So, did you hear that China and the US have agreed to no longer engage in cybertheft against each other? No…I’m serious. Really. Take a look at this…
CNN Report – US & China Agreement
See…I told you!
When I first heard this I just laughed. Is today April 1st?? Way too funny. I’m just sure that China will now curtail their state sponsored cyber warfare. No…seriously…I’m sure they will.
Oh…and I saw some pigs flying today too!!
First up…a quick apology. Back on April 10th, I posted Verifying Proper Email Routing – MX Records. At the end of the post I mentioned I would talk about the trailing dot shown in the DNS records in my next post. Well, I basically forgot. Life just got too busy.
But before I do that, you really need to get DIG installed on your Windows PC (if you have Linux then you should already have DIG). So today, lets get DIG installed and tested…this is a great tool to have, and you will be surprised at how often you will use it.
The package we are going to install is BIND (Berkeley Internet Name Domain) from ISC (Internet Systems Consortium). ISC has been around for years, and most DNS servers on the Internet run BIND (whether Windows or Linux/UNIX based). Do the following…
Now, lets test. Open up a command prompt and change to the BIND directory, then type in “dig” and press enter. You should see something like this…(this example is showing DIG returning a list of the ROOT servers on the Internet)…
Running DIG at the command prompt
If it doesn’t work, there are a couple of common errors which are easily fixed…
32 bit installation error: You may get an error stating “The application has failed to start because its side-by-side configuration is incorrect”. If that’s the case, run the file “vcredist_x86.exe” which is located in the same “bind” directory. Then try running “dig” again…it should work.
64 bit installation error: If you get the error message stating that MSVCR110.DLL is missing, then do a search on the C: drive for that file, and copy it to the “bind” directory. Running “dig” should now work.
Now you can play with DIG…some examples…
Some DIG examples
DIG is very powerful, and will quickly become your go-to tool when you have any DNS issues. I will talk more about using DIG in a future post.
I just got an email forwarded to me from another employee within my company (she doesn’t work in IT). This is a scam that’s been around a long time…first via regular snail mail, and now via email. The problem, though, is it still works and it’s very easy to do. Just send a bunch of letters and emails to as many people as possible, stating that their domain names are expiring, and just send a check (or visit a website) to renew. Take a look at this…
Email example notifying me of domain expiration for “search engine submissions”
Yes, the wording is simplistic, but it does look nice, and the cost is rather insignificant compared to all the other day-to-day invoices that crosses a employees desk. And you know what? A lot of people just pay this, without even thinking about it.
As for the link to make the payment, it points to the domain: confirmation5408.com
WHOIS results
A simple whois shows that this is located in China, and the domain was just registered in early July. (Yeah, I know…I’m so shocked that this is located in China!!)
So…what to do? Ignore these letters and emails, and make sure that your employees forward any IT related invoices to you for approval. Lots of companies fall prey to this, but with your diligence your company won’t be one of them.
New VIRL Release Announcement
Cisco just released an updated version of VIRL (Virtual Internet Routing Lab), with a number of additional features. And as always, the upgrade process is a test in and of itself…how good are you at following detailed and exact instructions?
Here is the VIRL announcement page.
Enjoy!!
I was born and raised in Georgia, and there is nothing better than biscuits and sausage gravy for breakfast. YUM! So recently, I noticed this in a local store…
Lays Southern Biscuits & Gravy – in a bag??
Can it really be?? Did Lays figure out how to miniaturize my favorite breakfast into chips, and put it all in a very portable bag?
Of course I had to buy it and give it a try. End result?? Disappointing. But it was a good try…
Cisco Security Alert
Well, it looks like the hackers are at it again. (BTW…I use the term “hackers” as my preferred term “slimy dog-poop scum” is too wordy…but either one works just as well.) Cisco just released a security alert concerning a hack which replaces the ROMMON firmware (the boot firmware) with malicious ROMMON code. This code does work, in terms of booting the router/switch properly, but it also contains malicious code. Fortunately, you do need either privileged access or physical access to the device. Note the credibility level…”Confirmed”.
Check out Cisco’s security alert here.
Over the last several days, there has been a bit of a media skirmish concerning a report from the Global Energy Balance Network, a non-profit science group dedicated to preventative education to reduce obesity. A recent report of theirs stated that lack of exercise is primarily responsible for the dramatic upswing in the obesity rate here in the US, and not necessarily what we eat (such as sugary drinks). All well and good, and I would tend to agree with them…we have become a nation that sits on it’s butt.
However, news then surfaced that the report was funded in part by Coca-Cola Company. Hmmmm…that could tend to tarnish the report a bit. I heard that the domain name for Global Energy Balance Network (gebn.org) was registered to Coca-Cola. So last night (Tuesday 8/11), before I went to bed, I did a “whois” lookup on my Linux system, and sure enough…the domain was registered to Coca-Cola. Very interesting.
So, at work today (Wednesday 8/12) I ran another whois so i could screen capture it and put it in my blog as an example. Well guess what…the registration had changed. I was surprised. Here is what I found today…
Current WHOIS for GEBN.ORG
As you can see, registration was updated this morning around 14:52 UTC (around 10:52 AM EDT). So, why the University of South Carolina? I’m guessing there is a relationship between the non-profit and the University…which is fairly common these days. Also, if you go to the website and check out the “About” page, there is a disclaimer stating that part of their funding is from the Coca-Cola Company…so they are not trying to hide anything.
Now, I’m just pointing this out as an example of domain name registration and some of the gotcha’s to be aware of…and for the use of the “whois” command, which is part of Linux.
Disclaimer: Yep, I guess I need to fess up a bit too…being a good ol’ Georgia boy, I do love drinking my Coke and Dr. Pepper. I have a joke I tell friends that when I go to the doctor’s office and give blood, it fizzes.
This should be obvious, but security certifications are in HIGH demand, let me tell you. Just look at all the high profile hacks over the last several years…and all of that is just the tip of the iceberg. So if you have a strong understanding of networks and protocols, and enjoy the security side of things, then I would suggest you pursue some security certifications. And start getting some experience within the security field, perhaps even where you are currently working. The security field is already going strong, and will only get stronger in the years to come. And…did I mention the pay is excellent??!!
Take a look at this ComputerWorld article on the top 8 security certs that are in demand.
The CISSP and SANS certs probably pertain most to the network side of things. (Disclaimer: I attend SANS conferences on a some-what regular basis, and I hold a SANS GSEC certification.)
Summary: Security is vitally important in the network field, so do your career a favor and learn it!
I just finished reading a lengthy and interesting story surrounding the hacking of Sony’s network and related services. Yes, the hackers were nasty, and yes, Sony did not have the needed security measures in place. But what really hit me in reading this story was all the drama surrounding the events leading up to and after the hack. My goodness…I thought I was back in junior high school. It was both funny and sad…all at the same time.
Anyway, I would encourage you to read the whole story. In the midst of all the fluff and drama, you will find tidbits of good security information…things you should check and verify at your work. Remember…we might not be Sony (and all that that entails), but at the same time we don’t want to make the evening news…even if it’s just the local stations.
The story is in 3 long parts…it will take time to read, so I would suggest grabbing a good beverage of choice (for me, Dr. Pepper!!), and enjoy…
Fortune: Sony Hack Part 1
Fortune: Sony Hack Part 2
Fortune: Sony Hack Part 3
It is the last Friday in July, and we all know what that means…yes, it’s SysAdmin Day!!
Lesson: Don’t mess with us SysAdmin’s!!
So, did anyone at work tell you Happy SysAdmin Day? Didn’t think so. We really are the unsung heroes. No one thinks about us at all until something breaks…then it’s “The Internet is down!!”. Like, really???…the whole Internet is down? Ugh…
But we fix the problem anyway. Everyday. Because that’s our job…and we love our job!! At least I do…I enjoy being a Network Engineer. I hope you are enjoying your job too!! And I hope someone at work today told you “Happy SysAdmin Day”, and thanked you for all of your hard work.
Have a great weekend!!