Tony's Nerd Blog

Tested with CentOS 5.4 – should work in RHEL and Fedora
This how-to assumes the install is a basic server install without X

First mount the Guest Additions ISO as a CD:
Devices –> Install Guest Additions

Now mount the CD

Run the install script:
sudo ./VBoxLinuxAdditions-amd64.run

You will probbaly get this output:

FAILED!  “Your system does not seem to be set up to build kernel modules” means we need to load GCC, build and kernel headers:

sudo yum install gcc  kernel-devel kernel-devel-$(uname -r)

Say Yes at the prompts to install

If all that was successful, try again:
sudo ./VBoxLinuxAdditions-amd64.run

You should see:

It’s OK that the X drivers failed to install because we don’t have X loaded.

Now you’re set and ready to move on to bigger and better installs!

I have interviewed a lot of candidates for open tech jobs at my company and I see the same mistakes over and over.  In these tough times I thought I’d jot down some do’s and don’ts of tech job interviewing to hopefully help out some of my brethren who are looking for work.

DO keep your resume short and concise.  The most important thing to remember is that 9 times out of 10, the first person to read your resume will not be a tech person, but most likely someone in HR.  Keep your resume 2 pages or less.

DON’T list out every program, protocol or hardware architecture you have ever used.  Half of the resumes I get have a huge section similar to this:  PCI, Vmware, ISA, SOX, Windows 95, 98, Me, NT, 2000, 2003, 2008, Mac OS, Office XP, Outlook 2007…  Can you see how that can get fatiguing?  First off, if you are applying for a senior Windows admin job, you better know Office so don’t bother putting it on the resume.  I think the strategy people use is to get through keyword filters so that their resume gets read by a human, but it doesn’t work.  A concise and clear resume is what works.

DO wear a suit and tie.  Don’t show up in torn jeans and a heavy metal shirt, even if that’s what you are going to be wearing to work.  A suit shows you are a member of polite society and take the job seriously.

DON’T be late.  Yeah, I know it’s common sense, but don’t do it.

DO use this time to update your professional certifications.  Some people are against certifications, saying they are a waste of time.  All of my certs are the result of a thousand hours of study so I am sure I learned something in that time.  It proves you are dedicated to the profession and more than just an IT janitor.

DON’T show up empty handed.  Bring copies of your resume, print-outs of your certs, writing examples (just a few simple how-to’s will do) and some Visio diagrams.  One thing that really impressed me from one candidate was that he brought the top 5 Visio network diagrams he made.  What REALLY impressed me was that the diagrams he brought looked like JFK’s FBI file – all the IP addresses, server names and functions were literally blacked out.  I asked him why he did that and he said he signed an NDA with his last employer, and besides, he felt he still had an obligation to protect the network and a hacker could do serious damage with those Visio’s.  That shows some real ethics – to be loyal to a company that laid him off with no severance and escorted him and his whole department out. 

Hope this help you guys.  Feel free to drop me a line with questions or comments.

#1 – Notepad++ 5.6.4 / Windows / Released under the GNU General Public License
http://notepad-plus.sourceforge.net/uk/site.htm

OK, I know it’s a little odd that a text editor is my #1 choice for the best free, open source app of all 2009.  If you have ever used Notepad++ for anything, you will know this is a killer app for Windows is much more than just a Notepad.exe replacement.  It’s what I use for all my coding, word processing, and text formatting.  With its plugins, it’s very powerful and incredibly flexible.   It’s so useful to me, I use it on my Mac OSX system via Wine.  Now that’s love!

#2 – FileZilla 3.3.1 / Windows, OSX, Linux/ Released under the GNU General Public License
http://filezilla-project.org/

You kids out there will have a hard time believing this, but once upon a time in the dark days of computing, a free, graphical FTP client was very hard to come by.  We has to use crappy crippleware, trial software, the command line or pay $70 for something as simple as an FTP client.

Then FileZilla came along and geeks and nerds worldwide rejoiced!  Finally, a free, open source graphical FTP client that supports not only FTP, but FTPS and SFTP.  The fact that I can use it on all my machines (Windows, MacOS, Linux) is even better.  Thank you, FileZilla!

#3 – CentOS 5 / Linux / Released under the GNU General Public License
http://www.centos.org/

If you want to be at all competitive in any tech job in the coming decade, you must learn the Penguin.  Learn the penguin, love the Penguin.  Yes, you can love Mac OS and Windows too.  CentOS is my personal favorite, but any distro will do.

A mark of a great program is one that you use so often it just becomes second nature.  TrueCrypt is one of those programs.  It’s a program that encrypts and decrypts data on-the-fly with little overhead.  There are several encryption methods you can use; full disk encryption that works on the boot level, volume encryption (mounts like a USB drive and you can drag/drop files in), hidden volumes and hidden operating systems.

I personally use the whole disk encryption on my both my personal laptop and work laptop.  My company evaluated several different whole disk encryption products and we finally settled on TrueCrypt because it was fast, rock solid and much cheaper than other offerings, like PGP.  PGP offers a centralized CA and key management server and TrueCrypt does not.  That might be a deal breaker for larger companies, but small to medium sized businesses would benefit from implementing TrueCrupt on laptops.  By using TrueCrypt, I saved my company about 15k in hardware and software in 2009 alone.  I don’t use whole disk encryption on full sized desktops because the chance of theft is lower, but I do use encrypted volumes to store sensitive data, like password files, network diagrams, vulnerability assessments, etc.

Two intriguing feature of TrueCrypt are Hidden Volumes and Hidden Operating Systems.  Hidden Volumes allows the user to have a hidden area in which to place sensitive files inside of a regular TrueCrypt volume, where  you would place dummy files.  The idea being, if you have a gun to your head, you can give the password to your standard volume and not the hidden one.  Same concept for a hidden operating system.  You store an entire bootable OS within a TrueCrypt file that no one will detect.

Interesting concepts that I assume would be most useful to CEO types where there’s an actual chance of extortion, government intelligence agencies and people engaged in highly illegal activities.  Testing out a hidden OS in the near future is on my to-do list just out of curiosity.

#5 – VirtualBox 3.1.2 / Windows, OSX, Linux, Solaris / Released under the GNU General Public License
http://www.virtualbox.org/

We’re halfway through the countdown and here’s #5 — Sun’s VirtualBox.  Whether you’re a virtualization evangelist like me or not, there’s no denying that virtualization is the future.  Enterprise-class virtualization is what’s powering revolutionary designs in datacenters and cloud computing, but desktop virtualization is changing the way we use our desktops and other devices.  The best non-free Virtualization product out there, imho, is Vmware Workstation, hands down.  But, the next best thing is Sun’s VirtualBox.  I like it, it is the right price and it works very well.

#6 – Nmap 5.00 / Windows, OSX, BSD, Linux, Solaris, HP/UX, AmigaOS / Released under the GNU General Public License
http://nmap.org/

I sure love me some Nmap.  Simply put, it’s a port scanner.  But it’s so much more than “just a hacker tool,” as an ex-coworker once told me.  It’s so versatile, so powerful… it can assist in dozens of tasks a good sysadmin routinely performs.  Here’s just a few ways I use Nmap: 

- Any new server I install gets scanned.  This will tell me if the software firewall (Windows Firewall, ipchains, etc) is configured properly

- What is that computer doing on my network?  See something weird in DNS/DHCP?  Nmap will usually tell you the host name, OS, domain membership, MAC address, device type uptime, last boot and much more.

- Network mapping.  A good way to create an inventory or verify your existing inventory.  The Windows-based Zenmap front end will even give you a graphical topology.

- Compliance/baseline creation and comparison.  Always create baselines of your network and perform routine audits to ensure there aren’t any rogue devices or servers.  I use Nmap as a tool for SOX compliance; I have a baseline, run regular re-scans and document the diffs.  Each diff must be accounted for in documentation.

- External testing.  I also run nmap on our public IP’s periodically to make sure there aren’t any unneeded ports open and that I recognize every device on the output list. 

It’s available for almost every modern OS, and distributions include a lean and easy to master command line version.  Most of the distributions include Zenmap, a GUI front end that is just as easy and full featured.  Do yourself a favor and check out Nmap!

#7 – md5deep 3.5 / Windows, OSX, BSD, Linux, Solaris, HP/UX / License: Public Domain
http://md5deep.sourceforge.net/

One of my favorite and most used programs in my toolkit is also one of the simplest to use.  md5deep is a program written by Jesse Kornbloom, a former Special Agent of the Air Force Office of Special Investigations.  md5deep will walk through a directory or directories and compute the MD5  for every file.  It also supports comparison mode; you give it a list of known hashes and compares them to a set of input files and it will tell you if the file has been modified. 

The program is mostly used in forensics, but very useful and a great CYA for sysadmins like myself when checking to see if file(s) have been tampered with by outside intruders.  You can produce hashes of archived log files or system files and periodically test for tampering.  There are other programs that automate this, but md5deep is the first and best place to start if you are looking to do this sort of task.

#8 – Wireshark 1.3.2 / Windows, OSX, BSD, Linux, Solaris / Released under the GNU General Public License
http://www.wireshark.org

Originally named Ethereal, Wireshark is a tool every sysadmin should know and use.  It’s a network packet analyzer, which means it allows you to see all the traffic being passed over the network interface.  It’s an invaluable tool and has helped me several times to identify machines infected viruses/malware that were so new AV vendors didn’t have signatures yet.  I’ve also used it for various other tasks, including seeing if HTTP compression was working, sniffing lost passwords, troubleshoot slow networks, identify rogue devices and much, much more.  It’s also extremely well documented.  You can find a how-to on almost any scenario you encounter.