What is the one thing that every IT guys keeps harping on?  Backups!  You have got to do your backups. Regularly. Consistently. Accurately.

In fact, go and do a backup this very second.

Seriously.

Stop reading.

Go and do a backup right now!  Your documents, your websites, your e-mail, your pictures.  Everything!

Go!

Don’t worry.  I’ll wait.

Now that you’re back and you’re not worrying about backups, I can let you in on a little secret.  If you didn’t just perform a backup of your website and suddenly it disappeared, there may still be hope.  And this hope’s name is Warrick.

The purpose of Warrick is to attempt to rebuild your website from different sources on the Internet that make cached copies of your website.

From the Warrick site:

Warrick is a utility for reconstructing or recovering a website when a back-up is not available. Warrick will search the Internet Archive, Google, Live Search, and Yahoo for stored pages and images and will save them to your filesystem. Warrick can be ran through our website or as a command-line utility (directions for downloading, installing, and running are given below).

Warrick is most effective at finding cached content in search engines in the first several days after losing the website since the cached versions of pages tend to disappear once the search engine re-crawls your site and can no longer find the pages. Running Warrick multiple times over a period of several days or weeks can increase the number of recovered files because the caches fluctuate daily (especially Yahoo’s). Internet Archive’s repository is at least 6-12 months out of date, and therefore you will only find content from them if your website has been around at least that long. If they don’t have your website archived, you might want to run Warrick again in 6-12 months.

I don’t know if I would be willing to leave the entire security of my website in the hands of Warrick.  But, if everything is gone anyway, what have you got to lose?

Similar Posts:

• My Blogroll Search Engine
• DCoT Search Engine
• Are You (Google) Accessible?
• CMS 17 of 24: Poor Man’s CMS, Radiant, CMS Made Simple
• Backup USB Drive With Alarm

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

I am presently reading Malcolm Gladwell’s latest book Outliers and I find it to be interesting just like the rest of his books.  While I was reading the chapter The Ethnic Theory of Plane Crashes, a footnote caught my eye.  This footnote had little to do with the rest of the chapter, except that it was about a disaster.  It reminded me how easy it is for our IT infrastructure to become a Three Mile Island.

Here is what Gladwell wrote:

Malcolm Gladwell, Outliers, page 183

One of the most famous incidents in history, for example, was the near meltdown oat Pennsylvania’s Three Mile Island nuclear station in 1979. Three Mile Island so traumatized the American public that it sent the US nuclear power industry into a tailspin from which it has never fully recovered.  But what actually happened at that nuclear reactor began as something far from dramatic.  As the sociologist Charles Perrow shows in his classic Normal Accidents, there was a relatively routing blockage in what is called the plant’s “polisher” - a kind of giant water filter.  The blockage caused moisture to leak into the plant’s air system, inadvertently tripping two valves and shutting down the flow of cold water into the plant’s steam generator.  Like all nuclear reactors, Three Mile Island had a backup cooling system for precisely this situation.  But on that particular day, for reasons that no one really understands, the valves for the backup system weren’t open.  Someone had closed them, and an indicator in the control room showing they were closed was blocked by a repair tag hanging from a switch above it.  That left the reactor dependent on another backup system, a special sort of relief valve.  But, as luck would have it, the relief valve wasn’t working properly that day either.  It stuck open when it was supposed to close, and, to make matters even worse, a gauge in the control room that should have told the operators that the relief valve wasn’t working was itself not working.  By the time Three Mile Island’s engineers realized what was happening, the reactor had come dangerously close to a meltdown.

No single big thing went wrong at Three Mile Island.  Rather, five completely unrelated events occurred in sequence, each of which, had it happened in isolation, would have caused no more than a hiccup in the plant’s ordinary operation.

The moment that I read this passage, I immediately thought to myself, “This is exactly what happens when IT systems fail!” Rarely is it because a server suddenly goes up in smoke (although that does happen in instances of office fires). Rather, there is usually a series of mishaps, bad decisions, and forgetfulness all mixed together with a liberal dose of Murphy’s Law.

So, what can you do to protect yourself from these small “hiccup”s before they become a Three Mile Island?  Here are a few things that I can up with:

1. Do not neglect your regular maintenance.
2. Never assume that no news is good news.
3. As boring and tedious a job as it is, go through your event logs and make sure everything is working fine.
4. Assume the worst.  If you did not get an error alert via e-mail, do not assume that there was no error, rather, assume your e-mail is down.
5. Track small problems so that you can continue to deal with then then they are small problems.
6. When big problems do occur, document the small problems that contributed to the big problem.
7. When a small problem occurs, perform a worst case scenario analysis to see what could have actually happened.
8. Hope for the best, but plan for the worst.
9. As much as is possible and within your budget, ensure that redundant systems are in place at every step of the way.  RAID5 hard drives in a system that has dual power supplies connected to two UPS systems connected to separate power companies with a complete failover system to another computer if there is a failure in one of the single points of failure (e.g. motherboard).

As a bit of motivation, here are some Murphy’s Laws that pertain to technology, courtesy of Murphy’s Law Site:

• Logic is a systematic method of coming to the wrong conclusion with confidence.
• Whenever a system becomes completely defined, some damn fool discovers something which either abolishes the system or expands it beyond recognition.
• Technology is dominated by those who manage what they do not understand.
• If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.
• The opulence of the front office decor varies inversely with the fundamental solvency of the firm.
• The attention span of a computer is only as long as it electrical cord.
• An expert is one who knows more and more about less and less until he knows absolutely everything about nothing.
• Tell a man there are 300 billion stars in the universe and he’ll believe you. Tell him a bench has wet paint on it and he’ll have to touch to be sure. great discoveries are made by mistake.
• Always draw your curves, then plot your reading.
• Nothing ever gets built on schedule or within budget.
• All’s well that ends.
• A meeting is an event at which the minutes are kept and the hours are lost.
• The first myth of management is that it exists.
• A failure will not appear till a unit has passed final inspection.
• New systems generate new problems.
• To err is human, but to really foul things up requires a computer.
• We don’t know one millionth of one percent about anything.
• A computer makes as many mistakes in two seconds as 20 men working 20 years make.
• Nothing motivates a man more than to see his boss putting in an honest day’s work.
• Some people manage by the book, even though they don’t know who wrote the book or even what book.
• The primary function of the design engineer is to make things difficult for the fabricator and impossible for the serviceman.
• To spot the expert, pick the one who predicts the job will take the longest and cost the most.
• After all is said and done, a hell of a lot more is said than done.
• Any circuit design must contain at least one part which is obsolete, two parts which are unobtainable and three parts which are still under development.
• A complex system that works is invariably found to have evolved from a simple system that works.
• If mathematically you end up with the incorrect answer, try multiplying by the page number.
• Computers are unreliable, but humans are even more unreliable. Any system which depends on human reliability is unreliable.
• .Give all orders verbally. Never write anything down that might go into a “Pearl Harbor File.”
• Under the most rigorously controlled conditions of pressure, temperature, volume, humidity, and other variables the organism will do as it damn well pleases.
• If you can’t understand it, it is intuitively obvious.
• The more cordial the buyer’s secretary, the greater the odds that the competition already has the order.
• In designing any type of construction, no overall dimension can be totaled correctly after 4:30 p.m. on Friday. The correct total will become self-evident at 8:15 a.m. on Monday.
• Fill what’s empty. Empty what’s full. And scratch where it itches.
• All things are possible except skiing through a revolving door.
• The only perfect science is hind-sight.
• Work smarder and not harder and be careful of yor speling.
• If it’s not in the computer, it doesn’t exist.
• If an experiment works, something has gone wrong.
• When all else fails, read the instructions.
• If there is a possibility of several things going wrong the one that will cause the most damage will be the one to go wrong.
• Everything that goes up must come down.
  Corollary: Not always
• Any instrument when dropped will roll into the least accessible corner.
• Any simple theory will be worded in the most complicated way.
• Build a system that even a fool can use and only a fool will want to use it.
• The degree of technical competence is inversely proportional to the level of management.
• A difficult task will be halted near completion by one tiny, previously insignificant detail.
• There is never time to do it right, but always time to do it over.
• The remaining work to finish in order to reach your goal increases as the deadline approaches.
• If there is ever the possibility of several things to go wrong, the one that will cause the most damage will be the one to go wrong.
• If something breaks, and it stops you from doing something, it will be fixed when you:
  1. no longer need it
  2. are in the middle of something else
  3. don’t want it to be fixed, because you really don’t want to do what you were supposed to do
• Each profession talks to itself in it’s own language, apparently there is no Rosetta Stone
• The more urgent the need for a decision to be made, less apparent become the identity of the decision maker
• It is never wise to let a piece of electronic equipment know that you are in a hurry.
• Don’t fix something that ain’t broke, ’cause you’ll break it and you still can’t fix it
• You can never tell which way the train went by looking at the track.
  Chong Kwong Sheng addition:
  Only by the splatter of the blood stains
  The last two laws were sent by Chong Kwong Sheng
• Dobie’s Dogma:
  If you are not thoroughly confused, you have not been thoroughly informed.
• A screw will never fit a nut.
• Standard parts are not.
• When working on a motor vehicle engine, any tool dropped will land directly under the center of the engine.
• Interchangeable tapes won’t.
• Never trust modern technology.  Trust it only when it is old technology.
• The bolt that is in the most awkward place will always be the one with the tightest thread.
• The most ominous phrase in science: “Uh-oh . . .”
• The 2nd worst thing you can hear the tech say is “Oops!” The worst thing you can hear the tech say is “oh s**t!”
• Any example of hardware/software can be made fool-proof. It cannot, however, be made damn-fool-proof.
• The Rossemblat Graphic Insult Theory:
  When any technological change is made, we have a graphic insult curve. No mater how high the insult curve climb, the important thing is how long it goes.
• Bahaman’s Law:
  for any given software, the moment you read software reviews and manage to master it, a new version of that software appears.
  Yakko’s addition:
  The new version always manages to change the one feature you need most.
• In today’s fast-moving tech environment, it is a requirement that we forget more than we learn.
• It is simple to make something complex, and complex to make it simple.
• Measurements will be quoted in the least practical unit; velocity, for example, will be measured in ‘furlongs-per-fortnight’.
• In electronics repair the part with the highest failure rate will always be located in the least accessible area of the equipment.
• Multi-million pound technology is worthless in the hands of morons.
• The rule of Protection:
  If you install a 50¢ fuse to protect a 100$ component, the 100$ component will blow to protect the 50¢ fuse.
• Karl Imhoff was a German engineer who developed sewage treatment systems in the early 1900’s.  His biggest contribution was the Imhoff Tank, which allows sewage to settle.  The Imhoff Law relates to bosses everywhere.  The law goes as follows:
  The largest chunks always rise to the top.
• High tech man-year = 730 people trying to finish a project before lunch.
• An expert will always state the obvious.
• The boss is always right.
  Corollary: If the boss is wrong, refer back to the rule.
• On a cruise ship, the one, most important part you don’t have in stock always breaks on a Friday evening, just when you left harbor and the next time you will be in harbor is a Sunday or Christmas eve.
• The chance a copy machine will brake down is proportional to the importance of the material that needs to be copied and inversely proportional to the amount of time till the material will be needed.
• Maintenance department neglect customer’s complains till it starts installations in customer’s new projects.
• Murphy’s Law on HVAC systems:
  An HVAC (Heating Ventilating and Air Conditioning) engineering firm, will invariably lease office space in a building with a lousy HVAC system.
  All the engineers can do is shiver or sweat and moan about it, and say how they would fix it if the building owner actually gave a damn.
• The probability any machine breaks down increases with the importance of expected visit.
• if it works in theory, it won’t work in practice.
  if it works in practice it won’t work in theory.
• Research Law:
  No matter how clever and complete your research is, there is always someone who knows more.
• Somers’ Law of Repair:
  No part ever fails where you can reach it, or where there is enough light to see how to replace it.
• Any tool dropped will fall where it can cause the most damage.
• Any wire cut to length will be too short.
• Equivalent replacement parts aren’t.
• When you finally update to a new technology, is when everyone stop supporting it.
• Interchangeable parts aren’t
• The proposed size of any project is inversely proportional to the size the project will eventually become.
  Corollary: Any project that can consume more resources before reaching it’s final state will do so.
  This will happen faster than you think.
  Also, the investors will not be happy.
  Sent by Jon Proesel
• The less intelligent the idea, and the person stating it, the more likely it will be funded.
• A man with one watch is certain about time. A man with two watches isn’t.
• The more knowledge you gained, the less certain you are of it.
• If you think you understand science (or computers or women), you’re clearly not an expert
• Technicians are the only ones that don’t trust technology
  The last four laws were sent by Jan Wenall
• All impossible failures, will happen at the test site.
  Corollary: All impossible failures will happen on the clients desktop
• The more you want to contact someone over an instant messenger is inversely proportional to the chances that they will be on-line.
• The more important your email is, the worse your email client will screw it up.
• The degree to which a device will function is directly proportional to the number of times it has been bashed and inversely to its cost.
• A device having an indestructible component or is user serviceable is deemed unsafe until it’s replaced by an expensive, unobtainable, inefficient component which needs constant servicing.
• Assaf’s Laws of Replacement Parts
  • A failed 25¢ part cannot be replaced by a new 25¢ part, but by a sub-assembly whose cost is equal to or greater than that of the device in need of the part
  • The cost and availability of a replacement part are in inverse proportion to the cost of the whole system: a $1500 device will fail because of the burnout of a 25¢ capacitor. But the 25¢ capacitor is either
    • no longer manufactured
    • manufactured only by a company in Outer Mongolia with an 18-month backlog
    • available only as part of a $1450 sub-assembly

  All things mechanical/electrical will catastrophically fail after the guarantee has expired, unless an extended guarantee has been purchased.
  Sent by Blair Murray

• The Harvard Principle:
  Under the most rigorously controlled conditions of temperature, humidity, pressure, etc., the organism will do as it damn well pleases.
• First Law of Linear Equations:
  Given any system n linear equations, there will be n+1 unknowns/li>
• The disappearance of a nagging error in a system is explicable only in terms of insignificant contribution of the source to that system
• The repairman will have never seen a model quite like yours before
• Law of Repairmen:
  The repairman fixes your machine to break down the next day and charges for a new machine.
• While technology progresses at the speed of light it’s implementation is filtered through the speed of bureaucracy
• In theory there is no difference between theory and practice, but in practice there is.
• Stationary engineering law:
  never underestimate incompetency

Got a horror story about how one problem just added to another?  Have your own version of a Murphy’s Law?  Let everyone know in the comments!

Similar Posts:

• Critical Project Management Lessons fom Wile E. Coyote - Part 1
• DIY 3D Printer
• Critical Project Management Lessons fom Wile E. Coyote - Part 3
• DIY Open Source MP3 Player
• Why I Blog

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

I’ve been on people’s cases lately about having strong passwords.  There are really two issues related to strong passwords:

1. Creating strong passwords
2. Preventing strong passwords from becoming weak

What Makes Passwords Weak?

Let’s start by looking at what makes passwords weak. Then, we can strengthen passwords by avoiding these issues.

Common Dictionary Words

If a word is in the dictionary (including those in other languages) then chances are it is in a brute force attack dictionary.  This means that it is really just a matter of time before your password is hacked.

This also includes variations of dictionary words:

• reversed words (e.g. drowssap)
• mixed capitalization (e.g. PaSsWoRd)
• character/symbol replacement (e.g. pa$$word)
• removed vowels (e.g. psswrd)

Based on Common Names

Common names are, just that, common.  This makes them easily guessable.  So, “bobpassword” is probably not a good idea.

Based on User/Account Name

Let’s say you have a user name of “username1234″.  I would not suggest using any of the following passwords:

• password1234
• username12345
• username5678
• user1234name

Too Short

If your password is under seven characters, it is not long enough.  ‘Nuff said.

Based on Keyboard Patterns

A password that is just a series of keystrokes along the keyboard is probably not the best idea for a password.  Check out some of these passwords on your keyboard and you will quickly see why they are bad news:

• qwerty
• 1qaz2wsx3edc
• 0-p[l;,.
• !@#$1234
• z,alqp1-

Only Use One Symbol Type

It is really tempting to create a password that is all letters.  Let’s face it, this is how we are wired!  But, it also greatly limits the number of possible passwords.  For example, if you have a seven character password made up of only lower case letters, there are 8,031,810,176 possible passwords.  But, if you add in uppercase letters, numbers, and punctuation characters, there are suddenly 64,847,759,419,264 potential passwords, making the password significantly more difficult to discover!

Difficult to Remember

I am going to give you one password that would be practically impossible to crack!  Ready?  Here it is:

\Oj?Ix4MH%xy}5xTpu@+NkMZ2)C09IE:Rrr}6E7;$::]aH|YH8`]U38%cHUe\lL|w?D6ms:T.mT9L”YV0$#843Rl-$xkA9JQV|Z7-eG]”T+O&glxb]{xW9*D^5′f.}4x[(;b}_bEXQQ;y<”VcY:FVah1,Q%’Cv=h8Ktq~=?~’7Bgt6c}w)n&mtPyUJfiXy”3R>J5″ZD2clmW?@D$T0″eL#’v09X({MVc(c!>{k4N[@’;`CA0oK5$3N{)apz*l’A;lbRpu^eiI06T_5″|%>XfBiyKYpVcvq4p”EL<(\W8wNP,54SIg27Ub|wJ”%#NOt*{0_RHeYZ,+AJ)~XsyppsJ)B|P/\xi’IGX^2[.6

Now, all you need to do is memorize it and you are set!

I can guarantee you that nobody will ever use this as their password!  It is simply way too long!  If you can’t memorize a password, then it is as good as useless!

Strong Password Characteristics

So, now that we know what makes a weak password, how do we make a strong password?

Strong passwords should all have the following characteristics:

• contain at least one of each of the following:

1. digit (0..9)
2. letter (a..Z)
3. punctuation symbol (e.g., !)
4. control character (e.g., ^s, Ctrl-s)

• are based on a verse (e.g., passphrase) from an obscure work where the password is formed from the characters in the verse. e.g., “Iafyd$,t,ta!” is derived from the phrase “If at first you don’t succeed, try, try again!“
• are easily remembered by you but very difficult (preferably impossible) for others to guess

Making Strong Passwords Weak

Even if you have a strong password, there are a number of things that many people do to make it less effective:

1. Recycling passwords.  Do not use the same password over and over again when you need to change it.
2. Recording passwords.  As tempting as it may be, putting your password on a sticky note on the side of your monitor is a definite no-no.
3. Using The Same Password On Multiple Systems.  Almost everyone is guilty of doing this.  You come up with a great password and then proceed to use it for your e-mail, computer account, Facebook, etc. password.  While this makes it really easy to remember the password, if someone figures it out, then they have access to everything!

Password Creation Worksheet

As a way to make your life easier, I have created a worksheet that you can download and print off that will help you to create a strong password.  I have also included a completed example.  I strongly recommend that you print a number of these worksheets out and have them handy the next time that you need to create a password.

If you are looking for a good starting phrase, may I suggest a nice, long quote from your favorite movie?

Related articles:

• Tonyvirtual: How tough do you think your password is?
• How Long Does it take for an Home Computer to Break your Password
• Cracking Passwords Test
• Password Management/Generators And Tips
• Dictionary Attacks 101
• Passwords: Most People Do It Wrong

Similar Posts:

• Most Common Passwords
• Awesome Find #3: Neo’s SafeKeys 2008
• Change Your Password!
• Open Source DCoT Application - Word Counter
• How Jared Was Hacked!

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

Are you sick of that spammer who comes from 24.97.125.8? Do you think that 83.227.193.32 is cute but don’t know how to get a message to them? Well, here’s your chance!

IpMessage.net is a service that allows you to leave a message for a visitor from a specific IP address. All you need to do is enter an IP address and then write your message. When someone from the IP address that you entered comes to the website, they will see the message that you left.

To be honest, this is a pretty useless “service” but it is fun to play around with!

Similar Posts:

• Send Spammers Into A Death Loop
• Old School: Send E-Mail with Telnet
• New Visitor Identifier
• Stop Spammers
• I Really Appreciate It When…

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

A client of our today was having difficulty browsing the Internet. One of the possibilities was a problem with DNS. So, I put together a quick DNS troubleshooting flowchart.

This is by no means a comprehensive troubleshooting chart but it is a very effective tool that will help you focus your attention when you are having difficulties accessing a website and you think that the problem may be with DNS either on your network or with your Internet service provider.

Ping DNS Server?

Check to see if the DNS server is even available through a ping. First, determine your DNS server by typing in the following in a command prompt:

ipconfig /all

and search for DNS servers to determine the IP address of your DNS server.

Next, ping the DNS server IP address. So, if your DNS server IP address is 192.168.0.1, you would enter:

ping 192.168.0.1

If you get a response back, your DNS server is accessible. If not, there are a few potential problems:

1. DNS server is down
2. Internet is down (when DNS is provided by Internet provider)
3. DHCP is giving out the wrong DNS name
4. DNS server is set statically and is wrong

Can You Ping?

If you can ping your DNS server, next check to see if you can ping a website on the Internet. I typically use google.com. Type the following command into a command prompt:

ping google.com

You should get a ping response. If you get something like:

Ping request could not find host google.com. Please check the name and try again.

this could indicate that you have a DNS issue but it warrants further investigation.

Can You Telnet?

If you can ping, check to see if you can Telnet to the website. Type into a command prompt:

telnet google.com 80

If your command prompt goes blank, port 80 is working fine. (Press CTRL+C and then ENTER twice to get out of the box.)

If you get something like:

Connecting To google.com...Could not open connection to the host, on port 80: Connect failed

there are a number of potential issues:

1. Port 80 is blocked
2. Your IP address is being blocked by the server
3. The website is down

You can also try to connect on other ports such as port 25 on an external mail server.

HOSTS File Entry?

Your HOSTS file is like a local copy of DNS. If there is an entry in the hosts file that points to a different IP address for a domain name, then it will never get to the the DNS to find the website.

You can open and check your HOSTS file by typing the following at a command prompt:

notepad %windir%\SYSTEM32\DRIVERS\ETC\HOSTS

This will present you with a next file much like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

The last entry is the only entry that should be in a typical home computer. If you have any entries that coincide with the website that you are looking at, this could be your problem.

Clear Web Browser and DNS Cache

Both your web browser and your computer have a cache which stores information about DNS. If you are getting strange results from the tests, try clearing the web browser cache and the DNS cache.

The web browser cache can be found in the options window. To delete the DNS cache, simply type the following command prompt command:

ipconfig /flushdns

Conclusion

Hopefully this will help you to determine if you are running into DNS issues. Of course, DNS is only one small part of your entire network but this is a good start.

Similar Posts:

• Catch Internet Policy Breakers with DNS Cache
• Get Command Prompt On Remote System
• First Steps on Debian Based Distros
• HowTo Defragment a Drive From The Command Prompt
• Wordpress Cache Gibberish

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?