I'd have to agree if you are talking value at low cost. I have been a Linux sysadmin for years. A couple years ago ops leadership decided we should all have macbook pros as our work laptops. I honestly have to say the mac out of the box is probably the best *nix sysadmin tool out there. There is broad support for the mac nowadays from third parties and a wealth of tools that run nicely on the mac that are like ice cream to guys like me. If you want X, you can have X, etc. etc. blah blah.
The thing is, it is 100% true that if I had to buy my own laptop, I would go with a year-old thinkpad and put any popular linux distro on it and be able to accomplish anything I had to when it comes to "work".
For example, Video is very smooth on the Mac, but I don't need that to get the job done. My job is 50% command line and 50% web browser so all I really need is a decent shell and a browser I trust that is compatible with the online software I use. Anything else is just extra.
I thought I was a fan but I didn't know this guy even existed until he died, but then that is true for 99.999% of everyone else in the world so nvm I am going to crawl back into my hole now.
Totally agree. What we have done is have the location, rack, elevation, and purpose in the naming convention for the hardware as well as documenting what that all means in human terms.
Roff and grep are neat if you know which files to grep from, where they live AND what to look for. Companies like Splunk are making money for a reason; i.e. sometimes you need the latest version of everything available for you at a moments notice when it is 3am and your production network is on fire and your boss is over your shoulder screaming at you and customers are on the phone all pissed off, etc. etc. Having a readily available, up to date, single source database of readable information takes the edge off. How do I know? I've been there many times my friend. As far as my credentials, I won't respond to a troll about that.
Wiki's work, but I am thinking more along the lines of Lucene where you can point it at existing data without much effort. Assuming config changes, cert and license data and network diagrams have usable text already associated with them, you can save a great deal of time just indexing what you have.
For me, visio's are great and everything, passwords too, but really the most valuable thing you can do is document single points of failure, outdated software/hardware, etc., license keys/expiration dates, cert expiration dates, personal support contacts you have and all vendor relationship details as well are essential. Do you use change control? If you do, go back and comment your changes, if not, do the best you can at explaining why things are the way they are. Get some open source software that is good at indexing data and create a searchable knowledge base from the information above. Don't concentrate on docs that can be found on the web at first because any admin worth their salt will know where to look for how to's, etc. Focus on the why's, the where's and disaster recovery.
As a developer, I say that surely it's the tester's fault if there's flaws!
Funny, and true. Its all about resources and piorities. Huge companies like Microsoft really have fewer excuses given the amount of resources they have to create and release good stable code. As far as priorities are concerned, if your huge budget is spent on marketing and new features but lacking in resources to make the existing product stable, then the threat of a lawsuit may just re-align those priorities.
As far as free software (GPL) is concerned it is your duty to report bugs back to the community and even fix them if you have the skills. Open source by nature is "QA'd" by the community which in turn can make a more stable (read: Linux, the Gimp, etc.) product in the long run. To put it bluntly, who are you going to sue, the whole open source community?
In conclusion, closed source should not be exempt from this, but open source is. Who's with me?
'less' - much better than 'more'. You can use '/' to search for a string or regex. Also in 'less' you can use ':' to go to a specific line (similar to 'vi'). If you hit -F the file will scroll just like 'tail -f'. I use 'less' exclusively when reading logs and troubleshooting.
'vi +5' - opens to line number 5.
Also while in vi you can use '%' to track the beginning and ending of brackets (e.g. {}) that are used in functions - very useful!
It's probably cheaper for Ebay to simply acquiesce to the CoS demands than to meet them in court. Even if they win, they may never see their legal fees recovered. There is less risk involved in giving in, too: they lose almost nothing if they yank the items, but could potentially lose a fortune if they don't.
The VA issue was the dude had stuff on his laptop. This is where software-as-a-service is the answer. A centralized, secure (as it can be) place for data. I think its insane and stupid in this day and age to have any sensitive material on a laptop. Its almost an archaic way of of thinking nowadays. Look at Salesforce.com - they have the right idea.
Write once - access anywhere if you have the credentials and online access.
I have not read the article yet, (seems to be slashdotted) What folks seem to forget that since hydrogen is the smallest atom, it will ALWAYS leak from any container, right?. Also, where are they getting all this hydrogen? Are they creating it with DMFC technology? If so, wouldn't that cause just as much CO2 initially?
Here's what I'm thinking; there are huge companies such as IBM, HP, and others that have the resources to QA/Test the kernel before blessing it as enterprise quality. I say leave the hard-core testing to those who have the resources ($$$) to do so. After all, who really cares if the kernel is stable? Is it Joe Hacker at home running Linux on their desktop for fun? I say not so much. Is it these huge elephants who have at some level bet the farm on Linux being stable enough to run huge production-level enterprise systems who care? I say yes indeedy. So I say, testing is always a great thing, but leave the true hardening to the ones who sell Linux-based systems for profit. I mean, the GNU General Public License leaves the code open for anyone (including IBM thorugh maybe RedHat) to fix any problems, just as long as they commit their changes back to the main branch. This means we as Linux users benefit from Big Blue's hard work in making the kernel enterprise ready.
I think this is the way it should to work going forward.
Instead of upgrading every stupid OS in the world to a smart one which is obviously not viable in the short term, simply install a local-only name server that resolves all of your rfc1918 machines locally. This can be "anyname.anydomain.anytoplevel" for each machine. This satisfies the hunger of those stupid OS's. This should be SOP on any local network using NAT.
But seriously. I think it would be very hard to "kill" Google. Google's web server is home-grown and completely customized for their purposes. Teoma is using IIS 5.0 and is going to have to deal with licensing issues, costly security patches and instability.
I agree "Let's not go on about who killed who", really. All these people who are so afraid of the CLI when sometimes it is exponentially faster than trying to find the right app to click on. Windows just get in the way. That's what $PATH is for. Perhaps we techies are to blame for holding the end users' hands. Maybe showing newbies the CLI from the start is the answer. I used KDE for a few years and Gnome, then KDE again and now I use Ximian because I like it.
I mean when the chips are down, which is easier, typing "netscape slashdot.org" or double-clicking on an icon, clicking in te right place and typing "slashdot.org"? I think they are about the same. Its really psychological (CLIophobia?). In my book, a good CLI is the ultimate in user friendly!
I started out doing tech support at a cute little mom and pop ISP in Palo Alto. We were Solaris based and the owners did tech support and admin at Sun in the early days so they knew Unix (at least SunOS) really well. They taught me everything I needed to know to be a good sys admin:
1) I learned that customers are the most important part. Even if they don't know what they want, its your job to figure it out.
2) I learned to program in Perl and the shells and some C.
3) I talked to people like Celeste Stokely 4) I gained a passion for fixing and building and maintaining and automating and being the hero.
5) Yoga and a good hard-core bike ride or a trip up the hill for some boarding helps as well.
6) I learned about other Unices and GNU/Linux in my spare time and learned to recognize the differences.
I don't have a CS degree or any certifications. I have a wealth of real-world experience. I think that is what really counts. Don't get me wrong; I am going back to school to get a CS degree but only after I learned my passion. Working at a small but busy ISP has given me a great perspective on being a sysadmin. There are other ways to learn, but if you don't want to go back to school, I'd say get a tech support job at a little ISP (if there are any left).
One more thing; plan to keep in shape and not grow a grey beard and fat. No matter what they say, those two are not a requirement.
OK..... two more things; learn how to crunch numbers and how to justify cost so your boss will have an idea about what your work will mean.
Yes but that's what the small increments mean. You can't compare FreeBSD 4.x to Linux 2.2.x; the projects were started at different times and by different people who have different priorities.
I can say from experience that 2.2.17 is much easier to work with from a sys admin's point of view from 2.2.16 simply because of the abillity to monitor failed processes because they die cleaner, rather than hanging, staring you in the face. Each increment is not done arbitrarily "when they feel like it"; when small improvements are made and relative stability is reached, then a final is released. This is the nature of software dev.
At any rate 2.4 will be solid beacause they are willing to take the time to make it so.
I work at a very small ISP and we even have filters in place. Let's say you have two interfaces: T1 (WAN) and ethernet (LAN). LAN has the subnet 168.0.0.1/24 and WAN has IP address 10.0.0.1/30 (examples) with routing between the two (bridges are just plain stupid in all senses of the word). All you need to do is deny incoming packets (from the WAN) to 10.0.0.1 from 168.0.0.1 as well as all TCP packets that don't have the ACK flag set properly, don't use NFS or RSH or FTP without SSH, use NAT with dybamic port mapping for port 80 and you're set. If I were in charge of Yahoo! (I'm not even close) I would fire my Network Operations people and give my ISP hell. The only way we are going to stop this kind of malicious (yet useful) behavior is to
1) Have ISP's make it standard operations to employ anti-spoofing filtering techniques
2) Businesses who are served by those ISP's also employ filtering techniques along with using a DMZ AND employing TCPd, etc.
It seems like a no-brainer to me. I know its possible to "pretend" to be an IP that you're not but what about the "ACK" flag? Were these UDP packets? Am I making no sense? It just seems too obvious.
Slashdot Mirror
I'd have to agree if you are talking value at low cost. I have been a Linux sysadmin for years. A couple years ago ops leadership decided we should all have macbook pros as our work laptops. I honestly have to say the mac out of the box is probably the best *nix sysadmin tool out there. There is broad support for the mac nowadays from third parties and a wealth of tools that run nicely on the mac that are like ice cream to guys like me. If you want X, you can have X, etc. etc. blah blah.
The thing is, it is 100% true that if I had to buy my own laptop, I would go with a year-old thinkpad and put any popular linux distro on it and be able to accomplish anything I had to when it comes to "work".
For example, Video is very smooth on the Mac, but I don't need that to get the job done. My job is 50% command line and 50% web browser so all I really need is a decent shell and a browser I trust that is compatible with the online software I use. Anything else is just extra.
I thought I was a fan but I didn't know this guy even existed until he died, but then that is true for 99.999% of everyone else in the world so nvm I am going to crawl back into my hole now.
... and you KNOW that Uvex is getting exactly the kind of publicity from exactly the demographic they would love to market to, for free.
Now THAT'S good business sense
If the government did this, it would be called "Socialism". I guess its ok for Corporations to do this sort of thing.
Totally agree. What we have done is have the location, rack, elevation, and purpose in the naming convention for the hardware as well as documenting what that all means in human terms.
Roff and grep are neat if you know which files to grep from, where they live AND what to look for. Companies like Splunk are making money for a reason; i.e. sometimes you need the latest version of everything available for you at a moments notice when it is 3am and your production network is on fire and your boss is over your shoulder screaming at you and customers are on the phone all pissed off, etc. etc. Having a readily available, up to date, single source database of readable information takes the edge off. How do I know? I've been there many times my friend. As far as my credentials, I won't respond to a troll about that.
Wiki's work, but I am thinking more along the lines of Lucene where you can point it at existing data without much effort. Assuming config changes, cert and license data and network diagrams have usable text already associated with them, you can save a great deal of time just indexing what you have.
For me, visio's are great and everything, passwords too, but really the most valuable thing you can do is document single points of failure, outdated software/hardware, etc., license keys/expiration dates, cert expiration dates, personal support contacts you have and all vendor relationship details as well are essential. Do you use change control? If you do, go back and comment your changes, if not, do the best you can at explaining why things are the way they are. Get some open source software that is good at indexing data and create a searchable knowledge base from the information above. Don't concentrate on docs that can be found on the web at first because any admin worth their salt will know where to look for how to's, etc. Focus on the why's, the where's and disaster recovery.
My two cents...
One hundred million years ago a termite was wounded and its abdomen split open
That would make a better film than most of the crap out there at the moment.
Heh sounds like the beginning of an 'Alien' sequel.
As a developer, I say that surely it's the tester's fault if there's flaws!
Funny, and true. Its all about resources and piorities. Huge companies like Microsoft really have fewer excuses given the amount of resources they have to create and release good stable code. As far as priorities are concerned, if your huge budget is spent on marketing and new features but lacking in resources to make the existing product stable, then the threat of a lawsuit may just re-align those priorities.
As far as free software (GPL) is concerned it is your duty to report bugs back to the community and even fix them if you have the skills. Open source by nature is "QA'd" by the community which in turn can make a more stable (read: Linux, the Gimp, etc.) product in the long run. To put it bluntly, who are you going to sue, the whole open source community?
In conclusion, closed source should not be exempt from this, but open source is. Who's with me?
'less' - much better than 'more'. You can use '/' to search for a string or regex. Also in 'less' you can use ':' to go to a specific line (similar to 'vi'). If you hit -F the file will scroll just like 'tail -f'. I use 'less' exclusively when reading logs and troubleshooting.
'vi +5' - opens to line number 5.
Also while in vi you can use '%' to track the beginning and ending of brackets (e.g. {}) that are used in functions - very useful!
It's probably cheaper for Ebay to simply acquiesce to the CoS demands than to meet them in court. Even if they win, they may never see their legal fees recovered. There is less risk involved in giving in, too: they lose almost nothing if they yank the items, but could potentially lose a fortune if they don't.
----
Keep in mind that this is how fascism wins.
The VA issue was the dude had stuff on his laptop. This is where software-as-a-service is the answer. A centralized, secure (as it can be) place for data. I think its insane and stupid in this day and age to have any sensitive material on a laptop. Its almost an archaic way of of thinking nowadays. Look at Salesforce.com - they have the right idea.
Write once - access anywhere if you have the credentials and online access.
I have not read the article yet, (seems to be slashdotted) What folks seem to forget that since hydrogen is the smallest atom, it will ALWAYS leak from any container, right?. Also, where are they getting all this hydrogen? Are they creating it with DMFC technology? If so, wouldn't that cause just as much CO2 initially?
call me silly.
- ben
Here's what I'm thinking; there are huge companies such as IBM, HP, and others that have the resources to QA/Test the kernel before blessing it as enterprise quality. I say leave the hard-core testing to those who have the resources ($$$) to do so. After all, who really cares if the kernel is stable? Is it Joe Hacker at home running Linux on their desktop for fun? I say not so much. Is it these huge elephants who have at some level bet the farm on Linux being stable enough to run huge production-level enterprise systems who care? I say yes indeedy. So I say, testing is always a great thing, but leave the true hardening to the ones who sell Linux-based systems for profit. I mean, the GNU General Public License leaves the code open for anyone (including IBM thorugh maybe RedHat) to fix any problems, just as long as they commit their changes back to the main branch. This means we as Linux users benefit from Big Blue's hard work in making the kernel enterprise ready.
I think this is the way it should to work going forward.
I'd love to be on THAT team!
I wonder what the final straw was?
Yes. Simply follow the rule "think globally, act locally". Every NAT network bigger than a few machines should handle their own internal DNS.
Instead of upgrading every stupid OS in the world to a smart one which is obviously not viable in the short term, simply install a local-only name server that resolves all of your rfc1918 machines locally. This can be "anyname.anydomain.anytoplevel" for each machine. This satisfies the hunger of those stupid OS's. This should be SOP on any local network using NAT.
I hope they can afford to scale!
But seriously. I think it would be very hard to "kill" Google. Google's web server is home-grown and completely customized for their purposes. Teoma is using IIS 5.0 and is going to have to deal with licensing issues, costly security patches and instability.
It won't happen.
I agree "Let's not go on about who killed who", really. All these people who are so afraid of the CLI when sometimes it is exponentially faster than trying to find the right app to click on. Windows just get in the way. That's what $PATH is for. Perhaps we techies are to blame for holding the end users' hands. Maybe showing newbies the CLI from the start is the answer. I used KDE for a few years and Gnome, then KDE again and now I use Ximian because I like it.
I mean when the chips are down, which is easier, typing "netscape slashdot.org" or double-clicking on an icon, clicking in te right place and typing "slashdot.org"? I think they are about the same. Its really psychological (CLIophobia?). In my book, a good CLI is the ultimate in user friendly!
I started out doing tech support at a cute little mom and pop ISP in Palo Alto. We were Solaris based and the owners did tech support and admin at Sun in the early days so they knew Unix (at least SunOS) really well. They taught me everything I needed to know to be a good sys admin:
1) I learned that customers are the most important part. Even if they don't know what they want, its your job to figure it out.
2) I learned to program in Perl and the shells and some C.
3) I talked to people like Celeste Stokely
4) I gained a passion for fixing and building and maintaining and automating and being the hero.
5) Yoga and a good hard-core bike ride or a trip up the hill for some boarding helps as well.
6) I learned about other Unices and GNU/Linux in my spare time and learned to recognize the differences.
I don't have a CS degree or any certifications. I have a wealth of real-world experience. I think that is what really counts. Don't get me wrong; I am going back to school to get a CS degree but only after I learned my passion. Working at a small but busy ISP has given me a great perspective on being a sysadmin. There are other ways to learn, but if you don't want to go back to school, I'd say get a tech support job at a little ISP (if there are any left).
One more thing; plan to keep in shape and not grow a grey beard and fat. No matter what they say, those two are not a requirement.
OK..... two more things; learn how to crunch numbers and how to justify cost so your boss will have an idea about what your work will mean.
Yes but that's what the small increments mean. You can't compare FreeBSD 4.x to Linux 2.2.x; the projects were started at different times and by different people who have different priorities.
I can say from experience that 2.2.17 is much easier to work with from a sys admin's point of view from 2.2.16 simply because of the abillity to monitor failed processes because they die cleaner, rather than hanging, staring you in the face. Each increment is not done arbitrarily "when they feel like it"; when small improvements are made and relative stability is reached, then a final is released. This is the nature of software dev.
At any rate 2.4 will be solid beacause they are willing to take the time to make it so.
I work at a very small ISP and we even have filters in place. Let's say you have two interfaces: T1 (WAN) and ethernet (LAN). LAN has the subnet 168.0.0.1/24 and WAN has IP address 10.0.0.1/30 (examples) with routing between the two (bridges are just plain stupid in all senses of the word). All you need to do is deny incoming packets (from the WAN) to 10.0.0.1 from 168.0.0.1 as well as all TCP packets that don't have the ACK flag set properly, don't use NFS or RSH or FTP without SSH, use NAT with dybamic port mapping for port 80 and you're set. If I were in charge of Yahoo! (I'm not even close) I would fire my Network Operations people and give my ISP hell. The only way we are going to stop this kind of malicious (yet useful) behavior is to
1) Have ISP's make it standard operations to employ anti-spoofing filtering techniques
2) Businesses who are served by those ISP's also employ filtering techniques along with using a DMZ AND employing TCPd, etc.
It seems like a no-brainer to me. I know its possible to "pretend" to be an IP that you're not but what about the "ACK" flag? Were these UDP packets? Am I making no sense? It just seems too obvious.
Netscape is why I don't want to be or work at a Huge multi-billion dollar company. Stay small people.