20. April 2010 by Myke.

With the increase in blade systems and the decrease in optical drives on servers, it is becoming more and more of a USB drive World everyday.  I had a couple of e-mails come in asking fro help creating USB drives that are bootable with Server 2008 on them.  Easy enough, just follow the steps below and you should be golden (as long as you have at least a 4GB thumb drive).

First we need to format the thumb drive.

1. from a DOS prompt execute: diskpart
2. list disk
3. select disk 1    (assuming disk 1 was your thumb drive in the above list disk command)
4. clean
5. create partition primary
6. select partition 1
7. active
8. format fs=fat32
9. assign
10. exit

Now we need to get the files copied over from the DVD to the thumb drive.

xcopy d:\*.* /s/e/f e:\   (assumes your DVD is drive D and your thumb drive is drive E)

Make sure the server is set to boot from USB drive and away you go.

Cheers.

Posted in Technical Questions, Microsoft, Servers | 1 Comment »

14. July 2009 by Myke.

“I cannot put my Citrix server into install mode.  It keeps saying I am not an administrator and my account is a domain admin.  WTF gives man?” 

Over the last few weeks we have received multiple e-mails asking why they cannot get a Terminal/Citrix server in install mode.  Each time they do this they encounter the following error, “Only members of the Administrators group may enable Install Mode”.  The problem is not due to your account and the privileges it has.  These new Operating Systems have elevated security as compared to Server 2003 and Windows XP.  If you just right-click on CMD.exe (located at C:\Windows\System32) and select “Run as Administrator” and then place the server or machine into Install Mode (change user /install) you should be fine.  This is annoying to a point but at the same time a nice security feature.  As always with Microsoft, it irritates us at first but we soon learn to do it out of habit.

Note - If you have renamed and/or disabled your built-in Administrator account, you can still run the task above.  If you still have any questions please feel free to let us know.  Cheers.

Posted in Citrix, Technical Questions, Microsoft, Servers | 2 Comments »

24. June 2009 by Myke.

There I was living the life of luxury with my backups running via CommVault software over to my ExaGrid disk storage and then to tape.  Backups were fast and the deduplication was AMAZING!  I basically set it then forgot about it each day.  I would get my daily reports telling me “hey, your backups worked of course and they are still kicking butt and taking names”.  Then came D-Day for my career at that job.  I walked away proud of my environment and what I left behind.  I was proud of where I took my job to, technology wise.  Servers went from white box to HP, server software went from 2000/2003 to 2003/2008.  i created virtual server after virtual server.  I put in an HP Blade Enclosure and all power was controlled via APC.  It was a true Enterprise setup for an Enterprise company.

I took the next 4-5 weeks pulling myself to the conclusion that I will never work on that equipment again.  I started with a very small group with my new career that has potential to become the largest Gold mining/production/exploration/reserve companies in the World.  Backups are controlled by an unnamed software vendor and it is not all that great.  The backups are about 30% fail to 70% complete each day and they are slow.  They eat tapes like there is no tomorrow and it is only going to get worse each day as we grow.  So what do I do to make my new job run as streamlined as my previous job?  How do I make backups a non-issue?

Simple, I work a budget that allows me to move forward with each piece one step at a time.  My first goal of 2010 will be to get ExaGrid in house to help create a disk based backup solution with some serious deduplication abilities.  The deduplication process will basically take my backups and compress them into smaller chunks of data (sorry for the non-IT explanation).  Take for instance, you have about 20TB of backup data and you run it through the ExaGrid…you will get about 15:1 (based upon my very own first hand knowledge) on space usage.  What does that mean to the non-IT person who is in charge of reducing backup costs???  That means I will get about 15TB worth of raw data and have it backed up on an ExaGrid using 1TB of actual disk space.  That’s right folks…15:1 on an average and that is being generous on the small side.  I have seen deduplication results close to 60:1 and 70:1.

Some folks have asked if I sell ExaGrid or CommVault or if I get paid by them or receive free hardware…no.  Like we have said before, we share the truth with no biased answers or results.  We want what works best for the IT World and truthfully, ExaGrid is the King of disk based backup solutions.

Links to previous ExaGrid posts.

http://homerun-networks.com/2008/12/17/exagrid-announces-customer-focused-enhancements/

http://homerun-networks.com/2008/07/22/exagrid-deduplication-update/

http://homerun-networks.com/2008/07/22/exagrid-announces-enhancements-with-latest-version/

http://homerun-networks.com/2008/07/21/exagrid-and-commvault-a-perfect-backup-solution-update/

http://homerun-networks.com/2008/07/21/exagrid-and-commvault-a-perfect-backup-solution/

p.s.  Dear ExaGrid - It would be very nice if I could borrow a couple 1TB units for about 1.5 years or so.  I promise to love and care for the units at all times. 

Posted in General Hardware, Servers, Backups, Storage | No Comments »

15. May 2009 by Myke.

GFI has released a fully functional free version of their backup software.  This software works great compared to NT backup and you can even backup to a remote location such as an FTP site.  The greatest thing about the backups is that it uses ZIP files for the backup files as opposed to a proprietary file.  This means you can restore your backup files anywhere from any machine.

GFI note:
To assist home PC users in these troubled economic times and to help them understand the importance of data backups, GFI Software is offering for free its newly-developed backup and recovery software GFI Backup 2009.

GFI Backup 2009 will allow all home PC users to keep regular and updated copies of their precious memories in the form of pictures, video, and other files and safeguard their data in case something goes wrong.

Loss of data for individuals can be heartbreaking as memories, personal documents and important files are lost due to hard disk failure or a virus attack. With this free software, we are assisting people to be better prepared, especially when they are trying to cut costs wherever possible. Because we care!

GFI Backup 2009 is an easy-to-use backup and recovery software solution that allows users to backup all their important files and, when-needed, recover the data within minutes using the product’s wizard-driven interface. GFI Backup 2009 does not use a proprietary format; all data is saved to common ZIP files. This makes it easy to restore data to a computer that may not have GFI Backup installed on it.

Data can be stored on virtually any storage device available such as internal or external hard disks, on local area network (LAN) locations, CD/DVD media, removable media devices (USB sticks, memory sticks, flash memory, floppy disks, ZIP disks, JAZ, etc.) and remote locations using FTP with upload auto-resume. Data can also be protected with military-strength 256-bit AES strong encryption.

Download your free copy of GFI Backup 2009 from here:
http://www.gfi.com/downloads/register.aspx?pid=bkuphm&lid=en

For more information about GFI Backup and its features visit:
http://www.gfi.com/backup-hm/

Posted in Desktops, Laptops, Servers, Backups | 1 Comment »

29. March 2009 by Myke.

There is a ton of buzz all over the media world about this worm and what it will do and how to tell if you have.  As complex as this worm is, it is also very simple to determine if you have it or not.

Step 1 - If you have Automatic Updates turned on, check to see if it is now turned off.  These reason is that this worm actually turns off updates to protect itself.

Step 2 - Manually run Microsoft Updates.  If you can run updates manually on your computer then you are okay.  This worm will actually prevent you from connecting to the update sites.

Now that we know how to check for it, how do you prevent it.  Very simple.  Keep your computer updated and make sure your anti-virus software is running and current.

What do you do if you have this worm?  You will want to contact your anti-virus software vendor and see if they can help you out.  If not and they want to charge you an arm and a leg, give it a go yourself.  There is a couple very easy to use and free tools you can use to remove it but it will take some patience.

• Malwarebytes Anti-Malware - You can grab this GREAT tool from www.malwarebytes.org.
• LavaSoft Ad-Aware - You can grab this great little removal tool from www.lavasoft.com.

Now that you have a couple of removal tools, start running them and cleaning.  A great tip is to update both pieces of this software and then run them from Safe Mode with your computer not on the network/Internet.

Good luck and happy hunting, so to speak.

Posted in Networking, Internet, Registry, Scripting, Security, Technical Questions, Laptops, Desktops, Microsoft, General Hardware, Servers | 1 Comment »

30. January 2009 by Myke.

Black Hat researcher will show how the bad guys can use a database’s own features against it

A database security researcher will demonstrate at next month’s Black Hat DC how an attacker who breaks into a SQL Server database can cover his tracks using antiforensics techniques.

Cesar Cerrudo, lead researcher for Application Security’s Team SHATTER, and founder and CEO of Argeniss, says he will show a proof-of-concept that circumvents forensics investigations by abusing some inherent features in the database. “If the attacker has done a good job of removing his tracks, then it becomes pretty difficult to determine what was done, how it was done, why, and by whom,” Cerrudo says.

So far, Cerrudo says he hasn’t seen any database attacks that have gone to the next level like this yet. “But as criminal hacking is rapidly growing, and databases are where the juicy stuff is saved, in the future we will start to see more and more sophisticated attacks,” he says, especially since many big breaches are the result of database hacks.

And in the current economic climate, the risk of an insider attack is even higher. The financial pressures of a possible layoff or otherwise could entice a database operator to go rogue. “The main point of this research is that if you don’t properly protect database servers, soon or later you will get hacked and probably lose millions of dollars,” he says.

Although Cerrudo’s research focuses on SQL Server, any database could be hacked and manipulated with antiforensics, he says. Among the database features that the bad guys can use for nefarious purposes are the ability to load external libraries or binary code, which can manipulate the server itself. Buffer overflow attacks are another way to do so as well, according to Cerrudo.

All it takes is for an attacker to gain database administrative privileges — which is not difficult if the database isn’t locked down properly — by exploiting a vulnerability in the database or stealing the credentials via a Trojan or brute-force hacking, for instance.

“Once you have enough privileges, you can do anything on any database server. This includes loading code to database server memory, [and] then this code can manipulate all functionality and let the attacker perform any actions” on the database he wants, Cerrudo says.

If the database hack using antiforensics is detected, some of the damage can be discovered by forensics, such as stolen data or changes made to the data stored in the database, for instance. But how it was hacked or who did it would remain a mystery, he says.

An attacker who infiltrates a database can even frame another person for the attack using antiforensics techniques. “One of the scary things about these antiforensics techniques is that the attacker can point investigators in the wrong way by making it look like another person performed the attack,” Cerrudo says.

The attacker could leave behind phony tracks that incriminate the victim organization’s database administrator so that when the forensics investigators do their work, all evidence leads to the database admin rather than the real culprit. “Without logs or [with] confusing logs, investigation becomes harder, the evidence is not enough, and in order to find the real culprit you must find real evidence that points to him,” Cerrudo days.

How can an organization protect itself from such an attack? “Nowadays, using a third-party monitoring mechanism should be a must since built-in security mechanisms can’t protect [the database] once the attacker has enough permissions,” he says.

Cerrudo also recommends regular database patching, strong passwords, and periodic database vulnerability scans.

Posted in SQL, Security, Servers | No Comments »

30. January 2009 by Myke.

IT Worker Indicted For Setting Malware Bomb At Fannie Mae

IT contractor deployed highly malicious script before his administrative rights were terminated

A former IT contractor at Fannie Mae, angry at being terminated in October, has been thwarted in his attempt to crash all 4,000 servers at the mortgage services institution and wipe out all of their data.

According to a report from the U.S. Department of Justice, a federal grand jury in Maryland has indicted Rajendrasinh Babubhai Makwana, a contractor working at Fannie Mae’s Urbana, Md., facility, for transmitting a malicious script to the company’s servers.

The malicious code, which was set to execute on Jan. 31, was designed to propagate throughout the Fannie Mae network and destroy all of the company’s data, the DoJ says.

According to court documents, Makwana — who was employed by OmniTech, a third-party contractor that handles server administration for Fannie Mae — was censured by management on Oct. 10 after unintentionally distributing a server script without authorization. The documents suggest the mistake was so egregious that Makwana probably knew he would be fired, although his administrative rights were not revoked until hours after his official termination on Oct. 24.

Apparently, Makwana had been busy before he was kicked off the system. On Oct. 29, five days after Makwana had left the company, a senior Unix engineer found a malicious script buried in a legitimate script that validates the storage area network connections among the company’s 4,000 servers every morning at 9 a.m. A page break had been inserted between the malicious script and the legitimate script, making it less obvious.

The malicious script was set to execute multiple tasks, all of them bad. First, it would wipe out all of the passwords on the servers, effectively locking administrators out. Then it would build a list of all servers that contained Fannie Mae data and wipe out all of the data, replacing it with zeros. This would also destroy the backup software on the servers, making the restoration of data more difficult because new operating systems would have to be installed on all servers before any restoration could begin, the court documents say.

The script would also remove all “High Availability” software from any critical server, the complaint continues. Then it would power off all servers, disabling the ability to remotely turn on a server. After the second run-through, the script would remove all of the files on the current host and try to zero out the root file system.

“Had this malicious script executed, [Fannie Mae] engineers expect it would have caused millions of dollars of damage and reduced, if not shut down, operations at [Fannie Mae] for at least one week,” the complaint says. “If this script were executed, the total damage would include cleaning out and restoring all 4,000 [Fannie Mae] servers, restoring and securing the automation of mortgages, and restoring all data that was erased.”

Makwana faces a maximum sentence of 10 years in prison. He had his initial appearance in federal district court on Jan. 6, following the filing of the complaint. Arraignment is scheduled for Jan. 30, 2009.

Industry experts warn that such exploits may become more common as the economy forces companies to lay off an increasing number of employees. Enterprises should be careful to terminate all data and administrative access rights for the affected employees before they have the opportunity to act in retribution, the experts warn.

Posted in Security, Servers, Storage | No Comments »

29. January 2009 by Myke.

The “The remote computer requires Network Level Authentication, which your computer does not support.” error is what you get when you try to connect to computer running Server 2008/Windows Vista with using recently updated Remote Desktop Client.

It looks like Windows XP doesn’t support Network Level Authentication even with the new Remote Desktop Client so you will have to turn NLA off in Server 2008/Windows Vista.

Got to System Properties and select “Allow connections from computer running any version of Remote Desktop (less secure). It’s less secure, but it works.

Posted in Networking, Security, Microsoft, Servers | No Comments »

27. January 2009 by Myke.

So you know that your hard drive will die sooner or later, but how do you proactively figure that out?  Magic 8-ball used to be the best method but as of recently we can do a much better job.

The standard IDE/SATA hard drive today is still the most mechanical piece of equipment sitting in your present day PC. And this will continue to be the case until solid state drives become much cheaper and much more compatible for present day hardware. The most unfortunate part of the problems with these drives, is how incredibly critical they are to the state of your computer. A hard drive failure means a dead computer - unless you are lucky enough to be running in some type of RAID environment, which most home users won’t be.

So those of us here at Homerun decided maybe we should put together a list of tools to help everyone else out that would like a better Magic 8-ball.  Below you will see our four choices and a brief description of the tool.  One thing to remember, these are Windows based tools and they are to be used at YOUR own risk, not ours. 
Crystal Disk Info

CrystalDiskInfo is a S.M.A.R.T. based utility that supports not only internal drives, but both USB and IEEE1394’s as well. It displays an incredible amount of simple and advanced disk information, and may always be running in the background. This includes temperature readings, read/write errors and power management tools, running at all times of the day.

General Drive Info

Advanced Diag of your drive

 HD Tune

HD Tune is a much simpler hard drive disk scanning utility that has benchmarking, advanced diagnostics, similar to Crystal and a disk scanning utility, very similar to the Windows version, but can be run in real-time. It also includes real-time temperature monitoring.

Benchmarking

Disk Scanning

HDD Health

HDD Health is another similar product. It includes temperature and real-time monitoring, but includes a health indicator, simply by percentage and nothing more. It does include the same advanced diagnostic tools as the other SMART utilities as well.

General Information

Extended Drive Information

HDD Scan

HDD Scan not only includes many SMART diagnostic utilities, but other disk utilities as well. It includes many advanced testing modes, such as reading, writing and erasing in linear. In comparison to the other products, HDD Scan might get you more bang for the free buck.

Various HDD Scan Tools

Available Surface Tests

Manufacturer Specific Products

Some people might trust products designated for their specific hard drive more then any other. So I’ve provided a list of all the major manufacturers with a link to their diagnostic tools. A few of these may even support different manufacturers.

Fujitsu - Supports all forms of internal connection and is capable of doing in depth surface and diagnostic testing.

Hitachi - Several diagnostic tools for Hitachi drives. Analyze, optimize and protect your drive from failure.

Samsung- The Samsung utility will only work with Samsung drives and is an offline bootable disk that can be run no matter what the state of your drive.

Seagate/Maxtor- The Seagate tools, also known as Seatools, are Windows specific tools that can quickly and comprehensively determine the state of your present Seagate or Maxtor hard drive.

Western Digital - In order to determine your appropriate tools, you’ll first have to select your specific product and browse to a compatible ‘Data Lifeguard Diagnostic Tools’. Thorough test and repair utilities for West Digital drives.

All of the tools above may or may not be able to resolve serious disk errors on your drive. But if you are worrisome about the state of your current HDD and you’d like to confirm it, these tools will help to do so. It will force you to begin transferring data, or backing up your data on a regular basis before the inevitable happens. Play with each of tools, and find the best that suits your situation.

Posted in Microsoft, General Hardware, Desktops, Laptops, Backups, Servers, Storage | No Comments »

20. January 2009 by Myke.

Within the next few months, Cisco Systems, the largest maker of networking equipment, plans to release a product that threatens to shake up the technology industry and put the company on a collision course with traditional partners like Hewlett-Packard and I.B.M.

The product — a server computer equipped with sophisticated virtualization software — is a bold but risky move by Cisco into an unfamiliar, intensely competitive market that typically produces far lower profits than Cisco makes from network gear. But it reflects the company’s ambition to grow beyond its roots as the so-called plumber of the Internet to offer everything from instant messaging software to digital stereos.

For years, Cisco remained content to sell the switches and routers that direct the rivers of data flowing between computing systems. It dominates that market, making most of its $40 billion a year in revenue, and 65 percent gross profit margins, from such products.

The other major makers of computer hardware, including H.P., I.B.M. and Dell, have enjoyed a mutually beneficial relationship with the company, which is based in San Jose, Calif.: Cisco sells networking gear, while they sell personal computers, servers, storage systems and software.

Industry experts say that Cisco’s push into the server market will disrupt that comfortable symbiosis and could cause an all-out war among the tech titans for one another’s customers.

“This will be the most important and most talked-about product of the year,” said Brent Bracelin, a hardware analyst for Pacific Crest Securities. “There will be massive competitive reactions from both I.B.M. and H.P., and we expect this will lead to a new wave of industry consolidation.”

Cisco executives played down the potential for serious conflict. “We see this not as a new market, but a market transition,” said Padmasree Warrior, the company’s chief technology officer. “Any time there is a major transition occurring, there will be large companies that have to compete in some areas.”

The technology driver behind this transition, according to Cisco, is virtualization software.

Over the last decade, virtualization software has experienced a meteoric rise. Virtualization products let companies run numerous business applications, rather than just one, on each physical server, allowing them to save electricity and get more out of their hardware purchases.

Recently, however, virtualization technology has started to have a more significant impact on business computing systems as a whole. New tools developed by VMware, the market leader, make it possible to shuffle business applications around a data center just by pointing a computer mouse at an icon on the screen. The mobility of the software has broken some of the traditional, linear connections among computers, storage systems and networking hardware.

As a result, companies like Cisco see an opportunity to produce a new, potentially disruptive class of hardware and software management systems that span an entire data center. With customers looking to manage their data centers as a single entity rather than separate units, the world’s largest technology companies must now fight to secure the most prominent, central position possible.

Cisco’s newfound aspirations stretch well beyond the $50 billion server market to include management software and possibly even storage.

“Our vision is, how do we virtualize the entire data center?” Ms. Warrior said. “It is not about a single product. We will have a series of products that enable us to make that transition.”

Cisco could show off the first of its new systems as early as March. The company would not disclose the exact nature of the product, although people with knowledge of Cisco’s plans said it would sell a server bundled with networking hardware and virtualization software from both Cisco and VMware.

Rather than working as a general purpose system, the Cisco product will cater just to virtual applications. (Cisco owns close to 2 percent of VMware, a public company that is majority-owned by EMC, a maker of computer storage systems.)

Cisco’s diversification into the server market is fraught with risk. Cisco boasts gross profit margins of close to 65 percent, while companies selling basic servers tend toward gross margins closer to 25 percent on those products.

Ms. Warrior maintained that by bundling various hardware components with software, Cisco would earn higher profits than are typical for servers. But Wall Street remains skeptical.

“It will certainly be a challenge for Cisco to get the new products to the same margin levels as its current products,” an analyst with Signal Hill, Erik Suppiger, said.

At best, analysts estimate, Cisco could obtain 50 percent gross margins with the server product. Such a figure, combined with Cisco’s probable modest start in this new business, would not affect its bottom line in the near term. Eventually, however, Mr. Suppiger and others say the move could lower Cisco’s overall profitability and change how investors view the company.

Perhaps more significant over the long term is the alteration of Cisco’s relationship with its longtime allies.

Mr. Bracelin expects I.B.M. and H.P. to consider acquiring networking start-ups and begin developing products similar to Cisco’s forthcoming system. They are also likely to direct business to other networking companies, like Juniper Networks and Brocade.

However, Cisco may have little choice other than to invade its rivals’ turf. Its core business is slowing, and for the company to meet Wall Street’s demands for growth, it must look to new lines of business.

Besides, its competitors are eyeing Cisco’s lucrative networking business for themselves. When Carleton S. Fiorina was chief executive of H.P., she sat on Cisco’s board, and her executive team encouraged H.P.’s sales force to promote Cisco products ahead of H.P.’s own ProCurve networking gear.

Under H.P.’s chief executive, Mark Hurd, that strategy ended. H.P. has made ProCurve a crucial piece of its growth strategy, priding itself on undercutting Cisco’s prices. With gross margins of close to 50 percent, ProCurve stands as one of H.P.’s most profitable businesses, second only to printer ink.

I.B.M., meanwhile, has long had a strong relationship with Brocade around storage networking products, and I.B.M.’s labs are working on their own networking hardware projects.

H.P. and I.B.M. declined to comment for this article.

Cisco dismisses the suggestion that it is fomenting war with longtime partners. The company is merely adjusting to a change in technology, and the other companies will do so as well, according to Ms. Warrior.

Cisco already battles Microsoft, another longtime partner, in the market for collaboration software that helps workers communicate on projects. In addition, Cisco sees opportunities in the consumer realm, playing off the home networking products it acquired through the purchases of Linksys and the set-top box maker Scientific Atlanta.

With close to $27 billion in cash on hand, Cisco could buy its way deeper into the data center as well, perhaps through an acquisition of VMware or even all of EMC, analysts say.

“Everybody is trying to get to the same point in the future,” said James Staten, an analyst at the research firm Forrester. “It’s inevitable that as they all get larger, they start crossing over into each others’ territory more and more.”

Posted in General Hardware, Servers | No Comments »