Tech Advice

Why Small Businesses Should Consider the Move to Google Apps

  0 Comments

Small Businesses have many options when considering collaboration suites.  There are the legacy options such as Microsoft Exchange Server, Lotus Domino, GroupWise, etc.  Those are great options for businesses that have the IT personal and IT budget to properly care for the infrastructure.

What about all of the companies that don’t have and IT department or have a small IT budget?  What should they do?  They should move their companies to Google Apps, and here is why:

  1. Email, calendar, contacts, and documents everywhere - Whether you are at work, home, or traveling users with internet access will be able to connect to their email, calendar, etc.  This is all done without the need for open ports in your network firewall or additional software.
  2. Works with desktop clients and smartphones - Using the IMAP protocol, email can be accessed for any desktop client running any operating system. There are integration tools for popular programs such as Outlook, Thunderbird, and iCal for Google Calendar integration.  Google Apps also syncs with all of the major smartphones.
  3. Secure connections - Users can be forced to use SSL security (also called https) to encrypt their connections to Google Apps services such as email, calendar, docs etc.  Google also has a whitepaper detailing how your company data is kept safe in their datacenters.
  4. No backup worries - Most businesses these days run on email, but have you tested your backup plan lately?  If your current system when down, how long would it be until you were back up and running?
  5. No hardware or IT costs – No in-house server needed which also means no IT person needed to perform maintenance on the server.  The simple administration control panel allows users to be created or removed,  and account permissions to be set without technical knowledge.
  6. Easy collaboration - Share calendars, share documents, send a meeting invitation, and voice or video chat with other employees or with anyone with a Google account.
  7. No software updates – Updates to Google Apps happens behind the scenes and without any required user intervention.
  8. Virus and spam filtering – Google Apps email integrates with Postini’s spam and virus protection.  All attachements are scanned before they can be opened to prevent network infections.
  9. Lots of email storage space - As the flow of email increases so does the size of email boxes.  Google Apps Premier Edition customers receive 25GB of storage, which is over 100% of the industry average.
  10. Free trial – Google Apps offers a free 30 day trial with no commitment required.

Need help convincing the rest of your company/organization?  Contact me for help.

Five Plugins to Secure Your WordPress Blog

  0 Comments

WordPress is an Open-Source website platform, that is easy to install and user-friendly to use. This has made WordPress a  very popular choice for getting websites up and running quickly.  There are over 3 million self-hosted installations on the internet today, which has lead to WordPress becoming a favorite target for malware infections by hackers. To help prevent your site from being a target, here are five plugins that will help to secure your WordPress site:

  1. Update Notifier – Sends you an email when there is a new version of WordPress released.  WordPress updates often patch security vulnerabilities so it is important to be on the latest version as soon as possible.  It can also be configured to notify you when there is an updated version of your active theme or active plugins.
  2. WordPress Last Login – Displays the date, time, and IP address from the last login of the administration panel of your WordPress site.  This is helpful to determine there has been unauthorized access to your site.
  3. Secure WordPress – Uses simple checkboxes to allow for the removal of the version number of WordPress from your site,  the creation of an index.php file in the /plugins/ and /themes/ directories to prevent full directory listings, prevent updates to WordPress versions and themes by non-admin users,  and the blocking of known malicious URLs from accessing your website.
  4. Bulletproof Security -Provides .htaccess files for both the root of your website as well as the wp-admin folder to lockdown your website.   This plug-in will also scan your website files and folders for the correct secure permissions.
  5. Block Bad Queries (BBQ) – Protects your website from malicious code by checking for string requests greater than 255 characters and the presence of base64 code in the request URL.  Once you activate the plugin, no additional configuration is necessary.

You Hire the Client, Not the Other Way Around

  0 Comments


Last Wednesday I went to a Chicago Tech Meetup Group event to hear Jason Fried of 37 signals fame speak.  One of the points he made near the end of his question & answer time was about working with clients when he was a web designer:

Clients tend to think that they hire you, but really it is the other way around.  You hire them.

This really hit home with me.  It is hard when starting out as a consultant not to take any kind or work that you are offered (to be paid for).  That is not a successful strategy.

  • You need to take on projects/clients that are right for you and your skill set.
  • Projects/clients that will help lead you to other projects/clients.
  • Projects/clients that you will proudly be able to cite to future potential clients.

The customer is not always right.  You can tell a client that you respectfully disagree with them without coming off as rude.  If you don’t tell your client why on their website they shouldn’t use red text on a black background or why they need to have a backup strategy, you are doing a dis-service to your client and to yourself as a professional.  Integrity is your most important asset.  Don’t lose it over one or two projects/clients.  It is a slippery slope to go down.

Five Windows Server Routine Tasks

  0 Comments


As an IT Consultant I often get asked to do very minor tasks like setup a new user account or change folder permissions, when accessing the server to preform minor tasks I try to also do a quick little checkup on the server’s health.  To do this I have this list of five routine tasks I perform:

  1. Backups – Checking the status of backups is always the first thing I do on any server I touch.
  2. Event Viewer – Making sure to check the Application and System logs for dings.  Doing this can lead to proactively fixing an issue before it becomes a problem.
  3. Software Updates – Checking updates for both the Operating System, Exchange or SQL, as well as other Line of Business applications.  Updates cannot always be applied on the spot due to requiring reboots, but it is always good to know where the system stands to plan the patching/updating for the near future.
  4. Driver Updates – Checking for updates for vital components like the NIC(s), RAID controller, etc
  5. Disk Space – Making sure there is plenty of disk space for ongoing use, especially on the C partition.

Checklist for Solving Head Scratching IT Problems

  0 Comments

All IT folks have that problem/issue that you have been unsuccessfully staring at or thinking about for hours.  This has happened to me with everything from simple workgroup networking to writing complex database reports.  The worst part about such problems is that when you finally do have that “aha moment” you kick yourself for not seeing the resolution sooner.   A list I often find myself referencing in such situations was written by Tom Limoncelli and can be seen on  EverythingSysAdmin.

A List of Dumb Things to Check

Layer 0 – PEBKAC

  1. Make sure CapsLock is off. (Same for ScrollLock and NumLock)
  2. Type it again (without using cut-and-paste) and see if you get the same results. (good way to find a typo) (or a unicode “whitespace” char)
  3. Use cut-and-paste to copy that variable name (or URL, commmand line, etc.) to see if it was entered correctly.
  4. Are the binaries really the ones you think are running? (Did you install in single user mode when /opt wasn’t mounted? Can you check the md5 or sha1 checksum vs. a machine that is running properly?)
  5. Check the file permissions.
  6. Are you really on the host you think you are?
  7. Are you doing the test from the right machine? Would the test be more effective from a different machine?
  8. Does your test gear test what you think it tests? What happens when you run the exact same test on a known-good and a known-bad element? Do you get the results you expect both ways?
  9. Is that a file, a directory, a hard link, a symbolic link, or a mountpoint?
  10. Is the filename extention right? Should it be .php instead of .html?
  11. Is the screen paused via Ctrl-S? (press CTRL-Q to find out)
  12. You can get to the web site? Are you working in “off-line” mode?

Layer 1 – Physical

  1. Are both ends of the (power/network/video/etc.) cable plugged in?
  2. Is the cable plugged into the right jack? (Some jacks look the same: AUI and video, Some Sun’s have a ‘stealth’ video jack that you aren’t supposed to use, etc.)
  3. Did you unplug and re-plug in the cable to make sure its in right?
  4. It’s too easy to answer “yes” when asked, “Is it plugged in.” It’s better to ask them to power it off, then power it back on OR ask them to “check both ends of the power cable” OR ask them if the power light is on, off, or blinking. (and if it’s blinking… RUN!)
  5. Does plugging a lamp into that outlet make it light up? (If you use a radio, be careful of radios with battery backups)
  6. Is the laptop running off battery? (therefore obscuring a power problem)
  7. Is the device driver you’re trying to install for the device you actually have?

Layer 2 – Data Link

  1. Is there a rogue DHCP server on the network messing with you?

Layer 3 – Network

  1. Is the default route set? Is the netmask set correctly?
  2. http://www.psc.edu/~mathis/MTU/index.html : Six classes of bugs limit network performance.
    • packet losses, corruption, congestion, bad hardware
    • IP Routing, long round trip times
    • Packet reordering
    • Inappropriate buffer space
    • Inappropriate packet sizes
    • Inefficient applications
  3. Is someone else also at that IP address? (Unplug the network cable and ping the address)
  4. (firewall ruleset issues) If you move the machine to another IP address does it still happen? If you move the machine to a different subnet does it still happen? If you put a different machine at that IP address does it still happen? If you boot the same machine on a different OS (like a CD-ROM based Linux or FreeBSD) does it still happen?
  5. Does the same thing happen when you specify the IP address instead of the hostname? (Hint: the lmhost or /etc/hosts may be overriding)

Layer 4 – Transport

  1. Traceroute from A to B. Traceroute B to A. Do they match up?

Layer 5 – Session

  1. SSH, SCP, L2TP, PPTP

Layer 6 – Presentation

  1. Is the program reading the last line of the file? Is it being processed right?
  2. Is there a (invisible) CTRL-M at the end of each line in the text file?
  3. Does the text file end with a newline?

Layer 7 – Application

  1. Is DNS configured right? Misconfigured DNS masks other problems and appears as bizarre problems that will send you looking everywhere except /etc/resolv.conf
  2. Check the environment variables (Use “strings” on the binary to find out what they really are supposed to be).
  3. Are you running the same copy of the script that you are editing?
  4. Is the software looking for the same copy of the configuration file that you are? (Does the new release look in /etc/example2/example.conf instead of the old /etc/example.conf location?)

Layer 8 – User/Political

  1. Is the user pressing RETURN when you think they are? (Are they pressing it at all?)
  2. Is the user typing a “/” or a “”?
  3. Does the user know which is the lessthan (<) and which is the greaterthan (>) symbol?
  4. “Did you get permission to run crack against that password file?” … “Is it in writing?”

If All Else Fails

  • Did you remember to check this list?