Late last Fall, I completed some on-line courses on PC Security. These were quite interesting, and enlightening. Eye-opening would not be an exaggeration. The "advanced" course covered tools such as "wireshark" - a packet sniffer, and "nmap" - used for probing a PC's software ports. The lesson on using wireshark came at a very good time, as I shall describe below.
Diagnosing Slow Internet Service
Wireshark, and other packet sniffers such as "TCP Dump", are used to monitor data as it passes across the network. A packet sniffer will tell you if packets are being dropped, re-routed, and will tell you the IP address of any routers or computers involved in the connection. Within a week after I had gone through this lesson and installed wireshark on my LINUX system, my Internet connection slowed W A Y down. The term "glacial" was an understatement - with throughput falling below that of 56K dial-up. I verified this using several sites on the web which test your connection speeds. When I fired up wireshark and attempted to navigate to a web site, I saw that MANY packets were being dropped - both at one of my ISP's routers as well as at a DNS server. Ping times were in the seconds, in some cases, but averaged around 700-800 milliseconds. Armed with this information, I was able to avoid the inevitable lame questions such as "Have you cleared your browser cache?", or "Have you tried rebooting?", ... when I called my ISP's tech support line. I was able to talk intelligently with the technician, citing the data I gleaned from my earlier wireshark session. During my 30 minute call, the technician identified a configuration problem at their end and fixed it. One word of warning: Wireshark and nmap are both legal when used properly and ethically, however they ARE considered "hacker" tools and should be used with CAUTION. If you are trying either of these on your work PC you may well get an angry phone call from your IT department - or even face discipline! ASK IT's permission FIRST if you are legitimately wanting to do this on their network for educational purposes. Your ISP also will likely take a dim view of your running these tools from home to probe other machines on the Internet, figuring you're engaged in nefarious activities. My ISP didn't ask me what "diagnostic tools" I was running prior to my talk with tech support, so I didn't tell them.
Testing Your PC's Security and Firewall
Recently, for my continuing IT education, I bought someone's cast-off copy of Windows VISTA "Home" edition. I partitioned my newest machine and configured it to dual-boot my choice of VISTA or LINUX. Soon, I plan to run my OWN tests of VISTA and its built-in firewall by probing it with another networked LINUX box loaded with the nmap port scanner. Since both machines contain LINUX systems, I can effectively use either box to test the other's firewall configuration.
Removable "Drawers" for Quickly Reconfiguring a PC
Removable hard drive "drawers" allow you to quickly remove a physical hard drive from a computer through the front panel WITHOUT opening up the case. With this, you can use a computer in multiple configurations and OSes - it's like having several PCs, only MUCH cheaper! For example, on the dual-boot VISTA box I mentioned above, I have a Win 2K/LINUX dual-boot drive and the VISTA/LINUX dual-boot drive. Each drive is installed in its own drawer and can be swapped within a few seconds by powering down the PC, removing the one drive and inserting the next one. One drive/drawer may be used for software development while another can be reserved for general browsing, multimedia, or whatever. I have several small, <10GB hard drives left over from 10 years ago. I'd like to get another couple drawers for these and use them for certain types of testing in my lab. Loading one with LINUX and Apache server would be VERY useful for testing one's web pages BEFORE going "live" with them on-line.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Constructive comments are welcome! Spam, or any abusive or profane comments will be deleted.