My name is Naveed Babar, an Independent IT Expert and researcher. I received my Masters Degree an IT. I live in Peshawar, Khyber Pakhtunkhwa, Pakistan. Buzzwords in my world include: Info tech, Systems, Networks, public/private, identity, context, youth culture, social network sites, social media. I use this blog to express random thoughts about whatever I am thinking.

Tuesday, August 31, 2010

How to Deal With a Computer Crash

 

Almost everyone has experienced an unfortunately timed computer crash. Maybe you were right in the middle of doing your taxes, or were at the halfway point of finishing that report your boss expects in the morning. But there have been many computer crashes and glitches that have caused far more wide-ranging damage:

--CNN reports that in 2000, the spy computer used by the National Security Agency crashed for a few days, preventing staff access to important information.

--According to the Minneapolis Star Tribune, a 2009 computer failure at U.S. Bancorp denied access to thousands of unemployed people who were attempting to withdraw their money.

-- The London Stock Exchange suffered a blow in trading in September 2008 as a result of a computer crash that lasted a few hours.

--Computers responsible for control and navigation of the International Space Station failed temporarily in 2007.

-- News reports claim that the crash of the Spanair plane that killed 154 people in 2008 was supposedly related to a malware-infected computer.



Reasons for a computer crash
“Sam,” a security engineer who prefers anonymity because of the nature of his job, explains that there are usually two main causes for a computer to freeze or crash: defective computer memory and impending hard disk failure.


“Computer memory is composed of several chips placed together on a stick. If one of those chips on the memory stick goes bad, it could cause a computer to freeze because the operating system is expecting that memory space to be available.

“A hard drive disk is composed of spinning metal plates with a metal arm that reads/writes data to the drive," Sam says. "Since it is mechanical, it is prone to failure. As such, hard disk drive manufacturers have what's called a MTBF (Mean Time Before Failure). Usually, it's in the range of hundreds of thousands of hours, but it's not a guarantee. If the operating system attempts to read/write data to a hard drive that has started to physically fail, it could cause a computer freeze or crash.”

Other reasons for crashes and freezes include clicking on malicious links or attempting to use modern software on an older computer.

According to a help-desk analyst we spoke with, “The most common reason that people's computers have problems is because they try to do 2010 tasks on a 2003 computer. We have a lot of computers that are way past their warranty, and they install programs that were never meant to run on hardware of that age. Once they install and open that program, they also have various other programs running in the background, such as multiple Internet browser windows or Word documents,” she says.

Preventive measures
The primary advice from tech experts is to always save your documents regularly in case sudden disaster strikes. Aside from that obvious but often overlooked step, our tech expert "Sam" outlines a few simple steps that can help deter computer failures and prolong its life:

--Keep your anti-virus subscription up-to-date and download the latest updates.

--Download and install the latest updates for your operating system (Windows or Mac).

-- If a website or email looks suspicious or asks for personal or banking information, do not click any links contained within the email or website.

Using programs like AOL Computer Checkup Premium can also help fix various glitches, make your computer run more smoothly and increase its performance. If you're worried about losing important documents, music or videos, you may wish to consider online-storage solutions like SugarSync -- so even if you do crash, your important data is protected.

What not to do
A few years ago, MSNBC reported a couple of studies that showed many users suffer from “computer rage,” and that some scream or hit their computers when it has crashed or failed. The story even cites a case of a restaurant manager who tossed his laptop in the deep-fryer when it had stopped working.

In the event of a crash, the best thing to do first is reboot. According to our help-desk analyst, this simple step is often overlooked. “Most calls I take start with, ‘Have you restarted the computer?’….This is the easiest (and least painful) troubleshooting step.” If rebooting fails to work and the computer is “dead,” so to speak, your last best hope may be a professional computer technician. With hope, they can diagnose the problem, and if all else has failed, help salvage your data.

Saturday, August 28, 2010

Top risky for web surfing "Turkey and Russia"

AVG study looks at the safest and most dangerous places to surf the Internet

                                                             [Where are the safest and most dangerous places in the world to use the internet? ] 

Where in the World are you most likely to be hit by a malicious computer attack or virus? According to Internet Security company AVG, it’s the Caucasus region, with web surfers in Turkey, Russia, Armenia and Azerbaijan all being the most likely to face threats while online.

At the other end of the scale, some of the world’s safest surfers can be found in Japan and Taiwan, while seven of the 10 safest countries in which to surf the Internet are in Africa. As a continent, South America was ‘safest’, and North America riskiest. Globally your chances of being attacked while online on any given day are 1 in 73.

The data taken from 144 countries, involving over 100 million PCs, enabled AVG to look at the incidence of security threats that its software had to deal with in the last week of July. From these figures, AVG came out with an average for attacks per user per country.
Key results for the last week of July 2010 are as follows:

Turkey leads the league table for risky surfing, with AVG’s software having to step in to protect on average, one in 10 users of the Internet. Web users in Russia (1 in 15 were hit), Armenia (1 in 24), and Azerbaijan (1 in 39) also suffer high rates of attacks.

Other areas where web surfers are disproportionately at risk include Bangladesh (1 in 41), Pakistan (1 in 48) and in SE Asia, Vietnam and Laos (where the chances of facing an attack are both 1 in 42).

What about other major Western countries? The US is at number nine when it comes to the riskiest places to go online (1 in 48) , UK is ranked 31st (1 in 63), Australia 37th (attack ratio = 1 in 75) while German web surfers come in at number 41 (1 in 83).

Sierra Leone had the fewest attacks with on average one in 692 web surfers facing an attack. Niger too fared where just one in 442 surfers on average were attacked, however with low broadband penetration and Internet use in these African countries.

It is because of its high internet use and broadband penetration that Japan, where there is an average of just one in 404 facing an attack, is arguably the safest place to surf the net.

Meanwhile Taiwan (1 in 248 attacked), Argentina (1 in 241 attacked), and France (1 in 224 attacked) all came in the top 20 safe list.
Analyzing the data by continent, your chances of getting attacked while surfing the Web in North America are 1 in 51. In Europe it is 1 in 72, while in Asia (including Asia Pacific) 1 in 102. The safest continents are Africa (1 in 108), and by a long way South America (1 in 164).

While African countries make up seven of the top 10 ‘safe surfing’ list, it’s noteworthy that the chances of being attacked in all South American countries is more than 1 in 100. The ‘riskiest’ country in South America was Peru at 1 in 131, which globally still only ranks 78th out of 142 countries.

According to AVG spokesperson, Roger Thomson, “Our research tells us a lot about the behaviour of web surfers worldwide. Internet users in Turkey, Russia, the Caucasus and South-east Asia for example show disproportionately higher rates of being attacked than the global average of 1 in 73.

“There are a number of reasons for this. Some of it may be down to a tendency to access semi-legal or illegal download sites, while some of it probably is down to being less cautious when it comes to sharing links and files online. Another factor is the popularity of Internet cafes and people generally sharing computers. However, it is safe to say that even in these countries, a minority of users account for a large proportion of attacks.”

“If you look at Japan at the other end of the scale - a country where both Internet use and broadband protection is very high - our software only picked up a web attack for every 403rd user. Our take on this is that Japanese web surfers are generally more aware of safe and risky surfing behaviours.
However, our research should also serve as a wake-up call to people going abroad. If you are travelling without your computer and use a public machine or borrow a friend or colleagues, ensure that when accessing web -based services like email, that you log out and close the browser when you have finished your session.

If you are taking your laptop with you ensure you have backed up your data and removed any sensitive information from your machine.

Finally the key point is that all these web attacks were successfully caught and stopped by ourselves. Even the global average of facing a 1 in 73 attack on any given day does not present great odds if averaged out across a year. Hence the importance of making sure that your computer really does have the right anti-virus software installed.”


Methodology

AVG looked at the number of Internet attacks worldwide for the final week of July 2010, as well as the number of AVG installs per country. From this, AVG was able to work out on average the chances of web surfers being attacked.

This sample was taken in the last week of July. Rankings and order of countries will change over time and is not fixed.
The research involved taking data from over 100 million AVG installations across 144 countries.



Thursday, August 19, 2010

Selecting new IT leaders

One of the great privileges and responsibilities of leadership is identifying and training the next generation of managers and leaders. Somewhere in between crisis management, contract negotiations, internal politics, status monitoring and your myriad other tasks, you should spend a few moments considering the future leadership of your organization. Figuring out who has the potential to become a great leader or middle manager of IT is difficult. Given that leadership is one of those things that most of us can identify when it's put before us but find difficult to describe, it often seems impossible to predict an individual's prospects.

There are traits that can be predictors of success. But before we dive into what to look for, let's put to rest a few of the commonly used criteria that haven't yielded stellar results.

Education. Lots of great business leaders have put in time in MBA programs, but even a degree from Harvard or the Kellogg School (my alma mater) doesn't guarantee the right stuff. While important, understanding the mechanics and subtleties of business doesn't necessarily translate into leadership success.

Tech smarts. As believers in meritocracy, we're drawn to the idea that the person who best understands what's going on technically is best qualified to be in charge. Unfortunately, the skills needed in a leadership role are different from technical savvy -- and often don't reside in one person.

Bossiness. The natural desire to be in charge doesn't necessarily predict whether someone will be a good leader in a technical environment. The hierarchical top-down approach tends to be fragile when it comes to creative work. Those with the built-in desire to command frequently run smack into the brick wall of technical staff intelligence and intransigence.

So, which traits are better predictors of who will make great leaders?

Emotional flexibility. We talk a lot about being a good leader, but what about becoming one?

Great leaders start out somewhere else and have to move into leadership roles. Becoming a leader poses transitional challenges that can be met only with emotional flexibility. One of the great challenges for a new manager is to transform his view of himself, to change how he measures himself and his success. Early life and career work is judged by personal productivity. In school, we're judged by the quality and quantity of our papers, tests and quizzes. Young workers are judged by the quality, quantity and speed of task completion. Our self-images become tied to our personal productivity.

Moving into management requires a fundamental shift in how we view ourselves, a shift in the emotions about self and work. Leaders are judged not by their personal productivity but by their effect on the productivity, morale and effectiveness of others. Managers must be able to derive their personal satisfaction from helping others be productive rather than being productive themselves. This is a difficult transformation that's poorly understood and rarely discussed.

The ability to adopt a new self-image is critical to the transition into a successful leadership role.

Comfort with ambiguity. Beyond mastering their emotions, leaders must be able to cope with the chaos and confusion of reality. The world is a complex place filled with facts, provisional facts, lies, opinions and emotions. A large part of the leader's role is to help interpret the turmoil and bring order, sense and meaning to daily work. Successful leaders must transform ambiguity into clarity and create compelling narratives out of complexity.

They also bring a high tolerance for the continuing existence of confusion. They're able to hold contradictory ideas in their heads simultaneously without experiencing undue stress. Strong leaders aren't impervious to new facts and information but are comfortable revising their interpretations to meet changing times.

Ability to communicate. The ability to cope with ambiguity means nothing without the ability to communicate. If leaders and managers deliver value through their effect on others, communication is their primary tool. Whether leaders communicate verbally, in writing or through their actions, their ability to connect with those they lead is of prime importance.

Considering these "softer" skills can help you to ensure a successful future for your organization.

Few Important things you should know about privacy protection and IT

These days, IT bears a tremendous responsibility for safeguarding corporate data and protecting personal privacy information. This overview shows just how entrenched privacy concerns have become in the regular operations of the IT organization.

Personal privacy has become a major public concern. Highly visible data breaches, identity theft, and frauds such as phishing scams have created a huge corporate and consumer burden and threaten trust in Internet and e-commerce services.



Studies have shown that almost half of U.S. residents have "little or no confidence" that adequate steps have been taken to secure their personal data. Compounding this lack of confidence is the increasing sophistication of online crime schemes. It's hard to tell who is legitimate, and a growing number of users are becoming victims of the Internet. Let's look at some privacy concerns and how they affect IT. 




#1: Reporting compromised data: It's the law 

Several states require that state entities, persons, or businesses disclose to a resident when his or her private information is reasonably believed to have been acquired by someone without authorization. An organization must publicly disclose when personal information in its possession appears to have been compromised. In 2003, California passed a law that requires organizations to notify residents if the organization experienced a data security breach that caused risk to personal information. Currently, 28 states have passed similar laws, and security breach notification bills are pending in more than 15 other states. Notification of a breach is costly, as there is usually a per-person fine.

#2: Customer loyalty is directly dependent on privacy 

Consumers rely on the Internet for shopping, banking, government, healthcare, and other services, while trusting that their personal and financial information is protected and inaccessible to unauthorized use. When this trust is broken, customer loyalty can evaporate--overnight. The costs of identity theft and other fraud are too great to risk doing business with organizations known for mistrust of private information.

Between 2001and 2004, more than 196 privacy-related legal actions were raised against 255 corporate defendants, including financial services, health care, pharmaceutical, information services, e-commerce, manufacturing, media, and retail. More than 33 class action suits have also been filed. Here are some interesting figures on how Web consumers view privacy:
86% are concerned about privacy of personal data.
45% never provide real names to sites.
5% use software to hide computer identities.
86% favor "opt-in" that requires permission before using data.
94% want privacy violators to be punished.

#3: IT pros bear most of the burden for privacy 

Here are a few things to consider when developing systems:
Know the types of data you are working with that include PII (personally identifiable information.) This includes the user's name and e-mail address, health care, and credit card or social security numbers. Don't collect more data than necessary.
Know how to implement mechanisms for notifying users that their personal data may be collected and offer them ways to opt out or consent to the collection of their data. A record of opt-out acknowledgement may also be required.
Determine where the system vulnerabilities lie: in the application, database, wireless network, Web access, or other interfaces.
Understand the steps to secure PII from misuse or unauthorized access, including access controls, encryption, physical security, and auditing. Encryption is probably the best defense. When an encrypted laptop is stolen, at least the data is protected.


#4: A data classification policy is essential 

Today, data managers are expected to become steward of their organization's information. They're asked to view the data under their care as a valuable asset and manage it based on what or who it represents. An organization should have a policy definition of classified, confidential, and public information and clearly define data that's the most valuable and/or secret.

A key component of this policy is a data security plan that addresses the foreseeable risks to the integrity of the information maintained in an organization's systems. Control of and access to PII data is the subject of recent privacy regulations in the United States. The European Union also has specific requirements to protect its residents.

#5: Identifying critical systems helps risk analysis 

Once you have a clear picture of how the data is classified and have identified potential data risks, target the systems that manage the data for a more detailed analysis of risks to data integrity.

A benefit of this exercise is to have better risk-ranking of major IT processes and systems, allowing you to focus on higher potential privacy risk areas. Auditing controls that are expected by law for critical systems that contain "regulated" data is a best practice.


#6: Organizations carry the burden of proof 

Did you get hacked? Was it successful? What data was affected? How many customers? What states? Even unsuccessful attacks may have to be disclosed, unless an organization can prove that no personal information was made available to or accessed by an unauthorized party. As a result, an organization's intrusion detection and prevention systems must be effective and create reliable records of their effectiveness.

If a company concludes that a security incident didn't result in unauthorized access to personal data, but a customer suffers identity theft as a result of the attack, the organization will probably be found liable. Disclosing and reporting a breach is almost sure to damage the organization with financial consequences. Notification alone costs about $100 per customer per incident. So if 10,000 customers are affected, the incident will cost at least $1,000,000.


#7: CPOs oversee privacy issues 

The primary role of the chief privacy officer (CPO) is to establish privacy policies for both customers and employees and to review and rule on related issues. A CPO usually chairs a privacy committee in larger organizations to provide guidance on managing incidents, privacy policies, security awareness, and many other privacy issues. The buck stops here when there's a decision to be made on technology or business that can affect compliance.

The CPO is becoming very busy these days, fielding questions on legal issues that usually have an impact on IT. IT is often responsible for finding solutions to privacy issues, such as intelligent encryption.


#8: Privacy incident management can prevent future risks 

Who gets notified and when? Privacy incident management is not unlike other incident response functions, except when it comes to notification. Notification requirements are usually spelled out in the law, but notification can still be an arduous process. The CPO will likely oversee the incident response team that determines the cause and severity of the incident and issues report findings. An important outcome of investigating an incident and finding the root cause is remedying systems against similar risks in the future.


#9: Boundaries are blurring 

Who is responsible when data is shared between organizations in the course of business? What if a breach is caused by one of your organization's outsourcers? If your employees' 401K data is on an insecure laptop owned by the 401K provider and the laptop is stolen, who bears the burden?

IT outsourcing is popular, but whose responsibility is it to protect you when an employee or a vendor happens to leave a USB stick on the counter at Starbucks when paying for a latte? If this device contains insecure private information, the mishap could constitute a data breach.

It's most critical to have privacy and security language in all IT contracts with third parties. Incidents can't always be prevented, but you can buy some indemnity if you draft a proper contract. Data security in contracts is becoming more common; use your legal team if necessary.

#10: White collar crime threatens privacy

A huge market exists for selling personal information, especially credit card numbers. The average rate for an ID is about $50. The infrastructure for online crime is more sophisticated than you can imagine. Marc Gaffan, a marketer at RSA Security Inc., offered this description of the problem in the article "The Net's not-so-secret economy of crime": "There's an organized crime industry out there with defined roles and specialties. There are communications, rules of engagement, and even ethics. It's a whole value chain of facilitating fraud, and only the last steps are actually dedicated to translating activity into money."

A Web site called TalkCash.net was a fraud marketplace for its members. To become a member, an applicant was asked to submit a few credit card numbers to show that he or she was really a "crook." This site is no longer open for business.



Tuesday, August 17, 2010

10 Dying IT Skills



Introduction
There are some things in life, like good manners, which never go out of style, and there are other things, like
clothing styles that fall in and out of fashion, but when an IT skill falls out of favor, it rarely ever comes back.
Here’s our list of 10 dying IT skills. If any of these skills are your main expertise, perhaps it’s time to think about
updating your skill set.


10. COBOL
Is it dead or alive? This 40-year-old programming language often appears in lists of dying IT skills but it also
appears in as many articles about organizations with legacy applications written in COBOL having a hard time
seeking workers with COBOL skills. IBM cites statistics that 70% of the world’s business data is still being
processed by COBOL applications. But how many of these applications will remain in COBOL for the long term?
Even IBM is pushing its customers to “build bridges” and use service-oriented architecture to “transform legacy
applications and make them part of a fast and fexible IT architecture.”


9. HTML
We’re not suggesting the Internet is dead but with the proliferation of easy to use WYSIWYG HTML editors
enabling non-techies to set up blogs and Web pages, Web site development is no longer a black art. Sure, there’s
still a need for professional Web developers (see the ColdFusion entry above for a discussion about Java and
PHP skills) but a good grasp of HTML isn’t the only skill required of a Web developer. Professional developers
often have expertise in Java, AJAX, C++ and .Net, among other programming languages. HTML as a skill lost
more than 40% of its value between 2001 and 2003, according to Foote Partners.


8. SNA
The introduction of IP and other Internet networking technologies into enterprises in the 1990s signaled the
demise of IBM’s proprietary Systems Network Architecture. According to Wikipedia, the protocol is still used
extensively in banks and other fnancial transaction networks and so SNA skills continue to appear in job ads.
But permanent positions seeking SNA skills are few and far between. ITJobsWatch.com noted that there were
three opening for permanent jobs between February and April, compared to 43 during the same period last
year. Meanwhile, companies such as HP offer consultants with experience in SNA and other legacy skills such as
OpenVMS and Tru64 Unix for short-term assignments.



7. Siebel
Siebel is one skill that makes a recurring appearance in the Foote Partners’ list of skills that have lost their luster.
Siebel was synonymous with customer relationship management in the late ‘90s and early 2000s, and the com-
pany dominated the market with a 45% share in 2002. Founded by Thomas Siebel, a former Oracle executive
with no love lost for his past employer, Siebel competed aggressively with Oracle until 2006 when it was ulti-
mately acquired by the database giant. Siebel’s complex and expensive CRM software required experts to install
and manage. That model lost out to the new breed of software-as-a-service (SaaS) packages from companies
such as Salesforce.com that deliver comparable software over the Web. According to the U.K.’s ITJobsWatch.com
site, Siebel experts command an average salary of GBP52,684 ($78,564), but that’s a slide from GBP55,122 a
year ago. Siebel is ranked 319 in the job research site’s list of jobs in demand, compared to 310 in 2008.

6. RAD/Extreme Programming
Back in the late 1990s and early 2000s the rapid application development and extreme programming develop-
ment philosophies resulted in quicker and more fexible programming that embraced the ever changing needs
of customers during the development process. In XP, developers adapted to changing requirements at any point
during the project life rather than attempting to defne all requirements at the beginning. In RAD, developers
embraced interactive use of structured techniques and prototyping to defne users’ requirements. The result was
accelerated software development. Although the skills were consistently the highest paying in Foote Partners
survey since 1999, they began to lose ground in 2003 due to the proliferation of offshore outsourcing of applica-
tions development.

5. ColdFusion
ColdFusion users rave that this Web programming language is easy to use and quick to jump into, but as many
other independent software tools have experienced, it’s hard to compete with products backed by expensive
marketing campaigns from Microsoft and others. The language was originally released in 1995 by Allaire, which
was acquired by Macromedia (which itself was purchased by Adobe). Today, it is superseded by Microsoft .Net,
Java, PHP and the language of the moment: open source Ruby on Rails. A quick search of the Indeed.com job
aggregator site returned 11,045 jobs seeking PHP skills compared to 2,027 CF jobs. Even Ruby on Rails, which
is a much newer technology receiving a major boost when Apple packaged it with OS X v10.5 in 2007, returned
1,550 jobs openings on Indeed.com.

4. Wireless Application Protocol
Yes, people were able to browse the Internet in the late 1990s before Apple’s iPhone. Web site operators would
rewrite their content to the WAP’s Wireless Markup Language, enabling users to access Web services such as
email, stock results and news headlines using their cell phones and PDAs. WAP was not well received at the be-
ginning because WAP sites were slow and lacked the richness of the Web. WAP has also seen different levels of
uptake worldwide because of the different wireless regulations and standards around the world. WAP has since
evolved and is a feature of Multimedia Messaging Service, but there are now a new generation of competing
mobile Web browsers, including Opera Mobile and the iPhone’s Safari browser.

3. Visual J++
Skills pay for Microsoft’s version of Java declined 37.5% last year, according to the Foote Partners’ study. The
life of J++, which is available with Microsoft Visual Studio 6.0, was not a smooth one. Although Sun Microsys-
tems licensed Java to Microsoft to develop J++, Microsoft failed to implement some features of the offcial Java
standard while implementing other extensions of its own. Sun sued Microsoft for licensing violations in a legal
wrangle that lasted three years. Microsoft eventually replaced J++ with Microsoft .Net.

2. Novell NetWare
Novell’s network operating system was the de facto standard for LANs in the 1990s, running on more than 70%
of enterprise networks. But Novell failed to compete with the marketing might of Microsoft. Novell tried to put
up a good fght by acquiring WordPerfect to compete with Windows Offce, but that move failed to ignite the
market and Novell eventually sold WordPerfect to Corel in 1996. Novell certifcations such as Certifed Novell
Engineer, Master Certifed Novell Engineer, Certifed Novell Certifed Directory Engineer, and Novell Administra-
tor were once hot certs in the industry, but now they are featured in Foote Partners’ list of skills that decreased
in value in 2008. Hiring managers want Windows Server and Linux skills instead.

1. Asynchronous Transfer Mode
ATM was popular in the late 1990s, particularly among carriers, as the answer to overworked frame relay for
wide-area networking. It was considered more scalable than frame relay and offered inherent QoS support. It
was also marketed as a LAN platform, but that was its weakness. According to Wikipedia, ATM failed to gain
wide acceptance in the LAN where IP makes more sense for unifying voice and data on the network. Wikipedia
notes that ATM will continue to be deployed by carriers that have committed to existing ATM deployments,
but the technology is increasingly challenged by speed and traffc shaping requirements of converged voice
and data networks. A growing number of carriers are now using Multi-Protocol Label Switching (MPLS), which
integrates the label-switching capabilities of ATM with the packet orientation of IP. IT skills researcher Foote
Partners listed ATM in its IT Skills and Certifcation Pay Index as a non-certifed IT skill that has decreased in
value in the last six month of 2008.






Friday, August 13, 2010

Top 10 Skills in Demand in 2010

Introduction 

In 2010 Salary Survey, conducted at that end of last year, one of the ques-
tions put to respondents was “What skill set will your company be looking to add in 2010?” The skills listed by
respondents include the perennial favorites: security, network administration, and Windows administration. Also
included are virtualization/cloud computing and Web development. Meanwhile, an old favorite, business analy-
sis, makes a come back. Here’s the complete list, with the No. 1 skill listed being in the highest demand.

1. Project Management

As we emerge from the recession, organizations aren’t likely to go back to the go-go days of throwing money
at IT initiatives or taking risks and deploying without careful thought and planning. Organizations are putting
pressure on IT to only implement projects that can show real return-on-investment. The first step to achieving a
good ROI is professional project planning and implementation.

Project management skills often appear in top 10 skills lists, perhaps because some organizations got their fingers
burned in the 1990s through the poor implementation of IT projects such as enterprise resource planning initia-
tives. But even though the profession is mature (in IT terms), project managers still have work to do to advance
their status within organizations. According to an article on the Project Management Institute Web site, project
managers still have to develop their people skills, organizational leadership, and individual professionalism.

2. Security

It’s a never-ending game of cat and mouse for security professionals and 2009 proved to be another fun filled
year. According to Symantec’s Security and Storage Trends to Watch report, the number of spam messages con-
taining malware increased nine-fold to represent more than 2% of e-mails, while other criminals manipulated
people’s love of social networking sites to launch attacks. Twitter, for example, spent much of 2009 battling
DDoS and other attacks. Meanwhile, top headlines, such as the H1N1 flu and the death of Michael Jackson were
used by criminals to lure people to download malware.

Symantec predicts more of the same in 2010, warning that attackers will continue to use social engineering
to get to consumers’ sensitive data, and criminals will take Windows 7 as a challenge for seeking and exploit-
ing vulnerabilities in the new platform. Mac and smartphones will also be targeted more by malware authors,
Symantec says.

Despite the economic challenges of ‘09, organizations continued to hire security pros. The most sought-after
security skills were information risk management, operations security, certification and accreditation, security
management practices, and security architecture and models, according to a survey last year of 1,500 U.S.-based
security pros by security certification provider ISC2. 2010 is expected to be another busy year from security
professionals.

3. Network Administration

Networking administration skills never lose their luster. It’s the second most sought after skill in the Global
Knowledge survey and it will be the top skill sought by CIOs in the first quarter of 2010, according to a survey of
IT chiefs by Robert Half Technology. In 2010, organizations are expected to upgrade to Windows Server 2008 R2
and the Windows 7 client, and perhaps install Exchange Server 2010 and SharePoint 2010. Enterprises are going
to need network administrators to ensure network traffic continues to move without a hitch.

Meanwhile, Cisco hopes to push more data-intensive traffic onto corporate networks. Video is a key focus for
Cisco in 2010 as it works to finalize its control of video conferencing maker Tandberg and through its 2009
purchase of Pure Digital, developer of the Flip video camera. At the end of last year, Cisco introduced two Tele-
Presence certifications: the Cisco TelePresence Solutions Specialist for midcareer voice or networking engineers
seeking to specialize in the planning, design and implementation of Cisco TelePresence; and TelePresence Instal-
lation Specialist aimed at installation technicians.

4. Virtualization – Cloud 

The projected cost savings and efficiencies are no-brainers for organizations seeking to implement virtualiza-
tion and cloud computing. With the cloud computing space now taking shape it’s difficult for enterprises to find
pros with substantial relevant experience. Instead companies are drawing expertise from a range of IT skill sets,
including storage, networks and desktop, according to a Network World article. Initially companies will set up
cross-functional teams to buy and implement virtualization, but eventually cloud computing will be an expected
skill set of systems administrators. In a few years, it could even be a standard skill set of all IT pros because it
touches different aspects of IT.

For details about virtualization certifications from leading virtualization software vendors VMware, Citrix and
Microsoft, see Global Knowledge’s Top IT Certifications in Demand Today newsletter of June 2009.

5. Business Analysis

Business analysis roles were commonplace in many organizations in the 1990s when big projects, such as
enterprise resource planning initiatives, required the critical thinking that business analysts could provide. But
as businesses began moving at a faster pace, business analysis fell by the wayside. Factors such as the economic
downturn and regulatory compliance have forced companies to take a step back and to think through business
problems and their solutions, and business analysis is making a comeback, as a result. Kathleen Barret, presi-
dent of the International Institute of Business Analysis says the discipline is a phoenix rising.

The IIBA describes the job of a BA as a “liaison among stakeholders in order to elicit, analyze, communicate, and
validate requirements for changes to business processes, policies, and information systems.” IT pros are good can-
didates for BA jobs because they have a broad perspective of a company’s business, says Barret. There are three
types of BAs: enterprise BAs who identify opportunities for business change and defines the work to be done;
transition BAs who fine-tunes the plans; and project BAs who work on project teams that implement the changes.
Annual salaries average around $75,000 with enterprise and transition analysts earning more, Barret says.


6. Business Process Improvement

With project management and business analysis skills appearing in this skills list, it’s no surprise that business
process improvement skill is also here. Business process improvement and business analysis go hand-in-hand.
Business analysts identify areas for improvements to business processes, while business process improvement or
management pros use BPM techniques and technologies to help companies optimize their business processes.

A recent BPM survey by IT researchers, the Aberdeen Group says the top reasons business are driving BPM activ-
ity are the need to reduce operating costs and to improve cash flow. However, the top barrier to adoption was
the lack of knowledge about BPM. According to Gartner, among the competencies required for successful BPM
initiatives include process skills, tools and process assets, and transformation skills.

To learn more about BPM, go to the Web site of the Business Process Management Initiative (BPMI.org), which
promotes the standardization of common business processes; and the BPMinstitute.org, which describes itself as
a peer-to-peer exchange for business process management professionals.


7. Web Development

If you are—or you know friends who are—addicted to the FarmVille game on Facebook you’ll know the power
of Web development. In just a few short months, FarmVille’s popularity has spread across the globe as Facebook
fans tend to their farms and purchase virtual goods. The game, including others by FarmVille developer Zynga,
has netted the start-up more than 200 million monthly unique users for its online apps. One financial analyst
reckons Zynga could be valued at $1 billion if it were to go IPO in mid-2010.

Developing Facebook games is just one extreme of the vast Web development spectrum. Building iPhone apps
could also be very profitable, writes Web developer and blogger Glen Stansberry. As moderator of the Freelance
Switch job board, Stansberry listed other popular Web development skills including Framework knowledge, wid-
get development, content management system customizations (for small businesses looking to create a unique
look to their standard Wordpress and Drupal blogs), and Javascript Plugin creation.

8. Database Management 

Databases are the hearts of key business systems that drive payroll, manufacturing, sales, transaction process- 
ing, and more. Programmers must be able to build programs that quickly and efficiently interface with the
database management system (DBMS), while database administrators “must be able to bring the full power of 
database features to bear on business problems”, writes Oracle- and IBM-certified DBA Howard Fosdick in his 
whitepaper Database Skills Availability: Critical to Your Selection of Database. “DBA expertise can be the Achil- 
les’ heel of database projects - many IT projects have failed due to the inability to secure DBA talent or success- 
fully address DBA issues,” he adds. 

The major database vendors are Oracle, IBM and Sybase. Oracle runs three main certification programs for 
database professionals. Oracle Certified Associate is the first rung of the Oracle certification ladder. Next is the 
flagship Oracle Certified Professional (OCP) credential, which certifies an individual’s ability to manage, develop, 
or implement enterprise-wide databases and other software. Oracle Certified Master (OCM) is Oracle most 
advanced accreditation. IBM offers a dizzying array of certifications surrounding its DB2 product series. The main 
credentials are IBM Certified Database Associate, Database Administrator, Application Developer, and Advanced 
Database Administrator. Sybase has two sets of certifications for its Adaptive Server Enterprise product: ASE 
Administrator Associate and ASE Administrator Professional; and ASE Developer Associate and ASE Developer 
Professional. 


9. Windows Administration

As previously mentioned, Microsoft shops are expected in 2010 to upgrade to Windows Server 2008 R2 and the
Windows 7 client, and perhaps install Exchange Server 2010 and SharePoint 2010 as well. Windows administra-
tion skills is going to be key for many enterprises implementing and maintaining existing and upgraded systems.

Microsoft Windows Server 2008 certifications at the MCTS level cover configurations for Active Directory, net-
working, and applications. Certifications available for the MCITP level are Server 2008 Server Administration,
Enterprise Administration. In a November blog posting in Microsoft’s Born to Learn blog, the company wrote
that the first of its Windows Server 2008 virtualization exams would be entering beta soon. The exams will cover
server virtualization, desktop virtualization, and virtualization administration. Windows 7 pros can certify as
MCTS: Windows 7 – Configuration, and MCITP: Enterprise Desktop Administrator 7.

10. Desktop Support

Our recent article “Top Certifications in Demand Today” listed desktop support as a hot skill. In Global Knowl-
edge’s 2010 salary survey, it was named as the 10th most sought-after skill this year. In the June article, we
quoted Robert Half Technology Executive Director Dave Willmer as saying that businesses will need desktop sup-
port personnel to support new workers as organizations begin hiring as the economy improves. The introduction
of Microsoft Windows 7 is also expected to generate additional interest.

Microsoft currently provides the MCITP: Consumer Support Technician, and MCITP: Enterprise Support Technician
certifications, but they are based on Windows Vista. Microsoft, in its Born to Learn blog, in November said that
it is working on a MCITP: Windows 7, Enterprise Desktop Support Technican certification. Prospective candidates
are advised to prepare for 680: Win 7, Configuring and 685: Win 7, EDST.

Tuesday, August 10, 2010

Solving the Mysteries of Subnetting

Introduction
Subnetting is a complicated topic that has confused students for a very long time.However,subnetting is an
important topic for many different certifications with various vendors,including Cisco.In the real world envi-
ronment,people are used to just punching in the numbers in many of the free subnet calculators that are
readily available on the internet.For exam purposes,you still have to do this in a very fast manner since many
exams are time-based and you don’t have the luxury of spending those precious minutes on any single ques-
tion. This whitepaper will solve some of those age-old and complicated subnetting puzzles.
Why Do We Subnet?
Why can’t you take the numbers provided by the providers? The answer is simple – because YOU know your
network, your provider doesn’t. Only you know the details such as how many users you would want in each
network.Only you know how many of these networks (sub-networks/broadcast domains) you need.Various
design classes will give you different specs on how big the broadcast domain should be (answer depending on
the application needs you have).We also do subnetting because you might want to create a manageable,
doable,and realistic set of numbers rather than the defaults,which might not work for your needs or could be
overkill.
Note: Each router interface is its own broadcast domain,since routers,by default,terminate broadcasts.Also,
VLAN = broadcast domain since you need a L3 device (router) to interconnect different broadcast
domains/Vlans/subnets.Yes subnets = broadcast domain = vlan.We use these terms interchangeably,but sub-
net is a L3 concept and vlan is a L2 concept.
There are three classes of addresses that we use for unicast (one-to-one communication) purposes in our IPv4
network (32 bit addresses):Class A,Class B,and Class C.There are some default assumptions for each class,
indicating which octets (8 bits) are network and which octets are host. The defaults are:


Class A Network Host Host Host
First 8 bits for net
work; last 24 bits for
host

Class B Network Network Host Host
First 16 bits for net
work;last 16 bits
work;last 16 bits

Class C Network Network Network Host
First 24 bits for net-
work; last 8 bits for host



Since we are working with binary here,we can easily calculate the number of hosts possible in each class of
addresses.
Class A has 24 bits of host possibilities,which comes to 224
-2 number of hosts.This comes to 16,777,214 hosts
in each class A network.
With the Class B address,we have 16 bits of host possibilities.216
-2 = 65,534 hosts in each class B network.
With the Class C address,we have 8 bits of host possibilities.28
-2 = 254 hosts in each class C network.
The reason we subtracted 2 from each of these ranges is that the first and the last number in the range has a
special meaning to the system.The very first number in the range (all bits in binary off) indicates the
network/subnetwork you are on.The last number in the range (all bits in binary ON) indicates the directed
broadcast on that network/subnetwork).
I don’t know of any network that has the capability to support in a flat segment 16,777,214 users with Class A
(or 65,534 hosts for Class B).Since these numbers are not realistic,you need to subnet them,based on your
needs.With class C,you get 254 hosts in each segment,which is possible but can still be subnetted to accom-
modate smaller networks (like point-to-point WAN networks with 2 hosts or other possibilities).
With all subnetting questions,first you have to ask yourself with what class of address you are working.This
always tells you which octets are network octets so you can take it from there and manipulate the host bits
based upon your needs.
Remember your ranges of addresses:
Class A address range is from 1 – 127
Class B address range is from 128 – 191
Class C address range is from 192 – 223
Lets dig in to an example.
Let’s use RFC 1918 Class B address 172.16.0.0.In this scenario we are going to work on this to get eight sub-
nets.(This is a random number I picked,based on eight different VLANs I might want to configure in my net-
work).
The default subnet mask for class B is 255.255.0.0
In binary,the subnet mask is 11111111.11111111.00000000.00000000
Note that there are 16 consecutive zeros, which indicate the number of hosts (as previously discussed).
Remember that we have 65,534 hosts possible,but in ONE big,flat network.We don’t want that for this sce-
nario;we need eight different subnets.So lets do it.
Ask yourself how many bits you need to get 8 subnets.The formula for this is
2n
= # of subnets where n is the number of bits to use for subnets



In this scenario
2n
=8 so using basic math n=3 (three occurrences of 2 to get 8 -> 2x2x2)
Since we said earlier that zeros identify the number of hosts you have (from right to left in the 32-bit subn
mask),the same works for subnets.Subnets are indicated by the number of contiguous ones we have (from
left to right in the 32 bit subnet mask).We just determined that we need 3 bits for this example where we
need six subnets.Remember now that subnets are indicated by contiguous ones from left to right
The subnet mask we had for class B is
11111111.11111111.00000000.00000000
Now that we need to borrow 3 additional bits,let’s write this down.
11111111.11111111.11100000.00000000 (now thirteen bits left for host,indicated by 13 zeroes,so 2
13
-2
would give us 8190 hosts in each subnet).
This gives us 255.255.224.0 for our subnet mask.

Once you determine the mask, you need to write that down in binary. In this case,the number is
255.255.224.0 (we borrowed three bits and determining the subnets you borrow the bits left to right. Subnet
bits are 1s (left to right) and Host bits are 0s (right to left).
255. 255. 224. 0
11111111. 11111111.11100000.00000000
Now,here is a tricky part.After the first subnet (subnet zero),the decimal value of the lowest active bit is your
second subnet (after subnet zero) and then you increment that number by itself until you reach the mask.This
will give you all the subnets.
Let’s see it step by step
Decimal value of the lowest active bit
Active means 1,not active means 0
Remember,the binary place holders for all eight bits in the octet In this example, only the first three bits are on. The decimal values of those bits are 128, 64, and 32; 32 is the
lowest active bit versus 64 or 128.
27
26
25
24
23
22
21
20
123 64 32 16 8 4 2 1

Let’s increment 32 by itself until we get the mask (224)
32-Second subnet
64-Third subnet
96-Fourth subnet
128-Fifth subnet
160-Sixth subnet
192-Seventh subnet
224- Eighth subnet
This just gave us all of our eight subnets (with subnet 0 being the first subnet).
Lets write these numbers down for clarity.
172.16.0.0 ->172.16.31.255 First subnet all possible numbers in the range
172.16.32.0->172.16.63.255Second subnet all possible numbers in the range
172/16.64.0->172.16.95.255Third subnet all possible numbers in the range
172.16.96.0 -> 172.16.127.255 Fourth subnet all possible numbers in the range
172.16.128.0->172.16.159.255Fifth subnet all possible numbers in the range
172.16.160.0->172.16.191.255Sixth subnet all possible numbers in the range
172.16.192.0 -> 172.16.223.255 Seventh subnet all possible numbers in the range
172.16.224.0->172.16.255.255Eighth subnet all possible numbers in the range
Do not forget that when we were calculating the number of hosts,we kept subtracting 2 from our host
range (the first and the last one).The first and the last one have special meanings.The first number in the
range is the subnet itself (the wire that the people are plugged into). The last number is the directed broadcast
for all the hosts on that subnet.
So,the valid list of hosts is every number in the range except for the first and the last number.
For the first subnet,it will be 172.16.0.1 to 172.16.31.254.
For the second subnet,it will be 172.16.32.1 to 172.16.63.254 and so on for all subnets.

Verify Your Work


This is how to verify your work in binary, if you didn’t like the easy “trick” method approach.
How do you verify that the three bits we got will give you eight subnets? If you write down all possibilities of
0s and 1s, you will see that there are only eight possibilities:
000 – First subnet100 – Fifth subnet
001 – Second subnet101 – Sixth subnet
010 – Third subnet 110 – Seventh subnet
011 – Fourth subnet111 – Eighth subnet



Don’t forget that these are all the possibilities with the first three bits we have borrowed.We still have 13 bits

left after using these first three bits (in the third octet so we have five bits in the third octet and 8 bits in the
fourth octet left,which is a total of 13 bits).
If you pick any of the above three bit combinations and write them down twice (lets say we pick 011 for our
example)
172.16.011 __ __ __ __ __.__ __ __ __ __ __ __ __
172.16.011 __ __ __ __ __.__ __ __ __ __ __ __ __
Now fill in the first one with all zeros in the 13 bits left blank and the next one with ones in the last 13 bits
(remember the first number in the range is all zeros and the last number in the range is all ones.
172.16.011 0 0 0 0 0.0 0 0 0 0 0 0 0 which in decimal is 172.16.96.0
172.16.011 1 1 1 1 1.1 1 1 1 1 1 1 1 which in decimal is 172.16.127.255

WOW! This gave us the same set of numbers that we got with our short,trick method.This second verification
method is not bad either,but we were lucky that we only had to write down all possibilities of 0s and 1s of
only three bits.If we had a big number,we will be spending some quality time writing down ones and zeroes,
which we might not appreciate.
This is end of subnetting,but ask yourself one question.Consider the possibility if one of these subnets was
meant for a point-to-point circuit.Remember from our previous discussion that there are only two points in a
point-to-point circuit,so why do we have 13 bits for hosts? With 13 bits left for host (all zeros) we get 8190
hosts per subnet.But this is a point-to-point subnet,and we will NEVER need 8190 addresses.This is a waste
of addresses and not what you would want to do in a properly designed network.This is especially true when
we are complaining that we are running out of IPv4 addresses and are coming up with alternate solutions like
IPv6 to fix the problem of not enough addresses. To solve this problem of point-to-point interface addressing,
we take the subnetting to the next step called VLSM (variable-length subnet masking).What we have done so
far is FLSM (Fixed-length subnetting masking).Since our host needs are not the same across the organization,
we will be doing VLSM all the time,which is not a stretch from the FLSM case study we have done here.

">

Monday, August 9, 2010

12 Things To Know When Troubleshooting Your Network

Introduction 

You work for a small organization where you wear many hats.  You are the network admin for PCs and your
routers and switches.  Anything that’s broken is YOUR problem and only your fault.  So, you walk into your of-
fice one morning, and you hear the phone ringing. You have an irate user on the other end telling you that the
“network is down.”  I always love those calls where a user, who has no networking background, tells you that
the network is down without any analysis tools or technical background.  After years of working in networking,
you probably know that if the network were really down, then the whole department would probably be calling
you and not just this one same user every morning.

This white paper approaches this situation with some of the common troubleshooting things that, you as a
network administrator, know or maybe should know.

Mental Preparation

The first and foremost concept for troubleshooting is not to panic. It might sound like the simplest thing, but
that is the reason why some new administrators make mistakes. Then, they dig themselves deeper because they
panic. A calm mind can identify the problem and approach the problem with a systematic method.  Sometimes,
if you have been working with the problem for a long time, it will not hurt to just walk away from the problem
and look at it after taking a break.  You’ll see that there are some very obvious things you missed.  I also like the
buddy system. You might want to have someone else look at the problem rather than you seeing or not seeing
the same issue - which was probably staring right at you.

Now, we know that in real life you can’t just walk away from a problem; your management might not appreci-
ate that.  You might be losing many millions of dollars while the network is down.  I can tell you that in certain
medical environments, you want to fix the problem fast since someone’s life might depend on that piece of
equipment that you are trying to fix.

Systematic Approach 

So, let’s visit our caller from the beginning of the paper.  We are going with an assumption that this user is
running the most common operating system available out there – some Windows platform. Common mistakes
that new administrators make are that they believe the user and assume that the network is really down.  I
would strongly recommend against that.  I am not asking you to argue with the user.  I would like to check out
the problem on my own.

Physical Layer Verification 

One of the first things you should do it to check the cable.  Do you have a green light at the back of your ma- 
chine?   You will find many times that the problem might just be a cabling problem. I have seen, in some rare 
cases, that inexperienced users just didn’t have the monitor plugged in so it was just a loose cable. Although, in 
my example, it could be the monitor cable, it could also be a network cable that is unplugged. 

Network Layer Verification 

If I see that the cable is plugged in, then I would ensure that there is an IP address assigned on the system. 
Now, with Windows systems, you can go to the command prompt and checking the IP address using the 
“ipconfig” command.  You want to make sure that you see that the IP address/subnet mask that are assigned 
are correct for that segment.    Keep in mind that the command to verify your IP address and subnet mask will 
vary, depending on the system you are working on.  For Windows systems, it’s ipconfig or ipconfig /all for more 
detailed information.  For Cisco routers, the command show interface will show you the IP address and subnet 
mask.  So, please, consult your documentation for the systems you are working on. 

Interviewing the User 

I have had many instances where, after all the work you do, you find out that someone had just moved this 
machine to this location from a different office, or floor, or segment, and it still has the IP address/subnet mask 
from a different part of the network. Maybe this system has both wired and wireless cards, but the IP address 
was incorrectly configured on the wireless card rather than on the wired connection.  Maybe it would’ve been 
wise to ask the user if something changed in the environment related to machines being moved. 

Reviewing the Logs: If You Have Them 

I hope that your company has a central change log procedure where all things are documented, and you can 
refer to the logs before you even approach the user.  Besides the company change logs, I hope you are also using
a central syslog facility that is collecting alerts from various systems in your organization.  
You can find many free syslog products on the internet for download. 

Knowing Your Company Policy 

It is also wise to ask the user the last time they were able to successfully connect to the network from this 
machine.    I had a user once who kept insisting that the company internet was down so he couldn’t do web 
browsing related to his job.  After further investigation, we found out that the websites this particular user was 
trying to visit were banned by the company and therefore prohibited.  It is a very good idea to know your own
company’s security and ethical policies.  I would recommend having the disclaimers in writing approved by your senior management. 

Isolating the Problem Using Tools 

It also makes sense to do a basic ping command to try to get a response to/from different systems on or off 
your network.  If you can reach the local systems but not the remote systems, then there is a possibility that your default gateway is down, or missing, or configured incorrectly.  It is also possible that your default gateway (router) doesn’t know how to route the packets to that particular destination, or maybe it’s possible that your company doesn’t allow ICMP protocol, which is what ping uses.  Again, it makes perfect sense to know your company policies. 

Sometimes, you can ping the remote systems with their IP address but not with their names.  This implies that 
there is no name resolution method available to resolve from the name to the IP address.It could also be that 
the name resolution method is resolving it to the wrong IP address. 

In Windows systems, you can also check to see if your TCP/IP stack is loaded correctly.  You can ping the local-host address (127.0.0.1), which can be done at the command prompt.  DNS does the translation from the name to IP address.  You can see what your DNS is configured for using the ipconfig/all command at the command 
prompt. 

You can also use the traceroute command (tracert on Windows Systems) to see if you can see where the 
packets are failing.  You can see a hop by hop packet flow using the tracert command.  Tracert command 
output is explained in various Microsoft and Cisco courses offered.

Here is a sample partial output of tracert command. 

         Microsoft Windows [Version 6.0.6001] 

         C:\Users\dt>tracert 10.0.0.1 

         Tracing route to test [10.0.0.1] 

         over a maximum of 30 hops: 

                  1        <1 ms <1 ms <1 ms . [192.168.2.1] 

                  2        6 ms     7 ms  5 ms  10.58.160.1 

                  3        6 ms     7 ms  7 ms  gig-2-0-nycmnyu-rtr2.nyc.rr.com 
         [24.29.98.189] 

         …….……. 

Have an Up-To-Date Network Diagram (Not an 
Outdated One) 

Let’s say you did all those things, and you see that all those things are configured correctly or not prohibited by 
your company policy.  What should you do next?  It’s always good to have a network topology map to consult 
to see where this particular system is supposed to be plugged in.    If there is nothing wrong on the PC, then the 
next logical approach will be to go to the switch where the user is plugged in.  In this white paper, we will only 
use Cisco Systems routers and switches in our examples. 

Checking the Switch 

Now that we are on the switch where the user is plugged in, and you have found the port number where the 
user is plugged in, let’s see how that particular port is configured. You can use the show run int gi 0/2 com- 
mand to see what is currently running for that particular interface (in this example gigabit 0/2 port) 

Here is a partial output from the show run int command. 

         Switch#show running-config int gi0/2 

         Building configuration... 

         Current configuration : 85 bytes 

         ! 

         interface Gigabit0/2 

         no ip address 

         switchport 

         switchport mode access 

         … 

         Switch# 

Another thing to check on the port would be to see if the port is in the right VLAN.  VLAN is a logical grouping 
of ports. 

VLAN assignment can be checked on Cisco switches using the Show vlan output. 

Here is a partial output from one of the switches showing the ports that are assigned to the two VLANS (namely 
VLAN1 and VLAN2).  Gigabit 0/2 – Gigabit 0/5 are assigned to VLAN1 and Gigabit 0/6 – Gigabit 0/12 are as- 
signed to VLAN2). 
Another thing to check on the port would be to see if the port is in the right VLAN.  VLAN is a logical grouping 
of ports. 

VLAN assignment can be checked on Cisco switches using the Show vlan output. 

Here is a partial output from one of the switches showing the ports that are assigned to the two VLANS (namely 
VLAN1 and VLAN2).  Gigabit 0/2 – Gigabit 0/5 are assigned to VLAN1 and Gigabit 0/6 – Gigabit 0/12 are as- 
signed to VLAN2). 

         Switch# show vlan 

        VLAN           Name             Status         Ports 

         --------- ----------- ---------- -------------------------------- 

         1             default          active         Gi0/2, Gi0/3, Gi0/4, Gi0/5 

         2             VLAN0002         active         Gi0/6, Gi0/7, Gi0/8, Gi0/9 

                                                                    Gi0/10, Gi0/11, Gi0/12 

         …….. ………. 

 All ports in the same VLAN form a logical grouping called a broadcast domain.  Broadcasts stay within these 
ports.  In our output example, Gi0/2 – Gi0/5 form one broadcast domain, and ports Gi0/6 – Gi0/12 forms the 
other broadcast domain.  All systems plugged in the same VLAN should have same subnet IP address.  
(It’s very important to have a very solid understanding of how subnetting works.   
This is also a typical problem in most environments.  
Now that you have verifed that the VLAN assignment is correct on the switch, you might want to ensure that 
there are no other restrictions on the switch port, such as port-security restricting that port to be used for 
only certain MAC addresses.  Typically, in organizations, it is common to see that companies implement MAC 
address-based security and then move machines around.  Perhaps the port is still only allowing the old machine 
and not this new system.  Remember, this could be a new machine assigned to the same user, or it could be 
that particular cubicle was used by someone else and now this is the new user.  Remember, both of these things 
could’ve been answered with a good conversation with the user or maybe looking at the log fle we discussed in
the beginning. Let’s say we verifed that the router is plugged in, and you are now connected to the router.  Does the router 
have a path to the destination where this particular person is trying to go?    Does the router know how to route
to that destination?   You can always use the show ip route command to see if the routes exist to the destina-
tion. However, in bigger environments, this might be very cumbersome since you might have hundreds or even 
thousands of routes. 
Here is a sample output of show ip route, looking only for 10.0.0.1 destination.  As you can see, you have 
a route to that destination.  In advanced routing classes, you learn what the other fun parameters mean.  The 
Global Knowledge BSCI class covers this in great detail.
Router# show ip route 10.0.0.1
Routing entry for 10.0.0.1/32
  Known via “isis”, distance 115, metric 20, type level-1
  Redistributing via isis
  Last update from 10.191.255.251 on Fddi1/0, 00:00:13 ago
  Routing Descriptor Blocks:
  * 10.22.22.2, from 10.191.255.247, via Serial2/3
  Route metric is 20, traffc share count is 1
……..………
Now that you know that you have a route to that destination, you can try pinging the destination. Remember, 
just because you have a path to some destination, that doesn’t mean that the remote site has connectivity with 
you.  How do you know that there is a return path available?   If both of these sites are in your offces, then 
you can ping from the remote site.   Also remember, it could be that your company doesn’t allow ping (or entire 
ICMP protocol).  Have you considered using something other than ping? You might try to do a telnet or even FTP 
to the remote site?  If the remote site is running the Telnet or the FTP daemon, then you will succeed.  If they are 
not running that, then maybe you need to fnd some other test application.
Most people think that since they couldn’t get in the remote site using Telnet or FTP, it means a failure.  As long 
as you even get a prompt for a password, that is a success.  You don’t have to be connected.  Getting the dialog 
box for password is a success.
If the user is trying to talk to systems that are outside of its broadcast domain, then there has to be a device 
that will take you outside this grouping of ports (VLANs).  How do we go out of our room?  Well, that’s simple, 
we just use the door.  So, what is the equivalent of the door in the networking world?  Your router is the door 
that takes you outside of your local network segment.  
Checking the Router
Let’s visit the router.  Is your router up?  Do you see the lights?   Again, the same basic question is whether it is 
powered up.  The port on the router that you are using as your default gateway for the PC should be plugged 
into the same VLAN.

MySpace and Facebook: How Racist Language Frames Social Media (and Why You Should Care)

Every time I dare to talk about race or class and MySpace & Facebook in the same breath, a public explosion happens. This is the current state of things.  Unfortunately, most folks who enter the fray prefer to reject the notion that race/class shape social media or that social media reflects bigoted attitudes than seriously address what’s at stake.  Yet, look around. Twitter is flush with racist language in response to the active participation of blacks on the site. Comments on YouTube expose deep-seated bigotry in uncountable ways. The n-word is everyday vernacular in MMORPGs. In short, racism and classism permeates every genre of social media out there, reflecting the everyday attitudes of people that go well beyond social media. So why can’t we talk about it?
Let me back up and explain the context for this piece … three years ago, I wrote a controversial blog post highlighting the cultural division taking shape.  Since then, I’ve worked diligently to try to make sense of what I first observed and ground it in empirical data.  In 2009, I built on my analysis in  “The Not-So-Hidden Politics of Class Online”, a talk I gave at the Personal Democracy Forum.  Slowly, I worked to write an academic article called “White Flight in Networked Publics? How Race and Class Shaped American Teen Engagement with MySpace and Facebook” (to be published in a book called Digital Race Anthology, edited by Lisa Nakamura and Peter Chow-White).  I published a draft of this article on my website in December.  Then, on July 14, Christoper Mims posted a guest blog post at Technology Review entitled “Did Whites Flee the ‘Digital Ghetto’ of MySpace?” using my article as his hook.  I’m not sure why Mims wrote this piece now or why he didn’t contact me, but so it goes.
Mims’ blog post prompted a new wave of discussion about whether or not there’s a race-based (or class-based) division between MySpace and Facebook today. My article does not address this topic. My article is a discussion of a phenomenon that happened from 2006-2007 using data collected during that period. The point of my article is not to discuss whether or not there was a division — quantitative data shows this better. My goal was to analyze American teenagers’ language when talking about Facebook and MySpace. The argument that I make is that the language used by teens has racialized overtones that harken back to the language used around “white flight.” In other words, what American teens are reflecting in their discussion of MySpace and Facebook shows just how deeply racial narratives are embedded in everyday life.
So, can we please dial the needle forward? Regardless of whether or not there’s still a race and class-based division in the U.S. between MySpace and Facebook, the language that people use to describe MySpace is still deeply racist and classist. Hell, we see that in the comments of every blog post that describes my analysis. And I’m sure we’ll get some here, since online forums somehow invite people to unapologetically make racist comments that they would never say aloud. And as much as those make me shudder, they’re also a reminder that the civil rights movement has a long way to go.
Race and class shape contemporary life in fundamental ways. People of color and the working poor live the experiences of racism and classism, but how this plays out is often not nearly as overt as it was in the 1960s. But that doesn’t mean that it has gone away.
There is still bigotry, and the divisions run deep in the U.S. We often talk about the Internet as the great equalizer, the space where we can be free of all of the weights of inequality. And yet, what we find online is often a reproduction of all of the issues present in everyday life. The Internet does not magically heal old wounds or repair broken bonds between people. More often, it shows just how deep those wounds go and how structurally broken many relationships are.
In this way, the Internet is often a mirror of the ugliest sides of our society, the aspects of our society that we so badly need to address. What the Internet does — for better or worse — is make visible aspects of society that have been delicately swept under the rug and ignored. We could keep on sweeping, or we could take the moment to rise up and develop new strategies for addressing the core issues that we’re seeing. Bigotry doesn’t go away by eliminating only what’s visible. It is eradicated by getting at the core underlying issues. What we’re seeing online allows us to see how much work there’s left to do.
In writing “White Flight in Networked Publics?”, I wanted to expose one aspect of how race and class shape how people see social media. My goal in doing so was to push back at the utopian rhetorics that frame the Internet as a kumbaya movement so that we can focus on addressing the major social issues that exist everywhere and are exposed in new ways via social media. When it comes to eradicating bigotry, I can’t say that I have the answers. But I know that we need to start a conversation. And my hope — from the moment that I first highlighted the divisions taking place in 2007 — is that we can use social media as both a lens into and a platform for discussing cultural inequality.
So how do we get started?

Comments

Search This Blog

Followers