Why yes, that is a Cisco ASA 5520 running 8.4 on my laptop.. that I’m pinging and ssh’ing to.. from my phone..
wooo!
Why yes, that is a Cisco ASA 5520 running 8.4 on my laptop.. that I’m pinging and ssh’ing to.. from my phone..
wooo!
Was working on a little static routing lab this evening using three TinyCore linux VM’s, two 12.1R1.9 JunOS routers and one 12.4 Cisco IOS. A simple but fun way to get used to JunOS command line syntax. While the level of configuration done here is relatively trivial, it’s good to start small when learning a new network operating system CLI. Next up I will clone the lab and migrate from static routing to OSPF. Fun stuff.
In the screenshot you can see the route table from JunOS_2 and Linux1 and Linux3 pinging each other across five subnets. Done with GNS3 and VirtualBox. Loving this new laptop, thank you Jess for supporting my studies.
I do a lot of basic PC help for friends & family. Sometimes it’s cleaning a virus off, or replacing a failed hardware component. Sometimes I throw my advice out to poor souls asking for help on internet forums. I thoroughly enjoy troubleshooting any sort of computer or network related issue. If you are a technical person you’ve probably stepped on a few toes or bruised a tender ego here and there throughout your travels through the nasty terrain of the do-it-all help desk guy. It’s hard to offer advice while keeping oneself in check as to not offend people who are prone to destroying their expensive machines through ignorance and neglect. Given that, I’m going to do a best-effort in this write up to hit all the points of hardware, software & network do’s and don’ts as well as operational best practices for people at home who have ever found themselves buried within a crippling computer problem and no idea how they got there all while try my best not to offend anyone in the process. This is a broad generic overview for computing applications that can be applied to all users regardless of OS.
I’ll break this down into a few sections: Hardware Safety, Virus/Malware Prevention, Operational Best Practices.
Heat Damage
One of the most common problems I find people having is heat damage. Heat damage usually results from air flow blockage, the usual culprit here is dust. Computer equipment (or anything with a cooling fan for that matter) is like a car. You change your oil in your car to keep the engine from being destroyed. Like an oil change, periodic maintenance is required to keep hardware running error free. Open your machine and clean out the dust. Pay careful attention to the heat sink on your graphics card, processor and power supply. Too much buildup stops airflow and will quickly destroy your hardware. If you can manage, buy a case that has air filtration. You can cut the maintenance intervals to about 6 months.
The 2nd and almost as common issue I see when people come to me with a hardware problem is laptop meltdown. So many people don’t realize that those little vents on the back and bottom of the laptop really are there for a reason. Laptops run HOT under load. Placing a laptop on a cloth surface like a pillow, bed, couch, ~your lap~ or any other kind of vent blocking surface is a surefire way to brick your machine. Games are the worst at generating heat. If you find yourself wanting to play a game on a laptop, put a cookie sheet under it so that the airflow stays open. If you value your hardware, buy a USB powered laptop cooler with a metal surface & fans. If you’re laying on your bed with your laptop propped up on a pillow, running around that BF3 map shooting your buddies and suddenly you see graphics artifacts blow up all over the screen you’re too late.. it’s fried.
Bump Damage
I get a lot of pleas for help due to hard drive failure. Most of the time in the back of my head when I first hear about a problem likely to be associated with hard drive failure I immediately picture the PC stuffed under a desk where the feet are suppose to go. Most of the time that picture is actuality. Platter hard drives have spinning metallic discs in them with a metal arm floating just a fraction of a hairs width above the surface performing magnetic changes to the disc’s metal. Think of it as a very fast, very small record player. For those of you who have ever seen a record player, you know that if you were to walk up and kick it during operation your fine listening experience would not only be interrupted, but your record will likely suffer some damage. The same thing applies, albeit in much smaller scale, to hard drives. If you regularly tilt, bump, kick & move your PC while it’s on.. stop doing that. You are greatly shortening the lifespan of your investment. Move the PC somewhere safe & out of the way.
Pest Damage
Unfortunately this issue is more common than one would ever want to acknowledge. I can happily say that I have never had any friends or family have this problem, but I have in my travels of tech work run into this issue many, many times. Roaches. Mice. Crickets. Roaches. Roaches. Roaches. If you live in a place of filth with your PC near your pile of dirty plates and sacks of half eaten fast food there’s a good chance that when your PC abruptly turns off one day, it’s due to the mountain of decomposing roach corpses and feces building up on your hardware components. Roach poop is acidic and will eat through your costly investment. If you fall into this category, please do not ever call a technician to your home. Do not ever bring your PC into a fix-it shop for repair – not only will they refuse to help you but will literally throw it out onto the concrete in a plastic trash sack. This type of damage can be easily prevented by major lifestyle changes.
90% of software related issues are due to virus, mal-ware, ad-ware & scare-ware. All of these are easily preventable with a combination of user education and proper software maintenance.
Keep your software up to date
Some viruses spread through direct network access with an infected machine. These infected machines blast out their infectious code to other machines with the hope that a portion of the targets will be vulnerable to the specific software flaw (exploit) that will allow it to continue the growth of the virulent online entity most commonly refereed to as a botnet. There is one blatantly obvious and one not-so-obvious method of protection against this type of issue.
Do not store emails locally
Don’t fail your stupid check
Here is where I start to loose people. There is something on the internet that I refer to as a “stupid check” Real life examples of a stupid check would be things like:
As you can probably tell, the stupid check is indeed, a separator between those that are stupid and those that are not. While looking down the barrel of a loaded gun is stupid, a 2 year old who’s never seen a gun before cannot be blamed for being stupid in that circumstance. The child simply does not know or understand the consequential actions of their mistake. Much in the same way as the child, new PC owners much of the time simply cannot comprehend when they are about to kick that bee hive until it is too late and the angry swarm is upon them. Here is where close attention should be paid.. You have someone tell you these things and that is good, but where you just go on drooling at your screen & clicking that big red “click here you’re an instant winner” only to realize shortly after that you should not have… you have failed your stupid check. I have not had a virus since 1997 at OU when my dear uncle Steve sent me an email with a picture of an FBI raid, ooo cool huh?! Yea no.. I’ve had 14 years of virus-free PC use without any form of antivirus software in use on my PC whatsoever. Living proof that if you take the appropriate steps to secure your local network, adhere to proper patch maintenance, and pass your stupid checks you will never have issues with harmful software.
Stupid Checks
This topic is subject to much criticism as most of this is ‘my way’ of doing things. I’m not saying that my way is the best way, or that there aren’t other ways that work, but it’s a pretty good gerneric standard for at home computer use.
Backup your data.
Know where your data is stored.
Keep your service overhead to a minimum
Install hardware monitoring utilities for temperature and fan control
Install common utilities
So there’s this software company over in China that recently had around 6 million email address/passwords leaked to the internet.
Here is a list of the top most common passwords in that list, ranked in order of appearance.
If you use any passwords similar, or the exact same, as the passwords on this list – fix it!
These passwords all have things in common – easily guessable, repeating patterns, simple phrases.
Having used software built to use both brute force based & dictionary based password attacks I can give this piece of advice:
15-25 characters long, at least one capitol, at least one lower case, at least one number, at least one special character, no patterns, no real world words.
A good example of a strong password is Zingerpop.48$##$
Let me take a moment to break down why that is a strong password. If i were using a dictionary based attack on this password I would get nowhere. If I were using a brute force attack, I would have to use the lowercase character set(26), the upper case character set(26), the numeric character set(10), and the special character set(32). 26+26+10+32=94. For every “letter” in that password you can have 94 different characters. Compared to a simple password like apple it is much more secure.
Lets compare:
apple – Using a dictionary attack this password would be cracked in probably under 30 minutes. Using a brute force attack … lets see: 5 chars long. charsets: alpha-lower (26 letters in the alphabet) 26^5=26*26*26*26*26=11,881,376 iterations. Password cracker working at lets say 1500 attempts per minute(basic multi session brute force attempts on say a generic email account from some punk turd’s computer in his mommas basement) = 5.5 days till cracked by brute force, not good. If the password was used for a locally encrypted file, the attack could be executed much much faster and crack it within a few seconds.
Zingerpop.48$##$ – Using a dictionary attack this password would never, ever be cracked. It’s just simply too random & complex. Using a brute force attack… lets see: 16 chars long. charsets: alpha-lower(26), alpha-upper(26), alpha-numeric(10), alpha-special(32) = 94. 94^16=94*94*94*94*94*94*94*94*94*94*94*94*94*94*94*94=3.71574290834’31 iteration attempts. At 1500 attempts per minute it would take 4.71301738755’22 years.. Thats 47,130,173,875,500,000,000,000 years…. 47 sextillion years. That’s a really, really long time.
So, by simply adding a few upper case letters, numbers, special characters & using a proper password length, you can increase the time it takes to crack your password from a week to more time than we have left in the expected lifespan of our galaxy, the Milky Way.
So, on to the most common passwords list!
Here’s how it works:
This little chart applies to any subnet mask, simply take the meaningful octet (the octet that is not 255 or 0) and apply what you need to know, such as:
A host has an IP address of 192.168.111.42/27 (/27 being CIDR notation – used literally in the syntax of Cisco NX-OS CLI & universally important to know, see here for more info).
We know that it has a sub-net mask of 27 1’s, shown in binary as:
11111111.11111111.11111111.11100000
(11111111=128+64+32+16+8+4+2+1=255), so (11100000=128+64+32=224) or, .224… and specifically 255.255.255.224.
So from a manually calculated CIDR notation of /27 we have a sub-net mask of 255.255.255.224. If you are studying to be a network engineer one should just strait up memorize each slash notations /1 – /32 corresponding sub-net mask, but don’t forget where it came from.
So, we have our meaningful octet from our sub-net mask, .224, and from that we can gather from the chart that the mask dictates that the class C sub-net is to be broken down into 8 separate blocks who’s network addresses span 32 IPs. **Remember this does not mean that you have 32 IPs available for hosts to use, the 32nd IP address is the second subnet’s network address, the 64th IP address is the third, and so on. The last IP address in a block is always reserved for that sub-nets broadcast address, and you loose one to the next block’s network address. So that’s useful, but how are the numbers tied together?
Well, the top line is just powers of 2 starting with 2. Easy enough
The second line shows the value of the broken down binary octet (8 bits per octet with a 1(power on) meaning network bit and a 0(power off) being a host bit. All 1’s or 0’s are consecutive in sub-net masks, you will never see a 10110101 or anything like it.)
If you had a mask of .224 like above, you have 11100000 (128+64+32) as shown in the chart. The CIDR notation /27 already has 24 single 1’s behind the 3 in the meaningful octet, so you just take 24 & add 3 instead of counting all 27.
The third line shows the actual sub-net mask. It is calculated from adding the block sizes of all columns leading up to the meaningful octet of the sub-net mask.
In the .224 example, this was calculated by adding 128+64+32=224.
So, to write this chart out you don’t need to memorize it. Just know:
1. Powers of 2 starting from 2. (3rd grade math)
2. Binary values of 8 bit numbers used in IP.4 addressing. (Should know this long before you get to sub-net calculations.)
3. Simple addition. (ask a kinder-gardener if you need help)
I made up this little charge about 4 years ago in preparation for the first Cisco exam I ever took. While it’s very useful to jot down before a test begins on your scratch paper, if you use it in conjunction with your multiples of 16, 32, 64(most common sub-net sizes that require thinking) charts enough during study like I did, you’ll find that you don’t even need the scratch pad.
Memorizing this little chart & being able to recite your multiples tables (see below) is all one needs to do IPv.4 subnet calculations in your head.