Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

Let's get rid of the developer training: Pair Programming

Let's get rid of the software testers: Test First Programming

Let's get rid of the project managers: Agile

Let's get rid of the project planners: Scrum

Let's get rid of the system admins: DevOps

Let's get rid of the security guys: DevOpsSec

Let's get rid of the hardware budget: Bring Your Own Device

Let's get rid of the servers: Cloud Computing

Let's get rid of the other scruffy guys: Outsourcing

Let's get rid of the office space: Home Office

Let's get rid of the whole fucking company: Takeover

One year ago, I quit my job in order to "make life easier". And by that I mean work+home in the same city. I went from 40 minutes commute - to 3 minutes. I had a blast the first week.

Then I realized that it was actually a mistake. I did not like working with "that kind of systems" and "that kind of tasks". It was tedious, stupid, and I was angry every, single day because the previous ones had built a system on 10-15 year old hardware because "it is cheaper".

That continued for a year. I discovered new stupid "solutions" every week that was potentially dangerous for the company. It built up a huge pile of shit and I started to feel that my mental health was disappearing, fast.

And equipment such as servers, switches, routers, storage started to fail because of age. Despite my warnings from day 0 to the CEO who only kinda laughed it off and said "you can to solve that", but I never got the approval to actually buy the equipment that was needed. Because "the company did'nt have the money for it". Somehow, the company had the money to buy expensive cars for the CEO - I can't really figure out that equation.

So today, one VERY old UPS died at our office. It caused some powerspike that killed off some switches and a NAS.
"Whatever" I thought, I just have to find the backup of the files and get a new one.

Then I discovered, that the NAS that acted as a iSCSI target for VM's and document storage was backed up using VEEAM on another server - that was configured to backup everything to the same NAS. I just wanted to cry, because I could not take anymore shit.

So I picked up my phone, called my old employer and asked if I could start working for them again. My old boss got insanely happy and gave me a great offer which I immediately accepted.

So tomorrow, is the day that I am going to walk into my current boss and say that I will quit. My last day will be on Christmas day. And I will start my new year with a few weeks off, and then back to the job that I actually loved.

Life is to short to work with something you hate.

Had this yesterday on my way back home from the meeting. Bumped into an old study friend who was never fond of Linux even for servers.

"so what do you use at your company?"
"oh uhm yeah uhm right.... Ehh yes ehhhh so uhm like we use like uhm Linux for the servers"
"ah, and? Works well?"
"uhm well uhm yeah ehh yeah works uhm pretty..... Pretty ehhhhhh good 😅. It appears to eh work.... Like uhm very good for servers after all..."

Hearing that coming out of his mouth....

Damn!

Once upon a time there was a dev.
The dev had a resume that said he could dev.
We called the dev, he sounded intelligent.
We hired the dev, who was a bit green, on a three month probationary period.
The dev did very little.
When asked, we said he contributed to discussions, but seemed unclear about what to do, and maybe they could keep him as an intern if they wanted to have him at all.
They hired him. As a full time dev.
6 months later, that dev was shocked to find we could log into the servers with a privileged account.
We (his team mates) were sad.
We asked him to fix a few prod errors.
A little while later he said "Done!"
We then had to walk him through how to actually fix them, not just add a couple pieces of info to the table.
We were sad, again.
We asked him to fix some prod errors again.
We had to walk him through the process again
We expressed concerns to our superiors about his abilities because he was all theory, no hands on ability
They promoted him
We were sad
A few of us said "Fuck you guys, I'm going home"
They said OK
Now that guy is the only one that "knows" that code base
I get calls sometimes asking me questions.
I told them to pay me a consultant fee.
They said no
I said no
They called again
I laughed at them

Listen to the people who know when you ask them questions.
Listen to the people who know when they tell you there is a problem
Don't be like that company

Worst dev team failure I've experienced?

One of several.

Around 2012, a team of devs were tasked to convert a ASPX service to WCF that had one responsibility, returning product data (description, price, availability, etc...simple stuff)
No complex searching, just pass the ID, you get the response.

I was the original developer of the ASPX service, which API was an XML request and returned an XML response. The 'powers-that-be' decided anything XML was evil and had to be purged from the planet. If this thought bubble popped up over your head "Wait a sec...doesn't WCF transmit everything via SOAP, which is XML?", yes, but in their minds SOAP wasn't XML. That's not the worst WTF of this story.

The team, 3 developers, 2 DBAs, network administrators, several web developers, worked on the conversion for about 9 months using the Waterfall method (3~5 months was mostly in meetings and very basic prototyping) and using a test-first approach (their own flavor of TDD). The 'go live' day was to occur at 3:00AM and mandatory that nearly the entire department be on-sight (including the department VP) and available to help troubleshoot any system issues.

3:00AM - Teams start their deployments
3:05AM - Thousands and thousands of errors from all kinds of sources (web exceptions, database exceptions, server exceptions, etc), site goes down, teams roll everything back.

3:30AM - The primary developer remembered he made a last minute change to a stored procedure parameter that hadn't been pushed to production, which caused a side-affect across several layers of their stack.

4:00AM - The developer found his bug, but the manager decided it would be better if everyone went home and get a fresh look at the problem at 8:00AM (yes, he expected everyone to be back in the office at 8:00AM).

About a month later, the team scheduled another 3:00AM deployment (VP was present again), confident that introducing mocking into their testing pipeline would fix any database related errors.

3:00AM - Team starts their deployments.
3:30AM - No major errors, things seem to be going well. High fives, cheers..manager tells everyone to head home.
3:35AM - Site crashes, like white page, no response from the servers kind of crash. Resetting IIS on the servers works, but only for around 10 minutes or so.
4:00AM - Team rolls back, manager is clearly pissed at this point, "Nobody is going fucking home until we figure this out!!"
6:00AM - Diagnostics found the WCF client was causing the server to run out of resources, with a mix of clogging up server bandwidth, and a sprinkle of N+1 scaling problem. Manager lets everyone go home, but be back in the office at 8:00AM to develop a plan so this *never* happens again.

About 2 months later, a 'real' development+integration environment (previously, any+all integration tests were on the developer's machine) and the team scheduled a 6:00AM deployment, but at a much, much smaller scale with just the 3 development team members.

Why? Because the manager 'froze' changes to the ASPX service, the web team still needed various enhancements, so they bypassed the service (not using the ASPX service at all) and wrote their own SQL scripts that hit the database directly and utilized AppFabric/Velocity caching to allow the site to scale. There were only a couple client application using the ASPX service that needed to be converted, so deploying at 6:00AM gave everyone a couple of hours before users got into the office. Service deployed, worked like a champ.

A week later the VP schedules a celebration for the successful migration to WCF. Pizza, cake, the works. The 3 team members received awards (and a envelope, which probably equaled some $$$) and the entire team received a custom Benchmade pocket knife to remember this project's success. Myself and several others just stared at each other, not knowing what to say.

Later, my manager pulls several of us into a conference room
Me: "What the hell? This is one of the biggest failures I've been apart of. We got rewarded for thousands and thousands of dollars of wasted time."
<others expressed the same and expletive sediments>
Mgr: "I know..I know...but that's the story we have to stick with. If the company realizes what a fucking mess this is, we could all be fired."
Me: "What?!! All of us?!"
Mgr: "Well, shit rolls downhill. Dept-Mgr-John is ready to fire anyone he felt could make him look bad, which is why I pulled you guys in here. The other sheep out there will go along with anything he says and more than happy to throw you under the bus. Keep your head down until this blows over. Say nothing."

Crap.. got myself into a fight with someone in a bar.

Hospitalized, turns out that my knee is bruised and my nose is broken. For some reason the knee hurts much more than the nose though.. very weird.

Just noticed that some fucker there stole my keychain USB stick too. Couldn't care less about the USB stick itself, got tons of those at home and hard drive storage even more so (10TB) but the data on it was invaluable. It held on a LUKS-encrypted partition, my GPG keys, revocation certificates, server backups and everything. My entire digital identity pretty much.

I'm afraid that the thief might try to crack it. On the flip side, if it's just a common Windows user, plugging it in will prompt him to format it.. hopefully he'll do that.

What do you think.. take a leap with fate and see how strong LUKS really is or revoke all my keys and assume my servers' filesystems to be in the hands of some random person that I don't know?

Seriously though.. stealing a fucking flash drive, of what size.. 32GB? What the fuck is wrong with people?

Got my front end friend (also my irl best friend) to agree on me setting up a vm/vps on one of my dedi's with a sub domain so he can learn to work with servers.

He agreed on me leaving root access for myself in case he couldn't figure something out and I (a Linux server engineer myself) would have to help him out.

He seemed so excited, will set this up when I get home 😊

I’m surrounded by idiots.

I’m continually reminded of that fact, but today I found something that really drives that point home.

Gather ‘round, everybody, it’s story time!

While working on a slow query ticket, I perused the code, finding several causes, and decided to run git blame on the files to see what dummy authored the mental diarrhea currently befouling my screen. As it turns out, the entire feature was written by mister legendary Apple golden boy “Finder’s Keeper” dev himself.

To give you the full scope of this mess, let me start at the frontend and work my way backward.

He wrote a javascript method that tracks whatever row was/is under the mouse in a table and dynamically removes/adds a “.row_selected” class on it. At least the js uses events (jQuery…) instead of a `setTimeout()` so it could be worse. But still, has he never heard of :hover? The function literally does nothing else, and the `selectedRow` var he stores the element reference in isn’t used elsewhere.

This function allows the user to better see the rows in the API Calls table, for which there is a also search feature — the very thing I’m tasked with fixing.

It’s worth noting that above the search feature are two inputs for a date range, with some helpful links like “last week” and “last month” … and “All”. It’s also worth noting that this table is for displaying search results of all the API requests and their responses for a given merchant… this table is enormous.

This search field for this table queries the backend on every character the user types. There’s no debouncing, no submit event, etc., so it triggers on every keystroke. The actual request runs through a layer of abstraction to parse out and log the user-entered date range, figure out where the request came from, and to map out some column names or add additional ones. It also does some hard to follow (and amazingly not injectable) orm condition building. It’s a mess of functional ugly.

The important columns in the table this query ultimately searches are not indexed, despite it only looking for “create_order” records — the largest of twenty-some types in the table. It also uses partial text matching (again: on. every. single. keystroke.) across two varchar(255)s that only ever hold <16 chars — and of which users only ever care about one at a time. After all of this, it filters the results based on some uncommented regexes, and worst of all: instead of fetching only one page’s worth of results like you’d expect, it fetches all of them at once and then discards what isn’t included by the paginator. So not only is this a guaranteed full table scan with partial text matching for every query (over millions to hundreds of millions of records), it’s that same full table scan for every single keystroke while the user types, and all but 25 records (user-selectable) get discarded — and then requeried when the user looks at the next page of results.

What the bloody fucking hell? I’d swear this idiot is an intern, but his code does (amazingly) actually work.

No wonder this search field nearly crashed one of the servers when someone actually tried using it.

Asdfajsdfk.

Home alone, all friends having family stuffs (my family isn't available right now), all I've got to do is programming/servers/watching series aaaaaaaaand my Internet goes down.

Merry fucking Christmas I guess 😞

Servers down.....
Everyone : Best day ever. 😎 Screw you guys , I'm going home.
Network Engineers : 😭😲😰

*rants to some people I met in a cafe about how irresponsible making a ground rail live is*

Girl: "well people do make mistakes, right"
Me: "but they shouldn't! It's civil engineering ffs!"
Girl: "that doesn't change the fact that it's impossible for people to not make mistakes"

*realizes that I'll have to explain redundancy*

Me: "okay, so I have 2 mail servers. If I make an inevitable mistake, during an update or so, it only affects one of the servers but not the other one. So service is uninterrupted."
Girl: "that's far too complicated and technical.. explain it more easily."
Me: "alright, what job do you have"
Girl: *tells her job*
Me: "alright, so imagine that you get sick or go on a holiday or something. When there's someone else in the company that's got the same skills, they can ensure that the job gets done regardless. That's redundancy."
Girl: "aah, still too complicated!!"

What the fuck?! I removed all of the technical stuff and it's still too complicated?! How willfully ignorant or plain stupid can you be?!! Well fuck her then, but not in the way of taking her home. Now guess why I don't really like the muggles in my town. Fucking idiots!!!

"But muh BuzzFeed, conspiracy theories, deferring updates because they hog my WiFi, and casual games on my iPhone"

FUCK!!! FUCK PEOPLE!!!

It were around 1997~1998, I was on middle school. It was a technical course, so we had programing languages classes, IT etc.

The IT guy of our computer lab had been replaced and the new one had blocked completely the access on the computers. We had to make everything on floppy disks, because he didn't trusted us to use the local hard disk. Our class asked him to remove some of the restrictions, but he just ignored us. Nobody liked that guy. Not us, not the teachers, not the trainees at the lab.

Someday a friend and me arrived a little bit early at the school. We gone to the lab and another friend that was a trainee on the lab (that is registered here, on DevRant) allowed us to come inside. We had already memorized all the commands. We crawled in the dark lab to the server. Put a ms dos 5.3 boot disk with a program to open ntfs partitions and without turn on the computer monitor, we booted the server.

At that time, Windows stored all passwords in an encrypted file. We knew the exact path and copied the file into the floppy disk.

To avoid any problems with the floppy disk, we asked the director of the school to get out just to get a homework we theorically forgot at our friends house that was on the same block at school. We were not lying at all. He really lived there and he had the best computer of us.

The decrypt program stayed running for one week until it finds the password we did want: the root.

We came back to the lab at the class. Logged in with the root account. We just created another account with a generic name but the same privileges as root. First, we looked for any hidden backup at network and deleted. Second, we were lucky: all the computers of the school were on the same network. If you were the admin, you could connect anywhere. So we connected to a "finance" computer that was really the finances and we could get lists of all the students with debits, who had any discount etc. We copied it to us case we were discovered and had to use anything to bargain.

Now the fun part: we removed the privileges of all accounts that were higher than the trainee accounts. They had no access to hard disks anymore. They had just the students privileges now.

After that, we changed the root password. Neither we knew it. And last, but not least, we changed the students login, giving them trainee privileges.

We just deleted our account with root powers, logged in as student and pretended everything was normal.

End of class, we went home. Next day, the lab was closed. The entire school (that was school, mid school and college at the same place) was frozen. Classes were normal, but nothing more worked. Library, finances, labs, nothing. They had no access anymore.

We celebrated it as it were new years eve. One of our teachers came to us saying congratulations, as he knew it had been us. We answered with a "I don't know what are you talking about". He laughed and gone to his class.

We really have fun remembering this "adventure". :)

PS: the admin formatted all the servers to fix the mess. They had plenty of servers.

Got this mail from Amazon today:

"IT innovations"

Yes, the dress is for servers (wtf?)

Once it really hit me hard. The father of my brothers wife once told me that I'm not fit for IT in general. He thinks that I have pseudo knowledge of IT and Programming.

He just works parttime at home as "computer scientist" and sells routers, pc and such stuff to some private customers. Before he used Filemaker and sayd that he already coded his own CRM with it.

When he said that it really made me sad. But after we talked I looked back what I already achieved:

1. I build for me and friends custom PC's with Case mods and Hard Tube watercooling
2. I can programm in HTML5, CSS3 and PHP
3. I raised a Community with over 60 people in it. We got 2 dedicated Linux Roots (I7-6700K, 64GB RAM, SSD)
4. I manage the Linux Servers on my own with VoIP, Mail-, Web-, MySQL- and Gameservers
5. I built up a complete Community Solution with Game Groups, Forum, Tournament System and a lot of custom scripts.
6. Now Im almost finished learning the C++ Basics to code and manage to learn the beginning of GUI/UX programming.
7. Next thing Im gonna learn is Javascript (Browser) and Java, so I can complete my Web Skills and also can code Java Desktop Apps and Java game plugins (don't rant, Javascript is not the same as Java, I know 😉)

So I thought to myself "maybe in the eyes of others Im not a computer scientist, but then Im on the way to be one at least"

But please dont be a douche (the father) and prejudice me, before you don't know what I already can and achieved.

Just because you're are selling computer parts and installing them doesn't mean, that you are a computer scientist and telling me that I'm not 😉

In IT you're the smith of your own merit!

This happend to me around 2 weeks ago. For some reason, I decied to post this now.

I won the lottery, yey! I mean, bot really, but I am <19yo student, "less than junior dev" in my office, but sonce I am the only one who is capable of working with hardware, I was working month back as a sysadmin for a few days. Our last sysadmin was really good working but really, really toxic guy, so he got fired on a spot after argument with some manager or whatever, no big deal, we could have another guy hired in a week. But, our backup server literally was on fire, all data probably dead because bad capacitor or whatever. This was our only backup of everything at the time. Everyone in full fucking panic mode, we had literally no other working HW we could use for backup, but then comes me, intern employed on his first dev job for 3 months. That day I bought some HW for my own personal server at home (Intel NUC with some Celeron, 4GB DDR4 RAM and two 240GB SSDs for RAID 1. My manager asked everyone in the office for sollution how to survive next 4 days before new server arrives. People there had no idea what tk do and no knowedgle about HW, I just came from a break and offered my components for a week, since there was noone else who can work with HW, servers and stuff like this, manager offered me $500+HW cost if I, random intern, can make it work. I installed Debian on that little PC, created RAID1 from both SSDs, installed MySQL server and mirrored GIT server from our last standing server (we had two before one of them went lit 🔥), made simple Python script to copy all data on that RAID, with some help of our database guy copied whole DB from production to this little computer and edited some PHP so every SQL request made on our server will run on that NUC too. Everything after ±2 hours worked perfectly. Untill a fucking PSU burned in our server and took RAID controller with him in sillicon heaven next night, so we could not access any data unltill we got a new one. Thanks to every god out there, I was able to create software RAID from survived HDDs on our production server and copy all data from that NUC on the servers software RAID and make it working at 3 AM in the night before an exam 😂. Without this, we would be next ±40 hours without aerver running and we might loose soke of our data and customers. So my little skill with Linux, Python, MySQL and most importantly my NUC hardware I got that day running as a backup server saved maybe whole company 😂.
Btw, guess who is now employee of the year with $2500 bonus? 😀
Sorry for bragging and log post, but I was so lucky an so happy when everything worked out, good luck to all sysadmins out there! 👍

TL:DR: Random intern saved company and made some money 😂

So I'm moving to a new/bigger place with faster Internet soon so I think it's time to rebuild my current home/remote server setup.

I want to setup the following things:
- vps for server monitoring (open source pushover alternative + netdata)
- Zero tier network for connecting all my servers to the same network
- pihole/pivpn (or the Angristan vpn installer, look it up :)
- second blocking thingy next to pihole to make sure that I literally can't access google/fb etc anymore, even if I really needed/wanted to
- bunch of general servers.

Any ideas?

This startup I started working for with their shitty code base written by interns, restrictive sys admin who had no actual use in the company since I was the one setting up their servers, know-it-all CEO, stupid HR representative who used to grill employees for being 10 minutes late in the morning, very small apartment "HQ", using fingerprints to signal our entry and our leave to and from the office, no formal process, and, to top it all, monitoring our own laptops which we use for work with a software that takes screenshots every few minutes. In short, it had the worst in corporates with the worst of startups combined in one company.

If, hypothetically, we could overlook all this, I couldn't overlook the horrible smell this place had. The apartment was overlooking a small garden which was a home for many stray cats and dogs. You can imagine how horrible this smell was. The weird thing was that no one there seemed to really care about the smell!!

I lasted there for only one week before I gave my resignation and I believe I had every right to do so.

Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

I’ve started the process of setting up the new network at work. We got a 1Gbit fibre connection.

Plan was simple, move all cables from old switch to new switch. I wish it was that easy.

The imbecile of an IT Guy at work has setup everything so complex and unnecessary stupid that I’m baffled.
We got 5 older MacPros, all running MacOS Server, but they only have one service running on them.

Then we got 2x xserve raid where there’s mounted some external NAS enclosures and another mac. Both xserve raid has to be running and connected to the main macpro who’s combining all this to a few different volumes.

Everything got a static public IP (we got a /24 block), even the workstations. Only thing that doesn’t get one ip pr machine is the guest network.
The firewall is basically set to have all ports open, allowing for easy sniffing of what services we’re running.

The “dmz” is just a /29 of our ip range, no firewall rules so the servers in the dmz can access everything in our network.

Back to the xserve, it’s accessible from the outside so employees can work from home, even though no one does it. I asked our IT guy why he hadn’t setup a VPN, his explanation was first that he didn’t manage to set it up, then he said vpn is something hackers use to hide who they are.

I’m baffled by this imbecile of an IT guy, one problem is he only works there 25% of the time because of some health issues. So when one of the NAS enclosures didn’t mount after a power outage, he wasn’t at work, and took the whole day to reply to my messages about logins to the xserve.

I can’t wait till I get my order from fs.com with new patching equipment and tonnes of cables, and once I can merge all storage devices into one large SAN. It’ll be such a good work experience.

so my parents live close and my dad said his router died. I told him I had a spare. I loaded it dd-wrt on there and next time I went over there he asked about opening a port. I said I could do it for him. wouldn't let me touch it. he believes he is the computer genius and that I would brake it.

funny part is I work on servers for huge companies like Wells Fargo, Ally Bank and tons of others. I can configure a rack mount router but he doesn't trust me to touch a little crappy home linksys router lol.

no matter how smart you are they never want to admit their kid knows more about tech than they do.

Here's the story of my first month at CERN :) But first, a little premise...
Before arriving, I expected to be scared, alone and unguided in most of my experiences: after all I was a simple 19 year old about to leave home and friends for 3 years heading out in the world with zero experience on stuff like banking, taxes.. let alone working in a huge environment! The impostor syndrome was at an all time high on that front.
Then, I had the luck and pleasure to find an extremely competent and helpful plethora of people, ranging from my team to other CERNies (yes, that how we're called :P) who took me under their wing and introduced me to all the key aspects of living the place. When the initial stress finally soothed down thanks to this, I finally started to manage focusing more and more on my work, by following day-by-day my teammates who taught me the core aspects of the system and the many projects that are in progress during Long Shutdown 2. Within a couple weeks, I already managed to grasp various concepts that got me quickly on track, and now I managed to develop and integrate new temperature monitoring scripts into a system checking on hundreds of Single Board Computer-based servers :) It's a real rollercoaster of learning and applying under all fronts and so far I'm not regretting my choice of departing.
Luckily I've also discovered I'm pretty efficient and good at my job, which surely boosts my morale :D
Keep you updated as usual!

I hate when someone throws at me some task all of sudden with a tight deadline.

Wednesday was one of those days.

manager: we want to remove all the offices because of our tight budget this year (multimillionaire company, lol), everyone will use office 365;

me: ahn... ok, but everything was already tested? Some macros, routines, old documents can be a big problem, as far I know (I don't use M$ at home, servers are Linux, so I really don't know about that). I can do some tests, only will need some real documents to make sure everything will do fine;

manager: yeah, yeah, everything will be fine, the high management already decided, don't worry, just remove the offices in the company, ok?;

me: alright...

*me deploys the remotion script in every f*cking machine*

48 hours later...

manager: well... everyone is complaining about the office 365, random complains, can you attend all the calls and reinstall if you can't solve the problem?

WTFFFFFFFFFFFFFFFFFFFFFFFF!!!!!

[RAGES INTERNALLY]

I've got to say, arriving at my teeny tiny rented room after a long day of distribution center work and sitting down behind my monitors with a good beer and doing some programming/server stuff really feels like coming home 😍.

So probably about a decade ago at this point I was working for free for a friend's start-up hosting company. He had rented out a high-end server in some data center and sold out virtualized chunks to clients.

This is back when you had only a few options for running virtual servers, but the market was taking off like a bat out of hell. In our case, we used User-Mode Linux (UML).

UML is essentially a kernel hack that lets you run the kernel in user space. That alone helps keep things separate or jailed. I'm pretty sure some of you can shed more light on it, but that's as I understood it at the time and I wasn't too shabby at hacking the kernel when we'd have driver issues.

Anyway, one of the ways my friend would on-board someone was to generate a new disk image file, mount it, and then chroot to that mount path. He'd basically use a stock image to do this and then wipe it out before putting it live.

I'm not sure exactly what he was doing at the time, but I got a panicked message on New Years Day saying that he had deleted everything. By everything, he had done an rm -fr /home as root on what he had thought was the root of a drive image.

It wasn't an image. It was the host server.

In the stoke of a single command, all user data was lost. We were pretty much screwed, but I have a knack for not giving up - so I spent a ton of time investigating linux file recovery.

Fun fact about UML - since the kernel runs in user space as a regular ol' process, anything it opens is attached to that process. I had noticed that while the files were "gone", I could still see disk usage. I ended up finding the images attached to their file pointers associated with each running kernel - and thankfully all customers were running at the time.

The next part was crazy, and I still think is crazy. I don't remember the command, but I had to essentially copy the image from the referenced path into a new image file, then shutdown the kernel and power it back on from the new image. We had configs all set aside, so that was easy. When it finally worked I was floored.

Rinse and repeat, I managed to drag every last missing bit out of /proc - with the only side effect being that all MySQL databases needed to be cleaned up.

TLDR: Small family owned finance business woes as the “you-do-everything-now” network/sysadmin intern

Friday my boss, who is currently traveling in Vegas (hmmm), sends me an email asking me to punch a hole in our firewall so he can access our locally hosted Jira server that we use for time logging/task management.

Because of our lack of proper documentation I have to refer to my half completed network map and rely on some acrobatic cable tracing to discover that we use a SonicWall physical firewall. I then realize asking around that I don’t have access to the management interface because no one knows the password.

Using some lucky guesses and documentation I discover on a file share from four years ago, I piece together the username and password to log in only to discover that the enterprise support subscription is two years expired. The pretty and useful interface that I’m expecting has been deactivated and instead of a nice overview of firewall access rules the only thing I can access is an arcane table of network rules using abbreviated notation and five year old custom made objects representing our internal network.

An hour and a half later I have a solid understanding of SonicWallOS, its firewall rules, and our particular configuration and I’m able to direct external traffic from the right port to our internal server running Jira. I even configure a HIDS on the Jira server and throw up an iptables firewall quickly since the machine is now connected to the outside world.

After seeing how many access rules our firewall has, as a precaution I decide to run a quick nmap scan to see what our network looks like to an attacker.

The output doesn’t stop scrolling for a minute. Final count we have 38 ports wide open with a GOLDMINE of information from every web, DNS, and public server flooding my terminal. Our local domain controller has ports directly connected to the Internet. Several un-updated Windows Server 2008 machines with confidential business information have IIS 7.0 running connected directly to the internet (versions with confirmed remote code execution vulnerabilities). I’ve got my work cut out for me.

It looks like someone’s idea of allowing remote access to the office at some point was “port forward everything” instead of setting up a VPN. I learn the owners close personal friend did all their IT until 4 years ago, when the professional documentation stops. He retired and they’ve only invested in low cost students (like me!) to fill the gap. Some kid who port forwarded his home router for League at some point was like “let’s do that with production servers!”

At this point my boss emails me to see what I’ve done. I spit him back a link to use our Jira server. He sends me a reply “You haven’t logged any work in Jira, what have you been doing?”

Facepalm.

Worked with a European consulting company to integrate some shared business data (aka. calling a service).
VP of IT called an emergency meeting (IT managers, network admins) deeply concerned about the performance of the international web site since adding our services.
VP: “The partner’s site is much slower than ours. Only common piece that could cause that is your service.”
Me: “Um, their site is vastly different than ours. I don’t think we can compare their performance to ours.”
VP: “Performance is #1! I need your service fixed ASAP!”
Me: “OK, but what exactly is slow? How did you measure their site? The servers are in Germany”
VP: “I measured performance from my house last night.”
Me: “Did you use an application?”
VP: “<laughs> oh no, I was at home. When I opened the page, I counted one Mississippi, two Mississippi, three Mississippi, then the page displayed.”
Me: “Wow…um…OK…uh…how long does our page take to load?”
VP: “Two Mississippi’s”
Me: “Um…wow…OK…wow…uh, no, we don’t measure performance like that, but I’ll work with our partners and develop a performance benchmark to determine if the shared service is behaving differently.”
VP: “Whatever it is, the service is slow. Bill, what do you think is slowing down the service?”
NetworkAdmin-Bill: “The Atlantic Ocean?”
VP got up and left the meeting.

My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.

Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"

He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.

As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.

Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.

Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.

I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)

3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.

Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".

I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.

I didn't even care to renew the domains and servers for it, I just let it die without notice.

The little free time I had, I spent playing video games and getting drunk/high.

December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.

I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.

In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.

The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.

In August 2014, my replacement arrived and I got him started.

I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.

My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.

HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.

In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.

Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.

As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...

Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!

And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).

Thanks to @C0D4 I rediscovered Folding@Home!

I've been running this on a very powerful server at home at full-speed for a few days now (quite some cores being used to the max right now, it's like I have a vacuum cleaner running full-time in my place 😄)

Then, last night it hit me that I have quite a few servers running close to idle (rented ones).....

I'm now running a total of 4 servers at full capacity with Folding@Home.

Can recommend!

When I started my current job 6 years ago I was given a desk phone with a 100mb port. Speed didn't matter at the time as everyone was given laptops for our desks. I changed positions in the company where I'm going to be provisioning servers and whatnot over the network. Started using a desktop that didn't have a Wi-Fi adapter. I requested a new phone with a Gig switch port, if possible, so doing file transfers on the network wouldn't be limited. IT had a couple of questions...

IT-Have you noticed slowness when downloading/uploading?
Me-No, but its a 100mb port...so.
IT-Well I just did a speed test and we're getting 60up/5down. Your phone is over that.
(Working from home? Our fiber was way faster than that I thought.)
Me-That's fine, but this will be for internal network transfers. Not going out to the internet. We have gigabit switches on campus correct?
It-Yes but you shouldn't notice a speed difference.
Me, now lost-If you can't change out the phone that's fine. I'll figure our something.
IT-Now now, lets troubleshoot your issue. Can you plug your phone in?
Me-Yes I have it, but I'm remote today. There is no way for it to reach the call manager.
IT-Let's give it a try.

40 min of provisioning later he gave up and said maybe it is broke. Got a "working" one the next week.

PS first post, and writing on phone. Yay insomnia!

We had a major core router hardware failure in our LA datacenter today and every one of our services has been down since 6am, including all production servers. We have about 15,000 sites down across our entire platform. Our manager came over and told us to just go home because we need to replace the hardware and the process is expected to take all day, and we can't do any work until then because all the production servers are down. So you could say that it's been a pretty easy Friday so far! I'm headed home to play Spider-Man

Working with DigitalOcean boxes for so long has spoiled me.

I went to setup something on my home server today, and couldn't figure out what I was doing wrong for like 30 minutes...

Until I realized that I never forwarded port 80.

*sigh.

A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.

Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.

Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.

Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.

So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.

Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.

Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.

So everything has been set up again now, and there are some things I would like to stress about hosting providers.

You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.

Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.

Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?

I think I want to quit.

I know it’s a bit of an inconvenient time with there being corona around but everything was okay up till January. I’m a junior even though I shouldn’t be. Since my manager told me and my team leader senior in my review “maybe you two should switch jobs” things have been going downhill. I think the team lead had it out for me and didn’t put me on a new project, I’ve been left with doing stupid basic shit like updating text on websites in a cms and doing fuck all and then there’s also another guy that was basically harassing me trying to put me in my place any time I was doing better than him and literally both of them been like that ... and now that I’m working from home it’s even worse. I don’t have any kind of assurance that everything okay and actually I think I’m being framed as welll since I found keyloggers on my work laptop and deleted cleaned shit up the past two weeks and changed my WiFi security as there were like 5 unknown devices on our network so yeah .. I’ve been framed and they made it out like I put a powershell script on one of the servers and it crashed a Porsche website for 8 h and all kinds of bullshit - this was yday. On Tuesday they logged me out of everything like changed the password for work vpn and kicked me out of slack and Microsoft teams for over 2 hours till the end of shift and two managers weren’t answering their phone and then next day my manager called and apologised that saying that he “accidentally” did that to me along with 15 people they let go from the company....

I’m seriously thinking of quitting being removed from team group for a moment , not being on a project and people literally trying to put me down after I know I’m genuinely smarter than them and if I had over 10 years experience like those on my team (I have 1) I’d be far higher up and better

They can genuinely just go fuck themseves !!!! And here I was going to work over weekend on something! No fucking way I just wanna quit or give in my notice but because of corona I’m divided

I bought my first VPS today. After years of hosting my email, websites, databases and backups services on my own physical servers both home and in real serverrooms.

Strange feeling, but it feels like something heavy was lifted from myself, I do not need to buy hardware if something fails.

One job I picked up was for an IoT Start Up. It was quite interesting work, reporting to the technical director, who was an electronics engineer, who was designing the hardware himself, they had a couple of firmware guys already, and just needed someone to take care of the software.
So they said they needed something in Azure that they could stream their data to and provide analytics for their clients. It had to be Azure, and it had to be Azure Native, and was to be Multi-client, as they had a deal with Microsoft to showcase how well Azure works in the IoT space at an exhibition/conference in 3 months time.
So I worked flat out for 3 months, on a whole variety of technology, from C++ to get the radio packets from their IoT chip, Python to run on the hub to take the data from the C++ and stream it to the cloud, Azure IoT Hubs in every continent to receive the data and store it an a Cosmos DB, and then Power BI analytics wrapped up in an Angular front end that the clients could log into.
Got it finished 2 days before the show, and they were so pleased I got flown business class to Singapore to be on the stand and talk to customers.
The first sign of trouble was when we arrived at the show to find we just had one of those little circular tables with two stools in the middle of the floor, about two feet across and no power.
No problem, I was able to sort that, swapping laptops in and out.
Microsoft were really happy with what we had, and couldn't believe I had thrown it all together in 3 months.
We picked up a potential customer for the system, a major Asian Telecoms company.
Then when we got home, the CEO swooped in. I had never met this guy before. Imagine one of the VC guys from Silicon Valley, or the CEO from the IT Crowd. You get the picture. Could talk the hind leg of a donkey, and real street smart, but no brains. He insisted on "taking it from here" and flew alone to strike the deal with the customer. Came back with an MOU in his pocket and said to me, their guys will be in touch with you.
Then I got a call. Can you send us the source code and tell us how what servers we have to run this on?
Um, its cloud native.
No, we can't use a cloud it has to be on our servers - your CEO told us that was no problem..
He hadn't even taken the trouble to find out what it was we had built, and what he was selling.

Personally I am starting to think that any development tools, resources and sites should not be allowed to use marketing dribble.

It should go
-> Land on home page
-> Hi, we are a realtime database cloud host
-> no you cannot host it yourself
-> here is code to speak to our servers
-> here is the cost
->now take it or go.

Something like that, and not

We provide clients with the leading cloud and hosted data solutions that can scale vertically and horizontally on and offline data management keeping people connected and saving kittens.

Fuck you show me one kitten you saved? Lying pieces of shit that do not want to just say hey this is what we have , this is ours, it may not be much but it is what we believe in and if you would like to use it here is how , thank you now move the fuck along our server can't handle so many concurrent connections.

I was reminded of people's posts about preferred text editors in another post, so I thought I'd do the same, but also add some super old technology that I used along the way.

The first text editor I consistently used was pico. I used it to write my first webpage at school.edu/~username. It was a natural choice, because the it was the default text editor in pine, which is what we would all use for our email after opening a serial connection to the college's Digital Unix server. Or if we were the lucky ones who had a computer in a wired dorm, telnet. My dorm was not wired until my sophomore year.

I got my first job in tech in 2001, working as a night shift tier-one support technician. By this time, most people were using web based email, or POP3, but I wanted to keep using pine (or elm, or mutt) because I was totally in love with the command line by this time, and had been playing with Linux for two or three years by now. I arranged a handshake deal with a guy in my home town who had a couple well-connected NetBSD servers, to let me have an account on one for email and web hosting (a relatively new idea at the time).

I recall telnetting into my shared hosting account from the HP-UX workstations we had in the control room. I would look at webpages on HTML conventions and standards, and I kept seeing references to this thing called vi. I looked into it more deeply, and found that it was a text editor, and was the reason I always had to CTRL-Z out of elm. I was already finding pico to be lacking, so I found a modern implementation of vi called vim that was already installed on the aforementioned NetBSD server, and read through vimtutor on it. I was hooked instantly. The modality massively appealed to me, and I found editing files to be an absolute delight, compared to pico, and its nascent open source offspring/successor, nano.

My position on that hasn't changed in the years that have passed since then.

What's your text editor origin story?

Yesterday one of our clients gave us the OK to launch their annual financial reports, 4 minutes before stock market closed and most of us was heading home.
Problem was we didn't have the proper access to their servers, so I and a senior consultant just spent a few hours calling our client and their IT infrastructure provider.

6 hours later, a large bill from the IT provider for after hours work, the job was done. A job that would take 5 minutes of uploading and 5 minutes of database transfer.

Saw some desk pic yesterday; here's mine at home. Mostly for gaming, but I do some work occasionally at it. Laptop's setup so I can monitor some Asterisk servers at work.

Gaming rig is:
4690k@4.5ghz
16gb RAM
GTX 980
Acer 24in 1080p 144hz Gsync monitor

Laptop:
2009 MacBook Pro
2.53ghz Core 2 Duo
8gb RAM
SSD

Yes, my ISP supports ipv6 to home too, and after some hacking around my servers can serve my websites on ipv6 :D

I like developing on windows. Like many people here I got into development at home starting as a hobby when I was in school so there were things I still did on my computer that Linux wasn't really appropriate for.

I've made the jump to Linux in the past but found that it was awkward and annoying when I needed to do something on my windows. And I hate doing Dev out of a VM. So I've just got used to using windows at home.

And honestly, I don't know what's happening to everyone who keeps getting broken Windows updates. I think I've had 2 in living memory.

It's in no way perfect but what is? I don't use Windows servers, just for when I'm at home.

What is your home network infrastructure like?
Ethernet or is everything WiFi? Is there a dedicated firewall? Servers running on a raspberry? Do you have VLANs configured?

We had a thunder storm with pretty strong winds while I was at work. A transformer across the street blew up (came off the pole, lots of fire, pretty neat)... I had a meeting at 4:30 and was told we were still having it even without power or internet. the meeting organizer never showed up.

...I could have gone home and worked because our vpn and dev servers are on another state that still had power.

Using the company's desktop computers to solve cryptographic puzzles (like mining) on the company's computers while the boss and someone from the IT were asking to have a look on the machine after one guy already snatched my keyboard.

Very scary moment indeed but surprisingly it turned out: the real reason why they came was because a techadmin recently removed a shared system account but some faulty clients kept flooding the servers with outdated login credentials which also triggered mass SMS on the mobile devices.

Luckily I could somehow take an opportunity to remotely call the script which pulled the emergency brake which I prepared to shut down everything. Close call.

Nowadays I think it itsn't worth to take the risk just to do something that could also be done with the own home computer even it takes five times longer.

Server migration status:

One of our Windows servers took less than 20 mins. SSL and bla bla everything done.

Linux server was a lil bitch but we got it going for the most part .....sigh...

Still using Linux as my primary desktop at home but geezus man. We really need a dedicated master wizard Linux sys admin for this mofocka

apple is an IT company..

"New apps and app updates will not be accepted December 23–27 (Pacific Time), so any releases should be scheduled, submitted, and approved in advance."

Ah yes, because ofcourse the servers can go home and spend the holidays with their applets.

(yes i know apple says they verify by hand, yes i know in reality they actually automate it)

Just earlier today I was looking at the hosting packages for a local hosting provider in my country (who shall remain unnamed as I want to work there and criticizing them might not be a very good idea right now) and they start at €250/month apparently. I thought - that's fucking ridiculous!

Like for real, I could literally buy a server for.. I dunno, €600 from the likes of bargainhardware.co.uk with some pretty darn good specs, put it in my home, get a business contract with my ISP for say around €100/month (and use it for my own purposes as well instead of my consumer contract, win-win!), and the server would pay for itself in no more than half a year, probably even less! And you're even getting the actual hardware with it!! And that is for the price of that hosting provider's starting option!!!

Now I know what you're thinking, sure there's more to servers than just the server itself, like redundant power, generators, SLA, multiple routers and switches, and all sorts of failover measures. And you are absolutely right. But does that really justify a rental cost of a server of €250/month?

Not only that, even their shared hosting.. shared hosting, the dreaded, shitty shared hosting! solution is starting at around €10/month. I'm paying about €5/month for 3 light-duty servers and a domain for Christ's sake!

So.. is this hosting provider just expensive as fuck or is this really the industry standard, particularly for the dedicated hosting part? And maybe that's why some services like.. say devRant which apparently gets around €600/month from 299 supporters at the time of writing, yet still has @dfox and @trogus pay from their own wallets for it (if at all possible, please let me know if that's still the case).. I wonder if those costs are all really justifiable?

It just strikes me as odd.. you can get *a lot* of server for a couple hundred bucks if you do it well.. no?

Some <super smart> person ran DHCP in production lab (without disconnecting from main network and/or using firewall)
, now the admin turned all the ports off and went home.
Traffic gens are also unavailable now so are upgrade servers.
Result: I can't run my work over the weekend and the reports are expected on Monday.

Not so bad : I'll run on Monday.
Bad part : This fucking shit takes 2 days to do everything on the rack.

Hello,

Wondering if anyone can give me some advice regarding stress management.
I am a sys admin of a continually amount of growing servers (now at over 130) and I do coding when I am not busy being screamed at by users. The stress is coming from the workload, but also the way that the workplace is running. The manager left, and now I am handling all his shit, and my own shit as well, and all his accounts have been handed over to me (accounts being clients here). The other IT guy who is supposed to help out with the server admin just finds other work to occupy himself, and I am losing my mind. There is literally an insurmountable amount of work that needs to be done, and it just cannot be done in the time that is allocated in the working hours. I am working overtime, unpaid overtime by the way, until 9/10PM at night to try and get through everything (*cannot apply updates and work on the app server while the users are live) and I am just starting to lose grip. I am taking my stress home with me (not taking it out on anyone), but I am not sleeping, not eating properly and even starting to dream about possible ideas to fault resolution when I sleep. I find that I am constantly tired, and it feels like a world is about to cave in on me. There is literally too much work to be done in too little time, and although I am more than capable of doing it (and will get it done, or the director will physically assualt me and accuse me of being useless, again) I feel that the struggle is just a bit too much.

Can anyone give me some advice on how to "wind down" or to "let go" just for a few minutes a day at least, so that I don't feel like I am on the job 24/7.

Thanks.

Is it good or bad that I forgot to push an critical buggfix to production just before I went home?

Hopefully I can update from home (think one of our servers has an backup of the ssh keys)

Small chaotic startup that never grew up (15 years atm).
Hosts/maintains a number of apps/sites for various customers.

At some point, someone decides that a CMS would be usefull to maintain the content across all products. Forgoing all sense, reason and the very notion of "additional maintenance and dev" it is decided that one should be built in-house.

Fast forward a number of years.

Ops performs routine maintenance on prod-servers. A java-patch accidently knocks out one of the pillars a 3rd party lib the CMS uses for storing images. CMS basically burst in to flames causing a.... significant incident.

Enter yours truly to fix the mess.
Spend a few days replacing the affected 3rd party lib. Run tests on CMS in test and staging environments. Apply java-patch. All seems fine.

When speaking to frontenders and app-devs, a significant hurdle present itself:
All test/staging instances of all websites/apps/etc ALL USE PRODUCTION CMS. Hardcoded. No way around.

There is -no- way to properly test and verify the functionality of any changes made to the home-brewed CMS.
My patch did indeed work in the end.

But did the company learn anything? Did they listen to my reasoning, pleading or even anguished screams for sanity?

No.

i'm waiting for a package manager to come out that compiles everything you have it install from source to "guarantee" it runs on your machine, then have it autopost a SO question when it fails (not if, WHEN) and autotest answers given, then if it didn't work it'd reply saying it didn't work and giving the new error (if appropriate). This'd shut up the "lol it works on my side" and "lol compiling's easy" douchebags and also probably help drive home the importance of providing binaries for things and making them well.

also fuck devkitPro, it's not unreasonable to provide packages for other package managers than Arch's pacman since EVERYONE ELSE DOES IT. And no, "lol just compile from source" doesn't help as it doesn't work when you do. And it doesn't work BECAUSE you don't WANT it to so we HAVE to patchwork pacman into our other distros to get your shitty dev tools. you could also just provide a fucking zip of everything compiled, since then there'd be less effort than maintaining your own copy of pacman and servers and shit just to try and help people desperate enough to try crippling their Windows/Mac/Linux install all because they haven't drank the Arch koolaid.

Fuck those douchebags, fuck devkitPro and... probably fuck you too? Probably? Maybe?

holy shit i really needed to get that shit off my chest i apologize for that

So I have a semi big project ongoing:

Because my modem+router combo sucks dick and gets buttfucked to much I want to make my own Router with PPPoE.

So I ordered an 8 euro used switch, 24ports for management, but our IP TV provider is sucking cock too! He uses multicasting to send the fucking IP TV signal. So the switch is not VLan ready and so the network will be flodded.

But that's not the worst...

I don't know how to route VOIP over QoS correctly... So I just hope that part work's!

I also ordered another network switch Wich is manageable + an God damn networking closet. 80 bucks gone again! Wish me luck this works better...

BUT THATS NOT THE WORST BECAUSE NOW COMES THE HEAVY PART!

I wanted to use my old AMD Athlon X2 64bit and 4 gigs of RAM PC to be my powerhouse of the router. I plugged it into the wall, booted, screen error... Thought it might be the integrated graphics card... Unplugged my old one, inserted it.... AND IT WOR... NOPE NOPE IT DIDN'T NOW MY DAMN MOTHERBOARD IS FUCKING FRIED TO DUST BECAUSE OF THE GOD DAMN ... I DONT EVEN KNOW! AAAAA

So I thought I could temporarily use my raspberry pi one model b, a good fellow with multiple years of usage! I plugged in the sd card into my girls laptop, wasn't at home, and her God damn internet downloaded that shitty raspbian (sorry raspi but your servers sometimes are very slow) and after the download I realized her GOD DAMN SD READER DIDNT FUCKING WORK!!!

SO I GUESS I WILL WAIT!

Today I have fixed an issue in 300k usd servers that have been sitting there for almost 6 months... Even the vendor (which is a major company) did not wanna touch them. Nobody knows about it yet but I'm proud of myself but at the same time I feel a big resentment because despite my hard work I will not get to spend the next holiday which is a month from now with my family because all coworker went behind my back to the manager and took a vacation and manager will not even allow a work from home day... 1 single day. That's the only working day that week. But without it I can't go back home because home is 20 hours away... More if I take a connecting flight

Serverless and death of Programming?!

_TL;DR_
I hate serverless at work, love it at home, what's your advice?
- Is this the way things be from now on, suck it up.
- This will mature soon and Code will be king again.
- Look for legacy code work on big Java monolith or something.
- Do front-end which is not yet ruined.
- Start my own stuff.

_Long Rant_

Once one mechanic told me "I become mechanic to escape electrical engineering, but with modern cars...". I'm having similar feelings about programming now.

_Serverless Won_
All of the sudden everyone is doing Serverless, so I looked into it too, accidentally joined the company that does enterprise scale Serverless mostly.
First of all, I like serverless (AWS Lambda in specific) and what it enables - it makes 100% sense and 100% business sense for 80% of time.

So all is great? Not so much... I love it as independent developer, as it enables me to quickly launch products I would have been hesitant due to effort required before. However I hate it in my work - to be continued bellow...

_I'm fake engineer_
I love programming! I love writing code. I'm not really an engineer in the sense that I don't like hustle with tools and spending days fixing obscure environment issues, I rather strive for clean environment where there's nothing between me and code. Of course world is not perfect and I had to tolerate some amounts of hustle like Java and it's application servers, JVM issues, tools, environments... JS tools (although pain is not even close to Java), then it was Docker-ization abuse everywhere, but along the way it was more or less programming at the center. Code was the king, devOps and business skills become very important to developers but still second to code. Distinction here is not that I can't or don't do engineering, its that it requires effort, while coding is just natural thing that I can do with zero motivation.

_Programming is Dead?!_
Why I hate Serverless at work? Because it's a mess - I had a glimpse of this mess with microservices, but this is way worse...

On business/social level:
- First of all developers will be operations now and it's uphill battle to push for separation on business level and also infrastructure specifics are harder to isolate. I liked previous dev-devops collaboration before - everyone doing the thing that are better at.
- Devs now have to be good at code, devOps and business in many organisations.
- Shift of power balance - Code is no longer the king among developers and I'm seeing it now. Code quality drops, junior devs have too hard of the time to learn proper coding practices while AWS/Terraform/... is the main productivity factors. E.g. same code guru on code reviews in old days - respectable performer and source of Truth, now - rambling looser who couldn't get his lambda configured properly.

On not enjoying work:
- Lets start with fact - Code, Terraform, AWS, Business mess - you have to deal with all of it and with close to equal % amount of time now, I want to code mostly, at least 50% of time.
- Everything is in the air ("cloud computing" after all) - gone are the days of starting application and seeing results. Everything holds on assumptions that will only be tested in actual environment. Zero feedback loop - I assume I get this request/SQS message/..., I assume I have configured all the things correctly in sea of Terraform configs and modules from other repos - SQS queues, environment variables... I assume I taken in consideration tens of different terraform configurations of other lambdas/things that might be affected...

It's a such a pleasure now, after the work to open my code editor and work on my personal React.js app...

5 minutes till I go home. And server breaks... Out of space and a bunch of the automation tools have thus done harm. I'm no DevOps. But I just want to go home but have to sort it out.

For : Web devs, especially corporate website developers. (home, about, services, contact pages with content update features, bla bla)

Question : Is there an open sourced PHP solution between Wordpress and Laravel?

Reasons
- I do not want full framework like laravel for such simple website.
- Laravel is too much and heavy for standard corporate websites and not all clients can afford ssh-enabled servers.
- I do not want full CMS features like plugins, themes, etc from Wordpress.
- Wordpress themeing is not super difficult but also not as simple as Laravel's blades.
- I also don't wanna go static since the content update needs to be dynamic.
- I am willing to write own templates, CRUDs in minimal approach just for specific parts based on clients requirements.
- I want something that can easily host on shared hosting. (do not have to worry about composer and ssh)

Any thought?

After three months of development, my first contribution to the client is going live on their servers in less than 12 hours. And let me say, I shall never again be doing that much programming in one go, because the last week and a half has been a nightmare... Where to begin...

So last Monday, my code passed to our testing servers, for QA to review and give its seal of approval. But the server was acting up and wouldn't let us do much, giving us tons of timeouts and other errors, so we reported it to the sysadmin and had to put off the testing.

Now that's all fine and dandy, but last Wednesday we had to prepare the release for 4 days of regression testing on our staging servers, which meant that by Wednesday night the code had to be greenlight by QA. Tuesday the sysadmin was unable to check the problem on our testing servers, so we had to wait to Wednesday.

Wednesday comes along, I'm patching a couple things I saw, and around lunch time we deploy to the testing servers. I launch our fancy new Postman tests which pass in local, and I get a bunch of errors. Partially my codes fault, partially the testing env manipulating server responses and systems failing.

Fifteen minutes before I leave work on the day we have to leave everything ready to pass to staging, I find another bug, which is not really something I can ignore. My typing skills go to work as I'm hammering line after line of code out, trying to get it finished so we can deploy and test when I get home. Done just in time to catch the bus home...

So I get home. Run the tests. Still a couple failures due to the bug I tried to resolve. We ask for an extension till the following morning, thus delaying our deployment to staging. Eight hours later, at 1AM, after working a full 8 hours before, I push my code and leave it ready for deployment the following morning. Finally, everything works and we can get our code up to staging. Tests had to be modified to accommodate the shitty testing environment, but I'm happy that we're finally done there.

Staging server shits itself for half a day, so we end up doing regression tests a full day late, without a change in date for our upload to production (yay...).

We get to staging, I run my tests, all green, all working, so happy. I keep on working on other stuff, and the day that we were slated to upload to production, my coworkers find that throughout the development (which included a huge migration), code was removed which should not have. Team panics. Everyone is reviewing my commits (over a hundred commits) trying to see what we're missing that is required (especially legal requirements). Upload to production is delayed one day because of this. Ended up being one class missing, and a couple lines of code, which is my bad (but seriously, not bad considering I'm a Junior who was handed this project as his first task at his first job).

I swear to God, from here on out, one feature per branch and merge request. Never again shall I let this happen. I don't even know why it was allowed to happen, it breaks our branch policies. But ohel... I will now personally oppose crap like this too...

Now if you'll excuse me... I'm going to be highly unproductive and rest, because I might start balding otherwise after these weeks...

Weather rant. Apparently, it rained too hard and we lost power. Now our UPSes are drained, servers are shut down, and we have no network connectivity. The whole town is without power. For at least 4 hours.

Boss gave us the OK to work from home, but I don't have electricity either :(

At least I have devRant and my mobile phone to keep me entertained.

So I get to work on building a client at work for industrial automation. I am building a mini hmi to show customers how our server works. The code uses opcua. The reason I am making a client is because all the opcua hmis on the market are really expensive. There is nothing less than $600. There are hmis for free out there, but none of them say they support opcua. opcua has become a major protocol in the industrial automation industry.

It took me about 2 days to gin together a client that is pretty much abstracted and will be easy to maintain. A lot of that was just learning the opcua library client code.

Now I want to create servers and clients geared toward home automation for fun and profit. I want to take sensor data from arduinos using a simple serial protocol like modbus or other protocols that are supported. Then have an opcua server that collects this data. Then finally have an opcua hmi that I develop talk to these servers. The security model is much better and would be compatible with other vendors clients/servers. I already have a game engine I want to use for the hmi portion. It has tons of widgets for displaying data, graphs, lists, text, etc. It does both 2d and 3d.

This sounds like a project that could really fun, meshes with my work learning, and provides value to people that want to automate their lives.

The other side effect is that the next time I go looking for a simple and cheap hmi that supports opcua, there will be one.

I recently became manager of the student radio at my university. Our servers are extremely old and insecure, so I am currently working on getting some new servers up hosted by the university’s IT department as a replacement.

Meanwhile, a few days ago someone unauthorized have fucking accessed our server, deleted /home folder and a bunch of other shit, then cleared the history of the user. Why the fuck what someone do that? What the fuck did they achieve? What is the fucking point? That fucking piece of shit left his IP address though when he signed out from the server...

I just don’t fucking get why the fuck someone would do that? They don’t achieve a fucking shit about it, only fucks with us trying to save the radio from dying.

Looking for some names I can use for servers/devices. Currently I am using planet names from Star Wars. The names of those planets in the outer rim I use for rootservers/devices which are not physically located in my home. Any other ideas/topics?

I just love it when there is a power outage just after we all go home for the weekend. Coming back to dead servers is the best!

Our dev servers are down at work. Does this mean I get to go home?

I had the funniest thing today... So our company has some servers off somewhere in a VPN, as well as one server in our own office.

So, for simplicity, S1 is my own laptop, S2 is our office server, S3 is one VPN server, and S4 another.

I want to get a file from S2 to S4. S1 can SSH into S2 and S3, S2 can't ssh into any server, S3 can ssh into S2 and S3, and S4 can't ssh into any server.

So to get a file from S2 to S4, I took the path

S1 pull from S2 -> S1 push to S3 -> S3 push to S4

Part of it was preexisting keys meaning it was easier to send S1 to S4 via S3 than get my pubkey from S1 onto S4, but also S2 not being on the VPN meant I couldn't go straight from S2 to S3 or S4, so I had to route through S1, which I could add to the VPN (I'd sshed into S2 from home and thus couldn't put it on the VPN not to mention permissions, whereas I could put S1 easily onto it)

Twas certainly a fun time :P

Plus, port forwarding from a Docker container on S2 to S2's port to S1's port via ssh was fun to get set up.

Time to document this process :)

When you create some shell scripts on the servers which are supposed to mail your team each day at 9pm and you leave for vacation at 4pm only to see the emails suddenly arriving on the way home at 4:30 telling you and everybody else that almost everything possible went wrong on an unknown server.

Android + servers
Hey guys
So cause I barely have time to code I mounted a server with my old cellphone, so I can advance one of my projects at work (it's a helper with stuff like tables and calculators for work [CNC machine] )
The cell phone is a meizu m2 with android 6 (don't buy one, has lots of stupid bugs)
My problem: android terminates the server and a app I use to copy files from Dropbox to the server folder (only work arround the home rooter)
F king meizu bugs : resets lots of definitions to default, like I give permition to the server app to always be on and it changes back to default when I turn off the screen.
So when I turn of the screen the server goes down
Solutions to keep the server always awake?
Also better solution to change /upload the files without Dropbox as an intermediary
Btw the app that syncs also turns off every fucking time (so no updates till I get home)

For 2020 I want to achieve more insight of my already running collaboration service/tool for businesses by talking more to managers, chiefs and workers.

And for a better internet community a GUI for NGINX for home servers (any PC) that could interface with purchased domains to make configuration become automatic, to make self hosted web-apps/services more accessible and streamlined.

TL;DR Jump to the bottom, putting question first seems strange.

I got 2 servers sharing 1 external ip, i use one server for x y z and the other for a b c, so they dont use the same ports.
I got told i would need 1 dedicated ip per server, and i refuse to believe that since everything works fine. However, some things would definitely be alot easier having an ip per server.

So, does anyone have experience with getting an additional ip for your home connection?

What the hell am I!? I wonder if you guys can help me...

I've been programming most of my life but I've never actually been a developer by title or job role. I thought maybe if I list what I do and have done someone here could help? I'm sure there are more of you in a similar boat.

- C# and VB dev for some quick DBMS projects to help me understand and mine databases and create a nice simple view for project teams to show findings from the data to help make certain decisions.
- Automating a lot of my colleagues work with Python and if very restricted then just VBA macros in Excel and MSP. This did also include creating tools to gather data during workshops and converting the data for input into other systems.
- Brought Linux to the office with most team members now moving over to Linux with the peace of mind to know that though they do need to try solve their own problems, I can help if need be.
- Had to learn AWS and then implement an autoscaling and load balanced data center installation of a few Atlassian toolsets.
- Creating the architecture diagrams documentation needed for things like the above point.
- Having said that, also have ended up setting up all the Jira/Confluence etc. servers we use and have implemented so far whether cloud (Azure/AWS) or on prem and set up scripts to automate where possible.
- Implemented an automated workflow view in SharePoint based on SP list data and though in an ASPX page, primarily built in JS.
- Building test systems in PHP/JS with Laravel and Angular to help manage integration between systems. Having quite a time right looking into how to build middleware to connect between SOAP and REST API's, the trouble caused more by the systems and their reliance on frameworks we're trying to cut out of the picture.
- Working on BI and MI and training a team to help on the report creation so that I can do the fun creative stuff and then set them to work on the detail :)

Actually it seems safe to say that it seems that though I've finally moved into a dev office (beforehand being the only developer around) I seem to be the one they go to when a strategic solution is needed ASAP and the normal processes can't be followed (fun for someone with a CompSci degree and a number of project management courses under the belt... though I honestly do enjoy the challenges)

But I always end up Jack of all but master of, well hopefully some at least. let's not even get started on the tech related hobbies from circuit design and IoT to Andoid / iOS and game dev and enjoying a bit of pen testing to make sure we're all safe at work and at home.

As much as I don't like boxes, I'm interested to know if there is in fact a box for me? By the way, the above is just a snapshot of my last two years minus the project management work...

Ok, so for past 1 whole day I am trying to make vhost work on my brand new laptop, running Ubuntu 16.04 LTS... When I installed OS, I've set hard disk encryption, and on top of it - user home folder encryption. Don't ask me why I did both.

Setting up vhost is simple and straight forward - I did it hundreds, maybe thousands of times, on various Linux distros, server and desktop releases alike.

And of course, as it usually happens, opposed to all logic and reason - setting up virtual host on this machine did't work. No matter what I do - I get 403 (access not allowed).

All is correctly set - directory params in apache config, vhost paths, directory params within vhost, all the usual stuff.

I thought I was going crazy. I go back to several live servers I'm maintaining - exactly the same setup that doesn't work on my machine. Google it, SO-it, all I can see is exactly what I have been doing... I ended up checking char by char every single line, in disbelief that I cannot find what is the problem.

And then - I finally figured it out after loosing one whole day of my life on it:

I was trying to setup vhost to point to a folder inside my user's home folder - which is set to be encrypted.

Aaaaaand of course - even with all right permissions - Apache cannot read anything from it.

As soon as I tried any other folder outside my home folder - it worked.

I cannot believe that nobody encountered this issue before on Stackoverflow or wherever else.

-- Have you ever self hosted a Linux/Free Bsd server at home?
-- What was the maintenance like in terms of operation and cost compared to an online service?

I and my partner are planning to self host our Ubuntu server locally because currently though we spend less than $1100 a month on Azure with moderate CPU usage but we plan to scale out with believes that the server cost might sky-rocket.

We made a budget of $25k for the setup which includes cost of hardware, bandwidth and power.

We also made some research concerning most used hardwares for home servers because we really are newbees talk of hardware. What we found are options related to the Intel Xeon as CPU, some others say use NAS, while some are more of advertising.

$25k on the desk,
we care more about speed than of space. How can we make the setup totally worth it? You don't have to spare us a change, just some headlight and way to go.
Your advice are needed. Thank you.

!rant

Looking for help starting with DevOps.

Does anyone know of a site or forum where you can talk about general coding/scripting patterns rather than just asking specific questions?

Bear with me, this may be a bit longer than most posts here.

I'm a self-taught admin/tech working with one colleague (who's also mostly self taught) at a high school, managing both clients and servers.
We've been doing most things manually bit I'm looking into converting as much work as possible into more of a DevOps setup, with Powershell-scripts for multi step tasks.
I want to do this for a number of reasons. Having a script doing a number of steps would cut down on time spent on individual tasks and minimize the risk that a step is missed or, perhaps even worse, mistyped. Also it's important that I actually learn what I'm doing, why something works and why something fails.

As and example, I have a powershell-script which moves a student from one year to another (basically they have user names with a two-digit prefix based on the year they started and a suffix with two letters from their first names and four from their last names) if they need to repeat a grade.
It basically renames the account in the AD with the correct year-prefix, changes the samAccountName, renames Home and Profile-directories on disk and changes paths on the profile-tab in AD, moves the user into a new OU and security group etc.
It works as intended if the user account to be renamed exists and there's no name conflict with the new name. But I'd like for the script to validate that there's no problem with user names, source and target security groups and OUs etc. and eventually split the script up into smaller clearly defined functions for better readability.
However, I don't want someone to just write the script for me, I'd prefer to be able to discuss script flow and come to my own conclusions and solutions.