General discussion
-
CreatorTopic
-
August 21, 2005 at 9:03 pm #2186230
Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Lockedby craigwb · about 18 years, 7 months ago
blog root
Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
August 22, 2005 at 1:00 am #3068448
Creating and Authoring Methodologies – Part 1
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In many cases, I end up working on creating methodologies for my customers as part of doing enterprise reference architectures, or simply trying to fix bad IT processes and operations. This work is no…
-
August 22, 2005 at 1:00 am #3068449
Windows 2000 Rollup to be re-issued!
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
On my previous post about the release of the Windows 2000 rollup package that was released by Microsoft, a few of you commented on some serious problems with the rollup. You’re no alone! Apparently th…
-
August 22, 2005 at 1:00 am #3068450
Solaris Xview vulnerability reported by Sun
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has reported a security problem in the Xview application, and has announced the availability of the patch to resolve the issue.
The products affected by this security issue are: Solaris… -
August 22, 2005 at 1:00 am #3068451
Creating and Authoring Methodologies – Part 2
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use the following steps to estimate the size of a methodology. This estimate uses number of segments as a basis for calculating level of effort. A segment is defined as an ob…
-
August 22, 2005 at 1:00 am #3068441
Review Meeting Productivity
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This continues on my string of posts about running good meetings . While looking at the time estimates, you need to be mindful of the previous posts on meetings their effectiveness from a time/accompl…
-
August 22, 2005 at 1:00 am #3068442
Bugeting for System Performance Engineering…
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
An item that tends to get forgotten or stricken for new system projects, is that of testing and tuning the system for optimal performance on what ever system is running the application. IT seems more…
-
August 22, 2005 at 1:00 am #3068443
On Backup Tools for Workstations…
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Moving an organization to an enterprise backup solution that includes the workstations is not necessarily a big stretch, but it does take a bit of planning and estimation up-front. In my original post…
-
August 22, 2005 at 1:00 am #3068444
Average Length of Help Desk Calls
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
You may want to reference my previous posts on Help Desks, such as ‘ Managing Help Desk Expectations for a New App ’ or my sample questionnaire for Help Desk Projects , to get some further details on…
-
August 22, 2005 at 1:00 am #3068445
Project Control: Context
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Project Control describes processes to manage the delivery of a quality project in accordance with the terms and conditions of the contract.
-
August 22, 2005 at 1:00 am #3068446
Project Control: Manage Scope and Requirments
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Scope control, or the lack of it, is the principal cause of project failure. Team project management and the customer Acceptor must work closely to ensure that the project delivers only the features a…
-
August 22, 2005 at 1:00 am #3068447
Traceability Matrix
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A method used to validate the compliance of a process or product with the requirements for that process or product. The requirements are each listed in a row of the matrix and the columns of the matri…
-
August 22, 2005 at 1:00 am #3068437
More on Traceability
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Traceability is a key project function that is usually maintained as part of the project co-ordinator’s duties. It is a living document that should be updated and maintained throughout the project lif…
-
August 22, 2005 at 1:00 am #3068438
Project Control: Manage Customer Relationship
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Various levels of management play a role in managing the customer relationship (e.g., sales management is responsible for the overall customer account). However, the Deliverer is responsible for maint…
-
August 22, 2005 at 1:00 am #3068439
Training Preparation Checklist
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In many cases, doing system integration and other consulting work requires various different types and levels of training to occur from end-user training to indepth technical training of the admins of…
-
August 22, 2005 at 1:00 am #3068440
Project Planning Assumptions Checklist
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Along with the Project Planning Framework Checklist , and the Managing Scope and Requirements Checklist, you will likely find this checklist quite handy when it comes to managing the assumptions made…
-
August 23, 2005 at 12:58 am #3067797
Product Selection – Customer Reference Interview Checklist
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In a past posting, I looked at the effort involved in selecting a software package and some of the parameters involved. Here is a quick checklist that can be used during a customer review or interview…
-
August 23, 2005 at 12:58 am #3067798
Sucessfully Implementing a Methodology
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I had posted a two part series ( Part1 Part2 )about authoring methodologies which recieved a great comment asking how you would test a methodology. In my opinion, the best way to test a methodology is…
-
August 23, 2005 at 12:58 am #3067799
Project Control: Manage Team Performance
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Managing the team is one of the most critical aspects of project management. This involves not only managing internal staff but also managing any customer personnel and subcontractors assigned to the…
-
August 25, 2005 at 12:59 am #3067902
Project Control: Manage Cost/Schedule Performance
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The purpose of this process is to monitor, evaluate, and report progress, as measured against the Project Management Plan, and adjust for variances.
-
August 25, 2005 at 12:59 am #3067903
# of Object Classes per Developer
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The number of classes per developer is 15 to 50.
That is, over the life of the project each developer will have complete responsibility for from 15 to 50 classes.Source
This rule of… -
August 25, 2005 at 12:59 am #3067904
Cisco Clean Access may be too clean!
by craigwb · about 18 years, 7 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
…As in not authenticating the entity! Cisco has reported a vulnerability in Cisco Clean Access (CCA), which could be used by remote users to avoid authentication and change the configuration.
The CCS API (Application Program In… -
August 26, 2005 at 2:18 am #3055969
Defining a Data and Process Distribution Strategy
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I would usually plan for 16 hours to define a data and process distribution strategy when the sum of the number of applications, technologies, and location types is less than 6.
Plan for 48 hours t… -
August 26, 2005 at 2:18 am #3055970
Project Control: Manage Finances
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Deliverer is responsible for delivering the project in accordance with the initial Financial Model that was established in Project Initiation (the financial baseline)…
-
August 26, 2005 at 2:21 pm #3053764
DHCP Clients in Solaris 10 may allow arbitrary code execution
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has reported a vulnerability in the Sun Solaris 10 DHCP client software, which could be used by an attacker to run arbitrary code on affected systems…
-
August 29, 2005 at 10:20 pm #3046955
Project Control: Manage Project Data
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
It is essential to manage and control all of the data that supports the project. Key items to consider are identified in the Checklist for Managing Project Data . The subprocesses are:
-
August 29, 2005 at 10:20 pm #3046956
Weblogic May Allow Unauthorized Access!
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
BEA has released a security advisory that reports a problem in WebLogic Portal version 8.1, which could allow a user to bypass access restrictions. The problem, which BEA does not giv…
-
August 30, 2005 at 2:18 am #3046934
Cost of Quality
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Cost of Quality for a typical Systems Integration project across the full life cycle can be expected to be somewhere between 30 percent and 40 percent.
Cost of Quality (CoQ) is an indus… -
August 31, 2005 at 2:21 am #3047286
Project Control: Provide Administrative Support
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The level and type of administrative support required should be identified in the proposal and included as part of the contract – otherwise, it becomes an overhead item, and a cost to the consulting o…
-
August 31, 2005 at 10:24 am #3047089
Developing a User Manual
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I think that I am getting close to running a series on preparing documentation, which I had threatened to do a while back, but in preparation, I wanted to give you this post that looks more at the eff…
-
September 1, 2005 at 2:23 am #3055380
Checklist for Closing Out a Project
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
We ve gone through a series of items on project initiation or starting a project and project control or the operation of a project but how exactly to you end a project? Hopeing to share a series on my…
-
September 1, 2005 at 2:23 am #3055381
Project Close: Context
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Project Close is a key quality process to ensure satisfactory completion of the project. The Deliverer is responsible to make sure that project close follows an orderly process, that staff are not rel…
-
September 1, 2005 at 10:21 am #3055784
Security Fixes from Adobe
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Over the last few weeks, two updates for Adobe products have been released that fix two security flaws. The first affects Adobe Version Cue for Mac OS X, whereas the second update resolves a critic…
-
September 2, 2005 at 10:19 am #3055052
Project Close: Close Down the Project
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Manage Final Project Acceptance
The Project Management Plan that was prepared in Project Initiation documented how deliverables will be accepted. Once all of the project deliverables have been acce… -
September 2, 2005 at 10:19 am #3055053
HP Openview Network Node Manager vulnerable
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported a vulnerability in OpenView Network Node Manager, which could allow a remote attacker to run arbitrary com…
-
September 5, 2005 at 6:20 pm #3065179
Update released for Mac OS X
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Apple has released an update to resolve up to 17 security problems in its operating system Mac OS X:
-
September 6, 2005 at 6:21 am #3065061
Continuing Workstation Backups!
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
As noted previously, my article on Outlook PST files stirred up a hornets nest with my comments about file servers and backing up workstations. I addressed the issue with a specific IT implementation…
-
September 7, 2005 at 2:19 am #3064714
Effort Multipliers
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Certainly, one of the areas which I tend to focus on a lot with this blog is the determination of effort and what goes into creating high level estimates of what it will take to get certain things don…
-
September 7, 2005 at 10:20 am #3064519
Quality Management: Philosophy
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
After my previous posting about Cost of Quality , I thought it would be interesting to focus a little bit on quality management as I consider it to be a cornerstone to the success of any project. Qual…
-
September 8, 2005 at 2:19 am #3064309
Quality Management: Preventative Processes
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Effective quality management depends upon preventative processes that invest effort at the start of the life cycle to minimize the cost of appraisal and error-correction activities in later phases. Pr…
-
September 8, 2005 at 2:21 pm #3064051
Red Hat releases GAIM update
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Red Hat has released an update for Gaim and advises users to install it, as it corrects several vulnerabilities, some of which could compromise security on affected systems.
Below is… -
September 9, 2005 at 10:20 am #3063775
Quality Management: Appraisal Processes
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In addition to preventative processes, quality is reinforced by the completion of appraisal processes that review work products and process throughout the life cycle. Appraisal processes in Project In…
-
September 12, 2005 at 12:43 am #3065593
Is the Cluetrain Running Over the US Government?!?
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Is it the first government to get hit? Will it be the last? From when I was young, I have always enjoyed books, and there has always been a list of books that I keep which expanded my mind, changed my…
-
September 13, 2005 at 8:43 pm #3058416
Updated Version of OpenSSH
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Version 4.2 of OpenSSH (OpenSSH is a free implementation of versions 1.3, 1.5 and 2.0 of the security protocol SSH) has been released here , which fixes several vulnerabilities detected in previous…
-
September 13, 2005 at 8:43 pm #3058415
Quality Management: Building a Plan
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
To wrap up on some of the items presented around quality management such as the philosophy, preventative processes, and appraisal process, I thought it would be most beneficial to describe what goes i…
-
September 20, 2005 at 1:16 am #3054435
Software Maintenance Productivity
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This measure is used to compare current software maintenance productivity against software maintenance productivity for a previous period (for example, before and after outsourcing application support…
-
September 20, 2005 at 1:16 am #3054436
Squid hit with denial of service
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported a vulnerability in the processing of certain requests in Squid(Squid in an open source Proxy widely used in Unix environments and available for multiple platforms (from…
-
September 21, 2005 at 7:27 am #3058569
Function Point Equivalents
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Yesterday, my post included some references to function points, so I wanted to do a few more posts that discuss different aspects of function points to try and relate their use. Use this to relate a s…
-
September 21, 2005 at 7:27 am #3058568
SUN Java App Server vulnerability fixed
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has reported a vulnerability in Sun Java Application Server , which allows a remote user to view the content of JAR files. The company has also released the updates to resolve this vulnerabilit…
-
September 21, 2005 at 11:23 pm #3062315
Function Points Consumed Per User
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Continuing on some items about functin points, Use this for quantitative analyses of the volume of software required or used in different jobs or in different industries.
-
September 23, 2005 at 10:44 am #3061343
Function Point Delivery Rates
by craigwb · about 18 years, 6 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Function Point Analysis is an industry-standard method for generating a measure of software size. Function Point Delivery Rate is the metric used to convert between software size and expected effort t…
-
September 25, 2005 at 10:43 pm #3061964
Building Training Material
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
As companies look to do more far reaching technological change to their organizations, training of their staff is becoming more important. The training, except in the case of OTS packages, need traini…
-
September 26, 2005 at 2:45 pm #3063335
More Mac OS X updates for Java last week
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Apple has reported here and here , several security problems in Java for Apple Mac OS X, which could be exploited by an attacker. The company has also announced the availability of new versions of…
-
September 26, 2005 at 2:45 pm #3063336
Linksys WRT54G vulnerabilities fixed
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecuriTeam has reported that five security problems of different types have been detected in Linksys WRT54G devices -systems that are a combination wireless access point, switch and router-, which…
-
September 27, 2005 at 10:48 am #3062983
Project Management Office (PMO): Context & Activities
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A PMO describes a team of people who fulfil project delivery management responsibilities. A PMO is typically established when providing a consolidated approach to project management creates efficiency…
-
September 28, 2005 at 2:57 am #3062785
Lotus Domino has cross-site scripting Vulnerability
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported a security problem in Lotus Domino that could allow Cross-Site Scripting attacks. IBM has released the patch to resolve the vulnerability.
This security problem… -
September 29, 2005 at 2:46 pm #3061692
Developing Documents Part 1:Before Writing
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I’ve been promising to provide some insight into how we develop and release documents for our projects and customers. While I have covered certain aspects of preparing documentation, this will be much…
-
September 30, 2005 at 10:44 am #3071971
More Mac OS X updates
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Apple has posted an advisory and released an update that fixes several security problems detected in versions 10.3.9 and 10.4.2 of Mac OS X. Some of these vulnerabilities could be exploited by a re…
-
October 3, 2005 at 2:47 pm #3072733
Developing Documents Part2: Writing a Document
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Further to my original entry on ‘ Before Writing’ this post will cover off a number of items that will be addressed in the creation of the initial draft of a document.
-
October 4, 2005 at 1:15 pm #3072923
Developing Documents Part3: Formal Review
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Part 1 and Part 2 of this series cover off what to do prior to starting a document and how to create the initial draft. The formal review process is intended to address the impacts of a deliverable…
-
October 5, 2005 at 5:14 pm #3057627
Developing Documents Part4: Translation and Release
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Continuing on the series of developing documents, This section will discuss efforts to have the document translated (if a customer needs French, Spanish, or other special copies for international proj…
-
October 10, 2005 at 9:16 pm #3069789
Blogging from the left coast…
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I will be blogging from out on the west coast for the next two weeks. While the number of posts may be lighter… I will try to put together some good stuff for all of you, plus complete my document…
-
October 11, 2005 at 11:39 pm #3069030
XFree86 server vulnerability
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has reported , on its website, a vulnerability in the XFree86 server, which could allow an un privileged local user to run arbitrary code with the privileges of the server. The security…
-
October 11, 2005 at 11:39 pm #3069031
GroupWise 6.5.3 Client Vulnerability
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported a vulnerability in version 6.5.3 of the Novell GroupWise client, which could allow arbitrary code to be run. Novell has released a new version of this client which reso…
-
October 11, 2005 at 11:39 pm #3069029
Developing Documents Part 5: Acceptance Process
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A single, duly authorized customer representative (the Acceptor) is appointed for each deliverable to provide a single, consolidated response in accordance with the specified review schedule, which is…
-
October 12, 2005 at 11:56 pm #3059967
DirectX 8 Security update
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
While this may sound strange, you may be surprised at the number of environments that are running older versions of directX for development and testing reasons. Microsoft has reported two buffer overf…
-
October 13, 2005 at 7:56 pm #3068685
Developing Documents Part6: Revising Approved documents
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Modifications to a previously accepted deliverable or part of a deliverable will be requested using the Change Request procedure.
-
October 17, 2005 at 5:56 pm #3057886
KDE Environment allows Privelege escalation
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
KDE has announced the existence of a vulnerability affecting several versions of its graphic environments and which could allow a local user to gain root access.
This security problem -whic… -
October 17, 2005 at 5:56 pm #3057887
SUN solaris patch posted
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has released a security patch to fix a vulnerability in Solaris, which could be exploited by a local attacker to gain elevated privileges.
This security flaw affects the Xsun(1) and Xprt(1)… -
October 19, 2005 at 10:03 am #3070862
Cisco IOS buffer overflow
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has reported that certain versions of the operating system Cisco IOS are affected by a buffer overflow. The company has also announced that the updates that fix this vulnerability are now ava…
-
October 19, 2005 at 2:02 pm #3060780
IE Content Cross Scripting vulnerability
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A cross site scripting vulnerability has been detected in the current version of the popular Internet browser Microsoft Internet Explorer. The problem lies in the handling of the content of cert…
-
October 19, 2005 at 2:02 pm #3060779
Cost/Benefit of Code Reviews/Inspections
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Inspections do not eliminate testing, but find and correct more defects than testing, and defects are less costly to fix. Inspections are 60 to 80 percent effective at finding defects, unit testing…
-
October 20, 2005 at 11:14 am #3044494
AIX allows Priviledge Elevation
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported that a vulnerability has been detected in IBM AIX 5.2, which allows a local user to gain elevated privileges in affected systems. IBM has announced that the patch to re…
-
October 24, 2005 at 6:44 pm #3043574
Snort buffer overflow in Back Orifice Preprocessor
by craigwb · about 18 years, 5 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
US-CERT has reported a buffer overflow in Snort Back Orifice preprocessor (Snort is a widely used open code IDS (Intrusion Detection System). What’s more, its components are also used in other IDS…
-
October 26, 2005 at 2:42 am #3045717
Effort Distribution Across the Software Lifecycle
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use this information as a sanity check for assessing the relative distribution of effort across the software development life cycle. Based on studies reported in the general industry literature, th…
-
October 27, 2005 at 2:06 am #3044342
Process Mapping Effort
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The time required to complete Process Maps depends on many factors such as:
the number of business processes ,
the availability of team members,
the complexity of the business pro… -
October 31, 2005 at 10:43 am #3114389
Defining External Interface Requirements
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Purpose
To identify and document the interfaces to other systems and external entities within the project scope. These types of interfaces are classed as subsystem interfaces.For interface…
-
November 1, 2005 at 10:43 am #3114817
Defining Deployment Requirements
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Purpose
To define the requirements and strategy for the deployment of the new system. Specific objectives are to:
identify specific customer requirements and priorities,
determine… -
November 2, 2005 at 5:02 pm #3116183
Optimum Team Size for Maintenance Projects
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The optimum size of the maintenance team should be approximately 10 to 15 percent of the project development team’s peak loading…
-
November 3, 2005 at 9:05 am #3117063
A Comparison of Multimedia Courseware and Classroom-Based Instruction
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The following table provides an analysis comparing multimedia courseware and classroom-based, instructor-led (IL) instruction. The table provides background for considering which format and media for…
-
November 8, 2005 at 1:21 pm #3135738
CBT Courseware Development and Conversion
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A standard rule is to allow from 200 to 750 hours of development effort for every one hour of computer based training (CBT), as follows:
200 hours of development effort to produce one hour of… -
November 8, 2005 at 1:21 pm #3135736
Creating User Aids
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Defining and documenting the user aid requirements (e.g., user aid, operations guide), takes eight hours per user aid.
The design of each user aid takes 36 hours for each type of user aid ( e.g., u… -
November 8, 2005 at 1:21 pm #3135737
Developing Online Help
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
While there are many tools and options to streamline the process of building online help into your applications, the actual content still needs to be written – and it needs to be… helpful. The effort…
-
November 9, 2005 at 2:40 pm #3118990
Question of the week – is WildTanget actually Spyware?
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
One of the items that has come to light recently, is the issue of WildTangent’s status as a spyware product. In Canada, the Visa credit card company has started a promotion that includes a game produc…
-
November 14, 2005 at 10:48 am #3119972
Oracle posts critical updates
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Oracle has announced the availability of its quarterly product patch, which has been classified as critical and resolves a large number of vulnerabilities that affect several of its products. What’…
-
November 16, 2005 at 4:53 pm #3131624
Code/Document Inspection Logistics
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This describes the time required for various orientation activities that are part of the inspection process. At the beginning of the inspection process for a deliverable, the inspection chairperson co…
-
November 18, 2005 at 9:45 am #3131062
Developing Classroom Training courses
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
It is standard to allow from 20 to 40 hours of development effort for every one hour of classroom training, as follows:
20 hours of development effort to produce one hour of lecture based cla… -
November 21, 2005 at 1:44 pm #3122256
Converting Video Courseware to Classroom Training
by craigwb · about 18 years, 4 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Video Courseware Conversion Factor can be used to equate video or still-frame video training to the time that is required to deliver the equivalent training using classroom training techniques….
-
November 24, 2005 at 1:23 am #3113904
Describing Key Application Functions
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use this to estimate the effort required to describe key application functions for a Concept Prototype , also known as a Descriptive Prototype, to demonstrate the overall vision of the system.
The… -
November 25, 2005 at 1:23 am #3122792
Software Configuration Management Checklist (SEI-CMM)
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Over many years, I have incorporated many aspects of SEI’s Capability Maturity Model into many aspects of our project execution strategy. This was done quite simply because it works – very well – unli…
-
November 25, 2005 at 9:23 am #3122668
Software Configuration Management (SCM) Details
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Software configuration management provides a mechanism for identifying, controlling, and tracking the official versions of software items. The Software Engineering Institute’s (SEI) Capability Maturit…
-
November 28, 2005 at 3:00 pm #3122117
Managing Configuration Items (SCM)
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
To ensure the integrity of the deliverables, software and hardware components, and supporting documentation that are necessary to support development or maintenance of the end-products, throughout the…
-
November 29, 2005 at 10:59 pm #3127743
PROGRAMMER’S HANDBOOK – A template for application/enterprise Architects…
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This is typically used as part of a larger Software Configuration Management and Quality Mangement solution document within an organization, but I will be posting several examples of templates and…
-
November 30, 2005 at 5:59 pm #3128630
SCM: Software Revision Control Procedures – Template
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SOFTWARE REVISION CONTROL PROCEDURES
*** This template is typically used to produce one section of a larger deliverable. ***
This section documents procedures for developing code, testing it, an… -
December 2, 2005 at 12:14 pm #3127060
SCM Policies and procedures – Overview
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Overview of Software Configuration Management
Configuration Management involves controlling any changes to the components of a system and tracking the status of the system at all times.
The objective of… -
December 5, 2005 at 8:15 am #3128257
SCM Policies and Procedures – Configuration Identification
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
All software components to be integrated into the Company’s system will be uniquely identified. Refer to Appendix J for the naming conventions of code components.
Software components which constitu… -
December 6, 2005 at 8:40 am #3126778
SCM Policies and Procedures – Change Control Part1
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This is a lengthy set of entries, and of course doesn’t just apply to Software Configuration Management. This process applies to the broader change control perspective within any IT organization. For the sake…
-
December 6, 2005 at 8:40 am #3126776
SCM Policies and Procedures – Change Control Part 2
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This is the continuation of a lengthy entry, and of course doesn’t just apply to Software Configuration Management. This process applies to the broader change control perspective within any IT organiz…
-
December 6, 2005 at 8:40 am #3126777
SCM Policies and Procedures – Change Control Part 3
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This is the continuation of a lengthy entry, and of course doesn’t just apply to Software Configuration Management. This process applies to the broader change control perspective within any IT organiz…
-
December 6, 2005 at 8:40 am #3126775
SCM Policies and Procedures – Change Control Part 4
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This is the continuation of a lengthy entry, and of course doesn’t just apply to Software Configuration Management. This process applies to the broader change control perspective within any IT organiz…
-
December 7, 2005 at 8:42 am #3126317
SCM Policies and Procedures – Code Control
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Overview
Control is exercised over all software and database components in a system. Migration of these components is controlled through the use of:
Specific subvolumes for software in eac… -
December 8, 2005 at 3:33 pm #3124574
SCM Policies and Procedures – Data Control
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Overview
The tables and files in the XYZ database are given a CM categorization in order to determine whether data in the files should be controlled via configuration data load files.
The reason… -
December 8, 2005 at 3:33 pm #3124573
Heading to London UK – Blogging will be Light
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Just a quick update to let you all know that I am heading to London UK for the weekend, and There likely won’t be any posts until mid-next week, so stay tuned.
-
December 13, 2005 at 11:18 am #3197691
SCM Policies and Procedures – Initial Promotion of a Release
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Upon the completion of the development phase for a release of the XYZ software, an initial promotion of the release software (or parts thereof in case of a “staggered” release) to the integration test…
-
December 14, 2005 at 3:27 pm #3121239
SCM Policies and Procedures – Promotion to Integration Environment Part 1
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
From the Development environment, files are promoted using the CM tools. The original source code modules, and the delta generated each time a code module is subsequently promoted, are stored and are…
-
December 15, 2005 at 11:54 am #3126025
SCM: Promotion to Integration Environment Part 2
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
DDL Source Code
The following is an overview of the promotion procedure for DDL source code and Q-manager DDL.
On demotion of these files, CM will perform a scan of all source programs to obtain… -
December 15, 2005 at 11:55 am #3126024
SCM: Promotion to Integration Environment Part 3
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Copy Files Shared Between the Tandem and Sun
The following is an overview of the promotion procedure for copy code which is shared (duplicated) on the Tandem and the Sun. The master copy of these f… -
December 15, 2005 at 11:55 am #3126023
SCM: Promotion to Integration Environment Part 4
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Command Files
The following is an overview of the promotion procedure for Command files, including defines files, bind files, and custom compiles.Development Group
· Fill in the Code Co… -
December 15, 2005 at 11:55 am #3126022
SCM: Promotion to Integration Environment Part 5
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
CCF Entries
Certain CCF table entries are under CM control and are entered into the database files using load files. These tables are identified in the instructions for filling out the CCF Change R… -
December 15, 2005 at 11:55 am #3126021
SCM: Promotion to Integration Environment Part 6 (FINAL)
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Task Definition Changes
The Task Profile Table is under CM control and is updated using load files.
Changes to the Task Profile Table sometimes require corresponding changes to the Group Task Sa… -
December 16, 2005 at 2:57 pm #3135491
SCM: Rollforward of Changes to Subsequent Releases Part 1
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Each release of the XYZ software is built upon a “baseline” of the previous release of the software at a certain date. Once a baseline has been established for a release of the XYZ software, any chang…
-
December 20, 2005 at 5:28 pm #3196941
SCM: Rollforward of Changes to Subsequent Releases Part 2
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Rollforward of Initial Promotions for Parallel Development
For Initial promotions from a previous release that is in the development phase and have to be applied to the next release which is also i… -
December 21, 2005 at 5:35 pm #3198610
SCM: P&P: Demotion
by craigwb · about 18 years, 3 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
When code proves to be in error (as found during Integration Testing, System Testing or running of the Production system) or requires change (as approved Change Requests), the particular files will be…
-
December 24, 2005 at 5:48 pm #3081299
Happy Holidays!
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Just wanted to wish a safe and happy holiday season to all the readers and members of ITToolbox!
-
December 27, 2005 at 9:51 pm #3082793
SCM: Deletion of Software and Database Files
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
When code proves to be obsolete in a future release, then it has to be made unavailable for that release and all future releases, while remaining accessible for all previous releases in which it was u…
-
December 30, 2005 at 1:52 pm #3081557
SCM: Promotion to FAST (for System Testing)
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
From the Integration Environment, software is promoted to the QA environment at FAST. Only the executable objects, selected command files used to run the system, database creation files, database load…
-
January 2, 2006 at 11:48 am #3081018
SCM: Software Change Request Procedures
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The same CM procedures are used for tracking the implementation of changes as a result of changes requests and problem reports. Change requests are also entered into the PRS and their status is tracke…
-
January 3, 2006 at 11:54 am #3094503
SCM: Code Control Request Form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I like forms – what they look like and how they get laid out does not matter to me so much as the content – too often, people get forms and don’t understand what needs to be put in the boxes, which ei…
-
January 4, 2006 at 5:50 pm #3095954
SCM: Pathway Configuration Change Request form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Pathway Configuration Change Request Form is required to identify changes to the Pathway configuration of a Pathway server used in the XYZ Application. The form is primarily setup to specify se…
-
January 10, 2006 at 12:49 am #3078130
SCM: CCF Change Request Form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The CCF Change Request form is used to request additions, deletions and changes to the CCF tables under CM control.
Instructions for Completing a CCF Change Request Form:
(Requestor to ensure bo… -
January 11, 2006 at 9:53 am #3079439
SCM: Event/Notification Message Request Form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Event/Notification Message Request (formally the EMS/EMAIL Message Request form) is used to request additions, deletions and updates to event and notification messages.
Instructions for Complet… -
January 15, 2006 at 9:43 pm #3077320
SCM: Task Definition Change Request Form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Task Profile Change Request is used to add, change or delete task profile entries to/from the SSS001T table and roll forward to subsequent releases.
Instructions for Completing a Task Profile C… -
January 16, 2006 at 9:45 pm #3097666
SCM: DBA Request Form
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The DBA Request Form is used by the DBA group to request changes to the database (SQL tables, Enscribe files, Views, and DDL source files).
Instructions for Completing a DBA Request Form
(Reques… -
January 17, 2006 at 8:54 pm #3097100
SCM: Configuration Auditing/Status Accounting
by craigwb · about 18 years, 2 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Quality Assurance team in conjunction with the Configuration Management team performs a product baseline audit prior to installation of the software release into production. The QA team compares t…
-
January 23, 2006 at 11:53 am #3259914
Fixes for Denial of service in Apache Web Servers.
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
According to SecurityTracker, a vulnerability has been detected in Apache Web servers that could be used by remote attackers to provoke denial of services. To prevent this problem an update has bee…
-
January 23, 2006 at 11:53 am #3259913
MS Internet Explorer Denial of Service bug
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A vulnerability has been detected in Microsoft Internet Explorer, which could allow remote attackers to cause denial of service conditions.
According to the bulletin released by SecurityTracker,… -
January 25, 2006 at 11:58 am #3107459
Quality Manual Template
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This would be a template TOC for building a quality manual for you development project:
1. INTRODUCTION
1.1 Purpose
This Quality Manual provides the standard procedures for managing…
-
January 26, 2006 at 4:18 pm #3094053
Defining Disaster Recovery Requirements
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use these to estimate the effort required to define the requirements associated with recovery from disasters.
Requirements Complexity Effort
Simple requirements: 4 hours
Complex requ…
-
January 30, 2006 at 11:57 am #3109107
Code Inspection/Reinspection notes
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
CODE INSPECTION DEFECT CORRECTION TIME
This describes the effort required to correct defects found during a code inspection meeting. The effort required to correct defects is influenced by the c… -
February 1, 2006 at 11:59 am #3107849
Oracle’s Weak passwords…
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A study has been published highlighting the weakness of the algorithm used for encrypting and storing passwords in Oracle.
Joshua Wright, SANS Institute researcher, and Carlos Cid from the Royal… -
February 1, 2006 at 11:59 am #3107850
Mambo content manager Vulnerability
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A security problem has been detected in the Mambo content manager which -under certain conditions- could allow access to confidential data, according to ProCheckUp.
An attacker could exploit thi… -
February 3, 2006 at 2:05 pm #3135086
BPE Proportional Time Estimates
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The following proportional time estimate guideline can be used to help estimate the time and effort required to complete a Business Process Engineering (BPE) project. The stages below refer to the sta…
-
February 6, 2006 at 2:56 pm #3093521
System Development Environment (SDE) Description Template
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The following template should be used as a guideline for creating documents that layout the system development environment (SDE) within the Software Development Lifecycle (SDLC):
Table of Conten…
-
February 7, 2006 at 10:56 am #3093025
Google’s Mini Search Appliance Vulnerable
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has reported a security problem in Google Mini Search Appliance , which could allow a remote user to carry out several actions on affected computers. Google has released the update…
-
February 7, 2006 at 10:56 am #3093026
Remote users block TCP connections by spoofing packets on Cisco PIX Firewalls
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecurityTracker has announced that a security problem has been detected in the handling of TCP SYN packets with invalid checksums, which could allow a remote user to block TCP connections in Cisco…
-
February 7, 2006 at 3:16 pm #3133163
Cisco IOS web server Vulnerability returns!
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Cisco IOS HTTP Server is affected by a Cross-site scripting security problem, according to SecurityTracker .
The vulnerability occurs because the ‘/level/15/exec/-/show/buffers’ function doe… -
February 8, 2006 at 2:57 pm #3092381
MSN Messenger DOS attacks
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecuriTeam has reported a vulnerability in the MSN Messenger authentication system, which could allow a malicious user to carry out denial of service attacks.
This problem occurs because MSN Mes… -
February 8, 2006 at 2:57 pm #3092380
Vulnerabilities exposed in Citrix products
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Citrix has reported a security flaw in the login pages of certain versions of Citrix MetaFrame Secure Access Manager and Citrix NFuse Elite, which could be exploited through a cross-site scripting…
-
February 9, 2006 at 10:56 pm #3253858
Effort Distribution for BPE Projects within one organization
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use the information provided for assistance in estimating project effort to be expended across chart of account categories and subcategories. The Chart of Accounts (CoAs) helps estimators compare thei…
-
February 13, 2006 at 8:03 pm #3091624
Technology changing the face of Sweepstakes and Promotional Marketing
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In working with a client to build an effective solution to aggregate web, sms, IM, mail, and e-mail based sweepstakes entries into a single effective back-end system that will randomly select winners…
-
February 14, 2006 at 12:03 pm #3254529
Debian Posts Critical Patch for Kernel
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Debian has released security updates that resolve several vulnerabilities in versions 2.4.27 and 2.6.8 of the Linux kernel.
The updates are critical, as an attacker could exploit, either locally… -
February 15, 2006 at 1:03 pm #3080881
Cisco issues handling EIGRP protocol
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has acknowledged two security flaws in handling of the EIGRP protocol, which could affect devices with the Cisco IOS operating system.
These two vulnerabilities could be exploited to trigg… -
February 15, 2006 at 1:03 pm #3080880
Effort Distribution for BPE Projects Across Organizations
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Last week I posted a similar summary which focused on the effort distribution within an organization. This post now looks at the distribution of effort across organizations.
Use the information pro… -
February 17, 2006 at 11:27 am #3252264
Macromedia JRun4 Buffer Overflow Vulnerability
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
According to iDefense , a buffer overflow has been detected in the JRun 4 web server that could allow denial of service or even execution of arbitrary code. Adobe has announced the availability of…
-
February 17, 2006 at 11:27 am #3252263
BlackBerry Browser DOS Vulnerability
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A vulnerability has been detected in the browser in BlackBerry devices, which could allow remote attackers to cause denial of service conditions. BlackBerry has released the update to resolve the v…
-
February 20, 2006 at 10:37 pm #3101321
IT Community Choice awards from ITToolbox are on!
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The first annual IT Community Choice Awards are live!
http://blogs.ittoolbox.com/awards/2006/
Nominations are currently being accepted in the following categories which I can qualify for:… -
February 21, 2006 at 2:34 pm #3103072
DOS bug in Cisco Aironet
by craigwb · about 18 years, 1 month ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has reported a vulnerability in Cisco Aironet Wireless Access Points (AP) that work with Cisco IOS. The company has also announced that the update that fixes this vulnerability is now availab…
-
February 22, 2006 at 3:31 pm #3101710
Defining Vertical Prototype Scope & Requirements
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Use this to estimate the effort required to define the scope and requirements for a Vertical Prototype , which simulates the core functionality of the system.
Prototype Size Effort
Small: 8 h… -
February 23, 2006 at 3:31 pm #3100891
Defining Horizontal Prototype Scope & Requirements
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Yesterdays post covered off the details around doing a vertical prototype, today we look at the equivalent specifications around performing Horizontal Prototypes. Use this to estimate the effort requi…
-
February 23, 2006 at 3:31 pm #3100890
Heading on retreat…
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Spending the next 4 days in Whistler, and then going to the Sunshine Coast in British Columbia. I plan to keep blogging throughout, and likely post a lot more commentary/rant style posts while I am out the…
-
February 27, 2006 at 2:02 am #3273333
When patched vulnerabilities return in an upgrade…
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
With teams working on different projects in different locations, plus a diverse range of cutomer industries that I deal with, these annual retreats have become priceless. It allows for an environment…
-
February 27, 2006 at 6:03 pm #3272737
IT Community Choice Awards Final Round
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Thanks to all of you for registering your votes in the first round! I’m one of the top five nominees in the IT Community Choice Awards category of Best Technical Blog!
Voting for the final round… -
March 1, 2006 at 2:02 am #3088498
Developing Concept Prototypes
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
We’ve covered Horizontal Prototypes and Vertical Prototypes – lets switch gears and look at the details around developing a concept protoype. Use this to estimate the effort required to develop a Conc…
-
March 2, 2006 at 8:04 pm #3090192
Multitude of Fixes from Oracle
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In accordance with its policy of quarterly update publications, Oracle has released several updates to resolve multiple vulnerabilities in its products.
According to the advisory published by Oracl… -
March 6, 2006 at 3:18 am #3084943
Mozilla Thunderbird Attachment Spoof
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SecuriTeam has reported a vulnerability that lies in the way that the mail reader Mozilla Thunderbird displays attachments, which allows an attacker to spoof them.
The security flaw in Mozilla T… -
March 6, 2006 at 11:03 pm #3086048
Is IT Ruining the Airline Industry?
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
I used to travel a lot – back in the ‘before self-employment days’, I worked for large consulting companies on an 80% travel basis. Now I travel less frequently for client meetings, conferences, and famil…
-
March 7, 2006 at 3:03 pm #3085165
Adobe Posts Security Update for Graphic Vulnerability
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Adobe has confirmed the existence of a vulnerability in Adobe Creative Suite 2, Adobe Photoshop CS2 and Adobe Illustrator CS2, for Windows or Mac OS, that could be exploited by local users to execu…
-
March 8, 2006 at 2:58 am #3086967
SEI-CMM Checklist for Requirements Management
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
March 8, 2006 at 3:05 pm #3086565
SEI-CMM Checklist for Software Project Planning
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
March 8, 2006 at 3:05 pm #3086564
Nortel Enhances High Availability in L2/3 Switch Module
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Nortel has posted switch software update v1.1 for their L2/3 Gigabit ethernet switch module.
The “trunk failover” feature in this software release includes additional functionality which makes more… -
March 9, 2006 at 3:01 pm #3268048
SEI-CMM Checklist for Software Project Tracking & Oversight
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
March 9, 2006 at 3:01 pm #3268047
SEI-CMM Software Subcontract Management Checklist
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
March 9, 2006 at 11:19 pm #3267856
SEI-CMM Software QA Checklist
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
March 10, 2006 at 5:28 pm #3267632
SEI-CMM Software Configuration Management Checklist
by craigwb · about 18 years ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
SEI refers to the Software Engineering Institute , and CMM refers to the Capability Maturity Model . This methodology is similar to ISO 9001, and University of Texas has some great resources about CMM…
-
June 1, 2006 at 6:42 pm #3165715
Specification Reinspection Correction Time
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This describes the effort required to correct defects found during the reinspection of a specification deliverable. Typically specification deliverables include the Requirements Definition, Functional…
-
June 1, 2006 at 6:42 pm #3165716
PHPlist vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A critical vulnerability has been detected in PHPlist , a double opt-in newsletter manager, which could allow a remote attacker to execute arbitrary code and compromise system security.
The problem… -
June 1, 2006 at 6:42 pm #3165717
Oracle posts more critical updates
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
In line with its policy to release updates every quarter, Oracle offers several updates that resolve multiple vulnerabilities in its products.
According to the advisory released by Oracle, the u… -
June 1, 2006 at 6:42 pm #3165718
Detailed Design Inspection Defect Correction
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This describes the effort required to correct defects found during a detailed design inspection meeting. The effort required to correct defects is influenced by the complexity of the detailed desig…
-
June 1, 2006 at 6:42 pm #3165719
Update for Java on Apple OS X
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Apple has released Java 2 Standard Edition (J2SE) Release 4 for Mac OS X v10.4.5. As well as the performance and compatibility improvements it includes, this update also resolves several vulnerabil…
-
June 1, 2006 at 6:42 pm #3165714
More Vulnerability reports in Cisco Devices
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has released two security advisories informing of several vulnerabilities in systems with Cisco IOS XR and in CiscoWorks Wireless LAN Solution Engine (WLSE).
There are three vulnerabilitie… -
June 1, 2006 at 6:42 pm #3165705
Reinspection of Detailed Designs
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This describes the effort required to reinspect a detailed design deliverable. The reinspection effort is influenced by the complexity of the detailed design deliverable.
Reinspection Time…
-
June 1, 2006 at 6:42 pm #3165706
Cisco reports Subscriber Edge Services Manager Vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has reported a vulnerability in Cisco Subscriber Edge Services Manager (SESM) when processing DNS messages, which can allow a remote user to cause denial of service conditions.
The vulnera… -
June 1, 2006 at 6:42 pm #3165707
Detailed Design Reinspection Correction
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This describes the effort required to correct defects found during the reinspection of the detailed design deliverable. The correction effort is influenced by the complexity of the detailed design del…
-
June 1, 2006 at 6:42 pm #3165708
Corporate Software Reuse Program – Engineering & Reuse
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Before defining the context for the CSRP, this section discusses the ongoing software dilemma and the notion of software reuse as one component of the solution to that dilemma.
The software communi… -
June 1, 2006 at 6:42 pm #3165709
Corporate Software Reuse Program – The Need for a Program
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This article is a continuation from yesterdays post on Engineering Reuse . A successful Reuse Program rests on four platforms: organization, process, technology, and evaluation. Organizational change…
-
June 1, 2006 at 6:42 pm #3165710
HP StorageWorks Secure Path has DOS vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
HP has reported a vulnerability in HP StorageWorks Secure Path for Windows. The company has not offered information about the problem, and all that is known is that it lies in the HP StorageWorks S…
-
June 1, 2006 at 6:42 pm #3165711
Vulnerability in Cisco Unity Express
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has confirmed in a security advisory the existence of a vulnerability affecting Cisco Unity Express, which could allow an authenticated remote user to escalate privileges.
The problem lies… -
June 1, 2006 at 6:42 pm #3165712
Corporate Software Reuse Program: Goals
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A software Reuse Program should be designed to meet specific goals for the corporation. As an example of a set of goals appropriate for a program, we define the basic business requirements and goals f…
-
June 1, 2006 at 6:42 pm #3165713
Corporate Software Reuse Progam: Objectives
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Before defining potential objectives of a Reuse Program, we repeat the definition of a software artifact and a ReusableComponent. A software artifact is any work product resulting from a software engi…
-
June 1, 2006 at 10:39 pm #3165657
Corporate Software Reuse Program: Strategy
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
As discussed in previous posts, there are many modifications to the software development environment that can help to meet the goals and objectives . In this Reuse Program definition, we focus on the…
-
June 2, 2006 at 6:58 am #3165544
Corporate Software Reuse Program: Evaluation
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
There are many dimensions one can use in evaluating this Reuse Program definition and the resulting CSRP. The Reuse Program definition should be evaluated in terms of the strategy defined in the la…
-
June 2, 2006 at 3:51 pm #3166263
Coporate Software Reuse Program: Risk Analysis & Management
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
An important success factor in any software initiative is the management of risk. Risk management is so important that it is an explicit stage in the Spiral Model of development and in many derivative…
-
June 2, 2006 at 3:52 pm #3166262
Coporate Software Reuse Program: Management Risks
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
To ensure success of the Reuse Program and to realize the objectives , Corporate Management must:
· actively support and mandate the Reuse Program;
· establish new performance metrics (lines… -
June 3, 2006 at 6:34 pm #3166085
Corporate Software Reuse Program: Component User Risks
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The software producers – managers, analysts, developers and others – who will be reusing, instead of creating from scratch, software work products are critical to the success of the program. In order…
-
June 5, 2006 at 3:32 pm #3164890
Corporate Software Reuse Program: Component Factory Risks
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Software artifacts do not get into the repository to become Reusable Components by themselves. There must be
qualified people who can identify potential reuse candidates;
qualified people who ca… -
June 5, 2006 at 3:32 pm #3164891
Corporate Software Reuse Program: Reuse Program Tool Risks
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Reuse Program Tools consist of the Reuse Repository Toolset, the Repository Catalog, and the Repository Contents. The basic repository tool itself is probably the lowest risk portion of a Reuse…
-
June 5, 2006 at 6:35 pm #3165487
Corporate Software Reuse Program: General Environment Risks
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The Corporate Software Reuse Program definition provides an overall scheme for reuse in the corporate environment. This scheme is consistent with the best practices for software reuse published in the literature and with the best practices of several reuse projects. However, in any progr
-
June 5, 2006 at 10:33 pm #3165439
Multiple MySQL Vulnerabilities
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Several vulnerabilities have been reported in the MySQL database manager, which could be exploited by attackers to compromise a vulnerable system or obtain sensitive information.
The first flaw… -
June 7, 2006 at 1:12 am #3164319
NIST publishes guide for performance metrics of IT security
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The NIST (National Institute of Standards and Technology) in the United States has published the initial public draft of its Special Publication 800-80 entitled Guide for Developing Performance Metric…
-
June 7, 2006 at 1:12 am #3164320
Vulnerability found in Sun Solaris Xorg Server
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has confirmed discovery of a security vulnerability in Xorg, one of the X Window servers available for the x86 platform.
The flaw stems from a buffer overflow that could be exploited remotely s… -
June 7, 2006 at 1:44 pm #3145196
Software Reuse Program: Roles Overview
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The roles involved in software production have been stable for several years and include such functions as: project manager, analyst, designer, programmer, tester, quality assurer, client, user, and u…
-
June 7, 2006 at 9:07 pm #3145078
Software Reuse Program: Roles and Their Behaviours
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The ReuseManagement role is responsible for the success of the strategy. In particular, it initiates requests to implement policy and procedures and to establish and meet initiatives and incentives. I…
-
June 11, 2006 at 5:40 pm #3144996
Software Reuse Program: ReuseManagement Requirements
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This post further defines the requirements of the ReuseMangement Role.
Role: ReuseManagement
ReuseMangement has ultimate responsibility to:
make reuse an integral part of software development… -
June 11, 2006 at 9:16 pm #3144944
Software Reuse Program: ReuseSupport Requirements
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This post further defines the ReuseSupport role.
Role: ReuseSupport
ReuseSupport has ultimate responsibility to:
Provide appropriate information to the Reuse Program community on how to… -
June 12, 2006 at 5:19 pm #3145504
Bypass of Websense content filter in Cisco PIX vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Cisco has announced a vulnerability in Cisco PIX Firewall and in Cisco Firewall Services Module (FWSM) when used with the Websense content filter. This flaw could allow a remote user to access rest…
-
June 13, 2006 at 1:37 am #3145420
Software Reuse Program: Repository Tool
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The next few posts will contain a description of each major repository tool class including its features, behaviors, and associations. This is not meant as a complete requirements document for the rep…
-
June 13, 2006 at 9:16 pm #3164597
Novell Client Vulnerability Reported
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A vulnerability has been identified in Novell Client which could be exploited by remote users to run arbitrary commands.
The problem is due to a buffer overflow error in the NDPS RPC communicati… -
June 14, 2006 at 1:15 am #3164560
Software Reuse Program: Repository Contents
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
The repository is composed of ReusableComponents. ReusableComponents include, but are not limited to: specification artifacts, design artifacts, test specification artifacts, test script artifacts, an…
-
June 14, 2006 at 1:18 pm #3155648
Mac OSX and QuickTime get multiple fixes
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Apple has published two security updates for its OS X operating system and for the QuickTime media player.
The update for Mac OS X includes a total of 43 corrections, with effects on the syst…
-
June 14, 2006 at 5:17 pm #3155558
Software Reuse Program: Repository Catalog
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
This post defines the requirements for the Reuse Repository Catalog and is part of strategy S2.1 . These requirements include requirements for a classification scheme, search, and pattern matching…
-
June 15, 2006 at 9:35 pm #3154799
Bunch of Security Advisories from BEA
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
BEA has published 15 security bulletins to warn of a series of vulnerabilities affecting WebLogic Server 6.1, 7.0, 8.1, 9.0 and 9.1 and WebLogic Portal 7.0 and 8.1, which could allow access to confide…
-
June 16, 2006 at 1:17 am #3154737
Software Reuse Program: Tools Wrap-up
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
1 Hardware/Software Interfaces
This postdefines the interface requirements for the CSRR and other hardware, software, network components.
Minimal Requirements
It is required that the CSRR be… -
June 16, 2006 at 2:18 pm #3268559
Sun Java System Directory Server Vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Sun has reported a vulnerability in Sun Java System Directory Server, which could give remote users administrative access to the console.
When the Directory Server is installed, the administrati… -
June 18, 2006 at 7:23 pm #3270737
Software Reuse Program: Component Factory Req’s Part1
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Qualifier
The qualifier role is actually an amalgam of several responsibilities that could be split into separate roles. In addition to carrying out ReuseManagement priorities and objectives, they… -
June 19, 2006 at 7:27 pm #3141813
Zero Day exploit for MS Excel in the Wild!
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Malicious code has been discovered that takes advantage of an Excel vulnerability. This flaw causes an unknown error and could allow an attacker to download and run code.
To do this, the attacke… -
June 19, 2006 at 11:43 pm #3141768
Software Reuse Program: Component Factory Req’s Part2
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Maintainer
Maintainers consist of software development teams that produce RCs from artifacts or tailor and modify existing RCs as assigned by the Qualifiers . The Maintainers may be part of any org… -
June 20, 2006 at 11:48 pm #3143897
Software Reuse Program: Librarian
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A Reuse Librarian has responsibilities and tasks similar to that of the librarian with which we are all familiar. These responsibilities relate to the content of the Repository, the accessing descript…
-
June 21, 2006 at 3:26 pm #3142115
Update for PostgreSQL Solves Vulnerability
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
An update of the PostgreSQL database manager has been published in order to fix a vulnerability that could allow remote users to inject SQL commands.
The flaw stems from incorrect validation of… -
June 21, 2006 at 11:26 pm #3269059
Heading to Phoenix AZ
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Heading down into phoenix for a week – home of ITToolbox!
Hoping to meet and spend a bit of time with our blog leader Tim Ribich.
Blogging may be lighter, but I will be continuing to post during my visit -
June 22, 2006 at 3:28 am #3269009
Software Reuse Program: RepositoryManager
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A RepositoryManager manages the repository environment. This role is responsible for changes in the cataloging system, definition of components, and reports generated by the system. As defined elsewhe…
-
June 23, 2006 at 11:53 am #3270516
AWSTATS allows Arbitrary Command Execution
by craigwb · about 17 years, 9 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
It is a hot & steamy Friday here in Phoenix and once more, we are confronted with the fact that any point in a system can become a weak point if not managed properly.
This time, danger stems from a tool seemingly as harmless, but also as esse… -
June 27, 2006 at 10:58 pm #3110804
Software Reuse Program: ComponentUser
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A ComponentUser is a person or system allowed to search the reuse repository for RCs and to check them out. This definition of a user does not allow a class of users who can only browse and not use…
-
June 28, 2006 at 11:44 am #3111897
DSA-3100 Router Vulnerability
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A vulnerability has been reported in the D-Link DSA-3100 router that could allow a remote user to construct cross-site scripting atacks.
The problem stems from the fact that the ‘login_error.sht… -
June 28, 2006 at 11:02 pm #3111704
Software Reuse Program: ReuseTestimony/UsageHistory
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
A ReuseTestimony is a description of a ComponentUser s experiences with a particular RC. It describes how successful the group was in reusing the component. If the component was used, it will descr…
-
July 4, 2006 at 12:48 am #3168756
Software Reuse Program: Reuse Metrics Part 1
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Why a Measurement Program?
I ve had a few comments questioning the value and cost of implementing such a program, so I feel that it is the following set of posts on getting the metrics out of reuse… -
July 4, 2006 at 1:11 pm #3168572
Software Reuse Program: Reuse Metrics Part 2
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
1 Relation of Reuse Objectives to Questions
In previous posts, I presented goals , objectives , and strategies to meet those goals . This 5 part series of posts will provide the mapping from the ob… -
July 5, 2006 at 3:43 pm #3168424
Software Reuse Program: Reuse Metrics Part 3
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
1.5 Reduce Errors through Reuse
O5. Reduce errors by using RCs that have been reused several times in different contexts and thus, having had greater exposure, have had more errors removed. (G2, G4… -
July 6, 2006 at 12:58 pm #3167879
Software Reuse Program: Reuse Metrics Part 4
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Metrics Lifecycle
Briefly, this lifecycle includes Definition, Interpretation, Validation, Utilization, and Refinement. The phase names are somewhat self explanatory and are by no means linear in t… -
July 6, 2006 at 4:30 pm #3167799
It’s NOT Me!!!
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Ok, I know that I go by the pseudonym Sophos , but I currently have no relation or affiliation with the anti-virus company known as Sophos. Nor do I endorse their recommendation to change over to Maci…
-
July 7, 2006 at 10:51 am #3167434
Software Reuse Program: Reuse Metrics Part 5
by craigwb · about 17 years, 8 months ago
In reply to Observations from a Tech Architect: Enterprise Implementation Issues & Solutions
Reuse Metric Examples
This is the last of a 5 part series on reuse metrics. This post contains example metrics and measurements. The measurements can be made directly through observation, calculation, or estimation. Some metrics relate directly to…
-
-
AuthorReplies