• R
    Rick Sidwell

    Putting DHCP and WDS on the same machine is tricky since both use UDP port 67, I've never tried it, but the PXE standard does accommodate this: you need to tell WDS to use port 4011 instead of 67, and enable option 60 on the DHCP server. So you were correct to enable DHCP option 60, but from the error message you got it looks like WDS wasn't using port 4011 correctly. I can't tell you how to fix it, but this might give you a clue where to look.

    posted in Microsoft read more
  • R
    Rick Sidwell

    Sniffing wireless traffic from other devices is theoretically possible since the radio waves hit your antenna, but the mechanics of setting it up is a bit involved and is very specific to your hardware and OS. Most wireless traffic is encrypted, so that is an additional hurdle. For Wireshark specifics, see https://wiki.wireshark.org/Wi-Fi and the pages it links to.

    A common wireless MitM attack method is to set up a rogue access point with the same SSID as the one your intended victim will connect to.

    posted in Security read more
  • R
    Rick Sidwell

    Interesting video. For a lab to test out different server setups, I must admit that his solution is conceptually simple, and should work fine. But as a network designer, it makes me cringe! He's basically using layers of NAT to replace routing. Don't use it to learn networking, but it's fine if all you need is a simple segregated network to play with computers.

    posted in General Discussion read more
  • R
    Rick Sidwell

    The other big advantage of DHCP Server is that it remembers the addresses it assigned across reboots. Wireless routers like Airport will do some kind of discovery when they are booted so they know what addresses not to offer, but they won't be able to reclaim addresses for devices that are later removed from the network. This works fine on a small network with plenty of addresses, but you'll want something more robust for larger or very dynamic networks.

    Of course, you have to use a full-fledged DHCP server to assign addresses to multiple subnets. Wireless routers don't support that.

    posted in Apple read more
  • R
    Rick Sidwell

    The details will depend on the goals for your lab and the equipment you use to implement it. And they will evolve as your goals and equipment change and you get more experience. A lab used to explore network designs would look very different from a lab used to try different server configurations, and different still from a lab used to try penetration testing and forensics techniques. Some labs should not be connected to the Internet at all (for example, one used to understand malware like viruses and worms). Ralph's solution is pretty robust; the home network is protected from the lab network by the same firewall/router that protects it from the Internet in general.

    I don't understand your comment about using a separate DNS or gateway. You would definitely use a separate gateway since it is a different network. You may want a lab DNS server to resolve local names, depending on what your goals are, but this would not affect your home devices.

    A risk with any setup where your home and lab networks share an ISP connection is that you are sharing the bandwidth. If a lab device uses most of the available bandwidth, other family members watching Netflix won't be very happy!

    posted in General Discussion read more
  • R
    Rick Sidwell

    The ITIL books are priced well above my budget, so I can't refer to them. But the notes for the ITIL course I took back in 2008 specifically include "people" as an example of a CI. It's possible that this changed in ITIL 2011, but I doubt it. You don't "configure" people in the same sense you configure a computer, but you do need to manage the people are involved in supporting your service and most commercial Configuration Management Systems support this.

    That said, I've never been to a CAB meeting where personnel changes have been on the docket! People are not managed the same way as IT assets. So it is definitely confusing.

    posted in General Discussion read more
  • R
    Rick Sidwell

    I do both! I often tune to itpro.tv in the morning for entertainment (or "edutainment"). I'm usually doing something else at the same time, so I'm not completely focused on the show, and don't take notes. But I sometimes ask questions in the chat room and generally learn something. The between-episode chatter is fun to watch, though unfortunately sometimes muted.

    When I want to really study some topic, I'll view a series from the course library and take notes as I watch. The process of taking notes requires mental processing that helps with deep understanding of the concepts. I will often pause the video while writing the notes so I don't miss other important points. I'll also pause the video when they reference a web resource or a concept I want to brush up on so I can do some personal research before continuing.

    I've also tried downloading the audio to listen to while driving, but there are so many interesting podcasts out there that I listen to them instead.

    posted in General Discussion read more
  • R
    Rick Sidwell

    You currently have four networks on two routers:
       Router 1: Connection to ISP1
       Router 1: The 10.10.x.x local network
       Router 2: Connection to ISP2
       Router 2: The 192.168.x.x local network

    The ISP connection networks will have public addresses, normally configured with DHCP so you don't have to worry about them. To connect the two local networks without going through the Internet, you need to configure a fifth network connected to both routers (so each router will have three networks):
       Router 1: Connection to ISP1
       Router 1: The 10.10.x.x local network
       Router 1: Connection to Router 2
       Router 2: Connection to ISP2
       Router 2: The 192.168.x.x local network
       Router 2: Connection to Router 1

    You need a separate address for the new network, say 172.16.x.x, and statically assign addresses to each router. Finally, you add a route in Router 1 to send packets for 192.168.x.x to Router 2, and a route in Router 2 to send packets for 10.10.x.x to Router 1. Now the local networks can talk to each other!

    Unfortunately, most home routers only support two layer 3 interfaces: the Internet or WAN interface (connected to the ISP) and the LAN/Wireless interface (connected to your local network). They may have multiple physical layer 2 interfaces, but they are all connected to one of these layer 3 interfaces. To add a third layer 3 interface, you'll probably need to replace your home routers with business routers.

    Another approach (probably even better now that I consider it) would be to add a third router connected to the two local networks:
       Router 1: Connection to ISP1
       Router 1: The 10.10.x.x local network
       Router 2: Connection to ISP2
       Router 2: The 192.168.x.x local network
       Router 3: The 10.10.x.x local network
       Router 3: The 192.168.x.x local network

    You need to assign static addresses for both Router 3 interfaces and add static routes to Routers 1 and 2 to forward packets for the other network to Router 3. A home router would probably work for this if you disable NAT, DHCP server and Wi-Fi.

    Your configuration is not typical! I don't know of any step-by-step directions to make it work. But a Network+ technician should be able to do this easily. For extra credit, configure a routing protocol instead of using static routes.

    posted in CompTIA read more
  • R
    Rick Sidwell

    As Jared said, there is no easy to answer this. That's probably why it took 10 days for someone to try! I personally don't think IT professionals are inherently more prone to layoffs than others. But the IT field is changing much faster than most, and those that don't keep up are likely to get replaced by people who do. Don't expect to stay in the same position for many years; set your sights on a higher position and actively work to qualify for it. Become familiar with topics outside your specialty; it will increase your value, as well as open alternative career paths.

    No company can force you to move unless you signed a contract agreeing to it (at least in the U.S.). Of course, a company can put a lot of pressure on you to move! The choice between moving to keep your job and finding another job in the same area may feel like you are being forced, but ultimately you do have that choice.

    posted in General Discussion read more
  • R
    Rick Sidwell

    ISC2 is pretty open to how you get CPE credits. Just login to their website to record using the ITProTV videos. If you are selected for a random audit, the certificate of completion would work to demonstrate that you watched them.

    Requirements for other organizations will vary.

    posted in General Discussion read more