The most stressful work I had was when I was dealing with OS/Network support. This role involved answering telephone support calls from major organisations. At least once a week we'd have a systems failure, mainly due to either hardware problems or mis-configuration.
When this happened I had to resolve the problem ASAP. My collegues were not as hot at solving these type of problems, often making the problem worse. I'd get pressured by the customer and management to get the problem fixed. I could escalate to the software supplier, but they were often usesless in responding under pressure, or just too slow to respond. I had no-one to really help me, except perhaps a couple of our consultants.
On numerous occasions I was known to spend all day working in the same room, particularly if more than one system had failed at the same time. I could spend 10-12 hours a day doing this work. The posistion was made more stressful by the contact at the customer site not co-operating properly (such as being able to describe what they had done, or read lines out of log files correctly). I'd sometimes waste hours looking in the wrong place due to the symptoms being incorrectly described.
When the problem was finally resolved, I'd receive no thanks for all the effort I'd applied, even if the problem was the customer's own fault - such as not applying critical OS patches.
The turning point for me was when we had a management change. The PHB in charge of my department was hopeless. He caused too much damage to our existing customers, causing contracts to be cancelled, without signing up anyone worthwhile to replace them. There was one incident that was really stresful.
I had one site report a serious performance problem with their system. I knew that the competance of this site was fairly low (I had problems guiding them through a vi session a week previously), so to determine the fault I had to connect to the system myself remotely via a modem, then poke around log files and monitoring tools as root until I could find a pointer to the cause. The PHB didn't want me to do this, and instead instructed me to produce a list of what I proposed to do, and then have the customer do it themselves. (I think the PHB wanted me to concentrate on his customers instead). As thin involved running diagnostics which if mis-used could smash filesystems, I didn't want to do that. I progressed as normal, resolving the issue eventually. (It was an obscure configuration issue IIRC, and I only found the root cause by accident - if I'd followed the PHB it would never have got resolved.).
Another issue concerned a 3rd party piece of software we had sold a customer. I received a telephone call after 6pm, stating that I must have it running by the end of the day. The manufacturers of this software were not too hot, and releases were often broken. In this case the process start-up script distributed with the media was incorrect, and the process didn't want to run. The manufacturers were also closed that day for a public holiday in their country, and there was nothing on this problem on their web-site.
I spent the next 2 hours second-guessing the startup parameters for the binary, hacking the script until it ran properly, whilst hacking it over a slow dial-up link without any direct access to an editor on the host system. Got no thanks for that, either!
Don't compare BogoMips for different processors - it doesn't work that way, and is dependant upon the processor architecture itself.
For example a K6 will have a BogoMips value roughly twice that of the clock Speed in MHz, whearas a Pentium will have a BogoMips value of about 40% of the clock speed in MHz.
Only use BogoMips when comparing processors of the same type.
I never met paper CNAs, mainly due to not working in the Netware field at that moment in time. We becamae a Netware shop a few years later than that.
As for purchasing software for self-training, you don't even need to spend $1000 on the software. MS are now producing Windows2000 training kits, which contain study guides for the 4 mandatory exams and a 120-day copy of Windows2000 Server. I saw a copy last week for less than 130UKP.
Last year I was doing some on-site work in the London area for a company who were about to implement a major internet based trading site. I had to sit in on some meetings regarding this system.
Very little was actually paid to security. They seemed to believe that as long as they had a secure Unix variant, and a firewall, all was well. Intrusion detection was also mentioned, but this seemed to be no more than purchasing a couple of off-the-shelf systems and plugging them into the correct place. As other security aspects at this site were laughable, such as SNMP everywhere and a very week 18-month-old NT Domain password, I wasn't very confident that this would get off the ground.
What amazed me most about this place was the general level of cluelessness in the IT department on a whole. One machine running just as a trusted time-source for the whole network had been down for weeks prior to anyone realising it wasn't working. Anti-virus software was installed with 3-4 year old signature files, which were not being updated. And quite a number of staff relied entirely on cheat-sheets to guide them through installations; even though these cheat-sheets were incorrectly written, and full of errors.
I left the place prior to the system going live - I didn't want to see it in action.
Before MCSEs existed certifications were quite difficult to obtain, requiring a lot of study, coupled with hands-on practical experience to back-up the study. Anyone else take the CBE examination?
Nowadays almost anyone can become certified by spending enough money, without even once touching the system that they are certified in. Some others even have Open-Book examinations. The consequences are often disasterous. I've met some MCSEs, who've obtained them through work (or as post service training for those leaving the British Armed Forces), and one in particular was so utterly clueless I wouldn't trust him with a pocket calculator.
Things seem to be getting better, though. The Windows 2000 MSCE appears to be more difficult than the previous offering, although I've not looked at the syllabus in detail.
I've feared things like this happening too, particularly from reading Linux newsgroups and a UK Linux magazine.
There's a lot out there who only know how to configure a Linux system from the Red Hat Python GUI scripts (or whatever they use today - the last Redhat I touched was 5.x, and someone stole my CD). They've absolutley no idea of what is going on underneath, where to add things, and so on. All they want is an answer to their problems, yet they are scared against trying things themselves.
And now you can be a certified RedHat point-click-droolite. Shudder. Security holes everywhere!
What is it with Microsoft? From Windows 3.1 onwards each implementation of Control panel seems to take up more screen estate, and become harder to navigate through.
The Win3.0 control panel was very simple. Not many icons, always in the same place. It only changed if you started up in Enhanced mode or added network support.
Firstly Win3.1 allowed the Control Panel to be extended, which was a boon until some software companies (including Microsoft themselves) started adding extra control applets that should have been added to applications themselves.
Then Windows 95 added a control panel which allowed you to sort the order that the icons appeared in. Then if you also installed IE4 with that desktop integration, the control panel took up even more space, with a vast area of the screen doing nothing.
Now we have this abberation. Absolutely ghastly, all space and no real ordering.
The issue is, can they dumb things down any further.
After I posted my previous comments, I checked out the status of the local Tandy stores.
It seems that the UK chain was sold recently, and the less profitable stores became "Carphone Warehouse", who oddly set hand-held mobile phones. Two of the local ones have now changed, the other two are still called Tandy.
The remaining stores seem to have become more mass-market shops, selling games consoles, video recorders, cheap hi-fi. the components appear to be stock left-over from before the sale of the chain, and the number of components appears to be slowly decreasing.
Maplins is a lot better. The local store in Leeds is the size of a furniture shop, also sells lego Mindstorm and R/C gear (The advertise in the awful Robot Wars magazine). It's also open until 8pm some evenings
The article also mentions receiving updates on physical media, as well as across a network. I worked at a major resellor of other software that had a simillar subscription plan. You paid a so much a year to receive updates on CD, when in fact the same software updates could be pulled from the FTP site FOC on the day of release.
Most organisations I dealt with were run by the suits who would always wait for the physical media to arrive before applying updates, even if these were critical security and device-driver fixes that should have been applied yesterday. Those run by someone knowledgeable pulled the pathces off an FTP server somewhere, and had the patches inplace that day.
Since the turnaround for receiving physical media was at least a month after the release of a major patch, security and other critical fixes were very late to be applied, judging by some of the support calls I had to field. I can envisage the same sort of thing happening here, with organisations waiting until the CD comes appears before installing any security fixes.
In the UK, Radio Shack, in the guise of Tandy (Shack doesn't mean much over here) was at one stage the only high-street store you could buy computer bits, at least before WH Smiths began selling the ZX81. I remember one Christmas many machines in store running some text mode Space Invaders clone. A true geeks hang-out.
I (or my father) was on their mailing list, and I recall receiving a catalogue advertising a hard-disk (probably called a Winchester in them days) for some TRS80 machine. At the time I'd no idea what one was, and for the amount of money that they wanted, I wondered who could afford one.
Then there were all the components. Resistors, diodes, switches and so on. Few other places sold them.
Now the local Tandy has become a telephone store. Other shops still exist, but have cut down badly on geekish things. Couldn't even buy a box of floppies (I needed some to install Debian) last time I visited one. And I couldn't find a fuse for my PSU, either. Not a geek hangout any more. We do have Maplin stores, though. The local one is huge.
I've not seen Battlebots, due to being on the wrong side of the Atlantic, but I have seen quite a bit of Robot Wars, and have seen some of the specification that need to be adhered to.
Due to UK health-and-safety regulations, there are many constraints on competing machines. Each machine must be passed fully prior to competing. For example, electrical devices must have some form of isolation switch installed.
A machine with some form of intelligence would never get past the regulations. Who knows what their code will attempt to do!
The system I'm talking about is an in-house written transaction processing package. My responsiblity is ensuring that remote systems can communicate properly, obeying the various specifications.
The problem here is that there is no-one in overall control of the network of at least 7 high-end Solaris machines. Security is a joke - everyone logs in to the same machine as the same user, then rlogins to the rest of the network. They often run out of PTYs (due to constant use of login between machines without logging out) and have no idea who is consuming them, this results in either bling panic or a system reboot. They also have a nasty habit of rebooting whenever performance suffers, instead of performing preventative measures. They once rebooted one of these machines due to performance problems - all that had happene was someone had accidentally started a couple of huge web server daemons on this machine, and then not terminated it. And so on.....
When I here how much money some of these people are on, I get really angry.
Due to buffer cache, the only read need for RAMdisks is during installation, bootup (initrd, as per RedHat), or in embedded systems.
Linux installation from floppy uses the RAMdisk to store the installation filesystem. This is not only quicker than running from a floppy, but allows the RAMdisk image to be compressed. Debian and Slackware do this, and I presume other do as well.
When I've used RAMdisks in the past on other systens, it has always been when other media was slow. A common one was under DOS on a floppy only 8086, copying COMMAND.COM and to a small (30K) RAM disk (stored in spare RAM on the non-standard video adaptor IIRC), and setting COMSPEC accordingly. Saved me having to swapp floppies just to load COMMAND.COM on program exit.
The only advantage I can see on a non-embedded Linux is if you have a some data or executable that you need to guarantee is in cache, and pre-load this into RAM disk before-hand. Faking benchmarks springs to mind here.
I've got this problem with some machines at a client, which I need constant access to.
Each machine runs a number of message queue daemons. The 'bright spark' developer of these decided to store the queue state infomation in a scratch file in/tmp. They also havn't heard of shared libararies, so each queue process is enormous due to being statically linked against all bar the C library. And there's over a hundred of these processes per machine.
The system will run out of memory once a week or so, and when it does so the queue scratch files can't get updated. When the errant process is killed, all queues are corrupted.
The need a competant sysadmin. Unfortunatly their based in the SE of England where competant staff are thin on the ground, and they seem to employ anyone who knows a few buzzwords.
I had some data I needed to pull off the non-root disk of a long since unsupported OS. Being able to move the data to another filesystem would be useful - this system didn't have any real backup utilities, other than a broken implemenation of tar and the proprietary, undocumented format used for the OS's own backup system. It would have helped in porting, instead of transferring all contents via a network, which at that stage was only 10Mbit.
The filesystem was supposedly based upon the SysV filesystem. The SysV filesystem in the then current Linux kernel didn't mount the drive. Further investigation revealed that an earlier version of the OS did use SysV, and that the current system could mount SysV disks if needed. The problem was a limitation of 64K Inodes per filesystem. I may have needed to do some kernel hacking to the SysV filesystem driver to get it to recognise the partition.
My plan was to install the original OS, format a disk, and then install it under the recent version, transfer the data via mv to the newly formatted disk, and then read this under Linux.
Unfortunatly I couldn't find a platform that would install the original OS, and sent the disk to a data recovery company instead.
My LUG (WYLUG - West Yorkshire) is attempting to get Linux into local Schools. There's a few emails going around their mailing list at the moment on this very topic.
I've personally volunteered to help a charity install Linux on donated hardware. Due to the fact that the server was many miles away, this help was only in the form of Emails. Although I personally hadn't installed Linux on this machine, I had much experience of the peculiarities with this platform on other operating systems.
I've dealt with OS upgrades for years. The usual system provided by most companies (the evil empire being the exception) is to make all minor upgrades FOC, but major upgrades chargeable.
One company I dealt with had all their minor upgrades in the form of OS patches, applyable via sets of floppies from a remote machine. The patch could be downloaded from wherever (BBS at first, FTP later), or if you wanted physical media and printed release notes, pay a small sum ($20 was about right) for something physical, either a box of floppies or later, a CD-ROM. There was no qualms about us duplicating patches FOC for customers.
I've not read the link (needs registration), so I've no idea if this is the method proposed by 3Com, but a small administration fee seems plausable,
At a previous place on employment a division was formed to deal with various internet aspects. They sold firewalls, and picked companies with no technical staff, so that they could support them remotely.
To save a long anecdotal rant, the team, particularly the head of the team, were completly incompetant. Things didn't work, projects ran over budget, and serious holes (open relays) were left in place. Some projects would take weeks to complete, and he would not let them know their own firewall passwords.
The silliest aspect was that he believed that by adding a second NIC to a server, 2 processes could then listen on the same port on that machine, one on each NIC.
He also installed our firewall (previously we relied on a router with really severe port filtering rules in place). FTP from a browser was broken for 6 months, despite promises to fix it, until someone on my team got hold of the firewall password and fixed it himself.
They moved to exploiting another market, leaving a handful of broken installations with no effective support. They now sell web servers, and believe that the best web server product is Lotus Notes! Says it all, really! And they IPOd earlier this year. Not on f*ckedcompany.com yet.
The moral - even so-called security experts can be utterly hopeless.
I used to be pro-EU, but two recent events have changed my mind.
Firstly the proposed scrapping of football transfer fees, which would put my club, and others, out of business within a few years. Now we have this.
It looks like the revelution is starting, judging by the few days of chaos resulting from blocking the fuel depots. Maybe an anti-EU one is just around the corner?
Some time ago I deal with very specialised hardware, long since out of production. Semi-PC compatable, but for some strange reason it required all SCSI hard-drives to be supplied from the manufacturer.
The drives were normal full-height SCSI drives, but had some form of 'signature' written somewhere. Using normal drives of the same model just wouldn't work, as filesystems could not be made on the partitions. Of course the charge for these drives was around 3 times the normal cost.
I eventually discovered how to sign any drive, using the in-built diagnostics program and an undocumented password. I never had the chance to dump the contents of the disk via dd to determine what the signature was, or where it was written.
Reports of e-Commerce sites being breached seem to be occurring daily. Every one appears to stem from some clueless amateur screwing up. Default passwords, open ports, sensitive data on the wrong side of firewalls. I've even heard of CC details appearing in a flat-file made visible by deleting a couple of levels from a URL.
Even my local newspaper, covering around 20,000 people, had as the main headline this week a story about a security breach on a local website. The report was laughable, with the web-hosting site believing that the attacker must have known the userid and password into the web publishing system, as they were unaware of any other means into the machine. Obviously someone else who has never heard of CERT, Nessus or Bugtraq. I'll probably be writing to the newspaper this week to put them straight, once I've let Nessus have a proper probe.
We knew the data was important, the customer didn't. We inherited the customer from a rival who moved out of this sector, and didn't realise how bad they were until this site visit, not long after we took over the contract. Other sites inherited were equally shambolic. The site wanted the most recent data off the machine, they only backed it up once a week due to it having a slow 1/4" streamer. This machine failed on a Friday, and they wanted all that week's data.
Our standard policy during new system roll-outs was to ensure that all customers knew how to make backups, and took them daily. We also ensured that they performed full backups, and not incrementals, which took bloody ages to restore (having had to do them myself).
The account manager for this site got quite a kicking once he received my visit report. No site audit prior to exchanging contracts, no competant permament on site staff (administrators flew in from the mainland when neeeded).
An I remember those Xenix boxes. Installed a few of them. Even had to guide one buffoon through a reinstall as during fsck he had given for the scratch-file name the device name of the root device. 6 hours on the phone......
I was the 'answer guy' at a previous job. It was made worse by my department running telephone support for a certain product. If anything serious went wrong, I was usually the only one who could competently fix it. I used to dread having to leave the office for any reason, as if anything failed the customer would be in a mess.
The rest of my team started to leave, so I had to also deal with all the other calls as well. Eventually I left as well. I've not fully recovered since.
The same thing is happening at the new place. I test trading systems, and the people who write the software ask me why the thing isn't working. Arrgghhh! I don't have the time to do anything else!
I just want a nice sysadmin role somewhere, where I'm in charge.
I've had a few simillar interviews. Only the current employer actually tested my ability and knowledge.
I did have one recruitment company ask me around a dozen questions over the telephone to test my knowledge. The recruitment was for a huge company, but the questions were just plain stupid.
Examples - "Whats the significance of memory address #F0000000". "Whats the difference between Windows and UNIX PCI cards". I failed the test, and therefore wasn't interviewed, because I had no idea what they were asking for, and clearly the person who had set the questions didn't know either. A pity, as I could have gone a long way at that place.
I also had a long discussion at one interview that indicated that the interviewer knew a bit about RAID and asked me a question on that, as he'd obviously read somethig on it recently. Oh dear! Another failed interview where I failed technically, due to knowing more than the interviewer.
Hey, this is turning into uk.jobs.d, where I join in the comunal moaning on a weekly basis. And I havn't yet mentioned the 100+ mile trip for an interview that lasted 10 seconds.
Hardware won't last for ever. And usually once it eventually fails, sourcing replacement parts is costly.
A former customer of mine was very reluctant to upgrade the hardware of one server. The disk hosting the root filesystem was not large enough for the system to be upgraded to the current version, or even patched to the maintenance release.
Eventually the other drive failed. I had to spend 6 hours with a filesystem debugger fixing the filesystem enough to allow a backup to be taken. Then when I came to reboot the box the machine failed to boot altogether. As this was on a Saturday, and off the mainland, getting an engineer to look at it was impossible. And the existing drives were EDSI, the OS the Microchannel, and we couldn't move the drives to another machine, as we could locate anything suitable nearby.
It cost us a lot of money to replace the machine, and a week's work implementing the change. All because the hardware was now obsolete, and we were not able to get a valid backup before it failed. You'll probably have the same problem.
Slashdot Mirror
When this happened I had to resolve the problem ASAP. My collegues were not as hot at solving these type of problems, often making the problem worse. I'd get pressured by the customer and management to get the problem fixed. I could escalate to the software supplier, but they were often usesless in responding under pressure, or just too slow to respond. I had no-one to really help me, except perhaps a couple of our consultants.
On numerous occasions I was known to spend all day working in the same room, particularly if more than one system had failed at the same time. I could spend 10-12 hours a day doing this work. The posistion was made more stressful by the contact at the customer site not co-operating properly (such as being able to describe what they had done, or read lines out of log files correctly). I'd sometimes waste hours looking in the wrong place due to the symptoms being incorrectly described.
When the problem was finally resolved, I'd receive no thanks for all the effort I'd applied, even if the problem was the customer's own fault - such as not applying critical OS patches.
The turning point for me was when we had a management change. The PHB in charge of my department was hopeless. He caused too much damage to our existing customers, causing contracts to be cancelled, without signing up anyone worthwhile to replace them. There was one incident that was really stresful.
I had one site report a serious performance problem with their system. I knew that the competance of this site was fairly low (I had problems guiding them through a vi session a week previously), so to determine the fault I had to connect to the system myself remotely via a modem, then poke around log files and monitoring tools as root until I could find a pointer to the cause. The PHB didn't want me to do this, and instead instructed me to produce a list of what I proposed to do, and then have the customer do it themselves. (I think the PHB wanted me to concentrate on his customers instead). As thin involved running diagnostics which if mis-used could smash filesystems, I didn't want to do that. I progressed as normal, resolving the issue eventually. (It was an obscure configuration issue IIRC, and I only found the root cause by accident - if I'd followed the PHB it would never have got resolved.).
Another issue concerned a 3rd party piece of software we had sold a customer. I received a telephone call after 6pm, stating that I must have it running by the end of the day. The manufacturers of this software were not too hot, and releases were often broken. In this case the process start-up script distributed with the media was incorrect, and the process didn't want to run. The manufacturers were also closed that day for a public holiday in their country, and there was nothing on this problem on their web-site.
I spent the next 2 hours second-guessing the startup parameters for the binary, hacking the script until it ran properly, whilst hacking it over a slow dial-up link without any direct access to an editor on the host system. Got no thanks for that, either!
For example a K6 will have a BogoMips value roughly twice that of the clock Speed in MHz, whearas a Pentium will have a BogoMips value of about 40% of the clock speed in MHz.
Only use BogoMips when comparing processors of the same type.
As for purchasing software for self-training, you don't even need to spend $1000 on the software. MS are now producing Windows2000 training kits, which contain study guides for the 4 mandatory exams and a 120-day copy of Windows2000 Server. I saw a copy last week for less than 130UKP.
When I get paid this month I'll pick up a copy.
Last year I was doing some on-site work in the London area for a company who were about to implement a major internet based trading site. I had to sit in on some meetings regarding this system.
Very little was actually paid to security. They seemed to believe that as long as they had a secure Unix variant, and a firewall, all was well. Intrusion detection was also mentioned, but this seemed to be no more than purchasing a couple of off-the-shelf systems and plugging them into the correct place. As other security aspects at this site were laughable, such as SNMP everywhere and a very week 18-month-old NT Domain password, I wasn't very confident that this would get off the ground.
What amazed me most about this place was the general level of cluelessness in the IT department on a whole. One machine running just as a trusted time-source for the whole network had been down for weeks prior to anyone realising it wasn't working. Anti-virus software was installed with 3-4 year old signature files, which were not being updated. And quite a number of staff relied entirely on cheat-sheets to guide them through installations; even though these cheat-sheets were incorrectly written, and full of errors.
I left the place prior to the system going live - I didn't want to see it in action.
Nowadays almost anyone can become certified by spending enough money, without even once touching the system that they are certified in. Some others even have Open-Book examinations. The consequences are often disasterous. I've met some MCSEs, who've obtained them through work (or as post service training for those leaving the British Armed Forces), and one in particular was so utterly clueless I wouldn't trust him with a pocket calculator.
Things seem to be getting better, though. The Windows 2000 MSCE appears to be more difficult than the previous offering, although I've not looked at the syllabus in detail.
There's a lot out there who only know how to configure a Linux system from the Red Hat Python GUI scripts (or whatever they use today - the last Redhat I touched was 5.x, and someone stole my CD). They've absolutley no idea of what is going on underneath, where to add things, and so on. All they want is an answer to their problems, yet they are scared against trying things themselves.
And now you can be a certified RedHat point-click-droolite. Shudder. Security holes everywhere!
The Win3.0 control panel was very simple. Not many icons, always in the same place. It only changed if you started up in Enhanced mode or added network support.
Firstly Win3.1 allowed the Control Panel to be extended, which was a boon until some software companies (including Microsoft themselves) started adding extra control applets that should have been added to applications themselves.
Then Windows 95 added a control panel which allowed you to sort the order that the icons appeared in. Then if you also installed IE4 with that desktop integration, the control panel took up even more space, with a vast area of the screen doing nothing.
Now we have this abberation. Absolutely ghastly, all space and no real ordering.
The issue is, can they dumb things down any further.
It seems that the UK chain was sold recently, and the less profitable stores became "Carphone Warehouse", who oddly set hand-held mobile phones. Two of the local ones have now changed, the other two are still called Tandy.
The remaining stores seem to have become more mass-market shops, selling games consoles, video recorders, cheap hi-fi. the components appear to be stock left-over from before the sale of the chain, and the number of components appears to be slowly decreasing.
Maplins is a lot better. The local store in Leeds is the size of a furniture shop, also sells lego Mindstorm and R/C gear (The advertise in the awful Robot Wars magazine). It's also open until 8pm some evenings
Most organisations I dealt with were run by the suits who would always wait for the physical media to arrive before applying updates, even if these were critical security and device-driver fixes that should have been applied yesterday. Those run by someone knowledgeable pulled the pathces off an FTP server somewhere, and had the patches inplace that day.
Since the turnaround for receiving physical media was at least a month after the release of a major patch, security and other critical fixes were very late to be applied, judging by some of the support calls I had to field. I can envisage the same sort of thing happening here, with organisations waiting until the CD comes appears before installing any security fixes.
Well, the script kiddies will be pleased!
I (or my father) was on their mailing list, and I recall receiving a catalogue advertising a hard-disk (probably called a Winchester in them days) for some TRS80 machine. At the time I'd no idea what one was, and for the amount of money that they wanted, I wondered who could afford one.
Then there were all the components. Resistors, diodes, switches and so on. Few other places sold them.
Now the local Tandy has become a telephone store. Other shops still exist, but have cut down badly on geekish things. Couldn't even buy a box of floppies (I needed some to install Debian) last time I visited one. And I couldn't find a fuse for my PSU, either. Not a geek hangout any more. We do have Maplin stores, though. The local one is huge.
Due to UK health-and-safety regulations, there are many constraints on competing machines. Each machine must be passed fully prior to competing. For example, electrical devices must have some form of isolation switch installed.
A machine with some form of intelligence would never get past the regulations. Who knows what their code will attempt to do!
The problem here is that there is no-one in overall control of the network of at least 7 high-end Solaris machines. Security is a joke - everyone logs in to the same machine as the same user, then rlogins to the rest of the network. They often run out of PTYs (due to constant use of login between machines without logging out) and have no idea who is consuming them, this results in either bling panic or a system reboot. They also have a nasty habit of rebooting whenever performance suffers, instead of performing preventative measures. They once rebooted one of these machines due to performance problems - all that had happene was someone had accidentally started a couple of huge web server daemons on this machine, and then not terminated it. And so on.....
When I here how much money some of these people are on, I get really angry.
Linux installation from floppy uses the RAMdisk to store the installation filesystem. This is not only quicker than running from a floppy, but allows the RAMdisk image to be compressed. Debian and Slackware do this, and I presume other do as well.
When I've used RAMdisks in the past on other systens, it has always been when other media was slow. A common one was under DOS on a floppy only 8086, copying COMMAND.COM and to a small (30K) RAM disk (stored in spare RAM on the non-standard video adaptor IIRC), and setting COMSPEC accordingly. Saved me having to swapp floppies just to load COMMAND.COM on program exit.
The only advantage I can see on a non-embedded Linux is if you have a some data or executable that you need to guarantee is in cache, and pre-load this into RAM disk before-hand. Faking benchmarks springs to mind here.
Each machine runs a number of message queue daemons. The 'bright spark' developer of these decided to store the queue state infomation in a scratch file in /tmp. They also havn't heard of shared libararies, so each queue process is enormous due to being statically linked against all bar the C library. And there's over a hundred of these processes per machine.
The system will run out of memory once a week or so, and when it does so the queue scratch files can't get updated. When the errant process is killed, all queues are corrupted.
The need a competant sysadmin. Unfortunatly their based in the SE of England where competant staff are thin on the ground, and they seem to employ anyone who knows a few buzzwords.
The filesystem was supposedly based upon the SysV filesystem. The SysV filesystem in the then current Linux kernel didn't mount the drive. Further investigation revealed that an earlier version of the OS did use SysV, and that the current system could mount SysV disks if needed. The problem was a limitation of 64K Inodes per filesystem. I may have needed to do some kernel hacking to the SysV filesystem driver to get it to recognise the partition.
My plan was to install the original OS, format a disk, and then install it under the recent version, transfer the data via mv to the newly formatted disk, and then read this under Linux.
Unfortunatly I couldn't find a platform that would install the original OS, and sent the disk to a data recovery company instead.
I've personally volunteered to help a charity install Linux on donated hardware. Due to the fact that the server was many miles away, this help was only in the form of Emails. Although I personally hadn't installed Linux on this machine, I had much experience of the peculiarities with this platform on other operating systems.
One company I dealt with had all their minor upgrades in the form of OS patches, applyable via sets of floppies from a remote machine. The patch could be downloaded from wherever (BBS at first, FTP later), or if you wanted physical media and printed release notes, pay a small sum ($20 was about right) for something physical, either a box of floppies or later, a CD-ROM. There was no qualms about us duplicating patches FOC for customers.
I've not read the link (needs registration), so I've no idea if this is the method proposed by 3Com, but a small administration fee seems plausable,
To save a long anecdotal rant, the team, particularly the head of the team, were completly incompetant. Things didn't work, projects ran over budget, and serious holes (open relays) were left in place. Some projects would take weeks to complete, and he would not let them know their own firewall passwords.
The silliest aspect was that he believed that by adding a second NIC to a server, 2 processes could then listen on the same port on that machine, one on each NIC.
He also installed our firewall (previously we relied on a router with really severe port filtering rules in place). FTP from a browser was broken for 6 months, despite promises to fix it, until someone on my team got hold of the firewall password and fixed it himself.
They moved to exploiting another market, leaving a handful of broken installations with no effective support. They now sell web servers, and believe that the best web server product is Lotus Notes! Says it all, really! And they IPOd earlier this year. Not on f*ckedcompany.com yet.
The moral - even so-called security experts can be utterly hopeless.
Firstly the proposed scrapping of football transfer fees, which would put my club, and others, out of business within a few years. Now we have this.
It looks like the revelution is starting, judging by the few days of chaos resulting from blocking the fuel depots. Maybe an anti-EU one is just around the corner?
The drives were normal full-height SCSI drives, but had some form of 'signature' written somewhere. Using normal drives of the same model just wouldn't work, as filesystems could not be made on the partitions. Of course the charge for these drives was around 3 times the normal cost.
I eventually discovered how to sign any drive, using the in-built diagnostics program and an undocumented password. I never had the chance to dump the contents of the disk via dd to determine what the signature was, or where it was written.
Even my local newspaper, covering around 20,000 people, had as the main headline this week a story about a security breach on a local website. The report was laughable, with the web-hosting site believing that the attacker must have known the userid and password into the web publishing system, as they were unaware of any other means into the machine. Obviously someone else who has never heard of CERT, Nessus or Bugtraq. I'll probably be writing to the newspaper this week to put them straight, once I've let Nessus have a proper probe.
Our standard policy during new system roll-outs was to ensure that all customers knew how to make backups, and took them daily. We also ensured that they performed full backups, and not incrementals, which took bloody ages to restore (having had to do them myself).
The account manager for this site got quite a kicking once he received my visit report. No site audit prior to exchanging contracts, no competant permament on site staff (administrators flew in from the mainland when neeeded).
An I remember those Xenix boxes. Installed a few of them. Even had to guide one buffoon through a reinstall as during fsck he had given for the scratch-file name the device name of the root device. 6 hours on the phone......
The rest of my team started to leave, so I had to also deal with all the other calls as well. Eventually I left as well. I've not fully recovered since.
The same thing is happening at the new place. I test trading systems, and the people who write the software ask me why the thing isn't working. Arrgghhh! I don't have the time to do anything else!
I just want a nice sysadmin role somewhere, where I'm in charge.
I did have one recruitment company ask me around a dozen questions over the telephone to test my knowledge. The recruitment was for a huge company, but the questions were just plain stupid.
Examples - "Whats the significance of memory address #F0000000". "Whats the difference between Windows and UNIX PCI cards". I failed the test, and therefore wasn't interviewed, because I had no idea what they were asking for, and clearly the person who had set the questions didn't know either. A pity, as I could have gone a long way at that place.
I also had a long discussion at one interview that indicated that the interviewer knew a bit about RAID and asked me a question on that, as he'd obviously read somethig on it recently. Oh dear! Another failed interview where I failed technically, due to knowing more than the interviewer.
Hey, this is turning into uk.jobs.d, where I join in the comunal moaning on a weekly basis. And I havn't yet mentioned the 100+ mile trip for an interview that lasted 10 seconds.
A former customer of mine was very reluctant to upgrade the hardware of one server. The disk hosting the root filesystem was not large enough for the system to be upgraded to the current version, or even patched to the maintenance release.
Eventually the other drive failed. I had to spend 6 hours with a filesystem debugger fixing the filesystem enough to allow a backup to be taken. Then when I came to reboot the box the machine failed to boot altogether. As this was on a Saturday, and off the mainland, getting an engineer to look at it was impossible. And the existing drives were EDSI, the OS the Microchannel, and we couldn't move the drives to another machine, as we could locate anything suitable nearby.
It cost us a lot of money to replace the machine, and a week's work implementing the change. All because the hardware was now obsolete, and we were not able to get a valid backup before it failed. You'll probably have the same problem.