Skip navigation

It's always cool when things work exactly like they're supposed to. Let me give you an example...

On Friday, May 21st, a fellow member of the technical community and social media advocate found a vulnerability with the SolarWinds TFTP Server. That dude, @nullthreat on Twitter, is one sharp cookie. He tweeted about it and the team here saw the message via the twitter stream and jumped into action. At first, we thought that it was the same exploit that we'd patched a few months back so we asked him to test against the latest versions.

Sure enough, the latest versions had the same problem - this was a brand new issue. So the R&D team here went back to work. Within about 48 hours of validating it was a new issue we had a patch written, tested, and made it available for download.

There are several things that worked particularly well in this scenario. First of all, @nullthreat, aka Elliott Cutright and author of the well read blog on hacking and security "nullthreat.net", found the issue and communicated about it via social media - Twitter and his blog. You might be surprised that I'm happy that someone hacked one of our applications and posted the vulnerability out on Twitter - don't be. This is exactly what security experts are supposed to do (and what they love to do) and it causes companies like us to have to take immediate action - which is good for everyone.

Secondly, I have to say that I was impressed with the way that our PM and R&D teams handled this. They saw it, pounced on it, and fixed it right away.

The third thing that was really cool about this is that it all happened while I'm in Europe meeting with customers, partners, the press, and some of our R&D team. I had no part in any of it other than to sit back, watch it happen, and smile.

It's pretty cool when you see the technical community working together, leveraging social networking tools, and challenging each other to be better all for the betterment of Geek-kind.

If you're using the TFTP Server and want to protect against this threat, be sure to download the latest version from SolarWinds.Com and grab the latest hotfixes as well.


Flame on...
Josh
Follow me on Twitter

Josh Stephens

Ahhh. Ireland!!!

Posted by Josh Stephens May 24, 2010

I'm in our Cork Ireland office for a few days and I'm not sure why it's taken me so long to get back over here. The people are super friendly, the weather is fantastic, and you can smell the ocean everywhere you go.

We've got an awesome office here in our European headquarters, strong players all around and it's always a blast to get to collaborate with them and see what best practices they've developed here that can be carried back with me to the US.

Tomorrow we're hosting a partner summitt and on Wednesday we're hosting a customer event. Nothing I enjoy more than meeting with customers so this should be a fantastic time.

If you're planning to attend either drop me a comment and I'd love to chat with you during some of the breakaout sessions.


Flame on...
Josh
Follow me on Twitter

Well folks, looks like I need a little bit of your help. I'm up for a couple of speaking opportunities (a panel and a presentation) at VMWorld. I've made it past the first round of selections but the second round is based upon votes from the community and so I need your help.

Please go and vote for each of the events here:

Panel - Virtualization 101: Best Practices on How to Manage Storage and Virtualized Environments"
http://vmworld.com/community/conferences/2010/cfpvote/v101
(search the page for SolarWinds to find it)

Presentation - Effective Strategies for Managing VMWare Environments
http://vmworld.com/community/conferences/2010/cfpvote/tarchitecture
(search the page for Josh Stephens or SolarWinds to find it)

You'll have to register to vote but it only takes a few seconds. Your help is greatly appreciated and if I'm selected I promise to tell you about the time I took down the power for an entire city in Canada with only a diesel truck, 120 feet of logging chain, and a whole lot of mud... Not only that, but if I'm selected meet me at the show and the drinks are on me :)


Flame on...
Josh
Follow me on Twitter

This week I'm down in San Antonio speaking at the Cisco IP Telecommunications Users' Group (CIPTUG) conference. I'm giving a 2 part seminar on QoS based loosely upon the QoS webcasts that we've done and posted to solarwinds.com/geek. Thus far it's been a great event and we've had some deep conversations on QoS and the implementation within some of the attendees networks. I expect tomorrow will be even better as we'll get into traffic shaping, congestion avoidance, and Cisco's Class Based Quality of Service (CBQoS). The folks here at this event center really have it together - projector screens behind and to the left of the presenter, enough whiteboards to satisfy even this geek, and free ice cream sundaes!!!

Rather than making the drive back home to Austin tonight I decided to stay over in San Anonio. I've written before complaining about hotels that don't provide free wi-fi and the like and so tonight it's only fair that I give a shout out to the Drury Inn and Suites that I'm staying at down here. Free wireless internet access (802.11n no less), free breakfast, and a free happy hour with free food and drinks. I think i have a new favorite place to stay when I travel!

As I'm sitting here in my room enjoying the rest of my free drink (I sweet-talked the bartender into using an extra large glass, BTW, she's one of my new best friends) and watching The Lord of the Rings, The Fellowship of the Ring, I can't help but wonder if maybe Elves are real and if I might even work with one or two of them.

Now, hear me out. I've got this friend at SolarWinds. He's a dead-ringer for Legolas from the Lord of the Rings and I'm starting to wonder about a few things. For instance, the Elves live in a place called "Rivendell" and he lives in a place called "Riverplace". Coincidence? I think not. There's more... He has an accent. He says it's because he's from Australia, but honestly, have you ever been to Australia? How sure are we that it's even a real place? Maybe the movie 'Australia" was propaganda that the Elven people funded just to make us think that it's a real place and to throw us off track... Need more proof ?  Sometimes he speaks in a language that I can't understand. He says it's French, but I took French in high school and I can't understand a word of it. Get this - there's another guy here in the office that also speaks this same language and guess what - he has an accent too!!!  He says he's from Belgium. Again, anyone ever actually been to Belgium? More than that, if they're from Australia and Belgium - why aren't they speaking Australian and Belgian??? My theory is that either these places don't actually exist in our dimension and instead, the locations where we think they are contain wormholes that act as gateways to the Elven world; or, maybe the Elves have ruled Australia and Belgium for a long time and we just never new about it. They're obviously a superior species so how hard would it really be for them to pull this off? I really don't see any other possibilities...

A note to my Elven friends...
Quel undome,

Cormamin lindua ele lle.

The time has come for you to reveal your true selves and share with this human world the magical secrets of your race. I know from the dozen or so times that I've read the The Lord of the Rings Trilogy that you have much to offer - super human strenghth, agility, hearing and eyesight, a near immortal ability to delay aging, uncanny skills at bow shooting and riding giant hyena-like wolves, and the ability to control the rivers surrounding your homeland. Share with me your secrets and I will honor them for all of my human life. I will repay you by teaching you about Quality of Service in an IP based network and by sharing with you the secrets of making Texas chili.

Aa' lasser en lle coia orn n' omenta gurtha,
Josh

 

Yeah, I'm a little bit crazy. That's what happens when you spend too much time in the subfloors of a datacenter breathing in virtual private clouds...


Flame on...
Josh
Follow me on Twitter

Here lately there has been some confusion as to when to use Orion's Network Atlas for topology mapping and network diagramming vs. using LANsurveyor so I thought I'd take this opportunity to share my thoughts on the subject.

There are two primary use cases for applications that do network/topology mapping and I think the easiest way to explain when to use each of these two products is by analyzing these use cases.

Network Monitoring - if you're looking to create network diagrams and/or topology maps for the purposes of enhancing your network monitoring dashboards - use Network Atlas. As a matter of fact, if you're planning to use the maps in Orion in any way just go straight to Network Atlas. It'll save you a lot of time and the latest version offers features around automatically adding topology, connecting devices, and adding new devices that make it a no-brainer if you're planning to use the maps as a part of your monitoring strategy.

Documentation
If you're looking for a light-weight utility to run on your laptop to help you discover and map out the network then LANsurveyor is the ticket. The maps that you create and maintain for this use case are intended for documentation, asset tracking, light inventory management, and etc. LANsurveyor maps all the way down to the desktop and/or printer whereas Network Atlas is focused at the infrastructure level. LANsurveyor also allows you to export the topology maps into Microsoft Visio which makes for easy editing and printing. Also, if you're a consultant and you constantly go visit clients and need to get a quick understanding of their network topology LANsurveyor does a great job of this.

If you own Orion and you need to maintain detailed diagrams of network topology and device connectivity, I still say go with Network Atlas. When you buy Orion you are able to run as many copies of Network Atlas as you want to so that you can install it on your desktop and create the maps from there. Many folks that use Orion create maps that serve both purposes - monitoring dashboards and network documentation. If you can combine those efforts you can save a lot of time, especially if your focus is at the infrastructure level vs. all the way down to the end user devices on the LAN. The catch is that if you use Network Atlas then you'll need to use the maps within Orion and Network Atlas. It doesn't offer the option of exporting to Visio like LANsurveyor does.

When to buy both...
If you're an Orion customer then you've got access to Network Atlas to create and maintain your network topology maps. However, in some cases you may also want to have a few copies of LANsurveyor to do documentation, take with you when you visit remote offices and need to get a quick snapshot of the network, or just to help map out and keep track of the devices on your LANs like PCs and printers. Especially if you're addicted to keeping your maps in Visio.

Hopefully this will help to clear things up a bit. Ping me back if you have comments or questions, but at the end of the day, as long as you're mapping out your network topology and keeping network diagrams of your infrastructure you're ahead of the pack - so get started...


Flame on...
Josh
Follow me on Twitter

One of the most common questions I get asked when I'm teaching a class is what's the difference between "management" and "monitoring". This is especially true in the systems and application management space as the terms are in many cases used interchangeably even though the difference is broader than in the network management space.

For the most part, consider monitoring, like application monitoring, to be a subset of the greater systems management landscape. So systems monitoring is a part of systems management but there are many parts of systems management that have nothing to do with monitoring. Because each of these areas is so vast, they are commonly considered to be completely separate fields.

When it comes to systems management, there are some great tools out there that we can use as examples. Let's skip all of the ones that are produced by the systems and OS vendors because for the most part they're all pretty good and they're sort of "common sense" in that they offer tools to help do the things that you'd most likely need help doing. Because the OS vendors provide their own sets of tools, tools vendors have to produce tools that are signfiicantly more powerful and easier to use in order to be successful. One such vendor, and these guys produce some of my favorites tools for managing Windowss environments - is Systems Tools. They produce a product called Hyena that helps with things like Active Directory administration, user management, job and task scheduling and disk and file administration are a breeze with this set of tools.  Yes, it's possible to do a lot of what Hyena does with the systems management tools from Microsoft but Hyena just makes it a whole lot easier and can save you a ton of time.

When it comes to systems and application monitoring you first have to realize that the best in class monitoring tools aren't also going to do the management side of things. There may be some small areas of overlap but for the most part the featuesets and they ways that they go about presenting data and solving problems are completely different. In many cases, if you're looking to monitor a single server or a single application you can leverage a free tool like the VM Monitor or the Exchange Monitor we offer here at SolarWinds. Once you grow beyond single server/application monitoring needs and especially if you want to track not only application and server status but performance as well - tracking trends, recording end user aplication experience, and generating alerts when the appliations perform outside of your defined thresholds - then you'll want to move up to a product like Orion Application Performance Monitor (APM).

Hopefully this will help to clear thing up a bit. As always, ping me back if you have comments or if you'd like more information.


Flame on...
Josh
Follow me on Twitter

A few weeks ago we did a live seminar in DC and a blog post on the subject of building security into your network management strategy. Several of you that follow the blog e-mailed me directly to ask that we turn this into a webcast and so we've done just that.

Friday of next week, May 14th, at 10:00 CDT, we're going to host a webcast on this topic. You can sign up here.

Some of what we'll cover will include:

• Securing management traffic
• Smart choices for management protocols
• Secure event management
• Security concerns with traffic analysis

Leave me a comment or hit me up via e-mail if you have suggestions/questions/etc. I'm looking forward to sharing information on this topic with you as it seems like something that we could all spend a little more time thinking about...


Flame on...
Josh
Follow me on Twitter

Filter Blog

By date: By tag: