Up

 

31st May

A handful of news snippets from the net, most courtesy of Ars.Technica's front page during the last week:

Rupert Murdoch alleged to have hired hackers to steal and leak competitor's digital TV smart-card codes

TiVo and the BBC conspire to force "Doser and Joe" on unsuspecting public

Online banking - still not all that great?    (Still not even slightly great, IMO...)

Intel steps in to Hollywood vs. Silicon Valley feud over mandatory hardware copy-protection

Federal judicial panel overturns government's right to withhold subsidies from libraries without porn filters

Jelly fingers fool biometric security scanners    (And you can eat the evidence afterwards!)

30th May

Still busy-busy at work, but catching up gradually on my backlog. Today's excitement was the arrival of our new core switch plus two engineers, ahead of schedule by several weeks! I don't mind, as it will give me a few weeks to grok it, stroke its curves and admire its many fans, but a little more notice would have been nice... We've installed it on a network of it's own for the moment to avoid any risk of confusing the hell out of the existing switches, so a small flurry of activity was required to patch the management PC upstairs into the switch cabinet via yet another un-used backbone strand. These are coming in so handy, in fact, that I wish I'd asked for more to be run when we had the office flood-wired with CAT5 a few years ago.

The switch (mine's the one on the left - about 36" high) is certainly an impressive lump of metal - we're going to be running a fairly entry-level 48 port configuration with twinned full-duplex 100Mbit pipes for a while, giving an aggregate of 400Mbit between the core and the server and workgroup switches - certainly not too shabby, but the chassis is expandable to a bewildering number of ports and ultimately to gigabit Ethernet over either copper or fibre. It has some serious cooling, too, besides which INFINITY's setup resembles one of those little hand-held propeller-blade fans... One entire side of the chassis is backed by nine120mm fans, and the noise rivals even the high-pitched sucking/rushing sound of the 1U print-servers... just as well the shriek of the dying air-conditioning masks it all...

Oh, yes - I managed to kill the central server today, while updating the firmware of the tape jukebox's drives and controllers. The new response code fooled Backup Exec into marking the drives as offline, and some creative juggling with device drivers and BE's services didn't help... I'm not quite sure what I broke, in the end, but the server lasted twenty minutes or so after I gave up and went to do something else, and then the entire networking subsystem fell on the floor and all the users tried to call the helpdesk at once... Everything was fine after a reboot, but it certainly wasn't one of my more impressive bits of hacking, and I was rather glad when I could escape at the end of the day...

28th May

The first regional sales office print-server is working well, but proving extremely perplexing and annoying in other areas... Firstly, it won't fit in the rack - it's a very long server, to make up for it's ultra-slim 1U design, and the cabinet is a fairly short one more suited for comms hardware than servers. I suspect that I could have improvised something, but my PFY (on-site somewhere in the wilds of Scotland) isn't quite so "adventurous" with in-warranty hardware and in the end I suggested that he put it up on the roof of the cabinet - a little eccentric, I admit, but at least it will be out of the way of curious fingers...

As well as the local print queues, the regional servers will also be hosting a data-gathering app that connects to the office telephone exchanges and passes call statistics back to a central database. Unfortunately, the software manufacturer is one if the die-hards and insists on using hardware dongles to prevent unlicensed use, in this case a parallel port device. Unfortunately again, this server has no parallel port - fairly sensible for a slim-line server these days, I suppose, but not something I'd noticed when I had a quick check over my manager's proposed specification.

After a small flurry of purchase orders, a PCI parallel port card was procured and expressed directly to my PFY in Scotland - who, when attempting fitting it this morning, noticed that both PCI slots were the latest 64bit 66MHz design, completely incompatible with the older, slower cards... I left my manager looking through hardware catalogues, but I know that he won't find a legacy interface card made for such a high speed bus. The sensible option would be to persuade Dell to exchange the PCI riser card for the optional dual-format version, so hopefully he'll have tried that after I left.

In an ideal world I would have compiled the hardware spec myself, but more significant projects have been sucking my attention and the choice of a 1U server was purely my manager's - and although I wouldn't have noticed the lack of a parallel port, especially as I was only told about the dongle several weeks after the servers had been delivered, at least I would have chosen the dual-format PCI riser and I know I would have checked that the servers would fit in the cabinets! <long sigh> This is turning into another project of lost souls, I suspect - but at least we're getting all the mistakes out of the way in the smallest, quietest, most remote office, where with luck nobody will notice...

27th May

Adventures with amateur pyrotechnics, courtesy of the remarkable and versatile Dan Rutter of Dan's Data. As usual, this falls firmly under the "don't try this at home" category (not a warning I've needed myself since I demolished a camp fire in my salad days using nothing more than an empty disposable cigarette lighter) and details how to make bombs from hundreds of regular, bonfire-night sparklers bundled together. The results are spectacular, producing the classic mushroom cloud so sought-after by pyro fiends, together with a beautiful shower of sparks and red-hot debris... I no longer have the cojones to play with this sort of thing, and it's always a relief to know that somebody else is prepared to risk "HORRIBLE PERSONAL INJURY and SPECTACULAR PROPERTY DAMAGE", as Dan puts it, for my pleasure and gratification.

This is another plug for the wonderful Drempels eye-candy... It animates the Windows desktop in the most beautiful swirling, changing, hypnotic patterns, and although it's a complete and utter processor-hog (it takes around 50% of one of my 1GHz CPUs!), I've never seen anything prettier on a PC's desktop... Highly recommended, if you have the power to run it - but don't even bother downloading unless you have at least a Pentium III and a fast graphics card to match.

26th May

A short burst of astronomy news, today, as there seem to have been a number of interesting developments over the last few weeks.

Work with the Keck and William Herschel telescopes has produced the first photographs of a planet outside our solar system, orbiting the star Sigma Orionis 1150 light years away. The presence of nine planets in other solar systems have already been inferred by perturbations in the orbital dynamics of the system, but this will be the first actual sighting - unless, that is, it's an old, failing brown dwarf star instead; apparently young planets and old stars can often look similar in a bad light... Further observations from Hubble are likely to confirm one way or another, if telescope time is made available, but until then here's the current situation courtesy of Space.Com.

The radio astronomer's continual quest <dramatic chord> to see back to the birth of the universe has now pushed the window to a mere 300,000 years after the big bang. Teams working at the Cosmic Background Imager in Chile and the Very Small Array (what a wonderful name!) in Tenerife have detected the minute fluctuations in the microwave background radiation from the photons emitted when the universe cooled enough to allow the first matter to be formed. Further details are in the National Science Foundation's press release.

Apparently we have a second moon in the unlikely shape of Near-Earth asteroid 3753, also known as Cruithne (pronounced "'croo-EEN-ya") after the earliest Pict inhabitants of Britain. Discovered in 1997, it's an ugly little lump of rock dragged around by the Earth's gravity well in a highly implausible spiralling horseshoe orbit! These two sites have still and animated diagrams that certainly raised my eyebrow, and are worth checking out. Jupiter appears to be spawning extra moons, too - Space.Com reports that a further eleven have been discovered around Jupiter, bringing it's total to a profligate thirty-nine! I don't approve at all, and think that at least ten of them should be confiscated and re-orbited around the earth immediately in the name of equality.

25th May

I've only just noticed that I've slipped past 250th place in the Distributed.Net RC5-64 code-breaking challenge. I'm constantly adding more horsepower to my contribution as "old" computers are replaced with faster ones, but it seems likely that I'm continuing to gain places mostly because every else is dropping out - there are now several prettier and less abstract projects such as Folding@Home, United Devices and, of course, the ever-popular SETI@home. SETI, incidentally, now seems to be credited as the first large-scale distributed computing project, which is bugging me a little - I'd been part of Distributed.Net for quite a while before SETI was launched, and it certainly wasn't new when I joined.

I really wish we'd hurry up and find the damn key, now - at the current rate we'll have tested the entire range of possible keys in another 230 days, but it seems quite likely that we'll then have to go back to the beginning to fill in the gaps left by lost data from crashing computers, failed network connections, etc. It could easily be another year, but having invested over 3 years in it so far I'll see it through to the bitter end. The fun has rather gone out of it now, especially as I've had to disable the client on my own desktop PC to reduce the system temperature - running a pair of 1GHz CPUs flat-out 24/7 is enough to stress any cooling system...

I may well move my own PC to a new project after RC5-64, but I won't migrate the dozens of servers etc at the office - Distributed Net is rather easier to justify than the others, as it's extremely relevant to computer security (we were using RC5 encryption until fairly recently!) and avoids any suggestion of conflict of interest by not actually doing anything of use to another corporate. What I'll choose for myself isn't certain as yet, though - the various "cure for cancer" projects seem philanthropic and worthy on the surface, and I suppose that they are, but I can't shake the feeling that the most likely outcome is going to be a shed-load of money made by the pharmaceuticals companies rather than any dramatic breakthrough in public medicine.

Besides, now that Sharman Networks are sending out a distributed processing client sneakily hidden in their Kazaa file-sharing software, with the idea of selling-on CPU cycles to whoever will pay for them, it seems possible that what is now being called "grid computing" (IBM's term, I gather!) will falter under the weight of commercial enterprise in exactly the same way that spam has made email significantly less convenient and pleasant to use. Once Sharman's behaviour becomes widely-known and, presumably, widely imitated, I hope that people will refuse to participate without knowing what it is that their PC is actually working on. Sharman are being extremely evasive about the possible sources of data, but knowing the most suitable applications of this kind of distributed processing, it's not out of the question that one's home PC could end up crunching numbers to design more addictive cigarettes, to simulate nuclear weaponry, or to locate the last remnants of the earth's natural resources ready for pillaging.

For users to take responsibility for the calculations performed by their own computers is no bad thing, I'm sure, but I wonder if I'm expecting too much: "This mail message says that someone loves me, and that I should run this EXE? Sure, why not!" <sigh>

24th May

Ros has been playing Settlers, too, and today we started our first head-to-head game - we had agreed a truce until we both felt well-enough established, but it was a fairly small map and Ros's usual enthusiastic expansion in search of raw materials (in this case a rather fruitless quest for iron ore) led to various encounters between her prospecting geologists and my patrolling archers. Words were exchanged, and I can see now how these "border incidents" between India and Pakistan, for example, start so easily... and how hard it must be not to let them escalate into all-out war. Some provocative building of fortifications and my need for lebensraum eventually led to the inevitable, and as I had more iron and steel than you could shake a large hammer at, it was extremely likely that I would have crushed her like a bug if game hadn't crashed on my PC, leaving her with control of the map.

A second attempt on a different map, this time in collaborative mode with Ros and I against a single enemy tribe, only gave us pocket-handkerchief-sized areas of useable land. It seemed worth persisting, though, and we'd just started to set up the infrastructure for inter-settlement trade (I was going to handle the mining and weapons manufacture, she'd concentrate on agriculture to feed the miners) when we were rudely interrupted by another crash - this time on both PCs simultaneously! Tsk!

These crashes are extremely annoying, as they seem to happen most often in busy games with lots of objects and processes - i.e. just when everything is getting really interesting. I hope that the manufacturer can come up with some advice, but my previous experience of game support hotlines doesn't make me that hopeful: "No, all my partitions are NTFS - I can't boot from a DOS floppy, and I don't think I should have to anyway!" In the meantime I'll probably try lowering the resolution from 1280x1024 to 1024x768 on my system, as messages in the game's initialisation logs suggest that I might be running low on video memory - evidently 32Mb just isn't enough for a graphics card now, with some of the latest ATI and nVidia designs having four times that! Damn, it was only a few years ago that 128Mb was a respectable amount for the main memory of a corporate fileserver, let alone a peripheral!

22nd May

Work is frenzied, right now, as usual at the start of a financial year. The new server is installed and working well (apart from a scattering of what appear to be bogus hardware error messages and the fact that I still haven't really organised a coherent backup strategy) so I turned my attention to the dead anti-virus management server and the first of the remote print servers for the regional sales offices.

The anti-virus server died right at the end of the week with some kind of memory parity error, and the subsequent weekend's worth of constant crashing and rebooting appears to have fried the NT installation fairly comprehensively. I threw Winternals' Admin Pak at it, but the tools were limited by the server's NT software mirroring - this isn't really the processor hog that most people seem to think, but certainly makes repairing a damaged volume a nightmare, especially when it's the system and boot partition. In the end I gave up and rebuilt from scratch, as it looked like it was going to be quicker, and with a deft flick of the wrist a spare Compaq RAID controller ensures that the same problem won't happen again. Of course, switching to hardware mirroring opens the door to various other problems, but at least not quite such perplexing ones.

I had a recent backup of the anti-virus management database, so once the system and apps were in place it wasn't too hard to get all the configuration back again - although the exact syntax of the little utility that backs up and restores the database puzzles me every single time! By the time I logged in after the final reboot it had already handed out two DAT updates, and although all seems well I can't shake the feeling that I've forgotten something... It was just too easy...

The regional print server wasn't nearly so perplexing, except for some puzzling over the rather exotic rack-mount rails of Dell's new 1U systems, and probably isn't going to be a source of problems ... We've picked the smallest office for the test system, so it's only hosting a couple of print queues and there are only likely to be a dozen users connected even on payday... I'll work out how to configure it to make the best use of the rather limited bandwidth more or less by trial-and-error, and then scale the result to the other, busier sales offices. Apart from the queues, they'll be hosting a data collection app for the local telephone exchange, too, but if that causes any problems I'll just blame the application and it's operator - both equally flakey.

The external security audit started today, too, and although I've been too wrapped up elsewhere to really pay any attention to the firewall logs, the unofficial word so far is that no flaws have been found. They're running aggressive port scans now, and tomorrow will escalate to full-on DoS attacks. I would much rather that I'd had the time to prepare for this properly, but I'm not actually expecting many issues from the external penetration tests. The internal security is probably a touch more ropey, though, and as that's being probed a little tomorrow, too, I've made a last-minute change to the administrator password that has already resulted in a blue-screen on one email server (don't ask!) and a hung service on the other. I'll have to do a lot of checking and thinking tomorrow before I'm confident that I won't get horrendous knock-on effects from all the services that can no longer authenticate - it's something else that should have been planned better, I know, but I just never have the time. However, last week there was a murmuring about getting me another PFY, so maybe something will come of that before my nervous breakdown rather than afterwards.

19th May

My occasional computer games fetish has suddenly switched from Warzone 2100 to latest in the Settlers series, now at IV. It's exactly the same idea as it's predecessors, but with the usual enhancements to the graphics and a handful of extra buildings, settler types and oddments added to bring just a little more depth. If you haven't seen Settlers in a while, then this version is certainly worth a look - but the changes from II and III are minor in terms of game-play, and the only dramatic improvement is in the clarity and sheer prettiness of the graphics... If you liked II, it's worth upgrading - but if you have version III, there's little need unless you can find IV heavily discounted.

Unfortunately the mouse-clicks are almost exactly reversed in comparison to Warzone which, has made it a touch awkward to get used to, but I've learned enough now to face Ros in single combat next time we have a few hours. She was routinely kicking my butt at Warzone, rather to my surprise, so we shall have to see if she can create as efficient a war machine with a dark ages society as she can with a futuristic one.

I've been listening to a remarkable audio-book while commuting, recently - "Flatland" by Edwin A. Abbott. Although published in 1884 and apparently widely-known and appreciated, I seem to have missed it almost completely! The story describes the structure and society of a two-dimensional world from the viewpoint of one of it's citizens ("Mr A. Square from Flatland" - so that's where that phrase comes from!), unique among his countrymen in his understanding of the higher (and lower) dimensional worlds that coexist with his own. It's an odd story, certainly - at once a cruel parody of Victorian society, a primer in geometry and topology, an exhortation towards acquiring self-knowledge and imagination and with definite signs of a moral to come... Copyright expired long ago, of course, so it's freely available online. Here's one.

18th May

A pleasant (if somewhat strenuous) few hours spent this morning, bolting everything into the rack. It fit pretty well, although I somehow miscalculated by 1U above the tape drive when I was laying out the rails a few days ago - but a blanking panel will hide all traces at the front and, actually, it provides a neat little niche to tuck away some of the SCSI and fibre-channel cables... There's still some tidying to do, but I've learned from experience not to tie all the cables down straight away - some of them are sure to need re-routing for some unexpected reason in a couple of days.

More redundancy than you can shake a stick at - five network interfaces, dual fibre-channel controllers and interfaces, stacked fans, and power supplies galore. It would take a fire-axe to bring this system down - or, under the right circumstances, a single, solitary bug somewhere in the millions lines of code that string it all together. A sobering thought... The network adaptors are a single fault-tolerant team at present, so rather over-redundant, but will be reconfigured for load-balancing when we upgrade to Cisco Catalyst core switches in the next couple of months.

Naked and unashamed... Dowdy beige ProLiants or spiffy black PowerEdges? You decide!

17th May

I've just spent a while reading AnandTech's review of the new PaceBook PaceBlade, among the first of what I suspect is going to be the next step in the evolution of day-to-day computing.

It's a sub-A4 tablet PC, with a 12.1" 1024x768 touch-sensitive LCD (that can be used in either portrait or landscape mode) running Windows on a 600Mhz Transmeta Crusoe processor backed by a respectable 256Mb of RAM and a 20Gb disk. It seems to have plenty of ports and things, certainly - VGA, USB, Firewire and Ethernet; a built in modem, speakers, microphone and even a tripod-style socket so that it can be mounted in vehicles or an industrial environment! It also has a neat wireless keyboard that can either be clipped to the PC (in which case it strongly resembles the newer Apple laptops) or used remotely, with the system unit propped up by a little stand to provide a small-footprint desktop solution. Handheld, laptop, desktop - flexible indeed! There seem to be some issues with the current version (including internal temperatures around 48C under heavy use!) but I think the concept is sound and with heavyweight support from Microsoft I expect to see a lot of these coming onto the market over the next year - I'd certainly buy one...

16th May

PC case manufacturer Lian Li have released a cunning little addon, reviewed here at the inestimable Dan's Data hardware site. It's a pair of metal brackets, available in two sizes, which attach to the suspended hard disk cage commonly found in homebrew PC cases and extending it to allow extra drives to be fitted. It's certainly nothing that couldn't be made oneself, and there are several ideas for DIY brackets circulating - but as usual Lian Li's design and build quality seem to be good, and as they seem to be fairly cheap, it's hardly worth the fuss. I haven't found a UK or even a US supplier, as yet, but I'll grab a set when I do - there's only room for a drive cooler on one of the mirrored disks in INFINITY, and the 4C difference that causes has always made me nervous...

It's been more of the giant Meccano at work, assembling the shiny new Dell server cabinet ready for the server, the RAID array and the tape changer to be installed at the weekend. All of the hardware and the rack itself is all in shiny black, except for the gunmetal front panel of the server, and I think it's going to look very snazzy indeed when it's mounted. Pictures here soon, I expect, but in the meantime here's an approximation of the design thanks to the Dell Rack Advisor, like Compaq's equivalent a quirky and fascist little piece of software if ever I saw one, but rather useful all the same...

15th May

This is absurd... the usually tolerable X-bit Labs hardware site has published a comparison between various hard disk drives based on how fast they can be defragmented by a range of the popular utilities. This is a strange enough project anyway, and not something that could possibly justify the time spent on it, but the author then proceeds to suggest that a defrag utility could therefore be used as a benchmark to compare the performance of different hard disks! Somehow I can't see that catching on - it's not so much the variations in speed of the defrag utilities that will skew his hypothetical benchmark, as he appears to fear, but how fragmented the disk in question actually is. With little user control over how the files on a PC are fragmented, any comparison attempted without the same files fragmented in the same way and to the same physical locations on the drive's surface is just a meaningless waste of time. Maybe he expects us to download a 10Gb standard partition image to test with? <laughs> Not here, I'm afraid, even over broadband...

14th May

When I was around eight I discovered a book that, as is traditional, has had a profound effect on my life so far. It was the Life Science Library volume "Matter" (published in the sixties, revised in the early seventies, and now long since out of print) and it was my first significant encounter with proper grown-up science. 

At first I mostly looked at the pictures - all the elements of the periodic table in their incredible variety of different forms, textures and colours; cartoons of little anthropomorphised sub-atomic particles bashing into each other; photomicrographs of the then cutting-edge digital memory cores, photographs of a technician dipping a rose into liquid nitrogen and then shattering it in his heavily-gloved fist... Fascinating stuff, and I kept coming back, discovering new wonders each time.

After a while I was reading the captions, too, and then puzzling over the text... I'm not a maths or physics prodigy, in spite of my passions in the fields, and with hindsight I'm not surprised that I often went back to the witty little captions again for light relief! Much of the theoretical physics of the early 1970s is horribly out of date thirty years on, of course (and there are a few more elements in the periodic table, now) but the basic physical laws it described so clearly and illustrated so beautifully are as true now as they ever were - and I'm convinced that my ability to have a good bash at figuring things out from first principles, one in which I take a quiet pride, comes from absorbing those clever, funny cartoons and diagrams at an impressionable age.

High-energy physics was undergoing something of a boom at the time, thanks to CERN and SLAC and the other big-science laboratories, and the last few chapters of the book move rapidly but easily through the basics of radioactivity, then the interactions between sub-atomic particles that cause the phenomenon, before moving on to the giant tools, the linear accelerators and cyclotrons and proton-synchrotrons, that were being used to investigate the layer below that.

This wonderful mad-scientist hardware, especially when brought alive with the cartoon sub-atomic particles, caught both my eye and my imagination - and one has stayed with me perfectly all this time, a convoluted tangle of pipes, wires and hoses that was titled "Alice And Wonderland". The caption explained that ALICE was the nickname of the Adiabatic Low-energy Injection and Capture Experiment, an early nuclear fusion experiment at University of California Berkley.

Something about the full name caught my mind, though, maybe something about the contrast between such precise words and the rolling way in which they were arranged... I don't have a name for it to hand, but it's been an extremely familiar style ever since I discovered computers a few years later, now more than twenty years ago.

Today, Ros sent me news that ALICE has a sister, AMANDA, the Antarctic Muon And Neutrino Detector Array, and that made me remember my dog-eared but precious "Matter" again, retrieved from my parents a few years ago and still browsed through for fun or consulted for odd facts. I've been looking for publisher's descriptions of the book to post here, but instead found dozens more people who, just as I am now, described finding it at an early age and becoming enthralled by something they read there... Citations by the small army of scientists and writers who contributed form most of the remainder of the hits, and they should be congratulated for successfully warping so many young, impressionable minds towards science geekdom. <applause>

13th May

A quiet day... The new server is getting on with the job, and there have been no signs of any glitches, oddities, or missing data! I even had a report that one user thinks everything is running faster - the server is massively more powerful than it's predecessor, yes, but the bottlenecks are likely to be at the client and actually I wouldn't expect the end-users to notice much difference.

11th May

I think that I've escaped from that project as lightly as could be imagined... Only a dozen or so of more than four hundred thousand files and their security rights failed to copy correctly, and I used the excellent ExamDiff utility to trace nearly all of those (with the notable exception of one of my own Outlook PST files! Oops!) to old Word temporary files etc. I copied them anyway, for completeness!

The server rename was surprisingly non-traumatic, too - it took a while to synchronise properly between stages, but we were very patient and eventually the domain all caught up with itself. I manually changed a handful of registry entries to fix the known issue with Backup Exec, but all the other apps seem to be quite at home and the server feels perfectly normal - always a good sign, to an old hand... Barring the completely unexpected, and possibly a few odd details on Monday morning, I think it's nicely done and dusted.

Now all I have to contend with is my senior manager, who seems to be refusing to pay overtime for work performed from home. I spent a couple of hours last night dialled watching the backup and the file copy, and a while this morning, a while more when I got home and I'm just about to check again to make sure that the backup is running well...   but he doesn't seem to think of that as "real work" and I'm likely to have these parts of my overtime claim rejected... <long sigh> It's not very modern, to say the least, and certainly no way to treat a hard-working techy... I'm damn well going to claim for the two hours I spent in a traffic jam on the way home from the office, though...

10th May

Everything is place for the server migration to start, and in another few minutes I'll dial in and start the file transfer running. I think it's going to take most of the night to copy 120Gb, as I'm a little more pressed for time than I'd planned and will now have to make the copy while the final backup is running. Sometime tomorrow morning we'll copy the folder shares meta-data from one registry to another, and then rename the server itself. Renaming a domain controller is always ticklish, but as long as the process isn't rushed (the domain needs to synchronise properly between stages, and that can take a while) we should be Ok. I've already installed a fair amount of support software on the new platform, though, and it's anyone's guess how it will react to the name-change... I'm expecting problems with Backup Exec, certainly, but at least I've had specific reassurance about the new SYMplicity RAID array manager, the only app I'd be wary of re-installing myself. This system hosts a cut-down SQL server, too, and although I've cloned the configuration across I'm not entirely sure whether the clients connect via host name, IP address or named pipe - so that will be a little adventure on Monday morning when the accountants come in...

Right... <rubs hands> Off we go.

9th May

I spent part of today in a long, tedious presentation of the HP OpenView network management suite, and the rest juggling fully-loaded network hardware cabinets. We certainly need network management tools, but we're already fairly well supplied with the freebie offerings that come with the appropriate hardware - Transcend for 3Com's switches and hubs, Optivity for the Nortel WAN routers, Insight Manager for the Compaq servers and Dell's DMI Manager for their servers and desktops... OpenView's main advantage, it was claimed, was being able to integrate all these disparate products so that I could drive them all from one console - predictably, a JAVA app running in a web browser. Frankly, that idea fills me with horror - all the recent versions of the manufacturer's own management suites have been re-written in Java, too, and are now far inferior to their traditionally-structured ancestors in both performance and reliability... When Dell's server manager freezes or dies suddenly, which is certainly not an infrequent event, it usually takes down any other Internet Explorer windows running on that system, and I have visions of a similar problem with OpenView affecting all the various monitoring servers at once!

To add insult to injury, OpenView needs it's own client installed on every server and workstation that is being monitored, as well as that of whatever else it's "integrating" with, and I have usually have enough problems with the agents we already have to be comfortable installing yet another layer! What I really want is a single client for every server and workstation, that will tell me everything from the serial number of the 3rd disk drive on the second port of the first SCSI controller (Insight Manager will do this!) and the bandwidth utilisation of port 19 on a switch (Transcend can provide) to the average CPU utilisation of the NTLMSS process over the last week (thank you, Patrol!) and the number of suspicious-looking failed logins on our public-facing FTP server (NetCool, perhaps?) - and I find myself increasingly drawn to Microsoft's new offering in the field, Operations Manager, which claims to be able to beat HP at it's own game... I'd really like to put that to the test, as soon as my current projects are complete...

The cabinet juggling was much harder work than the meeting, but infinitely more rewarding. I'm in the process of recycling an old mid-height router cabinet for our new Cisco core switch, and realised yesterday after I had carefully fitted it into a perfectly-sized niche in the racking that when loaded with 65Kg of network hardware the lack of castors would make it absolutely impossible to move... The manufacturer no longer makes the little castors I needed to meet the height limit, and I couldn't find an equivalent (a mere couple of millimetres is usually an insurmountable problem when dealing with heavy-gauge steel cabinets... they just won't bend to fit, however hard you try) until my eyes fell on an old swivel chair on it's way to the skip. Rather to my surprise, the castors fit the cabinet's bolt holes perfectly (there actually seems to be a standard M8/10mm size for these things!) but in the end the final assembly was the afore-mentioned couple of millimetres too high. Not daunted, I then proceeded to jack up one of the other cabinets on reams of A4 in the hope that it's wheels were the few millimetres less in diameter that they appeared to be, and sure enough they were! Much unbolting,  straining and heaving later (that cabinet currently holds three WAN routers, an Ascend dialup server, a big-ass hardware firewall, five Kilostream MUXs and a bunch of mini-hubs etc - phew!) and all is settled again, with the new cabinet sliding neatly in and out of it's niche with a couple of millimetres to spare. I feel quite smug!

8th May

So, when I arrived at the office this morning the computer room was covered in a fine layer of dust (and, presumably, metal filings) that had settled out of the air after yesterday's building work, and I think it's safe to assume that the insides of the servers, the heads of the tape drives, the vacant switch and hub ports, and everything else unseen is equally coated. <long, heartfelt sigh> This will all come back to bite us later, I suspect, in the form of reduced component life-spans and sudden unexplained failures, and as usual I'll be the one who has to clear up the resulting messes... I'm beginning to realise that my company doesn't actually take IT very seriously - even after almost three years of talking and worrying we still don't have a disaster recovery plan, for example, the computer room is full of cell-phone repeaters and they schedule major building work in the middle of the day... I despair.

The new washing machine arrived on schedule, and after removing about four hundred transit bolts, weird restraining brackets etc and puzzling over routing the hoses, it's now doing it's first wash. I chose a model with an extra half kilo capacity over the regular 5kg, and that will be more of a luxury for the weekends than I'd thought - having checked (rather than assumed!), it turns out that our old washer only had a capacity of 4.5kg... Joy!

7th May

Nothing too horrible was awaiting me this morning considering such a long time away from my babies, but the day became rapidly more "interesting" when workmen arrived to install the new computer room air conditioning and brought out an angle grinder to cut holes in the steel plates embedded in the wall. Eight foot streams of brightly-coloured sparks and huge clouds of acrid smoke aren't my favourite accessories for a working computer room, but nothing was apparently harmed in the end and really there is no good time to do something like that - the risks would be pretty much the same out-of-hours, unless we went for a full server shutdown and covered everything in dust-sheets...

As I'd feared, the new RAID array is glitching occasionally - there was a stream of emailed warnings waiting suggesting fan or PSU failures (can't it be specific? That should be a no-brainer!) but the evidence of my own eyes suggests that they're completely bogus error messages and although I've logged it with the supplier I don't intend to postpone this weekend's migration. Damn the torpedoes, full speed ahead!

6th May

I've added a links page... Apparently it's obligatory...

Back to the silicon-face tomorrow, and full steam ahead for the server upgrade at the weekend. I'm replacing the company's main file server (also one of the BDCs, to make life harder!) with new hardware, migrating 120Gb of data plus several hundred shared folders and all the associated security permissions. It's likely to be a nail-biting experience, but I'll have able assistance from NT-guru Mike Rix at SynTech and our project plan leaves the original server unchanged to provide a fallback route if it all goes pear-shaped. The new server is almost ready, and has spent the week while I'm away thrashing it's RAID array mercilessly... assuming that the log isn't full of horrible error messages, then there's only some last-minute tuning left to do before the migration. I'm slightly boggled at the amount of software that I've had to install on what's only a file-server, though - hardware monitoring for the server itself, the RAID disk array and the tape changer; defrag and undelete add-ons, the backup subsystem, fault-tolerant networking, time synchronisation services... and even the ubiquitous Distributed.Net client to soak up any free processor cycles. Gosh... A few years ago that would have filled any PC-based hardware platform to capacity even before it started doing it's intended job!

4th May

In 1952 the American periodical Collier's published a series of articles on the future of space exploration. The major contributor to these was the German rocket scientist Wernher Von Braun, then at the heart of the embryonic US space programme in Huntsville, who proposed a comprehensive plan for the next fifteen years - surface-to-orbit shuttles, permanent space stations, planetary craft and everything needed for both the scientific exploration and commercial exploitation of our solar system.

The great science fiction artist Chesley Bonestell was commissioned to illustrate his concepts (one of my models, the Lunar Lander, was based on this work), and he captured perfectly the 1950s dream of space - elegant, whimsical and thoroughly American. Fifty years later, marking the anniversary of the Collier's articles, Surfaces Rendered is creating an animated movie as homage to a golden age of space that never happened - they're recreating Von Braun's proposals in the form of a retrospective documentary commissioned by the imaginary "National Council Of Astronautics", summarising their achievements of the preceding decade from the first lunar landing in 1963 to a manned Mars mission in 1968.

The little teasers of animation released so far are marvellous, not only imaginative and beautifully photo-realistic, but also convincingly aged - they look like 1960s footage in every nuance of style and image quality, and I'm keenly anticipating the finished movie. The site also has an excellent links page of related interests - space modelling, space art, even replica spacesuits... Well worth a look!

3rd May

The new washing machine is now on order, and one of my credit cards is now significantly lighter. I'm also exhausted from a week of having technical data stuffed into my head at high speed (no flow control!), but have discovered that the pass mark for the four IT training exams I've taken recently is 80% rather than the 60-70% I'd assumed... Huh - guess I do know what I'm talking about, after all!

In a marvellous bit of synchronicity, we've just had a surprise visit from the aforementioned Whit Diffie, inventor of the public key cryptography techniques that make possible most of the security systems I've been learning about this week. Apparently he's recently been appointed as Sun's new Chief Security Officer... Coo! And to think, I knew him when he was merely a "distinguished engineer"!

2nd May

Active Directory - don't try to understand it, just rope it, throw and brand it... soon we'll be browsing high and wide.

I'm becoming convinced that my DNA is wound too tightly.

1st May

Today I learned about the Encrypting File System and, more importantly, about recovering from the things that John Q. User can do to make it lose all his data. In fact, I've realised that I'd better install some sort of enterprise certificate authority myself and start doing it properly before a plague of automatically self-generated certificates starts spreading - I can assume that at least three (particular) users have already tried encrypting some of their own files and folders, and there seem to be a number of potential booby-traps. I think I can get support from the junior manager who created and maintains our corporate intranet, though - he appeared to be using it as a stepping-stone to a hugely overpaid web designer's job in the City (last year before the "dotcom crash") and it has every feature, bell and whistle imaginable except digital signatures... It's really quite slick, I have to say - which is remarkable as it's hosted on an off-the-shelf desktop PC running NT4, originally intended only for the pilot project two years ago! He certainly won't get much experience with certificates and authentication at home, though, and I can imagine him rubbing his hands at the idea - and as he's noticeably higher up the food chain than I am, he would be a good ally for this project. I'd want to move the whole web to IIS5 and Windows 2000 on a proper server, with all the modern security addons, and that definitely won't come cheap...

Tomorrow we venture even deeper into Kerberos (you mean there's more? It isn't convoluted enough already?) and then on to the unfathomable mysteries of IPSEC. If I'm not back in twenty-four hours, call this number.

 

 

Weblog Archive