From jesse  Mon May  2 14:21:41 2005
From: jesse (Jesse Callaway)
Date: Mon, 2 May 2005 14:21:41 -0400
Subject: [nycbug-talk] interesting...
In-Reply-To: <20050428194602.14e94f5d@genoverly.com>
References: <57d7100005042815593b93fa0@mail.gmail.com>
	<20050428194602.14e94f5d@genoverly.com>
Message-ID: <200505021421.41923.jesse@theholymountain.com>

On Thursday 28 April 2005 07:46 pm, michael says:
> On Thu, 28 Apr 2005 15:59:48 -0700
> pete wright <nomadlogic at gmail.com> wrote:
> 
>   but by the looks of things FreeBSD is "trading" at
> > $11.15:
> > http://buzz.research.yahoo.com/bk/market/market.html?_mid=528&_ono=1
> > 
> 
> Breaking News:
> FreeBSD trades up a nickel to $11.20 on news that Pete was talking about it.
> 
> Michael

Hey, I have some contracts with a major CA based energy provider who is going to invest millions in FreeBSD development since it will be their preferred server platform. If anyone wants in on this position give me a call. Some say Schwarzenegger is physically backing the contracts and will get rid of the old NT servers in a seek-and-destroy mission as his duty to uphold the economic integrity of his state.

-jesse



From bzag0  Mon May  2 20:22:01 2005
From: bzag0 (Robert Zagarello)
Date: Mon, 2 May 2005 17:22:01 -0700 (PDT)
Subject: [nycbug-talk] NetBSD V2.0 System Crontab file
Message-ID: <20050503002201.55055.qmail@web53810.mail.yahoo.com>


Somehow I deleted my system crontab file in /etc. I'm
using one from a FreeBSD system, but I'd like to have
the the default that came with the NetBSD V2.0
installation. So if someone has one can you please
post it?  Thanks in advance...  BZAG
 





From okan  Mon May  2 20:42:33 2005
From: okan (Okan Demirmen)
Date: Mon, 2 May 2005 20:42:33 -0400
Subject: [nycbug-talk] NetBSD V2.0 System Crontab file
In-Reply-To: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
References: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
Message-ID: <20050503004233.GA81747@yinaska.pair.com>

On Mon 2005.05.02 at 17:22 -0700, Robert Zagarello wrote:
> 
> Somehow I deleted my system crontab file in /etc. I'm
> using one from a FreeBSD system, but I'd like to have
> the the default that came with the NetBSD V2.0
> installation. So if someone has one can you please
> post it?  Thanks in advance...  BZAG

you may best find it in one of the install tgz's, a checked out cvs, or via
cvsweb - choose your poison.

-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934



From spork  Mon May  2 20:43:30 2005
From: spork (Charles Sprickman)
Date: Mon, 2 May 2005 20:43:30 -0400 (EDT)
Subject: [nycbug-talk] NetBSD V2.0 System Crontab file
In-Reply-To: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
References: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
Message-ID: <Pine.OSX.4.61.0505022041590.4243@gee5.nat.fasttrackmonkey.com>

On Mon, 2 May 2005, Robert Zagarello wrote:

> Somehow I deleted my system crontab file in /etc. I'm
> using one from a FreeBSD system, but I'd like to have
> the the default that came with the NetBSD V2.0
> installation. So if someone has one can you please
> post it?  Thanks in advance...  BZAG

I just mounted a NetBSD 2.0 partition from FBSD on a dual-boot box, and 
there is no /etc/crontab.

There is however a standard "user entry" for root in /var/cron/tabs/root:

#       $NetBSD: crontab,v 1.15 2002/11/27 15:09:17 perry Exp $
#
# /var/cron/tabs/root - root's crontab for NetBSD
#
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
CRON_WITHIN=7200
#
#minute hour    mday    month   wday    command
#
*/10    *       *       *       *       /usr/libexec/atrun
#
# rotate log files every hour, if necessary
0       *       *       *       *       /usr/bin/newsyslog
#
# do daily/weekly/monthly maintenance
15      3       *       *       *       /bin/sh /etc/daily 2>&1 | tee 
/var/log/daily.out | sendmail -t
30      4       *       *       6       /bin/sh /etc/weekly 2>&1 | tee 
/var/log/weekly.out | sendmail -t
#30     5       1       *       *       /bin/sh /etc/monthly 2>&1 | tee 
/var/log/monthly.out | sendmail -t

Charles

>
>
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>



From jesse  Mon May  2 20:43:11 2005
From: jesse (Jesse Callaway)
Date: Mon, 2 May 2005 20:43:11 -0400
Subject: [nycbug-talk] NetBSD V2.0 System Crontab file
In-Reply-To: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
References: <20050503002201.55055.qmail@web53810.mail.yahoo.com>
Message-ID: <200505022043.11819.jesse@theholymountain.com>

On Monday 02 May 2005 08:22 pm, Robert Zagarello says:
> 
> Somehow I deleted my system crontab file in /etc. I'm
> using one from a FreeBSD system, but I'd like to have
> the the default that came with the NetBSD V2.0
> installation. So if someone has one can you please
> post it?  Thanks in advance...  BZAG
>  
> 
####################################
#	$NetBSD: crontab,v 1.15 2002/11/27 15:09:17 perry Exp $
#
# /var/cron/tabs/root - root's crontab for NetBSD
#
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
CRON_WITHIN=7200
#
#minute	hour	mday	month	wday	command
#
*/10	*	*	*	*	/usr/libexec/atrun
#
# rotate log files every hour, if necessary
0	*	*	*	*	/usr/bin/newsyslog
#
# do daily/weekly/monthly maintenance
15	3	*	*	*	/bin/sh /etc/daily 2>&1 | tee /var/log/daily.out | sendmail -t
30	4	*	*	6	/bin/sh /etc/weekly 2>&1 | tee /var/log/weekly.out | sendmail -t
#30	5	1	*	*	/bin/sh /etc/monthly 2>&1 | tee /var/log/monthly.out | sendmail -t
######################################

Bob,

I took a stab at http://cvs.netbsd.org since I only do the batch cvs stuff found in the cvsup scripts and don't really know what I'm doing at a cvs prompt.
Check it out for any individual files you may need from any revision of NetBSD. CVS is Concurrent Versioning System and is a huge shared code project where developers and test compilers (ie: you and me) "check-in" and "check-out" different versions of files in the codebase. Each project has their own database and interface where its files are stored. www.sourceforge.com is a big warehouse for some of these projects.

-jesse


/*-
 * Copyright (c) 2005 The NetBSD Foundation, Inc.
 * All rights reserved.
 *
 * This code is derived from software contributed to The NetBSD Foundation
 * by 
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *        This product includes software developed by the NetBSD
 *        Foundation, Inc. and its contributors.
 * 4. Neither the name of The NetBSD Foundation nor the names of its
 *    contributors may be used to endorse or promote products derived
 *    from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */



From bzag0  Mon May  2 22:00:15 2005
From: bzag0 (Robert Zagarello)
Date: Mon, 2 May 2005 19:00:15 -0700 (PDT)
Subject: [nycbug-talk] NetBSD V2.0 System Crontab file
In-Reply-To: 6667
Message-ID: <20050503020015.18250.qmail@web53808.mail.yahoo.com>


Charles,

I think you've nailed it.  This does explain why my
default disappeared, when I tried putting up one from
root.  Interestingly enough, cron manages to find the
substitute crontab I put up in /etc, which the
documentation suggests cron does (in that it goes
looking for crontabs).  Thanks !  BZAG

--- Charles Sprickman <spork at bway.net> wrote:
> I just mounted a NetBSD 2.0 partition from FBSD on a
> dual-boot box, and 
> there is no /etc/crontab.
> 
> There is however a standard "user entry" for root in
> /var/cron/tabs/root:
> 
> #       $NetBSD: crontab,v 1.15 2002/11/27 15:09:17
> perry Exp $
> #
> # /var/cron/tabs/root - root's crontab for NetBSD
> #
> SHELL=/bin/sh
> PATH=/bin:/sbin:/usr/bin:/usr/sbin
> HOME=/var/log
> CRON_WITHIN=7200
> #
> #minute hour    mday    month   wday    command
> #
> */10    *       *       *       *      
> /usr/libexec/atrun
> #
> # rotate log files every hour, if necessary
> 0       *       *       *       *      
> /usr/bin/newsyslog
> #
> # do daily/weekly/monthly maintenance
> 15      3       *       *       *       /bin/sh
> /etc/daily 2>&1 | tee 
> /var/log/daily.out | sendmail -t
> 30      4       *       *       6       /bin/sh
> /etc/weekly 2>&1 | tee 
> /var/log/weekly.out | sendmail -t
> #30     5       1       *       *       /bin/sh
> /etc/monthly 2>&1 | tee 
> /var/log/monthly.out | sendmail -t
> 
> Charles
> 
> >
> >
> > _______________________________________________
> > % NYC*BUG talk mailing list
> > http://lists.nycbug.org/mailman/listinfo/talk
> > %Be sure to check out our Jobs and NYCBUG-announce
> lists
> > %We meet the first Wednesday of the month
> >
> 





From george  Mon May  2 23:29:41 2005
From: george (George R.)
Date: Mon, 2 May 2005 23:29:41 -0400
Subject: [nycbug-talk] OMFG
Message-ID: <fcc57afce74f51c4acda280135e6b02e@sddi.net>

This is great. ..

http://www.justfuckinggoogleit.com

Of course as list admin, I ban this on *our* list. . .

<g>

g




From bob  Mon May  2 23:41:47 2005
From: bob (Bob Ippolito)
Date: Mon, 2 May 2005 23:41:47 -0400
Subject: [nycbug-talk] OMFG
In-Reply-To: <fcc57afce74f51c4acda280135e6b02e@sddi.net>
References: <fcc57afce74f51c4acda280135e6b02e@sddi.net>
Message-ID: <582EAB86-9A46-4D82-A18A-68F304918B48@redivi.com>


On May 2, 2005, at 11:29 PM, George R. wrote:

> This is great. ..
>
> http://www.justfuckinggoogleit.com
>
> Of course as list admin, I ban this on *our* list. . .

You should probably update the first result here, then:
http://www.justfuckinggoogleit.com/search.pl?query=nycbug 
+communication+guidelines

(wait 15 seconds)

-bob




From george  Tue May  3 10:18:09 2005
From: george (George R.)
Date: Tue, 3 May 2005 10:18:09 -0400
Subject: [nycbug-talk] tshirts
Message-ID: <bc125953889a8645fdc2c7ac5a2ad2af@sddi.net>

This meeting will be the last chance to buy a NYCBUG tshirt for the 
mere price of $15.

Buying a tshirt is critical to NYCBUG's efforts to raise funds for the 
OBSD Hackathon.

http://nycbug.org/index.php?NAV=Store

So that mr. genoverly doesn't need to drag a big bag of them to the 
meeting, please pre-order if you are intent on buying one or more 
tomorrow.

michael at nycbug dot org.

Please specify size (L or XL) and type (Classic or DMESG).

g




From kit  Tue May  3 16:04:57 2005
From: kit (Kit Halsted)
Date: Tue, 3 May 2005 16:04:57 -0400
Subject: [nycbug-talk] (Way OT) Anybody want my Indy?
Message-ID: <p0600204abe9d891797dd@[192.168.3.34]>

Free to good home: SGI Indy w/ max RAM, matching (Granite) 17" 
monitor, kb, mouse, & cam. I'm moving. I'd rather see this go to an 
appreciative geek than get kicked to the curb. Must pick up CPU & 
monitor ASAP, other parts may take a week or 2 to surface.

Cheers,
-Kit



From kit  Tue May  3 16:18:44 2005
From: kit (Kit Halsted)
Date: Tue, 3 May 2005 16:18:44 -0400
Subject: [nycbug-talk] (Way OT) Anybody want my Indy?
In-Reply-To: <p0600204abe9d891797dd@[192.168.3.34]>
References: <p0600204abe9d891797dd@[192.168.3.34]>
Message-ID: <p0600204cbe9d8c2d50f6@[192.168.3.34]>

Looks like the Indy's gone! (That was quick!)

Next item up for free: Minolta Color Pageworks PS Plus workgroup 
color laser printer w/ 10/100 ethernet, Genuine Adobe PostScript 3, 
PCL-something, & max RAM. Black toner almost empty. (Again, must go 
ASAP.)

-Kit "I have too much stuff" Halsted

At 4:04 PM -0400 5/3/05, Kit Halsted wrote:
>Free to good home: SGI Indy w/ max RAM, matching (Granite) 17" 
>monitor, kb, mouse, & cam. I'm moving. I'd rather see this go to an 
>appreciative geek than get kicked to the curb. Must pick up CPU & 
>monitor ASAP, other parts may take a week or 2 to surface.
>
>Cheers,
>-Kit
>_______________________________________________
>% NYC*BUG talk mailing list
>http://lists.nycbug.org/mailman/listinfo/talk
>%Be sure to check out our Jobs and NYCBUG-announce lists
>%We meet the first Wednesday of the month





From spork  Tue May  3 16:19:07 2005
From: spork (Charles Sprickman)
Date: Tue, 3 May 2005 16:19:07 -0400 (EDT)
Subject: [nycbug-talk] (Way OT) Anybody want my Indy?
In-Reply-To: <p0600204cbe9d8c2d50f6@[192.168.3.34]>
References: <p0600204abe9d891797dd@[192.168.3.34]>
	<p0600204cbe9d8c2d50f6@[192.168.3.34]>
Message-ID: <Pine.OSX.4.61.0505031618411.4243@gee5.nat.fasttrackmonkey.com>

Just in case you come up with more stuff...  Where are you located?

Charles

On Tue, 3 May 2005, Kit Halsted wrote:

> Looks like the Indy's gone! (That was quick!)
>
> Next item up for free: Minolta Color Pageworks PS Plus workgroup color laser 
> printer w/ 10/100 ethernet, Genuine Adobe PostScript 3, PCL-something, & max 
> RAM. Black toner almost empty. (Again, must go ASAP.)
>
> -Kit "I have too much stuff" Halsted
>
> At 4:04 PM -0400 5/3/05, Kit Halsted wrote:
>> Free to good home: SGI Indy w/ max RAM, matching (Granite) 17" monitor, kb, 
>> mouse, & cam. I'm moving. I'd rather see this go to an appreciative geek 
>> than get kicked to the curb. Must pick up CPU & monitor ASAP, other parts 
>> may take a week or 2 to surface.
>> 
>> Cheers,
>> -Kit
>> _______________________________________________
>> % NYC*BUG talk mailing list
>> http://lists.nycbug.org/mailman/listinfo/talk
>> %Be sure to check out our Jobs and NYCBUG-announce lists
>> %We meet the first Wednesday of the month
>
>
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>



From kit  Tue May  3 16:33:47 2005
From: kit (Kit Halsted)
Date: Tue, 3 May 2005 16:33:47 -0400
Subject: [nycbug-talk] (Way OT) Anybody want my Indy?
Message-ID: <p06002054be9d90a35ca9@[192.168.3.34]>

The printer has found a new home as well.

-Kit

At 4:18 PM -0400 5/3/05, Kit Halsted wrote:
>Looks like the Indy's gone! (That was quick!)




From matt  Tue May  3 19:45:07 2005
From: matt (Matthew Terenzio)
Date: Tue, 3 May 2005 19:45:07 -0400
Subject: [nycbug-talk] default blocked ports?
Message-ID: <d14d93bb5802d1fbc5a230de50f04e96@jobsforge.com>


Hi ,
Google can't read my mind today so I must ask the community's help.

Do I need to explicitly allow connections in a default installation of 
FreeBSD 5.3? Like port 5222 for XMPP, for instance.

I'm trying to launch a jabberd server and getting this alert:

io_select unable to listen on 5222 [(null)]: jabberd already running or 
invalid interface?

Jabberd isn't running anywhere else which leads me to believe I 
connections might disabled by default.


Thanks,

Matt




From nomadlogic  Tue May  3 22:48:02 2005
From: nomadlogic (pete wright)
Date: Tue, 3 May 2005 19:48:02 -0700
Subject: [nycbug-talk] default blocked ports?
In-Reply-To: <d14d93bb5802d1fbc5a230de50f04e96@jobsforge.com>
References: <d14d93bb5802d1fbc5a230de50f04e96@jobsforge.com>
Message-ID: <57d71000050503194849e6390e@mail.gmail.com>

On 5/3/05, Matthew Terenzio <matt at jobsforge.com> wrote:
> 
> Hi ,
> Google can't read my mind today so I must ask the community's help.
> 
> Do I need to explicitly allow connections in a default installation of
> FreeBSD 5.3? Like port 5222 for XMPP, for instance.
> 
ipfw or pf should not be installed by default on FreeBSD.  Check
/etc/defaults/rc.conf to see what default settings are enabled for
you.  These can be overrided in /etc/rc.conf.

> I'm trying to launch a jabberd server and getting this alert:
> 
> io_select unable to listen on 5222 [(null)]: jabberd already running or
> invalid interface?
> 
> Jabberd isn't running anywhere else which leads me to believe I
> connections might disabled by default.

does netstat show anything running on those ports?

-p


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From tux  Tue May  3 22:55:43 2005
From: tux (Kevin Reiter)
Date: Tue, 03 May 2005 22:55:43 -0400
Subject: [nycbug-talk] default blocked ports?
In-Reply-To: <57d71000050503194849e6390e@mail.gmail.com>
References: <d14d93bb5802d1fbc5a230de50f04e96@jobsforge.com>
	<57d71000050503194849e6390e@mail.gmail.com>
Message-ID: <427839AF.6030007@penguinnetwerx.net>

pete wright wrote:
> On 5/3/05, Matthew Terenzio <matt at jobsforge.com> wrote:
> 
>>Hi ,
>>Google can't read my mind today so I must ask the community's help.
>>
>>Do I need to explicitly allow connections in a default installation of
>>FreeBSD 5.3? Like port 5222 for XMPP, for instance.
>>
> 
> ipfw or pf should not be installed by default on FreeBSD.  Check
> /etc/defaults/rc.conf to see what default settings are enabled for
> you.  These can be overrided in /etc/rc.conf.
> 
> 
>>I'm trying to launch a jabberd server and getting this alert:
>>
>>io_select unable to listen on 5222 [(null)]: jabberd already running or
>>invalid interface?
>>
>>Jabberd isn't running anywhere else which leads me to believe I
>>connections might disabled by default.
> 
> 
> does netstat show anything running on those ports?

If you haven't already, you need to add the following in /etc/rc.conf:

jabberd_enable="YES"
jabberd_user={user}

(I checked the /etc/defaults/rc.conf on a 5.3 box and the FreeBSD mailing 
list archive for verification on this, FYI)

HTH
-Kevin



From george  Wed May  4 11:29:29 2005
From: george (George R.)
Date: Wed, 4 May 2005 11:29:29 -0400
Subject: [nycbug-talk] after-meeting bar. . . 
Message-ID: <6fca06f973b395a5cce1992d55fbe214@sddi.net>

Anyone have ideas on an after-meeting bar for tonight?

Denizen ist kaput.

g




From george  Wed May  4 12:25:57 2005
From: george (George Georgalis)
Date: Wed, 4 May 2005 12:25:57 -0400
Subject: [nycbug-talk] after-meeting bar. . .
In-Reply-To: <6fca06f973b395a5cce1992d55fbe214@sddi.net>
References: <6fca06f973b395a5cce1992d55fbe214@sddi.net>
Message-ID: <20050504162557.GA6951@sta.local>

On Wed, May 04, 2005 at 11:29:29AM -0400, G Rosamond wrote:
>Anyone have ideas on an after-meeting bar for tonight?
>
>Denizen ist kaput.
>

City Hall?

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From lists  Thu May  5 09:06:47 2005
From: lists (michael)
Date: Thu, 5 May 2005 09:06:47 -0400
Subject: [nycbug-talk] OpenBSD upgrade
Message-ID: <20050505090647.4647bb3a@delinux.abwatley.com>

All,

I will be bringing a headless, cd-less sun netra box up from OpenBSD 3.5
to 3.6. Does anyone have any advice in addition to...

http://openbsd.org/faq/upgrade36.html

Michael

-- 
---



From daggerquill  Thu May  5 09:40:11 2005
From: daggerquill (Jay Savage)
Date: Thu, 5 May 2005 09:40:11 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <20050505090647.4647bb3a@delinux.abwatley.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
Message-ID: <4ce365ec05050506406c50e49@mail.gmail.com>

On 5/5/05, michael <lists at genoverly.net> wrote:
> All,
> 
> I will be bringing a headless, cd-less sun netra box up from OpenBSD 3.5
> to 3.6. Does anyone have any advice in addition to...
> 
> http://openbsd.org/faq/upgrade36.html
> 
> Michael
> 

Micheal,

That depends on how your server is configured.  My gut reaction is to
say skip 3.6 completely and install 3.7 when it becomes available for
download on the 19th.  If you really want to get moving on it, order a
CD--they're already shipping--and mount it from somewhere else. 
There's no clean upgrade path from 3.6 to 3.7, but assuming you've got
a sane partition scheme, just make backups of your config files and
install over everything except your dtata partitions.  The obsd
upgrade procedure basically boils down to 'rm -rf; install;
mergemaster' anyway.

--jay



From lists  Thu May  5 10:08:31 2005
From: lists (michael)
Date: Thu, 5 May 2005 10:08:31 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <4ce365ec05050506406c50e49@mail.gmail.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
	<4ce365ec05050506406c50e49@mail.gmail.com>
Message-ID: <20050505100831.523a55e1@delinux.abwatley.com>

On Thu, 5 May 2005 09:40:11 -0400
Jay Savage <daggerquill at gmail.com> wrote:

> Micheal,
> 
> That depends on how your server is configured.  My gut reaction is to
> say skip 3.6 completely and install 3.7 when it becomes available for
> download on the 19th.  
This is actually in preparation for 3.7.  I was going by the very first
sentence on the aformentioned web page, "Note: Upgrades are only
supported from release to release, it is recommended that you NOT skip
releases."

> If you really want to get moving on it, order a
> CD--they're already shipping--and mount it from somewhere else. 
I have already pre-ordered!

> There's no clean upgrade path from 3.6 to 3.7, 
whoa.. that was the first I heard of that.  Is that what you infer from
the 37 upgrade page?   http://openbsd.org/faq/upgrade37.html

"Upgrading is a convenient way to bring your OpenBSD system up to the
most recent version. However, the results are not intended to precisely
match the results of a wipe-and-reload installation. Old library files
in particular are not removed in the upgrade process, as they may be
required by older applications that may or may not be upgraded at this
time. If you REALLY wish to get rid of all these old files, you would
probably be better off reinstalling from scratch. "

I may take that last sentence to heart.  Installing OpenBSD has always
been really easy.  It is recreating the existing environment that is
consuming.  Good thing I took notes.

Thanks for the reply.
Michael

-- 
---



From nycbug  Thu May  5 11:27:38 2005
From: nycbug (Ray)
Date: Thu, 5 May 2005 11:27:38 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <20050505090647.4647bb3a@delinux.abwatley.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
Message-ID: <20050505152738.GB26688@syntax.cyth.net>

On Thu, May 05, 2005 at 09:06:47AM -0400, michael wrote:
> I will be bringing a headless, cd-less sun netra box up from OpenBSD 3.5
> to 3.6. Does anyone have any advice in addition to...
> 
> http://openbsd.org/faq/upgrade36.html

I like mergemaster.

-Ray-

--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
						Paul Graham



From bruno  Thu May  5 15:09:45 2005
From: bruno (bruno)
Date: Thu, 5 May 2005 15:09:45 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <20050505090647.4647bb3a@delinux.abwatley.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
Message-ID: <20050505190945.GA6875@loftmail.com>

On Thu, May 05, 2005 at 09:06:47AM -0400, michael wrote:
> All,
> 
> I will be bringing a headless, cd-less sun netra box up from OpenBSD 3.5
> to 3.6. Does anyone have any advice in addition to...
> 
> http://openbsd.org/faq/upgrade36.html

If you can, practice at home/work (with local server, upgrade it remotely).
If you can, hook up serial console to the sun.



From ike  Thu May  5 15:21:09 2005
From: ike (Isaac Levy)
Date: Thu, 5 May 2005 15:21:09 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <20050505190945.GA6875@loftmail.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
	<20050505190945.GA6875@loftmail.com>
Message-ID: <70b09f82fa8db8cd93e0b490c6511f08@lesmuug.org>

Yo,

On May 5, 2005, at 3:09 PM, bruno wrote:

> On Thu, May 05, 2005 at 09:06:47AM -0400, michael wrote:
>> All,
>>
>> I will be bringing a headless, cd-less sun netra box up from OpenBSD 
>> 3.5
>> to 3.6. Does anyone have any advice in addition to...
>>
>> http://openbsd.org/faq/upgrade36.html
>
> If you can, practice at home/work (with local server, upgrade it 
> remotely).
> If you can, hook up serial console to the sun.

Michael- I have a DEC VT220 if you want to take it- (needs a keyboard)- 
  Perhaps one day down the road I'll score another one- but I'm 
certainly not using it now.

Rocket-
.ike




From lists  Thu May  5 15:33:15 2005
From: lists (michael)
Date: Thu, 5 May 2005 15:33:15 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <70b09f82fa8db8cd93e0b490c6511f08@lesmuug.org>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
	<20050505190945.GA6875@loftmail.com>
	<70b09f82fa8db8cd93e0b490c6511f08@lesmuug.org>
Message-ID: <20050505153315.1bb55ea3@delinux.abwatley.com>

On Thu, 5 May 2005 15:21:09 -0400
Isaac Levy <ike at lesmuug.org> wrote:

> Michael- I have a DEC VT220 if you want to take it- (needs a
> keyboard)- 
>   Perhaps one day down the road I'll score another one- but I'm 
> certainly not using it now.
> 

Ike, that is generous, but I won't need it, thanks.  
Bruno, I have a few serial crossover cables just for these situations.

I was the one who loaded 3.5 on it in the first place so it is not new
to me.  I was just looking for any upgrade 'gotchas' from the commuity.

I guess the mention of the hardware was superfluous, sorry.

Thanks again,
Michael

-- 
---



From nikolai.fetissov  Thu May  5 18:29:49 2005
From: nikolai.fetissov (Nikolai N. Fetissov)
Date: Thu, 5 May 2005 18:29:49 -0400 (EDT)
Subject: [nycbug-talk] May meeting audio
Message-ID: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>

Audio recording of Roland's presentation is available
at http://www.peachisland.com/nycbug/
Sorry for the delay ;)
-- 
 nick



From ike  Thu May  5 21:20:08 2005
From: ike (Isaac Levy)
Date: Thu, 5 May 2005 21:20:08 -0400
Subject: [nycbug-talk] May meeting audio
In-Reply-To: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>
References: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>
Message-ID: <67dd798804d6f845950a84338625602c@lesmuug.org>

Wordup Nikolai,

On May 5, 2005, at 6:29 PM, Nikolai N. Fetissov wrote:

> Audio recording of Roland's presentation is available
> at http://www.peachisland.com/nycbug/
> Sorry for the delay ;)
> -- 
>  nick

Delay? :)  You rock dude.

Thanks!!! I was soooo late last night I missed most everything!

Rocket-
.ike





From jpb  Thu May  5 21:22:15 2005
From: jpb (Jim Brown)
Date: Thu, 5 May 2005 21:22:15 -0400
Subject: [nycbug-talk] May meeting audio
In-Reply-To: <67dd798804d6f845950a84338625602c@lesmuug.org>
References: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>
	<67dd798804d6f845950a84338625602c@lesmuug.org>
Message-ID: <20050506012215.GB46572@sixshooter.v6.thrupoint.net>

* Isaac Levy <ike at lesmuug.org> [2005-05-05 21:20]:
> Wordup Nikolai,
> 
> On May 5, 2005, at 6:29 PM, Nikolai N. Fetissov wrote:
> 
> >Audio recording of Roland's presentation is available
> >at http://www.peachisland.com/nycbug/
> >Sorry for the delay ;)
> >-- 
> > nick
> 
> Delay? :)  You rock dude.
> 
> Thanks!!! I was soooo late last night I missed most everything!
> 
> Rocket-
> .ike
> 

I was so late, I never got there.  (Car trouble in Pennsylvania.)

So I will definitely be interested in the audio.

Thanks!

Jim B.




From george  Thu May  5 21:53:43 2005
From: george (George R.)
Date: Thu, 05 May 2005 21:53:43 -0400
Subject: [nycbug-talk] May meeting audio
In-Reply-To: <20050506012215.GB46572@sixshooter.v6.thrupoint.net>
References: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>	<67dd798804d6f845950a84338625602c@lesmuug.org>
	<20050506012215.GB46572@sixshooter.v6.thrupoint.net>
Message-ID: <427ACE27.10808@sddi.net>

Jim Brown wrote:

>* Isaac Levy <ike at lesmuug.org> [2005-05-05 21:20]:
>  
>
>>Wordup Nikolai,
>>
>>On May 5, 2005, at 6:29 PM, Nikolai N. Fetissov wrote:
>>
>>    
>>
>>>Audio recording of Roland's presentation is available
>>>at http://www.peachisland.com/nycbug/
>>>Sorry for the delay ;)
>>>-- 
>>>nick
>>>      
>>>
>>Delay? :)  You rock dude.
>>
>>Thanks!!! I was soooo late last night I missed most everything!
>>
>>Rocket-
>>.ike
>>
>>    
>>
>
>I was so late, I never got there.  (Car trouble in Pennsylvania.)
>
>So I will definitely be interested in the audio.
>
>Thanks!
>  
>
Well, I for one was there and on time, but am very appreciative of 
nikolai's regular effort.

You should give us some idea about hit count on the audio. . . i'd be 
very curious. . .

I know on the NYCBUG site, Kirk and Eric's talks still get hit. ..

g



From okan  Thu May  5 23:12:35 2005
From: okan (Okan Demirmen)
Date: Thu, 5 May 2005 23:12:35 -0400
Subject: [nycbug-talk] got hardware?
Message-ID: <20050506031235.GB95910@yinaska.pair.com>

Greetings all.

As you all may know by now, NYI has graciously donated us bandwidth and space.
We are actively looking for projects in which we, collectively, would like to
support. See my past mail about any projects you feel you'd like on the list.

However, we have a small catch-22 ;) We have space, power and bandwidth and
little to put in there. Wondering if anyone has any machines they'd like to
donate, solely for the purposes of NYCBUG. The donated servers will go to use
as our mail/www/firewall/dns/etc services. We have one decent server coming in
to be used as our main www/sql server and possibly another older one.

Initially, what we need are 2 medium powered boxes to do some firewalling and
bandwidth shaping for us. We will be hosting other projects' boxes, so we need
to control it somewhat. Since space will be at a premium, 1u - 2u boxes would
be much appreciated. The boxes don't need to be anything new either, just
something circa 2000. But we won't turn away much ;)

Of course we don't expect anyone to go out and buy anything (unless you really
really really want to), but we're asking our members if they, or more
importantly, their employers have anything to donate. We will work with
whomever to make sure they get credit for their donations (i.e. mentions on
our website).

Thanks!

-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934



From george  Thu May  5 22:22:51 2005
From: george (George)
Date: Thu, 05 May 2005 22:22:51 -0400
Subject: [nycbug-talk] got hardware?
In-Reply-To: <20050506031235.GB95910@yinaska.pair.com>
References: <20050506031235.GB95910@yinaska.pair.com>
Message-ID: <427AD4FB.7070704@sddi.net>

Okan Demirmen wrote:

>Greetings all.
>
>As you all may know by now, NYI has graciously donated us bandwidth and space.
>We are actively looking for projects in which we, collectively, would like to
>support. See my past mail about any projects you feel you'd like on the list.
>  
>
As an FYI, there is currently an anoncvs box up from OBSD:

*CVSROOT=anoncvs at anoncvs.nyc.openbsd.org:/cvs*
Located at the New York Internet, NYC, eastern USA.
Maintained by Michael Shalayeff <mailto:mickey at openbsd.org>.
Protocols: rsh, ssh, ssh port 2022, pserver.
Updated every 2 hours.
SSH fingerprints:
(RSA1) 1024 ff:97:fc:34:c6:09:7f:b2:bd:31:4e:d5:51:ce:f3:44
(RSA) 1024 05:ac:be:be:f8:f6:ab:63:5e:80:6c:be:d3:31:41:cd
(DSA) 1024 89:be:38:4d:2a:1b:1a:db:93:65:9d:36:7f:ee:d2:76

>However, we have a small catch-22 ;) We have space, power and bandwidth and
>little to put in there. Wondering if anyone has any machines they'd like to
>donate, solely for the purposes of NYCBUG. The donated servers will go to use
>as our mail/www/firewall/dns/etc services. We have one decent server coming in
>to be used as our main www/sql server and possibly another older one.
>  
>
One just came into NYI today. . .

>Initially, what we need are 2 medium powered boxes to do some firewalling and
>bandwidth shaping for us. We will be hosting other projects' boxes, so we need
>to control it somewhat. Since space will be at a premium, 1u - 2u boxes would
>be much appreciated. The boxes don't need to be anything new either, just
>something circa 2000. But we won't turn away much ;)
>
>Of course we don't expect anyone to go out and buy anything (unless you really
>really really want to), but we're asking our members if they, or more
>importantly, their employers have anything to donate. We will work with
>whomever to make sure they get credit for their donations (i.e. mentions on
>our website).
>  
>
We need to open a general discussion on the following:

1.  what other projects, outside of the BSD projects, that we should 
provide mirrors or space to, such as FreeSBIE, BSDCertification.org, 
something for Daemon News. . . etc.

2.  What services we could/should provide to NYCBUG members, such as 
DNS, @nycbug.org mail forwards, etc?

3.  And most importantly, *who* is interested in becoming admins. . . . 
a couple should be able to get onsite for hardware issues, others for 
remote admin of the services.  As an FYI, NYI people provide awesome 
service, real quick response time on tickets, but we don't want to drive 
them nuts.  They are already doing us a huge favor, not to mention what 
they are doing for the BSD community in general.

4.  Finally, all the projects have been notified about the cabinet.  
Christos of NetBSD was at our meeting last night, and we have opened up 
discussion with someone from each project.

Big thanks to New York Internet. . .

g



From dlavigne6  Fri May  6 13:31:28 2005
From: dlavigne6 (Dru)
Date: Fri, 6 May 2005 13:31:28 -0400 (EDT)
Subject: [nycbug-talk] 2 new blogs
Message-ID: <20050506133113.A633@dru.domain.org>


http://weblogs.oreillynet.com/

Dru



From george  Fri May  6 13:42:54 2005
From: george (George)
Date: Fri, 06 May 2005 13:42:54 -0400
Subject: [nycbug-talk] 2 new blogs
In-Reply-To: <20050506133113.A633@dru.domain.org>
References: <20050506133113.A633@dru.domain.org>
Message-ID: <427BAC9E.1070506@sddi.net>

Dru wrote:

>
> http://weblogs.oreillynet.com/

About time you mentioned NYCBUG again Dru.

I thought you were ignoring us in your blogs.

;-)

We need to put together an announcement about our New York Internet 
cabinet, which is something that a layer of the community is aware of, 
but more people should be.

On my way to get Pete's box up. . .

g



From george  Fri May  6 13:48:19 2005
From: george (George)
Date: Fri, 06 May 2005 13:48:19 -0400
Subject: [nycbug-talk] BSD Cert survey partial results. . .
Message-ID: <427BADE3.2060908@sddi.net>

If you haven't yet done the survey, it's probably time you did. . .

Here's a status from our own Jim Brown. . .

http://lists.nycbug.org/pipermail/bsdcert/2005-May/000460.html



From nikolai.fetissov  Fri May  6 16:31:20 2005
From: nikolai.fetissov (Nikolai N. Fetissov)
Date: Fri, 6 May 2005 16:31:20 -0400 (EDT)
Subject: [nycbug-talk] May meeting audio
In-Reply-To: <427ACE27.10808@sddi.net>
References: <1066.24.44.76.146.1115332189.squirrel@www.geekisp.com>	<67dd798804d6f845950a84338625602c@lesmuug.org>
	<20050506012215.GB46572@sixshooter.v6.thrupoint.net>
	<427ACE27.10808@sddi.net>
Message-ID: <1865.63.66.6.22.1115411480.squirrel@www.geekisp.com>


On Thu, May 5, 2005 9:53 pm, George R. said:
> Jim Brown wrote:
>
>>* Isaac Levy <ike at lesmuug.org> [2005-05-05 21:20]:
>>
>>
>>>Wordup Nikolai,
>>>
>>>On May 5, 2005, at 6:29 PM, Nikolai N. Fetissov wrote:
>>>
>>>
>>>
>>>>Audio recording of Roland's presentation is available
>>>>at http://www.peachisland.com/nycbug/
>>>>Sorry for the delay ;)
>>>>--
>>>>nick
>>>>
>>>>
>>>Delay? :)  You rock dude.
>>>
>>>Thanks!!! I was soooo late last night I missed most everything!
>>>
>>>Rocket-
>>>.ike
>>>
>>>
>>>
>>
>>I was so late, I never got there.  (Car trouble in Pennsylvania.)
>>
>>So I will definitely be interested in the audio.
>>
>>Thanks!
>>
>>
> Well, I for one was there and on time, but am very appreciative of
> nikolai's regular effort.
>
> You should give us some idea about hit count on the audio. . . i'd be
> very curious. . .
>
> I know on the NYCBUG site, Kirk and Eric's talks still get hit. ..
>
> g

The stats are not that high, I have only 212 hits on the audio files
(and about twice of that on the /nycbug/index.html) since I put the first
audio up (and that was my recording of Kirk/Eric's talks), but it's
rising every month.
--
 nick
 ps: thanks to GeekISP for the stats. Excellent service, Dave :)



From nomadlogic  Fri May  6 17:22:03 2005
From: nomadlogic (pete wright)
Date: Fri, 6 May 2005 14:22:03 -0700
Subject: [nycbug-talk] sparc64 disk question
Message-ID: <57d710000505061422404dc906@mail.gmail.com>

hey all,
     So I have an IDE disk that has a UFS partition on it that was
created on a sparc64/netbsd box.  I know that this is probably not
possible, but I'd like to try to mount it on an x86/freebsd 5.x box. 
I can see the disk iin my dmesg and in /dev, but none of the slices
are showing up.  Is it wishfull thinking that I may be able to get
this disk recognized on a 32bit box.  Me thinks not for the obvious
reasons...still worth a shot eh?

-p
  
-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From mickey  Fri May  6 17:09:40 2005
From: mickey (Michael Shalayeff)
Date: Fri, 6 May 2005 17:09:40 -0400 (EDT)
Subject: [nycbug-talk] sparc64 disk question
In-Reply-To: <57d710000505061422404dc906@mail.gmail.com> from pete wright at
	"May 6, 2005 02:22:03 pm"
Message-ID: <200505062109.j46L9eoY028944@lucifier.net>

Making, drinking tea and reading an opus magnum from pete wright:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> hey all,
>      So I have an IDE disk that has a UFS partition on it that was
> created on a sparc64/netbsd box.  I know that this is probably not
> possible, but I'd like to try to mount it on an x86/freebsd 5.x box. 
> I can see the disk iin my dmesg and in /dev, but none of the slices
> are showing up.  Is it wishfull thinking that I may be able to get
> this disk recognized on a 32bit box.  Me thinks not for the obvious
> reasons...still worth a shot eh?

disklabel is of a different format (sun disklabel)
ufs is of different endianess

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From nomadlogic  Fri May  6 17:36:20 2005
From: nomadlogic (pete wright)
Date: Fri, 6 May 2005 14:36:20 -0700
Subject: [nycbug-talk] sparc64 disk question
In-Reply-To: <200505062109.j46L9eoY028944@lucifier.net>
References: <57d710000505061422404dc906@mail.gmail.com>
	<200505062109.j46L9eoY028944@lucifier.net>
Message-ID: <57d71000050506143620549ff6@mail.gmail.com>

On 5/6/05, Michael Shalayeff <mickey at lucifier.net> wrote:
> Making, drinking tea and reading an opus magnum from pete wright:
> [Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > hey all,
> >      So I have an IDE disk that has a UFS partition on it that was
> > created on a sparc64/netbsd box.  I know that this is probably not
> > possible, but I'd like to try to mount it on an x86/freebsd 5.x box.
> > I can see the disk iin my dmesg and in /dev, but none of the slices
> > are showing up.  Is it wishfull thinking that I may be able to get
> > this disk recognized on a 32bit box.  Me thinks not for the obvious
> > reasons...still worth a shot eh?
> 
> disklabel is of a different format (sun disklabel)
> ufs is of different endianess
> 

cool, figured somthing along those lines but now I know the specific
reasons :)  thanks!


-pete



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From lists  Fri May  6 18:11:40 2005
From: lists (michael)
Date: Fri, 6 May 2005 18:11:40 -0400
Subject: [nycbug-talk] Fw: Que and Sams Open Source User Group Newsletter
Message-ID: <20050506181140.70bda2a6@delinux.abwatley.com>

(forwarded as-is)

Begin forwarded message:

Date: Fri, 6 May 2005 16:55:41 -0500
From: pearsoned.com
Subject: Que and Sams Open Source User Group Newsletter


************************************************************
*  If you can see this, your e-mail reader cannot display  *
*  HTML. You can read the Newsletter on the site at        *
*  http://www.samspublishing.com/osugnewsletter            *
************************************************************




-- 
---
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nycbug.org/pipermail/talk/attachments/20050506/2227d853/attachment.html 


From ryanseu  Sat May  7 12:32:40 2005
From: ryanseu (Ryan Seu)
Date: Sat, 7 May 2005 12:32:40 -0400
Subject: [nycbug-talk] Question about implementing VPN wiht freeBSD
Message-ID: <96b52a6005050709326aaa9f5@mail.gmail.com>

Hey guys, it's the noob again :)

I'm right now considering between using freeBSD and CISCO PIX to
implement a Firewall and VPN between a central office and few branch
offices. I'm pretty familiar with PIX but I know next to nothing about
issues with implementing VPN with BSD. The handbook does a good job of
helping me set up but I was wondering if there are any
compatibility/performance issues with freeBSD that I should know.

Thanks
Ryan



From jonathan  Sat May  7 13:33:59 2005
From: jonathan (Jonathan)
Date: Sat, 07 May 2005 13:33:59 -0400
Subject: [nycbug-talk] Question about implementing VPN wiht freeBSD
In-Reply-To: <96b52a6005050709326aaa9f5@mail.gmail.com>
References: <96b52a6005050709326aaa9f5@mail.gmail.com>
Message-ID: <427CFC07.5070909@kc8onw.net>

Ryan Seu wrote:
> Hey guys, it's the noob again :)
> 
> I'm right now considering between using freeBSD and CISCO PIX to
> implement a Firewall and VPN between a central office and few branch
> offices. I'm pretty familiar with PIX but I know next to nothing about
> issues with implementing VPN with BSD. The handbook does a good job of
> helping me set up but I was wondering if there are any
> compatibility/performance issues with freeBSD that I should know.
> 

In my (admittedly limited) experience with setting up a VPN I used 
OpenVPN 2 [1] which is in the ports collection [2].  It has quite a few 
features and can do a layer 2 or layer 3 VPN.  The layer 2 is nice for 
games that require UDP broadcast support :) but does not scale very well 
for obvious reasons.  It supports either shared secret encryption or SSL 
certificate based and can support multiple VPNs on a single server port, 
instead of needing a port per connection.  It has a very nice logging 
output which has a fairly large range of detail levels which makes it 
relatively easy to figure out why something is not working how it was 
expected to.

I don't know anything about Cisco PIX and I'm feeling too lazy to Google 
it right now as I'm reading up on firewalls so my opinion is quite biased.

[1] http://openvpn.net/
[2] http://www.freebsd.org/cgi/ports.cgi?query=openvpn&stype=all

Hope this helps,
Jonathan



From george  Sat May  7 13:49:17 2005
From: george (George)
Date: Sat, 07 May 2005 13:49:17 -0400
Subject: [nycbug-talk] RDesktop
Message-ID: <427CFF9D.2010106@sddi.net>

I realize that this list should just be a 'hey, look what i found in 
FBSD ports', but that's precisely what I wanted to say. . .

http://www.rdesktop.org/

Great application, lots of configurability.

Just what you need if you manage Windows servers. . .

Thanks JC. . .

g



From tux  Sat May  7 14:55:18 2005
From: tux (Kevin Reiter)
Date: Sat, 07 May 2005 14:55:18 -0400
Subject: [nycbug-talk] RDesktop
In-Reply-To: <427CFF9D.2010106@sddi.net>
References: <427CFF9D.2010106@sddi.net>
Message-ID: <427D0F16.8010800@penguinnetwerx.net>

George wrote:
> I realize that this list should just be a 'hey, look what i found in 
> FBSD ports', but that's precisely what I wanted to say. . .
> 
> http://www.rdesktop.org/
> 
> Great application, lots of configurability.
> 
> Just what you need if you manage Windows servers. . .

I've been using rdesktop since about 1998-ish, both in Linux (not so much 
since I became a FreeBSD convert :) and FreeBSD.  It's an awesome tool to 
have in your toolbox, and the setup and configuration or extremely easy. 
You can even make shell scripts for each server you want to connect to, 
etc. etc. blah blah

If anyone has any questions about it, feel free to ping me on them.

-Kev



From jdev  Fri May  6 21:22:11 2005
From: jdev (Jed Davis)
Date: Sat, 7 May 2005 01:22:11 +0000 (UTC)
Subject: [nycbug-talk] Re: sparc64 disk question
References: <57d710000505061422404dc906@mail.gmail.com>
	<200505062109.j46L9eoY028944@lucifier.net>
Message-ID: <d5h583$noq$1@sea.gmane.org>

In article <200505062109.j46L9eoY028944 at lucifier.net>,
Michael Shalayeff  <mickey at lucifier.net> wrote:
> Making, drinking tea and reading an opus magnum from pete wright:
> > hey all,
> >      So I have an IDE disk that has a UFS partition on it that was
> > created on a sparc64/netbsd box.  I know that this is probably not
> > possible, but I'd like to try to mount it on an x86/freebsd 5.x box. 
> > I can see the disk iin my dmesg and in /dev, but none of the slices
> > are showing up.  Is it wishfull thinking that I may be able to get
> > this disk recognized on a 32bit box.  Me thinks not for the obvious
> > reasons...still worth a shot eh?
> 
> disklabel is of a different format (sun disklabel)
> ufs is of different endianess

The latter problem can, if FreeBSD is anything like NetBSD here, be
fixed by setting the FFS_EI option in the kernel config; this would be
documented in options(4).  As far as the former, isn't there a loadable
GEOM module for sun disklabels?

-- 
(let ((C call-with-current-continuation)) (apply (lambda (x y) (x y)) (map
((lambda (r) ((C C) (lambda (s) (r (lambda l (apply (s s) l))))))  (lambda
(f) (lambda (l) (if (null? l) C (lambda (k) (display (car l)) ((f (cdr l))
(C k)))))))    '((#\J #\d #\D #\v #\s) (#\e #\space #\a #\i #\newline)))))




From branto  Sat May  7 20:24:31 2005
From: branto (Brant I. Stevens)
Date: Sat, 07 May 2005 20:24:31 -0400
Subject: [nycbug-talk] RDesktop
In-Reply-To: <427D0F16.8010800@penguinnetwerx.net>
Message-ID: <BEA2D47F.7391D%branto@branto.com>

It's great on the Mac as well...  If you use the Microsoft-supplied client,
you can only connect to one server at a time. >=\


On 5/7/05 2:55 PM, "Kevin Reiter" <tux at penguinnetwerx.net> wrote:

> George wrote:
>> I realize that this list should just be a 'hey, look what i found in
>> FBSD ports', but that's precisely what I wanted to say. . .
>> 
>> http://www.rdesktop.org/
>> 
>> Great application, lots of configurability.
>> 
>> Just what you need if you manage Windows servers. . .
> 
> I've been using rdesktop since about 1998-ish, both in Linux (not so much
> since I became a FreeBSD convert :) and FreeBSD.  It's an awesome tool to
> have in your toolbox, and the setup and configuration or extremely easy.
> You can even make shell scripts for each server you want to connect to,
> etc. etc. blah blah
> 
> If anyone has any questions about it, feel free to ping me on them.
> 
> -Kev
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month





From bob  Sat May  7 22:58:00 2005
From: bob (Bob Ippolito)
Date: Sat, 7 May 2005 22:58:00 -0400
Subject: [nycbug-talk] RDesktop
In-Reply-To: <BEA2D47F.7391D%branto@branto.com>
References: <BEA2D47F.7391D%branto@branto.com>
Message-ID: <918EE5A7-82A7-4529-9F1C-5F26EAE2DC34@redivi.com>

On May 7, 2005, at 8:24 PM, Brant I. Stevens wrote:

> On 5/7/05 2:55 PM, "Kevin Reiter" <tux at penguinnetwerx.net> wrote:
>
>> George wrote:
>>
>>> I realize that this list should just be a 'hey, look what i found in
>>> FBSD ports', but that's precisely what I wanted to say. . .
>>>
>>> http://www.rdesktop.org/
>>>
>>> Great application, lots of configurability.
>>>
>>> Just what you need if you manage Windows servers. . .
>>>
>>
>> I've been using rdesktop since about 1998-ish, both in Linux (not  
>> so much
>> since I became a FreeBSD convert :) and FreeBSD.  It's an awesome  
>> tool to
>> have in your toolbox, and the setup and configuration or extremely  
>> easy.
>> You can even make shell scripts for each server you want to  
>> connect to,
>> etc. etc. blah blah
>>
>> If anyone has any questions about it, feel free to ping me on them.
>>
> It's great on the Mac as well...  If you use the Microsoft-supplied  
> client,
> you can only connect to one server at a time. >=\

If you want to connect to multiple servers with the Microsoft client  
on Mac OS X, just make a copy of the application for each concurrent  
connection you need to make and run them.  It's dumb but it works.

-bob




From dan  Sat May  7 23:01:10 2005
From: dan (Dan Langille)
Date: Sat, 07 May 2005 23:01:10 -0400
Subject: [nycbug-talk] RDesktop
In-Reply-To: <427CFF9D.2010106@sddi.net>
Message-ID: <427D48B6.5957.153A36A1@localhost>

On 7 May 2005 at 13:49, George wrote:

> I realize that this list should just be a 'hey, look what i found in 
> FBSD ports', but that's precisely what I wanted to say. . .
> 
> http://www.rdesktop.org/
> 
> Great application, lots of configurability.

What kind of configurability are you using?

Since I started using rdesktop, I'm rarely booting my laptop into 
Windows.
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/
   NEW brochure available at http://www.bsdcan.org/2005/advocacy/




From daggerquill  Mon May  9 11:19:07 2005
From: daggerquill (Jay Savage)
Date: Mon, 9 May 2005 11:19:07 -0400
Subject: [nycbug-talk] OpenBSD upgrade
In-Reply-To: <20050505100831.523a55e1@delinux.abwatley.com>
References: <20050505090647.4647bb3a@delinux.abwatley.com>
	<4ce365ec05050506406c50e49@mail.gmail.com>
	<20050505100831.523a55e1@delinux.abwatley.com>
Message-ID: <4ce365ec050509081923703e21@mail.gmail.com>

On 5/5/05, michael <lists at genoverly.net> wrote:
> On Thu, 5 May 2005 09:40:11 -0400
> Jay Savage <daggerquill at gmail.com> wrote:
> 
> > Micheal,
> >
> > That depends on how your server is configured.  My gut reaction is to
> > say skip 3.6 completely and install 3.7 when it becomes available for
> > download on the 19th.
> This is actually in preparation for 3.7.  I was going by the very first
> sentence on the aformentioned web page, "Note: Upgrades are only
> supported from release to release, it is recommended that you NOT skip
> releases."
> 
> > If you really want to get moving on it, order a
> > CD--they're already shipping--and mount it from somewhere else.
> I have already pre-ordered!
> 
> > There's no clean upgrade path from 3.6 to 3.7,
> whoa.. that was the first I heard of that.  Is that what you infer from
> the 37 upgrade page?   http://openbsd.org/faq/upgrade37.html
> 
> "Upgrading is a convenient way to bring your OpenBSD system up to the
> most recent version. However, the results are not intended to precisely
> match the results of a wipe-and-reload installation. Old library files
> in particular are not removed in the upgrade process, as they may be
> required by older applications that may or may not be upgraded at this
> time. If you REALLY wish to get rid of all these old files, you would
> probably be better off reinstalling from scratch. "
> 
> I may take that last sentence to heart.  Installing OpenBSD has always
> been really easy.  It is recreating the existing environment that is
> consuming.  Good thing I took notes.
> 
> Thanks for the reply.
> Michael

Michael,

Sorry for the typo.  I meant no upgrade path from 3.5 to 3.7.  And
would seriously advocate against doing the two-step upgrade, precisely
because of the library issues.  If you do go the upgrade route,
absolutely take bruno's advice and do a test run someplace else...the
upgrades themselves will be fine, but there *will* be library and
depenedency issues.  It's also a seriously time intensive process,
bcause in order to make sure you have everything configured correctly,
you'll need to update everything from ports twice, too.  There may be
things that were dropped or changed in unacceptable (to you) ways
between 3.5 and 3.7, but some of them may have had acceptable 3.6
ports.

At least run a quick diff on the ports trees from the various releases.

If you can, though, wipe and install is probably going to be the
easiest and quickest solution any time you skip a release.

best,

Jay



From ephillips  Mon May  9 13:45:06 2005
From: ephillips (Erik Phillips)
Date: Mon, 09 May 2005 13:45:06 -0400
Subject: [nycbug-talk] Training
Message-ID: <427FA1A2.3060406@loftmail.com>

Being new to the *nix arena, I was wondering if there any formal 
training facilities in the tri-state area for the *bsd family?  I've 
searched for sometime, but only found classes/training which were based 
out west.  Is there anything closer?  If these are my only options can 
someone recommend a place where they feel comfortable?


Thank you in advanced for any info :-)

Erik


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.7 - Release Date: 5/9/2005




From steve  Mon May  9 17:24:00 2005
From: steve (steve Rieger)
Date: Mon, 9 May 2005 17:24:00 -0400
Subject: [nycbug-talk] hardware
Message-ID: <711fbb69f5aeac773b8451e5ee57ddde@n2sw.com>

hi all
am back

i have a one year support contract for a sonic wall pro 1360 that i was 
given as means of payment, its yours for free if you can use it, let me 
know


--
Steve Rieger
(646) 335-8915   (Cell)




From george  Tue May 10 01:16:01 2005
From: george (George R.)
Date: Tue, 10 May 2005 01:16:01 -0400
Subject: [nycbug-talk] BSD Cert survey translations. . .
Message-ID: <90557416e97e4076bdb6c5e22404627d@sddi.net>

I know we have a number of people on this list who are comfortable in 
some of these languages. . .

If you can be of assistance in reviewing the translations of the 
initial BSD Cert survey, please contact me off list.

These are the languages in need. . .

g

> Turkish
> Romanian
> Ukrainian
> Portuguese
> ArgentinianSpanish
> German
> Hungarian
> VenezuelanSpanish
> Czech
> Lithuanian
> MexicanSpanish
> Estonian
>




From rwbutcher  Tue May 10 11:20:25 2005
From: rwbutcher (Bob Butcher)
Date: Tue, 10 May 2005 08:20:25 -0700 (PDT)
Subject: [nycbug-talk] Training
In-Reply-To: 6667
Message-ID: <20050510152025.62822.qmail@web60612.mail.yahoo.com>

 
--- Erik Phillips <ephillips at loftmail.com> wrote:
> Being new to the *nix arena, I was wondering if
> there any formal 
> training facilities in the tri-state area for the
> *bsd family?  I've 
> searched for sometime, but only found
> classes/training which were based 
> out west.  Is there anything closer?  If these are
> my only options can 
> someone recommend a place where they feel
> comfortable?
> 
> 
> Thank you in advanced for any info :-)
> 
> Erik


There is a local linux group that has a strong
curriculum and offers classes from time to time at
very reasonable prices: www.nylxs.com.


Bob



From nycbug  Tue May 10 11:43:13 2005
From: nycbug (Ray)
Date: Tue, 10 May 2005 11:43:13 -0400
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
Message-ID: <20050510154313.GB7316@syntax.cyth.net>

Hi,

>From Mickey's talk it seemed there were some people who were
interested in Zauruses.  The Dynamism.com people said that they
accept bulk orders but are wondering how many we wanted.  So I'm
asking for a show of hands, who wants a Zaurus SL-C3000?

--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
						Paul Graham



From george  Tue May 10 13:11:09 2005
From: george (George R.)
Date: Tue, 10 May 2005 13:11:09 -0400
Subject: [nycbug-talk] Training
In-Reply-To: <20050510152025.62822.qmail@web60612.mail.yahoo.com>
References: <20050510152025.62822.qmail@web60612.mail.yahoo.com>
Message-ID: <ee8b3748e04c5b6aecadfd3fef39eea1@sddi.net>


On May 10, 2005, at 11:20 AM, Bob Butcher wrote:

>
> --- Erik Phillips <ephillips at loftmail.com> wrote:
>> Being new to the *nix arena, I was wondering if
>> there any formal
>> training facilities in the tri-state area for the
>> *bsd family?  I've
>> searched for sometime, but only found
>> classes/training which were based
>> out west.  Is there anything closer?  If these are
>> my only options can
>> someone recommend a place where they feel
>> comfortable?
>>
>>
>> Thank you in advanced for any info :-)
>>
>> Erik
>
>
> There is a local linux group that has a strong
> curriculum and offers classes from time to time at
> very reasonable prices: www.nylxs.com.
>

IMHO, of all the Linux groups in NYC, they are by far the closest thing 
to a cult.

I would avoid them. . .

sorry.

We have discussed doing some kind of trainings at some point, but 
there's nothing immediate.

BSDMall does online trainings . .

http://bsdmall.com/fbsdonline.html

g




From ike  Tue May 10 13:31:15 2005
From: ike (Isaac Levy)
Date: Tue, 10 May 2005 13:31:15 -0400
Subject: [nycbug-talk] BSDCan Report Thread
Message-ID: <05fb8ada1e1452dd16dd8e81b567b2c3@lesmuug.org>

Hi All,

Since circumstance has made me the first NYC*BUG person up in Ottawa, I 
thought I'd start a rolling thread on what's going on up here.


--
The initial scene:

Saw Dan Langille last night, as always, he seems exited and busy...  
Looks like he's got a few final tasks to wrap up, but he walked me over 
to the conference area on campus, it's AMAZING.  For those who attended 
last year, this year is in a different building- the Engineering 
building.  The building is a totally georgous construcion of concrete, 
steel, and GLASS- lots of light, easy access to step outside to smoke.  
(Personally, I'd go if the Conference is in a flooded basement, of a 
condemned building, but these diggs are seriously classy.)

The conference rooms look great, fully equipped with video projectors 
and chalkboards even.  There's also a nice perch/area with a bunch of 
tables, in case any spontaneous hacking takes place- or folks just 
wanna sit down with a laptop and focus on doing something.

Early arrival growing pains:
The campus data network has some cruddy Cisco vpn client auth system 
junk- so I'm writing this offline, in hopes to find open wireless 
somewhere around the city, (it seems the Ottawans were watching the 
previous NYC*BUG thread on Open WiFi nodes and took George's side... 
grrrr).  This is temporary, Dan said wifi inet is coming for us.

--
Travel Tips for expatriates:

If you smoke, BRING CIGARETTES!!!  Hell, bring me cigarettes!!!! (I 
like Galouses rolling tobacco or Lucky Strikes).  I just had to buy a 
pack of Drum for $13.50 Canadian last night- this is a very very bad 
thing- spread the word.

Try to do your cash exchange at the airport- or at the banks, places 
around town tend to try to rip off and charge more for USD/CAD 
exchanges.

Weather is warmer than NYC this week, no need for heavy parkas- likely 
sweaters/windbreakers at night are adequate.

Bring comfy shoes- it's a few 'city blocks' walk from 
accomodations/parking, over to the Engineering building.

Bring Patch/Crossover cables!!!  Dan is orchestrating wireless internet 
access at the conference area, but things are fairly sparce outside of 
that...

--
So with that, I'm gonna crack some WEP keys now and get this mail sent 
out, See yall' here!!!

Rocket-
.ike




From ike  Tue May 10 14:09:32 2005
From: ike (Isaac Levy)
Date: Tue, 10 May 2005 14:09:32 -0400
Subject: [nycbug-talk] Training
In-Reply-To: <ee8b3748e04c5b6aecadfd3fef39eea1@sddi.net>
References: <20050510152025.62822.qmail@web60612.mail.yahoo.com>
	<ee8b3748e04c5b6aecadfd3fef39eea1@sddi.net>
Message-ID: <159602ad50f81ab61696fd1352bcde75@lesmuug.org>

Hi Erik,

On May 10, 2005, at 1:11 PM, George R. wrote:

> We have discussed doing some kind of trainings at some point, but 
> there's nothing immediate.
>
> BSDMall does online trainings . .
>
> http://bsdmall.com/fbsdonline.html

Additionally, I'll throw into the ring here that there's a boatload of 
experienced BSD UNIX people on this list who work on an 
independent/consultant basis (myself included), and could definitely 
provide training for a business or other org.

Likely the nycbug jobs list is the best place to discuss that kind of 
thing if your interested in going down that path:

http://lists.nycbug.org/mailman/listinfo/jobs

Best,
.ike




From trish  Tue May 10 14:50:00 2005
From: trish (Trish Lynch)
Date: Tue, 10 May 2005 14:50:00 -0400 (EDT)
Subject: [nycbug-talk] sparc64 disk question
In-Reply-To: <200505062109.j46L9eoY028944@lucifier.net>
References: <200505062109.j46L9eoY028944@lucifier.net>
Message-ID: <20050510144932.V14467@ultra.bsdunix.net>

On Fri, 6 May 2005, Michael Shalayeff wrote:

> Making, drinking tea and reading an opus magnum from pete wright:
> [Charset ISO-8859-1 unsupported, filtering to ASCII...]
>> hey all,
>>      So I have an IDE disk that has a UFS partition on it that was
>> created on a sparc64/netbsd box.  I know that this is probably not
>> possible, but I'd like to try to mount it on an x86/freebsd 5.x box.
>> I can see the disk iin my dmesg and in /dev, but none of the slices
>> are showing up.  Is it wishfull thinking that I may be able to get
>> this disk recognized on a 32bit box.  Me thinks not for the obvious
>> reasons...still worth a shot eh?
>
> disklabel is of a different format (sun disklabel)
> ufs is of different endianess
>
> cu
>
> -- 
>    paranoic mickey       (my employers have changed but, the name has remained)


Oh wow, I didn;t notice you here... up for beer one of these nights, or 
dinner at a pub?

-Trish

-- 
Trish Lynch					   trish at bsdunix.net
Ecartis Core Team 			      trish at listmistress.org
EFNet IRC Operator/SysAdmin @ irc.dkom.at             AilleCat at EFNet
Key fingerprint = 781D 2B47 AA4B FC88 B919  0CD6 26B2 1D62 6FC1 FF16



From george  Tue May 10 22:04:18 2005
From: george (George R.)
Date: Tue, 10 May 2005 22:04:18 -0400
Subject: [nycbug-talk] upcoming meetings
Message-ID: <a36c2a4e9cf8c23c735c992c91f45147@sddi.net>

If anyone didn't notice, the upcoming meetings have been updated. . .

There are some good ones coming up, and we're just waiting for 
additional details for a few more speakers. . .

g




From bbong718  Tue May 10 23:28:19 2005
From: bbong718 (Tom Derylo)
Date: Tue, 10 May 2005 23:28:19 -0400
Subject: [nycbug-talk] got hardware?
In-Reply-To: <20050506031235.GB95910@yinaska.pair.com>
References: <20050506031235.GB95910@yinaska.pair.com>
Message-ID: <6e075be705051020281e51926b@mail.gmail.com>

Hi all,

I'd like to introduce myself first, I haven't talk much, but i've been
following, and i've been kinda busy lately. Well, Hello all my name is
Tom i'm from Brooklyn, been a BSD user for the past 7 years, like it,
love it and live it. ;]

> However, we have a small catch-22 ;) We have space, power and bandwidth and
> little to put in there. Wondering if anyone has any machines they'd like to
> donate, solely for the purposes of NYCBUG. The donated servers will go to use
> as our mail/www/firewall/dns/etc services. We have one decent server coming in
> to be used as our main www/sql server and possibly another older one.

That's a teriffic idea, I can give away an IBM's Netfinity 3000, fully working, 
Pentium 2 450mhz, 368MB of RAM, 15GB SCSI Drive, CDROM etc... 

Tell me whether you want to take it.
And once again, Hello All, maybe next Wednesday i'll show up.

Regards,
Tom D



From njt  Wed May 11 03:02:55 2005
From: njt (N.J. Thomas)
Date: Wed, 11 May 2005 03:02:55 -0400
Subject: [nycbug-talk] Zephyr has left the building
Message-ID: <20050511070255.GI21685@ayvali.org>

I was looking for MIT's Zephyr (one of the first IM systems) in
FreeBSD's ports system recently.

A bit of digging uncovered the fact that it was removed about 2 years
ago, presumably because it was chronically broken and probably also due
to lack of popularity.

The reason I wanted to use it was not because I needed an IM client
(Gaim works fine for me), but rather because I used Zephyr as a
notification system, i.e. I did something like this quite a bit:

    make >& log && echo "make complete" |zwrite `whoami`

This allowed me to work on whatever I was doing on my system and when
make was done, I would get a little window pop up on my desktop
notifying me.

So does anyone know of a similar tool? All I need is some window to come
up in X with some info in it.

thanks,
Thomas

-- 
N.J. Thomas
njt at ayvali.org
Etiamsi occiderit me, in ipso sperabo



From tillman  Wed May 11 09:01:21 2005
From: tillman (Tillman Hodgson)
Date: Wed, 11 May 2005 07:01:21 -0600
Subject: [nycbug-talk] Zephyr has left the building
In-Reply-To: <20050511070255.GI21685@ayvali.org>
References: <20050511070255.GI21685@ayvali.org>
Message-ID: <20050511130121.GQ19844@seekingfire.com>

On Wed, May 11, 2005 at 03:02:55AM -0400, N.J. Thomas wrote:
> I was looking for MIT's Zephyr (one of the first IM systems) in
> FreeBSD's ports system recently.
> 
> A bit of digging uncovered the fact that it was removed about 2 years
> ago, presumably because it was chronically broken and probably also due
> to lack of popularity.

I recently looked into Zephyr too, and found the same thing. A
scriptable IM system that offers Kerberos authentication would be great
for corporate workgrounds.

If you happen to run across any information about Zepher on FreeBSD,
please pass it along :-)

-T


-- 
We tend to become like the worst in those we oppose.
	- Bene Gesserit Coda



From nycbug  Wed May 11 09:42:10 2005
From: nycbug (Ray)
Date: Wed, 11 May 2005 09:42:10 -0400
Subject: [nycbug-talk] Zephyr has left the building
In-Reply-To: <20050511070255.GI21685@ayvali.org>
References: <20050511070255.GI21685@ayvali.org>
Message-ID: <20050511134210.GB3254@syntax.cyth.net>

On Wed, May 11, 2005 at 03:02:55AM -0400, N.J. Thomas wrote:
> So does anyone know of a similar tool? All I need is some window to come
> up in X with some info in it.

I've never used it, but I think xmessage(1) does what you want.

--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
						Paul Graham



From mickey  Wed May 11 10:10:29 2005
From: mickey (Michael Shalayeff)
Date: Wed, 11 May 2005 10:10:29 -0400 (EDT)
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
In-Reply-To: <20050510154313.GB7316@syntax.cyth.net> from Ray at "May 10, 2005
	11:43:13 am"
Message-ID: <200505111410.j4BEATt7006834@lucifier.net>

Making, drinking tea and reading an opus magnum from Ray:
> Hi,

re

> >From Mickey's talk it seemed there were some people who were
> interested in Zauruses.  The Dynamism.com people said that they
> accept bulk orders but are wondering how many we wanted.  So I'm
> asking for a show of hands, who wants a Zaurus SL-C3000?

the talk was about HPPA not zaurus or even arm (:
i understand that model numbers are similar but they
are different architectures (:

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From jschauma  Wed May 11 10:51:42 2005
From: jschauma (Jan Schaumann)
Date: Wed, 11 May 2005 10:51:42 -0400
Subject: [nycbug-talk] Zephyr has left the building
In-Reply-To: <20050511070255.GI21685@ayvali.org>
References: <20050511070255.GI21685@ayvali.org>
Message-ID: <20050511145142.GA21538@netmeister.org>

"N.J. Thomas" <njt at ayvali.org> wrote:
> I was looking for MIT's Zephyr (one of the first IM systems) in
> FreeBSD's ports system recently.
> 
> A bit of digging uncovered the fact that it was removed about 2 years
> ago, presumably because it was chronically broken and probably also due
> to lack of popularity.

I don't know Zephyr, but it appears to be in pkgsrc, which of course
works under FreeBSD as well.  (Whether or not this particular package
works under FreeBSD I do not know, either.)

Binary package for NetBSD are on the ftp servers.

-Jan

-- 
"Life," said Marvin, "don't talk to me about life."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.nycbug.org/pipermail/talk/attachments/20050511/683c1514/attachment.bin 


From nycbug  Wed May 11 11:30:12 2005
From: nycbug (Ray)
Date: Wed, 11 May 2005 11:30:12 -0400
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
In-Reply-To: <200505111410.j4BEATt7006834@lucifier.net>
References: <20050510154313.GB7316@syntax.cyth.net>
	<200505111410.j4BEATt7006834@lucifier.net>
Message-ID: <20050511153012.GA31873@syntax.cyth.net>

On Wed, May 11, 2005 at 10:10:29AM -0400, Michael Shalayeff wrote:
> Making, drinking tea and reading an opus magnum from Ray:
> > >From Mickey's talk it seemed there were some people who were
> > interested in Zauruses.  The Dynamism.com people said that they
> > accept bulk orders but are wondering how many we wanted.  So I'm
> > asking for a show of hands, who wants a Zaurus SL-C3000?
> 
> the talk was about HPPA not zaurus or even arm (:
> i understand that model numbers are similar but they
> are different architectures (:

*kowtows*  Sorry for hijacking your architecture!  Your talk was
excellent and I look forward to the next one!

--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
						Paul Graham



From mickey  Wed May 11 11:35:08 2005
From: mickey (Michael Shalayeff)
Date: Wed, 11 May 2005 11:35:08 -0400 (EDT)
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
In-Reply-To: <20050511153012.GA31873@syntax.cyth.net> from Ray at "May 11, 2005
	11:30:12 am"
Message-ID: <200505111535.j4BFZ8B9007272@lucifier.net>

Making, drinking tea and reading an opus magnum from Ray:
> On Wed, May 11, 2005 at 10:10:29AM -0400, Michael Shalayeff wrote:
> > Making, drinking tea and reading an opus magnum from Ray:
> > > >From Mickey's talk it seemed there were some people who were
> > > interested in Zauruses.  The Dynamism.com people said that they
> > > accept bulk orders but are wondering how many we wanted.  So I'm
> > > asking for a show of hands, who wants a Zaurus SL-C3000?
> > 
> > the talk was about HPPA not zaurus or even arm (:
> > i understand that model numbers are similar but they
> > are different architectures (:
> 
> *kowtows*  Sorry for hijacking your architecture!  Your talk was
> excellent and I look forward to the next one!

i'm just kiding -- they are all good just because they work (:

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From george  Wed May 11 13:56:23 2005
From: george (George R.)
Date: Wed, 11 May 2005 13:56:23 -0400
Subject: [nycbug-talk] BSDCan starts tomorrow. . .
Message-ID: <1e75ea5826a9f6bcce3ee9e150fccb01@sddi.net>

I have an extra space (maybe two) in the car going up to BSDCan if 
anyone is interested.  Contact me off list.

As discussed, and as Ike already started doing, we'll be keeping 
everyone in the loop on the conference. . .

g




From ike  Wed May 11 16:30:41 2005
From: ike (Isaac Levy)
Date: Wed, 11 May 2005 16:30:41 -0400
Subject: [nycbug-talk] got hardware?
In-Reply-To: <6e075be705051020281e51926b@mail.gmail.com>
References: <20050506031235.GB95910@yinaska.pair.com>
	<6e075be705051020281e51926b@mail.gmail.com>
Message-ID: <854c225f84806031d746901ab23fab0b@lesmuug.org>

Hi Tom, All,

On May 10, 2005, at 11:28 PM, Tom Derylo wrote:

> That's a teriffic idea, I can give away an IBM's Netfinity 3000, fully 
> working,
> Pentium 2 450mhz, 368MB of RAM, 15GB SCSI Drive, CDROM etc...

If it's of any worth, I have 2 of the proprietary video->vga connectors 
for the Netfinity series boxes... just shout out whoever wants them...

>
> Tell me whether you want to take it.
> And once again, Hello All, maybe next Wednesday i'll show up.
>

Rocket-
.ike





From spork  Fri May 13 00:15:17 2005
From: spork (Charles Sprickman)
Date: Fri, 13 May 2005 00:15:17 -0400 (EDT)
Subject: [nycbug-talk] security note - hyperthreading + Free/NetBSD
Message-ID: <Pine.OSX.4.61.0505130013480.9048@gee5.nat.fasttrackmonkey.com>

http://www.daemonology.net/hyperthreading-considered-harmful/

No detailed info yet, but apparently those up at BSDCan probably got a 
nice preview...  :)

Charles




From daggerquill  Fri May 13 12:15:12 2005
From: daggerquill (Jay Savage)
Date: Fri, 13 May 2005 12:15:12 -0400
Subject: [nycbug-talk] PCMCIA wireless card source?
Message-ID: <4ce365ec050513091548718acb@mail.gmail.com>

Hi all,

I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
SuSE.  I'm trying to find a supported wireless card for it, but
everything I'm seeing in the stores is CardBus.  Does anyone know of
someplace local I can find some a Type II b/g card that's upported
under at least one of the OSes?  Next step is on line, but I'd rather
just grab it on lunch sometime if I can.

Thanks,

Jay



From okan  Fri May 13 13:21:14 2005
From: okan (Okan Demirmen)
Date: Fri, 13 May 2005 13:21:14 -0400
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
In-Reply-To: <20050510154313.GB7316@syntax.cyth.net>
References: <20050510154313.GB7316@syntax.cyth.net>
Message-ID: <20050513172114.GA3057@yinaska.pair.com>

On Tue 2005.05.10 at 11:43 -0400, Ray wrote:
> Hi,
> 
> >From Mickey's talk it seemed there were some people who were
> interested in Zauruses.  The Dynamism.com people said that they
> accept bulk orders but are wondering how many we wanted.  So I'm
> asking for a show of hands, who wants a Zaurus SL-C3000?

what kind of prices can we get? i may be interested...

thanks,
okan

> --
> I've found that people who are great at something are not so much
> convinced of their own greatness as mystified at why everyone else
> seems so incompetent.
> 						Paul Graham
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month

-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934



From bbong718  Fri May 13 13:30:02 2005
From: bbong718 (Tom Derylo)
Date: Fri, 13 May 2005 13:30:02 -0400
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <4ce365ec050513091548718acb@mail.gmail.com>
References: <4ce365ec050513091548718acb@mail.gmail.com>
Message-ID: <6e075be705051310302933bafb@mail.gmail.com>

> Hi all,
> 
> I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> SuSE.  I'm trying to find a supported wireless card for it, but
> everything I'm seeing in the stores is CardBus.  Does anyone know of
> someplace local I can find some a Type II b/g card that's upported
> under at least one of the OSes?  Next step is on line, but I'd rather
> just grab it on lunch sometime if I can.

Hello,

I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
and with sound too, but got it to work with ndis driver, using Windows
Drivers really cool
if you ask me, you should try to get it working that way.

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html

If you need futher help on getting this to work, let me know, took me
a while to figure
it out too, and get the right .INF and .SYS Files from Windows. I have
the LinkSYS Wireless-G WPC54G ver.4 Adapter.

Good Luck

//tom



From mickey  Fri May 13 13:26:12 2005
From: mickey (Michael Shalayeff)
Date: Fri, 13 May 2005 13:26:12 -0400 (EDT)
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <6e075be705051310302933bafb@mail.gmail.com> from Tom Derylo at
	"May 13, 2005 01:30:02 pm"
Message-ID: <200505131726.j4DHQCAa025648@lucifier.net>

Making, drinking tea and reading an opus magnum from Tom Derylo:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > Hi all,
> > 
> > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > SuSE.  I'm trying to find a supported wireless card for it, but
> > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > someplace local I can find some a Type II b/g card that's upported
> > under at least one of the OSes?  Next step is on line, but I'd rather
> > just grab it on lunch sometime if I can.
> 
> Hello,
> 
> I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> and with sound too, but got it to work with ndis driver, using Windows
> Drivers really cool
> if you ask me, you should try to get it working that way.

i am sorry but this is the dumbest statement of the week.
besides the point that implementing the ndis compatibility
layer is a mistake (although perhaps not w/o a hack value)
using it should be considered the outmost the last resort.

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From bbong718  Fri May 13 14:02:46 2005
From: bbong718 (Tom Derylo)
Date: Fri, 13 May 2005 14:02:46 -0400
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <200505131726.j4DHQCAa025648@lucifier.net>
References: <6e075be705051310302933bafb@mail.gmail.com>
	<200505131726.j4DHQCAa025648@lucifier.net>
Message-ID: <6e075be705051311024cfe25c2@mail.gmail.com>

On 5/13/05, Michael Shalayeff <mickey at lucifier.net> wrote:
> Making, drinking tea and reading an opus magnum from Tom Derylo:
> [Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > > Hi all,
> > >
> > > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > > SuSE.  I'm trying to find a supported wireless card for it, but
> > > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > > someplace local I can find some a Type II b/g card that's upported
> > > under at least one of the OSes?  Next step is on line, but I'd rather
> > > just grab it on lunch sometime if I can.
> >
> > Hello,
> >
> > I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> > and with sound too, but got it to work with ndis driver, using Windows
> > Drivers really cool
> > if you ask me, you should try to get it working that way.
> 
> i am sorry but this is the dumbest statement of the week.
> besides the point that implementing the ndis compatibility
> layer is a mistake (although perhaps not w/o a hack value)
> using it should be considered the outmost the last resort.

So is that your solution to his problem? I see even this group has trolls.

//tom



From mickey  Fri May 13 13:51:00 2005
From: mickey (Michael Shalayeff)
Date: Fri, 13 May 2005 13:51:00 -0400 (EDT)
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <6e075be705051311024cfe25c2@mail.gmail.com> from Tom Derylo at
	"May 13, 2005 02:02:46 pm"
Message-ID: <200505131751.j4DHp031009907@lucifier.net>

Making, drinking tea and reading an opus magnum from Tom Derylo:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> On 5/13/05, Michael Shalayeff <mickey at lucifier.net> wrote:
> > Making, drinking tea and reading an opus magnum from Tom Derylo:
> > [Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > > > Hi all,
> > > >
> > > > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > > > SuSE.  I'm trying to find a supported wireless card for it, but
> > > > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > > > someplace local I can find some a Type II b/g card that's upported
> > > > under at least one of the OSes?  Next step is on line, but I'd rather
> > > > just grab it on lunch sometime if I can.
> > >
> > > Hello,
> > >
> > > I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> > > and with sound too, but got it to work with ndis driver, using Windows
> > > Drivers really cool
> > > if you ask me, you should try to get it working that way.
> > 
> > i am sorry but this is the dumbest statement of the week.
> > besides the point that implementing the ndis compatibility
> > layer is a mistake (although perhaps not w/o a hack value)
> > using it should be considered the outmost the last resort.
> 
> So is that your solution to his problem? I see even this group has trolls.

the problem is not absense of a driver but absense of
a desired card. and your solution besides being wrong
is also completely unsubstantiated.

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From bbong718  Fri May 13 14:24:55 2005
From: bbong718 (Tom Derylo)
Date: Fri, 13 May 2005 14:24:55 -0400
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <200505131751.j4DHp031009907@lucifier.net>
References: <6e075be705051311024cfe25c2@mail.gmail.com>
	<200505131751.j4DHp031009907@lucifier.net>
Message-ID: <6e075be70505131124ccd4252@mail.gmail.com>

On 5/13/05, Michael Shalayeff <mickey at lucifier.net> wrote:
> Making, drinking tea and reading an opus magnum from Tom Derylo:
> [Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > On 5/13/05, Michael Shalayeff <mickey at lucifier.net> wrote:
> > > Making, drinking tea and reading an opus magnum from Tom Derylo:
> > > [Charset ISO-8859-1 unsupported, filtering to ASCII...]
> > > > > Hi all,
> > > > >
> > > > > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > > > > SuSE.  I'm trying to find a supported wireless card for it, but
> > > > > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > > > > someplace local I can find some a Type II b/g card that's upported
> > > > > under at least one of the OSes?  Next step is on line, but I'd rather
> > > > > just grab it on lunch sometime if I can.
> > > >
> > > > Hello,
> > > >
> > > > I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> > > > and with sound too, but got it to work with ndis driver, using Windows
> > > > Drivers really cool
> > > > if you ask me, you should try to get it working that way.
> > >
> > > i am sorry but this is the dumbest statement of the week.
> > > besides the point that implementing the ndis compatibility
> > > layer is a mistake (although perhaps not w/o a hack value)
> > > using it should be considered the outmost the last resort.
> >
> > So is that your solution to his problem? I see even this group has trolls.
> 
> the problem is not absense of a driver but absense of
> a desired card. and your solution besides being wrong
> is also completely unsubstantiated.

I'm sorry I jumped the gun, been under a bit of stress lately,
this solution worked for me having that kind of PCMCIA Card,
i've looked for native driver but wasn't there for that card, and that
was the only card I had and solution of using ndis seemed as the
answer.

//tom



From nycbug  Fri May 13 15:26:23 2005
From: nycbug (Ray)
Date: Fri, 13 May 2005 15:26:23 -0400
Subject: [nycbug-talk] Bulk Ordering Zaurus SL-C3000s
In-Reply-To: <20050513172114.GA3057@yinaska.pair.com>
References: <20050510154313.GB7316@syntax.cyth.net>
	<20050513172114.GA3057@yinaska.pair.com>
Message-ID: <20050513192623.GA7623@syntax.cyth.net>

On Fri, May 13, 2005 at 01:21:14PM -0400, Okan Demirmen wrote:
> On Tue 2005.05.10 at 11:43 -0400, Ray wrote:
> > >From Mickey's talk it seemed there were some people who were
> > interested in Zauruses.  The Dynamism.com people said that they
> > accept bulk orders but are wondering how many we wanted.  So I'm
> > asking for a show of hands, who wants a Zaurus SL-C3000?
> 
> what kind of prices can we get? i may be interested...

So far I've gotten...one response.  I doubt I'll be able to get a
``bulk'' discount, but I'll still ask. =)

--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
						Paul Graham



From daggerquill  Fri May 13 15:50:26 2005
From: daggerquill (Jay Savage)
Date: Fri, 13 May 2005 15:50:26 -0400
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <6e075be705051310302933bafb@mail.gmail.com>
References: <4ce365ec050513091548718acb@mail.gmail.com>
	<6e075be705051310302933bafb@mail.gmail.com>
Message-ID: <4ce365ec050513125063cf218@mail.gmail.com>

On 5/13/05, Tom Derylo <bbong718 at gmail.com> wrote:
> > Hi all,
> >
> > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > SuSE.  I'm trying to find a supported wireless card for it, but
> > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > someplace local I can find some a Type II b/g card that's upported
> > under at least one of the OSes?  Next step is on line, but I'd rather
> > just grab it on lunch sometime if I can.
> 
> Hello,
> 
> I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> and with sound too, but got it to work with ndis driver, using Windows
> Drivers really cool
> if you ask me, you should try to get it working that way.
> 
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html
> 
> If you need futher help on getting this to work, let me know, took me
> a while to figure
> it out too, and get the right .INF and .SYS Files from Windows. I have
> the LinkSYS Wireless-G WPC54G ver.4 Adapter.
> 
> Good Luck
> 
> //tom

Tom,

Thanks for the pointer, I'm sure it'll come in handy later.  But the
issue right now isn't finding a driver for a card I have, or trying to
get ndis going--let's hope it doesn't come to that.  My issue at the
moment is that I have an old machine with a 16-bit PCMCIA interface,
and all I can find in the stores are 32-bit CardBus cards.  I was
hoping someone on this list might know someplace local (preferrable
Manhattan) that still stocks Type II cards.

Thanks,

Jay



From mickey  Fri May 13 15:38:25 2005
From: mickey (Michael Shalayeff)
Date: Fri, 13 May 2005 15:38:25 -0400 (EDT)
Subject: [nycbug-talk] PCMCIA wireless card source?
In-Reply-To: <4ce365ec050513125063cf218@mail.gmail.com> from Jay Savage at "May
	13, 2005 03:50:26 pm"
Message-ID: <200505131938.j4DJcPrH013546@lucifier.net>

Making, drinking tea and reading an opus magnum from Jay Savage:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> On 5/13/05, Tom Derylo <bbong718 at gmail.com> wrote:
> > > Hi all,
> > >
> > > I have an old (PII/333) thinkpad that boots FreeBSD, OpenBSD, and
> > > SuSE.  I'm trying to find a supported wireless card for it, but
> > > everything I'm seeing in the stores is CardBus.  Does anyone know of
> > > someplace local I can find some a Type II b/g card that's upported
> > > under at least one of the OSes?  Next step is on line, but I'd rather
> > > just grab it on lunch sometime if I can.
> > 
> > Hello,
> > 
> > I recently had some woes with my Toshiba Tecra 802.11b/g PCMCIA Card on FreeBSD
> > and with sound too, but got it to work with ndis driver, using Windows
> > Drivers really cool
> > if you ask me, you should try to get it working that way.
> > 
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html
> > 
> > If you need futher help on getting this to work, let me know, took me
> > a while to figure
> > it out too, and get the right .INF and .SYS Files from Windows. I have
> > the LinkSYS Wireless-G WPC54G ver.4 Adapter.
> > 
> > Good Luck
> > 
> > //tom
> 
> Tom,
> 
> Thanks for the pointer, I'm sure it'll come in handy later.  But the
> issue right now isn't finding a driver for a card I have, or trying to
> get ndis going--let's hope it doesn't come to that.  My issue at the
> moment is that I have an old machine with a 16-bit PCMCIA interface,
> and all I can find in the stores are 32-bit CardBus cards.  I was
> hoping someone on this list might know someplace local (preferrable
> Manhattan) that still stocks Type II cards.

i just figured out...
i have a 3com (i think prism-based) i'm not using
and bought in a kit w/ pci adaptor and another
antena-less card. so i'll try if it works then it's
yours for a nominal beer charge (:

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From ike  Fri May 13 16:17:41 2005
From: ike (Isaac Levy)
Date: Fri, 13 May 2005 16:17:41 -0400
Subject: [nycbug-talk] security note - hyperthreading + Free/NetBSD
In-Reply-To: <Pine.OSX.4.61.0505130013480.9048@gee5.nat.fasttrackmonkey.com>
References: <Pine.OSX.4.61.0505130013480.9048@gee5.nat.fasttrackmonkey.com>
Message-ID: <98a4b77b13e1278deaa60aaad34c0e5c@lesmuug.org>

Wordemup All,

On May 13, 2005, at 12:15 AM, Charles Sprickman wrote:

> http://www.daemonology.net/hyperthreading-considered-harmful/
>
> No detailed info yet, but apparently those up at BSDCan probably got a 
> nice preview...  :)
>
> Charles

Heck yeah man- serious buzz today...

I'll try to email a recap of the day later on tonight to list- THIS 
CONFERENCE HAS BEEN INSANELY COOL.  So much going on!

Rocket-
.ike




From george  Fri May 13 16:19:00 2005
From: george (G. Rosamond)
Date: Fri, 13 May 2005 16:19:00 -0400
Subject: [nycbug-talk] security note - hyperthreading + Free/NetBSD
In-Reply-To: <98a4b77b13e1278deaa60aaad34c0e5c@lesmuug.org>
References: <Pine.OSX.4.61.0505130013480.9048@gee5.nat.fasttrackmonkey.com>
	<98a4b77b13e1278deaa60aaad34c0e5c@lesmuug.org>
Message-ID: <20050513161900.efsa60994wsg8wsk@webmail.bizintegrators.com>

Quoting Isaac Levy <ike at lesmuug.org>:

> Wordemup All,
>
> On May 13, 2005, at 12:15 AM, Charles Sprickman wrote:
>
>> http://www.daemonology.net/hyperthreading-considered-harmful/
>>
>> No detailed info yet, but apparently those up at BSDCan probably got 
>> a nice preview...  :)
>>
>> Charles
>
> Heck yeah man- serious buzz today...
>
> I'll try to email a recap of the day later on tonight to list- THIS 
> CONFERENCE HAS BEEN INSANELY COOL.  So much going on!

I would have to agree with Ike. . . lots of good meetings and 
conversations so far.

More to come later. . .

g

--
http://www.loftmail.com




From okan  Fri May 13 16:20:50 2005
From: okan (Okan Demirmen)
Date: Fri, 13 May 2005 16:20:50 -0400
Subject: [nycbug-talk] security note - hyperthreading + Free/NetBSD
In-Reply-To: <20050513161900.efsa60994wsg8wsk@webmail.bizintegrators.com>
References: <Pine.OSX.4.61.0505130013480.9048@gee5.nat.fasttrackmonkey.com>
	<98a4b77b13e1278deaa60aaad34c0e5c@lesmuug.org>
	<20050513161900.efsa60994wsg8wsk@webmail.bizintegrators.com>
Message-ID: <20050513202050.GA37697@yinaska.pair.com>

On Fri 2005.05.13 at 16:19 -0400, George Rosamond wrote:
> Quoting Isaac Levy <ike at lesmuug.org>:
> 
> >Wordemup All,
> >
> >On May 13, 2005, at 12:15 AM, Charles Sprickman wrote:
> >
> >>http://www.daemonology.net/hyperthreading-considered-harmful/
> >>
> >>No detailed info yet, but apparently those up at BSDCan probably got 
> >>a nice preview...  :)
> >>
> >>Charles
> >
> >Heck yeah man- serious buzz today...
> >
> >I'll try to email a recap of the day later on tonight to list- THIS 
> >CONFERENCE HAS BEEN INSANELY COOL.  So much going on!
> 
> I would have to agree with Ike. . . lots of good meetings and 
> conversations so far.

ditto.

-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934



From dlavigne6  Sun May 15 20:47:35 2005
From: dlavigne6 (Dru)
Date: Sun, 15 May 2005 20:47:35 -0400 (EDT)
Subject: [nycbug-talk] 4 blogs on BSDCan
Message-ID: <20050515204617.X634@dru.domain.org>


For those who missed it... I'll let you know when the pictures/movies are 
online.

http://weblogs.oreilly.com

Dru



From george  Mon May 16 00:03:25 2005
From: george (George)
Date: Mon, 16 May 2005 00:03:25 -0400
Subject: [nycbug-talk] BSDCan things. . .
Message-ID: <42881B8D.9050609@sddi.net>

Just got home a little bit ago. . . what a weekend.

So much to talk about, yet exhausted.

Some excellent meetings and topics, such as the SEBSD meeting.  Ike's 
meeting on jails was awesome. . . *very* entertaining.

He's officially launched jailing.net, and a good number of people have 
signed up.  We had some very engaging discussions on jails, and it's 
clear that NYC*BUG can become a serious think-tank on their development.

As always, the informal discussions were best.  We/I spent a lot of time 
with the OBSD developers, including Henning whose laptop I purchased in 
proxy, and the $600 donated to the Hackathon were very appreciated.  
Thanks to all who contributed.  It's part of NYCBUG playing a critical 
role in supporting the community.

Lots of justified excitement in the community coming out of BSDCan.  
Particularly great was the discussions with the Poles, the guys from 
General Dynamics in Canada, and as always, Dru and Michael Lucas.

There's more to say, including some good details, but my liver is in 
recovery, and I'm dead.

g



From lists  Mon May 16 16:42:01 2005
From: lists (lists at genoverly.net)
Date: Mon, 16 May 2005 22:42:01 +0200
Subject: [nycbug-talk] Newsletter from O'Reilly
Message-ID: <0MKz1m-1DXmRW2Juf-0005OF@mrelay.perfora.net>


================================================================
O'Reilly News for User Group Members
May 13, 2005
================================================================
----------------------------------------------------------------
Book News
----------------------------------------------------------------
-GDB Pocket Reference
-Deploying Citrix MetaFrame Presentation Server 3.0
-Digital Audio Essentials
-802.11 Wireless Networks: The Definitive Guide, 2nd Edition
-Don't Click on the Blue E!
-Visual Basic 2005: A Developer's Notebook
-The Art of Project Management
-Visual C# 2005: A Developer's Notebook
-iMovie HD and iDVD 5: The Missing Manual
-Access Hacks
-MAKE Subscriptions Available
----------------------------------------------------------------
Upcoming Events
----------------------------------------------------------------
-Cary Millsap at the NoCOUG Spring Conference, Sunnyvale, CA--May 19
-Mike Clark ("Pragmatic Project Automation") at Agile Denver, 
  Boulder, CO--May 23
-O'Reilly Sponsors the Coalition Summit for IPv6, Reston, VA--May 23-26
-Dan Gillmor ("We the Media"), WTC's Technology Breakfast Series, 
  Mountain View, CA--May 26
----------------------------------------------------------------
Conference News
----------------------------------------------------------------
-Registration is Open for the O'Reilly Open Source Convention, 
  Portland, OR--August 1-5
-Where 2.0 Conference Registration Open, San Francisco, CA--June 29-30
-EuroOSCON Call for Papers Now Open, 
  Amsterdam, The Netherlands--October 17-20
----------------------------------------------------------------
News
----------------------------------------------------------------
-How to Build a Nonprofit for Your Community
-Addison-Wesley Professional on SafariU
-The Geospatial Web: A Call to Action
-Learning Lab: Certificate Series $200 Instant Rebate
-Tales of Rescuing Old Hardware
-(No Starch) Author describes keys to business-ready Linux clusters
-CVS Trouble
-The Soul of WWDC 2005
-Build a Dashboard Widget
-Magnificent Seven: What's New for Users in QuickTime 7
-O'Reilly books Recommended on AARP's article "Windows: 
  Better Safe (Mode) Than Sorry"
-Putting A Browser Into Your Windows Application
-Five Things I Love About Spring
-Configuring Database Access in Eclipse 3.0 with SQLExplorer
-Ed Carreon: Making the Connection
-Hands On: Create Insane Reason Grooves
-On the Go with the Motorola MPx220 Camera Phone
-Build an eCommerce Application with eZPublish
-Radical Interface Approaches
-Validate User Input in PHP 5
-MAKE: Audio
-Call MAKE
-MAKE: Weather

================================================
Book News
================================================
Did you know you can request a free book to review for your
group? Ask your group leader for more information.

For book review writing tips and suggestions, go to:
http://ug.oreilly.com/bookreviews.html

Don't forget, you can receive 20% off any O'Reilly, No Starch, 
Paraglyph, Pragmatic Bookshelf, SitePoint, or Syngress book you 
purchase directly from O'Reilly.
Just use code DSUG when ordering online or by phone 800-998-9938.
http://www.oreilly.com/

***Free ground shipping is available for online orders of at 
least $29.95 that go to a single U.S. address. This offer 
applies to U.S. delivery addresses in the 50 states and Puerto Rico.
For more details, go to:
http://www.oreilly.com/news/freeshipping_0703.html

----------------------------------------------------------------
New Releases
----------------------------------------------------------------
***GDB Pocket Reference 
Publisher: O'Reilly
ISBN: 0596100272
Covering several popular programming languages, this handy guide details
the essentials of using GDB in a testing environment. This book shows
you
how to specify a target for debugging, perform a careful examination to
find the cause of program failure, and make quick changes for further
testing. Having a quick way to refer to GDB's essential functions is the
key to making the process work smoothly, and this book is the only
reference you'll need.
http://www.oreilly.com/catalog/gdbpr/


***Deploying Citrix MetaFrame Presentation Server 3.0
Publisher: Syngress
ISBN: 193226650X
This book covers all the topics needed to plan, design, and implement a
reliable, scalable server-based computing solution in a Citrix/Windows
2003 environment. Whether you're building thin client environments for
disaster recovery purposes or rolling Citrix MetaFrame out as the
network
model for the day-to-day activities of a company, you will find this
book
to be a great resource. It also offers invaluable advice and direction
on
optimization, redundancy, troubleshooting, and scalability.
http://www.oreilly.com/catalog/193226650X/


***Digital Audio Essentials
Publisher: O'Reilly
ISBN: 0596008562
This indispensable reference helps you avoid time-consuming, costly
trial
and error in downloading audio files, burning CDs, converting analog
music
to digital form, publishing music to and streaming from the web, setting
up home stereo configurations, and creating your own MP3 and other audio
files. Designed for both Mac and PC users, it includes reliable hardware
and software recommendations, tutorials, resources, and it even explains
the basics of the DMCA and intellectual property law. 
http://www.oreilly.com/catalog/digaudio/

Chapter 16, "Setting Up an Internet Radio Station," is available online:
http://www.oreilly.com/catalog/digaudio/chapter/index.html


***802.11 Wireless Networks: The Definitive Guide, 2nd Edition
Publisher: O'Reilly
ISBN: 0596100523
If you want to deploy your own wireless network, this book is the
perfect
starting place to gain an understanding of the capabilities and risks
associated with the 802.11 protocols. This updated edition covers
everything you need to know about integrating wireless technology into
your current infrastructure. Designed with the system administrator or
serious home user in mind, it's a no-nonsense guide for setting up
802.11
on Windows and Linux. 

Chapter 21, "Logical Wireless Network Architecture," is available
online:
http://www.oreilly.com/catalog/802dot112/chapter/index.html


***Don't Click on the Blue E!
Publisher: O'Reilly
ISBN: 0596009399
For anyone who has grown disenchanted with Internet Explorer, this book
is
here to help. With its straightforward approach, it gives non-technical
users a step-by-step roadmap for switching to a better web browser:
Firefox. As the only book that covers the switch to Firefox, this how-to
guide is a must for all those who want to browse faster, more securely,
and more efficiently. 
http://www.oreilly.com/catalog/bluee/

A sample excerpt, "Safety and Security," is available online:
http://www.oreilly.com/catalog/bluee/chapter/index.html


***Visual Basic 2005: A Developer's Notebook
Publisher: O'Reilly
ISBN: 0596007264
This practical book offers nearly 50 hands-on projects in an informal,
code-intensive style. Each project explores a new feature of the
language,
with emphasis on changes that can increase productivity, simplify
programming tasks, and help you add new functionality to your
applications. This one-of-a-kind book also offers suggestions for
further
experimentation and links to online documentation and other sources of
information. 
http://www.oreilly.com/catalog/vbadn/

Chapter 2, "The Visual Basic Language," is available online:
http://www.oreilly.com/catalog/vbadn/chapter/index.html


***The Art of Project Management
Publisher: O'Reilly
ISBN: 0596007868
In this book, you'll learn from a veteran manager of software and web
development how to plan, manage, and lead projects. This personal
account
of hard lessons learned over a decade of work in the industry distills
complex concepts and challenges into practical nuggets of useful advice.
Inspiring, funny, honest, and compelling, this is the book you and your
team need to have within arm's reach.
http://www.oreilly.com/catalog/artprojectmgmt/

Chapter 3, "How to Figure Out What to Do," is available online:
http://www.oreilly.com/catalog/artprojectmgmt/chapter/index.html


***Visual C# 2005: A Developer's Notebook
Publisher: O'Reilly
ISBN: 059600799X
This unique "all lab, no lecture" guide covers all of the great new
features in C# with 50 hands-on projects. Each project explores a new
feature, with emphasis on changes that increase productivity, simplify
programming tasks, and add functionality to applications. You'll find
suggestions for further experimentation, links to online documentation,
plus practical notes and warnings. The book also shows developers how to
acquire, install, and configure Visual Studio .NET 2005.
http://www.oreilly.com/catalog/visualcadn/

Chapter 1, "C# 2.0," is available online:
http://www.oreilly.com/catalog/visualcadn/chapter/index.html


***iMovie HD and iDVD 5: The Missing Manual
Publisher: O'Reilly
ISBN: 0596100337
For both professional and amateur moviemakers, David Pogue's witty and
entertaining guide details every step of iMovie HD video production,
from
choosing and using a digital camcorder to burning the finished work onto
DVDs. In addition, this book provides a firm grounding in basic film
technique so that the quality of a video won't rely entirely on magic.
It's your ultimate moviemaking-made-easy source.
http://www.oreilly.com/catalog/imoviehdtmm/


***Access Hacks
Publisher: O'Reilly
ISBN: 0596009240
This valuable guide provides hands-on solutions to help users master
Access. For experienced users, "Access Hacks" offers a unique collection
of proven techniques and tools that will take their database skills and
productivity to the next level. For Access beginners, this book helps
them
acquire a firm grasp of the program's most productive features. Topics
covered range from utilizing SQL inquiries to working with Access in
multi-user environments.
http://www.oreilly.com/catalog/accesshks/

Sample Hack 61, "Use Excel Functions Inside Access," is available online
(along with five others):
http://www.oreilly.com/catalog/accesshks/chapter/index.html


***MAKE Subscriptions Available
The annual subscription price for four issues is $34.95. When you
subscribe with this link, you'll get a free issue--the first one plus
four
more for $34.95. So subscribe for yourself or friends with this great
offer for charter subscribers: five volumes for the cost of four.
Subscribe at:
https://www.pubservice.com/MK/Subnew.aspx?PC=MK&PK=M5ZUGLA

The MAKE blog is available at:
http://www.makezine.com/blog/

================================================
Upcoming Events
================================================
***For more events, please see:
http://events.oreilly.com/

***Cary Millsap at the NoCOUG Spring Conference, Sunnyvale, CA--May 19
Author Cary Millsap ("Optimizing Oracle Performance") is giving a
keynote
address at the Northern California Oracle Users Group Spring Conference.
http://www.nocoug.org/next.html


***Mike Clark ("Pragmatic Project Automation") at Agile Denver, 
  Boulder, CO--May 23
Pragmatic Bookshelf author Mike Clark presents "Building Software,
Better
and Faster." You'll learn good practices (and see some bad ones) while
you
take a peek inside a well-oiled agile project that's using the essential
practices covered in the Pragmatic Starter Kit: version control with
Subversion, unit testing with JUnit, and automation with Ant and
friends.
http://www.agiledenver.org/2005MayMeeting.php


***O'Reilly Sponsors the Coalition Summit for IPv6, Reston, VA--May
23-26
Join leaders from dozens of forward-looking governments and companies
shaping the New Internet at the Coalition Summit for IPv6. And keep an
eye
out for our new book "IPv6 Network Administration."
http://www.coalitionsummit.com/


***Dan Gillmor ("We the Media"), WTC's Technology Breakfast Series, 
  Mountain View, CA--May 26
Author Dan Gillmor and other panelists discuss the impact open source
has,
not only on business strategy in developing revenue models, but also
license implications and what open source development means for
engineers.
http://www.wtc-sf.org/eml_tbseries_052605.htm

================================================
Conference News
================================================
***Registration is Open for the O'Reilly Open Source Convention, 
  Portland, OR--August 1-5
OSCON 2005 explores three deep trends affecting open source: the
commoditization of software, network-enabled collaboration, and software
customizability. Join us at this essential gathering of open source
leaders and practitioners of every persuasion to exchange ideas and push
the boundaries of vital open source technologies. This year, we
introduce
the Open Source Business Review, along with a host of other exciting
presentations and events.
http://conferences.oreilly.com/oscon/

User Group members who register before June 20, 2005 get a double
discount. Use code "os05grpusr" when you register, and receive 15% off
the early registration price.

To register for the conference, go to:
http://conferences.oreillynet.com/cs/os2005/create/ord_os05


***Where 2.0 Conference Registration Open, 
  San Francisco, CA--June 29-30
Join us at the first O'Reilly Where 2.0 Conference. Location-based
services and mapping are becoming mainstream technologies. Meanwhile,
innovative new software makes it possible to apply the wealth of new
data
to old business problems. Come explore the emerging consumer and
enterprise ecosystems around location-aware technologies that
increasingly
impact the way we work and play.
http://conferences.oreilly.com/where/

User Group members who register before May 31, 2005 get a double
discount. Use code "whereug" when you register, and receive 15% off the
early registration price.

To register for the conference, go to:
http://conferences.oreillynet.com/cs/where2005/create/ord_where


***EuroOSCON Call for Papers Now Open, 
  Amsterdam, The Netherlands--October 17-20
EuroOSCON 2005, to be held October 17-20 in Amsterdam, will explore the
best and newest open source technologies, with a focus on what's
particularly useful to companies, governments, and non-profits. Session
and tutorial proposals are due by midnight, May 23rd. We're interested
in
all aspects of building applications, services, and systems that utilize
the new capabilities of the open source platform.
http://conferences.oreillynet.com/cs/eurooscon/create/e_sess

Submit your proposal:
http://conferences.oreillynet.com/cs/eurooscon/create/e_sess#form

================================================
News From O'Reilly & Beyond
================================================
---------------------
General News
---------------------
***How to Build a Nonprofit for Your Community
Many open source projects have already created nonprofit organizations
that support their communities, while other projects are considering
ways
to establish nonprofits. David Boswell details how mozdev.org built a
nonprofit organization and shows you how to do the same for your
community. He covers fundraising, obtaining legal advice, staffing, and
more. David is the coauthor of "Creating Applications with Mozilla."
http://www.oreillynet.com/pub/a/policy/2005/04/28/nonprofits.html


***Addison-Wesley Professional on SafariU
SafariU, O'Reilly's web-based platform for creating, publishing, and
sharing textbooks, now includes 416 Addison-Wesley Professional titles.
With books covering topics from programming, data mining, AI,
networking,
security, web design, web programming, databases, and a whole range of
subjects in between, Addison-Wesley is a welcomed addition to the
SafariU
repository. Log on to SafariU now to see this incredible new content.
https://www.safariu.com/


***The Geospatial Web: A Call to Action 
What needs to happen to build a sustainable geospatial web? Mike
Liebhold
offers ten steps designed to help tap the as yet unharvested business
opportunities in a geospatial web. If this topic gets your creative
juices
flowing, you belong at O'Reilly's Where 2.0 Conference, coming up in
June
in San Francisco.
http://www.oreillynet.com/pub/a/network/2005/05/10/geospatialweb.html


***Learning Lab: Certificate Series $200 Instant Rebate
Learning programming languages and development techniques has never been
easier. Using your web browser and Useractive's Learning Sandbox
technology, the Learning Lab gives you hands-on, online training in a
creative environment (and a Certificate from the University of Illinois
College of Extended Education upon course completion). Only in May,
receive a $200 instant rebate when you enroll in any Certificate Series.
http://www.oreilly.com/redirector.csp?link=UACert&type=news

---------------------
Open Source
---------------------
***Tales of Rescuing Old Hardware 
If you're careful, you can often pick up viable hardware from companies
throwing out machines too old to run the latest and greatest Windows
software. This is viable for free Unixes, if you can get past the
installation. Mikhail Zakharov walks through a tale of exploration,
discovery, and patch-writing to install NetBSD over NFS through the
serial
port of a Pentium I-era Toshiba notebook.
http://www.onlamp.com/pub/a/bsd/2005/05/05/hardware_rescue.html


***No Starch Author describes keys to business-ready Linux clusters
SearchEnterpriseLinux.com interviews Karl Kopper, author of No Starch's
"Linux Enterprise Cluster."
http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci1083586,00.html


***CVS Trouble 
Noel Davis looks at problems in CVS, PostgreSQL, Squid, Gaim, Debian's
lsh, Xine-lib, Caroline, Convert-UUlib, Rootkit Hunter, snmppd,
Kommander,
kimgio, RealPlayer, Helix Player, xli, and Debian's samba.
http://www.linuxdevcenter.com/pub/a/linux/2005/05/06/security_alerts.html

---------------------
Mac
---------------------
***The Soul of WWDC 2005 
A few years ago, Apple moved WWDC from San Jose to the brand new Moscone
West building in San Francisco. The new location improved the face of
its
developer conference. This year, Apple wants to enhance its very soul.
Here's how O'Reilly is going to help them do that.
http://www.macdevcenter.com/pub/a/mac/2005/05/03/wwdc.html


***Build a Dashboard Widget 
A little HTML, a dash of JavaScript, and a sprinkle of CSS and you can
create your own Dashboard widget. Andrew Anderson shows you how.
http://www.macdevcenter.com/pub/a/mac/2005/05/06/dashboard.html


***Magnificent Seven: What's New for Users in QuickTime 7 
Tiger is cool, but it's not the only new cat on the block. Apple has
also
released an updated version of QuickTime. Chris Adamson examines the
user-visible features and changes in QT 7, including QT 7 Pro,
renovations
to the QuickTime Player application, and the implications of the
powerful
new H.264 video codec.
http://www.macdevcenter.com/pub/a/mac/2005/05/10/qt7.html

---------------------
Windows/.NET
---------------------
***O'Reilly books Recommended on AARP's article "Windows: Better Safe
(Mode) Than Sorry" 
Gabe Goldberg's states "Windows XP books' indexes provided surprisingly
few entries for Safe Mode. I found the best coverage in two O'Reilly
books, 'Windows XP Pro: The Missing Manual' and 'Windows XP Home
Edition:
The Missing Manual.'" In addition to writing for www.aarp.org, Gabe
contributes to the "Washington Post" and computer industry/trade
publications. He's active in his local PC user group, CPCUG (Capital PC
User Group) serving as Outreach Director and Program Director. He's also
Region 2 Advisor for APCUG, helping user groups from VA to NJ. Thanks
Gabe!
http://www.aarp.org/learntech/computers/howto/better_safe_mode.html


***Windows XP Annoyances Needed for New Book
We're looking for your gripes, complaints, hassles, and other
frustrations with Microsoft's favorite OS. Billions of people use
Windows, 
and we want to help them...and your help would be much appreciated. 
We'll be covering XP in all its flavors (including XP with Service Packs
1 and 2, 
Windows Media Center Edition), and in all its settings (from standalone
PCs to
running on a WiFi network).

If you have an annoyance you'd like to see solved, email
marsee at oreilly.com 
with "Windows XP Annoyances" in the subject line. Just note which
version
of XP your're using (with SP1? SP2? Windows Media Center Edition?) As
thanks 
for sharing, we'll make sure to get copies of "Windows XP Annoyances"
sent
to your group shortly after publication.


***Putting A Browser Into Your Windows Application 
There are times when it would be awfully convenient to have the
capabilities of Internet Explorer inside your Windows application. The
classic case is when you want to look at an XML document, and you'd like
to take advantage of IE's ability to show the document as a collapsible
and expandable hierarchy. In this article, Jesse Liberty will show you
how
to do that, in just a few easy steps.
http://www.ondotnet.com/pub/a/dotnet/2005/05/10/liberty.html

---------------------
Java
---------------------
***Five Things I Love About Spring 
For hardcore enterprise development, Bruce Tate turns to Spring, the
topic
of his latest collaboration, "Spring: A Developer's Notebook." In this
article, Bruce describes five reasons why he's hooked on Spring.
http://www.onjava.com/pub/a/onjava/2005/05/11/spring.html


***Configuring Database Access in Eclipse 3.0 with SQLExplorer 
It's 2005 and you're using Eclipse. Should you still be creating your
database tables and seeding them with data by hand, from an SQL
command-line utility? Deepak Vohra introduces the SQLExplorer plugin for
Eclipse, which allows you to put a GUI on your development-time database
access.
http://www.onjava.com/pub/a/onjava/2005/05/11/sqlexplorer.html

---------------------
Digital Media
---------------------
***Ed Carreon: Making the Connection
During a four-month visit to a remote village in Mexico, Ed Carreon
photographed a world with one foot still in the past, a distant place he
had heard about as a boy through family stories. His images capture the
beauty and the struggle of a land that few of us will ever see.
http://digitalmedia.oreilly.com/2005/05/11/featured.html


***Hands On: Create Insane Reason Grooves
Don't settle for the same loop everyone else is using! This MP3-packed
tutorial shows how to blast beats apart in Propellerhead Reason, then
shape them into unique, twisted grooves.
http://digitalmedia.oreilly.com/2005/05/04/reasonbeat.html


***On the Go with the Motorola MPx220 Camera Phone
The Motorola MPx220 is a 3.88-ounce, portable multimedia tool cleverly
disguised as a mobile phone. The ROM-based Microsoft Windows Media
Player
can play back MP3 and WMA audio, as well as WMV video files. The
integrated 
camera can record 1.3-megapixel still photos. Todd Ogasawara explores
all in 
this in-depth review.
http://digitalmedia.oreilly.com/2005/05/04/mpx220.html


---------------------
Web
---------------------
***Build an eCommerce Application with eZPublish
Launch into the world of ecommerce using eZ publish. Bard Farstad
explains
step-by-step how to create a fully functional product catalogue with
online credit card processing functionality.
http://www.sitepoint.com/article/ecommerce-website-ez-publish


***Radical Interface Approaches
Alex Walker takes a look at several web sites which feature radical
interfaces for users. Read along and find out what's possible with just
a
little bit of imagination.
http://www.sitepoint.com/blog-post-view.php?id=261889


***Validate User Input in PHP 5
Discover how to validate user data in PHP and produce user-friendly
error
messages when something goes wrong, or when someone attempts a malicious
attack.
http://www.sitepoint.com/blog-post-view.php?id=261554

---------------------
MAKE
---------------------
***MAKE: Audio
Here's the latest audio from MAKE Magazine. In this MAKE audio show,
Cory
Doctorow talks about the Brodcast Flag--it's history, the fight, and now
its (hopeful) permanent demise. Right click or Control + click to
download
this MP3 to you local system or add the MAKE Audio feed to your
podcasting
application and get the show automatically!
http://www.makezine.com/blog/archive/make_podcast/


***Call MAKE
Call in to our MAKE voicemail and ask a question; anything is fine. How
about something like, "I have an old PC, what can I do with it?" We'll
try and answer these on our audio program or on the MAKE: Blog. It's 
not a toll-free call, so keep that in mind. 206-888-6253 (MAKE)


***MAKE: Weather
http://makezine.com/weatherlink/

More about our Weather Experiment
http://www.makezine.com/blog/archive/2005/04/davis_vantage_p.html

================================================
>From Your Peers
===============================================
***Don't forget to check out the O'Reilly UG wiki to see what user
groups around the globe are up to:
http://wiki.oreillynet.com/usergroups/index.cgi

Until next time--



From lists  Tue May 17 00:23:43 2005
From: lists (Francisco Reyes)
Date: Tue, 17 May 2005 00:23:43 -0400 (EDT)
Subject: [nycbug-talk] Cyrus on FBSD 5.4
Message-ID: <20050517001122.T83267@zoraida.natserv.net>

Anyone familiar with Cyrus?
I am trying to get Cyrus+Postix+SASL2 going and seem to be stuck.

When I try to run saslpasswd2 I get the error
May 16 23:47:39 testpompa saslpasswd2: setpass succeeded for cyrus
May 16 23:47:39 testpompa saslpasswd2: Couldn't update db

Yet running sasldblistusers2 I see
cyrus at localhost: userPassword
cyrus at testpompa.natserv.net: userPassword

My imapd.conf is
configdirectory: /var/imap
partition-default: /var/imap/spool
servername: testpompa.natserv.net
allowanonymouslogin: no
admins: cyrus root
autocreatequota: 102400
loginrealms: stringsutils.com, dataeverywhere.net
sieveusehomedir: false
sievedir: /var/imap/sieve
sasl_pwcheck_method: auxprop
lmtpsocket: /var/imap/socket/lmtp
idlesocket: /var/imap/socket/idle
notifysocket: /var/imap/socket/notify
virtdomains: yes
defaultdomain: stringsutils.com

The "Couldn't update db" seems like a common problem when installing 
Cyrus, yet I could not find a single reference on how to fix the 
problem.

Ran the mkimap without any problems. Both the impad and sasl programs are 
running and no errors reported at startup for either of them.

Any suggestions?



From nomadlogic  Tue May 17 00:32:18 2005
From: nomadlogic (pete wright)
Date: Mon, 16 May 2005 21:32:18 -0700
Subject: [nycbug-talk] dying for details
Message-ID: <57d710000505162132912a7fe@mail.gmail.com>

Ok guy's I'm sure you all have had time to re-coup.  So how was
BSDCan?!?!?  I'm especially dying to know how it went due to my
unexpected situation here preventing me from going.  I need details :)
 Just got a chance to check Colin's .pdf on the HT exploit.  That
looks very interesting...Ike, I hear your talk went great congrats. 
Good stuff happening with Bsdcert....awesome.

But seriously...did the drinks flow as fluidly as the ideas this year ;)

waiting in anticipation....

-pete

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From steve  Tue May 17 09:48:30 2005
From: steve (steve Rieger)
Date: Tue, 17 May 2005 09:48:30 -0400
Subject: [nycbug-talk] solaris (OT)
Message-ID: <e81fb1d95dee38b97088b8ce10e1e6f1@n2sw.com>

hi all

if anybody on this list wants to learn solaris the hard way drop me a 
line i have some hardware for you.





From lists  Tue May 17 10:20:00 2005
From: lists (michael)
Date: Tue, 17 May 2005 10:20:00 -0400
Subject: [nycbug-talk] solaris (OT)
In-Reply-To: <e81fb1d95dee38b97088b8ce10e1e6f1@n2sw.com>
References: <e81fb1d95dee38b97088b8ce10e1e6f1@n2sw.com>
Message-ID: <20050517102000.0ae1cf84@delinux.abwatley.com>

On Tue, 17 May 2005 09:48:30 -0400
steve Rieger <steve at n2sw.com> wrote:

> hi all
> 
> if anybody on this list wants to learn solaris the hard way drop me a 
> line i have some hardware for you.

Is it rack-mount?

-- 
---



From gb.nycbug.org  Tue May 17 10:28:37 2005
From: gb.nycbug.org (George Bourozikas)
Date: Tue, 17 May 2005 10:28:37 -0400
Subject: [nycbug-talk] Anyone want a Tektronix Phaser 850?
Message-ID: <200505171028.37143.gb.nycbug.org@olivesandhoney.com>

A client of mine is throwing it out...

- Needs minor repair (the top cover has a broken hinge)

- Worked great till then

- Has ethernet port

- Has to be picked up at 39th and 6th (around Bryant Park) during
business hours

- First one to reply (off-list) gets it

--george



From dan  Tue May 17 11:15:16 2005
From: dan (Dan Langille)
Date: Tue, 17 May 2005 11:15:16 -0400
Subject: [nycbug-talk] Soekris AMD
Message-ID: <4289D244.1673.46337BC4@localhost>

I heard a rumour, from a substantial source, at BSDCan, that Soekris 
will soon release an AMD box....
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/
   NEW brochure available at http://www.bsdcan.org/2005/advocacy/




From jpb  Tue May 17 11:47:46 2005
From: jpb (Jim Brown)
Date: Tue, 17 May 2005 11:47:46 -0400
Subject: [nycbug-talk] Anyone want a Tektronix Phaser 850?
In-Reply-To: <200505171028.37143.gb.nycbug.org@olivesandhoney.com>
References: <200505171028.37143.gb.nycbug.org@olivesandhoney.com>
Message-ID: <20050517154745.GB14941@sixshooter.v6.thrupoint.net>

* George Bourozikas <gb.nycbug.org at olivesandhoney.com> [2005-05-17 10:45]:
> A client of mine is throwing it out...
> 
> - Needs minor repair (the top cover has a broken hinge)
> 
> - Worked great till then
> 
> - Has ethernet port
> 
> - Has to be picked up at 39th and 6th (around Bryant Park) during
> business hours
> 
> - First one to reply (off-list) gets it
> 
> --george


If nobody else is interested, I'll take it.

Best Regards,
Jim B.




From steve  Tue May 17 14:10:34 2005
From: steve (steve Rieger)
Date: Tue, 17 May 2005 14:10:34 -0400
Subject: [nycbug-talk] VGA Video splitter question
Message-ID: <aa4bcde63502dc54c8388265eb935b27@n2sw.com>

as a last resource


i NEED to have a 8 way video splitter for thursday for a presentation, 
called allover betwix here and india none to be found on such short 
notice. if any of you have one i will pay you handsomely for a 2 day 
rental. min 8 way and am looking for 2 devices





From gb.nycbug.org  Tue May 17 20:03:39 2005
From: gb.nycbug.org (George Bourozikas)
Date: Tue, 17 May 2005 20:03:39 -0400
Subject: [nycbug-talk] Anyone want a Tektronix Phaser 850?
In-Reply-To: <200505171028.37143.gb.nycbug.org@olivesandhoney.com>
References: <200505171028.37143.gb.nycbug.org@olivesandhoney.com>
Message-ID: <200505172003.39349.gb.nycbug.org@olivesandhoney.com>

This printer is now taken.

--george



From o_sleep  Wed May 18 07:29:30 2005
From: o_sleep (Bjorn Nelson)
Date: Wed, 18 May 2005 07:29:30 -0400
Subject: [nycbug-talk] solaris (OT)
In-Reply-To: <e81fb1d95dee38b97088b8ce10e1e6f1@n2sw.com>
References: <e81fb1d95dee38b97088b8ce10e1e6f1@n2sw.com>
Message-ID: <0B489030-7989-4AC9-AE70-AE3D67FF6A7C@belovedarctos.com>

Steve,

On May 17, 2005, at 9:48 AM, steve Rieger wrote:

> hi all
>
> if anybody on this list wants to learn solaris the hard way drop me  
> a line i have some hardware for you.

Would you like to donate it to CIS Society, a computer club at Baruch  
College (CUNY)?  We have a bunch of students that probably couldn't  
tell the difference between the company and the great ball in they sky.

http://www.cissociety.org

-Bjorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nycbug.org/pipermail/talk/attachments/20050518/104f54b1/attachment.html 


From unixenigma  Thu May 19 13:09:09 2005
From: unixenigma (G T)
Date: Thu, 19 May 2005 10:09:09 -0700 (PDT)
Subject: [nycbug-talk] OpenBSD 3.7
Message-ID: <20050519170909.88215.qmail@web53907.mail.yahoo.com>

Hey!

OpenBSD 3.7 is out! Grab/Buy a copy! &#61514;

Peace.

GT



	
		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - You care about security. So do we. 
http://promotions.yahoo.com/new_mail



From lists  Thu May 19 13:12:10 2005
From: lists (michael)
Date: Thu, 19 May 2005 13:12:10 -0400
Subject: [nycbug-talk] OpenBSD 3.7
In-Reply-To: <20050519170909.88215.qmail@web53907.mail.yahoo.com>
References: <20050519170909.88215.qmail@web53907.mail.yahoo.com>
Message-ID: <20050519131210.041c1f46@delinux.abwatley.com>

On Thu, 19 May 2005 10:09:09 -0700 (PDT)
G T <unixenigma at yahoo.com> wrote:

> Hey!
> 
> OpenBSD 3.7 is out! Grab/Buy a copy! &#61514;
> 
> Peace.
> 
> GT


Or, if you went to BSDCan, reach across the desk and touch it.
Michael

-- 
---



From mickey  Thu May 19 13:10:12 2005
From: mickey (Michael Shalayeff)
Date: Thu, 19 May 2005 13:10:12 -0400 (EDT)
Subject: [nycbug-talk] OpenBSD 3.7
In-Reply-To: <20050519131210.041c1f46@delinux.abwatley.com> from michael at
	"May 19, 2005 01:12:10 pm"
Message-ID: <200505191710.j4JHACtc021111@lucifier.net>

Making, drinking tea and reading an opus magnum from michael:
> On Thu, 19 May 2005 10:09:09 -0700 (PDT)
> G T <unixenigma at yahoo.com> wrote:
> 
> > Hey!
> > 
> > OpenBSD 3.7 is out! Grab/Buy a copy! &#61514;
> > 
> > Peace.
> > 
> > GT
> 
> 
> Or, if you went to BSDCan, reach across the desk and touch it.
> Michael

i actually went into the basement and touched it (:

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From ike  Thu May 19 14:15:03 2005
From: ike (Isaac Levy)
Date: Thu, 19 May 2005 14:15:03 -0400
Subject: [nycbug-talk] OpenBSD 3.7
In-Reply-To: <200505191710.j4JHACtc021111@lucifier.net>
References: <200505191710.j4JHACtc021111@lucifier.net>
Message-ID: <1a63999c923f375d94d2d55733413c85@lesmuug.org>

On May 19, 2005, at 1:10 PM, Michael Shalayeff wrote:

>> Or, if you went to BSDCan, reach across the desk and touch it.
>> Michael
>
> i actually went into the basement and touched it (:
>
> cu

Went across town to my super-secret underground bunker and opened the 
vault to touch the CDs.

Made me re-think the sanity of my personal security policies, but I did 
get to see some of the sunny day here...

Rocket-
.ike




From lists  Thu May 19 15:08:52 2005
From: lists (michael)
Date: Thu, 19 May 2005 15:08:52 -0400
Subject: [nycbug-talk] transfer speed
Message-ID: <20050519150852.5e220ecc@delinux.abwatley.com>

All, 

I have a quick network question.  

I have two boxes on the same subnet connected to the same switch.  When
I scp a 3.2M file back and forth between them I get wildly different
transfer rates. 

A=Linux 2.6.6-rc1
B=FreeBSD 5.3-RELEASE-p10

A=>B: 100% 3272KB  55.5KB/s  00:59 
B=>A: 100% 3272KB   3.2MB/s   00:00

What could cause that? What data should I collect to help me answer
that?

Thanks,
Michael
-- 
---



From alex  Thu May 19 14:09:26 2005
From: alex (alex at pilosoft.com)
Date: Thu, 19 May 2005 14:09:26 -0400 (EDT)
Subject: [nycbug-talk] transfer speed
In-Reply-To: <20050519150852.5e220ecc@delinux.abwatley.com>
Message-ID: <Pine.LNX.4.44.0505191409150.27595-100000@bawx.pilosoft.com>

On Thu, 19 May 2005, michael wrote:

> What could cause that? What data should I collect to help me answer
> that?
one word: duplex.

-alex




From george  Thu May 19 17:06:09 2005
From: george (George Georgalis)
Date: Thu, 19 May 2005 17:06:09 -0400
Subject: safecat hardlinks Re: [nycbug-talk] dying for details
In-Reply-To: <57d710000505162132912a7fe@mail.gmail.com>
References: <57d710000505162132912a7fe@mail.gmail.com>
Message-ID: <20050519210609.GA15047@sta.local>

Hi Pete,

On Mon, May 16, 2005 at 09:32:18PM -0700, pete wright wrote:
>Ok guy's I'm sure you all have had time to re-coup.  So how was
>BSDCan?!?!?  I'm especially dying to know how it went due to my
>unexpected situation here preventing me from going.  I need details :)

The conference was great, but being away from a computer (no laptop)
while hearing about so many interesting things, has put me 2x behind and
unfortunately lagging in promised followups...

Really sorry you couldn't make it, Pete; aside from your absence, there
where no problems though. George paid on his credit card, I still owe
him my share for that. Don't know what the others worked out.

Oh, getting the car from the hotel parking lot, and parking across the
street for Sun breakfast. took about an hour, next time we'll know
better.

So now I return to my new found problems.... eg

How do you deposit a mail into two separate maildirs using one 'file'
and two hardlinks? ie, use safecat to put it in a maildir, and hardlink
it to another maildir?

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From george  Thu May 19 17:39:14 2005
From: george (George Georgalis)
Date: Thu, 19 May 2005 17:39:14 -0400
Subject: safecat hardlinks Re: [nycbug-talk] dying for details
In-Reply-To: <20050519210609.GA15047@sta.local>
References: <57d710000505162132912a7fe@mail.gmail.com>
	<20050519210609.GA15047@sta.local>
Message-ID: <20050519213914.GB15047@sta.local>

On Thu, May 19, 2005 at 05:06:09PM -0400, George Georgalis wrote:
>
>How do you deposit a mail into two separate maildirs using one 'file'
>and two hardlinks? ie, use safecat to put it in a maildir, and hardlink
>it to another maildir?
>

...well this is a little crude, but should be acceptable, I don't
_expect_ name collision to actually occur anyway...

# do spamd check
score=`spamc -x -c <"$tmp"` # score it with spamd
exitstat=$?
case $exitstat in
1) # spam 
        sipd="$scq/IP/`echo $TCPREMOTEIP | sed 's|\.|/|g'`/`hostname`" # an IP/host name
        mkdir -p $sipd/{new,cur,tmp} # make an IP/host named maildir
        printf "$TCPREMOTEIP\t`date +%Y.%m.%d.%H%M.%S`\t`date -R`\n" >>$sipd/date # keep track
        # keep a copy for manual checks and keep a copy for statistics
        ln "$tmp" "$sipd/new/" && ln "$tmp" "$scd/new/" \
                || { rm -f "$tmp" "$sipd/new/$tmp" "$scd/new/$tmp" ; exit 71 ;} # temporarily refuse on name collision
        rm "$tmp"
        exit 31
;;

...better ideas?

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From o_sleep  Thu May 19 21:28:56 2005
From: o_sleep (Bjorn Nelson)
Date: Thu, 19 May 2005 21:28:56 -0400
Subject: [nycbug-talk] transfer speed
In-Reply-To: <20050519150852.5e220ecc@delinux.abwatley.com>
References: <20050519150852.5e220ecc@delinux.abwatley.com>
Message-ID: <71030402-DEF7-42EB-877B-2CAC7A4A5482@belovedarctos.com>

Michael,

On May 19, 2005, at 3:08 PM, michael wrote:

> All,
>
> I have a quick network question.
>
> I have two boxes on the same subnet connected to the same switch.   
> When
> I scp a 3.2M file back and forth between them I get wildly different
> transfer rates.
>
> A=Linux 2.6.6-rc1
> B=FreeBSD 5.3-RELEASE-p10
>
> A=>B: 100% 3272KB  55.5KB/s  00:59
> B=>A: 100% 3272KB   3.2MB/s   00:00
>
> What could cause that? What data should I collect to help me answer
> that?

ssh is fairly cpu intensive.  Are you sure there wasn't anything  
running in the background while you were doing the first transfer?   
scp is pretty bad for measuring throughput, you might want to to try  
to test throughput using http, ftp, or rsh.

-Bjorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nycbug.org/pipermail/talk/attachments/20050519/093b624a/attachment.html 


From nomadlogic  Thu May 19 21:47:25 2005
From: nomadlogic (pete wright)
Date: Thu, 19 May 2005 18:47:25 -0700
Subject: [nycbug-talk] transfer speed
In-Reply-To: <71030402-DEF7-42EB-877B-2CAC7A4A5482@belovedarctos.com>
References: <20050519150852.5e220ecc@delinux.abwatley.com>
	<71030402-DEF7-42EB-877B-2CAC7A4A5482@belovedarctos.com>
Message-ID: <57d71000050519184768ae637@mail.gmail.com>

On 5/19/05, Bjorn Nelson <o_sleep at belovedarctos.com> wrote:
> Michael,
> 
> 
> On May 19, 2005, at 3:08 PM, michael wrote:
> 
> All, 
> 
> I have a quick network question.  
> 
> I have two boxes on the same subnet connected to the same switch.  When
> I scp a 3.2M file back and forth between them I get wildly different
> transfer rates. 
> 
> A=Linux 2.6.6-rc1
> B=FreeBSD 5.3-RELEASE-p10
> 
> A=>B: 100% 3272KB  55.5KB/s  00:59 
> B=>A: 100% 3272KB   3.2MB/s   00:00
> 
> What could cause that? What data should I collect to help me answer
> that?
> ssh is fairly cpu intensive.  Are you sure there wasn't anything running in
> the background while you were doing the first transfer?  scp is pretty bad
> for measuring throughput, you might want to to try to test throughput using
> http, ftp, or rsh.
> 

or better yet ttcp.

-p

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From lists  Fri May 20 07:50:23 2005
From: lists (michael)
Date: Fri, 20 May 2005 07:50:23 -0400
Subject: [nycbug-talk] OBSD in NYC
Message-ID: <20050520075023.5a89e985@delinux.abwatley.com>

Nice job on the NYC OpenBSD mirror. That connection rocks!
ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.7/    

Thanks to NYI, those that made it happen, and those that set up the box.
Michael

-- 
---



From lists  Fri May 20 10:20:47 2005
From: lists (michael)
Date: Fri, 20 May 2005 10:20:47 -0400
Subject: [nycbug-talk] spamd
Message-ID: <20050520102047.767c5c81@delinux.abwatley.com>

Before I post to misc, I wanted to check with NYCBUG.

I am updating a mail gateway that runs with tools added to fight spam:
amavisd-clamav-spamassassin-etc. I have been pretty satisfied with the
results.  Now, I am going to add spamd(8) to the mix and wanted
opinions.  Do I really need to run all that extra stuff? 

I know "more layers" is "more protection" but that is a LOT of perl
modules.  This would also require a lot of extra packages, some are
required to be built from source due to licencing issues.  All that
would have to be maintained...

That extra stuff also means extra cycles and extra time during EVERY
SMTP conversation; ultimately slowing down the gateway.

I suppose I could just do spamd and measure the results myself, but I
was wondering if someone else has been there / done that.

Thoughts?
Michael

-- 
---



From nycbug  Fri May 20 11:05:29 2005
From: nycbug (Ray)
Date: Fri, 20 May 2005 11:05:29 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520102047.767c5c81@delinux.abwatley.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
Message-ID: <20050520150529.GB19679@syntax.cyth.net>

On Fri, May 20, 2005 at 10:20:47AM -0400, michael wrote:
> I am updating a mail gateway that runs with tools added to fight spam:
> amavisd-clamav-spamassassin-etc. I have been pretty satisfied with the
> results.  Now, I am going to add spamd(8) to the mix and wanted
> opinions.  Do I really need to run all that extra stuff? 

I'm assuming you mean OpenBSD's spam trapping daemon and not the
spamd that comes with SpamAssassin.

spamd (with greylisting) cuts down spam a lot.  A LOT.  And it's
lightweight, much more lightweight than spamassassin, which will
ease your load overall.

> I know "more layers" is "more protection" but that is a LOT of perl
> modules.  This would also require a lot of extra packages, some are
> required to be built from source due to licencing issues.  All that
> would have to be maintained...

spamd is not a perl module.

> That extra stuff also means extra cycles and extra time during EVERY
> SMTP conversation; ultimately slowing down the gateway.

spamd will reduce the amount of spam that has to be filtered, cutting
down the SMTP conversations that will happen with your mail server.

> I suppose I could just do spamd and measure the results myself, but I
> was wondering if someone else has been there / done that.

I use spamd exclusively and get about ten spam a day now.  Before
that I got several hundred.  If I used any other filtering methods
I could probably remove those ten as well, but it's come to a point
where it just doesn't bother me anymore.  Simplicity is best.



From tillman  Fri May 20 11:28:01 2005
From: tillman (Tillman Hodgson)
Date: Fri, 20 May 2005 09:28:01 -0600
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520150529.GB19679@syntax.cyth.net>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
Message-ID: <20050520152801.GU52650@seekingfire.com>

On Fri, May 20, 2005 at 11:05:29AM -0400, Ray wrote:
> On Fri, May 20, 2005 at 10:20:47AM -0400, michael wrote:
> > I am updating a mail gateway that runs with tools added to fight spam:
> > amavisd-clamav-spamassassin-etc. I have been pretty satisfied with the
> > results.  Now, I am going to add spamd(8) to the mix and wanted
> > opinions.  Do I really need to run all that extra stuff? 
> 
> I'm assuming you mean OpenBSD's spam trapping daemon and not the
> spamd that comes with SpamAssassin.

Just otu of curiousity, is /usr/ports/mail/spamd on FreeBSD yet a
third spamd? Or is it the same thing as the OpenBSD spamd?

The web site from pkg-descr is http://www.benzedrine.cx/relaydb.html if
that helps.

-T


-- 
Page xxviii: I am sure that no one ever decides to learn Unix just to
experience beauty. We choose to use Unix for practical reasons:  to do
our work (or to play the games). But the wonderful thing is that the
beauty comes by itself.
	- Harley Hahn, _The Unix Companion_



From tillman  Fri May 20 11:34:38 2005
From: tillman (Tillman Hodgson)
Date: Fri, 20 May 2005 09:34:38 -0600
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520152801.GU52650@seekingfire.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
	<20050520152801.GU52650@seekingfire.com>
Message-ID: <20050520153438.GV52650@seekingfire.com>

On Fri, May 20, 2005 at 09:28:01AM -0600, Tillman Hodgson wrote:
> Just out of curiousity, is /usr/ports/mail/spamd on FreeBSD yet a
> third spamd? Or is it the same thing as the OpenBSD spamd?
> 
> The web site from pkg-descr is http://www.benzedrine.cx/relaydb.html if
> that helps.

Answering my own question, it appears to be the same thing as the
OpenBSD spamd with some extra bits wrapped around it.

-T


-- 
"Our opinions become fixed at the point where we stopped thinking."
    -- Renan



From lists  Fri May 20 11:54:07 2005
From: lists (michael)
Date: Fri, 20 May 2005 11:54:07 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520150529.GB19679@syntax.cyth.net>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
Message-ID: <20050520115407.003aacdd@delinux.abwatley.com>

On Fri, 20 May 2005 11:05:29 -0400
Ray <nycbug at cyth.net> wrote:

> I use spamd exclusively and get about ten spam a day now.  Before
> that I got several hundred.  If I used any other filtering methods
> I could probably remove those ten as well, but it's come to a point
> where it just doesn't bother me anymore.  Simplicity is best.

yea, I wasn't clear.  I meant OpenBSD spamd (trap, pit, etc) as a
replacement for all the other stuff I was doing.  The above testimony
was what I was looking for.  

My concerns are: Is spamd alone enough? By design, spamd delays email
from first time senders.  Is that acceptable to users in a coporate
environment?  Obviously, I would set up a white list of known senders
to begin with.

Does anyone run it, and the greylisting, exclusively?

Michael

-- 
---


-- 
---



From bruno  Fri May 20 13:14:58 2005
From: bruno (bruno)
Date: Fri, 20 May 2005 13:14:58 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520115407.003aacdd@delinux.abwatley.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
	<20050520115407.003aacdd@delinux.abwatley.com>
Message-ID: <20050520171457.GI5814@loftmail.com>

On Fri, May 20, 2005 at 11:54:07AM -0400, michael wrote:
> On Fri, 20 May 2005 11:05:29 -0400
> Ray <nycbug at cyth.net> wrote:
> 
> > I use spamd exclusively and get about ten spam a day now.  Before
> > that I got several hundred.  If I used any other filtering methods
> > I could probably remove those ten as well, but it's come to a point
> > where it just doesn't bother me anymore.  Simplicity is best.
> 
> yea, I wasn't clear.  I meant OpenBSD spamd (trap, pit, etc) as a
> replacement for all the other stuff I was doing.  The above testimony
> was what I was looking for.  
> 
> My concerns are: Is spamd alone enough? By design, spamd delays email
> from first time senders.  Is that acceptable to users in a coporate
> environment?  Obviously, I would set up a white list of known senders
> to begin with.
> 
> Does anyone run it, and the greylisting, exclusively?

No, but it helps a lot. If you have to run one thing, run spamd.
But running a combination is better..

Bruno
--
Free Secure Email
http://www.loftmail.com



From nomadlogic  Fri May 20 13:48:19 2005
From: nomadlogic (pete wright)
Date: Fri, 20 May 2005 10:48:19 -0700
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520102047.767c5c81@delinux.abwatley.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
Message-ID: <57d710000505201048a5954a6@mail.gmail.com>

On 5/20/05, michael <lists at genoverly.net> wrote:
> Before I post to misc, I wanted to check with NYCBUG.
> 
> I am updating a mail gateway that runs with tools added to fight spam:
> amavisd-clamav-spamassassin-etc. I have been pretty satisfied with the
> results.  Now, I am going to add spamd(8) to the mix and wanted
> opinions.  Do I really need to run all that extra stuff?
> 
> I know "more layers" is "more protection" but that is a LOT of perl
> modules.  This would also require a lot of extra packages, some are
> required to be built from source due to licencing issues.  All that
> would have to be maintained...
> 
> That extra stuff also means extra cycles and extra time during EVERY
> SMTP conversation; ultimately slowing down the gateway.
> 
> I suppose I could just do spamd and measure the results myself, but I
> was wondering if someone else has been there / done that.
> 
> Thoughts?
> Michael
> 

As an aside michael,
    if you run the other spamd (spam assassin's daemonized version)
this may help you with the overall load of running the perl scripts. 
While it takes a different approach than OBSD's spamd, they may work
together nicely.  And because it is loaded as a daemon, and apperently
is more efficient in filtering under load from what i have read, it
may allow to run both options without too much perfomance degradation.


-p

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From nomadlogic  Fri May 20 13:49:32 2005
From: nomadlogic (pete wright)
Date: Fri, 20 May 2005 10:49:32 -0700
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <20050520075023.5a89e985@delinux.abwatley.com>
References: <20050520075023.5a89e985@delinux.abwatley.com>
Message-ID: <57d710000505201049164c2811@mail.gmail.com>

On 5/20/05, michael <lists at genoverly.net> wrote:
> Nice job on the NYC OpenBSD mirror. That connection rocks!
> ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.7/
> 
> Thanks to NYI, those that made it happen, and those that set up the box.
> Michael

hey can we get a load average on this guy?  i'm pretty excited about
these machines being up and running.  which reminds me i have a lot of
work to do on my end of this ;)

-p



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From george  Fri May 20 14:04:52 2005
From: george (George)
Date: Fri, 20 May 2005 14:04:52 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <57d710000505201049164c2811@mail.gmail.com>
References: <20050520075023.5a89e985@delinux.abwatley.com>
	<57d710000505201049164c2811@mail.gmail.com>
Message-ID: <428E26C4.30506@sddi.net>

pete wright wrote:

>On 5/20/05, michael <lists at genoverly.net> wrote:
>  
>
>>Nice job on the NYC OpenBSD mirror. That connection rocks!
>>ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.7/
>>
>>Thanks to NYI, those that made it happen, and those that set up the box.
>>Michael
>>    
>>
>
>hey can we get a load average on this guy?  i'm pretty excited about
>these machines being up and running.  which reminds me i have a lot of
>work to do on my end of this ;)
>  
>
bandwidth, or do you just mean top? <g>

nyi is going to provide us with usage stats.  . . gotta get that sorted out.

mickey@ admins the obsd box. . .

this is all awesome, since we started out from the beginning trying to 
figure out how we could concretely assist the projects, and this is 
certainly doing that.  the other projects are aware and okan/i have had 
continuing discussions with scott long, christos, matt dillon, plus i 
offered 2u to Kirk. . . who may take it up. . .

g



From lists  Fri May 20 14:47:32 2005
From: lists (michael)
Date: Fri, 20 May 2005 14:47:32 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520171457.GI5814@loftmail.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
	<20050520115407.003aacdd@delinux.abwatley.com>
	<20050520171457.GI5814@loftmail.com>
Message-ID: <20050520144732.0eb0ae36@delinux.abwatley.com>

On Fri, 20 May 2005 13:14:58 -0400
bruno <bruno at loftmail.com> wrote:

> No, but it helps a lot. If you have to run one thing, run spamd.
> But running a combination is better..

Ah, bruno.. you run a large email installation on OBSD.  Besides
spamd(8), what tools do you use to reduce UCE?
Michael

-- 
---



From bruno  Fri May 20 15:10:13 2005
From: bruno (bruno)
Date: Fri, 20 May 2005 15:10:13 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520144732.0eb0ae36@delinux.abwatley.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
	<20050520115407.003aacdd@delinux.abwatley.com>
	<20050520171457.GI5814@loftmail.com>
	<20050520144732.0eb0ae36@delinux.abwatley.com>
Message-ID: <20050520191013.GN5814@loftmail.com>

On Fri, May 20, 2005 at 02:47:32PM -0400, michael wrote:
> On Fri, 20 May 2005 13:14:58 -0400
> bruno <bruno at loftmail.com> wrote:
> 
> > No, but it helps a lot. If you have to run one thing, run spamd.
> > But running a combination is better..
> 
> Ah, bruno.. you run a large email installation on OBSD.  Besides
> spamd(8), what tools do you use to reduce UCE?

We use MIMEDefang, SpamAssassin and milter-regex.



From nomadlogic  Fri May 20 15:30:21 2005
From: nomadlogic (pete wright)
Date: Fri, 20 May 2005 12:30:21 -0700
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <428E26C4.30506@sddi.net>
References: <20050520075023.5a89e985@delinux.abwatley.com>
	<57d710000505201049164c2811@mail.gmail.com> <428E26C4.30506@sddi.net>
Message-ID: <57d7100005052012306396f9b5@mail.gmail.com>

On 5/20/05, George <george at sddi.net> wrote:
> pete wright wrote:
> 
> >On 5/20/05, michael <lists at genoverly.net> wrote:
> >
> >
> >>Nice job on the NYC OpenBSD mirror. That connection rocks!
> >>ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.7/
> >>
> >>Thanks to NYI, those that made it happen, and those that set up the box.
> >>Michael
> >>
> >>
> >
> >hey can we get a load average on this guy?  i'm pretty excited about
> >these machines being up and running.  which reminds me i have a lot of
> >work to do on my end of this ;)
> >
> >
> bandwidth, or do you just mean top? <g>
> 
> nyi is going to provide us with usage stats.  . . gotta get that sorted out.
> 

oh yea forgot about that.  that'll be nice, i'm just curious and
shoot, i guess i'm a fan of fancy graphs and raw data ;p

> mickey@ admins the obsd box. . .
> 
> this is all awesome, since we started out from the beginning trying to
> figure out how we could concretely assist the projects, and this is
> certainly doing that.  the other projects are aware and okan/i have had
> continuing discussions with scott long, christos, matt dillon, plus i
> offered 2u to Kirk. . . who may take it up. . .
> 

execellent, but who is this kirk guy and why does he get 2u ;)  ok
i'll stop being a wise ass now.

-pete



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From george  Fri May 20 15:35:05 2005
From: george (George)
Date: Fri, 20 May 2005 15:35:05 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <57d7100005052012306396f9b5@mail.gmail.com>
References: <20050520075023.5a89e985@delinux.abwatley.com>	
	<57d710000505201049164c2811@mail.gmail.com>
	<428E26C4.30506@sddi.net>
	<57d7100005052012306396f9b5@mail.gmail.com>
Message-ID: <428E3BE9.5090409@sddi.net>

pete wright wrote:

> <snip>


>  
>
>>mickey@ admins the obsd box. . .
>>
>>this is all awesome, since we started out from the beginning trying to
>>figure out how we could concretely assist the projects, and this is
>>certainly doing that.  the other projects are aware and okan/i have had
>>continuing discussions with scott long, christos, matt dillon, plus i
>>offered 2u to Kirk. . . who may take it up. . .
>>
>>    
>>
>
>execellent, but who is this kirk guy and why does he get 2u ;)  ok
>i'll stop being a wise ass now.
>  
>
for those not in the loop, kirk mckusick is one of the original CSRG 
developers from U of C.  Author of the Design and Implementation of 
FreeBSD, etc. . .

g



From mickey  Fri May 20 16:59:28 2005
From: mickey (Michael Shalayeff)
Date: Fri, 20 May 2005 16:59:28 -0400 (EDT)
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <57d710000505201049164c2811@mail.gmail.com> from pete wright at
	"May 20, 2005 10:49:32 am"
Message-ID: <200505202059.j4KKxSwP010060@lucifier.net>

Making, drinking tea and reading an opus magnum from pete wright:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
> On 5/20/05, michael <lists at genoverly.net> wrote:
> > Nice job on the NYC OpenBSD mirror. That connection rocks!
> > ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.7/
> > 
> > Thanks to NYI, those that made it happen, and those that set up the box.
> > Michael
> 
> hey can we get a load average on this guy?  i'm pretty excited about
> these machines being up and running.  which reminds me i have a lot of
> work to do on my end of this ;)

in times of about 40 ftp clients all doing together
a bit more than 10m/s ldav was around 2 but then
what the fuck does it matter really ? (:

cu

-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From george  Fri May 20 17:22:10 2005
From: george (George)
Date: Fri, 20 May 2005 17:22:10 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <200505202059.j4KKxSwP010060@lucifier.net>
References: <200505202059.j4KKxSwP010060@lucifier.net>
Message-ID: <428E5502.7000205@sddi.net>


>>hey can we get a load average on this guy?  i'm pretty excited about
>>these machines being up and running.  which reminds me i have a lot of
>>work to do on my end of this ;)
> 
> 
> in times of about 40 ftp clients all doing together
> a bit more than 10m/s ldav was around 2 but then
> what the fuck does it matter really ? (:

Mickey. . . an FYI. . .  petee is in Cali now. . . they have so many 
things to worry about (earthquakes, tsunamis, cults, organic nature of 
their food) that they now look for other things to worry about.

he's not really one of us any more. . . particularly not like you and 
me.  ;-)

g



From ike  Fri May 20 17:42:25 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 17:42:25 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <428E5502.7000205@sddi.net>
References: <200505202059.j4KKxSwP010060@lucifier.net>
	<428E5502.7000205@sddi.net>
Message-ID: <6859947bea590a4622eb62f9a3beb068@lesmuug.org>

On May 20, 2005, at 5:22 PM, George wrote:

> Mickey. . . an FYI. . .  petee is in Cali now. . . they have so many 
> things to worry about (earthquakes, tsunamis, cults, organic nature of 
> their food) that they now look for other things to worry about.
>
> he's not really one of us any more. . . particularly not like you and 
> me.  ;-)
>
> g

I'll take issue with this one Gman-

LA is not quite NYC*BUG flavor, but Pete sure as hell is one of us IMO- 
even if he has to adapt to his surroundings out there.  One of us minus 
direct access to bagels, that's all <g>.

Rocket-
.ike




From george  Fri May 20 17:41:13 2005
From: george (George)
Date: Fri, 20 May 2005 17:41:13 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <6859947bea590a4622eb62f9a3beb068@lesmuug.org>
References: <200505202059.j4KKxSwP010060@lucifier.net>
	<428E5502.7000205@sddi.net>
	<6859947bea590a4622eb62f9a3beb068@lesmuug.org>
Message-ID: <428E5979.30801@sddi.net>

Isaac Levy wrote:
> On May 20, 2005, at 5:22 PM, George wrote:
> 
>> Mickey. . . an FYI. . .  petee is in Cali now. . . they have so many 
>> things to worry about (earthquakes, tsunamis, cults, organic nature of 
>> their food) that they now look for other things to worry about.
>>
>> he's not really one of us any more. . . particularly not like you and 
>> me.  ;-)
>>
>> g
> 
> 
> I'll take issue with this one Gman-
> 
> LA is not quite NYC*BUG flavor, but Pete sure as hell is one of us IMO- 
> even if he has to adapt to his surroundings out there.  One of us minus 
> direct access to bagels, that's all <g>.

pizza.

of course petee is one of us. . . it's just his creeping 70's-ish 
paranoia that's so so california. . .

g



From ike  Fri May 20 17:47:40 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 17:47:40 -0400
Subject: [nycbug-talk] OBSD in NYC
In-Reply-To: <428E5979.30801@sddi.net>
References: <200505202059.j4KKxSwP010060@lucifier.net>
	<428E5502.7000205@sddi.net>
	<6859947bea590a4622eb62f9a3beb068@lesmuug.org>
	<428E5979.30801@sddi.net>
Message-ID: <d83aff28199e8a9e19d1b2e63983f16c@lesmuug.org>

On May 20, 2005, at 5:41 PM, George wrote:

> pizza.

Dude- I swear, I had this insane Pizza in Ottawa last Wedsday-  ;)

>
> of course petee is one of us. . . it's just his creeping 70's-ish 
> paranoia that's so so california. . .

digit - I missed that- /me shrugs

Rocket-
.ike





From george  Fri May 20 19:15:37 2005
From: george (George Georgalis)
Date: Fri, 20 May 2005 19:15:37 -0400
Subject: [nycbug-talk] spamd
In-Reply-To: <20050520115407.003aacdd@delinux.abwatley.com>
References: <20050520102047.767c5c81@delinux.abwatley.com>
	<20050520150529.GB19679@syntax.cyth.net>
	<20050520115407.003aacdd@delinux.abwatley.com>
Message-ID: <20050520231537.GA20053@sta.local>

On Fri, May 20, 2005 at 11:54:07AM -0400, michael wrote:
>On Fri, 20 May 2005 11:05:29 -0400
>Ray <nycbug at cyth.net> wrote:
>
>> I use spamd exclusively and get about ten spam a day now.  Before
>> that I got several hundred.  If I used any other filtering methods
>> I could probably remove those ten as well, but it's come to a point
>> where it just doesn't bother me anymore.  Simplicity is best.
>
>yea, I wasn't clear.  I meant OpenBSD spamd (trap, pit, etc) as a
>replacement for all the other stuff I was doing.  The above testimony
>was what I was looking for.  
>
>My concerns are: Is spamd alone enough? By design, spamd delays email
>from first time senders.  Is that acceptable to users in a coporate
>environment?  Obviously, I would set up a white list of known senders
>to begin with.


I'm not to a point where I can try spamd yet, but I'm going to try it in
front of my existing (IP blacklist and content during SMTP) systems. I
think the grey list time is configurable, and given the graph of
disconnect times in the slide:

http://tiva.galis.org/tmp/img_4112.jpg

If you only grey list an IP for 75 seconds, most of the spammers will
permanently give up. So the real question is, how long before the
new ham shows up again? Qmail comes back to temporary failures with
exponential delays, so the first reconnects are not long at all. I don't
know how postfix or sendmail schedule their re-attempts.

But that's the rub. Do you really want to delay new senders, 2 or 60
minutes to reduce your spam load?

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From ike  Fri May 20 20:49:12 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:49:12 -0400
Subject: [nycbug-talk] BSDCan ike-notes coming
Message-ID: <3ed244d645548e90cb5c3fc95f8fa787@lesmuug.org>

Hi All,

So what a Conference.  BSDCan this year was so amazing, with so much to 
do, and so many BSD people to talk to, that I sadly didn't make time to 
report on the conference *during* the conference.

I understand more notes are going up on the BSDCan website:
http://www.bsdcan.org/

With that, after a super-busy week returning home, emails which will 
immeadiately follow this one are the 'ike-notes' on the conference, (a 
bit heavy on the FreeBSD end of things, as a lot of my day-to-day 
relies heavily on FreeBSD...)  I thought I'd break them up, so folks 
could skip and skim a bit easier, sorry if this annoys anyone.

My sincerest apologies to everyone for the faulty weather report, it 
got much colder in Ottawa after my report on Tuesday- and my thanks to 
everyone who brought me tobacco!

Here comes emails...
.ike




From ike  Fri May 20 20:51:39 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:51:39 -0400
Subject: [nycbug-talk] BSDCan ike-notes - Kernel Debugging Workshop
Message-ID: <d503b57c72ce2158cb4e7dc694874f8e@lesmuug.org>

More BSDCan ike-notes,

Kernel Debugging with Greg Lehey:
http://www.bsdcan.org/2005/activity.php?id=68

I had the pleasure of attending Greg Lehey's 'Kernel Debugging 
Workshop', which happened on the Wednesday preceding the regular 
conference schedule- and it was great.  I live in user-space for most 
of my development work and hacking life, so it was a real eye-opener to 
dive into the Kernel for an entire day... a lot of heavy information to 
take in all at once :)
One of the most striking things about this lecture was that Greg uses 
Firewire for debugging, insomuch as firewire PCI cards are cheaper than 
serial, and MUCH faster.  Firewire gives direct access to system 
memory, so it's great for debugging.  Mr. Lehey's 'most correct' 
lecture notes are available online, and are currently the most 
definitive documentation available on debugging BSD kernels:

http://www.lemis.com/grog/Papers/Debug-tutorial/tutorial.pdf
1.2mb PDF


Rocket,
.ike




From ike  Fri May 20 20:52:01 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:52:01 -0400
Subject: [nycbug-talk] BSDCan ike-notes - SMPng, TrustedBSD AuditLogging
Message-ID: <ce78e0bc211193fc39cbbd2b69b4840d@lesmuug.org>

More BSDCan ike-notes,

Robert Watson gave 2 great presentations, one on SMPng, the FreeBSD 
Network Stack, where he discussed the accomplishments and current 
challenges for improving SMP on FreeBSD at a low level.  Watson, and 
the folks working on SMP, REALLY have their work cut out for them here- 
and their general direction is really solid.  For me, it was cool to 
see dev. details for things I rarely think about- because they just 
work :)
His second lecture, "TrustedBSD Audit: BSM Security Event Logging for 
FreeBSD", was REALLY eye-opening.  Basically, this work revolves around 
creating hooks in the kernel which allow for total event logging for 
system activities.  Every time a file is touched, a process started, 
etc...
2 historical notes struck me, first being this was implemented long ago 
in SunOS, according to US military specifications.  Second, that Apple 
hired McAffe Research, (where Robert Watson works), to impliment this 
work in Darwin 8, (OSX Tiger), for use with Spotlight! (was anyone but 
me wondering how this worked?).  Apple was convinced to release the 
code under a BSD (*not* APSL) license, and this TrustedBSD project code 
is to be merged into FreeBSD 6.0.  Now THAT's cool, and a great example 
of how Apple is contributing back to the Open Source community!!! (Too 
bad apple marketing doesn't talk about low-level open source dev :)
More info:
http://www.trustedbsd.org/


Rocket-
.ike




From ike  Fri May 20 20:52:05 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:52:05 -0400
Subject: [nycbug-talk] BSDCan-ikenotes - 'ioctl is soooo 1980s'
Message-ID: <b41c91e81e609f9d8e82dabde2a01790@lesmuug.org>

More BSDCan ike-notes,

Poul-Henning Kamp was everywhere it seemed, he gave a great 
presentation titled 'ioctl is just soooo 1980ies', (slides included a 
picture of the A-Team, among other important 80's ideas/ideals).  With 
that, he went through a history of the ioctl system call, it's 
importance, it's kludginess, and his proposed solutions- which are 
closely tied to his other abstraction-type works in GEOM.
Coming soon to a FreeBSD Kernel near you, g_ctl and nmount.  Basically, 
to summarize a fairly complicated topic, PHK is trying to abstract 
every device, and provide a unified interface through the kernel to 
devices.  Cool stuff- can't wait until the dust starts to settle on 
this stuff... :)

The lecture slides are here:
http://phk.freebsd.dk/pubs/bsdcan2005_ioctl.pdf

- Personal sidenote, PHK discussed passing text into the kernel, or 
even structured text in the form of XML, which piqued the 
counter-argument from our own Bob Ippolito- (as I sat in the back 
grinning... :)- Bob  and I had been up into the wee hours the night 
before, discussing the text/xml vs. binary formatting issue, sparked by 
changes to Darwin/OSX metadata files going binary.  Bob argued that the 
binary formats, if accompanied by proper tools to construct the binary 
data, can have much saner real-world application for critical data i/o 
operations in a given program.  I tend to agree with Bob on this one, 
citing a recent adventure in hell, implementing the DMOZ xml dump in a 
client project- in a nutshell, XML breaks, text parsing breaks, and 
it's extremely difficult to focus on what one is *doing* with the data- 
whereas things like database dumps and the like at the least help focus 
a developer on the actual data, by taking care of the formatting and 
presenting focused apis/applications for using the data.

6 of one, half-dozen of the other- this entire arguement is not a new 
one.
http://www.catb.org/~esr/writings/taoup/html/ch05s01.html

Regardless of the semantics of how it all works out, I'm really exited 
to see PHK's replacements for ioctl take off like GEOM has!

Rocket-
.ike




From ike  Fri May 20 20:52:09 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:52:09 -0400
Subject: [nycbug-talk] BSDCan ike-notes - McBride-OpenBSD network stack
	randomization
Message-ID: <725dfca2db8a3190e0d24d70ea2ae02b@lesmuug.org>

More BSDCan ike-notes,

Really cool stuff, Ryan McBride gave a lecture on network stack 
randomization in OpenBSD- which I thought was really cool stuff.  
Basically, as always, the OpenBSD crew makes software that belongs in 
the MOMA, IMHO- pretty intense stuff.  Ryan discussed the various 
sources of entropy that get xor'ed into a pool of packed ids for the 
tcp/ip packet stack.  The talk was brief, which led to a great Q&A with 
the bulk of the OpenBSD core team in attendance, which went into other 
randomization in OpenBSD, (pid randomization, ProPolice use for memory 
pointer stack randomization, etc...), and quickly spun into some 
general hardcore OpenBSD Q&A quality time.

I'm sad to say I missed Bob Beck's lecture on Spamd, as well as Henning 
Brauer speaking on OpenBGPD, but am pleased to say there was ton of 
great conversation at the bars about various topics with the OpenBSD 
crew- which made up for it.

While having drinks, Henning Brauer explained briefly how I could 
replicate the functionality I love from FreeBSD's jail facility (which 
I was speaking about at the conference), using OpenBSD.  Basically, it 
involves chroot'ing all the OpenBSD userland apps, and using PF to 
restrict an IP alias interface to the user process which is running the 
chroot.  (PF now can filter packets by user process).
I am currently hacking around with this procedure at home- mostly 
getting to know more about PF and hacking around...  (now that PF is 
native in FreeBSD, crossover will be MUCH easier.)

In another discussion, Mathieu Sauve-Frankel (Matt) explained in 
greater depth some of the reasoning behind why there's little interest 
for a jail facility in OpenBSD- basically that their concerns are with 
more fundamental security ideas, and that jailing bad software, is 
still jailing bad software... an attitude I can totally agree with.
However, I conversely argued basically that *all* software is bad 
software, and there are other applications for a jail facility...  Beer 
and food was served, and conversations switched gears a million times.

We called our own Mikey in NYC, who sadly could not attend, but will be 
in Canada soon for the OpenBSD Hackathon!

Discussions I had with all the OpenBSD folks were really fun, since I 
use (and love) so much in FreeBSD, we were coming at the same problems 
from opposite ends of the universe.  Needless to say, after the 
Conference, I'm now making my duct-tape-computers lab a *much* more 
hetrogenous enviornment all around...

Rocket-
.ike




From ike  Fri May 20 20:53:22 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:53:22 -0400
Subject: [nycbug-talk] BSDCan-ikenotes - Exiting Tech, Exiting People
Message-ID: <572241046e3468b1a896f37a2db82780@lesmuug.org>

Final BSDCan ike-notes,


Exiting Tech, Exiting People:
--
Several topics which have been swarming around NYC*BUG seem to be 
moving foreword,

- CARP/PF native and stable on FreeBSD 5.4!
This is SERIOUSLY exiting.  I had the pleasure of drinking with Max 
Laier, who is the FreeBSD commiter for PF and CARP.  I'm told Gleb 
Smirnoff and Pyun YongHyeon started the port, (last year give or take).

- OpenBSD 3.7 was released a bit early on CD at the conference, but 
it's out and available this week to the world.

- The Intel hyperthreading vulnerability issue was disclosed and 
reviewed in detail, but we've all seen this by now, check here for more 
info:
http://kerneltrap.org/node/5103

- FreeBSD Roadmap Crib Notes-  After chatting with Michael Lucas, ( 
http://www.oreillynet.com/pub/au/67 ) and picking the brains of a few 
FreeBSD commiters who were there early for the FreeBSD dev. summit, I 
got the basic skinny on the 5.x, 6.x, and 7.x release schedule for 
FreeBSD.  In a nutshell, things look quite good all around- and I'm in 
the testing process to *finally* migrate all my production life to 5.4. 
  FreeBSD 6.x is way less feature-packed than 5.x, with less fundamental 
changes- the aim is stability and speed.  Michael Lucas noted that the 
4.x FreeBSD's were soooo good, it's simply a hard act to follow.  With 
that the FreeBSD committers are all working hard to exceed the speed 
and stability of the 4.x branch.  FreeBSD 7.x was mentioned as well, as 
the  commiters have decided to move a bit faster with release versions- 
fewer features and functionality packed into forthcoming releases, 
(fewer than what we've got with 5.x!).

With that, things look great for the future of FreeBSD with regard to 
stability and speed.


- I got to briefly see Dru Lavigne again ( 
http://www.oreillynet.com/cs/catalog/view/au/73 ), which is always a 
pleasure- but didn't get much time to talk.  She's been mad busy with 
the BSDCert crew, (Jim Brown, Mark Spitzer, and George Rosamond from 
our NYC crew are heavily involved too...) and and they held a great BOF 
session to address the community needs for a BSD certification program. 
  If you haven't done so already, go fill out the survey so the 
certification is relevant to YOU when it comes out!!!

http://www.bsdcertification.org/downloads/BSDCertSurvey01_en-us_ann.html

- With all of this, there were soooo many great people, conversations, 
ideas, and so much hacking around- I hope more of us can make it to 
BSDCan next year.  This conference is totally a sacred holiday to me 
now :)

##############
Special thanks should go out to Dan Languille, who PUTS ON BSDCAN ALL 
BY HIMSELF.  He's just plain awesome, period.
##############

Rocket-
.ike




From ike  Fri May 20 20:58:19 2005
From: ike (Isaac Levy)
Date: Fri, 20 May 2005 20:58:19 -0400
Subject: [nycbug-talk] BSDCan ike-notes - McBride-OpenBSD network stack
	randomization
In-Reply-To: <725dfca2db8a3190e0d24d70ea2ae02b@lesmuug.org>
References: <725dfca2db8a3190e0d24d70ea2ae02b@lesmuug.org>
Message-ID: <6e2d457a9908ddc15b87aaf265c9cae1@lesmuug.org>

On May 20, 2005, at 8:52 PM, Isaac Levy wrote:

> We called our own Mikey in NYC, who sadly could not attend, but will 
> be in Canada soon for the OpenBSD Hackathon!

BTW- to clarify as I'm skimming my own notes here, this was a call from 
a bar, and Bob said it was a tradition for the crew to call Mickey from 
conferences if he was not in attendance.

Rocket-
.ike




From nomadlogic  Fri May 20 22:46:37 2005
From: nomadlogic (pete wright)
Date: Fri, 20 May 2005 19:46:37 -0700
Subject: [nycbug-talk] BSDCan ike-notes coming
In-Reply-To: <3ed244d645548e90cb5c3fc95f8fa787@lesmuug.org>
References: <3ed244d645548e90cb5c3fc95f8fa787@lesmuug.org>
Message-ID: <57d7100005052019467d0e4213@mail.gmail.com>

On 5/20/05, Isaac Levy <ike at lesmuug.org> wrote:
> Hi All,
> 
> So what a Conference.  BSDCan this year was so amazing, with so much to
> do, and so many BSD people to talk to, that I sadly didn't make time to
> report on the conference *during* the conference.
> 
> I understand more notes are going up on the BSDCan website:
> http://www.bsdcan.org/
> 
> With that, after a super-busy week returning home, emails which will
> immeadiately follow this one are the 'ike-notes' on the conference, (a
> bit heavy on the FreeBSD end of things, as a lot of my day-to-day
> relies heavily on FreeBSD...)  I thought I'd break them up, so folks
> could skip and skim a bit easier, sorry if this annoys anyone.
> 
> My sincerest apologies to everyone for the faulty weather report, it
> got much colder in Ottawa after my report on Tuesday- and my thanks to
> everyone who brought me tobacco!
> 
> Here comes emails...
> .ike

Ike, thanks for the emails/updates man.  sad that I missed yet another
great conf up north.  guess I'll be looking forward to next year's
bsdcan, that is unless you all east coasties get your act together and
get some sorta con. going in the fall ;p

-just another paranoid west coastie-

-pete


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From george  Fri May 20 23:13:19 2005
From: george (George)
Date: Fri, 20 May 2005 23:13:19 -0400
Subject: [nycbug-talk] BSDCan ike-notes coming
In-Reply-To: <57d7100005052019467d0e4213@mail.gmail.com>
References: <3ed244d645548e90cb5c3fc95f8fa787@lesmuug.org>
	<57d7100005052019467d0e4213@mail.gmail.com>
Message-ID: <428EA74F.5090809@sddi.net>

pete wright wrote:
> On 5/20/05, Isaac Levy <ike at lesmuug.org> wrote:
> 
>>Hi All,
>>
>>So what a Conference.  BSDCan this year was so amazing, with so much to
>>do, and so many BSD people to talk to, that I sadly didn't make time to
>>report on the conference *during* the conference.
>>
>>I understand more notes are going up on the BSDCan website:
>>http://www.bsdcan.org/
>>
>>With that, after a super-busy week returning home, emails which will
>>immeadiately follow this one are the 'ike-notes' on the conference, (a
>>bit heavy on the FreeBSD end of things, as a lot of my day-to-day
>>relies heavily on FreeBSD...)  I thought I'd break them up, so folks
>>could skip and skim a bit easier, sorry if this annoys anyone.
>>
>>My sincerest apologies to everyone for the faulty weather report, it
>>got much colder in Ottawa after my report on Tuesday- and my thanks to
>>everyone who brought me tobacco!
>>
>>Here comes emails...
>>.ike
> 
> 
> Ike, thanks for the emails/updates man.  sad that I missed yet another
> great conf up north. 

you were at bsdcan last year. . .

  guess I'll be looking forward to next year's
> bsdcan, that is unless you all east coasties get your act together and
> get some sorta con. going in the fall ;p

that's always a possibility. . .


> -just another paranoid west coastie-

i knew it, i knew it. . . <g>

g



From dlavigne6  Sat May 21 14:11:03 2005
From: dlavigne6 (Dru)
Date: Sat, 21 May 2005 14:11:03 -0400 (EDT)
Subject: [nycbug-talk] for those interested in copyright law
Message-ID: <20050521141046.T609@dru.domain.org>


http://www.oreillynet.com/pub/wlg/7124

Dru



From dlavigne6  Sat May 21 14:20:22 2005
From: dlavigne6 (Dru)
Date: Sat, 21 May 2005 14:20:22 -0400 (EDT)
Subject: [nycbug-talk] interesting read
Message-ID: <20050521141941.T609@dru.domain.org>


http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/

Dru



From alex  Sat May 21 13:14:01 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 13:14:01 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <20050521141941.T609@dru.domain.org>
Message-ID: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Dru wrote:

> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
Frankly, in healthcare, for life-critical applications, there isn't all
that much benefit for going with open sores.

I'll ask you this: Will you trust your life to an open-source application?

-alex




From george  Sat May 21 14:32:56 2005
From: george (George R.)
Date: Sat, 21 May 2005 14:32:56 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
Message-ID: <428F7ED8.3090201@sddi.net>

alex at pilosoft.com wrote:
> On Sat, 21 May 2005, Dru wrote:
> 
> 
>>http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
> 
> Frankly, in healthcare, for life-critical applications, there isn't all
> that much benefit for going with open sores.
> 
> I'll ask you this: Will you trust your life to an open-source application?

AFAIK, the central system for auto diagnostics is bsd-based.  And if you 
drive on the Deegan at 3 am in the Bronx that would certainly qualify.

g




From bzag0  Sat May 21 14:36:14 2005
From: bzag0 (Robert Zagarello)
Date: Sat, 21 May 2005 11:36:14 -0700 (PDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: 6667
Message-ID: <20050521183614.87918.qmail@web53803.mail.yahoo.com>


Interesting comment, but rather delusional. After the
Republicans get done with government at all levels,
govt regulation of big business will be so blasted to
HE Double Hockey Sticks that there wont be a
reliable-life-critical product out there in any form
for any one.  Just take a look at what's happening to
the Pharmaceutical industry - so much for the public's
well-being.  We're all in the BAD or BADDER choices
phase of Western Capitalism.

As far as our industry is concerned, the big CORPS
will have shot their wad long before the support in
open source wanes.

BZAG
===============================

--- alex at pilosoft.com wrote:
> On Sat, 21 May 2005, Dru wrote:
> 
> >
>
http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
> Frankly, in healthcare, for life-critical
> applications, there isn't all
> that much benefit for going with open sores.
> 
> I'll ask you this: Will you trust your life to an
> open-source application?
> 
> -alex
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce
> lists
> %We meet the first Wednesday of the month
> 



From ike  Sat May 21 14:41:20 2005
From: ike (Isaac Levy)
Date: Sat, 21 May 2005 14:41:20 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
Message-ID: <3d0a0dee9c19a42cb6241fea68f4b4c9@lesmuug.org>

Hi Alex, All,

On May 21, 2005, at 1:14 PM, alex at pilosoft.com wrote:

> On Sat, 21 May 2005, Dru wrote:
>
>> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
> Frankly, in healthcare, for life-critical applications, there isn't all
> that much benefit for going with open sores.
>
> I'll ask you this: Will you trust your life to an open-source 
> application?
>
> -alex

I'd Absolutely trust Open Source software over proprietary 
counterparts, especially if it came out of the BSD camps where software 
is taken this seriously in contexts like this.

(i.e. thinking about it, I'd generally not trust my life to any Linux, 
or about 90% of the software in the world- open or closed)

I'll be sending flames to /dev/null on that one.

--
I've had a few "snafu's" in life with medical 'computer' screw-ups in 
my life, (still alive :)- no machine made by a human is infallible- it 
always comes down to a culture of understanding and trust to make 
anything work (like medicine).

--
Just food for thought here- but with regard to trusting one's life to 
open source software, where'd OpenSSH come from, and what implications 
does *it* have with regard to human life?

Best,
.ike




From alex  Sat May 21 13:31:16 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 13:31:16 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <428F7ED8.3090201@sddi.net>
Message-ID: <Pine.LNX.4.44.0505211328160.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, George R. wrote:

> > Frankly, in healthcare, for life-critical applications, there isn't
> > all that much benefit for going with open sores.
> > 
> > I'll ask you this: Will you trust your life to an open-source
> > application?
> 
> AFAIK, the central system for auto diagnostics is bsd-based.  And if you
> drive on the Deegan at 3 am in the Bronx that would certainly qualify.
Urrr. 

a) What do you mean by "central system for auto diagnostics"? OBD-2 
interrogator? OBD-2 agent?

b) "bsd-based" is a far cry from open source, as you obviously know. There 
are lots of systems that are running on various flavors of unix, which 
doesn't make them open source.

c) OBD-2 agent doesn't qualify as life-critical. The worst thing it can do
is to put your car into 'limp home' mode.

-alex




From alex  Sat May 21 13:33:57 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 13:33:57 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <3d0a0dee9c19a42cb6241fea68f4b4c9@lesmuug.org>
Message-ID: <Pine.LNX.4.44.0505211331280.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Isaac Levy wrote:

> I'd Absolutely trust Open Source software over proprietary counterparts,
> especially if it came out of the BSD camps where software is taken this
> seriously in contexts like this.
> 
> (i.e. thinking about it, I'd generally not trust my life to any Linux,
> or about 90% of the software in the world- open or closed)
> 
> I'll be sending flames to /dev/null on that one.
Okay. Let's have more concrete example here - for example, software 
controlling an implantable pacemaker. What is the benefit for you, the 
user, of the fact that you get the compilable source with the pacemaker?

> Just food for thought here- but with regard to trusting one's life to
> open source software, where'd OpenSSH come from, and what implications
> does *it* have with regard to human life?
What does openssh have to do life-critical applications? Despite what you 
think, nobody's going to die if your password gets stolen.

-alex




From ike  Sat May 21 14:57:50 2005
From: ike (Isaac Levy)
Date: Sat, 21 May 2005 14:57:50 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211331280.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211331280.27595-100000@bawx.pilosoft.com>
Message-ID: <3f26e6efb0fb6a45babf801cfc20e49a@lesmuug.org>

On May 21, 2005, at 1:33 PM, alex at pilosoft.com wrote:

> On Sat, 21 May 2005, Isaac Levy wrote:
>
>> I'd Absolutely trust Open Source software over proprietary 
>> counterparts,
>> especially if it came out of the BSD camps where software is taken 
>> this
>> seriously in contexts like this.
>>
>> (i.e. thinking about it, I'd generally not trust my life to any Linux,
>> or about 90% of the software in the world- open or closed)
>>
>> I'll be sending flames to /dev/null on that one.
> Okay. Let's have more concrete example here - for example, software
> controlling an implantable pacemaker. What is the benefit for you, the
> user, of the fact that you get the compilable source with the 
> pacemaker?

GREAT topical choice alex, because,

Actually, my grandfather recieved one of the first open-heart surgery 
operations in the US in the 70's, he's had 3 of them to date, one set 
of pig valves, one set of donor valves, and has had 
titanum-robo-thingie valves for a long time now; and he definitely has 
a pacemaker.
(Kindof cool sidenote- when you give him a hug, you can hear his heart 
going 'click-click, click-click...')

With that, the pacemakers he's had have failed over the years with 
fairly traumatic results- and I've gotten to see the doctors trying to 
mitigate the vendor game, which we all know and hate in our own world.

So to answer your question, I believe it would be a very good thing if 
my grandfather, and the doctors, and even me, had the source code to 
what runs his pacemaker.

--
It's one thing to play the vendor-screw/patent game when you run 
servers on the internet.  It's another when you run someone's heart.  I 
personally choose to take them equally seriously.


>> Just food for thought here- but with regard to trusting one's life to
>> open source software, where'd OpenSSH come from, and what implications
>> does *it* have with regard to human life?
> What does openssh have to do life-critical applications? Despite what 
> you
> think, nobody's going to die if your password gets stolen.

You are correct, nobody is going to die if my password gets stolen, but 
think big picture Alex- you must understand that's not at all what I 
meant.

Best,
.ike




From dlavigne6  Sat May 21 15:09:04 2005
From: dlavigne6 (Dru)
Date: Sat, 21 May 2005 15:09:04 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
Message-ID: <20050521150250.J609@dru.domain.org>



On Sat, 21 May 2005 alex at pilosoft.com wrote:

> On Sat, 21 May 2005, Dru wrote:
>
>> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
> Frankly, in healthcare, for life-critical applications, there isn't all
> that much benefit for going with open sores.
>
> I'll ask you this: Will you trust your life to an open-source application?


Let's keep in mind that the trustworthiness of a life-critical 
application has everything to do with how that program was written and 
absolutely nothing to do with the license under which it was released.

Given the choice:

As an American I'd rather see my medical tax dollars spent on creating a 
national healthcare program than being used to pay for software licensing.

As a Canadian, I'd rather see my medical tax dollars spent on paying 
doctors (in my area 1 in 5 persons has a family doctor) and reducing the 
waiting times for emergency rooms and surgeries than being used to pay for 
software licensing.

Go back to the original URL. Open source is not a product.

Dru



From alex  Sat May 21 14:01:19 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 14:01:19 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <20050521150250.J609@dru.domain.org>
Message-ID: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Dru wrote:

> On Sat, 21 May 2005 alex at pilosoft.com wrote:
> 
> > On Sat, 21 May 2005, Dru wrote:
> >
> >> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
> > Frankly, in healthcare, for life-critical applications, there isn't
> > all that much benefit for going with open sores.
> >
> > I'll ask you this: Will you trust your life to an open-source
> > application?
> 
> Let's keep in mind that the trustworthiness of a life-critical
> application has everything to do with how that program was written and
> absolutely nothing to do with the license under which it was released.
Okay. Back to original question. What is the benefit for you to be able to 
recompile source code for your pacemaker?

> As an American I'd rather see my medical tax dollars spent on creating a
> national healthcare program than being used to pay for software
> licensing.
Somewhat orthogonal. Healthcare IT is not all healthcare technology. It 
might be a sizable chunk, but its not all. Sure, open source may make 
sense there. But the point is, healthcare is special because *people may 
die*. Healthcare IT is not special - nobody going to die if your insurance 
company processes the claim late.
 
> As a Canadian, I'd rather see my medical tax dollars spent on paying
> doctors (in my area 1 in 5 persons has a family doctor) and reducing the
> waiting times for emergency rooms and surgeries than being used to pay
> for software licensing.
> 
> Go back to the original URL. Open source is not a product.
Did I say it was? I said, "open source licensing is not beneficial for a
life-critical application".

-alex




From bob  Sat May 21 15:24:31 2005
From: bob (Bob Ippolito)
Date: Sat, 21 May 2005 12:24:31 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <3d0a0dee9c19a42cb6241fea68f4b4c9@lesmuug.org>
References: <Pine.LNX.4.44.0505211312370.27595-100000@bawx.pilosoft.com>
	<3d0a0dee9c19a42cb6241fea68f4b4c9@lesmuug.org>
Message-ID: <C77C5FE5-71F3-4368-8E0C-27F33A69561E@redivi.com>


On May 21, 2005, at 11:41 AM, Isaac Levy wrote:

> On May 21, 2005, at 1:14 PM, alex at pilosoft.com wrote:
>
>
>> On Sat, 21 May 2005, Dru wrote:
>>
>>
>>> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
>>>
>> Frankly, in healthcare, for life-critical applications, there  
>> isn't all
>> that much benefit for going with open sores.
>>
>> I'll ask you this: Will you trust your life to an open-source  
>> application?
>
> I'd Absolutely trust Open Source software over proprietary  
> counterparts, especially if it came out of the BSD camps where  
> software is taken this seriously in contexts like this.

Yeah if the software was open source, and I audited it myself, then  
I'd trust it more... but if I'm dying, I don't think that's going to  
happen regardless of the source code's status :)

I've seen lots of shitty software, both open and closed.  I haven't  
seen any evidence that open source software is better designed or  
written just because it is open (peruse freshmeat, CPAN, etc. if you  
don't believe me), and I have seen evidence that very good software  
does exist outside of open source.  In either case, good software is  
the exception and not the rule, and it really depends on *who*  
designed it and implemented it, not how they did it and what license  
it falls under.

> (i.e. thinking about it, I'd generally not trust my life to any  
> Linux, or about 90% of the software in the world- open or closed)
>
> I'll be sending flames to /dev/null on that one.

You sure live dangerously, trusting your life to 10% of the world's  
software!  Are you sure you didn't mean 99.999%? Have you looked at  
freshmeat or versiontracker lately?

-bob




From dlavigne6  Sat May 21 15:28:06 2005
From: dlavigne6 (Dru)
Date: Sat, 21 May 2005 15:28:06 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
Message-ID: <20050521152603.R609@dru.domain.org>



On Sat, 21 May 2005 alex at pilosoft.com wrote:
>>
>> Let's keep in mind that the trustworthiness of a life-critical
>> application has everything to do with how that program was written and
>> absolutely nothing to do with the license under which it was released.
> Okay. Back to original question. What is the benefit for you to be able to
> recompile source code for your pacemaker?


That's Ike's grandfather, not mine ;-)


>> Go back to the original URL. Open source is not a product.
> Did I say it was? I said, "open source licensing is not beneficial for a
> life-critical application".


Why? At first glance, this sounds like the argument "open source licensing 
is not beneficial for security applications". If that's not what you mean, 
please clarify.

Dru



From bob  Sat May 21 15:30:40 2005
From: bob (Bob Ippolito)
Date: Sat, 21 May 2005 12:30:40 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
Message-ID: <42743BEF-9AEC-4094-B62E-4325BD1F18D8@redivi.com>


On May 21, 2005, at 11:01 AM, alex at pilosoft.com wrote:

> On Sat, 21 May 2005, Dru wrote:
>
>
>> On Sat, 21 May 2005 alex at pilosoft.com wrote:
>>
>>
>>> On Sat, 21 May 2005, Dru wrote:
>>>
>>>
>>>> http://homepage.mac.com/yaztromo/iblog/C721686556/E320292175/
>>>>
>>> Frankly, in healthcare, for life-critical applications, there isn't
>>> all that much benefit for going with open sores.
>>>
>>> I'll ask you this: Will you trust your life to an open-source
>>> application?
>>>
>>
>> Let's keep in mind that the trustworthiness of a life-critical
>> application has everything to do with how that program was written  
>> and
>> absolutely nothing to do with the license under which it was  
>> released.
>>
> Okay. Back to original question. What is the benefit for you to be  
> able to
> recompile source code for your pacemaker?

Independent audits.

-bob




From alex  Sat May 21 14:28:17 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 14:28:17 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <42743BEF-9AEC-4094-B62E-4325BD1F18D8@redivi.com>
Message-ID: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Bob Ippolito wrote:

> >> Let's keep in mind that the trustworthiness of a life-critical
> >> application has everything to do with how that program was written
> >> and absolutely nothing to do with the license under which it was
> >> released.
> >>
> > Okay. Back to original question. What is the benefit for you to be
> > able to recompile source code for your pacemaker?
> 
> Independent audits.
Orthogonal to open source. 

Remind you - there's lots of software that comes with source (heck, even
Windows, if you pay enough) - that doesn't mean it is open source.

I think I wasn't precise enough in previous question: "What is the benefit 
for you to be able to recompile *and* redistribute source code for your 
pacemaker?".

-alex




From ike  Sat May 21 15:41:34 2005
From: ike (Isaac Levy)
Date: Sat, 21 May 2005 15:41:34 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <20050521152603.R609@dru.domain.org>
References: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
	<20050521152603.R609@dru.domain.org>
Message-ID: <a1ffaebf47e2eadc34bf93f03576cf6c@lesmuug.org>

The pacemaker scenario, (hopefully the final word on this thought),

On May 21, 2005, at 3:28 PM, Dru wrote:

> On Sat, 21 May 2005 alex at pilosoft.com wrote:
>>>
>>> Let's keep in mind that the trustworthiness of a life-critical
>>> application has everything to do with how that program was written 
>>> and
>>> absolutely nothing to do with the license under which it was 
>>> released.
>> Okay. Back to original question. What is the benefit for you to be 
>> able to
>> recompile source code for your pacemaker?
>
>
> That's Ike's grandfather, not mine ;-)

Well, it's extremely unlikely my grandfather would care about 
recompiling the source code by himself, but he sure would want his 
chosen/given doctors to have the control available to them.

As I stated earlier,

> With that, the pacemakers he's had have failed over the years with 
> fairly traumatic results- and I've gotten to see the doctors trying to 
> mitigate the vendor game, which we all know and hate in our own world.

Perhaps the words don't speak clearly enough, but I think that's an 
example of how sick and twisted the world can be at times, (a sentiment 
mitigated by the fact that he IS alive, and 'ticking').

--
If I had a pacemaker, I'd see it like this:
It's my body, so I see it as a human right that I have the source code 
to my own pacemaker, and that my life not be in the hands of a single 
patent holder or vendor.

Practically speaking, if I or my doctors were to have problems with a 
particular vendor for said pacemaker, I could take the source code and 
tech involved to whomever could continue to support it.  That would be 
the benefit of having the ability to recompile the source code for my 
pacemaker.

Best,
.ike




From alex  Sat May 21 14:31:56 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 14:31:56 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <20050521152603.R609@dru.domain.org>
Message-ID: <Pine.LNX.4.44.0505211428200.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Dru wrote:

> >> Go back to the original URL. Open source is not a product.
> > Did I say it was? I said, "open source licensing is not beneficial for
> > a life-critical application".
> 
> Why? At first glance, this sounds like the argument "open source
> licensing is not beneficial for security applications". If that's not
> what you mean, please clarify.
Hrm. Well, those are different things. Open source for security apps is a 
double-edged sword - the downside is the 'obscurity' factor of security is 
removed. Obscurity is an excellent defense against poorly-funded and/or 
poorly-motivated attackers. Of course, the benefit is that [hopefully] 
many eyes will spot the bugs and the end product will end up more secure.

Open-source for life-critical applications is simply irrelevant: When 
there are human lives on the line, you don't really care about the ability 
to recompile and redistribute the source - you either trust the maker of 
the software or you don't. If you don't trust the maker and end up 
"fixing" the software, that's recipe for disaster.

-alex




From alex  Sat May 21 14:34:03 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 14:34:03 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <a1ffaebf47e2eadc34bf93f03576cf6c@lesmuug.org>
Message-ID: <Pine.LNX.4.44.0505211432170.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Isaac Levy wrote:

> If I had a pacemaker, I'd see it like this: It's my body, so I see it as
> a human right that I have the source code to my own pacemaker, and that
> my life not be in the hands of a single patent holder or vendor.
Interesting point. :)

> Practically speaking, if I or my doctors were to have problems with a
> particular vendor for said pacemaker, I could take the source code and
> tech involved to whomever could continue to support it.  That would be
> the benefit of having the ability to recompile the source code for my
> pacemaker.
I don't think you really meant to say that. That course of action will 
likely to lead to disaster.

a) If there's a problem with a vendor, and there is a *chance of death* - 
you don't play games with vendors. You replace the device.

-alex






From bob  Sat May 21 15:45:27 2005
From: bob (Bob Ippolito)
Date: Sat, 21 May 2005 12:45:27 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
Message-ID: <CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>


On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:

> On Sat, 21 May 2005, Bob Ippolito wrote:
>
>
>>>> Let's keep in mind that the trustworthiness of a life-critical
>>>> application has everything to do with how that program was written
>>>> and absolutely nothing to do with the license under which it was
>>>> released.
>>>>
>>>>
>>> Okay. Back to original question. What is the benefit for you to be
>>> able to recompile source code for your pacemaker?
>>>
>>
>> Independent audits.
>>
> Orthogonal to open source.

I don't know where you learned the word orthogonal, but that's  
certainly not what it meant in my math classes.  Open source implies  
that audits are possible, so they're not statistically independent.

> Remind you - there's lots of software that comes with source (heck,  
> even
> Windows, if you pay enough) - that doesn't mean it is open source.
>
> I think I wasn't precise enough in previous question: "What is the  
> benefit
> for you to be able to recompile *and* redistribute source code for  
> your
> pacemaker?".

Publishing the results of an audit of this kind is going to need some  
kind of redistribution rights.  Again, you can have this without open  
source, but open source implies that this is legal.

-bob




From dlavigne6  Sat May 21 16:04:44 2005
From: dlavigne6 (Dru)
Date: Sat, 21 May 2005 16:04:44 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211432170.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211432170.27595-100000@bawx.pilosoft.com>
Message-ID: <20050521155821.U609@dru.domain.org>


Just to add to the discussion, I knew I had come across another URL 
earlier this week and just found it in my inbox:

http://www.worldvista.org/vista/index.html

this software was released into the public domain.

There's also a hyperlink to OpenVista.

Apparently it's already happening in the States. It's Canada that isn't 
interested at the moment...

Dru



From matt  Sat May 21 16:39:16 2005
From: matt (Matthew Terenzio)
Date: Sat, 21 May 2005 16:39:16 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <20050521152603.R609@dru.domain.org>
References: <Pine.LNX.4.44.0505211358060.27595-100000@bawx.pilosoft.com>
	<20050521152603.R609@dru.domain.org>
Message-ID: <562d582f3f200665dca57160e7d22797@jobsforge.com>

I don't understand the whole argument. If the general consensus in the 
Healthcare industry was that a certain product was best and it was open 
source, I'd trust my life to it. If it was closed source, I would too.
There is no necessary relationship between license and quality, but 
many here probably feel that peer review makes better software. It's 
just probably not that likely that a community would grow around a 
pacemaker product because they are all building real important things 
like Podcasters. : )

On May 21, 2005, at 3:28 PM, Dru wrote:

>
>
> On Sat, 21 May 2005 alex at pilosoft.com wrote:
>>>
>>> Let's keep in mind that the trustworthiness of a life-critical
>>> application has everything to do with how that program was written 
>>> and
>>> absolutely nothing to do with the license under which it was 
>>> released.
>> Okay. Back to original question. What is the benefit for you to be 
>> able to
>> recompile source code for your pacemaker?
>
>
> That's Ike's grandfather, not mine ;-)
>
>
>>> Go back to the original URL. Open source is not a product.
>> Did I say it was? I said, "open source licensing is not beneficial 
>> for a
>> life-critical application".
>
>
> Why? At first glance, this sounds like the argument "open source 
> licensing is not beneficial for security applications". If that's not 
> what you mean, please clarify.
>
> Dru
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>





From alex  Sat May 21 15:45:59 2005
From: alex (alex at pilosoft.com)
Date: Sat, 21 May 2005 15:45:59 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <562d582f3f200665dca57160e7d22797@jobsforge.com>
Message-ID: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>

On Sat, 21 May 2005, Matthew Terenzio wrote:

> I don't understand the whole argument. If the general consensus in the
> Healthcare industry was that a certain product was best and it was open
> source, I'd trust my life to it. If it was closed source, I would too.
> There is no necessary relationship between license and quality, but many
> here probably feel that peer review makes better software. It's just
> probably not that likely that a community would grow around a pacemaker
> product because they are all building real important things like
> Podcasters. : )
Finally someone who doesn't have knee-jerk reaction "open source good,
proprietary bad". I'm somewhat surprised to response from this list
regarding my comment about open-source/healthcare - I'd expect that much
flame if it was nylxs, not nycbug ;)

-alex




From nomadlogic  Sat May 21 18:03:27 2005
From: nomadlogic (pete wright)
Date: Sat, 21 May 2005 15:03:27 -0700
Subject: [nycbug-talk] using altq and pf to help with dsl performance
Message-ID: <57d7100005052115032fca749f@mail.gmail.com>

Hi All,
     I found this URL a while back and am in the process of setting up
my soekris box (finally..only after 6months of moving).  does anyone
else have any good pf hacks for home adsl connections?

http://www.benzedrine.cx/ackpri.html

-p

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From dnsa  Sat May 21 20:04:31 2005
From: dnsa (dnsa at o2.pl)
Date: Sun, 22 May 2005 02:04:31 +0200
Subject: [nycbug-talk] looking for not needed computers
Message-ID: <20050522000431.71ED3AF507@rekin12.go2.pl>

Hi ! 
I'm 15, and I'm looking for some not needed computers 
I don't have enough money to buy a new one, but i think  
i would have enough money to buy a "second-hand" 
The purpose of that is, that I would like to practice and expand 
my administrator skills on fbsd and obsd to get a good job in the 
future, currently I have one computer at home with already 
installed fbsd, but I need it for a work station, mainly is used 
for school <projects, homeworks, essays> 
 
thank you for everything you've done to me !!! 




From bzag0  Sat May 21 20:32:12 2005
From: bzag0 (Robert Zagarello)
Date: Sat, 21 May 2005 17:32:12 -0700 (PDT)
Subject: [nycbug-talk] looking for not needed computers
In-Reply-To: 6667
Message-ID: <20050522003212.15103.qmail@web53807.mail.yahoo.com>


Try buying a Dell Optiplex GX110 Tower or Desktop on
eBay.  They are selling anywhere from $50 to $90 plus
shipping, typically $25 to $35.  I've been installing
NetBSD and FreeBSD on them with no problems.  They
typically come with a minimum of: 20 GB HD, 128 MB
PC100 RAM, and 866 to 933 MHz Pentium III CPU (any
higher then they get more expensive).  Look for high
positive ratings (>= 98%) and you won't go wrong.  The
last few PCs I've bought from the seller "wildinmn" -
you can find my (buyer-only) ratings there, too (under
"bzag0").

Good luck if you choose to do this.  P.S.  I didn't
have much money, either !

BZAG
=====================================

--- dnsa at o2.pl wrote:
> Hi ! 
> I'm 15, and I'm looking for some not needed
> computers 
> I don't have enough money to buy a new one, but i
> think  
> i would have enough money to buy a "second-hand" 
> The purpose of that is, that I would like to
> practice and expand 
> my administrator skills on fbsd and obsd to get a
> good job in the 
> future, currently I have one computer at home with
> already 
> installed fbsd, but I need it for a work station,
> mainly is used 
> for school <projects, homeworks, essays> 
>  
> thank you for everything you've done to me !!! 
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce
> lists
> %We meet the first Wednesday of the month
> 



From george  Sat May 21 20:31:05 2005
From: george (George R.)
Date: Sat, 21 May 2005 20:31:05 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>
Message-ID: <428FD2C9.6010000@sddi.net>

alex at pilosoft.com wrote:
> On Sat, 21 May 2005, Matthew Terenzio wrote:
> 
> 
>>I don't understand the whole argument. If the general consensus in the
>>Healthcare industry was that a certain product was best and it was open
>>source, I'd trust my life to it. If it was closed source, I would too.
>>There is no necessary relationship between license and quality, but many
>>here probably feel that peer review makes better software. It's just
>>probably not that likely that a community would grow around a pacemaker
>>product because they are all building real important things like
>>Podcasters. : )
> 
> Finally someone who doesn't have knee-jerk reaction "open source good,
> proprietary bad". I'm somewhat surprised to response from this list
> regarding my comment about open-source/healthcare - I'd expect that much
> flame if it was nylxs, not nycbug ;)

I'm not Mr. S., and none of us are knee-jerk RMS- (the other 'S' guy) 
types.  I think you're well aware of that. . .

But I think in most of our minds, what we'd assume about medical 
software is what we'd also take from our buddy Mr. S (chneier) on the 
topic for cryptographic algorithms.  Peer review is better for critical 
applications.  Lots of authorities reviwing the code would be good.

Software in the medical industry, I'd assume, only reflects the 
horrifying state of the industry itself. . . the 45 million or so 
without healthcare, $20 for a Tylenol, etc.

The last thing an industry like that needs is real independent 
oversight, and this would include software.  Yeah, yeah, yeah, HIPAA, 
but come on. . .

More specifically, I would feel more comfortable with a sane development 
model, open or closed source, unlike Linux land's method, or lack of.  I 
don't want Joe Schmoe who happened to get some hack to reboot my 
pacemaker.  I'd want a stricter model with earned commit access.  Give 
me documentation and a logic.

And finally, Ike, you can only have nonprivileged user access to my 
pacemaker. . . no sudo for you. ;-'

Oh, yeah, I'm on vacation. . . Key West is humid. . . but free wireless 
in the hotel. . . but haven't had a chance to get my ThinkPad's wireless 
up for FBSD.  So I'm on the XP partition. . .  Did notice that bge0 
(BroadCom) interface came up with a cvsup and rebuild Thursday or so. . 
   I'll let everyone know about my experience (project evil or other) 
with the wireless when I get a chance.

g




From george  Sat May 21 20:31:11 2005
From: george (George R.)
Date: Sat, 21 May 2005 20:31:11 -0400
Subject: [nycbug-talk] looking for not needed computers
In-Reply-To: <20050522000431.71ED3AF507@rekin12.go2.pl>
References: <20050522000431.71ED3AF507@rekin12.go2.pl>
Message-ID: <428FD2CF.1010803@sddi.net>

dnsa at o2.pl wrote:
> Hi ! 
> I'm 15, and I'm looking for some not needed computers 
> I don't have enough money to buy a new one, but i think  
> i would have enough money to buy a "second-hand" 
> The purpose of that is, that I would like to practice and expand 
> my administrator skills on fbsd and obsd to get a good job in the 
> future, currently I have one computer at home with already 
> installed fbsd, but I need it for a work station, mainly is used 
> for school <projects, homeworks, essays> 

AFAIK, it would be a bit expensive to send something to .pl from NYC.

> thank you for everything you've done to me !!! 

glad you're enjoying the list. . . you must be referring to the medical 
software discussion. <g>

g




From george  Sat May 21 20:32:29 2005
From: george (George R.)
Date: Sat, 21 May 2005 20:32:29 -0400
Subject: [nycbug-talk] and BTW. . .
Message-ID: <428FD31D.6060600@sddi.net>

Maybe we should add an NTP server to the colo. . . having messages 
sorted by date is not fun on this list today. . .

could everyone just run:

sudo rdate ntp0.cornell.edu

before your next post. . .

g




From nomadlogic  Sun May 22 01:57:06 2005
From: nomadlogic (pete wright)
Date: Sat, 21 May 2005 22:57:06 -0700
Subject: [nycbug-talk] looking for not needed computers
In-Reply-To: <20050522000431.71ED3AF507@rekin12.go2.pl>
References: <20050522000431.71ED3AF507@rekin12.go2.pl>
Message-ID: <57d71000050521225740dbd589@mail.gmail.com>

On 5/21/05, dnsa at o2.pl <dnsa at o2.pl> wrote:
> Hi !
> I'm 15, and I'm looking for some not needed computers
> I don't have enough money to buy a new one, but i think
> i would have enough money to buy a "second-hand"
> The purpose of that is, that I would like to practice and expand
> my administrator skills on fbsd and obsd to get a good job in the
> future, currently I have one computer at home with already
> installed fbsd, but I need it for a work station, mainly is used
> for school <projects, homeworks, essays>
> 

If you are interested in getting an account on a unix host I would check out:

http://freeshell.org/

It is a very active netbsd based group that provides shell access. 
While you do have to pay some money to get a fully functional account
(~$30 U.S.) it is a bargin when compared to having full on 'net access
etc.  While you will not be learning how to build systems on this
host, it is an ideal place to brush up on shell/perl/python/php
scripting.  As far as second hand machines, I believe e-bay has just
opened a polish specific site.  I am sure you may be able to get an
older pentium class system from there.

-p



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From mspitzer  Sun May 22 11:16:07 2005
From: mspitzer (Marc Spitzer)
Date: Sun, 22 May 2005 11:16:07 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
	<CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
Message-ID: <8c50a3c30505220816723a645@mail.gmail.com>

On 5/21/05, Bob Ippolito <bob at redivi.com> wrote:
> 
> On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:
> 
> > On Sat, 21 May 2005, Bob Ippolito wrote:
> >
> >
> >>>> Let's keep in mind that the trustworthiness of a life-critical
> >>>> application has everything to do with how that program was written
> >>>> and absolutely nothing to do with the license under which it was
> >>>> released.
> >>>>
> >>>>
> >>> Okay. Back to original question. What is the benefit for you to be
> >>> able to recompile source code for your pacemaker?
> >>>
> >>
> >> Independent audits.
> >>
> > Orthogonal to open source.
> 
> I don't know where you learned the word orthogonal, but that's
> certainly not what it meant in my math classes.  Open source implies
> that audits are possible, so they're not statistically independent.

I have to go with Alex on this one, to audit the code you would need to know:

1: enough about how the heart works to comment on design decisions,
optimizing for speed where needed and space everywhere else.

2: know the hardware and software *very* well and these are, I would
think, all fairly to very custom embedded systems, for example X is
stupid in C but great in forth.

And you would need to accept the fact you might just get sued out of
existence for your opinion.  Think about it someone dies and a lawyer
smells money so he decided to sue all involved because it costs him
nothing to add you to the suit.  Now you need a good lawyer for a long
time and they want cash generally.

ike,

even if it is in python you are not qualified to have an opinion about
the code that runs your granddads heart.


marc



From bob  Sun May 22 12:06:33 2005
From: bob (Bob Ippolito)
Date: Sun, 22 May 2005 09:06:33 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <8c50a3c30505220816723a645@mail.gmail.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
	<CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
	<8c50a3c30505220816723a645@mail.gmail.com>
Message-ID: <3EDBE078-7D92-4576-9165-5FCC359C6E43@redivi.com>


On May 22, 2005, at 8:16 AM, Marc Spitzer wrote:

> On 5/21/05, Bob Ippolito <bob at redivi.com> wrote:
>
>>
>> On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:
>>
>>
>>> On Sat, 21 May 2005, Bob Ippolito wrote:
>>>
>>>>>> Let's keep in mind that the trustworthiness of a life-critical
>>>>>> application has everything to do with how that program was  
>>>>>> written
>>>>>> and absolutely nothing to do with the license under which it was
>>>>>> released.
>>>>>>
>>>>>>
>>>>>>
>>>>> Okay. Back to original question. What is the benefit for you to be
>>>>> able to recompile source code for your pacemaker?
>>>>>
>>>>>
>>>>
>>>> Independent audits.
>>>>
>>>>
>>> Orthogonal to open source.
>>>
>>
>> I don't know where you learned the word orthogonal, but that's
>> certainly not what it meant in my math classes.  Open source implies
>> that audits are possible, so they're not statistically independent.
>>
>
> I have to go with Alex on this one, to audit the code you would  
> need to know:

So, because audits are difficult, you agree with an incorrect usage  
of a word?

> 1: enough about how the heart works to comment on design decisions,
> optimizing for speed where needed and space everywhere else.
>
> 2: know the hardware and software *very* well and these are, I would
> think, all fairly to very custom embedded systems, for example X is
> stupid in C but great in forth.

I said *possible*, not easy, cheap, or generally accessible.  Nowhere  
in this thread did I ever say that open source is inherently a better  
solution, but it does inherently have a way to measure its worth  
because the source is available.  Finding a person qualified to  
perform that measurement is another story.

Again, I never said that a closed source solution can't have this  
either, only that open source implies that this is available.

> And you would need to accept the fact you might just get sued out of
> existence for your opinion.  Think about it someone dies and a lawyer
> smells money so he decided to sue all involved because it costs him
> nothing to add you to the suit.  Now you need a good lawyer for a long
> time and they want cash generally.

Open source solutions probably fare better here (for the auditor),  
because the license implies redistribution rights for the code.

> ike,
>
> even if it is in python you are not qualified to have an opinion about
> the code that runs your granddads heart.

Well there is a species of "obvious" bugs that you can find without  
knowing the hardware and software very well.  If you perform a naive  
audit of the code and find one or more examples of these, I'd get  
that solution the hell away from anyone I care about.

-bob




From mspitzer  Sun May 22 13:14:14 2005
From: mspitzer (Marc Spitzer)
Date: Sun, 22 May 2005 13:14:14 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <3EDBE078-7D92-4576-9165-5FCC359C6E43@redivi.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
	<CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
	<8c50a3c30505220816723a645@mail.gmail.com>
	<3EDBE078-7D92-4576-9165-5FCC359C6E43@redivi.com>
Message-ID: <8c50a3c30505221014129b2bfe@mail.gmail.com>

On 5/22/05, Bob Ippolito <bob at redivi.com> wrote:
> 
> On May 22, 2005, at 8:16 AM, Marc Spitzer wrote:
> 
> > On 5/21/05, Bob Ippolito <bob at redivi.com> wrote:
> >
> >>
> >> On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:
> >>
> >>
> >>> On Sat, 21 May 2005, Bob Ippolito wrote:
> >>>
> >>>>>> Let's keep in mind that the trustworthiness of a life-critical
> >>>>>> application has everything to do with how that program was
> >>>>>> written
> >>>>>> and absolutely nothing to do with the license under which it was
> >>>>>> released.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>> Okay. Back to original question. What is the benefit for you to be
> >>>>> able to recompile source code for your pacemaker?
> >>>>>
> >>>>>
> >>>>
> >>>> Independent audits.
> >>>>
> >>>>
> >>> Orthogonal to open source.
> >>>
> >>
> >> I don't know where you learned the word orthogonal, but that's
> >> certainly not what it meant in my math classes.  Open source implies
> >> that audits are possible, so they're not statistically independent.
> >>
> >
> > I have to go with Alex on this one, to audit the code you would
> > need to know:
> 
> So, because audits are difficult, you agree with an incorrect usage
> of a word?

He did not use audit incorrectly, audit has nothing to do with the
right to have unrestricted rights to distribute code.  And that
redistribution right, in some cases compulsion,  is what is the core
defining characteristic of open source.  audit is just a secondary
effect nothing more of open source.

And as far as I know the use of orthogonal in regular speech means
unrelated to.  Orthogonal in math can and does depend on the type of
math you are studding.  But I do not think that Alex meant to say
"normal to the tangent plane of the surface" where the surface in
question is of N dimensions and the tangent "plane" is of N-1
dimensions and the normal is N-2 dimensions, think sphere-> plane->
ray as that would make absolutely no seance out of a few specific
areas of math, sold euclidean geometry and calc come to mind.


> 
> > 1: enough about how the heart works to comment on design decisions,
> > optimizing for speed where needed and space everywhere else.
> >
> > 2: know the hardware and software *very* well and these are, I would
> > think, all fairly to very custom embedded systems, for example X is
> > stupid in C but great in forth.
> 
> I said *possible*, not easy, cheap, or generally accessible.  Nowhere
> in this thread did I ever say that open source is inherently a better
> solution, but it does inherently have a way to measure its worth
> because the source is available.  Finding a person qualified to
> perform that measurement is another story.

No it is not, with out *that person* the rest is a complete wash.  

> 
> Again, I never said that a closed source solution can't have this
> either, only that open source implies that this is available.
> 
> > And you would need to accept the fact you might just get sued out of
> > existence for your opinion.  Think about it someone dies and a lawyer
> > smells money so he decided to sue all involved because it costs him
> > nothing to add you to the suit.  Now you need a good lawyer for a long
> > time and they want cash generally.
> 
> Open source solutions probably fare better here (for the auditor),
> because the license implies redistribution rights for the code.

go talk to a lawyer about this, here is the scenario

1: you make a comment on how to improve bubas open source pacemaker
development kit, or even provide a patch

2: after that some people die with bubas kit in there chest

3: lawyer sues for damages, claims bubas kit was defective

4: add you to the list because he can for free.  You were involved after all.

Now you need a lawyer, good ones are $400+/hr and bad ones cost more. 
And they like cash up front, retainer.

> 
> > ike,
> >
> > even if it is in python you are not qualified to have an opinion about
> > the code that runs your granddads heart.
> 
> Well there is a species of "obvious" bugs that you can find without
> knowing the hardware and software very well.  If you perform a naive
> audit of the code and find one or more examples of these, I'd get
> that solution the hell away from anyone I care about.

This is a remarkably ignorant thing to say.  Do you have any idea how
much testing the FDA *REQUIRES* for battery operated devices implanted
to run the heart???  Also think about what the companies that develop
these devices are required to do by there lawyers and insurance
companies as far as testing goes to minimize liability.  They *KNOW*
they will be sued and act accordingly, that is a big part of why
medicine is so expensive.


marc

> 
> -bob
> 
>



From bob  Sun May 22 13:34:21 2005
From: bob (Bob Ippolito)
Date: Sun, 22 May 2005 10:34:21 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <8c50a3c30505221014129b2bfe@mail.gmail.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
	<CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
	<8c50a3c30505220816723a645@mail.gmail.com>
	<3EDBE078-7D92-4576-9165-5FCC359C6E43@redivi.com>
	<8c50a3c30505221014129b2bfe@mail.gmail.com>
Message-ID: <F2CD0D25-848C-4E5E-BD4C-05BF19D7BE6E@redivi.com>


On May 22, 2005, at 10:14 AM, Marc Spitzer wrote:

> On 5/22/05, Bob Ippolito <bob at redivi.com> wrote:
>
>>
>> On May 22, 2005, at 8:16 AM, Marc Spitzer wrote:
>>
>>
>>> On 5/21/05, Bob Ippolito <bob at redivi.com> wrote:
>>>
>>>
>>>>
>>>> On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:
>>>>
>>>>
>>>>
>>>>> On Sat, 21 May 2005, Bob Ippolito wrote:
>>>>>
>>>>>
>>>>>>>> Let's keep in mind that the trustworthiness of a life-critical
>>>>>>>> application has everything to do with how that program was
>>>>>>>> written
>>>>>>>> and absolutely nothing to do with the license under which it  
>>>>>>>> was
>>>>>>>> released.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> Okay. Back to original question. What is the benefit for you  
>>>>>>> to be
>>>>>>> able to recompile source code for your pacemaker?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Independent audits.
>>>>>>
>>>>>>
>>>>>>
>>>>> Orthogonal to open source.
>>>>>
>>>>>
>>>>
>>>> I don't know where you learned the word orthogonal, but that's
>>>> certainly not what it meant in my math classes.  Open source  
>>>> implies
>>>> that audits are possible, so they're not statistically independent.
>>>>
>>>>
>>>
>>> I have to go with Alex on this one, to audit the code you would
>>> need to know:
>>>
>>
>> So, because audits are difficult, you agree with an incorrect usage
>> of a word?
>
> He did not use audit incorrectly, audit has nothing to do with the
> right to have unrestricted rights to distribute code.  And that
> redistribution right, in some cases compulsion,  is what is the core
> defining characteristic of open source.  audit is just a secondary
> effect nothing more of open source.
>
> And as far as I know the use of orthogonal in regular speech means
> unrelated to.  Orthogonal in math can and does depend on the type of
> math you are studding.  But I do not think that Alex meant to say
> "normal to the tangent plane of the surface" where the surface in
> question is of N dimensions and the tangent "plane" is of N-1
> dimensions and the normal is N-2 dimensions, think sphere-> plane->
> ray as that would make absolutely no seance out of a few specific
> areas of math, sold euclidean geometry and calc come to mind.

If A implies the possibility of B, in what universe are they unrelated?

>>> 1: enough about how the heart works to comment on design decisions,
>>> optimizing for speed where needed and space everywhere else.
>>>
>>> 2: know the hardware and software *very* well and these are, I would
>>> think, all fairly to very custom embedded systems, for example X is
>>> stupid in C but great in forth.
>>>
>>
>> I said *possible*, not easy, cheap, or generally accessible.  Nowhere
>> in this thread did I ever say that open source is inherently a better
>> solution, but it does inherently have a way to measure its worth
>> because the source is available.  Finding a person qualified to
>> perform that measurement is another story.
>>
>
> No it is not, with out *that person* the rest is a complete wash.

And unless air is breathable, we'll all die!  OH NO!

>> Again, I never said that a closed source solution can't have this
>> either, only that open source implies that this is available.
>>
>>
>>> And you would need to accept the fact you might just get sued out of
>>> existence for your opinion.  Think about it someone dies and a  
>>> lawyer
>>> smells money so he decided to sue all involved because it costs him
>>> nothing to add you to the suit.  Now you need a good lawyer for a  
>>> long
>>> time and they want cash generally.
>>>
>>
>> Open source solutions probably fare better here (for the auditor),
>> because the license implies redistribution rights for the code.
>>
>
> go talk to a lawyer about this, here is the scenario
>
> 1: you make a comment on how to improve bubas open source pacemaker
> development kit, or even provide a patch
>
> 2: after that some people die with bubas kit in there chest
>
> 3: lawyer sues for damages, claims bubas kit was defective
>
> 4: add you to the list because he can for free.  You were involved  
> after all.
>
> Now you need a lawyer, good ones are $400+/hr and bad ones cost more.
> And they like cash up front, retainer.

You can sue or be sued at any time for any reason.  So what?

>>> ike,
>>>
>>> even if it is in python you are not qualified to have an opinion  
>>> about
>>> the code that runs your granddads heart.
>>>
>>
>> Well there is a species of "obvious" bugs that you can find without
>> knowing the hardware and software very well.  If you perform a naive
>> audit of the code and find one or more examples of these, I'd get
>> that solution the hell away from anyone I care about.
>>
>
> This is a remarkably ignorant thing to say.  Do you have any idea how
> much testing the FDA *REQUIRES* for battery operated devices implanted
> to run the heart???  Also think about what the companies that develop
> these devices are required to do by there lawyers and insurance
> companies as far as testing goes to minimize liability.  They *KNOW*
> they will be sued and act accordingly, that is a big part of why
> medicine is so expensive.

Yes, of course!  Expensive software MUST be bug free.  Space shuttles  
don't crash, nuclear reactors don't fail, ...

I didn't say it was a likely scenario, I said it exists, and if you  
did your research you'd find that such things have happened in the past.

-bob




From nomadlogic  Sun May 22 13:49:37 2005
From: nomadlogic (pete wright)
Date: Sun, 22 May 2005 10:49:37 -0700
Subject: [nycbug-talk] interesting read
In-Reply-To: <428FD2C9.6010000@sddi.net>
References: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>
	<428FD2C9.6010000@sddi.net>
Message-ID: <57d7100005052210492127d5f4@mail.gmail.com>

On 5/21/05, George R. <george at sddi.net> wrote:
> alex at pilosoft.com wrote:

> >
> > Finally someone who doesn't have knee-jerk reaction "open source good,
> > proprietary bad". I'm somewhat surprised to response from this list
> > regarding my comment about open-source/healthcare - I'd expect that much
> > flame if it was nylxs, not nycbug ;)
> 
> I'm not Mr. S., and none of us are knee-jerk RMS- (the other 'S' guy)
> types.  I think you're well aware of that. . .
> 
> But I think in most of our minds, what we'd assume about medical
> software is what we'd also take from our buddy Mr. S (chneier) on the
> topic for cryptographic algorithms.  Peer review is better for critical
> applications.  Lots of authorities reviwing the code would be good.
> 

Is this the article you are referring to:

http://www.schneier.com/crypto-gram-9909.html

seems to make sense to me, in cryptography or any field really.  IMO
the open source methodology is akin to the scientific method.  Peer
review of open, reproducable methodology.  Dunno, it just seems like a
logical way of going about things in any field.  Although I'm probably
one of those zealots eh ;p

-pete


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From mspitzer  Sun May 22 14:00:52 2005
From: mspitzer (Marc Spitzer)
Date: Sun, 22 May 2005 14:00:52 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <F2CD0D25-848C-4E5E-BD4C-05BF19D7BE6E@redivi.com>
References: <Pine.LNX.4.44.0505211426410.27595-100000@bawx.pilosoft.com>
	<CFBBD852-3D4C-4D07-A6F2-53D3B7A3F36D@redivi.com>
	<8c50a3c30505220816723a645@mail.gmail.com>
	<3EDBE078-7D92-4576-9165-5FCC359C6E43@redivi.com>
	<8c50a3c30505221014129b2bfe@mail.gmail.com>
	<F2CD0D25-848C-4E5E-BD4C-05BF19D7BE6E@redivi.com>
Message-ID: <8c50a3c305052211003407a504@mail.gmail.com>

On 5/22/05, Bob Ippolito <bob at redivi.com> wrote:
> 
> On May 22, 2005, at 10:14 AM, Marc Spitzer wrote:
> 
> > On 5/22/05, Bob Ippolito <bob at redivi.com> wrote:
> >
> >>
> >> On May 22, 2005, at 8:16 AM, Marc Spitzer wrote:
> >>
> >>
> >>> On 5/21/05, Bob Ippolito <bob at redivi.com> wrote:
> >>>
> >>>
> >>>>
> >>>> On May 21, 2005, at 11:28 AM, alex at pilosoft.com wrote:
> >>>>
> >>>>
> >>>>
> >>>>> On Sat, 21 May 2005, Bob Ippolito wrote:
> > He did not use audit incorrectly, audit has nothing to do with the
> > right to have unrestricted rights to distribute code.  And that
> > redistribution right, in some cases compulsion,  is what is the core
> > defining characteristic of open source.  audit is just a secondary
> > effect nothing more of open source.
> >
> > And as far as I know the use of orthogonal in regular speech means
> > unrelated to.  Orthogonal in math can and does depend on the type of
> > math you are studding.  But I do not think that Alex meant to say
> > "normal to the tangent plane of the surface" where the surface in
> > question is of N dimensions and the tangent "plane" is of N-1
> > dimensions and the normal is N-2 dimensions, think sphere-> plane->
> > ray as that would make absolutely no seance out of a few specific
> > areas of math, sold euclidean geometry and calc come to mind.
> 
> If A implies the possibility of B, in what universe are they unrelated?

so A does not imply B, go read up on how logic works.  Start with
Aristotle and work forward.

> 
> >>> 1: enough about how the heart works to comment on design decisions,
> >>> optimizing for speed where needed and space everywhere else.
> >>>
> >>> 2: know the hardware and software *very* well and these are, I would
> >>> think, all fairly to very custom embedded systems, for example X is
> >>> stupid in C but great in forth.
> >>>
> >>
> >> I said *possible*, not easy, cheap, or generally accessible.  Nowhere
> >> in this thread did I ever say that open source is inherently a better
> >> solution, but it does inherently have a way to measure its worth
> >> because the source is available.  Finding a person qualified to
> >> perform that measurement is another story.
> >>
> >
> > No it is not, with out *that person* the rest is a complete wash.
> 
> And unless air is breathable, we'll all die!  OH NO!

grow up

> 
> >> Again, I never said that a closed source solution can't have this
> >> either, only that open source implies that this is available.
> >>
> >>
> >>> And you would need to accept the fact you might just get sued out of
> >>> existence for your opinion.  Think about it someone dies and a
> >>> lawyer
> >>> smells money so he decided to sue all involved because it costs him
> >>> nothing to add you to the suit.  Now you need a good lawyer for a
> >>> long
> >>> time and they want cash generally.
> >>>
> >>
> >> Open source solutions probably fare better here (for the auditor),
> >> because the license implies redistribution rights for the code.
> >>
> >
> > go talk to a lawyer about this, here is the scenario
> >
> > 1: you make a comment on how to improve bubas open source pacemaker
> > development kit, or even provide a patch
> >
> > 2: after that some people die with bubas kit in there chest
> >
> > 3: lawyer sues for damages, claims bubas kit was defective
> >
> > 4: add you to the list because he can for free.  You were involved
> > after all.
> >
> > Now you need a lawyer, good ones are $400+/hr and bad ones cost more.
> > And they like cash up front, retainer.
> 
> You can sue or be sued at any time for any reason.  So what?

no I can not.  For example say I am sued because I live in the same
city as bubas lead developer, do not know him at all, it would get
thrown out of court.  And I could sue the people who sued me and win. 
Further more I could demand that the lawyers involved be disciplined
before the bar, etc.

And you speak as someone who has nothing, the "so what" will change as
you have stuff to loose.

> 
> >>> ike,
> >>>
> >>> even if it is in python you are not qualified to have an opinion
> >>> about
> >>> the code that runs your granddads heart.
> >>>
> >>
> >> Well there is a species of "obvious" bugs that you can find without
> >> knowing the hardware and software very well.  If you perform a naive
> >> audit of the code and find one or more examples of these, I'd get
> >> that solution the hell away from anyone I care about.
> >>
> >
> > This is a remarkably ignorant thing to say.  Do you have any idea how
> > much testing the FDA *REQUIRES* for battery operated devices implanted
> > to run the heart???  Also think about what the companies that develop
> > these devices are required to do by there lawyers and insurance
> > companies as far as testing goes to minimize liability.  They *KNOW*
> > they will be sued and act accordingly, that is a big part of why
> > medicine is so expensive.
> 
> Yes, of course!  Expensive software MUST be bug free.  Space shuttles
> don't crash, nuclear reactors don't fail, ...

The world is not perfect quit whining about it.  The facts of the
mater are that these devices undergo a, by normal standards,
ridiculous amount of testing.  What we are talking about is marginal
cost, how much does it cost to get some small increment of improvement
or even to attempt it.  The cost to the company selling the device
would be huge, the lawyers would require each comment/bug report be
taken seriously, if it merits it or not, because of liability.  Also
keep in mind that if you drive up the cost of the product too much
companies leave the marketplace and go out of business or build
something else.

> 
> I didn't say it was a likely scenario, I said it exists, and if you
> did your research you'd find that such things have happened in the past.

galaxies have died in the past does that mean that I should not go to
work on Monday??

Please stop behaving like an idiot in public, it embarrasses you and
wasts out time.

marc

> 
> -bob
> 
>



From mspitzer  Sun May 22 16:31:14 2005
From: mspitzer (Marc Spitzer)
Date: Sun, 22 May 2005 16:31:14 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <57d7100005052210492127d5f4@mail.gmail.com>
References: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>
	<428FD2C9.6010000@sddi.net>
	<57d7100005052210492127d5f4@mail.gmail.com>
Message-ID: <8c50a3c30505221331390ca9de@mail.gmail.com>

On 5/22/05, pete wright <nomadlogic at gmail.com> wrote:
> On 5/21/05, George R. <george at sddi.net> wrote:
> > alex at pilosoft.com wrote:
> 
> > >
> > > Finally someone who doesn't have knee-jerk reaction "open source good,
> > > proprietary bad". I'm somewhat surprised to response from this list
> > > regarding my comment about open-source/healthcare - I'd expect that much
> > > flame if it was nylxs, not nycbug ;)
> >
> > I'm not Mr. S., and none of us are knee-jerk RMS- (the other 'S' guy)
> > types.  I think you're well aware of that. . .
> >
> > But I think in most of our minds, what we'd assume about medical
> > software is what we'd also take from our buddy Mr. S (chneier) on the
> > topic for cryptographic algorithms.  Peer review is better for critical
> > applications.  Lots of authorities reviwing the code would be good.
> >
> 
> Is this the article you are referring to:
> 
> http://www.schneier.com/crypto-gram-9909.html
> 
> seems to make sense to me, in cryptography or any field really.  IMO
> the open source methodology is akin to the scientific method.  Peer
> review of open, reproducable methodology.  Dunno, it just seems like a
> logical way of going about things in any field.  Although I'm probably
> one of those zealots eh ;p
> 

I will grant you it makes sence in certen problem domains.  The real
question is does it make sence in this one, pacemakers or what ever. 
I do not think it makes sence in this case because we are *not*
talking about a public standard but a small embeded system designed to
keep people alive by a for profit company.  And as I have said before
there is the whole liability thing to be aware of, you may not want to
get involved to risk your house and retirment/kids college fund.

marc



From daggerquill  Sun May 22 17:43:53 2005
From: daggerquill (Jay Savage)
Date: Sun, 22 May 2005 17:43:53 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <8c50a3c30505221331390ca9de@mail.gmail.com>
References: <Pine.LNX.4.44.0505211544480.27595-100000@bawx.pilosoft.com>
	<428FD2C9.6010000@sddi.net>
	<57d7100005052210492127d5f4@mail.gmail.com>
	<8c50a3c30505221331390ca9de@mail.gmail.com>
Message-ID: <4ce365ec050522144335d989ea@mail.gmail.com>

On 5/22/05, Marc Spitzer <mspitzer at gmail.com> wrote:
> On 5/22/05, pete wright <nomadlogic at gmail.com> wrote:
> > On 5/21/05, George R. <george at sddi.net> wrote:
> > > alex at pilosoft.com wrote:
> >
> > > >
> > > > Finally someone who doesn't have knee-jerk reaction "open source good,
> > > > proprietary bad". I'm somewhat surprised to response from this list
> > > > regarding my comment about open-source/healthcare - I'd expect that much
> > > > flame if it was nylxs, not nycbug ;)
> > >
> > > I'm not Mr. S., and none of us are knee-jerk RMS- (the other 'S' guy)
> > > types.  I think you're well aware of that. . .
> > >
> > > But I think in most of our minds, what we'd assume about medical
> > > software is what we'd also take from our buddy Mr. S (chneier) on the
> > > topic for cryptographic algorithms.  Peer review is better for critical
> > > applications.  Lots of authorities reviwing the code would be good.
> > >
> >
> > Is this the article you are referring to:
> >
> > http://www.schneier.com/crypto-gram-9909.html
> >
> > seems to make sense to me, in cryptography or any field really.  IMO
> > the open source methodology is akin to the scientific method.  Peer
> > review of open, reproducable methodology.  Dunno, it just seems like a
> > logical way of going about things in any field.  Although I'm probably
> > one of those zealots eh ;p
> >
> 
> I will grant you it makes sence in certen problem domains.  The real
> question is does it make sence in this one, pacemakers or what ever.
> I do not think it makes sence in this case because we are *not*
> talking about a public standard but a small embeded system designed to
> keep people alive by a for profit company.  And as I have said before
> there is the whole liability thing to be aware of, you may not want to
> get involved to risk your house and retirment/kids college fund.
> 
> marc

This is a pretty silly argument.  Do FreeBSD developers worry about
getting sued if an a big Web hosting company (e.g. pair comes to mind)
gets sued by a customer for not meeting availablity guarantees?  No. 
because one thing any decent license says, among other things, is "by
using this software, you agree not to sue us if it doesn't work; no
gurantees, etc."  You don't think the risk is acceptable for you. 
Fine.  But that doesn't speak against the value of opensoure projects
and methodologies.  Let's rephrase the question this way: if you had
to trust your life to software designed by a team led by Henning
Brauer and audited by a wide community of programmers before being
subjected to an FDA review that included some great clinical trial,
but no real investigation of the technology, or software developed
under the direction of a project manager under pressure to meet
deadlines, before being subjected to the same FDA review, which would
you choose?  Fortunately, the clinical review process will find any
major bugs, but I'd still rather know that the software was designed
with sound principles in the first place, before the FDA even saw it.

I think that the use of opensource here may be misleading, and where
the discussion has derailed.  What's at stake isn't liscencing per se,
but the relative merits of the "cathedral vs. the bazaar" as
philosophies/methodologies for creating software.  No, simply
releasing something under the BSd liscence or the GPL doesn't make it
better.  But where there is sustained community interest,
community-based programming tends to produce better results.

The pacemaker argument is a bit disingenuous, though.  The post was
about healthcare IT, and since the author is involved with
jsyncmanager, etc., I read that as infrastructure.  So the real
question is: when you walk into an emergency room and the workstations
at the nurses station are running Windows 95, does that give you a
great feeling of confidence?  When the screens above the station
showing the EKG output from various beds are XP desktops with
consipcuous blank spots and windows that say "this program has
committed a sharing violation", is that a good thing?  I've had both
happen in the past six months, and the answer in both cases is "no". 
I don't want the workstation where the doctor is looking at my medical
records to suddenly display BSOD.  I don't want it to have a kernel
panic, either, but which is more likely?

This might be an interesting discussion to continue after the June
meeting, but I think there's a lot of room for opensource software in
healthcare, as everywhere else.

--jay

-----
daggerquill [at] gmial [dot] com
http://www.engatiki.org



From alex  Sun May 22 16:39:54 2005
From: alex (alex at pilosoft.com)
Date: Sun, 22 May 2005 16:39:54 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <4ce365ec050522144335d989ea@mail.gmail.com>
Message-ID: <Pine.LNX.4.44.0505221637320.27595-100000@bawx.pilosoft.com>

On Sun, 22 May 2005, Jay Savage wrote:

> The pacemaker argument is a bit disingenuous, though.  The post was
> about healthcare IT, and since the author is involved with jsyncmanager,
> etc., I read that as infrastructure.  So the real question is: when you
> walk into an emergency room and the workstations at the nurses station
> are running Windows 95, does that give you a great feeling of
> confidence?  When the screens above the station showing the EKG output
> from various beds are XP desktops with consipcuous blank spots and
> windows that say "this program has committed a sharing violation", is
> that a good thing?  I've had both happen in the past six months, and the
> answer in both cases is "no".  I don't want the workstation where the
> doctor is looking at my medical records to suddenly display BSOD.  I
> don't want it to have a kernel panic, either, but which is more likely?
The above is hardly IT. I've made this point before: There's healthcare 
IT, which is no different from all other IT environments - and human lives 
do not depend on it. Open Source is just as applicable there as in any 
other IT environment.

What you've described above, particularly EKG output, *is* life-critical, 
as in, malfunction of software can result in death. There, I would say 
there is far less benefit of using open source software.

That's all.

-alex





From daggerquill  Mon May 23 10:30:23 2005
From: daggerquill (Jay Savage)
Date: Mon, 23 May 2005 10:30:23 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505221637320.27595-100000@bawx.pilosoft.com>
References: <4ce365ec050522144335d989ea@mail.gmail.com>
	<Pine.LNX.4.44.0505221637320.27595-100000@bawx.pilosoft.com>
Message-ID: <4ce365ec050523073078442837@mail.gmail.com>

On 5/22/05, alex at pilosoft.com <alex at pilosoft.com> wrote:
> On Sun, 22 May 2005, Jay Savage wrote:
> 
> > The pacemaker argument is a bit disingenuous, though.  The post was
> > about healthcare IT, and since the author is involved with jsyncmanager,
> > etc., I read that as infrastructure.  So the real question is: when you
> > walk into an emergency room and the workstations at the nurses station
> > are running Windows 95, does that give you a great feeling of
> > confidence?  When the screens above the station showing the EKG output
> > from various beds are XP desktops with consipcuous blank spots and
> > windows that say "this program has committed a sharing violation", is
> > that a good thing?  I've had both happen in the past six months, and the
> > answer in both cases is "no".  I don't want the workstation where the
> > doctor is looking at my medical records to suddenly display BSOD.  I
> > don't want it to have a kernel panic, either, but which is more likely?
> The above is hardly IT. I've made this point before: There's healthcare
> IT, which is no different from all other IT environments - and human lives
> do not depend on it. Open Source is just as applicable there as in any
> other IT environment.
> 
> What you've described above, particularly EKG output, *is* life-critical,
> as in, malfunction of software can result in death. There, I would say
> there is far less benefit of using open source software.
> 
> That's all.
> 
> -alex

If that's not IT, then what is?  I wasn't talking about the
software/firmware that runs EKGs and displays the output over the
patient's head; I was talking about the cabling, routing hardware and
software, etc., that gets that information to a remote monitoring
station--usually over some sort of standard tcp/ip network (usually
ethernet), and the OS and userland used to display that information at
the remote monitoring station.  Once the information is turned into
packets, comes out of a serial or ethernet port, and starts running
along cat5, coax, or fiber to a different part of the building, that
certainly fits my definition of IT, especially when the results are
delivered for local processing and display on a workstation running a
different OS than the machine that produced the original output.

I'd say, "regulating information exchange between workstations,
servers, and network appliances" was a pretty good start a a
definition of IT, if such a thing is even possible.

I can see where there's room for cunfusion, though:  This may be a
discussion where anecdotes and examples serve to cloud the issue
rather than clarify it.  So let's put it this way:  If the data can be
entrusted to any current Windows release, it can certainly be
entrusted to a *BSD, or possibly even Linux.  If current Windows
workstations were phased out in favor of opensource OS, there would be
a significant cost benefit, and probably a significant increase in the
stability of the infrastructure as a whole.

As for specific (client, user) applications, even if the current
proprietary closed-source solutions were redirected to other
platforms, that would result in advances in stability and
availability--even the simple, universal unix ability to update
applications without mucking about in the registry and probably
rebooting is a significant advantage in a high availability
environment.  It is difficult to believe, though, that with a proper
(structured, BSDish) design philosophy, that any development effort
would not benefit from the peer-review and constant refactoring of
opensource efforts.

Opensource projects have certainly proven themselves capapble of far
surpassing the stability and performance of proprietary solutions in
other venues, particularly mission-critical applications, why not
healthcare?  Why should I suddenly trust Windows and software designed
for it with my life when I don't even trust it them with my web and
mail servers?  That seems backwards.

Embedded systems, though, I agree, are a place where opensource
projects are of more dubious value.

--jay

--------------------
daggerquill [at] gmail [dot] com
http://www.engatiki.org



From alex  Mon May 23 09:53:56 2005
From: alex (alex at pilosoft.com)
Date: Mon, 23 May 2005 09:53:56 -0400 (EDT)
Subject: [nycbug-talk] interesting read
In-Reply-To: <4ce365ec050523073078442837@mail.gmail.com>
Message-ID: <Pine.LNX.4.44.0505230949150.27595-100000@bawx.pilosoft.com>

On Mon, 23 May 2005, Jay Savage wrote:

> If that's not IT, then what is?  I wasn't talking about the
> software/firmware that runs EKGs and displays the output over the
> patient's head; I was talking about the cabling, routing hardware and
> software, etc., that gets that information to a remote monitoring
> station--usually over some sort of standard tcp/ip network (usually
> ethernet), and the OS and userland used to display that information at
> the remote monitoring station.  Once the information is turned into
> packets, comes out of a serial or ethernet port, and starts running
> along cat5, coax, or fiber to a different part of the building, that
> certainly fits my definition of IT, especially when the results are
> delivered for local processing and display on a workstation running a
> different OS than the machine that produced the original output.
My definition: If lives depend on it, it is not IT - it is life-critical 
application, which should be managed and treated in a way that is totally 
different from your regular IT management.

> I'd say, "regulating information exchange between workstations,
> servers, and network appliances" was a pretty good start a a
> definition of IT, if such a thing is even possible.
> 
> I can see where there's room for cunfusion, though:  This may be a
> discussion where anecdotes and examples serve to cloud the issue
> rather than clarify it.  So let's put it this way:  If the data can be
> entrusted to any current Windows release, it can certainly be
> entrusted to a *BSD, or possibly even Linux.  If current Windows
> workstations were phased out in favor of opensource OS, there would be
> a significant cost benefit, and probably a significant increase in the
> stability of the infrastructure as a whole.
I certainly hope that life-critical applications are not running on
Windows.

<snip>
> Opensource projects have certainly proven themselves capapble of far
> surpassing the stability and performance of proprietary solutions in
> other venues, particularly mission-critical applications, why not
> healthcare?  Why should I suddenly trust Windows and software designed
> for it with my life when I don't even trust it them with my web and mail
> servers?  That seems backwards.
> 
> Embedded systems, though, I agree, are a place where opensource projects
> are of more dubious value.
Well, there's a point of open source for embedded systems, just not 
life-safety embedded systems.

-alex




From daggerquill  Mon May 23 13:17:27 2005
From: daggerquill (Jay Savage)
Date: Mon, 23 May 2005 13:17:27 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <Pine.LNX.4.44.0505230949150.27595-100000@bawx.pilosoft.com>
References: <4ce365ec050523073078442837@mail.gmail.com>
	<Pine.LNX.4.44.0505230949150.27595-100000@bawx.pilosoft.com>
Message-ID: <4ce365ec05052310171dfdee42@mail.gmail.com>

On 5/23/05, alex at pilosoft.com <alex at pilosoft.com> wrote:
> On Mon, 23 May 2005, Jay Savage wrote:
> 
> > If that's not IT, then what is?  I wasn't talking about the
> > software/firmware that runs EKGs and displays the output over the
> > patient's head; I was talking about the cabling, routing hardware and
> > software, etc., that gets that information to a remote monitoring
> > station--usually over some sort of standard tcp/ip network (usually
> > ethernet), and the OS and userland used to display that information at
> > the remote monitoring station.  Once the information is turned into
> > packets, comes out of a serial or ethernet port, and starts running
> > along cat5, coax, or fiber to a different part of the building, that
> > certainly fits my definition of IT, especially when the results are
> > delivered for local processing and display on a workstation running a
> > different OS than the machine that produced the original output.
> My definition: If lives depend on it, it is not IT - it is life-critical
> application, which should be managed and treated in a way that is totally
> different from your regular IT management.
> 

Different from your regular It management? Yes.  (Hopefully) requiring
special training? Yes.  Still very much "Information Technology"? Yes.
 Of course critical information needs to be treated gently, but at the
end of the day, there are a limited number of ways to get information
from an interface on one mache to the interface of another machine,
and the people who know how to make that happen are, pretty much by
definition, "IT peaople".


> >
> > I can see where there's room for cunfusion, though:  This may be a
> > discussion where anecdotes and examples serve to cloud the issue
> > rather than clarify it.  So let's put it this way:  If the data can be
> > entrusted to any current Windows release, it can certainly be
> > entrusted to a *BSD, or possibly even Linux.  If current Windows
> > workstations were phased out in favor of opensource OS, there would be
> > a significant cost benefit, and probably a significant increase in the
> > stability of the infrastructure as a whole.

> I certainly hope that life-critical applications are not running on
> Windows.
> 

Then you hope in vain, at least as you define "life-critical".  I hope
you don't have cause to go to an emergency room any time soon.  But if
you do, take a close look around.  hospitals consist largely of
embedded systems linked to windows workstations for remote monitoring.
 There is no "HealthCareOS" or something like that.  There is HL7,
which specifies an open medical data protocol, and applications for
dealing with HL7 data can be built in any langauge and for any
platform, and is most often transferred via tcp/ip over twisted pair
or 802.11a/b/g.

No, windows doesn't actually run heart monitors.  And there are other
players: Sun, for instance is a hardware and software partner for
several companies (Welch Allyn for instance).  But unless a nurse is
sitting in your room, there's a better than even chance that it'll be
a windows app that eventually delivers your real time vitals to
whoever is looking for them, and a Windows app that delivers your CAT
scan from radiology to your file, etc., etc.

[snip]


--jay
--------------------
daggerquill [at] gmail [dot] com
http://www.engatiki.org



From mspitzer  Mon May 23 14:50:09 2005
From: mspitzer (Marc Spitzer)
Date: Mon, 23 May 2005 14:50:09 -0400
Subject: [nycbug-talk] interesting read
In-Reply-To: <4ce365ec05052310171dfdee42@mail.gmail.com>
References: <4ce365ec050523073078442837@mail.gmail.com>
	<Pine.LNX.4.44.0505230949150.27595-100000@bawx.pilosoft.com>
	<4ce365ec05052310171dfdee42@mail.gmail.com>
Message-ID: <8c50a3c3050523115059b601b4@mail.gmail.com>

On 5/23/05, Jay Savage <daggerquill at gmail.com> wrote:
> No, windows doesn't actually run heart monitors.  And there are other
> players: Sun, for instance is a hardware and software partner for
> several companies (Welch Allyn for instance).  But unless a nurse is
> sitting in your room, there's a better than even chance that it'll be
> a windows app that eventually delivers your real time vitals to
> whoever is looking for them, and a Windows app that delivers your CAT
> scan from radiology to your file, etc., etc.

that it I am going to get healthy right now.

marc



From steve.rieger  Tue May 24 13:03:15 2005
From: steve.rieger (Steve Rieger)
Date: Tue, 24 May 2005 13:03:15 -0400
Subject: [nycbug-talk] apache MM permission issues
Message-ID: <a5e65831076d88fd93f163c85535f47e@tbwachiat.com>

hi all

did anybody on this list come up with a solution for the MM permission 
issue bug, when trying to start apache as non root



--
Steve Rieger
(646) 335-8915   (Cell)
chozrim           (aim)




From lists  Tue May 24 17:37:11 2005
From: lists (michael)
Date: Tue, 24 May 2005 17:37:11 -0400
Subject: [nycbug-talk] Fw: Buying CD's in Calgary
Message-ID: <20050524173711.1c6e023f@delinux.abwatley.com>

Do you think if we put them up at the Waldorf for next year's
hack-a-thon they would come to a NYCBUG meeting for a Q&A?

<grin>
Michael


Begin forwarded message:

Date: Tue, 24 May 2005 13:45:30 -0600
From: Theo de Raadt <deraadt at cvs.openbsd.org>
To: 
Cc: misc at openbsd.org
Subject: Re: Buying CD's in Calgary 

> On 24/05/05, Cameron Schaus wrote:
> > Does anyone know where I could buy OpenBSD CD's in Calgary?  I used
> > to buy them at Nexus Computer Books, but now that they are gone, I'm
> > not sure where to buy the CD's in Calgary.

There are currently no stores in Calgary selling CDs directly.  The
CDs get shipped out of a town about 3 hours drive south of Calgary.
Obviously not by me, since I have my hands full with other things.

Tonight, just tonight, CDs and other things can be bought at 5:30pm
at the CUUG meeting in downtown Calgary.  See http://www.cuug.ab.ca

As an added bonus, besides CDs we are bringing 60 developers along
for a Q&A after the talk.



-- 
---



From dan  Tue May 24 20:33:24 2005
From: dan (Dan Langille)
Date: Tue, 24 May 2005 20:33:24 -0400
Subject: [nycbug-talk] Apache DirectoryIndex help
Message-ID: <42938F94.23175.6CA9F28@localhost>

Should this statement:

   DirectoryIndex index.html index.php index.php3

display index.html if it exist?

I ask because I have a directory that contains both index.php and 
index.html.  It's displaying index.php if I browse to the directory.  
Not nice.

Try http://bugs.bacula.org/ and http://bugs.bacula.org/index.html

Any clues?
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/





From dan  Tue May 24 20:37:03 2005
From: dan (Dan Langille)
Date: Tue, 24 May 2005 20:37:03 -0400
Subject: [nycbug-talk] Apache DirectoryIndex help
In-Reply-To: <42938F94.23175.6CA9F28@localhost>
Message-ID: <4293906F.383.6CDF6EE@localhost>

On 24 May 2005 at 20:33, Dan Langille wrote:

> Should this statement:
> 
>    DirectoryIndex index.html index.php index.php3
> 
> display index.html if it exist?
> 
> I ask because I have a directory that contains both index.php and 
> index.html.  It's displaying index.php if I browse to the directory.  
> Not nice.
> 
> Try http://bugs.bacula.org/ and http://bugs.bacula.org/index.html
> 
> Any clues?

That's it.. post it to the list to make it work....

No worries. It's all OK now.
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/





From dlavigne6  Wed May 25 09:40:00 2005
From: dlavigne6 (Dru)
Date: Wed, 25 May 2005 09:40:00 -0400 (EDT)
Subject: [nycbug-talk] link to BSDCan pics/movies
Message-ID: <20050525093932.L572@dru.domain.org>


http://www.oreillynet.com/pub/wlg/7153

Dru



From dlavigne6  Wed May 25 10:04:02 2005
From: dlavigne6 (Dru)
Date: Wed, 25 May 2005 10:04:02 -0400 (EDT)
Subject: [nycbug-talk] for those interested in FreeBSD marketing
Message-ID: <20050525100342.J572@dru.domain.org>


http://www.oreillynet.com/pub/wlg/7154

Dru



From lists  Wed May 25 12:49:12 2005
From: lists (michael)
Date: Wed, 25 May 2005 12:49:12 -0400
Subject: [nycbug-talk] switch
Message-ID: <20050525124912.6c3c80db@delinux.abwatley.com>


We are in the market for a switch to put in a small colo presence.
Does anyone have any recommendations.  One suggestion made to me was:
http://www.netgear.com/products/details/GS516T.php

Michael


-- 
---



From bschonhorst  Wed May 25 13:00:26 2005
From: bschonhorst (Brad Schonhorst)
Date: Wed, 25 May 2005 13:00:26 -0400
Subject: [nycbug-talk] switch
In-Reply-To: <20050525124912.6c3c80db@delinux.abwatley.com>
References: <20050525124912.6c3c80db@delinux.abwatley.com>
Message-ID: <46C68305-ADDE-4256-9A53-1C8F4C50C969@vcsnyc.org>


On May 25, 2005, at 12:49 PM, michael wrote:

>
> We are in the market for a switch to put in a small colo presence.
> Does anyone have any recommendations.  One suggestion made to me was:
> http://www.netgear.com/products/details/GS516T.php
>
> Michael

Cisco is always nice but I've also had great luck with HP's Procurve  
series.


-Brad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nycbug.org/pipermail/talk/attachments/20050525/2d2ed859/attachment.html 


From alex  Wed May 25 11:51:29 2005
From: alex (alex at pilosoft.com)
Date: Wed, 25 May 2005 11:51:29 -0400 (EDT)
Subject: [nycbug-talk] switch
In-Reply-To: <20050525124912.6c3c80db@delinux.abwatley.com>
Message-ID: <Pine.LNX.4.44.0505251150420.27595-100000@bawx.pilosoft.com>

On Wed, 25 May 2005, michael wrote:

> We are in the market for a switch to put in a small colo presence. Does
> anyone have any recommendations.  One suggestion made to me was:
> http://www.netgear.com/products/details/GS516T.php
If you are going with ghetto equipment, use dell (3324/3348). They are 
cheapest of the ghetto ones.

Otherwise, Cisco 2924xl are cheap on secondary market or 2950T

-alex




From kacanski_s  Wed May 25 13:13:28 2005
From: kacanski_s (Aleksandar Kacanski)
Date: Wed, 25 May 2005 10:13:28 -0700 (PDT)
Subject: [nycbug-talk] switch
In-Reply-To: <46C68305-ADDE-4256-9A53-1C8F4C50C969@vcsnyc.org>
Message-ID: <20050525171328.99166.qmail@web53604.mail.yahoo.com>

I concur with Brad. I just purchased ProCurve 2600
series switches and they work very well. Cisco is
expensive comparing to HP.
Sasha

--- Brad Schonhorst <bschonhorst at vcsnyc.org> wrote:

> 
> On May 25, 2005, at 12:49 PM, michael wrote:
> 
> >
> > We are in the market for a switch to put in a
> small colo presence.
> > Does anyone have any recommendations.  One
> suggestion made to me was:
> > http://www.netgear.com/products/details/GS516T.php
> >
> > Michael
> 
> Cisco is always nice but I've also had great luck
> with HP's Procurve  
> series.
> 
> 
> -Brad
> > _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce
> lists
> %We meet the first Wednesday of the month
>


Aleksandar (Sasha) Kacanski


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new Resources site
http://smallbusiness.yahoo.com/resources/



From jbaltz  Wed May 25 13:17:21 2005
From: jbaltz (Jerry B. Altzman)
Date: Wed, 25 May 2005 13:17:21 -0400
Subject: [nycbug-talk] switch
In-Reply-To: <Pine.LNX.4.44.0505251150420.27595-100000@bawx.pilosoft.com>
References: <Pine.LNX.4.44.0505251150420.27595-100000@bawx.pilosoft.com>
Message-ID: <4294B321.6090300@3phasecomputing.com>

On 05/25/05 11:51 AM, alex at pilosoft.com wrote:
>>We are in the market for a switch to put in a small colo presence. Does
>>anyone have any recommendations.  One suggestion made to me was:
>>http://www.netgear.com/products/details/GS516T.php
> If you are going with ghetto equipment, use dell (3324/3348). They are 
> cheapest of the ghetto ones.

Agreed, I've had good experiences with both the NG and the Dell 
switches. For low-end stuff, they're just fine workhorses.
My experience is over a dozen NG switches over 3 years, and dell 
switches in "production" for about 2.

> Otherwise, Cisco 2924xl are cheap on secondary market or 2950T

Do the second-hand 2924 do GigE?

> -alex

//jbaltz
-- 
jerry b. altzman     jbaltz at 3phasecomputing.com         KE3ML
thank you for contributing to the heat death of the universe.



From alex  Wed May 25 12:09:03 2005
From: alex (alex at pilosoft.com)
Date: Wed, 25 May 2005 12:09:03 -0400 (EDT)
Subject: [nycbug-talk] switch
In-Reply-To: <4294B321.6090300@3phasecomputing.com>
Message-ID: <Pine.LNX.4.44.0505251208380.27595-100000@bawx.pilosoft.com>

On Wed, 25 May 2005, Jerry B. Altzman wrote:

> Agreed, I've had good experiences with both the NG and the Dell 
> switches. For low-end stuff, they're just fine workhorses.
> My experience is over a dozen NG switches over 3 years, and dell 
> switches in "production" for about 2.
> 
> > Otherwise, Cisco 2924xl are cheap on secondary market or 2950T
> 
> Do the second-hand 2924 do GigE?
if you put GE module in them. ;) [those aren't very cheap but ok]

-alex




From nomadlogic  Wed May 25 13:42:37 2005
From: nomadlogic (pete wright)
Date: Wed, 25 May 2005 10:42:37 -0700
Subject: [nycbug-talk] PPPoE OBSD
Message-ID: <57d710000505251042257b3291@mail.gmail.com>

So,
     3.7 is out and running on routers and firewalls all over the
internet now.  Yea!  I'm going to be deploying a box to act as
firewall for a dsl connection.  I've read the PPPoE is now in kernel 
with the 3.7 release.  Question for the OBSD guru's out there.  Is
this included in GENERIC?  If not can it be loaded as a .ko, or is a
recompile neccessary.  My host is a soekris box, and I'm not too
excited about building another OBSD host just to recompile the kernel
(although I could do it on the soekris box with an NFS mounted
/usr/src I suppose).

-p

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From nycbug  Wed May 25 13:51:16 2005
From: nycbug (Ray)
Date: Wed, 25 May 2005 13:51:16 -0400
Subject: [nycbug-talk] PPPoE OBSD
In-Reply-To: <57d710000505251042257b3291@mail.gmail.com>
References: <57d710000505251042257b3291@mail.gmail.com>
Message-ID: <20050525175116.GA10221@syntax.cyth.net>

On Wed, May 25, 2005 at 10:42:37AM -0700, pete wright wrote:
> I've read the PPPoE is now in kernel with the 3.7 release.  Question
> for the OBSD guru's out there.  Is this included in GENERIC?

ray at syntax[~] fgrep pppoe /usr/src/sys/conf/GENERIC
pseudo-device   pppoe   1       # PPP over Ethernet (RFC 2516)



From okan  Wed May 25 13:52:18 2005
From: okan (Okan Demirmen)
Date: Wed, 25 May 2005 13:52:18 -0400
Subject: [nycbug-talk] PPPoE OBSD
In-Reply-To: <57d710000505251042257b3291@mail.gmail.com>
References: <57d710000505251042257b3291@mail.gmail.com>
Message-ID: <20050525175217.GA60165@yinaska.pair.com>

On Wed 2005.05.25 at 10:42 -0700, pete wright wrote:
> So,
>      3.7 is out and running on routers and firewalls all over the
> internet now.  Yea!  I'm going to be deploying a box to act as
> firewall for a dsl connection.  I've read the PPPoE is now in kernel 
> with the 3.7 release.  Question for the OBSD guru's out there.  Is
> this included in GENERIC?  If not can it be loaded as a .ko, or is a
> recompile neccessary.  My host is a soekris box, and I'm not too
> excited about building another OBSD host just to recompile the kernel
> (although I could do it on the soekris box with an NFS mounted
> /usr/src I suppose).

no need - use GENERIC

-- 
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934



From lists  Wed May 25 13:55:48 2005
From: lists (michael)
Date: Wed, 25 May 2005 13:55:48 -0400
Subject: Fw: [nycbug-talk] switch
Message-ID: <20050525135548.79ea68c6@delinux.abwatley.com>

woop.. forward to list

Begin forwarded message:

Date: Wed, 25 May 2005 13:23:21 -0400
From: michael <lists at genoverly.net>
To: alex at pilosoft.com
Subject: Re: [nycbug-talk] switch


On Wed, 25 May 2005 11:51:29 -0400 (EDT)
alex at pilosoft.com wrote:

> If you are going with ghetto equipment

How colorful.. yes we are budget conscience.
Michael


p.s. alex, please fix your time.

-- 
---


-- 
---



From nomadlogic  Wed May 25 13:59:17 2005
From: nomadlogic (pete wright)
Date: Wed, 25 May 2005 10:59:17 -0700
Subject: [nycbug-talk] PPPoE OBSD
In-Reply-To: <20050525175116.GA10221@syntax.cyth.net>
References: <57d710000505251042257b3291@mail.gmail.com>
	<20050525175116.GA10221@syntax.cyth.net>
Message-ID: <57d710000505251059222c70c1@mail.gmail.com>

On 5/25/05, Ray <nycbug at cyth.net> wrote:
> On Wed, May 25, 2005 at 10:42:37AM -0700, pete wright wrote:
> > I've read the PPPoE is now in kernel with the 3.7 release.  Question
> > for the OBSD guru's out there.  Is this included in GENERIC?
> 
> ray at syntax[~] fgrep pppoe /usr/src/sys/conf/GENERIC
> pseudo-device   pppoe   1       # PPP over Ethernet (RFC 2516)
> 


d'oh!  thank's Ray!  That's even worse than not reading the FAQ
(although granted I don't have src.tgz handy right now).

-p


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From joshmccormack  Wed May 25 14:14:38 2005
From: joshmccormack (Josh McCormack)
Date: Wed, 25 May 2005 14:14:38 -0400
Subject: [nycbug-talk] OpenBSD packages
Message-ID: <4294C08E.3010207@travelersdiary.com>

I read a comment recently that the OpenBSD 3.7 packages are not up to 
date and require older libraries, that ports should be used. Will be 
installing 3.7 tonight, so would like to know if others find this to be 
true or false.

Thanks,

Josh



From nomadlogic  Wed May 25 14:27:21 2005
From: nomadlogic (pete wright)
Date: Wed, 25 May 2005 11:27:21 -0700
Subject: [nycbug-talk] OpenBSD packages
In-Reply-To: <4294C08E.3010207@travelersdiary.com>
References: <4294C08E.3010207@travelersdiary.com>
Message-ID: <57d7100005052511271b855e07@mail.gmail.com>

On 5/25/05, Josh McCormack <joshmccormack at travelersdiary.com> wrote:
> I read a comment recently that the OpenBSD 3.7 packages are not up to
> date and require older libraries, that ports should be used. Will be
> installing 3.7 tonight, so would like to know if others find this to be
> true or false.
> 


Hi Josh,
     In what way did that post refer to the 3.7 packages being out of
date?  Was this used in relation an upgrade from one release to
another?  If you are doing a fresh install, the packages are most
likely the way to go; that is unless you have specific modifications
you want to make to how a package is compiled then port is there for
you.

-pete



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From steve.rieger  Wed May 25 14:33:32 2005
From: steve.rieger (steve rieger)
Date: Wed, 25 May 2005 14:33:32 -0400
Subject: [nycbug-talk] kernel compile error
Message-ID: <135A81F6-A3D4-4BB9-9AF3-84412B51C7BD@tbwachiat.com>

getting this error wen doing a make buildkernel KERNCONF=custom-smp,  
this is after a cvsup src, and make buildworld


/usr/src/sys/dev/advansys/advansys.c: In function `adv_action':
/usr/src/sys/dev/advansys/advansys.c:260: warning: cast from pointer  
to integer of different size
*** Error code 1


any ideas







From nomadlogic  Wed May 25 14:38:03 2005
From: nomadlogic (pete wright)
Date: Wed, 25 May 2005 11:38:03 -0700
Subject: [nycbug-talk] kernel compile error
In-Reply-To: <135A81F6-A3D4-4BB9-9AF3-84412B51C7BD@tbwachiat.com>
References: <135A81F6-A3D4-4BB9-9AF3-84412B51C7BD@tbwachiat.com>
Message-ID: <57d71000050525113825a8b805@mail.gmail.com>

On 5/25/05, steve rieger <steve.rieger at tbwachiat.com> wrote:
> getting this error wen doing a make buildkernel KERNCONF=custom-smp,
> this is after a cvsup src, and make buildworld
> 
> 
> /usr/src/sys/dev/advansys/advansys.c: In function `adv_action':
> /usr/src/sys/dev/advansys/advansys.c:260: warning: cast from pointer
> to integer of different size
> *** Error code 1
> 
> 
> any ideas
> 

# uname -ar

just so that other know not to mess with buildworlds until this is resolved ;)

seriously though, are you able to build a generic kernel?

-p



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From lists  Wed May 25 15:08:01 2005
From: lists (lists at zaunere.com)
Date: Wed, 25 May 2005 21:08:01 +0200
Subject: [nycbug-talk] Dummynet - Windows?
Message-ID: <0MKyxe-1Db1GU0zzD-0002O5@mrelay.perfora.net>


Does anyone know of anything similar to dummynet for Windows?  I need to
simulate WAN conditions on a LAN, but using a Windows server.

Thanks,

H



From nycbug  Wed May 25 15:28:25 2005
From: nycbug (Ray)
Date: Wed, 25 May 2005 15:28:25 -0400
Subject: [nycbug-talk] PPPoE OBSD
In-Reply-To: <57d710000505251059222c70c1@mail.gmail.com>
References: <57d710000505251042257b3291@mail.gmail.com>
	<20050525175116.GA10221@syntax.cyth.net>
	<57d710000505251059222c70c1@mail.gmail.com>
Message-ID: <20050525192825.GA15625@syntax.cyth.net>

On Wed, May 25, 2005 at 10:59:17AM -0700, pete wright wrote:
> On 5/25/05, Ray <nycbug at cyth.net> wrote:
> > On Wed, May 25, 2005 at 10:42:37AM -0700, pete wright wrote:
> > > I've read the PPPoE is now in kernel with the 3.7 release.  Question
> > > for the OBSD guru's out there.  Is this included in GENERIC?
> > 
> > ray at syntax[~] fgrep pppoe /usr/src/sys/conf/GENERIC
> > pseudo-device   pppoe   1       # PPP over Ethernet (RFC 2516)
> 
> d'oh!  thank's Ray!  That's even worse than not reading the FAQ
> (although granted I don't have src.tgz handy right now).

Heh, no problem.  I wasn't too sure myself, so now I learned something
new today.



From bruno  Wed May 25 14:43:23 2005
From: bruno (bruno)
Date: Wed, 25 May 2005 14:43:23 -0400
Subject: [nycbug-talk] OpenBSD packages
In-Reply-To: <4294C08E.3010207@travelersdiary.com>
References: <4294C08E.3010207@travelersdiary.com>
Message-ID: <20050525184323.GA23746@loftmail.com>

On Wed, May 25, 2005 at 02:14:38PM -0400, Josh McCormack wrote:
> I read a comment recently that the OpenBSD 3.7 packages are not up to 
> date and require older libraries, that ports should be used. Will be 
> installing 3.7 tonight, so would like to know if others find this to be 
> true or false.

I mostly build from ports and can't say in my case if this is true or
false. It sounds very unlikely.

It should not stop you from installing 3.7 tonight is what I think.

Bruno

--
Free, Secure Email - http://www.loftmail.com



From jesse  Wed May 25 15:53:10 2005
From: jesse (Jesse Callaway)
Date: Wed, 25 May 2005 15:53:10 -0400
Subject: [nycbug-talk] switch
In-Reply-To: <20050525124912.6c3c80db@delinux.abwatley.com>
References: <20050525124912.6c3c80db@delinux.abwatley.com>
Message-ID: <200505251553.11220.jesse@theholymountain.com>

do it

On Wednesday 25 May 2005 12:49 pm, michael says:
> 
> We are in the market for a switch to put in a small colo presence.
> Does anyone have any recommendations.  One suggestion made to me was:
> http://www.netgear.com/products/details/GS516T.php
> 
> Michael
> 
> 



From joshmccormack  Wed May 25 16:07:35 2005
From: joshmccormack (Josh McCormack)
Date: Wed, 25 May 2005 16:07:35 -0400
Subject: [nycbug-talk] OpenBSD packages
In-Reply-To: <20050525184323.GA23746@loftmail.com>
References: <4294C08E.3010207@travelersdiary.com>
	<20050525184323.GA23746@loftmail.com>
Message-ID: <4294DB07.9000009@travelersdiary.com>

bruno wrote:

> On Wed, May 25, 2005 at 02:14:38PM -0400, Josh McCormack wrote:
> 
>>I read a comment recently that the OpenBSD 3.7 packages are not up to 
>>date and require older libraries, that ports should be used. Will be 
>>installing 3.7 tonight, so would like to know if others find this to be 
>>true or false.
> 
> 
> I mostly build from ports and can't say in my case if this is true or
> false. It sounds very unlikely.
> 
> It should not stop you from installing 3.7 tonight is what I think.
> 
> Bruno

Won't stop me, just wanted to be aware of issues.

Thanks,

Josh



From mickey  Wed May 25 16:02:46 2005
From: mickey (Michael Shalayeff)
Date: Wed, 25 May 2005 16:02:46 -0400 (EDT)
Subject: [nycbug-talk] OpenBSD packages
In-Reply-To: <20050525184323.GA23746@loftmail.com> from bruno at "May 25, 2005
	02:43:23 pm"
Message-ID: <200505252002.j4PK2kFJ009966@lucifier.net>

Making, drinking tea and reading an opus magnum from bruno:
> On Wed, May 25, 2005 at 02:14:38PM -0400, Josh McCormack wrote:
> > I read a comment recently that the OpenBSD 3.7 packages are not up to 
> > date and require older libraries, that ports should be used. Will be 
> > installing 3.7 tonight, so would like to know if others find this to be 
> > true or false.

you are mixing 3.7 and -current.
-current lags on pkgs sometimes
only because it's 10 times more
shit to compile...

cu
-- 
    paranoic mickey       (my employers have changed but, the name has remained)



From unixenigma  Wed May 25 17:54:24 2005
From: unixenigma (G T)
Date: Wed, 25 May 2005 14:54:24 -0700 (PDT)
Subject: [nycbug-talk] (SIP) ser-0.8.10 obsd3.7 - errors
Message-ID: <20050525215424.37146.qmail@web53906.mail.yahoo.com>

Hey.
Need some help. If any of you ever had same problem or
know the cause, please let me know.

Installed from package - cfg is default.

Here are the output on trying to start it:

ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'mem_lock'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'mem_lock'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'process_no'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'process_no'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'mem_block'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'mem_block'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'dont_fork'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'dont_fork'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'sock_no'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'sock_no'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'debug'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'debug'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'fifo'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'fifo'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'prev_ser_error'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'prev_ser_error'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'children_no'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'children_no'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'sock_info'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'sock_info'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'reply_to_via'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'reply_to_via'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'log_stderr'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'log_stderr'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'shm_block'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'shm_block'
ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
'timer_list'
ser: /usr/local/lib/ser/modules/sl.so: can't resolve
reference 'timer_list'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'mem_lock'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'mem_lock'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'server_signature'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'server_signature'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'process_no'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'process_no'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'mem_block'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'mem_block'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'pt'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'pt'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'dont_fork'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'dont_fork'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'sock_no'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'sock_no'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'debug'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'debug'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'syn_branch'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'syn_branch'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'fifo'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'fifo'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'children_no'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'children_no'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'bind_idx'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'bind_idx'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'sock_info'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'sock_info'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'reply_to_via'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'reply_to_via'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'log_stderr'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'log_stderr'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'shm_block'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'shm_block'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'reply_rlist'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'reply_rlist'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'ser_error'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'ser_error'
ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
'timer_list'
ser: /usr/local/lib/ser/modules/tm.so: can't resolve
reference 'timer_list'
ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
'mem_block'
ser: /usr/local/lib/ser/modules/rr.so: can't resolve
reference 'mem_block'
ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
'debug'
ser: /usr/local/lib/ser/modules/rr.so: can't resolve
reference 'debug'
ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
'bind_address'
ser: /usr/local/lib/ser/modules/rr.so: can't resolve
reference 'bind_address'
ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
'log_stderr'
ser: /usr/local/lib/ser/modules/rr.so: can't resolve
reference 'log_stderr'
ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
'port_no'
ser: /usr/local/lib/ser/modules/rr.so: can't resolve
reference 'port_no'
ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
symbol 'mem_block'
ser: /usr/local/lib/ser/modules/maxfwd.so: can't
resolve reference 'mem_block'
ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
symbol 'debug'
ser: /usr/local/lib/ser/modules/maxfwd.so: can't
resolve reference 'debug'
ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
symbol 'log_stderr'
ser: /usr/local/lib/ser/modules/maxfwd.so: can't
resolve reference 'log_stderr'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'mem_lock'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'mem_lock'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'mem_block'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'mem_block'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'debug'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'debug'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'dbf'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'dbf'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'log_stderr'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'log_stderr'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'is_main'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'is_main'
ser:/usr/local/lib/ser/modules/usrloc.so: undefined
symbol 'shm_block'
ser: /usr/local/lib/ser/modules/usrloc.so: can't
resolve reference 'shm_block'
ser:/usr/local/lib/ser/modules/registrar.so: undefined
symbol 'debug'
ser: /usr/local/lib/ser/modules/registrar.so: can't
resolve reference 'debug'
ser:/usr/local/lib/ser/modules/registrar.so: undefined
symbol 'log_stderr'
ser: /usr/local/lib/ser/modules/registrar.so: can't
resolve reference 'log_stderr'
ERROR: bad config file (16 errors)

Don't know even where to start... Online sources were
not helpful.
Thanks for your help.

GT


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new Resources site
http://smallbusiness.yahoo.com/resources/



From cbuechler  Wed May 25 19:59:10 2005
From: cbuechler (Chris Buechler)
Date: Wed, 25 May 2005 19:59:10 -0400
Subject: [nycbug-talk] Dummynet - Windows?
In-Reply-To: <0MKyxe-1Db1GU0zzD-0002O5@mrelay.perfora.net>
References: <0MKyxe-1Db1GU0zzD-0002O5@mrelay.perfora.net>
Message-ID: <d64aa176050525165963991444@mail.gmail.com>

On 5/25/05, lists at zaunere.com <lists at zaunere.com> wrote:
> 
> Does anyone know of anything similar to dummynet for Windows?  I need to
> simulate WAN conditions on a LAN, but using a Windows server.
> 

Not exactly answering the question, but VMware 5 allows you to set
speed and packet loss % on VMnets between virtual machines.  It's
usually a lot easier to test with virtual machines vs. physical ones
anyway, so that might be the best solution.

-chris



From george  Thu May 26 08:59:04 2005
From: george (George Georgalis)
Date: Thu, 26 May 2005 08:59:04 -0400
Subject: [nycbug-talk] Re: [BSDCert] www.bsdcertification.org seems to be
	down
In-Reply-To: <20050526083426.H579@dru.domain.org>
References: <b713df2c050524231111cbbba@mail.gmail.com>
	<20050526083426.H579@dru.domain.org>
Message-ID: <20050526125903.GD16906@ixeon.local>

On Thu, May 26, 2005 at 08:40:31AM -0400, Dru wrote:


>On Wed, 25 May 2005, Siju George wrote:
>
>>Hello,
>>
>>http://www.bsdcertification.org
>>
>>seems to be down on 25th May 2005, 11:40 am IST
>
>
>It appears our provider experienced some outages yesterday. We're
>working on creating more redundancy.
>
>Thanks for letting us know.
>


Well this brings to mind an idea of one of my clients. It sounds a bit
kooky but I cannot think of a good reason not to do it, other than a
little trickier to setup. You could call it a poor man's BGP.

Have two ISPs and subnets; make a common physical DMZ. Use a single
server (or redundant as needed) with an ip alias for each subnet. For
name resolution, use two resolvers, one on each subnet and have them
serve the IPs of the subnet they are on.

So, if one ISP fails, the only clients trying to connect to it are the
ones who have cached the failed IP -- which is an issue, but can be
mitigated with a lower ttl.

The window of benefit is for new connections at a bad time, and old
clients whose ttl expires while one of the ISPs has gone down.

So... what's wrong with this setup? other than 2x the likelihood of an
admin making a dns error. ;-)

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From alex  Thu May 26 08:15:36 2005
From: alex (alex at pilosoft.com)
Date: Thu, 26 May 2005 08:15:36 -0400 (EDT)
Subject: [nycbug-talk] Re: [BSDCert] www.bsdcertification.org seems to
	be	down
In-Reply-To: <20050526125903.GD16906@ixeon.local>
Message-ID: <Pine.LNX.4.44.0505260811470.21535-100000@bawx.pilosoft.com>

On Thu, 26 May 2005, George Georgalis wrote:

> >It appears our provider experienced some outages yesterday. We're
> >working on creating more redundancy.
> >
> >Thanks for letting us know.
> 
> Well this brings to mind an idea of one of my clients. It sounds a bit
> kooky but I cannot think of a good reason not to do it, other than a
> little trickier to setup. You could call it a poor man's BGP.
> 
> Have two ISPs and subnets; make a common physical DMZ. Use a single
> server (or redundant as needed) with an ip alias for each subnet. For
> name resolution, use two resolvers, one on each subnet and have them
> serve the IPs of the subnet they are on.
<snip>
> 
> So... what's wrong with this setup? other than 2x the likelihood of an
> admin making a dns error. ;-)
Yes, that's been used by many products to do ghetto redundancy. 

The only thing that's wrong in this setup is fact that many DNS clients 
are broken and do not respect TTL. Windows 95/98 will cache DNS results 
forever. Certain web browsers are 'too smart' and will cache DNS results 
until browser is restarted. Certain ISPs (AOL did that, don't know if they 
do) enforce minimum 30 minutes TTL.

I.E. it will work in 99% of cases.

-alex




From joshmccormack  Thu May 26 09:59:46 2005
From: joshmccormack (Josh McCormack)
Date: Thu, 26 May 2005 09:59:46 -0400
Subject: [nycbug-talk] centericq 
Message-ID: <4295D652.1070408@travelersdiary.com>

Hi all,

Did a fresh install of OpenBSD 3.7 last night, via network, on my old 
school IBM Thinkpad 560x (with a whopping 64mb of RAM). Installed 
Centericq first by package, then by port (after uninstalling). I put in 
the correct user/password for Yahoo & AIM, am not using those accounts 
elsewhere at the same time, and I keep getting wrong username/password 
messages. Any advice from anyone who uses this program, or other IM 
programs on OpenBSD?

Thanks,

Josh



From daggerquill  Thu May 26 10:29:55 2005
From: daggerquill (Jay Savage)
Date: Thu, 26 May 2005 10:29:55 -0400
Subject: [nycbug-talk] (SIP) ser-0.8.10 obsd3.7 - errors
In-Reply-To: <20050525215424.37146.qmail@web53906.mail.yahoo.com>
References: <20050525215424.37146.qmail@web53906.mail.yahoo.com>
Message-ID: <4ce365ec050526072935fbf2ca@mail.gmail.com>

On 5/25/05, G T <unixenigma at yahoo.com> wrote:
> Hey.
> Need some help. If any of you ever had same problem or
> know the cause, please let me know.
> 
> Installed from package - cfg is default.
> 
> Here are the output on trying to start it:
> 
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'mem_lock'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'mem_lock'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'process_no'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'process_no'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'mem_block'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'mem_block'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'dont_fork'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'dont_fork'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'sock_no'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'sock_no'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'debug'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'debug'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'fifo'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'fifo'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'prev_ser_error'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'prev_ser_error'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'children_no'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'children_no'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'sock_info'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'sock_info'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'reply_to_via'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'reply_to_via'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'log_stderr'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'log_stderr'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'shm_block'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'shm_block'
> ser:/usr/local/lib/ser/modules/sl.so: undefined symbol
> 'timer_list'
> ser: /usr/local/lib/ser/modules/sl.so: can't resolve
> reference 'timer_list'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'mem_lock'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'mem_lock'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'server_signature'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'server_signature'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'process_no'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'process_no'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'mem_block'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'mem_block'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'pt'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'pt'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'dont_fork'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'dont_fork'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'sock_no'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'sock_no'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'debug'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'debug'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'syn_branch'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'syn_branch'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'fifo'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'fifo'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'children_no'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'children_no'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'bind_idx'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'bind_idx'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'sock_info'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'sock_info'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'reply_to_via'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'reply_to_via'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'log_stderr'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'log_stderr'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'shm_block'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'shm_block'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'reply_rlist'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'reply_rlist'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'ser_error'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'ser_error'
> ser:/usr/local/lib/ser/modules/tm.so: undefined symbol
> 'timer_list'
> ser: /usr/local/lib/ser/modules/tm.so: can't resolve
> reference 'timer_list'
> ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
> 'mem_block'
> ser: /usr/local/lib/ser/modules/rr.so: can't resolve
> reference 'mem_block'
> ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
> 'debug'
> ser: /usr/local/lib/ser/modules/rr.so: can't resolve
> reference 'debug'
> ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
> 'bind_address'
> ser: /usr/local/lib/ser/modules/rr.so: can't resolve
> reference 'bind_address'
> ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
> 'log_stderr'
> ser: /usr/local/lib/ser/modules/rr.so: can't resolve
> reference 'log_stderr'
> ser:/usr/local/lib/ser/modules/rr.so: undefined symbol
> 'port_no'
> ser: /usr/local/lib/ser/modules/rr.so: can't resolve
> reference 'port_no'
> ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
> symbol 'mem_block'
> ser: /usr/local/lib/ser/modules/maxfwd.so: can't
> resolve reference 'mem_block'
> ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
> symbol 'debug'
> ser: /usr/local/lib/ser/modules/maxfwd.so: can't
> resolve reference 'debug'
> ser:/usr/local/lib/ser/modules/maxfwd.so: undefined
> symbol 'log_stderr'
> ser: /usr/local/lib/ser/modules/maxfwd.so: can't
> resolve reference 'log_stderr'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'mem_lock'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'mem_lock'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'mem_block'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'mem_block'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'debug'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'debug'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'dbf'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'dbf'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'log_stderr'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'log_stderr'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'is_main'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'is_main'
> ser:/usr/local/lib/ser/modules/usrloc.so: undefined
> symbol 'shm_block'
> ser: /usr/local/lib/ser/modules/usrloc.so: can't
> resolve reference 'shm_block'
> ser:/usr/local/lib/ser/modules/registrar.so: undefined
> symbol 'debug'
> ser: /usr/local/lib/ser/modules/registrar.so: can't
> resolve reference 'debug'
> ser:/usr/local/lib/ser/modules/registrar.so: undefined
> symbol 'log_stderr'
> ser: /usr/local/lib/ser/modules/registrar.so: can't
> resolve reference 'log_stderr'
> ERROR: bad config file (16 errors)
> 
> Don't know even where to start... Online sources were
> not helpful.
> Thanks for your help.
> 
> GT
> 
> 
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! Small Business - Try our new Resources site
> http://smallbusiness.yahoo.com/resources/
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
> 


What version of 3.7 are you running: -release, -stable, or -current? 
Either wany, this looks like a dependency issue to me, try building
from the appropriate ports tree.

HTH,

-- jay
--------------------
daggerquill [at] gmail [dot] com
http://www.engatiki.org



From lists  Thu May 26 11:15:00 2005
From: lists (Hans Zaunere)
Date: Thu, 26 May 2005 11:15:00 -0400
Subject: [nycbug-talk] Dummynet - Windows?
In-Reply-To: <d64aa176050525165963991444@mail.gmail.com>
Message-ID: <20050526150858.7F02799EC@mailrelay.t-mobile.com>


> > Does anyone know of anything similar to dummynet for Windows?  I need to
> > simulate WAN conditions on a LAN, but using a Windows server.
> >
> 
> Not exactly answering the question, but VMware 5 allows you to set
> speed and packet loss % on VMnets between virtual machines.  It's
> usually a lot easier to test with virtual machines vs. physical ones
> anyway, so that might be the best solution.

Thanks Chris, that might work.  As long as we can get something deployed quick and easy,
it'll work.  I'm even looking at the dummynet on a floppy, which although scares this
Windows shop, might suffice.

H





From ike  Thu May 26 12:27:37 2005
From: ike (Isaac Levy)
Date: Thu, 26 May 2005 12:27:37 -0400
Subject: [nycbug-talk] switch
In-Reply-To: <20050525124912.6c3c80db@delinux.abwatley.com>
References: <20050525124912.6c3c80db@delinux.abwatley.com>
Message-ID: <8243ecc18227ea4fc381069a34a971d0@lesmuug.org>

Wordup Michael,

On May 25, 2005, at 12:49 PM, michael wrote:

> We are in the market for a switch to put in a small colo presence.
> Does anyone have any recommendations.  One suggestion made to me was:
> http://www.netgear.com/products/details/GS516T.php
>
> Michael

Quick note to the 'price conscious' switch shopper-

I've had great luck with the netgear stuff in colo, and I'll toss this 
in-

Buy 2 smaller switches, instead of 1 larger one if possible- if one 
dies, at least you have another right there humming along.

I personally go for a cheap-and-expendable strategy with switches, as I 
experienced some mini-hell with very nice switches in the past (Cisco, 
high end SMC, et. al...)- SO, seeing as most decent server mboards have 
dual nics, I currently run with dual el-cheapo gig-e switches in colo- 
banking on the idea that one will die.  So far with this strategy, 
(about 6 months in production), not a hiccup from either one.  Also, 
for small colo installations, I'm a big fan of staying away from 
managed switches- if there's only 1/3 rack of boxen there, it's just 
not worth the added complexity, IMHO, from past experiences.

my .02? strategy...

Rocket-
.ike




From dan  Thu May 26 13:07:00 2005
From: dan (Dan Langille)
Date: Thu, 26 May 2005 13:07:00 -0400
Subject: [nycbug-talk] apache - blocking by referrer
Message-ID: <4295C9F4.6042.F7EA108@localhost>

Hi folks,

Have you seen a solution for blocking incoming httpd requests based 
upon the referrer?  I'm getting lots of referrer spam from www.texas-
hold-em-world.com
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/





From unixenigma  Thu May 26 13:10:24 2005
From: unixenigma (G T)
Date: Thu, 26 May 2005 10:10:24 -0700 (PDT)
Subject: [nycbug-talk] (SIP) ser-0.8.10 obsd3.7 - errors
In-Reply-To: <4ce365ec050526072935fbf2ca@mail.gmail.com>
Message-ID: <20050526171024.93085.qmail@web53902.mail.yahoo.com>


--- Jay Savage <daggerquill at gmail.com> wrote:

> On 5/25/05, G T <unixenigma at yahoo.com> wrote:
> > Hey.
> > Need some help. If any of you ever had same
> problem or
> > know the cause, please let me know.
> > 
> > Installed from package - cfg is default.
> > 
> > Here are the output on trying to start it:
> > 
> > ser:/usr/local/lib/ser/modules/sl.so: undefined
> symbol
> > 'mem_lock'

> What version of 3.7 are you running: -release, >
-stable, or -current? 

Release.

> Either wany, this looks like a dependency issue to
me, > try building
> from the appropriate ports tree.

Did last night through source from their web
(could not find it in the port tree. Used latest
version 0.8.14 - build it with few tweaks.
Working much better than 0.8.10 on my other box.
On OBSD 3.7 -release ser-0.8.14 works perfect.
No more bugs of previous version that I had to go
around.

> HTH,

> -- jay


Thanks Jay for responding.
GT

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



From tux  Thu May 26 13:16:52 2005
From: tux (Kevin Reiter)
Date: Thu, 26 May 2005 13:16:52 -0400
Subject: [nycbug-talk] apache - blocking by referrer
In-Reply-To: <4295C9F4.6042.F7EA108@localhost>
References: <4295C9F4.6042.F7EA108@localhost>
Message-ID: <42960484.3030707@penguinnetwerx.net>

Dan Langille wrote:
> Hi folks,
> 
> Have you seen a solution for blocking incoming httpd requests based 
> upon the referrer?  I'm getting lots of referrer spam from www.texas-
> hold-em-world.com

I found an article that explains how to use mod_rewrite to do this:

http://urbanmainframe.com/folders/blog/20041115/

HTH

-Kev



From dan  Thu May 26 13:51:49 2005
From: dan (Dan Langille)
Date: Thu, 26 May 2005 13:51:49 -0400
Subject: [nycbug-talk] apache - blocking by referrer
In-Reply-To: <42960484.3030707@penguinnetwerx.net>
References: <4295C9F4.6042.F7EA108@localhost>
Message-ID: <4295D475.3654.FA7A90F@localhost>

On 26 May 2005 at 13:16, Kevin Reiter wrote:

> Dan Langille wrote:
> > Hi folks,
> > 
> > Have you seen a solution for blocking incoming httpd requests based 
> > upon the referrer?  I'm getting lots of referrer spam from www.texas-
> > hold-em-world.com
> 
> I found an article that explains how to use mod_rewrite to do this:
> 
> http://urbanmainframe.com/folders/blog/20041115/

*insert sound of pleased chuckling*

205.208.226.61 - - [26/May/2005:10:47:59 -0700] "GET 
/bootfloppies.php HTTP/1.0" 403 291 "http://www.example.com/online-p
oker.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; KITV4.7 
Wanadoo)"

NOTE: actual domain changed because the spammer doesn't deserve any 
references from our mail archives.

Thanks.
-- 
Dan Langille : http://www.langille.org/
BSDCan - The Technical BSD Conference - http://www.bsdcan.org/





From nomadlogic  Thu May 26 16:24:17 2005
From: nomadlogic (pete wright)
Date: Thu, 26 May 2005 13:24:17 -0700
Subject: [nycbug-talk] Dummynet - Windows?
In-Reply-To: <20050526150858.7F02799EC@mailrelay.t-mobile.com>
References: <d64aa176050525165963991444@mail.gmail.com>
	<20050526150858.7F02799EC@mailrelay.t-mobile.com>
Message-ID: <57d7100005052613243c8efcdb@mail.gmail.com>

On 5/26/05, Hans Zaunere <lists at zaunere.com> wrote:
> 
> > > Does anyone know of anything similar to dummynet for Windows?  I need to
> > > simulate WAN conditions on a LAN, but using a Windows server.
> > >
> >
> > Not exactly answering the question, but VMware 5 allows you to set
> > speed and packet loss % on VMnets between virtual machines.  It's
> > usually a lot easier to test with virtual machines vs. physical ones
> > anyway, so that might be the best solution.
> 
> Thanks Chris, that might work.  As long as we can get something deployed quick and easy,
> it'll work.  I'm even looking at the dummynet on a floppy, which although scares this
> Windows shop, might suffice.
> 
> H
> 

would you be able to achieve similar results using a proxy like squid.
 set the buckets/cache to a very small size and watch the latency
grow.  again, just thowing it out there, as I assume windows must have
some propritary proxy that can be poorly configured easily ;)

-pete


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From lists  Thu May 26 21:22:15 2005
From: lists (Hans Zaunere)
Date: Thu, 26 May 2005 21:22:15 -0400
Subject: [nycbug-talk] Dummynet - Windows?
In-Reply-To: <57d7100005052613243c8efcdb@mail.gmail.com>
Message-ID: <0MKz1m-1DbTYF3YZD-0008S1@mrelay.perfora.net>


> > > > Does anyone know of anything similar to dummynet for Windows?  I need to
> > > > simulate WAN conditions on a LAN, but using a Windows server.
> > > >
> > >
> > > Not exactly answering the question, but VMware 5 allows you to set
> > > speed and packet loss % on VMnets between virtual machines.  It's
> > > usually a lot easier to test with virtual machines vs. physical ones
> > > anyway, so that might be the best solution.
> >
> > Thanks Chris, that might work.  As long as we can get something deployed quick and
> easy,
> > it'll work.  I'm even looking at the dummynet on a floppy, which although scares this
> > Windows shop, might suffice.
> >
> > H
> >
> 
> would you be able to achieve similar results using a proxy like squid.
>  set the buckets/cache to a very small size and watch the latency
> grow.  again, just thowing it out there, as I assume windows must have
> some propritary proxy that can be poorly configured easily ;)

A badly configured Windows server?  Right...

But, unfortunately, it's not HTTP traffic that we're working with.  I guess Squid *could* proxy anything, but setting it (or especially the Windows proxy) up to proxy, let's say, a database protocol, would be time prohibitive.  Good idea for the future though, and maybe we could implement it over the longer term.

H





From nomadlogic  Thu May 26 21:31:16 2005
From: nomadlogic (pete wright)
Date: Thu, 26 May 2005 18:31:16 -0700
Subject: [nycbug-talk] Dummynet - Windows?
In-Reply-To: <0MKz1m-1DbTYF3YZD-0008S1@mrelay.perfora.net>
References: <57d7100005052613243c8efcdb@mail.gmail.com>
	<0MKz1m-1DbTYF3YZD-0008S1@mrelay.perfora.net>
Message-ID: <57d7100005052618311f65306@mail.gmail.com>

On 5/26/05, Hans Zaunere <lists at zaunere.com> wrote:
> 
> > > > > Does anyone know of anything similar to dummynet for Windows?  I need to
> > > > > simulate WAN conditions on a LAN, but using a Windows server.
> > > > >
> > > >
> > > > Not exactly answering the question, but VMware 5 allows you to set
> > > > speed and packet loss % on VMnets between virtual machines.  It's
> > > > usually a lot easier to test with virtual machines vs. physical ones
> > > > anyway, so that might be the best solution.
> > >
> > > Thanks Chris, that might work.  As long as we can get something deployed quick and
> > easy,
> > > it'll work.  I'm even looking at the dummynet on a floppy, which although scares this
> > > Windows shop, might suffice.
> > >
> > > H
> > >
> >
> > would you be able to achieve similar results using a proxy like squid.
> >  set the buckets/cache to a very small size and watch the latency
> > grow.  again, just thowing it out there, as I assume windows must have
> > some propritary proxy that can be poorly configured easily ;)
> 
> A badly configured Windows server?  Right...
> 
> But, unfortunately, it's not HTTP traffic that we're working with.  I guess Squid *could* proxy anything, but setting it (or especially the Windows proxy) up to proxy, let's say, a database protocol, would be time prohibitive.  Good idea for the future though, and maybe we could implement it over the longer term.
> 
> H

ahh...yea can't image that would be a quick and dirty hack for DB traffic.

-pete



-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From spork  Fri May 27 00:32:56 2005
From: spork (Charles Sprickman)
Date: Fri, 27 May 2005 00:32:56 -0400 (EDT)
Subject: [nycbug-talk] abusing a server
Message-ID: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>

Hello all,

I'm getting ready to turn loose my first FreeBSD 5.4 server, and not 
having used 5.anything in production yet, I'm a bit nervous.

I'd like to try and simulate some worst case scenarios inside one of the 
jails.  I'm still not certain exactly what all the services offered will 
be, but at a minimum I'm looking at apache+php, various bits of blog 
software and shell users that tend to not do much beyond read mail in pine 
and edit their ~user homepages.

Any ideas on how I can simulate around 50 logged-in users and a worst-case 
flood of web traffic to a php-heavy blog?  I really want to pummel this 
thing.  If it falls over, all the better as then I'll have something to 
look at.  What are the weak spots?  The whole mess is jailed, and I'm 
making heavy use of login.conf for the shell people so that they can't 
fork-bomb or try to suck up more memory than they should.  I think I'm 
most interested in doing some very long-running tests...

So far I'm just fiddling with some shell scripts to simulate users futzing 
around and hitting apache with http_load.  So far I'm having more success 
in breaking http_load than anything else.

Thanks,

Charles

___
Charles Sprickman
NetEng/SysAdmin
Bway.net - New York's Best Internet - www.bway.net
spork at bway.net - 212.655.9344




From ike  Fri May 27 12:31:34 2005
From: ike (Isaac Levy)
Date: Fri, 27 May 2005 12:31:34 -0400
Subject: [nycbug-talk] abusing a server
In-Reply-To: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>
References: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>
Message-ID: <0c0d9b4bee64625b912842da89ea41cb@lesmuug.org>

Hi Charles, All,

On May 27, 2005, at 12:32 AM, Charles Sprickman wrote:

> Hello all,
>
> I'm getting ready to turn loose my first FreeBSD 5.4 server, and not 
> having used 5.anything in production yet, I'm a bit nervous.

Yay!  I'm exited to say I'm following suit soon myself!


> I'd like to try and simulate some worst case scenarios inside one of 
> the jails.

For the record, I thought I'd toss in a quick checklist of issues to 
mitigate, off the top of my head:
(note- ikestyle vocabulary follows, please excuse it for what it is)

+ Lost Jail Attack

	problem: a jailed user changes the jails hostname, making it terribly
	difficult to use tools on the host to locate and manage the jail

	solution: host server sysctl.conf variable:
	#security.jail.set_hostname_allowed=0
	('man 8 jail' for more info)

+ Disk based resource attacks

	problem: jailed users fill disks

	solution: quotas or disk slices for jailed directory trees,
	managed from host server

+ Information Leak Attacks

	problem: jailed users get information from /dev which is useful
	in compromising the host system (or other jails), using tools like
	df and etc...

	solution: 2 parts, get your hands dirty with mount_devfs flags (on the 
host
	server to make certain a jail only gets to see devices it actually
	needs to have access to.  mount_devfs can also use macro files in
	FreeBSD 5.4- so this can be simple to manage once you set it up.

	Additionally, check out this host server sysctl.conf variable:
	#security.jail.getfsstatroot_only=1
	('man 8 jail' for more info)

	-
	problem: Jailed users *can* have access to more network interfaces than
	they actually need to, but this is not  the default.

	solution: host server sysctl.conf variable:
	#security.jail.socket_unixiproute_only=1
	('man 8 jail' for more info)

	-
	problem: Jailed user can have too much access to information-leaking 
syscalls,
	but this is not the default setup.

	solution: host server sysctl.conf variable:
	#security.jail.sysvipc_allowed=0
	('man 8 jail' for more info)


+ Various Network Attacks

	problem: Users *can* get into trouble if they are allowed to create raw
	sockets, in some contexts.  In other contexts, it may be important that
	users create raw sockets- (running custom network daemons, for 
example).

	solution: host server sysctl.conf variable:
	#security.jail.allow_raw_sockets=0
	If you really lock down what network daemons run, (just apache, for 
example),
	it may be wise to disallow raw sockets so someone can't for example 
run an
	irc daemon, or etc...
	('man 8 jail' for more info)


+ Jailed Restraint Attack

	problem: Users may be able to bypass restrictions on process and 
memory limits,
	(put in place to mitigate fork-bombs and memory hogs), by changing 
login.conf et. al.
	(they are after all root, within their jail).

	solution: Restrict jailed users from ever editing files in jail, by 
restricting
	jailed root from calling chflags- (somewhat like running a higher 
secure level
	from within the jail itself)- this way only root on the host server 
can edit or
	modify these files, absolutely.  Some files to lock down with 
immutable flags are
	a jail's sysctl.conf, login.conf, and perhaps some configs in /etc if 
relevant in
	your context- (i.e. resolv.conf, etc...)
	check out this host server sysctl.conf variable:
	#security.jail.chflags_allowed=0
	('man 8 jail' for more info)

	-
	problem: Jailed users regularly gone amok, or need to be run in 
maximum security
	environment.

	solution: this is NOT fun, and in many contexts impractical, but 
individual jails
	can run at a higher BSD secure level than the host system.
	Configure a JAILED sysctl.conf variable:
	#kern.securelevel
	('man 8 securelevel' for more info)
	Additionally, be sure to lock down sysctl.conf by setting the above 
mentioned
	#security.jail.chflags_allowed=0 variable in the HOST system.



> I'm still not certain exactly what all the services offered will be, 
> but at a minimum I'm looking at apache+php, various bits of blog 
> software and shell users that tend to not do much beyond read mail in 
> pine and edit their ~user homepages.

I'd think in that context, for your management sanity, you can really 
lock-down the jails if that's what the users are doing day to day.  
They don't need raw sockets, device access, special syscalls, or the 
ability for root user to use the chflags facility.  You could even try 
running higher securelevels in the jails and see if it affects anyone's 
services.


> Any ideas on how I can simulate around 50 logged-in users and a 
> worst-case flood of web traffic to a php-heavy blog?  I really want to 
> pummel this thing.  If it falls over, all the better as then I'll have 
> something to look at.  What are the weak spots?  The whole mess is 
> jailed, and I'm making heavy use of login.conf for the shell people so 
> that they can't fork-bomb or try to suck up more memory than they 
> should.  I think I'm most interested in doing some very long-running 
> tests...

As good real-time memory/process control is a holy-grail type effort 
for MANY operating systems, and OS's which impliment it often pay 
severely for it in other ways.  FreeBSD falls short with everyone else 
on this issue.  Jailed users *may* be able to consume more memory or 
cpu than their fair share.

A reliable way to mitigate this problem in reality, is to create some 
simple shell scripts to be run by cron, which do the following:

- Check processes on the host system
- nice/renice any processes hogging too much memory or CPU.
- Check for any processes which have been nice'd/renice'd and 
eventually un-nice/renice them.

In practice, this works terrificly, but the downside is that nobody has 
formalized any prefab tool to do this, to my knowledge.


> So far I'm just fiddling with some shell scripts to simulate users 
> futzing around and hitting apache with http_load.  So far I'm having 
> more success in breaking http_load than anything else.

/me bows out and hopes someone else comes to the table with some good 
load-testing systems here.

- Sidenote, insomuch as really good load testing comes when servers are 
being hit with packets from all across the internet, has anyone 
heard/thought of any groups of sysadmins who maintain 'test ddos' type 
networks?  I.E. I'd gladly put out a jail to a trusted network of 
people, for use in load testing scenarios- if I could likewise have 
safe/sane access to a couple of hundred other boxen for the same 
purpose... (or like a bit-torrent type idea for load testing? :)

Just thinking out loud on that one...  I guess to really do this right 
NYC*BUG would have to take over some bot-nets from the spackers- (not a 
fun idea- that'd be all-out war :).

Rocket-
.ike




From lists  Fri May 27 13:12:10 2005
From: lists (michael)
Date: Fri, 27 May 2005 13:12:10 -0400
Subject: [nycbug-talk] pf
Message-ID: <20050527131210.2b885b93@delinux.abwatley.com>

Quick pf question:

I have some independent and some redundant web servers, each with their
own private IP. One group answers http calls for a common, albeit
different, IP though carp. The others answer calls to their own IP. 
This works fine internally.

I am writing pf rules to allow the various webs to be viewed by the
outside world.  By design, the websites currently have DNS entries in
the wild that are different IPs.  

external IP1 -> pf router -> carp IP -> web farm
external IP2 -> pf router -> web server

So, should I use a nat 'n rdr or a binat rule for these?  Also, has
anyone had problems when they write rules to a carp IP?

Michael

-- 
---



From spork  Fri May 27 23:41:57 2005
From: spork (Charles Sprickman)
Date: Fri, 27 May 2005 23:41:57 -0400 (EDT)
Subject: 5.4 jails (was Re: [nycbug-talk] abusing a server)
In-Reply-To: <0c0d9b4bee64625b912842da89ea41cb@lesmuug.org>
References: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>
	<0c0d9b4bee64625b912842da89ea41cb@lesmuug.org>
Message-ID: <Pine.OSX.4.61.0505272328030.10706@gee5.nat.fasttrackmonkey.com>

I'm keeping Ike's excellent info below for context.

Anyhow after poking around in /etc/defaults/rc.conf, I thought I'd share 
some stuff I found there.  While the current jail(8) manpage is excellent, 
it's still referencing 4.x, and none of the new stuff is included there.

So setting up jails looks to be much easier in 5.x.  In the host's rc.conf 
you can enable many of the common jail settings now:


# jail stuff - general
jail_enable="YES"
jail_list="jail1" (you can add more, seperate with spaces)
jail_set_hostname_allow="NO"
jail_socket_unixiproute_only="YES"
jail_sysvipc_allow="NO"

# note that last few set some general "security.jail.*" sysctls.

# use the names from jail_list above between "jail_ _optionname"
# jail stuff - per jail settings
jail_jail1_rootdir="/jails/jail1"
jail_jail1_hostname="blah.bway.net"
jail_jail1_ip="216.220.107.xx"
jail_jail1_exec_start="/bin/sh /etc/rc"
jail_jail1_exec_stop="/bin/sh /etc/rc.shutdown"
jail_jail1_devfs_enable="YES"  # see below to set rules
jail_jail1_fdescfs_enable="NO"
jail_jail1_procfs_enable="NO"
jail_jail1_mount_enable="NO"
jail_jail1_devfs_ruleset="devfsrules_jail" # from default 
/etc/defaults/devfs.rules

Then a simple config in jail1's rc.conf:

accounting_enable="YES"
rpcbind_enable="NO"
sshd_enable="YES"
network_interfaces=""
syslogd_enable="NO"
# ports
apache2_enable="YES"

I'm still digging a little bit, it seems the chflags stuff is not yet in 
the rc scripts, I'm sure it will appear shortly.

This is very nice as you can start and stop all the jails very easily on a 
running system:

root at newblah[/usr/ports/security/sudo]# sh /etc/rc.d/jail start
Configuring jails:.
Starting jails: blah.bway.net.
root at newida[/usr/ports/security/sudo]#

Now it's running:

root at newblah[/usr/ports/security/sudo]# jps -i 6
17152 17151 17148 17146 17145 17144 17143 17142 17129 17113 17101

And to stop it:

root at newblah[/usr/ports/security/sudo]# sh /etc/rc.d/jail stop
Stopping jails: blah.bway.net.
root at newblah[/usr/ports/security/sudo]# jps -i 6

root at newblah[/usr/ports/security/sudo]#

Coming together very nicely.  Glad I waited for 5.4. :)

Charles

On Fri, 27 May 2005, Isaac Levy wrote:

> Hi Charles, All,
>
> For the record, I thought I'd toss in a quick checklist of issues to 
> mitigate, off the top of my head:
> (note- ikestyle vocabulary follows, please excuse it for what it is)
>
> + Lost Jail Attack
>
> 	problem: a jailed user changes the jails hostname, making it terribly
> 	difficult to use tools on the host to locate and manage the jail
>
> 	solution: host server sysctl.conf variable:
> 	#security.jail.set_hostname_allowed=0
> 	('man 8 jail' for more info)
>
> + Disk based resource attacks
>
> 	problem: jailed users fill disks
>
> 	solution: quotas or disk slices for jailed directory trees,
> 	managed from host server
>
> + Information Leak Attacks
>
> 	problem: jailed users get information from /dev which is useful
> 	in compromising the host system (or other jails), using tools like
> 	df and etc...
>
> 	solution: 2 parts, get your hands dirty with mount_devfs flags (on 
> the host
> 	server to make certain a jail only gets to see devices it actually
> 	needs to have access to.  mount_devfs can also use macro files in
> 	FreeBSD 5.4- so this can be simple to manage once you set it up.
>
> 	Additionally, check out this host server sysctl.conf variable:
> 	#security.jail.getfsstatroot_only=1
> 	('man 8 jail' for more info)
>
> 	-
> 	problem: Jailed users *can* have access to more network interfaces 
> than
> 	they actually need to, but this is not  the default.
>
> 	solution: host server sysctl.conf variable:
> 	#security.jail.socket_unixiproute_only=1
> 	('man 8 jail' for more info)
>
> 	-
> 	problem: Jailed user can have too much access to information-leaking 
> syscalls,
> 	but this is not the default setup.
>
> 	solution: host server sysctl.conf variable:
> 	#security.jail.sysvipc_allowed=0
> 	('man 8 jail' for more info)
>
>
> + Various Network Attacks
>
> 	problem: Users *can* get into trouble if they are allowed to create 
> raw
> 	sockets, in some contexts.  In other contexts, it may be important 
> that
> 	users create raw sockets- (running custom network daemons, for 
> example).
>
> 	solution: host server sysctl.conf variable:
> 	#security.jail.allow_raw_sockets=0
> 	If you really lock down what network daemons run, (just apache, for 
> example),
> 	it may be wise to disallow raw sockets so someone can't for example 
> run an
> 	irc daemon, or etc...
> 	('man 8 jail' for more info)
>
>
> + Jailed Restraint Attack
>
> 	problem: Users may be able to bypass restrictions on process and 
> memory limits,
> 	(put in place to mitigate fork-bombs and memory hogs), by changing 
> login.conf et. al.
> 	(they are after all root, within their jail).
>
> 	solution: Restrict jailed users from ever editing files in jail, by 
> restricting
> 	jailed root from calling chflags- (somewhat like running a higher 
> secure level
> 	from within the jail itself)- this way only root on the host server 
> can edit or
> 	modify these files, absolutely.  Some files to lock down with 
> immutable flags are
> 	a jail's sysctl.conf, login.conf, and perhaps some configs in /etc if 
> relevant in
> 	your context- (i.e. resolv.conf, etc...)
> 	check out this host server sysctl.conf variable:
> 	#security.jail.chflags_allowed=0
> 	('man 8 jail' for more info)
>
> 	-
> 	problem: Jailed users regularly gone amok, or need to be run in 
> maximum security
> 	environment.
>
> 	solution: this is NOT fun, and in many contexts impractical, but 
> individual jails
> 	can run at a higher BSD secure level than the host system.
> 	Configure a JAILED sysctl.conf variable:
> 	#kern.securelevel
> 	('man 8 securelevel' for more info)
> 	Additionally, be sure to lock down sysctl.conf by setting the above 
> mentioned
> 	#security.jail.chflags_allowed=0 variable in the HOST system.
>
>
>
>> I'm still not certain exactly what all the services offered will be, but at 
>> a minimum I'm looking at apache+php, various bits of blog software and 
>> shell users that tend to not do much beyond read mail in pine and edit 
>> their ~user homepages.
>
> I'd think in that context, for your management sanity, you can really 
> lock-down the jails if that's what the users are doing day to day.  They 
> don't need raw sockets, device access, special syscalls, or the ability for 
> root user to use the chflags facility.  You could even try running higher 
> securelevels in the jails and see if it affects anyone's services.
>
>
>> Any ideas on how I can simulate around 50 logged-in users and a worst-case 
>> flood of web traffic to a php-heavy blog?  I really want to pummel this 
>> thing.  If it falls over, all the better as then I'll have something to 
>> look at.  What are the weak spots?  The whole mess is jailed, and I'm 
>> making heavy use of login.conf for the shell people so that they can't 
>> fork-bomb or try to suck up more memory than they should.  I think I'm most 
>> interested in doing some very long-running tests...
>
> As good real-time memory/process control is a holy-grail type effort for MANY 
> operating systems, and OS's which impliment it often pay severely for it in 
> other ways.  FreeBSD falls short with everyone else on this issue.  Jailed 
> users *may* be able to consume more memory or cpu than their fair share.
>
> A reliable way to mitigate this problem in reality, is to create some simple 
> shell scripts to be run by cron, which do the following:
>
> - Check processes on the host system
> - nice/renice any processes hogging too much memory or CPU.
> - Check for any processes which have been nice'd/renice'd and eventually 
> un-nice/renice them.
>
> In practice, this works terrificly, but the downside is that nobody has 
> formalized any prefab tool to do this, to my knowledge.
>
>
>> So far I'm just fiddling with some shell scripts to simulate users futzing 
>> around and hitting apache with http_load.  So far I'm having more success 
>> in breaking http_load than anything else.
>
> /me bows out and hopes someone else comes to the table with some good 
> load-testing systems here.
>
> - Sidenote, insomuch as really good load testing comes when servers are being 
> hit with packets from all across the internet, has anyone heard/thought of 
> any groups of sysadmins who maintain 'test ddos' type networks?  I.E. I'd 
> gladly put out a jail to a trusted network of people, for use in load testing 
> scenarios- if I could likewise have safe/sane access to a couple of hundred 
> other boxen for the same purpose... (or like a bit-torrent type idea for load 
> testing? :)
>
> Just thinking out loud on that one...  I guess to really do this right 
> NYC*BUG would have to take over some bot-nets from the spackers- (not a fun 
> idea- that'd be all-out war :).
>
> Rocket-
> .ike
>
>



From nomadlogic  Fri May 27 23:49:46 2005
From: nomadlogic (pete wright)
Date: Fri, 27 May 2005 20:49:46 -0700
Subject: 5.4 jails (was Re: [nycbug-talk] abusing a server)
In-Reply-To: <Pine.OSX.4.61.0505272328030.10706@gee5.nat.fasttrackmonkey.com>
References: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>
	<0c0d9b4bee64625b912842da89ea41cb@lesmuug.org>
	<Pine.OSX.4.61.0505272328030.10706@gee5.nat.fasttrackmonkey.com>
Message-ID: <57d7100005052720494132eb6b@mail.gmail.com>

On 5/27/05, Charles Sprickman <spork at bway.net> wrote:
> I'm keeping Ike's excellent info below for context.
> 
> Anyhow after poking around in /etc/defaults/rc.conf, I thought I'd share
> some stuff I found there.  While the current jail(8) manpage is excellent,
> it's still referencing 4.x, and none of the new stuff is included there.


Hey Charles, have you had a chance to hack on any devfs rulesets for
jails?  I'm going to be putting some time in on this tonight/this
weekend and would like to hear anyone's thought's on this.

-p

<snipped a whole lot of very usefull info bellow>

-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From spork  Sat May 28 00:11:24 2005
From: spork (Charles Sprickman)
Date: Sat, 28 May 2005 00:11:24 -0400 (EDT)
Subject: 5.4 jails (was Re: [nycbug-talk] abusing a server)
In-Reply-To: <57d7100005052720494132eb6b@mail.gmail.com>
References: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com> 
	<0c0d9b4bee64625b912842da89ea41cb@lesmuug.org> 
	<Pine.OSX.4.61.0505272328030.10706@gee5.nat.fasttrackmonkey.com>
	<57d7100005052720494132eb6b@mail.gmail.com>
Message-ID: <Pine.OSX.4.61.0505280006031.10706@gee5.nat.fasttrackmonkey.com>

On Fri, 27 May 2005, pete wright wrote:

> On 5/27/05, Charles Sprickman <spork at bway.net> wrote:
>> I'm keeping Ike's excellent info below for context.
>>
>> Anyhow after poking around in /etc/defaults/rc.conf, I thought I'd share
>> some stuff I found there.  While the current jail(8) manpage is excellent,
>> it's still referencing 4.x, and none of the new stuff is included there.
>
> Hey Charles, have you had a chance to hack on any devfs rulesets for
> jails?  I'm going to be putting some time in on this tonight/this
> weekend and would like to hear anyone's thought's on this.

Lucky for me, I didn't have to...  This line in the host's rc.conf takes 
care of setting up things in what appears to be a sane way:

jail_jail1_devfs_ruleset="devfsrules_jail"

That references the rules in /etc/[defaults/]devfs.rules:

# Devices usually found in a jail.
#
[devfsrules_jail=4]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login

Which leaves me with the following in the jail:

root at jail1# ls -al /dev/
total 1
dr-xr-xr-x  2 root   wheel       512 May 27 23:46 fd
lrwxr-xr-x  1 root   wheel        14 May 27 23:46 log -> ../var/run/log
crw-rw-rw-  1 root   wheel    2,   2 May 28 00:11 null
crw-rw-rw-  1 root   wheel    6,   0 May 28 00:11 ptyp0
crw-rw-rw-  1 root   wheel    6,   1 May 28 00:11 ptyp1
crw-rw-rw-  1 root   wheel    6,   2 May 28 00:11 ptyp2
crw-rw-rw-  1 root   wheel    6,   3 May 27 23:25 ptyp3
crw-rw-rw-  1 root   wheel    6,   4 May 23 21:20 ptyp4
crw-rw-rw-  1 root   wheel  248,   0 May 23 20:40 random
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stderr -> fd/2
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdin -> fd/0
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdout -> fd/1
crw-rw-rw-  1 root   wheel    5,   0 May 28 00:11 ttyp0
crw-rw-rw-  1 root   wheel    5,   1 May 28 00:11 ttyp1
crw--w----  1 spork  tty      5,   2 May 28 00:11 ttyp2
crw-rw-rw-  1 root   wheel    5,   3 May 27 23:26 ttyp3
crw-rw-rw-  1 root   wheel    5,   4 May 23 21:27 ttyp4
lrwxr-xr-x  1 root   wheel         6 May 27 23:46 urandom -> random
crw-rw-rw-  1 root   wheel    2,  12 Apr 26 19:50 zero

Cool, huh?

I also find that I can wrap my head around this stuff when listening to 
this guy on the radio now called "bitshifter":

http://www.ocdj.org/liveitup.php

Normally electronic music turns me off and distracts me, but this guy 
oddly enhances my concentration. :)  It's all video game console 
generated.

C

> -p
>
> <snipped a whole lot of very usefull info bellow>
>
> -- 
> ~~o0OO0o~~
> Pete Wright
> www.nycbug.org
> NYC's *BSD User Group
>



From nomadlogic  Sat May 28 00:19:15 2005
From: nomadlogic (pete wright)
Date: Fri, 27 May 2005 21:19:15 -0700
Subject: 5.4 jails (was Re: [nycbug-talk] abusing a server)
In-Reply-To: <Pine.OSX.4.61.0505280006031.10706@gee5.nat.fasttrackmonkey.com>
References: <Pine.OSX.4.61.0505270026020.383@gee5.nat.fasttrackmonkey.com>
	<0c0d9b4bee64625b912842da89ea41cb@lesmuug.org>
	<Pine.OSX.4.61.0505272328030.10706@gee5.nat.fasttrackmonkey.com>
	<57d7100005052720494132eb6b@mail.gmail.com>
	<Pine.OSX.4.61.0505280006031.10706@gee5.nat.fasttrackmonkey.com>
Message-ID: <57d710000505272119f3fb13c@mail.gmail.com>

On 5/27/05, Charles Sprickman <spork at bway.net> wrote:
> On Fri, 27 May 2005, pete wright wrote:
> 
> > On 5/27/05, Charles Sprickman <spork at bway.net> wrote:
> >> I'm keeping Ike's excellent info below for context.
> >>
> >> Anyhow after poking around in /etc/defaults/rc.conf, I thought I'd share
> >> some stuff I found there.  While the current jail(8) manpage is excellent,
> >> it's still referencing 4.x, and none of the new stuff is included there.
> >
> > Hey Charles, have you had a chance to hack on any devfs rulesets for
> > jails?  I'm going to be putting some time in on this tonight/this
> > weekend and would like to hear anyone's thought's on this.
> 
> Lucky for me, I didn't have to...  This line in the host's rc.conf takes
> care of setting up things in what appears to be a sane way:
> 
> jail_jail1_devfs_ruleset="devfsrules_jail"
> 
> That references the rules in /etc/[defaults/]devfs.rules:
> 
> # Devices usually found in a jail.
> #
> [devfsrules_jail=4]
> add include $devfsrules_hide_all
> add include $devfsrules_unhide_basic
> add include $devfsrules_unhide_login
> 
> Which leaves me with the following in the jail:
> 
> root at jail1# ls -al /dev/
> total 1
> dr-xr-xr-x  2 root   wheel       512 May 27 23:46 fd
> lrwxr-xr-x  1 root   wheel        14 May 27 23:46 log -> ../var/run/log
> crw-rw-rw-  1 root   wheel    2,   2 May 28 00:11 null
> crw-rw-rw-  1 root   wheel    6,   0 May 28 00:11 ptyp0
> crw-rw-rw-  1 root   wheel    6,   1 May 28 00:11 ptyp1
> crw-rw-rw-  1 root   wheel    6,   2 May 28 00:11 ptyp2
> crw-rw-rw-  1 root   wheel    6,   3 May 27 23:25 ptyp3
> crw-rw-rw-  1 root   wheel    6,   4 May 23 21:20 ptyp4
> crw-rw-rw-  1 root   wheel  248,   0 May 23 20:40 random
> lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stderr -> fd/2
> lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdin -> fd/0
> lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdout -> fd/1
> crw-rw-rw-  1 root   wheel    5,   0 May 28 00:11 ttyp0
> crw-rw-rw-  1 root   wheel    5,   1 May 28 00:11 ttyp1
> crw--w----  1 spork  tty      5,   2 May 28 00:11 ttyp2
> crw-rw-rw-  1 root   wheel    5,   3 May 27 23:26 ttyp3
> crw-rw-rw-  1 root   wheel    5,   4 May 23 21:27 ttyp4
> lrwxr-xr-x  1 root   wheel         6 May 27 23:46 urandom -> random
> crw-rw-rw-  1 root   wheel    2,  12 Apr 26 19:50 zero
> 
> Cool, huh?

wow dude, that's great!  i now know which directory I'll be spending
alot of time studying tonight ;)


> 
> I also find that I can wrap my head around this stuff when listening to
> this guy on the radio now called "bitshifter":
> 
> http://www.ocdj.org/liveitup.php
> 
> Normally electronic music turns me off and distracts me, but this guy
> oddly enhances my concentration. :)  It's all video game console
> generated.
> 

video game console eh?  i'm game.  thx!
-p


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group



From george  Sat May 28 10:51:31 2005
From: george (George)
Date: Sat, 28 May 2005 10:51:31 -0400
Subject: [nycbug-talk] Encryption=Criminality
Message-ID: <42988573.1050702@sddi.net>

It was only a matter of time. . .

It's gone from privacy and anonymity tied to civil rights (eg, voting) 
to being considered indicative of criminality.

Okay, dot_ike, time to drop the WPA on my network. . .

http://www.schneier.com/blog/archives/2005/05/encryption_as_e_1.html

g



From alex  Sat May 28 11:12:25 2005
From: alex (alex at pilosoft.com)
Date: Sat, 28 May 2005 11:12:25 -0400 (EDT)
Subject: [nycbug-talk] Encryption=Criminality
In-Reply-To: <42988573.1050702@sddi.net>
Message-ID: <Pine.LNX.4.44.0505281112080.27595-100000@bawx.pilosoft.com>

On Sat, 28 May 2005, George wrote:

> It was only a matter of time. . .
> 
> It's gone from privacy and anonymity tied to civil rights (eg, voting)  
> to being considered indicative of criminality.
> 
> Okay, dot_ike, time to drop the WPA on my network. . .
> 
> http://www.schneier.com/blog/archives/2005/05/encryption_as_e_1.html
When privacy is criminal, only criminals will have privacy?

-alex




From george  Sat May 28 20:20:22 2005
From: george (George Georgalis)
Date: Sat, 28 May 2005 20:20:22 -0400
Subject: [nycbug-talk] Encryption=Criminality
In-Reply-To: <Pine.LNX.4.44.0505281112080.27595-100000@bawx.pilosoft.com>
References: <42988573.1050702@sddi.net>
	<Pine.LNX.4.44.0505281112080.27595-100000@bawx.pilosoft.com>
Message-ID: <20050529002022.GD19219@ixeon.local>

On Sat, May 28, 2005 at 11:12:25AM -0400, alex at pilosoft.com wrote:
>On Sat, 28 May 2005, George wrote:
>
>> It was only a matter of time. . .
>> 
>> It's gone from privacy and anonymity tied to civil rights (eg, voting)  
>> to being considered indicative of criminality.
>> 
>> Okay, dot_ike, time to drop the WPA on my network. . .
>> 
>> http://www.schneier.com/blog/archives/2005/05/encryption_as_e_1.html
>When privacy is criminal, only criminals will have privacy?

As disgusting the nature of the case is, a couple points should be
made. First, encryption software on the defendants computer had no more
relevance to the case than if the crime was committed while walking and
the prosecution said, per search warrant it was determined that the
defendant owned shoes.

Second, that the defendant had encryption software installed on his
computer had little bearing on the outcome of this case/appeal. [The]
"testimony, if taken as true by the district court, could have been
legally sufficient to support the convictions here."

This case is not so much about "encryption is criminal" as it is: when
criminals are convicted, prosecutors will elucidate every means at the
defendant's disposal to commit the crime.

In addition to having encryption software; prior convictions and lack of
surprise, on the occasion of the search warrant, where also determined by
the state appeals court to have, on the part of the district court, been
"simply explaining the reasons behind its credibility determinations."

If this makes you afraid of using encryption software, you as well
should stop touching anything that could be used in a crime.

// George


-- 
George Georgalis, systems architect, administrator Linux BSD IXOYE
http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org



From lists  Mon May 30 10:08:50 2005
From: lists (Francisco Reyes)
Date: Mon, 30 May 2005 10:08:50 -0400 (EDT)
Subject: [nycbug-talk] Cyrus+Postfix virtual domains article. Request for
	review
Message-ID: <20050530100643.O52482@zoraida.natserv.net>

I am working on an article on Virtual domains using Cyrus+Postfix in 
FreeBSD 5.X

Any feedback greatly appreciated.

http://public.natserv.net/cyrus.html




From matt  Tue May 31 21:10:54 2005
From: matt (Matthew Terenzio)
Date: Tue, 31 May 2005 21:10:54 -0400
Subject: [nycbug-talk] postgres success/failed install
Message-ID: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>



Any Postgres experts know what conditions might have the port 
(postgresql-server-8.0.1_3) look like like it installs successfully but 
/usr/local/pgsql/data is not created and so there is no postgresql.conf 
to find.

also running  /usr/local/etc/rc.d/010.pgsql.sh initdb looks like it 
just shoots blanks.

I'd supply more info if I knew what to offer you on this one.

Thanks,

Matt




From mspitzer  Tue May 31 21:55:05 2005
From: mspitzer (Marc Spitzer)
Date: Tue, 31 May 2005 21:55:05 -0400
Subject: [nycbug-talk] postgres success/failed install
In-Reply-To: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
References: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
Message-ID: <8c50a3c3050531185572e11cba@mail.gmail.com>

On 5/31/05, Matthew Terenzio <matt at jobsforge.com> wrote:
> 
> 
> Any Postgres experts know what conditions might have the port
> (postgresql-server-8.0.1_3) look like like it installs successfully but
> /usr/local/pgsql/data is not created and so there is no postgresql.conf
> to find.
> 
> also running  /usr/local/etc/rc.d/010.pgsql.sh initdb looks like it
> just shoots blanks.
> 
> I'd supply more info if I knew what to offer you on this one.

0: what bsd are you running, include version #, uname -rs or even
better uname -a
1: the script command is your friend, man script
2: how did you build the port, make then make install or portinstall 
3: update your ports tree, almost never hurts
4: are you running the native ports tree or using pkgsrc as an addon?

my somewhat old ports tree on fbsd 5.4 has 8.0.3 for the postgres package.

post the output of the script command after you have updated the ports
tree, if you are still having problems.

happy hacking,

marc

> 
> Thanks,
> 
> Matt
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>



From spork  Tue May 31 21:58:40 2005
From: spork (Charles Sprickman)
Date: Tue, 31 May 2005 21:58:40 -0400 (EDT)
Subject: [nycbug-talk] postgres success/failed install
In-Reply-To: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
References: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
Message-ID: <Pine.OSX.4.61.0505312157210.372@gee5.nat.fasttrackmonkey.com>

On Tue, 31 May 2005, Matthew Terenzio wrote:

> Any Postgres experts know what conditions might have the port 
> (postgresql-server-8.0.1_3) look like like it installs successfully but 
> /usr/local/pgsql/data is not created and so there is no postgresql.conf to 
> find.

I don't think that happens until you run initdb, not sure.

> also running  /usr/local/etc/rc.d/010.pgsql.sh initdb looks like it just 
> shoots blanks.

Do you have the startup flag in /etc/rc.conf?

ie:

postgresql_enable="YES"
# optional
#  postgresql_data="/usr/local/pgsql/data"
#  postgresql_flags="-w -s -m fast"

Thanks,

Charles

> I'd supply more info if I knew what to offer you on this one.
>
> Thanks,
>
> Matt
>
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>



From zperkov  Tue May 31 22:17:21 2005
From: zperkov (zperkov)
Date: Tue, 31 May 2005 22:17:21 -0400
Subject: [nycbug-talk] postgres success/failed install
In-Reply-To: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
References: <1a8976a224260222f25cde5aba867c0a@jobsforge.com>
Message-ID: <8a8511800505311917333c275d@mail.gmail.com>

did you specify the data directory?
for ex. ./initdb -D /usr/local/pgsql/data

-z



On 5/31/05, Matthew Terenzio <matt at jobsforge.com> wrote:
> 
> 
> 
> Any Postgres experts know what conditions might have the port
> (postgresql-server-8.0.1_3) look like like it installs successfully but
> /usr/local/pgsql/data is not created and so there is no postgresql.conf
> to find.
> 
> also running /usr/local/etc/rc.d/010.pgsql.sh initdb looks like it
> just shoots blanks.
> 
> I'd supply more info if I knew what to offer you on this one.
> 
> Thanks,
> 
> Matt
> 
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nycbug.org/pipermail/talk/attachments/20050531/3199d00a/attachment.html