I’m on the hunt for a good password manager for the iPhone. But there’s a slight catch. I’m looking for something that works with fedora. I’d like to be able to sync it locally as well. There seem to be couple of things that will sync “to the cloud” but that seems to be a horrible idea for passwords.
Anyone have suggestions?
We are currently going through an ITIL implementation. It’s had it’s ups and downs and philosophically I don’t really believe in it (certainly not in our implementation), but it’s had a few successes and a few failures. Without droning too much about it, to make any ‘production’ change you have to file an RFC that gets reviewed by a management team. There is a relatively recent DNS attack that involves using root zone recursion to DOS a target server. We’re vulnerable to being used in this manner. It really doesn’t affect us much as that our servers handle the requests fine, but we’re assisting in a DDOS and that’s not good. For us the fix is pretty straight forward, because of some historical decisions we have to allow recursion for certain ips, so I need to segment things off into a tighter view and eliminate recursion there. This is a pretty straight forward change and one that I would do without a second thought (after testing). Due to our current climate of process I have to file an RFC, which is fine, I’m not real happy about it but I’ll live.
However my RFC was denied not because of any technical reason, not because of any concern over the technology, the implementation, or the timing. It was denied because I didn’t put the correct information into the details page and because my dates were wrong. I’m all for doing process right (when it makes sense), but does it make sense to derail a security fix for 4 days because the form was incorrect? Especially when there exists a forum in which you can be asked to clarify anything regarding your RFC.
Now when security takes a backseat to process, your organization has truly begun the decent to failure. This may indeed be the straw…
I’m trying to make a concerted effort to first of all blog a little more, and secondly blog more about sysadmin type stuff. Hopefully that’ll give me a little bit more direction.
We’ve been a big NAS shop for a number of years, actually well before I come on board. We are starting to use SAN more and more nowadays. We have a much more stable SAN fabric (the network side of fiber channel storage for those of you keeping score at home). So I spend several days before the break fighting with various SAN issues. Most of them were my lack of particular experience with our SAN implementation as well as host level tools. The pain of SAN comes largely from the host end. Your SAN device (even in our case with NetAPP) is probably pretty good at doing it’s end and is well documented. But on the linux side SAN is very vendor specific, which always leads to problems. For example if you are using an EMC you have to get supported HBAs then in some cases run a custom kernel to support that HBA and then you probably end up needed vendor specific tools for handling things. In my setup I don’t need a custom kernel, but we do have to support a small vendor package of tools. NetApp is actually pretty good when it comes linux supoprt, they package RPMs in most cases and stay current with versions as far as support.
Recently I just got back from LISA (Large Install System Administrators) Conference in San Diego. Overall I really enjoy this conference. My employer generally doesn’t spend very much on conferences, at least not for people in my position, so it’s nice that I get to go to this one. There are very few Sysadmin specific conferences out there. Velocity seems to have some potential despite it being very Web (2.0) centric. I haven’t been to Velocity so I really can’t comment.
Recent Photos
