Category Archives: english

The night before Christmas, in a sysadmins shoes

Posted on by
Reply

Twas the night before Christmas, when all through the house
Not a creature was stirring, not even a mouse.
The data was all safe, protected with care,
In hopes that year-end bonuses soon would be there.

The servers were nestled all safe in their racks
Protected from malware and vile forms of hacks.
The data all encrypted, with a nice complex key,
Christmas OrnamentThe software came, of course, with a great big huge fee.

Policy was written, compliance was done,
That had all been the exact opposite of fun.
Systems were patched, and locked one and all,
The team had done well, and they had stood tall.

Their audit was done, validation complete.
Their systems all ready, documentation all neat.
They had made it through ‘nother holiday season,
And were ready to cruise, it all stood to reason.

When from intrusion detection arose such a clatter,
The Admin sprang from his browser, watching Lohan get fatter.
Away to the consoles, he flew in a dash,
Checking faults and tripwire, computing their hash.

The light from the flat screens just made the place glow
The Admin then cursed, it could not be so.
Systems were crashing, the network was down,
It seemed almost like he was ready to drown.

College was easy, he got As and Bs,
These attacks were relentless,from overseas.
They seemed to be everywhere, attacks all at once,
They made him feel just like a big dunce.

His training took over, he set a grim face,
He quietly looked forward, to his happy place.
Cutting off systems, segmenting them away,
He was rolling right now, no time to play.

The pager just beeped and phones they did ring,
Event responders the noise then did bring.
Another server was hit, and suddenly dropped
The Denial of Service attack was not stopped.

The admin felt helpless, and just needed a lift,
Like something from Claus, please one early gift.
When, what his wondering eyes they did spy,
An extra program running, and then he knew why.
That’s when he knew, he just knew, oh of course

This had all started with just one Trojan Horse.
Prolly came to a user through his e-mail,
Policy and training, to no avail.

He marched through the servers, saw them as bots
Chuckling now, thinking “that’s all you gots?”
Malware from servers, each one did he cull,
Sending them one at a time right to dev/null.

Now he was rolling, and almost chuckling with glee,
He looked up with dismay, what did he see?
The retail server was hit, and crashing, amok,
He SSHed in, but could only say “rats”.

He saw very quickly that they now had root,
And hoped that he would not get the boot.
As he sat back in his chair, and reached for a Dew,
He knew the primary site was all through.

He knew then and there it would be a long night,
So he switched everything to the failover site.
Laying his cursor on that one little app,
He clicked only once and prod1 took a nap.

He sprang for his phone, to his team gave a twitter,
Failover was done, and he had not been a quitter.
The net was a mess, the farm had been bought,
But in the end, it had not been for naught.

The systems had done for what they’d been built,
They’d been prodded and poked, and finally said “tilt”.
He was glad it had not been a resume generating event.
His last thought for the night was for the attackers to get bent

His relief came too little, and seemed way too late,
He had pulled eves alone, and faced his sole fate.
He briefed the next crew, with all he did know
And went outside, to fresh fallen snow.

He sprang to his Honda, and cranked up the tunes,
Wishing for beach, and wind tossed sand dunes
He said as he drove down the road to the night,
Merry Christmas to all, and to all a good-night.

Credits go to securityweek.com, via Tibi.

ITIL v3 Foundation

Posted on by
2

I just had my ITIL v3 Foundation certification yesterday and I passed with flying colors (YAY!). The Foundation exam is quite easy, basically, you just need to attend the training and go over the study materials thoroughly a couple of times.

ITIL v3 (IT Infrastructure Library) is accepted worldwide as the most effective and efficient framework for managing and controlling the quality and costs of delivering IT services and keeping them aligned with business needs and ever changing business direction.

While studying, I stumbled upon some learning aids created by Marco Cattaneo from Charles Sturt University, Australia. At first I was a bit reticent with them, but he manages to explain the concepts fairly well and proved to be of invaluable assistance to me considering I did not attend the ITIL v3 Foundation training.

Below, you can find a list with some of the movies he uploaded on Youtube, for the Foundation certification:

1st Module

  1. Introduction to IT Management
  2. ITIL v3 – Good practices
  3. ITIL v3 – Service
  4. ITIL v3 – Service management
  5. ITIL v3 – Function and processes
  6. ITIL v3 - Processes and theirs characterestics

2nd Module

  1. ITIL v3 - Service lifecycle model
  2. ITIL v3 – Service Strategy
  3. ITIL v3 – Service Design
  4. ITIL v3 – Service Design II
  5. ITIL v3 – Service Transition
  6. ITIL v3 – Service Transition II
  7. ITIL v3 – Service Operation
  8. ITIL v3 – Service Operation II
  9. ITIL v3 – Continual Service Improvement

3rd Module

  1. ITIL v3 – Utility and warranty
  2. ITIL v3 – Assets, resources and capabilities
  3. ITIL v3 – Service portfolio
  4. ITIL v3 – Service catalog
  5. ITIL v3 – IT Governance
  6. ITIL v3 – Business case
  7. ITIL v3 – Risk
  8. ITIL v3 – Service provider
  9. ITIL v3 – Supplier
  10. ITIL v3 – Sercive Level Agreement – SLA
  11. ITIL v3 – Operational Level Agreement – OLA
  12. ITIL v3 – Underpinng Contract – UC
  13. ITIL v3 – Service Design Package – SDP
  14. ITIL v3 – Availability
  15. ITIL v3 – Service Knowledge Management System – SKMS
  16. ITIL v3 – Configuation Item
  17. ITIL v3 – Configuration Management System – CMS
  18. ITIL v3 – Definitive Media Library – DML
  19. ITIL v3 – Service change
  20. ITIL v3 – Change categories
  21. ITIL v3 – Release unit
  22. ITIL v3 – 7 Rs of change management
  23. ITIL v3 – Event
  24. ITIL v3 – Alert
  25. ITIL v3 – Incident
  26. ITIL v3 – Impact, urgency and priority
  27. ITIL v3 – Service Request
  28. ITIL v3 – Problem
  29. ITIL v3 – Workaround
  30. ITIL v3 – Known Error – KE
  31. ITIL v3 – Known Error Database – KEDB
  32. ITIL v3 – Communication
  33. ITIL v3- Service Assets
  34. ITIL v3 – Release policy

4th Module

  1. ITIL v3 – Value creation through Services
  2. ITIL v3 – 4 Ps of IT Service Management
  3. ITIL v3 – The 5 Service Design Aspects
  4. ITIL v3 – Deming’s cycle – PDCA
  5. ITIL v3 – Continual Service Improvement Model

Good luck with your studies!

[Howto] Fix Download Unsuccessful on the Android Market

Posted on by
4

Sometime ago I decided I wanted to switch to an Android Powered smartphone. I started looking around, weighing the offers on the market, device prices, subscription prices and so on, and I finally decided on a Samsung Galaxy S which is definitely brilliant!It has

Of course it has a few glitches, the Android system is not yet as strong as the iPhone  system, but it’s getting there in a quick pace.

One of these glitches I stumbled upon, and finally got a nice resolution to, was trying to install applications from the Android Market, and getting an “Download Unsuccessful” error. I spent quite some time on different forums and mailing lists trying to fix the dreadful error which at first I thought it was Samsung related, but it’s actually an Android Market bug, and it is solvable with just a few taps. You don’t need to do a factory reset, or re-install your firmware.

You need to go on your phone under Settings,  go to Applications, tap on Manage application, from the menu select Filter all, and all your applications will be listed nicely.

You need to clear data* for the following applications:

  • Checkin service
  • Download manager
  • Google apps
  • Google talk service

    And you need to clear cache* for:

    • Market

      *) If the “clear data” or “clear cache” buttons are grayed out, no need to worry, there just isn’t any data to clear. Also, make sure you do not clear the data from your market application.

      Have fun with your Android powered phone, I’m still extremely fond of it, and still treat it as a new toy even after almost two months.

      Plesk Bandwidth reporting error

      Posted on by
      2

      I managed to bump my head into this situation a few times, and I think some of you have too, or will in the future.

      The DomainsTraffic table in the Plesk psa database gets a weird value, usually quite huge, and the traffic stats for a certain domain will skyrocket overnight from values of a couple hundred MB’s usually to several GB’s. Domains get suspended, customers get pissed and the “techies”  got work to do.

      It’s actually easy to find the problem and fix it:

      Log into your Plesk server as root, enter mysql and find the domain in question using the psa database:

      [root@nl-ams-sp1 ~]# mysql -uadmin -p`cat /etc/psa/.psa.shadow`
      mysql> use psa;
      mysql> select * from domains where name = "wirelessisfun.com";

      Find the day where the records got corrupted and are causing the erroneous report:

      mysql> select dom_id,date,http_in,http_out from DomainsTraffic where dom_id =(select id from domains where name = "wirelessisfun.com");

      This will output quite some data, but the culprit line will be really obvious:

      +——–+————+———+————–+
      | dom_id | date | http_in | http_out |
      +——–+————+———+————–+
      [snip]
      | 316 | 2010-08-02 | 0 | 472399336 |
      | 316 | 2010-08-03 | 0 | 491239251 |
      | 316 | 2010-08-04 | 0 | 470982351 |
      | 316 | 2010-08-05 | 0 | 470829065 |
      | 316 | 2010-08-06 | 0 | 493939844 |
      | 316 | 2010-08-07 | 0 | 454701317 |
      | 316 | 2010-08-08 | 0 | 100221521161 |
      | 316 | 2010-08-09 | 0 | 144318797 |
      +——–+————+———+————–+

      Now, that you know the corrupted line, just update the http_out value with something similar to the days before, I used the exact value as the previous day.
      Make sure you replace “wirelessisfun.com” with the actual domain name, and the date value with the date in question:

      mysql> update DomainsTraffic set http_out = "454701317" where dom_id =(select id from domains where name = "wirelessisfun.com") AND date = "2010-08-08";

      The MySQL output should be something like:

      Query OK, 1 row affected (0.03 sec)
      Rows matched: 1 Changed: 1 Warnings: 0

      Now that the record for the domain traffic has been fixed, you can wait for the statistics script to run during the night, and the clients traffic will be updated automatically, or you can simply re-run the statistics for that domain from your bash prompt like this:

      [root@nl-ams-sp1 ~]# /usr/local/psa/admin/sbin/statistics --calculate-one --domain-name=wirelessisfun.com

      Simple enough, right? Use the above tip at your own risk, it worked for me everytime.

      [TUTORIAL] VI / VIM

      Posted on by
      2

      A very powerful tool for text manipulation under *nix systems is VI [Short for Visual]. I started using some 5 years ago, and it rapidly became my favorite text editor of choice under linux/unix and I use it on the windows platform too as gVim.

      I’m not going to start explaining its power, I just want to share a VI cheat-sheet I found a few months back when I was working for Faculte.

      The first image is the entire Cheat Sheet, and the rest are the training sheets for different actions you want to perform while text editing. So? How do you like it?

      96 more bits, no magic. IPv6

      Posted on by
      2

      I stumbled on to an IPv4 depletion counter a few weeks ago, and that reminded me of the problem we are going to face in a couple of years. The crippling of the internet as we know it. Lack of IPv4 space will break a lot of stuff, starting from you watching HBO online, you getting your email delivered, your comics, and your Viagra spam mails. Even if not getting the Viagra spam mails is a good thing, we will still face a lot of hard time, ahead. That I can promise you!

      Big players don’t have any interest in training their people to handle IPv6, or to handle dual stacking, they are not building their gadgets to support IPv6 yet, because it’s still far far away, but their costs will jump from a normal normal curve to a very steep one just because they did not plan ahead.

      It’s only 96 more bits, it’s not magic, but someone has to know how to do it. If you have no clue about what I just said here, watch the interview below and ask your system administrator about it. If you are the system administrator, watch the interview below, start asking for funds and time to work on it but most important start dual stacking. Slowly, gently, get your experience with IPv6 otherwise you’re gonna pay the big bucks in the end.

      Randy Bush on IPv6 Deployment

      IPv6 provides enough addresses to allow the Internet to continue to expand and the industry to innovate. It is not, however, directly compatible with IPv4, meaning that a device connected via IPv4 cannot communicate directly with a device connected using IPv6.

      Deploying IPv6 on a global scale is vital to the Internet industry, but it requires pro-active steps on the part of industry players: technology must be upgraded, staff trained, business plans developed. Uptake to date has been relatively slow, but this is now changing, and businesses need to be aware of the need to adopt IPv6. To ignore IPv6 is to risk your medium to long term business viability.

      Ripe NCC built a website with a lot of starting points for deploying IPv6 at http://www.ipv6actnow.org I suggest you take a look at it, watch the interviews and start preparing.

      What is IPv4?

      What is IPv6?

      Oh SMF – What Happened To You?

      Posted on by
      Reply

      smfFriday the 22nd Douglas “The Bear” Hazard sent a mass message trying to get out the word about some disturbing facts about SMF [Simple Machines Forum] an open source forum software that started sometime ago. I will not go into details here, because they have a full explanation of what happened here.

      If you ever used SMF, take the time to read the article and try to help these guys spread the word out because one good piece of software is on the brink of extinction right about now.

      If you never used SMF, but you are using a forum software that does not meet all your expectations, SMF is for you, but first, read the article, and help the community develop the software further.

      Thanks!

      History of medicine

      Posted on by
      1

      Via Amec, zie “maghiarian” freunden, we have a nice joke today about the history of our medicine.

      “I have a sore throat.”

      2000 BC : “Eat this root”
      1200 AD : “That root is heathen, say this prayer.”
      1500 AD : “That prayer is superstition, drink this elixir.”
      1800 AD : “That elixir is snake oil, Take this pill.”
      1900 AD : “That pill is ineffective, Take this antibiotic.”
      2000 AD : “That antibiotic is artificial, Here why don’t you eat this root.”