The usefulness of TCPDUMP

We are mid-firewall migration, it’s set to happen in about 2hrs from this post. But in the middle of trying to figure out why we are getting crazy network outages, we ran tcpdump on our dns/dhcp server. Why that server? That was the server that was identified by Central-IT as having issues.

We only ran tcpdump for a few minutes and in that time we got some very interesting results. It appears that another entity on campus is hammering our dns server with known bad dns zones. I filtered on just that subnet, selected those packets and exported it to a csv. We have a plotter, so of course the next thing to do was plot it out! Sadly, Excel decided to add page-breaks…sigh

There were 23,000 packets captured and this entity accounted for 4,400 packets. I’m no math-wizard, but that seems to be about 5% of the traffic, in a very short time frame.

But the pic is awesome! Right?

20100908-Photo1308

Windows 7 Enterprise Dell Optiplex 960

We received new computers today from Dell. We ordered the Optiplex 960 with an Intel Quad core, 8GB of RAM and a pair of 150GB SATA drives. By default the computers were configured for RAID 1, since I was loading Windows 7 Enterprise I didn’t mind losing the Dell installed Windows 7 Pro, with all the Dell goop. Configured the Intel RAID card for RAID 0, Striping (I never remember which is which). The installation was straightforward everything detected and worked just fine. Carson didn’t have as much luck, hopefully he documents the LVM stuff somewhere for when the LTS comes out!

The really nice thing about these computers for us is the striped drives. We do a lot of stuff in VM’s and having an incredibly fast drive couple with lots of processor and memory is really going to improve the quantity and quality of our experience. I will write up something covering Windows Virtual PC, XP Mode and Application virtualization later.

Various PHP related messages

ntwdblib.dll: This application has failed to start because ntwdblib.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_MSSQL]
extension=php_mssql.dll
[PHP_PDO_MSSQL]
extension=php_pdo_mssql.dll

OCI.dll: This application has failed to start because OCI.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_OCI8]
extension=php_oci8.dll
[PHP_PDO_OCI]
extension=php_pdo_oci.dll
[PHP_PDO_OCI8]
extension=php_pdo_oci8.dll

LIBPQ.dll: This application has failed to start because LIBPQ.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_PDO_PGSQL]
extension=php_pdo_pgsql.dll
[PHP_PGSQL]
extension=php_pgsql.dll

sqlite3.dll: This application has failed to start because sqlite3.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_PDO_SQLITE_EXTERNAL]
extension=php_pdo_sqlite_external.dll

aspell-15.dll: This application has failed to start because aspell-15.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_PSPELL]
extension=php_pspell.dll

libcs.dll: This application has failed to start because libcs.dll was not found. Re-install the application may fix this problem

Resolved:
Comment out the following lines from php.ini
[PHP_SYBASE_CT]
extension=php_sybase_ct.dll