Security is an important topic all the time, and lately the industry has been scrambling to address various vulnerabilities in this or that. The biggest threat to security is users who have weak passwords. Link to this article: http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time to see the top 500 most common passwords and consider how many you or someone around you have used or are still using. If your password is on this list you should change it immediately.

Passwords themselves need to be secure, but with the onslaught of password stealing going on (look back to Sarah Palin’s Yahoo! account being hacked), you should be careful when using password reminder schemes that ask for easily obtainable information such as your favorite color, or your first pet’s name, or the street you grew up on. These questions can be easily answered by people with nefarious intentions who can gain access to your password. Answer those easily guessable challenge questions with completely bogus information (but keep track of what you’ve used) and be sure that you’re the only one who knows that your mother’s maiden name was “telephone” or “red truck”.

I had previously disallowed comments due to too much spam, but I’m going to attempt to re-open the ability for folks to add comments. You just need to register and log in. Let me know if you’re having trouble by sending email to caretaker@sea-tug.com

I discovered and issue with XP SP3 the other day. It’s a bit of a special scenario, but for us it was a good catch.

Here’s the scenario:
- Multiple machines all members of a domain.
- Machines also have local user accounts.
- Machines are logged in with local user accounts.
- Machine 1 maps a drive to machine 2, where user1 also has a local user account.

The way this should work is: machine1\user1 attempts to connect to machine2\share and machine2 asks for credentials.  machine1\user1 says “I’m user1″ and machine2 looks at its own local user list and says “ok, give me your password”.  If the passwords machine1\user1 and machines2\user1 match, then machine2 assumes that it’s the same as machine2\user1 and lets the user authenticate.  Even if these machines are on the domain, local user pass through authentication will take place.

- Now for the bug: When machine 2 can not see a domain controller, User 1 can no longer access the share on machine 2 and gets an error about “there are currently no logon servers available to service the logon request”. 

Since these are all local accounts, it shouldn’t matter if there’s a domain controller available or not… the local user accounts should authenticate by themselves.

There’s a fix from Microsoft: WindowsXP-KB961853-v2-x86-ENU.exe – You may need to open a ticket with them before you can get the hotfix.

I’m always looking for better ways to organize my notes and have been trying to adopt Microsoft One Note for a couple years.

If you aren’t familiar with One Note, it’s an electronic version of the Trapper Keeper – multiple folders where you can store your docs, with fantastic integration to other Office products (read: word, excel, powerpoint, etc) in that you can print from the applications directly to One Note. You can also add notes directly and sort and search everything. The new version is much more visual, allowing you to organize pictures, back-of-napkin drawings, and other images as well. The big draw back to using One Note is that I work on multiple machines throughout the day and frequently all-out replace my PC. Having to find and reload One Note everytime I move away from my primary PC is a pain.  And intypical Microsoft fashion, they changed the data format between versions of the product.  Open your old notebook in a new version of OneNote and you can no longer open it in the older version.  So forget about swapping back and forth between multiple machines easily.

So I went looking for other options. The tried and true method of using Notepad (the most powerful32 bit program ever written) is starting to get old. It’s certainly more portable, and every pc on earth has a way to modify text files, but the functionality is starting to be a little basic (no images, basic formatting, etc).

I also ran across TiddlyWiki which is a portable browser based solution – a very slick idea. Java based, blog-style note-taking which you manage in a broswer but store on your thumbdrive. Interesting – it solves the offline dilemma, and keeps the data private (it’s not on the internet). A little wonky to use and get used to, but has great potential.

My favorite cloud based solution so far is Evernote. It’s a lot like One Note, but it’s cloud based, so no matter where you are, you have your data – so long as you have an internet connection of course. There’s also a blackberry app that integrates with the camera, so you can take a snapshot of say, a whiteboard, or a product you see in the store and want to remember to go looking for a cheaper source, then send the image to evernote and review it later.

I also am intrigued with the idea from iCloud. A virtual desktop in the could. Log in with a browser and launch your virtual desktop. Save documents, notes, pictures, bookmarks, email… everything. Still a little early on the curve for this service/application/whatever, but definitely slick. I imagine this is what Chrome is going to be like, somehow.

Also worth mentioning is a little tool called Sitejot that allows you to keep all your bookmarks together… so no matter what machine you go to, your bookmarks are available. Not like del.icio.us, but a good way to organize yourself.

In terms of core functionality though (organizing notes and data) I have always liked this little free application called “Keynote”.  I can’t tell if it’s still supported by the author, but it’s free, small, fast, very easy to use, and pretty portable (it still has to be installed to use, but it’s so small you can leave the installed on your thumbdrive and install it on multiple PCs whenever you need it.

I also came across this software the other day in the category of “Mind Mapping”: Freemind. It’s basically a note taking tool with hierarchical connections a visual mapping of relationships. I haven’t quite gotten the hang of it yet, but it might be worth taking a look.

I’ve also been looking at commercial network and application monitoring solutions such as Openview.

One thing is clear: everyone is collecting the same data whether it be SNMP, WMI, agent-based or Netflow – but it’s the back-end database and correlation abilities that really set each of the applications apart.

One of the most unique applications I’ve seen lately is Opnet’s suite of tools from AceLive and AceAnalyst to their Panorama product.

Other interesting tools I’ve seen recently are from Dynatrace, Tidal, and Nimsoft.

Let me know if you’ve got something you think I should look at.

I recently went looking for a cheap, easy to use and effective network monitoring system. I was thrilled to see so many great options available. When I dug in a little more I found that a lot of the options that looked great weren’t that easy to use.

I need something that I can drop in at a remote site either in a VM, or on a standalone PC and watch services, ports, eventlogs, and ip endpoints and alert when there is an interruption in the connectivity to them. It should also be able to capture and display a historical view of network traffic.  Inventory features would be nice, but not necessary.  Finally, it should be easy to send alerts to a blackberry either as email or SMS messages upon outages and restoration of service.

Here’s what I’ve been looking at:

Alchemy Monitor
Hyperic HQ
Groundworks
Zenoss
Spiceworks
OpenNMS
Intellipool
Solarwinds Orion
The Dude
Zabbix
Packettrap
Big Brother
What’s Up Gold

For reference, whether you love it or hate it, Wikipedia (or Wack-a-pedia as some people call it) has a great chart comparing the features of these and more: http://en.wikipedia.org/wiki/Comparison_of_network_monitoring_systems

I found OpenNMS was a good package, but the performance in my VM was so horrible I never even got as far as setting up alerts. I’ll probably give it another shot on a dedicated pc to see if that helps.

Zenoss seems better than Groundworks – both of these run on Linux and I downloaded the precompiled VMDKs from their respective sites. Setting up alerts was a pain, and trying a to add services was difficult and/or confusing.

So far my favorite has been Hyperic. The best functionality with Hyperic is with an agent loaded on the target server, but it can also be set up to monitor IP addresses and TCP ports.

Solarwinds is a great product, but the entry price is pretty steep, and it doesn’t have application level monitoring unless you buy an additional module. I tried to convince their sales guy to introduce a small-office version of the product (say monitored 10 systems) for $199 but he didn’t want to hear it. Too bad, because I think product is pretty mature and easy to use, too.

Alchemy monitor is fantastic at monitoring ports and services and sending alerts. The interface isn’t very fancy, but the functionality is spot-on. Set up a bunch of services to monitor (and the extensibility is great here, too) and set up alert targets, and let ‘er rip. There’s a simple web interface for keeping an eye on the status, too. It would be better if you could add new alerts and targets from the web page.

For a quick and dirty solution I’m going to try Dreamsys Server Monitor and PRTG together.  Dreamsys has a very easy to use interface for IP addresses, Ports, and Services, and PRTG is the best SNMP monitor I’ve seen.  I would easily have substituted Alchemy for Dreamsys, but free being what it is, it beats out the $400 price tag of Alchemy.

I’m going to keep looking at as many solutions as I can find – let me know if you’ve got something I should look at.

For Sql 2000 and up, execute this query:

SELECT SERVERPROPERTY(‘productversion’), SERVERPROPERTY (‘productlevel’), SERVERPROPERTY (‘edition’)

For older versions, try this:

SELECT @@VERSION

This MS article has some info on how to interpret the results: http://support.microsoft.com/kb/321185

SQL default trace enabled Option

Use the default trace enabled option to enable or disable the default trace log files. The default trace functionality provides a rich, persistent log of activity and changes primarily related to the configuration options.

Read this article to get an understanding of how you can see who’s made what changes to your SQL server (ie: deleted or created tables, etc).

Talking about WordPress Internet Explorer 8 Accelerator | anant garg

Did you know there was a WordPress Internet Explorer 8 Accelerator? I just stumbled across it and it seems to work well. I love the idea of the IE8 Accelerator functionality, and now it works with my favorite blog platform, too!