Readers Speak Out: Letters to the Editor This month: On-the-fly career advice for those ready to make the jump; Adrian Cockcroft's performance breakdown of today's I/O solutions; and security fixes and facts with Peter Galvin

February  1998

Mail this article to a friend

Security Q&A with Peter Galvin

Peter,

I am thinking that a quick-fix for security could be to use secure telnet. I'm considering STEL. I'd like to know where I can get more information about the client portion. Can the client be executed on all platforms that run telnet?

Mel Leibsla

Mel,

I haven't used STEL myself, so I can't give you any information from first hand experience. It looks like it's just for Unix machines. A useful URL is: http://nswt.tuwien.ac.at/htdocs/baudoin-goodie-hints/unix/sys_admin/STEL.html

You may want to think about ssh as an alternative. It's widely used and runs on many platforms. It is a bit of a hassle to set up though...

Peter Galvin

SeOS revisited

Peter,

Back in July 1996 you wrote an article about Unix security, "The SeOS security blanket," suggesting that, rather than rewrite Unix, a product called SeOS should be used. Have you worked with this product since then, or installed it at customer sites, and if so, what is the feedback? Are there competitive products and/or are Unix vendors including similar functionality?

Any information on SeOS and Memco you can pass on or point me to would be appreciated.

Thanks,
Mike Bass

Mike,

Yes, I'm currently working with the latest version of SeOS. I still recommend it. It's a complex product, but very powerful. Other tools are available, depending on what your needs are. SeOS is the best at locking down a system.

Platinum resells it. BoKs makes a package for secure authentication, password control, etc. Axent makes a few products for security problem scanning. ISS makes the best network scanner.

Peter Galvin

The truth about 118N

Peter,

Thanks for a brilliant [LISA, Network Security, SNAC] conference summary. (See last month's Security column, "A conference a day keeps the diet at bay" for details --Ed.) Will you please provide some pointers about 118N, as you mentioned it for advanced Web security?

Tim Ganguly

Tim,

I received a couple of questions about 118N. As it turns out, it's not really for Web security; rather, it's a standard for the internationalization of network services. Basically, how to make your Web site multinational. There's more information at http://vivaldi.terena.nl/tech/working-groups/wg-i18n.

Peter Galvin

Performance Q&A with Adrian Cockcroft

Adrian,

I was hoping you could present the various fast I/O solutions available today, with some performance breakdown. How and when are clients seeing the benefits? UFS file systems are getting faster and faster in Solaris with some vendors reporting close to raw speeds.

I am looking for a technical specification that says "Yes, this is the performance breakdown." Or I'd like hear something from Sun that says "Yes, beyond this point our UFS does not perform."

Neil Greene,
Technical Architect / Oracle DBA
MCI Systemhouse Inc.

Neil,

For Oracle, it is still best to use raw disk, so the file system type becomes irrelevant. Kernel asynch I/O is the most efficient fast path to disk, and it can only work with raw disk, and is used by default with Oracle on raw.

Solaris UFS was not designed for use with large files, though it is good for holding lots of small OS files. UFS cannot go faster than 30 megabytes in a sequential table scan because the data on disk is not contiguous in an indirect block-based layout.

VxFS is extent based, much better suited to large files, and, given enough underlying disk bandwidth, is proven capable of sequential throughput at 1 gigabyte.

If you must use a filesystem (trading off performance for an administrative policy dictator) then VxFS will perform best.

The Veritas DataBase accelerator and UFS are the same thing: unbuffered access to large files. The physical layout of the file on disk can vary. It will not be good with UFS, and it may be close to raw layout with VxFS. They are better than buffered I/O, but worse than raw; and raw is free...

Managing raw disk partitions is very easy if you use Veritas vxva GUI to build and name your raw disk stripes. They won't get lost or overwritten by accident.

Adrian Cockcroft

Career advice

http://www.sunworld.com/sunworldonline/swol-02-1998/swol-02-career.html

Thanks to Mark Mangan, an associate of Career Advisor columnist Edgar Saadi, for his replies to all letters below --Ed.

Ready to jump

I am a PC/network systems coordinator at a local hospital In Oregon. I am also in my final year at the University of Oregon.

I'm interested in employment with a growing company. I would like your advice on finding that company and how to advance so as not to be stalled here at the hospital.

Signed,
Oregon

Oregon,

I wish I had an easy answer for you or a piece of golden advice that could unlock the door to your dream job. Unfortunately, finding work is more often than not an arduous process with many dead ends and difficult paths -- particularly when you're just starting out.

The first thing you need to sort out is what you would ideally like to do. Do you like being a systems coordinator, or are there other areas that you would rather pursue? If so, what are they? During this process of self-evaluation, take out your resume and begin fine tuning it. Does it point, through your past experiences, in the direction you want to head?

Once you have decided what kind of job you really want, look up all the people you know who work in the industry. This is, by far, the most successful way to find employment. Let it be known that you're looking for a job and what kind of position you seek. At the same time, run through ads in your local paper and on the 'Net. And remember, finding a job is a job in itself.

Good luck,
Mark Mangan

Real-world experience vs. fancy degrees

I've had a successful career in management in the retail and food industries, but I've always wanted to enter the IT industry. When I finally had the opportunity, I jumped at it. I took a certificate course in Unix to get my feet wet, but now I could use advice on where to look to get real Unix experience. Or is it better that I just re-enter the University for the degree?

Wanting to be a Unix guru

Dear Potential Unix Guru,

School is important. Degrees are useful. And if you're a long-term planner and are thinking not just of getting a job, but of some day progressing to higher level management, then you should think about getting a degree. They are often crucial when it comes to reaching the top. But if you want to know how to handle Unix, and therefore, to be attractive to employers who need real work done today, then the answer is simple: get experience.

You could walk into an interview with a degree from M.I.T., but if you didn't have any real-world experience to show that you can do what you say you can and that you've done it in a job situation, they may very well show you the door. If you have the opportunity to get work experience, get your feet wet there.

Mark Mangan

Where to begin?

I am a soon-to-be-graduating high school senior. I love Unix and am looking to be a Unix systems administrator. I have been using Unix for around a year and a half and have taught myself everything from scratch.

I read in your column that Unix sysadmins make around 60K to 80K a year. It's nice to know that the job I will someday have and the things that interest me pay quite well. But I'm unsure of my next step. I plan to major in computer sciences in college, and I'm certain I will always be a Unix type of guy -- I currently run most stuff at my school and am finishing the school's new Web page -- but can you give some advice as to where I should start?

Mr. Commandline

Mr. Commandline,

You seem to already realize that real-world experience is what you need to really advance yourself in your career. You are young, but if you can find a job or internship -- where you not only have to know Unix but will also deal with difficult situations in a business environment -- you'll be making a step in the right direction.

Begin looking around now for something in the business world this summer, even if it means interning at a company for low pay or for free.

Proving yourself in the beginning is usually very difficult, but good Unix sysadmins are hard to come by.

Keep on the command line,
Mark Mangan

Is Unix systems administration still a hot job?

I just want to let you know that I am a regular reader of your column. I appreciate the advise that you give to your readers.

Here's my situation: I have a total of seven and a half years experience in Unix; four of those years as a power user, three and a half years as a sysadmin. Two years ago, SunWorld (or was it Pencom?) released a survey of the hottest jobs, and Unix sysadmin was at the top of the list. I was very happy at that time, because I knew I had the right skills at the right time. Nowadays, however, I don't see a lot of want ads for Unix sysadmins; but I do see a lot of NT sysadmin job openings.

I enjoy Unix, and I want to be an expert in this field (especially Solaris) -- should I start worrying about my future, and expand my knowledge to NT, or should I keep sharpening my Unix (Solaris) skills?

Worried in San Francisco

Dear Worried,

Don't worry about it. There may be a few less jobs for Unix sysadmins as NT gains a stronger foothold, but Unix and all its major flavors are not fading out any time soon. Unix is still the most powerful operating system out there, representing the backbone of many of the world's largest corporations. The biggest sensation in this industry, the Internet, is and always will be based on Unix.

In fact, Pencom's systems administration division, Collective Technologies, is still growing at an incredible rate. From where Pencom is sitting -- as both a recruiting firm and a sysadmin consulting company -- Unix is as hot as ever.

Keep abreast of the NT phenomenon -- it's not to be ignored. But again, don't worry about your skill set. Full speed ahead on Unix is still a good direction.

Mark Mangan

Mainframer on the move

I am currently a mainframe COBOL programmer. I have been at my job for two years, but I am looking for a new job. I am interested in moving to a client/server environment, and I also want to learn new languages, such as C/C++, Visual Basic, and Java. My salary is currently below the industry average, but that is not the main motivation behind the change I seek.

How do I find a job in a new environment where I have no training and how can I get the training I need to advance my career?

Seeking Change

Dear Seeking Change,

There is no easy answer to your situation, a classic catch-22, but you have definitely made the right first step by identifying what it is you want to learn and where you want to be. Now your job is to actively seek out that goal.

First, see if there are any opportunities within your current company to move over to tasks that involve these technologies you have listed. If that's not an option, then talk to your friends and acquaintances in the industry. For this opportunity, may have to initially settle for a job at a lower position and lower salary, but it's worth it.

You are indeed looking towards the future. Keep your sights set there. Read up on the languages that interest you. Maybe take a class or two on your own time. If you are a good programmer, your goals are well within the cards for your future.

Mark Mangan

If you have technical problems with this magazine, contact webmaster@sunworld.com

URL: http://www.sunworld.com/swol-02-1998/swol-02-letters.html
Last modified: