March 15, 2008
I sat the RHCE exam as part of the RH300 class yesterday and passed! This was my first time taking the RHCE and it was a very good experience.
For all of those that I kept replying in emails or in IRC that “I’m in training this week” you should see me being a little more responsive to emails and such as I get back into the more normal swing of things.
July 22, 2007
For those not following, The Columbus Dispatch ran the following article today:
The intern forgot to take the backup tapes inside. He has now lost his job. Uh, what is the State of Ohio doing sending tapes to people’s homes? This intern is apparently told to take the tapes home with him, forgets to take them out of the car and is fired when they are stolen from his car because he apparently only remembered to take them in 85% of the time.
Let’s take a step back for a moment. Does the State of Ohio really condone taking backup tapes home? Are they really that much safer in the apartment or home of the intern? It sounds to me like the State of Ohio really needs to look at some of their policies if backup tapes going home with people is acceptable.
Folks… tapes containing sensitive data should not be taken to an employee’s home. There are service available in Ohio that will transport your tapes to secured facilities with paper trails. Even in these cases, the sensitive data should be encrypted.
March 15, 2007
Looks like everyone is releasing software this week! Microsoft released service pack 2 for Windows 2003 Server and Red Hat released RHEL5. Good stuff! I haven’t had much time other than to read feature lists and release notes on either release yet. SP2 for Windows seems like a typical service pack with a couple of features thrown in (I thought MS was going to quit releasing features in service packs!) and RHEL looks to have made several improvements – though a minimum requirement of 1GB of RAM? Apparently folks are getting it to install with 256MB if you do text mode and minimal install. We’ll see how that goes once CentOS releases their spin…
March 11, 2007
So far, so good. I had written a script last wek to check the time on all the servers (Windows and Linux) and email them to me as a text file. That gave me a very quick way to see the state of affairs this morning when I woke up. All the servers looked good – they had all updated the time correctly as expected. I went into work this morning anyways, as there is a manual timer I needed to change which has no concept that DST changed and probably never will (it has been on the list to be replaced with something that uses NTP anyways, so no major loss there). I logged on from a machine or two, made sure my proxy auth was still working (I have a squid proxy tied into AD which is very sensitive of time drift due to kerberos). Everything seemed good.
So hopefully tomorrow will just be a million questions about why some calendar appointments are off (after the userbase certainly ignored the emails I sent on the subject when we initially patched the client OS’s) and probably a machine or two we just forgot to update. I am keeping my fingers crossed.
On a humorous note – I popped on Lady Elfshadow’s laptop this morning and saw the time was off! In all the prep for keeping work machines updated I had neglected to update her iBook. Easy fix, just check the available software updates, tell it to grab the DST fix and a reboot later it was good to go.
March 4, 2007
March is the Month of PHP Bugs. The Project’s goal is to improve PHP security. The bugs they are announcing each day are bugs with the core PHP code itself, not just poor coding practices of various PHP applications out there. A lot of this was sparked when Stefan Esser resigned from the PHP Security Response Team several months ago. (You can read an interview with him here.) He felt issues were not being addressed promptly enough or being ignored – and so we now have the Month of PHP Bugs.
My thoughts on PHP are conflicted. I used to be a big fan of PHP apps, they seemed to solve a lot of problems for me at work or other places (i.e. this blog is PHP based). But then I started to do some work with the Fedora Infrastructure team who had a poor opinion of PHP based on its security track record. I still use PHP applications, but I do tend to look for alternatives when I can. My PHP work apps are internal applications and safely behind the firewall. The publicly exposed PHP apps I use tend to be for personal use and are installed at my hosting provider who provides me the lazy path to updates through the one-click installs. So at least the path to upgrade is just a few clicks away.
In either case – looks like March might be a busy time for admins with a large number of publicly exposed PHP applications.
March 3, 2007
Looks like WordPress had a breach in their security and someone was able to add some exploit code to some downloads of the 2.1.1 release. Not all downloads were affected, but WordPress has released 2.1.2 to help eliminate any issues. My host had just recently upgraded their on-click installs to 2.1.1 – looks like another time procrastination paid off as I had not updated yet! You can read about the issue here.
February 27, 2007
It didn’t take too long for this to crop up. A Windows Vista bug that forces reactivation. This bug in their highly touted Software Protection Platform forces a user to reactive their copy of Windows Vista over things as simple as a device driver update, installation of a program, the running of a program or removal of program. Apparently in some situations the only way to resolve the issue was to call Microsoft.
This is one of the biggest reasons I despise all the activation hoops and genuine windows detection Microsoft has so heavily been investing their time in. Problems such as these cause the paying customer (often times corporate customers – where hassling with reactivating OS’s is $$$ lost) trouble. Meanwhile the software pirates will continue to use their tricks to avoid having to deal with any of this. The person that suffers is Microsoft’s legitimate customer!
I understand that Microsoft is plagued by software pirates not paying for their operating system or other applications. Inflicting troubles such as these on customer is not the answer though. It’s bad enough for a non-technical home user to have to deal with this. It is equally unpleasant for corporate help desk folks to have to deal with this as well. There are enough other issues that aren’t directly inflicted by Microsoft to deal with on a day to day basis that people don’t need even more issues.
Now Microsoft does acknowledge this is a bug with the OS. However they failed to actually announce this patch until it started hitting the tech news sites. Then they admit that they released a patch at the end of January. Of course you can only get the patch from Windows Update if your operating system is proven legitimate. Brilliant! Microsoft is their own worse enemy these days.
February 22, 2007
Google has announced the launch of Google Apps Premier Edition. The Premier Edition will have the following applications available:
Messaging and Talk Applications
You can get all of this for $50 per user. The email limit is 10GB and things can supposedly be made ad free. They are also guaranteeing 99.9% uptime for email.
This looks like a pretty good deal to me. There are some reservations, but at an early step forward I think this is a strong start. Several years ago Microsoft stated that common applications would be hosted on the web. And while Microsoft has their Windows Live, it appears that Google is much more structured and organized in their pushing these applications to the corporate customer.
I have recently started making more and more use of the Google Calendar, Docs and Spreadsheets. The Calendar largely due to some repeated issues I have been having with my PDA. I was tired of it failing while I was at home over a weekend and not having any calendar or contact information, so I finally started making more use of the calendar and contacts portion of the Google apps. I have also started using the Docs and Spreadsheets more often as well. I find it convenient to access from multiple computers and operating systems. The links they have added to GMail to open documents in Google Docs has been pretty useful as well.
I am still not comfortable with certain confidential documents up there though, so that is a limiting factor. I also have some issues with margins in certain docs when I print them. I may just be overlooking a setting though. I am looking forward to seeing these hosted applications expand in the future in their features.
February 21, 2007
I was browsing /. this evening and someone has linked to a hilarious Dell page touching on the hardware requirements for Windows Vista. The page is here. Once there choose the hardware link and browse the Hardware Requirements portion. The page is covering the various labels they have been putting on computers in preparation for Windows Vista – you know the ones like, “Windows Vista Capable” or “Windows Vista Premium Ready”.
On Dell’s page here is what they say “Windows Vista Capable” is good for… are you ready? Here it is:
““Great for… Booting the Operating System, without running applications or games.”
Great! So Dell is saying that if your computer is only labeled as “Windows Vista Capable” you had better not be wanting to do much more than boot the OS! Good luck to you if you actually want to run an application and use your computer! Of course they are listing the “Windows Vista Capable” hardware as only having 512MB of RAM and I know there are “Windows Vista Capable” machines out there with a GB of RAM. Still sort of funny though!
February 16, 2007
It looks like I have run into my first real issue with VMware Server. After many successes I have finally come across a problem. We are ramping up for some testing for an ERP upgrade. To help allow us more complete testing I decided to role our current physical test ERP server into a VM. Day to Day operations in that test VM have been working fine. I have done some DB restores, people have been using the VM for normal testing and no issues to report.
Last night we tried our first upgrade of the software. It failed part way in saying it had lost connection to the database. We looked at the errors just a bit, but decided to roll back to our shapshot and then re-run it. No point wasting time on what could have been a fluke. The second upgrade also failed. There were several errors including ones saying we needed to run DBCC CHECKDB on the database. We did that and it returned clean, no errors. Running it again though resulted in a lost connection with the server error. More digging in the SQL logs also showed I/O timeout errors as well.
Doing some searching through the VMware forums show there are several others that have had this problem. So far, no one has a good solution to the issue. The best I have seen so far is to create a VM in GSX Server and then upgrade to VMware Server. I would rather avoid doing that, so I have not tried it yet.
In looking at the VM it appears it is using the buslogic driver (the OS is Windows Server 2003). That is not the ideal driver, so I will try switching that to the LSI driver tomorrow and also increase the amount of RAM available to the SQL VM to see if that can help us get by the problem. If not it looks like I will have to go back to a physical box for a bit to keep from holding testing up at this early stage.
Seems so odd that I am seeing this issue though. I did some serious testing in VMs with Exchange upgrades, restores, etc and had no issues at all. Some of the Exchange restores included 15GB restores, much larger than the DBs I am working with now. Hopefully I will get this figured out or VMware will come up with something – it doesn’t appear I am the only one facing this issue.