|College project question.|
| 1:23 pm on Mar 24, 2006 (gmt 0)|
Alright, for a class I am taking, we are presented with a question, a VERY broad question. What needs to happen is that we need to come up with what we believe the problem to be and a possible solution. Here is what we were presented with:
When you get to the office, you have a rash of messages in your email. You find the following problems on your network:
1. You can't log in.
2. Some servers seem to be down.
You consider the possibility of two causes:
some fault has occurred and needs fixing
your network is (or has been) under attack
There are a lot of possibilites to be had here, but I really think that the "attack" cause makes the most since. I dont know. But some feed back would be helpful:) Thanks a lot.
| 4:34 am on Mar 25, 2006 (gmt 0)|
Think which server being down could cause those problems by itself...
| 7:46 pm on Mar 29, 2006 (gmt 0)|
It's like "Occam's Razor", or "KISS".
Look at the simplest possibilities first, since they are easy to investigate and discount. I look at it like this:
Because someone tripped while walking down the street doesn't mean that aliens from Alpha Centauri travelled 4 light years in their space ship, and donned invisible alien suits, and decided to trip Bobby-Jo walking down 4th ave.
It is *possible* that someone is maliciously attacking your server, but it is more likely that:
1) a piece of equipment failed (hard drive, network card, CPU, overheating PSU, etc)
2) Some piece of software failed or became corrupted. This could include a segfault in Apache webserver because of something weird, or a script or program that is using up all the system resources.
3) Gremlins have unplugged your network cable or power cable. Or someone tripped over the cable. Or, construction workers cut the lines down the street while digging somewhere.
4) The ISP for you or your server is unavailable - think : you didn't pay your bill, they're incompetent, or have a planned outage, or see #3. (you didn't mention where this server was in relation to you).
5) Your computer that you're testing from is the one that's actually unable to connect, and the one that's at fault.
6) Aliens have descended from Alpha Centauri and written an exquisite program that DDOS's the server with the hopes of annoying you with a superfluous question in your CS that your professor has decided is somehow worthy of asking.
7) Someone is attacking your server, and in some cases, you can't do anything about it (think DDOS), unless you're willing to spend a lot of money.
PS: I'm not making fun of you, it's just what I tell myself to help me remember to look at the simple things. Most often when a PC can't connect, for example, it's not because the winsock DLL is corrupt from the latest windows update and blah blah blah, but likely because the cable was disconnected.
| 2:14 am on Apr 1, 2006 (gmt 0)|
Before you do all that, *walk the packet*. That will eliminate most of the guess work as you try to narrow down the problem. It will tell if you it's your network, your wan, a router, a switch or a server. Perhaps a virus, or a DDOS. But first you have to walk the packet back from an end node to your router.
| 3:17 am on Apr 8, 2006 (gmt 0)|
Speaking of tripping while walking down the street...
Most likely, in this case, somebody tripped over a cable.