Cloudweavers

Being challenged everyday to augment my productivity, here is a few quick tricks/software helping system administrator.

1. BlackBerry

Yeah, I know. It was an easy one – and easy to expect since I’ve bought a Storm. Employees get to hate them (since they are always hooked to the business) but as owner of a small business, I NEED to be informed of everything going on. The ability of answering my email / instant messanging while in route between Montreal & Ottawa is of prime importance. My clients doesn’t need to know where I am or what I am doing, they know I’m ready to help them.

The BlackBerry by itself is not as feature-complete as the iPhone seem to be. Using the pre-loaded email client with gmail just doesn’t cut it. It’s using IMAP and discarding all your filter/labels for incoming messages. There is an alternative : gmail mobile application. Available from the central mobile application repository of Google. Using a customized alert setting, you can be informed when you have new mail (in your inbox), while preserving your filter/label configuration. While you are there, you should also install the maps application, can always be handy.

Another “must-have” app. for sysadmin is MidpSSH. Which, as its name make it pretty clear, is a SSH/Telnet client. There have been a few reports of incompatibility between Storm and midpssh – yet, with an up-to-date OS/taking into account that your device often capitalize the first letter (of a username)/openssh is case-sensitive, you should not have any problems to connect to GNU/Linux systems.

2. Monitoring software

A good monitoring system watching over your network is a life saver and all the difference between you informing your client of a system failure or the other way around. Nagios is pretty well known and getting help is very easy since the community is so dynamic. Another software doing the same job is Zabbix. I do have some predisposition toward it, being a certified expert. Both are free softwares and are easy to install/configure. Zabbix does have a cuter interface though – can become handy if your client require access.

Both software allows sysadmins to run remote command. Personally, I find those systems to be way too complicated to setup when Monit is easily available. Its configuration allow a syntax very similar to : if load > 5 for 10 minutes, then stop postfix-delivery. Another life saver when you don’t expect your remote monitoring agent to be able to launch a command. I use it for limits like (if load>80 for 2 minutes, then stop {httpd,mysqld}). If your system is badly losing interactivity, your normal remote monitoring software will never be able to save your system (ssh will timeout).

3. Log/Security software

While Zabbix/nagios can do some checksum on important files (such as /etc/passwd, /etc/shadow, …), they are not ready as IDS (Intrusion Detection System) yet. For such system, I recommend OSSEC. Following the online documentation, you will have a log-analysis system created in no time – using thousand of rules given with the software. Customization can also be done pretty quickly. The ‘action’ following a trigger can be email-alert or a command. The system come with a pre-built interface to iptables… port-scanning and brute force password testing are no more.

Add to all these tools a svn repository for your code, an Puppet system for global configuration and some wiki for documentation and you should have a pretty strong backbone to deal with anything your clients throws at you.