Have you ever lost sleep at night worrying about the funny scraping noise your hard drive was starting to make and trying to remember if you backed up any of your photos or files in the last year?

I have the cure for your insomnia. Read on and I'll show you how to cobble together a Network Backup system with Network Magic and Microsoft SyncToy.

Overview

Microsoft has a nifty free app called SyncToy that allows you to do many different types of file synchronization between folders. By using the Network Magic Shared Folders feature, you can also set it up to do syncrhonization across your network from one computer (Backup "Source") to another computer (Backup "Target"). I'll also show you how to use the task scheduler on Windows XP to make it automatically happen every night at 3am.

Here are the prerequisites for the steps in this post:

• Install Network Magic on at least 2 PCs (The backup "Source" and the backup "Target")
  
• Download and install SyncToy on the Backup Source PC
  
• Create a Network Magic Shared Folder on the Backup Target PC where you want
  your backups to go
  

Okay, if you're sitting comfortably, let's begin:

1. Open SyncToy and click on the "Create New Folder Pair" button.

2. On page 1 of the wizard, set the Left Folder to be the Backup Source location you want to backup. In my case, I like to keep a backup of things under "My Documents". Then hit Next.

3. On page 2, click on the Browse button for the right folder pair.

4. This will bring up the Browse for Folder dialog. You can use the "Network Magic Folders" node to easily navigate to the shared folder on your network where you want the backups to be stored - the Backup Target. Once you are done, click OK and then Next on the Wizard page.

5. On the 3rd page of the Wizard you will be asked what type of sync operation you want to perform. For doing backups, I prefer to use the "Echo" option. This will perform a one-way sync always from the source machine to the target machine. It's useful incase I ever want to modify the target machine files - (e.g. archive them into a .zip file) and I don't want the changes to affect my desktop PC. Click Next when you're done.

6. On the final page of the Wizard enter a name for your backup. Pick something easy to remember as we'll us this again later when setup an automatic schedule.

7. OK... We're half way there. Now you can go into Sync Toy at any time and perform a backup. But, let's automate it, so that our backups happen at 3am every day. First step is to open the Scheduled Tasks application from the Control Panel, and choose "Add Scheduled Task"

8. On Page 1 of the Scheduled Task Wizard, choose SyncToy for the program to schedule. Then click Next.

9. On the Next Page, choose the Daily Option and click Next. On the next 2 screens (Not shown here), enter the time you want to start and also your Windows username and password. Task Scheduler will use this logon information to get access to your documents if nobody is logged into the machine. Make sure the Windows username you select has permissions to access to the folder you want to sync.

10. On the Last Page, check the "Open Advanced Properties" option and click Finish.

11. Now for the final step, when the Advanced properties come up you need to add the following to the end of the command:

That should do it, fresh automatic backups every day. I hope you sleep well tonight.

Posted by Brett Marl at 09:07 AM | Permalink | Comments (8) | TrackBacks (0)

For Network Magic 3.0 we implemented the ability to lock a wireless network. We call this feature "Wireless Protection".

There are three common ways to secure a wireless network using the most common infrastructure available today. Deciding which one to base our initial security approach on met a lot of debate here at Network Magic. There are usually two camps in the debate – the security purists and the user advocates.

I’m more in the latter camp. I care about security as much as it :

a) provides reasonable defense against my most likely threat and
b) is easy for me to implement.

We’ve all heard the "IT policy" horror-stories. Where the IT department decided to crack down on strong passwords:

Bomb proof. Secure, right? Not really, it’s so unusable from a user-point of view that people have to write their passwords down on sticky notes in front of their workstation to remember them all. Great technical solution, flawed execution.

So let's look at each of the 3 main ways and hear the debate… then I’ll tell you what we did and why we did it.

Security Options

1. MAC Address Filtering

MAC address filtering is a simple security measure. A MAC address is a unique address assigned to devices and computers. By maintaining an ‘approved’ list of MAC addresses on the router, it can deny access to any new machine that is not on the list. There are several shortcomings to this approach:

a) you need to know the MAC addresses of the devices you want to add, not an easy thing to figure out (Unless you have Network Map handy).
b) If a hacker knows the addresses of someone on the ‘approved list’,
they can easily spoof the address and get on your network and
c) even when your network is denying requests to other machines, it *is* transmitting information in the air-waves. This information is in clear-text and not encrypted in any way. A sophisticated hacker with a signal sniffer can watch what you are doing online and where you are browsing too. They can’t see the credit-card that you sent as part of check-out of a commerce transaction (Amazon.com for instance), as most commerce sites use a secure-connection (SSL) to transmit this data.

2. WEP Encryption
WEP was the first form of wireless encryption to be available on wireless networks. To use it you have to setup a fancy password (known as a WEP-Key) in the router, and configure each computer and/or device to also know this password. Unfortunately the ‘password’ isn’t pretty - you cant use a simple password such as “BobLikesJane”. It has to be a “128-bit encryption key” that is represented as 26 hexadecimal characters. Confused? You can be sure that you mum will be. The nice thing about WEP is that once you have it setup, your data transmissions are encrypted and anyone wanting to join your network needs to enter the ‘key’. So it feels fairly secure. Another bonus is that most other network devices – such as cameras and TiVos and media-players all support it. Although punching in a 128-bit hex-key on your TiVo remote is no fun way to spend a Saturday night.

The biggest downside of WEP? Any hacker worth their salt can crack your key in about 3 minutes or less.

3. WPA Encryption
The most common form of WPA encryption in the home network space, is WPA-PSK or “Pre-Shared Key” Mode. The good news is that WPA uses a more friendly ‘password’ metaphor, so no weird hex-key voodoo. The bad news is that most home users don’t bother creating strong passwords, and pick something like “banana” or “Johnny” which are well known words found in the dictionary. This weak-password approach can render WPA as weak as WEP in many cases. Which makes any WPA enabled network vulnerable to automated dictionary attacks. Another big downside to WPA is that older routers don’t support it and a lot of consumer networking devices do not support it either. This is starting to change however, and more recent updates of devices such as the SqueezeBox are coming to market with WPA.

The Real Threat?

So where does all this leave us? Putting the technical details aside, to truly understand the merits of each approach you have to consider WHO you are defending against. I give you two possible categories of people to defend against:

1. The intruding neighbor
This is your busy-body, freeloading neighbor who wants to get on your network to steal bandwidth and maybe poke around to see what interesting files he can find. He’s not that talented when it comes to hacking networks and can’t really do that much damage.

2. The professional hacker
This is the guy that sits outside your house in a white van with a Pringles can over his antenna pointing directly at your network. He knows all the tricks of the trade and knows how to get into a network.

For the intruding neighbor, any of the security methods above are a sufficient deterrent to keep him out. For the professional hacker, MAC Address filtering is like leaving the door to your house closed with no lock. Using WEP is like barricading your door with a single strand of wet spaghetti. Using WPA is like having a box of assemble-yourself lock-parts. If you know how to arrange them in the right way, you can make a decent lock. But if the hacker REALLY wants in, he can still break the windows.

Conclusion

To determine the right security solution for you, you have to consider a) what is your real threat and b) what is your worst exposure in the event of a compromise.

I don’t keep a Bio-Hazard suit in my basement, because I really don’t think there’s going to be a chemical terrorist attack on downtown Seattle anytime soon and for $60, I’ll take my chances.

For Network Magic 3.0, we chose to implement MAC Filtering as our first-step security solution. We believe that this has maximum ease-of-use and still provides an improved level of security over what most people have today – no security at all. For a future release of Network Magic, WPA seems like the next natural step.

Posted by Brett Marl at 10:25 PM | Permalink | Comments (7) | TrackBacks (0)

If you have ever setup security on a wireless network, then you have probably heard the term "WEP" before. While WEP has weaknesses that make it easily crackable by a sophisticated hacker, I did learn something new this weekend from my IM with Matthew our Development Manager .

When configuring a WEP-key in your router, there are two options you can choose: “Shared” or “Open”. At first glance, without knowing anything about the nuances of the technology one might think that “Shared” sounds better than “Open”. Open suggests that it’s not especially secure and anyone can get in. “Shared” sounds safer - like you tell everyone what your key is ahead of time. Naturally I assumed that Shared was more secure.

How wrong I was! Read on and I'll tell you why...

It turns out that WEP-Shared has a weakness in its authentication challenge. The way I understand it to work is something like this:

• your laptop associates with the Access Point
• the Access Point sends your laptop some 'challenge text' in clear-text
• the laptop encrypts the challenge-text using the WEP key and sends it back
• if the Access-Point sees the data is encrypted with the same key they handshake succeeds and things move along...

What's so bad about this? Well because the ‘challenge-text’ is passed in the clear, and the encrypted response to the challenge is also passed in the clear, if a hacker could see this request happen, they could use it to perform an offline dictionary attack on the data to find your key.

This is a big leg-up on hacking your network.

The open authentication option doesn’t have this challenge request so it’s a little harder to crack, (but still very crackable).

Posted by Brett Marl at 04:01 AM | Permalink | Comments (2) | TrackBacks (0)

I'm always amazed that people actually pay twenty bucks a month for GoToMyPC or even $200 for PC Anywhere.

If you have Windows XP Professional at home then you already have this feature! It's called "Remote Desktop".

Read on, and I'll give you step-by-step instructions on how to enable it for your home network.

How to enable Remote Desktop

To enable Remote Desktop on a PC in your home network, simply do this:

1. Go to Control Panel | System and select the "Remote" tab
2. Make sure the Remote Desktop check box is selected

3. If you are an admin on the machine then you already have access. Just make sure you have a nice strong password that no hacker can guess.
4. Go to you router and open Port 3389 (TCP) and map it to the local IP-Address of the machine you want to access.

Note: you may need to use either a static IP-Address or ensure your router always gives your home PC the same internal IP-Address by using a reserved range in your DHCP settings. Otherwise it can sometimes change when you reboot.

You should be all set. Your configuration is complete.

How to connect from work

To connect to your home computer from work (or a friends house) go to Programs | Accessories | Communications and choose "Remote Desktop".

Now you just need to know your WAN IP-Address to get access... but have no fear - if you have configured the Network Magic Net2Go feature, then we will automatically keep a mapping for you.

You can simply use [yourhostname].home.net2go.com to always find your home network.
eg. "jonesfamily.home.net2go.com".

Click Connect and you're looking at your home desktop!

Advanced Features

Now... if you want to get really fancy you can go to the "Local Resources" tab and choose to map your printers and disk drives. With this checked - when you are in remote desktop, you can print to your home printer and drag & drop files between home and work in Windows Explorer. How cool is that?

Pay it forward

So what are you going to do with that extra $20 a month? Easy - buy 5 Network Magic subscriptions instead and give them to your favorite friends and pass on this little secret. You'll be their hero.

Posted by Brett Marl at 10:00 AM | Permalink | Comments (31) | TrackBacks (0)

I love my jobs(s). All three of them. My first job is as CTO of Network Magic where I help set the vision and technical direction. My second job is the backend-systems guy/accountant/handyman for my wifes Art Schools in Seattle. And my third, but no less important job, is as Technical Head of Household for my home and many of my friends and relatives.

One essential enabler for each of my jobs that I always take for granted is the ability to use networks. It’s a powerful thing that has affected my life in many ways, yet it does so with ease and somewhat transparently.

Let me walk you a few hours of my life this weekend, and touch on how much I rely on “networks” to perform my jobs and stay in touch.

This weekend was the final weekend before the launch of Network Magic 3.0. It’s been a huge push and the team has been working hard on some of the features since Christmas. We had a number of bugs spring up last minute, and so a fair amount of the team is cranking away in Seattle as I type.

Not me. For better or worse, I had a trip planned to Orcas Island in the San Juan Islands of Washington. My wife (Theresa) and I own some land up there and it’s infested with Gorse – a noxious weed that we have to keep under control by law. So while the team works hard on squeezing out the last of the bugs, Theresa and I have been working hard cutting and chipping and poisoning big bushes of this weed we inherited.

We’re done weeding now and it’s early evening on Sunday. I’ve been sitting on the couch of Nigels cottage on Orcas for several hours – with surprising productivity. The cottage has a pretty cool Wireless setup. It has an 802.11 network, which is hooked to a 900Mhz wireless WAN network to a small ISP on the island. The link is speedy enough that my location is somewhat irrelevant.

The team is working hard and just released the latest ‘Release-Candidate’ to the Dogfood alias. We are hoping that these are the final bits that we will release to our customers on Monday and they need some final testing to make sure everything works ok. To do my part, I needed to put on my THH hat and install it on every PC in my home. Only I am on Orcas… no problem…

My first mission was to get the Network Magic 3.0 Installer from our private corporate network into my home network. So I used VPN to tunnel into our corporate network. To transfer the file to home, I used a share that I had previously shared out using FolderShare that I have setup between my work machine and my home machines. I dropped the new build into my shared folder on my work pc, took another sip of tea, and watched some ducks flying over the orchard and land with a splash in the pond. Before I look back at the keyboard, the bits are already in my home waiting.

My second mission was to get onto my home PC and install Network Magic. For this I used Remote Desktop to connect directly to my desktop. In seconds, I’m in and using the PC as if I were there. Once Network Magic was installed there, I opened another Remote Desktop connection and connected to the Server in my basement. 5 minutes later and Network Magic is up and running on all PCs in my home.

My sister in law, Becky called on my mobile phone, which gets surprisingly good coverage at this remote location. While I was talking with her I found a potential show-stopper bug in Network Magic. For some reason our new wireless connection manager was not able to connect to this wireless network in WEP-Shared mode. I sent a quick IM to Matthew - our development manager back at the office. He wasn’t aware of the bug, and so I grabbed the logs from the log-directory and sent them over to Matthew via email.

I hung up my conversation with Becky and noticed that I had a new voicemail at home. I have a Voice-Over-IP phone with Vonage and it delivers voicemails as a .wav file direct to my email inbox. I listened to the message and it was my mum – calling from England. I looked at the clock – it was way past midnight UK time – too late to call.

The Release-Candidate build of Network Magic was looking good. Time to turn my attention to my second job…

Theresa has two art schools in Seattle, in the same way I do at home, we have dynamic DNS (via the Network Magic Net2Go Service) setup at each location and I can securely tunnel into the machines there too. It’s the end of march and we need to file quarterly payroll taxes. I “remoted” into the Art School computer, opened up QuickBooks and spent a quick hour reconciling the accounts. While I was doing this Theresa mentioned a bug on the Art School web site. I flipped Remote Desktop sessions – back to my office PC again, debugged the problem and propped a new version of the code to the website. All in the bat of an eye. And then carried on with the accounting work.

I checked email and got mail from Libby and Tim. Our site goes live tomorrow and we’re going to put a blog up there. I want to contribute some articles... I scratched my head for inspiration and then reflected on the last few hours on the couch. Wow. Amazing how much technology I used and how many PCs I interacted with. 802.11 networks, 900Mhz networks, cable modem, DSL modems, corporate networks and even cellular networks. Now, you could argue that I’m some kind of alien freak of nature and nobody else would ever be so extreme. But it really struck me how much remote-desktop, remote-email, remote-access to voice-mail and cellular networks have liberated my need to be chained to a single office PC. I think there are more people like me that would love to be so unchained, but don’t know all the technical mumbo jumbo to make it happen. That’s what we’re planning to solve here with Network Magic. Easy Networking for normal people – not alien freaks like me.

Then my final epiphany came…. All this time I’ve been sitting here on the couch, warmed by the glow of my laptop screen, Theresa has been laying in the last few rays of the sun, feeling the grass between her toes. Perhaps all this technology really isn’t as liberating as I think it is…

Posted by Brett Marl at 04:26 AM | Permalink | Comments (2) | TrackBacks (0)

At Network Magic we use the term 'dogfooding' to refer to the act of running our own software in early pre-release form on our home computers. It's a term that we inherited from a previous life at Microsoft.

Generally speaking, a "dogfood build" has been lightly tested and is hot off the press of the nightly build machine. They contain many bugs, but usually the latest and greatest features.

They're somewhat edible, but not fit for broad human consumption :)

It's a requirement of working at Network Magic to eat your own dogfood!

Posted by Brett Marl at 02:34 AM | Permalink | Comments (0) | TrackBacks (0)