In the last 10 years, High Speed Internet and Wireless networks have become common place in businesses and residential households. The device that controls this functionality is most often called a router or a firewall. Sometimes people have a router and a wireless access point. What most people do not realize, is that these devices have a default login.

This default user/password is often admin/admin, admin/password or a combination that is often very easy to guess. If you can't guess it, all you need to do is to Google the model number + default password and a list of sites will show up with a list of passwords for that device.

What most people do not realize is that with this information it is very easy to put backdoors into your network, add a non-secure wireless network, and expose computers and servers to the internet.

Often I when I see an open wireless network at a client or potential client I point it out as a security risk. The responses vary from the fact that people forget the wireless password, or they would like clients to be able to access the internet, or even "It's the Internet, I don't mind if someone is using it for free."

If you want to set up a public WIFI site that is great but there is a proper way to do it! People don't understand that if you don't do it properly, anyone can steal data and passwords from you very easily.

You should never have an unsecured wireless network unless it is on a completely different subnet and you should always change the default password. If you do not know how to change your default password, you can call the manufacturer and they will be able to assist you.

I never thought I'd be one of those guys who gets excited about RAM upgrades or service packs but, well, there I was, counting down the days to July 16 when Microsoft put SP1 on TechNet. It goes live to the world next week. SP1 doesn’t offer much in the way of new features for most people but one in particular was of great interest to me: Dynamic RAM for Hyper-V. I have a large number of Hyper-V machines, a few of which are clustered, and a couple are highly-utilized. Since processor and HD utilization will adjust based on need, RAM becomes the issue because as soon as you allocate those 2 or 4 or 8 or more GB to your virtual machine and start it up, that RAM is gone, regardless of how much it’s actually using. No more. Awesome.

Normally, I’d wait a little bit to install the update on production servers but one of my networks, a client with a cluster of virtual terminal servers, is using almost all 24GB of their RAM. This update is a big help and will save them quite a bit of money over adding more RAM. I first installed SP1 on my office desktop and it went in without a hitch. One guy in the office tried installing it on his desktop and it kept bombing out. Still, the need was there, so I moved all resources over to one node of the cluster, installed the SP, rebooted, and all was well. It was when I tried the second node that the problem started.

The SP seemed to install correctly. After reboot, it said the update failed and it rolled back, rebooted, and presented me with the most generic of errors. It said the service pack failed, “Element not found.” Might have been ELEMENT_NOT_FOUND. A message saying “Error not found” and a link to a MS KB at the bottom gave a boring, nonspecific troubleshooting guide: SFC /SCANNOW, running the Windows System Update Readiness Tool, and doing an in-place upgrade (AKA repair install). First two didn’t help, third was not a viable option.

I started reading. Windows Vista introduced something called CBS, Component Based Servicing, which you can read about here. While certain notifications about Windows Updates are still held in windowsupdate.log, the details about what is happening is held in %SYSTEMROOT%\logs\CBS\cbs.log. This log is backed up and recreated every time you install hotfix for any other update.

After hours (and hours and hours) of troubleshooting, trying to figure out what was different between my nodes, I posted to Microsoft’s official forum, uploaded my CBS folder, and they gave me my answer. Turns out, a specific hotfix was missing files: this one. The Microsoft rep who gave me the answer quoted my log and gave the answer.

2011-02-17 12:41:18, Info                  CBS    Doqe:   q-uninstall: Inf: wvid.inf , Ranking: 2, Device-Install: 0, Key: 113, Identity: wvid.inf, Culture=neutral, Type=driverUpdate , Version=6.1.7600.16475 , PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=amd64, versionScope=NonSxS
2011-02-17 12:41:18, Info                  CBS    Perf: Doqe: Uninstall started.
2011-02-17 12:41:18, Info                  CBS    Doqe: [Forward] Uninstalling driver updates, Count 54
2011-02-17 12:41:19, Info                  CBS    DriverUpdateUninstallUpdates failed [HRESULT = 0x80070490 - ERROR_NOT_FOUND]

Files from the security update

MS10-010: Vulnerability in Windows Server 2008 Hyper-V could allow denial of service

are missing

That’s great and all but how did they come to that conclusion?

Identity: wvid.inf , Culture=neutral, Type=driverUpdate , Version=6.1.7600.16475

this tells me that the update causes the issue.

Yeah, but what from that says that the specific hotfix was the problem? How did they find that line in my 45MB+ log file?

google? look at the inf file version on the KB page:

http://support.microsoft.com/kb/977894

“ERROR_NOT_FOUND” must appear 100 times at least, so do references to wvid.inf. I asked for them to walk me through it, step by step.

I opened the Log file, and searched for Error so I found this line. I looked what the installer was doing and saw that it tries to remove the inf. I googled what the inf is and found this Hyper-V update.

Still doesn’t explain how they got to that specific error. I did look at it a bit and found that while there are hundreds of errors that look like this:

Failed to get session package state for package: Package_6_for_KB2482017~31bf3856ad364e35~amd64~~6.1.1.1 [HRESULT = 0x80070490 - ERROR_NOT_FOUND]

The one that he pointed out was unique and had no similar lines anywhere. It does make sense when you look at it: it tries to uninstall a hotfix, can’t find a file, and fails. But there are A LOT of errors in the file and you’d think that somewhere it would identify a critical failure and point to this as the cause for the entire service pack bombing out. I asked again whether they had a way of filtering out the ERROR_NOT_FOUND messages that didn’t matter VS those that did and didn’t get a response yet. I get this feeling that they just know what to look for and used CTRL + F until they found an error that didn’t look like the others.

With the KB identified, I had to find a way to uninstall it. Going through Add/Remove programs didn’t work, it tried to uninstall, rebooted and failed. Using WUSA /UNINSTALL /KB: seemed to work but, as I later learned, is not supported or, well, working. The end result was to search the registry for the KB, pull out every key, reinstall the hotfix, reboot, install the SP, and reboot. Success. But frustrating. Our company’s virtual host also failed its SP1 install though some of our VMs did not. Two other guys in the office installed it on their Windows 7 machines without difficulty. When I have some time, I’ll check out our VH’s log and see if I can apply this experience. Either way, I find it extremely frustrating that I had to do this much work to fix what should be a very simple process. If the Service Pack install made use of the Windows Event log, filtering errors would have been easy. If the error message given after the failure was more clear, I could have troubleshot effectively. If SFC /SCANNOW found missing files — since there WERE missing files — that would have helped. If the Windows System Update Readiness tool searched more thoroughly, that would have helped too. While the Microsoft rep was very knowledgeable and rather prompt, I shouldn’t have to resort to that in the first place. This Service Pack was made available to TechNet not three days ago and it failed our first 3 of 6 tests; another poster on the MS forum said that one of their cluster nodes also wouldn’t install it so he just wiped and reinstalled. This is unacceptable and does not bode well for Microsoft’s PR in the coming weeks.

So far we have discussed some of the gimmicks people use to generate business, and we have discussed how you should treat the expierence like you were hiring a new employee.

Now we move onto one of the most important parts of the selection process for most people, the hourly rate. My immediate thought, forget the hourly rate. I keep using cars as an example and I have to do it again.

You are not buying a car, where you can compare apples to apples and all that is left is the color and price. You have to look at the overall value, IT support is one of the most important pieces of your business functionality. If you could select surgeons by hourly rates would you select the cheapest,,,,, if your life depended on it? How about the cheapest lawyer if you were setup for a crime you didn't commit?

I know of businesses who charge over $175 /hour and you still end up with a junior tech. I also know businesses who charge $75 /hour but it takes them 2 or 3 times longer to get basic things completed. You are going to find most of the quality companies somewhere in the middle.

There are way too many variables here to compare apples to apples, so you might as well take it out of the equation right from the get go. You will get your value from lack of downtime, quick service response, friendly geeks (I am sure many have dealt with geeks who talk down to you), and if you select the right company, you will be able to relax and focus on more important things.

Now, when should you look at the money part of it? Look at the travel fees. Here is an area where many companies get you and some questions you should ask.

• Is the hourly rate charged for travel as well?
• When does the travel charge begin
• Is the travel charged for both ways?

Well this concludes Part 3, there are 2 more parts and I hope you are finding them useful so far, more soon.

In the first part of this series, we discussed how important it is to overlook the gimmicks. I went over the most common one but be aware there are others out there. Many will offer a free network evaluation, take them up on it. A network evaluation can be used to get a feel for the people you will be dealing with. It will give you some extra insight into to the company.

The next thing you should remember when selecting the right IT Company, is that you are hiring an employee. This is one of the most important positions you will ever hire for. You need to make sure you cover all the bases.

When you hire any other employee you check references. Make sure you get a list of references from this IT Company. You should get a list as long as you can and call ALL of them. I am not saying you need 20 or 30, but 5-10 clients you can talk to would be nice. When you talk to these references ask lots of questions, the more the better.

Ask questions like:

• How quick is the response time?
• What is the longest time you had to wait when you were completely down?
• Do you ever have a junior tech on-site who you can tell is learning on the job?
• Have you ever had a major non technical issue such as billing or warranty, and how was it dealt with?
• Are they proactive, do they make suggestions that will help improve your business?
• Are the technicians that you have dealt with friendly?
• Do the technicians explain things in a way that is easy for a non technical person to understand?
• Do you feel you are getting value for the hourly rate you are charged?

As you can see, there is a lot you can learn about an IT company if you ask the right questions. It is very important to get a good sense of their business practices, if they value their clients, and can they benefit your business.

I often compare IT Support to the used car industry. That may sound odd to you, but used car salesmen have a bad rep overcharging first, thinking about quality second. Unfortunately this is because most people who buy cars aren't mechanics. They rely on what the sales person tells them. Aren't you kind of in the same position with your IT support?

Today most use cars are certified and you can take them to your mechanic for a second opinion. What do you do for your IT support? It's not really the type of thing you can take it to your local trusted expert and get a second opinion. Your "expert" is the only person you have, so they better be right for your business.

Let's face it; it can be a painful process selecting a new IT Support company. There is first a courting period where you are getting used to each other. Then you have to spend the time to build the trust in the relationship. If you make it this far, you can finally relax with your decision and move on to other things. It can be a long process, and I know very few clients who have had less than 2 or 3 divorces.

Often people are unhappy with the current company they use but are scared to change because they have had worse in the past. Your business livelihood relies on your technology and you really cannot afford to make too many bad choices.

Over the next week I am going to share some tips with you to help you in this process. In the end you will be able to make wiser decisions the next time you decide to look for another IT Support company.

1. Avoid the "We'll fix it or it's free promotions"

This may sound good in theory, but let's think about this intelligently for a few minutes. In reality any IT company can offer this. This is a ploy to get them in the door, even if it's just once. Using the car analogy, this is right up there with the guaranteed $5000 for your trade in. The time has to be paid for some way or they just couldn't stay in business.

What happens if your computer has a virus and after 2 hours of troubleshooting they decide the only solution is to wipe your computer clean, reinstall windows, your programs, updates, and then charge you over $400 for their time?

How about after looking at your computer they decide your computer is too old and the solution is to purchase a new computer from them?

Maybe you have network issues, and while this is not a strong area of their business they have enough "knowledge" to fumble through the process and it takes an entire day to solve the issue? Most IT companies charge over $100 per hour. That could be upwards of $1000 to fix an issue that might take the right company less than 3 hours to fix.

In just these 3 examples, you can see how you can spend a lot of money quickly and the issue will be considered fixed. This means there won't be any free work given away. They are going to figure out a way to fix the issue regardless of the solution because they need to get paid for their time. The worst part of it is, is that your best interests are not a priority, they need to make money to stay in business.

More tips coming soon!

Having been in this industry for awhile, I often hear people repeat some common myths about computers. I decided it was time to put some myths to rest. There are many out there but today I will touch on 5 of them.

Myth 1: Having too much data on your computer slows it down

This is probably one of the most common statements I run into. A new customer will call and complain about how slow their computer has become and that they deleted a bunch of files to create space and it didn't help.

A computer is like a filing cabinet, it's designed to store and process data. The only time too much data is really an issue is when you have less than 1GB of space left. The reason for this is because windows uses part of the hard drive for a page file. This page file is like virtual memory which helps offset a shortage in RAM, (read memory) which sometimes happens when a lot is going on.

So, the next time you decide to go on a deleting binge to speed your computer up, don't do it. Your computer is slow because something is wrong and it's trying to tell you.

Myth 2: I have a firewall installed, so I shouldn't have gotten a virus

Another common misconception, a firewall in general will not protect you from a virus. Yes there are certain types of business grade firewalls with virus protection built in. However, most people believe a software firewall like the built in windows one, or Norton Internet Security will keep you safe.

Firewalls are for security. They block traffic coming in and out of your network (if configured properly). If you click a link in an email or go to a bad site you are going to get infected. The firewall isn't there to second guess whether you really wanted to click that link. Software firewalls do not read and test the link or files coming into your computer.

I am a firm believer that a software firewall is one of the most oversold useless pieces of software ever invented. Most times attackers will attack a flaw in Windows to gain access to a system, or people will run files that are viruses, download music / games illegally which are actually viruses.

One thing to keep in mind is that there is a built in software firewall in windows. Most people have a built in firewall in their cable / DSL / FIOS modems or they have some type of router on the network. Unless you invest in a business grade firewall, you are not going to get any more protection by buying another software firewall.

Myth 3: When your computer gets slow, you need more RAM

I see posts on blogs and forums often of someone complaining about the speed of their computer. The most common response is add more memory.

Let's think about this logically for a second, your computer ran fine for 1+ years and now it's slowing down. If you didn't need more memory until now, why was it running perfectly fine before?

If your computer is running slow it is because there is another problem. Normally it's spyware / malware related but often it's a problem with 1 or 2 programs on your system that are not functioning properly and are using a lot more memory than they are suppose to.

If your computer is 3-5 years old and hasn't had much maintenance (by a professional) done to it, then it's probably time to back it up and reinstall everything. Windows just slows down over time and while IT Professionals can fix things to increase performance, ultimately at that age reformatting will provide the best outcome.

Things to remember, if you are using XP 32bit or Windows 7 32 bit (most are unless you specified 64 bit) your system can only really use 3GB of memory effectively. This depends on your video card and how much total memory it has, but throwing 3+ GB at a 32bit system is like throwing money out the door. It will not have any improvement on your system at all.

Few users need more than 2GB of memory in their system. If you are doing AutoCAD, graphics, high end photo work, producing music, or other resource intensive tasks you will want Windows 7 64bit and then you can throw as much memory as you like at it.

Myth 4: Installing Anti-Virus will keep you safe

Anti-Virus serves a great purpose and is a very useful tool but it does not protect 100%, not even close.

AV software has come a long way over the years and they really are trying to protect users from everything, but it's simply impossible. There is more out there than viruses.

Today we have spyware, malware, root kits, and viruses. Most AV software will tell you it prevents spyware as well but reality is they can't keep up. About 7 years ago there was under 20,000 different known types of spyware, now that number is well over 1 million. There is big money in high jacking browsers for advertising, or selling fake software that you think protects you.

We have about 20 different tools to clean computers because there isn't one tool that will clean up everything. You need to have a couple spyware scanning programs to assist your anti-virus software. I recommended several in the "5 Tips to keep your computer healthy" post. If you haven't read that, then I suggest you make time to read that next.

Myth 5: Magnets will erase your data

Back in the day when we used 3.5" and 5.25" floppies there was a lot of talk about magnets and erasing your data. A common household magnet could erase your data pretty easily from floppies.

Today we use CDs, DVDs, USB flash drives, and large Hard drives, none of these items can be erased with a common magnet. Hard Drives are the only thing that can be affected by a magnet but you would need an extremely powerful one which you wouldn't find in a typical hardware store.

This being said, if you read the backup post I can tell you that flash drives will loose data by themselves. Either it doesn't copy properly, gets corrupted, stops working, or just looses data. I have seen it happen many times.