You know what realy bugs me? I was browsing Google video today and I clicked on a video I thought might be interested and, “Sorry, the video you requested is not avalible to your country”. Why? All, I think, it was is a video of people doing stupid stuff like they always do on Google. “We can’t let those Canadians see this prank, they might lean from is and do one on one of our American citizens!” This is not the first time Google has blocked videos from me. When they first released TV episodes, same thing. I haven’t tried since. But, it’s not like we don’t get some of the same stations as the US does.
and here is a link of some who feels simularly [http://www.netsyd.com/comment.php?comment.news.12].
Here is my first training video. It shows how to use IPSec to encrypt telnet traffic between my workstation and my exchange server.
[http://www.mrkernel.net/videos/ipsec_telnet.wmv]
I will hopfully have better quality ones down the road. One thing I wanted to do in the video include using Ethereal to prove packets were encrypted.
There are three ways I manage my systems, MMC (Microsoft Managment Console), RDP (Remote Desktop Protocol), and telnet/ssh (Um, please tell me you at least know what one of them is).
(more…)
Since last two years over 90% of my workstation support calls out side of my office were in regards to Adware/Spyware. If I were to ask the people what they thought the biggest problem with Adware/Spyware they would probably say, “It slows down my computer, makes popups, and makes my computer behave funny”. None of them would say, “They might be stealing sensitive information off of my computer”. This is beacuse the Adware/Spyware basicly took over the computer. So, as people got “smarter” they put on Adware/Spyware scanners, assuming that they were all legit, all this did was bog down there computer. Note how I said, “90% of my workstation support calls out side of my office“. We run all our users as normal users, no local power users, or local admin users. Also, all domain/server admin are normal domain users. We elevate our privliges with a second logon. This has elimanated 99% of our Adware/Spyware problems. It has also helped againts Zero day virii. We had a Zero day virus that came in through e-mail. One person received it from one of our general email boxes and opened it, it didn’t open so she just forwarded it to the department it was intended for. It was sent to a few different people and none of them could open the attachment, so they sent it to IT. One of the other tech received it, and he said, “This looks like a virus!”. We tried it out in our test lab and sure enough it was. None of the staff computers were infected, because they did not have enough permissions to run the virus. Also note, 4 hours later our Virus Scaner received the signature for the virus. Now I am not saying that aproprate permissions is the end all be all, but IT IS the way Microsoft products were indended to run. Alot of Micosoft “insecureaties” are wrongfully blamed on Microsoft, when it was a permission setup issue. My next artical will be about administration methods of Microsoft networks.
I remember back in the day, I used to use Altavista for my searching needs. I loved it and thought I could find just about anything. Allthough my searches went as demanding as they are now I was pretty proficent in using search constuctures to hown in my search. Then allong came my friend who said, “With Google all I have to do is type in what I am looking for and it finds it for me.” I was reluctent at first cause I thought it was cool using all the search constuctures. But, I one day switched to Google. I had been using it since uptil about 4 months ago. I since then switched to search.msn.com. I like it alot was and I find it faster and more reliable then google, google has actually been unavalible once since I swtiched and I have experiance it go down a few time before that. I do think that Google is still a slightly better seach engine, but I have not had a need that search.msn.com could not fullfill. I have notice that since this website was redesigned, week and half, Google has updated there cache of my page. MSN and Yahoo are still reindex my page. Now when I first puchased my domain a few years ago I only submitted my page to Google, and MSN and Yahoo found me on there own. Also, my page had been static for over 6 months. I am curious to find out if Google and MSN change the frequency of with they index myh page, I am sure they will it is just a matter of time. My work site is indexed every few days if not every day.
I took a few pictures of some of the phone I have around the house.
 
 
I have a few Cisco 7960’s, a 7920, and a Polycom 501 I use regularly around the house. In case you are wondering what the VR button does on my phones. I have Mister House running to control my lights and other stuff around the house, and that button is a speed button for my speech recgonition server. I will write more on this later.
It still amazes me how little Cisco information there is on the web. You look at Microsoft, OS X, Linux, or BSD and you will find How-to’s, forms, and knowledge base articals. Is it some big ploy to hord all this knowledge from the general public? But, I don’t see that many third party sites. Mind you most of my work with Cisco has been with there Phones as of late, but I am pretty proficent with there routers and switches. Anyways I was, again, trying to find out when Cisco will have IPv6 for there phones, I have 4 hand sets at home, and we use Cisco at work, when I came accross the following blog [http://www.ciscoblog.com/]. This artical [http://www.ciscoblog.com/archives/2006/04/learning_simple_nat.html] in particular sparked my interest. Its a nice concise video on how to configure NAT on a Cisco router. One note, in the video he uses the overload command because he has a lot of computers behind the router. This option may not be wanted if you are using certain SIP phones behind it. More on this in my next post about SIP and NAT. Maybe I will try to do some videos of my own?
I have been running a VoIP network for just over two years now. It started out with Asterisk [http://www.asterisk.org] but a few months ago I rolled out my 2nd generation voip network using OpenSER [http://www.openser.org]. There was a few reason for the change first was scaleability and redundancy, the second was bandwidth, or media path issues. When I used Asterisk the media path for all calls came through me, now they go endpoint to endpoint. The biggest challenge with that was nat, which is one of the main resons I want to see IPv6 take off. Read more for more on NAT and SIP.
(more…)
I rebuilt my firewall last night with OpenBSD 3.9 and pf. I was using CentOS 4.3 with  iptables. pf [http://www.openbsd.org/faq/pf] is awsome, it total blows iptables away. The real reason for the rebuild was I wanted better IPv6 support and IPSEC support. I have been having a hard time finding a good IPv6 tunnel broker to connect to, and I see that http://www.6bone.net/ is shutting down. This is a good in way, it hopefullymeans that there will be more production IPv6 address being deployed. I hope ISP here in Canada start offering IPv6 addresses soon. (more…)
I have never liked DNS blacklist as I personaly had a problem wheather or not I could trust them. Using them to flag e-mail a spam is one thing but totaly trusting them to hard reject email? Well thats just idiotic.
(more…)