Computers
Understanding IP addresses (part 1)
Written by Iceberg   
Monday, 19 January 2009 20:11
Ok, so I'm taking a course for a CCNA certification at the community college. This article will explain basically how an IP address actually works.

Introduction

So, you've probably heard people talk about how computers all use binary numbers to really work. In movies and TV, they often will overlay computer scenes with 1s and 0s to sort of make it look all techie, right? If you're like most people though, you have never actually seen any evidence of binary when working with your computer.

This is about to change.

The IP Address

An IP address, (or Internet Protocol address) is a set of numbers that represent a location on a network. For most of us the most common network we see is the Internet. When you open your web browser and give it an address such as www.google.com, your computer consults a sort of digital phone book called DNS. (Domain Name Service) A DNS server computer responds to your computer's request with a set of numbers that represents the address you gave it. For example, www.google.com may actually point to 74.125.19.103. This number is an IP address, and is the "real" address of the computer you have asked to contact.

Remember how I said we were going to finally meet some binary numbers in your computer? Well, there they are! That set of four numbers is actually a decimal representation of a set of 32 binary digits! These digits have been grouped into sets of eight (octets) for ease of use.

Going Binary

To understand binary numbers, you have to first understand how we write down numbers for our use. Binary is a numbering system, just like the Decimal system we're all used to using. The number set we normally use in our lives is also sometimes called "base-10" because it has ten digits in each decimal place. Think of it like an odometer in your car. As you count up, you use the first place until you get to nine, then that place resets to zero, and the one to the left goes up by one digit.

01
02
03
04
05
06
07
08
09
10

Binary is exactly the same way, except that it has only two digits, which is why it's called "base-2". If you wanted to count in binary, you could think of the same odometer with only two digits on each one of the places.

01
10
11
100
101
110
111

See how each time it advances, the one on the far right starts over?

In a numbering system, each digit is a product of that digit and a power of the base number, starting with zero. Let's look at an example again to get this sorted out. Here's a number:

196

The six is in the first place. It is worth 10 to the 0th power, or 1. (In math, anything to the 0th power is one.) For our number then, the first digit is 6 x 10 ^ 0 (six times ten to the zero'th power). Or 6x1=6.

This is where it starts to make sense! The second digit is nine, and it's in the second place. The value of that place is 10, which is 10 to the 1st power. So the value of that slot is nine times ten to the first power, or 9 x 10 ^ 1 = 90. That place is worth 90.

Finally the third digit is worth ten to the second power, or 100. So the 1 is actually 1 x 10 ^ 2, which is 1 x 100 = 100.

Add them all up:  100 + 90 + 6 = 196!

Binary works exactly the same way, except that the numbers are base-2, so all the digits are powers of two instead of ten!

Here's a binary number:  

11000100

Starting at the right, we then can figure out the value by using the powers of two, just like we did with the powers of ten!

0 x 2 ^ 0 = 0    (2 ^ 0 = 1)
0 x 2 ^ 1 = 0    (2 ^ 1 = 2)
1 x 2 ^ 2 = 4    (2 ^ 2 = 4)
0 x 2 ^ 3 = 0    (2 ^ 3 = 8)
0 x 2 ^ 4 = 0    (2 ^ 4 = 16)
0 x 2 ^ 5 = 0    (2 ^ 5 = 32)
1 x 2 ^ 6 = 64    (2 ^ 6 = 64)
1 x 2 ^ 7 = 128    (2 ^ 7 = 128)

Now add up all the values:  128 + 64 + 0 + 0 + 0 + 4 + 0 + 0 = 196

Congratulations! You can now convert from decimal to binary!

Back to the IP address

Getting back to that address we found for www.google.com earlier...  It was 74.125.19.103.

What you're actually looking at are four sets of eight binary "switches" that make up a 32-bit address. A bit is just a single binary "switch" in your computer's cpu! These switches are how computers actually think! Let's take apart that network address.

First Octet:  74.
The values of a set of eight binary digits from left to right are 128, 64, 32, 16, 8, 4, 2, 1. (Remember the powers of two?) To get the value 74, we need to figure out what binary places should be "turned on" to make 74. We'll start on the left.

128?  Nope, too big. Leave this one off (0)
64?  Yep, that's less than 74. Now we have 10 left to fill. Set this one to on (1)
32?  No, we only have 10 left, remember? Leave this one off (0)
16?  Still more than 10. Leave this one off (0)
8?  Yes! That's less than 10. Now we have 2 left to fill. Set this switch to on (1)
4?  Nope, greater than the 2 we have left. Leave this one off (0)
2?  That's it! Exactly the value we need! Set this one on (1)
1?  We already finished our value! No need for this one. Set it off (0).

The value of our first octet, which is 74 in decimal numbers is 01001010 in binary!

If we do the same for each of those, we'll get a binary version that looks like this:

01001010.01111101.00010011.01100111

Get rid of the periods...

01001010011111010001001101100111

And that is the actual IP address for www.google.com, as your computer sees it.
 
Asus M2V and Geforce 8500 BSOD
Written by Iceberg   
Sunday, 29 June 2008 07:51

I bought a little Geforce 8500GT card as a minor upgrade to my ATI X1600 Radeon. Unfortunately, as soon as I installed it I began getting weird BSOD crashes. It would go fine for anywhere from five minutes to half an hour, then suddenly the screen would stop updating except once every 30 seconds or so. Eventually it would just BSOD and stop.

I tried older drivers. I tried newer drivers. Neither worked. I knew it was a software problem though, because the card works fine in Linux, and it works fine in Safe Mode. 

Finally, I went and got a new bios for my motherboard, and sure enough that fixed the problem. I know I always read that one should do that as a primary troubleshooting step, but honestly in 20 years of working with computers that is actually the first time that I can concretely say that a new bios solved the problem! 

Hopefully, someone else will stumble upon this who needs to find that information.

 
MCSE Test 70-290
Written by Iceberg   
Monday, 17 March 2008 13:57

Just a couple notes on my experience in the Microsoft 70-290 Test (Windows Server 2003 Environment). Here''s things that you really need to know, based on the questions I received:

  • Permissions and how to set them up. Especially important is calculating the overall effective permissions both in NTFS and on network shares. Understand how the various Allow and Deny permissions work, how they apply to users and groups, and the net effect of using various permissions on shared folders and NTFS files/folders.
  • Backup types and how they work. You need to know the difference between the various types of backups (Normal, Copy, Incremental, Differential, etc.)
  • Try to remember the command-line utilities they mention in the books. You may get a list of various command-line options to accomplish a task, and you''ll need to know which ones perform the right task, and even whether or not such a command even exists!
Good luck on your tests! Study hard!
 
A note from the School Computer Guy
Written by Iceberg   
Tuesday, 04 March 2008 11:01
I''m a professional System Administrator. I''ve taken some long training and hard tests to get where I am today. My reputation and my employment depend on my being able to solve problems and satisfy my employers, which are the school administrators. I take this job very seriously, because my house mortgage needs to be paid, my family needs to be fed, and I really like buying new toys once in a while.

So that''s where I''m coming from.
', '
Now on to you guys. Every day I have to deal with computers that have malware infections despite our antivirus software. I have to figure out why your logins don''t work, or what happened to your files. I hear from teachers who want to know why their kids are still able to play games when they are supposed to be working on homework and tasks. These things come in as helpdesk tickets to my inbox every day. I get hundreds of these a week. I spend every day working on these problems to try and make the computers run smoothly for you guys.

The school administrators ask me to make sure that you are working and not playing on the computers that they provide for you to use. Parents are getting more savvy, and will actually check your MySpace pages every now and then. When they find you posting comments in the middle of the day, they call the principal and ask why you''re accessing MySpace when you''re supposed to be in class?

I get literally hundreds of problem tickets each week. With so many tasks to perform, I just don''t have time to go around, track down exactly what you did, talk to you about it, or set up convoluted security procedures just to try and prevent your action from happening again. Instead, I''m just going to go into my webfilter and tell it that you no longer get any Internet access at all. Period. And if I find that you''re still abusing the system and using someone else''s login, they''ll get banned too. It''s nothing personal, I just don''t have the time to deal with you.

I didn''t intend this to be a gripe session though. I want you guys to know a little about how I do the stuff that I do. Here''s an idea of what''s going on beind the scenes...

Part 1:  Active Directory
We use Windows servers at the schools, and they host Active Directory. This software is the master control setup for all your logins on the school domain. I can control nearly every aspect of your computers from these servers. Any computer that is on the network has to ask permission from the servers whenever they want to do something that requires network services. So when you log in on the domain, the Domain Controller checks to see if it''s ok that you log in, allocates whatever resources you should have, and then tells your computer the rules that have been set down for your usage. Ever try to go in to the Control Panel and find that either stuff is missing, you are denied access, or everything is greyed out? That''s probably a Group Policy being instituted on the computer. The level of control that Active Directory gives us is very impressive when applied properly. I also use it to prevent you from running the command prompt, accessing regedit, or even installing programs.

Part 2:  Logging / Tracking
You may not know it, but if you''re at one of my schools, every time you log in or out of a computer that information is written to a log file on the servers. I know the exact minute and second when you log in and out. So if a teacher comes and tells me that he found pornography on a computer that wasn''t there yesterday, it takes me all of ten minutes to produce a list of who logged on to the computer and when. I also keep track of the program files folder and can see when new files are added or removed. Same with registry modifications and files added to any of the system folders. This all happens completely invisibly to the user.

Part 3:  Web filtering / routing
All data heading to and from the Internet has to pass through our firewalls and routers (usually Cisco). The firewalls not only block access as a firewall is designed to do, but they also pass EVERY packet on to the network filtering software that we have installed. These filters check not only HTTP requests, but all other data moving through the Internet connection. They block stuff, as you probably have seen when you try to access a site we don''t want you to see, but more importantly they generate more reports. I can see EVERY web site that you visit, including SSL sites (using HTTPS instead of just HTTP) and I do spend a lot of time just sort of watching for red flags. When you pop up as having tried to visit Kproxy more than once, I set your account to be watched and start getting detailed reports of all your activity. How do you think I found out about the new proxy site that you discovered the other day? Why do you think it got shut down? Because I watched you go there 20 times, and then watched all your friends start going there. When half the students suddenly all start going to the same IP address, my curiousity gets aroused...

Part 4:  From the ground up
Whenever I do a fresh install, I use a customized Windows XP disk that has had a lot of the guts stripped out. Things like the games, Windows Messenger, and other non-essentials are just removed beforehand and never get installed. I also build in my accounts and use weird passwords that I record in a book, hidden in my desk somewhere. My passwords aren''t necessarily uniform, and they don''t use real words. They''re things like "r8jjZ4$on". Sometimes I just mash my hands on the keyboard and write down the result. (Yes, really!)

So there''s the skinny, in brief. It''s not so much that I can stop you from doing stuff on the network, but what I can do is make it inconvenient and make certain that I can tell the principal or teacher exactly who it was that installed the game on their computer.