• Home
• About
• Contact
• Applied Trust

The Barking Seal

• Don’t Forget to Vote to Bring Google Fiber to Boulder by March 21!

  18Mar
  Author: beth Categories: Infrastructure, Ramblings Comments: 0

  In case you haven’t heard, Google is offering to build an experimental network in a community with speeds up to 100 times faster than current Internet speeds, and at an affordable price.  This new network is expected to radically change how communities access information and interact with the world.

  Boulder is one of many communities vying to be the lucky recipient of this experimental network. As a city known for its smart people, progressive policies, and high tech companies, we are a great fit for a project like this. To capitalize on this, the City has stepped up efforts to get as many people as possible to vote, both by setting up a fan page on Facebook and by declaring this weekend “Boulder Fiber Weekend.”  Although nominations are being accepted until March 26, the City is hoping to have everyone vote before midnight on March 21.

  This is an awesome opportunity for us to bring in more jobs, boost our local economy, and enhance communications across all sectors of our community. And, of course, having lightning-fast Internet speeds would be pretty sweet, too. So, what are you waiting for? Vote now!!

  

  
  Tags: boulder, fiber, Google

• Enlightening the Confused Deputy

  09Mar
  Author: zack Categories: Infrastructure, Security Comments: 0

  
  One of the most interesting (in other words, “dangerous”) vulnerabilities that almost every existing web application falls victim to is cross-site request forgery (CSRF – “sea-surf”). CSRF is a type of malicious attack vector whereby unauthorized commands are transmitted from a user that the website trusts. It is an example of the confused deputy problem. This is different than the widely-known cross-site scripting (XSS) in that CSRF exploits the trust that a site has in the user’s browser, and XSS exploits the trust a user has for a particular web site.

  Read more »

  Tags: cross-site request forgery, cross-site scripting, csrf, Security, XSS

• Five things network and system administrators can learn from Agile

  15Jan
  Author: ned Categories: IT Management, Infrastructure Comments: 1

  IT infrastructure work is certainly not the same as software development, but the Agile methodologies offer some good advice to us system and network administrators. In general, Agile has grown from a Manifesto about software development to a full-blown project management methodology. Powerful tools are available to help manage projects according to its tenants. Although Agile is based on lessons learned implementing complex software projects, its principles apply equally well to IT infrastructure projects and operations. Agile’s concept of “self-organizing teams” is particularly appealing to me, since Applied Trust is managed as a “company of peers”.

  I’ve picked five of the Principles behind the Agile Manifesto that are particularly applicable to our field – read on to see how they look from an IT infrastructure perspective:

  1) Our highest priority is to satisfy the customer through early and continuous delivery of valuable infrastructure.
  2) Welcome changing requirements, even late in deployment. Agile processes harness change for the customer’s competitive advantage.
  3) Business people and developers must work together daily throughout the project.
  4) Simplicity–the art of maximizing the amount of work not done–is essential.
  5) Continuous attention to technical excellence and good design enhances agility.

  Read more »

  Tags: agile, Infrastructure, ITIL, popular

• Exploring your NIC for fun and profit

  12Jan
  Author: ben Categories: Infrastructure Comments: 0

  

  I know, you love your network card. You installed Linux, the NIC was autodetected at first boot, and everything “Just Worked.” Your server has been happily providing services over the network ever since.

  But what do you really know about your network card? Is it the culprit of slower performance for your CPU-intensive application? Could you benefit from any of its advanced capabilities? Today’s network interface cards offer a number of hidden gems to the savvy administrator. In this article we’ll learn some of the most important tricks to understanding your NIC in Linux. Read more »

  Tags: linux, networking

• The Barking Seal Blog celebrates a birthday!

  05Oct
  Author: ned Categories: Green IT, IT Management, Infrastructure, Ramblings, Security Comments: 0

  I’m excited to say that The Barking Seal Blog has been around for a year now! We’ve had a great time blogging, ranting, and pontificating on the future of IT infrastructure, and have especially enjoyed the reader comments and emails.
  Below are ten of our favorite posts from our first year – if you missed one, check it out now…

  • IPv6 in 2009? Are you kidding me?: It sure looks like Trent’s prediction will be correct (for 2010, too!)
  • Save Green – Turn Up That Data Center Thermostat!: Green IT meets real cost savings.
  • New HIPAA modifications under the ARRA: Stimulus package implications for anyone who handles health info.
  • Black Thursday’s 20 year anniversary: A flashback to the beginnings of network security, from someone who was there.
  • Keystroke dynamics: A practical web implementation: Practical?  Maybe not, but certainly interesting!
  • Ten IT Infrastructure New Year Resolutions for 2009: Best practices that IT shops of all sizes should follow.
  • Debugging Nagios performance problems: Performance tuning advice and insight.
  • End-of-year IT checklist: Essential IT housecleaning tasks that you can do any time of the year!
  • Poker at the Work Place? Deep insight into computer science/engineer personalities.
  • Fend off disaster with preventative maintenance: A stitch in time…

  Here’s to lots more entertaining (and hopefully insightful!) posts in the year to come!  Thanks for your comments, feedback, and continued support!

  – The Seals at Applied Trust

  (photo courtesy hfb under the CC)

  
  Tags: applied trust, popular

• Essential WordPress Plugins

  23Sep
  Author: ned Categories: IT Management, Infrastructure Comments: 0

  I like WordPress a lot – it’s my #1 tool for simple web sites.  We use it for The Barking Seal Blog (this site!), but I also use it for a variety of more traditional sites, including the TechFest website, and even my personal wedding web site!

  WordPress isn’t everything, and if you’re looking for a CMS with the longest feature list, don’t bother trying it.  But if you want a reasonably-customizable web site that almost any end-user can update, I endorse it.  Try WordPress.com if you’re not comfortable managing your own web server.

  For the technical folks in the audience, it’s easy to install the free WordPress.org version on any server that supports the LAMP stack (Linux, Apache, MySQL, and PHP).  It is infinitely customizable (if you know PHP, HTML, and CSS), but will probably meet most your needs “out of the box”.

  If you do use WordPress.org, there are a few plugins that are worth installing… here are the ones that I think every WordPress.org administrator should consider:

  Read more »

  Tags: platform security, web, wordpress

• Monitoring site-to-site VPNs on a Cisco ASA

  02Aug
  Author: ned Categories: Infrastructure, Security Comments: 12

  Virtual Private Networks (VPNs) offer a way to securely connect different locations that are both connected to the Internet. Internet VPNs are way cheaper than private lines leased from a telco company, but unfortunately they are often much less reliable. Many times, when an Internet VPN “drops”, distant offices are no longer able to communicate — as network administrators, we want to know so we can fix it before our users notice anything!

  This post shows one way to monitor site-to-site VPNs configured on a Cisco ASA firewall using SNMP and Nagios.

  Read more »

  Tags: Cisco, monitoring, VPN

• Zimbra rocks!

  31Jul
  Author: ben Categories: Infrastructure, Ramblings Comments: 0

  At Applied Trust we’ve been using the Zimbra Collaboration Suite for a few years now. Ned is our primary admin, and he probably has some criticisms based on his in-depth experience, but from my user perspective it has been great. A few highlights for me:

  • I have a good sized mailbox – about 3GB with tens of thousands of individual messages – and our very simple server is plenty fast. Loading messages out of any folder is quick and painless. Searching is also very fast.
  • The shared calendar features are spectacular. Setting up meetings with Exchange users is a cinch. Words like “August 3rd” or “Thursday” in the email window are highlighted, and holding the mouse over it shows upcoming meetings. My only complaint is that you can’t seem to set the default calendar sharing rules for new users. When we hire new people, we need to both make our calendar viewable by them, and accept their calendar share. High maintenance.
  • Similarly, contacts works great. Very little to say since it works so well.
  • Integration with the iPhone is as good as for Exchange users. I have calendars, email and contacts on my phone with no problem.

  On the infrastructure side, Ned probably has more to say, but we’ve done many upgrades and they all seem to have gone very smoothly.

  As an open source-based collaboration suite, Zimbra is a strong competitor Exchange. I’m happy. Ned, care to comment?

  
  Tags: email, Zimbra

• Fend off disaster with preventative maintenance

  20Jul
  Author: paul Categories: IT Management, Infrastructure Comments: 2

  
  Last week at Applied Trust we held our first annual “Preventative Maintenance Day” (PMD), aimed at preempting software and hardware failures and performing those little tasks that are important, but that are often placed on the back burner in favor of more pressing issues.

  To minimize operational impact, the business day was bordered by two planned downtime periods in which the tasks requiring that systems be offline would occur, in addition to several other maintenance periods that didn’t require infrastructure outages during business hours. Each maintenance period had at least one small team consisting of several people assigned to perform -planned tasks.

  Read more »

  Tags: Availability, Maintenance

• Nightmares restoring mailboxes with BackupExec and Exchange 2007

  19Jun
  Author: ben Categories: Infrastructure, Ramblings Comments: 0

  Imagine a world in which you had diligently backed up data in your Active Directory and Exchange environment every day, carefully labeling your tapes and filing them away to an off-site storage facility in case you one day encountered a server failure. Continuing in our Imaginationland, pretend that a real scenario arose  in which you had none of your domain controllers, Exchange systems, backup servers, or any of the environment in which the backups were created, but you still need to recover some of your mail data. Would you take comfort in the knowledge that your recovery tapes were a short drive away?

  If you’re using Symantec’s Backup Exec product, I wouldn’t be so sure. Read on for more of my rant on Symantec… and partially Microsoft.

  Read more »

  Tags: Backups, rants