The Caffeinated Duck

A couple of weeks ago, I received an email saying that we are spamming. One of our IP addresses was listed, which unfortunately was our NAT (PAT for you purists). “OK,” I thought, “7 schools and our district office that’s about … 1000 computers, and one or more of them are spamming. Ugh!”

We’re still in the process of migrating from Netware 4 & 5 to Windows 2003. Much of the IP address allocation and computer naming was done long before I arrived. Finding the IP addresses of the offending computers was not really difficult. Between the firewall and the LAN, run wireshark which can examine all traffic coming and going from the network. You need to make sure that your analyzer PC is attached to a hub and not a switch on this link, otherwise it will not see packets that are not destined for itself.

Run Wireshark and filter for smtp traffic (port 25). Let it run for 5 minutes or so. The results will show your email server traffic (if you have one) and any traffic generated by a client bound for another email server. Be aware that not all traffic coming from port 25 on clients necessarly means it is a spam zombie - they may be using their ISP’s mail on their work computer or something of the like. It is an excessive amount of traffic on port 25 going to several different mail servers. You can also examine the packets, strange email addresses are also a tipoff.

At this point, I located 2 computers generating what would amount to several hundred emails per hour. Since they were not computers that have been upgraded yet, I only knew what school which they were located. As we bring clients on to the new server, they get renamed with the school and room number (i.e. at Dalton James Elementary School, room 116 which is a lab, 4th computer would be named DJES116LAB04) but these computers had the default manufacture name and number as the computername - which I got from DHCP (since there is no local DNS or WINS). I assigned these computers a DHCP reservation so they wouldn’t get a different IP address before I could find them, and then blocked them at the PIX (firewall). This keeps them from sending spam, plus often the user would come looking for us when their computer all the sudden cannot get to the internet. It took one of our savvy tech who knew that school just a few minutes to find the computers, and we pulled them off the network and reimaged them.

3 Comments »

Ugh! I promise, I’ve got stuff to post.

I want to start posting more about technology. I’ve had a few issues over the past few months where doing some internet research has helped as well as others that were solved by experience. Since I use the internet to research issue that I haven’t seen before, I want to give that back

Back to school full time (12 credits) this semester. I somehow managed a 4.0 last semester and made Dean’s list for the first time … well, ever. Accounting was my hardest class - its difficultly really took me by surprise. This semester, I’m enrolled in finance, economics, and 2 management classes. I guess Business is the new Liberal Arts degree.

No Comments »

I resolve to start posting again!

2 Comments »

I like the camera phone. The made in china label was just too ironic to pass up. This shirt is available in a store that rhymes with “Arget”

No Comments »

I’ll spare the details of how I lost my truck, but it has found an interesting new life in our teenager. A new paint job was in order. (Yes, this is the same truck!)

While I do miss it, I have to admit, it’s probably in better shape than when I bought it in 1996 when it was 4 years old with 40,007 miles. The A/C is fixed, as is the exhaust system, and it has a rear bumper - which wasn’t even included when it was new.

3 Comments »

Two years ago, I wrote that I had finally broken down and bought a cell phone. I said that I did not want anything fancy, just something to make and receive phone calls. Two years entitles me to an upgrade. So much for old values. One of the things that I find myself doing more than expected is text messages. It is the main method of communication for the kids and the only way I can contact a tech in our district who is partially deaf and cannot use a standard phone.

I’ve been texting since the kids got their phones, but on the regular keys, it is slow for me. I know the kids can knock out a 20 word message in less than a minute, but for me … well, let’s just say it takes me longer, and I refuse to type a message saying “whre u at mom wnts 2 no?”

So, my upgraded phone has a mini-QWERTY keyboard that slides out and now I can send a 20 word message almost as quickly as I can type it on a PC keyboard. I don’t have to use short hand, and it is even easy to find less common punctuation marks - like commas!

Since I have only had it since yesterday, I am still learning the features. A camera/video recorder, MP3 player, and I don’t know what else. It uses a mini-sd card and I picked a 2GB up at WalMart for less than $25, but the USB adapter that I bought to plug it into the PC does not work. I am just glad it didn’t fry the card.

I am sure much of the novelty will eventually wear off, but for now, learning how to use it seems like a fun project.

1 Comment »

No, it’s not a typo. I mentioned in an earlier post how some of the technology we currently use is a getting a bit long in the teeth. Warning: Geeky Tech Post - run away if this kind of stuff is not your bag! There are not alot of people in my world who can really understand and appreciate this kind of stuff, so posting it here may reach some random geek … somewhere.

Last week, a Netware 4.11 server power supply finally died after a couple of weeks of intermittent abends (crashes). Kudos to Gateway, as this power supply was 9 years old when it finally went. We were able to get a new power supply, but the system refused to fully boot. When it couldn’t find the SYS volume, I figured that all of the abends must have damaged the OS and file system. Still, there was some data on that server that had not been backed up and I wanted to see if I could get it to boot.

Some Novell forums showed that is was not an rare event, but I was unable to find any specific details that would fix this system, but it did give me the hope that it could be fixed. It was the deepest that I have ever dived into the guts of Novell - drivers, startup, and configuration files. I finally had some clues that the SCSI drivers were not loading properly (I warned you that this would be a geeky post). I was able to load the SCSI drivers manually and then mount SYS. I edited the changes in the startup file and the system booted, but still wouldn’t connect to the network. So it was more of the same with the network card drivers. After 2 hours the system was back and running normally.

Now, some of this may be simple, old hat to some gray-haired Novell Masters, but this was my first Novell crash, so I was pretty excited to get it fixed. Now if the rest of the servers can hold on until we get the new Windows 2003 servers sometime next year or so …

2 Comments »

I didn’t do great on either of my finals, but I also didn’t do poorly. 87 on the final in Organizational Business and 89 on my French II final - both grades were high enough to earn an A in each class.

I’ll be taking an academic break this summer, but it is my goal to pass another Microsoft certification exam (70-291 Network Infrastructure) which will upgrade my certification from an MCP (Microsoft Certified Professional) to an MCSA (Microsoft Certified Systems Administrator). I’m looking to take that exam sometime in mid-June.

2 Comments »

Shessh, I thought studying for finals would just be a review of everything I learned this semester, but going back over the material, I have found that I have just plain forgotten some of the early things, so I am having to relearn them. Is this normal or is it just me?

No Comments »

Like many people, I use Wordpress for my blogging software and host a server with 3 other Wordpress based websites. It seems like I just upgraded Wordpress a few weeks ago, and now there is another update. In all honesty, it doesn’t take that long to upgrade 4 websites, and the software is free - in fact it is not only free, but it is an awesome package to boot. Plus, it’s nice enough to tell me that I need and upgrade as soon as I log in. All in all I do appreciate the effort the people who maintain this software put in to making it great!

Finals are next week for the 2 classes that I am taking this semester. French II and Organizational Business. I should be able to pull an A in French if I do well on the final, but I am not sure about business as I haven’t received my last exam grade. I think that I’ll probably end up with an A or B depending how I did on the last exam and do on the upcoming final. I’m looking forward to some downtime this summer before starting again next fall.

No Comments »