The Art of Troubleshooting

And yes, it really is an art. It’s a challenge for some to learn how to figure out problems. In the IT industry, this is a requirement, almost as vital as having oxygen to breath. But because of the nature of troubleshooting — based on logic and deduction — it can be hard to teach all aspects of it. There are some things that can be taught and would be worthwhile to know when considering a computer, network or security issue at hand.

First, before you even get to the stage of having to troubleshoot get to know a system when it’s well. This means checking to see what processes are common at startup, how much memory is used when various applications run and what the over-all system does things. One of the things that helped me was this book for information on XP (I detest Vista with a passion) and this one for hardware. This allowed me to investigate and learn what’s new.

Second, have a good resource to read and learn from. Books are great (especially for a traditionalist like myself who likes the feel of paper) but often get quickly outdated. Something like Maximum PC Magazine is a great regular magazine to have for those who like to read while on subway, a plane or just relaxing at home. Even better is to have a regular forum to ask questions in. Tom’s Hardware is one of the foremost sites when it comes to hardware news, updates, reviews and even forums. It’s amongst the best out there just for that alone. Linux Questions.org can answer pretty much any question on linux issues. And when it comes to Windows questions, I go to Antionline. While it’s primarily a security site, there are enough knowledgable people there that can help eliminate security as the issue. These can act as resources for learning so you know when things work as well as for troubleshooting. The reality is that to address any issue we need to learn about the “thing” that we’re focused on fixing. Ideally, we want to do this before a problem occurs and to also help prevent problems from occuring. Also, ensure that you have valid, working backups. The ultimate solution to most problems is a re-format of the OS (often needed if a hard drive fails). Even on home systems a form of back of important data should be done regularly to avoid issues. And don’t backup the whole system, just the critical data that you need (e.g., mailboxes, bookmark links, documents, pictures, iTunes songs, logs, etc.) Installation files for applications and such should already be saved on CD for when re-installation is necessary.

The next step is when there is an issue, identifying the source. Unless you know there is an issue you’ll never be able to address it. It important to get all the facts you can about the issue and to be as detailed as possible. This may include screenshots, writing error messages down and noting anything that had been recently added, changed or removed. Poor software design and/or coding can cause serious issues at times so it’s important to keep track of changes. Sometimes even updates to the Operating System can cause it to behave in a manner similar to that of spyware activities. Also, use numerical values where possible when describing something. “It’s slow!” doesn’t mean a heck of a lot compared to “It used to take only 28 seconds to boot up; now it takes about a minute to boot up”.

The kernel of an OS is the portion that loads up all drivers and allows for full interaction with the user. Both Linux and Windows have modes where the kernel isn’t loaded. This can be a pretty good indicator as to whether the issue is outside of the OS or not. Booting into what is referred to as “Safe Mode” or “Single User” mode minimizes what’s loaded (usually it’s only basic drivers) and can help determine if it’s a driver or startup application that may be causing the issue. If the issue is still there, then it’s possible it’s at the BIOS level. Gathering all this info means you are now armed to find out the cause. This is where Google and/or the sites listed above can be handy.

Put any error code messages into Google and/or describe the issue, with as much detail as possible, to the forum. If it’s an error code and you’ll Google it, you’ll find either a KB page or other forums that detail the issue or both. The only exception is if you’re the first to hit upon this but given the speed of the internet, often issues spread rapidly around the world. Read up the details of others’ who have experienced the same issue and see how much of it matches your own. Sometimes problems are like Shrek’s proverbial onion: layer after layer after layer until you get to the root of the issue. As you research your problem more, you’ll find your solution and be able to address it.

Once addressed, you start the process over again. As you go through problems, you’ll learn what to recognize as a problem and what isn’t. You’ll also learn habits on how to fix these faster each time. Troubleshooting is an art to a degree but it’s an art that’s learned through trial and error. Unless you experience it, you won’t know. The one thing to keep in mind is that it isn’t magic but rather simple legwork and a bit of work to find the problem at hand.

Quick morning thoughts

Ok. So I originally had wanted to post yesterday — from the subway on my Blackberry — about individual’s need to be careful about what we post online. Of course, as luck would have it, none of it got saved. While posting from my Blackberry has been interesting and neat, it has presented some challenges. I still need to figure out how to use the email-to-post feature of WordPress (perhaps I’ll take some time tomorrow afternoon or this Sunday to do it).

In the meantime, I have been busy. First off, I’ve recently acquired two new domains — cigarnewbie.com (where I’ll post my cigar reviews and such — I’m still debating as to whether to create a whole separate blog for that or not) and wiredcatonline.com, which redirects to here. Wired Cat Online has been the name of my consulting/desktop publishing/personal company since I bought my first Mac, with my own money, back in 1993.

One of the things that I enjoy the most about what I do is that I can share what I learn with others. It’s actually far more critical, IMO, that we do so and that keeping secrets from others isn’t helpful. But this society, particularly in the IT industry, seems to continue to maintain that keeping secrets is a necessity. It, in this mindset, ensures we’re employed and important. All that it actually does is maintains an environment of distrust and facilitates the ability of assumptions to grow. These assumptions often hold us back because we become blind to what is going on. When it comes to security this makes us blind to the “bleeding obvious” (to quote Computer Stupidities).

So when I hear things or am asked things that seem to fit the bleeding obvious, I begin to wonder what brought our industry to this stage of things and how it holds us back. We miss the simple security things we can put in place, at no-to-low cost, effort and time, and miss the obvious security holes that need quick fixes but that take a bit of time, effort and planning. I have to admit to liking WordPress because a particular plug-in, Theme/Plugin Updater, has made it easier for me to ensure that I keep up to date on those plug-ins. Additionally, even WordPress itself is easy on the upgrade without me having to go back and re-adjust pages that I had modified before. Some themes still need something like that where widgets aren’t affected if I experiment with one theme over another but perhaps with time that will come (or I’ll create something — a Widget Keeper so to speak). Perhaps all of this is a result of the on-going larger political tiredness over state security and the FUD that the federal US government generates on a daily basis (if you travel alot, how often do you hear the “We’re at level Orange” warnings, often blared over the general speakers in the airport terminals?).

Anyways, tonight I’ll take a few moments to put down those original thoughts on individual security so we can continue working on ensuring that even home systems and home environments are protected from a computer point of view. If a particular area is of interest, pop me a note in the comments and I’ll see what I can dig up for you. 😉

ARTICLE: Ten Back to School Security Tips for Administrators

With the start of school around the corner, many IT administrators have to prep their environments for the hordes of students that will insist on downloading the entirety of Internet. Interestingly enough, our employees sometimes feel that they should do the same.

While they may not necessarily be visiting unsavory sites, they are likely to visit a variety of other sites that will distract them from their learning or job responsibilities. So what are those things should be done in preparation for the start of the school year (many at little-to-no-cost), whether at the school or in the work environment?

1. Educate your users. This cannot be stressed enough. Even if the site is about flower arrangements, it may be enough to distract users and eat up precious resources. This means users should be reminded that the computer and the network that it uses are the property of the company or the school and should only be used explicitly for reasons related to that organization.

2. Remind users that all things may be public. Whether it’s their activities and where they surf, emails or IMs they send or receive, it is all fair game and that there is no expectation of privacy. Additionally, public social networking sites can be used to connect with colleagues outside of work but common sense about what can be posted on those sites should be used.

3. Ensure that there are firewalls in place not only to protect the corporate environment from attack (outside in) but also firewall rules to limit what exits your network (inside out). It may be an innocuous gaming site but there could be malicious scripts on it that piggyback on connections.

4. Anti-virus and malware detection tools are still tools that should be incorporated into any standard educational or corporate environment. Just because we haven’t heard of any latest attacks doesn’t mean that they don’t exist. New attacks are occurring and new attack vectors are being used. Take, for example, Facebook applications which often grab as much info about a user from their cookies as it can and there is no mechanism to check if it grabs other cookies as well.

5. Take the stance of “less is more” on user environments. In addition to firewalls, anti-virus and malware detection tools, the actual desktop should be hardened. NIST/NSA still provides free hardening guides on the majority of systems. Remove what is unnecessary and only add the minimum of what is needed. If a user needs more, they will ask.

6. For those users that are mobile or heavily connected (the Blackberry crowd), invest in some simple laptop locks, Blackberry protective cases (like those from Otter) or other mechanisms. The Otter, I found, is great for klutzes like me at protecting my Blackberry when I drop it. You can use Roblock to track down lost or stolen Blackberries.

7. Take an inventory. It’s amazing how many companies let their laptops, Blackberries and other devices become property of individual employees. Asset tags and a simple asset tag database can work wonders. It’s important to keep track of those items as lost or wayward devices can add up to additional costs for a company. MyAssetTag.com may be a good site to visit to get such tags and they even have some for PDA/Smartphones.

8. Laptops and desktop LCDs should, by default, come with security screen filters. Laptops in particular should be outfitted these. With researchers and executives on the road, it’s important to ensure that wandering eyes don’t steal proprietary intellectual property. Whenever a new laptop is issued, it should come with a decent security filter. (3M makes an excellent line of these). With a bit of searching you can find some privacy screen filters for Blackberries and other such devices.

9. VPN tokens and the usage of VPN in general for all communications can help ensure that all sessions are protected. This may seem odd for a school to use but when an organization like Blizzard introduces it to improve security on its popular World of Warcraft online game, it’s definitely time to have it as a regular part of school or large organizational life. At $6.50 each, this is a cheap option to ensure that a person is a legitimate member of the community they are supposed to be a part of.

10. Weekly notifications of viruses and ideas to protect the company. The more informed an end-user is, the better it is for your organization. These don’t have to be in-depth but it may be enough that when a user uses their home computer to access work (since many companies are trying to employ telecommuting or 4-day work week options to save money) they protect those machines as well.

Oh, look. We’ve ended back at education again.

More importantly, turn these into good habits and standardized processes. When you close the door to security threats, you get more done faster.

And that means less homework for everyone.