- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Aug 15, 2002 (Vol. 7, #56 - Issue #387)
The Verdict On W2K Service Pack 3
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Time Flies Between Disasters
  2. TECH BRIEFING
    • Home Automation - Wireless Camera Project
  3. NT/2000 RELATED NEWS
    • The Verdict On W2K Service Pack 3
  4. NT/2000 THIRD PARTY NEWS
    • FBI Warns Against "WarDriving"
    • The DDos Liability Threat
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  SPONSOR: Aelita Software
FREE Exchange 2000 Migration Cost and ROI report
What's the total cost of migrating to Exchange 2000 and
how much money can third-party tools save you? Aelita can
give you the answer FREE using Meta Group's PCM Tool.
Click below to get a FREE ROI report!
Visit Aelita Software for more information.
  EDITORS CORNER

Time Flies Between Disasters

And IT chiefs ignore disaster recovery... You all know that for many, many years I have hammered on the topic of crisis management and downtime prevention. In my editorial corner I have suggested that business continuity professionals get more involved with the IT planners that have disaster recovery plans as their responsibility.

As a company, you need to be ready for unexpected crises. You need to sit down with your disaster recovery team and go through multiple scenarios that could go something like: "A disgruntled worker from another company in our building walks up to the main breaker box on the outside of the building and flips all the switches in a fit of rage to "get even". He does not care about the other renters in the building and shuts all the power down within 1 minute. What is going to happen to our data? What would we lose? How fast would everyone be back up and running? How can we prevent this?"

This would be a highly useful thing to do. The result would be a script that documents all the specific actions in the right sequence to get things back up. Make sure that script is available, gets drilled, and is known by all people involved. And make sure you have your data backed up off site so you actually can recover the disaster!

There is a Forrester Research survey indicating that Fortune 500 companies spend an average of 0.0025 percent of revenue on security, less than the budget of the coffee concession. "If you spend more on coffee than you do on security, you will be hacked. And moreover, you deserve to be hacked". (Richard Clarke in 'Digital Pearl Harbor')
http://www.w2knews.com/rd/rd.cfm?id=020815ED-Security

Here is the article on IT Chiefs ignoring disaster recovery:
http://www.w2knews.com/rd/rd.cfm?id=020815ED-IT_Chiefs

And here is the #1 Best Selling tool to implement disaster recovery:
http://www.w2knews.com/rd/rd.cfm?id=020815ED-Double-Take

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Double-Take
Full Site Failover and Infrastructure Redundancy delivered by the
#1 tool for data replication: Double-Take.
Ensure that your data
and applications are always safe. Help your Company and Homeland
Security by protecting your most valuable resources at the source:
Your Servers. Double-Take will fail over if your source server goes
down. 2001 Editor's Choice of both Windows 2000 and Network Magazine.
Download a 30-day eval copy now and start protecting your data and apps.
Visit Double-Take for more information.
  TECH BRIEFING

Home Automation - Wireless Camera Project

You all know that I'm a geek that fully wired his new house with structured wiring (a fat bundle of two CAT5e, 2 Coax and 2 Fiber strands). So I have every room ready with 100Mb Ethernet and access to cable TV, and it should be easy to use some of that wiring for cameras, right? At least I thought so. Reality was a bit different.

The network was easy to set up, but cameras? The choice is over-whelming, quality varies tremendously, and wireless is very attractive because you do not have to mess with any wiring what so ever, or so I thought. Yes, there are cameras that have their own OS and web server built in which you can plug straight into an RJ45 connector. But three or four of these 400 dollar devices did not fit into the home budget, so the last two months I have been experimenting with wireless equipment that was made available by the people from X10.

This is a set of three cameras, a transceiver, and a small box that allows switching between the cameras. It came with software (called MultiView) to display the cameras on my screen, and also another piece of code aptly called WebView that interfaces with MultiView so I can see these three cameras over the Web. The latter works via a server that X10 makes available. Now I can fire up any machine on the world, open the browser, go to the X10 site, type in my password and get fresh snapshots of my cameras every 10 seconds. Pretty cool but the road there had a few potholes.

The whole kit came from their demo equipment pool and I had no manuals. However, we all know that "real men don't read manuals" so I started plugging stuff in left, right and center and ran immediately into all kinds of trouble. It was an interesting and educational exercise. I now know more about wireless cameras than I originally wanted to [grin]. X10 has all their documentation on their site. But that did not quite explain my problems.

Soon I was on the phone with their tech support people. They were fast, courteous but have a 10 minute time limit they can talk to you. After that you have to call back and go into the queue again. Wait times were about 5-10 minutes (and I have called at least 10 times) so definitely acceptable, except for their "10-minutes-you-are-gone" rule. My problem turned out that the little "switcher" they sent was the wrong one for the transceiver and the two did not play nice together.

Once I got the right device sent, things went pretty smooth. The transceiver and the "switcher" both go into a USB port, the software sees them and installs a bunch of drivers to make it work. I tested this on a Dell dual CPU machine with W2K SP2 workstation on it. The install process was not entirely without trial and error. If these drivers have bugs they can bluescreen your system, which happened a few times until I had the latest revs which worked OK. That was a few tech support calls right there.

The MultiView software works, but has a few quirks you need to know about. This is probably an RTFM problem though. For the yet uninitiated among you, this four-letter acronym is often referred to as "Read The Fine Manual" and sometimes, when things get hairy the word "fine" is replaced with something less refined. MultiView shows a "live" preview pane and four panels to the right with static snapshots that get updated every 5-10 seconds. You can set this interval yourself but faster than 6 or 7 seconds is not advisable. Switching the cameras takes a second or so and if you want to make it run too fast, MultiView gets confused.

MultiView also allows you to record these snapshots on your hard disk but it will fill your space up with these pics in no time. Best to set this option to "only save when motion detected". That's a lot more efficient with disk space. Sometimes the switch command to get from Camera 1 to Camera 2 does not work, and you have the same picture in the snapshot frames on the right. What happens at that time is that something interferes with the X10 commands.

Things that can interrupt the transmission of X10 power line signals include: uninterruptible power supplies, some electronic dishwashers, some computer power supplies, and lighting that puts off noise. This is not typically a big deal, though there are things you can do to fix it. Usually the easiest way is to find the appliance that's creating the noise and plug it into a filter. It's also possible to install a whole house filter/repeater, which "cleans" up the power line and amplifies X10 commands so that they work better throughout the house.

Another problem you can run into is that the wireless signal simply does not work through a wall. My outside walls are cement blocks, with rebar inside them and concrete poured in from the top. This effectively blocked the signals from a camera I had mounted on a tree which I wanted to use to monitor my front door. Too bad, so sad.

This kind of configuration works well inside the home though, where the walls are made of wood studs and drywall. I currently have two cameras looking through windows, one on the pool and the other on our driveway before the garage. The third is mounted on the doorpost of my front door and shows the walkway. Here are shots how this looks from MultiView and the same pics via the WebView software:

http://www.w2knews.com/rd/rd.cfm?id=020815TB-MultiView1
http://www.w2knews.com/rd/rd.cfm?id=020815TB-MultiView2

But do not try to use these cameras with insufficient lighting. They simply go black when there is not enough light. Some other webcams are better in this respect like the Creative Labs PC-Cam 300. The X10 stuff is fun to play with if you are a medium to advanced PC user. This is an affordable do-it-yourself solution if you want to monitor your home, a children's room or a small business. The cams require decent lighting and a reasonable distance from the viewing area. For less than $300 you can view images from multiple cameras on the same PC screen. And with WebView (an additional 80 bucks) you have remote access via the worldwide web. This is a lot less money than professional security monitoring equipment and reasonably robust once you have it working stably, but it has its limitations. Fun to play with though and pretty cool when you can show your friends and colleagues you can see what is going on via the web!

  NT/2000 RELATED NEWS

The Verdict On W2K Service Pack 3

The jury downloaded, tested, cautiously implemented on some machines and came to the conclusion: NOT GUILTY [grin]. In other words, this puppy is doing reasonably well looking at all the feedback I have been getting. You can go ahead but still, only after thorough testing in your own environment. General experience is smooth, with sometimes improved performance and if there are problems it is usually with 3-rd party applications. Go ahead but move in small steps so you can roll back if you have to.

But FYI, a bug has been identified in SP3 with TS printer redirection. The symptoms are that printer redirection will not work when printing from some apps (including Office), but will work from others, when printing a document from a mapped drive. Printing from a document located on an UNC share, or that is on a local drive that is not mapped, will work fine. The MS Terminal Server and Sustained Engineering teams are working on a fix for this right now. They hope to have a patch available for customers in the next 3 weeks.

  THIRD PARTY NEWS

FBI Warns Against "WarDriving"

This is an abbreviated and edited version of an email from an FBI agent:

"It has recently been brought to my attention that individuals/groups have been actively working in the Pittsburgh area as well as other areas of the United States including Philadelphia, and Boston, and the rest of the world for that matter, to identify locations where wireless networks are implemented. This is done by a technique identified as "Wardriving."

Wardriving is accomplished by driving around in a vehicle using a laptop computer equipped with appropriate hardware and software (http://www.w2knews.com/rd/rd.cfm?id=020815TP-WarDriving) to identify wireless networks used in commercial and/or residential areas. Upon identifying a wireless network, the access point can be marked with a coded symbol, or "warchalked." This symbol will alert others of the presence of a wireless network. The network can then be accessed with the proper equipment and utilized by the individual(s) to access the Internet, download email, and potentially compromise your systems. In Pittsburgh, the individuals are essentially attempting to map the entire city to identify the wireless access points, see here:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-WiFi

Also, check this article from pghwireless.com:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-PGHWireless

Identifying the presence of a wireless network may not be a criminal violation, however, there may be criminal violations if the network is actually accessed including theft of services, interception of communications, misuse of computing resources, up to and including violations of the Federal Computer Fraud and Abuse Statute, Theft of Trade Secrets, and other federal violations. At this point, I am not aware of any malicious activity that has been reported to the FBI here in Pittsburgh, however, you are cautioned regarding this activity if you have implemented a wireless network in your business. You are also highly encouraged to implement appropriate wireless security practices to protect your information assets, check this link for that:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-Wireless_Security

There are several articles available with additional details including:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-WarChalking
as well as:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-PGHWireless2

If you notice these symbols at your place of business, it is likely your network has been identified publicly. If you believe you may have been compromised or if you have any questions regarding this activity, you are encouraged to contact the appropriate law enforcement agency

The DDos Liability Threat

Last week, we wrote that "the body of case law relating to the responsibility of companies to ensure that their computers cannot be unwittingly used in a DDos attack is growing." You must use due diligence to ensure that hackers cannot use your company's resources to attack others, or you might be held liable.

Distributed Denial of Service, aka DDoS or flooding, is for real. It works by taking over machines (even, perhaps, yours) as unwitting relay points which magnify the attack and hide the origin. I've seen estimates that more than 4000 attacks are directed against enterprise networks and websites each week -- just last month FoxNews, ESPN, ABCNews and theweatherchannel were shut down by highly effective attacks.

Now hear this. I just learned of a simple approach that came out of some Defense-funded work. Imagine operating a real-time, visual control center...watching attacks as they develop...effectively shutting them down...and ensuring no machine in your network becomes a relay point or "zombie". And it doesn't take vast resources to implement.

The developer has formed an Advisory Panel for help and counsel in bringing this approach to market. I'm in! Join me now to help build a powerful DDoS Attack Center for the enterprise network manager. Yes, it's good for discounts and freebies too... The time to solve this new challenge is now. Join the effort by applying here today. I'll see you on the Panel!
http://www.w2knews.com/rd/rd.cfm?id=020815TP-FloodAttack

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • Wonder where these 3 Billion of Microsoft Research are being used on? Interesting Reading.

  • http://www.w2knews.com/rd/rd.cfm?id=020815FA-MS_Research
  • Looks like Einstein may have been wrong assuming speed of light is a constant:

  • http://www.w2knews.com/rd/rd.cfm?id=020815FA-Einstein
  • Space mission to knock rogue asteroid out of orbit. Armageddon here we come!

  • http://www.w2knews.com/rd/rd.cfm?id=020815FA-Armageddon