System iNetwork

May 2005

May 5, 2005 2:17 AM

Seen at Interop: Networker's 5-in-1 Road Warrior Kit

A datacenter manager at Networld+Interop this week showed me one of the coolest little road warrior cable kits I've ever seen. He built it himself from off-the-shelf components, following instructions posted online by Michael Ossmann, a security administrator for Exempla Healthcare. The kit is ingenious in providing five data cables in one: ethernet cable, crossover ethernet cable, modem cable, null modem cable, and Cisco console cable. And you can build it yourself using just a few ordinary parts and an RJ-45 crimping tool.

My current road warrior kit consists of several Ethernet cables of various lengths, several crossover Ethernet cables, also of various lengths, a slew of serial cables for Cisco and other devices, along with a variety of DB9 and RJ-45 adapters, gender changers, and magic spells. This all takes up one half of my briefcase. Half the time I can never find that weird sky-blue flat Cisco console cable and adapter, so I'm wasting time with my EasyBOB (break-out-box) re-inventing that combo.

With Michael's clever kit, a single male-to-male CAT-5 cable serves as both serial and Ethernet cable, and various plug-on adapters convert that cable to different uses. The adapters alone are invaluable, because they let you turn somebody else's CAT-5 cable into the cable you need at the moment. I often find that the gear I want to connect to via serial cable is way over yonder. I don't carry a yonder-length serial cable, however, so I usually end up perched on a ladder precariously, balancing a notebook computer on one knee, trying to get close enough to the gear's serial port. If I could swap iany old Ethernet patch cable for my serial cable, my problems would be over; I can scrounge up CAT-5 patch cables of most any length.

The parts you and tools you need are available at any Radio Shack or Frys Electronics:

• Two DB9 female to RJ-45 female modular adapters
  
• Eight extra female pins for the DB9 connectors (just canabalize another adapter)
  
• Four crimp-on RJ-45 modular plugs
  
• One eight-wire RJ-45 modular coupler
  
• RJ-45 crimp tool
  
• Teeny screwdrivers
  
• Diagnal wire cutters
  

Michael's site provides crystal clear, step-by-step instructions with beautiful color photos. Michael also explains how to use the kit in novel ways, such as plugging a network sniffer into an existing cable in receive-oly mode for quick-and-dirty traffic capture without interposing a small hub or switch.

You could have your kit built by lunchtime tomorrow. I'm making mine right now in my Interop hotel room.

http://www.ossmann.com/5-in-1.html

Posted by mbeckman on May 5, 2005 at 2:17 AM

May 2, 2005 8:51 AM

Hot Off the O'Reilly Press: Network Security Tools

I'm a firm believer in open-source network security tools, both because they tend to be ahead of commercial products in paving new security roads, and because the experience they give you with security management is valuable in making intelligent commericial product choices. Alas, until recently you've had to do all your own research when setting up such open-source tools as Etherreal, Nessus, and nMap. But now you can avoid a lot of trial and error testing thanks to the new O'Reilly tome Network Security Tools, by Nitesh�Dhanjani and Justin�Clarke.

Network Security Tools is a valuable survey of the field of open-source security utilities, including such popular programs as Nessus, the vulnerability scanner; and Ettercap, an Ethernet packet capture utility. The book also covers Nikto, a Web-server scanner; Metaspoit, a test bed for developing and exercising exploit code; and a wide assortment of sniffers, port scanners, and security assessment tools.

The book explains how to write plug-ins for these tools so that you can extend them for your own applications, as well as how to remediate some common Web-based vulnerabilities. The authors explain how root kits work so you'll be able to spot them on infected machines and safely disarm them.

O'Reilly publishes the sample code for the book online so that you can readily test the authors' examples. I do wish the example code had better commenting, but when combined with the text you should have no problem understanding it. If you're experimenting with open-source security applications -- as you should be -- this volume will save you time and give you valuable insight into the security tool-building process.

http://www.oreilly.com/catalog/networkst/

Posted by mbeckman on May 2, 2005 at 8:51 AM

AT&T CallVantage: Help Desk in a Box

Voice-over-IP services are all the rage for home users wanting to cut the cord to their local exchange carrier. But these services have a sleeper application that network administrators should carefully investigate: the voice-processing core of your enterprise help desk system. I tested several VoIP products and found one, AT&T's CallVantage, whose combination of features make it near-perfect as the call nexus for an in-house help desk.

Setting up the phone system for a help desk in the average corporate environment is problematic, because you must live within the limitations of the organization's existing phone switch. Few of these support such useful features as e-mail-delivered voice mail, n-way conference calling, and hunt-me-down call blasting. Using the enterprise phone system for your call center may also make it difficult for telecommuters and other outside users to call into the system.

VoIP providers like AT&T, Lingo, and Vonage, however, offer all of these features and have the advantage of giving offsite users ready access. In fact, I argue that severing the help desk from the in-house phone system is a valuable reliability enhancement. I tested the three listed commercial VoIP offerings, along with the open-source Skype, and found compelling reasons to choose AT&T over the others. More about that in a moment, but first take a look at how a VoIP package can give you a help desk-in-a-box for about $50/month.

The three big features of VoIP that help desk managers will love are Web-based message management, inbound call redirecting, and n-way conference calling. Web-based message management gives you browser access to incoming calls and voicemail messages stored as audio files. You can easily forward those messages to anyone via e-mail, or store them as attachments in a trouble ticket archive. You can also automatically forward incoming voice messages for re-broadcast to your entire support staff. This gives you a permanent, pervasive record of what help desk callers said when they called in.

Inbound call redirecting lets you instantly change where callers land. You can forward all calls to an on-duty staffer's cellphone, or send them all straight to voicemail while the help desk staff is in a meeting. You also can forward incoming calls to more than one destination simultaneously, a feature called call blasting, which helps your callers get through to an available staffer quickly.

N-way conference calling lets you bridge four or more people into a call during the problem-solving process. Most corporate phone systems support three-way conference calling, but that's rarely enough to untangle problems that might involve several consulting parties. If the VoIP conferencing feature is also Web-enabled, VoIP solves the problem of dropping only the party you want to drop, by letting you simply click on that party in the Web-displayed list of people on the call.

There are lots of other features in VoIP systems that add additional value to the help desk application, but these are the big three. Of the four systems I tested -- AT&T, Lingo, Skype, and Vonage -- I found AT&T's CallVantage the best for the help desk. Lingo and Vonage both lacked features found in CallVantage, and voice quality was sometimes lacking as well. AT&T had consistently great sound. Skype, the open-source solution, is very interesting, but lacks the off-the-shelf packaging of commercial VoIP. Even though it can cost much less per month, since you only pay for calls that leave the Skype network to or from a landline, the hidden cost of staff labor overwhelms this advantage.

CallVantage's best features include a 10-way Web-enabled conference calling bridge that lets you initiate calls from your browser and easily drop just the callers you want during the course of a conference; LocateMe, a call blaster that can either sequentially or simultaneously call five destination numbers to get a help desk staffer on the phone; fax e-mail forwarding; caller-ID name and number in pager notifications, and call filtering, which lets you direct calls to voicemail based on the caller-ID information. AT&T's $50 small-business package includes two VoIP phone lines and all the necessary hardware. I found that with only minor e-mail-server scripting I was able to tie voicemail attachments into my existing trouble ticket system.

The best feature of all of these systems is that they're inexpensive to try out. All offer a trial plan that you can buy without making a long contract commitment.

Posted by mbeckman on May 2, 2005 at 7:46 AM