Diary of a Network Geek

That would be the Fourth of July, better known as Independence Day, which is tomorrow.

For those of you outside the U.S., tomorrow is the day we celebrate our independence as a nation by barbecuing and having parades and, most of all, by firing fireworks.  And, oh my, there will be fireworks displays, both large and small, and there will be photographers at everyone one of them trying to capture that feeling of joy and freedom in an image.  Personally, I…
Read More

As I’ve mentioned before, I don’t really make New Year’s Resolutions any more.

In fact, I haven’t made them in quite a few years.  That’s not to say that I don’t make goals, but I don’t base them on the passing of the year.  Frankly, it’s a pretty arbitrary construct and I just don’t find it particularly useful.  But, looking back, 2014 was a pretty good year.  For instance, it was the year that I started meditating regularly and that has…
Read More

Happy Independence Day!

For those of you outside the U.S., today is the day we celebrate our independence as a nation by barbecuing and carousing and having parades and, most of all, by firing fireworks.  All across the country, there will be fireworks displays, both large and small, and there will be photographers at everyone one of them with tons of gear trying to capture that feeling in an image.  My personal suggestion is to just go and enjoy the show,…
Read More

Naming kids is easy, but naming systems is hard!

And, no, I don’t mean giving your phone a pet name.

I have gone on at length in the past about the importance of naming systems.  It’s a big, big deal, especially if you ever have to go back and change any of those names!  Granted, it’s not as bad now as it was in the old days when you had to manually update dozens, or sometimes hundreds, of host files or configuration files, but, still, it’s a pretty big deal.  So, naming systems are often a topic of discussion, especially among hardcore network geeks.  I’ve been in more than one meeting about choosing a naming scheme that devolved into name calling.
So, there are many schools of thought on this.  One group of people think that the name should be meaningful, giving location and function information.  That’s a good idea, but it often results in names like HOUNOVFILESERV001.  (And, yes, that’s actually a name I used on a server once, for a company that no longer exists.  It stands for HOUston NOVell FILESERVer number 001.)  Sure, it tells you what you need to know, but they quickly become unwieldy to type and maintain.
Another group would say to name your servers, or routers, or what have you, after any group of things that will be easy to remember, like the names of the Seven Dwarves, or characters from the Dilbert cartoon, or, even, at one place I worked, the names of the old Space Shuttle fleet.  And, while I’m not a huge fan of that for many things at a business, it can be fun to ping a Cisco router named Elvis just to get the response “Elvis is alive”.  Certainly at home, I tend to favor a more fun approach using something light-hearted, like the names of cartoon characters or mythological beings or something similar.  But, my problem is always, which set of “things” to choose?

Well, the Naming Schemes Wiki solves that particular problem.  Yes, someone has started a wiki that gathers all the different naming schemes you all can think of in one place for your viewing pleasure.  And, in spite of any protests from your significant other, you can select, at your leisure, a naming scheme to use on your network that makes you smile.  (And, stop looking at me that way!  I know I’m not the only person in the world with a home network big enough or complicated enough to warrant having to choose a naming system for it!)  The maintainer also encourages you to add your own scheme, if, somehow, it’s been missed on this site.  Or, to add to any of the existing pages if you have something to contribute.

So there you have it!  All the endless naming possibilities for your home networking project this weekend!
Y’all have fun!

Really?  Are they bringing this one out again?

I’ve heard about the dangers of “cyber war” almost since I got started in this business twenty years ago.  Essentially, since the internet existed, people have been claiming that dangerous hackers are going to take over our infrastructure from within.  Sound familiar?  Like, oh, say, the Red Threat of the Cold War?
It’s pretty easy to get IT guys like me whipped into a frenzy about this.  Back in the day, Winn Schwartau wrote THE go-to book on the subject, [amazon_link id=”B00127UJMO” target=”_blank” container=”” container_class=”” ]Information Warfare[/amazon_link], and in that book he talked about a so-called “Cyber Pearl Harbor” that ushered in a new era of digital warfare.  Well, now, it seems, ZDNet is reporting that we may have already had our so-called Cyber Pearl Harbor.  According to security researchers at McAfee, and elsewhere, several targets, including the United States, have been under a five year sustained cyber attack and they went on to speculate that a “state actor” was likely behind the attacks.  A security consultant at Sophos pointed out that fingers are usually pointed in China’s direction when government-funded and supported cyber attacks are discussed.  And, I have to admit, based on the other forms of espionage, especially industrial espionage, that we’ve seen from them over the years, it wouldn’t surprise me if they were using the Internet to attack various sites remotely in an attempt to get restricted information of various kinds.

But, is this a “Pearl Harbor”-like event?  I mean, really?
Do you see people rallying around this issue?  Are hackers joining the U.S. Military to defend our cyber borders?  If they are, it’s one of the best kept secrets in the world right now.  Seriously.
Pearl Harbor was a galvanizing event in our history.  That one event is what got us off the fence and into World War II, as a nation.  Honestly, I don’t see that happening here, or anywhere that high-level computer tech is the focal point of the debate.  We may rely on that tech to get our jobs done or to entertain us, but, really, most people don’t have any idea of the security work that goes on behind the scenes.  This is an invisible war, if it even can be called that.
Again, I think it’s a new form of Cold War.  It’s a battle waged in the shadows against an all but invisible enemy.  It won’t be fought like a conventional war of any kind, much less like World War II.  And, if the cyber war is an apt metaphor at all, then it’s a war we’re already fighting.

Oh, and as for the Chinese, well, they’ve already used their influence as a global market to get a partial retraction from those fine folks at McAfee, who are now claiming that there is no definitive link to any “state actor” of any kind, much less China.  Of course, I’ve only seen the back-peddling on a single, English-language, but Chinese supported, news site.  Still, that, my friends, is the view of the new global economy and the real war.  Big governments will start to throw their weight around and corporations will “adjust” their position on the truth to tap the market and access their bottom line.  Of course, that’s nothing new, either.  China’s been doing that for years.  Only now, they may be the biggest market still available in the entire world.
Looks like we all better start learning Mandarin!

Regular readers know I’m not a big fan of outsourcing.

I am, however, even less of a fan of off-shoring.
Now, before someone calls me racist again, let me say that I have no problem at all with non-US citizens making money, no matter what country they’re from.  Honest!  I’m friends with more than one proud Green Card holder!  But, I’m not a big fan of shipping jobs to a foreign country when someone right here in the United States is out of work and can do the job.  In fact, for years I’ve advocated what one company I worked for did; Rural Sourcing.

Of course, at the time, we didn’t call it that, but, as it turns out, that’s what it is.
We had a call center in a very rural town, connected to our data via a satellite.  In fact, they were connected to the same service bureau that we were.  It was a pretty good deal, all the way around.  We got decent, cheap labor, that spoke English without an accent to our American customers.  They got better jobs than the local sugar beet canning factory.  Yeah.  That was our employment competition.  Can you guess where the majority of the people in town wanted to work?  I’ll give you a hint, it wasn’t standing on a production line with high-speed machinery.

So, while this isn’t new, it is, apparently, a newish idea for corporate America at large.
In any case, take a look at the article on Tech Republic; First Rural Sourcing Effort Proves Successful.
As I mentioned, it’s not new at all, but it must be a new concept for the author of the article.  I think it’s a great idea.  It CAN be cost effective to use local developers and local call centers in rural areas.  I don’t think it’s wrong to try and pull some of this business back from overseas.  I think it’s good, smart business.

Yeah, yeah, happy New Year to you you, too, now, go change your passwords.

No, seriously, change your passwords.  Think about how long it’s been since  you either setup that account or changed the password on it.  Now, consider that there have been some significant security breaches in the past year, including the issues at Gawker and their family of popular websites, and think about how many places you’ve used that same password.  It’s your favorite one, right?  The one you use for all your accounts, because it’s so, so easy to remember?  Guess what, it’s also probably easy to crack and is probably in a database on some hacker/cracker website right now matched up with the e-mail address you used, too.  How long will it be, do you suppose, before someone gets into all your accounts?

Right.
So, go change your passwords.
Not sure how to pick a good one?  Well, if you trust the U.S. Government for security, you can go to their Computer Emergency Readiness Team (aka US-CERT) for advice on choosing a secure password.  If you’re like me, though, you categorically do NOT trust a government agency for your personal security, in which case I recommend that you check out premier security expert Bruce Schneier’s advice for picking a secure password.

I’ll offer two bits of advice on the topic.
First, if any system lets you, choose a password that includes numbers and special characters, not just letters.  The example I always use is “@2brutus”  And, yes, that means I will NEVER again use that as a password. *sigh*  I like to substitute numbers for letters which resemble them, like the number one instead of the letter L or the letter I.  In the example, I’ve taken a  whole word out “et” and substituted the “at” symbol, or “@”.
Secondly, try to use something that is not a single word, but a phrase.  Again, in the example, I took my bastardization of “et tu brute”, which I remembered as “et tu brutus” and mashed it up a bit.  I have known people who use short sentences, however.  One guy I worked with occasionally used lines from Lewis Carroll’s [amazon_link id=”0810911507″ target=”_blank” ]Jaberwocky[/amazon_link], which adds the extra security of words that will most likely never be found in any standard dictionary of any language.

So, trust me on this, if you haven’t done it, start the new year right and change your passwords.

Advice from your Uncle Jim:
"It is better to be approximately right than precisely wrong."
   --Warren Buffet