SysAdmins Log

So some of you might be thinking… mainframes? Really?

Well I am currently taking a course on mainframes. I must say, they are fascinating marvels of computer engineering. They are robust, redundant, and most importantly, extremely powerful.  They have processing power for transactions unmatched by any current server architecture. Any bank with any sizable customer base has one, yes that’s right, every time you swipe a credit card (or buy something with it online), deposit a check, take out money at an ATM, that transaction makes it way to a mainframe which is locked away and guarded heavily somewhere deep within the confines of one of the banks operations centers.

How have they lasted so long? Well for starters they were damn expensive to buy, then software which was written on them was also expensive. So did IBM take the position of Apple and say, “sorry this new version just wont run that old cruddy COBOL transaction processor you wrote for 2 million dollars, you’ll have to rewrite it…” Of course not, they wrote their systems from the start with backward compatibility in mind, this means that mainframes that just rolled off the assembly line yesterday are fully capable of running that COBOL program written in 1973 with no performance degradation or negative side effects.

Oh yes, that’s right, those transactions form your 21st century online purchases are being handled by a 20th century COBOL program, shocking yea?

Now this backwards compatibility and amazing capability has come at a price, and that price is in ease of operation. A mainframe is nothing like a server, you need a team of highly trained individuals to use it, the mentality of operation is vastly different from that of server. You cant just sit in front of a mainframe terminal and log in and go on your merry way, you need to understand how it handles disk space, blocks, attributes, high level qualifier naming schemes and the list goes on.
In short anyone with a “For Dummies” Book and some common sense can administer a server, very few people with a whole stack of manuals and years of experience in normal IT can administer a mainframe, it is just that different.

If you are interested in learning more I have posted a few sites below with more information on mainframes as well a link to the IBM redbook repository online.

System Z – Z/OS – Mainframe specific books

Popular Redbooks – decent list of good red books

All Redbooks, System Z, Z/OS are trademarks of IBM Corporation and are linked here for information only, author claims no ownership or profit from these links whatsoever.

So, with Google’s recent release of their “Chrome OS” (CR-48) laptops to some 60,000 (supposed) lucky people, there’s been more and more buzz about the cloud on the Internet.

This laptop (reviewed by a colleague of mine on his blog here) is essentially a Linux OS which opens a Chrome browser up for you and that is pretty much it. This laptop is relying on you having connectivity to the cloud to work, well everyone knows that connectivity is not always possible, and without it, this machine is only useful as a doorstop and nothing more.  Granted there aren’t too many places out of reach of cell signals or some form of wireless, and those kinds of places are not what Google has intended them to exist in, but its still an important thing to note.

I can see where for some things, such as application hosting, development, the cloud just represents a more unified virtual private hosting situation, where your “application” or system is allowed to consume more or less resources at more or less cost to you. This unique flex room, makes the cloud appealing to many whose systems scale in resource usage vastly based on demand which may be seasonal or sporadic. (Amazons AWS cloud was first built to help them support the holiday rush on their website and sell off the extra computing power on the off seasons)

However, for the cloud services being used by normal users, it can be more of a privacy risk (*puts on tin-foil hat*). Take Google Apps for example, that data is not protected by any sort of laws, so if the government wants it (heaven knows why they would want to read your homework papers, etc) they can just call up Google and ask for the data, now granted Google might say no and require a subpoena there’s no reason they have to notify you immediately (see EFF here, this link is a little out of date, since the part about email has since changed, but the rest is still accurate) so then you get a letter days later saying “Surprise we took a copy of all your Google Docs and contacts since we thought you were up to no good *tsk tsk sounds*” and then what do you do?

Well you get the general idea… So why is there this push for doing everything in the cloud? You got me! What if you write all your term papers on the cloud, you stayed up all night typing it, its all saved and in the morning your Internet goes out, thanks <insert shady ISP name here> (assuming you can’t tether w/ your phone, we are assuming your not one of those techy people), now you might be able to print it at school.. assuming you aren’t already late for class, and on and on…

Maybe I am just old-fashioned (or paranoid, take your pick), I would always have a copy on my local system, and anything that goes into the cloud gets encrypted (or doesn’t stay very long), it doesn’t matter whether you have anything to hide or not, its just a matter of whether or not you truly want privacy, some people are indifferent, I am not one of those people, just my nature really.  So before you get too excited about your Chrome laptops and decide to use them for everything, remember where your data is going and who can see it.  *takes off tin-foil hat*

Cheers!

So by now chances are you have heard of Firesheep, the nifty little Firefox extension which allows you to grab session cookies over unencrypted wireless connections for sites like Amazon and Facebook etc…

But not to fear! Someone has come up with a counter-extension called Black Sheep (coincidentally having the same name as a hilarious (and gory) B-Movie from New Zealand, see IMDB) this extension, found here. Allows you to craft a fake cookie and throw it out over wifi (remember this is only a threat on unencrypted wifi) and if anyone is listening in with Firesheep it will detect this and alert you. You can find that here.

…Or you could just enable WPA/WPA2 on your wireless networks… seems simple enough right?  If for some reason you absolutely refuse to use encrypted wifi, another way to try an circumvent Firesheep users is to make sure you connect via HTTPS to these sites. You can get extensions for that from EFF (HTTPS-Everywhere) here and Sid Stamm(Force-TLS) here I would use both encryption and HTTPS/TLS, but I am also more paranoid than normal people

Anyway, just be wary of what wireless networks you connect to and understand that no matter where you go, you might be at risk, keep your eyes peeled or it might bite you later…

Thats all for now!

Here are some neat help documents from cyberciti.biz which I think could prove useful in certain situations.

Log rotation: I find this so important and I feel like it might be overlooked by some, but cutting your logs into smaller, organized pieces can speed up your system, instead of having to suck in a huge /var/log/messages or your httpd server, etc you can break them up by week and even month and zip up the older ones for easier back ups etc… anything is possible with the a good bash script/cron job and this neat tool, logrotate! See here

Copy that database: obviously if you are using mysql the best way to do this is a mysqldump and then run the dump as a script on the machine your putting the database onto, this article shows you how to simplify it by piping the dump output to an ssh session a remote machine, which helps for security, but having a VPN between them (if they are on separate networks) is always a good idea as well. See here

Credit to CyberCiti.biz since they host the original articles I have linked to here.

So I was curious how much ISPs are charging per gigabyte these days, so I did some digging. Here is what I found. My numbers won’t be 100% accurate, but I feel they provide a decent overview.

For this ISPs with no specified cap I will assume 250 GB (like that imposed by Comcast), so “no cap” ISPs numbers are generated based on a 250gb cap.

Cablevision (Optimum)  – Speed 15 mbs down, 2 up,  at roughly 40 dollars a month (any promotions excluded) that comes out to about .16 cents per GB, that to me seems pretty reasonable.

Comcast – Speed 15mpbs down and 3 up – 250 GB cap at roughly 45 dollars a month that comes out to 18 cents per GB, still, could be a lot worse.

Time Warner – Speed 15 mbps down and roughly 1 up, at 47 a month, that comes out to 18 cents per GB.

Verizon FiOS – 10-15mbps (yay uncertainty) down, no up mentioned (assume no better than 1) at 54.99 a month (huh?!) you get 22 cents a month. Now granted physics gets in the way of getting your bandwidth goodness, at that cost I certainly hope I am getting closer to that 10-15 megs than I get with the other above mentioned ISPs….

ATT DSL – up to 6mbps down and 768kbps up – no cap (assume 250gb) at 45 a month that comes out to 18 cents… that is a hard sell given they don’t offer the same speeds as their competitors.

Fronteir – 10 mbps down and probably no higher than 1 up – no cap (assume 250gb) that comes up 45 dollars a month which is 18 cents, compared to ATT, that is far more desirable as far as DSL speeds go for the price.

Granted I can’t mention every ISP (that would take more time than I really have to spend), I think this gives a decent overview of what ISPs on average are charging us per gigabyte. (Which is 18.33 cents per GB ny the way)

My question to them however is, is this really necessary? My current power supplier (an Iberdrola USA subcompany) charges me roughly 7 cents per kwh (delivery and supply costs).  Granted ISPs are not “generating” bandwidth, they are supplying it, but in a matter of speaking, they aren’t very distant from each other in terms of being service delivery companies, what is driving their costs up so much?

ISPs are claiming this is due to trying to cover “infrastructure improvement” costs, however if they are upgrading their infrastructure why have we yet to see these benefits?

Granted Some companies like Comcast and Cablevision are rolling out DOCSIS 3.0 (for a hefty price) but most have not yet… despite these “infrastructure improvements” are still touted as the reason.

Another decent article on this is seen here on ArsTechnica

So I just saw this article in the NY Times here

This is yet another example of the fossil fuels industries pervasive lack of preventative maintenance. This gas line supposedly has been in place since 1940… lets take a minute to asses this, this 30-inch pipe is now 70 years old… do you A. dig it up when residents smell gas and see if its cracking? or B. ignore them and hope it lasts another 70 years?  Apparently their answer was B and now theres a smoldering crater in that neighborhood… Granted this approach can be taken in technology too, but it never pans out.

In one job I had we had an ancient server (from the mid 90s) and it was now 2005 and basically we had rarely touched it because it was our main AD and exchange server (yes, yes i know, not a good idea, but that’s how they had done it before I was there) and surprise! it died and was unrecoverable (the hardware had cooked so our backup tapes were pretty much useless). After 2 straight days of our sysadmin struggling to get the data back (after much lost email and time) the system was restored on a new server, but the higher ups were not pleased…

The moral of both stories, check things at regular intervals and shorten the intervals as its aging and look into replacements, and always have a resilient backup plan, its worth the cost in the end. Regardless of what your statistics tell you, it is not wise to bet on “its a one in a million chance!”

Surprise surprise, the government didn’t want to deal with overhauling their Navy/Marine infrastructure, so they contracted out to a company which basically charged them out the ass for just about any kind of support, costs which I could never dream of pressing on my clients, because, quite frankly, they wouldn’t be my clients anymore, they’d go find someone else

But what strikes me is that after the first 5 years (and 4.1 billion + all the extra charges when things broke) that they renewed for another 5 (after HP bought the contractor) and now ANOTHER 5 years…. really?  Im not sure they will really be able to separate themselves from HP, they’ve been at it too long, without starting from scratch (without HPs help!), it might be more trouble than it is worth… we shall see!

Read some of the figures for yourself, I did really enjoy the sailors alternatives for the acronym for their intranet solution (NMCI, Navy Marine Corp Intranet) such as Never Mind Crash Imminent, hah!

See here on Wired

Semper Fi!

So for those of you who are die hard Mac fans, this must be good news.

Now I am not a “fanboy” of Apple, but I do like a lot of their products and can see why they have experienced a rise back into the limelight of computing.

While their ways of doing things aren’t exactly compatible with other software development philosophies (e.g. OSS), it is hard to argue that it isn’t getting good results and clearly AutoCAD agrees, since they feel Macs are now popular enough to justify bringing back their AutoCAD platform to the Mac.

Hopefully this will be a popular option for users of AutoCAD

See New York Times here

Happy CADing!

This tutorial was written by a former colleague of mine from Cisco, Simon, who is now working for a software company in Nashua, NH (Northwoods Software). He really knows his stuff when it comes to code, see his tutorial here: SimonSarris.com

Happy coding!

Sean

Being that I am in college, some classes require group participation *shudder*. I dread these awful assignments because I am usually lucky enough to be stuck with the lot who like to slide through life (yes, shocking it does continue when they leave college) with as little work as possible, since an exchange of group members, or hanging said members is usually not an option (only in certain countries ), I tend to just take the reigns and do most of the work, or be as helpful as possible to make sure it gets done, and done right.

According to this study, people hate that because it makes them look bad, as I read this I was a bit curious as to why we needed a study to prove this….but have a look for yourself here: Wired

Thats all for now