Author: admin


How I got to WordPress

Several years ago, I led a three state district of a worldwide communication and leadership organization. One day I received a call informing me our website was being used as a base to attack other websites. We were hacked. We immediately shut down our site and began investigating alternatives for a new website. We rehosted our site and choose Joomla as the Content Management System. As I was learning about Joomla, I decided to build a personal Joomla website. Once I got my site going, I rarely updated it. Eventually my personal Joomla site was hacked (vandalized). Luckily it was a simple fix to restore the site. I changed the password but over a few months it was hacked two more times. When I eventually updated the version of Joomla, the hacks stopped.

Then I got a call from my hosting provider. They encouraged me to upgrade to a new hosting plan. They offered me a “deal” to switch. In order to switch plans, I would need to rehost and rebuild my site. I was apprehensive about that idea but eventually decided to make the switch. I allowed a couple of weeks before my old plan expired to convert to the new plan. The conversion was actually fairly painless. I got my new site up and running with plenty of time to spare.

Since I hadn’t made any updates in quite a while, I decided to make some changes. I ran into a technical issue and called tech support. Customer Support did manage to help me resolve my problem but they told me they don’t get many calls for Joomla. The majority of their customers were on WordPress. I was still running on a very old version of Joomla so I decided to upgrade. I spent quite a bit of time searching for a new Joomla template but couldn’t find one I liked.

“Can’t find a template I like”

“Most of their customers are on WordPress”

“I’ve been hearing a lot more about WordPress lately than Joomla”

The organization I belonged to switched to WordPress a long time ago, and a friend’s site was on WordPress.

I decided to make a switch. I purchased a couple of “temporary” domain names to use while I built my new WordPress sites. My primary Joomla based domains remained active while I learned, installed, and customized my new WordPress, sites. Then I copied the articles from my Joomla site and posted them into my new WordPress site. When I got new my WordPress site looking the way I wanted it to, I pointed my primary domain names to my new WordPress site. My conversion to WordPress was successful.

Getting my WordPress site has been quite a learning experience. I couldn’t have done it without a couple of my best friends. Google and YouTube! See my YouTube videos about how to build a WordPress site on Godaddy.


Do You Fear Public Speaking?

Fear of public speaking is a very common ailment. There’s actually a name for it: glassophobia. Maybe fear isn’t always the exact word. How about aversion to public speaking? Anxiety? Discomfort? Stress? “Just not your cup of tea”? Do one of these apply to you? Why?

Fear is a normal human emotion. Fear warns us of danger – it’s a survival instinct. Consider the fear of riding a motorcycle down the highway during rush hour at 110 mph with no helmet. What would failure entail? Loosing control of the motorcycle? Crashing? What would be the result? It would probably be serious injury or death. Now, that would be a rational fear.

Now consider a public speaking engagement. What would failure at this engagement entail? Putting forward a poor performance? Making a mistake? Freezing or forgetting? What would be the result? Embarrassment maybe, but serious injury or death would be very unlikely. This does not necessarily mean glassophobia is an irrational fear, but the fear of public speaking is definitely not part of the human survival instinct. Not in the life or death sense anyway. Therefore, consider fear of public speaking as an unnecessary fear.

Fear of public speaking can be detrimental to your career. Think about what would happen if you were called upon in a meeting and couldn’t speak. What would happen if you had that “great idea” and couldn’t present it – or worse – someone else, a rival, could and did? These are examples of why fear of public speaking can hinder your corporate survival.

The best way to overcome an unnecessary fear is to face it. Start by selecting a topic you know about or would like to know about. Then prepare a speech. Research the topic thoroughly so you know it inside and out. Then practice in private. Practice over and over and over. One of the key elements of overcoming the fear of public speaking is preparation. The keys to preparation are to thoroughly research your topic, then practice, practice, practice. When you are comfortable with your speech and your material, practice in front of in front of family or a few close friends. The more prepared you are, the less fear you will have. You will likely find practicing in front of even one or two people can be completely different than practicing by yourself. Ask those people for feedback. Even if they don’t understand technical material, they may be able to comment on your delivery. They may notice idiosyncrasies you weren’t aware of. Then ask a trusted colleague to listen to you practice. Your colleague may be able to comment on your technical material. As you receive feedback, revise, revise, revise, then practice, practice, practice.
Listen to the advice of your family, friends, and colleagues but remember you are the one giving the presentation. If the advice makes sense, follow it. If the advice doesn’t make sense or doesn’t match your personal style, don’t follow it. If you receive contradictory advice, use the advice that makes the most sense to you. Use your judgment and be comfortable in your own skin. Being comfortable in your own skin is an important step in overcoming the fear of public speaking.

As you practice, revise and improve your speech. Eventually you will know your material inside and out. Then you can begin to put aside fears of failure. Imagine the audience listening attentively. Imagine the applause you will receive at the end of your speech. And you WILL receive applause. As you imagine success, your confidence will grow. Ever hear the advice for nervous speakers to imagine the audience members in their underwear? If that works for you, then use it, but better advice for most speakers is to imagine success. Your audience is on your side. They want you to be successful. Almost as much as you do.

When the day of your presentation comes, don’t worry about being nervous. Keep in mind that even experienced speakers will feel some degree of fear and nervousness. A little nervousness is actually desirable. Your nervousness will cause your body to release adrenaline. That adrenaline will help get you “pumped”, which will help your passion and enthusiasm shine through.…


Updated: Porting a Home Telephone Number with Verizon

I originally ported my Century Link number to magicJack. With a few minor annoyances, my port to magicJack did the job. magicJack costs about $35.00 a year. Google Voice is free so I decided to port my magicJack number to Google Voice. Well you can only  port a mobile phone number to Google Voice.  Google Voice will not accept ports from landlines or VOIP services.  The trick is to port your number to a mobile no-contract phone, then port the no-contract phone to Google Voice. The cost is about $10-$20 for a phone (such as TracFone), then about $10.00 for minutes, and $20 for the Google Voice port. I did that and was ultimately successful, but getting there was a major ordeal.
See my YouTube video here:

My original article is here (before I ported to GoogleVoice):

Verizon offers a Verizon Home Wireless service. If you’re already on the Verizon Plan, adding Home Wireless is about $20 extra + tax and fees. That’s a lot less than a landline. My plan was to port my Century Link Home telephone number to Verizon.

In theory, I should be able to do that.  Verizon informed me that due to “monopoly regulations” they were unable to port my Century Link phone number to Verizon. They could port other Century Link customers but couldn’t port anyone on my exchange.  All the literature I read said phone service providers are required to allow porting. Century Link said they weren’t preventing the port, Verizon said Century Link wasn’t blocking the port. They were unable to port due to an “anti-monopoly law”.

I called the FCC.  The FCC tried to be helpful but was unable to give me an explanation. They did say there were exceptions to the rule that required providers to enable porting from one provider to another.

I’ve been using my home phone number for 30 years. Changing my  home phone number would have been a big deal. I didn’t want to give up my landline number. Then I tried porting my number to MagicJack. Magic Jack is a VOIP service, costs about $40 a year. It cost about $25.00 to port my home number to Magic Jack, Magic Jack couldn’t receive incoming calls for several days while the porting was being processed, but after a few days, my number DID port to Magic Jack. Then, I forwarded my number on MagicJack to my new Verizon Home Wireless number. Now when someone calls me on my old home number, it will ring on my Verizon.

So now I have two numbers. My old home number and my new Verizon number. If I call from Verizon the CallerId will show my new number instead of my old number. If someone calls me on my old number, it will ring on my Verizon Home Wireless phone . At least my old number is still valid and I don’t need to inform EVERYONE to use the new number. Be aware that Magic Jack limits calls to about 1 hr. If someone calls you on your old number, and it ends up being a long call, Magic Jack will hang up on you.


My ITIL Certification 0

My ITIL Certification

The first time I saw a job posting that listed ITIL as a “desired” qualification, I had no idea what ITIL was. I looked it up and took note of its meaning but never followed up. ITIL as a job requirement was rare. But since then, I’ve been seeing ITIL regularly. Lately I’ve been noticing more and more IT jobs listing an ITIL certification as a required or desired qualification. On one occasion after I followed up on a reume submission, I was informed that I was not considered because ITIL was a requirement. That’s when I decided maybe I should start looking more into ITIL. And I did. A little. Then I was questioned about my ITIL knowledge at a job interview. At least I knew what it was! I even scored some points for that. Well that’s when I decided to get serious about studying for my exam. So I spent some time each day reading, and researching and studying. Then I was asked about my ITIL knowledge at another interview. We’ll I’m almost ready for my exam I told them. Is the test hard, what was the test like I asked? That’s when I really started preparing. Today I passed my ITIL Foundation exam. I am going to share my experience.

First of all, just what is ITIL?

ITIL is a framework of best practices for managing an IT department. ITIL has evolved over the years, the curent version is ITIL V3. The details of the ITIL framework are published in a set of 5 volumes by the UK government Office of Government Commerce. The philosophy of ITIL is pretty simple. Do not think of an IT department as a provider of technology, think of IT as a provider of services. Services that offer value. The ITIL framework is built around the concept of services. The five ITIL volumes are Service Strategy (strategic alignment of IT with the business), Service Design (designing IT services), Service Transition (change management and putting IT services into production), Service Operation (delivery of IT services, problem management, service desk), and Continual Service Improvement (re-evaluating services, keeping them aligned with changing business needs, improving as necessary). The cost of the set is about $599. Companies that desire to follow the ITIL framework do not incur costs other than the cost of human expertise and the cost publications (the official set or otherwise). The material is copyrighted and NOT considered public domain.  There is no charge to use the material, but copying or republishing the material or certain uses of the ITIL trademark requires a license. Individuals wanting a certification or ITIL knowledge do not need to buy the official set. There is a wealth of books and plenty of information on the Internet. I used a variety of sources: Foundations of Service Management, The Unofficial ITIL V3 Foundations Course in a Book By Brady Orand $39.20 on Amazon. He also has a website, with podcasts and practice tests (more on practice tests later).
There is a free online course from Charles Sturt University

There are over 90 Youtube videos 5-10 minutes each. They cover a lot of material. I went through the set when I first started studying and again the week before I took my exam.  I also used the ITIL V3 Foundation Complete Certification Kit 2009 Edition by Malone, Manken, and Blodijk $89.97 on Amazon. It’s a book supplemented with online Adobe Flash modules. Note: I used a PDF copy of the book I managed to find on-line; I did not use the Adobe Flash modules. This website has terrific information on where to find free study guides and study materials: I put together a study PPT from materials I found on-line. The format is a slide asks a question, the next slide gives the answer. Pay particular attention to the checked questions. Use the slides at your own risk. It helped me pass, if you fail the exam, don’t sue me.

Click for Study Slides

The Exam The exam is 40 questions, multiple choice (A, B, C, D). Only 26 (65%) is required to pass. I did MUCH better than 65%. You get 1 hour to complete the test.

There are quite a few free few practice exams on the Internet. Just Google and you will easily find several. What I found is, many of the practice test formats are different from the ITIL exam (true/false, check the box, matching, more than 4 choices). Study them any way, they will pinpoint areas you still need to study.

I found many questions on the actual exam to be a worded a little differently than the practice exams (even the A, B, C, D multiple choice), but they do cover the same material. Quite a few questions had more than one answer, e.g.:
Name a Disney Character
1) Mickey Mouse 2) Pluto 3) Batman
A 1 only B 2 only C 1, 2, & 3 D 1 & 2

If you look at exam advice, they will tell you to eliminate answers that are obviously wrong. That’s good advice. If you are prepared and don’t know an answer, you should be able to eliminate at least one or two wrong answers from most questions.
When you get to the end of the end of the exam, you will have the opportunity to review your answers. I was able to get through the exam in about a half hour, had plenty of time to review (and correct) my answers. When done, select exit (it will give you one last to change your mind).  You will get your “pass” or “fail” notification in a few seconds. It prints a sheet with the score. It won’t tell you the questions you missed, but it will provide a breakdown of scores for each of the study areas.

My ITIL Certification helped me get the job I have now. I can’t say it was a deciding factor (maybe it was) …

Ten Ways To Improve The Security Of Your Systems 0

Ten Ways To Improve The Security Of Your Systems

Mischief-makers are constantly searching and scanning the Internet for vulnerable systems.  They could be snooping recreationally, conducting espionage, looking for free bandwidth, attempting to vandalize a system, or to sabotage an entire network.  There are two classes of these people: the experts and the “script kiddies”.  The experts have an in-depth understanding of operating systems, networks, databases, and programming.   Script kiddies do not necessarily have in-depth knowledge or experience, but they do have the tools that have been written by the experts. If an expert has more expertise than the best in your enterprise, then you may be in for trouble regardless of what you do.  On the other hand, some experts and most script kiddies may just be looking for an easy target.  It is the responsibility of every enterprise to be a difficult target.

If you follow the ten well-known practices discussed in this paper, you will be able to prevent the majority of attacks.  The purpose of this paper is simply to remind the reader of the basics.  This paper will not be a highly technical discourse on how to protect systems, nor will it be introducing new and sophisticated methods of protecting networks.

1) Use Secure Passwords
One of the most important defenses against an attack is to use good passwords across all servers.  This includes test servers as well as production servers.  Never use names, dates, or words that can be found in a dictionary (English or foreign).  These types of passwords can be easily guessed.  People need to be aware that password guessing software is widely available.  Processing power is dirt cheap and available to everyone.  With an inexpensive computer, downloaded software, and a list of words, names, commonly used passwords, and character combinations, it’s not difficult to “harvest” passwords.  John the Ripper is one of the better-known password crackers.  It can “guess” millions of passwords in a single minute.

On most operating systems, passwords are stored in encrypted form.  This is done by an “irreversible hash”.  This means that a password in cleartext can be mathematically encrypted into a hash.  The math doesn’t allow the hash to be converted back into cleartext, even when the encrypting algorithms are well known (which they are).  A password-guessing program can encrypt a “guess” and compare it to an already hashed password.  When they match, it has “guessed” a password.

Since technology makes it easy to “guess” passwords, it’s important to keep encrypted passwords in non-public directories.  In some UNIX systems, passwords are readable by anyone with a login, i.e. /etc/passwd.  UNIX has been around for years, long before computers with sufficient power to guess passwords were widely available.  These days, it’s more common to store passwords in /etc/shadow which is not publicly accessible.

Since passwords are encrypted on most operating systems, even the systems administrator does not have direct access to unencrypted passwords.  However, they do have access to encrypted passwords.  With a password cracker, they can eventually guess your password.  One might ask, in most cases if the systems administrator has access to everything on the system anyway, what does it matter?  The answer:  In this day and age, computers are everywhere.  Most computers require some type of password.  A systems administrator or I/T professional can have access to a dozen or more computers.  That’s quite a few passwords to remember.  It’s common (but poor) practice to use the same password across multiple systems.  Unless the user uses a different password on every single system, an unscrupulous systems administrator can “harvest” passwords for systems that s/he shouldn’t have access to.

It may be impractical or unreasonable to ask people to use a different password on every system but at the very least keep the following in mind:
Test systems should have the same level of security as production systems.  If encrypted passwords are protected on production systems and not on test systems, then production passwords can become compromised.  Even if corporate policy states that employees should use different passwords on every system, unless the policy can be software enforced, some people likely will violate the policy.  People should NEVER use their corporate passwords on servers outside of company control.

As stated before, password crackers can easily guess millions of passwords every minute.  Even with this processing power, it can take a very long time to guess a password.  Crackers use word lists to narrow down the choices.  The best way to create an un-guessable password is to not use words that can be found in a dictionary or cracker word list (e.g. abcdef, qwerty, 123456, etc.).  Be aware that crackers are smart enough to guess common word-number combinations such as password1 or secret2 etc.  Therefore, wherever possible use nonsensical passwords containing both upper and lower-case letters, numbers, and punctuation characters.  Password complexity rules should be software enforced where possible, such as the NT/W2K system policy editor.  Rules that enforce password complexity on other systems will be dependent upon the operating system and software.

Another important password security measure is to require people to change passwords at periodic intervals.  How often will depend upon a number of factors but generally the interval should be about 45 – 90 days.  Also, don’t forget to delete or disable a person’s logins immediately after s/he leaves the organization.

When managing passwords, it’s important to keep close tabs on vendor and default accounts.  For example, staff should take precautions to activate vendor accounts only when necessary to solve a specific problem and to de-activate the account immediately afterwards.  Furthermore, do not allow vendors to use standard passwords on their accounts (i.e. insist that vendor passwords be unique to your site).  Finally, change default passwords and/or disable default accounts immediately after installing new software.  This should go without saying.  Even so, negligent system administrators often fail to change default passwords.  Hackers already know the default passwords.  Default password information can easily be found with a simple Google search or getting a list of defaults from a site such as:

In …


Mt. Elbert Trip Report

Mt. Elbert is the highest peak in Colorado and the Rockies, and the 2nd highest in the Continental US. On Aug 31 2004, I bagged my 10th fourteener, Mt. Elbert . It was a great day for a hike. I started at 6:15 AM. The sky was clear and cloudless.


There are a number of routes up the mountain. I chose one of the shortest and easiest routes which starts just above the Lakeview campground. To get there, drive west about 4 miles from CO 82 & US 24 (between MM 81 & 82 – I think). Turn right on Lake County Road 24 (Do not confuse with U.S. 24). Drive a mile or so to the Lakeview Campground. Just past the campground is an overlook and parking area. If you don’t have a high clearance 4WD, you should park here. If you do, turn left on the road immediately past the overlook.

This sign is next to the road, There is no notation that you are on the trail going to Elbert.

The road is pretty rocky and bumpy in some spots, not bad at all in others. The worst spots will need a high clearance 4WD, I wouldn’t recommend trying it in a regular passenger vehicle. Drive about 1.8 miles to the trailhead. Note that at 1.4 miles in, there is a creek crossing. There is enough parking for 1 or 2 vehicles before the creek if you don’t want to drive over it. Just before you get to the end of the road, you can turn left. DON’T turn. Continue straight about another .1 mile or so to the trailhead and footbridge.

Hike the trail about 1/4 mile past the bridge until you get to the trail register.

Sign in, and follow the trail to the left. It’s a great trail all the way up. The trail is well defined and very easy to follow, easier than other fourteeners I’ve been on. It is a bit rocky in spots (after all it is the Rocky Mountains), but it’s a walk-up all the way to the top.

The first part of the trail goes through aspens.

This is close to timberline. Mt. Elbert is in the center.

The first cloud of the day. (The previous pictures were taken in the afternoon on the way down)

There is still a way to go yet.


I made it!

On the day of my hike, I only saw about a dozen people all day, not bad for a beautiful summer day! Total round-trip time for me was about 12 hrs and 15 minutes. I’m not in the best of shape so it takes me 2 – 3 times as long to do a fourteener as it does most other people. Doesn’t bother me, I accomplished what I set out to do and had fun doing it. Good luck and happy climbing.…