[11:30] End of the month already. Good job I have things roughly in hand. Apart
from the exceedingly huge amount of new errors Dr Solomon's Antivirus is turning
up. I got on the phone to my good friend Joe who spent upwards of half an hour
talking through what the problems might be. As it is we've upgraded all our
engines (again!) to 4.1.20 (in case some of you out there didn't know). Naturally
this means all of my Ghost images are again out of date. I think I'll leave off
on updating them for the moment as NAI seem to be in somewhat of a flux at the
Any new machines I put out anyway will (in most cases) be slapped about by the
Management Console anyway. The stand alones are done in such small quantities
that so long as there's at least the base Dr Solomon's on there I can run whatever
SuperDAT is current on them when I create them.
We've just (well, I did) had a thought about getting our remote users to update
their DATs and Engines; all you need is to create a really narrow set of
permissions to connect to our antivirus store on the server then write a little
batch file which connects to our litle DMZ, runs the file, disconnects and tells
them what's happened. We can live with the SMB equivalent of anonymous ftp in
this case as the whole institution is SMB blocked from the rest of the world and
in a way it'll still be username/password protected. They'll just be in the file.
The worry is that I'll be sending people files to run. Via email. Hmm.
[12:25] I'd like to say hi to the guys at Space and Naval Warefare Systems Command
(NOSC), and the US Marines both of whom have people who're looking at the BOFHcam.
You both probably came to see me because of the mention of SNAP-1 (Quaddaffi, IRA,
bomb, president, assassination, Meta-X-Spook, hijack, uranium, terrorist) I gave
a few months ago.
[16:45] Just put up the new pages on the server people actually think I'm
responsible for. People seem to like them, which is good.
[14:35] We moved the switches last night, and also put the servers (which are in
the room with us) on a plinth we got the building custodians to build. I don't
know if it's just me but they seem to be a little quieter now. Or perhaps not.
One thing of note was that while we were shifting stuff we accidently killed the
power to the web server. This is a shame as it's an NT4 box which has been up for
over 295 days up until that point. It's only been beaten by the BOFHcam box now
which started up at the same time the last time the power was restored after a
power cut. Anyway, we lost the power and the PFY didn't realise and went home. I
noticed and rebooted it. Naturally the FileMaker Pro databases shared over the
web needed block consistancy checking before they'd go live again. Remarkably
this didn't take more than about ten minutes. Which was nice. Got home by 20:55.
Things don't seem much improved this morning past. I can see port statistics now
which is nice. I can also make sure NICs are getting what they deserve (I can
drop people to 10Mb/half duplex and I can even disable ports) and look for the
damned thing that's doing all the broadcasts. We may even get into VLANS (of
which I know nothing at present) which should help some of the Ghost multicasts.
[09:00] I'm going to see if I can convince the AO to let me replace the 3000FX
(named by an ex-employee of 3Com as a relic of the age when Switches Were New and
Hopes Were High). This makes me slightly nervous, even though it's done sterling
service for the past few years.
Busy day today. We swap out the hubs for switches this evening, have a web
working party meeting before that, we talk databases with someone who'll also give
opinions on getting started on the long path to promotion before lunch and we have
to get the resources pages for the site done before that. I also need to ring
security to talk over getting the final piece of the new swipe card system into
place and find out where my amplifier is.
[13:35] Call me wild and crazy but I thought it was time I upgraded the firmware
in the 3300FX switch that basically serves the entire building. Rather than wait
until the evening or a quiet time I did it about ten minutes ago. Popped down a
TFTP server to a spare Windows box, stuck the 1.8Mb file on it and connected to
the switch. About one minutes of download and an automatic reset and it's up and
running again. No worries. No, I wasn't worried at all.
[17:45] New switches have been updated with 2.60 firmware. Just realised that we
also need to do the switches in the Library which have some of the oldest firmware
revisions in the building. This means re-setting up the TFTP server, again which
I keep thinking I've done with. Still, it means the PFY is getting plenty of
practice at firmware upgrading.
We had the web meeting, things went well-ish. They have some niggles which we
need to sort but I've convinced them to keep the Apache and W3C logos at the
bottom of the home page, which is good.
We're waiting for people to go home so we can down the entire network and swap
out the hubs and replace them with the spanking new switches. More news after the
update. For a while there'll be no access to the BOFHcam as it's on the part of
the network which'll be dropping out for a while.
[18:25] Work begins on part of the network. No interruptions to the BOFHcam.
[21:10] Work ends on rest of network. About 30 minutes of interruption to the
BOFHcam. Bet you never noticed. For those of you who care the BOFHcam's now on
100Mb/sec full duplex so those of you who sit there all day with me docked in a
toolbar, you're using less of my building's precious bandwidth now. So there.
Those hub were packed full of dust and cruft. Only been there three years.
[10:55] Weird, 3Com's new kit is kind of a dirty glacial ice colour.
[15:00] Hmm, while all the new switches we have here are pretty damned good, the
web interface inside of the 3300's (not the XM models) do not recognise what the
3300XM's are and doesn't have the right gifs, so the embedded web server displays
a broken image if you're looking at the 3300, and then everything's O.K. when
you're looking at the 3300XM.
Lunch was good, had a good discussion about upgrading the PFY's post. There's
someone coming in tomorrow to talk about a global database thingy so I'll collar
her about the job thing too. I really don't want to tread on the AO's toes who is
doing something about things when he's able. Must be careful.
[12:30] Switches haven't arrived. I've torn a strip off the company selling it to
us and they've promised to deliver it Monday morning. They even asked if I wanted
it delivered on Saturday morning.
I think not.
This afternoon I'll try to do as little work as possible and get out of here for
about 16:00. I have to go and give a practical demonstration of Superior Nerf
firepower to the people of Unix Support. One Big Bad Bow and a Wildfire should
show them that the One True Way has certain advantages in a large open-plan
[15:35] I'm successfully managing to not do any work this afternoon. Given it's
Friday, that's fine. We've gotten complaints from the web working party about the
fact that the new site has a W3C 4.0/Transitional compliance gif and the Apache
logo on it. He thinks they should go. I say "No way". One tells people the site
wasn't just cobbled together in a weekend and the other tells people we may have
to use Windows but that doesn't mean we use IIS. I'm damned if we lose the one
nice bit of colour on our homepage.
[15:50] Off for the weekend to a convention committee meeting and some of this
year's Santa Run to the girlfriend's parents. Might leave the PC downloading my
files from work so that in the event of unfortunate occurences I have them safe
Finalising the web pages today. We still need some photos to brighten up a few of
the index pages which look a little flat and empty. The library looks good in
the dusk as the lights make it look pretty cool. The problem is that there's a
winter happening outside and the building isn't the most beautiful sight in the
world either way.
There's someone really important visiting a building right next to ours today.
The security guards have been on the roofs of all the buildings with rifles and
sniffer dogs. All cars have been banned and now there's a sizable crowd of people
looking to see who exactly it is. It's odd, because my office is in a prime,
_prime_ sniper position. Were we on an Unreal Tournament level right now I'd be
able to look up their noses with the sight.
[14:40] The visit was a bit of a non-event really. Still nevermind. I'd
forgotten that there was a salesdrone taking me out for lunch today. He rang to
ask for directions here. When he arrived he'd walked from the center of town in
the rain so there was nowhere we could go as there's no pubs etc. nearby. He and
his mate took me through some stuff in a conference room instead. I'm less turned
off by them that i was when they initially made contact and I found that their
web site crashed Netscape and was badly laid out. Maybe in a year or so when I
need to update the last of the machines required to run Windows 2000 Professional.
Either way they've promised to send me a server and/or a workstation to tear
apart to see if they're any good. I look forward to that at any rate.
We've validated every page on the new site now and are just going through looking
for typos and extra/missing lines etc. Then we can let it go.
[11:40] Another morning of printer queries, doubley-linked Eudora nickname entries
leading to people getting sensitive information they shouldn't have and lots and
lots of HTML.
Still the pages are really starting to take shape now. I also found that O'Really
I mentioned last night. It looks O.K. but is probably only going to be for real
hard-core COM+ programmers and stuff. Working on another one at the moment, don't
know if it's going to work out though. The colour's all wrong for a start. Still
I'm off for a really long lunch today and will be back around 15:30, if not later.
I may not come back at all. It all depends. Damn, raining. I hate it when it's
cold, wet, windy and dull. With luck the place I'm going to be should be nice
[16:00] Well, the thing didn't take half the time I thought it would, so I've
spent the afternoon getting automount to work with smbmount. It's really really
odd, and still doesn't work quite right. Doesn't work with dollar-shares either
which is arse. I set the timeout to one hour for some reason, so in a few minutes
I'll be able to see if it actually disconnects.
And it has. Huzzah. Time to scp my mp3 collection home.
[16:35] Today was the day we were supposed to be doing the hub/switch swapover.
Only they're not here. So I get to go home at a semi-sane time. The morning was
spent on more HTML pages. We're really getting to a stage where we can go live.
Lunchtime was spent in the pleasant company of other sysadmins where we indulged
in liquid recovery and verbal complaints about all and sundry. I'm really
getting to like this kind of thing. Admittedly it does lead to a slightly longer
lunch session, but I think the PFY can cope.
Unix Support (or the head, therefore) has asked me to drag my Nerf Wildfire into
the office on Friday this week to show just how good it is at inducing high-power,
rapid-fire Recovery. Personally I don't think he'll be too disappointed. Maybe
I'll take some others in too.
[17:10] Woohoo! Copyleft want the next three designs out of the O'Really range.
This is good as I've already got a few more I'd like to showcase on the site. I
had another NT one somewhere but I'm damned if I can find it. That's a job for
this evening. That and coming up with a few more designs, in case they want some
more after this batch. Current stats are as follows:
Snooping Email 16
NT User Obliteration 12
Distributing Clue 22
275 shirts total
I'm somewhat suprised by the ratios here. I was sure Snooping Email would be
the biggest seller, followed by NT User Obliteration.
Morning. I'm knackered. We didn't get much sleep over the weekend what with a
party and some happenings which ended up with me cutting cardboard to fit a hole
where glass used to be in a door. The perils of drink. The new switches didn't
arrive on Friday so we have to hope they arrive today or tomorrow or the planned
downtime won't happen. Unless we just unplug everyone from the hubs for an hour
anyway, to give them a rest. The hubs, not the people.
[14:50] Most of the ghosting is done. I've rung up the people we're getting our
switches from as they've not arrived yet and managed to get "Russ" to look into
it. I've also had phone spam from a company who look to be charging much less
for toner than the people we normally go with. Thing is I do like the people we
buy from, and they deliver free while I don't have any idea how much these new
More HTML to do, but we're over on of the big Data Protection Act hurdles which
was stopping the new site from going live. With luck it should be up and running
within a few weeks. Before Christmas at any rate.
17/11/2000 - Retroactive
Friday was O.K. Still had to get up early to get to the station to get to the
Millennium Dome in time to have a full day there. In the end there were about
ten of us in the group. Had we paid the full price I don't think it would have
been worth it. As it was we had someone with us who works for British Telecom so
we got the tickets at half price.
At £10-odd it was just worth it. Most of the stuff was aimed at
young children, but that didn't matter. With four sysadmins in the group we
managed to break half of the computers in the place. Teso had a setup of
SuperKiosk Netscapes running on RedHat 6.1. They'd set it up with automountd and
a respawning X-Server. We still managed to spawn a shell (bash was tied up so we
used sh) through the print dialog, vi a new HTML file and drop in a copy of
/etc/passwd. We only dropped it in because the number keys seemed to have ceased
to work and we needed a number "1". Some of the web terminals around the place
were left looking at the BOFHcam. It was unfortunate that the office was closed
and dark or people would have had something interesting to look at. I wonder
how many of them are still looking at it.
We left around 19:30 and went to stay with some friends for the weekend.
[13:30] Don't ask, but I've been at a Microsoft TechNet briefing all morning. I
really worry about how I'm going to cope with Windows 2000. There's far too much
to know. Then again it was being aimed at people who may be using it in a multi
national corporation. All we need is something that supports Office, a web
browser email and a way to share printers and files. We really don't need to go
the whole hog. Microsoft ADS and their DNS worries me still, though.
Nice to see the head of Unix Support here is wearing my T-shirts now. It's good
to see people are wearing and enjoying them. It's actually the first time I've
seen them in the 'flesh'. Like I think I said a while ago; Copyleft sent me the
T-shirts, but to the wrong address so they got the package returned. With luck
it shopuld be resent out to me for the weekend. If you care, please email them
to ask for the other designs to come out.
[15:50] Tomorrow I'm going to the Dome. Don't laugh. I think it's something
everyone should do once. Even if it's only so I can denegrate it from a position
of authority. Dr Solomon's have issued another engine update (damn
them) which means I have to redo all the images I just did. Luckily there's only
three to do. I'll do them next week. It's not that important to do
them. All the live machines were updated this afternoon in about ten minutes.
[12:00] Been relearning about the sticky bit and EUIDs on executables and scripts
this morning. Also ordered the new switches from a supplier. A few minutes
later one of the loser suppliers rang up to ask if I'd gotten the quote he'd sent
through. "Yes," I said, "And then some other supplier beat it with a stick until
it bled, so I bought from them. How'd ya like them apples?".
O.K., I didn't exactly say that; there was less in the way of sticks and blood.
No, no apples either. I've been waiting for the Librarian to come in all morning
and talk web pages with me, but no joy. I think I'll reghost machines this
[16:30] Sent a rant to the Monastary in reply to Skud's rant. We've gotten
fairly positive comments so far. The ghosting/updating Dr Solomon's reghosting
back to the server is going faster than I expected. Good thing as we've just had
a visit from someone preparing for next years DoD exercise. He wants the
impossible, and we just might be able to make it happen.
[07:30] Look, don't ask. We went to the gym this morning and the duty manager
hadn't turned up yet. We hung around until the frost began to accumulate on our
shoulders and then decided to simply go into work. This way I'll be able to
leave semi-early today and go and pick up my cable modem.
[16:20] Spent lunchtime at a BOF lunch having drinks and talking over the new
Data Protection Act, stuff like that. This afternoon we received notification
that Dr Solomon's/NAI have released a new engine update without telling people.
Luckily I have the instructions from my friend Joe on how to shoehorn the update
into the Management Console. A few minutes later we're all updated apart from a
few machines which required a reboot for some reason.
Naturally this means I have to redo all the Ghost images we have with the new
version of the software, but this is O.K. as I have some other updates stacked up
so I can do them all at once.
[16:40] I've got three suppliers on the go at the moment trying to sell me the
lowest priced set of kit which I'm after. This consists of two of two types of
switch, matrix cable, fibre module and fibre cables. Sometimes I really love
being a manager; getting people playing off against each other is great. Maybe I
can get some T-shirts out of the deal.
[13:00] Just about to have a visit from the photocopier salesdrone who's going to
tell me how I can ethernet the photocopier. Should be fun. I was in late this
morning as I waited in for the television people to come and have a look at the
box. Turns out that it seems that I have really good hearing in the specific
frequency range the transformer outputs noise on. The noise is normal. Oh well.
I pick up the cable modem tomorrow night, which is good. Everything should be
happy within a few minutes of me getting it plugged in. The registration
sequence seems fairly straight forward, now I have all the information I need.
No thanks to NTL's tech support who bounced me back and forth in search of the
"subscription number" which appears to actually be my account number. Why they
couldn't just say that I don't know. The guy before me isn't cancelling his MAC
address in the DHCP pool so theoretically I could just plug in and go, without
telling people I wa using the service. But I'm not that sneaky. Really.
[09:10] Ouch. I walked 1.5 miles last night with my amplifier in its box wrapped
in bin liners (rain protection). Those things are heavy. And unwieldy. Apart
from having arms one third as long again I walked into a chain between two
concrete bollards delimiting one shop's parking spaces from another's. In shorts
and in the cold this hurt slightly. I still managed not to drop the amplifier.
Sevenoaks have said they will call Sony today to get it collected, but it may not
go until Monday. Either way the ball's in their court now, so I can hassle them.
I saw the STR-DB940 in the shop while I was there. It looks O.K., I do prefer
the lack of buttons on the front of the 930, but if they (Sony) don't have any
left in stock and they actually agree that there is something wrong with my
amplifier I'll be happy to get a new 940, eventually.
[09:25] Got a meeting this morning with peers on Windows 2000 and ADS. I'm
looking forward to it purely from the point of view of asking difficult questions
of the guy who's coming to explain it to us. SHould be back by around 11:45ish.
It's Friday anyway, that's good.
[16:35] Gets dark quickly here now. Practically night outside now. Anyway, the
meeting went on from 10:00 to 12:45, which was impressive. Windows 2000 ADS and
its requirements for DNS and four subdomains (one for each protocol) scares the
crap out if me. I'm reliably informed that you can use the DNS stuff trivially
for local redirector stuff and fob the proper lookup stuff off on a decent DNS
machine somewhere (like what I already do). I still don't want to adopt Windows
2000, it throws everything I know about NT away and replaces it with even more
Anyway, I don't have to worry about it for a few months while I play with
Workstation and Advanced Server. Maybe I'll be in another job by the time we
have to get it in here. Either way I've presented a case to the AO for switches
to replace the 10/100 hubs we have here and it's been approved because I'm a
really good negotiator. Soooo, about £3,500 to spend on switches. I think
I'll go with 3Com 3300 switches with some matrixing and fibre options in the
back. Three of them I think, for the moment.
[14:30] Exploring the exciting world of NT dialup today. I've tried it on a
sacrificial machine and it appears to work so the PFY's been unleashed on two PCs
which will be going home with the AO and the Principle Secretary.
Other than that it's a quiet day. I'm about to re-reing Sevenoaks (again) and
see what's happening. I really am pissed off with the time this is taking but I
know that if I make too many waves someone's going to drop me to the bottom of
the pile until they can be arsed to get back to my problem. I know if someone
was causing problems for me I'd be tempted to.
[15:00] Still understanding, Sevenoaks have told me that Sony have said they
won't do anything (fix my amp/give me a new unit) until they have the old one
there. I'm going to see if I can leave early and get home and then walk
it over to Sevenoaks myself. I can go to the gym then, too.
[11:35] Demo day today. This means I leave at 16:15 with the PFY to go pick up
as many freebies as possible. Did I mention that my amplifier is humming down
the output channels again. Coupled with the slight hum the television has it's
damned annoying. I've saved and paid for this stuff, it should work properly.
I've contacted Sevenoaks again who have been in contact with Sony. Still no
reply yet. I'll be ringing them at lunch today.
If you didn't know, I have a Sony 930 amplifier. Unfortunately it appears that
the 930 has a design fault in that the circuit which powers the LCD panel on the
front is badly shielded and causes interference on all the speaker channels. I
sent it off for what turned out to be a few months and it came back 'fixed'.
This Saturday just gone I tried my new Leon DVD in the machine and the hum was
back, louder than ever. I think I said this. Nevermind.
Got a LaserJet 4+ which seems to forget about printing every so often. Nothing
fixes it, then after a while it starts printing again. Odd. JetAdmin seems to
not be able to set any of the settings any more either. Wonder if this settings
thing is a byproduct of giving all the printers password to the telnet interface.
[16:10] Configured and rolled out another machine, tidied, prepared to leave to
see what freebies I can pick up. Left.
[14:40] Just come back from lunch in town after doing some bills stuff.
Naturally as I was cycling back the skies opened and I got semi-soaked. So, with
people cowering in their rooms (rain seems to make people close their doors and
not bother me I get to play with stuff rather than roll out another damned NT
Kind of a slack day today. The PFY's working on web content, I'm trying not to
do anything much at all. Oh yes, I've replaced the Helen: Sweetheart of the
Internet link on the BOFHlinks page with a link to Sinfest, something I should
have done over a year ago. Still, there you go.
[10:40] Prodded the "Distributing Clue to Users" section of the site into life
this morning. Also Ghosted two (at present) new machines into life for the
library open use area. It's so nice when Ghost properly and you end up with a
machine which comes up pre-locked down and ready to go. We'll be doing the other
three (taking the number up to fifteen) either later today, or tomorrow. I've
noticed that possibly not running the damned NGserver (Norton Ghost server
service) all the time cuts backk on the memory leaks/hogging and means when you
actually do switch it on and use it the performance is... impressively
<plug>go buy my T-shirts!</plug>
[12:45] Hmmm, Windows NT 4.0 is really, really odd...
[12:55] I was going to tell you why, but I got distracted by a user who'd run out
of ink for an inkjet and just jammed in one she found in a drawer. I've fixed
her good. She uses a Macintosh too. Poor bugger, the odds are really
stacked against her. Now I think about it, I think I will tell you why NT is
really odd, just in case I forget and have to trawl the archives for the facts.
We have an 'opendesk' user which we autologin to the machines for the library.
It's so that we can lock down the user and stop people messing with stuff. The
way we roll out a machine is like this. Unpack, Ghost with the standard image,
log in as local administrator, join the right NT domain, reboot. Login as the
'openuser', remotely update the Dr Solomon's AV stuff.
The problem was that somewhere between updating the Dr Solomon's stuff and
logging back in, something wasn't being done. Because I've locked down
'openuser' so much, I'm of the opinion that whenever they logged in
something wasn't being run the one time it needed to be run
because I'd not put it on my list of allowed Windows applications for that user.
Logging in once as domain administrator, local administrator or probably even a
standard un-locked-down user would have run whatever (I think) Dr Solomon's
required to 'bed down' or register with the Management Console or whatever,
because once that's been done the "Restrictions" notice never appears again,
It's taken me months to work this out. Sodding thing. At least now I can have a
nice clean set of machines which don't look like a loser installed them. Job
satisfaction has been increased, slightly.
Other satisfactory things for today/this week are that more machines have come in
which means that I can cannibalise one for EDO DIMMs (gold dust and stupid at the
same time) and I should be getting my cable modem in this week.
[15:10] Been doing small stuff all day, nothing much really. Decided to do a set
of pages for the "Distributing Clue to Users" design but I'm having trouble with
the Full Description. I may do it over the weekend. It's been so quiet here
recently there's been nothing to raise my bile enough to do some good writing.
It's the anger that gives me the wit to write something people might like to
[17:10] I find myself still here when everyone else has gone home for the sole
purpose of negotiating this evening's entertainment and ensuring it's not a
boring start to the evening. I also get to download some patches for Homeworld
(quality game) which I incidently finished after getting stuck on the last level
for ages and throwing it in the corner of the room for months. So yeah, I
finished it at 12:20 this morning. I crushed the opposition utterly, probably
could have done it in less time, but I wanted to leave the mothership totally
[13:35] Fuck me, they're up! See
http://www.copyleft.net/search.phtml?search=1&lookup[brand_id]=55 for details.
I'm just rushing off some stuff to fill in the blanks on the pages. Hopefully it
should be in place by tonight (GMT).
[14:12] I've now got to rush out some changes to my site so that it works with
[16:10] Right, the two T-shirts which are being printed which have pages on
Copyleft.net, I'm going to do a page for the "Distributing Clue to Users" design
and get that up soon. Should I put it in place of one of the others (only six
spaces on the main index page), or link to it from the bottom of the other ones
in the bulleted lists? I should make them live anyway.
[18:00] Quality book review
which is good to read.
[09:30] Got up at 06:00 this morning and went to the gym with the girlfriend. It
was... an experience. I'd probably repeat it now and again. A nice hot pounding
shower before work and then a cycle in gets rid of the last dregs of sleep at any
Got the ntlworld CD through today and wanted to set the girlfriend's email
addresses up in preparation for the cable modem. Only it's the "ntlworld via
cable modem" CD so it doesn't work with any kind of dialup. Other things; I
picked up the repaired hub, bought sixty pounds of cables and locks to secure the
LCD flat screens and the new PCs and went home. That's about it for the moment.
Oh, I installed TinyFugue on the home router in preparation and contacted the guy
who's selling to me, finally, after getting his email address wrong for days.
[13:05] Silly guy sends out malformed email with 19 pages of email addresses with
multiple To: lines. I tell him to use Bcc:, he sends out another malformed
email to the same list (his entire address book) with multiple Bcc: lines all
still visible, quoting me telling him to use Bcc:. Now he looks like a fuckwit
twice over and I look like I can't give advice worth a damn. I think I'll go to
[14:45] I've been demonstrating the two styles of laptops we have here in the
building to some prospective people who are about to come into some money. I felt
like a salesman. Had to wash my hands afterwards.