Technology – Page 10 – ::: jeffphillips.org :::

LAN Upgrade, Phase 1

I have compelted Phase 1 of the LAN Upgrade project. For those of you who don’t know [which would be most], I have come up with a plan to update the hardware and software of my home LAN [by LAN, I’m loosly referring to computers, networking equipment, and other accessories] in order to bring it into the next generation of technologies.

The Phased Approach

For Phase 1, I upgraded all my wired machines to 1GB from 100MB [this was a network upgrade for those of you who aren’t familiar with technologies – 10x faster than before]. That included a new GB switch to replace my old, reliable Netgear, new GB network cards for two of my machines, and a new KVM [again: for those that don’t know, this device allows me to use one keyboard, monitor and mouse to controll up to 8 machines at once]. I know, the KVM isn’t “network” gear, but it’s part of the overall purpose for this upgrade. My old KVM was putting not-so-faint lines on the screen and was interfereing with digital photo editing and generally giving me a bad picture.

And that brings us around to the core reason for the total upgrade: Digital Photography. I am running out of file storage space on my current server and was looking for a way to make the entire LAN more capable. Phase 1 was networking capacity and usability – it’ll be much quicker to access that file store now. Phase 2 will be a new file server – but one made with current technologies, not one that is a year or so behind. It will have about 1.2 TB of storage. That’s Tera Bytes… 1000 Giga Bytes, 1,000,000 MB, … you get the picture. Lots of space. This server will be built on a dual core x64 processor. Phase 3 will add a second dual-core processor and lots more RAM. I will then move the email processing to that box and re-task the current email server.

Yep, it will be lots of fun! Cost? Well, let’s just say that there’s a financial reason for the phased approach. Phase 1 was fairly inexpensive, but I’ll have to save a bit for Phase 2. Phase 3 might be far out enoug that the extra processor will be much ceaper than it is now.

Bye, Bye Verizon!

Well, mostly…

I’m ditching my land line with Verizon in favor of Vonage VoIP. The monthly cost will be less than half of what I’m paying now. And, since I have this wonderful fiber connection with all this bandwidth, I might as well get some use out of it. So – I’m keeping Verizon for my fiber connection – which is really worth the cost especially now that I will be able to save some money on my phone service!

The Windows Project: Completion

Success!

I have finally done it. I have migrated the entire site to the Windows platform. I tried this once before, but I couldn’t make it work. The server is now running on Windows and IIS with roughly the same performance I was getting with Linux. So – it was fun and I’ve learned a little. I’ve also learned that I really didn’t like the Gallery 2 software that I upgraded the photo gallery to, so I downgraded it back to the previous version. The old version is actually much faster.

Not that there weren’t a few hiccups along the way and that things don’t quite work the same as they did before. At least, though, I can now log in to the gallery and add some more pictures – which I’d lost the ability to do when some Linux patch changed something on my system… couldn’t figure that one out.

Camera Phone Craze

One of my difficulties dealing with obtaining a new phone [not that I’m yet ready to do this, but I usually keep track of what is available for when the time comes] is that I DON’T want a camera in my phone. There are many reasons why I don’t want one [such as: 1) they cost more, 2) I can’t bring them into the office most times, 3) the quality sucks, 4) I would never use one even if the phone I wanted came with one…] but these days, most phone manufactures and service providers seem to offer two types of phones: super cheap crappy phones and phones with cameras [which can also be crappy and cheap…].

Why can’t I get a high-quality smart phone without the camera? Or, a Bluetooth-capable phone without the camera? I don’t want a camera, so why should I have to pay for it? Why should I have to buy a phone that I have to leave in the car or swap out when I go to certain customers?

Does anyone else have any thoughts or opinions?

Validation

I have validated my site with the W3 consortium for correct syntax and format of XHTML and CSS. You can prove this to yourself by clicking the links on the lower left under the ::: powered by ::: heading. Or you can click XHTML or CSS for validation. If you have no idea what I’m talking about, never mind! [It’s more geek stuff…]

Geekin’ Out In My Living Room

WARNING – GEEK CONTENT AHEAD:

Since Windows XP SP2 is out and my machine is working a bit better, WPA [Wireless Protected Access] now protects my WLAN. Previously, when I had just purchased my 802.11b/g WAP and NIC [to replace my dying D-Link equipment which didn’t support 128-bit WEP much less the newer WPA standard] I attempted to configure WPA as a “best practice” for good security and privacy on my home LAN. However, it wouldn’t work. It kept forcing reconnects and dropping the link. Not to mention it could only barely perceive what would normally be a very strong signal.

Now, with a hardware flash and SP2 installed on my laptop, WPA is streaming along quite nicely. No interruption of service here! And, now, I’ve completely implemented what all WiFi network owners should as a matter of course – best-practice security procedures. What I’ve discovered and been told is that there are five very basic things one can do to improve the security of one’s wireless LAN.

First: Change the SSID from the default setting. Many home users [and I’ve seen them] have the SSID set on their WLAN to the factory setting – because they don’t know better. So, I’ve seen WLANs called “default” and “netgear” among others. So, call it something different like “Bob’s Wireless Network Zone” if that will fit. Haven’t tried one that long.
Second: Disable broadcast of SSID. This will keep others from being able to connect to you WLAN just by scanning the area [which Windows XP does by default] and clicking “connect”. They’ll have to guess it and type it in manually – a much more time consuming process. They’ll eventually get bored and try your neighbor’s WLAN which is still called “default”.
Third: Enforce Access Control. Allow connections only from known MAC addresses. For those of you who don’t know, a Media Access Controller [MAC] address is a unique hexadecimal number given to the WLAN adapter. If you restrict access only to your MAC address, you disable connections of anyone who doesn’t happen to know your MAC address… Of course, if your resourceful enough, you can still “spoof” that.
Fourth: Implement the highest form of encryption you can. Before I got WPA working, I had to settle for 128-bit WEP which, while good, is not THAT good and fairly easy to crack. So – while people wouldn’t necessarily be able to connect to my WLAN, they could still grab my network traffic, decrypt it, and find out what I was doing. WPA, on the other hand requires each packet to be decrypted separately since the key changes each time so that the effort of decryption is so great that all but the best of the best are deterred.
Fifth: Place the WAP in a location where the signal does not spread too far outside of your house or business. I’ve placed mine on the fourth floor so that you can barely get a signal from the ground – you’d have to be standing in my driveway to even get a signal.

Okay – now I’m “as secure as WiFi can be”. Which is to say, I’ve done all I can and if someone truly wants to break in and has the knowledge and expertise, I can’t stop them. But then again, they could do that through my hard line link. But, of course, who would want to?

So, now what am I doing? I’m working from my living room instead of my office. I needed more flat table space to fill out some forms for my project than I had in the office, so I’m sitting at the table all encrypted and stuff – no wires but the power cable. It’s nicer up here…

Homebound

Working from home these last two days has been wonderful. I’ve been able to see my wife each and every day, and go upstairs and sleep in my own bed every night. I just have to keep focused. That’s the big problem with working at home – distraction. Of course, I do get to work on my home network in my spare time between typing in the documents.

This weekend, I have had opportunity to play with ISA Server 2004. I think I like it. It’s quite a flexible Internet proxy, caching, firewall, and VPN server. The interface is a little vague and the on-line help sparse, but once you get the basics down, most configurations are quite simple. There are wizards for everything. It might be overkill for the home network, but it looks pretty good for a medium sized enterprise – assuming you want to put a firewall on a server instead of a dedicated piece of hardware.

Windows XP SP2

I have done it. I “service packed” my work laptop. They told me not to, but I did it anyway. I’ve been running it all day and haven’t noticed any loss in functionality, so I guess I’m okay. I even checked the most frequently used ‘business critical’ [hours tracking and expense tracking] applications and they worked all right. The only major “issue” was the inclusion of the new XP firewall on every single one of my existing network connections. Needless to say, since I have a different firewall application on the laptop, I have disabled that functionality on my network connections. I do like the built in pop-up blocker – now I can uninstall my third-party toolbars which did the same thing…

EDGE/GPRS?

I have a new phone. It’s a Nokia 6200. It’s quite cool – color screen, Tri-band GSM, EDGE/GPRS data service. Of course, I can’t quite figure out how to connect my laptop over that “high-speed” connection. [I say: “high-speed” because it’s only relative. Previously, I could dial up with my mobile phone at 9.6kbps. Now, it’s supposed to be around 40kbps. Much better, but still not “fast”.] Unfortunately, everything I try does not seem to work. I’m on the phone with Cingular right now to figure this out… Of course, I’ve been transferred 5 times already and no one seems to know where to send me.

After discussing this with a technician, it seems there is proprietary software for this function that I need to obtain – plus a data cable [even though the phone comes with a nice infrared port]. The things I go through…

Networking

I have been told that I may now persue Cisco certification. I will begin with the CCNA program – that’s the ground level for Cisco. My goal will be to obtain CCIE but that might take years since it’s not my core job function to work with the switches and routers. So – it’s book study for me here…