Thursday, 2 July 2009

Issues with upgrading bandwidth, migrating ISP and changing topology

This is a note I took when migrating ISP, upgrading bandwidth (from 512 kbps to 1 megs) and changing topology into a more secure network.

Broadband pricing in Indonesia is getting down. I am sure there's gonna be another decrease of cost in bandwidth next year. It is now about half the price of the last year, that's not bad. And since things are upgrading, like the company I work for is upgrading it's system to VOIP thingy. Then I think it's time to set the network better now.

When I first got in the company, things were simple. Accessibility and availability were low. Employees had only Outlook Web Access (OWA) to access email from remote. OWA was good, but not good enough. They could have had the full MsOutlook features. I mean, when you have a laptop, why use OWA if you can have a complete feature of Ms Outlook? Well yes, OWA is good when you have only a very limited bandwidth, though.

Alright, then we took notes, what was feasible to enhance and what had to wait. Then we had it all in the list of what to do, what to reconfigure later on, like websites, FTP site, intranet, extranet, mail availability (Outlook, Outlooke web access, Outlook mobile access, Mobile outlook via microsoft activesync pushmail), data availability (such as via VPN) and web applications to support business processes.

Yes you know, the back technology would be, DNS, RPC over HTTP, IIS, Front-end Exchange Server, Back-end Exchange Server, Firewall, SSL with CA, ASP, WAP, dotNet, and of course we need to have a Demiliterizarion Zone (DMZ), so be certain in routing and firewalling. One of the most irritating problem is you need to make sure that the changing of IP address and the way your router routes network will be quite different. This will impact on everything not only security issues but also availability.

When migrating to new topology, remember to take notes of the prior conf of the firewall and translate it to new topoloty. In my case, my new topology is very different with the previous one, since I use the point-to-point IP as the router gateway as the internet address, therefore I hide the real IP I have. This is more secure yet more difficult to route and firewalled. I don't want any service such as push mail nor website disturbed.

Consistency among router-firewall-IIS is critical. Check out every detail like in the website header, address, services, port number, authentication setting. Since they are scattered all over IIS, router, firewall and Exchange Manager (at both front-end and back-end server) than taking notes is crucial.

It was quite an experience. Re-setting the router-firewall-IIS was a real pain in the a*s. But now it is working real good, so I guess everything turns out worthwhile then.


Sunday, 21 June 2009

What to do when my C:\windows\SoftwareDistribution folder is bloating?

One of the things that my wife does not understand about me is why I spend more time with my computers more than with other things like cats or dogs. She thinks it is not healthy. You know what, in vice versa, I don't understan why I should keep cats or dogs.

I spend more time with my computers is simply I like them and I like them to be in good shape. I check every detail of them, renew, change, break one and get new one. I can't just break a cat and buy a new one, can I?

When I was playing with this VirtualBox on my Mac, I was a little shocked that my Windows on it was almost filling out my 15 Gigs of the virtual HD. What on earth that is? Practically I only installed Office 2007, Visual Studio 5 and some video/audio players. Then I find out my windows folder took 6.8 Gigs! WOOOW..

I heard about this windows being bloatware and all but did not think of it as serious. It was not this crazy usually. Taking a looke deeper I found:

1. c:\windows\softwaredistribution\download folder was 1.63 Gigs. Thats' definetaly not normal.
2. c:\windows\system32 took about 1.25 Gigs, well I guessed I could take it.
3. c:\windows\installer was 2.44 Gigs
4. c:\windows\assembly was 440 Megs
5. c:\windows\Microsoft.Net took 200 Megs

Others looke normal, they took from 0 kb up to tens of Megs, I thought they were ok. What needed to take care is issue no. 1 and 3. Let's dig it.

I've got this article in hand:
http://phorums.com.au/archive/index.php/t-182069.html
http://www.optimizingpc.com/optimize/deletefiles.html

We can conclude that c:\windows\softwaredistribution\download is safe to empty. That's right, just empty the folder not delete the folder. What I did was to copy the files within the folder and copy them into my external HD, just in case. I ran the windows update to check that everything was ok, that every update was recognised.

I did not find any c:\windows\downloaded installation\ , instead the folder in number 2.

To remove c:\windows\installers\ is not that easy. You may end up failing uninstalling software you already installed if you just remove it.

Here are some articles:
http://blogs.msdn.com/heaths/archive/2007/01/31/how-to-safely-delete-orphaned-patches.aspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;290301

I've got a feeling this is gonna be a little rocky. so I am gonna investigate a little more before doing it. After finding out that there's no orphan files by running msizap.exe with no results, I decided to cut the files in c:\windows\installer and then paste them somewhere in my external HD. I will return them later when I want to uninstall something. However, I don't have the guts to move all files in the directory. There's one directory I did not touch, that is C:\WINDOWS\Installer\$PatchCache$\ under this directory I had Managed folder which also I did not touch. The names of the folders are too spooky to be touched. There's a blog that wrote scary things about this folder: http://blogs.msdn.com/heaths/archive/2007/01/17/the-patch-cache-and-freeing-space.aspx

Therefore, I could only move 1.3 Gigs out of my windows, or totally 3 Gigs or thereabouts.
So far, so good. I will tell you later if this really causes issues. See you.

Saturday, 20 June 2009

Removing Zenoss User Account Gloriously

One of those long list of the pleasure of using MacOS X is the fact that it is a UNIX derivative. Being reliable, fast, network-native, secure and stable are some of its destiny and as in apple product tradition, it is packed in a sexy body, and very friendly. Yes, I slept with my mac often.

Being great and all, it is an ideal station to monitor network. That's when Zenoss came in. A very good software indeed. As all what I love, it also comes and goes. There was time to uninstall Zenoss. Well, some ex-girl friends are just too stubborn to get rid of (they usually love me too much) so is Zenoss. Removing the user account from Mac is hard.

This is what usually people do to get rid of an app:
1. uninstall it. Say in Mac you usually just "send to trash" it from the Finder.

2. Since you notice that Zenoss is still hanging out in the login window, so you need to delete it from the Group.

3. Delete the user from the /Users

After you logoff, you will still notice that the user is still there in the login window. That's when some people usually decide to cry.

Here's the steps for you to dry up your eyes:
1. Enable ROOT and the login as ROOT
Open Terminal, type: sudo passwd
then follow the instruction like making a new password and all.
Once root password created/changed, logoff and login as root.
To login as root, you need to click "other" in the login window and type in "root" (without quotes) and the password you've just made.


2. Make hidden files show
At the terminal type:
defaults write com.apple.finder AppleShowAllFiles TRUE
killAll Finder

3. Delete zenoss.plist file
Navigate to /var/db/dslocal/nodes/default/users
then delete file zenoss.plist

4. Hide the hidden files back
defaults write com.apple.finder AppleShowAllFiles FALSE
killAll Finder
logoff and watch the zenoss acount is gone now.

And be happy ever after.

Followers