A Collective Blog of Commenters

The more I think about it, the more I like @ActionAbe’s suggestion ‘The Fundamental’. I don’t know anything about harmonics, but his explanation—a name that at once invokes our origins yet looks ahead to the future—makes a lot of sense to me.

My biggest problem with The Fundamental is that “fundamental” is an adjective, and using it as a noun just feels off to me.

Yes, in this context, “Fundamental” is a noun, but only because it’s short for “fundamental frequency.”

Hrrm. It’s a cool name, but it just…

The Fundament, maybe? But then you would lose the connotations about frequency…

walks away muttering expletives about the English language, and verbing nouns adverbally

I guess I just like the idea of resonance. Kinda like how a force emerges when a point charge is placed in an electrical field. A site that activates the reader. I like that.

That’s actually got a really good feel to it, and also tangents to the mutual aspect (things resonating together, harmonic frequencies and all that jazz)

I can be talked into liking either one.

Fundamental:

Outside of the fundamental frequency thing, which I don’t yet understand, but will look up at some point, there are some appropriate resonances there. FUN. Also, MENTAL. And even what @William_Holz and I are willing to do: FUND A MENTAL thing like this blog!

Fundament:

All I need is this:

fundament.jpg847×475 61 KB

Added to all the above, it’s already got my vote.

snort

The voices each have favorites now.

Heh. Anus.

Christ. We’re such assholes…

Practical learning does need a social component though.

Law, medicine, coding, teaching, etc. all need mentoring, supervision, practice, opportunities for reflection and evaluation. But I get that this project is not turning out to be that.

Could you recommend good writing about servers with a ratio of maybe 25% “recipes” and mostly concepts?

Something interesting … analogous to Martin Davis, Engines of Logic (computation) or Cal Peternell Twelve Recipes (cooking)?

Agreed. This is one of the huge benefits of hacker spaces.

Could you recommend good writing about servers with a ratio of maybe 25% “recipes” and mostly concepts?

I really picked up just about all I know in that realm through doing. Having projects I wanted to accomplish, and then ferreting out the information I needed to make them happen.

If you were looking for security, low level network protocol, or possibly specific programming languages, I could make “dead tree” reading recommendations.

Thank you.

No mentor or group of buddies to help after you’d gotten the theory?

I can find a lot of examples. It’s harder to find something readable for the background. I need the history and background.

Without a context, none of it sticks for me.

I think you have some misconceptions about what’s involved in sysadminning that’s going to make things a lot harder for you. When you’re running a server, you’re running some sort of server (Linux/Win/Solaris/etc). Assuming you want to run a Linux server, that’s still really generic. If you know what services you want to learn (httpd, some RDBMS, some app/lang. runtime, etc.) then you’ll have things narrowed to the point that it’d be easier to point you in a better direction.

I’d really suggest at least 75% hands on time, 25% study that’s not hands on, though, with that focused on security hardening, best practices, configuration, profiling, optimization, and troubleshooting/diagnostics for whatever services you’re learning. There’s really not that much to the theory, but there really are a giant heap of details you’ll only learn with a lot of hands on time. Understanding the UNIX philosophy’s cool, but it isn’t going to get your broken httpd redirect working, tune a database, or help you do much of anything. It’s like learning to play a musical instrument or paint - reading about theory is valuable, but you need most time to be hands on practice if you really want to learn.

Oh yeah, this, a thousand times this. Constant vigilance is necessary, and learning on the job isn’t really an option for a live system.

I consider myself fairly expert at maintaining web sites (I maintain and admin several sites, including a large one that gets attacked a lot) and I got nailed good this weekend on a new site that I hadn’t totally secured because it wasn’t live yet and I was still messing around with it. Fortunately the folks at Dreamhost were on top of it:

We have recently scanned one or more users on your DreamHost account for potential security threats. Unfortunately, we found some potential indications that your website(s) *may* be compromised.

We understand that this may not be the best news you can get. This notification is intended to help you through the process and serve as a starting point to assist you in getting your account cleaned and secured.

While we won’t be able to complete these processes for you, if you have any questions about the items that follow please don’t hesitate to reply to this email and we will be happy to clarify any points or offer any further guidance to help you through getting your account back to normal.

We have identified attacker-added malicious content, which may include malware such as backdoor shells, adware, botnet, and spammer scripts. The following file(s) specifically have been identified as attacker-added malware. These files have been DISABLED by setting their permissions to 200 (Owner write-only). These files should be audited and either replaced with known good versions or, if not legitimate site components, removed altogether

That’s why I think having a project oriented approach can be helpful. Having a system to set up (virtual or physical) and goals in doing so, are going to cement things in your head far quicker than reading theory. You’ll wind up doing quite a bit of the reading along the way, while you’re trying to solve problems.

Don’t get me started on WordPress.

Why, what’s your issue with it? What do you prefer and why? I like WordPress-- it’s hugely popular, easy to use, completely configurable, and works great for high-volume sites. It’s easy to install and there’s tons of help available online. Most hosting companies are extremely familiar with it. There hasn’t been a serious attack on WP itself in quite some time.

In my case above, I deliberately and knowingly installed a sketchy theme that wouldn’t have survived past go-live, and I didn’t secure it. Entirely my fault. I was stupid and lazy, and I know better. It was not at all a complicated fix. I nuked the site (overkill, but you know the saying about the only way to be sure) restored from my backup, was back in business in an hour, and that included half an hour of watching to make sure the bad guys didn’t get back in.

If you’re talking about hosting with WordPress themselves, then yes.

Why, what’s your issue with it?

I’m a security guy, most people implement it poorly or don’t patch frequently enough, and there’s at least one new vuln every week.

I wasn’t making the comment from the standpoint of someone who runs software of that nature, so much as from the perspective of someone who is constantly having to tell people why their s*** is broken.

Ah, ok, gotcha. I’d agree that it’s a victim of its own success. Popularity both breeds attacks, and amateurs writing plugins. Dreamhost obviously deals with it often enough that they have scripts and email templates already prepared!

What do you think is a more secure blogging platform to use with commercial hosting?

You guys, while I’d be pleased to carry on pointing out issues with WP, pointing out resources for some kinds of sysadminning, and related, maybe @hello_friends would like to split this to a separate topic, since this thread already has a lot going on with planning, and adding this tangent might start overloading it a bit more than it needs to be.

Sorry, I’ve gone a little off-topic here, but I’d prefer to stay in this thread. Among the things I’m working on is becoming expert in Discourse so we can plug it into whatever platform we end up with. I’ll shut up now.

What did I tell you?