August 9, 2005
Experts Exchange Community News
You are receiving this because you are an member who has opted-in to receive newsletters.
What's New at Experts Exchange
"What the heck is Google up to?"

MHenry, the Page Editor for the Macromedia products group, wonders what the search giant is thinking.

What do you do when you have one of the best brands on the Internet? From watching Google recently, it looks like you should run it into the ground.

We're all familiar with Google's recent IPO and the meteoric rise of its stock. For the last several years, most technology companies have been waiting for the smoke to clear before even considering going public. Google's IPO was a thing of beauty; it gave hope to us all that the days of island vacations and stock options were on their way back. Of course, that hasn't happened and from the looks of things, it won't.

Google had been a blueprint of how to market an internet company. While other companies were selling smoke and mirrors and burning through venture capital, Google wasn't selling anything. With few-if any-missteps, Google became the search engine of choice and a media darling. Like a case study of marketing success, Google seemed to do everything right. Recently though, I've seen some cracks in the shell. I may just be yelling, "The sky is falling," but I've got to admit, I don't understand what Google is up to.

I did a search a couple of weeks ago looking for Photoshop tutorials. One of the sites I went to was serving up Google ads. I rarely look at ads but these caught my eye specifically because they were served by Google. I was shocked at what I saw: Out of four ads on the page, two were obvious scams. One was offering the infamous $25 copy of Photoshop and the other was one of those "Get a free Ipod, Plasma TV, computer, etc." I'm sure Google is taking a similar stand to newspapers who deny any culpability in the help wanted ads that promise $250K a year to work at home, but I don't think that will wash. When you have a brand as strong as Google you shouldn't be watering it down with garbage like this. Would you expect to see ads from Microsoft, IBM or Intel offering Photoshop for free?

There have been other cracks in the Google brand lately. When Google introduced GMail, its free email service, articles popped up everywhere questioning the security of the service. Google also offered search software that would help you find files on your computer. Again, security issues were raised. Just imagine any company having access to your email and all the files on your computer. Given the recent security breaches at banks and credit card processing companies, it's easy to understand why people were concerned.

So what did Google do to bounce back from all the recent missteps? What any good company would do, they gave us old technology in a shiny new box. Google did the unexpected and began to mimic some of Yahoo's offerings, maps, driving directions, free Email, etc. There's a good marketing decision: Copy the company you just beat out in your core business.

I guess I'm a little jaded but I don't understand all the fuss about their new satellite map service. Remember, about 6 to 8 years ago there was some other company that came out with satellite images. Most of us looked at our house, maybe even at the house of the girlfriend who dumped us in college and then we moved on. And that company was trying to charge for the service. Outside of land speculators, I don't really see anyone paying for this service. Granted, Google did it better and faster and the technology is damn impressive, but it's still the same service for which most of us were unwilling to pay. Of course, if they're just hoping to serve more ads, it may pay off. And at least the image of the moon with a surface of cheese was good for a chuckle.

People are also wondering where Google is heading with the search engine. I recently ran across a discussion relating to a patent application that Google supposedly filed. In this forum, people are discussing how Google may be ranking pages based on the freshness of content. If true, this is a huge mistake. Sure, it makes sense if you're looking for news articles, but if you're the average shopper looking for a deal on presents for Johnny's birthday, freshness is probably not the most significant factor in your search. In fact, it may be that this will increase search engine spamming. Most of the SMB market doesn't have the budget or the technical knowledge to continually update their pages in the hope of achieving higher rankings. That means, only people with budgets to burn will get the high rankings: Big companies and spammers.

To be fair, I've also read that the freshness isn't of prime importance; that as long as new links are added, most sites will be ok without updating. We can only hope this is the case. One thing seems to be clear: The shine is off the apple.

When Google first started listing ads on searches, most of us were unsurprised. We all knew they had to come up with a revenue model that would work. The good news was, it seemed like serving ads was going to be all they needed. Apparently, it's not enough. In the pursuit of becoming all things to all people, Google is sliding down the same slippery slope where many companies have stumbled. Let's hope they can clean up the garbage ads, focus on their core competency and return to the glory days.

Tip for New Members: What's a TA?

This is a first: we've been asked to republish the list of acronyms that are commonly used at Experts Exchange.

  • EE: Experts Exchange -- of course
  • MA: Membership Agreement, which you agreed to when you registered
  • CS: Community Support, where you can get the assistance of the Moderators.
  • PE: Page Editor; a member of EE whose responsibilities include helping members get answers, making sure that suggestions are helpful, and providing assistance to the Moderators in technical matters.
  • TA: Topic area. EE has about 250 of them, give or take, and will be adding many more in the next couple of months. The pages call them "Resource Channel", but old habits die hard.
  • DoCS: Director of Community Support; a kindly gentleman named Wes Lennon, a long time member who oversees the Moderators and Page Editors.
  • HOF: Hall of Fame; the top 100 Experts all time, ranked by number of points earned.
  • PAQ: Previously Asked Questions; approximately 1.3 million questions that have been answered at EE. To PAQ a question means to close it.
  • CV: Cleanup Volunteer; selected members who help the Moderators clean up abandoned questions.
  • PS: Premium Services; extra features that are either purchased or earned.
  • MC: Member Comment; the method used by Moderators and Page Editors to contact members without violating the Privacy Policy.
Time to upgrade your Cisco, *NOW*!

A few weeks ago, we had an item about Microsoft dumping its Cisco routers. Now, The--Captain, one of our Page Editors for some of the Networking TAs, shows why we shouldn't be surprised.

It's time to upgrade your Cisco routers. Not tomorrow, not next week. Now.

Last week, Cisco told its customers -- the ones who use its networking kit -- to upgrade their software because of a vulnerability that could be exploited to launch denial of service attacks. The advisory came less than a week after Cisco sued Michael Lynn, a researcher for Internet Security Systems, and ISS over a presentation Lynn was to give at the annual Black Hat Conference.

Cisco got a restraining order against Lynn, ISS and the conference, and tore the pages referring to Lynn's presentation from the materials that were to be handed out at the conference. Lynn had agreed to change his presnetation, but two hours before he was scheduled to deliver his talk, he quit IIS and gave his presentation anyway, saying that Cisco knew about the vulnerability and had done nothing to warn its customers. He then gave a detailed report on exactly how to do what he said could be done.

Cisco seems to be downplaying this, but the presentation in question evidently showed that running arbitrary code (read: "Huge worm infestation attack vector") is possible on unpatched Cisco equipment, and the patch is not widely adopted since Cisco failed to reveal the extent of the flaw.

I'm not necessarily suggesting that EE reveal the extent of the flaw, but I do think the conscientious thing to do would be to advise folks to make sure their Cisco hardware has the latest patches.

NetBIOS Browsing Basics

adamdrayer began playing around with computers before he was a teenager, and started his own consulting firm at age 16. He sold it two years later to go into the pizza business, which makes sense for a kid from New York City. He's now back to doing network jobs.

A good portion of questions in the Microsoft Network TA come from users who are experiencing the inability for one computer to see another computer in 'My Network Places' or 'Network Neighborhood'. Two things immediately come to mind when I encounter such a question: Configure Windows Firewall and Enable 'NetBIOS over TCP/IP'. One or both of these are usually sufficient enough to fix the problem, and then the questioner happily accepts the answer and is never heard from again. Normally I don't explain why these work because it can be tedious and the questioner doesn't usually care enough to ask, but I thought I'd sit down and write a technical article about how NetBIOS browsing really works for those who were interested.

First, I should clear up a common misconception floating around. NetBIOS is not a networking protocol. In fact, it's not a protocol at all, but rather it is an Application Programming Interface (API). It allows programs and services to easily announce themselves and their shared resources, determine the names of other computers that are sharing resources, and find out what their IP address is. These three services are often referred to as "NetBIOS Name Registration", "NetBIOS Browsing", and "NetBIOS Name Resolution" respectively. In order to provide these services, NetBIOS constructs messages that must then be passed to other computers. In addition, NetBIOS also provides both reliable and un-reliable session services, but that's beyond the scope of this article.

To pass these messages back and forth between computers, a NetBIOS Transport is necessary. In the early days of Microsoft Networking, the NetBIOS Extended User Interface (NetBEUI - pronounced Net-Booey) was used to accomplish this goal. NetBEUI acted as both a Transport Layer Protocol and a non-routable Network Layer Protocol. This was not the only option available though. For those who were running Novell NetWare, a NetBIOS-capable implementation of IPX/SPX came with Windows that was called NWLink.

With the exponential growth of the Internet during the 1990s, TCP/IP emerged as the protocol suite of choice. There soon became a growing need for Microsoft to allow NetBIOS to function using 'NetBIOS over TCP/IP' or simply NBT. This has led to the current obsolescence of NetBEUI except in rare legacy networks. Beginning with Windows XP, NetBEUI no longer even ships with the CD.

In an NBT implementation, messages are passed over ports 137, 138, 139, and 445. These ports are commonly blocked by most firewalls by default which prevents successful NetBIOS communications. In order to correct this, firewalls must be disabled or configured to make exceptions for the computers on the local network.

It's important to note at this point that using NetBIOS is not essential to sharing resources on Windows networks anymore. Since Windows 2000, the upper layer protocol for Microsoft Networking has been able to operate using TCP/IP without NetBIOS. Without NBT, however, there would be no NetBIOS browsing or broadcast name resolution. This is fine if you are using Active Directory, but in a workgroup environment, shared resources would have to be explicitly specified by name, and name resolution would have to be performed by a name server or configuration file.

Once NetBIOS messaging is enabled, computers will register themselves by either sending network broadcasts or notifying a WINS server. These messages are referred to as Announcements. The announcement includes the 15-character NetBIOS computer name, and a special 16th character which defines the service type being offered. If the computer name is less than 15 characters, it is padded with spaces. A name can be registered multiple times with different service types, but never with the same one twice. There are also workgroup or domain services that a computer can offer, which is registered with a 15-character version of the workgroup or domain name plus the special 16th character. You can view the name registrations of a particular computer by using the NBTSTAT.EXE Windows utility with the "-n" command line switch.

During the name registration process, the announcing computer is notified if any other computer on the network has already registered itself with the same name. If there is a name conflict, the offending computer notifies the user with a pop-up message and disables all further NetBIOS communications. If a computer has multiple network cards on the same subnet, it will also result in a conflict and subsequently lead to the inability to use NetBIOS. This is true even if only one of network cards is configured to use NBT. For this reason, it is not recommended that multihomed computers be configured to use NetBIOS.

When the registration announcements are made through broadcasts, they are not able to be forwarded to other networks. For this reason, each subnet must designate a unique computer to collect and track broadcasts whether WINS is present or not. This is often referred to as the Master Browser but can go by many other names as well. Any computer that is running the Computer Browser Service is considered a Potential Browser, and an election is held to determine which one would be best. The election process is somewhat complicated, but usually the computer running the most recent version of Windows and the one that holds the most server-like functions will win. There are ways to bias elections, however, by stopping certain computer's Computer Browsing Service or through additional registry settings.

It is not necessary for a computer to run the Computer Browsing Service in order to see a list of computers in 'My Network Places' or 'Network Neighborhood', but at least one computer must be running it so that a Master Browser can be elected. Once elected, The Master Browser's first duty is to tally the number of computer registrations and then designate other Potential Browsers to become Backup Browsers. The Master Browser will designate one Backup Browser for every 32 devices that register their name on the network.

After synchronizing its list of names with the Backup Browsers, it is then the Backup Browser's job to supply these browse lists to clients who request them. The Master Browser can often double as a Backup Browser which then makes it responsible for both collecting name registrations and supplying browse lists to other computers. You can determine which computers hold the Browser Roles as well as force an election by using the BROWSTAT.EXE utility. It is available on the Windows Support Tools CD, or via download from Microsoft's website.

When a computer opens 'My Network Places' or 'Network Neighborhood', a Backup Browser supplies it with a browse list, which populates the window. The list, however, only contains the name of each computer and the services they are being advertised. In order to access the resources, name resolution must be performed to obtain the requested computer's IP address. This can be done a number of ways, including WINS, DNS, an LMHOSTS file, a HOSTS file, or broadcast resolution. Most times a requesting computer will try more than one if necessary. The order in which it attempts to resolve a name is determined by the Node Type, and can be configured manually or through DHCP. The Node Type can be viewed by running "IPCONFIG /ALL".

For domains that span multiple subnets, it is necessary for one computer in the domain to take on a specific Browser Role called the Domain Master Browser and it is usually the Primary Domain Controller that does so. The registration for the Domain Master Browser will contain the 15-character version of the domain name and a special service type of 0x1B as the 16th character.

The Domain Master is responsible for collecting browse lists from various Master Browsers on each subnet and merging them. It then returns a complete domain-wide browse list back to each Master Browser, who in turn supplies it to each Backup Browser.

Since some Master Browsers will be on a different subnet, they will not be able to receive a broadcast announcement from the Domain Master. For this reason, the Domain Master must use WINS to register itself so that the Master Browsers can locate it. It is therefore usually necessary that both the Domain Master and the Master Browsers are configured to use WINS in order to browse across subnets. As an alternative to WINS, an LMHOSTS file can be configured on each Master Browser to provide the name and IP address of the Domain Master. When using LMHOSTS, it is important to specify the correct Domain Master service type in the file. It's worth noting at this point that browsing across subnets in a workgroup environment is not possible because there would be no Domain Master. That's also a question that pops up fairly regularly in the Microsoft Network TA.

So, this is NetBIOS Browsing in a very small nutshell. Although it's used on most home networks, many larger organizations have removed it from their infrastructure because of its heavy reliance on broadcasting and the advent of Active Directory. Microsoft has talked about phasing out the technology in the past but has met stiff resistance from enterprises who rely on it for legacy applications. Eventually it will be gone one day, but for the time being it is still being used widely. There is tons more information out there, but most of it is extremely technical and segmented. There is very little documentation that approaches the topic from a top-down conceptual point of view which can be essential in understanding and troubleshooting a technology.

More News and Notes
Nata's Corner: Unclear on the concept

woman in specticals Way back when, US courts decided that having one or two big telephone companies wasn't a good idea, because there wasn't any competition. So when AT&T was divided into several smaller companies, part of the deal was that they had to lease their lines to other companies.

That turned out to be really good for Internet providers, who could lease lines from the phone company and resell access to them -- which means little companies, like the one that is my ISP, could compete against big companies like SBC. That all changed last week when the Federal Communications Commission ruled that phone companies no longer have to offer DSL at discounted rates to their competitors.

The thinking is that this will put the phone companies on a level playing field with the cable companies, who don't face the same requirements. But it also means that if I want DSL from my local ISP, it's probably going to cost me more than it would from the phone company. Will it make a difference? You bet. Last week, a friend of mine, who had been getting DSL from AOL (that's another story -- he's a little technology-challenged), had to cancel the card that was paying for it (yet another story -- the card was one of those that was compromised a few weeks ago). So he was going to move to the same ISP, but they were forced to raise their rates because of the FCC's decision. He gets his DSL from SBC, and the ISP has loses out.

Laugh at the Nigerian "help me steal some money schemes", but it looks like it pays about as well as Google does, and you don't have to drive the Bayshore freeway. According to the Federal Trade Commission, Internet scams cost elderly Americans $152 million last year.

Click here to from the newsletter.
The Premium Services include a number of features not available to "limited" members. Among them:
> Unlimited question points
> VIP Search
> Bookmarks
> Quick Links
> Collapsible menu
> No ads
You can purchase Premium Services on a month-to-month, semi-annual or annual basis, and take full advantage of all that Experts Exchange has to offer!
Inside the numbers
ameba, one of EE's prominent Experts, provides us with a list of newly earned Certificates. His list of all of the Certified Experts is located at his site. The list below covers the period from July 24 through August 7.
Expert Certified in Topic Area
flavo Sayedaziz kirenievs mike1086 MitchellVII angelIII sirbounty LunaSkye codeconqueror rafrancisco angelIII amit_g BriCrowe randeeps DanRollins pcsentinel Snarf0001 randeeps rdivilbiss aqua9880 SystmProg DanCh99 rindi JBlond gwalkeriq cjjclifford gpriceee Genius Guru Guru Master Master Wizard Guru Master Master Genius Genius Sage Wizard Master Master Master Master Master Master Master Sage Master Master Guru Master Master Guru MS Access MS Access MS Access MS Access MS Access Visual Basic Visual Basic Visual Basic Visual Basic Microsoft SQL Microsoft SQL Microsoft SQL Microsoft SQL Microsoft SQL Microsoft SQL Microsoft SQL Microsoft SQL ASP ASP JavaScript Windows 2000 Windows 2000 Windows 2000 Windows XP Delphi Java Networking
Expert Certified in Topic Area
sunray_2003 ccomley nauman_ahmed rnagli Torrwin appari Thalox NowaY TheLearnedOne BNettles73 rlindermeier TheLearnedOne markgeer jrb1 pennnn riazpk MehulS78 Metanil helpneed Sancler COBOLdinosaur rdivilbiss JohnModig mgh_mgharish ShadowProgrammer DaVinci007 mikeleebrla Guru Master Wizard Master Master Master Master Master Master Wizard Master Wizard Sage Guru Guru Guru Master Master Master Guru Sage Wizard Master Guru Master Master Guru Networking Networking ASP.NET ASP.NET ASP.NET ASP.NET ASP.NET ASP.NET ASP.NET Exchange_Server Exchange_Server C# Oracle Oracle Oracle Oracle Oracle Oracle Oracle VB.NET Web Development Web Development Web Development Excel Excel Excel Win Server 2003
Expert Certified in Topic Area
geir_andersen war1 ddlam teraplane ZiaTioN NovaDenizen meyersd yuzh flow79 Axter MASQUERAID WoodyRoundUp tim_holman flow79 PeteLong lherrou RedKelvin harbor235 RanjeetRain war1 Jonvee ahoffmann dorward newuser4 Lobo ozo COBOLdinosaur Master Guru Master Guru Master Master Guru Master Master Master Guru Master Master Master Master Master Master Master Wizard Master Guru Guru Master Master Guru Master Master PHP Outlook Flash Perl Perl Mysql Storage Linux HTML C Applications PHP and Databases Windows Security CSS Miscellaneous Miscellaneous Browser Issues Firewalls Email Email Windows ME CGI Web Languages Printers Photoshop Puzzles & Riddles Web Dev. Software
1561 experts have 2515 certifications: Genius:56 Sage:118 Wizard:146 Guru:458 Master:1737
Copyright ? 2005. All rights reserved.