Darragh Delaney's Most Recent Posts

I have been on the road for the past few weeks, last week I was in the Middle East and this week I come to you from Scotland. These places would appear to the outsider as being very different places but not when it comes to IT. One topic that was common throughout most meetings that I attended was on the subject of the insider threat, something getting inside a network and causing a problem.

Capturing packets from computer networks can sometimes sound like an activity reserved for hackers and geeks. Looking at a stream of raw packets is not for the fainthearted, but thankfully there are a number of technologies out there that can make the task easier.

Over at the Ethergeek blog last week, Josh Stephens had an interesting piece on the challenges of finding experts with data center expertise. Another trend that I see is the centralization of IT staff to main data centers. Gone are the days of having a dedicated IT person at sites which run a number of local services or applications.

This brings its own problems as it can be cost and time prohibitive travelling to these sites to diagnose and fix problems. The good news is that there are a number of technologies out there that can make this task easier.

In my previous post on the BitTorrent protocol, I took a look at how BitTorrent operates as a very efficient way of downloading and uploading data. For this post I am going to take a look at how you can detect for its presence on a network. There are many reasons why you would want to do this, from investigating DMCA notifications to finding out where all your Internet bandwidth has gone. The three main ways in which I see BitTorrent been used.

In my previous post on the BitTorrent protocol, I took a look at the main parts of what makes up its infrastructure. For this post I am going to focus on how data is uploaded and downloaded.

The BitTorrent protocol is designed as a very efficient way of sharing data. You start by using your BitTorrent client to prepare the file that you want to share. A number of operations are performed at his point

For my next three blog posts I am going to take a close look at the BitTorrent protocol. Since its implementation in 2001, it has become one of the most common protocols for sharing files on the Internet. For this post I am going to take a look at the infrastructure that makes up a BitTorrent network. I will then follow up with a post on how it operates and for the final post in the series, I will look at how you can detect and monitor BitTorrent activity

A few days ago a customer came to me with a question; they wanted to know what online services were consuming the most amount of bandwidth on their Internet connection. Easy, I thought, and I proceeded to show them how to report on the top websites consuming bandwidth. The problem was that the top entries in the list were all sites associated with content delivery networks (CDN).  

I recently worked with IT managers who wanted to know who were the top users of bandwidth on their networks.

For my first blog post of 2012 I was going to focus on New Year's resolutions that every network administrator should consider. This was to include things like making sure you have a map of your network to having a log of what users are doing on your network. However, as I put my list together I realized the most important one on it was that we all need to review how we use passwords both personally and at work.

During the holiday season some lucky people may be in receipt of things like smartphones, tablet computers and other electronic gadgets. My advice is that the person giving these gifts should consider updating and preparing them in advance. Insider (registration required)

Internet filters have being around for a while now and they can form a vital part of the network security infrastructure. Typically they are used for Blocking access to inappropriate or non-work related sites, preventing applications like Bittorrent from operating and blocking malware and viruses from entering and leaving the network.

However, many of the filtering systems used by small to medium sized organizations are not so good when it comes to managing sites that consume lots of bandwidth.

Last week seems to have been a firewall issue week for me. I worked on incidents in two large networks where problems on the LAN managed to bring down firewalls at the edge of the network. Firewalls have come a long way since the original stateless varieties, which were little more than a collection of access control lists. These were superseded by stateful firewalls which kept track of the state of network connections.

One positive outcome of browser wars is that we are now spoilt with choice when it comes to fast and feature packed Internet browsing applications. Not that long ago, I remember downloading browsers and then installing a series of add-ons so that I could search and open pages quickly. As developers of browser tried to get one up on their competitors, most of these cool features are now included in browsers by default.

Slow internet access can be a right pain both at the workplace and on home networks. Nowadays, we demand fast access to websites and cloud services. Gone are the days of 9600 baud modems and in its place we have high speed links allowing for instant access to information.

However, I often come across instances of people complaining that ‘the internet is slow'. Today it was my neighbor with one computer on their network and last week it was a hospital network with thousands of connected systems. Here are some of the reasons why an Internet connection can slow down:

I was away for a few days this week on customer sites and a common question that came up was around finding out what a particular individual was doing on the network. In some cases the query was around web usage and in others the query was associated with bandwidth usage.

There are many sources of user data on networks, the main ones for me are: