Technical Blogs and Musings

21Apr LinkedIn Is Not Facebook

I received another LinkedIn invitation to connect from someone I have never met and cannot discover why I should accept it because their profile is less than adequate.  This posting is being made so I, and anyone wanting to use it, can nudge these folks into using LinkedIn more appropriately.

Just when it does not seem possible, another social network site starts up.  With so many of them it is understandable that people are getting confused and lose track of what the original intent of the various sites was for.

Using the search engine of your choice one can find many hits on the etiquette of social networking sites.  I am going to keep mine short and pertinent to my LinkedIn use.

  • Keep your profile private until it is something you can be proud of.  I have ignored many invitations to link because your incomplete profile is not one I want to have linked to me.  Add a picture, work history, groups, interests, and anything else that will make your profile one that would make sense for people to link with.
  • LinkedIn is not Facebook or Google+.  It is, at the time of this writing, the world’s largest professional network.  Keep it professional.  Don’t get confused between “friending” someone and “linking” to them for professional reasons.
  • Invite for the right reasons, not for the purpose of inflating the number of links.  If we have something in common with the work we do or have common business interests, feel free to send an invite.
  • The default connect message is “I’d like to add you to my professional network”.

If you get a reply to your connection invitation with a link to this post, don’t be offended.  Nobody is trying to hurt your feelings, rather we want you to know why the invite was not well received.

 

26Feb Avast Version 7 Has Remote Support

On February 23, 2012, Avast released version 7 of their anti-virus product.  A longstanding reason I like and recommend Avast is the boot time scan feature that allows scanning and cleansing prior to the Operating System fully loading drivers, startup programs, or other places where viruses or trojans can hide from scanners.  My FAQ on how to perform a boot-time scan is one of the most popular on my site, mostly due to referrals from Avast’s support forums.

A noteworthy new feature is Remote Assistance.  This little jewel can be found clicking the Support section next to the Settings found in the top right of the application window.  Once the Support section is open look for the “Remote Assistance” section and click on the “Use Remote Assist” button.  This will open a window with two options, to control or be remotely controlled.

Select whether to be controlled or control

In my case I plan on using this to support my customers that have Avast (as most of my customers do).  I would have them click on Allow Remote Control.  This will open an outbound connection to an Avast server that will initiate a waiting session and display a code.

Enter code screen

This code needs to be relayed with a chat, text, telephone call, or e-mail to the person that is going to connect.  In this case when I clicked the Control Remote Computer option from Figure 1 a window opened with an area for me to type those codes.

Enter codes to obtain remote control

Once I type in the code and click connect I have remote control of the other computer, allowing me to fix a problem or provide some help without involving a road trip!

This method of both systems initiating an outbound connection to a server bypasses many firewalls and is similar to several other remote support programs.  As with any powerful tool like this, use with caution and be sure you trust the other party.

18Dec Using Google Voice for Home or Small Office

Back in June I wrote of my experience moving a Vonage land line to an integrated Sprint/Google Voice number in the Consolidating Phone Numbers posting.  Six months later I have not regretted the move.  In fact, with good contact management, it has proven invaluable to route calls to different lines, send to custom voice mail greetings, and so forth.  Adding the GV app to my Android phone enhances it all the more.  Texts, incoming and outgoing calls, recorded calls, and voice mails are all in a single place.

Keeping my ear to the track for more GV developments I came across a multiple part series by David Gewirtz on ZD Net.  As of this writing it includes:

Of particular interest in the Cheapskate’s Guide article is a $50 device called an OBi110.  This device plugs into your internal network and also has an RJ11 jack to backfeed into your phone lines.  Configured with a GV account it rings your traditional telephones or allows you to use them to place calls, all using GV.

All were interesting and decent reads.  His instructions are easy to follow, so don’t be intimidated and think you can’t benefit as we have.

24Oct Hiding Windows 7 Wireless Security Key

Try as hard as we might to protect assets such as company laptops with antivirus, automated patching, least user privilege, encrypting drives, and encrypting wireless networks, there are still scenarios necessitating a user to have local administrative privilege.

When setting up a laptop’s wireless security key I was dismayed that the key is visible to anyone with admin rights by checking a box.  Gaining access to the key could easily compromise the network by giving the user capabilities to add devices that might not meet standards and approval.

Searching found mostly returns that this is “by design.”  I was able to find how to reliably block it by combining methods from a few search results.  Below are short, simple steps I thought I’d share and have for future reference.  Though these steps have worked several times for me, some of the sites I gathered the original information from state it may not be consistent on every system.

  • Open a command prompt as an administrator (right click, select “Run as administrator”
  • Run Regedit
  • Browse to HKEY_CLASSES_ROOT\AppID\{86F80216-5DD6-4F43-953B-35EF40A35AEE}
  • Right click on the key
  • Select Permissions
  • Click Advanced button
  • Select Owner tab
  • Highlight Administrators group and then click OK
  • Under Security, highlight Administrators group and set Permissions to Full Control
  • Delete the key

Now the key will always be dots and the check to reveal it will not stick.

15Jun Consolidating Phone Numbers

Introduction
Being employed in the IT sector, as well as having a small business on the side, I was intrigued with various telephony services and how they might enhance my availability. The problem I needed to mitigate was a result of having too many telephone numbers.

Enter Google Voice (GV). GV is not a telephone service, but is a web based service to let you get calls through a single GV number to multiple phones. It works with landlines, VoIP services, and cellular phones. You can receive and place calls from the phones added to the GV account or from a computer with microphone and speakers by logging into your Google account. The key to usefulness is having your contacts and groups of contacts configured so a custom greeting can be set for different callers or groups. Based on the contact and/or group the call can route to one or more of the phones configured in your account, or even straight to voicemail. Voicemails and texts are all in one place. You can check voicemails by calling your GV number, signing into GV, or getting transcriptions texted or e-mailed to you. There is a ListenIn feature to hear messages as the caller leaves it, record calls on the fly if you don’t want to write down important information the caller is telling you, texting capabilities, even switch phones on the fly without the caller knowing. An Android smartphone and the GV app installed adds even more convenience.

Allow me to explain the history of my ‘too many numbers’ dilemma and how I solved it using GV.

Background
Years ago to prevent arguments over home telephone use I added a second land line. Its primary use was to allow the first line to be designated as the “family” line. No geeky calls from friends or associates and no work related calls were allowed on it. Total phone numbers=2.

About eight years ago I ported the second land line number (“my line”) over to Vonage to enjoy unlimited long distance, SimulRing, voice-mails e-mailed to me, and a host of other Voice Over Internet Protocol (VOIP) benefits. Total phone numbers still=2.

What started as a cell phone for emergencies during the late 90’s has turned into my HTC Evo with Sprint’s unlimited data/unlimited mobile to mobile/and more minutes than I can use. Sprint’s coverage at my house is poor and the number of dropped calls forced them to admit it. To keep a customer they gave me a femtocell. It plugs into my network and converts calls on Sprint phones registered to it (up to 100) to VOIP calls, further reducing the number of cellular minutes used. Total numbers now=3.

Being a network guy for a system that includes a 911 center I follow developments in telephony. A company called Grand Central caught my attention with its “one number to rule them all”. When Google announced their purchase of Grand Central in July 2007 I immediately signed up to participate in another one of Google’s betas, Google Voice. Total numbers=4.

A promotion at work led to interaction with people outside of my team nearly mandating me to have a DID (direct inward dial) line instead of a shared number used by about 10 of us. Total numbers=5.

So over time I picked up five telephone numbers all with outgoing caller ID or printed on business cards enabling people to obtain my numbers. Yes, I could block the outgoing info but that would be cynical as I find it irritating when I receive unknown or private calls.

People from work picked up my personal numbers or cell number. Friends discovered my work number. No matter where I was, I wasn’t at the number someone was trying to reach me at. I was patching Vonage’s SimulRing and Cisco’s (from work) mobility to ensure I wouldn’t miss calls.

This became quite problematic. I needed a way to consolidate the numbers into one so that GV’s service could manage incoming calls based on contact information.

Solution
Google’s announcement that GV would begin porting numbers was a great piece of news that quickly became a disappointment. Because most people knew my land line number from Vonage it would be my choice number to keep. GV’s number porting was only for cell numbers.

An announcement in March 2011 by Google and Sprint that they were forming a partnership definitely caught my attention. Perhaps I could port the Vonage line to Sprint, THEN enable the Sprint-GV integration.

To prepare I contacted Sprint. They were more than happy to port my Vonage number. In their eyes I’m sure they’re thinking it’s one more long term customer if I’m getting rid of a land line. The lady helping me said the number would be ported on Friday. That surprised me as it was a Wednesday evening I spoke to her. Sure enough, that was too aggressive. I called back on the following Tuesday and was transferred to a number porting specialist. She told me Vonage held the number longer than expected but it was to transfer at midnight. To prepare she had me turn off my phone and pull the battery while she worked some configurations on Sprint’s end. When I turned on the phone it downloaded updates. She also instructed me to turn it off before midnight and leave it off for up to an hour.

When I turned it on the next morning (Wednesday) the number still was not ported. Once again I called Sprint and again was transferred to a number porting specialist. This one got it right and we tested receiving and placing calls.

I then logged into my GV account. All of my numbers were still there so I deleted my old cell number and the new one which was the ported Vonage number. I added the ported Vonage number, now my Sprint number, back and it immediately asked if I wanted to integrate them. I clicked that I wanted the first option to make my Sprint number my GV number. Then I followed a pop up that if I’m using the GV mobile app for Android to sign out and back in. I did, following the instructions when I signed back in.

During all of this I found two links that need shared:

1) http://www.google.com/support/voice/ This is Google’s Voice support home page.

2) http://www.sprint.com/landings/googlevoice/?ECID=vanity:googlevoice This is Sprint’s FAQ that answered my questions about possible billing changes such as how the integration might affect mobile to mobile or texting charges.

It wasn’t without issues
Three days after succeeding in the port I still had dial tone on my second Vonage line. Logging into the Vonage router indicated the number was still provisioned and yes, I could still place calls from it and the calls displayed the number that is now my Sprint number. One would think that after handing a number to a competitor Vonage would have known to take care of this. A call to Vonage support to cancel service was painless and swift, taking about 15 minutes. During the call the tech assisting me asked if I would accept a discount for one year on my first Vonage line to keep me as a customer. Since there are no plans on getting rid of the family line I accepted her offer of $12.50/month for one year of Residential Premium Unlimited World plan (a reduction from the $25.99/month I was paying). So now I’m saving ~$40/month by getting rid of the second line and paying half for the first!

Another Vonage problem discovered while testing; a Vonage subscriber calling my ported number would receive a message that the number dialed is not in service. Another call to support resulted with a promise from the tech that the number would be removed from their databases in 2-3 business days. It took them all three days but was fixed as promised.

After the porting of the landline from Vonage to Sprint a texting issue became persistent. I was not receiving texts from numbers from outside of the Sprint network. A sprint tech worked with me for about 45 minutes and finally said he did all he could remotely. He told me to take the phone to a Sprint store and tell them there’s a ticket with instructions with what needed done. I did so the next morning. Joe, the local Sprint store manager, did several things including resetting the phone. Fearing that was going to happen I made sure I backed up my apps the night before so it only took a few hours of downloading and restoring to be back up and running. However, I was still not receiving texts outside of the Sprint network. Throughout the next two weeks Joe and I worked with support and each other. He began to take a personal interest in this problem when Sprint support started treating him like any other id10t. He would call me with updates on the ticket, have me bring the phone in, and finally got somewhere when they decided to rebroadcast the porting of the number. The thinking seemed logical that not all carriers received the information. Later a tech from Sprint called and was dismayed that it didn’t work. I was assigned a “Fix Agent” which was explained to me as a single point of contact with resources available that other techs do not have. My Fix Agent called within 20 minutes of the assignment. He asked me for numbers of someone I know from Verizon and T-Mobile that could send a text or two daily. He was going to have Sprint’s “Pairing Partners” watch for texts from those numbers destined for mine as they left their respective carrier and see where the messages died. He stated there are several steps involved, and that though they might get the first step working they need subsequent messages to ensure completion through all delivery steps. Within two days and five texts from each I started receiving them. Thanks Larry, and a huge thanks to Joe for his persistence. I’m referring everyone I know that’s in the market for a phone to you Joe and I hope your supervisor reads this so you receive something for being such a rare breed of caring employee.

After all of the problems Customer Support prorated the days of no texting so I did get some credit on my bill. Then to my surprise they gave me a $125 credit for a porting promotion I didn’t know about. Combined with no second Vonage bill and half price for the first Vonage line, I’m happy with not only the outcome of my project’s original intentions but also the financial aspect.

Conclusion
Would I do this over again? Absolutely. The ability to manage incoming calls based on the contact is fantastic. Any computer/laptop with speakers and microphone becomes my telephone. I truly have only one number I ever need to give despite if my office, home, cell, or other lines change.

01Apr Android Favorites and Recommendations

When I purchased my first Android in the summer of 2010 I immediately found how useful of a tool it can be. Much of the usefulness comes from the various apps. Conversations with business contacts or Beer:30 chat invariably had a slew of suggestions to me, the newbie.

The avalanche of information made it easy to forget more than I could remember. Yes, there are a lot of Android based sites but for my acquaintances and me I decided to create a mailing list. For readers not subscribed you can do so from my Conact page if you so desire.

With time and membership growth I’ve received a few off-line comments either in person or via e-mail from newer members asking if there’s an archive or way to find past recommendations of apps. Though this may not be the most ideal method, for now it’s a beginning.

I’ll start by posting a few of my favorites and those from some past list e-mails that I have saved. Anyone wanting to add or comment may do so. I only require a name and e-mail address (the address won’t be published, it’s only for me to correspond with you if needed) and the CAPTCHA Code to prevent spam from getting posted.

15Nov Firewall on the Cheap

I’ve read in the past on various links and mail lists the power of dd-wrt, an open-source Linux based alternative to the typically substandard software preinstalled in broadband routers. I also knew when my aging Checkpoint firewall appliance died a few months ago I needed to replace it with something besides the leftover router I found stashed in the closet.

As a fan of Andrew S. Baker’s I subscribe to his blogs in my Google Reader and was happy to read his post that he was in the same predicament. Fortunately he didn’t sit on his hands like I did and he wrote a review of dd-wrt coupled with a Netgear WNR-3500L router.

The next several days spent waiting for the router to arrive were put to good use reading all of the WIKI and FAQ pages at the dd-wrt site. Though the router was under $100 it wouldn’t be money well spent if I bricked it by not loading the dd-wrt code properly. I also reviewed my network documentation and did a redesign to layer a DMZ, a Vonage VOIP phone system, and the internal network. I was never happy with my old design, it was the result of piecing parts together as it grew and the adage of the mechanic that needs to change the oil in his own car fit perfectly.

The install went well and was painless. I’d like to think it was due to my preparation but the dd-wrt site and instructions didn’t leave much room for error and I likely spent too much time worrying about bricking the router.

My network now has gigabit speeds, great wireless capabilities, and firewall/routing/VPN settings I’m used to managing at my %dayjob%.

10Jan Open DNS, an added layer to your network security

During a visit to a customer’s site the owner and I discussed how the Computer Usage Policy I wrote for him came in handy. The conversation drifted into how we could prevent non-productive web surfing in the first place.

I subscribe to a Sunbelt Software e-mail list serve that has many very knowledgeable administrators. Remembering many endorsements from them for a product called Open DNS I thought this customer would be a perfect candidate to try it.

Open DNS is a service that provides content filtering to block categories such as pornography, dating, humor, and gambling. At the time of this writing there are 55 categories.

We surfed over to http://www.opendns.com and clicked the Plans and Pricing link. Deciding the Open DNS Basic free version would fulfill the needs of his company, at least for the time being, we clicked the sign up link. Registration was fast and easy.

Once the account was setup and we were logged in we looked at the settings tab. There are six settings: High, Moderate, Low, Minimal, None, and Custom. Each has a view link to see the categories blocked within its setting as well as a customize link. After studying each we decided to use the Custom setting and clicked on the categories he wanted blocked.

In addition to the categories, Open DNS has whitelisting and blacklisting features as well. If there is a domain (web site) that is blocked by Open DNS but should be permitted it can be whitelisted. Alternatively, if a site doesn’t get blocked but should be it can be entered as blacklisted. The free version allows for up to 25 whitelist/blacklist domains (total, not each).

We then logged into the company’s perimeter router and put Open DNS addresses into the DNS settings of the router. Networked workstations typically get their DNS settings from a router or server(s), so setting Open DNS’s addresses at that level propagates the Open DNS lookups throughout the network without having to configure every computer.

Whether you administer a business network and want to keep temptations of unproductive sites away from employees or a parent concerned about the dark corners of the Internet, Open DNS provides cost effective content filtering. Since this setup I have done several more of my customer sites, leaving each satisfied. I even configured my network to use it. Why not use it to block Adware, Phishing, and Tasteless sites? It’s one more layer to your security as discussed in my Security FAQ.

How it works:
Domain Name Service (DNS) enables us to use names for locations on networks, including the Internet, instead of having to know the TCP/IP addresses. Typing schmahl.net into your browser to surf to my site is much easier than typing 98.131.88.213. Servers that do this lookup and translation are called DNS Servers.

Open DNS recognizes your network’s address and correlates the lookups to the settings and categories configured for your account. If a request to www.somebadsite.com is made and during Open DNS’s lookup that site is in one of the blocked categories, Open DNS returns a page to the users’ browser that the site requested is blocked.

Caveats:
If the public IP address of the network getting configured changes often you’ll have to download and install a program “OpenDNS Updater” or manually update within your account. I haven’t had to do this yet, so I’ll either post a comment with details later when I do or let a reader do so.

Another is allowing a user administrator privileges on the workstation, enabling the user to manually configure DNS settings to a DNS server of choice and bypassing Open DNS. This, however, is a problem with your user configuration, not of Open DNS.

17Sep Team Building

The SANS (System Administration, Networking, and Security) Institute is a key resource for IT professionals. One of the most helpful and free sections of its web site is the Reading Room, providing white papers on security leadership, forensics, incident handling, and auditing.

During a recent visit to the Reading Room I found a treasure called “Beer, The Key Ingredient for Team Development.” This 16 page paper reinforces something I’ve believed in and practiced for a long time.

Reading this paper is highly recommended for discussion and planning of your team’s next late lunch scheduled for Friday at beer:30.

Cheers!

17Aug 40 Admin Tools

Sunbelt Software hosts a number of technical mailing lists. Recently, one of them I’m subscribed to had a thread that began as a question asking what software utilities do fellow system administrators keep close at hand. Needless to say this created a thread with many great answers, lots of +1’s to make it a pseudo survey and a lively debate. When the thread finally died Sunbelt’s Stu Sjouwerman posted that he compiled the top 40 list and published it in their August 10th Windows Server News.

I highly recommend admins of any level to review the list.