Articles

This is a directory of individual articles.

How I made money with Open Source

by

By John Connelly
JC Computer Services

I’ve tinkered with many open source products over the past couple years, but I’ve never installed any for a client. For a friend, I installed Mepis on his son’s desktop to stop the torrent of malware, and I’ve played with Ubuntu on my laptop and struggled with wireless driver work-arounds. Never made a dime on it until I was inspired by a frequent forum poster here at The Forcefield. Then, with my inner salesman awakened I scored BIG.

The Scenario: Important client has employees that work from home, some travel across the country. Their current solution is to RDP directly into their 2008 Server. They are forwarding port 3389 to the server, and logging in with very weak passwords. Given the nature of their work, HIPAA laws apply to them. Obviously this solution is a major security breach waiting to happen.

I suggested a VPN solution. I explained what it was, how it worked, and showed them various solutions provided by Sonicwall, Firebox, and Cisco. Given the number of VPN connections they needed, all of these solutions were rather pricey, and had subscription-based licensing fees. They would have agreed to one of them, they had to do something soon. Now that they had a ballpark dollar amount in mind, I told them I could build a VPN appliance for less that had no re-occurring fees. I chose OpenVPN, and here is how I did it.

First, I had to choose between the free community version and the paid version. The free one has the benefit of being….free. The paid version has GUI menus, simple installers, and more extensive tech support. Being new to OpenVPN, and with a big client at stake, I chose the paid version. So I shelled out $50.00 for 10 licenses, this gave me 12 licenses total (2 are free). Given the huge licensing fees that others charge every year, I had no qualms about the amount. The free community-based version can do everything the paid version can do, but I needed to implement this fast and needed some hand-holding.

Based on another recommendation of a forum poster, I chose a simple 1U server to run it on. They already have a rack, and it gave my product the shiny high-tech feel it needed to help justify the big markup. It would have run much the same on a beat-up old Dell I had, but I needed it to look cool.

My next choice was the OS to install it on. There are many Linux distributions supported, including Ubuntu, which I almost went with. In the end I chickened out and went with XP Pro. When I have more time to test and become more familiar with how OpenVPN and Unbuntu work together, I will have it ready for my next client. I downloaded a VMware Player and a VM of OpenVPN, and installed both. The setup was very straightforward. You have to choose between running it routed or bridged mode. I chose bridged. I gave my box an IP on the network, and port forwarded 443 to it. I also changed the default admin password.

Now I had to decide how to authenticate users. They are running AD on the server, OpenVPN supports connections to AD via LDAP. Installing LDAP on the server was simple, I had it replicate the AD directory. In OpenVPN, I entered my admin username and password on the server, and its computer and domain name. It connected, and found my users. I could have chosen to input usernames and password into OpenVPN, or setup a RADIUS server.

Setup on the client was the easiest part. Open a browser, go  to https:\\yourcustomerdomain.com. OpenVPN will present you with a login screen. Enter your user’s AD username and password, and you will see a customized link to download the client software. The link is generated dynamically when you first log in. For my Windows clients, I used the Windows installer. I had one Mac client, the OpenVPN site recommended I use Tunnelblick (a free VPN client). I could not get it to DHCP properly. A bit of research brought me to Viscosity. For $9.00, I bought one license and it had it working in 5 min. It recognized the client.ovpn file that OpenVPN generates, and imported without any issues.

Finally, I had my users select new passwords that did NOT have word “password” in them. Because OpenVPN was connected to AD via LDAP, it picked up the new passwords too. RDP now uses the internal IP of the server, and I stopped forwarding port 3339 on the router. Done.

The technical part of this job was fun. Setting up an open-source VPN was a great learning experience for me, and gives me a great new product. Salesmanship played a big part in this though, and it does not come naturally for me. In the end, it was an easy sell. I charged the same price for the box as the other commercial guys do, but made my main selling point the licensing fees. Others charge per year, I charge a one-time fee. Perhaps for new clients I will offer a smaller yearly maintenance fee. Still learning.

 

About the author:

John Connelly owns and operates a home based computer business serving homes, non-profits, and small to mid-sized businesses with their IT needs including repair, networking, planning, and more.  JC Computer Services has been in operation for 9 years, six in Plymouth, Ma.  His primary interest is in problem solving which keeps him getting up in the morning despite that his boss is a workaholic.

Beating the IT Budget Crunch

by

How Savvy CIOs are Cutting Costs and Using IT Compliance Automation to Make Impressive Gains

Agiliance NewsWatch Series

 

SAN JOSE, Calif. (Business Wire EON/PRWEB ) October 15, 2008 — Typically fall is synonymous with football, pumpkins and leaves crunching on sidewalks and driveways. This October it seems the crunching is coming from IT budgets in the fists of watchful CEOs. Still, theres always a silver lining for smart companies determined to progress in the face of tough economic conditions. Despite being squeezed by increased security threats, compliance pressures and shrinking budgets, savvy CIOs are using the power of automated IT compliance software to help their businesses thrive.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising

The key is to be bold, but not reckless. In spite of budget constraints – today's high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization

Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising, says Sara Gates, VP of Strategy, Agiliance, a provider of IT risk and compliance software solutions for Fortune 1000 companies. The key is to be bold, but not reckless. In spite of budget constraints todays high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

As companies enter a new era of corporate governance, risk management, and compliance (GRC) demands, winning companies are using technology to automate compliance initiatives and get more efficient. In fact, the rising tide of IT security threats and compliance demands, coupled with a struggling economy, is driving the adoption of automated and innovative, intelligence-based solutions for todays risk and compliance challenges. Recent industry reports confirm that highly automated IT risk and compliance solutions are helping companies cut compliance costs by up to 70%.

Beyond Compliance: Making IT Your Competitive Advantage

The fact is IT can be a competitive advantage. The key is that successful businesses must optimize IT by making strategic cost cutting decisions, build IT by investing in projects that give the company a competitive edge and empower IT by strengthening communications between IT and business executives. Recent speculation by leading analysts suggests that senior managements lack of understanding about their risk posture may have been a contributing factor to the crash of many heavy hitting financial institutions. More than ever, companies that want to avoid negative headlines must find ways to erase the lines of division between IT and business that may be preventing visibility into a companys greatest risks or strengths.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization, said Kenneth Tyminski, former CISO of Prudential and member, Agiliance Board of Advisors. Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

Cost Cutting Tips for Beating the IT Budget Crunch

The bottomline is that IT success requires the right balance of belt tightening paired with strategic investments to fuel innovation and growth. Successful CIOs are leveraging IT as an asset in spite of external pressures to control risks while regulators are becoming even more aggressive.

Read more about IT compliance automation and other IT cost cutting tips:

http://www.agiliance.com/infocenter/Get_Budget_Tips.html.

Agiliance IT Risk and Compliance Software

Agiliance offers highly-automated IT risk and compliance management software products designed to help organizations thrive in the face of mounting pressures to manage and balance risk, compliance and IT budgets. By leveraging the power of Agiliance software, businesses can make impressive gains in their IT risk and compliance efforts including reduced audit burden, increased visibility into current compliance and risk status, and improved leverage of IT resources.

To speak to an Agiliance expert about a topic covered in the Agiliance NewsWatch series, please contact Lorraine Kauffman-Hall at 704-882-0443 or lhall@agiliance.com. To learn more about Agiliance, please visit www.agiliance.com

To Buy or To Lease Equipment – That is the Question for Small Business Owners

by

According the Small Business Administration, more than 600,000 small businesses are started each year in the United States. And David Birch, former head of a research firm specializing in small business data, found that 85 percent of businesses fail in their first year. While those new businesses range from home-based, online and traditional brick and mortar establishments, most of these businesses have one thing in common – they need equipment to be able to operate successfully and avoid becoming one of Birch's statistics. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Commercial leasing expert and founder of Lease with Crystal, Crystal Riley reveals the four questions every business owner should ask before buying or leasing equipment.

Los Angeles, CA (PRWEB) April 29, 2008 — Small business owners need equipment to be able to operate successfully and avoid becoming one of the 85 percent of businesses that fail within the first year of operation. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Crystal Riley, president of Lease with Crystal, a company dedicated to providing customized commercial leasing programs, believes that the decision to buy or lease equipment should be considered seriously.

"There are several key considerations business owners need to factor in when deciding how to procure new equipment for their businesses," says Riley. "These considerations go far beyond which one is cheaper in the short term. Rather, tax breaks, resale value, and the net cost of the asset all need to be considered carefully."

How Much Will Be Needed for Upfront Costs?
According to Riley, one of the major benefits to leasing equipment is that the upfront costs are far less than if the equipment was purchased. There are very few instances where a lease requires a down payment, thus allowing a business owner to purchased needed equipment without significantly affecting cash flow. "Leasing can be especially helpful for business owners who have less-than-stellar credit or those who need to negotiate lower payments over a longer period of time," says Riley. In addition, when business owners are leasing equipment under $100,000 they rarely have to provide financial statements, tax returns and business plans.

Some business owners who chose to buy their equipment have the money to purchase the equipment outright, but more realistically, a business owner looking to purchase equipment will have to finance a portion of the purchase. While financing the equipment will lead to ultimate ownership, most banks require a 20 percent down payment, which affects cash flow and may tie up lines of credit. "Some lenders may also place restrictions on your future financial operations to ensure that the loan is repaid," says Riley. "This alone can make things difficult for some small business owners who may need to access more loans to keep his or her business afloat."

How Will Buying or Leasing Equipment Affect Taxes?
Both leasing and owning property provide tax advantages to small business owners. Generally speaking, lease payments can be deducted as a business expense on a tax return. As such, the net cost of the lease is reduced, providing an overall savings. Many business owners find that after factoring in these deductions, they often save money by purchasing leased equipment. Conversely, Section 179 of the Internal Revenue Code allows for the deduction of some newly purchased assets in the first year. "In Tax Year 2007, equipment costs up to $112,000 could be deducted," says Riley. "Some equipment is not eligible under Section 179, but tax savings can be realized on almost any piece of business equipment through the business depreciation deduction."

What Will the Equipment Be Worth?
"One of the major disadvantages of leasing equipment is that because you are not purchasing it, it cannot be considered an asset and cannot be sold," says Riley. "Conversely, after you purchase equipment, it's yours. This is especially advantageous when dealing with a piece of equipment that has a long, useful – and I emphasize useful – life and is not in danger of becoming technologically obsolete in a short period of time." According to Riley, leasing is a way to address equipment that may become obsolete in a short period of time is to lease it. A lease passes the burden of obsolescence onto the lessor rather than the purchaser. "When leased equipment becomes outdated, you can give it back to the owner at the expiration of the lease and get new, current, higher end equipment," says Riley.

Riley warns that another major consideration is how much a piece of equipment will depreciate. "A computer system depreciates far faster than office furniture," says Riley. "So, you have to pay special attention to the equipment and make sure that what you spend for it today will not be markedly different than what you can sell it for tomorrow. Certainly, some depreciation will occur simply through normal aging and wear and tear, but it's always something to consider."

How Long Will the Equipment Be Used?
Before leasing equipment, Riley warns that you need to be sure you are really going to use the equipment. "A lease is a contract that lasts over a defined period of time," explains Riley. "As such, if you lease a piece of equipment for three years, and find that after two years, you are no longer using it, you still have to pay that last year of the lease. That is not to say that some leases don't give you the option to cancel the lease, because some do. But they will levy a huge termination fee."

Crystal Riley has in-depth management experience and comprehensive understanding of the business world. Offering a unique skill set that is necessary to effectively put deals together, having served as the special director for music mogul Jimmy Iovine for several years, Crystal rose through the ranks at Interscope Geffen A & M to become a master of campaign development and overall project management. As an executive in the music industry, she committed herself twenty-four hours a day to ensure successful strategic partnerships with Apple, Napster, Yahoo, Starbucks, Microsoft and Facebook. Leaving the industry, Crystal followed in the footsteps of her family, which includes generations upon generations of successful entrepreneurs. Lease With Crystal opened its doors in 2008, with the backing of Lease One – an original inventor in the Equipment Leasing world, with 20 years of experience. Crystal lives in Los Angeles with her family. More information about Lease with Crystal can be found by visiting www.leasewithcrystal.com.

When Does Open Source Make Sense?

by

    Two weeks ago, my quiet Sunday afternoon was interrupted by a knock on the back door; my neighbor from across the street needed some computer help. While I normally shy away from helping friends and family with computer issues due to the “ownership of all future problems” factor, I decided to take a quick look.  (I should note that my neighbor owns a heating and cooling company, so he's a good guy to have owe me a favor in return).

    It seems that he had purchased a brand new PC a week ago and decided that he did not want Windows Vista anymore, so he had his cousin (who is a technician at a local computer repair shop) load a pirated copy of XP Pro. The problem they were having was that the PC would not boot to the XP CD. After spending several hours working on this, his cousin gave up. My neighbor's wife suggested he ask me for some help.

    A quick “CD E:” followed by “DIR” revealed a blank CD. Duh! (I should have gotten the name of the PC shop where his cousin works.) “So, what do we do now?” he asks. Well, I am certainly not going to provide a copy of XP for him to use with his pirated key, and while he does have a valid XP Home upgrade key, I am not going to load his pirated copy of 98 just so he can upgrade. This left one choice: Linux.

    We booted up to a live Mepis CD and verified that his digital cameras, printer, and all peripherals worked properly. Within 10 minutes of clicking the “install to hard drive” icon on the Mepis desktop, we were booted into the freshly installed Linux OS. Both my neighbor and his “computer tech” cousin were impressed by the ease of installation, amount of available software, and how easy it was to figure out how to move around in the OS. Two weeks have gone by now and the only time my neighbor has contacted me regarding the computer was to drop off a case of beer in appreciation and tell me how much he likes his new operating system.
    
    A small business finally outgrows the residential grade router they were using as a firewall and is looking for an upgrade to something more robust. They receive several quotes for Sonicwall, Pix, Fortigate, etc., but all of these quotes exceed the available budget.  A good time for open source? You betcha! An IPCop firewall would provide excellent perimeter protection, a VPN solution, and web content filtering all in one box. “How can I sell IPCop, it's open source?” you may ask. Well, the answer to that particular question is that you don't sell IPCop, you sell a firewall and support for that firewall.

   The above situations are what I consider to be good examples of the “right” time for open source. My neighbor needed a new PC, purchased one with Vista preloaded and decided he did not care for the new operating system at all. In addition, there were compatibility issues with his printer and the older of his two digital cameras. Linux offered him a “new” operating system without the learning curve he was experiencing with Vista, worked with all of his peripherals, and was free. The small office needed to upgrade their firewall without spending a large amount of money on hardware and licensing. The IPCop provides a very nice solution with an easy to use web interface that the “IT Person” (read: office manager) can use effectively.

    There are other times when a switch to open source makes sense: a client that needs a mail server but can't justify the expense of Exchange can use ZimbraEbox is a great replacement for SBS.  Nagios is a nice option to What's Up Gold or HP Openview. Need an enterprise class router but can't justify Cisco gear? Take a look at Vyatta .

    Do you have users that need nothing more than email, a word processor, and a web browser? Switch them to Linux. Thunderbird, Open Office, and Firefox look and work the same on Linux as they do in Windows. As an added bonus that user's PC is not going to be susceptible to viruses, spyware, and other malware that will eventually affect performance and even become a risk to their personal information.

    The list of open source alternatives to commercial products is growing everyday. A majority of these alternative applications do not require any special knowledge of Linux at all; they are easy to install, utilize web based administration, and have excellent support through the community. Take the time and familiarize yourself with some of the open source applications that are available. Download a few and play around with them. Install Linux on a spare computer and get familiar with it. Thinking “outside of the box” and having something to offer to your customers that all the “other guys” don't is what will set you apart from the competiton.

    As always, if you have any questions, comments, problems, or want to list me as the beneficiary of your life insurance policy, please feel free to contact me at thughes@fwpm.com .

Copyright 2008 Todd Hughes.

Selling Open Source

by

There are many open source alternatives to the proprietary/licensed versions of common commercial software applications. For those of us who serve the small business customer, these alternatives can provide a means to increase our income and drive sales by providing solutions for our customers that they might not otherwise be able to afford.    
   
     A good example of this is a small company with about 15 users that wants the benefits of a groupware server (mail, shared calendering and documents, etc.) but cannot realistically afford Microsoft's SBS or Exchange. Enter Zimbra, an open source collaboration suite. Zimbra offers everything that Exchange does in an easy to install and manage package: mail server (POP & IMAP), shared calendering, shared documents, and a host of other goodies. Users access their mail and other features via a web browser (ala OWA) making remote access available to the users even when they are at home or on the road.    

    Take a look at the screen shot below, does it look familiar? No, that's not OWA, it's Zimbra! Setup and administration is done via the web interface but there are also several command line tools available to perform various functions such as importing mail from an existing mail server, batch creation of user accounts, etc. User authentication can be done locally or Zimbra can be tied into an existing Active Directory environment for authentication.  As a service provider, you can enable inbound port 22 and port 7071 traffic through the customer's firewall (from your IP address at the shop only!) and have secure remote access to configuration files and the administrative interface to help your customers with any problems that they may have.

 

Zimbra

Zimbra is installed on top of a basic Linux operating system. I built mine on top of Ubuntu server.  Download the iso image   for Ubuntu Server 6.06.1 LTS and install the operating system. You can accept defaults during the install with the exception of the IP address; if it grabs a DHCP address just use the “back” button and manually assign the proper information. Next, install the Zimbra suite. A good how-to can be found here .

    Setup of Zimbra (including a quick start guide) can be found in the documentation at the Zimbra web site .   

    So, procure a decent server (nothing fancy, P4 2+Ghz, 512Mb RAM, 150-200 GB HD), install Ubuntu/Zimbra, and offer it to your clients as an “open source Exchange” server. Mark up the hardware to include a nice profit and cover your time building the server, charge them a few bucks for installation, offer support at maybe $500.00/yr, and start making some money on open source!

    Keep in mind that Zimbra is just the tip of the iceberg. There's Ebox (an SBS like clone), Snort/BASE (IDS), IPCop (Sonicwall like firewall), MySQL/MyPHP Admin (database and frontend), Ntop (network and bandwidth utilization),  Apache (web server), Nagios (networking monitoring and alerting), PacketFence (NAC), Zenoss (an HP OpenView/What'sUp Gold like clone), Squid/SquidGuard (a Websense/SurfControl like clone), many different versions of the Linux desktop, etc, etc. Start getting familiar with Linux and open source and you will find that you have something to offer your customers that the “other guys” don't.

    As always, if you have any questions, comments, problems, or want to name your first born after me, please feel free to contact me at thughes@fwpm.com.

Copyright 2007 Todd Hughes

 

Why Is My Site Not Showing Up In Google?

by

More and more websites are failing to show up in the world's biggest search engine and increasingly businesses are feeling frustrated with their websites.To solve this problem, leading internet marketing company WebEfforts, suggests five easy steps to improve your ranking.

Birmingham, United Kingdom (PRWEB) February 5, 2008 — More and more websites are failing to show up in the world's biggest search engine and increasingly businesses are feeling frustrated with their websites.To solve this problem, leading internet marketing company WebEfforts, suggests five easy steps to improve your ranking.
News Image

  • Step one: choose your keywords carefully.

Many people fall into the trap of competing for the same keywords. For example, there are over 10 millions searches performed each year on Google for the keyword 'internet marketing'.

However, our research shows that the search term 'internet marketing company' attracts 300,000 searches a year on Google. Often, this longer search term has less competition and reaches your target market more effectively. Hence your chances of ranking on it are higher in Google, and more importantly, achieving online sales.

  • Step two: embed keywords into your website.

Once you have decided on your keywords, you need to make sure they appear throughout your website's text. This communicates to Google that your site is a highly relevant match to the term searched for.

For example, to rank on Google for the term 'internet marketing company' this keyword phrase needs to appear at least three times within one page on your website. You also have technical tags on your website, known as 'Meta Tags', which need to contain this keyword too. We suggest contacting a professional company if you are unfamiliar with changing these.

  • Step three: uncover competitors' online strategies.

So, you may think you have found the best search term and all the text is embedded within your website. But, will it actually work?

Well, look at your top competitor's website and scan across their pages to see what search terms that are continually repeating in their text. Look at the top of the browser on their home page, what keywords appear there? The text there is the 'Title Meta Tag' text, which is very important to Google for ranking purposes.

There are automated ways to research your competitors using internet tools, but these can be expensive to buy for a one-off job. We suggest buying an internet marketing report, which is an affordable way to share the cost of using the tools.

  • Step four: get your keywords noticed.

If any step should be given more emphasis, this is the one. To rank on Google for a search term, Google's search engine won't just take your word for it because it is written on your site. Google wants additional confirmation that you are telling the truth. As a result, Google needs to see other sites pointing to your site for that keyword.

To do this you need to write content for your site and include links to your site on the keyword you want to rank in Google for. For example, to promote Web Effort's on the keyword 'internet marketing company' the content should include a link like:-

"……leading internet marketing company WebEfforts produce the best selling internet marketing report that includes professional keyword research, a web site assessment and powerful competitor research…"

However, you may need hundreds of links pointing to your site to compete against your competitors for that keyword.

In an extract from our report, we noticed that a top competitor had over 1,000 links. If this is the case for your search term, it is best to outsource the work to a professional company with experience in this area. Avoid using cheap services, as the techniques they use can be automated and leave you completely blacklisted from the search engine.

  • Step five: create viral content through online publicity.

To add the icing on the cake, you could get your website noticed on some of the largest News wires such as paid inclusion sites like Yahoo News and Google News. This method normally gives you exposure for 30 days and can provide an excellent source of traffic within days. We suggest using an online distribution service for this.

However, the key is to create viral content, which is content that is likely to be passed on because it is useful. Once this is achieved people will start posting links, from say forums or blogs, allowing the link building work to be done all by itself.

Following these five easy steps will not only improve your ranking on Google, but also drive traffic to your website and potentially increase sales.

For more information, please contact Max Worton at WebEfforts on 01562 884 388 or max.worton@webefforts.co.uk

About WebEfforts
WebEfforts helps website owners on small budgets drive targeted traffic to their website, see our results. The company is known for its best-selling internet marketing report, which can be viewed online at http://www.webefforts.co.uk.

Services include: Web Site Management and Administration, Professional Keyword Research, Web Site Assessments, Competitor intelligence, Link Building and Online Publicity.

###

Email Troubleshooting: Back to Basics

by

Email has undergone a major transformation in the past decade . What began as a simple means to send a quick message has evolved into a business critical application.  This increased use of email as a primary communication method has placed an emphasis on maintaining the availability of this service to the users. One of the best methods for diagnosing problems with email is what I refer to as “getting back to the basics”.

    Getting back to the basics means separating the email application software from the protocol itself.  Application software can be either an MUA (Mail User Agent) such as Outlook or Thunderbird, or an MTA (Mail Transport Agent) such as Exchange or Postfix. We will concentrate on working with the underlying protocols only.  Troubleshooting  software beyond basic configuration (proper user name and password, correct mail server IP and port number, mailbox setup, etc.) is beyond the scope of this article.

    There are 3 main protocols we will deal with when troubleshooting email. SMTP (Simple Mail Transfer Protocol) is used to send email. The SMTP protocol “pushes” messages, whether it's from the desktop to the internal email server, or from one email server to another. It is important to keep in mind that this is a “best effort” or “store and forward” protocol which means that there is no guarantee of successful delivery. POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol) are used to retrieve email. POP3 and IMAP “pull” messages from an email server to the desktop. POP3 downloads the entire message to the desktop when an email is read. IMAP downloads only the email header information when a mail check is performed, the message itself is actually opened and read right on the mail server (making IMAP a bit more bandwidth friendly). Both of these protocols send login credentials to the mail server in clear text unless the secure version of the protocol (POP3S or IMAPS) is used. While there are other proprietary email protocols in use, we will concentrate on the aforementioned 3 which are considered the standards for internet email transport.

    The most important tip I can give is to pay very close attention to any error messages you may receive related to mail delivery. If a user states “I sent an email, but I got an error message back”, you need to tell that user to copy the error message down verbatim. Email error messages are usually very specific about what the problem is. Here's an example:

This is the Postfix program at host mail.mydomain.com.

 

I'm sorry to have to inform you that your message could not

be delivered to one or more recipients. It's attached below.

 

For further assistance, please send mail to <postmaster>

 

If you do so, please include this problem report. You can

delete your own text from the attached returned message.

 

         The Postfix program

 

<joeshmoe@budweiser.com>: host mail1.synacor.com[64.8.70.127] said: 553 sorry,

  your envelope recipient is in rejected. either it has been deactivated or

  does not exist (#5.7.1) (in reply to RCPT TO command)

 

    The above message comes from my mail server (mail.mydomain.com) and is telling me that my message to joeshmoe@budweiser.com could not be delivered. Specifically, the mail server for “budweiser.com” (mail1.synacor.com[64.8.70.127]) said that the recipient (joeshmoe) either doesn't exist or his account has been deactivated. Note the “553”, this is an SMTP reply code. Anything in the 500 range means “permanent error”, the 400 range means “temporary error/will try again”, and anything in the 200 range means “success/OK”.

    Troubleshooting sending (SMTP) errors is done on the command line using the SMTP commands. If you suspect a problem between the desktop and the internal mail server you should do this from the desktop, if the issue is suspected to be outside of your network you need do this from the mail server itself. We'll make a connection to the recipients mail server and attempt to send a message “by hand” using some basic SMTP commands and see what happens. If you are testing from the desktop, you already know what the mail server's IP of FQDN is, if you are testing from your internal mail server to an outside server, you need to look up the name or IP of the recipient's mail server. This can be done with “nslookup” (Windows) or the “dig” command (Linux). Once we know how to get to the recipient's server, we'll make a telnet connection to port 25 (SMTP), then we'll introduce ourselves (the “helo” or “ehlo” command), and finally we will send an email and see what type of reply codes we get. Open up a terminal or command prompt and let's get started!

Look up the mail server:

thughes@thughes:~$ dig mydomain.com mx
;; QUESTION SECTION:
;mydomain.com.                        IN      MX
;; ANSWER SECTION:
mydomain.com.         736     IN      MX      5 mail.mydomain.com.

Make a connection (telnet) to that mail server on port 25 :

thughes@thughes:~$ telnet mail.mydomain.com 25
Trying 73.42.65.188…
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com at your service ESMTP NO UCE  

(notice the 220…that means OK)       

Now, introduce yourself by typing “ehlo <something>” (I typed “ehlo howdy!”):

Trying 74.41.65.188…
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com at your service ESMTP NO UCE
ehlo howdy!
250-mail.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250 8BITMIME

If you get an error when using the “ehlo” (extended helo) command, the server probably doesn't support the extended version of the command so just use the standard “helo” command. Again, notice all the 250 codes, these mean that this server supports all of the listed options.

Let's send an email:

Type “mail from: <your email address>” (the “<” and “>” are necessary in this command)

Trying 74.41.65.188…
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com at your service ESMTP NO UCE
ehlo test
250-mail.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250 8BITMIME
mail from: <thughes@fwpm.com>
250 Ok

(There's that 250 again)

Type “rcpt to: <recipient's email address>”

Trying 74.41.65.188…
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com at your service ESMTP NO UCE
mail from: <thughes@someotherdomain.com>
250 Ok
rcpt to: <thughes@mydomain.com>
250 Ok

(250 again)

Now we need to add some data to the email, so type “data” and hit the “enter” key,  then type “SUBJECT:” (add a subject), hit “enter”, type “FROM:” (type the from address), hit “enter”, type “TO:” (type the to address), hit “enter” twice, and then type the body of your email. When you're done typing your message, hit the “.” key and you should get a message that the email was sent (“queued”) on the recipient's server, then type “quit”. All of the commands that I typed in the following example are in bold type:

Trying 74.41.65.188…
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com at your service ESMTP NO UCE
mail from: <thughes@someotherdomain.com>
250 Ok
rcpt to: <thughes@mydomain.com>
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
FROM: mickeymouse@donaldduck.com
TO: thughes@mydomain.com
SUBJECT: test email

This is a test email
.
250 Ok: queued as 56CBE3B018E
quit
221 Bye
Connection closed by foreign host.

This message was sent successfully (“250 Ok: queued as 56CBE3B018E”). If there was a problem, the reply code would have told me exactly what the problem was. You may also have noticed that when I typed in the “FROM:” field, I used an address other than the one that I used in the initial “mail from:” command, this is because the “FROM:” in the headers of the email do NOT have to match the original connecting (“envelope”) sender. This is how spammers spoof email (heh heh).

    Alright, delivery works, now we need to test mail retrieval. Let's do some POP command line magic next. First, we need to telnet to our internal mail server on port 110 (995 for POPS):

thughes@thughes:~$ telnet mail.mydomain.com 110
Trying 192.168.12.80…
Connected to mail.mydomain.com.
Escape character is '^]'.
+OK dovecot ready.

Now we need to authenticate by typing “user <username>”, hit “enter”, then type “pass <your password>” and hit “enter” again:

thughes@thughes:~$ telnet mail.fwpm.com 110
Trying 192.168.12.80…
Connected to mail.fwpm.com.
Escape character is '^]'.
+OK dovecot ready.
user thughes
+OK
pass *********
+OK Logged in.

We're in!  Now type “list” to see all the emails (they are listed numerically, the first number  is the message number, the second number is the message size), type “retr (message #)”  and hit “enter”, and your message will be displayed. Type “quit” to disconnect from the POP server.

    Finally, let's try email retrieval using IMAP. Telnet to the internal mail server on port 143 (993 for IMAPS) and log in by typing “a01 login <user name> <password>”:

thughes@thughes:~$ telnet mail.mydomain.com 143
Trying 192.168.12.80…
Connected to mail.mydomain.com.
Escape character is '^]'.
* OK dovecot ready.
a01 login thughes ********
a01 OK Logged in.

Next, lets list our mailboxes. Type “a02 list “” “*”” and hit “enter”:

ao2 list "" "*"
* LIST (\NoInferiors) "/" INBOX
* LIST (\NoInferiors \UnMarked) "/" "Trash"
* LIST (\NoInferiors) "/" "Ebay"
* LIST (\NoInferiors) "/" "Sent"
ao2 OK List completed.

Now we can enter a mailbox:

a02 select INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk $Label1 $Label2 $Label3 $Label4 $Label5 NonJunk)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk $Label1 $Label2 $Label3 $Label4 $Label5 NonJunk \*)] Flags permitted.
* 1142 EXISTS
* 3 RECENT
* OK [UNSEEN 1131] First unseen.
* OK [UIDVALIDITY 1157335433] UIDs valid
* OK [UIDNEXT 26939] Predicted next UID
a02 OK [READ-WRITE] Select completed.

Fetch the headers for the first email in the list:

ao2 fetch 1 all
* 1 FETCH (FLAGS (\Seen) INTERNALDATE "18-Aug-2006 09:43:33 -0400" RFC822.SIZE 21975 ENVELOPE ("Thu, 17 Aug 2006 13:06:55 -0400" "Official: Jul-Aug 2006 (ISC)2 Newsletter" (("(ISC)2 Management" NIL "management" "isc2.org")) (("(ISC)2 Management" NIL "management" "isc2.org")) (("(ISC)2 Management" NIL "management" "isc2.org")) ((NIL NIL "thughes" "mydomain.com")) NIL NIL NIL "<LYRIS-1619473-1789-2006.08.17-16.13.08–thughes#mydomain.com@isc16.isc2.org>"))
ao2 OK Fetch completed.

Read some mail:

ao2 fetch 1 body[text]

(This should show you the message body)

Close the connection by typing “ao2 logout”:

a02 logout
* BYE Logging out
a02 OK Logout completed.
Connection closed by foreign host.

   
    That's about it for command line troubleshooting using the basic protocols. The point of the preceding exercises is to confirm that mail can be sent and received. If you are successful using the command line to send/retrieve mail but it doesn't work when using applications such as Outlook or Thunderbird, you can now concentrate your efforts on troubleshooting the software application and configuration.

    The logs on your mail server can provide a wealth of information to aid you in diagnosing problems. Becoming proficient in reading the logs is one of the most important things you can do. Take a look at the mail logs and learn how to read them. Try to follow an email through the logs from the time it hit the server until it was delivered to the recipient.  

    Email headers are also a valuable source of information. You can view the complete headers in most email clients by choosing an option such as “view > all headers”, right clicking the email and choosing “view internet headers”, etc. The exact method depends on which client you are using, Google it if you can't figure out how. Headers are read from the bottom up (use the time stamps as a reference). Below is an example of a full set of headers (I added the comments in bold):

Return-Path: <apache@isc18.isc2.org>
 X-Original-To: thughes@fwpm.com
 Delivered-To: thughes@fwpm.com

This is my mail gateway delivering the message to my mail server:

 Received: from fw.fwpm.com (unknown [192.168.12.1])
by mail.fwpm.com (Postfix) with ESMTP id 280A23B019E
for <thughes@fwpm.com>; Mon,  1 Oct 2007 10:51:03 -0400 (EDT)

This is my mail gateway processing the mail internally:

 Received: from fw.fwpm.com (localhost [127.0.0.1])
by fw.fwpm.com (Postfix) with SMTP id 4E54FAC07F
for <thughes@fwpm.com>; Mon,  1 Oct 2007 11:08:13 -0400 (EDT)

This is the spam processing and scoring on my mail gateway (spamassassin):

(sender vscan@fw.fwpm.com)
 X-Spam-Checker-Version: mailDefender 3.1.3 (2006-06-01)
 X-Spam-Level: S
 X-Spam-Status: No, hits=1.9 reqd=5.0 tests=NO_REAL_NAME=0.55,
SPF_HELO_SOFTFAIL=0.1,SPF_SOFTFAIL=0.1,XD_DYNAMIC_IP=0.9, XD_MULTIPART=0.2
Bayes=0.5
 X-Spam-Report: *  0.9 XD_DYNAMIC_IP At least one relay is a dynamic IP *  0.6
NO_REAL_NAME From: does not include a real name *  0.2 XD_MULTIPART Email
contain several alternative views *  0.1 SPF_SOFTFAIL SPF: sender does not
match SPF record (softfail) *      [SPF failed: ] *  0.1 SPF_HELO_SOFTFAIL
SPF: HELO does not match SPF record (softfail) *      [SPF failed: ]

This is my mail gateway receiving the email from the sender's server:

 Received: from isc18.isc2.org (isc18.isc2.org [216.12.146.142]) (using TLSv1
with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate
requested) by fw.fwpm.com (Postfix) with ESMTP id E5E2BAC07E for
<thughes@fwpm.com>; Mon,  1 Oct 2007 11:07:48 -0400 (EDT)

This is the sender's server receiving the mail from an internal process:

 Received: from isc18.isc2.org (isc18.isc2.org [127.0.0.1]) by isc18.isc2.org
(8.13.1/8.13.1) with ESMTP id l91F7mL0022786 for <thughes@fwpm.com>; Mon, 1
Oct 2007 10:07:48 -0500

Here's the message:

 Message-Id: <200710011507.l91F7mmV022784@isc18.isc2.org>
 Content-Transfer-Encoding: binary
 Content-Type: multipart/related; boundary="_———-=_1191251268227820"
 MIME-Version: 1.0
 X-Mailer: MIME::Lite 3.01 (F2.73; B3.07; Q3.07)
 Date: Mon, 1 Oct 2007 15:07:48 UT
 To: thughes@fwpm.com
 From: service@isc2.org
 Subject: (ISC)2: Confirmation of change to CISSP CPE Record
 X-AVAS-Signature: pfilter.pl Version 1.73
 X-AVAS-EmailID: 20070901-110749-7603
 Status: RO
 X-UID: 26809
 Content-Length: 761
 X-Keywords:
 X-Length: 3068
 
=== This is a system generated message from (ISC)2 ===

Dear T. Hughes:

This email message is blah…blah…blah.

    As you can see, the headers provide a detailed record of mail routing. You can use the time stamps at each hop to determine where any latency in delivery may be. Another trick is to use the header information to verify a spoofed email. If an email appears to come from somebody you know but looks suspicious, view the headers to determine the IP address of the original sending server. Perform a “whois” lookup on that IP address; if it comes back as registered to a Chinese or Eastern European domain (for example) you can be certain it is a spoof.

    Lastly, I want to comment about email security. Today's users tend to send anything (including very sensitive or personal information) via email without any thoughts of security or confidentiality. Email is not secure! As mentioned earlier, SMTP, POP3, and IMAP are all clear text protocols. This is akin to sending your snail mail on postcards instead of inside an envelope, safe from prying eyes. There are a few basic precautions you can take to secure your email. One would be to use POP3S and IMAPS to retrieve mail. Secondly, you should configure your mail server to support TLS (Transport Layer Security). TLS will allow encrypted SMTP communication with any recipient's server that also supports TLS. It should be noted that you must configure TLS to be optional, if the receiving server does not support TSL the communication will fall back to plain text.
Thirdly, I would suggest the use of an email encryption application (such as Zix mail) to ensure sensitive information is transmitted securely. Finally, user training is a must. Your users need to have a basic understanding of how email works. They need to know that it is neither secure (in it's default configuration) nor guaranteed to be delivered to the intended recipient.

    I hope you have found the information and tips in this article interesting and informative. Feel free to contact me if you if you have additional input or would like further information about the techniques I have presented.

Todd Hughes is a Network Security Analyst and long time Linux fan in the Upstate New York area. Send your Questions, comments or feedback to: thughes@fwpm.com.

Copyright  Todd Hughes  2007. Printed by permission.

 

{mos_fb_discuss:174} 

Cisco CCNA Certification – Cisco VTP VLAN Trunking Protocol

by

 Cisco VTP: VLAN Trunking Protocol VLAN Trunking Protocol (VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis.

 

Cisco CCNA Certification – Cisco VTP VLAN Trunking Protocol

By Bob Bello

(VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. Virtual Local AreaNetwork (VLAN) Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst Family products. VTP ensures that all switches in the VTP domain are aware of all VLANs. There are occasions, however, when VTP can create unnecessary traffic. All unknown unicasts and broadcasts in a VLAN are flooded over the entire VLAN. All switches in the network receive all broadcasts, even in situations where few users are connected in that VLAN. VTP pruning is a feature used to eliminate (or prune) this unnecessary traffic. By default, all Cisco Catalyst switches are configured to be VTP servers. This is suitable for small-scale networks where the size of the VLAN information is small and easily stored in all switches (in NVRAM). In a large network, a judgment call must be made at some point when the NVRAM storage needed is wasted, because it is duplicated on every switch. At this point, the network administrator should choose a few well-equipped switches and keep them as VTP servers. Everything else participating in VTP can be turned into a client. The number of VTP servers should be chosen so as to provide the degree of redundancy desired in the network.

Modes of OperationServer

In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version and VTP pruning) for the entire VTP domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over trunk links. VTP server is the default mode.

Transparent

VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent switches do forward VTP advertisements that they receive out their trunk ports.

Client

VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.

Advertisements Summary Advertisements

When the switch receives a summary advertisement packet, it compares the VTP domainname to its own VTP domain name. If the name is different, the switch simply ignores the packet. If the name is the same, the switch then compares the configuration revision to its own revision. If its own configuration revision is higher or equal, the packet is ignored. If it is lower, an advertisement request is sent.

Subset Advertisements

When you add, delete, or change a VLAN in a switch, the server switch where the changes were made increments the configuration revision and issues a summary advertisement, followed by one or several subset advertisements. A subset advertisement contains a list of VLAN information. If there are several VLANS, more than one subset advertisement may be required in order to advertise them all.

Advertisement Requests

A switch needs a VTP advertisement request in the following situations:

The switch has been reset. The VTP domain name has been changed. The switch has received a VTP summary advertisement with a higher configuration revision than its own. Upon receipt of an advertisement request, a VTP device sends a summary advertisement, followed by one or more subset advertisements.

Configuration To configure an IOS based switch to be a VTP server, issue the following commands: SwitchA# vlan database

SwitchA(vlan)# vtp domain CiscoKits

SwitchA(vlan)# vtp server

SwitchA(vlan)# exit

These commands configure the switch to be a VTP server in the VTP domain CiscoKits. The changes are saved and the revision number is incremented when the exit command is issued. To configure a VTP client, run the following commands:

SwitchB# vlan database

SwitchB(vlan)# vtp domain CiscoKits

SwitchB(vlan)# vtp client

SwitchB(vlan)# exit

To disable VTP, set the vtp mode to transparent as such:

SwitchC# vlan database

SwitchC(vlan)# vtp transparent

SwitchC(vlan)# exit

To monitor the VTP operation and status, use either:

SwitchA# show vtp status

SwitchA# show vtp counters.

Bob Bello, is the owner of http://www.CiscoKits.com At his site you will find over 200 various articles dedicated to Cisco CCNA and CCNP study help, free CCNA and CCNP study exams, step by step labs along with CCNA and CCNP home lab kits.

Article Source: http://EzineArticles.com/?expert=Bob_Bello
http://EzineArticles.com/?Cisco-CCNA-Certification—Cisco-VTP-VLAN-Trunking-Protocol&id=739778

 

{mos_fb_discuss:16} 

Cisco Certification – Basics of Cisco Routers

by

 This article will help familiarize you with various Cisco routers.  It will describe the various features they support so you can pick the right Cisco router to help you prepare for your Cisco CCNA exam.

Cisco Certification – Basics of Cisco Routers
By Bob Bello

Cisco has a number of different routers, amongst them are the popular 1600 series, 2500 series and 2600 series. The ranges start from the 600 series and go up to the 12000 series (now we are talking about a lot of money). All the above equipment runs special software called the Cisco Internetwork Operating System or IOS. This is the kernel of their routers and most switches. Cisco has created what they call Cisco Fusion, which is supposed to make all these devices run the same operating system.

We are going to begin with the basic components which make up a Cisco router (and switches) and I will be explaining what they are used for, so grab that tea or coffee and let's get going !

The basic components of any Cisco router are

 

  1. Interfaces
  2. The Processor (CPU)
  3. Internetwork Operating System (IOS)
  4. RXBoot Image
  5. RAM
  6. NVRAM
  7. ROM
  8. Flash memory
  9. Configuration Register

 

Now I just hope you haven't looked at the list and thought "Stuff this, it looks hard and complicated" because I assure you, it's less painful than you might think ! In fact, once you read it a couple of times, you will find all of it easy to remember and understand. Interfaces These allow us to use the router ! The interfaces are the various serial ports or ethernet ports which we use to connect the router to our LAN. There are a number of different interfaces but we are going to hit the basic stuff only. Here are some of the names they have given some of the interfaces: E0 (first Ethernet interface), E1 (second Ethernet interface). S0 (first Serial interface), S1 (second Serial interface), BRI 0 (first B channel for Basic ISDN) and BRI 1 (second B channel for Basic ISDN).

You have to connect a digital phone to an ISDN line and since this is an ISDN router, it has this option with the router. I should, however, explain that you don't normally get routers with ISDN S/T and ISDN U interfaces together. Any ISDN line requires a Network Terminator (NT) installed at the customer's premises and you connect your equipment after this terminator. An ISDN S/T interface doesn't have the NT device built in, so you need an NT device in order to use the router. On the other hand, an ISDN U interface has the NT device built in to the router.

Apart from the ISDN interfaces, we also have an Ethernet interface that connects to a device in your LAN, usually a hub or a computer. If connecting to a Hub uplink port, then you set the small switch to "Hub", but if connecting to a PC, you need to set it to "Node". This switch will simply convert the cable from a straight through (hub) to a x- over (Node):

The Config or Console port is a Female DB9 connector which you connect, using a special cable, to your computers serial port and it allows you to directly configure the router.The Processor (CPU) All Cisco routers have a main processor that takes care of the main functions of the router. The CPU generates interrupts (IRQ) in order to communicate with the other electronic components in the router. The routers utilize Motorola RISC processors. Usually the CPU utilisation on a normal router wouldn't exceed 20 %.

The IOS

The IOS is the main operating system on which the router runs. The IOS is loaded upon the router's bootup. It usually is around 2 to 5MB in size, but can be a lot larger depending on the router series. The IOS is currently on version 12, and they periodically releases minor versions every couple of months e.g 12.1 , 12.3 etc. to fix small bugs and also add extra functionality.

The IOS gives the router its various capabilities and can also be updated or downloaded from the router for backup purposes. On the 1600 series and above, you get the IOS on a PCMCIA Flash card. This Flash card then plugs into a slot located at the back of the router and the router loads the IOS "image" (as they call it). Usually this image of the operating system is compressed so the router must decompress the image in its memory in order to use it.

The IOS is one of the most critical parts of the router, without it the router is pretty much useless. Just keep in mind that it is not necessary to have a flash card (as described above with the 1600 series router) in order to load the IOS. You can actually configure most routers to load the image off a network tftp server or from another router which might hold multiple IOS images for different routers, in which case it will have a large capacity Flash card to store these images.

The RXBoot Image

The RXBoot image (also known as Bootloader) is nothing more than a "cut-down" version of the IOS located in the router's ROM (Read Only Memory). If you had no Flash card to load the IOS from, you can configure the router to load the RXBoot image, which would give you the ability to perform minor maintenance operations and bring various interfaces up or down.

The RAM

The RAM, or Random Access Memory, is where the router loads the IOS and the configuration file. It works exactly the same way as your computer's memory, where the operating system loads along with all the various programs. The amount of RAM your router needs is subject to the size of the IOS image and configuration file you have. To give you an indication of the amounts of RAM we are talking about, in most cases, smaller routers (up to the 1600 series) are happy with 12 to 16 MB while the bigger routers with larger IOS images would need around 32 to 64 MB of memory. Routing tables are also stored in the system's RAM so if you have large and complex routing tables, you will obviously need more RAM ! When I tried to upgrade the RAM on a 1600 router, I unscrewed the case and opened it and was amazed to find a 72 pin SIMM slot where you needed to attach the extra RAM. For those who don't know what a 72 pin SIMM is, it's basically the type of RAM the older Pentium socket 7 CPUs took, back in '95. This type of memory was replaced by today's standard 168 pin DIMMs or SDRAM.The

NVRAM (Non-Volatile RAM)

The NVRAM is a special memory place where the router holds its configuration. When you configure a router and then save the configuration, it is stored in the NVRAM. This memory is not big at all when compared with the system's RAM. On a 1600 series, it is only 8 KB while on bigger routers, like the 2600 series, it is 32 KB. Normally, when a router starts up, after it loads the IOS image it will look into the NVRAM and load the configuration file in order to configure the router. The NVRAM is not erased when the router is reloaded or even switched off.

ROM (Read Only Memory)

The ROM is used to start and maintain the router. It contains some code, like the Bootstrap and POST, which helps the router do some basic tests and bootup when it's powered on or reloaded. You cannot alter any of the code in this memory as it has been set from the factory and is Read Only.

Flash Memory

The Flash memory is that card I spoke about in the IOS section. All it is, is an EEPROM (Electrical Eraseable Programmable Read Only Memory) card. It fits into a special slot normally located at the back of the router and contains nothing more than the IOS image(s). You can write to it or delete its contents from the router's console. Usually it comes in sizes of 4MB for the smaller routers (1600 series) and goes up from there depending on the router model.

Configuration Register

Keeping things simple, the Configuration Register determines if the router is going to boot the IOS image from its Flash, tftp server or just load the RXBoot image. This register is a 16 Bit register, in other words has 16 zeros or ones. A sample of it in Hex would be the following: 0x2102 and in binary is : 0010 0001 0000 0010.

Bob Bello, is the owner of http://www.CiscoKits.com At his site you will find over 200 various articles dedicated to Cisco CCNA and CCNP study help, free CCNA and CCNP study exams, step by step labs along with CCNA and CCNP home lab kits.

Article Source: http://EzineArticles.com/?expert=Bob_Bello
http://EzineArticles.com/?Cisco-Certification—-Basics-of-Cisco-Routers&id=732737

 

{mos_fb_discuss:16} 

Linux as an alternative to Windows

by

    If you are anything more than a very casual computer user,  you've probably heard someone talking about Linux recently. Perhaps you're wondering exactly what Linux is and what all the fuss is about?  Well, read on and we'll attempt to answer some of the questions you may have and hopefully dispel a few myths and misconceptions along the way.

    Linux is an operating system much like Windows XP or Vista, Mac OSX, etc. An operating system is basically just a bunch of instructions that manage the software and hardware on your computer. Software refers to all of the applications that you use, such as word processing programs, web browsers, email clients, etc. Hardware is the physical parts of your computer such as the processor, memory, CD drives and the like.

    Why would I want to try Linux? I would have to say that the main reason for using Linux is that it's free. Yes, FREE! Linux is an “open source” operating system. The definition of open source is software that has been developed by a community of folks and provided to the general public, free of cost.  A second reason is that it runs very well on an older computer that may not be capable of running the newest version of Windows. Thirdly, there are literally tens of thousands of open source applications (software) that are available for download. Lastly, there is security.  Linux was developed from the start with security in mind. The Linux operating system is not as susceptible as Windows is to a majority of the threats that are common on the internet today.

    OK, so what's the catch? Well, there is a new user interface to learn. The Linux desktop doesn't “look” like a Windows desktop. Of course, a Vista desktop doesn't look like an XP desktop and a Mac desktop doesn't look like a Windows desktop, so there is a bit of a learning curve going from one operating system to another, regardless of which one you choose.  Linux also has a reputation of being a “techie's” operating system, requiring a bit more knowledge to set up and use than the typical user may possess but this has been largely eliminated as of late. Another issue is that Linux may not work with the latest cutting edge hardware, although as the use of Linux becomes more widespread this is less of a problem that it has been in the past.

    Who is Linux good for? This operating system works very well for those of us that simply need the basics: browsing the web, checking email, writing documents, working with spreadsheets, etc. Linux is a great choice for those Windows 98/2000/XP users whose old computers are running really slow and are considering upgrading but have to buy a new PC just to run Vista. It's also good for those power users that like to dig around and play “under the hood” so to speak. Linux will not work for those users that need to run Windows only software such as QuickBooks, or “gamers” who play games written exclusively for Windows.

    Alright, so you've decided that you want to try Linux, now what? My suggestion is to download a copy from the internet and see how you like it. Linux comes in many varieties called “distributions” (or “distros”). There are several distros that I can recommend for a new user; these are listed at the end of this article. All of these are available in what is referred to as a “live” format, meaning that they can be run from a CD without actually having to install them on the hard drive of your computer. You simply download and burn the CD, put it in your CD player, and reboot your computer. (Keep in mind that they will run a bit slower than they would if they were actually installed). This allows you to get a feel for Linux and how it works, as well as testing whether a particular distribution can detect and correctly configure all of your hardware. If you decide that you like one of these, there is usually an “install to hard drive” option right on the desktop. You can even install Linux in parallel to Windows and choose which operating system to load when your computer boots up!

    What if I have problems, where can I get help? There is a fantastic community of Linux users on the internet that are more than happy to help new users. Google is your friend. Most communities have a local Linux User's Group (LUG) that holds open meetings on a regular basis; new members are always welcome. These LUG's usually have occasional “Install Fests” where you can bring you computer and they will help you install Linux and answer any questions you may have. Check you local computer magazines for information on these type activities and groups.  Again, Google is your friend.

    I hope this article has answered some of your questions about Linux and maybe even made you consider giving it a try. Below is a list of resources you will find helpful if you decide to pursue this further.

Todd Hughes is a Network Security Analyst and long time Linux fan in the Upstate New York area. Send your Questions, comments or feedback to: thughes@fwpm.com.

Copyright  Todd Hughes  2007. Printed by permission.
   

Resources:

Recommended Distributions:

http://www.pclinuxos.com/index.php?option=com_ionfiles&Itemid=28
http://www.xpresslinux.com/download.php
http://www.kubuntu.org/download.php
http://www.knopper.net/knoppix/index-en.html
http://www.mepis.org/mirrors
http://www.mandriva.com/en/download/free

Other Distributions:

http://distrowatch.com/

How to “burn” a disk properly:

-using Windows XP
http://www.petri.co.il/how_to_write_iso_files_to_cd.htm
-using Nero
http://www.wizardskeep.org/mainhall/tutor/neroiso.html

-using Roxio
http://onlinepubs.trb.org/onlinepubs/burning_iso.html

 

{mos_fb_discuss:35}