what to learn
Paul Mooring
paul at opscode.com
Mon Aug 26 14:10:21 MST 2013
<ignore>I don't care for python at all and actively avoid it. Syntactically is a bad idea that should go away and the "there's only one way to do it" attitude is completely wrong.</ignore>
Bash vs. <insert your scripting language of choice> are good at teaching different things. Bash is mandatory for sys-admins but generally doesn't teach great scripting/programming practices as semantically it works quite different. Any other more robust language (perl, python and ruby being the big 3) will do a much better job of teaching you "how to code" by introducing proper usage of things like functions, objects (hopefully) and data structures. In my opinion you would be well served by either one depending on what you're hoping to gain from it (bash for leveling up your sys-admin or python for building a dev baseline).
Paul Mooring
Operations Engineer
www.opscode.com
________________________________
From: plug-discuss-bounces at lists.phxlinux.org <plug-discuss-bounces at lists.phxlinux.org> on behalf of Michael Havens <bmike1 at gmail.com>
Sent: Monday, August 26, 2013 1:58 PM
To: Main PLUG discussion list
Subject: Re: what to learn
Thank you so much for your answers. Okay... here is what I think I'll do; scripting and linux from scratch first. While programs are compiling with LFS I'll work on python. I have a python book, it is Python, How to Program but it is old (2002). I also have a book entitled "Linux Shell Scripting with BASH". What do you recommend? I think I should do scripting with BASH because, while it too is old (2004), BASH has always been the same and therefore the age of the book is irrelevant (I think).
:-)~MIKE~(-:
On Mon, Aug 26, 2013 at 8:34 AM, George Toft <george at georgetoft.com<mailto:george at georgetoft.com>> wrote:
To add to what Paul said . . .
What interests you? I know many sysadmins that don't develop code; many developers that can't spell Linux (OK, they can, but they also think 777 permissions fix everything, even access to data files). I've even met SA's that couldn't script, but that limits their usefulness and shows a lack of motivation and curiosity - both highly desirable traits in the workplace. IMHO, learn scripting not just to learn it, learn it to make your work more efficient. If you can document some manual task, you can automate it. Then you can then run that automation on all the servers in your care and have time left over, which makes you efficient. In a previous job, I had over twice the number of servers as anyone else on my team, and four times the company average because I documented and semi-automated the server build finishing process, and I automated the daily health check. So all my servers were consistent (almost identical) and I was done with my daily routine by 10am. This gave me time to help others, project work, find ways to improve processes, collateral duties and irritate management.
And then there's security . . . I got a phone call one day asking to speak to the head of IT Security. I work at a large organization and quickly counted up 11 different security organizations - which one would you like to talk to? Click. LOL. We have network, application, infrastructure security organizations, and their operations, engineering and architectural groups. And don't forget audit, compliance, and CISO. Most people think network operations when they think of security, but there is so much more to it. Looking at the 10 Domains of the CISSP (Certified Information System Security Professional) certification shows there is a lot to "IT Security."
So whereas I hate to see security last in your list (most companies put security last on their list, too), the reality is you need to have a solid foundation doing *something* before you go down that road. Understanding the fundamentals and history will help, like . . . why is there a shadow file? . . . what is the directory sticky bit used for? . . . why isn't the classic File Security Packet suitable for some common security situations? Why did the NSA develop SELinux, then absolutely fail at deploying THEIR OWN CREATION and allow Edward Snowden* inappropriate access to classified materials (hidden question is what does SELinux provide that would have prevented this situation; and the bonus question is prove my implied assertion false)? If I were to point to one thing in security to pique your curiosity, I would suggest looking up the FBI Top Ten for Unix Security and understand how to find and fix those problems. As you can tell by my questions, I'm not a developer, even though I was (a long time ago in a galaxy far, far away), and that's a whole different world, too. If coding interests you, pursue certification in secure code development - that will help you in many ways.
* I hope you ratbastards at the NSA read this email and understand how you utterly failed in the most incompetent way.
Regards,
George Toft
On 8/23/2013 1:11 PM, Paul Mooring wrote:
I think there's a bit of a misconception for how the industry works that leads to questions like this. Web design is really more of it's own thing centered around graphic design and css, although programs *have* to know html these days. Outside that it sounds like you are getting ahead of yourself in terms of specialization, everyone doing non-entry level IT work needs to know a bit of programming (you can call it scripting if you like) and any non-entry level programmer needs to know a bit the systems they right code for (sys-admin 101).
If what you're worried about is building up the knowledge needed for a career, in my opinion the right approach is "what don't I know?" If you have never written any code before don't worry about learning web development, go learn some basic scripting simple perl/ruby/python scripts and the basics of writing code in general. If you're comfortable with that but you don't know how your OS works, go set up a linux server or compile a kernel or whatever else interests you. If you already know all that dive into something deeper, pick up a new programming language or run through linux from scratch.
One more thought, I'm of the opinion you can't "learn security" Securing a system is really more of a by-product of intrinsically understanding that system and how it can be exploited. That implies that if you aren't already very competent writing code and understanding system internals you can't be a useful security person until you are.
Paul Mooring
Operations Engineer
www.opscode.com<http://www.opscode.com>
________________________________
From: plug-discuss-bounces at lists.phxlinux.org<mailto:plug-discuss-bounces at lists.phxlinux.org> <plug-discuss-bounces at lists.phxlinux.org><mailto:plug-discuss-bounces at lists.phxlinux.org> on behalf of Michael Havens <bmike1 at gmail.com><mailto:bmike1 at gmail.com>
Sent: Friday, August 23, 2013 11:31 AM
To: PLUG
Subject: what to learn
you know, I've asked the question about what to learn multiple times. I think I've been asking the wrong question. The new incarnation of my question is what do you think I should learn. Programming is one option and web design is another. Is there another option i'm not thinking of? I guess security is a third. Any others? Things to consider when answering that question would be what is needed? What is the potential? What isn't being addressed.... things like that.
I have more questions but I guess we should get that question out of the way first.
:-)~MIKE~(-:
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org<mailto:PLUG-discuss at lists.phxlinux.org>
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org<mailto:PLUG-discuss at lists.phxlinux.org>
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130826/93b9b2d0/attachment.html>
More information about the PLUG-discuss
mailing list