Wednesday, May 26, 2010

Family Proxy

Do you have a growing family at home slowly eating away at your bandwidth? Maybe you're a web surfing fanatic looking for a little more speed?

If you answered yes to either, a caching proxy is for you. This simple addition to your home network can provide you with additional bandwidth by reducing common internet bandwidth usage. Normally these types of proxies are found in the commercial world, but they're just as useful at home. Below is an image of a traditional multi-computer home network.

Traditional Home Network

So what is a caching proxy server? The concept is pretty simple: when a request is made to a website, that content is then saved locally on the local caching proxy server. When another request for the same data is made by any machine on your network, that data is retrieved from your local proxy rather than the internet. The content can be anything from regular website content to a file you downloaded. For those with multiple computers in a single household, the bandwidth savings really adds up with patches and multi computer driver updates. The change to the network configuration is really quite small:

Home Network with Proxy Server

At this point many are likely asking how much this costs. If you read my previous article, you would know the answer right away: "It's free and it's on Linux". I suppose I need to preface that last comment with the qualification that you need some old "junky but functional" hardware lying around. There are many different Linux solutions we can deploy to achieve this goal. For this article I have chosen a solution of Arch Linux, Shorewall, and Squid.

We selected Arch Linux because it is a rolling release and has the latest and greatest packages. If you are not familiar with the phrase "rolling release", in Linux it indicated a distribution that keeps you up-to-date with the latest software updates via the package manager. You will never have to re-install or upgrade your server from one release version to the next with this style of distribution. The great part about a rolling release on a proxy/firewall setup is that once it's set up and working correctly, you will not have to go back and completely overhaul the server when a newer distribution update comes out.

Along with the different types of OS and application solutions, there are also multiple ways to set up a caching proxy. My preferred setup is a transparent caching proxy. A transparent proxy does not require you to make any additional changes to the client computers on your network. You utilize the proxy server as your home gateway, allowing the proxy server to automatically forward the ports to Squid. The second way to utilize Squid would be to set up your client machines to utilize the proxy server via the proxy settings in your browser. Although this may be the easiest way to set up a proxy server, it requires you to make changes for any machine that attaches to your network. The table below shows what I selected for my transparent caching proxy server.
Test Proxy System
Component Description
Processor Intel Pentium 4 3.06GHz
(3.06GHz, 130nm, 512K cache, Single-core + Hyper-Threading, 70W)
Memory 2x256MB PC800 RDRAM
Motherboard Asus P4T
Hard Drives 120GB Western Digital SATA
Video Card ATI Radeon 7000
Operating Systems Arch Linux (32-bit)
Network Cards Onboard Intel Gigabit
PCI 100Mbit 3Com 3c905C-TX

I could have selected older equipment, but this is what I had laying around the house. As seen in the table, one of the hardware requirements for a transparent proxy is to have two network cards or a dual port network card. We recommend against using wireless for either of the connections to the proxy server, and a Gigabit Ethernet connection from the proxy to the rest of the network is ideal. (The connection to your broadband link can be 100Mbit without imposing any bottleneck.) Another quick suggestion: If you download a fair amount of files, it may be a wise idea to utilize at least a 120GB HDD. The idea is that the more space you have, the longer you can keep your files stored on your proxy server. With storage being so cheap, you could easily add a 500GB or larger drive for under $100.

Tuesday, May 25, 2010

Network Admin Vacation Tips

Summer is here — well not quite officially — but it is time to consider getting out of the office for a vacation! For the network administrator, this can be a challenging task. And if you are the only person of the IT shop, it can be a little daunting for your users. Here are a few tips I will share on how you can get away!
  1. Find your help.
  2. This can be a person in the office that has casual IT interest or someone whom you feel can step in to assist in a pinch. Get this person what they need, including access to systems. For the case of “if you need it” access, consider an envelope for each system and an administrator-level password in it. If the envelope is opened, then change the password or remove the additional account when you return. If elevated permissions can be added (such as to an Active Directory account) during the time-frame, that can easily be removed. This also may be a good idea to set up a Skype account for you and the temporary helper for quick questions should you be traveling internationally.
  3. Address what you know will be an issue.
  4. Chances are, there is something that regularly needs interaction. Whether this be changing the tape, a periodic reboot of a system, or moving a file through a system that gets hung up; it should be something you address. If you can, write up a procedure for each of these situations, especially the most common situations like restoring a file or resetting a system.
  5. Move schedules around.
  6. If there is something that is somewhat regular yet requires interaction above what you can comfortably hand off, maybe move the schedule so that it happens right before you leave or upon your return. In the backup tape example, maybe tweak the schedule so that a full backup happens right before you leave and incremental backups happen daily for 10 days instead of 7. Of course, make sure the overall level of protection is not affected!
  7. Upgrade the phone.
  8. If your organization has a commercial wireless account, you may be able to add additional features to your phone’s data plan to be fully connected during your absence without incurring fees on your personal account. This can also include international dialing.
  9. Clear the calendar.
  10. Don’t just blindly decline meetings, but try to push them to occur before or after your absence. For regular meetings, get the frequent attendees up to speed on your availability.
  11. Change passwords
  12. If you give someone privileged access to an admin account, prevent the password for changing during the vacation period and reset it upon your return. The same goes for your own user account, if by chance anything is using your user account - you would like to know about it beforehand. Change your own password as well a week or so before the vacation.
  13. Set up email auto responder and give some alternate contact.
  14. When I go on vacation, I’ll check in to both my work and personal accounts but still have an auto responder in place. The auto responder must state when you will return, how to get in touch with someone if this is urgent, and whether or not you expect this email to be replied to during your absence. You also may share your mobile phone with the helping person so that they can get you, even if only via a text message.
You can add more specific application and system tasks via automation. I’ve used Windows Scheduled Tasks or other scripts to do something that I know will be an issue, such as restart a delicate system, preemptively.

Monday, May 24, 2010

An Apple Ipad made of GOLD

The Web site for luxury gadget maker Stuart Hughes is at it again. This time it's a 22ct gold-plated iPad which has 53 sparkling gems over the Apple logo. It's listed at a mere £129,995 ($192,041). For more, read Rachel King's blog.
Although the products here stretch the imagination, some are listed on Virgin America's skymall
Credit: Stuart Hughes

Thursday, May 20, 2010

Technews

This blog is created for Technology news,updates,stuffs,links,downloads

Add the Late Indicator tool in Microsoft Project

One challenge in reviewing project schedules on a weekly basis is quickly identifying late tasks. In previous tutorials, I showed how to build the Behind Schedule filter and how to use the Slipping Tasks filter. Here’s another approach to identifying late tasks: using a graphical indicator. This is a useful way to review all the project tasks in one view and use a graphical indicator to indicate if a task is on or behind schedule.
Late Indicator

The Late Indicator (Figure A) is based on a simple calculation that looks at all incomplete tasks and compares the Baseline Finish Date to the Project Status Date. Like the Behind Schedule filter, the tool compares the project baseline against the weekly project status date. Note: If you don’t manage the project schedule using a Baseline Plan, this graphical indicator will not work. (If you don’t use a Baseline Plan to manage your projects, I hope this tutorial inspires you to do so.)

Figure A

Late Indicator

Once a project baseline is set and you record your weekly project status date in Microsoft Project, the graphical indicator will quickly identify all the late tasks in your schedule, as well as identify the tasks that are not behind schedule.

To build the Late Indicator, follow these steps:

1. Select Tools | Customize | Fields.

2. In the Type combo box, select the Number value.

3. Select an unused Number field (i.e., Number1, Number2, Number3).

4. Click the Rename button.

5. Enter Late Indicator in the Rename Field. (Figure B)

Figure B

Rename Field

6. Click the Formula button.

7. Enter this formula:
IIf([% Complete]<>100,DateDiff(”d”,[Baseline Finish],[Status Date]))

The formula (Figure C) examines all incomplete tasks and compares the Baseline Finish Date to the Project Status Date field. If a task is incomplete, the difference between the two dates will be reported.

Figure C

Late Indicator Formula

8. Click OK.

9. In the Values To Display section, click the Graphical Indicators radio button.

10. Enter the following tests, values, and images from the drop-down boxes. (Figure D)

Figure D

Graphical Indicators

11. Click OK twice.

At this point, a custom field has been modified with a formula that displays a graphical indicator. The next step is to insert the Number field into your Gantt Chart view and set the Project Status date. In my example, I modified the Number2 field and, to add it to my current view, I selected Insert | Column and selected the Number2 (Late Indicator) field from the Field Name drop-down menu. The last step is to update the project status date.

12. Select Project | Project Information. (Figure E)

13. Select the Project Status date from the drop-down calendar.

Figure E

Project Information

Once the Status Date is set, the graphical indicator will “light up” and identify the late tasks with the red bulb indicator. Remember that you’ll need to update your project progress weekly and change the status date accordingly. As the project progresses, the indicators will change. When a task is completed, the indicator will disappear as the indicator only looks at incomplete tasks.
Summary

Microsoft Project can present an overwhelming amount of data with its different views and underlying data tables. I find it useful to include graphical indicators in a project schedule so anyone viewing it can quickly determine if there are tasks running behind schedule. It can also be used in your status reporting by applying the Milestones filter.

Go ahead and experiment with the different formulas and graphical indicators available in Microsoft Project. In a future tutorial, I’ll share a few more useful formulas and graphical indicators that help improve status reporting.

How do I secure Internet Explorer with IEController?

There are plenty of schools of thought on this, but ultimately there are situations where IE is a must-use application. This could be per your company policy or even due to specific Web-site needs. Regardless, there are times when you have to (or want to) use Internet Explorer. For those instances, you will want to make sure that IE is operating as safe as possible. Of course the definition of “safe” is very fluid. Thankfully there are tools available that allow for such fluidity, while still helping to secure a very popular Web browser.
This blog post is also available in the PDF format in a TechRepublic Download.
IEController is a handy tool that allows you to:
  • Execute/monitor access
  • Control the execution of ActiveX controls
  • Control the execution of scripts, programs
  • Control requests to restrict and control files
  • Prevent ads
  • Log data traffic
And what is really nice about IEController is that it isn’t an installable application. Based on your settings, all this tool does is edit your Windows Registry file and create an icon for that particular instance of IE. You can also use IEController for any application that accesses similar protocols and tools as does IE. This means you can also secure other browsers as well, which is very handy. If it sounds a bit confusing, it’s not, once you see it in action. Let’s see how this works.

Step 1: Download and extract

The first thing you have to do is download the IEController Zip File and extract this file somewhere on your system. Unpack that file and you will see the IEController icon. You can always pin this icon to the start menu for quick access.

Step 2: Run IEController

Double click on the IEController icon to start up the application. The application consists of a single window housing multiple tabs (Figure A). Each of these tabs handles a different aspect of IE security.

Figure A


You will only see this menu the first time you open an application with IEController. So you will want to make sure you choose your settings wisely.

Step 3: Walk through the tabs

There are nine tabs, seven of which directly impact the security of Internet Explorer (with the only exceptions being the Configuration and the Log tab). The tabs are as follows:

Configuration

This tab is where you set up the icons you will use for your various applications. After you make all of your configurations you will come back to this tab and then click the Create Configuration Icon button which will then place an icon for that configuration on your desktop.

Active X

This one is the big one. As you can see (Figure B), this tab can control a number of the less secure IE features.

Figure B

 

What you are looking at is the default ActiveX settings in IEController. Add or remove them as per your requirements.
If you click on the Expert Settings button a new window will open allowing you to create unique allowed and disallowed objects. For this you will need the objects CLSID.

Programs

From this tab (Figure C) you can control which external applications IE can access. Although the list seems a bit on the small side, you can click on the Expert Settings button and create your own application listings to select from.

Figure C

To create your own, click the Expert Settings, then choose either black or white list, right click the pane associated with the list you want to use and select New Entry. The rest is simple.

Files

From this tab (Figure D), you can control what files IE can access. For the most part, this should be self-explanatory.

Figure D

 Just remember that anything checked is allowed. By default all items are set to allow.

Internet

This tab (Figure E) has some very interesting and powerful options available. From inbound to outbound TCP connections, to Verisign redirects and ad servers you can control seriously contain IE from this tab.

Figure E

 

Click the Expert Settings button and you can even create black/white lists of sites that IE can and cannot connect to.

Privacy

From this tab (Figure F) you can set keywords associated with sensitive data in order to prevent certain pieces of information from being transmitted unknowingly. In order to set this you have to click the check box and then manually add keywords for IE to watch for.

Figure F

 To create a new entry on this tab, right-click the blank area and select New Entry from the menu.

Registry

This tab (Figure G) is quite important. From here you can disallow write access to the registry. That alone is worth the price of admission. Of course this tab allows for the configuration of more than just registry settings. You can also set this up such that IE cannot modify the Internet connection as well as register programs for autostart.

Figure G


By default IE has write access to the registry. If you want to change this, click the box next to Disable write access to registry.

Miscellaneous

The final tab (Figure H) offers a few settings not related to any other tab. I have yet to use any configuration from this tab, but you might want to change the System logging function to Disallow to aid in the prevention of spyware.

Figure H

Do not uncheck the Always notify dangerous actions or else you risk bad things happening without you knowing.

Step 4: Create your icon

When you have finally finished your configuration, go back to the Configuration tab and click the Create Configuration Icon and then click the Start button. A new icon will appear on your desktop and IE will start with your configuration options set. Now, every time you start IE from that icon it will run with the same configuration. If, however, you run IE from the normal means, it will run with the default configuration.

Final thoughts

That’s it! You’ve set up IE as a more secure browser. You can also do this with other applications by simply dragging their icon onto the IEController icon. The IEController application will start and set options for that application. Just remember, you only see that configuration window the FIRST time you run an application with IEController.
IEController is certainly worth a look if you must use Internet Explorer. When you set IE up with this tool you will find it far more secure than the default.

 

Renewed hope for unemployed tech pros

According to the May career report from Dice.com, a full-time hiring revival is underway. Here are some of the encouraging findings based on their site activity:
Job postings for coveted IT positions jumped 20 percent month-over-month, while contract positions were flat. (The career experts at Dice say that this means companies are gaining confidence in their business outlooks again, which results in hiring of permanent staff.)
  • More than 2/3 of employed technology professionals have been approached at least once by headhunters since the beginning of the year.
  • Tech professionals are ready to move - a greater number of them are relocating for jobs.
  • The technologies that are capturing the most interest from tech talent are green technologies and mobile applications.
Number of jobs posted by zip code as of May 3, 2010:
Washington DC/Baltimore–7,969
New York/New Jersey–7,912
Silicon Valley–4,250
Chicago–2,856
Los Angeles–2,650
Boston–2,433
Atlanta–2,052
Dallas–2,020
Philadelphia–1,808
Seattle–1,729
And what about tech pros who are already employed? It seems that 53% of them have problems with their current positions but are not voicing these concerns to their companies. Their predominant desires are:
  • More money (at least 5% more, according to 93% of them)
  • Better career opportunities and work on new or emerging technologies
Maybe with the general employment picture looking up, employed tech pros will feel more comfortable making more demands of their current work situations.

Gmail snuggles up to the enterprise by exposing new APIs

Google gave Gmail another push toward the enterprise on Tuesday by announcing new APIs and “contextual gadgets” to enable powerful data viewing and collaboration from within Gmail messages.

Google’s stated goal here is to “intelligently display relevant information from other systems as you read your email, so you can be more efficient without leaving your inbox,” according to a post from Chandrashekar Raghavan, Product Manager for Google Apps extensions.

So, imagine employees being able to interact with CRM systems, ERP software, or Salesforce.com modules directly from within relevant email messages. This the kind of thing that Google wants to enable. In the enterprise, we often refer to this type of thing as Service Oriented Architecture (SOA), where disparate systems can work together and seamlessly access (and act on) the same data.

Rasghavan also shared additional details:

“Starting today, third party developers can build Gmail contextual gadgets and distribute them in the Google Apps Marketplace. These gadgets can display information from social networks, business services, web applications and other systems, and users can interact with that data right within Gmail. Contextual gadgets are yet another example how the power of the web can outpace traditional business technology.”

Despite the fact that Google is just now publicly announcing this and opening up the APIs necessary for developers to tap into it, a number of companies have already been working with Google to build a few of these contextual gadgets as examples, including some popular services like Xobni and Gist.

For enterprise customers (those on Google Apps Premier), Google has built in administrative controls to manage this new functionality. Rasghavan explained:

Like any other applications in the Google Apps Marketplace, a Google Apps domain administrator can install a contextual gadget from the Marketplace with just a few clicks. Both before and during the install process, administrators can review the portions of an email the gadget will have access to, and can revoke that permission at any time from their control panel.

CCNA

For CCNA Students