Random Synapses

One of my older interests, computer networking, has finally received a recent “upgrade” by rounding up my toolbox.

Previously in my toolbox: RJ11 and RJ45 crimping tools.
Added to the toolbox: 110 and Krone punch-down tools, intelligent cable tester with LCD display.
Near future needs: cable tracer/identifier, either purchased (kind of expensive and little used) or DIY (dirt cheap, more time involved, unprofessional look).
Long-term possible purchases: better cable tester, including Time Domain Reflectometer function to locate where a wire is interrupted. Expensive and not needed at this time.

With the new tools I was able to find out that the cables I installed in this apartment last summer were pretty badly done. Back then, I crimped the wall cable and, in one year, nearly half of the electrical connections were interrupted or intermittent. Now, after installing proper wall jacks and patch cables, only one pair of a cable is still interrupted somewhere in a wall, but it’s not influencing the network.

Why did I need all these tools and how are they used? Here’s a brief network cabling primer.

It all starts with intelligent wiring of your location. Think ahead of your needs and, if you’re still going to make a mess with running cables through walls, do it properly and with sufficient room to grow in the future without having to take the walls apart again. Find an out of the way, central location for the networking equipment; you’ll install a 19″ rack here, where the patch panel, switches and other equipment will be locked in. Determine where network connectors are needed now and where it might be a good idea to have them in the future. Figure out how to run the cables from the central location to each socket. Decide if the cables are far enough (at least one meter) from sources of electromagnetic interference (power wires, motors, fluorescent lights); if yes, use unshielded cable (UTP), otherwise go for shielded cable (FTP). If running cables over false ceiling tiles, you might need to use special cable type whose insulation doesn’t produce toxic fumes in case of fire.

Run CAT5e cable for each socket. Use “wall” cable for this, it has a single copper strand for each wire and, as a result, it’s pretty stiff. If ran horizontally, install supporting brackets one meter apart; the cable being rigid, it will support its own weight easily. If you tie cables together (with cable ties or whatever), don’t squeeze cables together too hard, let them slightly loose. Don’t bend cables at sharp 90 degrees, give them a small bend radius. Don’t pinch, tear, cut or punch cable insulation. Label all cables. Leave extra cable at each end before cutting it.

Hint #1: Run two network cables (CAT5e) and a voice cable (CAT3, one or two pairs, one pair per phone line) for each wall socket location. This will make it easy to double the number of computers installed and easily add/move phones around, or use the second cable in case something goes wrong with the first.

Wall cable doesn’t get crimped because the thin, metallic fins in the RJ45 connector can’t cut through the single copper strand in each wire, so they get bent and only make partial contact in most cases. The only kind of cable that gets crimped is “patch” cable, which has each wire made of several, thinner strands of copper wound together, giving flexibility to the cable and allowing the metallic fins in the connector to pass between these strands in each wire, ensuring better electrical connections.

Wall cable is connected at one end to a network socket mounted in or on a wall, and into a patch panel at the other end, where the central networking equipment is. Basically, each wire in the cable is punched through a metallic Y-shaped contact which cuts through the insulation. There are two types of connectors: 110 and Krone. Krone has the metallic contact at 45 degrees to the wire, while 110 has a right-angle position. Each type of connector needs a different punch-down tool. Decide which you want to use and buy the appropriate punch down tool, wall sockets and patch panel.

Note: Wall sockets with screws for wires look the same as Ethernet sockets, but they’re not; they are designed for ISDN telephone wires, and not appropriate for networking.

Hint #2: Get both kinds of punch-down tools if you want, they’ll be handy and not expensive. Some patch panels and wall sockets are dual, having connectors both for 110 and Krone. 110 is more widely used in telephone systems.

Decide on the color coding to use for connecting wires: TIA/EIA 568A or 568B. Connect wires to sockets, mount sockets in walls or apply them on walls, connect wires to the patch panel. Label each socket and connector and its corresponding port in the patch panel. If you used shielded cable, the shield foil will be a bit of pain, but you need to connect it as well — and all cables in the network must be shielded, otherwise it’s useless. Make sure you don’t untwist wire pairs for more than 2.5 centimeters (one inch).

Hint #3: Most people prefer 568B color scheme. It’s up to you, just be consistent so fault finding and upgrades/replacements are much easier and less time consuming.

Hint #4: Help yourself (and others) understand what port in the patch panel goes where, by using a simple naming convention. Number wall sockets and assign letters to each port. For a two-connector wall socket, name them 1A and 1B, for the next wall socket go with 2A and 2B, and so on. Keep numbers tidy, group them by location in the building. You could have a name like 245A, indicating left connector (A) on the wall socket number 5 in office/room/work area number 4 on 2nd floor. Leave room in the numbering system for growth, use sequential numbers only for small groups of outlets.

With cables connected to patch panel and wall sockets, test all cables at least with a cable tester, to make sure you have the right cables and labels, you have continuity and proper wire pairing. Professionals will go as far as test the signal quality, certify the wiring for certain speeds and guarantee performance of this infrastructure.

You should now have a patch panel (or more) with lots of ports connected to sockets throughout the building. It’s not surprising to have 48 ports wired up for a network that will start with 6 or 10 PCs, but with a high probability of increasing the computer infrastructure in a few years. The many ports gives you flexibility to move computers around, there’s always a network socket nearby, no need to run long cables across the floor and tell people “don’t trip over the cable” a hundred times a day.

A network switch is mounted in the rack. You’ll use short (30 centimeters), pre-made patch cables, to connect the ports in the switch with the ports in the patch panel corresponding to wall sockets being used. If the switch has management capabilities, make note which port is connected to which wall socket, so you know whose computer is connected to which switch port in order to assign access rights to the network. In the building, connect the computers to nearby wall sockets with pre-made patch cables — they come in various lengths: 1, 3, 5, 10 meters.

Voice cables connect to phone jacks in the office and something similar to a patch panel at the central location, from where other cables will make the connections to the PABX or the lines from the phone company.

So, there — all done. Notice that I haven’t used the crimping tools. That’s because they are normally used to crimp patch cables. It’s cheaper to just buy pre-made and certified patch cables to the desired length and color, than to buy a roll of cable and build your own cables. The crimping tools are handy in emergency situations, though.

My computer developed another strange behaviour in recent months. I leave it on day and night most of the time, and just restart it (”warm boot”) every few days, which didn’t give me any problems. But if I shut it down for the night, when powering it up in the morning (”cold boot”), it would reset itself while loading the desktop and system tray applications. And then, the keyboard would not work unless I went to Device Manager and disable then enable it, using the mouse. There was another strange thing: if I left the balcony door open to get some fresh air, the cold winter air would cause the PC to reboot on its own after a while.

It’s been a few months of intense study and work for University graduation, so I had no time to actually fiddle with this until last week, but I kept thinking about the symptoms. What could be wrong? Restarting while loading system tray applications, like the firewall and the network card indicator… Hmm. Could it be a network card driver problem, causing some strange restart instruction for the processor? Maybe the problem was the new VIA Hyperion drivers I installed at the end of last year? Could it be a hardware conflict between the network card and some other component, like the USB 2 controller card and the TV tuner, both installed recently? What did the keyboard have to do with anything, could it be a deffective PS/2 controller on the motherboard? Weird symptoms out of nowhere, just weird. Why would the restart happen only the first time, then, but not the second time? And what’s up with cold air restarting the PC as well?

Cold air and cold boot restarting the computer got me thinking that it was a temperature-related problem: when some circuits got cold, something caused the system to restart. What could it be? An imperfect electrical connection somewhere which stopped working when metallic contacts contracted because of cold air and being cold after staying powered off during the night? Possibly. So I checked power cables and IDE cables for hard drive and optical drives. No change.

I was just looking at the components in the case trying to think of other possible faults, when a familiar image became obvious: swollen capacitors. More than half a year ago I made a lucky discovery that saved my PC, which led to the replacement of 14 swollen capacitors whose electrolyte dried up over the years and they lost their electrical characteristics. Other smaller capacitors on the motherboard were left unchanged at that time. But now, two of them were showing the familiar swollen tops. One was right next to the ATX power connector and the other next to the memory banks — two critical locations in terms of stabilising electricity. Capacitors with dried electrolyte change their electrical parameters based on variations in ambient temperature, so this second discovery was consistent with the symptoms I had observed.

So I went out, bought matching capacitors and replaced these two swollen capacitors. Unsurprisingly, the symptoms disappeared right away. Now I’m determined to replace all these green troublemaking capacitors, when I will be able to find replacements with matching characteristics in stock somewhere. And my next motherboard will definitely not make any compromise in terms of top quality components. The higher price is well worth it.

Heads up, everyone. The software developers are back from their holidays with new goodies for us.

WordPress has now reached version 2, and it really is a fantastic piece of software. It features automatic import from Blogger and Movable Type, better support for plugins, an easier way to manage users and a pretty rich text editor for WYSIWYG writing. But I won’t spoil all the surprises for you.

Javacool Software has released Spyware Blaster 3.5.1. For those of you with a raised eyebrow, this is a freeware, must have utility for your computer’s security. It has a list of over 5,000 sites related to automatic distribution of malware and prevents Internet Explorer, Firefox and any other application (such as a virus or spyware seeking to auto-update itself) from accessing these sites. If you already have it installed, the recommended upgrade procedure is to download the new version, run the old one, remove all protection, close old version, uninstall from Add/Remove Programs, install new version, run the online updater then enable all protection.

Stay tuned for Microsoft’s batch of Windows updates, released as usual on the second Tuesday of the month. Hopefully they will get the patch for the WMF exploit ready by then.

All the best for 2006!

The results of a study conducted last year by AOL and the National Cyber Security Alliance shows, among other things, that 81% of home PCs are insecure; that is, they lack basic security software — an antivirus program updated less than a week ago, a personal firewall and an anti-spyware solution. Moreover, 70% of the participants fell for phishing e-mails. 26% of the users had a wireless connection at home, half of them without any encryption enabled.

Are you surprised? I’m not. But I’m troubled. Not by percentages, but by the methodology of this study and, inherently, the way people look at computers. Allow me to detail.

Firstly, the study was made by AOL. Correct me if I’m wrong, but my guess is that the participants to this test were all AOL subscribers. I really doubt AOL obtained permission to investigate the security of subscribers from RoadRunner or Level3 or SouthWestern Bell or any other competitor. If the study focused only on the computers of AOL subscribers, then we’ve got a major flaw to begin with: one can’t generalize the results of an experiment conducted on a statistic population whose diversity has been limited by a certain factor — the Internet Service Provider. No offense or disrespect meant to anyone, but AOL seems to attract and hold the dumbest people you’d find. Not necessarily dumb as in real life dumb, but generally in technical matters; you know, the ones that “ooooh” and “aaaah” when you skip your way from one field to the next in an online form with the Tab key instead of clicking the fields. Most of them have no clue whatsoever about properly using their PCs. Keeping their PCs secure may seem rocket science to many of them. It may be true that other Internet Service Providers have their share of technologically-challenged people, but it may also be true that the percentages of insecure PCs of other ISPs’ subscribers are not the same with AOL’s. The point is, in a study you cannot assume that the numbers are the same for other groups than your own statistical population because this can greatly affect the validity of any conclusions. What we’ve got here is a flawed assumption for hypothesis.

Secondly, I believe that the test’s definition of a secure computer is wrong. For instance, as a power user, I have a well-thought set of rules for using the computer safely. These common sense rules keep my computer from getting infected with viruses or worms or spyware or for catching me in a phishing scam without running any antivirus application in the background. Also, back when I had a hardware router between my PC and the cable modem, my PC was protected by the router’s firewall; therefore, keeping a software firewall running on my PC was redundant. So, even that my computer was as clean and secure as it gets, according to the definition of this study, my PC would have been tagged as “insecure”. That’s the second error of the statistic study: flawed methodology.

Thirdly, and this is where I was getting to, this study shows a major social problem: it’s how erroneously we perceive computers. We think of them as simple machines, like a lawn mower or perhaps a pocketable Tetris game. “I’m not at home touching the thing, so it’s not doing anything.” Wrong. It’s doing a gazillion things at any time, behind that static wallpaper image and frozen mouse cursor, especially if it’s connected to the Internet through a permanent, high-speed connection like cable or DSL. It’s a part of a global network and an active participant to it. And it’s far more powerful than your brain, even if it lacks your intelligence — that’s what makes it dangerous, too. Such a beast needs to be watched over and tamed constantly by someone trained for the job. Are you? Most likely not.

Try and follow me through this analogy. In a car accident, do you blame the car for not paying attention to the red light and traffic, or the absent-minded driver? Do all people get tested and certified for driving before being allowed behind the wheel? OK then; when a computer is found infested with worms and viruses and just doing all sorts of nasty things, why does it get the blame instead of its owner? Why does the computer get tested for security, instead of testing the owner for managing the computer responsibly and knowledgeably? After all, the computer is not as dumb as a lawn mower. It needs to be managed properly, controlled and supervised. Any computer owner needs to be aware that the PC left on and online at home is doing things without human intervention. So if the owner is not trained and licensed to control the computer, someone else must do the job. Mr. Ron Teixeira, executive director of the National Cyber Security Alliance, came exactly to the conclusion that “The security is only as good as the user.”

I am really looking forward to the day when buying or owning a computer has strings attached. Someone needs to be responsible for it, to be tested and licensed to operate it, and fined if the computer has been doing something bad. Posing as a victim with the excuse “I don’t know how my PC got infected” or even worse, “I didn’t know it could happen,” needs to come to an end. It’s the owner’s fault for allowing something bad to happen, even through his or her passive attitude. Computer security is rocket science to some, but so is flying an airplane or driving a car. If you can’t do it, pay a professional to do it for you. We need companies that provide security maintenance services to the computer owners, when the owners are clueless about security. And that, ladies and gentlemen, may be the first day when spam, worms, viruses, phishing, DDoS, drones, open proxies and all the other ill-reputed aspects of today’s Internet will start disappearing.

Having resolved the problem with the laptops’ hard drives clicking constantly, I faced another annoyance, still related to the hard drives. The laptops were a bit sluggish when they were heavily reading or writing to the hard drives, which was a little below my expectations from the excellent Western Digital Scorpio drives. And they were making a loud “clunk” noise every once in a while which, even if did not have any impact on the system’s performance, was an annoying and fearful sound.

It’s a known fact that hard drives get hot during use. Very hot. And their platters spin fast. Very fast. The temperature and centripetal acceleration in fast drives makes the chemical layers of the platters slightly dilate. Considering the very high density of data tracks and sectors on every square inch, even the slightest dillatation can result in heads not becoming properly alligned with the spinning tracks below. As a result, all hard drives periodically perform a head allignment operation to be able to locate the correct position of any data sector. You can hear this ocasionally, it sounds similar to the noise of the drive at computer start-up. So I assumed the occasional “clunk” noise was caused by self-calibration. But it didn’t seem right to occur as often as a few minutes in some occasions.

So, I rolled up my sleeves and began investigating.

Each device connected to a computer, inside or out, requires a software driver to provide the operating system with the specific instructions for controlling the hardware. Most versions of Windows are shipped with loads of “generic” drivers created by Microsoft. Windows XP is famous for its humongous collection of drivers — almost anything can be plugged in and will work without extra software.

The trick is in the name: “generic” drivers. Although some drivers embedded were provided by hardware manufacturers, many are created by Microsoft and provide minimal or limited functionality, compared to the full-featured drivers and software prepared by the hardware manufacturers. This is exactly why my hard drives were not running properly: Microsoft’s drivers for the laptop motherboards and hard drives were working — I was able to use the computer — but not at its full potential.

So here’s what I did. I knew the laptops had Intel processors, so they must have had Intel chipsets as well. Off to find the drivers for them on Intel’s support website… Searching around for a couple of minutes revealed a tiny utility for identifying chipset model; that’s how I found out that the laptops have Intel 830 chips in them, controlling everything on the motherboards. So I found and downloaded the drivers for this particular chipset. The downloads section also listed Intel’s Application Accelerator, which was created to enhance performance in laptops. I downloaded and installed it as well.

The result is amazing. By spending half an hour finding the proper drivers from the component manufacturer, the system’s start-up time has reduced with almost one half. Applications start much faster, the drives are quieter, they no longer make the “clunk” noises. The Intel Application Accelerator allows me to make choices over performance versus power consumption.

In what I’m concerned, at least Windows XP’s reputation of “all drivers included” no longer stands. It still is recommended to get drivers from hardware manufacturers and use them. For instance, Dell’s supplied drivers for the Synaptics touchpad are really, really old. Windows’ built-in drivers recognize it as a mouse but doesn’t allow scrolling or other smart options. The most recent driver from Synaptics’ website is much, much better. Or, Canon’s drivers for the digital camera allows me to preview photos in camera and download them sorted in separate folders by shooting date, as opposed to Windows’ built-in support for digital cameras which only allows basic download of image files.