soundtraining.net website links
Thursday, December 24, 2009
The Story of the PING Utility
Monday, December 21, 2009
Dealing with a simple DOS attack
It's been an interesting past few days. Sometimes I feel like I'm living in a Rube Goldberg contraption! One of our servers got hit with a DOS attack last Friday night. It wasn't too bad and I was able to use several commands to figure out what was happening and deal with it. I thought I'd share them with you:
- I first used "netstat -lan grep -c :80" to check the number of connections to port 80. It was about three times normal.
- I then used "netstat -atun awk '{print $5}' cut -d: -f1 sed -e '/^$/d' sort uniq -c sort -n" to identify which IP addresses had the most connections open. I found a large number of connections from three unique IP addresses.
- I then created static blackhole routes for those three IP addresses to block the source of the attack and my server was back up. Here's the command: "ip route add blackhole w.x.y.z/32" (where w.x.y.z is the address I wanted to block and /32 is the mask)
I'm not including explanations of all the options here. Use man, info, or Google to look 'em up.
This is not a permanent solution and it won't work for a Distributed DOS attack, but it did allow my server to begin answering HTTP requests again. A more permanent solution (perhaps it would be better described as a "less temporary" solution, since there probably is no permanent solution other than disconnecting from the Internet) will be to create a set of firewall rules to identify an attack (say, an accelerated number of connection requests within a set time frame) and drop the packets from that source. There is a fair amount of complexity involved in getting it right, but I'll blog on it and let you know what I find.
Thursday, December 10, 2009
Installing Gnome or KDE after initial setup
I've seen a lot of forum posts with questions about installing desktop managers such as Gnome and KDE after you perform the initial installation of Linux. Many of the issues seem to be related to installing the desktop environment without installing the X server. The thing to remember is that X provides the foundation for graphics in Linux/Unix. If you don't have X, you don't have graphics, so you have to install X before you can use the desktop environment. If you don't, you'll get errors such as "no server "X" in PATH" or "xinit: Server error"
Here's how to do it (two steps) on Red Hat-based systems (Red Hat, Fedora, CentOS):
- $ su -
- # yum groupinstall "X Window System"
- # yum groupinstall "GNOME Desktop Environment" or
- # yum groupinstall "KDE (K Desktop Environment)"
Presumably, it's similar on Debian systems, but you would use apt-get instead of yum.
If you want to go crazy with graphics, install beryl as well. Falco Timme as an excellent tutorial (all of his tutorials are excellent) at HowToForge.com.
Thursday, August 27, 2009
Hidden Gems
One of the things I always teach in our Cisco ASA workshops is how to preview commands in the Adaptive Security Device Manager (ASDM) before sending them to the appliance. It's easy and it's also a great way to familiarize yourself with the command-line interface (CLI). Here's how to do it: In the ASDM, click on Tools>>Preferences. On the General tab, in the Communications section, check the box to "Preview commands before sending them to the device".
Here's another handy learning tool for the Cisco ASA: You can run the ASDM in demo mode. You must first download the ASDM demo software from Cisco using your Cisco login. Make sure to download the appropriate demo version for the version of ASDM software you're running. For example, I recently downloaded and installed asdm-demo-621.msi. Once the demo software is installed, you can run it by starting the ASDM launcher and checking the box to "Run in demo mode". ASDM demo mode provides a great way to explore the ASDM and familiarize yourself with its extensive capabilities.
Saturday, June 20, 2009
Email Notification of Event Viewer Events
Wednesday, May 13, 2009
My Top 10 Favorite Websites for I.T. People
Last month, I shared my top ten favorite tools for I.T. pros. This month, I'm sharing my top ten favorite websites for I.T. pros. This would have been a fairly easy list to compile, but then I decided to filter sites by six criteria as follows:
- It had to be a site that provides information I need
- It had to be a site that offers good stuff for free. It's okay if they charge for premium services, but there just had to be a lot of good stuff for fee. That eliminated sites like Experts-Exchange.
- It had to be a site that is substantially about I.T. That eliminated sites like Wikipedia and Google.
- It couldn't be a vendor site. As good as they are, I just didn't want to include Cisco, Microsoft, Sun, etc. on my list. Hey, it's my list; I get to choose!
- It couldn't be a tools site such as Solar Winds. As helpful as those types of sites are, I wanted sites that were primarily about information.
- It could be a site that I don't necessarily visit often, but one where I subscribe to their RSS feed such as Paul Thurott's WinSuperSite.
After I created the six criteria, I realized that there are really only about five sites I use regularly (other than vendor sites and, of course, Google and Wikipedia). So, here are my top five, plus five more sites that I don't use often but which are helpful.
The five that I use regularly:
- http://www.techrepublic.com/ (General knowledge)
- http://www.linuxquestions.org/ (Linux knowledge)
- http://www.howtoforge.com/ (Linux configs)
- http://www.rfc-editor.org/ (Look up RFCs)
- http://www.winsupersite.com/ (Windows knowledge)
Five more that are definitely worth a look:
- http://www.webopedia.com/ (General knowledge)
- http://whatis.techtarget.com/ (General knowledge)
- http://www.tomshardware.com/ (General knowledge)
- http://www.computerperformance.co.uk/ (Windows scripting)
- http://www.computerhope.com/ (General knowledge)
I'm sure you've got favorites of your own. Leave a comment and let me know what they are.
Thursday, April 9, 2009
My Top 10 Favorite Tools
I've been building a new desktop computer for my office. (When I say "build", I'm speaking of installing an operating system and software.) As I've gone through the process, I've been thinking of all the tools I install and use. Lots of tech writers like to share their favorite tools list and I thought I'd do likewise. Here are my top ten, in alphabetical order:
HashTab: This very handy shell extension provides a great way to validate hashes for downloaded files. Download it at http://beeblebrox.org/
Inssider: This utility scans for wireless access points and displays MAC addresses, SSIDs, channels, signal strength, security, and speed. Download it at http://www.metageek.net/products/inssider
IrfanView: IrfanView is a must-have tool for viewing and performing basic manipulation of graphical images. It's a very fast, lightweight tool that allows you to crop and resize images and save them in different file formats. Get it at http://www.irfanview.com/
nmap: nmap is the king of port scanners. 'nuff said? Get it at http://nmap.org/
Notepad++: This is a replacement for Notepad on your Windows computer. I mentioned it last month. Get it for line numbering, if nothing else, but it offers a lot more than that. Download it at http://notepad-plus.sourceforge.net/
psTools: This is a suite of tools developed by Mark Russinovich of Sysinternals fame. They allow you to manipulate many aspects of remote Windows systems from the command line (subject, of course, to authentication). Unix/Linux admins especially will appreciate them. http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx
PuTTY: PuTTY is the must-have terminal emulator for Windows. Anyone who administers network devices or servers from the command-line needs this. It can be downloaded as part of an installation package that includes key generation and management tools. http://www.chiark.greenend.org.uk/~sgtatham/putty/
Tftpd32: This is a lightweight, yet powerful TFTP server which also includes a DHCP server and a Syslog Server. http://tftpd32.jounin.net/
WinSCP: For transferring files securely between your laptop and your web server (You don't actually use FTP, do you???), this is a great piece of software. I love the drag-and-drop capability of the Explorer-like interface and the seemless support for public/private keypairs is great. http://winscp.net/
Wireshark: Formerly known as Ethereal, this is Gerald Combs masterpiece. If you're really serious about understanding what's happening on your network, you've already used Wireshark. If you're a newbie, Wireshark is one of the fastest and best ways to elevate yourself past the "newbie" stage. http://www.wireshark.org/
Friday, February 6, 2009
Five New Free Articles Available
We've created a new area on our website with free articles on various technical and workplace skills topics. You find the article you want and we'll send it to you for free. Many of the articles are lessons taken from our various workshops and seminars. The URL is www.soundtraining.net/free-docs.
I just uploaded the following articles:
- Most Important Weblinks for I.T. Pros
- Building a Site-to-Site VPN between Cisco Routers
- vim Quick Reference Guide
- Ten Ways to Delight Your User
- Configuring SSH (Secure Shell) for Remote Login on a Cisco Router
I'm going to try to upload a significant number of articles regularly (subject, of course, to income-producing activities). Let me know what you think.
Thursday, January 29, 2009
Thanks for your support
We're in a time of tremendous change right now. (Please forgive the understatement.) The reality is that, in good times and bad, there's always a need for quality products and services. You have my firm commitment to continue providing high quality learning solutions at fair prices, delivering great value. That's what we expect from our vendors and that's what you can expect from us.
We're Growing!

Week of Geek
