Back to Enterprise I.T.

I have worked at a lot of tech companies, including one of my own. Many hours working on client websites, servers and networks. I don’t regret any of it as it was all valuable experience.

After relocating I realized I wanted a different job. I was still working remotely for my employer in Chicago, and wasn’t in a rush to find something. I started looking for something in the way of a small shop, kind of doing what I had been doing for years, you know? But the interviews I was getting were for contractor, temporary or seasonal jobs. I wasn’t craving bullet-proof security, but I did see a problem with changing jobs all the time. I am not twenty five anymore.

A neighbor told me I should apply at a governmental agency. Having no experience in government, I was skeptical. My experience with Fortune 500’s was not so great – bad managers, phony vision statements, and unsatisfying work. I was seldom free to think outside their box. Wouldn’t a government job be even worse?

But I applied anyway. She was very insistent.

Long story short, I took a lower-level job in a large I.T. department. I did what I was told and found that I liked getting paid for a fixed number of hours. No more calls late at night. I worked 40 hours a week and was paid for 40. I didn’t know that was still possible in I.T. I demonstrated that I had a good knowledge of the systems, and was encouraged to apply for a promotion.

I got the new position which pays quite a bit more. More importantly, one of my duties is to develop systems and help people to be better; work smarter, be less burned out and provide better service. To think outside the box.

As good as that is, I learned something even better. We can make a difference. I have found the people I work with are not what I had envisioned. Almost everyone really cares about the quality of the work. We work together and treat each other with respect. We hold each other accountable and provide real value to taxpayers.

I know may government jobs are not this at all, and for that I am truly grateful for mine.

My Friend Burt

Burt Egel is lying in state. You might think that is a good thing, but I will explain more about why it isn’t.

My friend Burt was born in March of 1950 in Evanston, Illinois, the second son of a Jewish couple. They were a typical American family and dad probably drank too much. Burt grew up loving books and planned to have a teaching job when he got out of college.

Instead, he had a series of jobs in government and some larger companies.

He finally decided that drinking was controlling his life about 7 years ago and decided to quit doing that. He did not work on his eating habits too much though; he still smoked too many cigarettes.

He signed up for Medicare on March 1st, as that was the month in which he would reach age 65. A few days later he was rushed to the hospital with shortness of breath. He was told he required surgery. Without it he would be dead in a matter of months.

The surgery went very well and a few days later he was getting ready to transfer to a rehabilitation facility. He turned to the nurse that was helping him assemble his things and said, “You know, my father died in this hospital 28 years ago.”

In a few seconds, Burt would collapse and though an attempt at resuscitation was made, he passed away. No autopsy needed; the cause was his heart.

His heart was scarred more than 50% with heart disease. As he and his brother are estranged, there is no next of kin. The Lake County, Illinois Public Administrator will attempt to find them. His friends could do nothing. There was no emergency contact for him at his employer, and he had told his landlady that he was adopted. Not even friends that had known him for many years could find any information on his family.

Don’t let the disagreements of life fester into life-long animosity. Lying in state is not all it is cracked up to be, I guess.

New Season – New Blog

I moved my blog back to wordpress.com. I realized I was paying monthly for something I do quarterly – at best.

This winter has been cold, but I have been busy. At work we are launching a new church at Montgomery, IL. – a location that needs some of the impact that only God can bring.

For learning, I am figuring out Single Page Applications and AngularJS. I am getting caught up on web development techniques, as the last few years have been crazy busy getting our IT house in order, moving to Office 365, VOIP telephony and upgrading a ton of ancient equipment. We also launched a great new site at http://newlifecommunity.church.

At play, my band Zeal has not been real busy, but we still meet regularly to pray and spray. We are finally learning some new songs for the upcoming summer playing season.

I am not sure there is a lot of interesting reading here right now, but thanks for stopping by.

Peace.

What do the Sony, Target and Home Depot Security Breaches Mean to Churches?

The breathtaking security breach at Sony bared everything that Sony would not want in the public eye. and then some. Every email sent by the CEO over the last year. All the financial reports, contracts, spreadsheets, files with passwords. Everything.

Now take a look at your servers. Do you host email? Or do you use a cloud service for email that allows simple passwords? Does your senior pastor have communications he would consider private? How about your financial status or records of whom has received benevolence?

Securing the network and allowing people that need access is impractical for churches with minimal IT staff and budgets. It only takes one malicious email to allow an attacker access to the network. Then you are breached – Sony style.

All this to say that every organization, nay everyONE has information in their ministry they have shared intimately or with no one. My thoughts:

1. There are some things that should not be said, let alone emailed. Modeling Jesus, I cannot find much scripture where he made fun of people or their dirty laundry. I do not see the names of Pharisees that he singles out with personal comments. Don’t send anything via email, and don’t put anything in a spreadsheet you do not want to have shouted form the mountain tops.

2. Business information is boring. But it can be damaging to ministries if there is something that will not be understood when taken out of context.  These documents need to be password protected. You need to at least slow attackers down when trying to post your data to a web page. Use weird names, don’t have a file on your computer called passwords.txt.

Satan would like nothing better than get the church’s private business records out to damage the church. Action Steps

1. Does someone “own” the folders on your server? Each Department should discuss how they would secure their data and periodically purge records that are no longer needed
2. Is your network one vast array of data or is it compartmentalized? Would a single breach give an attacker access to absolutely everything? Think about multiple admin passwords for different file servers and folders. That way if Accounting is breached, HR won’t be.

There are things you can do to secure your network if you have time and money and control over the user habits. But it is smarter to assume you will be breached and work backward from there.

 

Confessions of a Christian Musician

I had an English teacher in middle school that said to never write the title of a piece first. Oh well. I didn’t like her much anyway.

I have been a member of Zeal, a Christian band in Chicago for over ten years now. We started out as a church worship team, but even though we were volunteering our time, we were all relieved of our duties at the same time. It seems we were being replaced by younger, edgier musicians. I thought we were edgy. The few hundred that came to the church liked the worship, too. We just didn’t fit the vision that the pastor had for the church. I guess we were Hillsong when we shoulda been Passion…

We play about 6 to 10 times a year and take most of the winter off. We don’t really practice much. We don’t really learn a lot of new songs. But there is one thing we do – pray together, support each other and try to be real friends. By getting together a few times a month, we stay in touch with each other’s victories and defeats. We pray for each other, our families and the world.

We make pretty much no money when we play and we only hope that it is a blessing that God will somehow use.

So, not much to confess really, except that Jesus is Lord, we are sinners in need of a savior, and that we still enjoy playing music for God.

 

 

Stades Farm Sunday Services

We just want to shout out to Vern Stade and Jeanine at Stade’s Farm and Market. Thank you for allowing us to worship with you.

There is nothing like church out in the middle of God’s creation on a beatiful Sunday morning. The air is crisp, the sun is bright and the teaching is nourishing for the soul.

Seeing the Comfort Dogs from Lutheran Church Charities yesterday was a special treat.

Thanks again!

 

 

Zeal at Fellowship of Faith

On July 20th, Zeal hadthe privilege of leading worship at the Fellowship of Faith Church in McHenry. We want to thank Mark, Jerry and the rest of the team for doing a great job and making us feel welcome.

Here is Pat singing “Great Light of the World”

More about Zeal on Facebook

Fellowship of Faith
6120 Mason Hill Rd, McHenry, IL 60050
(815) 759-0739

Service Times are 9:00am and 10:30am

 

 

Move Your FreePBX Server to VMWare ESXi

Ok. I am not a sophisticated technical blogger. But I couldn’t find a good tutorial on how to get my FreePBX phone system moved over from an ancient Dell work station to our shiny new server running VMWare 5. We didn’t have the time or patience to run VMWare vSphere Web Client, so the latest version of virtual machine we run is 8. We will get around to upgrading all of this as soon as we get caught up (tee hee).

Anyways (writing from Chicago) we figured a VM was better than another old work station. We have about 50 phones in 6 physical locations. Two locations have servers and are currently joined with Dundi. Yes, we will be upgrading that someday, too.

First I tried to use VMware Standalone Converter to pull the running Linux machine into a VM. After messing around with it for a few hours with various boot disk and kernel panic issues, I figured there must be an issue with that, so just followed these steps:

1. Created a new VM. Virtual Machine Version 8
2. Type was Linux, CentOS 4,5,6 – 64 bit. This doesn’t matter much, as FreePBX installs to bare-metal
3. Left the sockets and cores at 1 each, 2GB RAM, set Network interfaces at 1, Everything else was left on the defaults.
4. Downloaded the .iso for latest stable version at FreePBX.org
5. Uploaded the .iso to the datastore
6. Set Boot Option in the VM to CD first, then added the FreePBX CD .iso to the Device Type in “Datastore ISO file.”
7. Started the VM, Chose Full Install with Asterisk 11 – when in doubt, go with what’s on the top of the list.
8. Leave the IP addressing on DHCP for now. We can change that to static later in the FreePBX GUI.
9. Then I set a password for user ROOT and let ‘er fly.

So while that is installing, the best thing we like about FreePBX is the Free part. But in close second place is the fact that it is super simple for a generalist like me to setup and just let it run. It goes for months without a reboot and I regularly apply the patches that come in. I have had some hardware issues – which is why am bothering with this at all. The old PC doesn’t always boot on a re-start and I don’t like driving in Chicago traffic for an hour to go restart it. I do have another old machine running this as a lukewarm spare, but I will get in to that in another post.

Once installed, log in to the VM console, get the IP address and then use a web browser on another PC or Mac to set up the FreePBX GUI. Put the IP address in the browser and it will run you through the first time setup stuff. FreePBX talks about all that here. Make sure you go to Asterisk SIP Settings. Local Networks is critical, especially if you are on more than one subnet. Do not choose “root” for the user name in the FreePBX interface when you are setting this up. We use a separate username and password for Asterisk servers from what we have for Windows domain logins.

A few things I need to do in Linux. If you are not a Linux user, this is a good time to start. There is stuff all over the Internet on how to do what I am about to describe. First, I want to be able to find this server by hostname. Then, I want to use the FTP server to update phone configs, so I will need to add an FTP user name and password. Nowadays (I was raised in Missouri) FreeBPX has an endpoint (phone) manager but I am either too cheap or lazy. I am not sure if it costs anything, but it seems like it does, so I still download firmware and configs to phones  the way I did when I set this up a few years ago. Next, I like to have the server let me know when it has patches to install or other notifications, so I use the built-in Postfix mail server for that. So using the VMware console or PUTTY ( free download, and again I just access the server by IP Address) I configure a few things from the command line. I use the program “VI” for this. It is already installed and I am not writing War and Peace here:

Set Hostname – use this command to open vi:
vi /etc/sysconfig/network
press the “Insert” key and set your host name like so:
Then hit “Escape and the colon “:” and “x” to save and exit.

Setup Email in Postfix. (For help: http://wiki.centos.org/HowTos/postfix)
vi /etc/postfix/main.cf
Hunt down the sections for these settings and add these lines:
myhostname = sip03.mydomain.local
mydomain = mydomain.org
mynetworks = 10.10.0.0/16 127.0.0.0/8 (You may need to go to Google University to set this for your network. We have a lot of subnets)

Setup FTP server
If not already installed:
yum install vsftpd
/etc/init.d/vsftpd restart

Add User “ftpuser” with password “mypassword”. This is the user name and password each phone will need to get its configuration settings. Skip this if you want to just manually program each phone. I think once you have more than three or phones, this is way easier. I will do another post on FTP phone config later. Anyway, not in vi, but just at the Linux command line, add your “ftpuser” with these two commands. The second one will prompt you for a new password:

useradd ftpuser
passwd ftpuser

Then, allow user to access the FTP server:
Check the ftp configuration to make it says this:
vi /etc/vsftpd/vsftpd.conf
userlist_deny=no
Then add you user name to the FTP “allow” list:
vi /etc/vsftpd/user_list
add ftpuser
Test this with an FTP client or another computer on the network with FTP on the command line.

Make sure the “Start FTP server on boot” is set correctly:
chkconfig vsftpd on
service vsftpd restart

You will want to either disable the CD for the next start up or change the boot order back to Hard Disk first, or it may be a problem on next boot!

Next Post will be on getting the settings form an existing server on to this one. I need to find time to tell you about that, but if you are in a hurry, there is a good post here

Zeal and Stade’s Farm & Market Announce 2014 Dates

The long-time partnership between Zeal and Stade’s Farm and Market’s Sunday Worship services continues in 2014 with the announcement of 6 dates the band will play this year.

It may be a little chilly now, but it will be warm and sunny before you know it and we look forward to getting back to the farm!

May 25th (Memorial Day Opening Service)
June 15th (tentative)
July 6th
August 10th
Sept 14th (Car Show Weekend!)
October 5th

 

Why is History Important

People that follow current events are well informed. People that stay in contact with their friends with social media tools are connected. People that have an interest in history are well connected. I am not going to pick on the educational system in this post. As leaders and parents, we should mix history in with our teaching to help younger people develop misdom. Wisdom that comes from understanding similar situations from the past.

School can teach us a great deal about events and dates. But to understand how people were feeling and thinking during critical times requires reading a book that goes in deep on one of the players or the event. By getting at what people did and why they did it is really important. It is important because human nature hasn’t changed a whole lot in the thousands of years we have been around. It is one of the reasons why plays written by Shakespeare hundreds of years ago still resonate so well with audiences today. The players change, but the plots and schemes remain pretty much the same.

So if we were to study history a little more, we get a better understanding of people. Wouldn’t that help all of us get along better in life? Not all books on historical subjects are the same. Many best sellers go for the entertainment angle, and those can be fun, too. But if you want to learn about people, read a book.

I am not surprised at how many new things man can discover about our world. I am no longer surprised that many people discover things about people that are not new at all, but are new to them. I am sure our parents, and everyone before them were not suprised by this either. Read a book. Download one to your phone today.

Cheers.