IT Administrators

I’ve been to this site before, but someone reminded me of it this morning. Aharef is a javascript that creates a graphical representation of a website. Is there any purpose to it? Of coursenot, it’s just cool.

http://www.aharef.info/static/htmlgraph/

Here’s what itadmins.org looks like:

I just wanted to post a few notes regarding my experiences with the SanDisk Sansa E260R. Today, I attempted to play a SecurityNow! podcast and, low and behold, the Sansa rebooted for absolutely no reason. I thought nothing of it. The stoplight had turned green and I switched over to XM instead. At the next light , I looked down at the seat and the Sansa was stuck in some kind of loop. The SanDisk logo would pop up, then the Rhapsody logo, then it would restart. I held down the power button and it turned off after about a minute.

This afternoon, Recovery mode worked (Hold Switch On, REC + Power) and I copied the latest firmware to it. After unmounting the drive, I disconnected it from the USB cable. To my astonishment, the same results occurred: still rebooting.

It was time to search Google. Everything pointed to the firmware. Someone even suggested loading the firmware 3 times to see if it would take. It was almost time to give up when I found a small post suggesting dropping a blank file called sansa.fmt onto the recovery partition. After an unmount, the Sansa Recovery Mode formatted the drive and it booted normally, minus all the content, of course. At least I didn’t loose the device!

I finally had the opportunity to load Tomato on my WRT54GS v.3 over the weekend and this is absolutely the best firmware I have come across to date. The interface is clean and offers something DD-WRT does not: realtime bandwidth monitoring from the web interface. Thus far, it has run very stable. There is also a noticeable difference in response times.

A little word of caution, though. After my installation, I HAD to reset the router (not power-cycle) via the reset switch. If you notice any issues of your password now working properly, the device more than likely just needs a reset. Another way around this problem is to restore your router to it’s factory defaults prior to the Tomato installation.

The Tomato firmware is available at http://www.polarcloud.com/tomato.

Secure FTP is a method of encrypting a standard ftp connection.
I followed the FreshMeat tutorial written by John K Norden when implementing this service:

http://freshmeat.net/articles/view/1576/

“Why would you want to implement something like this?” someone may ask. It’s very simple. Once you have sftp and scp, you can implement encrypted offsite backup, provide a quick and secure method of receiving files from clients, and you never have to say you left your file at home again.

Open source software is constantly being put down for one reason or another by people with interests other than your own. Keep in mind, I am by no means a zealot and I reserve my Kumbayahs for the rare occasion that I can joke about them. I wear brand name shoes, still enjoy driving for no reason, and shop at retail stores that proabably oppress their labor in some way. I just wanted to take some time to express some of my opinions on a few of the excuses that have cropped up this year and lay them to waste before 2008. Myth 1: Open source software is not secure because there aren’t as many people using it. This notion made it to the top of my list because it bugs the hell out of me. Somehow, Joe Computer claims that because Windows has more users, it is more of a target. That being the case, if more people used open source, it would attract more bad guys and script kiddies. If Linux faced this kind of pressure, it would result in more viruses on Linux, right? Dead wrong! Let me dissect this one piece at a time. Windows has more users for now. That I can agree with, but the second part of this statement does not take into account that it is easier for a nefarious technologist to discover problems with proprietary software and keep them to themselves for fun and profit. Will the vendor discuss any problems with their product ahead of a patch? Never! That’s bad for their business model. The past few years have been riddled with incidents of what is known as zero-day exploits. With my sysadmin hat on, I like to explain these incidents as passing the time staring at virus scanners, hoping I unplugged it from the network in time. In simple terms, zero-day exploits mean we had no warning before the flaw was exploited. It defies the logic of open source to be exploited more regularly because the user base has grown. If a company / developer neglected its users, the users can move on to a product that is more secure. Myth 2: Open source software is derived from communist/socialist/un-american thinking. The GNU Public License was developed in the United States in a team led by an american lawyer and an american programmer. Red Hat, arguably the largest open source distributor is based in the Carolinas. Novell, a company in Utah, now owns SuSE Linux (Number 2 Linux distribution in the corporate world). BSD stands for Berkley Standard Distribution (That’s Berkley, California). Read the Cathedral and Bazaar by Eric S. Raymond before you make a decision on the political affiliations of programmers. It is sure to enlighten anyone on the fence about whether to use open source software. Myth 3: There is no competition in open source software. Once you make a decision, you live and die by it. There are more distributions than you could possibly imagine. There are hundreds of email clients, several web browsers, and more text editing options than anyone could possibly count. When someone comes up with a new idea, they post their source code and others build on it. Many programs are available across several distributions, making it very easy to replace your vendor for the OS and keep the programs. Several groups have nicknamed the open source method “co-opetition”. Myth 4: This is an IT decision and it’s up to IT to figure this all out. Computer users have a strong interest in influencing the decisions when it comes to software. Technology professionals can help in anyway they can, but keep in mind that they will not be the ones working day to day creating your data. We try every day to keep your computers running at their peak performance, but if you would prefer having a technician that can research and locate that last piece of the puzzle (the killer app for what you do) rather than someone who makes you put your work on hold while they have to cleanup the spyware and viruses, by all means, at least talk to them about Linux. Once you accept viruses and spyware are just a cost of doing business and that’s why someone’s paid to take care of the computers, you have accepted interruptions in your workflow, costs of safety precautions (antivirus/antispyware/time), and the stress related with losing data to malicious code. I will be starting a forum soon entitled Technology Myths to accompany this post. Maybe, next year will be the “year of the desktop”.

When I was strictly a windows admin, I spent a lot of time digging around try to find the perfect utilities to provide the little extras that make a system run properly. Things such as the AdminPak, almost anything on sysinternals, etc. made my job so much easier. I spent a little time digging through the Add/Remove Programs feature of Gutsy recently and am amazed at the magnitude of options for sys admins that are available now. These are the tools I have recently been working with in no particular order: AptonCD This tool will allow you to create and burn an iso of all the packages in your apt cache. The strongest benefit of being able to do this not waiting for updates to download on each machine. It is also helpful for any computers that may be isolated from the Internet for security reasons (i.e. the ones with personal files that should remain personal). While working in the corporate world, there was always that one machine hiding in a corner that no one else had updated in years. I was always the one crazy enough to touch it. Having a tool like this saves the time you would normally spend staring at a progress bar. Disk Usage Analyzer While harddrives seem to increase in capacity every few months, we can’t expect everyone to go out and grab a terrabyte all at once, right? Included by default in the past few Ubuntu releases, this application allows you to dig down into a harddrive and answer the all important question of where all that storage went that seemed like plenty 6 months ago. It works on pretty much anything mountable (including the thumbdrives that I constantly run out of room on). Boot-up Manager Remember how msconfig could turn a crawling 98 box into a racehorse again? Ubuntu has a tool called Boot-up Manager that provides similar capabilities. With it, you can control services and modify your startup and shutdown scripts. Very handy for experimenting with servers that don’t need to start all the time. Gnome SSH Tunnel Manager Tunnel, tunnel, tunnel. When in doubt as to your access, tunnel the traffic. gSTM allows you to store SSH tunnel configurations and enable these connections on the fly. This is ideal for remote administration of those insecure services we try our best to avoid making public (telnet, vnc, web, etc.). Gmount-iso Mounting an iso image has never been easier. Why would you mount an iso image? Because you can, of course! Htop The top command is very useful, but Htop adds a few features, such as a full path to the command that is running and graphical representations of resource usage. GtkOrphan Find all those extra packages that loom around after testing. User Profile Editor A tool to graphically configure all profile settings, with the ability to clone settings among users. This is an absolutely necessary tool for multi-user systems. Create a new profile and select Edit, an x-session pops up on the screen. Ideal for setting up menus for my daughter’s profile where she won;t need access to tools such as User Profile Editor. In closing, I want to emphasize a piece of knowledge before I spend tons of time defending myself in comments. I know these packages exist for other distros. I know Gnome is responsible for some projects and most of the rest are sourceforge projects. I am just rather impressed by the recommendations my favorite distributor is choosing for their repositories lately. P.S. The usual disclaimers about modding your own system apply. Do not complain if you some how break your system using these tools. Proceed with caution, sharp tools are these.

If you are new to the industry, terminology is key to your success. It helps you convey your problems to vendors and co-workers accurately and can increase your response time dramatically. Lantronix is currently offering some basic network tutorials that I highly recommend to anyone without a formal education in the IT industry: http://www.lantronix.com/learning/networking.html

I’d like to recommend an open source project for anyone interested in web-based project management. It’s called TaskFreak. What it can do for you is help you keep track of everything you’ve completed, need to do, and want to do. The developers have a great respect for the organizational style called GTD (Getting Things Done). All you need to do is input all your daily tasks, prioritize them, and then add notes as you work on them. I currently use it at work, at home, and even for planning this website. One of the best features is the ability to generate very concise and well-formatted reports. There are three versions available: Single User MySQL, Multi User MySQL, and Single User SQLite I’ve been working feverishly on personal organization lately and TaskFreak! has been a powerhouse to reduce my stress levels. Anyone can download it at: http://www.taskfreak.com/

I had a specific beverage name in mind for the title of this entry, but I don’t think it’s fair to associate it with what I’m about to talk about. Recently, a software vendor has told me that it is impossible to export records from their database (written in MS SQL, btw) and transfer them to another database elsewhere. It is completely obvious that they don’t want to do it for fear of messing something up. It is also obvious that they don’t have DBA’s anymore. There has been one other thing about this vendor that has driven me nuts for a really long time. When I went to a training session in their office a couple years ago, they tried really hard to make me see things their way: Just lay down, don’t get involved in what our product should be able to do and we’ll feed your users a bunch of garbage about us being more than a vendor. Think of us more as a partner. I was invited to join user groups (for a fee) to help “ensure the features you want to see are included in the next version”. I didn’t join. I just want their crappy software to work right out of the box. Maybe I’m old school, but that’s what I expect with all my vendors. If someone gives me poor service, I write them out of my plans, I don’t try to negotiate for better service. Some of these vendors have forgotten who the customer is. Just a tip for all the other admins out there, the second you drink the Instant Liquid Beverage of a company like that, their hooks are in. The next feature you want will be another lump sum payment. Want more users? Here’s the upfront cost and here is the cost for annual support. Here’s what I would like to see happen: Hear me out before you completely dismiss this idea. Microsoft needs to regulate vendors that sell bolt-ons (aka front ends) to their products. When I worked in the wireless industry, this was common practice. It still is today. The carriers chose which vendors work with their cellular service and instill a certain level of quality into the customer experience by filtering out things that work and things that run like trash. I want to be abundantly clear: this does not give Microsoft a monopoly nor would it be monopolistic for Microsoft to take complaints from third-party clients. In my case, if I don’t like the decisions Microsoft made, I could find a front end for MySQL, DB2, or even Oracle. What a little more difficulty from Microsoft would do is make these little development places that are too lazy to write their own backend from messing up businesses by writing things that they can’t even figure out a couple years later. I highly recommend that anyone who makes technology decisions make sure they are not seeing too much value in a specific vendor. At all costs, don’t drink if they offer it!