02.08.2004
Posted in Uncategorized at 12:24 by nlawren
Well, I finished up around 02:30 this morning having had some fun with a machine that decided it would corrupt one of the ext3 partitions (an oracle instance didn’t shutdown cleanly). Managed to get home an d crawl into bed by about 04:00 then went to a very nice lunch with some new arrivals from the UK. Much alcohol was drunk by myself (and a few others) so I was rather pleased when I didn’t have a hangover on Monday.
Monday was a NSW bank holiday which I luckily had off. I spent the day doing computer cleanups and house work. I setup a new 120gig raid1 array on my gateway for use as a backup for the whole LAN (making a raid array is very easy on debian - just apt-get install raidtools2 and away you go). It helps reading the LDP Raid howto but /etc/raiditab is easily reated by hand. So I now have a shiny new 120gig parition to start doing some real backups to. That parition will then be mirrored using rsync over to another machine to ensure having a hardware failure doesn’t cause that data to be lost.
Apparently is was a good day not to be at work I found in the evening - there were SAN problems so the oncall person did not have a fun night.
Permalink
31.07.2004
Posted in Uncategorized at 22:11 by nlawren
So what am I doing? I’m sitting at my desk waiting to be given the go-ahead (once Oracle have shutdown their environements) to poweroff 28 blades and 14 x440’s. What an amazingly fun way to spend a Saturday evening. Looking ahead for the remainder of tonight (it is currently 21:00 AEST), I have tasks going through until 03:30, then assorted teleconferences until 05:00. Oh well….
In other news however, life is good. We finally purchased a nice stainless steel bbq today which will turn up next Wednesday - looking forward to that. The home LAN continues to grow with a nice Antec Sonata case added to the collection. This is for my “play box” - ie blow away, remaster things, etc.
I’m having a lot of fun both at home and work learning more and more about Perl. My bash scripting is getting better as well although I still prefer perl for most things. My latest little script attempts to parse the output of SMdevices under Linux - ie comparing pre and post output for when SAN re-organisation/re-numbering happens. This is unfortunately quite common and the output can be extremely painful to lookat when you have 26+ drive letters to look at in the wee small hours of the morning (and multiple servers to do it on).
My current setup at home is a bit mixed - I have 2 debian boxes (gateway and laptop - 1 sarge, 1 sid) and 2 FC2 boxes (although one of those is the play box). My work laptop now runs FC1 (work build) but I’m intending to move it to Debian following myrddin’s lead.
Now, time to stop writing this and get busy (and try not to fall asleep).
Permalink
29.07.2004
Posted in Uncategorized at 14:33 by nlawren
Well, just to prove I am still alive and kicking (just about). This is being tested from gnome-blog running on my work laptop running FC1 
I am now in the very happy situation of working in a very busy linux team managing rather a lot of interesting servers.
Of course, this has its downside (he says, looking ahead to another all-nighter doing SAN changes on 12 servers including a LUN re-order).
Still, lots of fun.
Now to see if this posts….
Permalink
22.02.2004
Posted in Uncategorized at 11:55 by nlawren
It can be a very frustrating time to try and do your best in a win32 world. Particularly when you have to manage an old forest which has :
- No automated software distribution to servers
- No automated reporting
- No patch management of any sort
- No defined AV updating methodology
So to try and make my job easier, I’ve now implemented most of the above in the test part of the this forest (45+ servers, 9 domains, 5 application servers total used, maybe 5 users). Using SUS. MBSA and some vb scripts I’ve whipped up, I’ve now got the whole test forest doing daily checks of SUS and everything aside from some critical DCs do automatic reboots. Using MRTG, I can monitor what is happening with these boxes (cpu, network, uptime, diskspace).
I’ve also implemented an automated AV updating and scanning setup but haven’t really worked out how to report properly on that. I can at least report via html/csv what the definitions are which is a huge advance over what we had before (nothing).
My manager and co are rather happy about this as this takes rather a weight off them (they now only have to worry about the legacy NT4 stuff - 77 days to patch everything with ms04-007 apparently - horrible isn’t it). My comment to him when he asked about implementing something like that into NT4 land was “If it doesn’t have terminal services and WMI, I’m not touching it.” Meant seriously but also in jest. These two technologies combined with a scripting languages like Perl and vbscript along with technologies like SUS definitely ease the pain.
Now to think some more on how to get AV logs rotated and reported on. Then plan how to implement this into production (yes, it is Sunday….).
Permalink
11.02.2004
Posted in Uncategorized at 8:33 by nlawren
Busy busy last few days. Life returned back to normal on Thursday when the other member of the household returned from deepest, darkest Tasmania. Then the fun started - putting the new kitchen in - work, work, work. Still, it is in now (sans a sink for the moment) and now we just need to put everything back in.
In computer things, I’ve learnt that Net::DNS is a very useful perl module and that Windows2000 doesn’t appear to register PTR records very often (at the end of a 128k link). Annoying to spend a few hours working on a perl script to do DNS lookups only to find that of 195 servers you look up, only 1 (ONE) actually had a reverse record in DNS. Bah.
Installed Fedora Core1 and found it very very nice. The installation was the best I’ve ever seen in a Linux distribution and the desktop is very polished. Yum makes updating easy and even updated kernel correctly - being able to do upgrades like apt-get upgrade makes living in FC1 nice. My current plan is to put this onto a computer I’m building for my mother and see how she goes. Yum is a but sluggish but that is because I haven’t sat down and changed the mirror list for updating. Having used Debian exclusively for the past 18months, moving back to the redhat way of doing system configuration is interesting to say the least.
Knoppix 3.3 has been updated and the German magazine C’T has released the 3.4 version (which includes the 2.6 kernel). This should make a lot more people try 2.6 which is a good thing. The normal version has been officially released yet but is on the way. Speaking of knoppix, a nice article on IBM DeveloperWorks about using Knoppix as a recovery tool.
Both myself and myrddin are experimenting with using Linux software raid - I’ve currently got a 45gig raid1 partition on my FC1 box and am looking to put a raid1 120gig mirror into my firewall/fileserver. The price of hard drives these days makes this a very inexpensive option. I remember the cat /proc/mdstat command and, as usual, found the Software-Raid howto to be very handy in learning and planning the migration.
John from monkeyc has some very amusing comments about blogging and the whole Livejournal/Blogging setup - well worth a read. Now to create a hosts file via perl that I can then use to do my reverse lookups.
Permalink
02.02.2004
Posted in Uncategorized at 17:45 by nlawren
Monday afternoon and I just can’t be buggered. It was a busy week last week and I kept meaning to post but kept getting distracted. End result - nothing but workage all week….
However, it was productive, I managed to get the various vbscripts (virus definition checking, software installed, hotfixes etc) behaving very nicely and kicked out some nice html output. Almost time to try and test it on someone else to see what else breaks I think.
My other half is away at the moment which means much computer time and nothing much else (aside from when I remember to eat and sleep). Still, she gets back on Thursday which is good thing (and then our new kitchen goes in on Friday - which means bye, bye uptimes). Oh well.
It turns out that Mydoom.A/Sco.A (whatever you want to call it) appears to be the working of Russians and, imho, the whole DDOS thing is just a diversion. What media outlet is talking about the remote control backdoor, the keylogger, the smtp engine? None - they are all concentraing on the whole SCO is going down because of nasty Linux hackers crap. I loved the Netcraft document on things SCO could do (what they couldn’t do, of course, is to use Akamai because Akamai uses Linux - unlike Microsoft who do just that). So after a while, SCO is down because….they took out the www cname. Funny really. Groklaw continues to amaze with the depth of coverage of this whole thing - the article on ABI’s is essential reading for anymore even remotely interested in the whole saga (which should be anyone reading this).
Picked up some new computer parts yesterday - amazing how cheap hard drives are these days (AU$145 for a Seagate 120gig and $260 for a Maxtor 60gig 2.5 laptop drive). So, once all these upgrades and swapping are finished, for the first time I’ll be spinning over half a terabyte (578gig to be precise). Life is good
I see John from monkeyc has moved house - with no cable and maybe no ADSL, life will be hard. And yes, John, Dodo ain’t bad at all for dialup.
A wonderful page on how to move data between machines (ie “ghosting”) by using dd and netcat - a very neat trick (he says watching it running in the background). I’ve never really used dd before and this is proving an eye opener.
Now, time to go and hunt down a nice glass of wine which I learn how to train bogofilter on spam.
Permalink
27.01.2004
Posted in Uncategorized at 12:25 by nlawren
And that is exactly what today is like. The good thing is that today being Tuesday means only 4 days until the weekend. The bad news is that I am tired and can’t really be bothered…oh well.
Things I have to do today:
- Learn how to use perl to pull out file properties (ie date and size) to be fed into a html report (useful for checking that virus signatures are up to date).
- Do some research on some strange events in a Win2k Domain controller log.
- Update my RH9 server.
Oh joy, and as I write this (trying out w.bloggar), another new win32 mass mailing worm - w32.novarg.a. Good grief, I’ve hardly even finished patching from last week. Although at least it has a vaguely amusing part with the potential to DoS www.sco.com (I do not in any way, shape or form condone that form of activity but it does indicate the possible level of resentment and anger against SCO). Mind you, thinking about it, it could also be an attempt to drum up sympathy (but I won’t go there).
So, I’d better go and hunt down the latest definitions and get them ready to go in my hand-written, script-driven virus update process (kicking off later tonight). Must try and work out how to kick it off earlier for the next version.
Permalink
26.01.2004
Posted in Uncategorized at 13:01 by nlawren
Last weekend was spent sleeping a lot trying to get over this bloody cough/flu thing. Then went back to work on Monday to find “emergency, emergency” what with this silly new worm. As part of a server support team rather than a desktop team, you would assume that this shouldn’t matter? And in these days, everything should be automatically updated (ie virus sigs)? And who would run a mail client on a server so it would get infected?
Wrong 
Politics kick in and before you know it, you are having to patch a legacy Win2K forest (actually two of them) which are used by about 70 users total. Out of interest, the number of servers actually outnumber the users Still, status reports, severity 1 problems (although no-one on this particular platform actually reported anything) and me being the silly bunny who still knows anything about this legacy setup got the job.
Still, it kept me busy all week - I now have the test environment completely patched with AV, doing daily updates and scans with the RIS servers doing weekly scans (no user data on them), so it wasn’t all wasted time and effort. Lots of batch files and use of windows scheduler. Luckily I monitor all of them via mrtg/snmp so a quick glance at the graphs every morning shows who did and didn’t behave.
I’ll do some work on some perl sripts over the week to pull the signature data out from all these servers and pump it to a html page (so I don’t have to go through this again). Actually looking forward to that, perl is lovely 
Found a nice AV demon to use on linux (actually myrddin did) so have that installed on my main gateway - clamav is very nice and updates as many times a day as you want. It fits nicely into the whole postfix/amavis/procmail/spamassassin thing that I have running.
Other interesting things I’ve learnt in the last few days - when you update from mysql 3.x -> 4.x, run the fix permissions script - if you don’t trying to make things like phpwiki work with mysql can be tricky (the lock tables permission gave me heart ache for a week).
Aside form that, three day weekends are excellent (got to love Australia Day) but back to work tomorrow.
Permalink
16.01.2004
Posted in Uncategorized at 15:37 by nlawren
Which is why I haven’t posted anything for the last several days. Headaches, coughing, general unhappiness isn’t very conducive to actually doing anything computer related. Worked from home for the last two days doing various changes syncing some hotfix releases between a Dev and Test environment (all very boring and time consuming). Went back to work today which was a mistake. Now feel very much like crap.
Some things I have been up to the last few days:
- Installed Kernel 2.6 on one of my machines. Seemed ok but am having some problems with my ps2 mouse and my kvm. This seems to be common but booting with psmouse_noext doesn’t seem to fix it. Annoying and needs more investigation.
- My server continues to limp along - two new drives are on the way, one of which will be living in a combo usb2/firewire external case. That should help the backup situation
- I continue to visit planet debian and planet gnome daily - good work by jdub to start planet gnome which then spread to debian
- SCO continue to bemuse and baffle - the “Father Christmas ate my homework” excuse isn’t likely to impress the judge and yet they continue to release press releases every time the share price looks ignored. Groklaw remains the site for SCO information with PJ doing a truly amazing job.
- I am starting to use subversion more and more as my main version control system. I still have some cvs controlled doco but that is gradually being moved over.
Aside from that, it is Friday afternoon, I’ve just taken more cold and flu tablets and I need some sleep.
Permalink
09.01.2004
Posted in Uncategorized at 11:02 by nlawren
Even over dialup, working from home is more than bearable. Terminal services (which is how I do 99.9% of my job aside from email and IM) makes for a nice working environment. Using ADSL would be even nicer (having a 1500/256 link would be good for that) but various things are causing that to be slow coming down the pipeline
Interesting distribution I stumbled on while doing the daily wander around the web - whiteboxlinux. It is a distro which intends to replace redhat rhel for the rest of us (ie those who can’t/don’t want to pay the costs associated with standard RHEL).
I also finally decided to subscribe to Linux Weekly News - considering I visit their site at least 6-7 times a week and have done for a number of years, I should at least put something back into all the work they have done.
And, in other news, kernel 2.6 has made it into sid (debian unstable). So I will be rebooting shortly to try that out.
Suffering a bit from the “summer” flu going around at the moment - cough, splutter, whinge. Not a lot of fun really, and the reason why I am working from home. Not nice to subject everyone else to my continuous moans and coughs…
John from monkeyc.net continues on his posting storm - sometimes 2 or 3 times a day. Nice site design and some interesting commentary (far better than my own rather twisted TLA laden stuff ).
Permalink
« Previous entries · Next entries »