Archive for February, 2008

h1

Networking Apple Computers

February 17, 2008

Apple Computer Inc. developed their own networking protocol – called AppleTalk – back in the mid-1980s. It can run over Ethernet, Token Ring, and FDDI (Fiber Distributed Data Interface), as well as Apple’s proprietary twisted-pair cabling system, known as LocalTalk (around 230Kbps). Access to Mac-based file and print services was done through a protocol known as AppleShare. Apple systems can be connected to NetWare (NetWare Client for Mac), Windows (Windows NT Services for Macintosh), and Linux/Unix servers (various solutions) either via an Ethernet or LocalTalk NIC, but the LocalTalk NIC isn’t too well supported these days. The ideal Mac connectivity solution is to use Ethernet and TCP/IP. You can’t run TCP/IP directly over LocalTalk, but it is possible to encapsulate TCP/IP packets in AppleTalk packets over LocalTalk.

h1

Viruses and Spyware (A Primer)

February 16, 2008

The word “Virus” is often used as a generic term to define all malicious files that do bad things to your computer. But, the term is specific to a malicious program that needs human interaction in order to run (i.e. you have to do something to make it activate).

Macro Virus – A macro is a computer programming language built into a larger program that is used to automate tasks. A macro can be as short as a few lines of program or it can be a massive program, containing millions of lines of code. It can also be be designed to run as soon as the program is opened. The basic strategy contained with a macro virus is to embed the virus within an e-mail, which then must be opened, allowing it to run. The trick to this, of course, is tricking or somehow convincing the person into launching the attachment to let the virus do its thing.

Memory-Resident Virus – A memory-resident virus get’s into a computer’s RAM, and then it corrupts specific files and programs. When the PC is shut down, all information, including the virus, is purged. Memory-resident viruses can slow down the performance of your computer by stealing system resources. They can damage data and system files, stopping your computer from running altogether.

File Infector VirusesFile infector viruses attach themselves to files with extension such as .txt, .doc, .xls, .pdf, etc., making them slightly bigger in size and execute whenever the file(s) is/are run. These viruses can damage program or data files, they can damage crucial files and cripple your PC or even eat your data.

Boot Viruses – A boot virus affects the boot sector of your floppy or hard drive. The boot sector is an area on a disk that contains a program that starts the computer when it’s first switched on. A boot virus swaps itself for the program that boots the computer and spreads to other disks when it’s active. This type of virus infects any disk with which it comes into contact. It can render a PC unbootable, requiring reinstallation of the O/S.

Multi-Partite Viruses – A multi-partite virus can infect a computer several times using a whole range of techniques. The idea is to attack a PC at several vulnerable spots, including files, programs, disk drives, and macros. These types of viruses are very complex, and are very cleverly designed. They can do all sorts of nasty things, including rendering your PC unbootable and making files unstable. The hard part of removing these is they are extremely adept at hiding themselves. Just as you think you’ve caught all traces, you suddenly discover more files!

Worm – A worm is a virus that moves from computer to computer across a network. Many worms e-mail themselves to addresses found in the address book of an infected computer. They arrive as attachments, and once opened, they replicate on that system and start the process all over again. Worms basically cause a slowdown of network traffic as they replicate from computer to computer over a network, they can “clog” all network connections. Worms can crash computers and computer networks.

Trojan Horse – A trojan horse disguises itself in the guise of a file, also called a dropper, which allows it to escape detection by an anti-virus program. Once the attachment is opened, all hell breaks loose. Not only can it ransack your data and files, it can vandalize your desktop, delete files, and even create a backdoor, which gives the hacker a way to snoop around on your computer or even take control of your PC and use it to attack other systems on a network (called a bot). A trojan horse can also deploy viruses onto your PC.

Virus Hoax – These are not really viruses, per se, but they are just as annoying. A virus hoax starts as a simple e-mail that is sent to a person, usually in the guise of a “friend” trying to warn you about a new virus. The e-mail contains details about a virus terrorizing the Internet. People who don’t know better do the steps outlined (such as deleting specific files), unaware that doing this may very well remove essential files/folders that the computer needs in order to do its job.

SpywareSpyware is software that is written to capture information about you – where you live, buying habits, etc.  Spyware is considered malicious because it installs itself on your PC without your knowledge, and then watches your online habits and comprimises your privacy. It also pushes unwanted advertising at you. See that pop-up window on your PC? Yep, that’s spyware at its finest. It doesn’t push just any pop-up window at you, however. It tailors pop-ups to things it believes you will enjoy and may very well click on. Spyware can clog up your system’s memory and use space on your hard drive, causing performance slowdown. Some spyware capture your keystrokes and send them to a third party, which can potentially expose user IDs and passwords to thieves. Like a trojan horse virus, spyware can also install an electronic backdoor program, allowing a hacker to gain access and control of your computer. Spyware can sneak onto your computer by arriving as an automatic download from a Website you’re surfing. It can trick you into click on a link that will then download the spyware to your PC (an example is a link telling you you’ve won some sort of prize). Spyware can be embedded in the installation of a free program or piece of pirated software you download. It can also arrive on your system from an e-mail attachment. That Google or Yahoo! toolbar? Yep, that’s spyware. To get rid of it, download and run a third-party anti-spyware program such as Ad-Aware, SpyBot Search and Destroy or Spyware Doctor. Spyware can also hijack your Internet browser. One example of a truly devastating piece of spyware that can reek havoc on your computer (and I can attest to its damage) is SpySheriff.

h1

Server Capacity Planning

February 10, 2008

Capacity planning, also called right sizing, is a process by which you develop a working model or hypothesis for the amount of loading that is placed on your server and the power of the server necessary to balance that load. Once you successfully determine the right size for your server(s), you will have achieved the following five goals. In order of importance, they are:

1. Adequate server levels – Your server will be able to service the clients for the service it was intended to provide, not only for average loads, but also for peak loads.

2. Reasonable Excess Overhead – You don’t want to buy too much server and have much of your investment lay idle.

3. Appropriate fault tolerance – The server should be operational enough of the time to be satisfactory to your users. Additional redundancies cost additional money, so right sizing your server requires you take this factor into consideration.

4. An upgrade path – As your service grows over time, you’ll eventually need to increase your server’s capacity. This may mean you need additional processors, memory, network connections, and so on.

5. An appropriate life cycle – An appropriate life cycle is what makes your investment in the server reasonable. A server deployed for Windows 2000, for example, and upgraded to Windows 2003 has a longer potential life cycle than a server stuck at Windows 2000. The average useful life of a first-line server is somewhat longer than that of a PC, because server motherboards have more upgrade options. Most PCs are written off after about three years of service within a company, whereas servers typically have a life cycle of about four or five years.

h1

VLANs

February 10, 2008

A Virtual LAN is a type of logical network that exists as a subset of a larger physical network. In smaller networks, the network can be divided into segments fairly easy, with little administrative overhead. Splitting the network into segments allows network data and broadcast data to remain on the local segment, without broadcasting data to the entire network as a whole. Segmentation of LANs also provides extra security because a user on one LAN won’t have access to another LAN without special permission.

Unfortunately, segmenting a larger network into smaller networks can be tedious and may involve the purchase of extra networking equipment, such as switches and routers, along with extra cabling to separate them. This is where a VLAN can help, because the network segmentation is performed through software, rather than hardware. VLANs have the capability to isolate network traffic on specific segments, and even provide crossover functionality to enable certain VLANs to overlap and allow access between them.

The capability to create VLANs is dependent on the capabilities of your network equipment. Most modern switches and routers support the use of VLANs, which can be enabled simply through changing the configuration of the network device.

Three basic types of VLANs exist:

Port-Based VLAN – The port-based VLAN uses the specific port of a network switch to configure VLANs. Each port is configured as part of a particular VLAN. To assign a client workstation to that VLAN, they need to be plugged into that port.

MAC Address-Based VLAN – The MAC address-based VLAN tracks clients and their respective VLAN memberships through the MAC address of the NIC card. The switches maintain a list of MAC addresses and VLAN membership, and they route the nettwork packets to their destination as appropriate. The advantage of MAC address-based VLANs is if their VLAN membership changes, they don’t need to be physically moved to another port. One drawback is that being part of multiple LANs can cause confusion with the switch’s MAC address tables. This model is recommended for single VLAN memberships.

Protocol-Based VLAN – A protocol-based VLAN is the most flexible and logical type of VLAN. It uses the addresses of the IP layer to assign VLAN settings, so an entire IP subnet can be assigned a certain VLAN membership.