AddThis Social Bookmark Button

Sysadmin DevCenter Articles

An OpenLDAP Update by Marty Heyman
The Lightweight Directory Access Protocol (LDAP) has been around for a decade or more, and OpenLDAP has been a reference implementation for most of it. But what's new and improved over the early versions of OpenLDAP? Marty Heyman clues us in. 09/13/2007

Eight Reasons Windows Administrators Should Learn JScript Instead of VBScript by Bill Stewart
When it comes to writing WSH scripts or HTML applications, system administrators can use either VBScript or JScript. Bill Stewart tells you why JScript is your best choice. 06/19/2007

Top 7 Things System Administrators Forget to Do by Tom Adelstein
Do system administrators really forget to do basic tasks because they're lazy or do the pressures of the job keep them from getting everything done? Tom Adelstein explores the top seven tasks system administrators forget to do. 05/03/2007

Five Basic Mistakes Not to Make in DNS by Ron Aitchison
DNS has managed to keep the Internet afloat for decades, but it spend a lot of its time handling junk requests that should never have escaped from a local WAN. Ron Aitchison has a list of five basic things that every DNS administrator should take care of to keep DNS a happy infrastructure. 04/26/2007

A New, Improved Visualization for Web Server Logs by Raju Varghese
In his last article, Raju Varghese showed us how to visualize logfiles using gnuplot. In this follow up, he goes deeper into some tricks you can use to improve the readability of the resulting output. 03/29/2007

Making NetBSD Multiboot-Compatible by Julio M. Merino Vidal
The i386 boot process is as crufty as you'd expect from decades of stagnation. Booting your OS could be much easier--that's why the GRUB hackers developed The Multiboot Specification. Julio M. Merino Vidal explains why Multiboot exists, what it can do for you, and how he modified the NetBSD kernel to work with it. 03/01/2007

Hardware Versus Software Firewalls by Chris Swartz and Randy Rosel
Software can do almost anything hardware can do. Is there a reason to use dedicated hardware? Chris Swartz and Randy Rosel put this to the test, comparing the Cisco PIX to Smoothwall and OpenBSD with pf. Here's how they compared various firewalls, and how you can reproduce their results in your environment. 02/15/2007

A New Visualization for Web Server Logs by Raju Varghese
Web server logs hold a lot of data: IP addresses, request times, pages viewed. Two-dimensional graphs obscure a lot of relationships among these pieces of information. Three-dimensional graphs can help you spot trends more easily--and they're very easy to produce. Raju Varghese shows how to put Gnuplot to work. 02/08/2007

An Introduction to openQRM by Kris Buytaert
Virtualization saves you the headache of managing lots of separate machines. Unfortunately, lots of virtualization can give you the headache of managing lots and lots of images. The openQRM project intends to change that. Kris Buytaert demonstrates how to simplify the administration of virtual machines in a production environment. 02/08/2007

Making Apache httpd Logs More Useful by Rich Bowen
Apache httpd's standard text logfiles are well understood and useful, but they don't always give you enough information to troubleshoot problems. Apache 2.x provides several new modules that produce more logfile information--the number of bytes transferred, the rewrite rule matching, which requests complete and why, and the complete output of all headers. Rich Bowen explores these options. 02/01/2007

Handicapping New DNS Extensions and Applications by Cricket Liu
The DNS system is not static; there are several proposed new extensions and applications under development and adoption. DNS expert Cricket Liu explores five for updates and their future: the Sender Policy Framework, IPv6 support, Internationalized Domain Names, ENUM, and the DNS Security Extensions. 01/11/2007

Fingerprinting the World's Mail Servers by Ken Simpson and Stas Bekman
Public mail servers are, well, public. It should be easy to tell who's running what, to see how popular one server is, or to determine how much free and open source software dominates the internet. It's surprisingly tricky, however. MailChannels founder Ken Simpson discusses how his company recently conducted a survey of public mail servers, the difficulties they had, and what they found. 01/05/2007

Ad-Hoc Clustering by Raimo Koski
Clustering may sound like rocket science, intended for large or complex computationally expensive problems. It doesn't have to be difficult, however. You just need a parallelizable task and some creativity. Raimo Koski demonstrates how to build an ad-hoc cluster to rip digital music. 12/14/2006

Fun with Xorg by Dru Lavigne
Xorg includes several useful utilities and features that almost no one knows about. You can accelerate your display, nest one X server in another, distribute your session across multiple monitors on different machines, and watch a session on another machine. Dru Lavigne explains. 12/07/2006

Caching Dynamic Content with Apache httpd by Rich Bowen
Dynamic websites tend to be easier to manage than large collections of similar static files, but they often get many times more reads than they do writes. Every database hit and page generation can eat up precious CPU cycles. Rich Bowen shows off mod_cache, which trades disk space or memory for CPU and can help improve performance on your servers. 11/16/2006

How to Deploy Software Using Group Policy by Chris Sanders, Mitch Tulloch
Deploying software needn't be a chore for network administrators. You can leverage the power of Group Policy and Intellimirror, as Mitch Tulloch and Chris Sanders show you. 11/14/2006

Demystifying LDAP Data by Brian K. Jones
Is LDAP a database or a protocol? Is it understandable and deployable without reading a thousand pages of explanation and documentation? Brian Jones explains LDAP schemas and the layout of data to help you understand what you can store and how you can retrieve it. 11/09/2006

Detecting Web Application Security Vulnerabilities by Shreeraj Shah
Your web application is only as secure as the data coming in, and how you treat user input determines how secure you are. A little bit of thought and Python programming can help you analyze potential vulnerabilities in your code; Shreeraj Shah demonstrates. 11/02/2006

OpenBSD 4.0: Pufferix's Adventures by Federico Biancuzzi
On October 18th, OpenBSD celebrated its 11th birthday. Now it's time for the release of OpenBSD 4.0. To celebrate both milestones, Federico Biancuzzi interviewed over 20 developers to discuss the new features of this release and the continual work to get hardware specifications from vendors. 10/26/2006

Sending Apache httpd Logs to Syslog by Rich Bowen
Apache httpd's standard text logfiles are well understood and useful, but sometimes they're not the best option. The mature and flexible Unix syslog system offers plenty of opportunities to improve reporting and security. Rich Bowen explains how to join these two systems together. 10/12/2006

Sharing Internet Connections by Dru Lavigne
Protecting your computer when you're online is good. If you have multiple computers in your home or small business, protecting all of them is also good--especially if you can share your internet connection. Dru Lavigne demonstrates how to allow other computers to use the network safely with a FreeBSD or similar Unix system and fwbuilder. 10/05/2006

Managing a Honeypot by Peter Mikhalenko
If intruders are always scanning the Internet for potential victims--and they are--can you find the intruders and their exploits by putting up fake networks that only a deliberate scan could find? That's the theory behind honeypots. Peter Mikhalenko discusses the implementation, theory, and legality of using a honeypot to protect your network. 09/28/2006

Confessions of a Recovering NetBSD Zealot by Federico Biancuzzi
Charles M. Hannum is one of the founders of the NetBSD project. He recently posted to the NetBSD list that the project has "stagnated to the point of irrelevance" and gave suggestions for improvement. As you might expect, this provoked strong reactions. Federico Biancuzzi recently interviewed Hannum about the past, present, and potential future of NetBSD. 09/14/2006

Using IPFW Rulesets with BSD Firewalls by Dennis Olvany
The IPFW firewall comes with FreeBSD, but its documentation isn't entirely clear. Dennis Olvany demonstrates how to create and maintain IPFW rulesets to keep you secure but also to prevent network outages during updates. 08/24/2006

Building a Desktop Firewall by Dru Lavigne
By now, many internet users know that they need a firewall to protect their computers while they're online. Knowing that doesn't convey the knowledge of how to create and maintain a firewall. A nice GUI firewall builder called fwbuilder makes it possible to set up a working firewall in ten minutes--on Linux, *BSD, and Mac OS X. Dru Lavigne shows how it works on FreeBSD. 08/03/2006

Demystifying LDAP by Brian K. Jones
Is LDAP a database or a protocol? Is it understandable and deployable without reading a thousand pages of explanation and documentation? Brian Jones untangles some of the myths and legends about LDAP to explain what it is, why it's useful, and how to put it to productive use. 07/27/2006

Data Protection for LAMP Applications by Paddy Sreenivasan
The most valuable part of any LAMP application is the data. Yet when this data exists in configuration files as well as databases, protection means regular and secure backups. Paddy Sreenivasan discusses strategies for backing up MySQL and PostgreSQL databases securely and effectively. 07/13/2006

Using DesktopBSD by Dru Lavigne
A few user-friendly distributions of FreeBSD have appeared lately. DesktopBSD is a user-friendly variant of FreeBSD 5.5 that is suitable even for Unix novices. Dru Lavigne walks through the installation and use of DesktopBSD to provide a modern, powerful workstation. 07/13/2006

Building a Self-Healing Network by Greg Retkowski
Wouldn't it be nice if your network services could detect their own failures and gracefully restart? Sure, you could have cron or FAM jobs always checking them, but that's so unrefined. Instead, consider Greg Retkowski's solution: building a small Cfengine and NAGIOS combination to detect and recover from failure. 05/25/2006

Using PC-BSD by Dru Lavigne
A few user-friendly distributions of FreeBSD have appeared lately. PC-BSD is one suitable for the corporate and home desktops, even those of users unfamiliar with Unix. Dru Lavigne walks through the installation and configuration of PC-BSD to provide a modern, powerful workstation. 05/11/2006

OpenBSD 3.9: Blob-Busters Interviewed by Federico Biancuzzi
Every six months, the OpenBSD team releases a new version of their OS. OpenBSD 3.9 is here. Federico Biancuzzi recently interviewed the core developers about new features and improvements, as well as their principled stand against shipping binary-only blobs in place of actual drivers. 04/27/2006

Building a FreeBSD Build System by Bjorn Nelson
Keeping a single BSD system up to date is relatively easy. Keeping a whole business full of servers fresh with patches and new applications and updates is more work--unless you take advantage of the ports system. Bjorn Nelson walks through the design and implementation of a build system usable to push fresh binaries to as many servers as you have. 04/13/2006

Using Solaris SMF by Chris Josephes
Solaris 10 introduced the Service Management Facility. SMF is a framework that handles system boot-up, process management, and self-healing. For all of its advantages over SysV init, SMF has a new approach that can be confusing. Chris Josephes explains how it works and shows how to use it. 04/13/2006

Secure Your Linux Server by Aaron Brazell
Linux is a powerful and popular operating system kernel. That popularity means you might be running it even if you're not a dedicated Unix administrator or high-powered programmer. That doesn't mean that rock-solid security is out of your reach, though. Aaron Brazell shows how to make Red Hat 9 (and other Linux distributions) much more secure in a few easy steps. 03/23/2006

System Administration with ooRexx by Howard Fosdick and Jon Wolfers
Rexx is one of the world's first scripting languages. Its portability, power, and open source implementations make it useful for all sorts of system administration features. Howard Fosdick and Jon Wolfers show how Open Object Rexx makes it easy to build a useful, usable GUI sysadmin tool even for platforms such as Windows. 03/02/2006

Linux Virtualization with Xen by Kris Buytaert
Virtualization is an old idea--running multiple distinct operating systems atop a powerful box has a lot of advantages. Xen is a new virtualization platform. Despite its youth, its Linux support is very good. Kris Buytaert explains the basics of virtualization and shows how to configure and install Xen and to create new virtual machines. 01/26/2006

Building Binary PC-BSD Packages by Dru Lavigne
Several BSD-based distributions have emerged recently--and a few are relevant to and accessible by end users. One such is PC-BSD, whose innovations include a binary package installation system. Of course, that requires people to build binary packages for it. Fortunately, as Dru Lavigne demonstrates, doing so is both easy and addictively fun. 01/05/2006

Inside NetBSD's CGD by Federico Biancuzzi
Security-minded laptop users live in fear of theft, not only of their computer but also of their precious secret data. NetBSD's CGD project is a cryptographic virtual disk that can protect sensitive data while acting like a normal filesystem. Federico Biancuzzi recently interviewed its author, Roland Dowdeswell, on the goals and implementation of the system. 12/21/2005

Using Software RAID-1 with FreeBSD by Dru Lavigne
Disk space is cheap, and putting multiple disks in a computer is relatively cheap. Taking advantage of redundant disks to protect against hardware failure is invaluable. Though some RAID solutions require special hardware, FreeBSD 5.0 and later support software RAID. Dru Lavigne shows how to configure and enable disk mirroring. 11/10/2005

Building Detailed Network Reports with Netflow by Michael W. Lucas
You can trace every packet on your network from source to destination, if you really want to. Having all of this information is useless unless you can actually find what you need to know. Netflow not only helps record traffic information but also can help you report on just the types of packets you want. Michael W. Lucas demonstrates. 10/27/2005

OpenBSD 3.8: Hackers of the Lost RAID by Federico Biancuzzi
Every six months, the OpenBSD team releases a new version of their OS. It's time for OpenBSD 3.8. Federico Biancuzzi recently interviewed the core developers about new features and improvements, as well as ongoing struggles to find support from hardware vendors. Here's what to expect when you upgrade. 10/20/2005

Lightweight Web Serving with thttpd by Julio M. Merino Vidal
Apache httpd is full of features and abilities, but sometimes it's too heavy for simple sites or static pages. In some cases, a simpler, lighter web server is a good alternative (or addition). Julio M. Merino Vidal demonstrates how to install and configure the simple, fast, and powerful thttpd to serve simple static and generated content very quickly. 10/13/2005

Running Cyrus IMAP by Francisco Reyes
As laptops and mobility become more effective and prevalent, your job as a system administrator is to provide users with easy, secure access to their data. IMAP is one way to allow users to receive email wherever they go. Cyrus IMAP is a popular server, but installation and configuration is a bear. Fortunately, Francisco Reyes has the answer in this tutorial on installing and configuring Cyrus IMAP with Postfix. 10/06/2005

Company-Wide Instant Messaging with Jabberd by Oktay Altunergil
Instant messaging is becoming as valuable a business tool as email, the telephone, or the computer. While public networks are free (but not under your control) and private installations are under your control (but expensive), you can easily run your own secure, free server using the open standards of the Jabber protocol. Oktay Altunergil shows how to install and configure jabberd and to integrate it into an existing business directory system. 10/06/2005

Using FreeBSD's ACLs by Dru Lavigne
The standard Unix permissions scheme works fine if you have simple needs, but juggling groups and users can grow unwieldy very quickly. FreeBSD's Access Control Lists give you more control over who can access files and directories. Dru Lavigne explains how to enable, understand, and use them appropriately. 09/22/2005

Visualizing Network Traffic with Netflow and FlowScan by Michael W. Lucas
SNMP and MTRG can tell you what your network is doing, but they don't always give you the details you need. Netflow does--but sometimes a pretty graph says more than thousands of lines of log output. Fortunately, Michael W. Lucas shows how to use FlowScan and CUFlow with Netflow to see the traffic on your network. 09/15/2005

Using Qpsmtpd by Matt Sergeant
While email is increasingly a worker's most important communication medium, the onslaught of attacks from spam, viruses, and other malicious email content is ever increasing. By implementing a mail server in Perl, you can use your favorite language to mitigate those attacks and provide greater flexibility in processing incoming mail. Matt Sergeant shows how to install, configure, and write plugins for Qpsmtpd. 09/15/2005

Important Notice for Sysadmin DevCenter Readers About O'Reilly RSS and Atom Feeds

O'Reilly Media, Inc. is rolling out a new syndication mechanism that provides greater control over the content we publish online. You'll notice some improvements immediately, such as better standards compliance, graphical tiles accompanying article descriptions, and enclosure support for podcatching applications. We've tested the new feeds using a variety of popular newsreaders and aggregators, but we realize that there may be a few bumps along the way. If you experience problems, please don't hesitate to send mail to Please include detail about your operating system and reader applications. We also welcome your suggestions. Thank you for your continued support of the Sysadmin DevCenter.

The following URLs represent the Sysadmin DevCenter's article and weblog content in a variety of popular formats:

Atom 1.0
RSS 1.0
RSS 2.0

We will begin automatically redirecting the existing feeds to the new feeds above, but we recommend that you update your feedreader's subscription settings to ensure continuous and uninterrupted service.

O'Reilly Media, Inc.'s Online Publishing Group


Enterprise-Wide Network Management with OpenNMS by Tarus Balog
Network management of more than a few devices is difficult, and many vendors have expensive, complicated software that mostly does the job. Fortunately, open source has a viable alternative in OpenNMS. Tarus Balog shows how the extensible and configurable software can simplify your life. 09/08/2005

Improving Network Reliability with Keepalived by Philip Hollenback
No matter how good the software, hardware eventually fails. Redundancy is an important way to keep your important services running smoothly. With the right software, you can even sleep through otherwise catastrophic network failures. Philip Hollenback demonstrates how to make your network robust by using Keepalived on multiple Linux routers. 09/01/2005