The Kumachan – Page 124 – Celebration of free speech

Scenario Proposal of a Server Cluster

By Dave in Education
2009-05-18

[Abstract]
The purpose of this document is to provide a proposal for a server cluster that will be introduced to Kucera Clothiers. This proposal is based upon a scenario of Kucera Clothiers is looking to improve communications between their corporate headquarters that is located in Chicago and its 3,500 other locations throughout the world. Kucera employs over 100,000 employees at their different locations throughout the world. Included within the proposal that will be proposed to Kucera Clothiers are some system requirements, costs, anticipated return on investment, security issues, and information management. This document is intended for anybody looking to gain a basic knowledge or understanding of how a project proposal can be introduced to a company.

[Content]
Kucera Clothiers should maximize use of current resources in order to provide a network service that can accommodate any and all IT services today, but also well into the future. Kucera can maximize their return on investment of the existing network infrastructure and yet still provide scalable solutions for years to come. The use of a network server cluster can allow Kucera Clothiers to provide network services to all employees throughout the world with a 99.99% uptime guarantee. Providing services with a 99.99% reliability will greatly improve customer service, sales/customer relations, and efficiency throughout the company. The ability for employees to access data from anywhere at any time throughout the world is vital in today‚Äôs globalized markets.

A networked server cluster allows multiple servers to share valuable resources in order to handle any request, at anytime, from anyone. A server cluster functions by having multiple network interface cards (NICs) installed in multiple servers. One NIC allows users to access services and resources from the public network, however the 2nd NIC allows the different servers to communicate with each other and share valuable resources on a private network without interfering with any requests coming from the public network. Clustered servers can provide services such as: e-mail, web, file sharing, collaboration, database, and other specialized services. In the event that an additional service is needed, the service simply needs to be enabled on the cluster to allow the organization to grow with future needs or requirements. Server clusters provide much value to an organization by providing a high availability so that users in different time zones can access the servers as needed, thus allowing the company to maximize productivity. Due to the use of multiple servers, if one server or device should fail, the others can share the load until the device can be repaired or replaced (RedHat Inc., 2009). The design of a server cluster allows for the computing power to be located in one centralized location, in contrast to incurring high costs to locate the high performance computing out to each of the 3,500 locations worldwide. A server cluster can provide much value to an organization by providing all services from one centralized location with high performance servers that can easily handle the processing workload of all the company‚Äôs employees from around the world while maintaining a 99.99% uptime guarantee to allow the users to be more productive.

Prior to installing a server cluster there are some requirements that need to be met so that the cluster can easily mesh with the organizations requirements. There needs to be enough server rack space to accommodate the cluster. There also needs to be enough power provided to the server racks to meet all the power needs of the system. The location where the cluster is going to be housed needs to be an environmentally controlled climate. The facility that the cluster will be located needs to have diversified network paths so that in the even one should go down; other paths are able to handle the network traffic. The facility where the cluster is going to be located also needs a managed network switch with enough available ports to handle the configuration of multiple virtual LANs (VLANs) in order to support the cluster. The location where the servers will reside needs to be a physically secure location. When supporting any system it is important to ensure all of the system requirements can be met before obtaining the system.

The cost estimate of the system includes all necessary peripherals to include hardware, software, licensing, and support. The total cost of the system is $22,235. This cost is for the purchase of 5 Dell PowerEdge 1950 III servers with Redhat Linux installed on the systems and a 3-year basic on-site support. The exact system options are listed below (Dell, 2009):
PowerEdge 1950 III Quad Core Intel¬Æ Xeon¬Æ E5405, 2x6MB Cache, 2.0GHz, 1333MHz FSB
Additional Processors Single Processor only
Memory 32GB 667MHz (8x4GB), Dual Ranked DIMMs
Operating System Red Hat Enterprise Linux 5.2, 2S, FI x64, 1yr, Auto-Entitle, Lic & Media
Multipack Operating System None
Operating System Addition None
OS Partitions None
Chassis Configuration Rack Chassis with Static RapidRails
Backplane 1×2 Backplane for 3.5-inch Hard Drives and SATA Optical
Primary Controller SAS 6/iR Integrated Controller
2nd Controller and HBAs None
Hard Drive Configuration Integrated SAS/SATA No RAID, SAS 6/iR Integrated
Primary Hard Drive 1TB 7.2K RPM Universal SATA 3Gbps 3.5-in HotPlug Hard Drive
2nd Hard Drive Discounted Upgrade! 1TB 7.2K RPM Universal SATA 3Gbps 3.5-in HotPlug Hard D
3rd Hard Drive None
4th Hard Drive None
PCI Riser Riser with 2 PCIe Slots
Power Supply Energy Smart Redundant Power Supply with Y-Cord
Power Cords Power Cord, NEMA 5-15P to C14, 15 amp, wall plug, 10 feet / 3 meter

Utilizing current network infrastructure, facility environment, and networking devices, the total cost of ownership for the server cluster can be identified by the total cost of all necessary hardware and support.

The return on investment for the system can be immediately identified by the design of the system. Even though the initial cost of the system may seem high to managers who are unaware of IT costs, the total cost of the system is miniscule compared to the cost if the processing power was decentralized and located at each individual location. An additional return on investment can be clearly seen because the centralized location of the servers ensures the servers are physically secured and the servers are centrally managed to ensure the data on the servers is secured. Also due to the servers being centrally located the need for IT support personnel at each of the locations is non-existent. All IT support will be provided in one centralized location, which saves the company money from paying for support at multiple locations and varying fees. The scalability of the system provides much added value to grow as the company grows. The server cluster provides an immediate return on investment by cutting IT support costs, improving overall system and data security, and being scalable to grow as the company demands.

In conclusion, a centralized server cluster can provide much value to Kucera Clothiers by allowing all employees to have access to valuable data at anytime from anywhere. The cluster provides necessary IT services today, but it is also scalable to meet the IT needs of the future too. The server cluster will provide an immediate return on investment by cutting IT costs at multiple locations by housing the high performance servers in one centralized location. Due to the centralized design of the system, all security concerns of the systems and their data will be easily addressed. By using current resources that are available, the total cost of the system includes nothing more than the hardware and support costs. Kucera Clothiers wishes to improve communications throughout the organization and this server cluster provides the means to do so.

References
1. redhat.com | Red Hat Cluster Suite. Retrieved May 16, 2009, from redhat.com | The World’s Open Source Leader Web site: http://www.redhat.com/cluster_suite/
2. The Dell Online Store: Build Your System. Retrieved May 16, 2009, from Dell Laptops, Desktop Computers, Monitors, Printers & PC Accessories Web site: http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=04&fb=1&kc=productdetails~pedge_1950_3&l=en&oc=becwxk1&s=bsd&vw=classic

Kucera Clothiers, Open Source Leader, RedHat Inc., future, location, redhat.com, security, server, support

Proposed Server Cluster for Scenario Business

By Dave in Education
2009-05-17

PowerEdge 1950 III Quad Core Intel¬Æ Xeon¬Æ E5405, 2x6MB Cache, 2.0GHz, 1333MHz FSB
Additional Processors Single Processor only
Memory 32GB 667MHz (8x4GB), Dual Ranked DIMMs
Operating System Red Hat Enterprise Linux 5.2, 2S, FI x64, 1yr, Auto-Entitle, Lic & Media
Multipack Operating System None
Operating System Addition None
OS Partitions None
Chassis Configuration Rack Chassis with Static RapidRails
Backplane 1×2 Backplane for 3.5-inch Hard Drives and SATA Optical
Primary Controller SAS 6/iR Integrated Controller
2nd Controller and HBAs None
Hard Drive Configuration Integrated SAS/SATA No RAID, SAS 6/iR Integrated
Primary Hard Drive 1TB 7.2K RPM Universal SATA 3Gbps 3.5-in HotPlug Hard Drive
2nd Hard Drive Discounted Upgrade! 1TB 7.2K RPM Universal SATA 3Gbps 3.5-in HotPlug Hard D
3rd Hard Drive None
4th Hard Drive None
PCI Riser Riser with 2 PCIe Slots
Power Supply Energy Smart Redundant Power Supply with Y-Cord
Power Cords Power Cord, NEMA 5-15P to C14, 15 amp, wall plug, 10 feet / 3 meter
Utilizing current network infrastructure, facility environment, and networking devices, the total cost of ownership for the server cluster can be identified by the total cost of all necessary hardware and support.

References
redhat.com | Red Hat Cluster Suite. Retrieved May 16, 2009, from redhat.com | The World’s Open Source Leader Web site: http://www.redhat.com/cluster_suite/

The Dell Online Store: Build Your System. Retrieved May 16, 2009, from Dell Laptops, Desktop Computers, Monitors, Printers & PC Accessories Web site: http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=04&fb=1&kc=productdetails~pedge_1950_3&l=en&oc=becwxk1&s=bsd&vw=classic

Hard Drive None, Kucera Clothiers, Multipack Operating System None, Open Source Leader, Operating System Addition None, RedHat Inc., USD, device, future, location, pence, redhat.com, security, server, support

“Phase In” Equipment into Business Operations

By Dave in Education
2009-05-16

[Abstract]
The purpose of this document is to explain the term ‚Äúphase in‚Äù and how it relates to phasing in a server cluster. Also included within this document is an explanation of what type of risk analysis needs to be conducted in order to phase in the cluster. This document is intended for anybody looking to gain a basic understanding or knowledge of risk analysis and how to merge a new system with an existing system and how it impacts operations.

[Content]
In order for Kucera Clothiers to integrate a server cluster into their organization, it should be a goal to decide how to integrate the new system with any current systems while minimizing any interruptions of operations. It is important for Kucera to ‚Äúphase in‚Äù the new system by using a three-step plan in order to reduce any interference with company operations (Microsoft, 2008). Trying to incorporate an entire system all at one time without impacting operations can be rather cumbersome, therefore it is recommended to phase in the system in a few different steps. The initial step of the phase in plan is to physically install all of the hardware and test it to ensure everything is functioning correctly. The second step of the phase in plan is to migrate network services, one by one, onto the server cluster and test each service to ensure it is functioning correctly. The final step of the phase in plan is to migrate user data in small groups until all users have been migrated to the new system and then test to ensure there is no data lost and everything is functioning correctly. Once the new system has been completely phased in Kucera Clothiers can power down and reallocate the legacy system as necessary.

Prior to phasing in any new system into current operations it is important for Kucera Clothiers to conduct a risk analysis to determine how operations can be affected in the event something does not go as planned. When conducting a risk analysis, it is important to identify what types of risks are involved whether the risk is a human risk, operational risk, procedural risk, technical risk, natural risk, or even a political risk (Mind Tools Ltd, 2009). The risk analysis should determine how the phase in plan has the largest impact on the organization and then try to manage that risk. Due to network services affecting the majority of users at one time, it is recommended to migrate the network services one at a time in order to minimize the potential for an issue to affect the vast majority of users. Also, because network services affect the vast majority of users within the organization it is recommended to migrate the services, either during non-business hours or during hours of minimal network traffic. Once the risk analysis has been conducted and a plan has been devised in order to deal with the majority of users, then the risk analysis can be conducted in order to devise a plan how to migrate uses with minimal impact. Due to Kucera being a global company, it is recommended to migrate user data during non-business hours starting with users in the Greenwich Median Time (GMT) zone and progressing through the rest of the time zones moving groups of users and then testing the migration of user data prior to the start of the business day for those users.

In conclusion, Kucera Clothiers can minimize operational impact by first conducting a risk analysis in order to identify how the organization can be impacted and devising a plan to minimize that risk. Kucera can also ‚Äúphase in‚Äù the server cluster into their organization by using a three-step plan. Step one ensures the hardware is installed, configured, and tested. Step two involves migrating network services from the old system to the server cluster and testing it. Step three involves migrating user data in increments of users during non-business hours and testing to ensure no data has been lost. By conducting a risk analysis and using a phase in plan, Kucera Clothiers can successfully implement the use of a network server cluster to support their IT goals.

References
(2008, November). Configuring Integration Services in a Clustered Environment. Retrieved May 17, 2009, from Configuring Integration Services in a Clustered Environment Web site: http://technet.microsoft.com/en-us/library/ms345193(SQL.90).aspx

(2009). Risk Analysis & Risk Management. Retrieved May 17, 2009, from Project Risk Analysis Techniques – Risk Management from Mind Tools Web site: http://www.mindtools.com/pages/article/newTMC_07.htm

IT, Kucera Clothiers, Microsoft, Mind Tools Ltd, Risk Analysis Risk Management, SQL, server, support

Cat on the Roof

By Dave in Humor
2009-05-14

A man left his cat with his brother while he went on vacation for a week. When he came back, the man called his brother to see when he could pick the cat up. The brother hesitated, then said, “I’m so sorry, but while you were away, the cat died.”

The man was very upset and yelled, ”You know, you could have broken the news to me better than that. When I called today, you could have said he was on the roof and wouldn’t come down. Then when I called the next day, you could have said that he had fallen off and the vet was working on patching him up. Then when I called the third day, you could have said he had passed away.” The brother thought about it and apologized.

“So how’s Mom?” asked the man.

“She’s on the roof and won’t come down.”

news

Hey, Mister

By Dave in Events, Humor
2009-05-11

A lady was telling her neighbor that she saw a man driving a pick-up truck down the interstate, and a dog was hanging onto the tail gate for dear life! She said if the pick-up truck driver hadn’t been going so fast in the other direction, she would have tried to stop him. A few weeks later, her neighbor saw this truck at the Bass Pro Shop. The pick-up truck driver is a local taxidermist with a great sense of humor! And it is not a dog it is a coyote.

Bass Pro Shop, Events, dog, driver, driving, neighbor

Analyze Trends and Technologies

By Dave in Education
2009-05-10

[Abstract]
The purpose of this document is to analyze trends and technologies based upon the recommendation I made for a company to utilize a collaboration system in order to improve communications throughout their organization. The recommendation was made based upon a scenario of a company called Kucera Clothiers whose IT strategy was to improve IT communications throughout the organization of 3,500 locations with 100,000 employees worldwide. The company narrowed down the options to three projects under consideration. One project is to use wireless networks in order to access data faster. Another project involves using a collaborative system that allows for synchronous and asynchronous communications. The third project involves using a customer resource management system, however this project requires replacing previous systems and a lot of lead-time to deliver the system for operations. This document utilizes a scenario and a recommendation that was made based upon the scenario to analyze trends of technologies that are currently being used today in order to find the technologies merits and shortcomings. This document is intended for anybody looking to gain a basic knowledge or understanding of merits and shortcomings of a collaboration system technology that can be used to improve communications throughout an organization.

[Content]
The collaboration system was chosen as the most ideal solution that aligned with the Kucera Cothiers corporate IT strategy to improve communications between all of the field offices and the corporate headquarters. Since this technology was chosen it is important to understand how well this technology aligns with current trends of businesses using different technologies. There are different trends that many different businesses are using, some are software-based trends, others are hardware-based trends, and some are even in the methods of which data is accessed. These trends can help keep Kucera clothing on the cutting edge of the market in order to keep up with any competitors.

When analyzing business trends as they apply to different software technologies it becomes apparent that companies are looking for solutions that will provide a multi-platform solution with ease of modification. A programming technology that meets these business requirements is Java. Java is an open-source object oriented programming language that provides a great solution for multi-platform support. This means that an application written in Java can easily be executed on a computer that is running Microsoft Windows, Apple OS X, Linux, BSD, or numerous mobile devices. By cross-platform functioning Java proves itself to be a valuable asset to many businesses as the businesses are able to provide solutions that meet their business needs without rewriting software applications to function on each individual platform. Due to Java being open source many business are moving the direction of utilizing Java in more enterprise applications because there are no high priced licensing costs involved with developing software that is written in Java. Java can be found anywhere from mobile devices to super computers and is especially strong in web applications and enterprise applications (Preimesberger, 2002). Java provides a platform for enterprise applications to be written in and meets many business needs of being a cross platform solution that can be ran on anything from low-end handheld devices to high-end supercomputers.

Trends in computer hardware have identified that many businesses are moving to scalable high performance computing where multiple servers are clustered together to act as a single server. Clustered servers provide businesses a low-cost solution for providing services throughout the organization. Virginia Technical University was able to cluster 1,100 Apple computers together and rank as high as 7th on the world‚Äôs 500 list of the most powerful computers in the world, computing a whopping 12.25 teraflops, at only one-fifth the cost (Gibson). Although this may seem too realistic for most business needs, it does illustrate that a low-cost server cluster can produce extremely high performance that can handle almost any businesses computing needs. Having multiple computers clustered together, sharing network load, process load, memory, hard drive space, and other resources allows these computers to act as a single system in order to provide services, such as web service, e-mail service, or even services that are needed for a collaboration system. When an organization grows larger and there becomes too much of a load on the cluster, the company can simply add additional servers to scale with their business needs. Clustered servers are not isolated to one specific vendor of servers and they can vary from Apple, Dell, IBM, Intel, AMD, HP, Sun Solaris, and the list goes on. Centralized clusters of servers provide an advantage of having services, security, files, users, permissions, etc. of the systems managed from one centralized location. Long are past of the days of mainframe computers, however the information technology trend seems to be going full-circle back to high performance computing from one centralized location. Business trends show that many computers clustered together in order to appear as one large high-performance computer that is scalable to meet any business needs is where companies are turning in order to enhance their IT strategies.

With globalization what it is today many companies are looking at collaboration systems their top priorities. Collaboration systems provide many companies the ability to reduce corporate process latency times. Collaboration systems provide companies the ability for subject matter experts to communicate directly or indirectly with personnel needing their expertise. Through the use of online collaboration companies are able to provide better customer service that can lead to more sales or increased revenue. When companies purchase an online collaboration system they are able to reduce their total cost of ownership and increase their return on investment (Cisco, 2009). Collaboration systems provide companies the ability to communicate in real-time from anywhere in the world, across multiple platforms, and securely accessing critical data. Many businesses have turned to collaboration systems to provide a means of communication, in conjunction with current network infrastructure, so that products can be purchased or sold in a globalized market and providing fast and efficient customer service.

In conclusion, the decision to use a collaboration system for Kucera Clothiers provides the company a cutting-edge solution to meet their IT corporate strategy, while having the ability to improve their customer service. With viewing current trends of businesses Kucera Clothiers is on the right track to follow IT trends of providing a cross platform system that is capable of high performance computing and is able to be easily modified to meet any current or future needs of the organization. If Kucera Clothiers were to have chosen any other option rather than the collaboration system the company would have been crippling their business goals, customer service, IT strategy, and allowing any competition to gain a major advantage in today‚Äôs globalized market.

References
Preimesberger, Chris (2002, June 5th). Five emerging Java development trends. Retrieved May 9, 2009, from Tech Republic Web site: http://articles.techrepublic.com.com/5100-10878_11-1046208.html

Gibson, Barbara System X Takes on the Grand Challenge. Retrieved May 9, 2009, from Apple – Science – Profiles – Virginia Tech Web site: http://www.apple.com

Collaboration-Enabled Business Transformation. Retrieved May 10, 2009, from Cisco Web site: [URL Removed Broken link]

AMD, BSD, Cisco Web, HP, IBM, Kucera Clothiers, Kucera Cothiers, Microsoft, Microsoft Windows, Sun Solaris, Tech Republic Web, Virginia Technical University, location, security

Business Trends

By Dave in Education
2009-05-09

[Abstract]
The purpose of this document is to describe two different business trends and determine if current business trends have a positive or negative affect on the company by utilizing a scenario of a store that has multiple sites and locations to deliver products in a fast and efficient manner. The corporate IT strategy of Kucera Clothiers is to improve IT communications throughout the organization. There are three projects under consideration to assist the organization in communications. One project is to use wireless networks in order to access data faster. Another project involves using a collaborative system that allows for synchronous and asynchronous communications. The third project involves using a customer resource management system, however this project requires replacing previous systems and a lot of lead-time to deliver the system for operations. This document is intended for anybody looking to gain a basic knowledge or understanding of business trends and how they can affect a business.

[Content]
There are many different trends in business that can affect different companies in different ways, in order to better understand how a couple of the trends will affect Kucera Clothiers, it is best to look analyze a couple and apply them to Kucera‚Äôs current business strategy. Kucera Clothier‚Äôs current business IT strategy is to improve communications between the corporate office and all of the 3,500 different locations throughout the world. With any business strategy it is important to utilize a product, service or technology to benefit the company in as many ways as possible. One major result from a well-designed business strategy is an increase in revenue or an increase in customer satisfaction. Another major result from a business strategy is to maximize a total return of investment on a good, service, or even technology the company has invested in. When a company allocates resources to provide a product, service, or technology based upon their business strategy they want to ensure they are able to maximize the amount of revenue it can generate for the company, as well as, knowing how business trends can affect their business.

Computer software and how the software is written is an example of a business trend that can affect how a company conducts business. The object-oriented software platform Java is a technology that can greatly impact a company. By cross-platform functioning Java proves itself to be a valuable asset to many Kucera as Kucera is able to provide solutions that meet their business needs without rewriting software applications to function on each individual computing platform. Many businesses have been utilizing Java, not only because of its cross-platform abilities, but also because of its ease of use to write applications in as opposed to some of the other and more difficult programming languages like C, C++, Cobalt, Fortran, etc. Java benefits companies because it does not have high priced licensing costs as other programming languages due to its open-source nature. Java has the flexibility to support applications on low-end systems like handheld devices, but it also can support applications on super computers, however it is especially strong in web and enterprise applications (Preimesberger, 2002). By Kucera having an enterprise application written in Java, Kucera can easily support the application on a wide variety of devices and maximize their overall return on investment while improving communications throughout the organization.

Many businesses have been trying to be more environmentally conscious by reducing their network server footprint and turning to a clustered server architecture. A cluster is a series of computer hardware devices that function as a single system. The server cluster allows servers to share valuable resources like memory, storage space, network connectivity, and even processing cycles in order to serve user demands (Dubash, 2006). A server cluster can prove to be a valuable asset to Kucera Clothiers because it provides a low-cost solution that has the ability to be flexible and grow with the organization. Server clusters provide additional value to a business because they do not rely on a single vendor as a single server manufacturer or multiple manufacturers can be used to create a cluster. Businesses use server clusters to provide many IT services such as e-mail, web, file sharing, or other enterprise services. With businesses choosing to have a centralized cluster of servers, the amount of IT support personnel needed to maintain and administer the cluster is greatly reduced, resulting in a high rate of return on a relatively low-cost of investment. Business trends show that many organizations are turning to server clusters to provide a low-cost business solution that has the ability to grow with the organization and requiring a smaller amount of IT support staff, while having a greater impact on the environment.

In conclusion, when a Kucera Clothier‚Äôs decide to invest in a product, service, or even a technology, they are looking to maximize their revenue and obtaining a higher rate of return on their investment. Being aware of business trends that exist in the market can help the company to maintain their competitive edge. A couple business trends that can greatly benefit Kucera Clothiers is to utilized a network server cluster that can be administered from a centralized location, while writing business applications in Java in order to provide a cross-platform solution to support a wide range of devices and ideally align with their corporate IT business strategy.

References
Preimesberger, Chris (2002, June 5th). Five emerging Java development trends. Retrieved May 10th, 2009, from Tech Republic Web site: http://articles.techrepublic.com.com/5100-10878_11-1046208.html
Dubash, Manek (2006, June 9th). Microsoft releases Windows Compute Cluster Server 2003. Retrieved May 10, 2009, from Tech World Web site: http://www.techworld.com/news/index.cfm?newsID=6189

IT, Kucera Clothiers, Tech Republic Web, Tech World Web, Windows Compute Cluster Server, location, software applications, support, want, wireless networks

Affairs

By Dave in Humor
2009-05-07

First Affair

A married man was having an affair with his secretary. One day they went to her place and made love all afternoon. Exhausted, they fell asleep
and woke up at 8 PM. The man hurriedly dressed and told his lover to take his shoes outside and rub them in the grass and dirt. He put on his shoes and drove home.
“Where have you been?” his wife demanded.
“I can’t lie to you,” he replied, “I’m having an affair with my secretary. We had sex all afternoon.”
She looked down at his shoes and said: “You lying bastard! You’ve been playing golf!”

The 2nd Affair

A middle-aged couple had two beautiful daughters but always talked about having a son. They decided to try one last time for the son they always wanted. The wife got pregnant and delivered a healthy baby boy. The joyful father rushed to the nursery to see his new son. He was horrified at the ugliest child he had ever seen.
He told his wife: “There’s no way I can be the father of this baby. Look at the two beautiful daughters I fathered! Have you been fooling around behind my back?”
The wife smiled sweetly and replied: “No, not this time!”

The 3rd Affair

A mortician was working late one night. He examined the body of Mr. Schwartz, about to be cremated, and made a startling discovery. Schwartz had the largest private part he had ever seen!
“I’m sorry Mr.. Schwartz,” the mortician commented, “I can’t allow you to be cremated with such an impressive private part. It must be saved for posterity.” So, he removed it, stuffed it into his briefcase, and took it home.
“I have something to show you won’t believe,” he said to his wife, opening his briefcase.
“My God!” the wife exclaimed, “Schwartz is dead!”

The 4th Affair

A woman was in bed with her lover when she heard her husband opening the front door.
“Hurry,” she said, “stand in the corner.”
She rubbed baby oil all over him, then dusted him with talcum powder.
“Don’t move until I tell you,” she said. “Pretend you’re a statue.”
“What’s this?” the husband inquired as he entered the room.
“Oh it’s a statue,” she replied.
“The Smiths bought one and I liked it so I got one for us, too.”
No more was said, not even when they went to bed. Around 2 AM the husband got up, went to the kitchen and returned! with a sandwich and a beer.
“Here,” he said to the statue, have this. I stood like that for two days at the Smiths and nobody offered me a damned thing.”

The 5th Affair

A man walked into a cafe, went to the bar and ordered a beer.
“Certainly, Sir, that’ll be one cent.”
“One Cent?” the man exclaimed.
He glanced at the menu and asked: “How much for a nice juicy steak
and a bottle of wine?”
“A nickel,” the barman replied.
“A nickel?” exclaimed the man.
“Where’s the guy who owns this place?”
The bartender replied: “Upstairs, with my wife.”
The man asked: “What’s he doing upstairs with your wife?”
The bartender replied: “The same thing I’m doing to his business down here.”

The 6th Affair

Jake was dying. His wife sat at the bedside.
He looked up and said weakly: “I have something I must confess.”
“There’s no need to, “his wife replied.
“No,” he insisted,
“I want to die in peace. I slept with your sister, your best friend, her best friend, and your mother!”
“I know,” she replied. “Now just rest and let the poison work.”

AM, First Affair, One Cent, PM, friend, husband, love, secretary, wife, work

1st Day on the Job

By Dave in Humor
2009-05-06

So after landing my new job as a Wal-Mart greeter, a good find for many retirees, I lasted less than a day…… About two hours into my first day on the job a very loud, unattractive, mean-acting woman walked into the store with her two kids, Yelling obscenities at them all the way through the entrance.

As I had been instructed, I said pleasantly, ‘Good morning and welcome to Wal-Mart. Nice children you have there. Are they twins?’

The ugly woman stopped yelling long enough to say, ‘Hell no, they ain’t twins. The oldest one’s 9, and the other one’s 7. Why the hell would you think they’re twins? Are you blind, or just stupid?’

So I replied, ‘I’m neither blind nor stupid, Ma’am, I just couldn’t believe someone slept with you twice. Have a good day and thank you for shopping at Wal-Mart.’ My supervisor said I probably wasn’t cut out for this line of work.

Wal-Mart, kids, shopping, supervisor, work

Strategic Information Management in Corporate Strategy

By Dave in Education
2009-05-03

[Abstract]
The purpose of this document is to critically examine the role of information management in corporate strategy by utilizing a scenario of a store that has multiple sites and locations to deliver products in a fast and efficient manner. The corporate IT strategy is to improve IT communications throughout the organization. There are three projects under consideration to assist the organization in communications. One project is to use wireless networks to access data faster. Another project involves using a collaborative system that allows for synchronous and asynchronous communications. The third project involves using a customer resource management system; however, this project requires replacing previous systems and a lot of lead-time to deliver the system for operations. This document is intended for anybody looking to gain a basic knowledge or understanding of strategic information management.

[Content]
The retail clothing company Kucera Clothiers, with over 100,000 employees in 3500 locations, is looking to improve its corporate IT strategy. The company’s desired corporate strategy is to improve communications between the corporate headquarters, satellite offices, and distribution centers while enhancing access to corporate records and customer accounts, both in the office and during travel. This will result in shorter times for purchase orders to be sent to distribution centers and for products to reach customers. The company has narrowed down the options to three projects that will best suit their needs. The first option involves providing wireless network connectivity with associated devices to provide access to all necessary data and services at all locations. The second option involves providing a collaboration system accessible on the Intranet or over the Internet, using both synchronous and asynchronous forms of communication. However, this system requires deploying new software and employee training. The third option involves implementing a customer resource management system throughout the organization, replacing previous systems, and requiring a substantial lead-time for implementation and employee training.

When considering the corporate strategy alongside the proposed projects, it becomes evident that the use of a collaboration system best aligns with the company’s goals and is also the most cost-effective solution. Synchronous and asynchronous forms of communication can be viewed as active or passive communication methods. This aligns directly with the corporate strategy, as employees at physical locations or on the road can actively engage in communication or post messages for others to view in the collaboration system. This can significantly enhance communication between sites and corporate offices. For instance, a traveling salesman can quickly communicate a customer’s needs through the collaboration system, initiating an efficient order process that involves the sales manager, accounting, and the distribution center, all before the salesman returns from the trip. This example illustrates the value of the collaboration system and its direct relevance to the corporate strategy. Moreover, as the system can be accessed via the Internet or Intranet, communication and information access are possible from anywhere in the world. The online collaboration system aligns well with the corporate strategy, meeting both company and customer needs.

Comparing the collaboration system proposal to the wireless network and the customer resource management system proposals, it is evident that the conditions for success are more favorable for the collaboration system. The collaboration system can be accessed via the company’s Intranet or the Internet using a network-based or web-based interface. When employees travel, they can communicate synchronously or asynchronously. The system can be deployed swiftly through software installation and web-based training, ensuring efficient global employee training. The only drawback is that delaying the realization of this solution could result in revenue loss and decreased customer satisfaction. In contrast, the wireless network proposal presents multiple drawbacks. The costs associated with wireless networking equipment, computers, PDAs, and their distribution, installation, and training are prohibitively high. The time required for purchasing, inventorying, testing, and installing this equipment is also impractical, resulting in potential revenue and customer losses. Furthermore, this proposal does not align with the corporate strategy due to limited wireless access points. The customer resource management (CRM) system appears promising in aligning with the corporate strategy, providing efficient data access, but it has significant drawbacks. Replacing current systems and the time and resources needed for implementation and training make this option unsuitable for an established company like Kucera Clothiers.

In conclusion, applying strategic information management to the role of information management in corporate strategy requires a thorough evaluation of available options to determine the most suitable solution based on company goals and strategies. Factors such as time, cost, resources, legacy support, training methods, communication, and return on investment have been considered in selecting the ideal solution. Applying strategic information management techniques has determined that the collaboration system best suits the company’s current and future goals while aligning with the desired corporate strategy.

CRM, Kucera Clothiers, Massachusetts Thomas Learning Inc, PDA, employee, information management, location, manager, salesman, web-based training, wireless network, wireless networks

Strategic Information Management

By Dave in Education
2009-05-02

[Abstract]
The purpose of this document is to provide a basic understanding of managing information systems by utilizing a scenario of a store that has multiple sites and locations to deliver products in a fast and efficient manner. The corporate IT strategy is to improve IT communications throughout the organization. There are three projects under consideration to assist the organization in communications. One project is to use wireless networks in order to access data faster. Another project involves using a collaborative system that allows for synchronous and asynchronous communications. The third project involves using a customer resource management system, however this project requires replacing previous systems and a lot of lead-time to deliver the system for operations. There are specific questions that are answered within this document as it pertains to the scenario. How is the project you selected consistent with Kucera Clothiers’ IT strategy? Why would Kucera Clothiers consider implementing your selected project at this time? Why not later? What issues would arise by not implementing the other projects first? This document is intended for anybody looking to gain a basic knowledge or understanding of strategic information management.

[Content]
The retail clothing company Kucera Clothiers with over 100,000 employees in 3500 locations is looking to improve their corporate IT strategy. The company‚Äôs desired corporate strategy is to improve communications between the corporate headquarters and the satellite offices while improving access to corporate records and customer accounts as personnel are either in the office or travelling. The company has narrowed the options down to three projects that will best suite their needs. The first option involves providing wireless network connectivity with associated devices in order to provide access to all necessary data and services at all of their locations. The second option involves providing a collaboration system that is either accessible on the Intranet or over the Internet, but the system involves a deployment of a new software system and training for employees. The third option involves the implementation of a customer resource management system throughout the organization, which replaces any previous systems, and there is a lot of lead-time that is needed to both implement the system and train employees.

The company has requested assistance with analyzing the options and making a managerial decision of which one to implement, it is best to first choose the option that aligns well with the corporate IT strategy. The option that best aligns with the desired corporate strategy is the second option where a collaboration system will be installed and utilized throughout the organization. A reason this best aligns with the corporate strategy is because it is going to meet all of the requirements that have been identified by the company by allowing everybody to have access to the desired information both while they are at a brick and mortar location and while they are travelling (Frenzel, Frenzel, 2004 P.71). This method is also the best choice because the company has so many locations, that all the different site locations cannot be treated the same because their network connectivity costs may differ from location to location and this puts the responsibility in each location‚Äôs hands to determine which method of access the Intranet or Internet will best suites their needs. This also allows personnel who are travelling to choose which method to connect to the Internet best suites their needs and they can still have access to the desired information. Also due to the use of the collaboration system the training costs and time it takes to train all the employees will be minimal. The collaboration system may utilize online training to inform all the employees of how to use the system in which each employee can access the training as their schedules allow. The overall software costs of a collaboration system are minimal compared to the costs that would entail network infrastructure upgrades for every location, as seen in the first option. The time it takes to implement and train all employees to use the collaboration system is minimal compared to the time needed for the implementation of the customer resource management, as seen in the third option. The second option best aligns with the corporate IT strategy because it is easy to implement with minimal costs and minimal training time required to train all employees while still meeting all requirements that have been identified by the company.

The implementation of a collaboration system can easily be and should be implemented immediately in contrast to the other options. It is imperative to implement the collaboration system immediately because the company will be able to function much more efficiently with low costs and little training time needed (Frenzel, Frenzel, 2004 P.82). The time and money needed for both implementation and training for the first and third options is so great that it would be a poor business decision to wait to implement the collaboration system. Although the collaboration system could be implemented after the installation of the wireless network, as seen in the first option, however by doing so each of the locations do not have access to corporate records, customer accounts, and the just-in-time inventories will be delayed which will result in loss of customers and revenue for the company. The collaboration system best aligns with the corporate IT strategy, it is able to be implemented immediately, and by delaying the implementation of the system can result in loss of customers and revenue.

In conclusion, when making strategic managerial decisions there are many considerations to take into account. Some of the considerations include how well the chosen options align with the business objectives, how much will each option cost the company in both return on investment or loss of revenue, how much time is needed for both implementation of the option and how much time is needed train all the necessary personnel, and finally are there any organization considerations that could affect the implementation of any of the options. After taking all of the considerations into account, one can weigh the options and it may be apparent to see that for this scenario the collaboration system is truly the best choice for the Kucera retail clothing company.

References
Frenzel, Frenzel, Carroll W., John C. (2004). Management of Information Technology Fourth Edition. Boston, Massachusetts: Thomas Learning Inc..

Information Technology, Information Technology Fourth Edition, Kucera Clothiers, Massachusetts Thomas Learning Inc, Thomas Learning Inc., employee, information management, information systems, location, money, train, wireless network, wireless networks

Grandma & Grandpa

By Dave in Humor
2009-05-01

Grandma and Grandpa were visiting their kids overnight.

When Grandpa found a bottle of Viagra in his son’s medicine cabinet, he asked about using one of the pills.

The son said, “I don’t think you should take one Dad; they’re very strong and very expensive.”

“How much?” asked Grandpa.

“$10.00 a pill,” Answered the son.

“I don’t care,” said Grandpa, “I’d still like to try one, and before we leave in the morning, I’ll put the money under the pillow.”

Later the next morning, the son found $110 under the pillow. He called Grandpa and said, “I told you each pill was $10, not $110.

“I know,” said Grandpa. “The hundred is from Grandma!”

Grandpa, USD, Viagra, expensive, kids, money, morning, pills

View of Honolulu from Airport

By Dave in Events, Photos, Travel
2009-04-30

As I was at the Honolulu airport today I took a photo in the direction of Honolulu, Waikiki, and Diamond head. Here is what that view looks like.

photo

Cyber Crime Offenders

By Dave in Education
2009-04-26

[Abstract]
The purpose of this document is intended to discuss motives, opportunity, and means of typical cyber offenders. Also included within this document are three different reasons of why some cyber crime offenders are prosecuted, while others are not. This document is intended for anybody looking to gain a basic understanding of why different people partake in cyber crimes and why everybody who commits a cyber crime is not prosecuted.

[Content]
When a cyber crime to be prosecuted there needs to be proof that shows the suspect displayed intent to commit a crime. In many cases suspects are not prosecuted because there was not intent to commit a crime. In order for a person to display an intent to commit a crime they need to display that their intentions were for monetary gain, power, vindictiveness, peer recognition, curiosity, or testing computer network security (Rogers, 2000). There are many reasons behind why a person commits a cyber crime either knowingly or unknowingly. Some of the possible reasons a person commits a cyber crime can range anywhere from revenge to identity theft. This paper breaks down different motives behind why a person commits a cyber crime and an explanation of why some crimes are prosecuted and why others are not.

An individual may commit a cyber crime for many different reasons; one of those reasons is simply ego. Their ego can be a motivation behind committing a crime because the individual is presented with a challenge to defeat the computer security either by gaining unauthorized access onto a computer network or if they cannot gain access onto the network the suspect utilized the philosophy of, “If I can’t gain access, then nobody can.” That philosophy is most likely seen during the event of a denial of service attack against a website or a company’s services. Another reason ego can be the root cause behind why a cyber crime is committed is because the individual may be looking to gain recognition amongst their peers. There are many different types of hackers on the Internet or even a person whom cannot be classified as a hacker and looking to gain recognition from others for what they have done. Ego is a motive behind why many cyber crimes are committed, whether an individual is committing the crime for personal satisfaction or if they are looking to gain gaining access to an organization or club or just simply looking to get recognition from their peers.

Over the course of time there are many different crimes that have been committed and as technology grows the different types of crimes evolve and the leading cause behind a crime being committed is money (Krone, 2008). Money is a major motivating factor behind many things; it is no different for cyber crimes. There are different ways a person can commit a crime when money is the motivating factor. One way that a person can commit a crime when money is their motive is by phishing. When a person is phishing this means they sent e-mail to many users requesting their credentials so that the suspect can steal their money. Another method of gaining monetary value is by identity theft. Identity theft is when a suspect illegally acts on behalf of another individual in attempt to gain money. Another method a suspect can gain monetary value is by selling lists of people’s information. These are just a few methods that hackers can use to gain monetary value, however money is the root cause behind why many cyber crimes are committed.

As fore mentioned, there are different reasons why one person is prosecuted for committing a cyber crime and why others are not. One reason is due to the lack of intent to cause a crime. When there is not intent displayed that the individual knowingly wanted to commit a crime, and then the legal proceedings can be rather cumbersome to ensure the individual is convicted. Another reason a person may not be convicted of a cyber crime is because the evidence was tainted either when it was be collected or when it was analyzed. Evidence can be tampered in many ways, but one way that evidence is tampered is by when a forensic investigator is examining the evidence they modify the original evidence instead of working with a duplicate of the evidence. In some events a person can get away with a cyber crime because there is not enough cooperation between different governments or laws prohibiting another government to intrude on an individual’s privacy (Swartz, 2008). Even though laws have came a long way, there are still many laws that are outdated or do not apply to certain instances of cyber crime.

In conclusion, there are many motivating factors behind why a person or persons would want to commit a cyber crime. The motivating factors behind cyber crimes may vary, however money is the leading reason, ego, power, revenge, peer recognition, curiosity, and conducting network security tests. When a person is caught committing a crime there are different reasons behind why one person may be convicted and another may not. The reasons behind why some people are convicted and others are not can be because evidence was tainted, out dated laws preventing the prosecution of an individual, lack of evidence showing intent to commit a crime, or even because the lack of cooperation between different government agencies of different countries.

References
1. Rogers, Larry (2000). Cybersleuthing: Means, Motive, and Opportunity. Security Matters, 3, Retrieved April 25th, 2009, from http://www.sei.cmu.edu/news-at-sei/columns/security_matters/2000/summer/security-sum-00.htm
2. Krone, Tony (2008, March 25th). Hacking motives. High Tech Crime Brief, 6, Retrieved April 25th, 2009, from
3. Swartz, Jon (2008, November 17th). Hackers, phishers can’t get away with it like they used to. Retrieved April 26, 2009, from USA Today Web site: http://www.usatoday.com/tech/news/computersecurity/hacking/2008-11-16-hackers-phisher-crime-fbi_N.htm

Cybersleuthing Means, Federal Bureau of Investigation, Governor, High Tech Crime Brief, Retrieved April, Security Matters, forensic investigator, money, news, people, philosophy, want

Justice System and Forensic Investigators

By Dave in Education
2009-04-25

[Abstract]
The purpose of this document is to discuss three elements of the United States justice system and how they relate to a forensics investigator. This document is intended for anybody looking to gain a basic understanding or knowledge of how the justice system applies to forensic investigators.

[Content]
Since the advent of the Internet there has been a lot more cyber crimes being committed in which digital forensic investigators need to analyze evidence and be able to present it in a way that adheres to the law and allows for a conviction. The law affects forensic investigators in many different ways, whether it be the way that evidence is collected, what types of evidence are allowed to be collected, the way a premises is searched, or even the way evidence is presented in a court of law. No matter how the law affects a forensic investigator it is the investigators job to be able to gather evidence in a manner that is well within the scope of the law.

The U.S. Constitution‚Äôs 4th Amendment identifies that a person, their home, papers, or effects shall not be searched without permission, unless there is reasonable cause to do so (Findlaw, 2009). This means that forensic investigators can‚Äôt go around being forensic vigilante‚Äôs searching other people‚Äôs residence for evidence to use against them‚Ä¶unless there is probable cause to and/or permission has been granted. This Amendment also states that if evidence is in plain view that it is admissible in court. This affects forensic investigators because forensic investigators can‚Äôt go search other people‚Äôs residence and belongings without a warrant or if there is probable cause. If forensic investigators were at the residence for some other reason other than looking for evidence, but they happened to see some evidence that was in plain view, then that evidence would be allowed in a court of law. The U.S. Constitution‚Äôs 4th Amendment protects people from unauthorized searches unless a court issues a warrant because there is probable cause.

The U.S. PATRIOT Act affects forensic investigators because the Act states that if somebody is a suspect of either domestic or foreign terrorism, then it is authorized to search and gather evidence against the suspect (107th Congress, 2001). This Act has been debate of much controversy because people argue that this act allows for the infringement of people‚Äôs civil liberties. The Act is intended to allow officials the ability to search and gather evidence either by electronic surveillance or other means in order to protect the country from foreign or domestic terrorists. The Patriot Act can affect forensic investigators by a government agency or offices may use the services of investigators to gather evidence against suspected terrorists. The Patriot Act can also affect forensic investigators because the Patriot Act is not authorized to conduct a search if it interferes with a previous ongoing investigation. The U.S. PATRIOT Act of 2001 enables government agencies to use the services of forensic investigators to gather evidence against suspected terrorists as long as it doesn‚Äôt interfere with any other investigations.

Forensic investigators need to know the U.S. Statutory laws and how these laws affect them. The U.S. Statutory laws consist of three different statues the Wiretap Act, Pen Registers and Trap and Trace Devices Statute, and the Stored Wired and Electronic Communication Act (US-CERT, 2008). If forensic investigators do not comply any of these statues with the result could be a stiff fine or imprisonment. By forensic investigators not knowing the laws it could greatly affect a criminal investigation and could put the investigator in jail for failure to comply with the law.

In conclusion, forensic investigators provide a bridge for gathering evidence from different types of technologies and presenting them before the U.S. Judicial system. In order for forensic investigators to successfully complete their job, they need to know the laws and how to operate within the limitations of the laws; otherwise they could end up in prison. Forensic investigators are not allowed to arbitrarily search people‚Äôs home, documents, or other belongings without permission or unless there is reasonable cause. Forensic investigator services may be allowed to search for evidence of a person who is either a foreign or domestic terrorist as long as it doesn‚Äôt interfere with any other government investigations.

References
1. FindLaw: U.S. Constitution: Fourth Amendment: Annotations pg. 1 of 6. Retrieved April 26, 2009, from FindLaw: U.S. Constitution: Fourth Amendment: Annotations pg. 1 of 6 Web site: http://caselaw.lp.findlaw.com/data/constitution/amendment04/01.html#1
2. Public Law 107-56 107th Congress. Retrieved April 26, 2009, from Public Law 107-56 107th Congress Web site:
3. (2008). Computer Forensics. Computer Forensics, Retrieved April 26th, 2009, from http://www.us-cert.gov/reading_room/forensics.pdf

Computer Forensics, Congress Web, Constitution Fourth Amendment Annotations, Patriot Act, Public Law, Retrieved April, United States, Wiretap Act, failure, forensic investigator, investigator, jail, people

Mikey from American Chopper

By Dave in Events, Travel
2009-04-23

Today I was walking down the street in Waikiki and I saw Mikey Tuttle from the t.v. show American Chopper. That was pretty cool, but unfortunately I didn’t get my camera out in time to take a photo. It was probably good that I didn’t take a photo anyway. I’m sure people like him get sick of everybody bothering them while they are on vacation. It was still pretty neat.

American Chopper, Events, Mikey Tuttle, people, photo

Jimmy Buffett’s at the Beachcomber

By Dave in Events, Food, Photos, Travel
2009-04-21

Today I went to Jimmy Buffett’s at the Beachcomber restaurant in Waikiki, Hawaii. I went there for lunch so there wasn’t a band playing or any drinking going on or anything, but it was a nice atmosphere and it had pretty good food. Here are a few of the photos I took.

Hawaii, drinking

Software Applications Forensic Investigators Use

By Dave in Education
2009-04-19

[Content]
In the realm of computer forensics, there are many different software applications and hardware that digital forensic investigators need to use to find evidence against a crime that was committed, protect the evidence so that it maintains its integrity, and then present the evidence that was found. The vast majority of software applications that are used by forensic investigators are used to help them find the evidence they are trying to attain. The software applications in use can range from anything such as a root kit to an encryption cracking application. Sometimes there is actually a need for hardware devices to aid the investigators to accomplish their job. In most cases there is a combination of both software applications and hardware devices to assist a forensic investigator in doing their job.

One key hardware device that forensic investigators may have to use is called a write-blocker. A write-blocker allows a forensic investigator to read the contents of a device, such as a storage device or hard drive, but it prevents anything from being written to the drive (NIST, 2008). This helps forensic investigators maintain the integrity of the evidence because if they were allowed to write to the drive, the drive could either become corrupted or the evidence could be tainted. Write-blockers come in all shapes and sizes and more importantly they support different computing standards so that different types of devices can be read, but not written to. Some of the devices that a write-blocker can be used to interface with are USB hard drives, IDE hard drives, SATA hard drives, ESATA hard drives, thumb drives, firewire hard drives, and the list goes on. A write-blocker can be used by forensic investigators to aid them in preserving a drive‚Äôs contents, while allowing the investigators to read the data contained on the drive.

A root kit is a software application or multiple applications that are used to hide or conceal that a system has been compromised through methods of subversion or evasion. One root kit that was aimed at Apple’s OS X operating system is called Reopen-A or just Reopen for short. This root kit functions by somebody with administrative permissions installing it onto a system. Because this root kit requires administrative access to be first installed, it is considered a low security threat. It functions by trying to copy files of itself into the “/System/Library/StartupItems” directory. Reopen also creates a directory called “.info” in the root directory and then it tries to capture password hashes and application configurations. Some of the applications that this root kit tries to capture data for are: FTP servers, web servers, VNC, browsers, and a bunch of other applications (SOPHOS, 2004). Reopen also tries to modify file and directory permissions so that they are read/writeable by anybody. Reopen is a root kit that tries to modify settings on a computer running OS X and it also tries to capture account information to include logins and passwords and it does this by creating a directory on the host computer.

A version of a rootkit that was aimed at the Microsoft Windows operating system is called, “Win2K Rootkit.” This rootkit functions by installing a bogus “.dll” file and when the file is executed this rootkit has full control over all resources on the system. This rootkit hides processes on the system that it is running and entries it makes in the systems registry (Bobkiewic, 2003). Another interesting thing that this rootkit does is sniffs keyboard strokes, in attempt to capture usernames and passwords. The Windows rootkit is similar to the OS X rootkit, however it was designed to run on the Windows operating system and it has some additional features and full control over the system. The Windows rootkit functions by installing a fake driver on the system and then when the driver is executed the rootkit has full control over the system and resources, which it uses to capture data.

Adore-ng is a rootkit designed to take aim at the Linux operating system. This rootkit has an advanced promiscuous mode that hides promiscuous flags. Adore also has a persistent file and directory hiding. Adore is sophisticated enough to have process hiding and netstat hiding with a root-shell backdoor (Liston, 2004). This allows a remote user to be hidden as they have root access on the system. A version of Adore has also been ported to work on BSD. The Linux rootkit has some advanced hiding and promiscuous mode hiding features that include a root-shell backdoor to give somebody full control of the system.

In conclusion, forensic investigators have to overcome obstacles from applications like rootkits, which are designed to hide their existence on a system. There are many different types of rootkits, some are aimed at Windows systems, Apple’s OS X, Linux OS, and almost every other operating system on the market. When forensic investigators are searching for data they can use a hardware device called a write-blocker that allows them to read the contents of a device, but protects against corrupting data or tainting evidence by blocking the ability to write to the drive.

References
1. (2008, December 8th). Hardware Write Block. Retrieved April 19, 2009, from National Institute of Standards and Technology Web site: http://www.cftt.nist.gov/hardware_write_block.htm
2. (2004, October 25th). SH/Renepo-A. Retrieved April 19, 2009, from SOPHOS Web site: http://www.sophos.com/security/analyses/viruses-and-spyware/shrenepoa.html
3. Bobkiewic, Bartosz (2003, January 23rd). Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment. Retrieved April 19, 2009, from Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment Web site: http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html
4. Liston, Tom (2004, January 6th). Adore-ng 0.31 released. Retrieved April 19, 2009, from SANS Internet Storm Center; Cooperative Network Security Community – Internet Security – isc Web site: http://isc.sans.org/diary.html?storyid=78

antivirus and malware, computer security, hardware, operating systems, technology and computing

A View of Diamond Head from Waikiki Beach

By Dave in Events, Photos, Travel
2009-04-19

Took a walk on Waikiki beach and took a couple of photos of Diamond Head.

Diamond Head, Hawaii, Waikiki, Waikiki Beach

Hilton Hawaiian Village

By Dave in Events, Photos, Travel
2009-04-18

I got roped into going on a business trip for training and they twisted my arm to fly to Hawaii where I stayed in the Hilton Hawaiian Village. Overall this was a nice hotel with nice services, however it was a bit pricy and it seems as though it is a trap. The hotel has everything that you want to prevent you from ever leaving. It is close enough to Waikiki to either walk or take the trolley. A nice stroll down the beach is always an nice venture. Here are some photos I took of my room, views from around the hotel, and even the views from the beach.

Hilton Hawaiian Village, want

Hashing Algorithms and CRC Uses

By Dave in Education, Technology
2009-04-11

[Abstract]
The purpose of this document is to provide a basic understanding of how hashing algorithms and cyclic redundancy checks can be used for evidence, authentication, and filtering. This document is intended for anybody looking to gain a basic understanding or knowledge of how forensic investigators find evidence to be used in a court of law.

[Content]
Forensic investigators need to use a variety of techniques, software applications, and thoroughly document every little detail about the systems they are gathering evidence from. Forensic investigators are responsible for collecting data and information from many types of volume storage devices, memory sources, and many types of removable storage devices. When forensic investigators are searching for evidence they may have to attempt to decrypt data that has been encrypted or put through a hashing algorithm. Forensic investigators may also have to remove valuable data off of a memory module by working with the cyclic redundancy checks. They may also have to use the hashing algorithms or cyclic redundancy checks (CRC) for authentication and filtering. To better understand how forensic investigators are able to use hashing algorithms and cyclic redundancy checks for authentication and filtering the next couple paragraphs will attempt to further explain.

There are four different hashes forensic investigators need to be familiar with in order to know which one is best suited for authentication and filtering (Hurlbut, 2009). One hashing method is called the cryptologic hash. The cryptologic hash is used for validating media by locating exact duplicate files and allowing forensic investigators to skip over files that are known to have no evidence contained within. The second hashing method is called the rolling hash. The rolling has is used to identify segment boundaries by using a reset point that is generated by the rolling hash engine in order to determine where different segments are created. Another hashing method is called the Context Triggered Piecewise Hash. This hashing method is based upon the traditional hashing method, however it also draws comparisons between documents that are similar, but are not exactly the same. The final method of hashing is called the fuzzy has method. The fuzzy has method is able to compare an active document to partial files that may have been recovered from unallocated space on a system volume. When forensic investigators are trying to determine the best hashing method to use for authentication and filtering it may be apparent that the traditional hashing method may be best suited for authenticating, however the context triggered piecewise hash may be more ideal for filtering through evidence that may not be identical copies of files. Due to the context triggered piecewise hashing being based off the traditional hashing method and having the flexibility of sorting through files that are not exact duplicates of files, this method may be the most ideal method for authenticating and filtering through files while looking for valuable evidence.

A cyclic redundancy check is a mathematical check on data to ensure it is an exact duplicate of data and has not been altered in anyway. By performing a CRC on data a forensic investigator is able to ensure they have an exact duplicate of the suspect files so they can work with the duplicate without contaminating the original evidence. A CRC validates the data has not been altered in anyway and therefore the data has been authenticated with the CRC (Volonino, Anzaldua, and Godwin, 2007). After forensic investigators have performed the CRC on the data and created identical duplicate files, they are then able to filter through the duplicated data so that the original data is not tampered in anyway. There are a number of software applications that forensic investigators may have to use to filter through data and some of the software applications may even use one of the previously mentioned hashing methods. Cyclic redundancy checks on data allows forensic investigators to authenticate data so they have exact duplicates of files to work with when they are trying to filter through data and look for valuable evidence.

In conclusion, forensic investigators may have to use a series of software suites to gather valuable evidence to be used against a suspect. Forensic investigators can use cyclic redundancy checks to authenticate data, which allows the investigator to create exact duplicates of the suspect files so that the investigator doesn’t tamper the original evidence. Once the data has been authenticated with the cyclic redundancy check, forensic investigators can then use different hashing algorithms to filter through the data in order to look for critical evidence to be used against a suspect. One hashing algorithm that may best suite the needs of a forensic investigator is the context triggered piecewise hashing method because this method allows the investigator to compare active files against fragments of files or files that are not exact duplicates, but still contain valuable evidence.

References
1. Hurlbut, Dustin (2009, January 9th). Fuzzy Hashing for Digital Forensic Investigators. AccessData, Retrieved April 11th, 2009, from http://www.accessdata.com/downloads/media/Fuzzy_Hashing_for_Investigators.pdf
2. Volonino, Anzaldua, and Godwin, (2007, August 23rd). Computer Forensics: Principles and Practices. Retrieved April 12, 2009, from Pearson Education Computer Forensics: Principles and Practices Web site:

CRC, Context Triggered Piecewise Hash, Pearson, Retrieved April, forensic investigator, investigator, software applications, work

Hostile Code and Forensic Investigators

By Dave in Education, Technology
2009-04-05

[Abstract]
The purpose of this document is to identify five different examples of hostile codes and how they impact information systems. Also included within this document is an explanation of how forensic investigators should find the sources of hostile code. This document is intended for anybody looking to gain a basic knowledge or understanding of hostile codes and how forensic investigators identify hostile codes.

[Content]
Hostile code can be defined as malicious or mal-intended software that functions on a computer system without authorization. There are different types of hostile code with different functions, however the means of which the hostile code arrives onto a computer system is the same. Some of the methods in which malicious software can gain access to a computer system are by system misconfigurations, compromised system identities, network infrastructure vulnerabilities, or even by users unknowingly installing the software themselves (James Madison University, 2009).

Two types of hostile code found in the form of viruses or worms. Viruses are hostile code because they replicate on a system by infecting files, master boot records (as found in hard drives), and volume boot records (as found in removable media). Viruses can be Trojan horses as they can be hidden within a program or a file. Worms are similar to viruses, however they self replicate and spread throughout systems. What makes worms different from viruses is that they do not need to attach themselves onto a program. Worms are essentially self-contained and they keep making copies of themselves. Worms and viruses are also different because viruses infect files and corrupt the files, whereas worms do not attempt to modify system files, but rather use valuable network bandwidth as they spread. Viruses can be contained or removed by using antivirus software. Ensuring a system is patched with the latest software patches to minimize vulnerabilities on the system can prevent Worms. Forensic investigators can get to the source of viruses or worms by reverse engineering the code.

Another type of hostile code is a type of malware or spyware called a browser hijacker. Browser hijackers are not as notorious as viruses or worms, but rather more of annoyances. Browser hijackers work by modifying browser settings such as setting the default homepage to something other than what was previously set or intended. They also have been known to change error pages or even search pages. Browser hijackers are used to drive hits to an Internet address or website. With many recent browser hijackers third-party software can be used to return the settings to normal or in many cases a simple reboot of the system will return the settings back to normal. Forensic investigators can find the source of browser hijackers by using third-party applications that are designed to deal with this particular form of hostile code.

Logic bombs, otherwise known as time bombs, are a form of hostile code. Logic bombs are malicious in nature and a disgruntled employee can insert them into a piece of software so that if they got fired or release this logic bomb would go off and perform its actions. Logic bombs are triggered by an event, such as a specific time or date, where they can perform a set of actions, like deleting files on a system. Logic bombs are easier for forensic investigators to find the root of the issue because they function based on a date or time, so forensic investigators can turn back the clock on a system in order to return the system back to its original state before looking for the code.

Keystroke loggers are a form of hostile code as their intentions are malicious in nature. Keystroke loggers are designed to capture the keystrokes that a user types into a system. The captured keystrokes are then sent over the network or the Internet in order to gain access to systems or obtain passwords. Keystroke loggers can serve a positive purpose for the police, FBI, CIA, or other government agencies looking to solve crimes, however their intended purposes for being developed was malicious in nature (New Zealand Police, 2006). Depending on the type of keystroke logger, forensic investigators can easily find the source by actively searching the system or by sniffing traffic being sent by the system in order to find the source.

In conclusion, there are many different types of hostile code that can be found on the Internet. Each type of code may have a different function, as can be identified between viruses, worms, browser hijackers, logic bombs, and even keystroke loggers. All of these are malicious in nature and are intended to perform actions other than what the system‚Äôs user wants, however most of the different types of code is preventable and the source of the problem can be found by forensic investigators.

References
1. (2009, March 18th). How They Break In. Retrieved April 5, 2009, from James Madison University Web site: http://www.jmu.edu/computing/security/info/howthe.shtml
2. (2006, April 9th). Keystroke loggers. Retrieved April 5, 2009, from New Zealand Police Web site: [URL Removed Broken link]

CIA, FBI, James Madison University Web, New Zealand Police Web, Retrieved April, Security, employee, engineering, information systems, work

Omiya, Japan

By Dave in Events, Photos, Travel
2009-04-04

Today I went to Omiya, which is located in the Saitama Prefecture, in Japan. There seems to be a lot of bars, restaurants, snacks, and other forms of entertainment in this area. Here are some of the photos I took of this adventure.

Japan, Saitama Prefecture

Why I Fired My Secretary

By Dave in Humor
2009-04-03

Last week was my birthday and I didn’t feel very well waking up on that morning.

I went downstairs for breakfast hoping my wife would be pleasant and say, ‘Happy Birthday!’, and possibly have a small present for me. As it turned out, she barely said good morning, let alone ‘ Happy Birthday.’

I thought… Well, that’s marriage for you, but the kids… they will remember. My kids came bounding down stairs to breakfast and didn’t say a word. So when I left for the office, I felt pretty low and somewhat despondent.

As I walked into my office, my secretary Jane said, ‘Good Morning Boss, and by the way Happy Birthday !’ It felt a little better that at least someone had remembered.

I worked until one o’clock , when Jane knocked on my door and said, ‘You know, It’s such a beautiful day outside, and it is your Birthday, what do you say we go out to lunch, just you and me.’ I said, ‘Thanks, Jane, that’s the greatest thing I’ve heard all day. Let’s go !’

We went to lunch. But we didn’t go where we normally would go.. She chose instead at a quiet bistro with a private table. We had two martinis each and I enjoyed the meal tremendously.

On the way back to the office, Jane said, ‘You know, It’s such a beautiful day… We don’t need to go straight back to the office, do We?’

I responded, ‘I guess not. What do you have in mind ?’ She said, ‘Let’s drop by my apartment, it’s just around the corner.’

After arriving at her apartment, Jane turned to me and said, ‘Boss, if you don’t mind, I’m going to step into the bedroom for just a moment. I’ll be right back.’

‘Ok.’ I nervously replied.

She went into the bedroom and, after a couple of minutes, she came out carrying a huge birthday cake … followed by my wife, my kids, and dozens of my friends and co-workers, all singing ‘Happy Birthday’.

And I just sat there….

On the couch…

Naked.

Good Morning Boss, Happy Birthday It, Last, kids, marriage, secretary, wife

Pavement Art

By Dave in Events, Travel
2009-04-02

Events

Greener Grass

By Dave in Humor
2009-04-01

Sometimes you can reach too far! And when you find yourself over-extended and you’re stuck in a situation that you can’t get out of, there is one thing you should always remember…….

Not everyone who shows up……Is there to help you!

grass, greener

Hunting Experience

By Dave in Humor
2009-03-31

We went hunting over the three day weekend and killed these two plus three smaller ones. I can’t remember how many shots it took, but it was a lot!

experience, hunting

Talk About Luck

By Dave in Humor, Photos
2009-03-30

Can you believe it? This guy wins 181 million in the lottery on a Wednesday, and then finds the love of his life just 2 days later. Talk about luck!

Lottery, Luck, Millions, love

Areas Digital Forensic Investigators Find Evidence

By Dave in Education, Technology
2009-03-29

[Abstract]
The purpose of this document is to provide a basic understanding of computer forensics by identifying five areas in computers and computer applications a forensic investigator can look for digital evidence. Also included within this document are three types of criminal investigations that can utilize the services of computer forensic investigators. Lastly, a description of these three types of criminal investigations can benefit from computer forensics. This document is intended for anybody looking to gain a basic knowledge or understanding of computer forensics and criminal investigations.

[Content]
With as much of technology that is in use today there may be a time that criminal investigative services may be required to collect data as evidence for criminal prosecution. The criminal investigative services may choose to use computer forensic investigators to gather the evidence to be used for prosecution. In order for a forensics investigator to be proficient at their job, they need to know where they can find the evidence they are looking for. The evidence forensic investigators look for is for the purpose of criminal investigation. There are different types of criminal investigations and there are different ways each of these investigations can benefit from forensic investigators.

When digital investigators are looking for evidence there are different areas where they can look. One of the simplest and most obvious place for investigators to look for evidence is on floppy diskettes, CD ROMs, DVD ROMS, Thumb drives, and any other type of removable media (Strickland, 2009). By looking on storage media criminal investigators can get an idea of what type of data is being stored or loaded onto the system. This can prove to be useful in the event that third-party applications are being used to circumvent investigations. By finding an application on a removable storage device, investigators can gather information that may be useful for returning a system back to its original condition when the crime was being committed. It is also possible that storage devices can provide clues or evidence against the suspects that are being investigated.

System storage devices are other places to look for digital evidence. System hard drives can storage mass amounts of data that can be used as evidence, however these mass storage devices may take longer to find the evidence depending on how many different types of applications were used, if anti-forensic software tools were used, and if encryption software was used. System and application log files, as well as, browser history and cache files, e-mails, digital photographs, and global positioning system logs can hold important pieces of data which can identify how the system was being used, what it was being used for, what types of crimes were being committed, and they can also tell an investigator about some of the software applications that were being used on the system (Kennedy, 2006). When a forensic investigator searches a hard drive they may have to use third-party software to search through Meta data that identifies what types of files reside on the system. Meta data is information that is used by the computer to, not only identify what type of file is on the computer, but also what files link to other files. Additional forensic tools may need to be used on a system storage device to look for evidence that is embedded within applications or even hidden. System storage devices can hold critical evidence, however depending on what software was used on the system, the recovery of the evidence can take long periods of time.

Computer memory is a place where forensic investigators can find chunks of data that was stored when the system was being used. As systems use more and more random access memory, this type of memory is used to store data for faster access during the system‚Äôs operation. Since RAM is used to store information when the system is being used, it is clearly a good location to find evidence. Although, RAM is used by the computer it is unlikely that the type of information that is found to be stored in RAM is going to be readable by humans, so forensic applications will most likely need to be used in order to find the critical evidence.

Documentation that has been printed out from a computer system is considered original documentation and is permissible as digital evidence. Under the best evidence rule, many judges allow digital printouts to be used as evidence. Digital printouts are considered original forms of work, as it is unique to the printer that was used when the crime was committed. Some printers even are sophisticated enough to have memory built into them and the memory found in the printer may contain digital evidence for forensic investigators.

There are many different types of criminal investigations, however some types of criminal investigations that can greatly benefit from digital forensics are investigations that involve crimes of: sex, hate, theft, narcotics, wrongfully accused, and even kidnapping. For crimes that involve sex, to include sex with minors, many times chat application log files can hold much evidence against the accused. For a crime of theft a spreadsheet that holds information like, items, serial numbers, locations, and other information can prove to be a great asset. Crimes that involve narcotics can benefit from possible chat log information, but more likely e-mail traffic can prove to be a greater asset for evidence. No matter which criminal investigation is being conducted the investigation can greatly benefit from the use of digital forensics.

In conclusion, there are many types of criminal investigations that can benefit from the use of forensic investigators. Many of the criminal investigations include crimes of sex, narcotics, hate, wrongfully accused, and kidnapping. When digital forensic investigators are being used to gather digital evidence for a criminal case some of the locations where evidence can be found include: printouts, removable storage devices, internal storage devices, application logs, browser history files, browser cache files, e-mail, random access memory, and possibly even printer memory. No matter what type of criminal offense was committed, as long as a computer was utilized to commit the crime, the different types of criminal investigations can benefit from digital investigators gathering evidence to prove the crime was committed.

References
1. Strickland, Jonathan (2009). How Computer Forensics Works. Retrieved March 29, 2009, from Howstuffworks “How Computer Forensics Works” Web site: http://computer.howstuffworks.com/computer-forensic.htm/printable
2. Kennedy, Ian (2006, August). Looking for foul play – digital forensics Part 2. Retrieved March 29, 2009, from Looking for foul play – digital forensics Part 2 Web site: http://www.bcs.org/server.php?show=ConWebDoc.6231

GPS, RAM, Retrieved March, device, encryption, forensic investigator, investigator, location, printer, software applications, work

Challenges Forensic Investigators Face

By Dave in Education, Technology
2009-03-29

[Abstract]
The purpose of this document is to provide a basic understanding of computer forensics by identifying five technology-related challenges that digital forensics investigators are faced with. Also included within this document are solutions to resolve each of the challenges. This document is intended for anybody looking to gain a basic knowledge or understanding of computer forensics and challenges investigators face.

[Content]
With the use of technology today there may be a time that criminal investigative services may be required in order to collect data as evidence for criminal prosecution. The criminal investigative services will most likely use computer forensic investigators to gather the evidence to be used. Even though computer forensic investigators may be proficient at their jobs there are still challenges that they are faced with in order to perform their job efficiently and effectively. Even though there are a number of challenges there are also solutions or methods that can aid investigators to gather the evidence they need.

One major challenge that may be encountered is the credibility and proficiency of the technician gathering the evidence. Technicians need to stay up to date on the latest operating systems, data collection procedures, and any additional software that may be utilized in the collection process. In the event a technician is not current on a particular software application or operating system, training courses or certifications may need to be obtained in order to maintain a level of proficiency according to policy and procedures. Technicians also need to gather evidence in accordance with any written policies or standard operating procedures. By following company guidelines, technicians minimize the ability to be discredited.

Standardization of the procedures for gathering evidence, handling evidence, transporting evidence, access to evidence, and even documentation of evidence poses a real challenge for forensic investigators. Prior to embarking on any incident response, technicians need to be current on any company standardization practices to ensure everything from obtaining evidence down to the documentation of evidence is being handled and documented consistently according to company policies. By following standardization practices a technician minimizes the ability to have evidence withdrawn from a case because it is the forensic investigators job to gather the evidence in a proper manner to be used against a defendant in a court of law.
Proper gathering of evidence can be a major challenge for forensic investigators. Forensic investigators need to be thorough in the gathering of evidence and ensure they do not leave anything behind (Kruse & Heiser, 2002). They also need to ensure they mark or tag any evidence as it leaves a crime scene so that it does not get lost in transit. A method for gathering and tagging evidence is by creating a list of every piece of evidence before it leaves the crime scene, ensure everything at the crime scene is gathered, and then upon arrival of where the evidence will be stored validate every piece of evidence was received. The evidence list may need to be verified by more than one person in order to maintain absolute integrity of the evidence that was gathered. By properly marking any and all evidence at a crime scene and then verifying all of the evidence this ensures all evidence is properly gathered and received just as it was when it was at the crime scene so that further investigations can take place on the evidence that was gathered.

Another major challenge that can be faced is the mishandling of evidence. When evidence is being gathered it needs to be treated as evidence and should be secured at all times. Only authorized personnel should have access to the evidence to prevent the possibility of tainting the evidence. By maintaining a written record or log of who is in current possession of the evidence, how the evidence was collected, and from what piece of equipment or hardware the evidence was collected from will ensure the evidence is being handled in accordance to policies, procedures, and with best practices in mind. This will ensure the evidence was handled in the correct manner, by the correct people, and in accordance with any laws.

Lastly the use of anti-forensic tools or encryption can pose a major challenge for forensic investigators. Anti-forensic tools can change header information of files found on a computer making files appear to be a different type of file which could cause a forensic investigator overlook critical evidence (Strickland, 2009). Encryption can also be a major challenge to forensic investigators because encryption uses a key to hide or conceal information on a computer system or during transit of information. It is a forensic investigator‚Äôs job to present the evidence gathered in the state it was when the crime was being performed. In order to return the evidence back to the state it was previously in a forensic investigator many need to use software applications or hash checking applications to do so.

In conclusion, due to the relatively new age of computer forensic investigative services there are many challenges that can be faced by a forensic investigator. By an investigator maintaining a current, up-to-date, technical proficiency in conjunction with following all company policies, procedures, and standardization practices an investigator greatly increases their ability to gather evidence in a proper fashion. Investigators also need to thoroughly document and handle evidence in a proper manner to include gathering and tagging all evidence so that a proper investigation can be conducted.

References
1. Kruse, W & Heiser, J. (2002). Computer Forensics Incident Response Essentials. Indianapolis, IN: Lucent Technologies
2. Strickland, Jonathan (2009). How Computer Forensics Works. Retrieved March 29, 2009, from Howstuffworks “How Computer Forensics Works” Web site: http://computer.howstuffworks.com/computer-forensic.htm/printable

Computer Forensics Incident Response Essentials, Indianapolis, Kruse Heiser, Retrieved March, encryption, forensic investigator, investigator, operating system, operating systems, people, software applications, technician

Another Thawte Notary 10 Points

By Dave in Events, Technology, Travel
2009-03-28

Today I took a train for 1 hour to a little place called Tsutsujigaoka. This is in Tokyo, but it is probably a part of Tokyo that I would not normally go to. When I got there I was met by a nice German guy who works for a bank. We went to a coffee shop, even though I can’t stand coffee, and we filled out all the necessary paperwork and started talking a bit about security and what each of us does. It was really cool to meet a guy who has very similar interests and it is neat to see how the financial industry deals with security. We talked for about 10-15 minutes and then I ventured my way back home, taking another hour to get back. Unfortunately I did not take any photos on this trip.

Events, Security, Tokyo, photos, train