March 2013 Archives

Over at the Mozilla IT blog is a new post by Sheeri Cabral that every sysadmin in our community should read.

Blog post: When I Moved Abroad

Posted by Tom Limoncelli in Community

Would you like to do a lightning talk at the next BBLISA meeting?

[ This message comes from Matt Simmons at the Standalone Sysadmin blog. ]

Do you love lightning talks? Because I love lightning talks.

When I found out that the DC DevOps group had an entire meeting dedicated to lightning talks, I was jealous. I mentioned the idea to John, Adam, and crew of BBLISA, and they liked it. Of course, when you volunteer an idea, you volunteer /for/ that idea, too, so if you look at the BBLISA Calendar (http://www.bblisa.org/calendar.html), you'll see my name organizing the April meeting. Fun, right?

OK, so here's the plan.

For the April 10, 2013 meeting, I want somewhere between 9 and 12 five-minute lightning talks, which you'll know is around an hour if you're good at quick math. After the lightning talks are over, I want do a "round table" type discussion, where we talk about the interesting things that we heard, and we can get more information on some of the topics. I think it's the best part of lightning talks (being exposed to crazy new ideas) and what always happens after lightning talks (people crowding around the presenters they saw so they can ask questions and learn more). But this way, we all get to learn more.

Here's what I need, though. Lightning talks (obviously?). I need you (yes, you the person reading this message) to give a lightning talk. It's super easy. It's literally five minutes or less of you geeking out about something that you love. If you would come up to your friends and geek out for five minutes about something, then that's all I'm asking you to do now. It's just that your friends are BBLISA, in this case. It's also really great practice if you signed up for a lightning talk at LOPSA-East (http://lopsa-east.org/2013/).

To make this easier, I created a Google Form: http://bit.ly/BBLISA-Lightning-Talks-2013

Just fill out the form. I'll get it, and I'll be in touch to answer any questions or concerns.

The meeting is scheduled for April 10th, and socialization starts at 7pm. We're in MIT E-51, Room 315 (http://whereis.mit.edu/?go=E51 or, if you want directions, http://goo.gl/pAvDy)

Please take a second to figure out what you'd like to present on, fill out the form, and come present. I'd love to hear about your idea, and I know everyone else would, too.

Thanks,

Matt Simmons http://www.standalone-sysadmin.com

-- BBLISA was founded in July 1992 to provide a forum for meetings and presentations of interest to system and network administrators in Boston, MA, and the surrounding areas.

Attendance at meetings is free, and everyone is welcome.

Posted by Tom Limoncelli in Community

Hey fellow sysadmins! Please take 5 minutes to make sure your DNS servers aren't open to the world for recursive queries. They can be used as amplifiers in DDOS attacks.

https://www.isc.org/wordpress/is-your-open-dns-resolver-part-of-a-criminal-conspiracy/

The short version of what you need to do is here.

Posted by Tom Limoncelli in Technical Tips

One technical issue that often plagues me is that you can't make the speed of light any faster. Network latency from NYC to Sydney is going to suck no matter what. Helping users understand this is difficult. Often it is equally difficult to make software developers understand this too. Many times people have asked me, sometimes seriously, if we could just make the speed of light faster.

There is one obvious way to improve the latency between NYC and Sydney: Tunnel through the earth. A direct route would be much faster.

However it looks like scientists are close to a more realistic alternative: use air instead of glass!

"The speed of light, about 300,000 km/s, is the speed light travels in a vacuum. In a medium such as glass, it goes about 30 percent slower, a mere 200,000 km/s."

Here's the full article: http://ars.to/15SOcj9

If you aren't sure of the difference between latency and bandwidth, ACM Queue magazine's George V. Neville-Neil wrote a good description.. Here's a video explanation from Digital Society. I'd love to work with an animator to make an educational video demonstrating the difference between latency and bandwidth.

Posted by Tom Limoncelli

This investigative report by propublica.org is what I thought was going on but had no proof. Basically I've always said that since the IRS gets all the data from our employers and financial institutions electronically, why can't they present our tax forms partially or completely filled out? We should be able to subtract our deductions and that's it. Obviously we should get all the data so we can examine it or hire a tax accountant to examine it.

Anytime someone said "yeah, but the people that prepare tax returns would try to stop any legislation like that" I would say, "oh, don't be a conspiracy theory crazyperson". Well, it turns out the exact bill has been introduced and it has been lobbied against by Intuit, makers of TurboTax.

I think the way to break the gridlock is to start with a half-measure. A law that says if you provide someone their tax data as a PDF, you have to also provide it as an XML file. You would collect all the XML files, important them into TurboTax, and be done. This would make things easier for people and probably save TurboTax a lot of customer support. It would be difficult for Intuit to make a case against this. Yet, after a few years of having tax info in XML files (I propose the extension be ".irs") it would be pretty damn obvious to everyone that the next step should be the option of having a program like ReadyReturn.

Other countries do it. We should too.

This is not rocket science. We should have this service.

Posted by Tom Limoncelli

Today is my last day at Google. After 7 years I'm looking forward to doing nothing for a while, writing a book or two (oh yeah, I have a big announcement: I've signed 2 book contracts! More info soon!), and I'm getting married.

Please, no speculation on why I'm leaving. I was at Bell Labs 7 years too. It's just time.

(FunFact: I found a draft of a "goodbye message" I wrote. The file's datestamp was Nov 10, 2010.)

The annoying thing about job hunting is that usually you have to take random days off from your current job claiming "something came up" or taking vacation days or faking sick days. It is disruptive to coworkers, especially if you are in a team environment with lots of meetings. This time will be different: I'll be free to go at my own pace. (I'm looking only in NYC at this time.)

Officially I'm taking 4 days of vacation so that my last day is April 1st. Yes, my last day is April Fools Day. This is not a PR stunt to promote the April Tools RFCs book but wouldn't have that been hilarious if it was?

Tom

There are still a few copies left of the book of April Fools RFCs.

http://www.rfc-humor.com

They say if you have to explain a joke it wasn't funny. Well, this makes The Complete April Fools RFCs the least funny book in the world. Ok, maybe that's not 100 percent true but you have to be pretty darn technical to get some of these jokes.

There are only a few left in stock. Why not pick one up today?

Click here to see it on Amazon

Tom

Posted by Tom Limoncelli

Find out at LOPSA-East (formerly PICC) May 3-4, 2013, New Brunswick, NJ

(Early Bird Registration ends April 1st! http://lopsa-east.org Space is limited!)

In late October of 2012, Hurricane Sandy was wreaking havoc on the east coast. It was the second costliest hurricane in US history causing widespread power and service disruptions. George Beech, a System Aministrator at Stack Overflow, will be presenting a talk at LOPSA-East 2013 about their successful failover to a backup datacenter and what it took to keep their primary New York City datacenter operational while implementing the Disaster Recovery plan.

This talk will focus mostly on Disaster Recovery and migration for a primarily windows based shop. Including:

  • SQL 2012 failover
  • DNS Migration
  • Dealing with long term shutdown of AD DC's
  • How their DR Plan survived it's encounter with reality
  • The 'Bucket Brigade'
  • 24/7 Staffing rotations
  • How three companies worked together (SquareSpace, Fog Creek, and Stack Exchange) to keep the lights on, and services running.

He will also spend a little bit of time talking about what happened at the 75 Broad st. facility - and the efforts of all involved to keep that datacenter up and running.

Early Bird Registration ends April 1st for the 2013 LOPSA-East conference, May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ. IT professionals from the tri-state area and the entire east coast will be joining us for the most talked about community-driven IT conference of the year. You can find out more at http://lopsa-east.org

LOPSA-East begins Friday with an entire day of training offered by world class instructors. We have half day sessions on Team Efficiency, Configuration Management, Basic and Advanced PowerShell, IPV6 migration, and much more! The conference continues on Saturday, with more half day training sessions along with 45 minute presentations from invited speakers, 5 minute lightning talks, and 'birds of a feather' discussions on participant selected topics. (The entire training schedule can be found at http://lopsa-east.org/2013/lopsa-east-training/)

Register now! Save up to $197 by registering during the Early Bird pricing! Even larger discounts are available for students.

For more information and to register visit http://lopsa-east.org


LOPSA-East (http://lopsa-east.org) is produced by The New Jersey chapter of the League of Professional System Administrators (LOPSA) (http://lopsa.org). This will be the 4th annual conference, being held May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ.

Posted by Tom Limoncelli in CommunityConferences

My 60-minute talk on Ganeti from the Usenix LISA '12 conference has been posted:

https://www.usenix.org/conference/lisa12/ganeti-your-private-virtualization-cloud-way-google-does-it

Ganeti is a cluster virtual server management software tool built on top of existing virtualization technologies such as Xen or KVM and other Open Source software. Ganeti takes care of disk creation, migration, OS installation, shutdown, startup, and can be used to preemptively move a virtual machine off a physical machine that is starting to get sick. It doesn't require a big expensive SAN, complicated networking, or a lot of money. The project is used around the world by many organizations; it is sponsored by Google and hosted at http://code.google.com/p/ganeti.

Thanks to Usenix for making these videos available to the public for free!

Posted by Tom Limoncelli in Google

The next Xen Hackathon will be hosted by the Ganeti team at Google and takes place on May 16-17, 2013 at Google's offices in Dublin Ireland.

I can't make it but many of my coworkers on the Ganeti project will be there. If you use the open source version of Xen and want to get your hack on, please sign up!

Posted by Tom Limoncelli in Ganeti

Early bird pricing ends April 1st! Make sure you register before then to save up to $197! http://lopsa-east.org/

Best way to save money? Start talking with your boss NOW so all that purchasing department paperwork gets done in time!

Posted by Tom Limoncelli in Conferences

...that I got caught in a "spear phishing attack". (A malware attack where they send an email specifically crafted to one or two people.) The email was a receipt from a hotel that I stay at occasionally but it listed the address as being in South Carolina instead of San Francisco. I clicked on the PDF to read it and then realized I was being phished because I haven't been to South Carolina in ages and the invoice mentioned a coworker that I've never traveled with. I started shutting down my computer and made plans to wipe the disks; glad I have good backups but not wanting to go through the pain of being without my laptop until I could do this.

That's when I woke up.

Yes, it was a dream.

I have friend that only click on web links if they are on a ChromeOS machine. The use many machines but if they get a link that is outside their domain they move it to a ChromeOS box to click on it. That's an interesting discipline to develop. I wonder how soon more people will do that.

It used to be there was a small group of people that were extremely paranoid about giving out their social security number or credit card numbers. At the time people called them "paranoid". Now there is this thing called "identify theft" and those people are considered to be "forward thinkers".

I wonder what paranoid behavior today will be normal in the future.

The "Call for Proposals" for Open Source Bridge 2013 has been extended 2 weeks (Sat, March 23).   The current proposals so far are listed online.  The conference itself is June 18-21, 2013 in Portland, Oregon.

More info about submitting proposals is here: http://opensourcebridge.org/blog/2013/03/were-extending-our-call-for-proposals/

Posted by Tom Limoncelli in Conferences

Congrats to all involved! Save next year's date: 7 & 8 MAR, 2014.

(It's already marked in the Sysadmin Event Calendar: http://everythingsysadmin.com/calendar.html )

Posted by Tom Limoncelli

Register early and save! http://lopsa-east.org Space is limited!

Registration opens at midnight for the 2013 LOPSA-East conference, May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ. IT professionals from the tri-state area, as well as the entire east coast will be joining us for the most talked about community-driven conference of the year.
You can find out more at http://lopsa-east.org

LOPSA-East begins Friday with an entire day of training offered by world class instructors. We have half day sessions on Team Efficiency, Configuration Management, Basic and Advanced PowerShell, IPV6 migration, and much more! The conference continues on Saturday, with more half day training sessions along with 45 minute presentations from invited speakers, 5 minute lightning talks, and ‘birds of a feather’ discussions on participant selected topics.
(The entire training schedule can be found at http://lopsa-east.org/2013/lopsa-east-training/)

Register now! Save up to $235 by registering during the Early Bird pricing! Even larger discounts are available for students.

For more information and to register visit http://lopsa-east.org


LOPSA-East (http://lopsa-east.org) is produced by The New Jersey chapter (http://lopsanj.org) of the League of Professional System Administrators (LOPSA) (http://lopsa.org). This will be the 4th annual conference, being held May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ.

Posted by Tom Limoncelli

I'm getting reports that some RSS reading software does not see the latest posts from this list. Please be sure to use this URL for your RSS reading pleasure:

http://feeds.everythingsysadmin.com/EverythingSysadmin

Of course, if you are using an old URL that has gone away, you'll never see this post (so tell your friends!).

Thanks!

Posted by Tom Limoncelli in Site Announcements


I can not confirm nor deny...
If that makes you sad, maybe this will cheer you up...

Posted by Tom Limoncelli in Funny

www.EverythingSysadmin.com is proud to announce our newly redesigned website!

  • New design and color scheme. After nearly 10 years this new design has a more modern feel.
  • New Feature: The sysadmin events calendar is now a tab for easier viewing. This calendar of events is a joint project with Matt Simmons' Standalone Sysadmin Blog.
  • Updated: Author biographies and book descriptions.
  • New feature: A spinning book carousel in the header!
  • New automation for the "See us live", "Awesome Conferences", and "Best of Blog" boxes.
  • Much improved navigation for older posts.
  • And much much more!

We expect to be making minor adjustments over the next few days. Please post bug reports or suggestions as comments to this post.

Thanks to Mihai Bocsaru of PRO IT Service and MovableTypeUpgrade.com who was able to take my ideas sketched out on napkins and turn it into the site you see today. Great job!

Posted by Tom Limoncelli in Site Announcements

The Guidebook App (available for every smart-phone known to the planet) now lists all the events and talks for the Cascadia IT Conference, scheduled to start this Friday in Seattle, WA.

You can download the app whether or not you are attending. I just read through all the talks and they look excellent. I wish I could be there!

There is plenty of time to register! If you are local to Seattle there's no excuse. This has got to be the best "bang for your buck" of a conference the region will see all year.

Posted by Tom Limoncelli in Conferences

Register early and save! http://lopsa-east.org Space is limited!

Registration is open for the 2013 LOPSA-East conference, May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ. IT professionals from the tri-state area, as well as the entire east coast will be joining us for the most talked about community-driven conference of the year. You can find out more at http://lopsa-east.org

LOPSA-East begins Friday with an entire day of training offered by world class instructors. We have half day sessions on Team Efficiency, Configuration Management, Basic and Advanced PowerShell, IPV6 migration, and much more! The conference continues on Saturday, with more half day training sessions along with 45 minute presentations from invited speakers, 5 minute lightning talks, and ‘birds of a feather’ discussions on participant selected topics. (The entire training schedule can be found at http://lopsa-east.org/2013/lopsa-east-training/)

Register now! Save up to $235 by registering during the Early Bird pricing! Even larger discounts are available for students.

For more information and to register visit http://lopsa-east.org


LOPSA-East (http://lopsa-east.org) is produced by The New Jersey chapter (http://lopsanj.org) of the League of Professional System Administrators (LOPSA) (http://lopsa.org). This will be the 4th annual conference, being held May 3-4, 2013 at the Hyatt Regency hotel in New Brunswick, NJ.

Posted by Tom Limoncelli in Conferences

My "4 Unix commands I abuse every day" blog post has been published in this month's Hacker News Monthly!

Check it out: http://hackermonthly.com/issue-34.html

Interestingly enough that post got more hits than any other that I posted last year. It got mentioned on HN (quite an honor) and then the print edition (Hacker News Monthly) contacted me about reprinting it.

HNM is a pretty nice deal. If you don't have time to read HN every day, they pick out the best articles of the month and print them as an ebook (multiple formats) and an actual dead-trees printed version too! It is a great time-saver!

Posted by Tom Limoncelli in Media

  1. Click on the "I forgot my password" link.
  2. If they email you your password, you know they stored it in clear-text somewhere. You should complain. Sadly their first-tier support probably won't understand and will assure you that they take security seriously and you have nothing to fear. Oh well, at least you know and can choose to use a different company or at least use a password you aren't using anywhere else (which, you already do, right?)
  3. If they email you a code to reset your password or a temporary password, then either they stored a hash of the password (hopefully they did it right), or they're doing it wrong and their password-recovery system obscures this fact.

Every sysadmin should know how to properly store your users passwords in a database even if you aren't a programmer. It helps you evaluate services that you may use.

How to properly store passwords in a database:

(This post was inspired this problem that was recently reported.)

Posted by Tom Limoncelli