Technology Made Simple
Friday December 15th 2017

Insider

Archives

Disaster Recovery: Starting a Simple DR Plan

I’m starting a new series on Disaster Recovery that will hopefully run on Fridays for a bit.  Not many companies will even think that they need a plan like this, until a disaster hits and then it’s too late.  In this installment I’ll start you on the thought process and how to go about writing your own.  In the following weeks we’ll go into more depth of scenarios and what you need to think about.

How you go about starting a disaster recovery plan, depends on how you got on the path to thinking about it.  Usually this comes on a couple of ways:

  1. Management asked you to look into it
  2. You are being proactive
  3. You had a disaster and looking to never repeat that again
  4. You had an outage and trying to make sure it doesn’t happen again

There is one of these that some of the hard work is already done, that is, management asked you to look into it.  Meaning they are at least already aware of the need, doesn’t mean the rest is going to be easy, but broaching the subject with management can be stressful.

If management  isn’t looking into a DR plan, then you are going to need to talk with them and get them on-board with the plan.  Top management needs to support this plan, plus the time, energy and money that will be needed  to make this plan a success.

Next you need to start thinking about what kind of disasters you want your plan to cover.  If you are reading this, than it’s most likely your first time, and the answer of “everything” just wont do.  Start first with events that may have impacted your company within the last couple of years.  For most companies this is usually power or service interruption.  From here start to make some plans on how you could keep operations running.  For example:

Company XYZ is in an area were the power often goes out for short periods of time.  So to keep systems up and running, we installed a UPS and Generator for the building.

The reason I suggest starting with these kind of events are that it’s easier to plan and mitigate these kind of problems and will give you the base on which to build on.   When working through these basic scenarios in your group, start to discuss what are the most important systems to keep up and running.  If you company does a lot of online order processing, you may want to make sure that server stay on as long as possible, but maybe the print server doesn’t need to same level up-time.  Also what happens if the primary connection to the internet drops or has problems?  These are things you need to think of, some may be more important that others.

When you start figuring out what technology is critical and what isn’t, you’ll learn its easier said than done.  Almost everyone you talk to will make a case to why their system needs to stay up.  With the help of upper management, you can start to carve out a real picture.

Beside just making sure your servers stay up, another thing which you should be doing anyway, is making sure your servers are backed up.  Servers will fail, it’s all but an inevitability, making sure that you can get the data back up and running after a problem is key to getting your business back on track.

This is the simplest way to make sure you’re covered from the small stuff.  Think…what’s important….what needs to keep running…and is everything securely backed-up?  That’s it.

————————————————————–
This is an ongoing series on disaster recovery for businesses, so please check back for the next couple of Fridays as the series continues.  This is not a complete information guide on DR, just something to get you started and thinking.  If there are any questions or comments, please leave them blow in the comments section.

Q&A Monday: How to get honest feedback

Question:

I am the manager of  several large technology products for my company, and I feel like I’m just not getting honest feedback from the people involved with the project.  While the projects seem to be going well, I would appreciate it if I could get honest feedback and make sure the projects are a success, any suggestions?

Steven Bowman

Overland Park, KS

Answer:

Depending on your management style this is either and easy task, or something that you will need to work on.  Plus I’m sure this is a question, that everyone has their own opinions on.  To be honest, I think that honesty and different opinions is what can make a project a success.  There are generally 5 things I like to keep on my mind when working through projects where I want to get real feedback.

  1. Hand out anonymous surveys
    Most people underestimate the power of the anonymous survey.  It gives your employees a chance to tell you what they are thinking about, without having to worry about sounding dumb in front of co-workers or their boss.  These should be quick surveys (not 50 questions) and done fairly often.  It’ll help you judge if everyone is on the same page.
  2. Get a Devils Advocate
    Anyone who thinks that they alone have all the answers, isn’t looking for feedback.  I like other people to suggest alternative ways to get something done, and this helps make sure the project gets done in a complete manner with everything thought through.  Plus this will show your employees that you are open to discussion and debate and will be more willing to give you honest feedback.
  3. Visit their Offices
    If your business has multiple locations, make sure you take some time and visit their locations.  I’ve had managers who said they care about my site, but never came, which told they don’t really care.  Take time to get some face time with the people working on the project with you, they are far more likely to be open with you one on one.
  4. Show another side of yourself
    Most employees would secretly say that their boss is uptight.  Luckily I’ve had a good run of bosses where that wasn’t the case.  That’s not to say that my bosses were all laid back, far from it, but they had times where they were tough when needed and more friendly when looking for comments.   Make sure your employees see a more personable side of you, and you’ll see they’ll be more willing to open up.
  5. Check in with them
    This is a simple one, just take time to walk into their office and have an informal talk with your employees.  This touches on a lot of the points I make earlier, a one on one conversation makes the employee more likely to talk openly with you.  The informal nature makes you more appear softer and more likely to take their opinion, because you are on their turf.
Now I’m sure you’ll have you own, and I’m always willing to hear what works for you and your groups.  I like to take the more laid back approach and make sure they feel comfortable coming to me with ideas.
——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.
ESET Cyber Security Pro for Mac - Save 25%

5 Cool registry changes only in the registry

With almost any discussion we have about the registry, I always want to stress the same message.  Messing with the registry can cause you system to become unstable or not work.  Please make sure you backup the registry prior to making changes.  Now with that out of the way, I wanted to show you some cool registry changes that you can make in Vista or XPs  registry that you can’t do in a user interface.

 

1. Disable Autoplay

I don’t like when I insert a CD or USB drive into my computer and it starts to run all by itself.  For one, it’s a security risk and second, I just hate closing the window(s) that pop up.  Well you can fix this in the registry.
  1. Windows Key + R (brings up the run command)
  2. Type CMD (opens command prompt)
  3. Go to HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.
  4. Create a DWORD named NoDriveTypeAutoRun.
  5. Set the value to 000000FF.
Now you wont be bothered by files auto-running.

2. Increase the Maximum Number of simultaneous Downloads

When I am doing some research on a project, I download a lot of files and I always ran into the simultaneous download limit, and had to wait for one download  before starting another.  If you run into this, it can be frustrating, but there is way around this.

  1. In Registry Editor  go to HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings.
  2. Create a new DWORD named MaxConnectionsPerServer
  3. Set a value of 0000000a.
  4. Create a new DWORD named MaxConnectionsPer1_0Server
  5. Assign it a value of 0000000a.
3. Change Registered Users Name
I’ve gotten computer where the computer had someone else as the registered user in My Computer.  This can happen if you get a computer from someone-else, or even if you company has merged or been renamed, you might want to change the registered user of the computer.  You can do that:
  1. In Registry Editor go to HKLM\Software\Microsoft\Windows NT\CurrentVersion.
  2.  Change the values to the RegisteredOwner and RegisteredOrganization keys to reflect your desired info

4.Encrypt and decrypt from the shortcut menu

If you encrypt or decrypt files in files in XP Pro or Vista, you have to go through the properities of the file and the advance button. Then you get the the encrypt or decrypt options.  There’s of course a simpler way, justt add it to the menu when you right click on the file:

  1. In the Registry Editor go to HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced.
  2. Create a new DWORD called EncryptionContextMenu
  3. Assign it a value of 1.

5.Disable User Account Control

Anyone who has Vista, has most likely complained about the User Account Control feature.  Where Administrators who attempt to perform an administrative action receive a prompt asking whether they initiated the action. I think that this prompt is a valuable safeguard against malware, but since a lot of people don’t like it, here’s how to use the registry editor to suppress the prompt:

  1. In the registry editor go to HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System
  2. Change the value of the ConcentPromptBehaviorAdmin key to 00000000.

Then reboot and poof now you’ve made the changes you wanted.  Are there any registry changes that you like that can only be done via the registry and not the user interface?  Let me know in the comments below.

TASER® StrikeLight™

5 Signs IT isn’t the career for you

We’ve all met the IT guy who we are pretty sure isn’t cut out for the job.  I know people have asked me, if they are right for IT and it is something people need to think about prior to spending the money and time to get into the field.  Lucky for you, I wanted to make a list of 5 things you need to consider before you hop into the IT field.  If any of these are you, really consider becoming an IT professional.

 

  1. You don’t want to further your education

    IT is a world were everything is constantly shifting and changing, and if you stop pushing your knowledge your knowledge will become quickly outdated.  In IT you must be willing to constantly learn new things, whether that be more schooling, buying books or learning by doing.  There are a lot of people who just hate this stuff…and if that’s you, IT may not be right for you.

  2. Only work 9 to 5

    Unless you are a wizard, servers, computers and technology in general doesn’t stop having issues when it’s time to clock out.  Servers will break, go down or crash in the middle of the night, and if they are your responsibility, you’ll be in work.

  3. You can’t multitask

    Multitasking is  easily one of the most important things you need to juggle in the IT realm.  Most IT professionals are just seen sitting at their desk all day, not looking like they are working much, but honestly we are…and most of the time its several things at one.  If you are a single task or project kind of person you’ll find IT too fast paced, because a lot needs to get done…in a short period of time and you’ll need to multitask.

  4. You hate technology

    Not sure why, but I’ve met many an Administrator, who actually hated technology.  It’s really strange for me, because if I had time and resources I’d play with every new piece of technology that came out.  Anyone who knows me, know that when I get new technology or a new toy as I call it, that I do nothing but try figuring it out.  But on the other hand there are people who just don’t like technology…and I guess you can work in a field with things you hate…just don’t think it’s productive to work that way.

  5. No Patience

    There is nothing like having to figure out a problem and nothing is going your way.  In IT this happens a lot, and you need to have patience to work through the problems.  Now this isn’t only with regards to technology, you need patience with people as well.  I’ve done phone support in my career, and walking through a problem with someone who really cant articulate or even understand whats going on can be frustrating.  You need to be able to keep cool and work through problems without blowing up.

While this isn’t a complete list, these are things I’ve said to myself as I looked at a tech and wondered what made him get into this field.  Are there things that you think someone should ask themselves before getting into IT?  leave your thoughts below.

Click here to learn more!

Q&A Monday: How often should I update my Linux Servers?

Question:

I have recently become responsible for more servers at my current job, some of these servers are of the  RedHat and Debian flavor of linux, and I was wondering what is the recommended period of time between checking for updates on these servers?

Catina P. Martin
Mira Loma, CA

 

Answer:

To be honest, it all depends on how comfortable you are with the servers and how critical they are to your organization.  In a multi-server Linux environment if you have servers that are less critical, updates those first and then move onto the more critical servers.  As for how often, I wouldn’t push past a month between updates (then you can do them with your Windows Boxes).  If the staggering amount of updates on the boxes make you nervous, then move to twice a month, and if even that’s unmanageable for you, then move to weekly. Weekly will give you less updates, and less to comb through if a particular update gives you problems.  Plus the sooner you get patches and apply them, the more secure your server could be.

 

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

TASER® StrikeLight™

Q&A Monday: hiberfil.sys and deleting it

Question:

Jim,
While doing some spring cleaning on my computer, I’ve come across a file in C: drive called hiberfil.sys file.  When I try to delete the file it wont let me, how do I get rid of hiberfil.sys?

Craig Ridgeway
Kenosha, WI

Answer:

The first thing we need to discuss, is what exactly is that file?  hiberfil.sys is one of the power management options offered in Windows called Hibernate mode.  In hibernate mode, your computer writes all it’s memory data to a file on the hard drive and shuts off the computer.  That’s where our hiberfil.sys file comes in, it’s that file and currently golds the current memory state.  Since it’s a system created file you can’t delete the file directly.

So you need to ask yourself before continuing, do I want the ability to hibernate my computer?   If you never need it, or never use it then you can continue along, but if you do, then you’ll need to live with the file…which is fine, because you now know what it is and what it does.

Disable Hibernate (and delete the file) [ Windows Vista or 7]

You ready?  Ok, open a command prompt as administrator and type:

powercfg -h off

That’s it! The file should be down.

Disable Hibernate (and delete the file) [ Windows XP]

Head to Control Panel –> Power Options, and then go to the Hibernate tab.  Uncheck the box, reboot your PC, and then you can delete the hiberfil.sys file.

Q&A Monday: Determine what Domain Controller authenticated a user

Question:

We have many domain controllers in our environment and while working through troubleshooting, I was wondering if there was a way to find out which domain controller logged the user into the network while sitting at the users PC.  The problem ended up not being related, but the question stuck with me, is there a way to tell which domain controller logged a user in?

Carol Peterson
South Mountain, ON

Answer:

Carol, there is a very simple way of doing this, all you need to do is open a command prompt and type:

set logonserver

or

echo %logonserver%

This will show you what server logged the current user in.

——————————————————————————————–

If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

Click here to learn more!

Software Update: iOS 5.1 Software Update

Apple released their new version of the iOS software yesterday.  This update contains improvements and bug fixes, including:

  • Japanese language support for Siri (availability may be limited during initial rollout)
  • Photos can now be deleted from Photo Stream
  • Camera shortcut now always visible on Lock Screen for iPhone 4S, iPhone 4, iPhone 3GS and iPod touch (4th generation)
  • Camera face detection now highlights all detected faces
  • Redesigned Camera app for iPad
  • Genius Mixes and Genius playlists for iTunes Match subscribers
  • Audio for TV shows and movies on iPad optimized to sound louder and clearer
  • Podcast controls for playback speed and a 30 second rewind for iPad
  • Updated AT&T network indicator
  • Addresses bugs affecting battery life
  • Fixes an issue that occasionally caused audio to drop for outgoing calls

for more information please visit Apple’s Support site: http://support.apple.com/kb/DL1504

5 ways to limit your DNS Issues

  One of the things most overlook on a network when things are going well, but when they aren’t, are one of the most pain in the butt things imaginable is DNS for a network.  When you start messing with DNS, you’ll find there are many ways things can go wrong or become endlessly complicated.  I’ve find there are 5 rules that can help you keep DNS manageable and keep DNS problems to a minimum.

  1. Limit the number of zones

    Like many things in IT, doing some level of housekeeping, the longer a company is around the more likely they have accumulated more DNS zones, whether it be from projects that no longer exist or a product line no longer offered, or anything else your company might have been doing.  It’s may seem like a daunting task going through all the zones or forwarders, but if there becomes an issue, you’ll be happy you have less to dig through.

  2. Remove all WINS dependencies

    I’m still shocked that many networks out there still have WINS enabled and working.  WINS is really outdated now-a-days and you are only adding another level of troubleshooting if a problem exist.  If you have a mixed environment; Windows, Linux and Mac; only Windows machine will fully take advantage of WINS anyway, so no need to keep it running.

  3.  Separate Internal and External DNS Servers

    This is the security guy inside me, I can’t stand when companies use one DNS server for both internal and external.  For one this is a huge security concern and two this can make managing DNS a little more confusing when you need to make changes or troubleshoot.

  4. Combine DNS and DHCP

    Since most business networks today are Windows based, it doesn’t make the most sense to have a Linux or Mac server doing DNS and/or DHCP, when windows is the OS of the computers.  I’ve used both Linux and Windows based DNS systems and when it comes to troubleshooting and using Windows is better for business is the long run.  It’s hard to type that as someone who uses Linux for other things.

  5.  Make DNS highly available

    DNS is really a network service that you want to keep up and running as much as possible and Windows DNS can be made highly available.  This can be done by using more than two DNS servers.  The advanced tab of the networking configuration panel for the Windows system allows for a tertiary or higher DNS server to be entered. The advantage of this, if one of the servers is down, DNS can still look up the chain and resolve DNS for your network, giving you a level of fault tolerance in your network.  This works great when physically in different areas.

I’m sure this isn’t a complete list of ways to Limit DNS issues in your company, so if you have any please list them in the comments below.

Q&A Monday: Mapping admin C$ Share on Windows 7

Question:

On my Windows XP machines I am able to use \\hostname\C$ to map to the C drive on that computer, but when I try it with my new Windows 7 machines, I can’t get it to map.

Answer:

This isn’t just a Windows 7 issue, this issue also occurred on Windows Vista machines as well.  This is caused by the UAC (User Access Control) doesn’t allow account elevation over the network with a local user account.  Now there is a registry change you can make that, but I really want you to think long and hard before doing this, because it does make your system less secure.

so good to understand how Windows works.

Manual Registry Hack

Open regedit.exe through the start menu search or run box, and then navigate down to the following key, creating a new key if it doesn’t exist.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

 

On the right-hand side, add a new 32-bit DWORD value named LocalAccountTokenFilterPolicy and set the value to 1.  To remove this, all you need to do is set the value to 0 or just delete the key.  You just need file sharing turned on now, and you can now map the C$ drive on Vista or 7.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

ESET Cyber Security Pro for Mac - Save 25%
 Page 3 of 18 « 1  2  3  4  5 » ...  Last »