The results of the second SANS Annual System Administration
Survey will be published at the conference. However,
I have obtained a
preview and can give you some of the highlights.
During the past 18 months, the value of effective system
has become better understood, as corporations have started
to run their
entire businesses on UNIX platforms and develop important
programs based on the World Wide Web. UNIX's growing
popularity, both as
an alternative to proprietary systems such as IBM mainframes
VAX computers, and as the operating system of choice
for the Web, has
led to unprecedented demand for system administrators.
have jumped more than 9 percent in the past 12 months
The survey includes data from 746 system administrators.
administrators work in the government, in universities,
and in large and
small industrial organizations throughout all parts
of the United States
and around the world. They are supervisors as well as
with different levels of experience, from a few months
to two decades,
and they support large and small user bases.There is very little pay difference between administrators
with only a
high school degree, those with some college education,
and those with a
college degree. In fact, those with only a high school
paid more, on average, than the other two categories.
surprisingly, system administrators with PhDs don't
get paid, on
average, as much as those with no college education
1. How much are system administrators and security professionals
(see Table 1)?
The majority (almost 70 percent) of all system administrators
between $30,000 and $60,000. The top quarter are paid
an average of more
than $71,000. When the results of this survey are compared
of other information systems professionals, system administrators
more than telecommunications specialists, LAN managers,
administrators, technical support specialists, help
desk managers, and
2. How rapidly are salaries increasing from year to
year (see Table 2)?
Salaries for the surveyed population increased by 9.8
average, from 1994 to 1995. This is a big jump from
the 5.5 percent
average increase reported by the surveyed population
for 1993 to 1994.
It reflects the growing awareness of the value of system
especially in banks and financial companies. The highest
increase, which far exceed the average increase, are
in the higher
income brackets. In my opinion, employers -- especially
employers -- seem willing to offer substantial increases
to retain their
senior system administrators, because they recognize
how difficult and
expensive it will be to replace senior people.
The details of this survey will be presented at the
SANS conference in
May, but in the meantime, you may be able to put this
data to good use.
New Release of bind
Paul Vixie has released the final version of the bind
name server after
completion of more than a year of intensive beta testing.
of bind has many improvements for performance, reliability,
security. If you are running an older version of the
bind name server,
you might want to check this one out:
Tool of the Month
This month's tool is tcpdump, a program that provides
administrator with information about traffic on the
network. It is a
fantastic tool when you want to see what kind of packets
your network. It has been useful to me, in diagnosing
such as a network card that could receive but not send,
or a bad routing
table that resulted in packets to certain networks being
sent out on the
wrong interface in a multihomed machine.
tcpdump prints out the headers of packets on a network
not the packet content). The program has filtering capabilities,
it possible to look only for the type of packets you
are interested in
at any given time. Some examples of such commands:
To print all packets arriving at or departing from heimdal:
tcpdump host heimdal
To print traffic between heimdal and either baldr or
tcpdump host heimdal and
\( baldr or thor \)
To print all IP packets between baldr and any host except
tcpdump ip host baldr and not baldr
tcpdump uses the pcap library, a system-independent
user-level packet capture. Before building tcpdump,
you must first
retrieve and build libpcap.
tcpdump and libpcap have been built and tested under
SGI Irix 4.x and
5.2, SunOS 4.x, Solaris 2.3, BSD/OS, DEC/OSF v1.3 v2.0,
and Ultrix 4.x,
and may still work for SunOS 3.5, and 4.3BSD Reno/Tahoe
authors of the program no longer support these old operating
The program is loosely based on SMI's "etherfind,"
although none of the
etherfind code remains. It was originally written by
Van Jacobson as
part of an ongoing research project to investigate and
improve TCP and
Internet gateway performance. The parts of the program
from Sun's etherfind were later rewritten by Steven
McCanne of LBL. To
ensure that there would be no vestige of proprietary
code in tcpdump,
Steve wrote these pieces from the specification given
by the manual
entry, with no access to the source of tcpdump or etherfind.
The source for libpcap is available from:
The source for tcpdump is available from:
Problems, bugs, questions, desirable enhancements, etc.
should be sent
And now to this month's question:
I was wondering if you have heard of RCS (Revision
Control System). I'm
looking for an ftp site that has a copy of it. Currently
we are using
SCCS, but SCCS has a problem with checking a file in
the library that
includes a long line, such as a long select statement
in an SQL report file.
If you know of such a site, please
let me know ...
or what would you recommend?
RCS is certainly a better choice than SCCS (Source
System), as it is a much more modern implementation.
Aside from the
problem that you mentioned, SCCS is a much older system
and uses a less
efficient way of storing the differences (they are stored
as a sequence
of edit commands, called deltas) than what is implemented
in RCS (for
details, see Walter F. Tichy's paper "RCS-A System
for Version Control,"
which is included in the source for RCS).
You can get RCS from:
There is also a front-end available for RCS, called
Version System), which extends the notion of revision
control from a
collection of files in a single directory to a hierarchical
of directories consisting of revision controlled files.
CVS has a number
of advantages over RCS. For example, programmers are
able to check out
what they need from the master repository and independently
to the files before checking them back in. If two or
more people check
out the same file, CVS can, in most cases, resolve the
between the various versions of the file, ensuring that
all changes are
checked in correctly. If CVS cannot resolve the changes
will prompt for assistance from the person checking
in the changes.
Note, however, that CVS requires RCS.
You can get CVS from:
About the Author
Bjorn Satdeva is the president of /sys/admin, inc.,
a consulting firm
which specializes in large installation system administration.
also co-founder and former president of Bay-LISA, a
San Francisco Bay
Area userOs group for system administrators of large
sites. Bjorn can be
contacted at /sys/admin, inc., 2787 Moorpark Ave., San
Jose, CA 95128;
electronically at email@example.com; or by phone at