New site

I'm no longer working for myself, so I've moved most of my old content to this new blog. The same entries should generally be available, although there may be some issues with paths not matching and images not showing by default. If there's...

Anyone but the majors

(Warning: Contains political content about the upcoming Australian federal election - although not the type you might expect...) Annabel Crabb hit a nerve with this article opening recently: You're one week into a federal election campaign that...

An update to "What's in my Podcast Roll?"

I blogged previously about the podcasts I regularly listen to, and the topic came up again this week on the SAGE-AU mailing list, so I thought I'd update it with my current thoughts. Regular listens from the previous list SANS Internet Storm...

ntpq: write to ::1 failed: Operation not permitted

The other day I got a bug report about check_ntpmon, which was reporting UNKNOWN status back to Nagios even though everything seemed to be working fine. A bit of debugging revealed that it was receiving the message on standard error: ntpq: write...

Generic IT career/job seeking advice to the young starter

I've been asked a few different times to advise young (and sometimes not so young) people trying to get a start in IT.  Every story is different, but there are a few commonalities.  So here's my generic IT career/job seeking advice in rough...

Default permit still winning the security battle

I was stoked when Patrick Gray took up my suggestion to ask Marcus Ranum to reflect on "The Six Dumbest Ideas in Computer Security".  I encourage you to listen to the interview for yourself, but my summary of it is that Marcus was mostly...

The tragedy of Vyatta Core's demise

Vyatta Core (VC) is one of my top fanboy loves.  It provides a firewall/router based on Debian Linux but with an elegant configuration system modeled on Junos.  Vyatta previously offered VC as a community edition of their commercial router (with...

Setting up Zimbra for strong ciphers only

Tonight i was working on getting a client's Zimbra SSL configuration up to scratch, and found it somewhat difficult to get our server to make Qualys' SSL Labs scanner happy.  I was working from the following Zimbra wiki pages:...

Email message size limits

Background Prompted by a request from staff at a client's head office, a couple of days ago i posed this question to a couple of the mailing lists i'm on: what is your size limit on individual email messages? I was blown away by the speed,...

Three days with Junos

Background This post is the story of my first practical look at Junos on Juniper EX-series switches. One day last December, Skeeve Stevens from eintellego opened a can of worms by offering a deal on Juniper equipment to all network engineers on...