Digital Choke Daynotes

Daynotes	a daily journal of our activity	Send us email
Digital Choke	an action that is sometimes needed for your computer; also a short techno-story available here.

Sunday, June 1, 2003

A bit of a change up there at the top of the page. I put a link to the report about my experiences trying to reduce the amount of spam coming into the mail system at work. You're welcome to take a look at it, if you are so inclined.

It smells good in here this afternoon (it's about 5pm as I write this part). My Pam is imparting some cooking wisdom to Stacy, who is soon off to college. They are working on lasagna, and it smells quite good. It's really a simple recipe. Some hamburger with garlic cloves and a bit of onion in a frying pan. Cook the meat with the garlic and onions. When it's done cooking, add a bottle of marinara sauce and let it simmer for a bit. Cook some lasagna noodles. Grate some mozzarella cheese. When the noodles are done, arrange a layer of noodles in a 9 x 12 inch pan. Pour some of the meat sauce on. Add a layer of cheese. Repeat until you run out of stuff. Then stick it in the oven for a while. While it's cooking, prepare some garlic french bread and some vegetables, maybe a simple salad. Put the garlic bread in the oven for the last 5 minutes. Then take it all out and eat it. Put the leftovers in plastic containers for lunch tomorrow. Good stuff.

Jason has a 1992 VW Cabriolet. He got it from a friend of his for only $500. It's in pretty good shape, even with about 140K miles on it. It's been running pretty good, but he noticed a funny noise with it today. I took a ride in it, and it seems to be in the transmission. It first sounded a bit like the CV joints were getting worn, but then on the way home it was getting noisier and it wouldn't go into 5th gear. He turned around and brought it back here, and the noises are getting a bit worse. I let him borrow the truck, and I'll give it a little test drive tomorrow after work.

Tomorrow morning will be a bit different for some employees at work. The big bosses decided to enable the web filtering server that we have been testing for over a month. It seems that some employees are using the company internet connection to go to inappropriate web sites. We've been monitoring the types of sites they are visiting, and the bandwidth they are using. There's a lot of streaming audio, news sites, and some gambling/games/adult browsing going on. We have an 'acceptable use' policy that all employees have signed, and while it allows some personal use of the Internet, there are some places that are not appropriate. So, the big bosses, having been informed of the types of access, and the abuse thereof by some employees, has decided to enable web access filtering. We are using the SurfControl product, and tomorrow, any access to an inappropriate site will be blocked, and the user will be greeted with a warning page. We are logging all access, and will log inappropriate access. I suspect that our bandwidth level will be reduced a lot starting tomorrow. It will be similar to the reduction in inappropriate email use when we implemented the mail filtering software. The blocking message will tell the users to call the Help Desk if they are having problems, as does the email blocking software. With the email blocking, we get very few calls ("Hello, Help Desk? I can't send my X-rated jokes through the email system. Can you tell me why?"). I suspect that there will be the same lack of calls for people that can't access the inappropriate sites. It should all be interesting.

Monday, June 2, 2003

We enabled the web filtering software this morning. There is a screen on the server that shows all the pages that people are looking at. There is a separate line for each entry, and it shows the URL, category, date/time, and user and workstation name. You can assign each category a different text color, so you can see the different categories as they roll by. We assigned red to blocked categories, and other colors to some other interesting categories.

Last week, the display was quite colorful, with lots of reds showing up. Those are the categories that we would be blocking. By this afternoon, after we turned on filtering, there was very little red entries on the list. And just a very few calls from people who thought that it was OK to go to their dating service sites, or the "bikini" site. I explained to them the company policy about Internet use, and that the senior management said that any exceptions were to be cleared by the department heads. I don't think that many people will ask for an exception. Especially since the department heads were in on the whole decision to put the web filtering in place.

So most of my time today was spent with web filtering calls, and a bit of email filtering tweaking. There are a very few valid messages that are getting blocked. An example would be a verification of a computer order. Most of those have a bunch of shopping/marketing fluff inside the message, and so it's blocked by the email filter.

On the car front, I talked to a transmission shop today. They work on a lot of VW's, and the symptoms sound like it's time for a rebuilt transmission. Putting in a rebuilt one will cost about $1K, but we may have caught it early enough that only a repair is needed. So I've got to get the car over to the shop tomorrow. They may not be able to start on it until next week, but by getting it there early, they might be able to work on it between other jobs.

Had a visit with the gardener tonight. He's been taking good care of the lawn and plantings around here, and his monthly charge is very reasonable. We talked about adding some more flowering plants to a few of the areas, and he told me that I needed to shorten the watering on the timed sprinklers a bit. The lawn gets 8 minutes once a day, and the plants on the drip system gets 12 minutes once a day. When the weather starts to get really hot next month, we'll increase it to twice a day. And he said that watering should start about 7am each day. I asked him to pick out some colorful flowering plants to add to the front yard area next to the house. And there are a few areas of dead plants (courtesy of the previous owner's dogs) that need to be removed.

Tuesday, June 3, 2003

More of the same at work today. There is a bit of general grumbling about the blocking of streaming audio. That was a really heavy use of our Internet pipe. We have a T-3 line (5MB, right?) for our pipe, and it was continually saturated. Although Internet radio is nice, it's not really a valid business use. So the management team decided that was among the types of sites that needed to get blocked. There are a few other categories we are looking at, but we're gathering info for usage reports.

I also worked a bit on updating the current work plan. It needs some more work, though. Tasks continually get added to the list, and then the big bosses decide some more things are more important. But that's probably typical.

When I got home tonight, I called AAA (the auto club) to get the VW Cabriolet towed over to the auto repair shop. I probably could have driven it there, but I didn't want to do any further damage to the transmission. And one of the benefits of the auto club is free towing. It only took the drive about five minutes to hook up the car, and then I followed him over to the repair place to fill out the paperwork.

Then my wife and I took a trip to Best Buy. One of the rooms in the new house is what is called a "bonus room", sort of a large bedroom area without closets that can be used as a small family-type room. It needs a new TV and DVD player, which was the purpose of the Best Buy trip.

So we picked out a Sony WEGA 31" flat screen TV, and a basic DVD player. And the James Bond movie with Pierce Brosnan. I didn't have the truck to take the TV home, just the Toyota Camry. So we took the TV out of the box and it just fit into the back seat. And then broke down the box flat and stuck that in the trunk.

So we got home and I took it upstairs (a bit heavy, but I made it without panting too much. Not much to set it up. It actually took longer to open the DVD package than to set up the TV and connect the DVD player. The quality of the picture is quite nice, although I wasn't paying attention when I got the James Bond DVD, and got the full screen version rather than the wide-screen version. But the new set looks and sounds quite nice. We watched a bit of the movie (up to the opening credits); we'll watch the rest of it another night.

Tomorrow's plan is to concentrate on the work plan. There is also a meeting of the company's network managers, and email filtering and web blocking is on the agenda, along with some other things. Should be a busy day.

Wednesday, June 4, 2003

The best-laid plans...

I needed to send a message to all the users at the company about the revised/enhanced acceptable use guidelines. I've put them on our Intranet, which has drop-down menus (courtesy of a Java script that I appropriated -- it was free -- from a developer's site).

The company has three separate networks (for various reasons), and it turns out that users on one of the networks couldn't browse to the Intranet. Well, my message to every user told them to go to a URL on our Intranet, so I got a bunch of messages from that department that they couldn't get to the site.

This all used to work, of course, but then the webmaster moved the content to a new server, and didn't really bother to make sure that it worked for everyone. And several of the pages on his part of the site had links to other servers, and hard-coded 'hrefs' (links) instead of using relative paths. (That's a much cleaner way to refer to other parts of a page, such as graphics, etc. If you were to look at the code of this page, you'd find only relative links.) And it also looked like he was referencing scripts (Java or otherwise) on other servers, which is know as cross-site scripting, not really a good thing. That can be a bit of a security risk for someone that knows how to exploit it. And I also think that the permissions (rights) that he had assigned weren't very good either.

Anyway, the result was that not everyone in the company could get to the acceptable use pages. And since they are a bit more aware of acceptable use, they were a bit more motivated to increase their awareness. (It only takes one or two 'Access denied because of company policy, and your attempt to get to this page has been logged' screens in your browser to increase your motivation to follow the rules. Which is the point of the whole thing.)

So the network guys got that fixed, but it took a while. And there are a few other things that one of the guys will be working on tonight to let the orphan department get to the Intranet site. I'll be checking on it tomorrow, and then sending out a bunch of messages to that section of users.

Then I had to prepare some notes for the company's network administrators. A big topic was the web filtering that was put into place on Monday. Another topic that took some time was email filtering. There was a bit of discussion on both topics, and several other ones, so the meeting took up it's full allotment of two hours. And then there were several phone calls from users with questions about the acceptable use policies.

I also had to prepare the final version of the physical access guidelines for the data center, since I'll be talking about it to the IT department at the monthly meeting tomorrow. That meeting should also be a bit lively, as the CIO will probably discuss the process of web filtering, and how it was put into place. There is some resentment that there wasn't prior notification of it being put into place. Of course, that's what the senior management team wanted. It's not like it was new stuff. We put into place a computer/network use policy last summer, and every employee has signed it. There have been companion guidelines in place in the fall, with full notification to all users several times since then. But it seems that not everyone is getting the message, although the web filtering did get their attention.

So, I didn't get to spend any time working on the task plan update. I did bring it home to work on it tonight. But we needed to stop by Sam's Club after work to order the cake and deli trays for the after-graduation family get-together on Saturday. And then home for dinner of leftover lasagne (which is just as good as leftovers as it was fresh).

Then I got out the big ladder to put a light sensor on the porch light -- it's about 15 feet above ground over the front door. And I fixed the side gate latch; it had some loose screws. (Hmm....people say that often about me...) I was going to unpack a few boxes, but sort of ran out of energy. My day starts early; the alarm clock goes off shortly after 5am. And I tend to stay up too late.

So, it's on to tomorrow. Thursday already. The IT department meeting (that will take about 2 hours). And a bunch of email to work through. Not just the normal stuff, but the stuff that I am getting copies as I try out a couple of new spam-blocking rules. That's about 500 messages a day. Most of them are duplicate spam messages to different users, but there is the occasional one that shouldn't have been blocked. I need to look carefully at those to see how the rule can be tweaked to let the good ones through, but still block the spam. It all takes time.

Speaking of which, it's getting late. Time to post this and quit for the day.

Thursday, June 5, 2003

It's late, and I am really tired. Busy day at work, time flies when you are having fun (and fruit flies like bananas). Still explaining to users how the web blocking works. I get calls from people worried about the "access denied" message they get, and telling me it was all an accident. Sometimes it is, with the pop-up ads that you get from some 'normal' sites. So I am educating them, telling them that we are not at the point of "one strike and you are out". At least not yet.

Still tweaking the new mail rules. Their current settings were a bit too strict, so I loosened them a bit. I'll let that sit for a couple of days to see if that makes the false positive rate go down a bit. There was one interesting thing that got blocked today. An outside consultant created a Power Point presentation, and it was blocked when we got it due to the adult content. It had lots of interesting words in it. You couldn't see them anywhere in the presentation; not in the slides or the notes. But they were embedded in the supporting files. It could have been a glitch in how the filtering software breaks apart the message. Or it could have been something in the source computer, perhaps some buffered memory that somehow got into the file when it was saved. The person getting the message and file was a bit excitable at first, claiming that there was no way there was any adult content in the file. So I did some screen shots of the analysis, and after discussing possibilities, she was a bit relieved, and saw some humor in the situation. I'm still not sure it was in the actual attachment, but I didn't have time to do a real deep analysis.

After work, I got the truck from my son (he's borrowing it while his car is in the shop), and went up to the storage shed to get the last two loads of stuff out of there. That took until a bit after 9pm. Then I did some 'homework' with the project list. Not as much as I wanted to get done, but I made a bit of progress. It needs to be ready for a morning meeting with my boss, but it's not going to be in a finalized form. I just ran out of time to do it.

Stacy (high school graduate in two days) did well on her finals. Her final grades were a B+ in Physics (about 2 points shy of an A), and an A in HIstory, and an A in her ROP. That's a program where students do free work at a job that they are interested in. She worked in the ER room at the local hospital, and they were quite impressed with her work there. In fact, she got a $1000 scholarship from the hospital, in no small part due to her excellent work there.

So today was her last day of regular school. Tomorrow is graduation practice, and then a party with her friends in the evening. Saturday morning is the graduation ceremony at the high school football field. There will be a family lunch afterwards at the house.

So tomorrow at work will be busy, and the whole weekend. And then it is only about 15 days until we have to take her back to college in Rexburg, Idaho. Don't be surprised if I miss a post or two here.

In the meantime, here's a link or two. I believe that this news report is write when it says that the "challenge-response" methods of blocking spam won't work at all. And this report, also from ABCNEWS.com, about the new BugBear worm is also important. It has the potential to be quite irritating. And probably not the last of similar types. So go and update your anti-virus software. And then do your Windows Update thing. I'll be here when you are done.

Friday, June 6, 2003

"There is nothing to see here." -- Zork I

Saturday, June 7, 2003

"There is nothing to see here." -- Zork I

Digital Choke Daynotes