About Jay Fougere

Jay Fougere is the IT manager for the iEntry network. He also writes occasional articles. If you have any IT questions, please direct them to Jay@ientry.com.
Sprint Restores Peering to Cogent
· 2

At 4:00 p.m. Eastern on Thursday, October 30th Sprint (A Tier 1 Internet backbone provider) severed their peering connections with fellow Tier 1 Internet backbone provider Cogent Communications. This depeering was due to a contract dispute that Cogent claimed was already in litigation. Webpronews broke this story within hours of the depeering.

Cogent and Sprint Break the Internet!
· 20

Tens of thousands of public internet addresses located on Cogent’s  backbone are no longer accessible from Sprint Customers. This disruption is affecting thousands of web properties including WebProNews.com. Drudgereport.com was also affected by this outage but has apparently managed to route around Sprint’s network.

What is your favorite color?

* Red\n* White\n* Blue\n* Yellow\n* Green\n* Black\n

So, You Have Been Cracked. What Next?

As much as we would all like to say that our systems are impenetrable, the truth of the matter is that they aren’t. No matter how much we patch, upgrade, and tune our systems, there are still vulnerabilities that have yet to be discovered. There is always the chance that some recently discovered exploit will be used against your system(s) before a patch is even available from your vendors. That being said, let’s take a look at what your first responses to a break in should be.

Top Skills Your IT People Should Possess

In this issue, we will take a look at the most desirable characteristics of your IT employees.

Building a Linux Kernel

In our last issue, we looked at what data you need to collect before attempting to build a Linux kernel. This is very important information so you may want to take a look at the first article if you are a little rusty. I have also written an article about using the command line in Linux that may be helpful for you.

After the Hack: How to Get Back to Business

More often than not, when your machine has been the victim of a cracker’s attack, the best solution is to completely reinstall the operating system, being sure to apply all relevant patches to the machine. In other words, go to your software vendor’s website and double-check all of the security announcements and patches… you may have been hit by a brand new exploit. I have many times been asked if a complete reinstall is absolutely necessary. The short and simple answer is “yes”.

Casing the Joint

First of all let’s look at ports and what they are. When two machines across a TCP/IP network communicate with each other via a service (such as NetBIOS, HTTP, FTP, etc…) each machine will need to know not only the IP address but the port number that translates to the service that is being used. For instance, when someone is “surfing the web” the service that they will be using will be HTTP, which uses port number 80 by default.

Most port numbers can be changed so that vulnerable services can be disguised by using a non-standard port number. For instance, if you knew that certain software exposed a vulnerability in a service, you could try to change the port number in order to circumvent that weakness. However, you would need to be sure all machines on the network are configured as such in order to continue using the service.

Security Basics

Most cracks involve a tool as simple as a Trojan horse, which will leave a backdoor account open to the cracker. Young teenagers have been known to utilize such tools effectively, even against corporate giants. It is because of these types of attacks that users (even if it is your family hooked up to a small LAN on a cable modem) need to be educated about some basics that will stop most typical hackers. First of all, lets talk about passwords. Many of these tools that I have mentioned will expose null passwords. This means that if you do not enter a password when you log in, these scanners will show that to the potential offender, and then the hacker can easily take control of your system.

Windows 2000 Remote Installation Services

Remote Installation Services (RIS) is a tool included with Windows 2000 Server products that is used to install Windows 2000 Professional over a network. I have heard that this can/may work with Windows 2000 Server now (it did not in the past), but I have not tried it and cannot verify that it does work.

Authenticating PostgreSQL Clients

Today’s article is about security (authentication in particular) in PostgreSQL, the most advanced open-source database available anywhere (as its developers claim!!). So what about it? We know that security is a very important concern in the present day IT world. It’s no different with databases.

Most Common Viruses According To SARC

Viruses are becoming more and more prevalent everyday (as if you didn’t already know that…). This being the case, I decided to compile a list of the most common viruses according to SARC (see below), along with links on detection and removal procedures for each. It seemed that having this information in one place could be very helpful for those of you that have to deal with these viruses.

Try it, You Might Like it.

Most of you know that although I am certified under Microsoft products, I am an advocate of Linux. Linux and the BSDs (that sounds like a bad rock band– and here they are for your listening pleasure, Linux and the BSDs…) are consistently gaining ground in areas that have been dominated by proprietary operating systems. It is for this reason that I would like to make a suggestion. If you have no experience with Linux and/or BSD and you are serious about IT, now is the time to get some exposure to these alternative operating systems (OS).

VPNs, 101

I am sure that most of you have heard of Virtual Private Networks, but do you know what they are and what they are good for? VPNs are a secure way for machines to communicate through a public network, privately.

Simple Network Troubleshooting

I know that working from the command line can be intimidating to those of us who have always had a nice graphical interface to use. I am convinced, however, once you see how easy to use and effective the following tools are, you will be hooked. Even if you are an old pro, read on. You may find a use for one of these tools that you had not before considered.

Introduction to Cryptography

Secret messaging has been in vogue since the times of Julius Caesar. But later, this art of communicating messages in a secret or encoded form has come to be known as cryptography. The word cryptography is derived from Greek and means ‘secret writing’. This article is intended to introduce you to the basics of cryptography and lead you to do some encryption stuff yourselves.

My Favorite Security ‘Tewlz’ and Information Sites

Almost anything you need to know about security can be found on the Internet. There are sites of every size, shape, and color – many with loads of useful information, others that are not nearly as useful. Many of these sites are very commercial while others are completely open.

Security Resources

Microsoft has released security bulletin number MS02-015. This is yet another patch “roll-up” for Internet Explorer. This patch is supposed to include all of the previously released patches for IE 5, 5.5, and 6.0 along with a couple of new ones.

An Introduction to Tripwire

First of all, let me note that there exists two different versions of Tripwire. There is a commercial version available from http://www.tripwire.com. There is also a free version available for Linux fromhttp://tripwire.org and http://sourceforge.net/projects/tripwire/.

Windows 2000 Groups

Networking computers is done to serve one purpose; to share resources. As you probably already know, resources can be anything from printers to files to internet access, and more.

Windows 2000 Server Security Templates

Ok, you have that shiny new, freshly installed server up and running. You are about ready to deploy it, but you are concerned about security. Judging by today’s political climate, this is a concern that affects many system administrators, now more than ever.

Top Skills Your IT Workers Should Possess

1). A willingness to learn
IT is an ever evolving field. What was common practice six months or a year ago is not necessarily the best way to complete the task at hand now. Encourage your staff to read. Most good IT people will rarely be caught without a book; or at least documentation that they have downloaded and are looking at on their computer. Try to allocate some time to your staff so that they can stay abreast of issues pertaining to their area(s) of expertise.

Using the Windows 2000 Adminpak and Support Tools

Included with Windows 2000 Server products is a utility known as “adminpak” which allows you to administer your Windows 2000 network from a Windows 2000 Professional machine that is located on the network (assuming you have permissions in Active Directory to do so; this is not a backdoor for crackers).

Compiling and Installing Software From Source Code

I have only been using Linux for about three years, but I love it; the idea of Open Source, community, freedom, etc. I have found many topics concerning using and configuring Linux for which the documentation is either outdated or non-existent.