Thursday, March 31, 2011

Troubleshooting: The human side of the technical process

I have a friend who is working on a new hardware deployment for a large bank.  He ran into a couple hiccups and called me for my opinion.  After reviewing his configuration and not seeing any obvious problems, I suggested he confirm that the hardware is working correctly.  He did the usual stuff such as swapping out cables, but still no love.

Read more at my Computerworld blog...

Kansas City: Barbeque and Google high-speed fiber. Ahhhh.

When I lived in Kansas City, Missouri, a lot of us looked down our noses at Kansas City, Kansas.  Big mistake.  Google has selected Kansas City, Kansas as the place where they're going to build their ultra highspeed network, bringing gigabit Internet to the home.  Here's their blog post about it.

As much as I love Seattle, this video made me stop and think about what it would be like to live there again.  That made me think of Rosedale Barbeque and Polski Days on Strawberry Hill.  I'm not going to leave Seattle, but KCK is really rockin'!  (Sergey Brin must like barbeque.  I knew I liked that guy!)
Did Seattle apply?

Setting up a wireless bridge with DD-WRT

For some time, Linux folks have upgraded the firmware on Linksys wireless routers to DD-WRT for the added functionality it brings.  If you're not familiar with DD-WRT, it's a Linux based alternative OpenSource firmware suitable for a variety of WLAN routers and embedded systems.

Here's a cool blog post by Ken Hess about how he connected his data center in his garage to his AT&T wireless modem using an old Linksys wireless router and DD-WRT.  In addition to being a very interesting technical solution, it also demonstrates Ken's keen understanding of the importance of domestic tranquility!

Tuesday, March 29, 2011

Do IPv4 addresses have monetary value?

Microsoft has agreed to pay Nortel some $7.5 million for 666,624 IPv4 addresses.  Now, blogger Bill St. Arnaud suggests that an IPv4 address could be worth $200.  I don't doubt that might be true.  What strikes me as funny, almost pathetic, is that ultimately the IPv4 address space will be worth nothing.  Today, it wouldn't be worth much if only we, in the IT community would have completed the migration to IPv6 by now. 

Please don't flame me with all the cliche (but true) arguments about the complexity and challenges of a migration.  I'm aware of all of that.  Some of the migration challenges are beyond our control.  For example, the last time I checked, Comcast was still not supporting IPv6 at my home.  Many, perhaps most, consumer IP devices don't support it.  At the enterprise level, many organizations have recently begun testing it, but the risks of any mass migration must be considered.

Regardless, eventually we'll all have to move to IPv6, but until we do, we run the risk of having to spend hard-earned corporate and private dollars on currently-expensive/eventually-useless IPv4 addresses.

Anyone want to bet on how soon IPv6 becomes the main transport protocol of the Internet?

Tuesday, March 22, 2011

Disaster recovery planning: How to convince an unconvinced boss

The tragedy of the earthquake in Japan and the resulting tsunami serve as stark reminders of the importance of disaster planning and preparedness.  As IT people, we understand the importance of disaster preparedness, but how do you convince reluctant management to support it in the budget?

Read more on my Computerworld blog...

If it can happen to RSA, it can happen to anyone

The recent RSA breach, in which the SecureID algorithm was pilfered, is just another reminder to test and monitor your systems.  Of course, it's impossible to protect every system against all attacks, but if your systems are compromised, you want to be able to demonstrate that you took reasonable precautions to ensure system integrity.  I have a client who is currently going through PCI-compliance testing.  This client is fairly sophisticated in terms of their understanding of IT, yet they were surprised at some of the vulnerabilities the compliance testing uncovered.  Even if your organization doesn't accept credit cards, the PCI DSS compliance process provides a great way to test and harden your systems.  PCI offers a free Self Assessment Questionnaire to help you get started.

Monday, March 21, 2011

More press for the ASA book!

There's even more press for the ASA book. This time, it's at IT Knowledge Exchange. Not only did they do an interview, but they're doing a book giveaway as well. Check out their site and maybe you'll win a copy of my Cisco ASA book.

The tiny cube that could cut your cell phone bill

Bell Labs at Alcatel-Lucent has created a new wireless antenna, roughly the size of a Rubik's cube, that can provide wireless (2G, 3G, and 4G) service to about two city blocks.  It has minimal power requirements, should be easy to deploy, and is centrally managed.


Check out an article here.  This is the kind of stuff that keeps me excited about technology.

Friday, March 18, 2011

Ubuntu and the family con't

The Ubuntu experiment continues to go well.  It's mainly non-remarkable, which is the way you want it.  The OS just seems to perform well.  Last night I used RhythmBox to rip some songs from a CD and it worked much better and easier than Windows Media Player.  It loaded very fast and all I had to do was click the link to copy songs to my computer.  No complaints from the family and, in fact, they like things like the wobbly windows and rotating cube.  So far, so good.

Wednesday, March 16, 2011

Internet Explorer 9 is out. Yawn.

Microsoft released Internet Explorer 9 on Monday.  My fellow Computerworld blogger Richi Jennings has collected several comments from other bloggers about IE9.  My issue is that I've become addicted to Mozilla Firefox and its many useful extensions such as Blank Canvas, Firebug, and Saved Password Editor.  The problem Microsoft faces is that there's really no reason for me to switch from Firefox, so the fact that they came out with a new browser just makes me yawn. 

It's kind of like Bing.  Bing appears to be an excellent search tool, but I'm very happy with Google.  I'm so happy, in fact, that I don't feel an inclination to move away from it right now.  At some point in the future, Google may mess up and do something stupid to drive me away (the history of business is littered with executives damaging or killing great companies by making bad decisions...I've done it a couple of times myself).  If that happens, then there's an opportunity for someone else to move in and take over.  Unfortunately for Microsoft, since Firefox is a global community project and not a project of a single individual or company, it's not likely to make the same missteps that a company might, so they may never have an opportunity to make a difference.

Sure, I know MS has a huge market share, but that's based on their dominance of the desktop.  Given the importance and growth of cloud computing, that dominance is likely to decrease and, with it, there goes the market share for IE. 

Inertia favors the incumbent.  For me that's Firefox.

Sunday, March 13, 2011

Ubuntu and the family

So far, my experiment with Ubuntu 10.10 and the family computer seems to be working well.  I had a couple glitches with the video until I remembered that this computer had an old TV tuner card in it which we no longer use.  It had a conflict with the video card.  Once I removed the TV tuner card, the problems went away.  I was able to set up all the cool graphic effects like rotating cubes and wobbly windows.  I installed Skype from the Ubuntu software center (kind of like the App Store or Android marketplace) and it detected the webcam with no problem.  I also wanted to install the Pandora desktop application, which isn't officially supported in Linux.  I installed Adobe Air and was able to install the Pandora desktop app with no problem.  (I'm listening to Arcangelo Correli as I'm writing.)  So far, the only issue seems to have been the TV tuner card, which I would guess is not an issue for most people. 

Friday, March 11, 2011

Are you ready for IPv6 day this June?

I've recently written several posts about IPv6 including one titled You can't hide from IPv6 much longer and another one titled More on IPv6.  The last IPv4 addresses were handed out in February of this year and the countdown is on.

Major websites now supposedly support IPv6 including Google, Facebook, Verizon, and Netflix.  Check out Facebook's IPv6 address in this screen capture from using nslookup:

Someone has a sense of humor!  (Ya gotta love engineer humor.)

World IPv6 Day is June 8th, when major providers will be enabling IPv6 on their networks (many have already enabled it).

You can test your IPv6 readiness at, which is good for hours of entertainment.  That same website has an entire page devoted to IPv6 day.

Yes, conversion to a new transport protocol is challenging and potentially dangerous.  Yes, it will happen eventually, so you might as well start the process of preparing now.  See my previous posts for more information about the changeover process, including websites for more info about how to do it.

Thursday, March 10, 2011

Trying Ubuntu desktop with the family

My family has a computer in the kitchen which we use for looking things up on the Internet, playing music through Pandora, watching YouTube videos, and Facebooking.  When guests come to the house, they'll often use it for checking email and many of the same things my family uses it for.  It has been running Windows 7 for some time.  A couple days ago, it started acting like it had a virus or had memory going bad.  I mucked around with it for a while (sound familiar?) and wasn't able to fix it.  I was growing increasingly frustrated (sound familiar?), but then I had an idea.  Considering what we use it for, why not just slap Ubuntu desktop on it?  I could run the live CD version for a while, see how the family likes it, and if everything goes well, eventually install it on the HDD, replacing Windows.  I ran into one snag with the video card drivers where the CD was spinning, but the screen was blank.  I found a solution on (thank you).  So now, I've got Ubuntu 10.10 running on the kitchen computer.  We'll see how the family likes it and I'll let you know what happens.

We're getting press!

There's been quite a bit of interest recently in my book The Accidental Administrator:  Cisco ASA Security Appliance.  The good folks at WebSpherePower just published a link to it and Network World posted an excerpt as a guest blog.  Thanks to these great publishers and to my publicist Paul Krupin!

Wednesday, March 9, 2011

Another handy little utility in 2009, I published a list of my top 10 favorite free tools for IT people.  I created several videos demonstrating some of the tools and published them on my company's YouTube channel.  I've recently been using another free tool that I thought I'd mention...just in case you're not familiar with it.  When you need to find out what's clogging up a hard drive, you can use the free Windows utility WinDirStat.  It gives you a great, graphical representation of your hard drive and the things that are taking up space.  From their website:

"On start up, it reads the whole directory tree once and then presents it in three useful views:
  • The directory list, which resembles the tree view of the Windows Explorer but is sorted by file/subtree size,
  • The treemap, which shows the whole contents of the directory tree straight away,
  • The extension list, which serves as a legend and shows statistics about the file types."
I find myself using this tool a lot, especially on the family computer which somehow seems to get its hard drive filled up faster than other computers.  Hmmmm.

Tuesday, March 8, 2011

Basics of solid-state drives (SSD) including security concerns

Like many of the people who read this and other IT-oriented blogs, I've been keeping an eye on solid-state drive (SSD) technology for some time.  It seems likely to eventually do to hard-disk storage what digital cameras did to film, but how well do you understand SSD today?  What about security concerns such as encryption and drive-wiping?  I ran across this blog post on Tech Republic which does an excellent job of introducing you to the basics of SSD storage and includes a good introduction to the security concerns associated with SSD.  I hope it's helpful.

Saturday, March 5, 2011

More on IPv6

A couple days ago in a previous blog post, I mentioned an AT&T white paper on IPv6.  I also mentioned the importance of preparing now to migrate from IPv4 to IPv6, even if you don't see such a migration as imminent.  Here's a link to Cisco's IPv6 documentation and here's where you'll find Microsoft's stuff on IPv6.

Friday, March 4, 2011

The unhelp files: When documentation fails

In a recent Cisco ASA workshop, one of my students bemoaned a call he placed to tech support. His company is a big client of a well-known security software vendor. He had unsuccessfully attempted to find the answer he needed in their documentation, so he called their help desk. The rep he spoke with berated him for not looking up his solution in the documentation and condescendingly pointed him toward the document with the answer. (There's never an excuse to treat another human being disrespectfully.)

Frankly, most of the IT people I know would prefer anything over calling tech support and only place such a call as a last resort after every other avenue has failed. In this case, the vendor's documentation failed and so did their technical support staff.  In this blog post on my Computerworld blog, I share five tips for writing great technical documentation and include a link to a video with even more ways to improve your technical documentation.

Read more on my Computerworld blog...

You can't hide from IPv6 much longer

This is the year that we run out of IPv4 addresses.  Many of my students have made signs of the cross and other similar reactions to the mention of IPv6, but it's coming.  Just like most major transitions in our IT world, we can try to put things off, but eventually we migrate.  Whether it's Windows 98 to Windows 2000, IPX/SPX to IPv4, or Ami Pro to Word (I know, I'm showing my age), eventually we migrate.  That said, if you haven't started thinking about your migration process from IPv4 to IPv6, it's time.  Here's a quote from a recently-released AT&T white paper on the subject, "For enterprises the transition to IPv6 will not happen overnight. The process takes thorough planning, preparation and execution. The number of “edges” and the depth of the network that must be IPv6–enabled will impact the complexity of the transition. Even a simple transition may take 6 months to implement."  The paper, IPv6:  Complete these five steps to prepare is an excellent starting point for you as you begin to think about your IPv4-IPv6 migration.  It requires registration, but it's a good enough paper that I think it's worth it to recommend to you.  What are your plans for migrating to IPv6?