Wednesday, 14 December 2011

The Most Secure Web Browser?

I came across a study by Accuvant Labs that was conducted to compare the security on Chrome, IE and Firefox web browsers. It was quite interesting to someone who works in IT and (predictably, as it was funded by Google?) discovered Chrome to be the clear winner. I won't go into all the conclusions, but if it is something you would want to know more about I have provided a couple of links.

The PDF of the study can be found here: Browser Security Comparison: A Quantitative Approach

A good summary and some security tips can be found here: Lifehacker

Also be aware there are other browsers out there that vary in their security features (Opera, Comodo Dragon, Safari, etc) and this study was done on a Windows 7 PC. The browser versions tested were Firfox 5, IE9 and Chrome 12, the most recent versions when the study was performed back in July.

Monday, 12 December 2011

Wednesday, 30 November 2011


"...well, I don't think it is our responsibility".

I went to a student fault, all our kit was working, so started looking at the cabling.

A bit of background: some of our newest student accommodation is not owned by the University, but by an external company. The company owns the building and everything in it. They have told us they are responsible for anything physical in the buildings. The network settings is our responsibility; the sockets, wiring etc. is theirs.

Despite this, when a student gets in touch with them to report a problem (usually physical damage) it gets sent from them to us. As a favour (or just to get students working quicker - they can take weeks to fix a broken socket) we have been fixing broken sockets and damaged cables because it is easier than bounces emails and calls around the help desks. Also, when they do attempt to fix it we normally need to go back and fix it again as they are not too good at terminating sockets.

This fault in particular was showing a problem 6 meters from the room. Too close to be the cab. We traced the cable to a riser where, upon opening it, we discovered another socket for the room... that was dripping wet!

The contacts were going green they were that wet so it was obvious we had found the problem. I cleaned the contacts up with a screwdriver as a temporary fix for the student to get them working for now, then went to report it to the owners.

All we got from them was a load of drivel about how it's a network problem... and there is nothing they can do... and they don't think it is their responsibility. That it should be down to us to sort it out.

I am sorry?
Your building - physical? check
Your cabling - physical? check
Water leak - physical problem? check
Damaged socket - physical problem? check
Damaged cabling - physical problem? check

The university network is up and running, the problem is at their end. The students are paying their rent to a company for a service that the company does not deliver.

We should have just checked the switch was up and left it to them.

Except the student would be without a network connection, and we wouldn't do that to them.

Saturday, 12 November 2011

The weekend starts here

Finally done for the weekend.

Went in at 7am this Saturday morning to swap out all the 2950 switches and the 3550 aggregator to be replaced by PoE (Cisco 3750s) in Print and Design.

It was absolutely filthy down there in the basement, which the picture doesn't do justice.

The need for this to be done is due to the fact that the departments phones (and the fibre feed) come from an area that had now been condemned. As we can't currently get an more analogue or digital lines into the building, or make any changes from the PN, we have had to move them to IP telephony.

Configuring the new phones was not made any easier by somebody turning off the power to the building with the voice gateway in without informing IT.

We also found a table of graphic designers all getting their network connection from a mini hub hiden under the desk. So before they can all have an IP phone we need to put some some extra sockets in as power requirements of the phones means only one phone will work off one switch port, and for the time being the mini hub is fed from the phone.

The analogue lines for a credit card machine and fax is provided by an ATA.

The VLANs have been configured and the trunk from the hub. So, hopefully, when the power comes back on the phones will get their IP addresses and config files, and all will be working Monday morning...

Fingers crossed.

Apologies, the Blogger app on my phone does not seem to be allowing picture uploads. I will tweet a pic.

Thursday, 10 November 2011

The games I am looking forward to playing this Christmas

I know many of these will have been out for a while by the time I get to sit down to play them over my Christmas break, but with work, house and family stuff going on it may very well be my first opportunity.

The joys of being a responsible adult.

Well here is my list of what I am looking forward to:
1. Call Of Duty Modern Warfare 3 Obviously.
This is probably going to be one of the biggest selling games of all time, but which is better? COD MW3 or...

2. Battlefield 3
This will be my first time with Battlefield franchise but all indications suggest it is going to be a good 'un.

3. PES 2012
The differences in each yearly release, as well as the rising cost, has meant I only get a footie game every couple of years. Besides it takes about two years to unlock all the trophies if you are juggling it with a full time job.

I am looking forward to this one, the tricks are supposed to have been greatly improved as well as controlling the runs of other players. I just wish they had the proper licences, and I think I will be giving the manager game in PES a miss.

4. Driver: San Francisco
I remember playing the original on PS One and PC. After taking a downturn I have hopes this will put the series back on track. I would have preferred another Burnout game but that was not to be.

5. LA Noir
A bit of a cheat as I have already started playing it. Hopefully by Christmas I may have found the time to complete it and liked it enough to add some more cases via DLC.

6. Resistance 3
Resistance 1 and 2 were really enjoyable and hopefully this will continue into the third instalment. So far, so good, as they sent me a Sackboy Resistance 3 keyring :)

7. Batman: Arkham City
I was too dubious about superhero games to get the first one but I heard such good things about it Arkham City is making it onto the list.

8. F1 2011
Safety cars, KERS, moveable rear wing... ah yeah... Brum brum brummmmmmmmmmmmmm!

and the one I am most looking forward to:
Uncharted 3
Better than Indiana Jones and Tomb Raider put together.

Just hope I find the time.

Tuesday, 8 November 2011

Connected washing machines: Laziness or a service?

I have been up at the student villages yesterday and today patching connections for the laundrettes and setting VLAN's. The reason for these connections is so that students can log in from their rooms (or wherever) and see which (if any) washing machines and tumble dryers are available. They will also be able to see a progress bar that is full of red when a machine has just started a cycle but gradually decreases and gets lighter as the cycle progresses.

I guess one of the reasons is to prevent wasted trips to the laundry. Another may be to help justify the cost of university accommodation on top of the rise in tuition fees.

It was not an idea we came up with, it was put in motion by the accommodation services.

With tuition fees reaching £9000 a year (more for international students) I imagine the new students and their families will have less money available for the higher quality student accommodation and so there will also be less demand. Accommodation services must work hard to justify the prices (as the rest of the university needs to do with the tuition fees) and provide quality services to the students.

I have spoken before about how the students should also be getting wireless in their university accommodation for next year. They also, briefly, had a service for internet TV and gaming but it was causing problems on our network so had to be removed. I predict something similar may be in place again in the future.

I never imagined there would be internet connected washing machines and tumble dryers. I am sure there will be an iPhone app at some point.

Friday, 21 October 2011

Busy months for wireless

I have been in a meeting this morning about the future of the wireless network. Where we are going, what we are hoping to do, the problems associated with achieving this.

The first point mentioned was to be involved from the start in new projects to make sure all new builds and refurbishments include wireless in their plans. That way, a few months down the line, we are not hacking away at new walls and ceilings and trying to get all the necessary risk assessments done again, but the facilities and cable routes are there from the start. Especially as one of the first things departments ask for when they go in is 'can we have wireless?'

A bit of forward thinking, putting in more sockets than we currently need to provide the potential for growth. A few years ago nobody expected the wireless network to have the potential to soon become the preferred network, who knows what will be happening in a few more years?

One of the major discussion topics in the meeting was the plan for complete coverage of the student accommodation. With the rise in tuition fees it has become a priority of this university to make sure we try to provide value for money and improve a lot of the services we offer in time for the start of the 2012 term. We have also seen a lot of students arrive with wireless only devices this year, such as Macbook Air's and tablets.

We currently have over 500 wireless access points, but with the expansion in to student residences this is likely to go up to nearly 1800.

With the increase in wireless usage up four times from the same point last year (which I am sure once it is in the residences there will be iPod's, Xbox's, PS3's, Nintendo DS's and all sorts connecting will only get worse) we have been running out of IP addresses. We have increased the addresses in the subnet four times recently and we are already running at 91% utilisation again.

We have requested more IP addresses but this has been denied so we are going to be upsetting some departments while we, unfortunately, have some disruption as we hack at their subnets trying to get some address space back. As we do this though we may discover some problems with servers and software - something to think about. It may also be necessary to do this work when the university is closed. So anyone fancy working between Christmas and New Year?

There was some discussion about moving to IPv6 but there are still a lot of places on the web which people want to access that do not support it and a few devices around which are the same. There is options for public and private addressing, tunnelling and NAT, but our network manager seems to think there will then be a problem with finding people suspected of copyright, as we are required to act upon requests and complaints sent to us as part of our agreement with our network provider. I also think he is worried it could all go wrong as it involves a major change that has largely been untested on our network.

An option with regards addressing though was to move all printers and a lot of the staff to private addresses rather than having public addresses. Hopefully the staff won't be doing anything which would mean they would be needed to be tracked and if people want to print from home they can VPN in. Although anything to stop them printing is often seen as a good thing anyway... environment... green... and all that.

We have a few buildings that are now fully covered, and lists of lots more that could need doing. We have got the majority of teaching spaces and student areas covered. We also have started to test external wireless to cover beer-gardens, café's, benches and anywhere else a student (or member of staff?) might want to sit (when it is warm enough) and get some work done.

One of the considerations though is do we offer eduroam? Or do we direct them through a different service, maybe with speed restrictions and packet shaping?

We have just recently been swapping all our Cisco 1200's out for 1240's, so all our access points should be wireless n capable with 5 GHz antenna.

So the plans are: lots of surveys and tests, lots of installs, lots of changes to IP addressing and less than a year to get it done... on top of every other project and day to day job and fault that comes in.

At least it is interesting... well... to some people it is. Certainly better than some of the jobs that come through the helpdesk.

Tuesday, 11 October 2011

Android Security Products

I have just been reading a product review by av-comparatives of the paid-for security options for android devices. Interestingly it finds a lot of problems with the remote wiping facility on many of the applications. If you pay or have considered paying for security software on your android, or if you are just interested, you may want to take a look at the full review here:

AV Comparatives: Mobile Security Review (38 page PDF)

Wednesday, 5 October 2011

The end of my desktop?

I will probably be moving house soon and one of the things I have been thinking about is if I need my desktop PC.

I use my smartphone more than I do my desktop and more and more apps are coming out that are similar or identical to the software I have on my PC. A lot of my data is now backed up to the cloud and increasingly cheaper SD cards are getting to a size sufficient for all my music and pictures. So the question is do I spend £200-£400 on new furniture to accommodate my massive (and heavy) tower PC, 19" monitor, printer, keyboard, mouse and software library, or do I spend the same money on a tablet?


I suppose it is an advantage to be able to upgrade the components as you need to. On the other hand a new graphics card, memory, processor every few years can add up to the cost of a new tablet, if you include upgrading to USB 3 or Blu-ray or whatever the latest technology turns out to be.

The problem is you often need to upgrade your hardware if you are a Windows user to take advantage of the latest OS and games. Also there is the added cost of OS upgrades if you are running Windows or Mac, not a problem though if you run a free Linux distro (which I currently am not). The power required to run a desktop would also cost more.

An advantage would also be avoiding the constant update procedure to all your software, drivers and OS. Yes there are updates for tablets and their apps, but they are far less frequent and time-consuming to do.

Since our university has 'gone Google', as Google like to say, most things get opened in Google Docs automatically and I have had no problems reading, editing and creating documents from my android phone.

I have picture and video editing applications on there too, as well as media players and a few office tools. I can't currently think of any software I would miss. An advantage of an android tablet over an Apple would be the inclusion of Adobe applications like Flash to take full advantage the web.

Since my little one has come along gone are the days of 300+ hour Championship Manager careers and if I have the urge to shoot something there is always the console for that.

So far, most of the threats out there still seem to target PC's but we can expect a rise of tablet threats as they become more popular. There is security software arriving though from most of the big players including Lookout, Norton, BitDefender, McAfee, AVG, Kaspersky and Eset.

I would not be able to get rid of my work computer as I need things like serial connections for configuring switches and access points, but for home? I could probably get away with just setting up Google cloud print. Having a full size, hardware keyboard and mouse though does make things easier no matter how good on-screen keyboards are. Especially for complex editing and accurate design.

The main reason for keeping the desktop. I have a couple of hard drives in my PC and can add more if necessary. Storage, particularly for HDD's is extremely cheap and I already have well over a TB in my PC. One of the main considerations is can I do without all the local storage I currently have?

A tablet may only have 16GB, 32GB or 64GB but I will also have my online storage (Skydrive 25GB, Google 25GB, Dropbox 2GB, Evernote 60MB/month) available.

Portability and space
If I were to do away with the desktop then a bonus would be having another bedroom available, rather than it being used as a room to keep the computer in. Also the tablet would be light enough to carry anywhere but this also then creates the opportunity for it to get lost or damaged.

Faster boot times and applications on a tablet, what's not to like?

Overall I am struggling to find a reason to hold on to the desktop. I have an small attachment to it as I built it myself and I cannot imagine not having a PC. I also am not sure I won't miss those years and years of data I built up but the advantages of ditching the PC seem to outweigh the negatives. Time to look at the prices of honeycomb tablets...

Thursday, 8 September 2011

Star Wars is S**t

This post is not about education or IT but I felt it would be a reasonable forum to get something off my chest.

I loved Star Wars.

It was my favourite film (or series of films) as a kid. I must have rented The Return of The Jedi so many times. One of the best things about Christmas was one of the Star Wars films would be on TV. This was in a time before the internet, before video-on-demand and DVD boxsets. Before movie channels played films 24/7. Star Wars, Empire and Jedi were what we looked forward to.

Now I have a son of my own. I was looking forward to the day I would be able to show these to him. Although the originals, as I saw them, are now un-showable as we no longer have a VHS player and with every re-release and re-issue comes some more changes (Wiki Changes).

This I am in two minds about. On one hand, these films meant something to us, they were special the way they were, the constant fiddling renders each edition out of date as soon as you have watched it and what is with the crappy music and the Noooooooo and Gredo shooting first? -This school of thought has also been expressed in music here.

On the other hand these films belong to George Lucas so shouldn't he be able to do whatever he wants with them? Making them look less crappy on our HD televisions is a good thing right? Maybe one day he will decide to take the scissors (not literally, as it is all digital nowadays) to The Phantom Menace and with any luck edit out half of that rubbish.

No, the real thing that is annoying me with Star Wars, after going back and watching them now the whole 6-part saga is available, is how they don't make sense.

Lucas was supposed to have written the whole saga in 1975. If this is the case then how do you explain the following?:

1. Incest. You are not telling me during Empire he knew they were brother and sister and allowed THAT kiss. Which leads me to conclude he made it all up as he went along.

2. Nobody recognises C-3PO and R2D2. Come on, they are at every major event in the galaxy.

3. If Vader could sense Luke, why couldn't he sense Leia? The Force not work on chicks?

4. How can Leia remember her real mother when she died in child birth? Just ignore the facts and again make it up as we go along.

5. When would Luke's father have said he wanted him to have his lightsaber when he was old enough? I don't think Anakin and Obi-Wan kicked back and chatted much after Luke was born. Also affirming the view that Lucas was still making it up as he went along. I bet Lucas didn't even know at this point Anakin was Vader.

Watching them now, with older more cynical eyes, there are many instances where the plot continues to annoy me. I feel like kicking myself that I didn't notice/care the first five, ten or twenty viewings round. For instance:

1. Luke learns about the force and then (probably the same day) acts like it has been his religion all his life, scolding Han for not believing in something he found out about that morning (Family Guy pointed this out and now ruined this part for me).

2. Stormtroopers are supposed to be so precise yet can't hit a barn door when they are on screen.

2.b ...and don't check behind locked doors.

3. Chewbacca and Yoda know each other and are friends. Come on, how few individuals are there in this galaxy and why then couldn't Chewie explain everything to Luke?

4. Yoda and Obi-Wan insist Luke needs more training in Empire, but in Jedi when he comes back Yoda says 'no more training do you need'. Despite having no more training.

5. Kill her immediately obviously means a lot later when someone has managed to come and attempt a rescue.

6. Space is pretty big, why not go around the death star and run away instead of into a fleet of enemy ships? Or for that matter above or below the line of star destroyers?

7. Why, when there are so many robots and droids in existence, would you not shoot an escape pod because it had no life signs when you were looking for some stolen plans?

It is not just the originals, even though they are the ones which hurt the most. The newer prequels are also not imune to annoying me.

Besides the 'rubbish-ness' with the whole of Episode I, why does Padme fall out of a ship and roll around in agony, only a few seconds later to jump up and run off like nothing happened? Natalie Portman cannot be that bad an actress, she was nominated for an Oscar.

Why has being a Jedi changed from being a part of a religion (ancient so Han and the Empire dude says, despite the Jedi's being wiped out only about 20 years ago) to being infected with little magic creatures (midichlorians)?

It also turned out Yoda did not train Obi-Wan, despite what Obi-Wan said in Empire. Actually, there seems to be a few things we 'knew' because we were told in the original trilogy that were completely changed in the newer prequels. Like the point earlier about how Leia remembered her birth mother.

No, going back now I am more and more convinced most of the plot was made up as they went along and then later found parts of it didn't fit into what they wanted the story arc in the prequels to go like. I hope people can continue to get as much enjoyment out of it as I did as a kid, but come on Lucas! Brother and Sister snogging! You didn't know what was happening and you fluked it, didn't you?

Source: Moonfruit

Tuesday, 19 July 2011

Short notice (as usual)

People (users) have consistently underestimated what we do in an IT department throughout the various places I have worked. "I need some software on every computer for my lesson in 5 minutes" and "can we have some laptops getting in for this afternoon" were the sorts of requests I heard often.

Another such request happened this afternoon. There was an email exchange between one of my colleagues and a member of staff about getting some wireless installed for a conference of 40 people next week. I was told this afternoon that the conference would now take place tomorrow morning and everyone will need wireless access.

So that left me with just a few hours this afternoon to:

Configure a Power over Ethernet switch or arrange power into the rooms/ceiling voids.

Configure switches for trunking wireless VLAN traffic.

Configure Access Points and setup correct security and keys.

Setup on Cisco WCS.

Run cables into areas the access points where needed, possibly using temporary trunking or finding a way to keep the cables out of the way and using hazard tape/strips to prevent tripping.

Finding a way to fix the access points temporarily so as not to damage the facilities but also prevent them being damaged or stolen.

Test they work with 'guest' keys and cover areas required.

Not to mention all the other jobs that were in for this afternoon, and that, because of the short notice, I had to do it by myself.

... and then staff just assume you just plugged it in and it worked.

Thursday, 14 July 2011

Google Spreadsheets

We are currently in the process of moving over to Google Apps for Education. Today I used a rather awesome feature in Google Spreadsheets.

If you start filling in the spreadsheet with fields and then highlight what you have put in so far, press Ctrl and hold the bottom right corner, now expand the highlighted are as far as you want to go and it will auto-fill the rest of the rows or columns.

I tried it with prime ministers, football teams, cities and colours and it works really well.

Hopefully this tip could save you some time.

The rise and rise of the tablet

More and more staff are getting tablets for use at work. For that reason we have Blackberry Playbook on trial for testing.

I was playing with it this morning and was quite impressed. The swiping from off-screen (to access menus or home screen) takes a bit of getting used to but it seems to be a pretty decent device. It is quick and smooth and the menus fairly tidy. The camera was good and there was no problem getting it on our network. It is quite light but doesn't feel flimsy.

I downloaded the telnet client from the app world (Blackberry apps store) but it seems to work with Linux servers and not Cisco devices so it wouldn't be much use for us support staff.

Blooming iOS

It taunts me...

When I started my job I was told to get an iPhone for work as we had thousands of users with iOS and Apple devices and I should know how to troubleshoot and fix them. This I thought was brilliant... until I actually tried to use it.

This morning I was tweeted a link for an interesting article and what I got was the screen above. It even mocks Apple users by saying 'click here to see a wide array of the latest smartphones and tablets that do support Adobe's Flash Player'. This is probably what would stop me ever getting an iPad.

I hate iTunes, I hate the lack of Flash, I hate the way you currently have to do updates, I hate that lots of downloads don't work over 3G. I look forward to the improvements in iOS 5 and am thankful it is being released for the 3GS, but how will it run? My fear is slowly.

Tuesday, 5 July 2011

Missing phone...

I patched up a phone line for Chemistry this morning and being the thorough, conscientious employee I am I went to the room to make sure it was working before heading back off to the office.

This is what I found:

a very long LJU cable and following it, where does it go...

it disappears OUT THE WINDOW (along with some Cat5e).

After going down three floors and round the back of the building it seems to go into another room somewhere further along the building. Unfortunately all the other rooms it could go to were locked so it was not possible to test the handset or investigate the need for this type of cabling.

I will now try to find somebody and explain why it might be better to use a socket in the room or, if they are all in use, put in a new socket.

Thursday, 16 June 2011

Adventures in a fibre database

I seem to have a habit of walking into jobs where there has been little to no documentation left by the previous inhabitants of the posts. Currently I am getting to grips with the fibre records for our institution, some of which it appears have not been updated since 1996.

Originally I was very excited to be getting more responsibility, however that excitement quickly turned into a realisation as to why nobody else wanted to do it. There are approximately 460 fibre trays around campus (that there is a record of - more on this in a bit) and hardly any have an accurate record of what is connected to them or whether they work.

It started as part of our resilience project, testing what links were usable and which needed re-splicing or more fibre coming in. It soon became apparent that there were various 'issues' with the records that were being kept:

1. Some trays marked with department names (rather than address or building code), and the departments in question have not been housed in those buildings for years. So unless you have been here 10 or 20 years you could spend all day/week/month looking for a link that does not exist.

2. Some trays had no labels on at all. Again this involved relying on the knowledge of people who could remember them being installed.

3. Some trays have one building name, some have another and some have a third... all meaning the same place.

4. Trays that don't exist (or phantom trays). This could take two forms. A) We have a record of it existing and having links on but following those links leads to nothing at the other end. B) The tray exists but there is no record of it, where it goes, what it is used for.

5. A tray is full of links, all or most are not labelled, the database says they are all free.

6. The database says the tray is all used, but when finding the tray it is empty or nearly empty.

7. The tray is either all single-mode or all multi-mode or split between the two but this information is not accurate on the record kept.

I have tried to impress upon people in the team the value of keeping the documentation up to date but largely seems to have fallen on deaf ears. As I found out the other day when, as an attempt to provide two links to a computer room to be used for registration (very important, don't want more cock-ups like last year) led to a whole load of wasted time.

It didn't help that the room was one of the furthest away from our two 6509's, but according to our records there should have been a route and enough spare fibres to do it. It just involved a long walk around the city.

After configuring the port-channels, patching and labelling I managed to get from Router to tray1, to tray 2, to tray 3, to tray 4 and from RouterB to tray 1b, to tray 2b, to tray3b before I arrived at a bottleneck where there were not enough spare fibres to continue (despite them being free on our database). Also on the database somebody put in that the fibre is 12+12 (12 single-mode and 12 multi-mode fibres) without actually checking. So I patched all single-mode and get to a tray which only has multi-mode on it and was led to believe there were 24 connectors when there were 8 or 6.

This added to the fact that many areas now have asbestos issues so we cannot go to a cabinet to check feeds from trays. So when we are asked by people who want to use our fibre (CCTV for example) 'what pair is this?', 'is it multi-mode or single-mode?' and the records are not up to date (or just plane wrong) we may have to get risk assessments and asbestos specialists to go and have a look/patch for us.

As a result I have started putting the record numbers on the trays (a unique ID from the fibre database). This should make the records a lot easier to find, rather than having to know what a building or department was called in the late 1990's. As I have been going round I have been trying to trace all the fibre in use and update that information. I have also had a look for any problems or issues that have or may arise, such as full cabinets, faulty fibre or damage.

Hopefully this will eventually lead to less leg-work walking miles to get some basic information so more time can be spent fixing faults and answering the helpdesk calls.

Our campus is rather large and with hundreds of trays to do this could take some time.

Thursday, 9 June 2011

Blogger Mobile

Logging into Blogger I have noticed a new feature today, Mobile Template beta. By enabling this setting mobiles will get a mobile version rather than the full version when they navigate to your blog (by adding /?m=1 to the URL).

You can enable this by going to Settings > Email & Mobile. It is the new top setting. There is a preview available so you can see what the mobile template will look like. I have only just started playing with it but it seems the only widget you get is the 'about me' widget. So if, like me, you have widgets for Twitter feeds and links to other blogs then these do not display.

A while ago I made an app for this blog (Post here) to make my posts more easily readable on android devices. These new templates from Google have the advantage of being usable on all devices as well as needing no design flair or HTML knowledge.

Will you be applying them or do you prefer people to see the full web version of your blog?

Friday, 22 April 2011

Happy day off UK

What a lovely day for a bank holiday, just thought I would share a problem we have had with you in case you suffer it too.

If you use Supportworks for your helpdesk software you may have come across a problem recently. It is where you cannot write an email unless you switch from HTML to plain text, and even then if you are replying the body of the previous email is missing.

We noticed this happened after the huge amount of Windows updates lately and managed to pin it down to Internet Explorer 9. Removing IE9 fixes the problem and Hornbill say this problem will be fixed in the next release. Until then roll-back Internet Explorer and your problem will be fixed.

Also, in case you missed it, Linux is 20 this year (link), Firefox 5 is scheduled for 21st June, Firefox 6 is scheduled for 16th August (link) and Teachers TV is being got rid of by the Department For Education (link) on 29th April.

I don't always have the time just recently to write about all the IT news effecting the education sector, so keep up to date with my blog's Twitter feed here.

Thursday, 14 April 2011

Troubleshooting Windows 7 - Live Blog

This evening I will be attending a troubleshooting Windows 7 for advanced users seminar. I will post the interesting points and comments here and on the site twitter feed ( - sorry about the lack of hyperlinks but I am blogging from the Blogger appp for android which lacks some functionality).

*Excuse the writing too, it is going up at speed.

Just met a writer of Microsoft books, it is weird talking to people in real life that you follow on Twitter (even recognised him from his Twitter picture).

No Microsoft jackets or free copies this time, but FREE OFFICE PENS!

Cool, we get a free ebook too.

Started off talking about users. The problem steps recorder is a handy tool left over from the beta after the glowing reviews testers gave it (type psr into the search box). It takes screenshots of what the user does, annotates and provides system info that can all be saved in a file.

The system file checker is a handy tool but if you have installed a service pack sfc will not work with the original disc and you must slipstream the service pack using something like RTSe7enLite (

Talking about the bootrec command and the uses of BCDEdit (exporting and importing boot files) to fix a PC that won't boot.

Then went on to talk about driver problems. In device manager there is the option of going to view then show hidden devices as there are a lot of hidden drivers that could be causing problems.

In advanced boot options can disable auto restart on BSOD so you can see the error. 3 things useful to read on BSOD: the error name, stop error name and service/device name.

Power utilities: can attach tasks to events to create pop up alerts or send emails when a particular error occurs in event viewer.

WEVTUTIL: useful, can output system info as a file.

Talked a little about Windows 8. Could have a second ISO file when installing with WinPE to image an OS from inside the OS.

Then a discussion about manufacturers not shipping Windows discs with new computers/laptops and the problems it causes. One guy with Vista 'won' a copy of Windows 7.

Short but sweet, time to catch the train.

Tuesday, 5 April 2011

Grrrr 2 of the day - ISP's

ISP: We are upgrading customers to ADSL2+, if your exchange is enabled raise a ticket and will upgrade you for free.

Me: I see you are upgrading customers to ADSL2+, my exchange is already upgraded to 21CN and ADSL2+ can I be upgraded please? Thanks.

ISP Agent 1: Can't upgrade you to 21CN, kind regards.

Me: Sorry? Do you mean I will never be upgraded or just not in this current rollout?

ISP Agent 2: Sorry, the previous agent gave duff information you are already on ADSL2+. Please don't hesitate to get back in touch if you require further assistance.

Me: Thanks for getting back to me. I checked my router modulation and it is currently G.992.1 and I believe it should be G.992.5 for ADSL2+ and also the maximum line limit is 8mb rather than 20mb. Can you confirm the router modulation and any settings that may need to change to enable ADSL2+?

ISP Agent 3: I am afraid you have again been mis-informed. You are still on the up-to 8mb service. I will ask our provisioning team to place the order.

What is annoying is that most people would have given up or believed what they were told by the first or second helpdesk agent. It is only because I have some understanding of what I am doing that I bothered to log in to the router and check the settings and had some idea of what I was looking for. For the general ISP customer they would have believed what they were told by the 'experts' and stayed on the old service whilst paying top prices.

ComputerBites Android App

NOW AVAILABLE! An android application for my blog. You can download it by scanning the QR code below:

You may need to allow installs of non-android market apps by going into 'Settings' > 'Applications' > 'Unknown Sources'.

I made this app with Beta



Yesterday the asbestos team put a red sticker on our comms room door and changed the lock. Today the whole cabinet is off and unreachable. It could be the power, it could be the switch stack, we don't know and we cannot get access to the room to have a look.

Unfortunately this cabinet feeds nearly a whole building (last year C floor was refurbished and now goes to another cab). We tried to get access wearing an asbestos suit and accompanied by an asbestos expert but the contractors are refusing to go in as there has been no risk assessment and they do not have a pump to do an air test.

So it could be off for 2 days until the asbestos contractors can go in. This will have a serious impact on the teaching in this department.

While it is excellent news that something is finally being done about asbestos issues in our rooms it is proving to have a serious effect upon the services we provide. It is taking a fair amount of time to do moves and fix faults in these areas... and WE get the blame. We get told by one person that it is safe to go in and told by someone else that it is not. One person that you need a risk assessment and another that you do not. Also a 'green' area one day cab be a 'red' area the next. What a mess!

Friday, 1 April 2011

A round-up of the week...

I have been on a course this week so not much work stuff to talk about. However, there has been a few tech stories around this week so, in case you missed any, here is a quick round-up:

Microsoft Windows 8 not as far away as you may think? Link

Google gets up to more April Fools tricks. Link

Amazon launches free 5GB cloud storage service. Link

Firefox 4 was launched, and was quite popular. Link

The UK sees PlayStation games arrive in the android market. Link

The BBC website went down. Link

The clocks changed on Sunday (here in UK) and a few iPhones had problems. Link

There was a major BT broadband problem that had a knock on affect to other ISP's too. Link

Microsoft Vs Google. Fight! Link

and finally...
This blog has a Twitter feed (link), and hopefully soon its own android app courtesy of

Friday, 18 March 2011

New WISM blades

As previously mentioned here we have a fair bit of wireless work to do. I have been carrying out some surveys this week to install some new access points (Cisco 1140's) and upgrade some of the older 1200's to 1240's.

To get all these new access points in place though we have had to purchase some new WiSM blades as we were going to reach capacity. We had 2 physical blades divided into 4 virtual WiSM's split across two sites for resilience (one link goes down, traffic gets routed the other way). Now we have 4 blades and 8 virtual WiSM's which should leave us plenty of room for adding more wireless access points.

We currently have nearly 500 in service with many more to come. Eventually it looks like the student residences will be covered (which will be hundreds of AP's) as well as most communal spaces. We have been surveying for around an additional 40 for departments. Once they found out there were 'free' access points available the requests came pouring in.

Fibres... again

I have been surveying and patching up some fibres this morning in order to dual-feed our cabinets from the VSS (Cisco 6509) rather than from individual hubs (Cisco 3750-G) around campus. We have two VSS feeds from two server centres so if one route goes down the traffic routes the other way and nobody notices (in theory).

A few trays I have come across only have the multi-mode fibre terminated so I will have to terminate the single-mode to have enough fibres to dual feed all the cabs (40 or 50... to begin with).

This morning, however, I came across a tray that only had four multi-mode and 4 single-mode terminated. We need 8 fibres and would prefer not to have to use mode-conditioning leads. Also it would be nice to be able to patch up from the VSS, keeping the aggregation link from the hub connected until early one morning when we just swap the link therefore having minimal downtime.

So I opened up the tray and to my horror found the other tubes were empty. The fibre coming in is only a 4+4! I guess this tray was put in about 15 years ago when fibre prices were a lot higher per meter and nobody saw the need to have more than 8 cores.

So some 'bodging' will be needed until we can get some more fibre pulled through.

It also looks like we will need about four or five 24 cores putting in for other cabs which we have not started yet. Probably looking at around £70K+.

So, in summary, plan for the future, your network will probably grow many times over the size it is now.

Friday, 25 February 2011

Spiceworks for iPhone

I was a big fan of Spiceworks in the school I used to work at, especially its ability to map and inventory your network. It made it a wonderful piece of helpdesk software which had the added bonus of being free.

Currently we pay for the Supportworks software from Hornbill, but for those of you who use Spiceworks, and I know there are one or two that read this blog, you may be interested to know there is now a free iPhone app for it (iTunes link here).

From your iPhone you can manage, respond and create tickets, view hardware and software, access user details and get involved in discussions with other Spiceworks users.

Please note this requires iOS4.

Wednesday, 23 February 2011

Annual Report - Facts & Figures

A few facts & figures from our departments recently published annual report:

• 7,436,869 pages printed out by students
• 43.9 million email messages sent, of which:
• 2.6 million delivered
• 94.1% rejected as spam
• 10,000 telephone extensions
• 6,000 voicemail accounts
• 850 mobile telephones provided by the University
• 48,641 phone calls, emails and visits to helpdesk, IT Centres, the workshop and networking staff in 2010
• 23,422 phone enquiries handled at the helpdesk
• 17,982 email responses sent from helpdesk
• 450 knowledgebase articles written
• 3487 knowledgebase searches
• 412 queries logged through self-service
• 1177 Instant Message and Remote Assistance sessions
• 39,000 hits to service status page in one day during email outage
• 743 followers on Twitter
• over 1,500 outlets added to the network this year (5% increase in size of network on last year)
• 390 wireless access points around campus (30% increase on last year)
• 2,000 wireless devices connected at peak time
• 1 Gb/s dedicated internet connection for grid computing and scientific computing
• Iceberg processor cores: 568*
• Iceberg performance : 435GFLOPs*
• Iceberg total main memory: 2.296TB*
• Iceberg filestore: 8 TB*
• Iceberg temporary disk space: 18TB*
• Iceberg power consumption: 36KW*

*iceberg is the name of the Linux based High Performance Computing Cluster at the University. Its mission is to meet the intensive computing requirements of research projects and provide 'cloud computing' capabilities within the campus.

Just a few things I thought was interesting, see how it compares to other educational institutions.

Windows 7 Service Pack 1 out today

Service Pack 1 for Windows 7 and Server 2008 R2 has been released a few hours ago. Details at the Microsoft Download Centre here.

So for those of you in schools and educational institutions, get planing your updates (at least it is half-term for many schools this week - hope you didn't do any images in the last couple of days). If you use WSUS or just group policy without a WSUS, or even just let users manage their own updates then you will need to be aware of this as it could have implications on your lessons (for example, if it is set to install automatically then you may find your users miss half the first lesson back after half term).

Tuesday, 15 February 2011

I needed cheering up

I am back at work today, still feeling terrible. After having only one day off sick in nearly 5 years, since starting my new job I have been off almost every week just recently which doesn't look good when there is a promotion opportunity arising soon.

Still everyone has been really good about it and when I have come in I have been told to go home (probably so they don't get infected).

Still I needed cheering up, so I got a new mouse. Sad I know! But just look at it!
My dream car, an Aston Martin DBS. And look the headlights work:
And the tail lights:

It keeps me amused a little while and even has a scroll wheel in the bonnet.

Don't judge me.

Wednesday, 9 February 2011

IPT roll-out continues

We are continuing to roll out IP telephony to departments and one of the teaching hospitals will be set-up tomorrow (82 handsets).

We had to do a bit of prep work and change all the switches in the building over to Cisco 3750 POE switches to power the phones. Also setting up the voice VLANs to function across there and a few other 'fiddly' bits we discovered while setting up.

The 'fiddly' bits included the hospital emergency phone number being the start of a range of our numbers which caused a few head scratches, as well as the fact that, as the phones will be on the university network, they will be barred from calling the hospital number.

In the case of the emergency phone, the problem was that if the emergency number was 1111 and we had 5 digit extensions from 11110 through to 11119 then university personnel would be ringing the emergeny number by mistake.

To solve this we changed the Dial Plan to allow the four digit emergency number as an extension on our servers. Dialing this will point to a vector. This vector looks at the ANI (calling digits) and routes the call based on those. If the calling number is specified in a Vector Routing Table (which we put the new extensions in) then it will route to the Hospitals Control Centre DDI. If the ANI is not in the vector table then it will just play a message along the lines of 'This number is not valid' and hang up. Also, obviously, we had to reserve and not use the ten numbers in that range.

In the long term using IPT will not only provide many more features for the users but also make things easier for us. Every time someone moves their office around or swaps desks we will not have to go out to the building and re-patch from an EPN wiring frame, to a cabinet and to a socket. With their IP phones they can just plug in to any network socket and login and out of the phone as they wish.

The only existing wiring we will have to keep for now is the analogue lines for faxes and franking machines. But these do not move around so much.

Thursday, 3 February 2011

Another reason I dislike Apple

Added to the previous problem of Apple devices and our wireless network which I wrote about here, we have now discovered a new problem.

First a bit of background. We run two wireless network in our institution, Eduroam and Guest. Eduroam connects to the university network and allows access to you documents and the servers and connects to the internet on janet, the UK educational network. Guest is used for those occasions when you do not want people on your network. It might be a private company renting a building (therefore not allowed to use eduroam), some visitors holding a conference or some contractors installing CCTV who want to download some updates and drivers, for example. Where Eduroam accesses the internet using janet, Guest uses a Virgin Media service.

I can switch between the two networks on my laptop, I can switch between the two on my android. However, I had a manager come over with his iPad yesterday and said he couldn't connect to Guest. He was getting an invalid password, even though I knew it was correct as I had changed it myself. I tried on my iPhone 3, I couldn't either. Someone tried on their iPhone 4, they couldn't either.

For whatever reason, you have to forget the Eduroam network (and therefore loose all your settings) before you can connect to Guest. Iit is not an invalid password issue because Apple devices that have never connected to Eduroam can connect to Guest.

We have reasons when we need to switch between the two, like when only one of the services is available or if on the rare occasion a service may be full of connected users. This just makes things more difficult.

Wednesday, 2 February 2011

Busy wireless times ahead

After the £2.9billion in budget cuts there has been some discussion on the way to proceed. There are still difficult decisions ahead for some departments, but the university as a whole is starting a project that aims to give students value for money when the tuition fees rise.

There was a meeting the other day that suggested quite strongly there will be another £250,000 for wireless installations this year. Added to this is the fact that the teaching hospitals want to do a joint project where all the hospitals in the area are completely covered with wireless.

The aim of the project is to say to students, if you are having to pay £9,000 a year in tuition fees then this is what you get...

There is talk of the funding being extended to £250,000 every year! Although before we get carried away there is plenty of discussion to be had before then. It is the thought of some of the 'high-ups' to make it so the whole university is covered by wireless. I blame all the directors who now have their shiny new iPads to play with wherever they go :)

It seems a few departments are trying to spend their way out of trouble, by expanding and getting better at what they do. Another good thing is this wireless project will not come out of our IT support budget but the university project budget.

Anyway, tuition fess rise in 2012 so there is some planning to do before then and a lot of switches to upgrade, servers to setup and VLANs and IP addressing to sort out. Surveying the buildings starts soon.

Tuesday, 1 February 2011

Good News Android Fans...

Sony has announced that from android 2.3 (the next update, currently on 2.2) Sony Playstation content will be available on android devices. Planned to be released this calendar year.

I have already installed the Playstation app on my android for checking friends' status and trophies but not too far away will be PSP and PSone games to play on tablets and smartphones. There will also be a Playstation store, so I am guessing you will be able to buy games, movies, music, wallpaper and so on using your phone.

Useful tools - Freemake

I would just like to sing the praises of some software I recently discovered.

Many times I have had a teacher (or student) rush in with a phone, a camera, a CD, and so on, and say "I need this [media] on for my lesson" only to give you no time at all to do it.

Freemake produce two pieces of software you may find useful Free Video Downloader and Free Video Converter. I have been a big fan of Handbrake in the past for converting and firefox plugins for downloading, but in my opinion these do the jobs better and faster.

Using the converter I was very impressed by the conversion times and I would also recommend these for home use since Handbrake has done away with the support for PSP, PS3 and Xbox conversion. The software boasts over 200 input formats and can output to android, PS3, iPad, iPhone, Blackberry, basically any output format you can think of and also includes burning to DVD or Blu-ray.

I love the simplicity of the menus and the drop down boxes make converting much simpler than it is on Handbrake. Select Sony for example and a drop down box appears that says PSP, PS3 720P, PS3 1080P. If you select android it asks you what size your screen is and you are away.

I can't name all the list of output formats because there are too many, I'll just tell you that you can also upload to Youtube, can split videos up and insert them into playlists which may be useful for some of you but it is a feature I have not yet tried.

The downloader supports over 40 sites, although some are US only. Again the speed when compared to similar programs and plugins seems to be excellent. As a bonus the downloader also converts videos to MP3s.

And, of course, they are free.

Students are back

So the students were back last week. How can we tell? Our internet traffic got extremely busy (see graphs below), we even got a few complaints, something I have not known since starting here (apart from the students who wanted to use P2P).

Almost hitting our limit everyday
Saturated from 10.30AM to 10PM
I am guessing part of the problem is a lot of students have exams, so with no lessons on students are surfing, gaming and streaming all day long.

We have 2 x 1GB links to the regional broadband but one of those is reserved (as it is paid for from the department) for HPC (High Performance Computing) so we can't divert traffic down that link when we are busy.

Although the graphs don't show us actually hitting our 1GB limit the problems occur because we have two links and two firewalls for load balancing and resilience. The switches look at the IP addresses and send even numbers down one path and odd down the other (if one route failed all traffic would go the same way). Now when you have more even than odd addresses, or vice versa, the link for those can become full. Changing the IP address of those experiencing problems by one will temporarily fix it, but you can imagine having to do that for hundreds of users is not practical.

In the long term it is hoped to get a 10GB link to the region but this is something other institutions are dragging their feet over. For now we are looking at new traffic shaping software that is more effective than what we have got.

As with every educational institution the problem is having to get quotes, putting it out to tender and getting a board to sign off on it. Not a quick fix.