July 24, 2008

Smile for the Camera

Excerpted from my email today:

Cisco and its global testing provider, Pearson VUE, a business of Pearson Inc. are pleased to announce a series of security enhancements that will reinforce the integrity and value of its Career certification program.

The advanced security enhancements include the use of digital photographs for candidate-identity verification and forensic analysis of testing data. The new measures, to be implemented beginning on Aug. 1, will include:

Photo on Score Report and Web – On completion of a certification exam at the test center, candidates will receive preliminary score reports imprinted with their photos and unique authentication codes. The authentication code can be used to access a candidate’s official score online at Pearson VUE’s website usually within 72 hours of the examination. The online score report will also display the candidate’s photo. Candidates may share access to their online records with employers or other third parties.


Forensic Analysis – Exam results and other testing data will be continuously analyzed by forensic software to detect aberrant testing behavior and to flag suspect exams for further investigation.


Preliminary Score Report – All paper score reports will be preliminary, pending the results of forensic analysis, until official exam scores are posted to the Web usually within 72 hours of exam completion. Once the exam scores are official, candidates may use the authentication codes on their score reports to access the Pearson VUE website for score and photo verification.

These new exam security measures are part of Cisco’s overall strategy to protect the value and integrity of its certifications. Other measures include simulation-based testing, dynamically generated questions and emulations to help ensure that Cisco certified networking professionals continue to have the knowledge, skills, and credentials to perform well on the job.

##############

As much as you want to say WTF to such measures... you have to *really* say WTF to the incidents that prompted such measures. More and more I hear stories about how 'other cultures' have a 'norm' of what they call 'collaborative testing' and 'collaborative interviewing'... Makes you wonder if such cultures also believe in 'collaborative paychecks'???

Some other stuff that I've been reading from the Cisco Learning Network courtesy of the pen of Chris Cohen:

A candidate was caught in possession of stolen exam questions and answers. In fact, he brought them to the testing center. When we banned him because of this violation, his defense was that he didn't create the materials, he just bought them off the Internet. To me that's like saying, "I didn't make the steroids. I just used them in the Olympics." I think it's clear why he never pursued a career as a defense attorney.
Or more to the point with this example, with multiple markets come multiple perspectives on cheating. What some see as a pretty black and white issue, others view in shades of gray. Different cultures have different interpretations of cheating. For instance, in the US swapping answers during an exam is cheating, cut and dry. But in other countries swapping answers during an exam is seen as just another form of a collaborative work environment.

And now because of such things, we have to have photos on our certifcations. So, on top of being stressed out about the exam - I also have to deal with an embarassing drivers-license-like horrible picture plastered forever on my certifications. What am I going to do with that? I'll have to go to interviews and then chug a large iced coffee and pull on my hair in order for them to match me to my photo.

Although it's a nice gesture, I have some doubts that it will work as planned. If a testing center is participating in the cheating (remember they're part of that culture too), then they're probably going to participate in the 'workarounds' to continue the process. Think about it -- who's going to be taking the photos? Cisco employees? Pearson VUE employees? No - it will be the local center administrators. These are the people who are already not properly checking photo IDs for these exams.

But, you have to start somewhere.

Posted by BlueWolf on July 24, 2008

April 24, 2008

Lovin' the Shark

So my most recent method of procrastination happens to be viewing the Wireshark University course videos. I got lucky enough (read:whined enough) that my supervisor kicked in for the 4 DVD set of Wireshark U course materials. Of course, he figured I'd never look at them, but having them would at least shut me up...

I just finished the first DVD. It took hours, but the material was good and was presented in an interesting manner. We all have to admit - this is dry stuff. You're taking captures of network traffic and then looking at them under a microscope to figure out which one of the million possible things could be pissing on your connectivity parade. Okay, so there's really no microscope. That's an analogy. But when you look that closely, it can be tedious and the material can get very detailed. These videos help to keep you interested and capture your attention. And it's pretty much like actually being in a classroom course.

The first video basically focuses on how to use Wireshark. I had a little head start in that area, having already read the Ethereal book. And the Wireshark interface/GUI is somewhat intuitive. Basically, your average network admin can stumble their way through it and find the obvious problems. But, naturally, that's not good enough for me. I want to be able to go a step beyond that. These videos definitely help in that area.

Just within the first DVD, I've already learned how to do some customizations. These are the little things that will make an average person look more polished. And it will definitely help the captures and analysis go much faster. On top of that, Laura Chappell also lends us some of her tricks and tips. She shows us not only how to use this, but how *she* uses it. The section on graphing the data and displaying it professionally will definitely 'up' your game. You will not only know what you're doing, but you'll also *look like* you know what you're doing. Professionalism usually lends points to credibility.

I'm up to the second chapter of the second DVD (went through that tonight). The second DVD is exploring the protocols in depth and relating it to what you see in a capture. Yeah, you probably already know how DNS works. But don't skip that part. You've probably learned enough to fill a book about DNS. This focuses that knowledge so that you look at the key areas and it relates specific parts of the packets to the tools that will help you look at the protocol from a trace analysis viewpoint (versus your install, configure, maintain viewpoint). It's a little less overwhelming that way. You don't have to look at every line of every packet in a 546,000 packet capture. She shows you how to build filters to make the capture 'speak' to you and tell you its story.

This is some good stuff. And it comes from a name that should already be familiar. If you've read the ICRC or ACRC or CIT books, you've seen the name before. She knows her stuff - and knows how to teach it too. That's something that isn't found very often in this field. The 'experts' put you in a coma with their stuff. The good teachers often don't give you enough 'meat' in their classes. This set of videos has both. Get them if you can.

Posted by BlueWolf on April 24, 2008

April 03, 2008

Word Shortage

Apparently there are not enough words in the English language to describe computers and networking. This became painfully obvious to me today -- since so many words are used over and over to describe very different things.

One of the server guys wanted me to change the port settings from 'hard-coded' at 100 Mbps / Full Duplex to Auto Detect (both speed and duplex). I asked him for the MAC or IP addresses of the connections so that I could find the ports to change. Since the device he was working with was a little different from your average server (they are on the SAN management connections), he was having quite the time coming up with that info. Finally, he came by my cubie. He told me that all my worries were over and that he knew for sure what the ports were. He was positive of it because he had asked ____ (insert smart guy's name here). Then he confidently told me that it was Port 80 and Port 443.

Yeeeeeeaaaaaaaah. I'm sure this stuff does run over ports 80 and 443. So we took a walk down the hall and I explained the difference between a logical port and a physical port. I explained to him what actually comes 'over the wire' to the switch... what I can see and not see. Yes, I can always see the MAC address. That's why we always ask you for it - that's the one way we can be sure that we're working on the same exact connection. If we only go by server name (and whatever resolves in DNS), we might be tweaking the wrong connection - since most of the servers have several connections to different networks. We're not being lazy and not looking it up for you. We're just trying to make sure that we can compare our information to yours and verify it.

So he asks me "Can't you just do a trace?" Well...that's another word that had to be reused. Did he mean a 'trace' as in pulling out WireShark and capturing several hundred MB of data to see something? Or did he mean the results of the 'tracert' or 'traceroute' command? He meant 'tracert' -- since he didn't even know about the other kind of trace. Again, I had to point out that a 'trace' will only show the path (of routers/layer 3) to the device ... as resolved by DNS. This will not show you the connections - just ones that resolve to that device name. In this case, it's not giving you any more information than a ping.

And this got me thinking of all the reused words in our field. When the Sun admins ask for a 'trunk' ... they're not passing several VLANs over it. They just want an EtherChannel bundle (using LACP). So why are both things called a trunk? Didn't they know this would be confusing? Why are both things called ports? Can't you call one of them something else? Did they isolate the creators of TCP/IP on a Survivor island? Did the Sun company not know about 802.1q when they created the ability to bundle their connections?

Of course they knew about the other definition of their word. But they used it anyway. So there you have it - proof that they didn't have enough words. And they used the verbal equivalent of PAT. One word - multiple translated meanings. Maybe someone will come up with Nomenclature V6 or something. That way we can have globally unique names for these technologies. Nah, on second thought... let's keep it confusing. I got a pretty good giggle out of the port thing today.

Posted by BlueWolf on April 03, 2008

March 02, 2008

Upgrades

Well, the worst of the upgrade is finally over. I was tasked to move servers off of the old Nortel switches and move them to Cisco switches. Sounds simple, eh? Yeah, until you involve the business aspect of it.

There's some oddness about legacy systems. They've been there for a long time. That means they probably grew up in a patchwork manner without a clear focus toward any particular design. Of course, since it just mutated from some little thing to the monster it has become... nobody really knows what's on the system. The switch people (well, me) don't know what servers are on the switch. The cable labels can't be trusted since some cables were 'reused', you can't tell which connection is an idle backup connection and which is not in use, and there are cables everywhere running like dreadlocks throughout the switch interface. Once you fight through all those obstacles -- you let the server people know which servers will be affected. Great - however, the server people don't really know what applications are on each server. Some of the apps are authorized and documented, but many are not. Especially the really old ones that were placed before a documentation system was put in place. You know - the apps that everyone uses *all the time* without thinking (or knowing where it came from).

So you prep and prep from your 'network' point of view. New switch is ready. Cables are in place. All you have to do is switch out the cables at the patch panel and the servers are moved. Well, that's only part of it. The actual swapping of the cables and moving the gateway for that VLAN will take only a short time. VERIFICATION of the servers and apps will take up the majority of your maintenance window.

The first 'lift and shift' move took over 4 hours for the server team to verify their servers. I had planned and put in for a 4 hour window. [The actual move of the cables took less than 20 minutes.] I can't prove it, but I think it took so long because they were using the server list that I provided to them to verify connectivity. Two people were manually pinging each server (and probably not starting at opposite ends). I got a bit more slick for the next move and was able to cut the verification time down considerably. Although I provided the server teams with server names and IP addresses, I let them know that I would personally ping all those servers. I wrote a small batch file which did a ping on each address and returned the results to a text file. It was not the fastest, best or most efficient script, but it got the job done. I ran the script before starting and then after the cables were moved. Once I resolved all those, I checked the speed and duplex on the switch connections (a simple sh int status) against what I knew them to be in the old switch. At that point, I knew I had done all that I could do on my own. Sure, it really was the server team's responsibility to ping the servers. Sure, they should have been able to come up with such a simple batch file. But they didn't - and wouldn't if just given a list of servers and IP addresses. Once I let them know that connectivity will already be tested and that they are responsible for 'everything else' - they magically found other ways to show they were doing something. Suddenly SMS reports sprouted up and services that were historically problematic were checked. I guess if you take away the simplest and easiest thing to do, they'll look for something to show they checked the servers...

So now I've moved 4 subnets and decommissioned 3 switches. There are two more to do with some kind of HA or load balancing on them. They might be tricky, but there are only a handful of connections. Then there are two other switches that are all 'monitoring' connections. Yeah, I just found out about those. I still don't have a switch to move those connections to yet, so I guess that's off in the distant future. [Read: ignored by management until someone decides it's an immediate emergency.]

Wonder what happens after you complete all the 12 tasks of Hercules that they put upon you when you first arrive? Can I outpace their buying so that I can get some easy days at work? I guess I'm 4 switches away from finding out.

Posted by BlueWolf on March 02, 2008

February 10, 2008

Strange Problem

For quite some time I've been having a problem with my computer. It would run for a while and then some app would error out. There were a lot of freeze ups and I was constantly having to reboot. The screen was acting funny and slow. It was a real pain. The computer was getting to the point of barely usable.

Since I use my computer quite a bit, I really didn't have the time to properly troubleshoot the issue. I worked around it and figured I would get to it when I got a chance. So one night last week, I took the time and thoroughly updated SpyBot and ran a check on my system. It turned up nothing. I took another night and thoroughly updated Symantec and ran a scan. It took hours - but turned up nothing. It was quite frustrating.

This weekend I got a bigger block of time to work on it. I had resigned myself to having to format the entire hard drive and reinstall everything. Luckily I developed the habit of keeping the OS on one drive and the data on another. It would be long and tedious, but I didn't have to worry about losing any data. Friday night I started to make my list. I was checking everything that was on the computer so that I could duplicate it and not miss any apps. One thing I find annoying is having to do a task and needing to re-install the app first. As I was gathering the information I ended up eventually on the screen saver settings. == I had selected the CCIE study screen saver == How nice, but I never remember seeing any test questions when the screen saver comes on. Oh yeah, I haven't seen the screen saver come on - ever. I changed it and no more screen freezes or app errors. Lesson learned.

The time that I saved helped to move a few more things on my 'to do' list along rather nicely. I finally yanked the SPARC10 out of the closet and tried to get that working. That's going to take a bit of troubleshooting, but having it out is a step in the right direction. I know it works - and it has a fresh install of Solaris (can't remember what version) that I put on it last time I played with it. I'll get that rolling eventually. So then I turned my attention to the Linux box. Since now I have a router connecting to the DSL, I don't have to fiddle with getting PPoE running on it. I had previously installed RH7 and was going to update it. Yeah...that's an old version. Either the pages that *used to* work moved or were removed. Then the lightbulb went on: I have a better computer - I can install Fedora. Usually I put Linux on my 'spare' computer. Usually it's a computer that has very little cpu or memory. Quite often I've seen some of the older comps choke when trying to load Fedora, so I use an older version. Then I run out of time and never get to update. This time I got lucky. Everyone is happily computing on the best and fastest systems possible. And that leaves me with a PIII with 256 RAM. Wow. That's the fastest system I've ever had as a 'spare.' And instead of trying to shove a system on a 2 gig hard drive, right now I have two 8 gig hard drives. I went for the whole enchillada - complete install with all packages. And it's on the Internet. And it has two nic cards in it. I can finally use that computer to *do* something... [I have a 'project' that I've been wanting to work on for a long time now. Perhaps I can finally do it.]

Then I updated/finished the Sniffer laptop for work. It has:
Basic, but updated install of Win2K Pro (unneeded services set to manual)
Word and Excel (basic install - most options installed on first use or not used)
Wireshark
PuTTy
Telnet (the old one)
A small text comparison proggie that I picked up in my travels
Edit Pad

Quite the productive weekend. I'm really enjoying the Fedora computer. I'll have to put more about that one soon.

Posted by BlueWolf on February 10, 2008



BlueWolf Spirit


webmaster@bluewolfspirit.com

BlueWolf's Howl (321)
Chess (4)
Comics and Art (15)
Higher Level (26)
Letterboxing (1)
Photography (81)
Poetry and Stories (178)

[Previous Blogs]


2003 Blogathon Archive (53)
2005 Blogathon Archive (51)
8th Layer Archive (47)
Blue702 Archive (22)

Total Posts (799)


Syndicate the Howl











My Feed Reader


Morning News (Geek Stuff)
Evening News (Blog Stuff)


Mensa Member

Blue Wolf


Reading Stats


config t

Computer Books Read -- 2003
Computer Books Read -- 2004
Computer Books Read -- 2005
Computer Books Read -- 2006
Computer Books Read -- 2007
Computer Books Read -- 2008

Pages Devoured since 21JAN03:
Chomp Chomp Chomp 24,080

Read in 2003: 8,355
Read in 2004: 3,307
Read in 2005: 3,421
Read in 2006: 6,131
Read in 2007: 1,954
Read in 2008: 912

Preparing For:


CCIE Written Exam (V3) [351-001]

Currently Reading:


Routing TCP/IP
Vol 1, Second Edition

tcpip.jpg



Cert Battle Status


Certification Done To Go
CCNP 4 DONE
MCSE 2003 1 1
MCSE:Security 2 DONE
MCSE 2K 5 DONE
MCSE NT 6 DONE
CCNA 1 DONE

MCSE : Security


CCNP

CompTIA Security+


Search This Site






Off-Site Links


Eagle Eye View
Time For Your Meds
Muffy
Penny Farthing
Jet's Place
Mad Bull
Dr. D
Fox Vox
The Ugly Green Chair
Brain Log
Awasu
Cert Coordination Center
Elegant Hack
Scriptygoddess
batgrl
#!/usr/bin/girl
Sydney Morning Herald
Reuter's Oddly Enough
ABC's Offbeat News
Candy's Pet Sitting
O'Reilly Network Weblogs
National Public Radio
Washington Post
The Providence Journal
Cape Cod Times
Business 2.0
Digital Web
Angry Little Girls
The Joy of Tech
Monkey Law

Howl Archives


Last 10 Posts

Show all archives

Smile for the Camera
Lovin' the Shark
Word Shortage
Upgrades
Strange Problem
More Wishes Granted
Trace Schmace
It's a Network Problem
She's (not) stacked...
Pain in the Boson
Powered by
Movable Type 3.2