As a sysadmin a (hopefully) small chunk of my time is taken up laying cables and physically adding machines to the network (a desktop support person, my kingdom for a desktop support person!), while this shouldn’t be too hard most modern offices seem purpose built to drive me insane. Firstly we have the two patch ports and four plugs for six people. This forces you to invest in four / six way extension leads and a switch under each row of desks; as an aside a switch for each person with a laptop or more than one machine is a nice thing to have. Read on →

Today we have some good news, David Blunkett has quit after his dirty washing was dragged around in public. Normally I’d keep anything political away from this site but this is noteworthy as he’s the man who’s been pushing ID cards. I’m all for good security, which is one of the reasons I’m against ID cards. They add cost to the system, complexity to the people forced to use them and don’t actually provide any benefits. Read on →

One of my more infamous quotes at work is “trust me or sack me.” This is the shorter, pithier version of one of my stronger views, you should never hire people you don’t trust or have faith in. When you take on a new employee you are investing a lot of money and effort, both in initial outlay and over a period of time. If you don’t fully believe your hiring choice is the correct one then don’t make it. Read on →

TheRegister has an informative, and pretty short, article on MS NAP, a technology that should help keep networks clear of worm activity by requiring all machines to have up-to-date patching and anti-virus before the network equipment will let them play with others. Now lets gloss over the more obvious question, how do you get a machine on the network for the first time, as it’s simple, the kind of company that actually needs this will have a patch management system in place for new builds (maybe just something like MS SUS) to bootstrap the process. Read on →

I’ve done my time in the first person trenches, from Single player Wolfenstein, all the way to Halflife and its expansion packs along with a diversion into multi-player Jedi Knight 2 (If you played online I probably kicked your arse :)) and the early Doom games hold a warm place in my nostalgia but lets face it, a Doom movie was always going to be bad. The script writer, David Callahan, has made a couple of comments online, the full Doom Screenwriters open letter is available but I quite like the Penny Arcade Doom Movie Strip which summarises the article quite nicely. Read on →

Because if you have a good one you won’t realise how good they are until you get a complete doozy. A while ago i had the luck to work for a very insightful manager, lets call him Mike (his parents did). It took him about an hour to figure me out and from then on he played me masterfully, always the right amount of trust to ensure i was confident about my work but with enough challenge to both make me think about what i was doing and push me into giving more than the pay rate warranted. Read on →

In a previous post about blacklisting IP ranges used by China I stated why I feel it’s a valid approach. I think I should clarify my own actions when it comes to things like this. Any servers that are owned and admined by me alone (Bytemark Virtual machines, friends servers etc) have a number of deny rules in place to drop connections to a number of important ports (SSH, SSL etc) to reduce the attack vectors provided by the servers. Read on →

Heres my feature request for Gmail, a service I’m mostly happy with. It’d be nice if you could set up read only access to your inbox, or even designated ‘labels’ that you could limit by either assigning a password or allowing full (read) access to everyone. I pipe quite a few mailing lists into my GMail account and I’d like the ability to give certain people read access to anything labled as security. Read on →

Quite soon the Chinese government won’t have to try to censor the net. The western world will just filter off all the traffic coming from China, doing the job much more efficiently. The above quote came from a Slashdot article on China and its Relation With Spam. I don’t normally read the comments on Slashdot articles but I had a hunch some of the posts to this one would be quite extreme; SPAM is one thing that drives most geeks nuts. Read on →

Firstly I need to try and get on to the VMWare beta program instead of only reading about the neat new changes from articles like Flexbetas Inside VMWare Workstation 5.0 Beta. Secondly I’d like to get my hands on this release for two main reasons, firstly the ability to stop and start groups of machines at once would make testing certain sets of machines (webserver and database server used by it for storage) a lot nicer. Read on →