Writes of passage

I hate documentation.

Spent nearly the whole day today trying to sort out documentation for a work project.  Since I tend to get so easily distracted in the office, I thought I'd try to work at home.  It all started OK, got some spreadsheet updates done in between the early morning email pleas for help, then after a short break for a site visit to fix a printer (which was a saga in its own right and took way longer than it should have), it started going downhill.

On reflection, I think this because things were too quiet.  When there's no interruptions or jobs to persuade me to get up and stretch my legs, the adrenaline levels drop to a point where continued concentration becomes untenable.  It's not uncommon to stare at a word or paragraph and feel convinced that it's wrong - yet be unable to find anything to change.  The linguistic skills (poor though they are to start with) desert me, and it's a downward cycle from there on.  Because I'm working at home, I refuse to indulge in those odd sidetrack opportunities that crop up in a normal day (usually technical or gadget queries that just have to be answered); it just doesn't seem right to get diverted that way when I'm on my honour to work the full day.

As we reach the end of the day, I can look back and say that I've done what I set out to do.  There are some areas in the documents that will require further work, but that's mainly because I don't have the info immediately to hand - for instance, I'm not sure exactly where one of the telephone points terminates, so will have to get visual confirmation of that.  Other areas now need input from other people, and I'm going to have to bargain to get that done.

However, it will be a while before I want to try this again.  No matter how stressed the daily panic makes me, I think it's preferable to the frustration of looking at a page and thinking "Just what am I going to do with this"?

Worthwhile cause

For anyone who happens to pass by this site, you might like to consider helping a worthy cause:

http://www.raceforlifesponsorme.org/joycemurray

 

Joyce is taking part in the annual Race For Life, to raise funds for cancer research, this page gives you the chance to help.  Any and all donations will be welcome.

Long time no see

Ten days without an update?  Don't want to slip back into the bad old ways.

It certainly hasn't been a quiet ten days - as well as changing my home broadband connection, we've gone through the pain of a new ISP at work as well.  That didn't go as smoothly as I'd have liked, despite setting up as much as I could beforehand.  Various links broke, and we were only able to reconnect to some sites by dint of efforts from all sides.

However, the update did fix the bits that I wanted to get done.  Apart from yielding a markedly quicker connection - at the cost of ensuring the large downloads get done out of office hours - it also meant the return of encrypted packets.  All the VPN and secure links started working again, proving beyond reasonable doubt that the cause of our previous issues lay with Eclipse.

We did see a few hiccups, where unrelated problems were interpreted as being down to the network change, but that's par for the course.  Basically, I'm happy with the outcome.  The firewall configuration file is a lot smaller, we know that things will work without some of the more complex and probably completely unnecessary workarounds that had been included: this means I can have more confidence in changes and managing the system,  We will also be able to play with multiple incoming secure connections - not being restricted to a single IP address any longer, I can start to use L2TP for the RAS connections, making everyone happier.  Did I say something about the firewall being simpler?  Ah well, can't have everything.

Rant of the day

It is getting a bit like that, isn't it?

Today's target, for once, is Microsoft.  Or maybe Ahead's Nero.  Or just possibly nVidia.

Today's problem, however, is clearcut enough - Vista loses the ability to open the control panel, run standard applications such as telnet, and change the screen properties.  Kind of like an unlicensed version... which should really have led me to the solution a lot faster than was the case.

I depend on telnet - nearly as much as I used to need serial connections.  Telnet is the toolkit that accesses nigh on any network component worth its salt.  So when I type the command in, I expect to see a nice 'telnet' prompt.  Not another C:/>

OK, to control panel to check I have got the components installed.  No control panel - beyond a fraction of a second's glimpse of something that might or might not have been an opening window.  Select from the Start menu?  Not a chance - 'Empty'.  Now I'm approaching panic, a situation that doesn't get any better when direct application to the .cpl files also fails, various other tools either fail catastrophically or simply hide under the sheets until the problems gone away (Sysinternal's RootkitRevealer - yes, I said I was panicking - displays in some hidden mode that needed several CTL-ALT-DELs to get at).

Google once again to the rescue.  After a brief false start getting drawn into a discussion about the merits or otherwise of nVidia drivers, which were suggested as the cause, I finally found it.  The Software Licensing service - restart it and lo and behold, functionality returns.

This is where the story gets ugly.  Further references indicate the problem may lie in the Nero InCD service, which upsets something when there's no CD in the drive; for the first time since the box was built, my CD drive was empty today.  There is a hotfix somewhere: start at http://support.microsoft.com/kb/936686/en-us and follow the sordid tale.

So let this be a warning - don't use unlicensed copies of Vista, the functionality is appalling.  In fact, I'm starting to think that using any version of Vista comes under the heading of 'a bad idea', but it's something that we have to do to clear up the problems before everyone else wants a copy.

Now how much do I charge Microsoft for my work as a beta tester?

Why I hate Vista (almost)

Repeat after me:

netsh interface tcp set global autotuning=disabled

netsh interface tcp set global autotuning=disabled

netsh interface tcp set global autotuning=disabled

...until Vista gets it right.

The symptom: a Vista PC can't make network connections, copy files efficiently or simply run normal applications.  I got caught out with Firefox previously, and now with Live Messenger.

The cause: a change in the way Vista handles network packets, and an inability of certain routers to cope with it. Receive Window Auto-Tuning allows Vista to change the size of packets it sends, according to the network capacity and performance.  Only trouble is not all routers support this behaviour properly, particularly ones with a stateful firewall (listening, Cisco?).  Of course, it worked flawlessly with my Cisco 837, and so I forgot about it - until Messenger started failing after I began to use the Netgear yesterday.  I didn't think about this, blaming everything on the router, until I realised that the other PC here (which runs XP) has continued to work just fine.  OK, what's specific to Vista?  The window tuning...

I'm really not sure whether or not this is allowed behaviour.  For some reason, I seem to recall a RFC specifically authorising this sort of trick, but it escapes me now (comments, please).  Since everything worked fine with XP, I'll blame the OS for now and suggest that this default behaviour be amended to work with the rest of the world.  So far, from what I remember, only Internet Explorer is specifically configured to take proper advantage of the change.

So now I have to backtrack, removing all the diagnostic firewall entries and other dross, until I have once again reduced things to the minimum and regained the scintillating (for me - don't forget, I've been used to what seems like a 128 kbit/s connection) performance.

I'm back...

But only just.

Eclipse, bless their little cotton socks, decided to terminate my DSL connection with extreme prejudice, but unfortunately without any notice.  Half past ten last night, the lights went out on the modem.  It took me a couple of minutes to figure out what had happened, because the Cisco box still showed an active DSL connection, but no login and no data.

No matter, I thought O2 would come through, and they did - at 9.30 this morning, I got a text saying my line was live.

Rush back, plug the new wireless box in, go through the start up - and no phone connection.  After the sulks and tantrums passed, I got on to the O2 support line: full marks, guys - an 0800 number and nigh on instant connection, knowledgeable, polite and helpful support staff, passed me to second line without demur - and we agreed the router was faulty.

No matter, thinks I - I have a DG834 sitting upstairs.  Maybe I won't get the full benefit of a NTE5 connection and wireless networking, but I should be able to get something working.

The DG834 got a 4000+ kbps link, and could send packets, but nothing came back down the line.  This time, I didn't throw anything against the wall, but called O2 support again.  Again, kudos to them - they took the fact that I was using an unsupported router without a murmur, worked through as many possibilities as they could come up with, but to no avail.  Since neither they nor I know anything worth knowing about this router, and since I couldn't get at t'Internets to find owt out, we were at an impasse and I resigned myself to waiting for the replacement router to arrive.  Nearly ninety minutes on the phone and no connection.

Five minutes later - a DNS query worked, and it all came to life.  Don't ask - I don't know.  We'd been through every variant of the settings possible, and nothing had worked before.  However, something must have clicked and I now have a nice, fairly stable (SNR permitting) connection.  Hard-wired maybe, but at least it works and I'm no longer isolated, lonely and cut off from what passes for civilisation nowadays.

It's just not cricket

Just to prove there's more to life than sitting at a keyboard, I went on to a rugby match today.  My son-in-law, Alan, is a keen Leicester Tigers supporter, and they were drawn in the Heineken Cup against Edinburgh Rugby.  We went to see today's match at Murrayfield stadium, accompanied by my five year old grandson, Rian.

The match wasn't one to set the pitch on fire.  In fact, had it been, we might all have been somewhat warmer.  We should have known when we had to break the ice off the seats before sitting down.  I don't think Rian has ever been so cold - he ended up wrapped in double socks, hats, scarf, gloves with heating pads and still looked frozen.

In front of a definitely unpacked stadium, the Tigers lost.  I reckon this was all down to missing support from Rian and Alan - each time they left their seats to get a drink (or simply to warm up), Edinburgh scored a try and conversion.  Leicester's penalty kicks just weren't enough to win.

In truth, the better team won, but it would have been difficult to congratulate either.  Perhaps it was the cold - there were certainly enough slips on the pitch, and falling on ground that hard couldn't have been easy to do without hesitation - but there just seemed to be too many mistakes and no flow in the play at all.

However, it's reminded me why I used to go to watch Bradford matches in my earlier days - when it can get even a totally uncommitted spectator like me shouting enough to be hoarse, there has to be some fun.

If only they played in the summer.  I can't see getting quite as worked up over cricket.

Just to be fair...

Using a variety of tools, and eventually resorting to the event log (which, with hindsight, would have been a very good place to start), I tracked down the virus reports - they referred to a very old read-only archive of emails (pre-2004) that originally resided on the server (hence no previous record of infection), an archive that included some interesting emails received during my tenure as security manager (Data Integrity Manager, even!) at a prior employer.  We were being subjected to a very amateur pen test, and one of the methods used was to send in keylogger software in the guise of an 'important security update from the CIO'.

Needless to say, this failed on several counts: no way was I going to let executables in via email, the AV scanner picked it up anyway, the source address was so obviously false, and I hope I'd educated everyone enough so they wouldn't run executables (though that latter is always questionable).

Anyway, I should give OneCare full marks for finding this stuff, long after I'd forgotten it.  But I won't, because of the travails I had to go through to  actually identify the problem files.

Live OneCare

Continuing the foray into uncharted territory, I decided that I'd make a break from Symantec's increasingly intrusive antivirus solutions and set up a trial of Live OneCare, Microsoft's all in one AV/firewall/tuning solution.  I know it doesn't have the greatest reputation out there, but I thought I'd see what it did.

Now, I can't remember the last time I picked up a virus on my system - so either Symantec got compromised a long time ago, or I've been lucky/careful (strike out as appropriate).  Since building the new system, neither my incoming email nor browsing habits have changed markedly.

However, the first full pass of OneCare identified not one, but two infections - and wasn't able to quarantine either.  Nor was it able to give me any good details about the files involved.  I like my AV programs to put big popup windows on the screen, the sort of thing that screams at you so even the least involved user has to recognise that there's an issue here,and has enough information to make a sensible report to the support team.

Trojan/Format.CY was the easier to define - depending on who you believe, there's either an 18 byte bat file that will wipe your C drive, or a somewhat larger exe with an instantly recognisable and unique name.  Despite full disk searches, neither variant turned up on the PC.  I don't think this one is stealthy enough to evade the kind of checks I made.

The other bit of malware was supposed to be a worm, W32/Frethem-L.  This is carried by an email with a password recovery program.  Now I may look stupid, but never ever have I opened an executable from an email.  It simply isn't going to happen.

So why did OneCare create these reports?  I have no idea - the application itself is of no real help, especially if it refuses to tell me why it couldn't quarantine the files (probably because they were never there in the first place?).  Searches for similar reports don't seem to have turned up any answers.  I'll keep looking, and run further checks across the whole PC (an operation that seems to take far too long, given the performance of this system overall), but I suspect OneCare has a very short life expectancy on this box.

The game's afoot

Moving on, as promised we now turn to the Internet connection.

You'd have thought, living in an urban environment, especially (though I say it myself) the posh part of town, that the broadband provision would be good.

Far from it.  It seems that we live so far from the exchange that the best I can expect on an ADSLMax connection is 1 Mbit/s.

This isn't good enough.  I want more.  So I've taken the plunge and accepted a 12 month LLU ADSL2+ contract with O2.  We're not out of the woods yet - the best I can expect from them is a 8 Mbit/s connection, and they're extremely cagey about whether we'll reach that.  I suspect it will come in somewhere between 3 and 5 Mbit/s, which is still an improvement on 1 Mbit/s I suppose.

The nice bit is the price - given the discount for being a monthly O2 phone subscriber, this starts at £7.50 per month, with an additional £4.99 for the static IP address.  Now the server and Exchange is no more, this isn't strictly necessary, but I like to know where I am.

Eclipse did come back with the MAC, just inside the five day period, so I can't complain there.  Since I've already used it,. I don't think I'll be hearing any more from them, but I must remember to make sure the payment is cancelled.  I've heard nasty rumours about how they go on extracting funds despite no longer providing a service, and I'll work with them to make sure it doesn't happen this time.

Next stage

Having got the PC built (though not registered yet - still unsure whether to rebuild without the RAID1 in place), the next step would be to swap my ISP connection.  I'm getting a bit tired of slow and occasionally unreliable connections, but the real deal-breaker is the insistence on port throttling.  I've paid for a connection, not for whatever the ISP thinks it's reasonable to pass.  I've also had support telling me that they didn't throttle anything, when it was quite evident that they did.  Mistakes are one thing, out and out lies are another.

Hence the search.  ADSL2+ probably isn't a starter, given the location here: the best I would get on MAX is only 2 Mb/s, so there's little point in going for 24 Mb/s given the other restrictions that are in place from O2 or Be (don't even think of suggesting Sky!).

Requirements include a fixed IP, relatively high limits (been known to move >60 Gb per month on my current 1 Mb/s line) and NO BANDWITH MANAGEMENT.  Hear that, Eclipse?