Kevin Minnick's Blog

I've decided to start posting all of my Linux hacks, tricks, and cheats to a new blog.  Check out 

linux.kevinminnick.com

from now on for Linux related updates.

 

I'm a big fan of the Harvard Business Review and this month's article by Walter Isaacson on the real lessons of Steve Jobs was awesome.  I cut out the graphic on the right and hung it on my cork board at home.  

I meet a fair number of entrepenuers and I often worry they are trying to emulate Steve Jobs's personality and behaviour.  My advice to entrepenuers is to be yourself.  There will only ever be one Steve Jobs, learn from his product and marketing genius, but figure out your own management style.

I heard several people talking about this book lately, so I decided to check it out.  When I hear "checklist" I immediately think about "to-do" lists that help you get things done.  I never thought about checklists as a tool to "get things right".  But that's exactly what this book talks about checklist being really good at.  The book is a fun and easy read and I highly recommend it.  If I were to ever start another company I'd throw the book of standard operating procedures in the trash and start a book full of checklists.

 

I'm absolutely fascinated by the topic of search in computer science.  I remember as a freshman at Virginia Tech in 1995 we spent a large amount of time covering two topics: searching and sorting.  What's amazing to me is that after all this time search is still a hard problem to solve.  Google showed us just how powerful and valuable a good search algorithm and experience can be.  But they certainly have not "solved" the problem across all domains.  I bought this book thinking it was going to be more about search algorithms, but it has nothing to do with algorithms.  This book focuses on the search user experience, which I never gave much thought to until I read this book.  I would recommend this book to anyone who is interested in building a good search user interface.

I am recommending this book for the first time entrepeneur or someone new to product management.  I think for the savvy entrepenuer this book will not keep your interest start to finish.  I struggled quite a bit to make it through the entire book.  The content of the book was really good, but for me it was more of a refresher than new material.  However, I do feel like many entreprenuers are craving what this book has to offer.

Eric does a good job teaching the reader about being able to listen to customers, iterating quickly, pivoting your company, and focusing on the metrics that really matter.  Eric stays away from the engineering side (using agile, scrum) as much as possible.  He focuses on the business side of being lean and how to create a successful startup.  I highly recommend this book for the first time entrepenuers.

 

Hopefully the answer is both!  Aren't you tired of seeing the obligatory slide or two in the project update deck that is titled "Risks"?  The problem I have with this slide is it's not a slide on Risks We Are Taking, it's a slide on Risks We Are Managing.  You need both, but rarely are both included.  New rule: for every slide on Risk Management, I want two slides on Risk Taking.

I'll try to explain the difference between the two, because there's a huge difference that's important to understand.  When I worked at a startup we talked in terms of what risks we were willing to take to be different, get ahead, push the envelope, be innovative, stretch our thinking, change the game, change the world, etc.  The trend lately is to talk about risks in terms of obstacles that might prevent successful completion of the project on time.  They are more of a cover-your-ass slide than a push-the-envelope slide. I care 100x less about the CYA story.  I care about the push-the-envelope story, lead with those, have the others as backup!

Example of Risks We Are Taking slide:

• Risk: Using new (un-proven) algorithm
• Benefit: Early tests show 200% performance improvement
• Mitigation: Can quickly swap-in old algorithm if testing fails

• Risk: Adding new social features to the UI
• Benefit: Facebook users can connect to the app, potentially exploding adoption
• Mitigation: Adding configuration option that can toggle the feature off

Example of Risks We Are Managing slide:

• Risk: We need to hire more developers.
• Mitigation: Identified 4 people to move off of other projects if necessary.

• Risk: Marketing team needs training to deliver press release on time.
• Mitigation: Will work on a Saturday with the team if necessary.

Which one is more exciting?  Which one tells you more?  Both slides are necessary, but only the latter is usually given.  Challenge yourself and your team to push the envelope and take some risks.  Be proud of those risks and tell that story too!

Decision makers at all levels of an organization should read this book.  It's simply a masterpiece that will forever change my decision making process.  Daniel Kahneman's work in this field is astonishing and I am not surprised that he won a Nobel prize.  

The book does a great job engaging the reader by utilizing real-world studies and examples.  There is a lot of material, so I suggest taking notes along the way.  I wasn't sure what to expect when I bought the book, but was pleasantly surprised with the content.  His dive into how the mind works applies to any number of fields.  I especially recommend that developers read the chapters on overconfidence and think about how it applies to estimation techniques.  :)

 

In my previous post I wrote about how to slow down brute force SSH attacks.  If you'd like to add a bit more security, and do what my Intro to CS college professor told me was "good practice", don't use root to log in to your server.  These steps will show you how to disable root ssh access, but still have the ability to perform administrator level tasks.

WARNING: The following steps have the potential to lock you out of your Linux server if you're not careful.  I suggest practicing on a new virtual server first so that you can easily re-kick the machine if necessary.  I am using Ubuntu, your Linux flavor may have slightly different instructions.

Let's take a look at the steps from a high-level, and then deep-dive into the details:

1. Add a new user account that will be used to log in
2. Add the new user as a 'sudoer' (someone who can perform administrative tasks)
3. Test to make sure you can log in as that user, and can perform admin tasks (sudo)
4. Invalidate the 'root' user password
5. Test to make sure you are not able to log in as root

Create a new user, fred

$> useradd -d /home/fred -m fred $> passwd fred //sets the password $> vi /etc/passwd //fred prefers bash fred:x:1000:1000::/home/fred:/bin/bash

Add Fred to the sudo (admin) group

$> vi /etc/group sudo:x:27:fred

Verify the 'sudoers' file is correct

$> visudo %sudo ALL=(ALL:ALL) ALL

Log out as root, log in as Fred, verify sudo works

$> exit $> ssh fred@yourserver $> sudo vi /etc/passwd

Invalidate the root user password

$> sudo passwd -l root Logging in as 'root' is now disabled via SSH, unless you have set up SSH keys in the past. If you have, you'll need to remove them to fully remove access.

I'm sending the log files from my Rackspace Cloud Servers to loggly, as I described in a previous post. Take a look at this graph from the loggly dashboard:

 

Uh oh, something looks suspicious here.  Clicking on that spike right after midnight shows the problem:

Someone is trying to break into my server by attacking ssh with many login attempts in a short period of time. Looks like I need to install fail2ban. fail2ban will keep an eye on my log files and set up iptables rules after a configurable number of failed attempts. It will also remove the rules after a specified period of time. apt-get update apt-get install fail2ban Configure /etc/fail2ban/jail.local appropriately. On Ubuntu 11.04, this was changing the [ssh] logpath = /var/log/auth.log to [ssh] logpath = /var/log/messages And restart: service fail2ban restart I test it from a different server and it works:

 

From the original server you can see fail2ban added the iptables rule:

And after 5 minutes, I'm allowed back in:

I should see a big drop in login attempts over the next few days.

My first book for 2012 turned out to be a fun but challenging read. A novel unlike any I've read before; mixing the topics of motorcycles, values, fatherhood, philosophy, and craftmenship all into one.  

The book was originally published in 1974 and is considered a modern marvel.  I especially liked this book because the topics of craftmenship, quality, and art can easily be applied to the field of computer science.   This book will certainly stretch your mind but I will warn you that it's a challenge to read because of the deep dive into philosophy.