System Administration

GoDaddy, SSL, and $13

by

A GoDaddy representative left a comment on the post about ipsCA, saying: GoDaddy.com is happy to help ipsCA customers that have found themselves in a jam. For a limited time, our Standard SSLs are $12.99 with code sslqyh1w. Call 480-505-8877 or order online at http://bit.ly/91M3NV I’m not usually the kind of person to parrot an ad, especially one left on my site, but it’s actually a decent deal if you want a new, real SSL cert. Admittedly it’s not for their advanced certificates, but if you have a couple of ipsCA certs to replace it might work out just fine. Personally, I’ve been quite happy with GoDaddy as a domain registrar.

ipsCA: Getting What You Pay For

by

So the SSL certification authority (CA) ipsCA is frantically sending out email because their root CA certificate will expire on 12/29/2009, and every customer of theirs needs to get a new certificate. This is a problem for my organization, because, being an educational institution we were able to get no-cost[0] SSL certs from them. Because they were no-cost we have a lot of these certificates for test & development systems, and are now scrambling to find what will break on December 29th. Once we find all the certificates there’s another complicating factor. We could just renew the certificates again, but the new ipsCA root certificate is not shipping as part of any browsers except Internet Explorer 8 (the next Firefox …

Read More

It Belongs To Everybody

by

You think that server in our data center is yours? The CIO paid for it. The logistics & purchasing team ordered it. The data center team installed it. The system administration team configured it and patch it. You installed the application on it. The monitoring guys watch it. The security team scans it. I think it’s safe to say it belongs to the whole organization, not you.

Linux Virtual Machine Tuning Guide Now Available

by

It’s been a while in the making, but I finally started consolidating all my Linux VM tuning notes into a single document for all to read: Linux Virtual Machine Tuning Guide. Please take a look at it, and if there are corrections or additions to be made let me know. I know there is a lot to be done with network stack tuning, which will be added to a future revision when I get my notes sorted out.

Torturing Your Users

by

“Hey Bob, you do desktop support, right?” “Well, not much anymore, but what’s up? I can probably help, or ask someone.” “I’m getting accused of hacking my work computer because I changed the desktop background.” <stunned pause> “Hacking? You’re serious?” I have some personal experience with stuff like this, getting accused of hacking a network because I knew how to use the Novell “attach” command. Scandalous, I know. “Yeah. I set it to one of your photos, actually. Our IT morons are claiming I had to break in and change some security setting on the computer to do it. I just right-clicked and picked ‘Set as Desktop Background.’” “Um, okay. Well, if these are the same guys you told me …

Read More

Ninite

by

If you haven’t checked out Ninite, by all means go do it. All those Windows 7 machine rebuilds in your future just got a whole bunch easier. Installers like these require a certain level of trust, though, and history has shown that eventually they will bow to pressures to make it less simple, show ads, or even start silently installing toolbars and other spyware. Here’s hoping that the folks at Secure By Design can resist those things and keep it as easy to use and useful as it is right now.

Disabling Hybrid Hard Disks in Windows 7

by

My Dell Latitude D830 shipped with a 120 GB “hybrid” hard disk, in my case a Seagate Momentus 5400 PSD. These disks integrated 256 MB of flash memory on them to help the OS spin down the drive and speed certain operations through the use of ReadyDrive on Vista and Windows 7. In practice, this setup works terribly. Disk I/O slows to a crawl as everything is funneled through the ReadyDrive cache, and everything on the machine suffers. For a guy like me that does a lot of photo editing on my laptop this has to end. To disable the hybrid hard disk modes on Microsoft Windows Vista and Windows 7 do this: Start->Run, and run “gpedit.msc” Computer Configuration -> …

Read More

Security vs. Usability

by

It’s always a trade-off.  Anybody who says otherwise is selling you something or clueless. Also see: scissors. (compliments to my friend Steve Tanner for whipping up a slider in Visual Studio 2008)

Underpromise & Overdeliver

by

Everything Sysadmin has an interesting post that ends up talking about the whole “underpromise and overdeliver” strategy. I’ve always had a rocky relationship with that strategy, mainly because I really think people just need to stop acting like they’re heroes on Star Trek and get better at time estimation. Certainly when there’s doubt about how long something will take it’s better to overestimate, because that way the promises your customers made to their customers, coworkers, or boss aren’t lies because of you. It also helps to give yourself a little breathing room, so that if something urgent comes up you can deal with that and still deliver. The trick is just not to overdo it. People aren’t dumb, and consistent …

Read More

VMware & Linux Hot-Add Disks

by

Did you know you can add new virtual hard disks to a running Linux VMware VM, and they can be visible to the OS without a reboot? First, add a new hard disk the way you’d normally do it (Edit Settings -> etc.). Add it to the existing virtual SCSI adapter (don’t create a new one). Then, use a script like Kurt Garloff’s rescan-scsi-bus.sh to pick up the new device. If you’re using the Linux Logical Volume Manager you can partition the new device, run pvcreate, add it to a volume group, and grow a filesystem with ext2online/resize2fs (RHEL 4/5), all without the end users noticing. Just don’t forget to align the partitions on the new device before you use …

Read More

+ More Posts +