Yet another book review ! \o/
This book was released in Y2K. Seems like there was no new edition since then.
Perl for System Administration is written by David N. Blank-Edelman.
Some fun facts about how old is the book :
- The book mentions "Perl is not ubiquitous" as a weakness when having to choose between Perl and other scripts languages.
- The author thanks Usenix, SAGE and LISA conferences.
- Recommends search.cpan.org 😄
- "NTFS driver will be integrated in Linux kernel 2.2"... ah memories
Security is always one of the numerous hats of a System Administrator...
Here are some notions explained in the book :
- Poison null byte (still possible in 2020 ?)
$$on multi user machine, a malicious user can predict and steal a temp file and write custom text/command to force reader to execute what he wants
- I discovered that "..." ". " were valid filenames (for bad people).
- Interesting exercise with system monitoring (dates, content, DNS dump...)
- The idea of Postmortem, long time before devops mindset :D
- Classic DDoS SYN flood attack (I think the first time I heard about it was in a story about Kevin Mitnick)
- Cool part mentioning "John the ripper", "Crack" or "L0phtCrack". "libcrack" and "npasswd" 💀
I learnt also :
- A lot of things about PPM.
- A lot about macperl : cpan-mac and installme where you can drag and drop tarballs to install
Very cool !
- How MAC is different (data fork, resource fork)
- How Windows is LOL (vfat = how to build something on top of a technical debt)
- The sample code is cool
- The sysread trick vs < > (read sequentially and stop at first error)
In general, how the author tells a story and explains sysadmin concepts each time is very cool -- I LOVE IT --
How quotas are explained is very cool.
Quotas edition samples are a bit hacky and brittle (not by the fault of the author) but proves "how to get the job done" with Perl.
Some tips detailed:
- GID is primary group
- We can have a group password
*to disable login
$(for real/effective user/group
- Windows : RID + DID = SID
- Impossible to recreate same user then computer owner change implies to rename user
- Windows cannot give ownership, we can only take ownership
- There is a password hash incompatibility (algorithm)
- On Unix there is a superuser whereas on Windows it's more like super-heros (users with super powers)
Sysadmins have their own mindset (and the ones I know have a great sense of humor).
- "Nothing is foolproof because fools are so ingenious"
- "Something is wrong and I have no idea what" (how some users report problems) lol
- "Sysadmins are log file linguists"
- "Handle with pack and unpack - this way lies madness and misery" 😃
- "There are times where death is too good for a process"
- "Security is continuum"
- "You can be more secure but you will never be 100% secure" and in the same theme "It is always possible to find more to fear"
- "Oog's password to get back into the clan's cave was probably "oog" " (about weak passwords)
- "Detect local signs of perils" (nothing special but it sounds good to me 😄)
- "Learn something from incident instead of only loosing time and effort"
- "An user does not login from a lot of different places" (probably still true today even in the "mobility world" that we know today)
Very nice chapter !
- Inspect process with
- Filewatcher windows very contemporary
- LDAP (LDIF)
- Active Directory (ADSI, DCOM, OLE)
Caracteristics : structured or not, some implementation details etc...
Networked, remote, hierarchical, structured, read many write few...
Very good chapter about LDAP, I skipped some parts at the end, but at least I have ready to use code if needed.
- Control Windows windows with API !
- Security bits
- References at the end of chapter, original but cool
- Very nice chapter about DNS
- Not for Perl beginners, sometimes complex notions are thrown without any explanation (
- Sometimes too much details that will be outdated one day after the book is released (a bug in a very specific version of
- Sometimes too much code (one snippet was 5 pages long, tldr;)
- Lost with chapter about XML, not clear
- SNMP and LDAP are probably not so well explained
- Compare 2 tabs that contains numbers
if("@arr[1..12]" ne "@arr2")nice Perl idiom (slice then convert to string to compare).
- Do you know the SQL "SELECT ... INTO ..." ? Me not ! 😁
- Good idea to compare SQL operators to Perl regex operators !
There are really short introductions, quality depends the topic:
- XS and XML intros are cool.
- LDAP and SNMP intros are too hard.
Very pleasant to let the author give a tour of Operating Systems for us for each topic, even (especially) if I'm less interested in some OS.
You should read this book! Definitely ! 👍