[ H(1) | H(3) | H(4) | Novell FAQ Home Page ]

H.16 Problems with disks and tape drives on Adaptec SCSI controllers

Many users have experienced problems with older Adaptec SCSI controllers with both disks and tape drives. If you're running older Adaptec software you should upgrade it immediately to the current release (minimum 2 June 1994). You should also seriously consider upgrading your hardware, as the 1542C has problems in servers with more than 16MB memory. The 1542CF doesn't.

[Thanks to Julian Byrne for this info]

Contact Adaptec's Literature Hotline at 800-934-2766, BBS: 408-945-7727 Tech. Support Hotline: 800-959-SCSI (7274) or 408-945-2550, Interactive FAX: 408-957-7150 (PCI compatibility list is doc #21105), ftp://ftp.adaptec.com, http://www.adaptec.com

[Thx V.K.R.]

H.17 FTP address/contact info for various NIC MLID drivers

Network Interface Card ODI MLID Vendors / Driver locations:

3Com Corporation
	(800) NET-3COM
	BBS: (408) 980-8204
	ftp://ftp.3com.com/adapters
	     *129.213.128.5*

Accton Technology Corp. 800-926-9288 BBS: (408) 452-8828 ftp://ftp.edu.tw *140.111.1.10* ftp://ftp.accton.com.tw *192.72.24.119* http://www.accton.com.tw/ gopher://gopher.accton.com.tw/ support@accton.com.tw

Allied Telesis, Inc. (206) 488-5888 BBS (206) 483-7979 ftp://ftp.salford.ac.uk/supplier/allied *146.87.255.21* ftp://gateway.centre.com/pub *198.93.88.66*

Apple Computer Inc. (800) 538-9696

BOCA Research Inc. (407) 997-6227

Bus Logic

techsup@buslogic.com

Cabletron ftp://ctron.com/pub *134.141.197.25*

Compaq ftp://ftp.compaq.com/pub/softpaq/Drivers *131.168.249.252*

http://www.compaq.com/support/files/index.html

CNet Technology Inc. (800) 486-2638 BBS: (408) 954-1787

Cogent Data Technologies Inc. (800) 4-COGENT BBS: (206)-378-5405

Digital Equipment Corp. (800) 722-9332 ftp://ftp.dec.com/pub/micro/msdos/network *16.1.0.2*

D-Link Systems Inc. (800) 326-1688 ftp://dlink.com/pub *192.152.81.1*

Eagle Technologies See Microdyne

Hewlett-Packard Co. (800) 752-0900 ftp://ftp-boi.external.hp.com/pub/computer_products/network *192.6.71.2* ftp://ftp-boi.external.hp.com/html/novell.htm

International Business Machines ftp://software.watson.ibm.com *129.34.139.5*

Intel Corp. (800)538-3373 BBS: (503) 645-6275 ftp://ftp.intel.com/pub/support/etherexpress *143.185.65.2* http://www.intel.com

Linq Systems Corp. (800) 870-3185

Microdyne 1140 Ringwood Court San Jose, CA 95131-1726 (408) 432-1191 Fax: (408) 432-1265

Mitron Computer Inc. (800) 713-6888 BBS: (408) 371-9786 ftp://mitron.com *199.182.76.100*

Racal Interlan Inc. (800) LAN-TALK (508) 263-9926 fax: (508) 635-9140 ftp://ftpserv.interlan.com/ *130.204.8.16* Cust_Servie@RImail.interlan.com

Standard Microsystems Corp. (800) SMC-4-YOU ftp://ftp.rug.nl/networks/novell/smc *129.125.4.15* ftp://novftp.rc.rug.nl/drivers/smc *129.125.3.31* ftp://ftp.smc.com

Thomas-Conrad Corp (800) 424-3579 ftp://novftp.rc.rug.nl/drivers/thom-con *129.125.3.31*

Tulip ftp://novftp.rc.rug.nl/drivers/tulip *129.125.3.31*

Western Digital See Standard Microsystems Corp. ftp://novftp.rc.rug.nl/drivers/western *129.125.3.31* http://www.wdc.com

Xircom, Inc 2300 Corporate Center Drive Thousands Oaks, CA 91320 Tel: 805-376-9300 Fax: 805-376-9030 BBS: 805-376-9130 Sales/Support: 800-438-4526, 800-874-7875 (Canada?) Tech Support: 805-376-9200 Tech Support Fax: 805-376-9130 Factsline Document Retrieval: 800-775-0400 Compuserve GO XIRCOM Canada - Keating Technologies, Inc. (416) 479-0230 (Markham, Ontario) Europe, Middle East, and Africa 32 3 326-34-94 (Belgium) BBS: 32 3 326-23-68 Asia Pacific (852) 525-2078 (Hong Kong) BBS: (852) 537-6048

There are also NIC ODI MLID drivers on these locations:

Microsoft Corp. ftp://ftp.microsoft.com *198.105.232.1* http://www.microsoft.com

Novell Inc. ftp://ftp.novell.com *137.65.1.2* http://www.novell.com ftp://sjf-lwp.sjf.novell.com *130.57.11.140*

Utah State University ftp://netlab2.usu.edu *129.123.1.44*

[Thx F.H.S.]

H.17.1 Suitable NICs for the NetWare server itself

>Are the 3Com "3C509" cards I have in my server suitable?

3C509 have a very small packet buffer, too small to stand much traffic at all. They interrupt the cpu with "packet has arrived" before the full packet is in, and that means the software does not know the size of the buffer to allocate to absorb the packet and thus it must allocate a max length one every time (memory hog, oink). The cpu must hang around waiting for the packet to arrive (1.5msec for a full length Ethernet packet, forever in cpu terms) and then clear the board. The cpu has to do all the work because the board is not a bus master kind. Given the tiny board buffering the cpu must attend to the board swiftly or packets get lost from overruns.

All of these things are bad characteristics in a busy server, and modern NICs avoid these problems. An NE-2000 is a better board in a server, and there are many boards much better than the (ISA bus) 3C509 NIC.

Good boards in servers are bus masters, meaning EISA or PCI bus currently. Not just PCI or EISA boards, but bus master boards. With these the main server can keep working on requests while the lan adapters deal with packet busywork, cpu utilization goes way way down, fewer packets are lost from overload, the server continues to perform well as the load grows high and higher. The disk system is happier too because there are fewer lapses of attention to it, so think of the server as being less stressed by better lan adapters (and by better disk adapters).

Servers (CPUs, disks, NICs & RAM) are about to be strained by (1) Win95 and its applications which require larger file transfers, (2) User demand for 100Mb/s service to the desktop.

[Thx. Joe D.]

H.18 Fax products for NetWare

Optus Facsys provides OCR for incoming fax routing.

Cheyenne FaxServe [runs as an NLM on the server] from Cheyenne Software, 516-484-5110 or 800-CHEY-TEC, Fax: 516-484-3493, faxserve@cheyenne.com. The latest version, 3.x, supports NetWare 4.x, NDS, and includes an enhanced FAX client for Windows workstations.

QNT QPServer [requires a dedicated PC]

Castelle FaxPress [allows the use of multiple fax/modems, doesn't need a dedicated PC, but incoming faxes must be routed]

GammaLink, by Dialogic, makes fax boards supporting from 1 to 12 lines on a single board, each with it's own fax coprocessor. RightFAX, also by Dialogic, has servers for OS/2 and NT (but no NLMs). The OS/2 server works well with NetWare & there are RightFAX clients for DOS, Win & OS/2.

http://www.dialogic.com/

Another possibility for fax boards is Brooktrout.

[Thanks to H.K., Bill Willcutt & Ivo Spigel for this info]

WinPort allows Network Faxing, Remote Access and Modem Pooling. You can also map the network modem to a standard unused comm port in windows. LanSource's Tech number is (416) 535-3555, sales@lansource.com

[Thanks to Greg Horne and L.C.H. for this info]

Faxware from Tobit, Germany. Is NLM based, supports almost any fax-modem, ISDN adapters with G3 add-on board for inbound routing, has an optional PCL NLM, an optional fax-on-demand module, an API and is fully integrated with Netware, ie. it knows users and groups, uses NW queues and can poll directories.

[Thx A.S.]

For more information, check out:

http://www.traffic.is/

http://www.faximum.com/w3vlib/fax/

[Thanks to Lennart Regebro for this info]

H.19.1 Backup software products for NetWare

Novaback works with NW 3.x and 4.0x servers, but it doesn't back up NDS. It also backs up FAT based disk drives on the local machine. Novaback is made by Novastor Corporation, #109-30961 Agoura Road, Westlake Village, CA 91361, Voice: (818) 707-9900, Fax: (818) 707-9902 and is available in DOS, Windows or NLM versions.

Cheyenne Software makes ArcServe for DOS and Windows clients. ArcServe can also back up workstations. Cheyenne can be reached at 516-484-5110, Fax: 516-484-3493, or 800-CHEY-TEC for Technical Support. Mailing address: 3 Expressway Plaza, Roslyn Heights, New York 11577, eMail arcserve@cheyenne.com or arcserve-win@cheyenne.com (for ver. 5), arcserve-dos@cheyenne.com (for ver. 4) or support@cheyenne.com. They also have an ftp site, ftp.cheyenne.com and a Web site, www.cheyenne.com. Make sure that the hardware that you plan to use is *fully* supported and certified by Cheyenne's compatibility listing and that you have all the *latest* patches and updates for your NetWare and supplementary products. Current version is 5.01G and there is a patch file for this, aw0200.exe. As of May 4, 1995 there is now a Arcserve eMail list run by Kevin Cheek (kcheek@umich.edu) -- send a message to majordomo@mmg2.im.med.umich.edu with a Text/Body line of Subscribe Arcserve or Subscribe Arcserve-Digest to get the digest. NOTE: A lot of people are very unhappy with Arcserve...

[Thanks to Robert Maubouche, David Jancan & Kevin Cheek for this]

BackupExec is a server based product by Arcada. It is fully SMS compliant and can back up 3.x and 4.1 based server including NDS. It also has the ability to backup other servers as well as DOS, Windows, Mac and Unix client stations. Arcada can be reached at http://www.arcada.com, or at #1101-37 Skyline Drive, Lake Mary, FL 32746, (800) 3ARCADA/(407) 333-7500, Fax: (407) 333-7730, BBS (407) 444-9979. Arcada provides an upgrade for Cheyenne users. A full featured 30 day evaluation is available at ftp.arcada.com. Tech support is available via the 800 number. BackupExec is not as full featured as competing products but it handles backups and restores well.

[Thx J.M.]

A newcomer is SnapBack from Columbia Data Products. Simply backup your existing drive, prepare a boot diskette, plug in your new drive, boot from diskette, run the restore directly to the new drive (no drive pre-prep). Once your server is back up and running with the new drive(s), run the ReSize option supplied with Snapback to resize your partitions. Columbia can be reached at (407) 869-6700, Fax: (407) 862-4725, BBS: (407) 862-4724, cdpi@cdpi.com or http://www.magicnet.net/cdpi

[Thx B.F. & John Sharpe]

LANShadow from Horizons Technology, Inc, 3990 Ruffin Road, San Diego, CA 92123, (800)828-3808, 619-292-9439, uses a backup server that can backup multiple servers if necessary and can be located anywhere on the network.

[Thx E.T.W.]

45-day evaluation copies of Palindrome's Backup Director 4.0 and Storage Manager 4.0 for Netware 4.1 are available from Palindrome, (800)288-4912, 600 E. Diel Rd., Naperville, IL 60563, (708)505-3300. Also, their software can be found at:

ftp://ftp.palindrome.com

or

ftp://ftp.seagate.com/palindrome

[Thanks to P.R. & L.C.H. for this info]

H.19.2 Backup hardware products for NetWare

Digital Linear tape is 50-100% faster than DAT and more reliable, since the tape floats above the tape heads and are never in contact with it. DLT's work just fine with just about any backup application that you might have. They are ASPI compatible with ASPI drivers readily available. The standard DLT holds 10 GB uncompressed, 20 GB compressed. A new DLT offering was recently released that holds 20 GB uncompressed and 40 GB compressed. The 10/20 GB tapes are about $25-$30 each, the 20/40 GB about $100. Both single drive and jukeboxes are available, with the jukeboxes harder to come by due to the present demand. Quantem owns the rights to DLT, but the technology is licensed to a number of vendors.

[Thx G.F.]

Note: 8mm tape allows for 1500 passes, DAT - 5000 and DLT - 1,000,000.

[Thanks to Shaun@CCNET.UP.AC.ZA for this info]

The Intel Storage Express can be equipped with an auto changer DAT drive with up to 24 GB capacity (48 with compression). It can achieve up to 100 MB/sec across the [fiber] network.

[Thx B.F.]

HP Jetstore 6000: Stores up to 8 GB, 5 drive auto-changer available.

[Thx D.T.]

Colorado Memory Systems, 800 S. Taft Ave., Loveland, Colorado 80537, (800) 451-4523 Product info/purchase, (970) 635-1501 DOS Tech Support (970) 635-1502 Windows Tech Support, (970) 635-1503 Netware Tech Support (800) 368-9673 QicFAX, (970) 635-0650 BBS

H.19.3 Backup methodologies

Weekly Full: Five tapes, labeled Monday through Friday. Incrementals are performed Monday to Thursday and a full backup on Friday. The backup horizon is one week. Using ten tapes would extend this to two weeks.

Sequential Reuse: This uses five full tapes which are recycled. Four incremental tapes are used from Monday to Thursday, with the Friday full being rotated. This gives a backup horizon of five weeks.

Tower of Hanoi: The five full tapes of the Sequential Reuse, relabelled A to E here for brevity, are used as: A B A C A B A D A B A C A B A E. In this method, tape A is reused every two weeks, tape B every four weeks, tape C every 8 weeks, tape D every 16 weeks and tape E every 32 weeks. Using more tapes extends the backup horizon further.

Paul Merenbloom method: Tapes are divided into groups of daily, weekly, monthly, and annual. Use eight sets of daily tapes (two-month rolling rotation) and two sets of weekly tapes (104-week rolling rotation). Monthly and annual tapes are set into permanent storage.

Cheyenne ARCserve method: Based on a seven-day week, which has at least one full backup that produces a weekly tape. During each week, there can be zero to six daily backups. You have the choice of running full, differential, or incremental backups for your daily backups. Every month a monthly tape is produced. At the end of the year the last monthly tape becomes the yearly tape. This cycle can go on indefinitely.

[Thanks to F.H.S. and Mary Bernhardt for this info]

In response to a user's desire to re-partition a NetWare 3.12 server into 2 or 3 volumes, Joe D. posted the following:

 - Backup *everything*, including drive C:, twice.

- Load Install, volume options, zap, recreate, reload System & Public The trick will be finding those files, which is best done by acting as a NW client during this entire process, with all files held on another NW server (image of the CD-ROM or floppies in a directory).

- Restore from tape. Be sure to restore the bindery first, then files with trustee rights. Most backup programs will not restore space restrictions nor printer queues, so recreate those by hand afterward.

- Syscon, change rights

- Other details (Mail stuff, login script funnies, etc)

But make sure your tape program will restore to a new volume name! Hint, borrow a spare hard disk as a temp volume.

[Thx Joe D.]

Then, responding to a user who wanted to rebuild a server but who had no backups as yet, Joe D. said:

You can try SBACKUP and keep your fingers crossed. Be sure to have a good XCOPY *.* /s/e to some hard drive somewhere.

or

You can mount the big new volume as SYS2:, run bindfix twice on SYS:, copy everything from SYS: to SYS2: (xcopy from the root). Missing will be open files and system files (print queue things, plus the active bindery files), and trustee rights. Obtain trustee rights with a separate program (Wolfgang Schrieber's utils for a start). Dismount both volumes, swap names, mount the new SYS:. Run BINDREST, then restore trustee rights from that separate program or do it by hand.

I indicated privately that Novaback SCSI tape drive software costs less than $100 and works fine on NW 2/3 servers. But ya gotta have a decent backup device, translating into a SCSI tape drive (DAT or maybe Exabyte, or DLT if you have lots of $$$).

[Thx Joe D.]

H.19.4 Disaster Recovery methodologies

Purchase a computer for a user that is equal in capabilities to you server and give it to a user on the condition that when the server dies, this becomes the backup server or used for spare parts. Ths computer would have the same disk, controller cards, and RAM as the server. When developing a disaster recovery plan, write it in the perspective that you were disabled in the disaster and a network consultant from an outside company would be able to restore your systems. Specifically state where disks are located, where passwords are stored etc. Be exact and very detailed . Document, Document, Document!

Besides the nightly full backups I do using Legato's Networker, I have a server that contains equal amount of disk space to all my servers. Each night, I use Arcserve and archive to this Server. If my main server goes down, key personal can log onto this one for the purpose of reading databases for customers while we frantically bring up the primary server. We are looking at Vinca and Horizons Technology, LANshadow for online mirrored solutions. These companies have different solutions for different budgets. Take a look at all the products Vinca has.

A useful product that many many network administrators might find handy is Open File Manager from St. Bernard Software, 619-676-2277, allowing your backup software to backup open files.

[Thanks to Brent Case for this info]

Some books on Disaster Recovery include:

"Disaster Recovery for LANs: A Planning and Action Guide" by Regis J. "Bud" Bates. ISBNs 0-07-004194-6 HC, 0-07-004494-5, McGraw-Hill, 1994. TK5105.7.B38

[Thx J.H.]

"Writing Disaster Recovery Plans for Telecommunications Networks and LANs", by Leo A. Wrobel, 1993, Artech House, Norwood, Massachusetts. ISBN 0-89006-694-9

[Thanks to Russ Bellew for this info]

And, of course, Ontrack Data Recovery, (800)555-1212...$ alert...

[Thanks to Christopher D. Heer for this info]

Installing netware again is kinda easy, so all I do is keep a tape backup of the SYS volume, and a mirror of the backup install in our fire safe. I also mirror the more important system files on a seperate volume.

I tried a dummy disaster recovery a while back and this worked ok for me. The most important thing is to take regular backups.

[Thx R.C.]

If your tape backup software and tape drive are on the server as .NLMs, then you would have to install from the Novell disks, then install your tape backup software, index a tape, then do your restore. I do an archive to a standby server each night so I can log my key users in for viewing vital customer service data while we try to repair the primary server.

Don't forget to backup your DOS partition with Startup.ncf and your controller card drivers. My duplexed drives have duplicate 10 Meg DOS partitions so I can swap the Primary with Secondary if I need to.

Also, I recommend you document your disaster recovery detail enough so that a local CNE could be hired to restore in case your were hurt badly in the disaster. Document where backup passwords are, physical location of software, tapes, etc. as well as local vendors that can provide equipment & services & procedures for procurement. Include phone numbers, WAN techicians etc. Document, Document and Document.

[Thanks to Brent Case for this info]

Furthering the above, not only should you document where all diskettes required are located (DOS, NetWare, backup software, patches, and anything else which may be required) but you should make _multiple_ copies of each, and store at least one set off-site.

[Thx S.M.D.]

"We do nothing clever - since being clever usually takes more time."

For virus prevention - On newer machines we simply disable writing to the boot sector of the hard disk via the BIOS. We also disable booting from A: On older machines, we run the "Chip-Away" anti-virus boot-rom from our ethernet cards which prevents writing to any boot sector.

For disaster recovery, I keep backup tapes both in a fire safe, and also keep copies well off site, just in case. I also keep hardware copies of my netware startup files, copies of the bindery on floppy, an image of my backup program so that having re-installed a basic netware system from floppy I can quickly restore everything else from the backups. I've tested my "Panic-Kit" and it works well. The main reason I keep it simple is so that it is much easier to keep up to date. If you have a complicated procedure, you'll be less likely to update it as often.

[Thx R.C.]

You need but a small handful of .EXE/.NLM/.DSK files (including DOS utils) to bring up a server with an empty drive, create the DOS partition, format it, dump floppy contents to it, run SERVER, load disk driver, create the NW partition and volume SYS: etc, load the files needed to run the tape restore program (including IPX comms).

They can fit onto a few floppies, as I demonstrated yet again yesterday for another NW 3.12 server. In my case Backup Exec (Arcada) did the restore while running on another server. Think of this floppy collection as your "Emergency Boot Disk for NW", to coin a phrase.

[Thx Joe D.]

H.20 Resetting Intruder Detection for Supervisor ID

The user ID "supervisor" and other Supervisor equivalent IDs can have Intruder Lockout reset immediately by typing "ENABLE LOGIN" at the console prompt...another reason to keep your console keyboard secure, either physically or via keyboard password protection.

H.21 Testing that the Login process was successful

The following batch file snippet will test the errorlevel returned by LOGIN and attempt to login again if not successful:

:Try_To_Login
Login %1 %2
IF ERRORLEVEL 1 GoTo No_Luck
GoTo Login_Successful

:No_Luck echo Login attempt unsuccessful. Trying again... GoTo Try_To_Login

:Login_Successful

Note: This batch file code assumes that NETx or VLM are loaded correctly.

[Thanks to Henrik Olsen for this info]

H.22 Cron-like programs

NCL.NLM is free, and has timed execution features. It is also handy for other stuff you sometimes wanted to do from the console, but couldn't.

	ftp://netlab2.usu.edu/misc/ncl.zip
For Netscapers:
	ftp://netlab2.usu.edu/sys/anonftp/misc/ncl.zip

[Thanks to Mark Wood for this info]

A list of scheduling programs can be found in the "Time Synchronization Solutions Guide" at:

http://www.connectotel.com/marcus/

[Thx M.W. & S.R.#2]

H.23 Anti-Virus programs

There are a number of anti-virus products available, including products from McAfee Associates (800)866-6585 (Scan, Clean & NetShield), Symantec (Norton Anti-Virus), Central Point (Central Point Anti-Virus), Intel (800)538-3373 (Virus Protect), ThunderByte (800)968-9527, IBM Antivirus, F-Prot (see detail below) and others.

F-Prot (DOS version) is available at:  ftp://ftp.commandcom.com/pub/fp-shareware/   For further information on F-Prot Professional, visit the company's web site, http://www.commandcom.com/

VirusNet LAN is a National Computer Security Association (NCSA) certified system available at ftp://gti.net/pub/safetynet/vnlan.exe. It will distribute virus protection to all workstations, and provides central control of scheduled scans, updates and audit logs. A 3K TSR is provided which prevents infected files from being run or copied, and checks diskettes as they are accessed.

The ftp site also lists the 5,600 viruses detected by the latest version, and also contains a slick network security software, StopLight LAN (sllan.exe).

[Thanks to Bob Janacek for this info]

H.23.1 A bit of an Anti-Virus tutorial

>I'm looking for a good virus scanning package that resides on our 3.12 Servers. We are looking at using Mcafee's Netshield product. Any thoughts to as how effective this package is?

You will get a higher, more accurate detection rate with something based on F-PROT, I think the network version is called Gatekeeper or something.

>We will be using their VirusScan on all the workstations to scan all local drives, and would like something to scan the network.

F-PROT and AVP are better at the workstation level.

>If by using the virus scan on the local drives, is it even necessary to have a nlm based product scanning the network traffic for signs of a virus?

As usual, it is a matter of trade-offs. If you are trying to detect virus code in network traffic, expect a -lot- of overhead. This level of protection is rarely necessary.

No existing virus can bypass NetWare security. From what I have seen, one is not likely to be developed in the near future.

You need to look at your needs realistically. First and foremost, you want to be certain that all public and system executables on your server are protected. This can be guaranteed by correct application of trustee rights. Note that a virus executes on a workstation, and that if it does execute, it executes with the same rights as the user who is logged on the workstation. Flag all of the executables on the server that you want to protect RoSh AND make sure that all users have -only- Read and File Scan rights to the executables. Note that management of your users by groups makes this much easier. Also note that before logging in with supervisor rights, you -MUST- be certain that the workstation you are logging in from is clean.

Once you have the executables on the server protected, you need to look at your workstations.

Most virus infections are Boot Sector infections. They are transmitted when someone leaves an infected diskette in a workstation and reboots. Even if the diskette is not bootable, if it is infected it will infect the workstation's hard drive. Boot Sector viruses are not normally transmitted over the network.

Most new computers have a setting in the CMOS setup which allows you to set the order in which the system looks for a boot device. To avoid boot sector infectors, disable booting from diskette. Then, if an infected diskette sits in the drive on reboot, the hard drive is not infected. Kiss boot sector viruses (about 60% of all infections) goodbye.

Now, you have the executables on the workstation hard drive to worry about. You need to scan the workstation hard drive to detect these. I am an FPROT bigot, so that's what I use, but I hear that AVP is also good. McAffe does not have such a good reputation, they are ok, but not excellent. But whatever you use, to be effective you must scan the local hard drive -long before- you get to logging into the network. The scanner should be the first executable you run in your AUTOEXEC.BAT. This is because some viruses try to hide themselves once they execute, and you don't want to give them the chance to execute. If you wait until the workstation is logged into the network, you have given viruses a window of opportunity via whatever happens before login (i.e. an infected NIC driver, or LSL.COM, or whatever).

So far, we have looked at fundamental virus protection. These are steps that should be taken by -ALL- system administrators. Once you have covered these areas, you need to look at your particular situation. If you need to catch viruses on the fly, then you need to run an anti-virus TSR on the workstations. If you are worried about users storing infected files on the server, then you need to scan those volumes. A workstation-based scanner works fine for this purpose.

>Which in your opinion is the best product out there for viruses?

Get the best workstation protection you can find, and use NetWare security to protect server executables. I see no need to burden the file server with yet another NLM, although there are conceivable applications of NLMs for convenience. There is nothing inherently better about NLM-based protection over workstation-based protection.

[Thx D.H.]

HOW TO ESTABLISH A BASIC LEVEL OF VIRUS PROTECTION ON A NETWARE NETWORK

On any workstation that has the option, disable booting from diskette via the BIOS setup. This will protect the workstation from boot-sector infections, which account for about half of all infections. Also disable diskette booting on the file server, and keep the file server physically secure.

All workstations should be scanned for viruses as the first command in AUTOEXEC.BAT. If you wish to detect viruses on the fly, then run a reliable, up-to-date, anti-virus TSR after scanning. Waiting until after the workstation is logged into the network gives viruses a window of opportunity, via a possibly infected NIC driver, LSL.COM, or other drivers.

If you wish to prevent an executable on a server volume from becoming infected, make sure that any user who accesses that file has only read and file-scan rights to the file. There are -no- viruses that can write to a file when it is protected this way.

Before logging as a supervisor, be certain that the workstation you are logging in from is virus-free. To be reasonably certain that a workstation is clean, cold boot the workstation from a write-protected, known-to-be-clean system diskette before scanning the workstation with a reliable, up-to-date scanner.

[Thx D.H.]

You also need to have a program to keep track of the metrics of your hard disk and the files on it so that changes can be identified. That gives you some warning if a new virus that your virus scanner can't recognize hits you. The best program I've found to do this is Integrity Master authored by Wolfgang Stiller. It's available on the Virus forums on Compuserve. It maintains CRC checks on all files you have it monitor. If something changes. you get an alarm. The only problem with that is that it's somewhat after the fact.

[Thx S.P.#2]

H.24 How can I keep my server on time?

NetWare servers are notorious for losing time as the server is often too busy handling other interupts to always catch the clock interupt.

One way to keep the server on time is to synchronise it with a TCP/IP timeserver. This can be done with RDATE.NLM from Murkworks. This free NLM requires that TCP/IP is loaded on the server and that the TIMEZONE parameter is set correctly.

RDATE will check the time on the timeserver at regular intervals and correct the file server if there is a difference.

Also, SYNCTIME.NLM can be run. It occasionally synchronizes the NetWare "soft" time to the hardware clock inside the PC.

[Thanks to Olger Diekstra for this info]

NetWare 4.x includes the ability to keep all servers' clocks synchronized, within some margin of error. In fact, it _requires_ it, as NDS uses timestamps to track what data needs to be replicated to other servers.

Also, if you have one NetWare server which you keep set with the correct time, you can have other 3.x servers follow its time using SYNC.NLM.

[Thx. S.M.D.]

H.24.1 What is my TIMEZONE?

Netware's TIMEZONE variable works backwards from the rest of the world. The default timezone is US Eastern Standard Time, GMT-500 which has TIMEZONE=EST5EDT. For Eastern Australian Standard Time, GMT+1000, it's TIMEZONE=EAT-10EDT. For Central Australian Standard Time, GMT+930, it's not supported on NetWare 3.1x servers - only whole hour zones are allowed.

TIMEZONE must be SET before loading CLIB.

[Thanks to Gordon Keith for this info]

H.25.1 NetWare Memory Requirements -- Time To Worry?

Free Cache Buffers (as shown on the console MONITOR display) ought to stay above 50% of original cache buffers (ie. above half of the total memory). If they are below 50%, then you need to add memory.

[ H(1) | H(2) | H(3) | H(4) | Novell FAQ Home Page ]