Archive for the ‘Troubleshooting’ Category

10 Dangerous Risks to Your Server Security

February 27th, 2013
Posted by: admin

GUEST BLOG

By Sarah Morris
KirkpatrickPrice

Security.  That’s usually the first thing on the minds of those in the IT world.  To keep up with changing technologies, we are constantly changing and improving our security standards, so that we can remain one step ahead of malicious attackers in defending our confidential information.

Royce Howard, of Global Knowledge, offers some tips about the 10 most dangerous risks to your server.  These tips are important to remember when developing and securing your IT infrastructure.

Physical Attacks. Make sure no one has physical access to your server.  Server rooms should be kept secure, and sensitive data should be encrypted.

Password Policies. Create complex passwords and change passwords every 90 days.

Privileged Accounts and Social Engineering. Vulnerabilities can be mitigated by removing administrator rights.

Email Attacks. Beware of phishing emails.  Never open an email from an untrusted source and avoid clicking on links in emails.

Worms. Worms are self-replicating programs that copy themselves from machine to machine, using up computer processing time and bandwidth.

Increasingly Malicious Malware. Scheduling regular scans can help detect and prevent against malicious malware and spyware.

Unauthorized Network Access. Network Access Control and Network Access Protection can help control network access of a computer host while using a set of protocols to define and implement a security policy.

Not Updating Patches. Automatic updating of patches can help avoid threats.

3rd-Party Applications. Check security platforms of 3rd-party vendors and applications from independent developers and manage exploits.

The Human Factor. People are the weakest link in security initiatives.  Develop strong policies and procedures so that people are prepared.

At KirkpatrickPrice, we have years of experience in information assurance by performing assessments, audits, and tests that strengthen information security controls.  Contact us at info@kirkpatrickprice.com for more information on how we can help you in your compliance efforts.

Sarah Morris is a technical writer for KirkpatrickPrice, a provider of world-class audit services. Visit www.kirkpatrickprice.com.

TAGS:

CATEGORIES:

No Comments »

The Thing About Ping

October 9th, 2012
Posted by: admin

By Joshua Darrin

The thing about ping is this

It’s handy for computers to say hello

But in order to diagnose problems

We need to understand the traffic flow

I would not, could not, should not call for aid

Until all of my self-help, diagnostic dues have been paid

So stand with me and say it aloud

If I use the almighty ping, I promise I shall.

 

Verify My Results

Ping results can vary for many reasons so it is always best to first verify that the “issue” lies beyond your local machine and network. Keep in mind that references to your “local network” include potential issues with your Internet provider.

If you’re pinging out to a device on the Internet (a server you own perhaps) and suddenly start seeing longer latency, then quickly follow a few simple steps to verify the results:

1)      Ping some of the big providers like google.com and yahoo.com.  If you see long latency to these guys, then it is more likely that you have a local problem with the machine or network.

2)      Run to another machine and try pinging the device you are interested in along with some of the big boys. If this machine shows the same results, then the issue likely points to your local network. If this machine shows different results, then go diagnose the original machine.

If the pings to the big boys all appear normal and pings to your device of interest are still showing a longer latency, then it’s time to move up the chain.

Check the Path

So, now we feel our device may be having network issues because our local network looks good and we can ping the big boys without any real latency. Now it’s time to check the path (we geeks call this a route) that our machine is taking to our device. To do this, we want to trace the route.

1)      Windows users should open a command prompt and run the following command: tracert domain.com (where domain.com is a domain name or an IP address)

2)      Mac users should open a terminal window and run the following command: traceroute domain.com

This will show you results that look like this:

 

Tracing route to google-public-dns-a.google.com [8.8.8.8] over a maximum of 30 hops:

 

1             1 ms        <1 ms    <1 ms                      MY ROUTER [xxx.xxx.xxx.xxx]

2             21 ms     29 ms     28 ms                       myprovider.net [xxx.xxx.xxx.xxx]

3             11 ms     8 ms        10 ms                      myprovider.net [xxx.xxx.xxx.xxx]

4             11 ms    10 ms    11 ms                         myprovider.net [xxx.xxx.xxx.xxx]

5             15 ms    14 ms    14 ms                         myprovider.net net [xxx.xxx.xxx.xxx]

6             13 ms    16 ms    13 ms                         myprovider.net [xxx.xxx.xxx.xxx]

7             54 ms    12 ms    19 ms                         xxx.xxx.xxx.xxx

8             65 ms    13 ms    14 ms                         xxx.xxx.xxx.xxx

9             16 ms    14 ms    14 ms                         xxx.xxx.xxx.xxx

10          15 ms    15 ms    13 ms                          xxx.xxx.xxx.xxx

11          17 ms    20 ms    16 ms                          xxx.xxx.xxx.xxx

12          14 ms    14 ms    16 ms                          google-public-dns-a.google.com [8.8.8.8]

Trace complete.

This is showing me that my machine is making twelve stops along its path to Google’s DNS servers (we geeks call these hops).  These results are expected and normal.  We see a tad of latency at steps 7 & 8, but this is nothing to be concerned with since the second and third values are normal.

Look for lines like these to zero in on potential issues.  The asterisks mean that the device did not respond and latency times in the triple digits across all three attempts are pretty indicative of a problem.

 

1             *              *              *                           MY ROUTER [xxx.xxx.xxx.xxx]

2             121 ms   219 ms   328 ms                      myprovider.net [xxx.xxx.xxx.xxx]

 

Tracing the route provides deep insight into where traffic is being held up.  As a general rule, the first few hops will likely be owned by your Internet provider.  The hops in the middle will be the route through other provider’s networks and the final hops will be those owned by the company housing your device.

Calling tech support with this information in hand will speed along the process of resolution.  Problems in the middle of the trace will be the hardest because it is tough to know whom to call.  Start with your Internet provider as the issue may be in their handoff.

Third Party Verification

It’s always good to get someone else on a different network (and preferably a different Internet provider) to verify your results.  Have a friend run through these steps and provide you with the relevant information.  The more you can provide to tech support, the faster problems get resolved.

TAGS:

CATEGORIES:

1 Comment »

Cleaning Out the SharePoint Site Recycle Bin

July 16th, 2012
Posted by: admin

By Terry Engelstad
MCP, MCSE, CCNA, MCDBA, MCTS, MCITP
AIS Network Operations Manager

Recently, a SharePoint hosting customer asked us to perform routine maintenance on his SharePoint site.  As part of that, he asked us to clean out the Recycle Bin and have the automatic deletion mechanism disabled for the Recycle Bin.  He said that his company hadn’t cleaned its SharePoint Recycle Bin in over one year.

There are some things you might find interesting about the Recycle Bin, which is the first line of defense in recovering data. As you probably know, SharePoint uses a two-tier Recycle Bin. The first tier is at the User level where an item deleted from a List or Library will drop into the User Recycle Bin. This way, the Users can recover deleted items themselves. Then after a period of time, items will be moved from the User Recycle Bin to a Site Collection Recycle Bin. The duration for which an item sits in the User Recycle Bin is determined by a parameter in SharePoint Central and is specific to an entire Web Application.  The duration for which items will sit in the Site Collection Recycle Bin is determined by the amount of space available to hold these items and is also configurable via a parameter in SharePoint Central.

Currently, our customer’s User Recycle Bin is configured to never delete items.  There are quite a few items in various User Recycle Bins. There are two ways to clean them out.  First, somebody can go to each of the User Recycle Bins and remove items manually.  Or, second, the retention configuration parameter could be changed to a very low value, and after a period of time, the items will flush out on their own.

The difference between these two techniques is that the first one requires human intervention to find all the Recycle Bins and to make decisions about which items should be deleted or not. The second option is global and will affect all items in all Recycle Bins.

Naturally, if our client wants us to clean out the User Recycle Bins individually, they would also need to define the rules for deletion of those items (i.e., delete everything older than 30 days, for example).

On the other hand, if the customer wants us to change the configuration parameters, we’d be happy to do so.  That’s easy.

More questions about your hosted SharePoint?  Leave your comments below.

TAGS:

CATEGORIES:

10 Comments »

Slow SharePoint Server? If your SharePoint Loads Slowly, This May Be Why.

July 9th, 2012
Posted by: admin

 

By Terry Engelstad
MCP, MCSE, CCNA, MCDBA, MCTS, MCITP
AIS Network Operations Manager

Is your SharePoint Server running slow?

Recently, a client emailed to say that he was noticing large slowdowns in connecting to their SharePoint server at AISN.  It seems to be happening nightly and intermittently throughout the day, he said.  Specifically, his issues were:

  1. SharePoint content loads slowly
  2. Uploading/ downloading from SharePoint is impossible (speeds come to a crawl at less than 5KBps)
  3. Remoting in to the SharePoint server is very slow

He asked what could be causing a slow SharePoint Server and SharePoint SQL Server.  Here’s the problem in his case.

The servers, in general, are starving for memory.  The hypervisor on which they reside (XYZ1) has only 74 MB of free memory.  Microsoft recommends not dropping below 2 GB of free memory on a hypervisor.

See the image below for XYZ1 (real names changed to protect client).

Slow SharePoint

As I explained to our client, the server “SharePoint” has 0 free memory and is warning that it needs more.  It looks like the vast majority of the memory on SharePoint is being consumed by w3wp.exe – IIS Application Pools. This would certainly contribute to slow web page rendering.  And with 0 free memory, anybody who remotes into it will take more memory away from the Application Pools, thereby making it slower.

In our client’s case, the server “SharePointSQL” is grossly overtaxed.  I count 68 databases defined and live.  This is way, way too much for a SQL Server with only 8 GB of memory.  The Microsoft recommendation is 8 GB of memory for a lightly used SharePoint Foundation Farm and 16 GB for a lightly used SharePoint Server Farm.

This level of memory, combined with the number of databases, will create very small page caching (perhaps not even caching at all).  This will seriously degrade the speed of uploading documents.

As you may or may not know, SharePoint stores all documents as Binary Large Objects (BLOBs).  In order to properly convert, for example, a Word document to a BLOB, it must cache the entire uploaded document somewhere before it can go through the conversion to a BLOB. So again, small or non-existent cache, means real slow upload and download times, among other slownesses.

In this case, adding more memory is the solution to a slow SharePoint Server.   However, a SharePoint private cloud would be an ideal approach – one that allows for the flexibility and scalability this client needs to accommodate growth smoothly.

TAGS:

CATEGORIES:

3 Comments »

IPv6? What is it? And Should I Care?

April 29th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network VP of Strategy

We, the citizens of the Internet, have a problem. Not unlike in 1947 when we were running out of phone numbers and added area codes to expand the raw number of phone numbers available, we have actually run out of IP (Internet Protocol) addresses. We have already exhausted 4.3 billion IP addresses from the Internet Assigned Numbers Authority (IANA) pool that are part of the first major deployment of IP addresses, Internet Protocol Version 4, IPv4.

The good news is that we saw it coming, and planning and work has been underway for over a decade. In fact, the new standard, IPv6 (Internet Protocol version 6), was developed by the Internet Engineering Task Force and published in an Internet Standard document in December 1998. This new protocol will allow the Internet to continue growing. This has become increasingly important with all the new devices that are here and coming to the Internet including mobile phones and tablets.

IPv6 uses 128-bit addressing, creating a huge number of IP addresses. In comparison, IPv4, which is 32-bit, has 4.3 billion IP addresses. How many IP addresses do we get with IPv6? The actual number is typically described as 2 to the 128th power (or 340 trillion trillion), which is sometimes described as virtually unlimited – that’s a big number!!!

So, are you ready? For consumers and small offices, there isn’t a large issue since consumer routers are often equipped with the ability to convert from IPv4 and IPv6, although for best connectivity IPv6 should be native. For businesses and others, you need to be sure you are ready. There are many great resources on the Internet to help you navigate to assure that your equipment is all IPv6 ready, and in fact, you may already have such equipment. But, there is a huge installed base of networking equipment that is not capable of communicating via the IPv6 protocol.

And if you are wondering if there is a deadline for all this (remember Y2K?) – there isn’t. Companies can start to upgrade their networks where needed now and continue over time. This can be done with equipment that handles both IPv4 and IPv6 (NAT translation and dual-stack capable equipment).

The bottom line: To be on the right side of this equation, start looking to the future now and create a plan for a methodical network upgrade that deals with IPv6 while gaining efficiency with the latest generation networking gear.

TAGS:

CATEGORIES:

4 Comments »

SharePoint 2010: Loopback Checking

March 1st, 2012
Posted by: admin

By Terry Engelstad
MCP, MCSE, CCNA, MCDBA, MCTS, MCITP
AIS Network Operations Manager

There is a security feature in Windows 2008 called Loopback Checking.  It’s a security feature in IIS, which is a way of stopping some denial of service attacks.  Since SharePoint 2010 runs locally on the server, and accesses its own databases by way of Communication Foundation service calls through IIS, technically, SharePoint is performing what could be construed as a self-denial-of-service-attack.  There is a registry hack to turn off the feature.

This feature is only an issue on servers which are domain controllers and running SharePoint and SQL Server at the same time.  Loopback Checking is not a problem on servers which are not domain controllers, nor in multi-server farm scenarios where SQL Server is not running on the same server as IIS.

For more information about disabling the loopback check, see Microsoft Support Article 896861.

TAGS:

CATEGORIES:

6 Comments »

Setting Performance and Latency Expectations for International Hosted SharePoint Deployments

January 5th, 2012
Posted by: admin

SharePoint Latency

GUEST BLOG

By Michael V. Velotta
Founder, Intelishift Technologies

Last month, a prospective client asked a very good question related to the performance of his hosted SharePoint deployment.

The hosted SharePoint environment that he currently has deployed across North America, Western Europe and India is very slow.  Latency is an issue – 20 seconds to upload a file.  He wanted to know how he can minimize latency with a hosted SharePoint solution.  In short, he was concerned about performance.

Latency between Washington and Western Europe ranges between 80 milliseconds (ms) and 140 ms, depending on the country and the carriers within the country.  From Western Europe to Chicago, I’ll add 25 ms to that number.

Latency between Washington and India is 250 ms to 280 ms.  The wildcard here, however, is inside India.  India is heavily oversubscribed and a bad carrier could skyrocket the latency to north of 500 ms.  We’ve had a little more success from Fremont (CA) to India and can get the latency down to 200 ms; then we have the in-country latency issue again.

The holy grail (this is what large SharePoint shops do) is to have SharePoint servers at a datacenter “near” their offices: one in Washington, one in India and maybe one in Greece.  Then the SharePoint servers can sync up behind the scenes (or nightly).  The user’s latency problem goes away and the SharePoint servers are left to keep in sync without impacting the user’s experience.

What is your experience with this?  I’d be interested in your comments.

Michael V. Velotta is a technologist and entrepreneur.  He is the founder of Intelishift Technologies, a strategic data center solutions consultant for a diverse set of clients, including high-end technology firms, Fortune 500 companies, non-profits and government agencies.

TAGS:

CATEGORIES:

7 Comments »

Web Design and Development: Best Practices in Production, Staging and Development for Web-Based Companies

December 12th, 2011
Posted by: admin

GUEST BLOG

By Gaige B. Paulsen
Board of Advisors, AIS Network

For companies that primarily do business through their public-facing Internet site, best practices for production, staging and development are imperative.  For any Web-based business, whether e-commerce or presence-based, it is essential that content and systems be updated to remain competitive, which means change and that means risk.

Web-based businesses wrestle with complexity on a daily basis.  Typically, there are multiple developers involved, different development timelines, and numerous components being built simultaneously, tiered systems to synchronize for updates, etc.  One misstep in the development and deployment cycle has the potential to cost the business millions of dollars.

In my various capacities, I have spent years refining best practices for production, staging and development environments.  Normal best practices these days are for the following:

  • A serious version control system (VCS) or distributed version control system (DVCS).  Depending on the architecture, I’m still using   Perforce, which is expensive, but über-reliable.  Many folks like GIT, Subversion, and Mercurial.
  • Serious issue management to track platform development and bug fixes/handle actionable team communication, etc. I recommend   JIRA.
  • Development environments that run on developers’ personal machines in a sandbox or VM, or if substantially small in terms of the number of processes, just in the OS (if they’re running desktop/laptop Linux).   Development environments should be a little version of production.
  • New development that is branched in the VCS and not let into the mainline branch until complete.   Branches can be team-centered or developer-centered depending on how many developers are working on the particular piece of code.   But a modern VCS makes it easy to branch early and merge back in only when development is complete.
  • Staging is essential and should be gate-kept.  Development should be promoted to staging through the VCS.   This way, the act of promotion provides a dry-run for the move from stage to production.
  • Scripted tests for Web-based platforms.   I suggest looking at   Sauce Labs for this, or roll-your-own using   Selenium.
  1. Staging is generally used as a dry run for a move to production and final testing.   Nothing should go to production that doesn’t succeed in stage.
  2. Stage should have a lazy copy of the entire environment if possible (full user base, etc.), but shouldn’t directly touch anything that could cause user confusion (sending email to users, etc.).   It can be quite difficult to get a reliable stage environment set up, especially if you need multiple servers to do it (DB, File, GUI, etc.).   But, the more complex the real environment, the more complex the stage environment and the more important it is to get staging working correctly.
  3. Stage is also where you perform human testing on things that can’t be scripted.   There shouldn’t be need for a lot of this on a Web app, but there are some things that are hard to do in an automated fashion (i.e., does the site look “bad”?).
  • Unit tests for internal functionality need to be baked into the development process.   High-volume organizations tend to make automated running of the 3 major test types (integration, unit, and scripted GUI). As a safeguard, a trigger in the check-in process is important so that code that violates testing cannot be checked into the code base at all and instead remains on the developer’s machine.
  • If you can do it, Continuous Integration is a boon to keep things from getting too far afield.  Code compilations, environment synchronization, and spawning automated testing when checks occur are all great tools and can be done very inexpensively with   Jenkins.
  • Work on production is considered to be a complete fail.   The only reason to do it is catastrophic failure of something that does not happen in the stage and development environments and is a sign that the stage is an inadequate representation of production.   Usually, this would only be to change configuration parameters.
  1. If production breaks roll back to the previous version of the site.   If that fails, then you have no choice but to work on production.
  2. Note that even for catastrophic situations, changing code directly on the production servers is just as likely to make things worse if they haven’t passed the rest of the testing in stage.
  • You can do a lot of debugging on the production site, where debugging is gathering information about something that isn’t working correctly.   You shouldn’t, however, use the production site as a test bed or development environment.
  • If your tests don’t do things that you wouldn’t want done in the production environment (adding and removing users and files, changing parameters, simulating failures, etc.), then you don’t have sufficiently detailed tests.

This is the tip of the iceberg, but before anybody tells you that these methods are too overbearing for a small team, I would suggest that’s a short-sighted view.

At my company, we practice this in a team of small developers for mobile, desktop, and Web apps.   The result is that, in over two years, we have not suffered data loss or corruption in the Web site, which handles our registration, e-commerce, etc. Additionally, we have caught many things that would have been problematic for users if they’d been released.  Similarly, regression testing in mobile and desktop apps had kept us from releasing versions of the software that don’t work on all of the supported platforms and has saved us a lot of customer difficulties.

I hope this is helpful, and I invite you to comment.  Good luck.

Gaige B. Paulsen is a technologist and entrepreneur.  He is currently founder and president of ClueTrust, makers of Cartographica and CartoMobile, Geospatial products for MacOS X and iOS.

TAGS:

CATEGORIES:

2 Comments »