Being a better Sysadmin
Sunday, August 26, 2018
Introduction So I think a lot of us take backups for granted. It's one of those things you look at once and then tend to not worry about too much. As long as its working, why worry? Except… if you don’t look at it, how do you know how well its working? I’m talking from the viewpoint of a senior engineer or manager here of course, hopefully if you’re a junior engineer who has been put in charge of backups you’re making sure that the current system works well and telling people about any concerns you might have.
Continue reading →
Wednesday, March 14, 2018
Finally. Finishing up after Part 1 and Part 2, this is the end of my updated thoughts on an old Server Fault post with some final thoughts on reducing risks in the future.
Reducing the risk in the future. The first thing you need to understand is that security is a process that you have to apply throughout the entire life-cycle of designing, deploying and maintaining an Internet-facing system, not something you can slap a few layers over your code afterwards like cheap paint.
Continue reading →
Wednesday, March 14, 2018
Following on from Part 1 of my revision of an old Server Fault post, we will continue on to look at remediation after an intrusion.
(Part 3 available here)
Understand the problem fully: Do NOT put the affected systems back online until this stage is fully complete, unless you want to be the person whose post was the tipping point for me actually deciding to write this article. I'm not going to link to that post so that people can get a cheap laugh, but the real tragedy is when people fail to learn from their mistakes.
Continue reading →
Wednesday, March 14, 2018
Introduction In this series of posts I’m revisiting an answer to a question that appeared on Server Fault way back in 2011. I’m pleased to say that it’s been viewed over 100,000 times, and I like to think its helped a few of them.
But it’s time to look again. Since I wrote that post, there have been some huge intrusions, such as the well known Ashely Madison, Anthem Medical Data and JP Morgan breaches that affected millions of people.
Continue reading →
Saturday, September 9, 2017
One of the things that I’ve always been interested in is automation, and being able to reproduce a ‘known state’ reliably and consistently. This applies at work when building servers or workstations thanks to tools like SCCM and Fog, and should be in your grasp at home or in even the smallest office, thanks to Chocolatey.
Not to make a fine point of it, between my last post and this one I’ve rebuilt my PC, installing windows from scratch and all my applications, prepared breakfast for my partner and myself, started some laundry, and dealt with the cat pulling the net curtains down in my study.
Continue reading →
Saturday, September 9, 2017
I’m currently reading /r/sysadmin on reddit at the moment, specifically this post from someone ranting that a user complain that “malware spam e-mail” went to their mail client’s spam folder. While this is classed as a rant on the site and not intended as deep analysis of a problem, their entire comment on this was:
What the hell? This is exactly what it should have done! I'm really not sure what to say to this, or to the responses that suggest telling the "
Continue reading →
Wednesday, June 7, 2017
As I’m sure most of us know by now, SHA1 cryptography hashes have been increasingly under attack, and are now regarded as fully broken. In fact, my use of “now” kinda understates the point; you should be urgently looking to upgrade to SHA2 if you have any devices or servers using certificates.
If you’re not aware of these risks then please look around. There are some good introductory articles on the entrust website that talk about this issue, but please note that these articles are from 2014 and somewhat understand the urgency of the issue.
Continue reading →
Sunday, August 4, 2013
I’m currently heading an Exchange 2007 to Exchange 2013 migration at work and I’m going to share the thoughts and notes that I’ve made on the process so far.
The actual install process was fairly painless to be fair, with one CAS and two Mailbox servers currently configured, but I have encountered one problem with certificates that I thought I would share:
We required a new Unified Comms certificate as part of the rollout, so I used the Exchange Admin Centre (EAC/ECP) to generate a Certificate Signing Request on the CAS server.
Continue reading →
Thursday, May 16, 2013
So we’re a Mimecast customer and today they had a few problems with their email services in the UK going offline for a large part of the working day. No big deal as such, other than that they make big claims for their own availability and have been quite ready to point out the failings of others in the past - and the responsible people at those others are probably reacting to today’s events by pouring champagne down their throats as fast as they can get the bottles open… well maybe not at Google.
Continue reading →
Friday, May 3, 2013
I see lots of people talking about and asking about hardware being “prepared for BYOD” and/or “BYOD ready”. Most of the time they’re talking about Wireless Access Points(WAPs) or other similar items of infrastructure.
In a lot of ways, as long as you stick to a reputable vendor, what make of WAP you buy is the least difficult and least interesting part of the project - you wouldn’t focus too heavily on what brand of switch your desktops were wired into as part of a project to give everyone access to a new corporate intranet site from the desktop - you’d spend more time checking that the site’s CMS system worked with your standard browser and thinking about what content users should be able to get to, and how they’d get to it.
Continue reading →
Tuesday, April 30, 2013
Let me just start this post by saying that professionally at least, I’m a happy Dell customer. I’ve built up a good relationship with them over the years, met senior Dell staff and we almost exclusively use their server & storage infrastructure where I work, we’ve used them for consultancy in the past, and I’ve been delighted with the results. This is not me hating on Dell.
But I am going to have to take them to the woodshed over a recent post by Andre Meier on their corporate blog, “Tablet matters - taking the right decision”.
Continue reading →
Tuesday, April 30, 2013
5. "Nuke from orbit" is still the best approach to a rooted system. See http://serverfault.com/a/218011/7783 I've talked about this in the Server Fault answer above, and I might do another post diving into some of the details behind my beliefs here but the drive to rebuild after getting a system compromised comes down to trust. For an illustration of why I use that word, please read "reflections on trusting trust"
Continue reading →
Saturday, March 23, 2013
Based losely on a series of tweets I made last year.
10. Documentation & planning may not be fun but they can be the difference between being promoted & being fired. It's easy in support and operations to get sucked into the mantra that documentation doesn't matter, or more likely, that yes it does matter but not as much as getting things done. Documentation is part of getting things done. Making and using documentation is a vital part of being an IT Professional, as opposed to being someone who is good with computers.
Continue reading →
Thursday, March 14, 2013
We are almost exclusively a user of HP Procurve switches where I work. We have a wide range of models that we’ve used at both core and edge and have been happy with them over the years.
One important part of our current toolset for managing switches is the HP Procurve Manager Plus management tool (another part is the invaluable tips on the evil routers website). Once you move beyond a certain amount of switches it becomes inefficient to manage them all by hand and tools like this which allow you to bulk manage error and performance logging and manage switches in bulk become invaluable.
Continue reading →
Saturday, March 9, 2013
We’ve been migrating from SCCM 2007 to SCCM 2012 at work. One very interesting part of SCCM 2012 for us has been the support for Mac OSX that was added in SCCM 2012 SP1. We have about 70 Mac clients, I guess, on top of about 1500 Windows clients, and those 70 clients need a dis-proportionate amount of time to manage, not because of any problems with Mac OSX as such, but rather due to the lack of real tools available to manage a large desktop roll-out.
Continue reading →
Tuesday, March 5, 2013
What we’re going to here is go back. Way back. A long time ago, I made a brief comment on Mr Angry’s blog article about project managment disasters where I suggested a reason for the difference between a high level management view of IT projects vs. a lower level IT “Engineer” view of those projects. Mr Angry spun my comment into an entire article and made quite a few good points about how people at different levels look at these kinds of projects.
Continue reading →