Linux Czar

A very interesting cheat sheet for examining a suspect server for compromise.

• http://www.zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html

Email at a university.  Such a hot topic.  Outsource!  Outsource!  ‘Email’ and ‘outsource’ are never more than about 5 words apart it seems.  My university has recently made policy that, for students, your university email must go someplace you read and is used for official university communication.  You can redirect your email to Gmail or where ever you would like if you chose not to use the university email systems, but you must read it.  Once you combine this with outsourcing we can no longer guarantee that university mail is delivered to each student.  (Broadcast email for that weather alert and class cancellation perhaps?)  There is a third party that can turn off your email, be unreliable, not provide log information, complicate legal matters, etc.  Generally, the two ideas are contradictory.

So, if you want to outsource your email…its not just email.  You have an entire business process that needs to be changed in no small way.  But why, why for the love of $DEITY, is email the focus of all this?

If email is like the calculator that students are required to bring to college, what about a students’ “web presence?”  We still provide students web space.  Why would that not be required for a student to “bring to college” as well?  Instant messaging?  Blogs?  All these are resources which cost money that universities offer to students.  If a student must come to college with an email address that the university does not provide, should they not require the whole ball of wax?

Let’s look just a bit more at someone’s “web presence.”  Its very much a reflection of an identity and things that a person enjoys the most.  Perhaps like their college sports team.  Why would students not want to have a web presence provided by their university?

Why are we, as universities, so concerned with 1960s technology? (Yes folks, email came about in the 60s, as in when Nixon was president.)  Why are we not focused on the communication tools that modern netizens use today?

As the Linux Czar, I’m asked to interview folks that are applying to jobs that require some Linux skills.  Interveiwing isn’t really my strong point and I always struggle to come up with good questions that will lead the canidate to talk about himself and his skills in a helpful way.  So, here are my own interview questions I’ve been known to use:

• What email lists, blogs, websites, etc. do you read regularly to keep current in your areas of interest and IT in general?
• How do you delete a file who’s name starts with a dash (ie: ‘-foo’)?  What about a file name that contains control characters?
• Tell us about the systems/infrastructure you deployed that you are most proud of.
• What tools and techniques have you used to deploy servers, workstations, etc. at scale?
• What’s the differences in RAID levels 0, 1, 4, 5, 6?  10?  50?
• When would you not partition a storage array?
• Have you used Red Hat Kickstart’s before?  When and why would you use the %pre and %post sections?
• How would you find out if there are duplicate RPM packages installed?
• How do you define a new macro in an RPM .spec file?

Some days are better than others.  Pulling maintenance on a machine that was up for at least 994 days.  I had lost count as the RHEL 3 box’s uptime counter is still a 32 bit integer and wraps every 497 days.

A friend of mine mentioned a book that’s been making the rounds a LISA and other groups of skilled sysadmins.  The Practice of System and Network Administration.  So I looked it up on Amazon and ended up ordering myself a copy.  I must admit, I’m very impressed with what I’ve found so far.  The book is full of those rare gems of wisdom that sysadmins collect over the years.  In what I’ve read it really seems to do justice to passing on knowledge of the soft side of being a systems administrator.

The first chapter has several lists of things every sysadmin should have or know, or points to follow to assess and survive specific situations.  One of the points that I found quite useful was in dealing with getting your tools back after you’ve loaned them out.  The most common thing, of course, is loaning out a screw driver.  The suggestion of this book was to keep several screw driver sets handy and just give that person their own set rather than loan out your own tools to be lost.  Don’t accept the set back either.

This really struck home because I spent all of what I think of as my junior sysadmin years with a $10 Black and Decker screw driver kit.  Its a great kit with 80% of what you need to have for cheap.  I normally see them on display in Home Depot quite a bit.  I’ve never seen a ratcheting screw driver kit that would do better for the cash.

So, that begs the question: What do I use for a screw driver today?  My choice is the Husky Pro ratcheting screw driver.  It comes with very few (although good quality) bits, but I’ve collected my own set of bits.  (By some extra philup #2 bits while your at Home Depot.)  The screw driver itself feels really comfortable and easy to use.  The ratchet controls wont accidentally flip to another setting.  It has a long shaft not often found on a ratcheting driver that makes it easy to work with screws inside a dense rack of equipment and wires.  It is magnetic which is handy, and contrary to common belief will not harm computer componets unless you are working with a floppy disk or tape cartridge.  When I just need a normal phillups #2 I also have a few drivers from Klein Tools.