March 26th, 2009 by Hescominsoon

Let me know what you think.  This is the first pilot.  You can give me feedback by using the contact form or commenting on this post directly.  Coments are heavily moderated so I recommend the contact form.

Click below to play now

March 12th, 2009 by Hescominsoon

Many folks have not realized that modern filesystems in Windows negate the need for partitions. Back in the 16 bit days when partitions could not exceed 2 gigs or less this was necessary.  Partitioning is a throwback to dos and in the modern file systems this is actually a hindrance. Partitioning modern hard disks with modern filesystems is a waste of space and incurs a performance hit. Also considering that nearly everything you do on a windows system generates data on the system partition over time it is going to grow.  Also you lose disk space due to partitioning now. NTFS uses much smaller clusters than FAT32. When you chop the disk up the space you lose due to formatting the new partition cancels whatever benefit there may be to doing a partition in terms of disk space. What partitioning does now is now you have 1 MFT per partition. The MFT is the master file table which is basically a database of where all the files are located on the partition. Every partition you put on the disk gives you another MFT to worry about. This also introduces a performance overhead since if you access partition 2 on drive one the hard drive has to head to the second MFT, look it up, and then go find the file. Also if you copy a file from partition one 2 partition 2 now the system has to physically move the bits from one partition to the other partition on the same drive AND update two MFT’s. If everything is on the same partition then moving the files is merely a function of updating the one MFT and it’s done. The performance gain is not trivial. Try moving a gigabyte of files on a partitioned drive between partitions and then do it on a non-partitioned drive. The difference is night and day. Now if you want multiple drive letters don’t partition.  Instead setup another array either on  the same controller or preferably on another controller. Sticking with one partition simplifies things greatly:

1.  no extra drive letters to manage during system administration and most importantly during system recovery
2.  no disk space loss overhead from partitioning and formatting of partitions
3.  No performance hits from the hard drive(s) having to cross logical boundaries due to the fact that even if you specify hings    like exchange and sharepoint onto a different partition something is still kept and used often on the c: drive

March 6th, 2009 by Hescominsoon

I have spent the past few days working with level .5 techs(in terms of the knowledge of their own product) trying to get carbonite to restore the data it so willingly allowed me to upload.  Nowhere on the site does it mention a 50 gig cap and then they slow you down below dialup speeds.  Nor do they tell you that once the restore goes bad it’s going to take tons and tons of e-mails with you getting canned non-helpful suggestions.  Only after i finally uninstalled carbonite and contacted the CEO and started posting my negative reviews did they FINALLY give me some advanced things to try..by this time i was done and was working on my recovery from the .vhd file.

I just got an e-mail from carbonite..they ahve given me a full refund and have kept the account active..I can’t trust my data to them so it’s going to be an empty sheel from now on.

March 6th, 2009 by Hescominsoon

Luckily mounting the .vhd worked..but not without it’s own issues.  The instructions i talked about in my last post forget one thing.  The weird filename that the system generates make the vhdmount program barf.  I also wound up having to put the files inside the vhdmount folder onto the drive in the same folder as the vhd file.  I also had to rename the vhd file. So here’s my restoration procedure:

1.  Reformat the server

2.  Reload SBS onto said server

3.  get sbs setup

4.  download MS virtual Server 2005 sp1 for 64 bit

5. install just vhdmount

6.  copy the files from vhdmount(make sure you ahve hidden files in view) to the directory on the usb drive that contains the vhd file

7.  rename the vhd file to backup.vhd

8. type:  vhdmount /m backup.vhd

9. in a minute or two you should have another drive mounted.

10. take ownership of the entire drive

11. change the permisison so admins have all permissions.

Now you can copy the files from the drive to your sbs server.

March 5th, 2009 by Hescominsoon

If you read my earlier carbonite post it started because i had my server decide it would corrupt itself.  I did not catch it for a copule of days which meant my backup had corrupted OS files on it.  It turns out you can only restore the entire volume, disk, or server.  How idiotic.  So this means if your server craps out your only option is to restore the crapped out operating system files.  Since carbonite is useless in terms of restore what good is that backup?

After many hours of googling I think i found a solution:  The backup files are stored in MS virtual mahcine format.  I am going to try to manually extract the files i need after i reload SBS from scratch, manually rebuilt it…and then load up virtualserver 2005 and try to mount that drive.  I got this idea from David Moisan’s Blog.  Once i get the machine running again i’ll give this a wirl and let everyone know.

March 5th, 2009 by Hescominsoon

I was excited about carbonite.  The backup side works great…the restore is a disaster.  Two days after a server crash and i am waiting on carbonite to give me back my files.  SBS 2008 backup sucks for DR and i was depending on carbonite to save my behind.  After days of waiting and watching carbonite stay at zero percent and stop restoring i did some searching.  Carbonite does not clearly say there’s a 50 gig limit or they throttle you to less than dialup.  I have also seen numerous complaints about the restore process being slow or not working at all.

I wound up having to nuke half of my backup(luckily i had backed up those files to another usb drive) that brought my backup form 74 gigs to 30 gigs.  We will see if carbonite goes beyond 5.2k files this time before dying.

It looks like i won’t be using carbonite for any of my clients….also Leo laporte needs to get off hte carbonite bandwagon.  I am curious if he has actually tried to restore anything using carbonite yet?

*update* nope carbonite is a total failure.  I am now having to do a manual restore from my sbs backup in a way it wasn’t designed to do.  I hope i can get my data back this way at least.

March 3rd, 2009 by Hescominsoon

Conficker Collateral Damage for March 2009.

This is one side effect of the conficker worm.  Since it generates random doains to try to get instructions for if your site is the site of the day you are going to get hammered.  On March 13 it will be southwest airline’s turn.  Luckily for them they ahve some options..smaller companies like ECC would get knocked offline immeditaly.

Security researchers have figured out the pattern for conficker’s domain searching but right now stoping it because of 11+ millions infections is nearly impossible at this time.

March 3rd, 2009 by Hescominsoon

Protecting Against the Rampant Conficker Worm – PC World.

It’s called conficker or downandup and it’s another attack against a bad design in the windows system.  Conficker affects ALL versions of windows in one form or another.  The primary means of infection is through a now patched windows file sharing service.  This means it can rapidly spread through a network environment that is not patched.  ECC at first did not consider this to be a major security issue.;  The major issue now is that conficker will attempt to spread internally and anywhere else it can access.  It has been shown to create a botnet which means your machine is effectively under remote control from a third party.  This makes conficker a serious issue.

Part of conficker’s propagation is it radonaly generated new internet domains to transmit it’s status to a controller.  The comains are then torn down within days to avoid paying fees and the worm has already recived it’s new set of instructions by this time.  It has also been causing site outages and possible phising sites as many of the domains it’s creating are very close to legitamate site names.  Conficker is now alos highly effective in spreading through usb devices including mp3 players.

If you get this worm ECC reccomends a backup/format/reinstall due to how ingrained into the system this malware digs.  The best way to fix this worm is to make sure you are behind a router fo some kind AND that your windows updates are updated.

March 3rd, 2009 by Hescominsoon

After CERT warning, Microsoft delivers AutoRun fix | ITworld.

It’s about time.  I have been trying to kill U3 forever among other autorun enabled garbage.  ALL ECC managed network will get this patch pushed out to them.