Tuesday, December 26, 2006
another script - filtering ldapsearch result in AD
#!/bin/sh
LOGFILE="addadi.log"
logdir=usermod
if [ -d $logdir ]; then
echo "Using $logdir as Log directory"
else
echo "Creating $logdir as Log directory"
mkdir $logdir
fi
echo "Script Start: `date`" >> $LOGFILE
for host in ` cat hosts ` ; do
echo "Working on host: $host Time: `date`" >> $LOGFILE
fnc_check()
{
adcount=`ldapsearch cn=$host | egrep -e 'shellLNXKeyboard|shellLNXLanguage|shellLNXTimezone|shellLNXImageName|shellLNXModelName|shellLNXBuildRelease|shellLNXHardware|shellLNXBootProto|shellLNXSiteCode|shellLNXManagedBy|shellLNXComputerType'| wc -l`
echo $adcount
if [ $adcount = 10 ] || [ $adcount = 11 ]; then
echo "$host is okay" > $logdir/$host
else
echo "$host is not okay, AD attributes not complete" > $logdir/$host
fi
}
if [ $host ]; then
#/opt/adi/sbin/compadd.py -t D -s L -o rwk $host
/opt/adi/sbin/compmod.py -e ModelName=xw $host
/opt/adi/sbin/compmod.py -e Language=enUS $host
/opt/adi/sbin/compmod.py -e Keyboard=us $host
/opt/adi/sbin/compmod.py -e TimeZone=Europe/Netw $host
/opt/adi/sbin/compmod.py -e ImageName=gl-v2.2 $host
/opt/adi/sbin/compmod.py -e BuildRelease=r22 $host
/opt/adi/sbin/compmod.py -e Hardware=sda $host
/opt/adi/sbin/compmod.py -e BootProto=dhcp $host
/opt/adi/sbin/compmod.py -e ComputerType=Desktop $host
/opt/adi/sbin/compmod.py -e SiteCode=EU-rwk-rwk $host
/opt/adi/sbin/compmod.py -e ManagedBy=AH-SE $host
fnc_check
else
echo "usage: $0 hostname"
fi
done
echo "Script End: `date`" >> $LOGFILE
phrases of the day
Impossible is not a fact. It's an opinion.
Impossible is not a declaration. It's a dare.
Impossible is potential.
Impossible is temporary.
Impossible is nothing.
Sunday, December 17, 2006
Adopt 10 good habits that improve your UNIX® command line efficiency
This article takes you step-by-step through several good, but too often neglected, techniques for command-line operations. Learn about common errors and how to overcome them, so you can learn exactly why these UNIX habits are worth picking up.
Introduction
When you use a system often, you tend to fall into set usage patterns. Sometimes, you do not start the habit of doing things in the best possible way. Sometimes, you even pick up bad practices that lead to clutter and clumsiness. One of the best ways to correct such inadequacies is to conscientiously pick up good habits that counteract them. This article suggests 10 UNIX command-line habits worth picking up -- good habits that help you break many common usage foibles and make you more productive at the command line in the process. Each habit is described in more detail following the list of good habits.
Adopt 10 good habits
Ten good habits to adopt are:
1. Make directory trees in a single swipe.
2. Change the path; do not move the archive.
3. Combine your commands with control operators.
4. Quote variables with caution.
5. Use escape sequences to manage long input.
6. Group your commands together in a list.
7. Use xargs outside of find.
8. Know when grep should do the counting -- and when it should step aside.
9. Match certain fields in output, not just lines.
10. Stop piping cats.
Make directory trees in a single swipe
Listing 1 illustrates one of the most common bad UNIX habits around: defining directory trees one at a time.
Listing 1. Example of bad habit #1: Defining directory trees individually
~ $ mkdir tmp
~ $ cd tmp
~/tmp $ mkdir a
~/tmp $ cd a
~/tmp/a $ mkdir b
~/tmp/a $ cd b
~/tmp/a/b/ $ mkdir c
~/tmp/a/b/ $ cd c
~/tmp/a/b/c $
It is so much quicker to use the -p option to mkdir and make all parent directories along with their children in a single command. But even administrators who know about this option are still caught stepping through the subdirectories as they make them on the command line. It is worth your time to conscientiously pick up the good habit:
Listing 2. Example of good habit #1: Defining directory trees with one command
~ $ mkdir -p tmp/a/b/c
You can use this option to make entire complex directory trees, which are great to use inside scripts; not just simple hierarchies. For example:
Listing 3. Another example of good habit #1: Defining complex directory trees with one command
~ $ mkdir -p project/{lib/ext,bin,src,doc/{html,info,pdf},demo/stat/a}
In the past, the only excuse to define directories individually was that your mkdir implementation did not support this option, but this is no longer true on most systems. IBM, AIX®, mkdir, GNU mkdir, and others that conform to the Single UNIX Specification now have this option.
For the few systems that still lack the capability, use the mkdirhier script (see Resources), which is a wrapper for mkdir that does the same function:
~ $ mkdirhier project/{lib/ext,bin,src,doc/{html,info,pdf},demo/stat/a}
Change the path; do not move the archive
Another bad usage pattern is moving a .tar archive file to a certain directory because it happens to be the directory you want to extract it in. You never need to do this. You can unpack any .tar archive file into any directory you like -- that is what the -C option is for. Use the -C option when unpacking an archive file to specify the directory to unpack it in:
Listing 4. Example of good habit #2: Using option -C to unpack a .tar archive file
~ $ tar xvf -C tmp/a/b/c newarc.tar.gz
Making a habit of using -C is preferable to moving the archive file to where you want to unpack it, changing to that directory, and only then extracting its contents -- especially if the archive file belongs somewhere else.
Combine your commands with control operators
You probably already know that in most shells, you can combine commands on a single command line by placing a semicolon (;) between them. The semicolon is a shell control operator, and while it is useful for stringing together multiple discrete commands on a single command line, it does not work for everything. For example, suppose you use a semicolon to combine two commands in which the proper execution of the second command depends entirely upon the successful completion of the first. If the first command does not exit as you expected, the second command still runs -- and fails. Instead, use more appropriate control operators (some are described in this article). As long as your shell supports them, they are worth getting into the habit of using them.
Run a command only if another command returns a zero exit status
Use the && control operator to combine two commands so that the second is run only if the first command returns a zero exit status. In other words, if the first command runs successfully, the second command runs. If the first command fails, the second command does not run at all. For example:
Listing 5. Example of good habit #3: Combining commands with control operators
~ $ cd tmp/a/b/c && tar xvf ~/archive.tar
In this example, the contents of the archive are extracted into the ~/tmp/a/b/c directory unless that directory does not exist. If the directory does not exist, the tar command does not run, so nothing is extracted.
Run a command only if another command returns a non-zero exit status
Similarly, the || control operator separates two commands and runs the second command only if the first command returns a non-zero exit status. In other words, if the first command is successful, the second command does not run. If the first command fails, the second command does run. This operator is often used when testing for whether a given directory exists and, if not, it creates one:
Listing 6. Another example of good habit #3: Combining commands with control operators
~ $ cd tmp/a/b/c || mkdir -p tmp/a/b/c
You can also combine the control operators described in this section. Each works on the last command run:
Listing 7. A combined example of good habit #3: Combining commands with control operators
~ $ cd tmp/a/b/c || mkdir -p tmp/a/b/c && tar xvf -C tmp/a/b/c ~/archive.tar
Quote variables with caution
Always be careful with shell expansion and variable names. It is generally a good idea to enclose variable calls in double quotation marks, unless you have a good reason not to. Similarly, if you are directly following a variable name with alphanumeric text, be sure also to enclose the variable name in square brackets ([]) to distinguish it from the surrounding text. Otherwise, the shell interprets the trailing text as part of your variable name -- and most likely returns a null value. Listing 8 provides examples of various quotation and non-quotation of variables and their effects.
Listing 8. Example of good habit #4: Quoting (and not quoting) a variable
~ $ ls tmp/
a b
~ $ VAR="tmp/*"
~ $ echo $VAR
tmp/a tmp/b
~ $ echo "$VAR"
tmp/*
~ $ echo $VARa
~ $ echo "$VARa"
~ $ echo "${VAR}a"
tmp/*a
~ $ echo ${VAR}a
tmp/a
~ $
Use escape sequences to manage long input
You have probably seen code examples in which a backslash (\) continues a long line over to the next line, and you know that most shells treat what you type over successive lines joined by a backslash as one long line. However, you might not take advantage of this function on the command line as often as you can. The backslash is especially handy if your terminal does not handle multi-line wrapping properly or when your command line is smaller than usual (such as when you have a long path on the prompt). The backslash is also useful for making sense of long input lines as you type them, as in the following example:
Listing 9. Example of good habit #5: Using a backslash for long input
~ $ cd tmp/a/b/c || \
> mkdir -p tmp/a/b/c && \
> tar xvf -C tmp/a/b/c ~/archive.tar
Alternatively, the following configuration also works:
Listing 10. Alternative example of good habit #5: Using a backslash for long input
~ $ cd tmp/a/b/c \
> || \
> mkdir -p tmp/a/b/c \
> && \
> tar xvf -C tmp/a/b/c ~/archive.tar
However you divide an input line over multiple lines, the shell always treats it as one continuous line, because it always strips out all the backslashes and extra spaces.
Note: In most shells, when you press the up arrow key, the entire multi-line entry is redrawn on a single, long input line.
Group your commands together in a list
Most shells have ways to group a set of commands together in a list so that you can pass their sum-total output down a pipeline or otherwise redirect any or all of its streams to the same place. You can generally do this by running a list of commands in a subshell or by running a list of commands in the current shell.
Run a list of commands in a subshell
Use parentheses to enclose a list of commands in a single group. Doing so runs the commands in a new subshell and allows you to redirect or otherwise collect the output of the whole, as in the following example:
Listing 11. Example of good habit #6: Running a list of commands in a subshell
~ $ ( cd tmp/a/b/c/ || mkdir -p tmp/a/b/c && \
> VAR=$PWD; cd ~; tar xvf -C $VAR archive.tar ) \
> | mailx admin -S "Archive contents"
In this example, the content of the archive is extracted in the tmp/a/b/c/ directory while the output of the grouped commands, including a list of extracted files, is mailed to the admin address.
The use of a subshell is preferable in cases when you are redefining environment variables in your list of commands and you do not want those definitions to apply to your current shell.
Run a list of commands in the current shell
Use curly braces ({}) to enclose a list of commands to run in the current shell. Make sure you include spaces between the braces and the actual commands, or the shell might not interpret the braces correctly. Also, make sure that the final command in your list ends with a semicolon, as in the following example:
Listing 12. Another example of good habit #6: Running a list of commands in the current shell
~ $ { cp ${VAR}a . && chown -R guest.guest a && \
> tar cvf newarchive.tar a; } | mailx admin -S "New archive"
Use xargs outside of find
Use the xargs tool as a filter for making good use of output culled from the find command. The general precept is that a find run provides a list of files that match some criteria. This list is passed on to xargs, which then runs some other useful command with that list of files as arguments, as in the following example:
Listing 13. Example of the classic use of the xargs tool
~ $ find some-file-criteria some-file-path | \
> xargs some-great-command-that-needs-filename-arguments
However, do not think of xargs as just a helper for find; it is one of those underutilized tools that, when you get into the habit of using it, you want to try on everything, including the following uses.
Passing a space-delimited list
In its simplest invocation, xargs is like a filter that takes as input a list (with each member on a single line). The tool puts those members on a single space-delimited line:
Listing 14. Example of output from the xargs tool
~ $ xargs
a
b
c
Control-D
a b c
~ $
You can send the output of any tool that outputs file names through xargs to get a list of arguments for some other tool that takes file names as an argument, as in the following example:
Listing 15. Example of using of the xargs tool
~/tmp $ ls -1 | xargs
December_Report.pdf README a archive.tar mkdirhier.sh
~/tmp $ ls -1 | xargs file
December_Report.pdf: PDF document, version 1.3
README: ASCII text
a: directory
archive.tar: POSIX tar archive
mkdirhier.sh: Bourne shell script text executable
~/tmp $
The xargs command is useful for more than passing file names. Use it any time you need to filter text into a single line:
Listing 16. Example of good habit #7: Using the xargs tool to filter text into a single line
~/tmp $ ls -l | xargs
-rw-r--r-- 7 joe joe 12043 Jan 27 20:36 December_Report.pdf -rw-r--r-- 1 \
root root 238 Dec 03 08:19 README drwxr-xr-x 38 joe joe 354082 Nov 02 \
16:07 a -rw-r--r-- 3 joe joe 5096 Dec 14 14:26 archive.tar -rwxr-xr-x 1 \
joe joe 3239 Sep 30 12:40 mkdirhier.sh
~/tmp $
Be cautious using xargs
Technically, a rare situation occurs in which you could get into trouble using xargs. By default, the end-of-file string is an underscore (_); if that character is sent as a single input argument, everything after it is ignored. As a precaution against this, use the -e flag, which, without arguments, turns off the end-of-file string completely.
Know when grep should do the counting -- and when it should step aside
Avoid piping a grep to wc -l in order to count the number of lines of output. The -c option to grep gives a count of lines that match the specified pattern and is generally faster than a pipe to wc, as in the following example:
Listing 17. Example of good habit #8: Counting lines with and without grep
~ $ time grep and tmp/a/longfile.txt | wc -l
2811
real 0m0.097s
user 0m0.006s
sys 0m0.032s
~ $ time grep -c and tmp/a/longfile.txt
2811
real 0m0.013s
user 0m0.006s
sys 0m0.005s
~ $
An addition to the speed factor, the -c option is also a better way to do the counting. With multiple files, grep with the -c option returns a separate count for each file, one on each line, whereas a pipe to wc gives a total count for all files combined.
However, regardless of speed considerations, this example showcases another common error to avoid. These counting methods only give counts of the number of lines containing matched patterns -- and if that is what you are looking for, that is great. But in cases where lines can have multiple instances of a particular pattern, these methods do not give you a true count of the actual number of instances matched. To count the number of instances, use wc to count, after all. First, run a grep command with the -o option, if your version supports it. This option outputs only the matched pattern, one on each line, and not the line itself. But you cannot use it in conjunction with the -c option, so use wc -l to count the lines, as in the following example:
Listing 18. Example of good habit #8: Counting pattern instances with grep
~ $ grep -o and tmp/a/longfile.txt | wc -l
3402
~ $
In this case, a call to wc is slightly faster than a second call to grep with a dummy pattern put in to match and count each line (such as grep -c).
Match certain fields in output, not just lines
A tool like awk is preferable to grep when you want to match the pattern in only a specific field in the lines of output and not just anywhere in the lines.
The following simplified example shows how to list only those files modified in December:
Listing 19. Example of bad habit #9: Using grep to find patterns in specific fields
~/tmp $ ls -l /tmp/a/b/c | grep Dec
-rw-r--r-- 7 joe joe 12043 Jan 27 20:36 December_Report.pdf
-rw-r--r-- 1 root root 238 Dec 03 08:19 README
-rw-r--r-- 3 joe joe 5096 Dec 14 14:26 archive.tar
~/tmp $
In this example, grep filters the lines, outputting all files with Dec in their modification dates as well as in their names. Therefore, a file such as December_Report.pdf is matched, even if it has not been modified since January. This probably is not what you want. To match a pattern in a particular field, it is better to use awk, where a relational operator matches the exact field, as in the following example:
Listing 20. Example of good habit #9: Using awk to find patterns in specific fields
~/tmp $ ls -l | awk '$6 == "Dec"'
-rw-r--r-- 3 joe joe 5096 Dec 14 14:26 archive.tar
-rw-r--r-- 1 root root 238 Dec 03 08:19 README
~/tmp $
See Resources for more details about how to use awk.
Stop piping cats
A basic-but-common grep usage error involves piping the output of cat to grep to search the contents of a single file. This is absolutely unnecessary and a waste of time, because tools such as grep take file names as arguments. You simply do not need to use cat in this situation at all, as in the following example:
Listing 21. Example of good and bad habit #10: Using grep with and without cat
~ $ time cat tmp/a/longfile.txt | grep and
2811
real 0m0.015s
user 0m0.003s
sys 0m0.013s
~ $ time grep and tmp/a/longfile.txt
2811
real 0m0.010s
user 0m0.006s
sys 0m0.004s
~ $
This mistake applies to many tools. Because most tools take standard input as an argument using a hyphen (-), even the argument for using cat to intersperse multiple files with stdin is often not valid. It is really only necessary to concatenate first before a pipe when you use cat with one of its several filtering options.
Conclusion: Embrace good habits
It is good to examine your command-line habits for any bad usage patterns. Bad habits slow you down and often lead to unexpected errors. This article presents 10 new habits that can help you break away from many of the most common usage errors. Picking up these good habits is a positive step toward sharpening your UNIX command-line skills.
Saturday, December 16, 2006
Wifi at KLIA ...again
Aman just arrived from Sabah , around 9pm. Before that ,Nan and I , went for dinner in food court below KLIA. Damned hungry at that time..
We started wifi around 9.15pm, Aman bought coffee for all of us ( thanks aman, you're the man ! )
luckily i brought power extension ..so that we won't having power supply problem..huhu
Tuesday, December 05, 2006
Fellowship of laptop owner - Starbucks Midvalley
Today in history
Me, Nan , Aman and Maku went to Starbucks Midvalley for 1 reason - surfing wireless internet together
Azwan brought his new laptop , HP Pavilion dv6100 and testdrive wifi connection , for the first time
This is my another unexpected event occured, before end of this year.
Before that , its pouring rain. Lucky Azwan arrived 10-20 minute before we reached here.
Bought some burgers ,caffe and fries, for all of us.
Need to set another date for another gathering. Today we are rushing for this event.
But still, we made it !
We all finished at 10.30pm later on ..huhu
p/s yet , need review for this event for next gathering
MacBookPro in da house ! - unexpected buy
huhu.. i never thought i would buy this machine (MacBook Pro) earlier.
After i got the money . i decided to buy the machine at MidValley Megamall. 3 things i never forgot .
1. Went to Apple shop with my Apple t-shirt
2. Buy the machine with my Apple t-shirt
3. Walk along with the machine, and i still wore the Apple t-shirt ..damned !
Freebies = Keyboard protector worth Rm89.90
Once i made a test drive on this machine, Nan and i ,went to Aman's house in Kuang and fetch him up.
but still , i need to explore more on this machine. IMHO , once i switch to Mac, i wont look behind. Never.
p/s i miss my bebe , again. Wish you were here
Sunday, December 03, 2006
The Cult of Mac
today ...i bought The Cult of Mac book. This book tells all about Macintosh history and the progress of Apple computer since they evolved in this industry.
Got lots lots of pics , logos and photos in this book.
http://blog.wired.com/cultofmac/
http://wiredblogs.tripod.com/cultofmac/
http://www.nostarch.com/cult_mac.htm
http://en.wikipedia.org/wiki/Cult_of_Mac
p/s still , at Starbucks KLCC . wireless and sight-seeing..huhu . just made a phone-call for Amanyus, still in MC mood .harharharhar
wi-fi at Starbucks KLCC ...
i decided to go KLCC, just to have a walk around there. Huhu, i think my last visit to KLCC , last month, with my girl.
Right now, i'm surfing the Internet at Starbucks KLCC, for the first time . The connection was cool. Excellent wifi signals. Connected thru TimeZone. Lucky i still have my old account of Time Dot Com.
Before came to KLCC, i deposited my savings into HSBC account. Just in case i forgot.
huhu...need to keep my budget my expenses. still not enough to buy MacBook Pro.
p/s i miss my bebe again
Saturday, November 18, 2006
phrases of the day
Don't break me and shut me out ...
from lyric "Take Me" , Papa Roach
Thursday, November 16, 2006
Netgear wireless broadband...installed!
never thought that i could surfing in my own bathroom !
after i came back seeing my girl , nazri and aman just installed the wireless router into our home, or what we called as garage.
Still , the router have its own web-based management. I'm not done yet with the testing ..but what from i heard, its the best wireless router we had.
my Fujitsu laptop still lagged ..need to reinstall the Window$ ..duhh!!
need to catch up with some knowledge with wireless Wi-Foo ...huhu
Sunday, November 12, 2006
testing broadband ..at my home
i have tested the internet line for the first at my my place. Overall, not bad , even my Fujitsu laptop got some lagging and intermittent, but the line still maintain.
i tested with broadband tester (http://testmy.net) and the result is between 800-900 kbps. Hehehe
However, i need to emerge my delayed-project on Gentoo.
p/s sleepy and tired...
Friday, November 10, 2006
What Not to Say at a Job Interview
2. You think this is disorganized. Wait till you see me on work projects. Neglecting to bring information required on the application, or bringing too few copies of your typo-free résumé, looks just plain careless.
3. I'd rather watch The Worst of C-Span than research your company. Bone up on recent new business the company has landed or write-ups about the firm in trade publications.
4. I expect you to provide the exact job I want on my terms -- now. Say too much about the job you want and you risk eliminating yourself.
5. I could care less -- but not much less. You don't want an awkward silence when asked if you have any questions. Speak up.
6. If you hire me, you'd better get your own résumé up to date. Come across as overly aggressive and you may scare the interviewer into rejecting you.
7. You might want to have security frisk me before I leave. Sharing confidential information about past or present employers will make the interviewer wonder if you can be trusted.
8. I think you're not playing with a full deck. If you're asked the "What are your weaknesses?" question, the interviewer wants a straight answer. Mention one noncritical area you'd like to polish.
9. I'm just going to go ahead and answer the question I wish you'd asked. Failing to answer the question that was actually posed will frustrate the interviewer.
10. I'll be a huge drain on company morale. A negative attitude regarding your current or past employers or colleagues will make your stock drop.
11. Ask not what I can do for you. What can you do for me? Asking questions about salary or benefits prior to getting a job offer is a major turnoff.
12. Why did we meet? Candidates who leave without underscoring their great interest in being hired are quickly forgotten.
How to determine if you are an engineer
How to determine if you are an engineer:
The only jokes you receive are through email (OUCH)
At Christmas, it goes without saying that you will be the one to find the burnt-out bulb in the string of Christmas lights.
Buying flowers for your girlfriend/boyfriend or spending the money to upgrade your RAM is a moral dilemma
If you find that you have to often explain how to use the gifts you have given other people.
Everyone else on the Alaskan Cruise is on deck peering at the scenery, and you are still on a personal tour of the engine room
In college, you thought Spring Break was metal fatigue failure
The Salespeople at Circuit City can't answer any of your questions
You are always late to meetings
You are at an air show and know how fast the skydivers are falling
You are next in line on death row in a French Prison and you find that the guillotine is not working properly, so you offer to fix it.
You bought your wife/husband a new CD ROM drive for her birthday
You forget to get a haircut (for 6 months!)
You can quote scenes from any Monty Python movie
You can type 70 words per minute but can't read your own handwriting
You can't write unless the paper has both horizontal and vertical lines
You comment to your wife/husband that her straight hair is nice and parallel
You go on the rides at Disneyland and sit backwards in the chairs to see how they do the special effects
You have Dilbert comics/paphanelia displayed anywhere in your work area
You have ever saved the power cord from a broken appliance
You have more friends on the internet than in real life
You have backed up your hard drive
You have never bought any new underwear or socks for yourself since you got married.
You have used coat hangars and duct tape for something other than hanging coats and taping ducts
You know what http:// stands for
You look forward to Christmas only to put together the kids' toys
You own one or more white short-sleeve dress shirts
You see a good design and still have to change it
You spent more on your calculator than you did on your wedding ring
You still own a slide rule and you know how to use it
You think a pocket protector is a fashion accessory
You think that when people around you yawn, it's because they didn't get enough sleep
You wear black socks with white tennis shoes (or vice versa)
You window shop at Radio Shack
You're in the backseat of your car, she/he is looking wistfully at the moon, and you're trying to locate a geosynchronous satellite
Your checkbook always balances
Your laptop computer costs more than your car
Your wife/husband hasn't the foggiest idea of what you do at work
Your wrist watch has more computing power than a 300 MHz pentium
You've already calculated how much you make per second
You've ever tried to repair a $5 radio
Your four basic food groups are: 1. Caffeine 2. Fat 3. Sugar 4.Chocolate
Tuesday, October 31, 2006
new script in da house..need to check first
# cat /tmp/makehome
#!/bin/ksh
#
# This script creates home directory and sets the correct permission
#
username=""
uid=""
gid=""
WCKPATH="/export/wssfs4-vol14/epw_homes"
OSSPATH="/export/nosrv02-V_S01/epw_homes"
PREFIX="/glb/home/epw_login/user_dotfiles"
read username?"Please enter username :"
read uid?"Please enter UID :"
gid=$uid
PS3="Please select user's location :"
select ch in WCK OSS
do
case $ch in
WCK )
echo "Creating home directory in $WCKPATH"
HOMEPATH=$WCKPATH
break
;;
OSS )
echo "Creating home directory in $OSSPATH"
HOMEPATH=$OSSPATH
break
esac
done
HOMEDIR=$HOMEPATH/${username}
if [ -d $HOMEDIR ]; then
echo "$HOMEDIR exists, will abort..."
exit
else
echo "Creating home directory at $HOMEDIR"
fi
mkdir ${HOMEPATH}/${username}
chmod 750 ${HOMEPATH}/${username}
chown ${uid}:${gid} ${HOMEPATH}/${username}
cp -p $PREFIX/.profile $HOMEPATH/${username}/
cp -p $PREFIX/.custom.profile $HOMEPATH/${username}/
cp -p $PREFIX/.kshrc $HOMEPATH/${username}/
cp -p $PREFIX/.custom.kshrc $HOMEPATH/${username}/
cp -p $PREFIX/.cshrc $HOMEPATH/${username}/
cp -p $PREFIX/.login $HOMEPATH/${username}/
chown ${uid}:${gid} ${HOMEPATH}/${username}/.custom.profile
chown ${uid}:${gid} ${HOMEPATH}/${username}/.custom.kshrc
chown ${uid}:${gid} ${HOMEPATH}/${username}/.cshrc
chown ${uid}:${gid} ${HOMEPATH}/${username}/.login
Prison Break ..a view from me
Monday, October 23, 2006
wrong timing ...unplanned stayback
23 oct 2006 , Monday
huhu ...i never thought that ERL service would stopped at 1:00 am. Damned!
But it's ok with me ...i'm used to be survivor in this kind of situation..Again ..i checked potential place to be connected to wireless signal ...i bought Nescafe Kopi Mocha , just to fill up my thirsty ( even i'm not thirsty..) ...huhu
i got great place to be connected to signals - level 3 ,centre ...near to Domestics Arrival . Connection strength = EXCELLENT! ... compared to the level 2 , centre ...the signal are intermittent = very good-> good -> low.
time by time ..i checked the connection ..still excellent ...i'm starting to love this place..
Next time , i must bring out my own extension for my AC adapter ..for me and Aman ...huhu...
all i need is to wait until 5:52 am , in order to get back to my place....in that time ..i just surfing , reading some stuffs and observe other potential place for wardriving ...wish my baby here with me ..
p/s waiting , wishing , hoping ...
Sunday, October 22, 2006
A test in KLIA
22 Oct 2006 , Sunday
i'm testing wireless connection in KLIA area. The results - Cool!
Access point = Unknown
speed = 11 mbps
connection strength = Good
before i blogging, i'm testing the signal for the first time , at Burger King , testing for connection to digg.com and slashdot.org, but there's too much lagging, i need to move to another location to get better signals.
i also checked for plug extension for my adapter . Luckily, i got the place, level 2 , centre.
hurmm...i'm frustrated again , regarding my gentoo on LifeBook machine. Need to budget my financial with my honey. Perhaps , i could get MacBook Pro before June 2007, insya Allah
need to check other place for potential signals . Hope Aman could join me for next session of wardriving ...
...last but not least , i need to pack up my stuff , for Eid Mubarak...Miss to see my family.
p.s miss my mucuk too, love u baby
blog adjourned....
Friday, October 20, 2006
Another day in office , same cubicle
2.working 12 hours plus , due to Hari Raya claim.
3.need to be more cautious on my duty.
4. scripts not yet executed, need full debugging ( check with ldapsearch) ... learn..learn..learn !
5.still thinking about managing my own financial ..need my girl to be my advisor, let her decide and manage my budget.
6. my project on Gentoo still adjourned. DAMNED!
7. paid water utilities Rm7.94
8.took away Aman's slipper but he need it , my bad, bro
9.still exhausted, working 12 hours yesterday ...huk²
....
escalation
devastation
generation
separation
situation
misapatient
....
p/s however, the bottleneck is ...i need MacBook Pro badly!
scripts ...clusters...sleepy
today i'm still searching some sample projects on clustering and MPI/LAM
some more , my team consultant wants me to create 1 or 2 scripts on searching strings in ldapsearch ... duhh!! Created new script ..just simple script
mynabo@amsdc1-n-s00006 # cat test2.ksh
#!/bin/ksh
#
# This script simplifies the adcat.py ADI script
# and includes some interactive element to the process
#
uid=""
gid=""
read gid?"Please User GID:"
echo ""
echo "Checking user account "
echo ""
echo " adcat -a passwd | grep $gid "
/opt/adi/bin/adcat.py -a passwd | grep $gid
echo ""
echo "Checking user group"
echo " adcat -a group | grep $gid "
/opt/adi/bin/adcat.py -a group | grep $gid
print " Bye Bye ! "
print " \|/ "
print " (*V*)"
print "_V___V_"
choice="no"
yesterday evening , Roxanne Hall gave presentation ( but i'm not selected for that meeting , senior only ,haha ) , on Redwood machine ( a trusted host ) ,
one of complex machine i ever saw. To be truth, i'm still learning about the cadmin thingy and archs in Redwood. Finally, it was amazing !
got to check on ksh script or shell script , need to brush up more on those stuff
p/s me ..still sleepy
Thursday, October 19, 2006
A Days at my cubicle
- logging to Window$ desktop
- checking my OutLook mail
- logging to UNIX/LINUX machine ( connected to Citrix and AD LINUX ) - uptime and CPU utilization.
- updating http://del.icio.us/kevler
- reading slashdot and digg
- reading forum
- reading some stuff on HP/UX and Sun Solaris ( i got short memory )
- debugging korn Shell script ( headache!!)
Wednesday, October 18, 2006
Prison Break OST
01 - Prison Break - Opening Theme
02 - Papa Roach - Take Me
03 - This Is War
04 - Aerosmith - Sweet Emotion
05 - Styles of Beyond - Nine Thou [Superstars Remix]
06 - Tito and Tarantula - After Dark
07 - A Perfect Circle - The Outsider
08 - Black Toast Music - Willing To Die
09 - Neneh Cherry - Buffalo Stance
10 - Shoji Meguro - Prison Break
11 - Emery - Studying Poitics
12 - X-Ray Dog - Here Comes The King
13 - Faf la Rage - Pas le Temps [Generique Fr]
14 - Alexi Murdoch - Orange Sky
15 - Massive Attack - Teardrop
16 - Johnny Cash - The Mercy Seat
17 - Ferry Corsten & Ramin Djawadi - Main Theme [Extended Version]
good OST for me, various songs within this album .
p/s gave aman the URL of this OST , sure he "teruja"
Tuesday, October 17, 2006
Top 29 Things To Do When Your ISP Is Down
2 Re-introduce yourself to your immediate family.
3 You mean there's something else to do?
4 Get that kidney transplant you've been putting off.
5 Find a better ISP
6 play single player mode
7 Steal WiFi from your Neighbor
8 Run in circles, screaming hysterically about the end of the world.
9 Slit your wrists with broken AOL trial disks
10 Write your lists on paper
11 Come up with new List ideas for when it's back up.
12 Cry
13 Go through your web cache to see if you missed anything.
14 Masturbate the old fashioned way, with Playboy.
15 Panic!
16 take a shower and scrape off mould / fern from body
17 try dialing in every 10 minutes, just in case its back up
18 Wipe useless stuff off hard disk to make room for new porn when the ISP is back
19 Pray to the Dark Gods that it will be fixed
20 Buy a cow, and start a farmers life
21 Cry (like a little girl)
22 Get-away-from-computer
23 Kill google! *throws chair*
24 kill yourself
25 run around in circles muttering "the end is near" and "I'm not crazy"
26 Two words: sponge bath.
27 Dial 911 immediately.
28 Work.
29 Threaten your ISP with an impeachment vote.
p/s source : http://digg.com/programming/Top_29_Things_to_do_When_Your_ISP_is_Down
Wednesday, January 25, 2006
How to get a job with pen-testing team.
It’s cold and gloomy outdoors. I’m feeling pretty faded (errr, jaded) right about now. I’m sure all you corporate hangers-on have seen the Big-whatever companies come in with their pen-testing or audit teams. Some of them call themselves pen-testing, some Tiger, some white-hat hacker, whatever. They should just state that they are inept p0sers. But, that gets me thinking (on just such a day) what it would take to get hired at one of these Big-whatever companies. So, without further adieu:
Rule 1 - You can’t run Windows. Seriously, don’t even consider showing up to a Con|interview|class|etc with Windows. Even if you have to run a CD distro, or OpenBSD at runlevel 3, you must do it. You will be scoffed at and not taken seriously with a Windows machine. For bonus points, put con stickers or anti-microsoft stickers on the laptop. You get extra bonus points if you’re running a MAC. Just pull up Safari and browse over to slashdot. Yeah, you’re rolling hardcore now.
Rule 2 - You must have complete and utter disdain for any authority figure. You’re the rebel - the misunderstood creative genius. Act the part.
Rule 3 - You must be a coder of some sort (’Hello world’ is sufficient). Ruby and Python are pretty cool right now. C is an old standard and always well respected. If you’re running one of those GUI APIs that really makes things much easier, STOP. It’s not cool. gcc or death.
Rule 4 - You’ll have to be a Goth, punk, or (less bonus points) a long-hair. You must dress and look the part. Yes, Dave Aitel showed up to Defcon wearing a shirt and tie…but, hey, he’s Dave. If you’re not Dave, you have to look like a meth junkie, sorry. There *are* bonus points for piercings and tattoos.
Rule 5 - On some elite mailing list, you must have gotten a wink (both ‘;)’ and ‘;-)’ are acceptable) from some security guru. !wink == !cool (incidentally, I just satisfied rule 3 - Go me!)
Rule 6 - You must have a ‘Niche skill’. Not only must you have the niche skill, you must talk about it a LOT. Certain skills are worth more than others, so I’ll do a quick rundown on which skills generate the most bonus points. If it’s not on this list, then it’s worth negative points and you should avoid it at all cost.
Reversing - Crank up IDA Pro, put on that “I’m so busy doing really, really important reversing that you dare not ask me any questions” look and watch those bonus points ROLL IN!
Writing exploits or shellcode - Still very cool. Try to be seen with either a .s file open (use vi editor, don’t make the mistake of using emacs or pico or, G-d forbid, a GUI editor) or gdb. In a crunch, you can have a .c file open, but don’t make it a habit. You’ll need to work on that “don’t bother me look”, lest someone ask you wtf you’re doing.
Fuzzing - Do NOT tell anyone that you use a commercial or open-source fuzzer. That’s like -500 bonus points. No, my friend, you write your own fuzzers. “Yeah, cuz like, SPIKE wasn’t doing enough pairwise-relationships between parameters so I had to like, write my own fuzzer that took advantage of like binary relations across multiple fields and stuff and like, I’d explain it to you but it’s really complicated and like …” ad infinitum.
TCP/IP Ninja - Really low on the spectrum. It used to be really cool but now, unless your name is Kaminsky, you’re not really getting much spin with this one. Maybe when people figure out that there are still bugs to be found at layers 2,3, and 4 of the stack this will get some rejuvenation…but, until then, I don’t recommend this one.
Rule 7 - You must be the project owner of some arbitrary project… Have some pet project that you supposedly work on all hours of the night. Send out emails at all hours of the night (use cron if you have to) telling your boss that you have a great idea for some cool new reversing/fuzzing/exploiting-shellcode_generating-morphing-inline-tcp-ip-ninja-death-ray machine that you are working on. If they ever ask to see a working demo, take the coders moral high road (i.e. make up some reason why you are so elite that you dare not try the tool until you’ve tweaked out some bugs…or whatever)
Rule 8 - Coherent statements are not for you. That’s right, even if you have to go back and add in typos, do it. I should probably give a few examples.
Bad email - Good evening Mister Jones, I was just working on my project for that Death Ray auto-pen-testing machine and wondered if you had any feedback regarding how we would handle shellcode delivery across SCADA or process control networks. Further, as I am putting in so much time with this project, I may need to be a little late tomorrow morning.
Good email - hey. so, im rewrking the shellcode delivrey mechanism for teh scada and pc networks and if you had anyhthing to add before I commit thes to CVS then can you shoot me an email. I might be in late tomorrow depeending on how son I get thes bugs worked out.
That’s about it. Good luck, I’m sure I’ll be seeing you soon.
!Dmitry
Saturday, January 07, 2006
10 things you should know about every Linux installation
Linux is not Windows, and although there are some similarities, you must realize that there may be a few "new ways of doing things" to learn before you can be comfortable in Linux. Linux is an open-source clone of UNIX, a secure operating system (OS) that predates DOS and Windows and is designed for multiple users. The items in the following list generally apply to any UNIX-based *nix system, such as Linux and the various BSD's. For the purposes of this article, assume that it's all Linux.
Here are the 10 things to know
Editor's note: As part of a recent IT Soapboxblog post I asked Linux users and evangelists in the TechRepublic community to step up to the plate and take a crack at producing some informative articles and downloads on the Linux operating system. This document is just one of the submissions inspired by that challenge. Just click the Linux challenge tag to track other published submissions stemming from this grass roots project.
1. File hierarchy
Unlike some other OS's that have a file tree for each drive, the Linux file system is one big tree. At the top you have / (Root) and every folder, file, and drive branches off of this Root.
For example, say that you have two hard drives (named a and b), one floppy drive, and one CD-ROM. Let's say that the first hard drive has two partitions (named a1 and a2). In Windows, it would look like this:
+ hard drive a, partition one (hda1): C Drive
+ hda2: D Drive
+ hdb1: E Drive
+ floppy: A drive
+ CD-ROM: F Drive
In Linux, you have one file system, not the five listed in the Windows example. Each drive is mounted onto the tree and acts just like a folder. The drives could be placed like this:
+ hda1: / (our Root)
+ hda2: /home
+ hdb1: /home/user/music
+ floppy: /mnt/floppy
+ CD-ROM: /mnt/cdrom
Our D Drive and E Drive are attached within our C Drive and there is no need to go to the top to switch drives; the switching happens seamlessly as we move from one folder to another. The same is true with our Floppy and CD-ROM: they are just attached under /mnt as part of the one file system. These drives, in reality, can be attached almost anywhere in a Linux system, depending on how the installation (or user) set up the /etc/fstab file, which tells the computer where things get attached and how to handle them. See Figure A.
File structure
2. Modular system
Think about the guts of Windows XP, Win2k, Win98, Win95, and Apple OS X. Each has different components inside and a different graphical look. What if you wanted the Media Player in XP, the File Manager in 98, the stability of Win2k, and the look of OS X all in one unit? In Linux, each aspect of the system is independent, so you can mix and match parts to make your very own Frankenstein OS. You can choose from a variety of programs to run as your firewall, another to play media, yet another to run your File Manager.
Unlike the "tower" OS's from Microsoft, where everything is interconnected and depends on each aspect of the system, the Linux OS is spread out like a Market: everything works together for the common good, but vendors (independent parts of the OS) can be excluded, and the OS will still function. Don't want a Media Player or File Manager? Take it out! Your OS will not fall like a broken tower.
This modularity is the reason for so many distributions of Linux (commonly called distros); any person or company can mix and match the programs they find most useful and slap a name on that collection. RedHat, Xandros, SimplyMEPIS, and Suse are all examples of distros.
Some of the larger distros have copycats that use their settings, but change the included programs. This is the Linux way, and the mix-and-match approach gives users more choice in the long run. DistroWatch.com currently lists over 350 distributions of Linux. Many on the list are specialized to serve a specific group of people, but all can be altered to run the same programs.
Because programs are interchangeable, the Graphical User Interface (GUI) is no exception. GUI's give you the look and feel of a modern OS with the mouse, program icons, menus, etc. Any Linux system (well, one that is running on a real computer, not a phone) can run one of many different GUI's, just like it can run many web browsers or different email client programs.
Want your system to look like Windows? Use FVWM with the XP theme. Want it to be fast? Try IceWM. Want it to be more "full featured"?; try GNOME or KDE. All of these GUI's have benefits and drawbacks, but they all present the user with an interface that can be manipulated with a mouse. Although this may result in every Linux screen looking different, all of the GUI's are still doing the same behind-the-scenes work for you; just use your eyes and often it is not hard at all.
3. Hardware, software, and everything in between
Linux has come a long way in the few short years of its existence. It is less than half the age of Microsoft Windows, and yet it is more powerful, more stable, less resource-hungry, and graphically equal (if not superior) to this costly, buggy OS from Redmond.
One thing that Linux doesn't yet have going for it is vendor support. If you really like Intuit's QuickBooks, for example, you cannot natively run it in Linux. There are projects to make Windows programs run in Linux, such as CrossOver Office and Wine, but these work with varying success, depending on the Windows program. Until software companies decide to port their programs to Linux, you will not be able to run them natively.
Not all is lost, however. Open Source software has upward of 15,000 of programs that run natively in Linux. Because these programs are (usually) free of charge, they vary in quality, but the majority of programs are wonderfully written and constantly improved. These programs can import and export non-native file types as well. GNUCash can read those Quickbooks files just fine, and OpenOffice.org can read MSWord *.doc files. If you dislike GNUCash, don't despair. There are other similar programs also available for free, and more and more software companies are releasing Linux versions of their software.
These same issues apply to hardware. Just as you cannot expect just any piece of hardware off the shelf to work with an Apple computer, the same can be said for Linux machines. Most standard hardware works perfectly; hard drives, RAM, flash drives, motherboards, NIC's, and digital cameras usually have little trouble under Linux. Newer, cutting edge hardware is a different story. Until hardware vendors choose to support Linux, the drivers needed to work these pieces of hardware must be written by the Linux community for free and in the community members' spare time.
Therefore, there is a lag behind Windows support since hardware companies often work directly with Microsoft to ensure compatibility, and tend to let Linux volunteers figure out the Linux hardware support on their own. Laptops are notorious for their non-standard hardware; it can be a challenge to map special keys in Linux. The good news here is that vendor support for Linux hardware, like software, is changing for the better as more and more companies see their future in Linux.
Everything in between the hardware and the software in a Linux machine is the kernel. This kernel is what connects the hardware to the software, and an updated kernel is made available via Internet every few weeks; the most current is 2.6.14. If you have hardware that isn't currently supported, there is a chance that a newer kernel could help you out. Installing this kernel yourself isn't always easy, however; that's where Package Managers come into play.
4. Package Managers - Program installation made easy(er)
There are many ways to install programs in Linux, but the easiest is with your distribution's Package Manager (PM). The PM makes sure that any missing files (called dependencies) are also installed so the program runs correctly. Choosing a distribution often comes down to which type of PM you like, but any Linux software can be installed on different distributions if you can find the corresponding Package.
These PM's usually have an on-line repository for their programs. Installing an application is as easy as searching through the program repository and clicking Install. Can't find IceWM or MPlayer in your Package Manager's list? There is always a way to add a new on-line repository that will have what you are looking for. Some examples of Package Managers include Synaptic (based on dpkg and Apt) for Debian (and derivatives); Yum for RedHat (and derivatives); YaST2 for SuSE (and derivatives); and Emerge for Gentoo.
5. Permissions
Linux is designed to have multiple users, and these users fall into groups. Every user has permissions to read, write, or execute (R/W/X) their own files, and permission to change those permissions. Because Linux is designed for multiple users, each user has their own password and may restrict access to their files. These are called User Permissions.
Each user belongs to one or more groups, and a user can set their file/folder permissions so that others in the group can read but not write the files, or any other combination of R/W/X. These are Group permissions. For example, Joe and Susan are both in Accounting. They can allow the Accounting group access to each other's files, but they can restrict that access from those in the Sales group.
The Others permissions can allow or deny access to these files for anyone outside the Group. These permissions are for the safety of the overall system, as well as for each user's data. Most home users are fine to leave the default permissions alone on their files. (See Figure B)
Permissions
The Root user (not to be confused with the / Root of a file system), as the Administrator, has rights to all files and is the only user who can alter system-wide settings. The Root user has their own password, which is used for system maintenance. This distinction prevents a regular user from installing harmful spy ware on the system or deleting important files.
6. Home directory
Windows has My Documents, but where do you put files that aren't documents? Usually on the Windows Desktop! Linux can clutter the desktop too, but each of our users also has a Home directory, usually located at /home/user. Within that Home directory you often have Documents (/home/user/documents), program links, music (/home/user/Music), or whatever we want. We can create files and folders here, and organize or disorganize them as much as we want, just like it was our own personal Home. Depending on how our permissions are set, we can allow or prevent any other user access to these files (except the Root user).
7. Default installation differences
There are a few differences between Linux distributions, such as where some files are kept or what some of the default programs are named. Just knowing that the file system might be a bit different between RedHat and SuSE is a great start. Most users don't need to know what those differences are, but they should be aware that the internal file systems can be a bit different. When asking for help, make sure to let others know which distribution you are running. If you don't have troubles in your system or don't care to set up complex behind-the-scenes operations, don't worry too much about this.
8. CLI, or "how to run"
From the Start-type menu, the xterm program (also called Console) brings you to a Terminal, which looks a bit like a DOS window, but it actually predates and out-powers DOS. This is the Command Line Interface (CLI), the origin of our favorite OS which is present in every Linux distribution. We won't get into the finer details, which can fill books, but the CLI a powerful tool often needed to troubleshoot your computer. If you ask for help on the Internet and someone asks you to run lspci, they want you to start xterm, type lspci, hit enter, and then provide the screen's response.
When you start an xterm, you are your regular user-self with limited powers. To get into Root User mode (see Permissions above) in an xterm, type su [enter], then type the Root password [enter]. Now you have a lot of power so be nice. The Root user can destroy anyone's data, including the system files needed to run Linux. To leave an xterm or su mode, type exit [enter].
9. Ctrl-alt-escape
Clicking the ctrl-alt-escape key combination changes your mouse into an X, skull-and-crossbones, or some other sinister mouse-cursor. In this mode, clicking on a misbehaving or frozen application will kill it. It is similar to the End Process in Windows Task Manager, but use with care. If you don't want to kill anything, use the Esc key to back out of kill mode. Clicking on the wrong program (including the desktop GUI) can cause a serious headache.
10. The Internet is your friend!
Many distros have a User's Forum where questions, answers, and tips are passed around. LinuxQuestions.org is a great site for overall Linux knowledge and help. Remember, before posting questions on any forum, research your questions (both at LQ and on Google) to avoid asking about an issue that may already be solved. Also, check the age of any solution that you find, as old answers may no longer apply to this fast-changing world of Open Source software. When asking a question, be sure to include as much (applicable) information as you can about your system, such as:
* The processor type (Intel or AMD or Apple PPC?)
* Your distribution (SuSE? Debian?)
* The program with which you're having trouble, and
* Any other relevant information.
Keep an open mind
Linux and open-source software have made leaps and bounds in the last few years, but for users coming from the closed world of Windows, the internal workings of Linux may seem foreign. An open mind and a willingness to share knowledge helps the Linux community grow, and we welcome you to our ranks.
Wednesday, January 04, 2006
10 New Year's resolutions for net admins
As 2005 rolls to a close, many IT professionals are deciding what to make a priority in 2006—as well as what to relegate to another burner because the back burner is still full.
Develop security strategies for enterprise wireless networking
Our reluctance to embrace WLANs isn't going to make the issue go away. Now's the time to develop the protections at software and authentication levels, treating the office wireless network like the Internet from the security point of view.
IT professionals, users, and everyone in between can benefit from the wireless workplace. However, we need to accept that yes, our office now extends to Panera Bread. Our task is what can we do to make it secure?
Put a moratorium on buzzwords and phrases
I dread hearing buzzwords and overused phrases as much as any of you. Here are my top three:
What can we do to move forward? How many times have you had meetings that involved too many nontechnical people and that concluded with this statement, which lead to another meeting, which lead to the same conclusion… but yet brought no results?
We don’t have the bandwidth for … Sorry to hear that. I guess this isn’t us asking for such resources, but us telling you that we need such bandwidth. Whether it be staff resources, computing horsepower, or a fat pipe on the LAN, if the case and need are presented well, we need that bandwidth.
There needs to be some accountability… This is the worst. What's funny is that the people (management) who use this term don’t really exact any accountability. It’s a word that's more visible in the early stages of a project. However, it mysteriously stops popping up later on—even when results warrant some accountability!
Make a decision on leasing vs. purchasing IT equipment
Many organizations have blanket rules to lease or purchase IT equipment. A better approach may be a standard set of criteria that's applied to systems during planning to determine their scenario. Consider making a provisioning chart that will help determine whether a system is a candidate for leasing or direct purchase. This will lay forth specific criteria that, depending on your IT climate, will more clearly identify candidates for leasing. Here's a sample system provisioning chart to determine whether a lease is appropriate:
Of course, there are always many factors (like price and money!) that will influence how assets are procured. But a planned implementation with the end in mind (such as a lease return) can simplify the ongoing support of systems, especially as they become more complex.
Avoid 5eCuR1TY & P@sSW0rD Ov3Rk1!!
What's worse than working with your own security requirements? Easy: It's dealing with another party that has security requirements at your level or higher. Sure we’ve got to be secure, but how many times has security locked out an authorized party? I’ve had it happen to mission-critical systems for silly things like a MAC address not authorized to participate on a network (in the case where a secondary system has a different MAC address).
Or how about this complex password requirement: 10 characters, including five special characters and mixed case for the remnants, and use of numbers. The password is: 8$4rR#Z@! . Don’t bother counting, it is that way by design. (Yes, there is a space at the end of the password.) That was fun to troubleshoot after it was assigned.
Really, wouldn’t investments in brute force detection, lowered bad password thresholds, and automated password reset utilities be worthwhile?
Take a stand against the off-brand!
How much time have you spent working with inferior equipment? It can be viewed as pennywise and pound foolish to skimp on the equipment dollars. Using top-tier quality, branded equipment provides a superior support channel for drivers, issues, and spare parts. This applies to servers, networking equipment, PDAs, mobile phones, and even cables and tools.
Great efficiencies can be made by consolidating vendors of equipment (more on that later) as well as gaining a professional appearance by having the equipment represent an extension of the service provided by the technology. Besides, if the equipment fails, this is too easy a point to get burned on.
Make sure you know what you're getting for the money
Price is always important, but remember to consider what you get. For example, on the server platform, analyze items like standard warranties as well as price-per-Gigahertz or -Gigabyte. Of course, we are all dealing with shrinking budgets as well as increased service responsibilities, so price is definitely a factor that will not go away. Sure, an easy solution is to buy up and overprovision systems at the start—but that goes too far. A delicate balance needs to be met.
Recognize that it's time to retire NT
You would be surprised how many installations still have Windows NT Server 4.0 systems running vendor -provided mission-critical applications, legacy Windows domain controllers, and government systems. Some organizations still have it as the standard.
Core support for NT has stopped, and driver support is soon to follow on server-class systems. You can live without service packs—but not drivers.
Reap the benefits of platform standardization
Let’s all take a page from the Southwest Airlines playbook as a good example of how to keep overhead low. By having all equipment, operating systems, and software versions standardized, you'll realize savings. For example, consider the small to midsize enterprise that has a single server platform. This greatly enhances the internal support options. With a single server platform, you can:
• More quickly build a server (standardized process)
• Maintain fewer spare parts or systems (less unused inventory)
• Reduce staff training knowledge requirements (less training expenses)
• Build a higher competency on the standardized platform (better service)
• Manage fewer baseline images, if used (less storage requirements)
For software title and version standardization, a big expense in compatibility testing is reduced to a single instance. Having lower overhead without compromising the result of the IT server is achievable for many organizations. It may be difficult to migrate to a standardized environment across the board (notebook, desktop, server, operating system, productivity suite, etc.), but the long-term benefits are habits of successful organizations. Even if a system is "over-provisioned" to meet the standard, that may be better than an array of oddball systems in the enterprise.
Just say No!
Is it that tough? Well, sometimes it is. The common plight of the IT professional: Here is the functionality, now make it happen. And of course you don’t get any more resources (money).
When using the No! card, be sure to cite business rules, fundamental standards, resource requirements, or other major obstacles to substantiate your decisions. It's difficult to judge when to pull the No! card. IT should use it if they simply can’t do what's requested. The easy answer is to outsource it or contract some help for the task, but even that can warrant the No! card. There's no “Easy Button” in IT, but the No! card can be fun.
Address ownership roles
One of the biggest issues that arises in IT is ownership, specifically for an entire system that has shared use with vendors and many internal departments. For example, take a vendor-provided system that interfaces with operations and IT. Does the vendor own it? Does operations? Does IT? It is mission critical, but no one wants to touch it—at least not when there is an issue.
When systems are incepted, there should be a clear chain of command. IT doesn’t generally want to deal with operational topics, operations doesn’t want to (and usually can’t) deal with IT topics, and the vendor gets frustrated with all the IT groups and operational differences for a system. It's a good investment to get premium support from vendor-provided systems. This keeps IT groups in the best position by having their infrastructure and security topics met, operations dealing with the vendor for support, and the vendor having ultimate ownership of the system—especially if there is an issue! One less fire to deal with.
Tuesday, January 03, 2006
Third of January, 2006
Fear is the path to the dark side.
Fear leads to anger.
Anger leads to hate.
Hate leads to suffering.
today ..i miss somebody ...but she didn't contact me at all ..huhu
but i believe ..patience is all i have ..and being patience is a bless ..but there's limit for it ...
Sunday, January 01, 2006
laws of geek
so, you want to be an elite hacker, huh? why not? geeks are a very interesting specimen. the following are what i believe to be ten of the most popular geek laws, un-written laws, mind you (until now).
i. thou shalt not syn (synchronize), only ack (acknowledge).
geeks are typically known as quiet, reserved people. therefore the first step to becoming a geek is to stfu (shut the f--- up) and start paying attention.
ii. thou shalt have seen the movie "hackers" and knoweth it well.
i have never met a geek in my life that hasn't seen this movie. it's quite an exaggeration on real life, but is a classic none the less. it is not uncommon to hear quotes from this movie in everyday geek conversation.
iii. thou shalt rtfm (read the f---ing manual) before asking questions.
nothing is more annoying than someone who just wants the solution to a problem when the answer can be located in the most obvious place. always attempt to learn for yourself. show a little effort.
iv. thou shalt help guide those who seek answers, so long as they have complied with law three.
with respect to the open-source state of mind, always share information with those who are curious; don't hide it.
v. thou shalt not discriminate against nationality, skin color, sex, age, mental hindrances, physical flaws, sexual preferences, religious beliefs, personal taste in appearance, or music (w/ the exception of metallica).
discriminating against anything other than someone's annoying personality is simply ignorant. the band metallica is known amongst geeks for their dispute against napster, a file sharing program allowing you to download and freely share music. as far as i am concerned, music was meant to be free. i can understand having people pay to be entertained at a live concert or for merchandise, but people have always been sharing music (they always will) and trying to stop them now just because "everyone" is doing it is pretty arrogant. i don't care how passionate you are, it's not a job; it is a form of expression. i'm sure there are a lot of musicians/radio stations out there who will disagree with me and you're welcome to your own opinion on this. just don't be surprised if you're looked down upon for liking or even listening to bands that share your opinion, especially metallica.
vi. thou shalt not place thyself above thine fellow geeks within the geek chain; thou canst only lower thyself. only via election canst thy rank be promoted, and thou art otherwise equal.
nobody likes a cocky individual, and geeks are very respectful to one another regarding this issue. always realize that there is someone out there who is smarter than you. once u reach a certain level of education, other geeks will naturally grow more respectful of you, as if they instinctively sense ur a valuable resource.
vii. with respect to the sixth law, thou mayeth challenge the credibility of any self-proclaimed geek, and so mayeth thou invoke the power of the sixth law to deduct geek points from anyone who questions basic geek knowledge.
a lot of people call themselves a hacker when they're not, such as script-kiddies. there is no harm in a friendly duel to see whether or not someone is full of bs (bull sh--). losing geek points, for the record, does not make you more of a geek; it is not a good thing.
viii. thou shalt treat all computers as thou wouldst treat thyself, for thou art the creator of thine own problems.
hey, it is not your computer's fault that you made it run crappy. get with it or get off it. you certainly don't want to trade your every keystroke over to a geek to fix it for you, do you?
ix. thou shalt help to preserve history, ensure the protection of thine individual rights, and keep information free.
this also has to do with the open-source state of mind and the freedom of information. history (and the truth) is as important as much as it can be boring. at archive.org you can actually look up websites that don't exist anymore, kind of like a digital library. it is a very useful geek tool, especially for web developers who forgot to make a backup of their data before neglecting to pay their hosting bill.
x. thou shalt refrain from using thine geek powers for malicious purposes unless upon thyself, within a tolerated environment, or to fend off malicious invasions.
hackers are like jedis, crackers are like the sith: do not fall prey to the dark side. if you have no idea what i'm talking about, go watch the star wars movies.
there are many other laws which you will come to learn over time, but the preceding each deserves special notice.
New Year 2006
insya Allah ..i will try to strive for more ...more than previous year i did before ..
so many things i did in year 2005...huhu
frankly speaking ..i'm not a great guy ..but i will try and try and try, to achieve my vision, mission and excel.
thanks for your support, guys ..including ppl which is not stated here
Nan
Azwan
Amri
Amanyus
Rohanie
Aku_min
cik yan
Pisang
Nazri