManage 5.5 CD that came with the Dell Server which is now running on CentOS, you may encounter this error as we did;

“Another instance of SUU is already running”

check out their FAQ
as suggested and;

run these commands:

chattr -i /var/log/dell/suu/suu.lck
rm -f /var/log/dell/suu/suu.lck

Which we were able to find from this blog.

Keep in mind the utility is made for Red Hat Linux, so some adjustments need to be made for it to run on CentOS.

Another problem we soon had was that even after the updated utility would launch on CentOS 5.7, the Server Update Utility (version 1.8.0.50) launched it's window, but only ultimately displayed an error that it was missing libstdc++5.so

Installing the Standard C++ Library helped and allowed it to get much further in the process;

yum install libstdc++

However, soon another requirement was needed, grab the Red Hat Compatible C++ Libraries as well, seemed to be the biggest help;

yum search libstdc++
yum install compat-libstdc++33

This should help quiet down the yelling Dell OpenManage does on launch. If you find it just won't shut it's trap about missing some this that, or other, I'd guess you'll be busy the rest of tonight tracking down something else.

How I Remember The Order of T586b Ethernet Wiring Color Code - A Tale Of 8 Wires

It was the best of times, it was the worst of times...

In the morning you started out with a little bit of sun light (orange-white)
A little later in the day you had a lot of sun (orange)
You find that in order for any plant or any life to start, you have to start with a little life/seed (green-white)
To make this grow and thrive, you'll need a lot of water to begin with (blue)
Over time, you'll add a little more water (blue-white)
This new life will enjoy it's greatest growth period during this time (green)
Then it turns just a little brown as old age sets in (brown-white)
Until finally it dies (brown)

Avirt Gateway Suite - SecurityMetrics PCI Scan

A customer called me about failing a PCI Compliance scan. Merchant retailers need to have a Merchant Account with a reputable company (a 3rd party) which allows them to accept credit cards.

The complaint was that the computers that I service failed the scan and that I needed to find out a way to "clean them up" this time. I often do have to clean the business computers there from spyware & malware they pickup, as they have a high employee turnover. (Link to software I use to keep computers clean) Expecting there to be a virus or spyware problem on the computer that processes credit cards, I connected remotely (link to service I provide). But soon found there were no issues, so everyone there has been watching where they surf. See my post about how YOU DO actually influence why you get spyware.

After speaking with the customer more and doing my own research, I found that the credit card processing company they're using hires a security firm, SecurityMetrics, to do network scanning on their customers computers, who actually are processing the cards themselves to take payment. Essentially, the credit card processing company hires out this security monitoring task. Which is smart, since the PCI compliance laws (link to discussion about this, maybe I have a rant/exposé coming about Cynergy--or whatever mine is, +Authorize.net Gateway) are changing all the time. While SecurityMetrics, as a company does sound a little shady and the information I got from the customer was sketchy as to the real problem. I did a little searching around, and got a better idea of what I was dealing with. This is part of the reason I'm writing this now, hopefully you'll be provided with more information or ask the right questions.

Short graphic about how this works.

Scanning customer computers, is this legal? Technically, no, since they are knowingly accessing unauthorized information. However, through the terms of your merchant account, you submit to this, for security reasons. All the while, you don't exactly know when they may do this. But then again, you don't really know when a hacker could try the same thing, so it's a safety mechanism for the credit card processing company.

When I received a forwarded E-mail regarding the results of the "scans" that were done on particular dates, by SecurityMetrics, I understood a little better what was going on. (result pages here with some details redacted)

I was authorized by the company I was working for, to speak to a representative at the SecurityMetrics company. Right away I was handed to a "scan technician" who discussed the results with me. SecurityMetrics will NOT offer advice on how to fix the problem, nor truly any specific details of how their scans are done, nor what your "exact" problem is.

The issue was initially reported as "Avirt Gateway Suite..." "Injection Vulnerability... (see emails). Initially, I thought they may have been scanning the website I also host for this customer, instead of the actual PC's they're processing cards from at their location, but soon I was able to verify with the scan technician, the IP addresses that were being monitored by the firm. They at least give you this as a starting point.

There were more details in the reports I mentioned earlier and with that, I was able to use this information to piece together this issue for the customer. Come to find out, it was only port 8080, a management port that had been open on a router at the site. To me this seems fairly common, but it did flag the customer from a 1, to a security threat factor of 4.

Yes Virginia, It Is Your Fault The PC Got A Virus

No sense in candy-coating it anymore. Why did your computer get a virus you ask? Because you're sloppy about the way you're searching for things online. Do you seek "free" things, like "free software" or "free music". Well, surprise, nothing is free, except the ticket to the slow train running to the spyware, virus, malware funhouse central. Don't click on advertisements! Period. Train yourself to recognize what is a logical place for true Windows notifications to come up, and what's likely a ploy to get you to click. Also be aware of how windows title bars appear on your actual windows, versus what's being shown on an advertisement. Change your desktop theme if you have to. The madness even continues within search results, the top results probably aren't credible, they're generally ads, train yourself to look beyond this.

Let's play a game, click here to take the test.

Public vs Private Domain Registration

While I certainly agree that some people believe a reputable company should have their contact information available in the whois record and not use private registration. I also have realized personally the long-term side effects of having a standard public registration. You will receive both solicited postal junk mail and electronic E-mail (spam). Private registration give you the ability to legally mask your authentic whois record information. Effectively putting a proxy between your contact information, and a spammer. The spammer can still send communication to either your private registrars mailing address (c/o you, in theory the registrar should forward this written communication on to you, it certainly works for e-mail). E-mail is sent to a proxied address so it's important to keep your current address on file with your registrar or private domain service company.

In summary, private registration should not have any bearing on the reputation of a company. You would think, that if a business has nothing to hide, they probably don't need to use this type of service, but for one reason or another, they may choose to use this service.

I have had several domain offers or requests for purchase through proxied E-mail addresses on private domain services and had no issues, so people are still able to contact you very easily, and particularly if you're not someone interested in selling out on your domain, then you can easily ignore these types of solicitations.

ICANN? requires you keep your whois information up to date. This is harder for anyone but you to know if you have done this, but you'll get notices regarding this, and just do your part to keep your information current.

WikiPedia vs Traditional Enclopedia, Round 3

Hard copy, bound encyclopedias are out of date, why would teachers force students to even reference them? People of the baby boomer generation still accept the flaws in the information provided in these dated reference tools. I no longer can recommend this. Students today don't even look at an encyclopedia as the authority, this concept is unknown to them.

This leads to the use of crowd sourced references, such as Wikipedia.com; which, when I was in college was not seen as a credible source. At one time we could know enough general information about a subject to be considered well rounded, that is to say, if we knew the encyclopedia definition of the given subject. However today, the depth of knowledge on one particular subject is entirely more specialized. If I want to know how to build a canoe, the encyclopedia can only tell me, it comes from a tree, a native American used to sit there for days or weeks at a time with a crude tool to hollow it out, and then he had a canoe.

Today, an individual specialized website will tell me the exact steps and tools needed to accomplish this goal; maybe even give you the labor intensive traditional route, and a modern way of doing it. Entire groups of people get together to discuss the topic, the wealth of information so completely exceeds comprehension, our brains cannot absorb it, so we (as the kids learned it seems at birth) put on the blinders.

The "Flash Drive" Naming Game

flash drive
flash media
jump drive
kangaroo drive
memory stick
crusier
sandisk
usb stick
usb drive
keychain drive
thumb drive
thumb disk

What do you call it?

Wikipedia indicates there are 25 different common household names for the device that should be referred to as a flash drive.

Original Ideas In Information Technology

It's really a troubling arena in which all information technology companies must play today, both large and small.

It's almost as if there is no way to manufacture something without stepping on someone else's toes in the process. Are there no more original ideas? Does it require legal counsel to even get your foot in the door?

I recall a quote from Alex P. Keaton (Michael J. Fox) on the 1980's T.V. sitcom Growing Pains as he told the history of the world to his younger sister Mallory. Relaying what he considered fact, that "All the original ideas were used up by the late 16th century". That quote has stuck with me for some time, and though humorous, does lead you to ponder more about what constitutes an original idea, than probably what the writers had ever intended.

Syndicate content