Monday, May 15, 2006

A Couple of Years Later in Networking

Well it's been a couple of years since my last full-time networking job so as of late I've been working on a couple of certifications just to prove that I didn't forget most of what I learned. About the only seemingly "recent" addition to networking that time has been 802.11a/b/g communication and the complete disappearance of Netware which was nearly gone the last time I was out there but I did occasionally still run into it a couple of times. I've been doing wireless routing all day at home but I'm studying more about antenna types and stuff along that route that I wouldn't need all the time but would probably be nice to know for supporting a business type situation.

Basically the idea with my studies is to get the CCNA (Cisco) which I know 99% of right now, and then make a run for Network+ since it is closely related but not as retarded as A+ which really is the focus of a desktop support guy which I'm not into really. I love nets really but don't care about installing virus scanners and removing spyware. I'm more of an architectural thinker and really get put off by entering situations that do not use that ability. I don't mind installing software to accomplish goals like firewalls, ids, protocol analyzers, or even servers.

I'm sort of switching up my focus from the past (which was working more toward internet security) and going back toward network engineering again. Took me a little while to find what I enjoy, but that's life right?

Took a little pretest for Network+ today (mostly to kill some time) and passed it at 72% which basically means I'd pass the real one. I got a bunch of questions on wireless and fiber optic connectors wrong. Gee, didn't see that comin'? Anyway... I knew what I knew and just was vague or guessed on stuff I hadn't seen much of. I think I've actually touched ONE fiber connector in my life. You really just don't run into them much, and I've done all kinds of networks WAN and LAN. 99% of the time the connector on the end of the cable is some kind of RJ-45 wired according to EIA/TIA 568-A no matter what it actually is.

My pretest had a couple of questions on Netware 5.0 as well. Is anyone REALLY using this crap anymore? I think this test is the only thing I've seen even USE the word Netware in a year even being a frequent Slashdot reader. I actually was asked how allow Netware and Windows servers share user priviledges and I really couldn't remember. I knew it five years ago, and I never used it even then! :) Ahh well, having to study three things to pass a test isn't that complicated I guess.

(I actually took about four of the six exams to become MCSE on NT 4.0 Track so I knew everything about NT except for the particulars of Active Directory and the electives. Never bothered to finish it because I became Checkpoint crazy, but that's another post!)

Studying for the CCNA is actually fun because it is mostly just refreshing my mind and I have some routers at the house to play with. Really the areas of concern for me are password recovery, and other similar things that you use on infrequent basis like access lists. Cisco in their wisdom decided to make that process different on newer routers so I have to now memorize two ways of doing the same things. Well, what's new right? wr t, sh run, wr, copy run star, etc... :)

Well, that's all for now...

Saturday, May 13, 2006

D-Link Time Server Abuse Running Rampant

I don't know how many of you have been tracking the latest news about DLINK, but sysadmins and network support people have been having it out with them as of late. The reason for all this is that nearly every D-Link router is configured to use various public and private NTP (Network Time Protocol) servers which nicely automatically set the clock for the device.

The combination of a poor implementation of the protocol, and the fact that millions of people are probably using these routers are simply swamping the time servers that were providing these services and actually costing them so much money on bandwidth charges that many have been turned off. The shame is most people don't know they are causing this problem!

Normally you would ask permission of these various entities if you would like to use stratum 1 or 2 (first tier, second) time sourcing which is generally only available for one server in an office (other servers are expected to ask this one). If you had a whole office load of servers and PCs your would only connect to the time server 1) with permission 2) with one machine. Imagine all the D-Link routers on home connections and you get an idea of how big this problem really is. The NTP protocol is very chatty, and that is why we would typically ask for permission!

As a part of being Net-Friendly I believe it is your duty to turn off the NTP setting on your router and set your clock to your computers clock! Look at my screen shot and the crude notations for which I apologize ahead of time. You can only do so much with MS Paint! Not only will you be saving bandwidth, and being nice to the net but you will be saving your tax dollars as most of the time sources are governmental or educational facilities!

Obligatory links to the Register story here.