On Monday and Tuesday of this week I was privilege to spend some time in Baltimore Maryland at the downtown location of EdgeWeb Hosting (EWH) - a hosting and data center services company owned and managed by Vlad Friedman. EWH specializes in ColdFusion hosting (although they have many other services by now). I've known Vlad for years through some mutual customers and through an email list on which we are both active participants, but I had never met him in person. Since I was doing some "emergency consulting" for a mutual customer I needed spend a day or two on site at EWH. Vlad was kind enough to show me around his data center and give me the "inside scoop" on the data center business.
The EdgeWeb data center is in a massive facility in the heart of Baltimore. EWH has redundant everything - including redundant power from separate substations, 4 way redundant UPS, and impressive cooling. The entire infrastructure has been recently designed from the ground up with the care and planning of a master craftsman. Vlad is understandably proud of the center and the staff he has assembled. I don't remember all the things he showed me but his networking topology uses the latest and greatest adaptive routing and his security setup (intrusion detection, audit control and the like) is state-of-the-art. I have visited a fair number of data centers but I was really impressed.
I was able to meet some of the EWH staff as well. His DBA and I spent some time gabbing about the differences between MSSQL 05 and MSSQL 08. His operations director is one of those IT pros who know exactly the questions that need asking. But I already knew that EWH has good staff. We have worked with his hosting support staff for years. We have a number of high profile customers hosted at EWH and we have always given the support staff high marks for their knowledge, practical know-how and alacrity. There is a reason they are often voted best in class for hosting and data center services.
On Tuesday evening Vlad took me to G & M restaurant for the best crab cakes I've ever had (and I am a crab cake lover). We had a great time telling our stories and filling up on crab and shrimp cocktail. As I told Vlad, it was the best meal I've had in many months - and of course a geek like the Muse thrives on conversations about hacking, retro computers, security vulnerabilities, and the business of IT. As is often the case when I meet someone who has built a thriving business I was able to glean many pearls of practical wisdom and advice that I hope will serve me well.
So here's a big thanks to Vlad and to EWH as well as a hearty recommendation. I hope they have a long run at the top of the hosting food chain.
This post is about the ins and outs of moving from XP Pro 32 bit to Windows 7 64 Bit. I just completed such a move and I have some tips for you that might save you hours of frustration. But before we begin let's get a couple things straight. First, this is not a post about the assets or shortcomings of Microsoft or it's products. Nor is this a forum for you Apple users to tell us all how superior you are because your box is shinier than ours. I actually love Apple products, but Apple users have been known to turn red and swell up like giant angry strawberries if you say anything positive about Microsoft. So if you are one of those folks who is going to have a stroke reading about someone actually choosing a Microsoft product, please stop reading now - or at least have emergency personnel standing by. On a side note, my next hardware project is building an Apple from an Intel box and off the shelf parts - same OS, less than half the cost. I'll write an article on that and hopefully sooth my Apple readers ruffled feathers (it probably won't be shiny though).
Meanwhile, let me first say that I was sad to see my XP pro box go. A computer is more than an OS to those of us in IT. We spend a lot of time and effort making it do things that "regular users" don't have to think about. My desktop XP Pro PC had more than 100 programs installed on it. Many of them I used regularly. I fully expected to have to reinstall numerous programs to insure full functionality. I also expected to have to abandon some items that would no longer work in my new environment. A year and a half ago I moved from one XP box to another using LapLink's PC Mover and it worked splendidly. This time, however, I was nervous about using PC Mover for 3 reasons:
Among the things that can befuddle even experienced developers, domain resolution ranks up at the top. Usually this is because we don't spend a lot of time worrying about resolution on our desktop or laptop or Iphone. DNS is an extremely mature technology and for the most part it just works with few issues. When it comes to a server however, there are several things that can trip up resolution. Without an understanding of exactly what is going on under the hood, you will find yourself destroying yet another keyboard with the ball of your fist as you shout "why won't you just work!"
Domain resolution comes into play on most ColdFusion applications, even if you don't think so. Among other things, resolution is important for:
I confess I can't live without RDP (Remote Desktop Protocol). Coupled with a VPN it is an effective way to work from home on my high powered office workstation. In fact, on a recent road trip to St. Louis while my wife was driving, I used my Verizon Blackberry tethered to a laptop to connect to my VPN and RDP to my desktop at work. I managed to handle email and write most of an 8 page document. Such things were not even possible 3 or 4 years ago. Telling this to my mom and dad makes them think I'm Captain Kirk (I keep telling them that Picard is better - Kirk's screens and dials were all analog). I prefer RDP to everything else I've tried - including log me in, go to my pc, pcanywhere and VNC.
Anyway, Nicole (our creative director) and I had a similar problem. Her RDP stopped working completely after a windows update. For her, the login screen would not even appear - and no error either. It would just return to the host name box immediately. For me the login would appear and I enter my password to login - but then the process would lock up and I would have to wait a few minutes for the whole thing to time out without ever successfully getting in.
Googling around I found that a lot of folks had problems like this and their solutions seem to focus on display drivers (NVidia in particular). I have a 3 monitor setup and I use 2 NVidia cards - so this seemed likely to me. Checking with Nicole she too was using Nvidia drivers. To fix it, she downgraded her recent drivers one version. I took the opposite approach and simply "upgraded" my drivers to the next version - and that solved my issue.
When you think about it I suppose it makes sense that display drivers can cause RDP issues - since RDP renders the desktop for you. But it was not something on my radar. Now I have something to look for if it happens again.
We had a ticklish issue arise with a customers recently. We host an application for them that allows them to upload files. As they began to use the application more heavily they noticed that file uploads above a certain size were failing. The size was fairly modest. Uploads sized between 1 and 4 megs were simply timing out. We eventually came up with a solution, but not before some head scratching. Here is the play-by-play.Read More
When I arrived at work this morning I found more than 280 spam links posted as comments to various entries on my blog. They were all for certain articles of clothing which shall remain nameless (but some of them are made for walking). Now occasionally, about 3 or 4 times a week, I'll see a single spammy comment posted and I just kill it - cased closed. The Captcha keeps out most automated spam, so I figure any spam I get is individuals paid to labouriously post links. This seemed like more than that - both in volume and in the systematic way it was perpetrated. I will be keeping a close eye on it - but it makes me wonder if there is a bot out there that has cracked my captcha.
Meanwhile, my sincerest apologies to anyone subscribed to any post of mine who had to suffer through these emails. The Muse will do what he can to make sure it is not a commmon occurance.
I have a few Win2008 servers under management and I had to renew a cert for one of them today. Now I confess this is the first time I had to do this particular task so there was some head scratching involved. I learned a number of things that might be of some use to you if you are up against this task. In this case I was renewing a Verisign cert. Here's what I learned.Read More
There's a hack that's beginning to be active that targets pages named "index.*". Actually it sounds rather like an old hack that is resurfacing. Since many ColdFusion sites use this convention for the home page this attack tends to hit quite a few ColdFusion sites that are vulnerable. The attack appends a script like this one to the bottom of each "index.*" page:
As you can see the script itself is pretty simple. It writes out an invisible Iframe to the bottom of the page. The target of the Iframe attempts to download a trojan or malware to the users machine. This attack is insidious and I have yet to discover the origin. But I do know a few things about it - and how to prevent it from continuing. One important thing to note, if you have this problem and Google indexes your sites and sees these pages they will flag your site. Browsers like Firefox use the Google service to throw up a big "malware" warning.
The following article details the attack and the notes I've gathered about it. Some day soon I hope to post a more definitive who, what, when and why post about it. To gather the following notes I'm indebted to the folks on the CF-Talk List (this thread), Nathan, Nick, Jason, Scott, Don and probably a few others I am forgetting. I can't give away too much info here - but please accept my thanks.Read More