Using cows to measure the environmental benefits associated with server virtualisation…

Posted on By Mark Wilson

Much is made of the environmental benefits of server consolidation using virtualisation technologies so Microsoft and Alinean have put together a website to create a report of the likely environmental benefits of implementing Microsoft Virtualization technologies. I don’t know how accurate it is (the point of using Alinean is that there should be sizable amount of independent market research behind this) but, ultimately, the goal here is to sell products (in this case Windows Server 2008 with Hyper-V).

Regardless of the serious environmental and economical qualities of the Hyper-Green site that Microsoft and Alinean have put together, it’s not a patch (humour wise) on the Virtualisation Cow site that the Australian-based virtualisation consultancy Oriel have created, based on using HP server hardware and VMware Virtual Infrastructure software. The Oriel site may not produce a nice report based on market research from IDC and others but I’d rather express my greenhouse gas savings in terms of cows any day!

(This post is dedicated to Patrick Lownds – joint leader of the Microsoft Virtualization UK User Group – who commented at today’s Microsoft Virtualization Readiness training for partners that he was sure this would appear on my blog… it would be a shame to disappoint him…).

Spotting strange connections on the network

Posted on By Mark Wilson

A few nights back, I was sorting the pile of books, newspapers and magazines in the bedside reading pile into two more piles: “no time to read so send for recycling”; and “I really must read that”. As I did so, I came across a copy of .net magazine that included an article on using netstat.exe to detect spyware. This is a well-known, but often forgotten tool in the IT administrator’s arsenal:

netstat -a

will give a list of all network and Internet connections, detailing the protocol (e.g. TCP or UDP), local IP address (and port), foreign (remote) IP address (and port) and the state of the connection.

netstat -an

will display addresses in numeric form, so it’s pretty easy to spot those that are listening from another network and a whois lookup will help work out who’s listening in who shouldn’t be (often it will turn out to be something intentional).

netstat -abnv

will take it a step further and show you the applications and components used to initiate the connection – look out on this list and you should be able to spot any strange applications and google them to find out what they are.

Incidentally, netstat is not just for Windows, but the command switches I gave above are. If you are using Windows and you don’t like the command line, then TCPView is a former Sysinternals tool (now owned by Microsoft) that provides a GUI front end for netstat, including whois lookups and process properties. Another useful tool is Nir Sofer’s CurrPorts, which displays the list of all open TCP and UDP ports along with information about the process that opened the port (including highlighting suspicious processes) and the ability to close unwanted TCP connections, kill the process that opened the ports, and save the information to a file.