Details
Hits: 2704

When we talk about data transfer rates most people use kbps, Mbps, Gbps.  But a lot of programs use KB/sec.  The table below can be used as a cheat sheet for quick conversions.

The table below uses "Kilo/Mega/Giga bits" for connection speed and "Kilo/Mega/Giga bytes" for download speed.

Connection Method Connection Speed
 Maximum Theoretical
Download Speed
 File Transfer Time
1 GB File
28.8K Modem 28.8-kbps 3.6-KB/sec 2+ Days
33.6K Modem 33.6-kbps 4.2-KB/sec 2 Days 18 hours
56K Modem 53.3-kbps 6.6-KB/sec 2 Days
One-channel ISDN 56-kbps 7-KB/sec 1 Day 18h 36m
One-channel ISDN 64-kbps 8-KB/sec 34h 43m
Two-channel ISDN 115.2-kbps 14.4-KB/sec 21h 30m
Two-channel ISDN 128-kbps 16-KB/sec 17h 21m
Fractional T-1 256-kbps 32-KB/sec 8h 40m
384K DSL 384-kbps 48-KB/sec 6h
Satellite 400-kbps 50-KB/sec 3h 55m
Fractional T-1 512-kbps 64-KB/sec 4h 20m
DSL/Fract. T-1 768-kbps 96-KB/sec 3h
1-mbps DSL 1,000-kbps 125-KB/sec 2h 10m
T-1 (1.544-mbps) 1544-kbps 193-KB/sec 1h 26m
E1 2 Mbps 2000-kbps 250-KB/sec 1h 5m
10-Base-T 10-Mbps 1.25-MB/sec 13m
ATM25 25.6-Mbps 3.2-MB/sec 5m
E3 34-Mbps 4.25-MB/sec 3m
DS3/T3 45-Mbps 5.63-MB/sec 2m 55s
OC1 51-Mbps 6.38-MB/sec 2m 35s
100Base-T 100-Mbps 12.5-MB/sec 1m 20s
OC3 155-Mbps 19.38-MB/sec 51s
OC12 622-Mbps 77.75-MB/sec 12s
1000Base-T 1-Gbps 125-MB/sec 8s
OC48 2.4-Gbps 300-MB/sec 3s
OC192 10-Gbps 1.25-GB/sec 1s


The following factors need to be considered when measuring network speeds:

  • Latency & jitter
  • physical signaling overhead
  • TCP overhead

Typically on a clean line you will see anywhere from 10% to 25% loss due to factors mentioned above.

Details
Hits: 2941

I'm not one to usually recommend software but I thought I would share my experience with what I consider to be a good application.

Most companies use a combination of applications to monitor the health of their network.  The usual suspects are device Monitoring with tools like What's Up Gold or IPSentry.  These tools do a great job of monitoring servers, routers, etc.  Next would be bandwidth usage monitoring.  Most companies utilize a great freely available tool MRTG to accomplish this.  Finally there are times when you need to dig deeper on network issues and tools like wireshark or ntop let you capture packets in real-time.  Enter PRTG Monitor.  This web-based monitoring software combines all three areas covered above from one central location.

Some of the highlights that I find very useful are:

  • Packet capture via port-mirroring.  Similar to tools like NTOP that can help you catch a rogue device or abuse on the network PRTG can capture packets in real time and display Top Talkers, Top Connections, and more.  Another useful feature is that this data is kept in logs for up to 1 year which allows you to go back and look at past events on the network!
  • The ability to create custom "MAPS" which are basically HTML based pages that allow users to view real-time monitoring sensors in a READ only mode.  Another advantage is that you can publish these pages with no login required.
  • PRTG also has bandwith monitoring via SNMP Counters just like MRTG.
  • Distributed approach which allows for exponential growth by allowing you to deploy more than one server/pc that will perform monitoring.

If you ever have time to check it out I highly recommend you do.  You can get more details here:

http://www.paessler.com/prtg/

Oh.  Almost forgot to mention that there is a completely FREE version which limits you to 10 sensors!

 

UPDATE!

PRTG Monitor now offers 100 FREE Sensors!  Their latest versions have also added 100's of new sensors and capabilities including HTML 5 design.

Details
Hits: 3372

The conficker.X is a nasty little worm.  I will not go into the details of what it does.  You can read more about it here.

Here are some steps you can take to clean your network from this worm once infected.

  1. First thing to do is protect your servers & workstations with AntiVirus Software if they are not already.
  2. Setup wireshark on the network(s) you know to be infected on a switch with port mirroring.  Use the following Capture filter tcp port 445 this will only capture SMB traffic.  Next apply the following display filter smb.cmd == 0xa2 and smb.file contains "\\System32\\". This filter basically only displays failed attempts to map share.  Succesful hits will look like this:



  3. Scan the infected network with a Conficker Network Scanner.  I used this one scs2.exe simple conficker scanner.  McAfee also makes a tool to scan a network and detect the worm.
  4. DO NOT Login to an infected PC with Domain Admin rights.  Login locally if at all possible.
  5. The following MS Patch should also be applied to infected PC's or Servers.  KB958644
  6. Running the latest Microsoft Windows Malicious Software Removal tool will clean the system.  Keep in mind this will only clean the system but NOT protect it from getting infected again.  You will need to install AntiVirus Software.

If you find your network infected by this worm I hope this information helps you out.

  • You are here:  
  • Home
  • Misc IT