February 2005 Archives

This is too much. Verizon just showed up to check the phone line for a ticket that was never opened by a company I am no longer a customer of. Of course there isn’t a problem with the line now so we will see when my Covad service turns on.

Draw a map! Yes that's right, the golden rule of network troubleshooting is to draw yourself a diagram. How do the computers, switches, and routers plug in with each other on the network. Are you running VLANs, how is traffic supposed to flow from point A to point B. Put it all down, you don't need to use Visio a napkin will work in a pinch. After you have your map drawn, validate it, what happens when you traceroute/ping from point A to point B? Does the network follow the path you think it should? Where does it deviate from the path? Go to that device and traceroute/ping, are the results different? Inspect the routing table, where does the system think it needs to forward traffic to? If you are thinking to yourself that this seems really basic it is, but I guarantee that more often than not this will help you track down a problem.

This morning I was interviewed over the phone by Michael Cohn for a story in TechWeb's Security Pipeline, basically an opinion interview to include with an article on a receint study that is about to be released by the Florida Institute of Technology.

Slashdot | Study Finds Windows More Secure Than Linux "A Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers." In addition to the Seattle Times article, there is also coverage on VNUnet. From the article: "The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, 'Security Showdown: Windows vs. Linux.' One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint."

Do I believe in "secure by default"? No I don't. Why? Because you have to factor in how usable the system is by default. A computer that is locked in a room with zero network connectivity is secure by default, is it usable, not really? Of course, depending on who you talk to (Security Report: Windows vs Linux) you will hear different things about which Operating System is more secure, I think that is not the correct way of looking at this problem. The security of you platform is dependant mostly on the skill and dilligence of the Administrator maintaining the platform. I feel that there are far more junior/novice Windows Administrators in the world and this contributes to the problem greatly. There is no magic bullet when it comes to system security, a proper security strategy is multiple layers of overlapping and complimentary techniques and processes to protect your platform. So which is more secure, Windows or Linux... Linux

This morning after a week and two days of DSL outage, and more importantly Speakeasy changing their story every single time I talked to them, I gave up and canceled my service. It's really a shame, I was really hoping that they would be able to take care of their problems, but in the end they just couldn't do anything to get me back online.

See: Om Malik on Broadband � Why I think Speakeasy Sucks If I had read this post two weeks ago my response would have been completely different. I would have raved about SpeakEasy's connection speed, their customer service and support, and their fair prices. Today as I cross into my second week without Internet access (See: Verizon Strikes Again) and I keep hearing phrases such as: "DSL is a best effort service", or "we've opened a ticket with the phone company", or now tonight "Covad is doing an upgrade and their system is down", I am advocating staying away from SpeakEasy for an entirely different reason. They have absolutely no control over your Internet service and are completely dependant on not one but two third parties. What do I mean by this? SpeakEasy is purchasing DSL service from Covad so they are reliant on Covad, and Covad purchases access to the phone line from the phone company, so Covad is dependant on the phone company. So when your DSL goes down, SpeakEasy cannot do anything to fix it, they can only open a ticket with Covad, who in turn will open a ticket with the phone company. Yes SpeakEasy gives you things that the others will not, faster speeds for example, but who cares how fast your non functional internet access is? Unfortunately it is now the weekend and Monday is a holiday, but you can bet that come Tuesday I will no longer be a SpeakEasy customer.

After what seems like hours of experimentation and testing I can now say that I have a working VoIP based PBX running the Asterisk open source software. Initial concerns over call quality with DSL remote endpoints has been completely squashed with repetitive call quality tests. In the next week I will be replacing my company's current phone infrastructure and installing a PBX downtown in my Los Angeles Co-Location facility. My configuration: Server = Single CPU 1.7 GHz, w/ 256MB of Ram Line Card = Wildcard TDM400P Phones = Cisco 7940G

All of the major search engines are pushing Local search services (local.yahoo.com, local.google.com, search.msn.com, etc...), which I must say are getting really, really good. When I search for something that I am going to use more than once, I typically enter the information into Outlook that way it is available to me on my Blackberry/Palm. I would have to imagine that I am not the only person in the world doing this. How about a "Save VCard" option on the search results. I for one would really like to see this.

RSS has been both a blessing and a curse for me. On the one hand it allows me to subscribe to and read an amazing amount of content. On the other hand, I am completely overwhelmed now with the amount of information I am trying to disseminate on a daily basis. I am convinced that this is due in part to the interfaces that I am trying to use. Yes I have used Newsgator, Feeddemon, NetNewsWire, and lately Thunderbird. In the past I experimented with autogenerating my own web page based on RSS feeds to read. Nothing I have found comes close to the simplicity and ease of use as Google News, which is why I keep looking for alternatives. What am I looking for would be the question to ask. Most RSS readers are arranged after email programs. The title of the post is the equalivant of the subject line. When you click on the item, the complete post is displayed for you to read. This works great as long as you have under a dozen RSS feeds to read. I need a reader that allows me to read a configurable length excerpt for all the items at the same time. It doesn't have to be long, 20 words, maybe more, maybe less. This way things that peak my interest I can read, and things that don't I will pass on. The new RSS feeds in My Yahoo are the closest thing that I have found. But the service still leaves me longing for something different. Suggestions anyone?

"Network address translation (NAT, also known as network masquerading or IP-masquerading) is a technique in which the source and/or destination addresses of IP packets are rewritten as they pass through a router or firewall."

Except 99.999% of what people think is NAT is really PAT. If you only have a single public (external) IP address with several internal computers using it you are using Port Address Translation (PAT). If you have multiple public IP addresses and each internal computer is mapped to an external IP address then you are using Network Address Translation (NAT). Everytime someone says NAT I have to bite my tongue. I know it is a minor technicality but they are two different things. It's like referring to LVS as a cluster. Okay I feel better now that I have vented.

One of my cats likes to sit with me when I am working at my desk in my home office. She usually likes to sit either on my lap, my keyboard, or propped up against my laptop. Well I just realized that her prized location next to my laptop corresponds with the heat exhaust for the internal fan. Why a Cat who is covered from head to toe in fur needs to have hot air blowing on them is just beyond me. Bizarre I tell you, completely bizarre.

It never ceases to amaze me how fundamentally bad large carriers are. I have Speakeasy DSL at my home. Speakeasy's service is good, and I have never had a problem with their network. The problem is, every single time it rains I have some sort of problem with my phone line. And because DSL is dependant on the phone line, every time there is a problem with the phone, I lose Internet access. What sucks for Speakeasy is they are completely dependant on their carrier (Covad), and in this case their carrier is completely dependant on Verizon. I understand this, and I don't get too upset with the Speakeasy technical support people, but I need to have working Internet access. Back to the point, my DSL modem lost sync Saturday night so I called and opened a ticked with Speakeasy. They ran some network tests and verified that I wasn't crazy and then opened a ticked with Covad. Covad ran some more tests this morning and then opened a ticket with Verizon. Verizon confirmed there is a problem and needs to come out onsite to do work at the MPOE. Now the fun part... my time window for this onsite service is 8:00am to 5:00pm Monday, Tuesday, and Wednesday. Yes that's right. Verizon has promised to be here somewhere inside of a 27 hour block of time. The true irony of the matter is I have absolutely zero alternatives to Verizon. Any copper based service (ADSL, SDSL, IDSL, Frame Relay, T1) at some point runs across their equipment. There is always the Cable company (Aldephia) but I would rather go back to dial up than ever give them another penny. So I've come to the conclusion that my only real option is to set up an RF point-to-point wireless link and backhaul it to my Los Angeles Colocation downtown. Anyone in Santa Monica looking for screaming fast Internet? I would be interested in selling the capacity at my cost just to help subsidize my installation.

See: Macworld UK - PC makers want to license Mac OS - Jobs

Apple has to fight off three of the biggest PC companies, sick of the security bugs that plague Windows, wanting to license the Mac operating system.

Apple was first to manufacturer a personal computer that became hugely popular with both consumers and businesses. Without getting into the entire story Apple decided not to license their hardware designs for clone systems or their Operating System software to third parties. This opened the door for IBM and IBM compatible systems (think Packard Bell, Compaq, Tandem, HP, Dell, etc...) and more importantly the domination of the desktop by Microsoft. While Apple has made a huge rebound lately starting with their iMacs and the iPod, iTunes, i if this story is true I really don't know what to think. Is Steve Jobs turning down an opportunity to increase Apple's market share to be in a position to truly compete with Microsoft? The PC/Windows world is no picnic right now. HP just fired Carly Fiorina, IBM is selling their PC division, and Dell's earnings decreased despite record revenue to give a couple of examples. Time will tell if this was a wise decision by Apple, I am just worried that the company will miss another huge market opportunity.

I don't know how I missed this... This past week's episode of the West Wing starts with Christopher Lloyd playing Lawrence Lessig. Read more on Lessig's own blog: Lawrence Lessig

Yahoo! just continues to come out with new cool things. I have been playing around with their new Y!Q search and it is pretty cool. See:

Embedding Y!Q in your site Y!Q: Adding Context to Search Y!Q on my blog... (by Jeremy Zawodny)

I've embedded the Y!Q tags inside of the individual posts if you want to play arround with it.

In the process of verifying that all of my MovableType content came across correctly I noticied something interesting... I had been missing image and file content from several server moves back. I don't know how I overlooked that in the past, but I think it is all taken care of now. As soon as I can get a few minutes of sanity there is a lot of material that I have been meaning to write and post, basically an entire section of HOWTOs. A quick sample of topics to come:

1. Integrating Active Directory with BIND
2. Building an OpenSource based firewall with session state replication and failover
3. Replacing Cisco Routers with open source software
4. Network architectures and topology options available with today's intelligent switches and the design ramifications thereof
5. Optimizing system architectures with caching

And basically anything else that I find interesting and can find the time to sit down and write about.

So I've been migrating my Blog over to Wordpress today. The basic installation and import ran flawlessly which is a testament to the WordPress developers. Then came the catch, someone/something out there is actually reading my Blog. Most of it is spiders which I couldn't care less about, but there are actually honest to goodness readers out there. So tonight was spent creating proper rewrite rules and redirects to point the old content locations to the new ones. I still have much to do (the latest revelation was that I am missing images for posts for quite some time apparently), but I am making progress.

See: Slashdot | Fans Attempting to Pay for Enterprise

What started of as a suggestion to pay for season 5 of Enterprise has actully snowballed into a project that no one has ever attempted before, that of getting fans to pay for the production costs of a tv series. It has brought on board a raft of people including lawyers. I wonder if the quoted $50 to $80 million is reachable.

I must say I got a good laugh out of this one. I think it is amazing that the fans of this show are starting a campaign to raise enough money to keep the show on the air. But even if they raise the money, I doubt the show will survive. Why? Let me explain. Television shows exist to make the network money, the network makes money by selling advertising, advertisers pay money to the network to advertise on the show because the show is popular (has good ratings) and therefore has a large audience watching the advertisement. When a show gets pulled it is because its ratings are poor, and advertisers do not want to buy air time. There is not a network in the world that would put a show on the air (even if it was free) that was wasting valuable air time that could be sold to someone else. So lets say the money is raised to purchase more episodes and the decision was made to circulate the episodes via the Internet or DVD, would an actor continue working for this show with zero growth potential, or are they going to put their resumes out and start looking for more work. If you really want to save this show, get everyone you know to start watching it. With enough people watching the network will keep it on the air forever.

See: How GPS is Killing Lighthouses: Lights Out along the German Coast

The popularity of the satellite-based global positioning system has led to the closure of lighthouses along the German coast. Many more may soon be extinguished. But critics question whether the new system is reliable and safe enough to warrant the closure of these historical beacons of safety.

Yes GPS is great. Yes GPS will tell you exactly where you are in the world and how to get where you need to go. Yes GPS can allow you to safely navigate your car, boat, plane from point a to point b. Yes GPS can fail. My flight instructor is a big believer in learing things the old fasioned way. In his words, "you aren't even allowed to think about looking at the GPS display". I'm glad, because I believe exactly the same thing. Technology is great and allows you to be more efficient and more accurate in your task at hand, whatever that may be. But technology can fail. Electronic systems are dependant on power, no power no GPS. Then what do you do? Obviously the cost of maintaining these lighthouses is a big factor in this decision, but how long do you think it will take before there is a large enough disaster to warrant them coming back?

Tom just gave me a CD of pictures from my wedding. I can't believe that it has already been six months this coming week. Christina and I were talking last night about how quickly time is passing. Funny thing is, time is going faster not slower. Update: Okay, okay, I forgot to say it, of course I am very excited that my 6 month anniversary is coming up. It was supposed to be implied in the post :)

For Christmas this year Christina surprised me with an introductory Learn to Fly package from Proteus Air Services at the Santa Monica Airport. This has to be one of the most amazing presents that anyone has ever given me. Ever since I was a little boy I have dreamed of learning how to fly, in the past I even considered joining the Air Force. This past weekend I took my 4th lesson with brings my total hours in the plane to almost five hours. I have been long overdue in posting my experiences which I promise I will be adding soon. Check out my brand new site category: Flying.

There is a good HOWO available on the MySQL Developer Zone titled: MySQL Cluster: Two webserver setup. MySQL has supported Master->Slave replication for some time now. With the latest version of MySQL you can now run Master-Master replication. This allows you to load balance multiple MySQL servers for redundancy and scalability without having to write specific code for the insert/select sections of your application.

It has been quite some time since I have posted new content (and I have quite a lot to post) to my Blog. This basically boils down to my frustration with MovableType and comment/trackback spam. Ever since SixApart changed the Movable Type license to non-free, I have been meaning to install and experiment with WordPress. Well today's the day. This site is now running WordPress. So far I really like it, of course time will tell with the comment/trackback spam, but I would imagine that a GPL application will have more of a following over time when it comes to developing plugins.

I agree with Jeremy (see: Goodbye Mapquest) with Yahoo and Google both providing exceptional maps with their search results it will be difficult for Mapquest to keep it's revenue stream. maps.google.com It's fascinating the level and depth of information that search engines are providing today. It used to be that you would literally "surf" the web, randomly clicking from one link to the next. Yahoo started by providing a directory of sites based on categories, an online yellow pages of sorts. Today if you want something you search for it and chances are you will see what you want on the first page of results. Now we have local searches, tell the search engine where you are and what you are looking for and you get a map with icons. Computers and networks are getting faster and bigger, allowing organizations to store and retrieve more and more information. One day will we be able to retrieve all of the knowledge available on the planet on a cell phone?