Blog Posts

IPv6 - The Security Disaster waiting to happen.

12 Feb 2017

I will catch a lot of flak for this post, because it goes against the conventional wisdom.

If you haven’t heard of IPv6, now is the time to learn about it. Many Internet providers either have already rolled it out, or are about to.

And now is the time to disable it for the time being.

Here is why: IPv6 can be secured as well as IPv4. But that’s not the question we should be asking.

The real question is if it will be secured as well?

Don’t worry about being left behind. IPv4 will still be around for decades to come.

What is Asterisk?

11 Feb 2017

Asterisk is an open-source PBX system.

What is VoIP? What is SIP trunking?

11 Feb 2017

VoIP stands for “Voice over Internet Protocol” or “Voice over IP”. A few years ago, VoIP had an undeserved reputation for being cheap but poor quality.

The NetTech's Values

11 Feb 2017

Privacy, Liberty, Justice, Freedom, Fairness, Equality, Human Rights

The NetTech is committed to providing good, affordable customer service as well as improving the lives for all people. The NetTech is an American company with values based on the Constitution and the Founding Fathers, and believes that these values apply to all humans equally, regardless of citizenship, nationality, skin color, gender, sexual orientation or disability.

A few people who The NetTech feels represent some of the same values we support:

VoIP telephony

21 Jul 2010

You can afford a high-end phone system!

Our technicians can set up and maintain Asterisk-based phone systems such as Digium Switchvox, Fonality Trixbox, PBX in a Flash, All Greened Up and other vendors.

Slow Internet Explorer

29 Jul 2009

Generally, we recommend using alternate browsers such as Firefox, Opera or Google Chrome. However, some Web sites will only work with Internet Explorer. Here are some instructions on how to perform a factory reset.

To eSATA or not to eSATA, that is the question...

24 Jan 2009

eSATA is a technology to connect external hard disks directly to a computer's SATA port at the same speed as internal hard disks, instead of the more common USB connection at one sixths the speed.

As with most new and high-performance technologies, there are a number of issues surrounding eSATA, though.

I have been using eSATA for my own internal backup drive, as well as for several customer backup solutions.

First of all, keep in mind that on the electrical and logical level, eSATA is *identical* to SATA. The one and only difference between SATA and eSATA is the cable and connector. eSATA cables are shielded, since they are intended for use out in the open. The FCC requires this shielding to prevent broadcasting RF energy and interfering with radio devices. SATA cables are unshielded. The eSATA connector is I shaped (and has a connection for the shielding), the SATA connector is L shaped and doesn't.

This one difference has major consequences.

First of all, when you go out and buy the eSATA adapter, you need to be sure that it actually says eSATA - many vendors put a regular SATA connector into the external bracket of the PCI board to save a few pennies. This is actually illegal, a violation of FCC rules, because it doesn't have the shielding. Also, you need to make sure that the cable you are buying has eSATA connectors on both ends. You can buy cables with an eSATA connector on one end and a SATA connector on the other, to match these bad fake external SATA adapters. DON'T DO IT.

The next issue is eSATA-to-SATA brackets. Some external enclosures actually include them. Such a bracket simply is an eSATA connector in a slot cover, with an attached SATA cable that you plug into the motherboard.

Simple answer: don't use them. With the high frequencies going across the line, you will want one single unbroken cable directly from the port to the hard disk. At the connector in the middle, the signal gets reflected, and you get transmission errors.

I hear that you can sometimes make such problematic SATA connections work reliably by reducing the speed from 3 GB to 1.5 GB - but if you want the full 3 GB speed, you pretty much must use an eSATA adapter card.

OK, that's it for the hardware side. The next issue is hotplugging. Theoretically, eSATA can be hotplugged. So can SATA. In practice, that requires support from several components: the BIOS must support it. The hard disk itself must support it. And the operating system must support it.

The question, thus, is "Does Windows 2008 support SATA hotplugging?" I do not know the definite answer, but Vista definitely does support it. describes an issue related to AHCI and hotplugging support. Another knowledge base article mentions that Windows Server 2008 also supports AHCI, the specification that underlies SATA hotplugging. Incidentally, I have also seen eSATA drives listed under "safely remove hardware" on Windows XP, so presumably XP supports it, too.

Again, this will of course only work if both the hard disk and the motherboard/BIOS/PCI adapter support SATA hotplugging.

Samba Woes

22 Jan 2009

This is one of the adventures in Linux... It's not just Windows that causes headaches. Sometimes, Linux gives you a head scratcher, too.

After a routine update to a Linux server,all files were inaccessible. It turned out that the Linux file sharing service, Samba, wasn't running. Specfically, the smb daemon terminated immediately with an error message in the log file "User account [nobody] not found!"

This customer uses LDAP as user database. The user "nobody" is not stored in LDAP, though, but rather in the standard /etc/passwd file.

As it turns out, Samba implements an optimization for LDAP access. Instead of consulting PAM and nss for finding user names - which would consult both LDAP and /etc/passwd, Samba can optionally directly access the LDAP database.

Turning off this optimization solved the problem.

To turn off this optimization, remove (or comment out) the following entry in your smb.conf file:

ldapsam:trusted = yes



Wiring matters

20 Jan 2009

Most people think of the wiring in the office as "just some cables" that can easily be added to with a $20 hub or switch from the electronics store. In reality, proper wiring can make or break your network. Here are some of the problems I have come across over time:

  • Using cheap equipment. One of my first customers ever was very budget-conscious, and I was not yet as experienced as I am today. I found a $19 no-name 16-port switch at an electronics store. Should have stopped to think about why it was so cheap. The next week, the customer kept calling me that the network was down and the computers kept crashing. As it turned out, one of the ports on this switch was so bad that it sent out signals throughout the network.
  • Home-made wiring. Another of my customers wanted to save money and did all the wiring in his new office himself. He kept calling me about "why is the network so slow. I've got CAT 6 cable and a Gigabit switch". Eventually, he found the problem himself: he had crosswired some of the cables. They still worked, but caused transmission errors.
  • Poorly run wiring. A third of my customers got regular transmission errors on the network. We tracked it down to the fact that his wiring contractor had run the Ethernet cables parallel to a power cable.
  • "Adding more outlets" with a cheap $20 hub or switch from the electronics store. Granted, sometimes it is unavoidable, but it also causes any number of problems. Here are just a few of the problems this causes:
    1. Such a hub becomes a single point of failure - and, being cheap, they do fail quite frequently
    2. Some people do not know the difference between a hub, a switch and a router and plug in a router instead of a switch. At one of my customers, one of the somewhat tech-savvy people did exactly this - but forgot to change the IP address for the router. As a result, their real Internet router had the same IP address ( as this extra router. Internet traffic was erratic at best. Even worse, this router still had the DHCP server enabled.
    3. Sometimes, it is necessary to force workstations in a network to renew their IP addresses immediately. The easiest way to do this is to remove the network cable, and plug it back in a few seconds later. If you need to reconfigure a complete network this way, you can simply power down the main switch for the same effect throughout the network. However, local switches at the workstation side of the connection disable this mechanism.
  • Using too long cables, or cables that are bent. One of my customers complained that a few of the workstations were very sluggish some days, blazingly fast on others. Fortunately, the customer had a managed switch with a cable testing feature that was able to show me the problem. Those computers that were blazingly fast reported a cable length between 30 and 80 feet - expected for the size building. Those computers that were slow reported an "unknown cable length". In one case, the cable from the wall outlet to the workstation was a badly kinked and coiled up cable of probably at least 100 ft. Replacing it with a brand-new 25-ft CAT 6 cable solved the problem.


Why I like Sonicwall

19 Jan 2009

Customers often ask me why they should spend $1000, $2000 or more for a SonicWALL firewall when they can buy “the same kind of” router from D-Link, Netgear, Linksys and the like at an electronics store for less than $100. The answer is that they are not the same.You can see the difference immediately when you unpack the device. SonicWALL firewalls are much more solidly built; most models come with a steel case, and some are rack-mountable.