From david at catwhisker.org Sun Dec 2 07:14:13 2001 From: david at catwhisker.org (David Wolfskill) Date: Sun, 2 Dec 2001 07:14:13 -0800 (PST) Subject: Thoughts & questions about responsibility for network traffic Message-ID: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> As those who have seen some of my ramblings & rants regarding email & spam may recall, I tend to be borderline fascist (phrased charitably) with respect to tolerance of obvious intent to abuse services such as email. And when I try to report spam to postmaster@ a domain in question, I tend to react rather negatively if said mail bounces. Indeed, I read RFCs 822 & 2821 to indicate that failure to accept such mail (with rare exceptions granted in the more recent 2821) is a violation of the specification (as well as intent) of the RFCs in question. In such a situation, when it has been clearly demonstrated to me that no one is acting as being responsible for the email that emanates from the domain, I tend to place an entry in sendmail's access.db, rejecting any attempt from any machine in the domain to connect to the SMTP server I control, with a message such as 550 You need a postmaster to send mail (Yes, there are problems with this approach: primarily, it does not provide a way for a site that has "seen the light" to redeem itself automatically. On the other hand, I also set up postmaster@ the domains served by the SMTP server in question as accepting mail from anyone, with a delay-check specification, so they shouldl be able to send mail to postmaster@ to mention that they've fixed the problem. Of course, that only addresses technical issues; human pride tends to be a casualty in such an approach.) I've carried this approach a bit further in a couple of ways: the first isn't directly applicable to the questions that come later, but ought to be relevant for folks who subscribe to baylisa-jobs; the second starts down what some folks make consider a "slippery slope," and things get a little more interesting around there. That baylisa-jobs application of the above is reasonably straightforward: When someone tries to post to baylisa-jobs with obviously proscribed content (typically, "here is our hotlist of available consultants" or some such), I used to send a (reasonably) polite message back saying something to the effect that "this isn't appropriate content for baylisa-jobs; please read http://www.baylisa.org/lists for more information on what is and is not appropruate for baylisa-jobs." And I after failiing to get a single response that indicated a glimmer of comprehension (over a period of a few months), I gave up, and decided that the computer could do the job at least as effectively (and with less hassle on my part). Accordingly, I started placing entries in the access.db for baylisa.org -- usually for the entire domain, but sometimes just for specific users -- so that mail from the domain (or user) and destined for @baylisa.org would be rejected with the message: 550 Read http://www.baylisa.org/lists and send apology to postmaster at baylisa.org I did get one person who responded to that one (and we worked out the problem); the far more general case is that the individuals in question persist in blindly trying to spam baylisa-jobs at baylisa.org, never (apparently) caring that not only is their spam not being received here (baylisa.org), but it's choking whatever system they are using to try to inject the spam into the Internet. At least it's no longer a baylisa.org problem at that point. :-} Now we start in the direction of a slippery slope: when I report spam, it is the case more often that not that one or more Web sites will be "spamvertised". Accordingly, I make an attempt to also report the abuse in question to abuse@ the domain of the Web server, as well as the listed contact(s) for the netblock in question (obtained via WHOIS query). Now, I realize that keeping WHOIS contact information current is often not a high priority in many organizations. On the other hand, I'm sufficiently old-fashioned that I think that the concept of "responsibility" is, and ought to be, still relevant to what happens on the Internet (and elesewhere, but I digress). Accordingly, if I cannot contact any contact for a given netblock (or if the infamous "[no mailbox]" is listed for the contact), and I can't determine a "parent netblock" with valid contact information, I also place the netblock in sendmail's access.db, blocking further attempts to send email from the netblock in question to the SMTP server(s) I control. Of course, in these cases, the folks don't really care about SMTP traffic; they do HTTP{,S}.... And I've thought about blocking HTTP{,S} traffic to their netblocks from mine, but have yet to implement it (well, mostly). Mind you, these aren't things I do especially lightly: the purpose of the Internet is to foster communication. It is *not*, however, to foster abuse. Which brings me to something related to all of this.... A while back, there was a vulnerability found with the SSH-1 protocol, and an exploit for a weakness in (as I recall) the CRC-32 calculations was unleashed. More recently, I've seen some traffic (on FreeBSD-related lists) about a purported "weakness" in SSH; some traffic suggests that it's merely a revisiting of the old weakness, while other traffic suggests something else (but unspecified). Meanwhile, I get the summaries of denied traffic not only from my own home firewall, but from my mother's. And when I see patterns of attempts, that arouses some awareness. For example: Dec 1 01:09:16 janus /kernel: ipfw: 20000 Deny TCP 64.45.27.101:22 63.193.123.122:22 in via dc0 Dec 1 01:09:42 ns /kernel: ipfw: 3000 Deny TCP 64.45.27.101:22 63.195.89.198:22 in via ed0 Dec 1 01:23:57 janus /kernel: ipfw: 20000 Deny TCP 64.45.60.83:22 63.193.123.122:22 in via dc0 Dec 1 01:24:43 ns /kernel: ipfw: 3000 Deny TCP 64.45.60.83:22 63.195.89.198:22 in via ed0 Dec 1 11:30:21 janus /kernel: ipfw: 20000 Deny TCP 213.15.136.51:22 63.193.123.122:22 in via dc0 Dec 1 11:31:01 ns /kernel: ipfw: 3000 Deny TCP 213.15.136.51:22 63.195.89.198:22 in via ed0 ("janus" is my firewall; "ns" is my mother's. Each is on Pac*Bell residential DSL, with a grandfathered static IP address.) The first 4 entries were all from the same netblock (2 addresses). Yesterday, I sent a message to the listed WHOIS contact for that netblock, explaining that I had no reason to believe that any harm had come of this, but on the other hand, there was no legitimate reason for the attempt, either, and it was quite unwelcome. I further mentioned that the attempt may indicate that one or more systems on the netblock were compromised. I received a bounce-o-gram for my efforts. This morning, I sent a message off to the listed WHOIS (RIPE) contact for the 3rd pair of probes, with similar content. I (also) received a bounce-o-gram in response to that message. So at this point, I'm wondering if it might be appropriate to consider blocking access from the netblocks in question -- not just to the SMTP server, but at the firewall, with an ICMP "administratively prohibited" response. It may reasonably be considered that this is a rather extreme response; on the other hand, I believe that we need a bit more responsibility in the Internet. Also, there is certainly no "one size fits all" response for this: what is acceptable for the personal networks in question may well be inappropriate for certain other networks... or so I would expect. So I suppose the question turns out to be "under what circumstances would blocking all traffic from a given netblock be appropriate?" For some folks, I expect that the answer would be "Never! The very thought is anathema!" and for others, responses are more likely varied. So I'm interested in what my colleagues think about this. Cheers, david (resume at http://www.catwhisker.org/~david/resume.ps) -- David H. Wolfskill david at catwhisker.org As a computing professional, I believe it would be unethical for me to advise, recommend, or support the use (save possibly for personal amusement) of any product that is or depends on any Microsoft product. From dredd at megacity.org Sun Dec 2 08:47:34 2001 From: dredd at megacity.org (Derek J. Balling) Date: Sun, 2 Dec 2001 08:47:34 -0800 Subject: Thoughts & questions about responsibility for network traffic In-Reply-To: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> References: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> Message-ID: David, At the risk of pushing my own drugs.... Check out http://www.rfc-ignorant.org/ We take the burden off your shoulders on that front. A unified source for domains that don't support: abuse@ postmaster@ Bad WHOIS contacts reject mail from <> or IP networks with bad WHOIS contacts. In other words, just about everything you're on about, ... well, so are we. ;-) and since is listed as a "SPAMFRIEND" (sigh), it'll accept messages from the folks who are listed, so that they can get removed. Also includes the necessary modified versions of dnsbl.m4 (to do hostname-based checks versus the connecting-host), and a new rhsbl.m4 (to do hostname-based checks against the envelope-sender's-RHS). (there's also info for users of other MTA's, but I know nothing about them and make no guarantees. ;-) Submitted for the commentary of the esteemed comrades, since we're on this topic... D -- +---------------------+-----------------------------------------+ | dredd at megacity.org | "Thou art the ruins of the noblest man | | Derek J. Balling | That ever lived in the tide of times. | | | Woe to the hand that shed this costly | | | blood" - Julius Caesar Act 3, Scene 1 | +---------------------+-----------------------------------------+ From claw at kanga.nu Sun Dec 2 09:31:44 2001 From: claw at kanga.nu (J C Lawrence) Date: Sun, 02 Dec 2001 09:31:44 -0800 Subject: Thoughts & questions about responsibility for network traffic In-Reply-To: Message from David Wolfskill of "Sun, 02 Dec 2001 07:14:13 PST." <200112021514.fB2FEDR01688@bunrab.catwhisker.org> References: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> Message-ID: <13043.1007314304@kanga.nu> On Sun, 2 Dec 2001 07:14:13 -0800 (PST) David Wolfskill wrote: > And when I try to report spam to postmaster@ a domain in question, > I tend to react rather negatively if said mail bounces. Indeed, I > read RFCs 822 & 2821 to indicate that failure to accept such mail > (with rare exceptions granted in the more recent 2821) is a > violation of the specification (as well as intent) of the RFCs in > question. In such a situation, when it has been clearly > demonstrated to me that no one is acting as being responsible for > the email that emanates from the domain, I tend to place an entry > in sendmail's access.db, rejecting any attempt from any machine in > the domain to connect to the SMTP server I control, with a message > such as > 550 You need a postmaster to send mail Instead, you may want to simply configure your MTA to use rfc-ignorant.org's services to save you the time. > So at this point, I'm wondering if it might be appropriate to > consider blocking access from the netblocks in question -- not > just to the SMTP server, but at the firewall, with an ICMP > "administratively prohibited" response. It may reasonably be > considered that this is a rather extreme response; on the other > hand, I believe that we need a bit more responsibility in the > Internet. I do something similar to this (tho via Portsentry), and null route traffic from the IP for a .. The advantage is that its now an automated system and the null routes are added and removed without my express attention. The disadvantage is that it spams the hell out of my logs and I never do check WHOIS etc. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From rick at linuxmafia.com Sun Dec 2 15:29:17 2001 From: rick at linuxmafia.com (Rick Moen) Date: Sun, 2 Dec 2001 15:29:17 -0800 Subject: Thoughts & questions about responsibility for network traffic In-Reply-To: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> References: <200112021514.fB2FEDR01688@bunrab.catwhisker.org> Message-ID: <20011202152917.Y8291@linuxmafia.com> begin David Wolfskill quotation: > As those who have seen some of my ramblings & rants regarding email & > spam may recall, I tend to be borderline fascist (phrased charitably) > with respect to tolerance of obvious intent to abuse services such as > email. You say that as if it might be A Bad Thing. When I allude to jackboot-enabling technologies like Derek J. Balling's http://www.rfc-ignorant.org/ and your methods, it tends to be with a heartfelt sense of admiration and fellow-feeling. [examples of apparent port-scanning for ssh vulnerabilities] > The first 4 entries were all from the same netblock (2 addresses). > Yesterday, I sent a message to the listed WHOIS contact for that > netblock, explaining that I had no reason to believe that any harm had > come of this, but on the other hand, there was no legitimate reason for > the attempt, either, and it was quite unwelcome. I further mentioned > that the attempt may indicate that one or more systems on the netblock > were compromised. > > I received a bounce-o-gram for my efforts. > > This morning, I sent a message off to the listed WHOIS (RIPE) contact > for the 3rd pair of probes, with similar content. I (also) received a > bounce-o-gram in response to that message. I hear your point. Port-scanning of all sorts is so incredibly ubiquitous that trying to chase it down seems like a herculean task, but having valid WHOIS contact info seems like a minimal requirement for netblock ownership. > So at this point, I'm wondering if it might be appropriate to consider > blocking access from the netblocks in question -- not just to the SMTP > server, but at the firewall, with an ICMP "administratively prohibited" > response. It may reasonably be considered that this is a rather extreme > response; on the other hand, I believe that we need a bit more > responsibility in the Internet. Here's one way to try to analyse the matter: Hypothetically, suppose someone else in my netblock (a non-portable block owned by Tsoft, Inc. of Berkeley) did some bits of nastiness to your machines, you tried to write the netblock's "coordinator" e-mail address, got bounced, and blocked my netblock in your firewall. Not knowing this, I try to connect to some service you offer on your box, and the connection fails. Will I be able to figure out why? If I happen to try ping, I get: ICMP Destination Unreachable (Communication Administratively Prohibited) 198.144.195.18 6 -> [number] Maybe I have to look that up in RFC 1812, maybe not. I might not be enterprising enough to dig out ping and remember what the diagnostic means; maybe the failed SMTP delivery, HTTP connection, etc. looks to me just like a down server, and I don't investigate further. If I _do_ figure it out, I probably write to postmaster@[ip], hear your explanation, and light a fire under Tsoft and/or change bandwidth providers. But I'll bet few users will go that far. Is this a problem for the affected users? Possibly. For you? Well, that's entirely a matter of perspective and opinion. My point is that, if you're envisioning this as one of the building blocks of retrofitting needed consequences into the modern Internet -- fixing responsibility back where it belongs -- the feedback mechanism may not work very well. - Cheers, "Learning Java has been a slow and tortuous process for me. Every Rick Moen few minutes, I start screaming 'No, you fools!' and have to go rick at linuxmafia.com read something from _Structure and Interpretation of Computer Programs_ to de-stress." -- The Cube, www.forum3000.org From david at catwhisker.org Sun Dec 2 16:31:13 2001 From: david at catwhisker.org (David Wolfskill) Date: Sun, 2 Dec 2001 16:31:13 -0800 (PST) Subject: Thoughts & questions about responsibility for network traffic In-Reply-To: <20011202152917.Y8291@linuxmafia.com> Message-ID: <200112030031.fB30VDg27337@bunrab.catwhisker.org> >Date: Sun, 2 Dec 2001 15:29:17 -0800 >From: Rick Moen >You say that as if it might be A Bad Thing. When I allude to >jackboot-enabling technologies like Derek J. Balling's >http://www.rfc-ignorant.org/ and your methods, it tends to be with a >heartfelt sense of admiration and fellow-feeling. Thanks, but it was phrased in acknowledgement that not all may share the opinion. :-) >... >I hear your point. Port-scanning of all sorts is so incredibly >ubiquitous that trying to chase it down seems like a herculean task, >but having valid WHOIS contact info seems like a minimal requirement for >netblock ownership. That's one way to express my opinion on the matter. >...[example...] >Is this a problem for the affected users? Possibly. For you? Well, >that's entirely a matter of perspective and opinion. My point is that, >if you're envisioning this as one of the building blocks of retrofitting >needed consequences into the modern Internet -- fixing responsibility >back where it belongs -- the feedback mechanism may not work very well. True, it may not. But is there anything (else) that has a hope of working better? For all concerned? Thanks, david -- David H. Wolfskill david at catwhisker.org As a computing professional, I believe it would be unethical for me to advise, recommend, or support the use (save possibly for personal amusement) of any product that is or depends on any Microsoft product. From Kristyn.Greenwood at oracle.com Mon Dec 10 12:40:03 2001 From: Kristyn.Greenwood at oracle.com (Kristyn Greenwood) Date: Mon, 10 Dec 2001 12:40:03 -0800 Subject: Opportunity for Usability Evaluation Message-ID: <3C151DA3.2060708@oracle.com> Hello, We have an opportunity that we think members of BayLisa would be interested in. We will be conducting some usability evaluations of a web server product over the next couple of months and are looking for individuals with web administration experience to provide feedback on the product. The first usability evaluation will take place between in January. Each individual evaluation session will take about 4 hours. To thankyou for your participation you would receive a number of AMEX gift checks(like travelers cheques). If you meet the criteria listed at the end ofthis email and you think you might be interested in participating, pleaserespond to this email with the following information. Your name: Your job title: Your daytime phone number: We will then call you to determine whether you fit the user profile required for this study. The minimum criteria for participation are: * Recently employed as a System Administrator or Database Administrator with at least 2 years of experience * Experience supporting a web site * Bachelor's degree or greater * Experience working with Solaris at least 1 year * Previous Experience working with Web Servers & Application Servers (BEA, Websphere, Netscape Server, JBoss, etc...) Thanks for your interest, Kristyn Greenwood Principal Usability Engineer Oracle Corporation kristyn.greenwood at oracle.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From nicole at webweaver.net Mon Dec 10 15:29:08 2001 From: nicole at webweaver.net (Nicole Harrington) Date: Mon, 10 Dec 2001 15:29:08 -0800 (PST) Subject: Opportunity for Usability Evaluation In-Reply-To: <3C151DA3.2060708@oracle.com> Message-ID: So.. Sys Admins without at least a bachlors degree are to stupid to eval the product? So they want to make sure "well educated" people can use their product but not those who have many years of experience but no 4 year degree? So is the less educated product testing to come later? Anyone else see a problem here? > The minimum criteria for participation are: > * Bachelor's degree or greater Nicole On 10-Dec-01 Kristyn Greenwood wrote: > Hello, We have an opportunity that we think members of BayLisa would be > interested in. We will be conducting some usability evaluations of a > web server product over the next couple of months and are looking for > individuals with web administration experience to provide feedback on > the product. > > The first usability evaluation will take place between in January. Each > individual evaluation session will take about 4 hours. To thankyou for > your participation you would receive a number of AMEX gift checks(like > travelers cheques). If you meet the criteria listed at the end ofthis > email and you think you might be interested in participating, > pleaserespond to this email with the following information. > > Your name: > Your job title: > Your daytime phone number: > > We will then call you to determine whether you fit the user profile > required for this study. > > The minimum criteria for participation are: > > * Recently employed as a System Administrator or Database > Administrator with at least 2 years of experience > * Experience supporting a web site > * Bachelor's degree or greater > * Experience working with Solaris at least 1 year > * Previous Experience working with Web Servers & Application Servers > (BEA, Websphere, Netscape Server, JBoss, etc...) > > Thanks for your interest, > > Kristyn Greenwood > Principal Usability Engineer > Oracle Corporation > kristyn.greenwood at oracle.com > ******* |\ __ /| (`\ ******* * * | o_o |__ ) ) * * * * // \\ * * * Nicole Harrington | AKA Hodge Podge * ----------------------(((---(((-------------------------------- HomePage http://www.unixgirl.com/ DangerMouse Site  http://www.dangermouse.org/ Photography Site http://www.deviantimages.com/ ** Being Silent - Is Agreeing ** -- We are the music makers, and we are the dreamers of the dreams. --Willy Wonka, Willy Wonka and the Chocolate Factory. ---------------------------------------------------------------- From ulf at Alameda.net Mon Dec 10 16:56:56 2001 From: ulf at Alameda.net (Ulf Zimmermann) Date: Mon, 10 Dec 2001 16:56:56 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: ; from nicole@webweaver.net on Mon, Dec 10, 2001 at 03:29:08PM -0800 References: <3C151DA3.2060708@oracle.com> Message-ID: <20011210165656.U76137@seven.alameda.net> On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > > So.. Sys Admins without at least a bachlors degree are to stupid to eval the > product? So they want to make sure "well educated" people can use their > product but not those who have many years of experience but no 4 year degree? > So is the less educated product testing to come later? > > Anyone else see a problem here? > > > The minimum criteria for participation are: > > * Bachelor's degree or greater Yes, I do. I am also wondering why they have no listed Apache in the list of webservers, considering that is still by far the highest ranking server on http://www.netcraft.co.uk/survey/ > > > > Nicole > > > > On 10-Dec-01 Kristyn Greenwood wrote: > > Hello, We have an opportunity that we think members of BayLisa would be > > interested in. We will be conducting some usability evaluations of a > > web server product over the next couple of months and are looking for > > individuals with web administration experience to provide feedback on > > the product. > > > > The first usability evaluation will take place between in January. Each > > individual evaluation session will take about 4 hours. To thankyou for > > your participation you would receive a number of AMEX gift checks(like > > travelers cheques). If you meet the criteria listed at the end ofthis > > email and you think you might be interested in participating, > > pleaserespond to this email with the following information. > > > > Your name: > > Your job title: > > Your daytime phone number: > > > > We will then call you to determine whether you fit the user profile > > required for this study. > > > > The minimum criteria for participation are: > > > > * Recently employed as a System Administrator or Database > > Administrator with at least 2 years of experience > > * Experience supporting a web site > > * Bachelor's degree or greater > > * Experience working with Solaris at least 1 year > > * Previous Experience working with Web Servers & Application Servers > > (BEA, Websphere, Netscape Server, JBoss, etc...) > > > > Thanks for your interest, > > > > Kristyn Greenwood > > Principal Usability Engineer > > Oracle Corporation > > kristyn.greenwood at oracle.com > > > > > ******* |\ __ /| (`\ ******* > * * | o_o |__ ) ) * * > * * // \\ * * > * Nicole Harrington | AKA Hodge Podge * > ----------------------(((---(((-------------------------------- > HomePage http://www.unixgirl.com/ > DangerMouse Site  http://www.dangermouse.org/ > Photography Site http://www.deviantimages.com/ > > ** Being Silent - Is Agreeing ** > -- > We are the music makers, and we are the dreamers of the dreams. > --Willy Wonka, Willy Wonka and the Chocolate Factory. > > ---------------------------------------------------------------- > > -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 From jxh at jxh.com Mon Dec 10 17:20:32 2001 From: jxh at jxh.com (Jim Hickstein) Date: Mon, 10 Dec 2001 17:20:32 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: References: Message-ID: <290900000.1008033632@jxh.mirapoint.com> I daresay they would accept someone with >4 years of relevant experience, degree or not. Personally, I consider the 4 years I spent working, rather than sleeping in class, to be "greater". :-) Kristyn, care to clarify? --On Monday, December 10, 2001 03:29:08 PM -0800 Nicole Harrington wrote: >> * Bachelor's degree or greater From jgreely at corp.webtv.net Mon Dec 10 17:09:11 2001 From: jgreely at corp.webtv.net (J Greely) Date: Mon, 10 Dec 2001 17:09:11 -0800 (PST) Subject: Opportunity for Usability Evaluation In-Reply-To: Message-ID: On Mon, 10 Dec 2001, Nicole Harrington wrote: >So.. Sys Admins without at least a bachlors degree are to stupid to eval the >product? Or perhaps too experienced to think that Oracle actually has a chance of succeeding in this market. Or just too damn busy to take the survey. -j david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From david at catwhisker.org Mon Dec 10 18:46:45 2001 From: david at catwhisker.org (David Wolfskill) Date: Mon, 10 Dec 2001 18:46:45 -0800 (PST) Subject: Opportunity for Usability Evaluation In-Reply-To: Message-ID: <200112110246.fBB2kjH51805@bunrab.catwhisker.org> Sorry about hanging my .sig on jgreely's post when I approved it. I think I'll get back to the device driver patches I'm merging on my laptop & ignore postmasterly duties 'til I get to a checkpoint. :-( Mea culpa, david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From kenny at cisco.com Tue Dec 11 04:58:12 2001 From: kenny at cisco.com (Kenny Paul) Date: Tue, 11 Dec 2001 04:58:12 -0800 Subject: Opportunity for Usability Evaluation References: <3C151DA3.2060708@oracle.com> <20011210165656.U76137@seven.alameda.net> Message-ID: <3C1602E4.C8DBD25E@cisco.com> On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > > So.. Sys Admins without at least a bachlors degree are to stupid to eval the > product? So they want to make sure "well educated" people can use their > product but not those who have many years of experience but no 4 year degree? > So is the less educated product testing to come later? > > Anyone else see a problem here? > Oh come now.... Everyone knows that a non-degreed sysadmin such as myself is totally clueless and utterly incapable of thinking, making decisions or recommending appropriate hardware or software. That is why I became a manager. ;-) -- Regards, Kenny Paul http://wwwin-swtools/swtools/ddts ---------------------------------------------------------------------------- Kenneth E. Paul, Manager, Corporate Defect Tracking 408-526-5210 Cisco Systems, Inc. 560 McCarthy Blvd, SJ23/2, Milpitas, CA 95035 From claw at kanga.nu Tue Dec 11 08:42:49 2001 From: claw at kanga.nu (J C Lawrence) Date: Tue, 11 Dec 2001 08:42:49 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: Message from Kenny Paul of "Tue, 11 Dec 2001 04:58:12 PST." <3C1602E4.C8DBD25E@cisco.com> References: <3C151DA3.2060708@oracle.com> <20011210165656.U76137@seven.alameda.net> <3C1602E4.C8DBD25E@cisco.com> Message-ID: <29809.1008088969@kanga.nu> On Tue, 11 Dec 2001 04:58:12 -0800 Kenny Paul wrote: > On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > Oh come now.... Everyone knows that a non-degreed sysadmin such > as myself is totally clueless and utterly incapable of thinking, > making decisions or recommending appropriate hardware or software. > That is why I became a manager. So you too can write job req's that demand book larning' for positions that require practical, pragmatic trench experience. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From ulf at Alameda.net Tue Dec 11 08:50:43 2001 From: ulf at Alameda.net (Ulf Zimmermann) Date: Tue, 11 Dec 2001 08:50:43 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: <3C1602E4.C8DBD25E@cisco.com>; from kenny@cisco.com on Tue, Dec 11, 2001 at 04:58:12AM -0800 References: <3C151DA3.2060708@oracle.com> <20011210165656.U76137@seven.alameda.net> <3C1602E4.C8DBD25E@cisco.com> Message-ID: <20011211085043.X76137@seven.alameda.net> On Tue, Dec 11, 2001 at 04:58:12AM -0800, Kenny Paul wrote: > > > > On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > > > > So.. Sys Admins without at least a bachlors degree are to stupid to eval the > > product? So they want to make sure "well educated" people can use their > > product but not those who have many years of experience but no 4 year degree? > > So is the less educated product testing to come later? > > > > Anyone else see a problem here? > > > > Oh come now.... > Everyone knows that a non-degreed sysadmin such as myself is > totally clueless and utterly incapable of thinking, making > decisions or recommending appropriate hardware or software. > That is why I became a manager. I wonder if I could find a job as manager then, as non-degreed I am > > ;-) > -- > Regards, Kenny Paul http://wwwin-swtools/swtools/ddts > ---------------------------------------------------------------------------- > Kenneth E. Paul, Manager, Corporate Defect Tracking 408-526-5210 > Cisco Systems, Inc. 560 McCarthy Blvd, SJ23/2, Milpitas, CA 95035 > -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 From chuck+baylisa at snew.com Tue Dec 11 09:56:46 2001 From: chuck+baylisa at snew.com (Chuck Yerkes) Date: Tue, 11 Dec 2001 09:56:46 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: <29809.1008088969@kanga.nu>; from claw@kanga.nu on Tue, Dec 11, 2001 at 08:42:49AM -0800 References: <3C151DA3.2060708@oracle.com> <20011210165656.U76137@seven.alameda.net> <3C1602E4.C8DBD25E@cisco.com> <29809.1008088969@kanga.nu> Message-ID: <20011211095646.B13679@snew.com> Because those without degrees are just all cranky, curmugeons who are angry with the world. Give me someone with a BS in System Administration any day :) (I trust those of you that don't know any of those people might see that humor/irony) I'm willing to go easy and read into it that perhaps poor Ms Greenwood was sending something to try to indicate a desire to have experienced people, not that kid down the street who got Linux for his machine last year and is now a "Sr System Admin" God! And you wonder why people don't want to field test software. Quoting J C Lawrence (claw at kanga.nu): > On Tue, 11 Dec 2001 04:58:12 -0800 > Kenny Paul wrote: > > On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > > Oh come now.... Everyone knows that a non-degreed sysadmin such > > as myself is totally clueless and utterly incapable of thinking, > > making decisions or recommending appropriate hardware or software. > > > That is why I became a manager. > > So you too can write job req's that demand book larning' for > positions that require practical, pragmatic trench experience. From gwen at reptiles.org Tue Dec 11 10:16:32 2001 From: gwen at reptiles.org (Gwendolynn ferch Elydyr) Date: Tue, 11 Dec 2001 13:16:32 -0500 (EST) Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: <29809.1008088969@kanga.nu> Message-ID: <20011211131205.N26923-100000@iguana.reptiles.org> On Tue, 11 Dec 2001, J C Lawrence wrote: > So you too can write job req's that demand book larning' for > positions that require practical, pragmatic trench experience. I'm going to wander afield from where this thread started. IMHO, it's very important to have a mix of theoretical and practical knowledge. This isn't a suggestion that you must have a degree - but it's a strong suggestion that you must have some form of theoretical background. The major failing of a person who only has pragmatic experience is that they only know what they've encountered. My classic example for this is the wonderful SAGE-II/III that I had working for me, who managed to tar up and remove lib, because he was completely unaware of it's purpose! (not really a surprise there - it's not knowledge that the average hands on sysadmin would need to know). A bit of book larning' would have nipped that problem cleanly in the bud. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." From claw at kanga.nu Tue Dec 11 10:38:43 2001 From: claw at kanga.nu (J C Lawrence) Date: Tue, 11 Dec 2001 10:38:43 -0800 Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: Message from Gwendolynn ferch Elydyr of "Tue, 11 Dec 2001 13:16:32 EST." <20011211131205.N26923-100000@iguana.reptiles.org> References: <20011211131205.N26923-100000@iguana.reptiles.org> Message-ID: <31017.1008095923@kanga.nu> On Tue, 11 Dec 2001 13:16:32 -0500 (EST) Gwendolynn ferch Elydyr wrote: > On Tue, 11 Dec 2001, J C Lawrence wrote: > I'm going to wander afield from where this thread started. Beware of setting dangerous precedent! > IMHO, it's very important to have a mix of theoretical and > practical knowledge. This isn't a suggestion that you must have a > degree - but it's a strong suggestion that you must have some form > of theoretical background. As in all such things beware of extremes, or to quote Oscar Wilde, "Moderation in all things including moderation." Hands on empirical knowledge can be and often is invaluable. Theoretical knowledge by itself is typically worth slightly less than the paper its not written on. Pragmatic knowledge, if constrained to the level of, "If I poke this button that light will come on," is nor very useful past trivialities. In the end you want someone who can think and who has enough data, observed and received, to draw useful timely conclusions. > The major failing of a person who only has pragmatic experience is > that they only know what they've encountered. My classic example > for this is the wonderful SAGE-II/III that I had working for me, > who managed to tar up and remove lib, because he was completely > unaware of it's purpose! (not really a surprise there - it's not > knowledge that the average hands on sysadmin would need to know). Hehn. Famous last words: "libc.so is not important, is it?" > A bit of book larning' would have nipped that problem cleanly in > the bud. I'm less convinced. It might have helped. I'd be more impressed by a chap who had a SysAdm background and something of a developer background (even if light) as that tends to give some of the pragmatic viewpoints on not only how the system works, but a bit of why. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From Stewart.Hersey at leland.stanford.edu Tue Dec 11 10:36:34 2001 From: Stewart.Hersey at leland.stanford.edu (Stewart M. Hersey) Date: Tue, 11 Dec 2001 10:36:34 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: <20011211095646.B13679@snew.com> References: <29809.1008088969@kanga.nu> <3C151DA3.2060708@oracle.com> <20011210165656.U76137@seven.alameda.net> <3C1602E4.C8DBD25E@cisco.com> <29809.1008088969@kanga.nu> Message-ID: <5.1.0.14.2.20011211103454.00ab3de0@hersey.pobox.stanford.edu> Doh! At 09:56 AM 12/11/2001 -0800, Chuck Yerkes wrote: >Because those without degrees are just all cranky, curmugeons >who are angry with the world. Give me someone with a BS in >System Administration any day :) > >(I trust those of you that don't know any of those people might > see that humor/irony) > >I'm willing to go easy and read into it that perhaps poor Ms Greenwood >was sending something to try to indicate a desire to have experienced >people, not that kid down the street who got Linux for his machine >last year and is now a "Sr System Admin" > >God! And you wonder why people don't want to field test software. > > >Quoting J C Lawrence (claw at kanga.nu): >> On Tue, 11 Dec 2001 04:58:12 -0800 >> Kenny Paul wrote: >> > On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: >> > Oh come now.... Everyone knows that a non-degreed sysadmin such >> > as myself is totally clueless and utterly incapable of thinking, >> > making decisions or recommending appropriate hardware or software. >> >> > That is why I became a manager. >> >> So you too can write job req's that demand book larning' for >> positions that require practical, pragmatic trench experience. Stewart Matthew Hersey Technical Writer / Trainer Leland Stanford Junior University R&DE Information Systems ================================================================ "What do we have to look forward to today? There are a lot of things we have to look forward to today." - Johannes "Jos" Dianovich Claerbout 06/14/1974 - 08/20/1999 ================================================================ -------------- next part -------------- An HTML attachment was scrubbed... URL: From hal at deer-run.com Tue Dec 11 10:56:25 2001 From: hal at deer-run.com (Hal Pomeranz) Date: Tue, 11 Dec 2001 10:56:25 -0800 Subject: docs.sun.com? Message-ID: <20011211105625.B20349@deer-run.com> Anybody know what's up with docs.sun.com? I haven't been able to reach it for about 24 hours now... -- Hal Pomeranz, Founder/CEO Deer Run Associates hal at deer-run.com Network Connectivity and Security, Systems Management, Training From Kristyn.Greenwood at oracle.com Tue Dec 11 10:50:50 2001 From: Kristyn.Greenwood at oracle.com (Kristyn Greenwood) Date: Tue, 11 Dec 2001 10:50:50 -0800 Subject: Opportunity for Usability Evaluation References: <290900000.1008033632@jxh.mirapoint.com> Message-ID: <3C16558A.8050209@oracle.com> I apologize for inadvertently offending some members of the list. It was definitely an oversight on my part not to include the traditional phrase - 'or equivalent experience'. For this evaluation, I am looking for individuals of mature years and experience who have experience with Enterprise Level software. If you think that this describes you and you would like to 'speak your mind' about the state of web administration software, I encourage you to contact me directly. Kristyn Greenwood kristyn.greenwood at oracle.com Jim Hickstein wrote: > I daresay they would accept someone with >4 years of relevant > experience, degree or not. Personally, I consider the 4 years I spent > working, rather than sleeping in class, to be "greater". :-) > > Kristyn, care to clarify? > > --On Monday, December 10, 2001 03:29:08 PM -0800 Nicole Harrington > wrote: > >>> * Bachelor's degree or greater >> From hal at deer-run.com Tue Dec 11 12:02:16 2001 From: hal at deer-run.com (Hal Pomeranz) Date: Tue, 11 Dec 2001 12:02:16 -0800 Subject: docs.sun.com? In-Reply-To: <20011211105625.B20349@deer-run.com>; from hal@deer-run.com on Tue, Dec 11, 2001 at 10:56:25AM -0800 References: <20011211105625.B20349@deer-run.com> Message-ID: <20011211120216.E20349@deer-run.com> > Anybody know what's up with docs.sun.com? I haven't been able to reach > it for about 24 hours now... Of course, I was able to reach the site shortly after sending out this email. *sigh* -- Hal Pomeranz, Founder/CEO Deer Run Associates hal at deer-run.com Network Connectivity and Security, Systems Management, Training From ulf at Alameda.net Tue Dec 11 12:37:07 2001 From: ulf at Alameda.net (Ulf Zimmermann) Date: Tue, 11 Dec 2001 12:37:07 -0800 Subject: Where can I buy FC (9 pin DB9 type) cables and a terminator ? Message-ID: <20011211123707.Z76137@seven.alameda.net> Just got a Netapp in but its missing the cables. Looking for a source to buy FC cables and a terminator. -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 From ulf at Alameda.net Tue Dec 11 13:19:49 2001 From: ulf at Alameda.net (Ulf Zimmermann) Date: Tue, 11 Dec 2001 13:19:49 -0800 Subject: docs.sun.com? In-Reply-To: <20011211120216.E20349@deer-run.com>; from hal@deer-run.com on Tue, Dec 11, 2001 at 12:02:16PM -0800 References: <20011211105625.B20349@deer-run.com> <20011211120216.E20349@deer-run.com> Message-ID: <20011211131949.A76137@seven.alameda.net> On Tue, Dec 11, 2001 at 12:02:16PM -0800, Hal Pomeranz wrote: > > Anybody know what's up with docs.sun.com? I haven't been able to reach > > it for about 24 hours now... > > Of course, I was able to reach the site shortly after sending out this > email. *sigh* > > -- > Hal Pomeranz, Founder/CEO Deer Run Associates hal at deer-run.com > Network Connectivity and Security, Systems Management, Training Your email probably caused someone to check the machine and kick it ;-) -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 From trockij at transmeta.com Tue Dec 11 14:52:50 2001 From: trockij at transmeta.com (Jim Trocki) Date: Tue, 11 Dec 2001 14:52:50 -0800 (PST) Subject: docs.sun.com? In-Reply-To: <20011211131949.A76137@seven.alameda.net> Message-ID: On Tue, 11 Dec 2001, Ulf Zimmermann wrote: > > > Anybody know what's up with docs.sun.com? I haven't been able to reach > > > it for about 24 hours now... > > > > Of course, I was able to reach the site shortly after sending out this > > email. *sigh* maybe sun needs to do some careful availability monitoring of their systems. i'd suggest using "mon"; it works rather well for us and for many others: http://www.kernel.org/software/mon/ apologies if they already do :) Jim Trocki Computer System and Network Engineer Transmeta Corporation Santa Clara, CA From star at betelgeuse.starshine.org Tue Dec 11 14:58:32 2001 From: star at betelgeuse.starshine.org (Heather) Date: Tue, 11 Dec 2001 14:58:32 -0800 (PST) Subject: Opportunity for Usability Evaluation In-Reply-To: <20011211095646.B13679@snew.com> from Chuck Yerkes at "Dec 11, 2001 09:56:46 am" Message-ID: <200112112258.fBBMwWP19744@betelgeuse.starshine.org> > Because those without degrees are just all cranky, curmugeons > who are angry with the world. Give me someone with a BS in > System Administration any day :) > > (I trust those of you that don't know any of those people might > see that humor/irony) Well, any place with a half-clue (needing to hire a whole one on full time, of course) ought to be able to be blown over by "or equivalent". Whack them over the head with enough credentials to teach community college as a Local Expert. Then if they still don't want you, you can feel satisfied that they're dopes and will have to come crawling to some sysadmin with a Summa Cum Laude from HKU. (hard knocks university) > I'm willing to go easy and read into it that perhaps poor Ms Greenwood > was sending something to try to indicate a desire to have experienced > people, not that kid down the street who got Linux for his machine > last year and is now a "Sr System Admin" > > God! And you wonder why people don't want to field test software. Well there are these SAGE and LPI certifications in the works; we'll see how well they catch on. > Quoting J C Lawrence (claw at kanga.nu): > > On Tue, 11 Dec 2001 04:58:12 -0800 > > Kenny Paul wrote: > > > On Mon, Dec 10, 2001 at 03:29:08PM -0800, Nicole Harrington wrote: > > > Oh come now.... Everyone knows that a non-degreed sysadmin such > > > as myself is totally clueless and utterly incapable of thinking, > > > making decisions or recommending appropriate hardware or software. > > > > > That is why I became a manager. > > > > So you too can write job req's that demand book larning' for > > positions that require practical, pragmatic trench experience. Needed: someone with at least four (4) firing neurons, at least one (1) of which must have survived your tour through college. The college is needed so that you have at least one (1) neuron in common with the department head. Purpose: help establish good relations with end users by means of maintaining actual working (systems on their desks | internet connectivity). Ideal: Said systems to not crash regularly, therefore UNIX(tm) experience preferred. Freenix varieties acceptable if you have administered sites with end users who are not your relatives. Am I having enough fun yet? <-- published curmudgeon-ette. * Heather * Adhere to your own act, and congratulate yourself if you have done something strange and extravagant, and broken the monotony of a decorous age. -- Ralph Waldo Emerson From jimd at starshine.org Tue Dec 11 16:31:07 2001 From: jimd at starshine.org (Jim) Date: Tue, 11 Dec 2001 16:31:07 -0800 Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: <20011211131205.N26923-100000@iguana.reptiles.org>; from gwen@reptiles.org on Tue, Dec 11, 2001 at 01:16:32PM -0500 References: <29809.1008088969@kanga.nu> <20011211131205.N26923-100000@iguana.reptiles.org> Message-ID: <20011211163107.A1534@mars.starshine.org> On Tue, Dec 11, 2001 at 01:16:32PM -0500, Gwendolynn ferch Elydyr wrote: > On Tue, 11 Dec 2001, J C Lawrence wrote: >> So you too can write job req's that demand book larning' for >> positions that require practical, pragmatic trench experience. > I'm going to wander afield from where this thread started. > IMHO, it's very important to have a mix of theoretical and practical > knowledge. This isn't a suggestion that you must have a degree - but it's > a strong suggestion that you must have some form of theoretical background. > The major failing of a person who only has pragmatic experience is that > they only know what they've encountered. My classic example for this is > the wonderful SAGE-II/III that I had working for me, who managed to > tar up and remove lib, because he was completely unaware of it's purpose! > (not really a surprise there - it's not knowledge that the average hands > on sysadmin would need to know). Whoever classified this person as approaching a SAGE III was in grave error. A SAGE I should understand the concept of .DLLs and shared libraries. A SAGE II should be able to identify the major shared libraries (by basename or location) for each of the OS in which they claim competance. By SAGE II or III I expect an admin to have the good judgement to test their "theories" on non-production systems prior to performing "experiments." (Theory: These lib*.so files are redundant on this system. Experiment: Let's try deleting migrating them into a tarball). > A bit of book larning' would have nipped that problem cleanly in the bud. Depends on which books! Actually it's *far* more likely that an *experienced* admin, even of a home system, will have encountered a damaged libc.so file (or a corrupted /etc/ld.so.cache or some other breakage in the shared library loading mechanism) than that the graduate with a B.S. in C.S. will have had this *specific* example explained to them. Your alleged counter example, to me, argues *against* your intended point. It *supports* the claim that experience is more important because I've met far too many degreed professionals (all the way up to the doctorate level) who couldn't identify the shared libraries on their system with a stack of text books and manual and a root shell prompt. It's a practical detail that differs from one specific system to another. This is not to say that I'm rejecting your argument; just your example. The obvious observation is that there are varying degrees of "understanding" beyond just "practical" vs. "theoretical." I met a mathematician (a professor, teaching Calculus) who could not understand how an automative differential was, in fact, an analog computer which solves a specific differential equation *by* applying power/torque to a pair of drive wheels as they round corners. To him differential equations were abstractions with no physical, mechanical manifestions. Obviously most automotive mechanics can work for their whole careers with only an intuitive understanding of what a differential does. Show them a set of formulae and claim that some of the gizmos that they work with are "solving" those and you'll get a blank stare. Ironically every experienced mechanic knows that if the rear end of a rear drive car is up on jackstands, and you apply torque to one of the wheels (say to loosen a lug nut) the other wheel will spin in the opposite direction. Most mathematicians would not guess this from an abstract description. The underpaid tire monkey at the local Sears knows that he has to loosen the lug nuts *before* lifting the car and that he *must* drop the car before tightening the lug nuts later. They "understand" properties of the differential in practical ways that a mathematician often would miss. The biggest difference between a SAGE III and a SAGE II is not the quantity of their experience or their formal training. There is a vital qualitative difference. A SAGE III or IV doesn't simply do things a certain way by rote; he or she asks (or has asked and discovered) how things work and why they need to be "that" way. -- Jim Dennis From rsr at inorganic.org Tue Dec 11 15:46:25 2001 From: rsr at inorganic.org (Roy S. Rapoport) Date: Tue, 11 Dec 2001 15:46:25 -0800 (PST) Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: <31017.1008095923@kanga.nu> Message-ID: Gwendolynn ferch Elydyr wrote: > The major failing of a person who only has pragmatic experience is > that they only know what they've encountered. My classic example > for this is the wonderful SAGE-II/III that I had working for me, > who managed to tar up and remove lib, because he was completely > unaware of it's purpose! (not really a surprise there - it's not > knowledge that the average hands on sysadmin would need to know). I think the key is not simply pragmatic experience, but enough pragmatic experience and the mindset to extrapolate from it. In this case, "if the operating system install put a large directory there, make sure you know what it's used for before you remove it to save space." Not to mention that the follow up question to any sort of "what happens if I do ?" should be "what happens if I I do in a lab?" As for removing lib ... I wonder what one would expect "the average hands on sysadmin" to know. I figure at minimum, no matter where on the expertise ladder you are, you should know well enough not to delete a directory whose function you do not clearly understand, no? -roy From rsr at inorganic.org Tue Dec 11 17:40:47 2001 From: rsr at inorganic.org (Roy S. Rapoport) Date: Tue, 11 Dec 2001 17:40:47 -0800 (PST) Subject: Opportunity for Usability Evaluation In-Reply-To: <200112112258.fBBMwWP19744@betelgeuse.starshine.org> Message-ID: On Tue, 11 Dec 2001, Heather wrote: > Purpose: help establish good relations with end users by means of maintaining > actual working (systems on their desks | internet connectivity). > > Ideal: Said systems to not crash regularly, therefore UNIX(tm) experience > preferred. Freenix varieties acceptable if you have administered > sites with end users who are not your relatives. That's when your trouble *start*. At my last job, at some point, the users started complaining that the systems weren't fast enough. My boss, a fairly astute man, said "take it as a compliment -- people only complain about the speed of the system when they start taking it for granted that it's not crashing." He was right -- when I had joined the company and our main systems were crashing every few weeks, nobody complained about speed. (On a somewhat related note, we thought for a while that one of the selling points of the softphone technology from Cisco -- making local phone calls through your PC -- was that if your PC crashed, you wouldn't be able to bother helpdesk :) ). -roy From chuck+baylisa at snew.com Tue Dec 11 21:49:36 2001 From: chuck+baylisa at snew.com (Chuck Yerkes) Date: Tue, 11 Dec 2001 21:49:36 -0800 Subject: Opportunity for Usability Evaluation In-Reply-To: ; from rsr@inorganic.org on Tue, Dec 11, 2001 at 05:40:47PM -0800 References: <200112112258.fBBMwWP19744@betelgeuse.starshine.org> Message-ID: <20011211214936.E22777@snew.com> > At my last job, at some point, the users started complaining that the > systems weren't fast enough. My boss, a fairly astute man, said "take it > as a compliment -- people only complain about the speed of the system when > they start taking it for granted that it's not crashing." He was right -- > when I had joined the company and our main systems were crashing every few > weeks, nobody complained about speed. Ah, this made me recall a job I had in my (relative) Yout' where, after 2-4 weeks, I was trying to heal a really neglected network (the owner was a programmer and presumed that he was also a system admin). The main servers were crashing every couple days. I struggled against things like a Sun4/280 serving 30 xterminals and disk for 10 Sun SLCs. I felt terrible. Then, over lunch, one of the programmers noted how nice it was to have me: the machines weren't crashing 4 times a day. Progress continued incrementally, and machines actually survived to get rebooted periodically on purpose! I did have a Jr. SA who compressed /vmunix and /boot on a bunch of diskless images to save space ... :) Quoting Roy S. Rapoport (rsr at inorganic.org): > On Tue, 11 Dec 2001, Heather wrote: > > Purpose: help establish good relations with end users by means of maintaining > > actual working (systems on their desks | internet connectivity). > > > > Ideal: Said systems to not crash regularly, therefore UNIX(tm) experience > > preferred. Freenix varieties acceptable if you have administered > > sites with end users who are not your relatives. > > That's when your trouble *start*. > From Carl.Baltrunas at concert.com Wed Dec 12 07:37:10 2001 From: Carl.Baltrunas at concert.com (Baltrunas, Carl (CRTUSW)) Date: Wed, 12 Dec 2001 07:37:10 -0800 Subject: Opportunity for Usability Evaluation Message-ID: <8DDE29B2ED2AAF4CAAA8A3CB5ED767EE3307D5@sjaexpst01.sanjose-c.concert.com> Hi, Heather writes: Ideal: Said systems to not crash regularly, therefore UNIX(tm) experience preferred. Freenix varieties acceptable if you have administered sites with end users who are not your relatives. Ahem! I think that if the end users ARE your relatives, that that would mean you have also had combat experience and would be MORE desireable for your experience ;-) Am I having enough fun yet? <-- published curmudgeon-ette. Keep having fun! -Carl -------------- next part -------------- An HTML attachment was scrubbed... URL: From pineapp at cutter.rexx.com Wed Dec 12 13:18:56 2001 From: pineapp at cutter.rexx.com (Daniel Curry) Date: Wed, 12 Dec 2001 13:18:56 -0800 (PST) Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: <20011211163107.A1534@mars.starshine.org> from "Jim" at Dec 11, 2001 04:31:07 PM Message-ID: <200112122118.fBCLIuQ64552@cutter.rexx.com> I have to respond to these e-mails. 1) As long as I have been on this list. I say this has got to be very noisy in the last week. 2) I have interviewed folks with bachelor and master degrees from Cal and other schools. My finding is that because they have a degree, does not mean that they can take over a major critical system. Especially "book learn" knowledge. 3) I will take anyone with working knowledge (5 years or more) over anyone who just graduated from college. Now that does not mean if a person had the working knowledge before entry to college. This is my personal opinion. -- .---------------------------------------+--------------------------. | INTERNET: pineapp at rexx.com (DC436) | Daniel Curry | | DoD # 1450 | SOHC4 # 136 | | PGP : AD5A 96DC 7556 A020 B8E7 0E4D 5D5E 9BA5 C83E 8C92 | '---------------------------------------+--------------------------' From gandolf_the_grey at hotmail.com Wed Dec 12 23:11:57 2001 From: gandolf_the_grey at hotmail.com (Michael Grey) Date: Wed, 12 Dec 2001 23:11:57 Subject: Theoretical vs Practical Knowledge Message-ID: Most people think that the piece of paper, weither it is a 'certification' or a degree gives them the knowledge to be an admin... Nothing beats 'doing the job' and learning what works in real life. Microsoft claims that a MSCE is prepaired to admin your world; however, these are the same people who claim that Windows 2k runs on a 486 with 64 megs or ram... Last thoughts; it is not how much you know, but knowing where and how to find the RIGHT answer (and impliment it) that counts. Michael Grey >From: Daniel Curry > > I have to respond to these e-mails. > >1) As long as I have been on this list. I say this has got > to be very noisy in the last week. >2) I have interviewed folks with bachelor and master degrees from > Cal and other schools. My finding is that because they have a > degree, does not mean that they can take over a major critical > system. > Especially "book learn" knowledge. >3) I will take anyone with working knowledge (5 years or more) over > anyone who just graduated from college. Now that does not mean > if a person had the working knowledge before entry to college. > > This is my personal opinion. >-- >.---------------------------------------+--------------------------. >| INTERNET: pineapp at rexx.com (DC436) | Daniel Curry | >| DoD # 1450 | SOHC4 # 136 | >| PGP : AD5A 96DC 7556 A020 B8E7 0E4D 5D5E 9BA5 C83E 8C92 | >'---------------------------------------+--------------------------' _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. From mallen at byte-me.org Wed Dec 12 17:39:52 2001 From: mallen at byte-me.org (Mark Allen) Date: Wed, 12 Dec 2001 17:39:52 -0800 Subject: Cable Tags/Cable labels Message-ID: <20011212173952.A10054@sephiroth.byte-me.org> Riddle me this, O SysAdmin collegues: How and what do you use to tag and/or label cables? I just visited Fry's and Action Computer Surplus here in Sunnyvale to no avail. What I'd really like are plastic tags with a tie-wrap front end which you can write on with a (low-tech) Sharpie or one of those Brother labelmaker thingees. So. Where I can buy these things or, what's a better way to solve this problem? TIA, Mark -- Mark Allen -- mallen at byte-me.org -- http://www.byte-me.org/~mallen/ PGP: 0x5CDC2161 Mark Allen (Personal Key) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: From star at betelgeuse.starshine.org Wed Dec 12 18:05:49 2001 From: star at betelgeuse.starshine.org (Heather) Date: Wed, 12 Dec 2001 18:05:49 -0800 (PST) Subject: Theoretical vs Practical Knowledge [was: Re: Opportunity for Usability Evaluation] In-Reply-To: <200112122118.fBCLIuQ64552@cutter.rexx.com> from Daniel Curry at "Dec 12, 2001 01:18:56 pm" Message-ID: <200112130205.fBD25nP03605@betelgeuse.starshine.org> > I have to respond to these e-mails. > > 1) As long as I have been on this list. I say this has got > to be very noisy in the last week. > 2) I have interviewed folks with bachelor and master degrees from > Cal and other schools. My finding is that because they have a > degree, does not mean that they can take over a major critical > system. > Especially "book learn" knowledge. > 3) I will take anyone with working knowledge (5 years or more) over > anyone who just graduated from college. Now that does not mean > if a person had the working knowledge before entry to college. > > This is my personal opinion. Hmm, so what I'm hearing is, you would for example (if my skills applied to your open req) hire me happily right now, but if I took a couple of years of college you'd demote me to "new grad" ? [Plug: I'm a consultant. Ask me for my rates privately, if you know anyone who needs Linux and Free Software training.] I think the matter is clear: ability to go through college is one thing. Ability to learn computing skills is another. They're really not very well related to each other - you learn different things. ...And ability to apply them in a practical manner is yet another, which neither degrees, nor "# years of experience" are able to describe. That's why we do interviews, no? . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From claw at kanga.nu Wed Dec 12 18:52:13 2001 From: claw at kanga.nu (J C Lawrence) Date: Wed, 12 Dec 2001 18:52:13 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: Message from "Michael Grey" of "Wed, 12 Dec 2001 23:11:57." References: Message-ID: <16664.1008211933@kanga.nu> On Wed, 12 Dec 2001 23:11:57 Michael Grey wrote: > Last thoughts; it is not how much you know, but knowing where and > how to find the RIGHT answer (and impliment it) that counts. My old 4-step mantra: Can you recognise and determine that you have a problem? Can you define the problem when you find it? Can you make the problem go away and not come back without creating new/other/more problems? Can you do that reliably? Or paraphrased: Awareness Knowledge Effectiveness Certainty -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From lccha at pobox.com Wed Dec 12 19:09:33 2001 From: lccha at pobox.com (Lloyd C. Cha) Date: Wed, 12 Dec 2001 19:09:33 -0800 Subject: Cable Tags/Cable labels In-Reply-To: <20011212173952.A10054@sephiroth.byte-me.org>; from mallen@byte-me.org on Wed, Dec 12, 2001 at 05:39:52PM -0800 References: <20011212173952.A10054@sephiroth.byte-me.org> Message-ID: <20011212190932.B19357@similac.redback.com> Once upon a time (like on Dec 12, 2001), Mark Allen wrote: > How and what do you use to tag and/or label cables? One good place to start would be Hellerman Tyton (http://www.hellermann.tyton.com/). They have a wide variety of labels and tags, and you can order sample packs from their web site. -L From rsr at inorganic.org Wed Dec 12 17:50:02 2001 From: rsr at inorganic.org (Roy S. Rapoport) Date: Wed, 12 Dec 2001 17:50:02 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: Message-ID: On Wed, 12 Dec 2001, Michael Grey wrote: > Last thoughts; it is not how much you know, but knowing where and how to > find the RIGHT answer (and impliment it) that counts. One of the most technically competent managers I ever had (actually, scratch that -- he was _the_ most technically competent manager I ever had) would start off technical interviews by saying something like "It's not so important that you know the answer to these questions -- but you need to know where you'd find the answers to them." It's how I've always conducted tech interviews since then. He should still be around -- Alberto Begliomini. He was a BayLISA board member until recently, I believe. Great guy. -roy From claw at kanga.nu Wed Dec 12 21:31:33 2001 From: claw at kanga.nu (J C Lawrence) Date: Wed, 12 Dec 2001 21:31:33 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: Message from "Roy S. Rapoport" of "Wed, 12 Dec 2001 17:50:02 PST." References: Message-ID: <17870.1008221493@kanga.nu> On Wed, 12 Dec 2001 17:50:02 -0800 (PST) Roy S Rapoport wrote: > One of the most technically competent managers I ever had > (actually, scratch that -- he was _the_ most technically competent > manager I ever had) would start off technical interviews by saying > something like "It's not so important that you know the answer to > these questions -- but you need to know where you'd find the > answers to them." It's how I've always conducted tech interviews > since then. That's the entire concentration of my interviewing technique for SysAdms. I tell them up front that I'm going to set scenarios for them, and then ask them to evaluate and resolve them by telling me what they'd do with me telling them the results. I'm also careful to tell them that I don't expect instant right answers, and that in fact I do expect them to NOT resolve some or several of them as what I'm interested in is their problem solving approach and technique. I then just make up (or remember) various things and throw them at them. Okay, you've just inherited a dept's mail server which is acting as the smarthost for the corporate mailing lists. You're told that historically it has been running just fine, but that currently mail is NOT being delivered in any sort of timely fashion. Please get mail being delivered quickly. Solution to that one BTW is /var/log being on the same spindle as /var/spool/ and syslog being configured to fsync() after every write for the MTA logs, thus IO throttling the box, with the change in behaviour due to a recent corporate mktg campaign increasing mail loads enough to hit saturation. And yes, that happened to me and took me most of a day to figure out... etc etc etc It makes interviews long unfortunately (Linda Bissum and Jim Dennis can attest to that), especially for the good people, but it also weeds out the pretenders quickly and thoroughly (eg those who are not sure how to spell "NFS"). -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From chuck+baylisa at snew.com Wed Dec 12 23:28:55 2001 From: chuck+baylisa at snew.com (Chuck Yerkes) Date: Wed, 12 Dec 2001 23:28:55 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: <17870.1008221493@kanga.nu>; from claw@kanga.nu on Wed, Dec 12, 2001 at 09:31:33PM -0800 References: <17870.1008221493@kanga.nu> Message-ID: <20011212232855.B20693@snew.com> Well, obviously you mount the mailq noatime and you set syslog to stop fsyncing (many modern syslogs allow this, sun's doesn't). I have a boss now who is infamous to the people to came after him for "describe all the options to ls." It's an icebreaker. When a "sr system admin" manages to list 4 and stop then you know s/he's faking it. The sr. people know that it's pretty large. And yeah, coming from the era of NSF funded connections, when I get nervous I transpose those at times. Hell, my film background has caused me to talk about SMPTE protocols :) Quoting J C Lawrence (claw at kanga.nu): > On Wed, 12 Dec 2001 17:50:02 -0800 (PST) > Roy S Rapoport wrote: ... > That's the entire concentration of my interviewing technique for > SysAdms. I tell them up front that I'm going to set scenarios for > them, and then ask them to evaluate and resolve them by telling me > what they'd do with me telling them the results. I'm also careful > to tell them that I don't expect instant right answers, and that in > fact I do expect them to NOT resolve some or several of them as what > I'm interested in is their problem solving approach and technique. > I then just make up (or remember) various things and throw them at > them. > > Okay, you've just inherited a dept's mail server which is acting > as the smarthost for the corporate mailing lists. You're told > that historically it has been running just fine, but that > currently mail is NOT being delivered in any sort of timely > fashion. Please get mail being delivered quickly. > > Solution to that one BTW is /var/log being on the same spindle > as /var/spool/ and syslog being configured to fsync() after > every write for the MTA logs, thus IO throttling the box, with > the change in behaviour due to a recent corporate mktg campaign > increasing mail loads enough to hit saturation. And yes, that > happened to me and took me most of a day to figure out... > > etc etc etc > > It makes interviews long unfortunately (Linda Bissum and Jim Dennis > can attest to that), especially for the good people, but it also > weeds out the pretenders quickly and thoroughly (eg those who are > not sure how to spell "NFS"). From jxh at jxh.com Thu Dec 13 00:46:03 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 00:46:03 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: References: Message-ID: <110287419.1008204363@[10.9.18.6]> > He should still be around -- Alberto Begliomini. He was a BayLISA board > member until recently, I believe. Great guy. He's the Treasurer, in fact. From jxh at jxh.com Thu Dec 13 00:53:05 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 00:53:05 -0800 Subject: Cable Tags/Cable labels In-Reply-To: <20011212173952.A10054@sephiroth.byte-me.org> References: <20011212173952.A10054@sephiroth.byte-me.org> Message-ID: <110312729.1008204785@[10.9.18.6]> > How and what do you use to tag and/or label cables? The only thing I ever saw that came close to being satifactory was due to none other than the legendary Arnold deLeon. He found (or maybe created) a supplier of Cat-5 cables with _serial numbers_ on them, the same at both ends. The numbers also encoded the length, IIRC. You could say "do you have 15-5651?" and someone else could say "Yes" and unplug it, and you had a pretty good idea you were doing the right thing. I didn't work at Synopsys, but I spotted this during a visit there, and said to myself, "Damn! I gotta do that!". The physical labels I don't recall clearly. Might have been heat-shrink, or maybe akin to the 3M product consisting of a length of clear tape with a little white tab on the end: you write on the tab then wrap the clear tail over it. I used those, but they're a bear to take back off. Hence the permanent serial numbers. From rsr at inorganic.org Thu Dec 13 02:57:53 2001 From: rsr at inorganic.org (Roy S. Rapoport) Date: Thu, 13 Dec 2001 02:57:53 -0800 (PST) Subject: Cable Tags/Cable labels In-Reply-To: <110312729.1008204785@[10.9.18.6]> Message-ID: On Thu, 13 Dec 2001, Jim Hickstein wrote: > The physical labels I don't recall clearly. Might have been heat-shrink, > or maybe akin to the 3M product consisting of a length of clear tape with a > little white tab on the end: you write on the tab then wrap the clear tail > over it. I used those, but they're a bear to take back off. Hence the > permanent serial numbers. At my last job, we used an IDPRO printer to print these labels -- and you're right, they're not fun to take off. The printer made this remarkably easy (especially since it made serializing the labels pretty easy). -roy From david at catwhisker.org Thu Dec 13 04:30:52 2001 From: david at catwhisker.org (David Wolfskill) Date: Thu, 13 Dec 2001 04:30:52 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <20011212232855.B20693@snew.com> Message-ID: <200112131230.fBDCUqn59845@bunrab.catwhisker.org> >Date: Wed, 12 Dec 2001 23:28:55 -0800 >From: Chuck Yerkes >Well, obviously you mount the mailq noatime and >you set syslog to stop fsyncing (many modern syslogs >allow this, sun's doesn't). Or tell syslog to go scribble on some other machine altogether (which I believe Sun's *does* permit).... :-} >I have a boss now who is infamous to the people to came after >him for "describe all the options to ls." It's an icebreaker. >When a "sr system admin" manages to list 4 and stop then you >know s/he's faking it. The sr. people know that it's pretty >large. I think my response to that would likely be "For a complete list, `man ls`; off the top of my head, it's going to depend on whose "ls" we're talking about, but some usually-encountered options are ...." >And yeah, coming from the era of NSF funded connections, >when I get nervous I transpose those at times. Hell, my >film background has caused me to talk about SMPTE protocols :) :-} Cheers, david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From holland at guidancetech.com Thu Dec 13 05:18:21 2001 From: holland at guidancetech.com (Rich Holland) Date: Thu, 13 Dec 2001 08:18:21 -0500 Subject: Cable Tags/Cable labels In-Reply-To: <110312729.1008204785@[10.9.18.6]> Message-ID: <001501c183d8$a3495030$09c079a5@hackintosh> > The only thing I ever saw that came close to being satifactory was due to > none other than the legendary Arnold deLeon. He found (or maybe created) > a supplier of Cat-5 cables with _serial numbers_ on them, the same at both > ends. The numbers also encoded the length, IIRC. They were the heat-shrink or clear tape kind, with the label under the plastic. You can do the same thing with a regular white label and some scotch tape, but that tends to wear off over time once the tape loses it's stickiness. The labels we had at Synopsys were much more permanent. IIRC those cables were also jacketed, so you could pull them backwards through a bunch of other cables without worrying about snagging the clip and ripping it off. Rich Holland ex-Synopsoid From holland at guidancetech.com Thu Dec 13 05:22:23 2001 From: holland at guidancetech.com (Rich Holland) Date: Thu, 13 Dec 2001 08:22:23 -0500 Subject: Theoretical vs Practical Knowledge In-Reply-To: <200112131230.fBDCUqn59845@bunrab.catwhisker.org> Message-ID: <001601c183d9$33796460$09c079a5@hackintosh> > I have a boss now who is infamous to the people to came after > him for "describe all the options to ls." It's an icebreaker. > When a "sr system admin" manages to list 4 and stop then you > know s/he's faking it. The sr. people know that it's pretty > large. When I was at Synopsys, we used a similar approach, albeit we tended to tag-team people. We'd start with something along the lines of "Tell me how ls works." and have the candidate explain something about inodes, where they're stored, what they contain, what the superblock is, why and where there are multiple copies, etc. Basic filesystem stuff. When they got to a point they didn't know any more, we'd tell them that part of the answer (e.g. what's in the indodes) and move on to another line of questioning. A few interviews later, another interviewer would go with "Tell me how ls works" and see if they could remember whatever it was the first one told them. It was a good way to test the ability to learn and remember something under pressure, among other things. Rich From david at catwhisker.org Thu Dec 13 07:18:15 2001 From: david at catwhisker.org (David Wolfskill) Date: Thu, 13 Dec 2001 07:18:15 -0800 (PST) Subject: Cable Tags/Cable labels In-Reply-To: <001501c183d8$a3495030$09c079a5@hackintosh> Message-ID: <200112131518.fBDFIEu60336@bunrab.catwhisker.org> >From: "Rich Holland" >Date: Thu, 13 Dec 2001 08:18:21 -0500 >IIRC those cables were also jacketed, so you could pull them backwards >through a bunch of other cables without worrying about snagging the clip >and ripping it off. Way off topic by now, but in case it helps someone: I had occasion recently to pull a bunch of cables that did not have the "boots" to thus protect the ends. A hack that can serve in a pinch is a handy roll of adhesive tape: just wrap once around the end to protect the tab. Before sealing the end of the tape, fold it over a few mm. to make a "tab" for the adhesive tape (so you can pull it off again). Cheers, david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From aub at coldstone.com Thu Dec 13 08:34:05 2001 From: aub at coldstone.com (Alberto Begliomini) Date: Thu, 13 Dec 2001 08:34:05 -0800 Subject: Cable Tags/Cable labels References: <20011212173952.A10054@sephiroth.byte-me.org> Message-ID: <3C18D87D.AD597B59@coldstone.com> Fry's sells cable ties with a little tag on one end where, as you said, you can write with a Sharpie. I like them a lot because the little tag has the same width of a CAT5 cable and it is about 1" long. You have enough space to write the server name or a serial number, as Jim pointed out, your choice. The Fry's part number is 1771633. They are manifactured by: All-States Inc. 1801 W. Foster Avenue Chicago, IL 60640 I don't have a phone number, sorry. The manifacturer PLU is 1771633 (same as Fry's) -- Alberto U. Begliomini Email: aub at coldstone.com Coldstone Consulting, LLC Phone: 650-654-5938 Security, Data Centers Design and Management Fax: 650-631-8722 Mark Allen wrote: > > Riddle me this, O SysAdmin collegues: > > How and what do you use to tag and/or label cables? > > I just visited Fry's and Action Computer Surplus here in Sunnyvale > to no avail. What I'd really like are plastic tags with a tie-wrap > front end which you can write on with a (low-tech) Sharpie or > one of those Brother labelmaker thingees. > > So. Where I can buy these things or, what's a better way to solve > this problem? > > TIA, > > Mark > -- > Mark Allen -- mallen at byte-me.org -- http://www.byte-me.org/~mallen/ > PGP: 0x5CDC2161 Mark Allen (Personal Key) > > -------------------------------------------------------------------------------- > Part 1.2Type: application/pgp-signature From claw at kanga.nu Thu Dec 13 09:26:28 2001 From: claw at kanga.nu (J C Lawrence) Date: Thu, 13 Dec 2001 09:26:28 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: Message from Chuck Yerkes of "Wed, 12 Dec 2001 23:28:55 PST." <20011212232855.B20693@snew.com> References: <17870.1008221493@kanga.nu> <20011212232855.B20693@snew.com> Message-ID: <23183.1008264388@kanga.nu> On Wed, 12 Dec 2001 23:28:55 -0800 Chuck Yerkes wrote: > Well, obviously you mount the mailq noatime and you set syslog to > stop fsyncing (many modern syslogs allow this, sun's doesn't). Obviously, yes, if you think about it, but the interviewees usually don't have that luxury. The purpose of the scenarios is to dump unknown systems with unknown configurations and histories on the interviewee and to then watch them grope toward that sort of point. ObNote: syslog-ng is particularly nice for lowering IO loads as well, as it allows writes to be written in blocks of arbitrary/configured size (eg 4K). As it also allows you to spec what goes to what file by regex (really!) I've almost come to the point of refusing to use anything else (minor exception for msyslog -- a crypting/signing syslog) > I have a boss now who is infamous to the people to came after him > for "describe all the options to ls." It's an icebreaker. When a > "sr system admin" manages to list 4 and stop then you know s/he's > faking it. The sr. people know that it's pretty large. I'm the sort of guy that would flub that sort of question. I think I can name ~6 ls options, recall what most of them do, have my fingers trained to do the sort of stuff I frequently want to do (eg -lasp, -1f, -R etc), and leave the rest to the man page. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From star at betelgeuse.starshine.org Thu Dec 13 10:19:13 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 10:19:13 -0800 (PST) Subject: Cable Tags/Cable labels In-Reply-To: <20011212173952.A10054@sephiroth.byte-me.org> from Mark Allen at "Dec 12, 2001 05:39:52 pm" Message-ID: <200112131819.fBDIJDe05949@betelgeuse.starshine.org> > Riddle me this, O SysAdmin collegues: > > How and what do you use to tag and/or label cables? I have a dymo (p-touch style, not medium-hard-plastic style) labeller which I use to generate "tabs". |_ p-link 6 feet - HGS ____________ p-link 6 feet - HGS _| then I wrap the middle around the cord and seal the tape to itself. To distinguish items further I have multiple colors or can use diskette labels the same way (which are fatter, and I can write on 'em) If I need thin ones I can write on I have a plain-paper cartridge for the dymo. If I just need to mark a long cord so it can be distinguished through a maze of twisty cables (mostly alike), I band it like archery arrows, about one "marking" every 1.5 to 2 feet. For those not familiar with archery, this is a simple pattern of 1, 2 or 3 stripes wrapped around the top of the shaft of an arrow, so if a batch of you are all aiming down the same range, when the "clear" is called everyone is retrieving -their- arrows. I've found that the stickiness of the dymo tape is iffy if the tape is too short, so I sometimes support it with a short strip of clear packing tape, which sticks to standard cat5, itself, and dymo-labels just fine. > I just visited Fry's and Action Computer Surplus here in Sunnyvale > to no avail. What I'd really like are plastic tags with a tie-wrap > front end which you can write on with a (low-tech) Sharpie or > one of those Brother labelmaker thingees. > > So. Where I can buy these things or, what's a better way to solve > this problem? There are labels made for diskette with a surface such that they can be written on with wet-erase whiteboard pens. I think the pack Jim and I got ages ago came with one thin pen for the purpose, but at any rate it's possible to buy packs of the thing version of such pens. And of course you can always write on them with sharpies anyway. The surface is some sort of plastic and survives well. If you can get the tie tabs you like but without a writable surface, affix any of the above mentioned label types to the tab portion. You could also try bread tabs; though not much space is left to mark on, the tiewrap space is about the right size for standard cat5. I mean the little sqwarish things, not twist-ties. Phone cable folks seem to favor little paper tabs with a string loop, which they half hitch over whatever point needs labelling. > TIA, > Mark Yw,oc. . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From chuck at snew.com Thu Dec 13 10:20:01 2001 From: chuck at snew.com (Chuck Yerkes) Date: Thu, 13 Dec 2001 10:20:01 -0800 Subject: Cable Tags/Cable labels In-Reply-To: <3C18D87D.AD597B59@coldstone.com>; from aub@coldstone.com on Thu, Dec 13, 2001 at 08:34:05AM -0800 References: <20011212173952.A10054@sephiroth.byte-me.org> <3C18D87D.AD597B59@coldstone.com> Message-ID: <20011213102000.A32080@snew.com> Tags suck. Tags pull out other things when you pull a cable. Shrink wrap is good. Don't label them things likes "sybase01" give it a label that's a pointer to that: 115701 which is charted to "sybase01" (in LDAP or DNS TXT records AND a wallchart in the cable room (with an expire date)). I'm a big fan of having a really lowly computer in the cable room that nobody wants to steal. 3Com Audrys or Wyse50's with w3m do beautifully for query terminals. Quoting Alberto Begliomini (aub at coldstone.com): > Fry's sells cable ties with a little tag on one end where, > as you said, you can write with a Sharpie. I like them a lot > because the little tag has the same width of a CAT5 cable and > it is about 1" long. You have enough space to write the server > name or a serial number, as Jim pointed out, your choice. The > Fry's part number is 1771633. They are manufactured by: > > All-States Inc. > 1801 W. Foster Avenue > Chicago, IL 60640 > > I don't have a phone number, sorry. The manufacturer PLU is 1771633 (same as Fry's) From star at betelgeuse.starshine.org Thu Dec 13 10:42:36 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 10:42:36 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <16664.1008211933@kanga.nu> from J C Lawrence at "Dec 12, 2001 06:52:13 pm" Message-ID: <200112131842.fBDIgaD06000@betelgeuse.starshine.org> > My old 4-step mantra: > > Can you recognise and determine that you have a problem? > > Can you define the problem when you find it? > > Can you make the problem go away and not come back without > creating new/other/more problems? > > Can you do that reliably? > > Or paraphrased: > > Awareness > Knowledge > Effectiveness > Certainty Funny, I find more of the drastic failures happen when someone deals poorly with Uncertainty: How do you try to tell if you're in over your head? What do you do to prevent yourself from making things worse? Which sounds to me like an expansion on your point 3, but from the "during" rather than the "debriefing" point of view. I find that documenting my work helps a lot, even if it's just a cheap README - the me at noon is not the same me as the one who hasn't had coffee yet, or the one one a good coding roll at 10 pm or so, or the one trying to get something un-broken in the wee hours before the madding crowd returns at 7:30 to 8 am. YMMV but even wimpy docs are often better than none. . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From claw at kanga.nu Thu Dec 13 11:00:12 2001 From: claw at kanga.nu (J C Lawrence) Date: Thu, 13 Dec 2001 11:00:12 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: Message from Heather of "Thu, 13 Dec 2001 10:42:36 PST." <200112131842.fBDIgaD06000@betelgeuse.starshine.org> References: <200112131842.fBDIgaD06000@betelgeuse.starshine.org> Message-ID: <24410.1008270012@kanga.nu> On Thu, 13 Dec 2001 10:42:36 -0800 (PST) star wrote: > I find that documenting my work helps a lot, even if it's just a > cheap README - the me at noon is not the same me as the one who > hasn't had coffee yet, or the one one a good coding roll at 10 pm > or so, or the one trying to get something un-broken in the wee > hours before the madding crowd returns at 7:30 to 8 am. YMMV but > even wimpy docs are often better than none. Aye. I like using a WikiWiki for that sort of thing. Easy to post to, easy to search, keeps things tracked and organised, easy for others to reference and add to, etc. I like TWiki in particular for this sort of thing (twiki.org) as it does revision and access control, and installs with a base set of TWIki'd documentation. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From jxh at jxh.com Thu Dec 13 12:05:12 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 12:05:12 -0800 Subject: Cable Tags/Cable labels In-Reply-To: <3C18D87D.AD597B59@coldstone.com> References: <20011212173952.A10054@sephiroth.byte-me.org> <3C18D87D.AD597B59@coldstone.com> Message-ID: <36680000.1008273912@jxh.mirapoint.com> > Fry's sells cable ties with a little tag on one end where, as you said, > you can write with a Sharpie. I dislike those because they make the cables even harder to pull out of bundle. And if you cinch them down quite hard you probably pinch the jacket and break the electrical spec -- not that anyone will notice, at these speeds. From star at betelgeuse.starshine.org Thu Dec 13 13:53:40 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 13:53:40 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <24410.1008270012@kanga.nu> from J C Lawrence at "Dec 13, 2001 11:00:12 am" Message-ID: <200112132153.fBDLreq06571@betelgeuse.starshine.org> > On Thu, 13 Dec 2001 10:42:36 -0800 (PST) > star wrote: > > > I find that documenting my work helps a lot, even if it's just a > > cheap README - the me at noon is not the same me as the one who > > hasn't had coffee yet, or the one one a good coding roll at 10 pm > > or so, or the one trying to get something un-broken in the wee > > hours before the madding crowd returns at 7:30 to 8 am. YMMV but > > even wimpy docs are often better than none. > > Aye. I like using a WikiWiki for that sort of thing. Easy to post > to, easy to search, keeps things tracked and organised, easy for > others to reference and add to, etc. I like TWiki in particular for > this sort of thing (twiki.org) as it does revision and access > control, and installs with a base set of TWIki'd documentation. hmm, yes, but you can't leave a twiki lying around in the /etc directory for the next sysadmin to find 6 months later, either, and local policies may include material that shouldn't be on a public website, especially one the spiders may hit. Tho having an internal twiki, from which your corporate tech writers compose various guides... hmmm. Good to keep things, but the times when you need notes the most is when the poor beast won't or shouldn't hit the net. So you need README files too. . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From jxh at jxh.com Thu Dec 13 14:09:50 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 14:09:50 -0800 Subject: Theoretical vs Practical Knowledge In-Reply-To: <24410.1008270012@kanga.nu> References: <200112131842.fBDIgaD06000@betelgeuse.starshine.org> <24410.1008270012@kanga.nu> Message-ID: <57850000.1008281390@jxh.mirapoint.com> > I like TWiki in particular I'll second that. We rely on it heavily in my sysadmin group. Adoption across the company is happening, but more slowly. From jxh at jxh.com Thu Dec 13 14:21:31 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 14:21:31 -0800 Subject: Conference bridge idiocy Message-ID: <67310000.1008282091@jxh.mirapoint.com> I have a conference bridge where the "host" has a separate access code from the "participants", and the host code is supposed to be kept secret. Naturally, everyone sends both codes in the email announcing any meeting. Does this happen to you, too? Does anybody have a cure for it? (Short of cutting off their hands, I mean.) How about a shot at naming the root cause? I just got a piece of email from a Huge Telephone Company, from the guy who is _trying to sell me conference bridge service_, and he did this very same thing. I had the nerve to point it out to him (vendors != people, after all), and he confirmed that he's not supposed to send the host code to everyone. He _knew_, and he still did it. *sigh* -Jim, Looking at a pile of accounts-payable reports and slowly shaking his head. From tpirman at mirapoint.com Thu Dec 13 14:23:13 2001 From: tpirman at mirapoint.com (Trevor Pirman) Date: Thu, 13 Dec 2001 14:23:13 -0800 Subject: any experience with "flakeways"? Message-ID: <3C192A51.EE36AEC8@mirapoint.com> I need to set up a machine that will act as a "flakeway", the term I have heard used for an application that randomly drops packets or causes timeouts for services such as DNS and routing. I studied up on the net about this, and people talk about it, but no one offers where to find any out of the box software. Maybe they are building their own "flakeway"? What I want to do is configure a DNS server that causes requests to the server to time out. I set up ipfw on one machine to swallow all tcp and udp packets to port 53, and them made this host my DNS server. This worked for some tests I did, but not others. I need a more robust solution. Can anyone offer any advice or pointers on how to do this? Any info would be great. TIA -Trevor From berry at housebsd.org Thu Dec 13 15:07:34 2001 From: berry at housebsd.org (Sean Berry) Date: Thu, 13 Dec 2001 17:07:34 -0600 (CST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <200112132153.fBDLreq06571@betelgeuse.starshine.org> Message-ID: On Thu, 13 Dec 2001, Heather wrote: > Date: Thu, 13 Dec 2001 13:53:40 -0800 (PST) > From: Heather > To: J C Lawrence > Cc: Michael Grey , baylisa at baylisa.org > Subject: Re: Theoretical vs Practical Knowledge > > > On Thu, 13 Dec 2001 10:42:36 -0800 (PST) > > star wrote: > > > > > I find that documenting my work helps a lot, even if it's just a > > > cheap README - the me at noon is not the same me as the one who > > > hasn't had coffee yet, or the one one a good coding roll at 10 pm > > > or so, or the one trying to get something un-broken in the wee > > > hours before the madding crowd returns at 7:30 to 8 am. YMMV but > > > even wimpy docs are often better than none. > > > > Aye. I like using a WikiWiki for that sort of thing. Easy to post > > to, easy to search, keeps things tracked and organised, easy for > > others to reference and add to, etc. I like TWiki in particular for > > this sort of thing (twiki.org) as it does revision and access > > control, and installs with a base set of TWIki'd documentation. > > hmm, yes, but you can't leave a twiki lying around in the /etc directory > for the next sysadmin to find 6 months later, either, and local policies > may include material that shouldn't be on a public website, especially one > the spiders may hit. > > Tho having an internal twiki, from which your corporate tech writers compose > various guides... hmmm. Good to keep things, but the times when you need > notes the most is when the poor beast won't or shouldn't hit the net. So > you need README files too. FAQ O MATIC! There's stuff in our FOM from three and four years ago, and it'd be pretty easy to destroy if necessary. Low maintenance, built-in search. -- Sean Berry works with many flavors of UNIX, but especially Solaris/SPARC and NetBSD. His hobbies include graphics and raytracing. He drinks coke mostly. His opinions are not necessarily those of his employers. 650/281-6610 From todd at fofz.com Thu Dec 13 15:41:17 2001 From: todd at fofz.com (Todd Radermacher) Date: Thu, 13 Dec 2001 15:41:17 -0800 Subject: Conference bridge idiocy In-Reply-To: <67310000.1008282091@jxh.mirapoint.com> Message-ID: As if that's not bad enough - the codes my latest vendor provided were as follows: Participant Code: 123456 Host Code: 123456n obliviously, deducing the host code from the participant code was a trivial task - even the sales guys figured it out! :) --tr > -----Original Message----- > From: owner-baylisa at baylisa.org [mailto:owner-baylisa at baylisa.org]On > Behalf Of Jim Hickstein > Sent: Thursday, December 13, 2001 2:22 PM > To: baylisa at baylisa.org > Subject: Conference bridge idiocy > > > I have a conference bridge where the "host" has a separate access > code from > the "participants", and the host code is supposed to be kept secret. > Naturally, everyone sends both codes in the email announcing any meeting. > > Does this happen to you, too? Does anybody have a cure for it? > (Short of > cutting off their hands, I mean.) How about a shot at naming the root > cause? > > I just got a piece of email from a Huge Telephone Company, from > the guy who > is _trying to sell me conference bridge service_, and he did this > very same > thing. I had the nerve to point it out to him (vendors != people, after > all), and he confirmed that he's not supposed to send the host code to > everyone. He _knew_, and he still did it. > > *sigh* > > -Jim, > Looking at a pile of accounts-payable reports and slowly shaking his head. > From bedbug at netcom.com Thu Dec 13 16:26:54 2001 From: bedbug at netcom.com (Dave Liebreich) Date: 13 Dec 2001 16:26:54 -0800 Subject: exim/courier-imap/ldap/horde:imp In-Reply-To: "Todd Radermacher"'s message of "Thu, 13 Dec 2001 15:41:17 -0800" Message-ID: [resending from my subscribed-to account] Since everyone is so chatty . . . I'm setting up a mail server for a non-profit organization (my daughter's school), and have chosen to run the above combo on an openbsd box. Well, try to run. It's been a while since I had to do this kind of thing. Anyone have some quick recipes to get the above packages talking nicely to each other? My rationale is as follows: LDAP - easy to write simple apps to manage accounts and lists Horde:IMP - web-based mail system I've heard good things about Courier-IMAP - had to pick an IMAP server to hook up exim and IMP Exim - I need to be able to restrict mail such that the kids can only send mail to and receive mail from pre-approved addresses. Exim appears to support this better than sendmail, qmail, postfix, etc... Thanks -Dave From lanning at lanning.cc Thu Dec 13 14:10:51 2001 From: lanning at lanning.cc (Robert Hajime Lanning) Date: Thu, 13 Dec 2001 14:10:51 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <200112131230.fBDCUqn59845@bunrab.catwhisker.org> from "David Wolfskill" at Dec 13, 2001 04:30:52 AM Message-ID: <200112132210.fBDMAqw32713@lanning.cc> I would just say the the alphabet in upper and lower case. :) ls -[a-zA-z] :) ---- As written by David Wolfskill: > > >Date: Wed, 12 Dec 2001 23:28:55 -0800 > >From: Chuck Yerkes > > >Well, obviously you mount the mailq noatime and > >you set syslog to stop fsyncing (many modern syslogs > >allow this, sun's doesn't). > > Or tell syslog to go scribble on some other machine altogether (which I > believe Sun's *does* permit).... :-} > > >I have a boss now who is infamous to the people to came after > >him for "describe all the options to ls." It's an icebreaker. > >When a "sr system admin" manages to list 4 and stop then you > >know s/he's faking it. The sr. people know that it's pretty > >large. > > I think my response to that would likely be "For a complete list, `man > ls`; off the top of my head, it's going to depend on whose "ls" we're > talking about, but some usually-encountered options are ...." > > >And yeah, coming from the era of NSF funded connections, > >when I get nervous I transpose those at times. Hell, my > >film background has caused me to talk about SMPTE protocols :) > > :-} > > Cheers, > david > -- > David H. Wolfskill david at catwhisker.org > I believe it would be irresponsible (and thus, unethical) for me to advise, > recommend, or support the use of any product that is or depends on any > Microsoft product for any purpose other than personal amusement. > -- /* Robert Hajime Lanning lanning at lanning.cc ** Trade: Unix Systems Administrator (Senior level) (SAGE IV) */ #include From lanning at lanning.cc Thu Dec 13 15:11:24 2001 From: lanning at lanning.cc (Robert Hajime Lanning) Date: Thu, 13 Dec 2001 15:11:24 -0800 (PST) Subject: Conference bridge idiocy In-Reply-To: <67310000.1008282091@jxh.mirapoint.com> from "Jim Hickstein" at Dec 13, 2001 02:21:31 PM Message-ID: <200112132311.fBDNBPI00331@lanning.cc> We use AT&T's conferencing service. The person who reserves the conference is givin an email that has the participant and host codes as a confirmation letter. The person scheduling the conference will then publish both codes to the group invited to the meeting. And (this is the funny part), they add formatting and have the host code in strikethrough text. If the chair of the meeting is not the first one on the call, usualy s/he has to login as a participant, because someone else already logged in as host. If we need something done to the call (like extending it) we have to ask who logged in with the host code. It is a pain in the ***, but we just deal with it. ---- As written by Jim Hickstein: > > I have a conference bridge where the "host" has a separate access code from > the "participants", and the host code is supposed to be kept secret. > Naturally, everyone sends both codes in the email announcing any meeting. > > Does this happen to you, too? Does anybody have a cure for it? (Short of > cutting off their hands, I mean.) How about a shot at naming the root > cause? > > I just got a piece of email from a Huge Telephone Company, from the guy who > is _trying to sell me conference bridge service_, and he did this very same > thing. I had the nerve to point it out to him (vendors != people, after > all), and he confirmed that he's not supposed to send the host code to > everyone. He _knew_, and he still did it. > > *sigh* > > -Jim, > Looking at a pile of accounts-payable reports and slowly shaking his head. > -- /* Robert Hajime Lanning lanning at lanning.cc ** Trade: Unix Systems Administrator (Senior level) (SAGE IV) */ #include From david at catwhisker.org Thu Dec 13 17:19:56 2001 From: david at catwhisker.org (David Wolfskill) Date: Thu, 13 Dec 2001 17:19:56 -0800 (PST) Subject: Conference bridge idiocy In-Reply-To: <67310000.1008282091@jxh.mirapoint.com> Message-ID: <200112140119.fBE1Juv61685@bunrab.catwhisker.org> >Date: Thu, 13 Dec 2001 14:21:31 -0800 >From: Jim Hickstein >Does this happen to you, too? Does anybody have a cure for it? (Short of >cutting off their hands, I mean.) How about a shot at naming the root >cause? Telephones (as the root cause). They are evil. If you stop using them, you won't have this problem. :-} (sort of), david (does that make me a mysotelephonist?) -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From pixiebob at bigfoot.com Thu Dec 13 16:10:14 2001 From: pixiebob at bigfoot.com (Dave Liebreich) Date: 13 Dec 2001 16:10:14 -0800 Subject: exim/courier-imap/ldap/horde:imp In-Reply-To: "Todd Radermacher"'s message of "Thu, 13 Dec 2001 15:41:17 -0800" References: Message-ID: Since everyone is so chatty . . . I'm setting up a mail server for a non-profit organization (my daughter's school), and have chosen to run the above combo on an openbsd box. Well, try to run. It's been a while since I had to do this kind of thing. Anyone have some quick recipes to get the above packages talking nicely to each other? My rationale is as follows: LDAP - easy to write simple apps to manage accounts and lists Horde:IMP - web-based mail system I've heard good things about Courier-IMAP - had to pick an IMAP server to hook up exim and IMP Exim - I need to be able to restrict mail such that the kids can only send mail to and receive mail from pre-approved addresses. Exim appears to support this better than sendmail, qmail, postfix, etc... Thanks -Dave From ann at usenix.org Thu Dec 13 16:33:55 2001 From: ann at usenix.org (Ann Tsai) Date: Thu, 13 Dec 2001 16:33:55 -0800 Subject: Take the 2001 System Administrator Salary Survey Message-ID: Subject: Take the 2001 System Administrator Salary Survey Anyone who's been in the job market knows how tough it is to find information about salaries and compensation. For system administrators, the search is compounded by the varieties of tasks, talents and responsibilities required to get the job done. Now there's something you can do to fix this. SAGE, the System Administrators Guild, invites you to participate in the 2001 System Administrator Salary Survey. Take the survey online at: http://www.usenix.org/sage/jobs/salary_survey/survey This annual survey is part of SAGE's ongoing effort to advance System Administration as a profession through information and advocacy. By participating in this survey, you join thousands of system administrators in examining the market and defining compensation according to your talents, your location, and your technical prowess. Survey results will be available in early 2002. After you complete the survey, take a look at the 2000 survey results, now available at: http://www.usenix.org/sage/jobs/salary_survey/salary_survey.html Thank you for your time! The SAGE Staff From david at catwhisker.org Thu Dec 13 17:50:52 2001 From: david at catwhisker.org (David Wolfskill) Date: Thu, 13 Dec 2001 17:50:52 -0800 (PST) Subject: any experience with "flakeways"? In-Reply-To: <3C192A51.EE36AEC8@mirapoint.com> Message-ID: <200112140150.fBE1oqg61826@bunrab.catwhisker.org> >Date: Thu, 13 Dec 2001 14:23:13 -0800 >From: Trevor Pirman >I need to set up a machine that will act as a "flakeway", the term I >have heard used for an application that randomly drops packets or causes >timeouts for services such as DNS and routing. OK. >I studied up on the net about this, and people talk about it, but no one >offers where to find any out of the box software. Maybe they are >building their own "flakeway"? >What I want to do is configure a DNS server that causes requests to the >server to time out. I set up ipfw on one machine to swallow all tcp and >udp packets to port 53, and them made this host my DNS server. This >worked for some tests I did, but not others. I need a more robust >solution. >Can anyone offer any advice or pointers on how to do this? Any info >would be great. Caveat: I have not actually done certain parts of this at all, so it qualifies as "book learning" -- just to tie this in to another thread recently. :-} That said: were I tasked to do this, my first inclination would be to set up a (multi-homed, probably) FreeBSD box to accomplish it. On the box, I would set it up to use "ipfw" (a FreeBSD-specific, vs. (say) ipfilter) packet-filter. In addition (and this is where I'd be venturing in an area where I have no direct experience), I'd set up something called "dummynet". This is some code (written originally by Luigi Rizzo) that (quoting from the dummynet man page): dummynet is a system facility that permits the control of traffic going through the various network interfaces, by applying bandwidth and queue size limitations, and simulating delays and losses. Since it is fairly usual to set up ipfw rules to pay attention to protocol types & port numbers (in its role as a packet filter), and since ipfw rules are used to select packets for dummynet processing, it should be possible to do a rather good job of simulating just the kind of lossy network connection you want. (Indeed; it is my recollection that the desire to do this sort of thing was precisely the catalyst for Luigi's work in the first place.) Cheers, david (resume at http://www.catwhisker.org/~david/resume.ps) -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From star at betelgeuse.starshine.org Thu Dec 13 18:04:46 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 18:04:46 -0800 (PST) Subject: exim/courier-imap/ldap/horde:imp In-Reply-To: from Dave Liebreich at "Dec 13, 2001 04:26:54 pm" Message-ID: <200112140204.fBE24kg07330@betelgeuse.starshine.org> > [resending from my subscribed-to account] > > Since everyone is so chatty . . . > > I'm setting up a mail server for a non-profit organization (my daughter's > school), and have chosen to run the above combo on an openbsd box. > > Well, try to run. It's been a while since I had to do this kind of thing. > > Anyone have some quick recipes to get the above packages talking nicely to > each other? > > My rationale is as follows: > > LDAP - easy to write simple apps to manage accounts and lists > Horde:IMP - web-based mail system I've heard good things about I've too, though selecting a database flavor to go with it seems to be needed. I gave one potshot at it once, but our needs were too simple for it to be worthwhile, and we ended up using a simpler webmail program instead. We didn't need the calendaring, etc. > Courier-IMAP - had to pick an IMAP server to hook up exim and IMP Excellent choice, *much* faster than cyrus and wu. And wu is a "big target" - whether or not their stuff is bad, people seem to love to break it, which is annoying. > Exim - I need to be able to restrict mail such that the kids can only > send mail to and receive mail from pre-approved addresses. Exim appears to > support this better than sendmail, qmail, postfix, etc... Largely a metter of what kind of control files make you comfy; postfix can certainly do that sort of thing too; sendmail milters can do all sorts of restrictions if you like; I'd be shocked if DJB didn't think of that sort of thing in qmail - but then, I am not a big qmail fan, so I can't speak further to that one. Exim is the default MTA offered in Debian and you might see if their package for it offers any additional docs worth reading, and look at their default config files, though obviously linux binaries won't do you much good. > Thanks > -Dave . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From david at catwhisker.org Thu Dec 13 18:09:58 2001 From: david at catwhisker.org (David Wolfskill) Date: Thu, 13 Dec 2001 18:09:58 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <200112132210.fBDMAqw32713@lanning.cc> Message-ID: <200112140209.fBE29w961883@bunrab.catwhisker.org> >From: Robert Hajime Lanning >Date: Thu, 13 Dec 2001 14:10:51 -0800 (PST) >I would just say the the alphabet in upper and lower case. :) >ls -[a-zA-z] Yes, well, that would miss the -1 flag, off the top of my head.... And I suspect it would yet be overly broad. :-} >:) :-), david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From star at betelgeuse.starshine.org Thu Dec 13 18:58:04 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 18:58:04 -0800 (PST) Subject: Theoretical vs Practical Knowledge In-Reply-To: <200112132210.fBDMAqw32713@lanning.cc> from Robert Hajime Lanning at "Dec 13, 2001 02:10:51 pm" Message-ID: <200112140258.fBE2w4807519@betelgeuse.starshine.org> >> describe options to ls > I would just say the the alphabet in upper and lower case. :) > > ls -[a-zA-z] > > :) You forgot ls -1 ? That's not a description, it's a regex. There's actually still a few letters left blank, but you get a trivial pursuit piewacket in the SAGE green category if you can name them without hitting 'man ls' first. Uh, I think my answer would be more like "the natural effect of 'always adding another display feature as a command letter' syndrome." The point is to get people's reactions - people who are experienced know that asking for all the options is a trick question, people who aren't think "wax" or "-elf" is a single option. It might not even disqualify folks; it just helps pigeonhole their experience level. . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From star at betelgeuse.starshine.org Thu Dec 13 19:06:12 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 13 Dec 2001 19:06:12 -0800 (PST) Subject: Conference bridge idiocy In-Reply-To: <200112140119.fBE1Juv61685@bunrab.catwhisker.org> from David Wolfskill at "Dec 13, 2001 05:19:56 pm" Message-ID: <200112140306.fBE36CZ07553@betelgeuse.starshine.org> > >Date: Thu, 13 Dec 2001 14:21:31 -0800 > >From: Jim Hickstein > > >Does this happen to you, too? Does anybody have a cure for it? (Short of > >cutting off their hands, I mean.) How about a shot at naming the root > >cause? > > Telephones (as the root cause). They are evil. If you stop using them, > you won't have this problem. > > :-} (sort of), > david (does that make me a mysotelephonist?) That's the root cause of having conference calls, potentially idiocy but otherwise you have to replace it with IRC or something if your crew is scattered across twenty timezones. The root cause of the both-codes-at-the-same-time idiocy is that phone salespeople can barely keep things straight as it is, so the only way they have any idea that this is *your* host code is to keep it in the same file with the join code. The continuation of it is because the person responsible to be "host" usually is non-technical and *always* is busier than a beehive. So even if they know better, at the first sign of stress they forget. JimH, chopping hands off might help, but a lot of CEOs might have to show up at Wall Street gatherings handless. And it would bring a whole new purpose to hands-free telephones. Eep! Now if only you could wire the bridge so it would only accept the host code from pre-approved phones, much the way we can have DHCP assign IPs by MAC address... . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 From jxh at jxh.com Thu Dec 13 21:42:52 2001 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 13 Dec 2001 21:42:52 -0800 Subject: Conference bridge idiocy In-Reply-To: <200112140306.fBE36CZ07553@betelgeuse.starshine.org> References: <200112140306.fBE36CZ07553@betelgeuse.starshine.org> Message-ID: <114811971.1008279772@[10.9.18.6]> > Now if only you could wire the bridge so it would only accept the host > code from pre-approved phones, much the way we can have DHCP assign IPs > by MAC address... Can you say "CLID/CNID spoofing"? Plus, we neglected to pay the ~$5k to emit CLID from our PBX. (Don't ask.) From pineapp at cutter.rexx.com Fri Dec 14 13:28:48 2001 From: pineapp at cutter.rexx.com (Daniel Curry) Date: Fri, 14 Dec 2001 13:28:48 -0800 (PST) Subject: Orange security book? Message-ID: <200112142128.fBELSmp60641@cutter.rexx.com> Does anyone know where I can get hold of security "orange" book? Someone had mentioned that they maybe out of print? -- .---------------------------------------+--------------------------. | INTERNET: pineapp at rexx.com (DC436) | Daniel Curry | | DoD # 1450 | SOHC4 # 136 | | PGP : AD5A 96DC 7556 A020 B8E7 0E4D 5D5E 9BA5 C83E 8C92 | '---------------------------------------+--------------------------' From mallen at byte-me.org Fri Dec 14 14:41:45 2001 From: mallen at byte-me.org (Mark Allen) Date: Fri, 14 Dec 2001 14:41:45 -0800 Subject: Cable tags/labels summary Message-ID: <20011214144145.A27352@sephiroth.byte-me.org> I was asked to summarize the responses to my cable label/tag inquiry, so here they are: -=-BEGIN-=- One good place to start would be Hellerman Tyton (http://www.hellermann.tyton.com/). They have a wide variety of labels and tags, and you can order sample packs from their web site. -=- Radio Shack has something like this. They are yellow cable ties, with a big white flat area to write on. They are kind of expensive though. It would be great to find them in bulk. -=- Try Jameco in Belmont. I purchased some of these exact items there about a year ago. I don't like 'em much though. I've never seen a good system for labeling cables, i.e., that is easy to read, easy to label, and doesn't come off too easily. -=- I finally found them at Micro Center, in the Mercado shopping center off 101/Bowers. They're about $14 for 50 (IIRC). They even throw in a sharpie! -=- The only thing I ever saw that came close to being satifactory was due to none other than the legendary Arnold deLeon. He found (or maybe created) a supplier of Cat-5 cables with _serial numbers_ on them, the same at both ends. The numbers also encoded the length, IIRC. The physical labels I don't recall clearly. Might have been heat-shrink, or maybe akin to the 3M product consisting of a length of clear tape with a little white tab on the end: you write on the tab then wrap the clear tail over it. I used those, but they're a bear to take back off. Hence the permanent serial numbers. -=- [synopsis pre labeled cables] At my last job, we used an IDPRO printer to print these labels -- and you're right, they're not fun to take off. The printer made this remarkably easy (especially since it made serializing the labels pretty easy). -=- [synopsis pre labeled cables] They were the heat-shrink or clear tape kind, with the label under the plastic. You can do the same thing with a regular white label and some scotch tape, but that tends to wear off over time once the tape loses it's stickiness. The labels we had at Synopsys were much more permanent. IIRC those cables were also jacketed, so you could pull them backwards through a bunch of other cables without worrying about snagging the clip and ripping it off. -=- Way off topic by now, but in case it helps someone: I had occasion recently to pull a bunch of cables that did not have the "boots" to thus protect the ends. A hack that can serve in a pinch is a handy roll of adhesive tape: just wrap once around the end to protect the tab. Before sealing the end of the tape, fold it over a few mm. to make a "tab" for the adhesive tape (so you can pull it off again). -=- Fry's sells cable ties with a little tag on one end where, as you said, you can write with a Sharpie. I like them a lot because the little tag has the same width of a CAT5 cable and it is about 1" long. You have enough space to write the server name or a serial number, as Jim pointed out, your choice. The Fry's part number is 1771633. They are manifactured by: All-States Inc. 1801 W. Foster Avenue Chicago, IL 60640 I don't have a phone number, sorry. The manifacturer PLU is 1771633 (same as Fry's) -=- I have a dymo (p-touch style, not medium-hard-plastic style) labeller which I use to generate "tabs". |_ p-link 6 feet - HGS ____________ p-link 6 feet - HGS _| then I wrap the middle around the cord and seal the tape to itself. To distinguish items further I have multiple colors or can use diskette labels the same way (which are fatter, and I can write on 'em) [...] I've found that the stickiness of the dymo tape is iffy if the tape is too short, so I sometimes support it with a short strip of clear packing tape, which sticks to standard cat5, itself, and dymo-labels just fine. [...] -=- Tags suck. Tags pull out other things when you pull a cable. Shrink wrap is good. Don't label them things likes "sybase01" give it a label that's a pointer to that: 115701 which is charted to "sybase01" (in LDAP or DNS TXT records AND a wallchart in the cable room (with an expire date)). I'm a big fan of having a really lowly computer in the cable room that nobody wants to steal. 3Com Audrys or Wyse50's with w3m do beautifully for query terminals. -=- > Fry's sells cable ties with a little tag on one end where, as you said, > you can write with a Sharpie. I dislike those because they make the cables even harder to pull out of bundle. And if you cinch them down quite hard you probably pinch the jacket and break the electrical spec -- not that anyone will notice, at these speeds. -=-END-=- Thanks everyone for pointing me in the right direction. I will also add that I found a local distributor for Panduit cabling products locally, and panduit markets a line of these tags (in many different colors -- yay). I asked for a quote on these, but haven't heard anything back. I will probably poke them with a stick pretty soon. Mark -- Mark Allen -- mallen at byte-me.org -- http://www.byte-me.org/~mallen/ PGP: 0x5CDC2161 Mark Allen (Personal Key) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: From jxh at jxh.com Fri Dec 14 16:03:21 2001 From: jxh at jxh.com (Jim Hickstein) Date: Fri, 14 Dec 2001 16:03:21 -0800 Subject: Cable tags/labels summary In-Reply-To: <20011214144145.A27352@sephiroth.byte-me.org> References: <20011214144145.A27352@sephiroth.byte-me.org> Message-ID: <48300000.1008374601@jxh.mirapoint.com> > I will also add that I found a local distributor for Panduit cabling You won't be able to afford it. Panduit is quite a racket: buy the plastic for fify cents a ton, add some surface energy, and sell it for two dollars a foot. :-) I love their stuff, but it's not cheap. From rick at linuxmafia.com Fri Dec 14 16:52:43 2001 From: rick at linuxmafia.com (Rick Moen) Date: Fri, 14 Dec 2001 16:52:43 -0800 Subject: Cable tags/labels summary In-Reply-To: <20011214144145.A27352@sephiroth.byte-me.org> References: <20011214144145.A27352@sephiroth.byte-me.org> Message-ID: <20011214165239.B21738@linuxmafia.com> A poster wrote: > I was asked to summarize the responses to my cable label/tag inquiry, > so here they are: This is not a complaint, and please don't take offence, but: Did anyone else think immediately of Brad Templeton's classic "Dear Emily Postnews" piece? [...] Q: I collected replies to an article I wrote, and now it's time to summarize. What should I do? A: Simply concatenate all the articles together into a big file and post that. On Usenet, this is known as a summary. It lets people read all the replies without annoying newsreaders getting in the way. Do the same when summarizing a vote. http://www.templetons.com/brad/emily.html From windsor at warthog.com Fri Dec 14 16:53:15 2001 From: windsor at warthog.com (Rob Windsor) Date: Fri, 14 Dec 2001 18:53:15 -0600 Subject: Orange security book? In-Reply-To: Your message of "Fri, 14 Dec 2001 13:28:48 PST." <200112142128.fBELSmp60641@cutter.rexx.com> Message-ID: <200112150053.fBF0rGo01955@warthog.com> On Fri, 14 Dec 2001 13:28:48 PST, verily did Daniel Curry write: > Does anyone know where I can get hold of security > "orange" book? Someone had mentioned that they maybe out > of print? DOD 5200.28-STD, December 1985 "Department of Defense Trusted Computer System Evaluation Criteria" http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.pdf Rob++ ---------------------------------------- Internet: windsor at warthog.com __o Life: Rob at Carrollton.Texas.USA.Earth _`\<,_ (_)/ (_) The weather is here, wish you were beautiful. From david at catwhisker.org Mon Dec 17 11:49:10 2001 From: david at catwhisker.org (David Wolfskill) Date: Mon, 17 Dec 2001 11:49:10 -0800 (PST) Subject: CPSR press release re: "National ID Schemes" issued Message-ID: <200112171949.fBHJnAC39323@bunrab.catwhisker.org> Someone at CPSR (Computer Professionals for Social Responsibility) tried to send a press release entitled "Computer Experts Question National ID Schemes" to blw. Rather than approve it, I'll just mention that it exists, and those who wish to pursue the matter further may undoubtedly get more information from http://www.cpsr.org/ I elected to do this because: * Although I believe the matter is of importance, both in general and to BayLISA membership, BayLISA's purposes are not those of CPSR. (For that matter, I believe that this difference in purpose is as it should be.) * Folks (BayLISA members or not) who wish to be better-informed about CPSR activities are better served by increasing involvement with that organization, rather than increasing involvement with BayLISA (to become better-informed about CPSR, anyway). * The original target list (blw) was rather too narrow: there are many subscribers to the baylisa list who are not subscribers to blw, and who would be just as affected as blw subscribers. Cheers, david -- David H. Wolfskill david at catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. From star at betelgeuse.starshine.org Thu Dec 20 16:44:52 2001 From: star at betelgeuse.starshine.org (Heather) Date: Thu, 20 Dec 2001 16:44:52 -0800 (PST) Subject: Meeting tonight, 7:30 pm Message-ID: <200112210044.fBL0iqS01264@betelgeuse.starshine.org> Hello everybody, it's time for the Decemeber meeting of BayLISA. The topic for December is always SHORT BUT COOL ...which means, local area sysadmins tell you some of their best tricks, in perhaps a 10 to 20 minute segment, and we have a handful of these mini talks before turning off the cameras, getting generally chatty[*] [*] some verrrrry interesting tales often get told with the mike off. Just remember, you didn't hear it from us! :D ...for a while and then potentially heading off to an afterdinner. 7:30 PM We'll have some announcements, jobs offered and wanteds, and then get on to the talks. We already have a few people giving some, but if you have something of interest to your fellow sysadmins, by all means, don't be afraid to present your stuff too. Topics tonight will include: * Rack-mounting De-mystified * Hardening A Cisco Router * Using Procmail as Your Personal Secretary This is an excellent time for junior admins to come and learn some tricks from the local crowd, and get to meet people too. So invite your friends and cube-mates for a fun time at BayLISA! -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ *- From hal at deer-run.com Thu Dec 27 13:32:56 2001 From: hal at deer-run.com (Hal Pomeranz) Date: Thu, 27 Dec 2001 13:32:56 -0800 Subject: Solaris boot question Message-ID: <20011227133256.B4895@deer-run.com> I have an old Ultra1 that has a 10Mbit le0 interface on the motherboard and a 100Mbit hme0 interface on an SBUS card. I would like to jumpstart the machine off of its hme0 interface rather than the default le0. I realize that this is going to require my figuring out the device path for the hme0 interface so that I can change the devalias for the "net" boot device. Unfortunately, I have no idea how to figure out the correct device path -- i.e., the thing that looks like /sbus/ledma at e,8400010/le at e,8c00000 (which is the device path for the le0 interface). Any ideas folks? -- Hal Pomeranz, Founder/CEO Deer Run Associates hal at deer-run.com Network Connectivity and Security, Systems Management, Training From hal at deer-run.com Thu Dec 27 13:53:18 2001 From: hal at deer-run.com (Hal Pomeranz) Date: Thu, 27 Dec 2001 13:53:18 -0800 Subject: Solaris boot question In-Reply-To: <20011227133256.B4895@deer-run.com>; from hal@deer-run.com on Thu, Dec 27, 2001 at 01:32:56PM -0800 References: <20011227133256.B4895@deer-run.com> Message-ID: <20011227135318.C4895@deer-run.com> On Thu Dec 27 01:32, Hal Pomeranz wrote: > I have an old Ultra1 that has a 10Mbit le0 interface on the motherboard > and a 100Mbit hme0 interface on an SBUS card. I would like to jumpstart > the machine off of its hme0 interface rather than the default le0. > > I realize that this is going to require my figuring out the device path for > the hme0 interface so that I can change the devalias for the "net" boot > device. Unfortunately, I have no idea how to figure out the correct device > path -- i.e., the thing that looks like /sbus/ledma at e,8400010/le at e,8c00000 > (which is the device path for the le0 interface). Turns out I'm sitting next to another member of this email list (John Detke) who knew the answer-- "check the output of the dmesg command". This is the correct answer, and I'm happily booting off my hme0 interface now (aka /sbus at 1f,0/SUNW,hme at 0,8c00000). Thanks, John! --Hal From ulf at Alameda.net Thu Dec 27 15:11:14 2001 From: ulf at Alameda.net (Ulf Zimmermann) Date: Thu, 27 Dec 2001 15:11:14 -0800 Subject: Solaris boot question In-Reply-To: <20011227133256.B4895@deer-run.com>; from hal@deer-run.com on Thu, Dec 27, 2001 at 01:32:56PM -0800 References: <20011227133256.B4895@deer-run.com> Message-ID: <20011227151114.P90222@seven.alameda.net> On Thu, Dec 27, 2001 at 01:32:56PM -0800, Hal Pomeranz wrote: > I have an old Ultra1 that has a 10Mbit le0 interface on the motherboard > and a 100Mbit hme0 interface on an SBUS card. I would like to jumpstart > the machine off of its hme0 interface rather than the default le0. > > I realize that this is going to require my figuring out the device path for > the hme0 interface so that I can change the devalias for the "net" boot > device. Unfortunately, I have no idea how to figure out the correct device > path -- i.e., the thing that looks like /sbus/ledma at e,8400010/le at e,8c00000 > (which is the device path for the le0 interface). > > Any ideas folks? > > -- > Hal Pomeranz, Founder/CEO Deer Run Associates hal at deer-run.com > Network Connectivity and Security, Systems Management, Training Hmm, boot prompt: devalias should show the devices. Like on this netra t1 ac200: net2 /pci at 1f,0/pci at 1,1/network at 5,1 net /pci at 1f,0/pci at 1,1/network at c,1 Otherwise at the prompt: cd / ls ok ls f0074294 SUNW,UltraSPARC-IIe at 0,0 f0068b38 pci at 1f,0 f004fb2c virtual-memory f004f548 memory at 0,0 f002db50 aliases f002dae0 options f002d9a8 openprom f002d93c chosen f002d8cc packages ok cd pci at 1f,0 ok ls f0072c5c pci at 1 f00719c4 pci at 1,1 etc. -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204 You can find my resume at: http://seven.Alameda.net/~ulf/resume.html From jsmay at wasteofbits.com Thu Dec 27 15:32:10 2001 From: jsmay at wasteofbits.com (Jeffrey Stuart May) Date: Thu, 27 Dec 2001 15:32:10 -0800 Subject: Solaris boot question In-Reply-To: <20011227135318.C4895@deer-run.com> References: <20011227133256.B4895@deer-run.com> <20011227135318.C4895@deer-run.com> Message-ID: <20011227233210.GA9878@tragic.wasteofbits.com> On Thu, Dec 27, 2001 at 01:53:18PM -0800, Hal Pomeranz wrote: > On Thu Dec 27 01:32, Hal Pomeranz wrote: > > I have an old Ultra1 that has a 10Mbit le0 interface on the motherboard > > and a 100Mbit hme0 interface on an SBUS card. I would like to jumpstart > > the machine off of its hme0 interface rather than the default le0. > > > > I realize that this is going to require my figuring out the device path for > > the hme0 interface so that I can change the devalias for the "net" boot > > device. Unfortunately, I have no idea how to figure out the correct device > > path -- i.e., the thing that looks like /sbus/ledma at e,8400010/le at e,8c00000 > > (which is the device path for the le0 interface). > > Turns out I'm sitting next to another member of this email list (John > Detke) who knew the answer-- "check the output of the dmesg command". > This is the correct answer, and I'm happily booting off my hme0 > interface now (aka /sbus at 1f,0/SUNW,hme at 0,8c00000). Thanks, John! If you ever need to get this info from the OpenBoot PROM, instead of the OS, use the show-devs command at the "ok" prompt and vgrep for your hme card. -Stu -- ---------------------------------------------------------------------- Jeffrey Stuart May From djs at gnac.com Thu Dec 27 16:25:32 2001 From: djs at gnac.com (Dave Stuit) Date: Thu, 27 Dec 2001 16:25:32 -0800 Subject: Solaris boot question In-Reply-To: <20011227135318.C4895@deer-run.com>; from Hal Pomeranz on 27 Dec 01 13:59 PST Message-ID: <200112280025.QAA02988@tweety.main.gnac.com> You can also use "watch-net-all" at the boot rom "ok" prompt; not only does it give you the device path for each of your network interfaces, but it also shows you which interface(s) are actually seeing traffic, which might help in distinguishing among multiple interfaces of the same type. --dave On 27 Dec 01 13:59 PST, Hal Pomeranz wrote: > >Turns out I'm sitting next to another member of this email list (John >Detke) who knew the answer-- "check the output of the dmesg command". >This is the correct answer, and I'm happily booting off my hme0 >interface now (aka /sbus at 1f,0/SUNW,hme at 0,8c00000). Thanks, John! > >--Hal > From jsmay at wasteofbits.com Thu Dec 27 15:17:04 2001 From: jsmay at wasteofbits.com (Jeffrey Stuart May) Date: Thu, 27 Dec 2001 15:17:04 -0800 Subject: Solaris boot question In-Reply-To: <20011227135318.C4895@deer-run.com> References: <20011227133256.B4895@deer-run.com> <20011227135318.C4895@deer-run.com> Message-ID: <20011227231703.GA9766@tragic.wasteofbits.com> On Thu, Dec 27, 2001 at 01:53:18PM -0800, Hal Pomeranz wrote: > On Thu Dec 27 01:32, Hal Pomeranz wrote: > > I have an old Ultra1 that has a 10Mbit le0 interface on the motherboard > > and a 100Mbit hme0 interface on an SBUS card. I would like to jumpstart > > the machine off of its hme0 interface rather than the default le0. > > > > I realize that this is going to require my figuring out the device path for > > the hme0 interface so that I can change the devalias for the "net" boot > > device. Unfortunately, I have no idea how to figure out the correct device > > path -- i.e., the thing that looks like /sbus/ledma at e,8400010/le at e,8c00000 > > (which is the device path for the le0 interface). > > Turns out I'm sitting next to another member of this email list (John > Detke) who knew the answer-- "check the output of the dmesg command". > This is the correct answer, and I'm happily booting off my hme0 > interface now (aka /sbus at 1f,0/SUNW,hme at 0,8c00000). Thanks, John! If you ever need to get this info from the OpenBoot PROM, instead of the OS, use the show-devs command at the "ok" prompt and vgrep for your hme card. -Stu -- ---------------------------------------------------------------------- Jeffrey Stuart May From djs at gnac.com Thu Dec 27 19:18:26 2001 From: djs at gnac.com (Dave Stuit) Date: Thu, 27 Dec 2001 19:18:26 -0800 Subject: Solaris boot question In-Reply-To: <20011228013928.GB9878@tragic.wasteofbits.com>; from Jeffrey Stuart May on 27 Dec 01 17:40 PST Message-ID: <200112280318.TAA13600@tweety.main.gnac.com> Stu brings up a very good point. Yup, i've seen "watch-net-all" hang a machine that's not been reset, so do a "reset-all" first, and stop it while it's initializing memory, before it starts loading the OS (or set "auto-boot?" to "false" so you don't have to worry about catching it in time). Thanks, Stu! --dave On 27 Dec 01 17:40 PST, Jeffrey Stuart May wrote: > >Dave, > >I may be wrong, but I thought I remembered having a machine or two lock >up at times when using this. Have you encountered such a problem? > >-Stu > >On Thu, Dec 27, 2001 at 04:25:32PM -0800, Dave Stuit wrote: >> You can also use "watch-net-all" at the boot rom "ok" prompt; not only >> does it give you the device path for each of your network interfaces, but >> it also shows you which interface(s) are actually seeing traffic, which >> might help in distinguishing among multiple interfaces of the same type. > >-- >---------------------------------------------------------------------- >Jeffrey Stuart May > >