Category Archives: How To

eBooks For Your 2016 Reading List

As we tip over from the mad rush of December and prepare to ease into another year, I like to take a minute to appreciate the hush and calm that comes after the rush and bustle of various holidays.

This week after New Year I like to take a few moments to pause and regroup before diving into the new year. A chance to take stock, reflect, and think.

And so I’ve held off until now to officially promote the fruit of a few of my 2015 labors. If your resolutions for 2016 include making time to do some reading that doesn’t break your stretched-too-far-after-all-those-gifts budget, I want you to know that I’ve got a few eBook recommendations for the busy IT Pro. Each is available for Kindle (on Amazon) and also as a free PDF download.

Monitoring 101

Despite the relatively maturity of monitoring and systems management as a discrete IT discipline, I am asked – year after year and job after job – to give an overview of what monitoring is.

This book is my attempt to address that question in a more structured form, published with the assistance of the amazing folks at SolarWinds.

Intended as guide to help bring new team members (often fresh out of college or a technical program) up to speed with monitoring concepts quickly, this ebook (or portions of it) can serve as a good introduction for a variety of audiences.

Click here for the Kindle Edition | Click here for the PDF version

 

“Technically, These Are Some Random Thoughts”
Around September every year, Jews all over the world celebrate Rosh Hashana, the Jewish New Year. However, it’s not – to put it in business terms – a year-end review. It’s a job interview. the month before Rosh Hashana (called “Elul” in Hebrew) is the time for getting one’s balance sheet in order. To help with that, a bunch of folks from all walks of life participate in #BlogElul: A daily prompt provides the theme and people riff on that – sometimes a few hundred words, sometimes an image, sometimes a poem or just a single sentence. It’s something I’ve done for a few years now. I thought I’d add a twist and also do an I.T. Professional’s version of #BlogElul and post the essays on my technology-specific blog: http://www.adatosystems.com. A reflection on each of the daily prompts and what they mean in an I.T. context. You’re probably thinking “Leon, this is a Jewish thing and completely outside the scope of my experience or interest as an I.T. Professional.” To which I emphatically reply: Yes and no. If you have worked in I.T. for more than 15 minutes, you’ve likely been involved in a large development project, system roll-out, or upgrade. And as the date for the big cut-over approaches, there are usually daily status updates. Consider this the notes from my status updates before the roll-out of “TheWorld v.5776”.

Click here for the Kindle Edition | Click here for the Nook Edition | Click here for the PDF version

4 Skills to Master Your Virtual Universe

For some IT administrators, virtualization might not be a primary responsibility. Without the opportunity to learn and gain experience as part of their daily routine means these admins are getting a late start in the virtualization game. So why should IT admins, who don’t consider virtualization to be a critical part of their job description, care about virtualization? Because virtualization spans every data center construct from servers to storage to networking to security operations. Add in the fact that it is used in practically every IT shop and you have a perfect IT storm. So while you might have been hired to administer one of those systems, virtualization’s dependency and abstraction of those resources means you’ll need to bridge the
virtualization knowledge gap.

In this book, my fellow SolarWinds Head Geek Kong Yang describes the 4 key skills needed to gain mastery of your virtualized environment.

Click here for the Kindle Edition | Click here for the PDF version

 

Having your account hacked is nothing new, but a few of my friends have experienced this particular frustration lately, so I wanted to write a quick guide on how to deal with it, and also how to avoid it happening in the future.

Some of what I’m writing about comes directly from the experience the good folks at Gizmodo had just a couple of weeks ago. Let’s face it: if the people at a technology blog can get hacked, it’s a cinch that you can too. The only thing you have going for them that they don’t is that you are relatively anonymous.

Before I start, a reality check: If someone is trying to hack YOU – not just anybody they can get their hands on, but you specifically – then you are going to get hacked. They have infinite time and resources to do it, and odds are you won’t know they even had you on their radar until it’s over.

With that said, unless you are in politics or work for Gizmodo, you should be safe.

First: What you should have done already – back up.
Do you have a copy of your contact list? How about your email repository?

If you don’t, you are being reckless, hacked or not.

Backing up email is outside the scope of THIS post (but it’s a good idea for another one down the road). Let’s just say for the moment that you have everything backed up.

Second: Verification
Are you SURE you got hacked? It’s easy enough for someone to make emails LOOK like they came from you, so be certain. The best acid test is for you to back up all your contacts and email, and then clean EVERYTHING out – everything in your sent items, your folders, your contacts, ALL of it. You have it all backed up, right? So it’s no big deal. Well, not as big a deal as being hacked, at least.

Now, change your password. Make it something weird – include letters, numbers, uppercase, etc.

Now wait a day or two. If people are still getting strange messages from you, you have probably NOT been hacked. Someone is just spoofing your email address. There’s not much you can do about that unfortunately.

If the emails stop though, it’s a good sign you’ve been hacked. The good news is that the bad guy no longer has access to your email. The bad news is that he did, along with everything in it. You don’t want that to happen ever again.

Next:  damage control
Assess whether you really need to keep your current (hacked) email account, or if you can switch. If you are using AOL, Hotmail, Yahoo, SBCGlobal, or any one of a host of other smaller email providers, I’d say it’s time to switch.

Why? I want Yahoo to make a comeback as much as the next guy, but the reality is that they are having trouble, and the security of their FREE email service is not likely to get a lot of attention right now. Ditto a lot of the small fries. Time to jump ship.

If you aren’t ready to switch, you can still follow most of the instructions below.

Set up your new home
Get a Google Mail account. It’s quick and simple (http://mail.googl.com)

While you are at it, pick a fairly difficult password. “Difficult” does not mean “hard to remember” or “impossible to type”. It means “hard for a person or hacking program to guess”.

Here’s a hint: use a phrase instead of a word. Use the underscore ( _ ) instead of spaces, but otherwise, pick something you can remember, but is more than one word. “Ring_around_the_rosey”. Add punctuation (“Stupid_mean_people_suck!”) and the password became even harder. Why? I leave it to the awesome creator of XKCD to explain (http://xkcd.com/936/):

http://xkcd.com/936/

Once it’s created, set up two-step authentication. Why? Because it guarentees nobody can ever use your email unless they are pretty much sitting in your house.

It works like this: When you sign into your email on a new machine, you will get a text message on your phone (or a phone call, if you prefer). The message will just be a number. You enter the number onto the login screen, proving you are “you”.

While it sounds like a hassle, it’s actually no big deal once you set it up. And let’s be clear: Someone who tries to hack your email is INSTANTLY foiled. They can’t log in without that magic number, which is being sent to YOUR phone. So you know someone is screwing with your account and at the same time, they can’t get in.

If you are on Gmail, you set it up by going to your account page (https://www.google.com/settings/account), clicking on Security, and changing the “2-step security” settings you find there.

Finally, ease the transition
Back on your old email account (you changed the password there, too, right? How about checking to see if IT supports 2-stage authentication? Just to really make it hard for the guy who originally hacked your account.) set up email forwarding to your new account. That way you don’t miss a message as people get used to your new address.

And another thing
Changing your email is an important step, but it’s not the only one. You probably have a lot of “things” that use your email for verification – Facebook, Twitter, Pinterest, bank accounts, etc. Make sure you change those too.

While you are on those systems, change your password (again, consider using a “pass phrase” instead); and check out their security settings to see if you can ratchet them up a notch.

All that happened this time was your email got compromised. But you don’t know if that was part of a larger effort to dig into your electronic life.

Trust me, there are worse things than losing all your email contacts.

Again, a question from a friend caused me to write this up. And since I give out this information relatively frequently, I thought I would just post it here for all to see.

As with any of my stuff, Caveate Emptor, YMMV, Objects may be closer than they appear, draco nuncum titilandus.

***************

The overall theme to this process is “wash, rinse, repeat”. Because viruses and spyware programs tend to have lots of little pieces which “hide” the other pieces from the operating system, your process to remove them is to get rid of the piece that is visible, then reboot, then get rid of the next piece, etc.

I have 3 tools that I use for this:

Things to consider:
1) If you already have an anti-virus program, you don’t need AVG. That having been said, I’m not a big fan of Symantec or McAffee. In fact, I’m not ashamed to say I loath them. I used each for years, but find that their software has become bloated, convoluted, ineffective, unresponsive and even difficult to remove. If you have one of them and you aren’t impressed, I would suggest removing them in favor of the 3 programs above.

2) The same can be said for Spybot. If you already have an anti-spyware program, then you can skip this. If you DON’T have one, please make sure you install Spybot.

Step 1: download and install the software

  • Download Malwarebytes from here:
    http://www.malwarebytes.org/mbam-download.php
    Download Spybot from here:
    http://www.safer-networking.org/en/download/index.html
    Download the FREE version of AVG from here:
    http://free.avg.com/us-en/download?prd=afg
    (you click button at the bottom of the left column where it says “FREE”, which takes you to a C-Net download.)

Step 2: Install Malwarebytes
For immediate virus/spyware removal, you only need Malwarebytes. But don’t forget that you need an anti-virus program AND an anti-spyware program!

Step 3: Run Malwarebytes
Once you have installed it, running it should be fairly easy to figure out.

After it has run, you will see a message about infected files. Make sure you choose to “remove selected” files rather than just closing out of the program.

Step 4: Reboot

Step 5: Run Malwarebytes again
Really. It sounds dumb, but just run it again anyway. Remember to remove any infected files you find.

Step 6: Reboot into safe mode
While the computer is coming up (immediately after restartng, before the Windows logo shows up) hit the F8 key on your keyboard. You will see a black screen with white letters, and the top option will be “Safe Mode”. Use the up- arrow key to get to that choice, and then hit ENTER to select it.

Once you are into windows (the screen will look way funky. Just stay calm), start Malwarebytes again.)

If you have problems with Safe mode, check this out for screen shots and more information: http://www.computerhope.com/issues/chsafe.htm

Step 6: Reboot normally (no safe mode)

Step 7: Run Malwarebytes again
At this point, you need to pay attention to the errors and such. If you are STILL getting messages about infected files, keep this process up. I would drop back to Safe Mode and keep running/rebooting until you can a clean run (ie: no infected files). THEN I would reboot into regular mode and run one more time for safe measure.

Step 8: Install antivirus and antispyware
Remember, if you don’t have an antivirus program, or if you have one that isn’t working for you, I would remove what you have, and then install AVG and Spybot.