sysadmin

"The growing use of solid state drive (SSD) technology in data storage applications is shedding light on the way SSDs cope with performance degradation issues. One of the biggest issues is the way these drives collect garbage and delete it from data blocks prior to a write operation." - imabonehead from Bookmarklet

"This guide will describe howto get it running in op5 Monitor. op5 Monitor is vanilla Nagios with some addons so it should be no problem to follow this guide in a Nagios environment." - imabonehead from Bookmarklet

"In this workshop, Ivan Pepelnjak describes the phases of public IPv6 deployment, their impact on enterprise networks and the action plan you should follow to achieve a seamless transition to IPv6 world." - imabonehead from Bookmarklet

"Don't want to pay for Windows Home Server? We show you how FreeNAS lets you create a server for storing, sharing, and streaming all your digital content—for free!" - imabonehead from Bookmarklet

"I had a customer ask me the other day about statistics on the various home pages (system status, software updates and software distribution) specifically with how the software update node in the console gets updated with the total counts of software updates that are installed, not installed, required, unknown, etc. This is something I had not really looked into before. The home page summarization process is unique depending on the feature. There are three major categories of summarization that occurr. The first is system status, followed by software updates and software distribution. The focus here is on software updates. In this particular instance, software updates has a summarization schedule of 4 hours. This means that its 4 hours out of date when it comes to reporting the compliance of software update deployment. This can cause some confusion when reports are run. There is a relatively easy way to work around this." - Eric @ CSTechcast.com from Bookmarklet

"After a record-breaking Patch Tuesday in October, November's security update promises to be a bit lighter with six scheduled fixes, three deemed "critical" and three "important." This month's patch rollout is expected to have five bulletins addressing remote code execution vulnerabilities, while the remaining fix will address denial-of-service issues. The first scheduled fix will be a critical bulletin affecting Vista and Windows Server 2008. The second critical fix affects only Windows 2000. Meanwhile, the third and final critical item touches every Windows OS except for Windows 7." - Eric @ CSTechcast.com from Bookmarklet

"A good server baseline encompasses far more than just running a Performance Monitor for a couple of hours and then calling it a day. All the tips below can be implemented using Microsoft tools that either come with the server or are free to download. " - Eric @ CSTechcast.com from Bookmarklet

"I've been looking into various configuration management/automated deployment tools lately. At OpenX we used slack, but I wanted something with a bit more functionality than that (although I'm not badmouthing slack by any means -- it can definitely be bent to your will to do pretty much whatever you need in terms of automating your deployments)." - imabonehead from Bookmarklet

"IT horror never ends: more real-world disasters, courtesy of your network's weakest link." - imabonehead from Bookmarklet

"I mentioned previously that you can reset a shell by typing "reset." There is another problem that can cause a shell or xterm to freeze. If you ssh to a remote host, and then logout, sometimes the session will freeze. In that case, all you need to do is type "Enter", "~", "." (Enter, Tilde, Dot with no spaces) to get the console back. That's the Enter key, immediately followed by tilde "~", and then a period "." [Enter]~. Also, a convenient way to exit a shell, xterm, or remote ssh terminal is to use Ctrl-D rather than taking the time to type the word "exit."" - imabonehead from Bookmarklet

Virtualization has disrupted the IT department and put network administrators in a position to service the technology without full reach into all of the networking components. The virtualization software, which is layered with networks in every virtual machine, puts an uncontrolled piece of network equipment into each host. In The Essentials Series: Best Practices for Virtual Network Management, Eric Beehler offers a strong understanding of virtualization so that IT departments may create a consensus for managing the virtual network. - Eric @ CSTechcast.com from Bookmarklet

"The server is slow to hell, badly accessing remotely, a simple ls it’s enougth to take a lot of seconds running… openning a program, no way… lot of minutes, time to take a cup of coffee. You, don’t understanding what’s goin on, go get a look at the server, sometimes wishing to reset it, then, surprisely see that the HD LED look’s like the POWER one, but, Red…" - imabonehead from Bookmarklet

"rsnapshot is a filesystem snapshot utility for making backups of local and remote systems, based on rsync. Rather than just doing a complete copy every time, it uses hardlinks to create incrementals (which are from a local perspective a full backup also). You can specify how long to keep old backups, and all the other usual jazz. You’d generally have it connect over ssh. You’ll want/need to run it on a filesystem that supports hardlinks, so that precludes NTFS." - imabonehead from Bookmarklet

be careful, rsnapshot is not very clever in case of failure during a backup. I've swtich to backuppc because of that. - Thomas NOËL

Delta copy is another incremental backup software - http://www.aboutmyip.com/AboutMy... - TrafficBug

"At the recent Defcon 17 conference in Las Vegas, Tufin Technologies conducted a survey among 79 hackers, asking about their hacking habits. According to the survey results, the hacking business is just coming off its summer break and gearing up for the busy Christmas holiday season, so you'd better get ready." - imabonehead from Bookmarklet

And one more thing: Having a central management device to handle firewall configuration is nice, but not a requirement. My company has a hodge-podge mix of firewalls, so we can't use a single management device. What we do is to simply dump the latest configuration periodically onto a windows-based TFTP server and use WinDiff to note the differences, and jot down whodunit on an email... more... - Pandu ● IT Optimizer from fftogo

"Maintaining a large number of security checks can be daunting on a regular basis. The problem with canned Tiger-type security log-checkers and other daily log information provided by the system is that it's not necessarily going to be specific to the use of that system. And, believe me, I doubt that any user, code monkey, or systems administrator has "reading log time" sufficiently designated based on what is available and threatening. Therefore, the best policy is custom configuration, except that configuring more than one system can take a great deal of time. For this we have Puppet and configurable recipes. Once we have our regular systems information, configured in a way we can use it, we can spend a week or so configuring email filters via bash script/cron or Google filters to "really alert us" when scary things happen. Little trade-offs are made in administration, development, and use, in that we "just do the minimum" configuration since we are always running a race against... more... - Joelle Nebbe (iphigenie) from Bookmarklet

use tcpdump to detect probs in a network - Cos from Bookmarklet

"Monitoring system logs or the status of a command that produces file or directory output are common tasks for systems administrators. Two popular open source tools simplify these activities for modern systems administrators: the multitail and watch commands. Both are terminal-oriented commands, which means that they are easily ported to most UNIX® or UNIX-like systems because they do not depend on any specific graphical desktop environment." - imabonehead from Bookmarklet

There are many different backup software implementations out there in the free software and open source world. Cedar Backup aims to fill a niche: it aims to be a good fit for people who need to back up a limited amount of important data to CD or DVD on a regular basis. Cedar Backup isn't for you if you want to back up your MP3 collection every night, or if you want to back up a few hundred machines. However, if you administer a small set of machines and you want to run daily incremental backups for things like system configuration, current email, small web sites, a CVS or Subversion repository, or a small MySQL database, then Cedar Backup is probably worth your time. - Joelle Nebbe (iphigenie) from Bookmarklet

"PGDay.eu is an unique moment were PostgreSQL users and developers can meet and exchange during two days. The event will have several tracks (in both English and French), covering all levels from beginners to advanced users and developers." - Joelle Nebbe (iphigenie) from Bookmarklet

"As the name implies, DoS is a Denial of Service to a victim trying to access a resource. In many cases it can be safey said that the attack requires a protocol flaw as well as some kind of network amplification. Denial of Services is also an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services through the the consumption of bandwidth of the victim network, or the overloading the computational resources of the victim system." - imabonehead from Bookmarklet

"XML fuzzing takes XML message structures and alters them in ways beyond imagination. Breaking the encoding, repetition of tags and elements, dropping of tags and elements, recursive structures, overflows, special characters, and many many other methods will easily corrupt XML parsing and XML-based protocol communications. The result is a denial-of-service situation, corruption of data, or maybe even a situation where hostile code can be executed on the vulnerable host." - Joelle Nebbe (iphigenie) from Bookmarklet

What is flabbergasting is NOT that many of the libraries don't have defensive coding against broken/crap data - it was always expected that there'd be a defensive/verification layer IN FRONT. Sending stuff straight to the XML parser is the same as sending unverified input straight to the database... Oddly enough people doing frameworks for SOAP or REST and other systems perhaps forgot to think of XML as they would a database - Joelle Nebbe (iphigenie)