Author Archives: Finn

What data should I backup to the cloud?

The list below is just ideas to think about. Then in the list below there is some suggestions on how often to do backup.

  1. Backup of the database backup from databases that are critical for the company to function.
  2. Backup of current data files that are critical for the operation of the company.
  3. Backup of accounting if you have it inside of your organization.
  4. Backup of user profiles.
  5. Backup of static data:
    1. Archived information.
    2. Images of servers and workstations for quick restore.

Here are a couple of options for how often to do backup:

  1. Daily backup of data 1-3 to a storage server.
  2. Daily backup of 1-4 to storage server.
  3. Daily backup of 1-3 and a weekly backup of 4-5.
  4. You have your own server in a cloud outside of your company (you can even own it) that is a backup domain controller etc that can be put back in place if something goes wrong. I would not buy an expensive server as it will only store data and not have any login functionality for more than 10 people if needed. I would run a daily backup of 1-3 and a weekly backup of 4-5. This option will be a complete start over if everything in your business burns down. The server would probably cost around $3000 for a cheap server and about $100-200/month for having it in a rack, internet service etc. Here is an example of a server that you can modify that would be sufficient for this purpose: Supermicro SDR-5018D-MTF server

Have a nice day!

Installing Zurmo on CentOS 7

I have installed Zurmo for a couple of my customers that need a simple tool for CRM (customer relationship management.)

However, it was always done using Softaculous or other preinstallation tools. This time I needed to install it on a CentOS 7 installation. The zurmo.org installation summary is not detailed enough to make it possible for a new Linux user to install it in a working environment. Below is my steps to get it up and running on an internal server.

Syntax for this article:
# in the start of a line is commands given to CentOS 7 or RedHat.
> in the start of a line is commands given to MariaDB or other programs.

Server and dependencies

When I installed I chose basic web server and added PHP to save some time. We still need to install MariaDB server and client, enable it to start during boot and start it.

Add the epel library and check that it is actually installed:

Since this installation was on an internal network I decided to turn off SELinux and then reboot the server to make all my updates and changes active:

However, if you are using this server on a server that could be attacked from outside, don’t disable SELinux, but use the commands given at the end of these instructions.

The next lines of commands will be necessary for installing some dependencies. I have added the modules for php as well. Answer y(es) to any questions.

Check PHP configuration. Below are my settings, but feel free to change them to what you need.

MySQL/MariaDB configuration. Add the following lines under the [mysql] section:

Secure MariaDB and then create MySQL/MariaDB user and database:

Restart services:

Now we will start Memcached. You can change memcached configuration by editing this file:
# nano /etc/sysconfig/memcached, but it should not be necessary for most installations.

Open up firewall ports to allow communication to MariaDB and Memchached.

At this point I recommend restarting the server to make sure everything is working. You can also use the commands below to get the status of services.

 

Zurmo installation

We are ready to download and install Zurmo. Remember to check at http://zurmo.org/download for the latest version. The version below was available as of 9/2/2015.

You should now have a sub-directory named zurmo under /var/www/html/. Using ls -l you will see that the apache user and group doesn’t have any access to this directory. The following command will change the user and group to apache.

IMPORTANT: SELinux commands if you decided to keep SELinux enabled. The below command is if you installed in a sub-directory of html. The next two commands will allow apache to memcached communication, and let apache send email over network.

Configure Zurmo

We are now done with the installation of Zurmo. What remains is to open a browser and go to the IP-address of your server/zurmo.

When do I move my services to the cloud?

During the last years people are asking me when will it benefit them to move their data or their services to the cloud? The answer is difficult to answer because there are many factors that need to be addressed.

Don’t misunderstand my caution for some of the scenarios below. I have my own cloud and I do want customers to use it. However, I don’t want customers based on misunderstandings, myths, believes or just for the money. I know how vulnerable clouds can be.  Some of the big cloud providers have had some serious crashes over the last 5 years. The bottom line is that nothing is 100% secure or up and running all the time. Remember that someone cut the fiber cable out of Ukiah this autumn (2015).

When should I use the cloud?

Below I have listed a couple of scenarios that I take in to consideration when answering a question like this. The target for my suggestions are small businesses (less than 100 employees) as that is what we have here in Ukiah.

  •  Sensitive data: Do NOT send that in to the cloud unless you are absolutely sure it is a safe solution. If someone find out your username and passwords to log in to the cloud, you have a problem. And remember that weak passwords on the internet is not your friend. They might be convenient, but NOT secure.
  • Small business with general documents that everyone needs. Nothing confidential that need to be stored locally. This is a good use of a cloud system.
  • Small business that needs backup solution or archiving. This is also a good use of the cloud. I would recommend that the data being encrypted locally before uploaded though, if there is anything sensitive.
  • Secondary domain controllers etc. This is a good solution for many companies in case of a catastrophe where the main servers/infrastructure are destroyed. It will make it easier to deploy new computers and setting up users again. I would most likely recommend this to be done in a small local cloud solution. A local person can then deploy using the data that is in the cloud. Using DFS (Distributed File System) you can also keep all files up to date on the local server and in the cloud. However, keep in mind that your internet upload speed is normally low, and if you have files that are over 10GB, you might not be able to finish a backup over night.

Is it worth the money??

This is one of the main questions for many organizations. The answer depends on what you are trying to accomplish. Some functions might be worth putting in to a cloud weather it makes sense monetarily or not.

One scenario where I would be careful about recommending a cloud solution

Let’s take a look at numbers for a small organization (10-20 users) replacing their local server. I assume they have around 5-20 users and no Exchange or SQL server installed.

  1. Cloud based server with one core and 1.75-2GB of memory with a need of 40GB of space. $50-70/month. For a year that is $600-840. Over 7 years you have spent $4200-5880. The configuration in this scenario is very frugal. Most likely you would need an extra processor and more space. The prices above are based on Microsoft, Amazon and others. In my cloud you pay less than that. It depends on what you need.
  2. A brand new server cost around $2500-3000 with a 6-core processor, 16GB of memory, 2TB of storage space and a Windows 2012 standard license. Installation and setup will typically be around $300-1000 depending on what features you need or are transferring over to the new server. The lifetime of a server is normally between 5-7 years. Over 7 years you have then spent $3000-4000 on a server and licenses.

Note that I have not added any consultation cost over the lifetime of the servers. This will normally be about the same amount whether it is in the cloud or locally.

Above I didn’t add any cost for backup to the local installation. The price for 50GB cloud based backup would be around $8/month or $96/year. Over 7 years it will be $672.

You should also keep in mind that a server like the one above can easily host 50-100 users and it might be interesting for companies to go together and share one. Which will bring the cost further down.

Scenarios where it would be worth it to have a cloud solution:

  • A company have three locations. Very few employees, but there is a need for the locations to be able to communicate and share information. In this scenario it would be beneficial to have a cloud server and use VPN to connect in to the server.
  • A company is needing to have several employees communicate with each other, but maybe not seeing the internal data in the company. If they do need access to internal documents, they can set up DFS (Distributed File System) and make that data transferred to the cloud and back to the internal server. All other data will only be available internally.
  • An organization need to have their data backed up and they don’t want to move hard drives in and out of the building all the time. The backup will run during the night and they can check the result in the morning. However, this will depend on how much bandwidth you have for upload and how much data is changed each day.

 Security and availability

This part is something that can be a little difficult to explain. Lets start with security. A cloud is a bunch of servers that are working together. You access it over the internet with a username and password and some times with a codestring or a certificate to make sure it is really you. If anyone gets this information, they can log in and access the system and do what they want. Yes, that can happen to your internal network also. In my personal opinion there is only one secure system: One that is not connected to any network at all.

Availability is how well you can access your data. To access anything in the cloud, you need internet access. No internet, no work (or play).

What about access to your local server/network from somewhere else? Availability to data from internet for a small organization can be configured using VPN. You need a good router ($70-200) and then configure it. However, in this scenario you can access your data if the internet is down.

I will come back and write more on this when I have a moment.

Upgrading old computers

Below I have created a check list when you are considering getting a new computer. Please note that one or two of the items below could be an indicator to get a new computer. An example: You have less than 1GB of memory and only one core.

What to check before you consider upgrading your old computer to a new operating system:

  1. How old is your computer?
    1. If it is running Windows XP or anything older than that, please go an buy a new computer.
    2. If you have Vista or newer, please continue.
  2. Check how many cores the computer have and the speed of the CPU. Open Task manager and see if there are two bars showing the cpu/processor.
    1. Only one bar? The computer might be worth keeping, but only for document editing or surfing.
    2. Two bars! Good sign, you should be able to use this if you have 2GB or more of memory.
    3. Four or more! You are good to go. Check memory and speed of your CPU.
  3. Check how much memory you have. In Task manager you can see that on the left side below the CPU bar.
    1. Less than 2GB you should look at getting more or it is a sign to get a new computer.
    2. 4GB is what I recommend as a minimum for modern computers. If you are using Linux you need less.
    3. 8GB or more for graphic design, gaming or other memory intensive uses.
  4. Use Crystaldiskinfo to check the health of your hard drive. To check the S.M.A.R.T. status of the hard drive is no guarantee that your hard drive is completely fine, but it will normally give you an indication. I have however seen cases where cloning the hard drive has shown errors.
    1. If it shows up orange or red, make a backup of all your data and buy a new hard drive or computer.
    2. Blue is a good sign. That means that the hard drive should be good to go.
  5. How many USB connectors do you have in the back of the computer?
    1. 2 is a minimum. The more the better. On most laptops you might have 3. But they are meant for moving around. You can get a USB hub to get more ports.
  6. What is the type and model of your graphic card? Is it built-in to the motherboard or a separate card? Do you have an unused Express x1/x4/x8/x16 slot in case you need to upgrade?
  7. Do you have a DVD-drive in your computer?

There will not be any guarantee that an upgrade will work even after testing/confirming the above.  There are a couple of motherboards as an example, that will not allow you to upgrade to Windows 7/8/8.1 without creating a special DVD.

Your old computer might work fine with Linux Mint which will function fine for Internet browsing and writing letters. Check that you have about 1GB of memory, burn a DVD with the ISO, insert it in the computer and give it a try.

A server check list

A customer of mine said the other day that he really wanted me to make a list of what they should be looking for when buying and configuring a new server. There are many considerations to make and this list will not be the best for all circumstances. Hopefully it will help some of you, and you can always call or send me an email if you have specific needs.

This particular server is meant for up to 20 users and they use it for Quickbooks and file sharing.

Hardware and software

  • A CPU with at least 4 cores. For heavy users I would recommend 8 cores or more.
  • 16GB of RAM is the minimum I recommend today unless you know exactly what you are going to use it for the next 5 years and you need less for that function.
  • Hardware RAID controller if you are using Microsoft server. Make sure it support the type of RAID you need. For Linux you can use ZFS or set it up with software RAID.
  • Hard drives that:
    • are 2TB or bigger or
    • have at least 3 times the space of data you are using today + 150GB for the operating system and applications.
    • Or if you are separating OS and data on different hard drives, make sure the OS hard drives/partitions are at least 150GB.
    • Consider hard drives/SSD’s for the server operating system or for databases.
  • Operating system that has support for the next 5 years.

Configuration

  • Make sure the OS partition has about 50GB of free space after installing OS and main applications. You never know what you will need to install the next 5 years.
  • Split OS/data on separated partitions/disks. Maybe split data/databases if needed.
  • Install all updates immediately.
  • Make a backup/clone of the server when it is fresh. You might have to go back to that image/clone during the installation.
  • Make sure all applications install perfectly. If not, restore from the above backup and do it again.
  • Install anti-virus solution.
  • Make another backup/clone.
  • Make it a domain controller if that is the purpose of the server.
  • Configure all services that should be running on the server.
  • Test the configuration.
  • Make a final backup/clone after copying data to the server. This might be your starting point if you need to reinstall it later.

This is the “ideal” list. Often I don’t have time to do all the backups/clones because I am under pressure to finish the job (the old server is dying), but it has saved me several hours of work a few times.

Please let me know if you would like me to add something to this list.

How to handle old hard drives and computers

Lately I have replaced a few computers with Windows XP and computers where the motherboard have died. My customers often asks what they can do with their old hard drives.

My main suggestion is that you keep the old hard drives as a backup of your old data in case something was not copied over. If you don’t want to keep the hard drive, I can wipe them completely with a program. This is the most secure way of doing it unless you have a hard drive shredder.

Some of the questions/suggestions that I have heard:

It is enough to use a hammer on the outside of the hard drive? My answer is that it is not enough. The top will not bend enough to destroy the plates. In order for a physical destruction to be somewhat effective you need to open up the hard drive and crush the plates and read-write heads themselves.

What about a sledgehammer? That can work if you have an edge that can hammer through and in to the plates.

Can I shoot it? Yes, you can, but be aware of bullets that might be coming around. You are shooting at a thick metal plate and the bullets could fly in all directions.

What about a strong magnet? An industrial hard drive shredder/magnet will do the work, but there aren’t many of those around. A home magnet will not work.

 

Tips to avoid malware

Malware (viruses, spyware, trojan horses etc.)

Malware refers to all programs (virus, spyware, adware, trojan horses, boot viruses etc) that slows down your computer, spys on you or steals your data. Wikipedia.org has a great article about malware and what they are.

There have been many questions about how to avoid malware on a computer. In some cases it is impossible to avoid all of them, but in 99% of the cases there are some very simple steps that can be taken.

  1. Create a user WITHOUT administrative rights (a standard/limited user). And use that login for your normal daily work. 88% of the security threats that were big last year (2013), would not affect a Windows XP computer if the user had been limited. On Windows 7, only 1% of them would have infected the computer.
  2. Do NOT click on anything online that says you are infected, and click here to remove it. Most likely you will then install spyware that will then install even more malware. And then they will start asking you to pay them money in order to get rid of them. There is NO way any web site can know if you have an infected computer or not. These are typical names of scam programs: WinFixer, Windows Antivirus XP 2009, XP Antivirus 2016, XP Antivirus 2009 and FixyourPC. Another example is 180 Search Assistant which is a spyware.
  3. Do not go to any web sites that are suspicious. Many anti-malware packages today include a web link check that will try to see if any of the links on the page you are on lead to phishing or malware infested pages. That feature has saved me a few times. And the page that was the problem was supposed to be a legitimate site for downloading anti-spyware software!
  4. Download software from known sites. The following is a good example of what you DON’T WANT on your computer.WARNING: you may find it is even advertised on several sites:
    “Security Essentials 2016” is NOT a Microsoft product. Their product is named Microsoft Security Essentials. It looks very similar, but it will install two programs, Fakeinit and Alureon, which will create a whole lot of problems on your computer. They will stop processes in the computer, stop you from going to certain web sites, change security settings and change the background of your computer. Your background will say “Your system is infected!” with red letters on a black background. You will also be asked to pay for an upgraded version of Security Essentials 2016 which is your first indication that this is malware. Microsofts program is FREE! 
  5. Wait for a couple of days after you have downloaded software. I have downloaded some free software and left them on my computer for a while (so that my antivirus solution gets updated in the mean time), and then scanned them.
  6. Emails are used for phishing attempts and spyware. What I do is to let the mouse hover over the link so that I can see where the link goes. I have received emails with links to Microsoft, but when I hover over it, it says that the link points to microsoft.xxxx.ru etc. The same with bank emails. You learn what  global banks exist through phishing attempts.
  7. Never open any attachments that come from big companies. They would never send you attachments without telling you beforehand.
  8. Do not download unauthorized software, music or pictures from the internet. JPG or JPEG pictures can be infected with malware code that will be run while you are looking at them. Files ending in .exe or .msi are programs and when you double-click on them you start the program (not the video or music file you thought you downloaded). If they are malicious they will quickly take over your computer.
  9. Make sure that you have at least one firewall (most dsl modems have one built-in) in your home. A physical router/firewall helps, but I also prefer to have a software firewall on my computer. Windows XP, Vista and Windows 7 have firewalls built in to the operating system. All windows versions before that will need one. It depends on your network setup. Normally your network connection (dial-up, dsl, cable etc) is attacked 1000-1600 times in a week.

Other general security recommendations:

  1. Always make sure you have two backup sets of your data.
  2. Don’t use passwords based on pets, persons or other things in your life.
  3. Never tell your password to anybody.
  4. Make passwords that combine letters (a-z), both upper and lower case, numbers and other characters (some examples: !@#$%^&*?-+). This way it will be more difficult to break in to your accounts. Find a safe place to store them for reference. (ie safety deposit box etc. Treat them like your social security card!)
  5. Make sure your computers’ software is updated.

 

 

Maintaining your Windows computer

I have had several requests about what to do to keep a computer running without problems. As long as we are only talking software the steps below might be helpful. Most of the questions have been centered around how to avoid malware (viruses and spyware) taking over their computers, and what is better than to get a list of what a computer professional is doing for his own computer?

Of course I am sticking my head out with this list as most computer professionals have their own way of doing things. But my list is working for me and my customers and that counts!! 🙂 Of course you have to use the programs and suggestions at your own risk. You will find a list of programs further down.

My monthly check on my own computers are the following:

  1. Make a backup of all data files.This happens a little bit more often than monthly.
  2. Close down all applications that you have running.
  3. Run CCleaner (crap cleaner.) It will also empty the recycle bin and other items, so you might want to take a look at what it will remove before running it. You can also clean up the registry, but before doing this part I strongly suggest that you have a backup.
  4. Run chkdsk. On Windows Vista or newer you have to right click on command prompt and select run as administrator. In the black window that opens type the following: chkdsk c: /f and press enter. C: is the hard drive that you want to check. /f tells the command to fix errors. If you have several hard drives/partitions, replace c with the letter that is used for that drive. You can not defragment a cd/dvd drive. For the system drive it will come up and say that the drive is in use and ask if you want to check on the next restart. Answer yes and restart your computer.
  5. Update Bitdefender and/or other antimalware programs.
  6. Scan the whole computer with the tools mentioned above.
  7. Run chkdsk again, shutdown the computer and when it comes back up, run a defragmentation.

One important task every 6 months is to open up the computer and get the dust out. Do NOT use water or other liquids to clean a computer on the inside! What I do is to use a low-power air compressor to blow out dust that is inside. You can also use one of the small cans of air that you buy in the store. The dust normally builds up in the power supply, the air intake filters and around the cpu. These parts are all crucial in order to make the computer run smoothly, but I normally clean out the whole computer so that I am not overlooking dust building up around other parts.

Here is my list of the free programs that I recommend in order to keep a computer clean of malware (virus, spyware etc). Keep in mind that this is for non-commercial use:

  • Bitdefender, Avira or Avast. All these programs are full anti-virus and -spyware solutions that exist as a free version and a paid version. Please make sure that you don’t install any extra features unless you want them. Avast and Avira might ask you to install other third party programs etc.
  • Malwarebytes. This is a free program and the free version does NOT stay resident in the memory which make it perfect for a monthly scan combined with other tools. Please remember to turn off the free trial of the pro version.

Other free programs that are very useful during normal maintenance:

  • Crap Cleaner. Removes temporary files and  is one of the best tools that I know of for this purpose. It will also empty the recycle bin and other items, so you might want to take a look at what it will remove before running it. Unhook all the unnecessary stuff during installation. You only need: Add start menu items (and Automatically check for updates.)
  • Defraggler or MyDefrag. These small defragmentation tools are a notch better than Microsofts built-in tool as you can specify how they should defragment.
    Download Defraggler from: http://www.piriform.com/defraggler
    Download MyDefrag from: http://mydefrag.com/Manual-DownloadAndInstall.html

Tools that I might use if a computer IS infected:

  • HiJackThis. This is a professional tool and NOT meant for beginners unless you know someone that can help you.
  • SuperAntispyware. Considered one of the best, but this one I normally uninstall after using it so that it doesn’t interfere with my other tools.
  • Microsoft Security Essentials. Free tool from Microsoft. Does not get top rating, but can be a good help.

There are other tools, but I will not suggest using them unless you are a professional computer consultant.

Reinstall, Replace or Reuse Your Computer

For all of my customers that have old or slow computers we offer a FREE evaluation of what to do with your computer.

Make sure that you have a FULL backup of all data. We will do a free evaluation and let you what we think will be the best solution.

Scenario Your cost: Solution:
Recycle: The computer has a CPU that is faster than 2GHz and the memory is adequate for normal use (2GB or more). You don’t want it anymore, but you want it to be available for someone else. $0 We will test the components and make sure it is working fine. We will then will erase everything on the computer and reinstall the operating system, antivirus solutions and LibreOffice. If the computer came with other software we might consider using that.

We put it out for sale so that someone else can use it. They pay $90 for our time and testing. There is no warranty on parts etc. for the new user of the computer.

Recycle and replace: The computer is so old (slower than 1GHz processor) that there is no use in giving it to anyone and you don’t want it. $25 Wipe out all data so that it will not be possible to retrieve any data from the hard drives.

Bring the computer to the recycling center for you.

Reinstall and reuse: You want the computer to be formatted and reinstalled so that it works as good as when it was new, and then use it or give it to someone you know. $90 Format the drive and reinstall the OS, all drivers and MS updates. If any other programs are required, they will be added to the bill based on how much time it takes.