From jbaltz Tue Mar 1 11:22:49 2005 From: jbaltz (Jerry B. Altzman) Date: Tue, 01 Mar 2005 11:22:49 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <20050301030805.GB15845@sixshooter.v6.thrupoint.net> References: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> <42238ADD.1685.1E85FC6E@localhost> <20050301030805.GB15845@sixshooter.v6.thrupoint.net> Message-ID: <422496D9.9060208@omnipod.com> On 2/28/2005 10:08 PM, Jim Brown wrote: >>How much do you need to put on a tape daily? 4GB? 10GB? 35GB? > 10GB min If 10GB is your MINIMUM daily backup, you should also look at throughput. 10GB can take a lo-o-o-o-ng time. Longer than you think. For what it's worth, you can get a stack of 20GB IDE drives for cheaper than the cost of most tapes, get one of them-there outboard FireWire and/or USB2 boxes, and do a disk to disk backup. > Jim B. //jbaltz -- jerry b. altzman jbaltz at omnipod.com +1 646 230 8750 Thank you for contributing to the heat death of the universe. From pete Tue Mar 1 14:28:33 2005 From: pete (Pete Wright) Date: Tue, 1 Mar 2005 14:28:33 -0500 Subject: [nycbug-talk] bsdcan accomidation Message-ID: <20050301192833.GA58953@finn.nomadlogic.org> hey all so i got my tix to ottowa and bsdcan. totally excited...so has anyone given any thoughts about a place to stay? i remember last year staying on campus was pretty great, but i just checked prices for the quality inn and they looked pretty good. for 4 people in a room it comes to $392.10 (USD) thats $111.00 a night or $81 per person for the three nights. doesn't seem to bad, maybe if there are enough of us we can get a group discount too... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From megan.restuccia Tue Mar 1 16:44:06 2005 From: megan.restuccia (Megan Restuccia) Date: Tue, 01 Mar 2005 16:44:06 -0500 Subject: [nycbug-talk] Netinfo Domains in Mac OSX (Panther) Message-ID: <0ICP00BFD0DIXTP0@vms048.mailsrvcs.net> A co-worker of mine just sent this to me, does anyone have some advice/instructions? Thanks, Megan ------- I would like to setup remote homes for users so it is transparent to them on their client machines (individual users, not in a specific domain yet). I figured the best way to do it was through Netinfo Domains. So set one up (pretty easy), I can connect to that domain OK, I put it in one client's directory access, but it still won't authenticate through a remote netinfo domain. I'm not sure what else I'm supposed to turn on. Is it at all supported under panther server? Can someone help? From george Tue Mar 1 18:04:08 2005 From: george (George Georgalis) Date: Tue, 1 Mar 2005 18:04:08 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client Message-ID: <20050301230408.GA10422@sta.local> I'm past urgency stage, an external audit is coming up and I must finish documentation in addition to other technical issues. A while back this situation was discussed here. But connecting to the linksys rv042 vpn by ipsec has been elusive. Everybody consulted says it should work and/or be easy. I need help with determining the most simple, but reliable, documented procedure (for non techies) for configuring M$ clients to use the vpn tunnel to access a private lan. Bonus bucks for documenting the Linux procedure. The clients must access the private lan of the rv042 linksys router, from behind their standard isp nat firewall, on a dhcp ISP connection. (eg behind soho firewall on cablemodem). Already setup is some fancy routing to give privileged access to the lan side of the vpn device. So you can work from home and have both sides of he device at your disposal. You are free to use 3rd party software, such as this vpn client http://www.thegreenbow.com/vpn.html (trial license available) which we seem to be able to use to get 99% there, still having problems with finishing the tunnel. Needed it before last week. If you've done this before, and are interested in helping finish, please contact me off list with your terms. Thanks, // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From marco Tue Mar 1 20:35:17 2005 From: marco (marco at metm.org) Date: Tue, 1 Mar 2005 20:35:17 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050301230408.GA10422@sta.local> References: <20050301230408.GA10422@sta.local> Message-ID: <20050302013516.GM9801@metm.org> I hate fxxxing mixed OS vpn setups. All I can say is I've been there, more undocumented incompatible crap than you can shake a stick at. I would love for someone to prove me wrong and that in fact I am the dummy who just did not understand. -- Marco From george Tue Mar 1 20:43:39 2005 From: george (G. Rosamond) Date: Tue, 1 Mar 2005 20:43:39 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302013516.GM9801@metm.org> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> Message-ID: <10adbef19943ba7f0eb672df7d7f55dc@sddi.net> On Mar 1, 2005, at 8:35 PM, marco at metm.org wrote: > I hate fxxxing mixed OS vpn setups. > All I can say is I've been there, more undocumented incompatible crap > than you can shake a stick at. I would love for someone to prove me > wrong and that in fact I am the dummy who just did not understand. > I've put in a bit of time on GG's problem, and I can only state you are NOT a dummy. g From george Tue Mar 1 20:45:28 2005 From: george (George Georgalis) Date: Tue, 1 Mar 2005 20:45:28 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302013516.GM9801@metm.org> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> Message-ID: <20050302014528.GA22916@ixeon.local> On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: >I hate fxxxing mixed OS vpn setups. >All I can say is I've been there, more undocumented incompatible crap >than you can shake a stick at. I would love for someone to prove me >wrong and that in fact I am the dummy who just did not understand. which is a great segue, I'm thinking the problem has been client firewalls. And the solution is to replace them with linksys vpn firewalls client - linksys vpn - internet - vpn linksys - private lan which should leave the least room for error, easiest to setup and support. comments? "of course you idiot" variety welcome. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From marco Tue Mar 1 20:49:34 2005 From: marco (marco at metm.org) Date: Tue, 1 Mar 2005 20:49:34 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302014528.GA22916@ixeon.local> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> Message-ID: <20050302014934.GO9801@metm.org> On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: > > client - linksys vpn - internet - vpn linksys - private lan > That maybe your only hope. I've done : client - linux ipsec - internet - linux ipsec - private lan But that was before I tasted the crisp clean flavor of configuring a BSD for such a situation. -- Marco From jonathan Tue Mar 1 21:02:59 2005 From: jonathan (Jonathan) Date: Tue, 01 Mar 2005 21:02:59 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050301230408.GA10422@sta.local> References: <20050301230408.GA10422@sta.local> Message-ID: <42251ED3.9040404@kc8onw.net> George Georgalis wrote: >I'm past urgency stage, an external audit is coming up and I must finish >documentation in addition to other technical issues. > >A while back this situation was discussed here. But connecting to the >linksys rv042 vpn by ipsec has been elusive. Everybody consulted says it >should work and/or be easy. > > I would guess that OpenVPN is out (openvpn.net) due to the fact you already have an ipsec VPN router? I've set up openvpn 2.0 between windows and FreeBSD in a TLS client-server mode a couple of times now and could probably help with any stumbling blocks as far as configuring it goes. It's also very reliable in my experience, my connection went down for ~8 hours one day and within 5 minutes after the connection came back (when I got around to checking it) the VPN was back up. There is not an official port of 2.0 yet for FreeBSD but I do have a -devel local port I got from the current OpenVPN port maintainer. If you do the TLS certs, once they are generated, it is very easy to use. You just point OpenVPN at a config file which has the location of the keys in it and the server address and off it goes. From jesse Tue Mar 1 21:38:02 2005 From: jesse (Jesse Callaway) Date: Tue, 1 Mar 2005 21:38:02 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302014528.GA22916@ixeon.local> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> Message-ID: <20050302023802.GB59716@mail.theholymountain.com> On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: > On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: > >I hate fxxxing mixed OS vpn setups. > >All I can say is I've been there, more undocumented incompatible crap > >than you can shake a stick at. I would love for someone to prove me > >wrong and that in fact I am the dummy who just did not understand. > > > which is a great segue, > > I'm thinking the problem has been client firewalls. And the solution is > to replace them with linksys vpn firewalls > > client - linksys vpn - internet - vpn linksys - private lan > > which should leave the least room for error, easiest to setup and > support. comments? "of course you idiot" variety welcome. > > // George > of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. -jesse From george Tue Mar 1 21:50:46 2005 From: george (George Georgalis) Date: Tue, 1 Mar 2005 21:50:46 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302023802.GB59716@mail.theholymountain.com> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> <20050302023802.GB59716@mail.theholymountain.com> Message-ID: <20050302025046.GC22916@ixeon.local> On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote: >On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: >> On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: >> >I hate fxxxing mixed OS vpn setups. >> >All I can say is I've been there, more undocumented incompatible crap >> >than you can shake a stick at. I would love for someone to prove me >> >wrong and that in fact I am the dummy who just did not understand. >> >> >> which is a great segue, >> >> I'm thinking the problem has been client firewalls. And the solution is >> to replace them with linksys vpn firewalls >> >> client - linksys vpn - internet - vpn linksys - private lan >> >> which should leave the least room for error, easiest to setup and >> support. comments? "of course you idiot" variety welcome. >> >> // George >> > >of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. > > >I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. the vpn router is on the edge, but since the client has their own edge firewall, support for that and their system will be excessive. seems simpler to give them an edge vpn / firewall. then there is zero config on the client host, the remote network is joined by the edge devices, edge, edge, edge is the answer, I think, don't have an extra one yet. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From mikel.king Tue Mar 1 22:00:08 2005 From: mikel.king (Mikel King) Date: Tue, 01 Mar 2005 22:00:08 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302025046.GC22916@ixeon.local> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> <20050302023802.GB59716@mail.theholymountain.com> <20050302025046.GC22916@ixeon.local> Message-ID: <42252C38.4070609@ocsny.com> Ok so your plan is to use a nailed vpn now? That is the best idea when a client software solution is complicated. Like Racoon, on MAC OS, most average endusers don't even know there is a command line under that gui...;-) George Georgalis wrote: >On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote: > > >>On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: >> >> >>>On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: >>> >>> >>>>I hate fxxxing mixed OS vpn setups. >>>>All I can say is I've been there, more undocumented incompatible crap >>>>than you can shake a stick at. I would love for someone to prove me >>>>wrong and that in fact I am the dummy who just did not understand. >>>> >>>> >>>which is a great segue, >>> >>>I'm thinking the problem has been client firewalls. And the solution is >>>to replace them with linksys vpn firewalls >>> >>> client - linksys vpn - internet - vpn linksys - private lan >>> >>>which should leave the least room for error, easiest to setup and >>>support. comments? "of course you idiot" variety welcome. >>> >>>// George >>> >>> >>> >>of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. >> >> >>I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. >> >> > >the vpn router is on the edge, but since the client has their own edge >firewall, support for that and their system will be excessive. seems >simpler to give them an edge vpn / firewall. then there is zero config >on the client host, the remote network is joined by the edge devices, >edge, edge, edge is the answer, I think, don't have an extra one yet. > >// George > > > > -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ -------------- next part -------------- A non-text attachment was scrubbed... Name: mikel.king.vcf Type: text/x-vcard Size: 347 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050301/591db043/attachment.vcf From jesse Tue Mar 1 22:12:42 2005 From: jesse (Jesse Callaway) Date: Tue, 1 Mar 2005 22:12:42 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302025046.GC22916@ixeon.local> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> <20050302023802.GB59716@mail.theholymountain.com> <20050302025046.GC22916@ixeon.local> Message-ID: <20050302031242.GD59716@mail.theholymountain.com> On Tue, Mar 01, 2005 at 09:50:46PM -0500, George Georgalis wrote: > On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote: > >On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: > >> On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: > >> >I hate fxxxing mixed OS vpn setups. > >> >All I can say is I've been there, more undocumented incompatible crap > >> >than you can shake a stick at. I would love for someone to prove me > >> >wrong and that in fact I am the dummy who just did not understand. > >> > >> > >> which is a great segue, > >> > >> I'm thinking the problem has been client firewalls. And the solution is > >> to replace them with linksys vpn firewalls > >> > >> client - linksys vpn - internet - vpn linksys - private lan > >> > >> which should leave the least room for error, easiest to setup and > >> support. comments? "of course you idiot" variety welcome. > >> > >> // George > >> > > > >of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. > > > > > >I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. > > the vpn router is on the edge, but since the client has their own edge > firewall, support for that and their system will be excessive. seems > simpler to give them an edge vpn / firewall. then there is zero config > on the client host, the remote network is joined by the edge devices, > edge, edge, edge is the answer, I think, don't have an extra one yet. > > // George edge, edge, edge. That's the mantra. You're not opening anything new up. It will have to be opened up on whatever seperate firewall you're using anyway. It's assumed that IPSEC is secure "enough" on its own and big keys are no problem. PPTP and L2TP get kind of confused with the addresses if you are using NAT in tandem. At least *I* get confused, which is bad enough, let alone the equipment. So this is kind of off-list, but just buy some more linksys vpn/firewalls. Life will be extremely simple. I hate to say it but it's just not worth it to have a BSD box dedicated to IPSEC if there is not more than one connection going through it. -jesse From jpb Tue Mar 1 22:22:10 2005 From: jpb (Jim Brown) Date: Tue, 1 Mar 2005 22:22:10 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <422496D9.9060208@omnipod.com> References: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> <42238ADD.1685.1E85FC6E@localhost> <20050301030805.GB15845@sixshooter.v6.thrupoint.net> <422496D9.9060208@omnipod.com> Message-ID: <20050302032210.GF18316@sixshooter.v6.thrupoint.net> * Jerry B. Altzman [2005-03-01 11:22]: > On 2/28/2005 10:08 PM, Jim Brown wrote: > >>How much do you need to put on a tape daily? 4GB? 10GB? 35GB? > >10GB min > > If 10GB is your MINIMUM daily backup, you should also look at > throughput. 10GB can take a lo-o-o-o-ng time. Longer than you think. > > For what it's worth, you can get a stack of 20GB IDE drives for cheaper > than the cost of most tapes, get one of them-there outboard FireWire > and/or USB2 boxes, and do a disk to disk backup. > > >Jim B. I saw something at CompUSA called a "Rev Drive"- basically a type of external cartridge drive that had a real disk as the cartridge. USB 2.0 - supposed to be fast. Large capacity. Anyone ever use one of these? Does it look like a USB drive to BSD? That might work very well for me. Best Regards, Jim B. From o_sleep Tue Mar 1 22:25:10 2005 From: o_sleep (Bjorn Nelson) Date: Tue, 1 Mar 2005 22:25:10 -0500 Subject: [nycbug-talk] Netinfo Domains in Mac OSX (Panther) In-Reply-To: <0ICP00BFD0DIXTP0@vms048.mailsrvcs.net> References: <0ICP00BFD0DIXTP0@vms048.mailsrvcs.net> Message-ID: <79c5890900f4b187a647ca1528e4b28f@belovedarctos.com> Megan, > I would like to setup remote homes for users so it is > transparent to them on their client machines (individual users, not in > a specific domain yet). I figured the best way to do it was through > Netinfo Domains. So set one up (pretty easy), I can connect to that > domain OK, I put it in one client's directory access, but it still > won't authenticate through a remote netinfo domain. I'm not sure what > else I'm supposed to turn on. Is it at all supported under panther > server? You can set this up using the Workgroup Manager.app Utility. You are going to either need to set up nfs or afs. Have you tested accessing the directory via: nidump passwd / or niutil -list / / / should give the netinfo exported directory whereas . will give you the local directory. Although I am only familiar with Jaguar Server, I thought Panther Server had gone more the ldap route. Are the filesystems being mounted in your /Network/Servers folder? check showmount -e remotemachine -Bjorn From o_sleep Tue Mar 1 22:30:41 2005 From: o_sleep (Bjorn Nelson) Date: Tue, 1 Mar 2005 22:30:41 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <20050302032210.GF18316@sixshooter.v6.thrupoint.net> References: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> <42238ADD.1685.1E85FC6E@localhost> <20050301030805.GB15845@sixshooter.v6.thrupoint.net> <422496D9.9060208@omnipod.com> <20050302032210.GF18316@sixshooter.v6.thrupoint.net> Message-ID: On Mar 1, 2005, at 10:22 PM, Jim Brown wrote: > * Jerry B. Altzman [2005-03-01 11:22]: >> On 2/28/2005 10:08 PM, Jim Brown wrote: >>>> How much do you need to put on a tape daily? 4GB? 10GB? 35GB? >>> 10GB min >> >> If 10GB is your MINIMUM daily backup, you should also look at >> throughput. 10GB can take a lo-o-o-o-ng time. Longer than you think. >> >> For what it's worth, you can get a stack of 20GB IDE drives for >> cheaper >> than the cost of most tapes, get one of them-there outboard FireWire >> and/or USB2 boxes, and do a disk to disk backup. >> >>> Jim B. > > > I saw something at CompUSA called a "Rev Drive"- basically a > type of external cartridge drive that had a real disk as the > cartridge. USB 2.0 - supposed to be fast. Large capacity. > > Anyone ever use one of these? Does it look like a USB drive > to BSD? That might work very well for me. You might just want to compress your backup and put it on a dvd. This would give you a static image you could store. -Bjorn From george Tue Mar 1 23:01:43 2005 From: george (George Georgalis) Date: Tue, 1 Mar 2005 23:01:43 -0500 Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302031242.GD59716@mail.theholymountain.com> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> <20050302023802.GB59716@mail.theholymountain.com> <20050302025046.GC22916@ixeon.local> <20050302031242.GD59716@mail.theholymountain.com> Message-ID: <20050302040143.GG22916@ixeon.local> On Tue, Mar 01, 2005 at 10:12:42PM -0500, Jesse Callaway wrote: >On Tue, Mar 01, 2005 at 09:50:46PM -0500, George Georgalis wrote: >> On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote: >> >On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: >> >> On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: >> >> >I hate fxxxing mixed OS vpn setups. >> >> >All I can say is I've been there, more undocumented incompatible crap >> >> >than you can shake a stick at. I would love for someone to prove me >> >> >wrong and that in fact I am the dummy who just did not understand. >> >> >> >> >> >> which is a great segue, >> >> >> >> I'm thinking the problem has been client firewalls. And the solution is >> >> to replace them with linksys vpn firewalls >> >> >> >> client - linksys vpn - internet - vpn linksys - private lan >> >> >> >> which should leave the least room for error, easiest to setup and >> >> support. comments? "of course you idiot" variety welcome. >> >> >> >> // George >> >> >> > >> >of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. >> > >> > >> >I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. >> >> the vpn router is on the edge, but since the client has their own edge >> firewall, support for that and their system will be excessive. seems >> simpler to give them an edge vpn / firewall. then there is zero config >> on the client host, the remote network is joined by the edge devices, >> edge, edge, edge is the answer, I think, don't have an extra one yet. >> >> // George > >edge, edge, edge. That's the mantra. You're not opening anything new up. It will have to be opened up on whatever seperate firewall you're using anyway. It's assumed that IPSEC is secure "enough" on its own and big keys are no problem. PPTP and L2TP get kind of confused with the addresses if you are using NAT in tandem. At least *I* get confused, which is bad enough, let alone the equipment. >So this is kind of off-list, but just buy some more linksys vpn/firewalls. Life will be extremely simple. I hate to say it but it's just not worth it to have a BSD box dedicated to IPSEC if there is not more than one connection going through it. Forgot a requirement. traveling laptop users, that's why we looked at a software based solution in the first place. me thought could get ipsec through a firewall much like me gets https through a nat firewall. the juniper hardware solution that uses a java applet to concentrate vpn over a tcp port this way costs $15-$20K. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From hanulec Wed Mar 2 00:44:32 2005 From: hanulec (Michael Hanulec) Date: Wed, 2 Mar 2005 00:44:32 -0500 (EST) Subject: [nycbug-talk] need help asap, will pay, ms vpn client In-Reply-To: <20050302040143.GG22916@ixeon.local> References: <20050301230408.GA10422@sta.local> <20050302013516.GM9801@metm.org> <20050302014528.GA22916@ixeon.local> <20050302023802.GB59716@mail.theholymountain.com> <20050302025046.GC22916@ixeon.local> <20050302031242.GD59716@mail.theholymountain.com> <20050302040143.GG22916@ixeon.local> Message-ID: must the "solution" be a VPN? why not use a SSH Tunnel (putty is free) to a OpenBSD box running AuthPF which can restrict network access by each login. this is A LOT simpler to deploy. i was even able to get Sales guys to set this up themselves (no offense to any Sales guys out there :) -- hanulec at hanulec.com cell: 858.518.2647 && 516.410.4478 http://www.hanulec.com EFnet irc && aol im: hanulec On Tue, 1 Mar 2005, George Georgalis wrote: > On Tue, Mar 01, 2005 at 10:12:42PM -0500, Jesse Callaway wrote: >> On Tue, Mar 01, 2005 at 09:50:46PM -0500, George Georgalis wrote: >>> On Tue, Mar 01, 2005 at 09:38:02PM -0500, Jesse Callaway wrote: >>>> On Tue, Mar 01, 2005 at 08:45:28PM -0500, George Georgalis wrote: >>>>> On Tue, Mar 01, 2005 at 08:35:17PM -0500, marco at metm.org wrote: >>>>>> I hate fxxxing mixed OS vpn setups. >>>>>> All I can say is I've been there, more undocumented incompatible crap >>>>>> than you can shake a stick at. I would love for someone to prove me >>>>>> wrong and that in fact I am the dummy who just did not understand. >>>>> >>>>> >>>>> which is a great segue, >>>>> >>>>> I'm thinking the problem has been client firewalls. And the solution is >>>>> to replace them with linksys vpn firewalls >>>>> >>>>> client - linksys vpn - internet - vpn linksys - private lan >>>>> >>>>> which should leave the least room for error, easiest to setup and >>>>> support. comments? "of course you idiot" variety welcome. >>>>> >>>>> // George >>>>> >>>> >>>> of course, I thought you were talking about IPSEC enabled firewall/gateways. Yes. Once you do that the problem will be a non-issue. You just "do it" on the MS side, lordy lordy. Were you leaving the IPSEC ports completely open? Where did they forward to? What about NAT? Yeah, once you have these guys up facing the outside it should be no problem. >>>> >>>> >>>> I've done it w/o problems when you have the VPN device sitting at the edge. Otherwise you will have to invest some time. >>> >>> the vpn router is on the edge, but since the client has their own edge >>> firewall, support for that and their system will be excessive. seems >>> simpler to give them an edge vpn / firewall. then there is zero config >>> on the client host, the remote network is joined by the edge devices, >>> edge, edge, edge is the answer, I think, don't have an extra one yet. >>> >>> // George >> >> edge, edge, edge. That's the mantra. You're not opening anything new up. It will have to be opened up on whatever seperate firewall you're using anyway. It's assumed that IPSEC is secure "enough" on its own and big keys are no problem. PPTP and L2TP get kind of confused with the addresses if you are using NAT in tandem. At least *I* get confused, which is bad enough, let alone the equipment. >> So this is kind of off-list, but just buy some more linksys vpn/firewalls. Life will be extremely simple. I hate to say it but it's just not worth it to have a BSD box dedicated to IPSEC if there is not more than one connection going through it. > > > Forgot a requirement. traveling laptop users, that's why we looked at a > software based solution in the first place. > > me thought could get ipsec through a firewall much like me gets https > through a nat firewall. the juniper hardware solution that uses a > java applet to concentrate vpn over a tcp port this way costs $15-$20K. > > // George > > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > From bschonhorst Wed Mar 2 11:28:04 2005 From: bschonhorst (Brad Schonhorst) Date: Wed, 2 Mar 2005 11:28:04 -0500 Subject: [nycbug-talk] Netinfo Domains in Mac OSX (Panther) In-Reply-To: <0ICP00BFD0DIXTP0@vms048.mailsrvcs.net> References: <0ICP00BFD0DIXTP0@vms048.mailsrvcs.net> Message-ID: <79e84ba9382654165f991a6c33fc667a@vcsnyc.org> > I would like to setup remote homes for users so it is > transparent to them on their client machines (individual users, not in > a specific domain yet). I figured the best way to do it was through > Netinfo Domains. So set one up (pretty easy), I can connect to that > domain OK, I put it in one client's directory access, but it still > won't authenticate through a remote netinfo domain. I'm not sure what > else I'm supposed to turn on. Is it at all supported under panther > server? > > Can someone help? Hey Megan- Apple moved away from Netinfo after 10.2 and now encourages the use of LDAP for this sort of thing. We have a similar setup here and it runs very smoothly. Apple provides some good documentation here: http://www.apple.com/server/documentation Another great resource is Richard MacLemale's site. He has thoroughly documented the steps needed to get a networked home directory setup running with OS 10.3- http://homepage.mac.com/richardmaclemale/articles/osx_server/ overview.html Hope this helps! Brad From unixenigma Wed Mar 2 23:24:38 2005 From: unixenigma (G T) Date: Wed, 2 Mar 2005 20:24:38 -0800 (PST) Subject: [nycbug-talk] Michael Shalayeff: OpenBSD on PA-RISC Message-ID: <20050303042438.78068.qmail@web53905.mail.yahoo.com> Nice... Today?s presentation was a little bit complicating for me. Nevertheless I found it to be very educational and definitely interesting. The dude is true OS programmer to the core. I would love to hear some more stuff from him, like another presentation. And maybe next time I bring some beer with me, cause I heard he said it becomes easy to troubleshoot, or in my case to get it, with a beer in the hand :). I?m looking forward for his slides on the web if possible. p.s. NYCBUG T-Shirts ROCKS! You got to get one people :) GT __________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/ From nikolai.fetissov Wed Mar 2 23:32:43 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Wed, 2 Mar 2005 23:32:43 -0500 (EST) Subject: [nycbug-talk] March meeting audio Message-ID: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> Folks, Audio of Mickey's presentation is available at http://www.peachisland.com/nycbyg/ -- nick From nikolai.fetissov Wed Mar 2 23:35:24 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Wed, 2 Mar 2005 23:35:24 -0500 (EST) Subject: [nycbug-talk] March meeting audio In-Reply-To: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> References: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> Message-ID: <2101.67.86.34.250.1109824524.squirrel@www.geekisp.com> Oops, the correct link is: http://www.peachisland.com/nycbug/ -- nick > Audio of Mickey's presentation is available at > http://www.peachisland.com/nycbyg/ From george Thu Mar 3 00:22:39 2005 From: george (George Georgalis) Date: Thu, 3 Mar 2005 00:22:39 -0500 Subject: [nycbug-talk] March meeting audio In-Reply-To: <2101.67.86.34.250.1109824524.squirrel@www.geekisp.com> References: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> <2101.67.86.34.250.1109824524.squirrel@www.geekisp.com> Message-ID: <20050303052239.GC24324@ixeon.local> On Wed, Mar 02, 2005 at 11:35:24PM -0500, Nikolai N. Fetissov wrote: >http://www.peachisland.com/nycbug/ Thanks... I was just going to ask how the meeting went... // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From george Thu Mar 3 02:00:16 2005 From: george (G. Rosamond) Date: Thu, 3 Mar 2005 02:00:16 -0500 Subject: [nycbug-talk] March meeting audio In-Reply-To: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> References: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> Message-ID: On Mar 2, 2005, at 11:32 PM, Nikolai N. Fetissov wrote: > Folks, > Audio of Mickey's presentation is available at > http://www.peachisland.com/nycbyg/ > -- > nick > You know we could have waited 15 minutes after the meeting to get the audio, but no, we had to wait 16 minutes. .... Thanks N. . . g From george Thu Mar 3 02:31:46 2005 From: george (George Georgalis) Date: Thu, 3 Mar 2005 02:31:46 -0500 Subject: [nycbug-talk] March meeting audio In-Reply-To: References: <2097.67.86.34.250.1109824363.squirrel@www.geekisp.com> Message-ID: <20050303073146.GH25137@ixeon.local> On Thu, Mar 03, 2005 at 02:00:16AM -0500, G Rosamond wrote: > >On Mar 2, 2005, at 11:32 PM, Nikolai N. Fetissov wrote: > >>Folks, >>Audio of Mickey's presentation is available at >>http://www.peachisland.com/nycbyg/ >>-- >> nick >> > >You know we could have waited 15 minutes after the meeting to get the >audio, but no, we had to wait 16 minutes. .... And I heard the meeting and got back to work before you finished your beer! ....oh yeah, George R doesn't drink beer... (I'd like to say I was listening, drinking beer and working, but it didn't happen like that.) // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From george Thu Mar 3 17:21:01 2005 From: george (G. Rosamond) Date: Thu, 3 Mar 2005 17:21:01 -0500 Subject: [nycbug-talk] the next meeting Message-ID: <856cdbc035230f82bd5e9c7b68b9ee21@sddi.net> This should prove to be very informative. ... from our site. .. April 06, 2005 Yarema: FreeBSD port maintenance Tutorial on port maintenance: Courier on FreeBSD The entry point for many people into BSD is using the ports system to install and run just about any application one could ever want on a server. Yarema, yds at coolrat.org, will give an in-depth tutorial on how he maintains the Courier port to FreeBSD. Yarema has worked out kinks with getting Postfix, Mulberry, and some Ruby libraries to build consistently and easily. He will go line-by-line through the makefiles and show the audience where to find the knobs and the documentation for features such as the interactive configuration menus. Emphasis will be placed on the "Big Daddy" bsd.port.mk, which is 1/5 comments, 4/5 shell code. This will take you into the depths of the Makefile which is not covered in the Porter`s Handbook. After the talk Yarema will be taking questions and firing back answers... a rare opportunity for those interested. Here is the flyer From dlavigne6 Thu Mar 3 17:47:16 2005 From: dlavigne6 (Dru) Date: Thu, 3 Mar 2005 17:47:16 -0500 (EST) Subject: [nycbug-talk] the next meeting In-Reply-To: <856cdbc035230f82bd5e9c7b68b9ee21@sddi.net> References: <856cdbc035230f82bd5e9c7b68b9ee21@sddi.net> Message-ID: <20050303174343.X568@dru.domain.org> On Thu, 3 Mar 2005, G. Rosamond wrote: > This should prove to be very informative. ... > > from our site. .. > > > April 06, 2005 > Yarema: FreeBSD port maintenance > > Tutorial on port maintenance: Courier on FreeBSD The entry point for many > people into BSD is using the ports system to install and run just about any > application one could ever want on a server. Yarema, yds at coolrat.org, will > give an in-depth tutorial on how he maintains the Courier port to FreeBSD. > Yarema has worked out kinks with getting Postfix, Mulberry, and some Ruby > libraries to build consistently and easily. He will go line-by-line through > the makefiles and show the audience where to find the knobs and the > documentation for features such as the interactive configuration menus. > Emphasis will be placed on the "Big Daddy" bsd.port.mk, which is 1/5 > comments, 4/5 shell code. This will take you into the depths of the Makefile > which is not covered in the Porter`s Handbook. After the talk Yarema will be > taking questions and firing back answers... a rare opportunity for those > interested. Makes me wish it was easier to get to NYC in the middle of the week :-) For those that are interested, the next article in the series (out Mar 24, IIRC) is an introduction to bsd.port.mk. Might be a good prepatory read for those brand new to this file. Dru From dan Fri Mar 4 08:09:51 2005 From: dan (Dan Langille) Date: Fri, 04 Mar 2005 08:09:51 -0500 Subject: [nycbug-talk] BSDCan schedule release announcement Message-ID: <422817CF.22976.304C8F54@localhost> Hi folks, Today, just after noon EST, the BSDCan 2005 schedule will be released. This is just a HEADS up to those that distribute this news to various website so they can prepare. cheers -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From dan Fri Mar 4 13:10:20 2005 From: dan (Dan Langille) Date: Fri, 04 Mar 2005 13:10:20 -0500 Subject: [nycbug-talk] BSDCan schedule release announcement In-Reply-To: <422817CF.22976.304C8F54@localhost> Message-ID: <42285E3C.1764.315FA813@localhost> On 4 Mar 2005 at 8:09, Dan Langille wrote: > Today, just after noon EST, the BSDCan 2005 schedule will be > released. This is just a HEADS up to those that distribute this news > to various website so they can prepare. Done. thanks for helping with the publicity. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From okan Fri Mar 4 14:55:20 2005 From: okan (Okan Demirmen) Date: Fri, 4 Mar 2005 14:55:20 -0500 Subject: [nycbug-talk] hardware fingerprinting Message-ID: <20050304195520.GA39049@yinaska.pair.com> something we all may find interesting: http://www.zdnet.com.au/news/security/0,2000061744,39183346,00.htm http://www.caida.org/outreach/papers/2005/fingerprinting/ -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From steve Fri Mar 4 14:58:46 2005 From: steve (steverieger) Date: Fri, 04 Mar 2005 14:58:46 -0500 Subject: [nycbug-talk] Pgsql 7.4 install from ports Message-ID: Hi all, I am not the greatest pgsql guru, and have the following question for the gurus here. I inherited a pgsql 7.4 db, and do not know pgsql's pasword, I can log in as a normal user, but for mx reasons I need to figure out the su passwd, how do I go about doing this. Thanx From bob Fri Mar 4 15:16:28 2005 From: bob (Bob Ippolito) Date: Fri, 4 Mar 2005 15:16:28 -0500 Subject: [nycbug-talk] Pgsql 7.4 install from ports In-Reply-To: References: Message-ID: On Mar 4, 2005, at 2:58 PM, steverieger wrote: > I am not the greatest pgsql guru, and have the following question for > the > gurus here. > > I inherited a pgsql 7.4 db, and do not know pgsql's pasword, I can log > in as > a normal user, but for mx reasons I need to figure out the su passwd, > how do > I go about doing this. Google is your friend: http://archives.postgresql.org/pgsql-admin/2002-06/msg00197.php -bob From george Fri Mar 4 17:37:42 2005 From: george (George Georgalis) Date: Fri, 4 Mar 2005 17:37:42 -0500 Subject: [nycbug-talk] hardware fingerprinting In-Reply-To: <20050304195520.GA39049@yinaska.pair.com> References: <20050304195520.GA39049@yinaska.pair.com> Message-ID: <20050304223741.GA6183@ixeon.local> On Fri, Mar 04, 2005 at 02:55:20PM -0500, Okan Demirmen wrote: >something we all may find interesting: > >http://www.zdnet.com.au/news/security/0,2000061744,39183346,00.htm > >http://www.caida.org/outreach/papers/2005/fingerprinting/ uhoh. now what am I going to do??? no mention of ttl resets at the nat gw, or other routers. would that break it? the conclusion makes me think the 'bigger' application is as an adversary's penetration tool. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From dan Sat Mar 5 17:05:52 2005 From: dan (Dan Langille) Date: Sat, 05 Mar 2005 17:05:52 -0500 Subject: [nycbug-talk] wtd: BSDCan banner please Message-ID: <4229E6F0.19157.375DA677@localhost> Can someone please do up a 100x200 banner for BSDCan? Thanks. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From lists Sun Mar 6 08:56:01 2005 From: lists (lists at genoverly.net) Date: Sun, 6 Mar 2005 14:56:01 +0100 Subject: [nycbug-talk] Fw: Newsletter from O'Reilly Message-ID: <0MKz5u-1D7wGg24iV-0005xc@mrelay.perfora.net> Begin forwarded message: Date: Thu, 03 Mar 2005 17:03:43 -0800 ================================================================ O'Reilly News for User Group Members March 3, 2005 ================================================================ ---------------------------------------------------------------- Book News ---------------------------------------------------------------- -Jakarta Struts Cookbook -Apple I Replica Creation -Programming Flash Communication Server -The Linux Enterprise Cluster -Programming C#, 4th Edition -Pragmatic Version Control Using Subversion -PC Hardware Buyer's Guide -Game Coding Complete, Second Ed. -Office 2004 for Macintosh: The Missing Manual -Linux in a Windows World ---------------------------------------------------------------- Upcoming Events ---------------------------------------------------------------- -Bonnie Biafore ("Online Investing Hacks") San Francisco Investors' Forum, San Ramon, CA--March 5 -O'Reilly at PhotoShop World, Las Vegas, NV--March 9 -Steve Bass ("PC Annoyances") on the Radio with ComputerAmerica March 7, April 4, May 2, and June 6 -Steve Bass ("PC Annoyances") on "AirTalk with Larry Mantle," KPCC (89.3FM), Pasadena, CA--March 15 -Greg Kroah-Hartman, ("Linux Device Drivers, 3rd Ed."), Powell's Technical Bookstore, Portland, OR--April 16 ---------------------------------------------------------------- Conference News ---------------------------------------------------------------- -Register for the 2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 -Register for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 ---------------------------------------------------------------- News ---------------------------------------------------------------- -How Paris Got Hacked? -SafariU Revolutionizes the Textbook -Remixing Culture: An Interview with Lawrence Lessig -O'Reilly Learning Lab: $200 Instant Rebate -MAKE Subscriptions Available -Trouble in the Kernel, VMware, and PostgreSQL -Building the PostgreSQL BuildFarm -Display Your Favorite Album Artwork in iTunes -Build an iTunes Remote Control -Mac Books in Newsweek -Understanding Administrative Templates -Data Binding in ASP.NET 2.0 -A Look at Commons Chain: The New Java Framework -Aspect-Oriented Annotations -Rid Yourself of Digital Media Annoyances -Build a Simple MP3 Player for Your Site -Actions for Photoshop Elements 3 -Yahoo! Web Services -Not the Usual Suspects: Recruiting Usability Test Participants -Logs, Browsers and Statistics: The Decline of Internet Explorer 5 ================================================ Book News ================================================ Did you know you can request a free book to review for your group? Ask your group leader for more information. For book review writing tips and suggestions, go to: http://ug.oreilly.com/bookreviews.html Don't forget, you can receive 20% off any O'Reilly, No Starch, Paraglyph, Pragmatic Bookshelf, SitePoint, or Syngress book you purchase directly from O'Reilly. Just use code DSUG when ordering online or by phone 800-998-9938. http://www.oreilly.com/ ***Free ground shipping is available for online orders of at least $29.95 that go to a single U.S. address. This offer applies to U.S. delivery addresses in the 50 states and Puerto Rico. For more details, go to: http://www.oreilly.com/news/freeshipping_0703.html ---------------------------------------------------------------- New Releases ---------------------------------------------------------------- ***Jakarta Struts Cookbook Publisher: O'Reilly ISBN: 059600771X "Jakarta Struts Cookbook" is an amazing collection of code solutions to common--and uncommon--problems encountered when building web applications with the Struts Framework. With solutions to real-world problems, this look-up reference is perfect for independent developers, large development teams, and everyone in between who wishes to use the Struts Framework to its fullest potential. Plus, it is completely up-to-date with the latest versions of Framework, so readers can be sure the information is viable. http://www.oreilly.com/catalog/jakartastrutsckbk/index.html Chapter 14, "Tiles and Other Presentation Approaches," is available online: http://www.oreilly.com/catalog/jakartastrutsckbk/chapter/index.html ***Apple I Replica Creation Back to the Garage Publisher: Syngress ISBN: 193183640X Computers like the Apple I are incredibly simple machines. Even if you have no experience with electronics, this book will teach you how to build your own replica of the Apple I, show you how to program it yourself, and introduce you to exciting ways to expand your Apple I to control lights, motors, and more. http://www.oreilly.com/catalog/193183640X/index.html ***Programming Flash Communication Server Publisher: O'Reilly ISBN: 0596005040 "Programming Flash Communication Server" not only explains how to use the pre-built FCS components to construct a simple application, it also explains the architecture so that developers can program custom components to make even more advanced applications. In addition, the book explains how to truly optimize performance and talks about considerations for networked applications as well as the media issues pertaining to FCS. http://www.oreilly.com/catalog/progflashcs/index.html Chapter 1, "Introducing the Flash Communication Server," is available online: http://www.oreilly.com/catalog/progflashcs/chapter/index.html ***The Linux Enterprise Cluster Publisher: No Starch Press ISBN: 1593270364 "The Linux Enterprise Cluster" is a practical guide for building and installing an enterprise-class cluster for mission critical applications using commodity hardware and open source software. Includes information on how to build a high-availability server pair using the Heartbeat package, how to use the Linux Virtual Server load balancing software, how to configure a reliable printing system, and how to build a job scheduling system with no single point of failure. http://www.oreilly.com/catalog/1593270364/index.html ***Programming C#, 4th Edition Publisher: O'Reilly ISBN: 0596006993 Aimed at experienced programmers and web developers, this fourth edition of the top-selling C# book focuses on the features and programming patterns that are new to C# and fundamental to the programming of web services and applications on Microsoft's .NET platform. This edition has also been updated to reflect the C# ISO standard as well as changes in Microsoft's implementation of the language. http://www.oreilly.com/catalog/progcsharp4/index.html Chapter 12, "Delegates and Events," is available online: http://www.oreilly.com/catalog/progcsharp4/chapter/index.html ***Pragmatic Version Control Using Subversion Publisher: Pragmatic Bookshelf ISBN: 0974514063 Half of all project teams in the U.S. don't use any version control at all, and many others experience problems. Version control is the lifeblood of software projects, but it doesn't have to be complicated or time consuming. This recipe-based book covers the theory behind version control and shows how it can help developers become more efficient, work better as a team, and keep on top of software complexity. http://www.oreilly.com/catalog/0974514063/index.html ***PC Hardware Buyer's Guide Publisher: O'Reilly ISBN: 0596009380 This handy guide is the ideal shopping companion for people who wish to build their own desktop computer. Loaded with valuable information, the "PC Hardware Buyer's Guide" helps you choose which parts are best for you by linking compatibility and performance with your own particular profile. This book features a component overview, valuable rules of thumb, and a quick-lookup reference chart with recommended brands and models. http://www.oreilly.com/catalog/pccbg/index.html ***Game Coding Complete, Second Ed. Publisher: Paraglyph Press ISBN: 1932111913 "Game Coding Complete, Second Ed." is the essential hands-on guide to developing commercial quality games written by master game programmer Mike McShaffry. This must-have second edition has been expanded from the bestselling first edition to include the absolute latest in exciting new techniques in game interface design programming, game audio development, game scripting, 3D programming, and game engine technology. http://www.oreilly.com/catalog/1932111913/index.html ***Office 2004 for Macintosh: The Missing Manual Publisher: O'Reilly ISBN: 0596008201 Whether you're an Office beginner eager to understand the applications in the suite or a longtime Office user looking for power-user techniques and detailed coverage of what's new in Office 2004, this book delivers everything you need to master all four Office 2004 programs for Mac--Word, Excel, PowerPoint, and Entourage. According to Microsoft, the average Office user taps into less than 15 percent of the suite's features. Get 100 percent out of Office 2004 by getting the Missing Manual. http://www.oreilly.com/catalog/officemactmm/index.html ***Linux in a Windows World Publisher: O'Reilly ISBN: 0596007582 An invaluable companion for any system administrator interested in integrating Linux into their Windows environment, this book takes an in-depth look at exactly how Linux can be brought into an organization that's currently based on Microsoft Windows systems. Featuring a litany of insider tips and techniques, "Linux in a Windows World" dispenses all the practical advice you need to migrate to this revolutionary open source software. http://www.oreilly.com/catalog/linuxwinworld/index.html Chapter 7, "Using NT Domains for Linux Authentication," is available online: http://www.oreilly.com/catalog/linuxwinworld/chapter/index.html ================================================ Upcoming Events ================================================ ***For more events, please see: http://events.oreilly.com/ ***Bonnie Biafore ("Online Investing Hacks"), San Francisco Investors' Forum, San Ramon, CA--March 5 Bonnie will be teaching a workshop at this event. SBC Center, San Ramon, CA http://www.better-investing.org/chapter/sanfran/ ***O'Reilly at PhotoShop World, Las Vegas, NV--March 9 Come by and say hi and check out our latest Digital Media books at our booth (#220). Mandalay Bay Resort, Las Vegas, NV. http://www.photoshopworld.com/ ***Steve Bass ("PC Annoyances") on the Radio with ComputerAmerica March 7, April 4, May 2, and June 6 He will be on the radio from 7:00-8:00pm (PST) Call in during the show! The number is 866-606-8255. To listen to the show live, go to: http://www.computeramerica.com/listen.htm To chat while Steve's on the air, go to: http://www.computeramerica.com/interact.htm Check for a local station here on "Business Talk Radio": http://snipurl.com/computeramerica3 ***Steve Bass ("PC Annoyances") on "AirTalk with Larry Mantle," KPCC (89.3FM), Pasadena, CA--March 15 Click "Listen Live" to hear the show 11:00am through 12:00pm (PST): http://www.kpcc.org ***Greg Kroah-Hartman, ("Linux Device Drivers, 3rd Ed"), Powell's Technical Bookstore, Portland, OR--April 16 Come on by and listen to Greg talk about his new book. Saturday, April 16th at 1:00pm Powell's Technical Books 33 NW Park Avenue Portland, OR 97209 USA http://www.powells.com/technicalbooks ================================================ Conference News ================================================ ***2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 This year's conference theme is "Remix," which infuses ETech's roll-up-your-sleeves tutorials, to-the-point plenary presentations, and real world focused breakout sessions. Come to ETech and discover how applications and hardware are being deconstructed and recombined in unexpected ways. Learn how users and customers are influencing new interfaces, devices, business models, and services. For all the scoop on tutorials, featured speakers, and conference events, check out: http://conferences.oreillynet.com/etech/ User group members use code DSUG when you register, and receive 20% off the registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/et2005/create/ord_et05 ***Register for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 The MySQL Users Conference, co-presented by O'Reilly Media and MySQL AB, brings together experts, users, and industry leaders with unique MySQL insights, offering attendees a detailed look into new features in MySQL 5.0, sessions and workshops designed to teach best practices, and exposure to new open source technologies. For more information, go to: http://www.mysqluc.com/ User Group members who register before Febuary 28, 2005 get a double discount. Use code DSUG when you register, and receive 20% off the early registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/mysqluc2005/create/ord_mysql05 ================================================ News From O'Reilly & Beyond ================================================ --------------------- General News --------------------- ***How Paris Got Hacked? Like many online service providers, T-Mobile requires users to answer a "secret question" if they forget their passwords. For Paris Hilton's account, the secret question was "What is your favorite pet's name?" By correctly providing the well-known answer, any internet user could change Hilton's password and freely access her account. http://www.macdevcenter.com/pub/a/mac/2005/01/01/paris.html ***SafariU Revolutionizes the Textbook With SafariU, you can you create and publish your own textbook, selecting exactly the book chapters, sections, or articles you need from the impressive Safari database. SafariU costs you nothing to use and offers your students more focused course content at less cost. Sign up now, get a jump on your summer and fall course prep, and your first custom textbook could be ready to print before spring break. Visit SafariU to view a video demo and sign up for access. http://academic.oreilly.com/safariu-more.csp ***Remixing Culture: An Interview with Lawrence Lessig What do you get when you mix P2P, inexpensive digital input devices, open source software, easy editing tools, and reasonably affordable bandwidth? Potentially, you get what Lawrence Lessig calls remix culture, which he explains in this extensive interview. http://www.oreillynet.com/pub/a/policy/2005/02/24/lessig.html The concept of remixing culture is also the topic of his keynote at O'Reilly's upcoming Emerging Technology Conference, March 14-17 in San Diego. http://conferences.oreillynet.com/etech/ ***O'Reilly Learning Lab: $200 Instant Rebate Learning programming languages and development techniques has never been easier. Using your web browser and Useractive's Learning Sandbox technology, the Learning Lab gives you hands-on, online training in a creative environment. This month, receive a $200 instant rebate (and a Certificate from the University of Illinois Office of Continuing Education upon course completion) when you enroll in any Certificate Series. http://www.oreilly.com/redirector.csp?link=UACert&type=news ***MAKE Subscriptions Available The annual subscription price for four issues is $34.95. When you subscribe with this link, you'll get a free issue--the first one plus four more for $34.95. So subscribe for yourself or friends with this great offer for charter subscribers: five volumes for the cost of four. Subscribe at: https://www.pubservice.com/MK/Subnew.aspx?PC=MK&PK=M5ZUGLA The MAKE blog is available at: http://www.makezine.com/blog/ --------------------- Open Source --------------------- ***Trouble in the Kernel, VMware, and PostgreSQL Noel Davis looks at problems in the Linux kernel, VMware, PostgreSQL, Squid, MySQL, mailman, Apple OSX HFS+, movemail with GNU Emacs or XEmancs, KStars, typespeed, awstats, and synaesthesia. http://www.linuxdevcenter.com/pub/a/linux/2005/02/28/security_alerts.html ***Building the PostgreSQL BuildFarm Managing a cross-platform open source project is difficult; how do you test on all the platforms you support? Leverage the time and resources of your users! Andrew Dunstan took a tip from the Samba team and recently set up a build farm for the PostgreSQL project to report build successes and failures from interested users. Here's how he did it. http://www.onlamp.com/pub/a/onlamp/2005/02/24/pg_buildfarm.html --------------------- Mac --------------------- ***Display Your Favorite Album Artwork in iTunes Love your iPod but miss the album art? In iTunes 4, you can associate an album's artwork with a song so it can be displayed while you play the song. Wei-Meng Lee shows you how to use two free programs, Clutter and art4iTunes.com, to simplify the task. For more tricks and tips on using your iPod photo, check out Wei-Meng's latest eDoc, All About Your iPod Photo. http://www.macdevcenter.com/pub/a/mac/2005/02/22/albumart.html ***Build an iTunes Remote Control AirPort Express is great for streaming music from your Mac, except when you have to change tracks from another room. There are commercial solutions available, but here's a great evening project using your web-enabled cell phone and the power of Mac OS X. http://www.macdevcenter.com/pub/a/mac/2005/03/01/itunes_remote.html ***Mac Books in Newsweek No Starch's "The Cult of Mac" and O'Reilly's "Revolution in the Valley" were mentioned in Newsweek's Quick Read, February 21 Issue. http://www.msnbc.msn.com/id/6934650/site/newsweek/ "The Cult of Mac" http://www.oreilly.com/catalog/1886411832/index.html "Revolution in the Valley" http://www.oreilly.com/catalog/revolution/ --------------------- Windows/.NET --------------------- ***Understanding Administrative Templates Administrative templates are a key management component of Group Policy on Windows 2000, Windows XP, and Windows Server 2003. Mitch Tulloch, author of "Windows Server Hacks," shows you how they work and how to use them. http://www.windowsdevcenter.com/pub/a/windows/2005/03/01/Admin_templates..html ***Data Binding in ASP.NET 2.0 Not only has Microsoft made radical changes in how data binding is done between ASP.NET 1.x and 2.0, but it has also created significant differences between how it is done in Windows Forms and ASP.NET in 2.0. This keeps life interesting (Jesse Liberty says, gnashing his teeth). In this new column, he dives into data binding in the new Web Forms. http://www.ondotnet.com/pub/a/dotnet/2005/02/22/liberty.html --------------------- Java --------------------- ***A Look at Commons Chain: The New Java Framework In part one of a two-part series, Bill Siggelkow covers the basics of Chain, a promising new framework from the Jakarta Commons subproject that lets you integrate Chain into the Struts build process. In part two, Bill will cover how Chain is being applied to Struts and other projects. Bill is the author of O'Reilly's "Jakarta Struts Cookbook." http://www.onjava.com/pub/a/onjava/2005/03/02/commonchains.html ***Aspect-Oriented Annotations Aspect-Oriented Programming (AOP) and attributes are two leading-edge programming concepts, each with typical applications. By combining them, using attributes to indicate where AOP code should execute, you can effectively declare new Java syntax. Bill Burke introduces this new technique. http://www.onjava.com/pub/a/onjava/2004/08/25/aoa.html --------------------- Digital Media --------------------- ***Rid Yourself of Digital Media Annoyances Sometimes those little quirks in your favorite digital media toys can take all the fun out of playing. Preston Gralla offers a baker's dozen fixes to MP3, iTunes, and QuickTime annoyances, so you can get back to the fun. Preston is the author of "Internet Annoyances." http://www.windowsdevcenter.com/pub/a/windows/2005/02/22/internetannoy.html ***Build a Simple MP3 Player for Your Site You don?€™t have to monkey with Flash, redundant windows, or unpredictable plugins to deliver smart-looking audio playback for your visitors. With this sneaky bit of JavaScript, you can generate pop-up music players on the fly. http://digitalmedia.oreilly.com/2005/02/23/mp3_embed.html ***Actions for Photoshop Elements 3 Want to automate a complicated artistic effect, like making a photo look like a watercolor, or adding a 3-D frame? Photoshop Elements 3 makes these tasks easy with actions. Barbara Brundage, author of "Photoshop Elements 3: The Missing Manual," shows you how to write, install, and troubleshoot actions in Elements 3, for the Mac or Windows. http://digitalmedia.oreilly.com/2005/02/23/PSelement3.html --------------------- Web --------------------- ***Yahoo! Web Services Paul Bausch takes a look at the new Yahoo! Web Services interface and shows how to tap into the API with a sample application. http://www.oreillynet.com/pub/a/network/2005/02/28/yahoo.html ***Not the Usual Suspects: Recruiting Usability Test Participants Isn't usability testing a simple matter of getting pals or colleagues to look over a site in exchange for free pizza? No, it's not... Liz explains how easy it is to gather suitable, site-relevant test participants using a number of possible sampling techniques. http://www.sitepoint.com/article/usability-test-participants ***Logs, Browsers and Statistics: The Decline of Internet Explorer 5 Individual site logs on browser usage lie, contends Alex Walker. He says a larger sample size is necessary for data and decision making. http://www.sitepoint.com/blog-post-view.php?id=226319 ================================================ >From Your Peers =============================================== Don't forget to check out the O'Reilly UG wiki to see what user groups across the globe are up to: http://wiki.oreillynet.com/usergroups/index.cgi -- From marco Sun Mar 6 09:22:16 2005 From: marco (marco at metm.org) Date: Sun, 6 Mar 2005 09:22:16 -0500 Subject: [nycbug-talk] Fw: Newsletter from O'Reilly In-Reply-To: <0MKz5u-1D7wGg24iV-0005xc@mrelay.perfora.net> References: <0MKz5u-1D7wGg24iV-0005xc@mrelay.perfora.net> Message-ID: <20050306142215.GK5352@metm.org> On Sun, Mar 06, 2005 at 02:56:01PM +0100, lists at genoverly.net wrote: > >Begin forwarded message: > >Date: Thu, 03 Mar 2005 17:03:43 -0800 >================================================================ >O'Reilly News for User Group Members >March 3, 2005 /bsd Pattern not found. :) -- Marco From joreilly Sun Mar 6 09:45:45 2005 From: joreilly (Jim O'Reilly) Date: Sun, 6 Mar 2005 09:45:45 -0500 Subject: [nycbug-talk] Books left at Denizen Message-ID: <6BD471A4-8E4E-11D9-A167-000393CA9C32@panix.com> When I left Denizen's, to which NYCBUGers had repaired after last Wednesday's meeting, I left behind the bag and book I had gotten at the meeting. I called the bar and the bartender found the bag and book. When I came to the bar on Friday night to collect them, there were 3 more books which had also been left in the back room. Assuming that NYCBUG will go there after next month's meeting, I left them there with a note to hold them for NYCBUG and to phone me at (718)499-7470 if they had any questions. The bartender said they would keep the books and that anyone from NYCBUG could pick them up, either after the next meeting, or in the meantime. The books were: Competition in the Global Productivity Race, by Edward Yourdon PHP-NUKE Garage, by Don Jones Java Application Development on Linux, by Carl Albing & Michael Schwartz From lists Sun Mar 6 10:02:01 2005 From: lists (lists at genoverly.net) Date: Sun, 6 Mar 2005 16:02:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_Books_left_at_Denizen?= Message-ID: <0MKyxe-1D7xIX3Up8-0007TS@mrelay.perfora.net> On Sun, 6 Mar 2005 09:45:45 -0500 Jim O'Reilly wrote: > The books were: > Competition in the Global Productivity Race, by Edward Yourdon > PHP-NUKE Garage, by Don Jones > Java Application Development on Linux, by Carl Albing & Michael Schwartz > hahaha... PHP-Nuke? Java on Linux? Had to be a bsd/zope guy! Michael -- From jpb Sun Mar 6 10:36:30 2005 From: jpb (Jim Brown) Date: Sun, 6 Mar 2005 10:36:30 -0500 Subject: [nycbug-talk] Books left at Denizen In-Reply-To: <0MKyxe-1D7xIX3Up8-0007TS@mrelay.perfora.net> References: <0MKyxe-1D7xIX3Up8-0007TS@mrelay.perfora.net> Message-ID: <20050306153630.GA42594@sixshooter.v6.thrupoint.net> * lists at genoverly.net [2005-03-06 10:04]: > > On Sun, 6 Mar 2005 09:45:45 -0500 > Jim O'Reilly wrote: > > > The books were: > > Competition in the Global Productivity Race, by Edward Yourdon > > PHP-NUKE Garage, by Don Jones > > Java Application Development on Linux, by Carl Albing & Michael Schwartz > > > > hahaha... PHP-Nuke? Java on Linux? Had to be a bsd/zope guy! > > Michael Wasn't me. I wasn't able to make it. ThruPoint quarterly meeting that night... Jim B. From george Sun Mar 6 12:10:50 2005 From: george (G. Rosamond) Date: Sun, 6 Mar 2005 12:10:50 -0500 Subject: [nycbug-talk] Books left at Denizen In-Reply-To: <20050306153630.GA42594@sixshooter.v6.thrupoint.net> References: <0MKyxe-1D7xIX3Up8-0007TS@mrelay.perfora.net> <20050306153630.GA42594@sixshooter.v6.thrupoint.net> Message-ID: <314b3ed087b7bfd66eed5137e12152f1@sddi.net> On Mar 6, 2005, at 10:36 AM, Jim Brown wrote: > * lists at genoverly.net [2005-03-06 10:04]: >> >> On Sun, 6 Mar 2005 09:45:45 -0500 >> Jim O'Reilly wrote: >> >>> The books were: >>> Competition in the Global Productivity Race, by Edward Yourdon That was the Deutsche Bank economist who thought Y2K was the end of the world as we know it. . . >>> PHP-NUKE Garage, by Don Jones >>> Java Application Development on Linux, by Carl Albing & Michael >>> Schwartz >>> >> >> hahaha... PHP-Nuke? Java on Linux? Had to be a bsd/zope guy! >> >> Michael > > > Wasn't me. I wasn't able to make it. ThruPoint quarterly meeting > that night... > I think *I* know whose it is . . g From matt Mon Mar 7 17:07:01 2005 From: matt (Matt Juszczak) Date: Mon, 7 Mar 2005 17:07:01 -0500 (EST) Subject: [nycbug-talk] shared hosting In-Reply-To: <20050125071224.GA51779@finn.nomadlogic.org> References: <41F54C57.1020904@n2sw.com> <8c50a3c305012411456e1f3644@mail.gmail.com> <2D757F56-6E58-11D9-8849-000D9328615E@sddi.net> <20050125071224.GA51779@finn.nomadlogic.org> Message-ID: <20050307170425.J64995@neptune.atopia.net> I work at an ISP in South Jersey. My boss is lenient and would definitely host a box at a very cheap rate and/or free (as long as he, in turn, received advertising .. you know those business people). I am currently in charge of setting up his dedicated hosting (we are adding services constantly). Site is www.dandy.net Also, I am willing to provide very very cheap accounts to anyone interested (like .. $2/month cheap) on one of my personal servers. People would just need to be patient as I would want to jail everything. Contact me off list if you are interested. -matt On Tue, 25 Jan 2005, Pete Wright wrote: > On Mon, Jan 24, 2005 at 05:34:58PM -0500, G. Rosamond wrote: >> > >> >> At some point, I would also like to see free jails or shared virtual >> hosting provided free to NYC*BUG members by somebody. . . either the >> firm donates and manages for us, or we have a box they host for us, and >> we run the box, provide jails, etc. . . >> > > i'd even like to take this a step further and possibly look into some sort > of "co-op ISP" type situation. maybe where interested members from nycbug > and other UG's get together and see if it would make sense to go in and > lease out a rack from a co-lo facility. hopefully giving an ISP very good > exposure from the user groups, and members get a cut-rate for a rack or so. > i know i pay out of pocket for dedicated internet connect's for work/play, > and can assume others would be interested as well, if it makes sense > financially that is. > > > -pete > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > !DSPAM:41f5f28f829631394316525! > From dan Mon Mar 7 19:32:30 2005 From: dan (Dan Langille) Date: Mon, 07 Mar 2005 19:32:30 -0500 Subject: [nycbug-talk] BSDCan FreeSBIE speakers Message-ID: <422CAC4E.30902.42309D59@localhost> The BSDCan FreeSBIE speakers may be flying into NY as its cheaper than Ottawa. They were thinking of driving up.... I thought of sharing a car, so I mentioned NYCBUG. I'm waiting to hear back from them. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From ike Mon Mar 7 19:37:48 2005 From: ike (Isaac Levy) Date: Mon, 7 Mar 2005 19:37:48 -0500 Subject: [nycbug-talk] BSDCan FreeSBIE speakers In-Reply-To: <422CAC4E.30902.42309D59@localhost> References: <422CAC4E.30902.42309D59@localhost> Message-ID: On Mar 7, 2005, at 7:32 PM, Dan Langille wrote: > The BSDCan FreeSBIE speakers may be flying into NY as its cheaper > than Ottawa. They were thinking of driving up.... I thought of > sharing a car, so I mentioned NYCBUG. I'm waiting to hear back from > them. Tell them they have a place to stay overnight in Brooklyn- I have plenty of room for a handful of short-term guests, open wireless, and they're more than welcome here. Rocket- .ike From george Mon Mar 7 23:40:09 2005 From: george (G. Rosamond) Date: Mon, 7 Mar 2005 23:40:09 -0500 Subject: [nycbug-talk] BSDCan list Message-ID: <92742ea08afcfdbcd3fd9e35910080f3@sddi.net> Repeat reminder. . . We have a BSDCan list at lists.nycbug.org, and I'd recommend anyone planning on going subscribe. It's low volume, don't worry. We're discussing accommodations right now. . . George From steve Tue Mar 8 13:36:28 2005 From: steve (steverieger) Date: Tue, 08 Mar 2005 13:36:28 -0500 Subject: [nycbug-talk] Mysql clustering/failover Message-ID: Hi all, Yes I know that clustering and failover are two different things. I would like to know if any of the dudes or dudets out there know of any links to help me create a failover mysql server x 2. I don't quite like the replication method as I have lost data in the past, and the logs and overhead tell me that there are other methods out there. This link is a decent start but not exactly what I am looking for. www.davz.net/static/howto/mysqlcluster/ Thanx From o_sleep Tue Mar 8 15:51:00 2005 From: o_sleep (Bjorn Nelson) Date: Tue, 8 Mar 2005 15:51:00 -0500 Subject: [nycbug-talk] enterprise bsd Message-ID: All, We have some redhat machines at work and I have been starting to use the up2date and rhn services. I am impressed with the ease of applying security updates and it made me wonder what comparable things are available to the freebsd (or bsd in general) realm. For freebsd, I already have an internal cvsup server, I use portupgrade, have exported /usr/ports/distfiles, debated an export of /usr/ports and /usr/src, have looked at freebsd-update, debated an export of all of /usr. I am trying to find a way to manage a large amount of machines from one place. I probably could just write something that sends pkg_version output somewhere and then I parse that, but is there something already built? What have you guys and gals found favorable? Can anyone recommend the freebsd-update? Are the sources trustworthy? Thanks for any input, Bjorn From steve.rieger Tue Mar 8 15:56:37 2005 From: steve.rieger (Steve Rieger) Date: Tue, 08 Mar 2005 15:56:37 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: Message-ID: Clusterssh will run a command on all machines at once. On 3/8/05 3:51 PM, "Bjorn Nelson" wrote: > All, > > We have some redhat machines at work and I have been starting to use > the up2date and rhn services. I am impressed with the ease of applying > security updates and it made me wonder what comparable things are > available to the freebsd (or bsd in general) realm. For freebsd, I > already have an internal cvsup server, I use portupgrade, have exported > /usr/ports/distfiles, debated an export of /usr/ports and /usr/src, > have looked at freebsd-update, debated an export of all of /usr. I am > trying to find a way to manage a large amount of machines from one > place. I probably could just write something that sends pkg_version > output somewhere and then I parse that, but is there something already > built? What have you guys and gals found favorable? Can anyone > recommend the freebsd-update? Are the sources trustworthy? > > Thanks for any input, > Bjorn > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From george Tue Mar 8 16:11:14 2005 From: george (George Georgalis) Date: Tue, 8 Mar 2005 16:11:14 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: References: Message-ID: <20050308211114.GB2525@ixeon.local> >On 3/8/05 3:51 PM, "Bjorn Nelson" wrote: > >> All, >> >> We have some redhat machines at work and I have been starting to use >> the up2date and rhn services. I am impressed with the ease of applying >> security updates and it made me wonder what comparable things are >> available to the freebsd (or bsd in general) realm. For freebsd, I >> already have an internal cvsup server, I use portupgrade, have exported >> /usr/ports/distfiles, debated an export of /usr/ports and /usr/src, >> have looked at freebsd-update, debated an export of all of /usr. I am >> trying to find a way to manage a large amount of machines from one >> place. I probably could just write something that sends pkg_version >> output somewhere and then I parse that, but is there something already >> built? What have you guys and gals found favorable? Can anyone >> recommend the freebsd-update? Are the sources trustworthy? On Tue, Mar 08, 2005 at 03:56:37PM -0500, steve rieger wrote: >Clusterssh will run a command on all machines at once. (Hi Steve) There is a way to use a fast host as a master build box and push out the installworld to the target hosts. Me not sure how or the exact gotchas but surly it's documented somewhere.... keep looking. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From pete Tue Mar 8 16:09:33 2005 From: pete (Pete Wright) Date: Tue, 8 Mar 2005 16:09:33 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: References: Message-ID: <20050308210933.GB43199@finn.nomadlogic.org> On Tue, Mar 08, 2005 at 03:51:00PM -0500, Bjorn Nelson wrote: > All, > > We have some redhat machines at work and I have been starting to use > the up2date and rhn services. I am impressed with the ease of applying > security updates and it made me wonder what comparable things are > available to the freebsd (or bsd in general) realm. For freebsd, I > already have an internal cvsup server, I use portupgrade, have exported > /usr/ports/distfiles, debated an export of /usr/ports and /usr/src, > have looked at freebsd-update, debated an export of all of /usr. I am > trying to find a way to manage a large amount of machines from one > place. I probably could just write something that sends pkg_version > output somewhere and then I parse that, but is there something already > built? What have you guys and gals found favorable? Can anyone > recommend the freebsd-update? Are the sources trustworthy? > It may be worth looking into using the ports tree, or even pkg_src, as your main software deployment method. You can build, test and version on your master node then dist out known good versions to your client nodes at night, via scripts or other utilites. What you will end up doing is building .tgz's on the head node then on the client side run pkg_upgrade or some such thing. one good thing about pkg_src is that this method will also work with RH as well as with any other Unixen you have. I've contemplated using a similar method to dist inhouse middleware to client nodes...altho at this point it's still in the contemplation phase ;) as far as tracking security patches for the base system, again I think it would be possible to have your head node track STABLE then during your down day's I imagine one could just dist out your STABLE worlds to the client nodes. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From lists Tue Mar 8 16:35:22 2005 From: lists (Hans Zaunere) Date: Tue, 8 Mar 2005 16:35:22 -0500 Subject: [nycbug-talk] Mysql clustering/failover In-Reply-To: Message-ID: <20050308212947.A5EFC99DB@mailrelay.t-mobile.com> > Yes I know that clustering and failover are two different things. I would > like to know if any of the dudes or dudets out there know of any links to > help me create a failover mysql server x 2. I don't quite like the > replication method as I have lost data in the past, and the logs and > overhead tell me that there are other methods out there. There are of course other methods, but none of them really make sense. Replication is the way to go - it's the poor man's clustering for MySQL, and in fact, not that poor. With a well designed server and application architecture, it can be very robust, supporting some of the largest sites on the web. One other method, albeit it full of caveats, is a multi-head server. Meaning, a single shared data file (SAN for instance) with multiple MySQL instances. This involves some work, however, as proper implementation requires OS specific know-how (and some OSs don't support it at all). > This link is a decent start but not exactly what I am looking for. > > www.davz.net/static/howto/mysqlcluster/ In addition to the MySQL flagship server, there's also MySQL Cluster. It's implemented as a storage engine with the standard server, and can be used transparently with the other storage engines. It can also be used with the standard MySQL replication, which makes for some very robust systems. What types of applications are you looking to support? H From george Tue Mar 8 16:38:31 2005 From: george (George Georgalis) Date: Tue, 8 Mar 2005 16:38:31 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: <20050308210933.GB43199@finn.nomadlogic.org> References: <20050308210933.GB43199@finn.nomadlogic.org> Message-ID: <20050308213830.GC2525@ixeon.local> On Tue, Mar 08, 2005 at 04:09:33PM -0500, Pete Wright wrote: > >as far as tracking security patches for the base system, again I think >it would be possible to have your head node track STABLE then during your >down day's I imagine one could just dist out your STABLE worlds to the >client nodes. > Isn't there more to installworld than copying the binaries to the root? ie doesn't it first clean the destination, for the case when the upgrade results in fewer files on the target, and the old files need be removed? // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From pete Tue Mar 8 16:33:11 2005 From: pete (Pete Wright) Date: Tue, 8 Mar 2005 16:33:11 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: <20050308213830.GC2525@ixeon.local> References: <20050308210933.GB43199@finn.nomadlogic.org> <20050308213830.GC2525@ixeon.local> Message-ID: <20050308213311.GC43199@finn.nomadlogic.org> On Tue, Mar 08, 2005 at 04:38:31PM -0500, George Georgalis wrote: > On Tue, Mar 08, 2005 at 04:09:33PM -0500, Pete Wright wrote: > > > >as far as tracking security patches for the base system, again I think > >it would be possible to have your head node track STABLE then during your > >down day's I imagine one could just dist out your STABLE worlds to the > >client nodes. > > > > Isn't there more to installworld than copying the binaries to the root? > ie doesn't it first clean the destination, for the case when the upgrade > results in fewer files on the target, and the old files need be removed? > yea for sure, mergemaster etc, this still can be automated from a head node. heh, didn't mean to imply that one would just copy binaries by disting out the STABLE world :) -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From steve Tue Mar 8 16:48:58 2005 From: steve (steverieger) Date: Tue, 08 Mar 2005 16:48:58 -0500 Subject: [nycbug-talk] Mysql clustering/failover In-Reply-To: <20050308212947.A5EFC99DB@mailrelay.t-mobile.com> Message-ID: On 3/8/05 4:35 PM, "Hans Zaunere" wrote: > >> Yes I know that clustering and failover are two different things. I would >> like to know if any of the dudes or dudets out there know of any links to >> help me create a failover mysql server x 2. I don't quite like the >> replication method as I have lost data in the past, and the logs and >> overhead tell me that there are other methods out there. > > There are of course other methods, but none of them really make sense. > Replication is the way to go - it's the poor man's clustering for MySQL, and > in fact, not that poor. With a well designed server and application > architecture, it can be very robust, supporting some of the largest sites on > the web. > > One other method, albeit it full of caveats, is a multi-head server. Meaning, > a single shared data file (SAN for instance) with multiple MySQL instances. > This involves some work, however, as proper implementation requires OS > specific know-how (and some OSs don't support it at all). > >> This link is a decent start but not exactly what I am looking for. >> >> www.davz.net/static/howto/mysqlcluster/ > > In addition to the MySQL flagship server, there's also MySQL Cluster. It's > implemented as a storage engine with the standard server, and can be used > transparently with the other storage engines. It can also be used with the > standard MySQL replication, which makes for some very robust systems. > > What types of applications are you looking to support? > > H > This is for mysql only, no apache pages, just db's mysql and pgsql. But since am creating all other services as failover on two servers, I need to do the same for the mysql db's From paul Tue Mar 8 17:59:11 2005 From: paul (Paul Dlug) Date: Tue, 8 Mar 2005 17:59:11 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: References: Message-ID: <3d376377d7fe937c053831ccb0234270@aps.org> On Mar 8, 2005, at 3:51 PM, Bjorn Nelson wrote: > We have some redhat machines at work and I have been starting to use > the up2date and rhn services. I am impressed with the ease of > applying security updates and it made me wonder what comparable things > are available to the freebsd (or bsd in general) realm. For freebsd, > I already have an internal cvsup server, I use portupgrade, have > exported /usr/ports/distfiles, debated an export of /usr/ports and > /usr/src, have looked at freebsd-update, debated an export of all of > /usr. I am trying to find a way to manage a large amount of machines > from one place. I probably could just write something that sends > pkg_version output somewhere and then I parse that, but is there > something already built? What have you guys and gals found favorable? > Can anyone recommend the freebsd-update? Are the sources > trustworthy? We're using radmind, http://www.radmind.org or /usr/ports/sysutils/radmind to distribute changes to systems. It's a mechanism for layering filesystem changes. This works out really well as a total system management solution, we're using it to distribute the full OS, OS upgrades, packages and configuration files. I've been managing systems using radmind for over a year now without any problems. It's also great for disaster recovery, just backup/replicate your radmind server and you're done. --Paul From george Wed Mar 9 10:34:08 2005 From: george (G. Rosamond) Date: Wed, 9 Mar 2005 10:34:08 -0500 Subject: [nycbug-talk] mailing list protocol Message-ID: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> MW has put up a short how-to on the site about mailing list protocol. Anyone have any comments? I think he did a good job. http://nycbug.org/index.php?NAV=MailingLists From chsnyder Wed Mar 9 10:53:30 2005 From: chsnyder (csnyder) Date: Wed, 9 Mar 2005 10:53:30 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> Message-ID: On Wed, 9 Mar 2005 10:34:08 -0500, G. Rosamond wrote: > MW has put up a short how-to on the site about mailing list protocol. > > Anyone have any comments? I think he did a good job. Clean, simple, to the point. But ... > 7 Please reply to the list > > and only the list when posting to the list, it is very annoying > to some of the people receiving these messages. We sort them > based on email headers inserted by the mailing list software. > And we really do not need 2 or more copies of your post. Can you clarify this? The default behavior of this list is to reply to the sender, and only to post to the list if Reply All is used. But Reply All includes the sender. This seems specifically designed to send multiple copies... From dan Wed Mar 9 11:02:03 2005 From: dan (Dan Langille) Date: Wed, 09 Mar 2005 11:02:03 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> Message-ID: <422ED7AB.7600.4AA9FE11@localhost> On 9 Mar 2005 at 10:34, G. Rosamond wrote: > MW has put up a short how-to on the site about mailing list protocol. > > Anyone have any comments? I think he did a good job. > > http://nycbug.org/index.php?NAV=MailingLists I disagree with option 7. Replying to both the person and the list is what should be done. It's standard and expected procedure on all the FreeBSD lists I use. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Wed Mar 9 11:21:24 2005 From: george (George Georgalis) Date: Wed, 9 Mar 2005 11:21:24 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422ED7AB.7600.4AA9FE11@localhost> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <422ED7AB.7600.4AA9FE11@localhost> Message-ID: <20050309162124.GD4042@ixeon.local> On Wed, Mar 09, 2005 at 11:02:03AM -0500, Dan Langille wrote: >On 9 Mar 2005 at 10:34, G. Rosamond wrote: > >> MW has put up a short how-to on the site about mailing list protocol. >> >> Anyone have any comments? I think he did a good job. >> >> http://nycbug.org/index.php?NAV=MailingLists > >I disagree with option 7. Replying to both the person and the list is >what should be done. It's standard and expected procedure on all the >FreeBSD lists I use. historical reasons are only oldest, not always best. it is unnecessarly redundant, and you can replicate the behavior localy: :0 c * ^References:.*(one|or|more|of|your|hostnames) * !^TO_your at addresses mbox I'm in favior of "reply-to: list" and "reply-to: list, user at address.com" if the poster provided a reply-to address. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jschauma Wed Mar 9 11:37:31 2005 From: jschauma (Jan Schaumann) Date: Wed, 9 Mar 2005 11:37:31 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422ED7AB.7600.4AA9FE11@localhost> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <422ED7AB.7600.4AA9FE11@localhost> Message-ID: <20050309163731.GC18424@netmeister.org> Dan Langille wrote: > On 9 Mar 2005 at 10:34, G. Rosamond wrote: > > > MW has put up a short how-to on the site about mailing list protocol. > > > > Anyone have any comments? I think he did a good job. > > > > http://nycbug.org/index.php?NAV=MailingLists > > I disagree with option 7. Replying to both the person and the list is > what should be done. It's standard and expected procedure on all the > FreeBSD lists I use. You can drop option 7 altogether. Every user can easily modify this for themselves by setting Mail-Followup-To, reply-to or whatnot. And each person receiving can easily filter incoming mail and create or discard duplicates as they see fit. -Jan P.S.: I always recommend http://www.netmeister.org/news/learn2quote.html (which isn't written by me, even though it's on my server, so don't claim I'm just pushing my own agenda ;-) -- chown -R us:enemy your_base -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050309/18f37599/attachment.bin From dan Wed Mar 9 11:37:17 2005 From: dan (Dan Langille) Date: Wed, 09 Mar 2005 11:37:17 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309162124.GD4042@ixeon.local> References: <422ED7AB.7600.4AA9FE11@localhost> Message-ID: <422EDFED.3682.4ACA42B0@localhost> On 9 Mar 2005 at 11:21, George Georgalis wrote: > historical reasons are only oldest, not always best. "Best" is quite subjective. It's a pretty widely used convention. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Wed Mar 9 11:39:18 2005 From: george (G. Rosamond) Date: Wed, 9 Mar 2005 11:39:18 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309163731.GC18424@netmeister.org> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <422ED7AB.7600.4AA9FE11@localhost> <20050309163731.GC18424@netmeister.org> Message-ID: On Mar 9, 2005, at 11:37 AM, Jan Schaumann wrote: > Dan Langille wrote: >> On 9 Mar 2005 at 10:34, G. Rosamond wrote: >> >>> MW has put up a short how-to on the site about mailing list protocol. >>> >>> Anyone have any comments? I think he did a good job. >>> >>> http://nycbug.org/index.php?NAV=MailingLists >> >> I disagree with option 7. Replying to both the person and the list is >> what should be done. It's standard and expected procedure on all the >> FreeBSD lists I use. > > You can drop option 7 altogether. Every user can easily modify this > for > themselves by setting Mail-Followup-To, reply-to or whatnot. And each > person receiving can easily filter incoming mail and create or discard > duplicates as they see fit. There's also the 'no me too' setting in mailman everyone can set for themselves. > > -Jan > > P.S.: I always recommend > http://www.netmeister.org/news/learn2quote.html > (which isn't written by me, even though it's on my server, so don't > claim I'm just pushing my own agenda ;-) > Apparently you didn't notice this on the page: But there is generally absolutely no need to keep the entire message text intact. Just keep enough of the parts that you are replying to so that the rest of us have some context and can figure out what you are saying. Here is a helpful guide to quoting. the word 'guide' is hyperlinked. g From bob Wed Mar 9 12:13:30 2005 From: bob (Bob Ippolito) Date: Wed, 9 Mar 2005 12:13:30 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422EDFED.3682.4ACA42B0@localhost> References: <422ED7AB.7600.4AA9FE11@localhost> <422EDFED.3682.4ACA42B0@localhost> Message-ID: On Mar 9, 2005, at 11:37 AM, Dan Langille wrote: > On 9 Mar 2005 at 11:21, George Georgalis wrote: > >> historical reasons are only oldest, not always best. > > "Best" is quite subjective. It's a pretty widely used convention. Yeah, it is the convention used on the majority of the lists that I am on (and I am on a lot of lists). The few exceptions are lists that do header mangling and force replies to the list. -bob From bschonhorst Wed Mar 9 12:27:30 2005 From: bschonhorst (Brad Schonhorst) Date: Wed, 9 Mar 2005 12:27:30 -0500 Subject: [nycbug-talk] BSD Resource Database Message-ID: <1be856cfa99b2b0ba40d7afe8119dd67@vcsnyc.org> Just wanted to let you know, I?ve agreed to take over maintenance of the BSD Resource Database (BSD Tracker) on the NYCBUG website. Hopefully, this will give Wes more time to develop more cool projects like this! For those of you who haven?t taken a look yet, we are hoping to compile a database of companies that use BSD. I think a list like this can server the BSD community in several ways. Companies that offer BSD consulting or other services will obviously benefit, but just getting a list together of other companies using BSD in some way helps give the BSDs more credibility. Almost like a list of references you could use while convincing you boss to move to a BSD solution. I encourage you all to take a moment and add your company to the list. The more entries we have the more useful the tool will become. http://nycbug.org/index.php?NAV=BSDTracker Also, there is now a Service Provider choice as well as a few check boxes for those of you providing internet services. If you have any questions or suggestions feel free to shoot me an email. -Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1423 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050309/50b6dbdf/attachment.bin From lists Wed Mar 9 14:17:25 2005 From: lists (michael) Date: Wed, 9 Mar 2005 14:17:25 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> Message-ID: <20050309141725.6ddd7c03@delinux.abwatley.com> On Wed, 9 Mar 2005 10:34:08 -0500 "G. Rosamond" wrote: > MW has put up a short how-to on the site about mailing list protocol. actually, Pete forwarded it on.. Thanks, Pete! > Anyone have any comments? I think he did a good job. OK, seven-be-gone. Anything else? Michael -- --- From pete Wed Mar 9 14:29:32 2005 From: pete (Pete Wright) Date: Wed, 9 Mar 2005 14:29:32 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309141725.6ddd7c03@delinux.abwatley.com> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <20050309141725.6ddd7c03@delinux.abwatley.com> Message-ID: <20050309192932.GA54647@finn.nomadlogic.org> On Wed, Mar 09, 2005 at 02:17:25PM -0500, michael wrote: > On Wed, 9 Mar 2005 10:34:08 -0500 > "G. Rosamond" wrote: > > > MW has put up a short how-to on the site about mailing list protocol. > > actually, Pete forwarded it on.. Thanks, Pete! > actually this isn't even mine, i just edited. i believe charles wrote the original. and i think we had the exact same discussion regarding replying to the list. altho, i'm glad it didn't result in a total flame fest. IMO proper quoting and being a gernerally good person are the key points. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Wed Mar 9 14:33:17 2005 From: pete (Pete Wright) Date: Wed, 9 Mar 2005 14:33:17 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309192932.GA54647@finn.nomadlogic.org> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <20050309141725.6ddd7c03@delinux.abwatley.com> <20050309192932.GA54647@finn.nomadlogic.org> Message-ID: <20050309193317.GB54647@finn.nomadlogic.org> On Wed, Mar 09, 2005 at 02:29:32PM -0500, Pete Wright wrote: > On Wed, Mar 09, 2005 at 02:17:25PM -0500, michael wrote: > > On Wed, 9 Mar 2005 10:34:08 -0500 > > "G. Rosamond" wrote: > > > > > MW has put up a short how-to on the site about mailing list protocol. > > > > actually, Pete forwarded it on.. Thanks, Pete! > > > > actually this isn't even mine, i just edited. i believe charles > wrote the original. and i think we had the exact same discussion > regarding replying to the list. altho, i'm glad it didn't result > in a total flame fest. IMO proper quoting and being a gernerally > good person are the key points. > i'm sorry it wasn't charles, but mark that came up with the original list. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Wed Mar 9 14:44:28 2005 From: bob (Bob Ippolito) Date: Wed, 9 Mar 2005 14:44:28 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309141725.6ddd7c03@delinux.abwatley.com> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <20050309141725.6ddd7c03@delinux.abwatley.com> Message-ID: On Mar 9, 2005, at 2:17 PM, michael wrote: > On Wed, 9 Mar 2005 10:34:08 -0500 > "G. Rosamond" wrote: > >> MW has put up a short how-to on the site about mailing list protocol. > > actually, Pete forwarded it on.. Thanks, Pete! > >> Anyone have any comments? I think he did a good job. > > OK, seven-be-gone. > > Anything else? There's a bunch of spelling and grammar mistakes that ought to be fixed eventually. As far as the actual content goes, I think it's pretty solid. -bob From o_sleep Wed Mar 9 14:45:16 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 9 Mar 2005 14:45:16 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309141725.6ddd7c03@delinux.abwatley.com> References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <20050309141725.6ddd7c03@delinux.abwatley.com> Message-ID: > Anything else? Shouldn't: 5. Personnel disagreements: be: 5. Personal disagreements: or are we running a NYCBUG Department here? -Bjorn From george Wed Mar 9 14:49:30 2005 From: george (George Georgalis) Date: Wed, 9 Mar 2005 14:49:30 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: References: <77f7ac8b45140e23006e99eb1086cfd2@sddi.net> <422ED7AB.7600.4AA9FE11@localhost> <20050309163731.GC18424@netmeister.org> Message-ID: <20050309194930.GA4405@ixeon.local> On Wed, Mar 09, 2005 at 11:39:18AM -0500, G Rosamond wrote: > >On Mar 9, 2005, at 11:37 AM, Jan Schaumann wrote: > >>Dan Langille wrote: >>>On 9 Mar 2005 at 10:34, G. Rosamond wrote: >>> >>>>MW has put up a short how-to on the site about mailing list protocol. >>>> >>>>Anyone have any comments? I think he did a good job. >>>> >>>>http://nycbug.org/index.php?NAV=MailingLists >>> >>>I disagree with option 7. Replying to both the person and the list is >>>what should be done. It's standard and expected procedure on all the >>>FreeBSD lists I use. >> >>You can drop option 7 altogether. Every user can easily modify this >>for >>themselves by setting Mail-Followup-To, reply-to or whatnot. And each >>person receiving can easily filter incoming mail and create or discard >>duplicates as they see fit. > >There's also the 'no me too' setting in mailman everyone can set for >themselves. Avoid duplicate copies of messages? When you are listed explicitly in the To: or Cc: headers of a list message, you can opt to not receive another copy from the mailing list. Select Yes to avoid receiving copies from the mailing list; select No to receive copies. If the list has member personalized messages enabled, and you elect to receive copies, every copy will have a X-Mailman-Copy: yes header added to it. I don't want to drop posts to from the list, I just don't want duplicates of list conversations I participate in. Nor will I get wrapped up in a debate about it, but I would like to point out there hasn't been a reason posted why duplicates should be sent, let alone a good reason, only that it's what all the lemmings do. Also there is a problem with the duplicate filters most commonly used, certain malicious bots/people (broken clients?) quickly reply to list postings with a message id of the op. Since as subscriber you are not guaranteed to get the op message before the reply with dup mesgid, you may be dropping the op message. This has been reported recently on a large list (lkml I think). If people send responses directly to me in addition to the list, the resulting thread has no continuity because I don't bcc myself for list postings (I do have an outbox, and I can expect my message in the list, don't need 3 copies). Personally I would prefer the people use mail-followup-to and/or reply-to and have the list software respect those fields and place list address in reply-to _adding_ any non-list address from op mail-followup-to and/or reply-to, to the distributed message reply-to. All said (everyone), one thing remains, you can control what you do but not what anyone else does. Maybe a better direction for this thread is how can both preferences be addressed? I do use mail-followup-to but people don't honor it. To satisfy my end I could reject messages to lists I subscribe to which are also to/cc me? That does provide a sender with a "a copy of your message has been dropped" notice (least the other disappears and recipient never sees the response). While I see that as good protocol and don't see it as any more obtrusive as reply-to-all responses; I do find it hypocritical to my opinion. ...I don't want unnecessary mail, do you? // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From dan Wed Mar 9 15:01:22 2005 From: dan (Dan Langille) Date: Wed, 09 Mar 2005 15:01:22 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <20050309194930.GA4405@ixeon.local> References: Message-ID: <422F0FC2.20162.4B851818@localhost> On 9 Mar 2005 at 14:49, George Georgalis wrote: > I don't want to drop posts to from the list, I just don't want > duplicates of list conversations I participate in. Nor will I get wrapped > up in a debate about it, but I would like to point out there hasn't been > a reason posted why duplicates should be sent, let alone a good reason, > only that it's what all the lemmings do. Well, if you want discussion, don't start by calling us lemmings. People wiser than us decided that's it's a good way to run a list. I happen to agree. But any reasons I give you will be dismissed with "but you can do it this way". Technical and personal solutions exist for both camps. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From o_sleep Wed Mar 9 15:09:59 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 9 Mar 2005 15:09:59 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422F0FC2.20162.4B851818@localhost> References: <422F0FC2.20162.4B851818@localhost> Message-ID: On Mar 9, 2005, at 3:01 PM, Dan Langille wrote: > People wiser than us decided that's it's a good way to run a list. I > happen to agree. I think it maintains context and adds an extra key to search by. -Bjorn From bob Wed Mar 9 15:28:04 2005 From: bob (Bob Ippolito) Date: Wed, 9 Mar 2005 15:28:04 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422F0FC2.20162.4B851818@localhost> References: <422F0FC2.20162.4B851818@localhost> Message-ID: On Mar 9, 2005, at 3:01 PM, Dan Langille wrote: > On 9 Mar 2005 at 14:49, George Georgalis wrote: > >> I don't want to drop posts to from the list, I just don't want >> duplicates of list conversations I participate in. Nor will I get >> wrapped >> up in a debate about it, but I would like to point out there hasn't >> been >> a reason posted why duplicates should be sent, let alone a good >> reason, >> only that it's what all the lemmings do. > > Well, if you want discussion, don't start by calling us lemmings. > > People wiser than us decided that's it's a good way to run a list. I > happen to agree. But any reasons I give you will be dismissed with > "but you can do it this way". > > Technical and personal solutions exist for both camps. Well here are some use cases for the duplicate messages: If the poster is not subscribed to the list, if we allow that, then they'll receive replies a whole lot faster than never. If you want to involve an unsubscribed third party (possibly even another list) in the conversation, you can do that. If the list or mail server is borked, like sourceforge's tends to be, then you may receive direct replies hours or days sooner than you'd get one from the list, which allows the conversation to continue despite technical issues. Many (most?) people are used to it. It follows the KISS (Keep It Simple, Stupid) principle. -bob From george Wed Mar 9 15:37:55 2005 From: george (George Georgalis) Date: Wed, 9 Mar 2005 15:37:55 -0500 Subject: [nycbug-talk] mailing list protocol In-Reply-To: <422F0FC2.20162.4B851818@localhost> References: <422F0FC2.20162.4B851818@localhost> Message-ID: <20050309203755.GD4405@ixeon.local> On Wed, Mar 09, 2005 at 03:01:22PM -0500, Dan Langille wrote: >On 9 Mar 2005 at 14:49, George Georgalis wrote: > >> I don't want to drop posts to from the list, I just don't want >> duplicates of list conversations I participate in. Nor will I get wrapped >> up in a debate about it, but I would like to point out there hasn't been >> a reason posted why duplicates should be sent, let alone a good reason, >> only that it's what all the lemmings do. > >Well, if you want discussion, don't start by calling us lemmings. No offense intended, just an observation that the reasoning seems limited to "it's how it is done" I notice you don't use mail-followup-to or reply-to. Why? >People wiser than us decided that's it's a good way to run a list. I >happen to agree. But any reasons I give you will be dismissed with >"but you can do it this way". Maybe I can find an alternative, but I don't have a reason yet and I try not to dismiss reasoning but engage it and I don't appreciate projection of my actions. If there is an alternative, what's wrong with it? What's the point of expressing your opinion in an open forum if you don't support it? I see that tone as incompatible with communication guideline #1. Not meant as a personal attack Dan, but the spirit of that guideline could help this thread, even if it isn't applied. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From steve Wed Mar 9 15:47:14 2005 From: steve (steverieger) Date: Wed, 09 Mar 2005 15:47:14 -0500 Subject: [nycbug-talk] Sata install question Message-ID: Can anyone help me with instructions on how to install fbsd on my Prostar 9096? The install seems not to see my hard drive. I am getting a 'disk read error, sector 295275' message. I know that in installing windows that I must create a diskette driver with the Promise SATA378 TX2plus in order for windows to recognize the hard drive, so I believe a similar case is needed for installing Unix/Linux. I have attempted to install several distributions of Unix/Linux and all have failed. Please, I would appreciate any help available. From george Wed Mar 9 15:52:22 2005 From: george (George Georgalis) Date: Wed, 9 Mar 2005 15:52:22 -0500 Subject: [nycbug-talk] Sata install question In-Reply-To: References: Message-ID: <20050309205222.GF4405@ixeon.local> On Wed, Mar 09, 2005 at 03:47:14PM -0500, steverieger wrote: >Can anyone help me with instructions on how to install fbsd on >my Prostar 9096? The install seems not to see my hard drive. I am >getting a 'disk read error, sector 295275' message. I know that in >installing windows that I must create a diskette driver with the >Promise SATA378 TX2plus in order for windows to recognize the hard >drive, so I believe a similar case is needed for installing >Unix/Linux. I have attempted to install several distributions of >Unix/Linux and all have failed. Please, I would appreciate any help >available. > That sounds like a bad disk... do you have another sata drive you can try in the controller? My experience is sata generally emulates/operates under the ATA protocol for BSD. But some controllers will require a specific scsi driver, don't know if this is one of those. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From pete Wed Mar 9 15:46:36 2005 From: pete (Pete Wright) Date: Wed, 9 Mar 2005 15:46:36 -0500 Subject: [nycbug-talk] Sata install question In-Reply-To: References: Message-ID: <20050309204636.GC54647@finn.nomadlogic.org> On Wed, Mar 09, 2005 at 03:47:14PM -0500, steverieger wrote: > Can anyone help me with instructions on how to install fbsd on > my Prostar 9096? The install seems not to see my hard drive. I am > getting a 'disk read error, sector 295275' message. I know that in > installing windows that I must create a diskette driver with the > Promise SATA378 TX2plus in order for windows to recognize the hard > drive, so I believe a similar case is needed for installing > Unix/Linux. I have attempted to install several distributions of > Unix/Linux and all have failed. Please, I would appreciate any help > available. it sounds like freebsd is detecting the disk but it's prolly got a bad secton on it, probably locate at 295275 ;) i'll stop being a wise a** now. couple things to check, switch to another tty and type dmesg. see if the disks/controllers are detected. also when are you getting this error, during the fdisk phase, or after the disk has been set up? -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Wed Mar 9 21:53:35 2005 From: george (G. Rosamond) Date: Wed, 9 Mar 2005 21:53:35 -0500 Subject: [nycbug-talk] mailman question Message-ID: <30cf7997f9e58996b3424f079659208f@sddi.net> Something funky may be going on with our mailman. . . There were 14 bounced mails that caused unsubscribes . . . I know at least one is legitimate, but it seems excessive. I had last done an announce last week, and there were none. And yes, I'm aware it's about excessive bounces. . . but that's strange timing. . . I haven't noticed any particular security announcements on Mailman. . . George From marco Wed Mar 9 22:27:25 2005 From: marco (marco at metm.org) Date: Wed, 9 Mar 2005 22:27:25 -0500 Subject: [nycbug-talk] mailman question In-Reply-To: <30cf7997f9e58996b3424f079659208f@sddi.net> References: <30cf7997f9e58996b3424f079659208f@sddi.net> Message-ID: <20050310032725.GM5352@metm.org> On Wed, Mar 09, 2005 at 09:53:35PM -0500, G. Rosamond wrote: >Something funky may be going on with our mailman. . . > >There were 14 bounced mails that caused unsubscribes . . . I know at >least one is legitimate, but it seems excessive. I had last done an >announce last week, and there were none. And yes, I'm aware it's about >excessive bounces. . . but that's strange timing. . . > Mailman works with hard and soft limits in figuring out when bounces become unsubscribes. Since there have been so few emails to announce. It my be that this is the first time you have actually run up against a soft limit which would cause an unsubscribe. ?? -- Marco From o_sleep Wed Mar 9 22:49:20 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 9 Mar 2005 22:49:20 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: <3d376377d7fe937c053831ccb0234270@aps.org> References: <3d376377d7fe937c053831ccb0234270@aps.org> Message-ID: <86130e76e6a4c66636256f4926089efe@belovedarctos.com> On Mar 8, 2005, at 5:59 PM, Paul Dlug wrote: > We're using radmind, http://www.radmind.org or > /usr/ports/sysutils/radmind to distribute changes to systems. It's a > mechanism for layering filesystem changes. This works out really well > as a total system management solution, we're using it to distribute > the full OS, OS upgrades, packages and configuration files. > > I've been managing systems using radmind for over a year now without > any problems. It's also great for disaster recovery, just > backup/replicate your radmind server and you're done. This sounds like what I was looking for. Do you have any tips for using this? I was thinking about just having this to update freebsd core and some etc files and then use portupgrade to update added programs from ports. Do you know of any good resources for this? Exclude list repositories? Thanks, Bjorn From george Thu Mar 10 10:11:04 2005 From: george (G. Rosamond) Date: Thu, 10 Mar 2005 10:11:04 -0500 Subject: [nycbug-talk] Nov DN EZine Message-ID: <5e11242b9684550d10c94b77e3499821@sddi.net> November Daemon News EZine is online. Chris is behind since he needs a bit of help. . . I'd like to encourage anyone with the time to help him out. George From dan Thu Mar 10 10:26:28 2005 From: dan (Dan Langille) Date: Thu, 10 Mar 2005 10:26:28 -0500 Subject: [nycbug-talk] BSDCan registration open Message-ID: <423020D4.8287.4FAFC743@localhost> Don't spread this further... yet. BSDCan registration opened last night. I'd like a few more people to go through the registration process before I send out the BSDCan announcement. So if you're planning on coming, register now please. :) -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From dan Thu Mar 10 11:43:06 2005 From: dan (Dan Langille) Date: Thu, 10 Mar 2005 11:43:06 -0500 Subject: [nycbug-talk] BSDCan registration open In-Reply-To: <423020D4.8287.4FAFC743@localhost> Message-ID: <423032CA.18478.4FF5EFE4@localhost> On 10 Mar 2005 at 10:26, Dan Langille wrote: > Don't spread this further... yet. > > BSDCan registration opened last night. I'd like a few more people to > go through the registration process before I send out the BSDCan > announcement. > > So if you're planning on coming, register now please. :) All the announcements have gone to the BSDCan, FreeBSD, NetBSD, and OpenBSD lists. Can you folks help spread the news around the various websites? If you have a blog, mention it there and link to the website. All links help. cheers -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From dan Thu Mar 10 12:10:25 2005 From: dan (Dan Langille) Date: Thu, 10 Mar 2005 12:10:25 -0500 Subject: [nycbug-talk] (Fwd) Google Alert - BSDCan Message-ID: <42303931.20670.500EF336@localhost> WOW, that was fast! ------- Forwarded message follows ------- Date sent: Thu, 10 Mar 2005 09:04:33 -0800 (PST) From: Google Alerts To: dan at langille.org Subject: Google Alert - BSDCan Google Alert for: BSDCan Registration for BSDCan 2005 is now open BSDFreak - Arlington,VA,USA You will get two emails from BSDcan. The first email indicates that your registration information has been received (it should arrive ... This as it happens Google Alert is brought to you by Google. Remove this alert. Create another alert. Manage your alerts. ------- End of forwarded message ------- -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From tux Thu Mar 10 14:17:55 2005 From: tux (Kevin Reiter) Date: Thu, 10 Mar 2005 14:17:55 -0500 Subject: [nycbug-talk] Server Recommendations Message-ID: <42309D63.3000606@penguinnetwerx.net> Hi folks, I'm in need of either a 1u or a 2U server (need a redundant P/S, and I don't know if you can squeeze that into a 1U) for running FreeBSD (4.11) that will be running web, mail, and possibly database apps. Does anyone have a recommendation on where to buy from? I need this fairly quickly (like, yesterday) so any info would be greatly appreciated. (I'm not including specs here, but if you need to know, let me know off-list.) Thanks, Kev From george Thu Mar 10 14:46:24 2005 From: george (G. Rosamond) Date: Thu, 10 Mar 2005 14:46:24 -0500 Subject: [nycbug-talk] a project? ChipSetD Message-ID: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> A major issue with getting hardware for all the BSDs is hardware compatibility. Sure, you could see the supported chipsets, but the manufacturers almost treat it as a secret what chipset is in what hardware. This came up this morning on OpenBSD-misc, when someone was inquiring about supported hardware. Now, certainly our awesome dmesgd application (http://nycbug.org/index.php?NAV=dmesgd) goes part of the way on this, but I have an idea for another project. What if we created something of an online grid which would list chipsets to actual retail hardware. I know it sounds like an enormous project, but if we could at least start the process, for each of the BSDs, of course, and have a publicly contributed and NYC*BUG administered application, it could be a start. We could start just by parsing out data from the dmesgd application to create a basis. Then we put a call out to the community. I don't know how we'd qualify contributions, to confirm that they do work, but we could figure something out. Maybe it could look like this: ChipSetD hardware chipset DragonFly? Free? Net? Open? laksdjfl alskdjflka yes yes yes yes And categorize by motherboards, NICs, etc. Maybe even incorporate the specific dmesg output related to that hardware. Like many others, I've run into the problem of hardware compatibility. Years ago it was dealing with those stupid Compaq boxes with that dumb system partition. Most recently I bought a couple of 1u boxes for a client that were supposed to run OpenBSD, as they had minimal SSH function, but I ended up running FreeBSD. (not that I'm complaining). This ChipSetD (a new name) could be useful since it would also allow vendors to reasonably state that the hardware they are selling is BSD compatible. Anyway, I'd love to hear some thoughts on this. . . I know it's ultimately an enormous amount of data and testing, but I do think if we start it off, we'd really just need someone to administer, as the need is there. George From george Thu Mar 10 15:59:17 2005 From: george (G. Rosamond) Date: Thu, 10 Mar 2005 15:59:17 -0500 Subject: [nycbug-talk] a project? ChipSetD In-Reply-To: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> References: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> Message-ID: <3a605f59c4d63c770c38c6aa8748d35d@sddi.net> On Mar 10, 2005, at 2:46 PM, G. Rosamond wrote: > A major issue with getting hardware for all the BSDs is hardware > compatibility. Sure, you could see the supported chipsets, but the > manufacturers almost treat it as a secret what chipset is in what > hardware. > > This came up this morning on OpenBSD-misc, when someone was inquiring > about supported hardware. > > Now, certainly our awesome dmesgd application > (http://nycbug.org/index.php?NAV=dmesgd) goes part of the way on this, > but I have an idea for another project. > > What if we created something of an online grid which would list > chipsets to actual retail hardware. I know it sounds like an enormous > project, but if we could at least start the process, for each of the > BSDs, of course, and have a publicly contributed and NYC*BUG > administered application, it could be a start. > I've had a few discussions offlist, and Mickey (who gave the meeting the other night) noted that it's listed in the OBSD man pages. And yes, I know this is the case with FreeBSD also. But neither of these lists is comprehensive, at least referring to the NIC-related man pages. We're looking to provide a large comprehensive list that would cover all the projects for a limit-less pieces of hardware. This list could certainly function as a recipe book for admins or for vendors creating boxes for sale as "BSD compatible." Other thoughts on this? It would be a perfect complement to dmesgd, IMHO. George From george Thu Mar 10 15:55:36 2005 From: george (G. Rosamond) Date: Thu, 10 Mar 2005 15:55:36 -0500 Subject: [nycbug-talk] a project? ChipSetD In-Reply-To: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> References: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> Message-ID: On Mar 10, 2005, at 2:46 PM, G. Rosamond wrote: > A major issue with getting hardware for all the BSDs is hardware > compatibility. Sure, you could see the supported chipsets, but the > manufacturers almost treat it as a secret what chipset is in what > hardware. > > This came up this morning on OpenBSD-misc, when someone was inquiring > about supported hardware. > > Now, certainly our awesome dmesgd application > (http://nycbug.org/index.php?NAV=dmesgd) goes part of the way on this, > but I have an idea for another project. > > What if we created something of an online grid which would list > chipsets to actual retail hardware. I know it sounds like an enormous > project, but if we could at least start the process, for each of the > BSDs, of course, and have a publicly contributed and NYC*BUG > administered application, it could be a start. > I've had a few discussions offlist, and Mickey (who gave the meeting the other night) noted that it's listed in the OBSD man pages. And yes, I know this is the case with FreeBSD also. But neither of these lists is comprehensive, at least referring to the NIC-related man pages. We're looking to provide a large comprehensive list that would cover all the projects for a limit-less pieces of hardware. This list could certainly function as a recipe book for admins or for vendors creating boxes for sale as "BSD compatible." Other thoughts on this? It would be a perfect complement to dmesgd, IMHO. George From jpb Thu Mar 10 16:29:56 2005 From: jpb (Jim Brown) Date: Thu, 10 Mar 2005 16:29:56 -0500 Subject: [nycbug-talk] a project? ChipSetD In-Reply-To: References: <40db7eb9a87c00fdebb9e1341c491255@sddi.net> <20050310205748.GA52517@sixshooter.v6.thrupoint.net> Message-ID: <20050310212956.GB52676@sixshooter.v6.thrupoint.net> * G. Rosamond [2005-03-10 16:02]: > > On Mar 10, 2005, at 3:57 PM, Jim Brown wrote: > > >* G. Rosamond [2005-03-10 14:46]: > >> > >[snip] > >>What if we created something of an online grid which would list > >>chipsets to actual retail hardware. I know it sounds like an enormous > >>project, but if we could at least start the process, for each of the > >>BSDs, of course, and have a publicly contributed and NYC*BUG > >>administered application, it could be a start. > > > >Sounds like a good project. > > > > > >[snip] > >> > >>We could start just by parsing out data from the dmesgd application to > >>create a basis. Then we put a call out to the community. I don't > >>know > > > >Does your dmesgd app already run in a database? Should be easy > >to extend if so. > > > > Yes. . . it's on mysql. > > Why the offlist reply? Slip 'o the pinky ... Re the project- What does your schema look like now? Is it just one big text record for each dmesg? Sounds like all you need is 1. A suitable schema 2. A parsing routine to glean the existing info out of the current records in input into the new DBMS 3. A report generator to get data out in the format you listed earlier 4. Export and import of data from old DBMS to new Estimates for experienced developer- 1. 2 days (probably 2 hours) 2. 3-5 days (probably 3 days) 3. 3-5 days (probably days) 4. 3-5 days (probably 3 days) Sounds doable. Jim B. From steve Thu Mar 10 16:56:04 2005 From: steve (steverieger) Date: Thu, 10 Mar 2005 16:56:04 -0500 Subject: [nycbug-talk] apache13-modssl and mod_perl from ports Message-ID: Get this error when runing apachectl configtest, what did I do wrong [Thu Mar 10 16:53:56 2005] [warn] Loaded DSO libexec/apache/libperl.so uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) From pete Thu Mar 10 17:00:43 2005 From: pete (pete wright) Date: Thu, 10 Mar 2005 14:00:43 -0800 Subject: [nycbug-talk] apache13-modssl and mod_perl from ports In-Reply-To: References: Message-ID: <1110492043.22141.2.camel@hunter> On Thu, 2005-03-10 at 16:56 -0500, steverieger wrote: > Get this error when runing apachectl configtest, what did I do wrong > > > [Thu Mar 10 16:53:56 2005] [warn] Loaded DSO libexec/apache/libperl.so uses > plain Apache 1.3 API, this module might crash under EAPI! (please recompile > it with -DEAPI) > I may be crazy but did you compile apache with the -DEAPI flag? -p From krook Thu Mar 10 17:15:13 2005 From: krook (Daniel Krook) Date: Thu, 10 Mar 2005 17:15:13 -0500 Subject: [nycbug-talk] apache13-modssl and mod_perl from ports In-Reply-To: Message-ID: > [Thu Mar 10 16:53:56 2005] [warn] Loaded DSO libexec/apache/libperl.so uses > plain Apache 1.3 API, this module might crash under EAPI! (please recompile > it with -DEAPI) You'll get that message when you have an Apache compiled with mod_ssl, as you do there from ports. Consensus seems to be that's it's safe to ignore. I had a similar issue with some modules I added a couple of weeks ago. http://www.google.com/search?hl=en&lr=&q=crash+under+EAPI+safe+to+ignore&btnG=Search Daniel Krook, Advisory IT Specialist - Application Development WW Web Production Services North 2, ibm.com Personal: http://info.krook.org/ BluePages: http://w3.ibm.com/bluepages?searchcnum=9A9796897 From steve Thu Mar 10 17:47:20 2005 From: steve (steverieger) Date: Thu, 10 Mar 2005 17:47:20 -0500 Subject: [nycbug-talk] Apache's mod snmp Message-ID: Is anybody here using mod_snmp, can you share the pros and cons. Thanx From paul Thu Mar 10 20:42:53 2005 From: paul (Paul Dlug) Date: Thu, 10 Mar 2005 20:42:53 -0500 Subject: [nycbug-talk] enterprise bsd In-Reply-To: <86130e76e6a4c66636256f4926089efe@belovedarctos.com> References: <3d376377d7fe937c053831ccb0234270@aps.org> <86130e76e6a4c66636256f4926089efe@belovedarctos.com> Message-ID: <2e28d4b37dd61879520dde9896a20752@aps.org> On Mar 9, 2005, at 10:49 PM, Bjorn Nelson wrote: > This sounds like what I was looking for. Do you have any tips for > using this? I was thinking about just having this to update freebsd > core and some etc files and then use portupgrade to update added > programs from ports. Do you know of any good resources for this? > Exclude list repositories? The original paper has some good information in it: http://www.usenix.org/events/lisa03/tech/craig.html The presentations on radmind.org contain alot of good information as well. Alot of it is very Mac OS X specific but the general concepts are the same for all platforms. I think you'll quickly discover that it makes sense to manage as much as possible. There's a temptation to put large sections in the "negative space" like /etc or /usr/local until you hit an application that modifies so many files you can't locate them on your own. If you take the approach of managing everything you can guarantee that hosts are equivalent to each other. The other trick is to logically separate the loadsets so that each one stands on it's own and can be shared. I tend to create a loadset for each logical grouping of packages (xorg + dependencies or postgresql by itself). If you have any other questions let me know, it can be hard to get started but once you're used to it it's a very very powerful tool and you can do some neat tricks (like setting up dozens of servers in a few minutes, duplicating a host for testing, instant DR, etc.). --Paul From lists Fri Mar 11 00:46:28 2005 From: lists (Francisco Reyes) Date: Fri, 11 Mar 2005 00:46:28 -0500 (EST) Subject: [nycbug-talk] BSD torrents? Message-ID: <20050311004257.T12248@zoraida.natserv.net> I have been looking for BSD related torrents to help by keeping my torrent up. Any suggestions on torrents that could use more clients? Currently keeping a torrent for FreeSBIE and some of the 5.3 ISO images. So far the FreeSBIE has been the most popular. I figure my DSL connection is unused for so many hours a day.. may as well put it to good use. :-) From pete Fri Mar 11 00:47:14 2005 From: pete (Pete Wright) Date: Fri, 11 Mar 2005 00:47:14 -0500 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311004257.T12248@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> Message-ID: <20050311054714.GE67989@finn.nomadlogic.org> On Fri, Mar 11, 2005 at 12:46:28AM -0500, Francisco Reyes wrote: > I have been looking for BSD related torrents to help by keeping my torrent > up. Any suggestions on torrents that could use more clients? > > Currently keeping a torrent for FreeSBIE and some of the 5.3 ISO images. > So far the FreeSBIE has been the most popular. > > I figure my DSL connection is unused for so many hours a day.. may as well > put it to good use. :-) here's a quick and dirty torrent guide for freebsd on our own site ;) http://nycbug.org/index.php?NAV=Library&SUBM=86 basicly illustrates using the --max_upload_rate flag so you don't crush your pipe. maybe we can expand on this article to have some links to where to get torrent files, that might be a helpfull resource... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From lists Fri Mar 11 07:39:26 2005 From: lists (Francisco Reyes) Date: Fri, 11 Mar 2005 07:39:26 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311054714.GE67989@finn.nomadlogic.org> References: <20050311004257.T12248@zoraida.natserv.net> <20050311054714.GE67989@finn.nomadlogic.org> Message-ID: <20050311073311.Q29139@zoraida.natserv.net> On Fri, 11 Mar 2005, Pete Wright wrote: > here's a quick and dirty torrent guide for freebsd on our own site ;) > http://nycbug.org/index.php?NAV=Library&SUBM=86 The ports did not have the latest and greatest so I just installed it manually. It was near trivial. Download sources Install Python Install Python GTK make an alias pointing to "python " and another pointing to "python " In my case that was alias btGUI "python /home/src/BitTorrent-4.0.0/btdownloadgui.py" alias btCUR "python /home/src/BitTorrent-4.0.0/btdownloadcurses.py" > basicly illustrates using the --max_upload_rate flag so you don't crush > your pipe. I believe the default is 20K, which is fine for me. The latest Bittorrent just came out a few days ago. Version 4. > maybe we can expand on this article to have some links to >where to get torrent files, that might be a helpfull resource... That would be great. I got my torrent files from: http://torrent.freesbie.org/ http://people.freebsd.org/~scottl/5.3-torrent/ From jschauma Fri Mar 11 10:30:58 2005 From: jschauma (Jan Schaumann) Date: Fri, 11 Mar 2005 10:30:58 -0500 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311004257.T12248@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> Message-ID: <20050311153058.GA26134@netmeister.org> Francisco Reyes wrote: > I have been looking for BSD related torrents to help by keeping my torrent > up. Any suggestions on torrents that could use more clients? ftp://ftp.netbsd.org/pub/NetBSD/iso/1.6.2/*.torrent ftp://ftp.netbsd.org/pub/NetBSD/iso/2.0/*.torrent -Jan -- The Internet interprets censorship as damage and routes around it. -- John Gilmore -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050311/e4e8f8ae/attachment.bin From mikel.king Fri Mar 11 12:02:08 2005 From: mikel.king (Mikel King) Date: Fri, 11 Mar 2005 12:02:08 -0500 Subject: [nycbug-talk] (ot) t3 providers Message-ID: <4231CF10.3060507@ocsny.com> Anyone have some solid $ stats on the latest t3 figures? I am looking for both hssi & ds3 configurations including taxes and all of the other hidden fees so I can pull together a true cost comparison. Thanks to all who respond. -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ From alex Fri Mar 11 11:55:25 2005 From: alex (alex at pilosoft.com) Date: Fri, 11 Mar 2005 11:55:25 -0500 (EST) Subject: [nycbug-talk] (ot) t3 providers In-Reply-To: <4231CF10.3060507@ocsny.com> Message-ID: On Fri, 11 Mar 2005, Mikel King wrote: > Anyone have some solid $ stats on the latest t3 figures? I am looking > for both hssi & ds3 configurations including taxes and all of the other > hidden fees so I can pull together a true cost comparison. Thanks to all > who respond. It depends on loop pricing and your location. I can do full DS3 almost anywhere in Manhattan below 59th street for 2500$/month, 2 year contract. That is all-inclusive of service fees (taxes and all), but no CPE equipment is provided. Handoff is DS3. Lease of DS3 CPE is extra 300$/month. -alex From pete Fri Mar 11 15:29:42 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 12:29:42 -0800 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311073311.Q29139@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311054714.GE67989@finn.nomadlogic.org> <20050311073311.Q29139@zoraida.natserv.net> Message-ID: <1110572982.43298.1.camel@hunter> On Fri, 2005-03-11 at 07:39 -0500, Francisco Reyes wrote: > On Fri, 11 Mar 2005, Pete Wright wrote: > > > here's a quick and dirty torrent guide for freebsd on our own site ;) > > http://nycbug.org/index.php?NAV=Library&SUBM=86 > > The ports did not have the latest and greatest so I just installed it > manually. It was near trivial. > Download sources > Install Python > Install Python GTK > make an alias pointing to "python " and another pointing to > "python " > In my case that was > alias btGUI "python /home/src/BitTorrent-4.0.0/btdownloadgui.py" > alias btCUR "python /home/src/BitTorrent-4.0.0/btdownloadcurses.py" > > > basicly illustrates using the --max_upload_rate flag so you don't crush > > your pipe. > > I believe the default is 20K, which is fine for me. hmmm...not too sure about that, may have changed w/ v4 (from running btdownloadcurses.py w/ no args.) --max_upload_rate maximum kB/s to upload at, 0 means no limit (defaults to 0) -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Fri Mar 11 16:29:28 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 13:29:28 -0800 Subject: [nycbug-talk] preferred home office 'net connection Message-ID: <1110576568.43298.8.camel@hunter> Hey ya'll, Since I've moved out to LA I've found that my cable network connection has been really slow compared to what I was getting in NYC. I've been contemplating getting a sDSL connection from a local ISP reseller but would like to hear the opinion from you all. I've never had a DSL line before, but I do know that they should not run into the same saturation issues that seem to be effecting me. I know a few of you all here have DSL, does it seem pretty stable (I know, I know this will varrry from teleco to teleco but still interested)? Also, the plan I'm looking at is 384k/384k for $70/mo. Should I expect to get that bandwidth reliably or has anyone noticed fluctuation in thier service. Cheers, Pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From ryanseu Fri Mar 11 16:44:09 2005 From: ryanseu (Ryan Seu) Date: Fri, 11 Mar 2005 16:44:09 -0500 Subject: [nycbug-talk] Another Question about freeBSD Message-ID: <96b52a600503111344104e51fa@mail.gmail.com> Hey everyone, I, the noobie, am once again in need of some help :) Actually, there are two issues I'm trying to resolve with freeBSD. Question 1. I'm trying to get my sound card working. I managed to load the generic sound driver (kldload snd_driver). I verified it by doing (cat [file_name] > /dev/dsp ). It works fine until I try starting up KDE. When the KDE is loading up, the intro-sound runs but hangs in the middle. I went to the KDE controller to test the audio but nothing comes out. I exit from KDE and go back to the terminal to verify the sound (again, cat [file_name] > /dev/dsp) but nothing comes out this time. Any suggestions? I'm aware of the fact that "snd_driver" attempts to load up all the sound drivers until a match occurs (I think). when I type kldload snd_driver, I get few lines of the following: sio1: configured ieq 3 not in bitmap of probed irqs 0 sio1: port may not be enabled Then I get the following: pcm0: port 0xedc0-0xedff, 0xee00-0xeeff mem 0xfeb7f900-0xfeb7f99f, 0xfeb7fa00-0xfeb7fbff irq 17 at device 31.5 on pci0 pcm0: [GIANT-LOCKED] pcm0: Question 2. I'm also have an issue with my CD-ROM (actaully DVD/CD-RW Combo but for now, I'm just trying to get the CD-ROM to work). I checked the fstab and see the following line: /dev/acd0 /cdrom cd9660 ro,noauto 0 0 Unfortunately, when I look for acd0 in /dev/ I can't find it. I checked dmesg but didn't find anything that looks like acd0. Any suggestions? Ryan From aron Fri Mar 11 16:48:32 2005 From: aron (Aron Roberts) Date: Fri, 11 Mar 2005 16:48:32 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110576568.43298.8.camel@hunter> References: <1110576568.43298.8.camel@hunter> Message-ID: <3885337fa5bb18128a86a1c68969a634@slam.cc> On Mar 11, 2005, at 4:29 PM, pete wright wrote: > Hey ya'll, > Since I've moved out to LA I've found that my cable network connection > has been really slow compared to what I was getting in NYC. I've been > contemplating getting a sDSL connection from a local ISP reseller but > would like to hear the opinion from you all. I've never had a DSL line > before, but I do know that they should not run into the same saturation > issues that seem to be effecting me. > > I know a few of you all here have DSL, does it seem pretty stable (I > know, I know this will varrry from teleco to teleco but still > interested)? Also, the plan I'm looking at is 384k/384k for $70/mo. > Should I expect to get that bandwidth reliably or has anyone noticed > fluctuation in thier service. The only provider I have used that gave me reliable bandwidth is Speakeasy. I am sure there are other good ones out there. I have no idea about your planned ISP. In general you should expect to get advertised bandwidth minus expected TCP/IP overhead, etc. From okan Fri Mar 11 16:51:28 2005 From: okan (Okan Demirmen) Date: Fri, 11 Mar 2005 16:51:28 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <3885337fa5bb18128a86a1c68969a634@slam.cc> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> Message-ID: <20050311215128.GA50455@yinaska.pair.com> On Fri 2005.03.11 at 16:48 -0500, Aron Roberts wrote: > > On Mar 11, 2005, at 4:29 PM, pete wright wrote: > > >Hey ya'll, > > Since I've moved out to LA I've found that my cable network > > connection > >has been really slow compared to what I was getting in NYC. I've been > >contemplating getting a sDSL connection from a local ISP reseller but > >would like to hear the opinion from you all. I've never had a DSL line > >before, but I do know that they should not run into the same saturation > >issues that seem to be effecting me. > > > > I know a few of you all here have DSL, does it seem pretty stable (I > >know, I know this will varrry from teleco to teleco but still > >interested)? Also, the plan I'm looking at is 384k/384k for $70/mo. > >Should I expect to get that bandwidth reliably or has anyone noticed > >fluctuation in thier service. > > > The only provider I have used that gave me reliable bandwidth is > Speakeasy. I am sure there are other good ones out there. I have no > idea about your planned ISP. ditto on speakeasy. great service and people too. > In general you should expect to get advertised bandwidth minus expected > TCP/IP overhead, etc. > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From krook Fri Mar 11 16:55:49 2005 From: krook (Daniel Krook) Date: Fri, 11 Mar 2005 16:55:49 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <3885337fa5bb18128a86a1c68969a634@slam.cc> Message-ID: > The only provider I have used that gave me reliable bandwidth is > Speakeasy. I can second that. I needed knowlegable support (as is the case whenever you get involved w/ DSL) and no blocked ports so I went w/ Speakeasy. They had some Slashdot/OSDN related special a few months back where you got the first 3 months of any package for $20 and some static IPs, so hunt around for some promo packages and mention them if/when you talk to a rep. Daniel Krook, Advisory IT Specialist - Application Development WW Web Production Services North 2, ibm.com Personal: http://info.krook.org/ BluePages: http://w3.ibm.com/bluepages?searchcnum=9A9796897 From bruno Fri Mar 11 17:06:38 2005 From: bruno (bruno) Date: Fri, 11 Mar 2005 17:06:38 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110576568.43298.8.camel@hunter> References: <1110576568.43298.8.camel@hunter> Message-ID: <20050311220638.GF18486@loftmail.com> On Fri, Mar 11, 2005 at 01:29:28PM -0800, pete wright wrote: > I know a few of you all here have DSL, does it seem pretty stable (I > know, I know this will varrry from teleco to teleco but still > interested)? Also, the plan I'm looking at is 384k/384k for $70/mo. > Should I expect to get that bandwidth reliably or has anyone noticed > fluctuation in thier service. It probably does depend on telco, I don't like giving money to cable companies and run DSL for many many years, and never had any problems. It does seem (package-wise, but maybe not anymore) like they officially give you less speed than cables, but raw bandwidth is not that important to me. Do a research on dslreport.com for LA area, I went with a smaller ISP and so far no complaints. If I was to get something national, SpeakEasy looks very good. Bruno -- http://www.loftmail.com From spork Fri Mar 11 17:04:45 2005 From: spork (Charles Sprickman) Date: Fri, 11 Mar 2005 17:04:45 -0500 (EST) Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: Message-ID: On Fri, 11 Mar 2005, Daniel Krook wrote: >> The only provider I have used that gave me reliable bandwidth is >> Speakeasy. > > I can second that. I needed knowlegable support (as is the case whenever > you get involved w/ DSL) and no blocked ports so I went w/ Speakeasy. They > had some Slashdot/OSDN related special a few months back where you got the > first 3 months of any package for $20 and some static IPs, so hunt around > for some promo packages and mention them if/when you talk to a rep. I won't second that. :) I've worked with ISPs that are Covad resellers for about 5 years and have also twice been a Speakeasy customer... I thought that their support was fairly lame in comparison to good local ISPs. If I had an outage I was never allowed to look at the Covad/ILEC worklog and I never really felt they were "advocating" for me in getting the ticket worked. Many times Covad needs quite a bit of a "push" to get a ticket resolved in a reasonable time frame and at Speakeasy's size they simply don't have the time and resources to do that. Both ISPs I've worked for have had a few people that are good at working with Covad to make sure that any stupidity there is nipped real quick. I've also had numerous occasions where their "bigness" was a double-edged sword and their fast growth meant that the Covad backhaul I was on was clogged with too many customers. And I'll just hold my tongue on InterNap's spit and perl routing "optimization" that more often looked like "transit pricing optimization". I'll let Alex rail on them instead. :) Just my $.03 Charles > > > > Daniel Krook, Advisory IT Specialist - Application Development > WW Web Production Services North 2, ibm.com > > Personal: http://info.krook.org/ > BluePages: http://w3.ibm.com/bluepages?searchcnum=9A9796897 > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Fri Mar 11 16:56:20 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 13:56:20 -0800 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <20050311215128.GA50455@yinaska.pair.com> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> Message-ID: <1110578180.43298.10.camel@hunter> On Fri, 2005-03-11 at 16:51 -0500, Okan Demirmen wrote: > On Fri 2005.03.11 at 16:48 -0500, Aron Roberts wrote: > > > > On Mar 11, 2005, at 4:29 PM, pete wright wrote: > > > > >Hey ya'll, > > > Since I've moved out to LA I've found that my cable network > > > connection > > >has been really slow compared to what I was getting in NYC. I've been > > >contemplating getting a sDSL connection from a local ISP reseller but > > >would like to hear the opinion from you all. I've never had a DSL line > > >before, but I do know that they should not run into the same saturation > > >issues that seem to be effecting me. > > > > > > I know a few of you all here have DSL, does it seem pretty stable (I > > >know, I know this will varrry from teleco to teleco but still > > >interested)? Also, the plan I'm looking at is 384k/384k for $70/mo. > > >Should I expect to get that bandwidth reliably or has anyone noticed > > >fluctuation in thier service. > > > > > > The only provider I have used that gave me reliable bandwidth is > > Speakeasy. I am sure there are other good ones out there. I have no > > idea about your planned ISP. > > ditto on speakeasy. great service and people too. > > > In general you should expect to get advertised bandwidth minus expected > > TCP/IP overhead, etc. awesome thanks guys! this is the isp i'm checking out (it was suggested to me by a local BUG member): http://labridge.com/ I guess the main issue I have is that I will have to get a landline phone connection if I want DSL which might make it too expensive for me to switch. -pete > > > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From spork Fri Mar 11 17:35:41 2005 From: spork (Charles Sprickman) Date: Fri, 11 Mar 2005 17:35:41 -0500 (EST) Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110578180.43298.10.camel@hunter> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> Message-ID: On Fri, 11 Mar 2005, pete wright wrote: > I guess the main issue I have is that I will have to get a landline > phone connection if I want DSL which might make it too expensive for me > to switch. Not at all! Covad now has "naked dsl" which is dedicated pair ADSL that does not require an existing POTS line. The pair is used exclusively for DSL (much like SDSL). Charles > -pete > >>> >>> _______________________________________________ >>> % NYC*BUG talk mailing list >>> http://lists.nycbug.org/mailman/listinfo/talk >>> %Be sure to check out our Jobs and NYCBUG-announce lists >>> %We meet the first Wednesday of the month >> > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Fri Mar 11 17:41:29 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 14:41:29 -0800 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> Message-ID: <1110580889.43298.20.camel@hunter> On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: > On Fri, 11 Mar 2005, pete wright wrote: > > > I guess the main issue I have is that I will have to get a landline > > phone connection if I want DSL which might make it too expensive for me > > to switch. > > Not at all! Covad now has "naked dsl" which is dedicated pair ADSL that > does not require an existing POTS line. The pair is used exclusively for > DSL (much like SDSL). thanks again charles, I think the ISP i've been checking out requires me to have a POTS line for service, well i know they do because I just asked. I'm checking out Covad now...it's a shame that I may not be able to go through a local outfit. altho the prices from covad are not too bad....the plot thikens ;) -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From spork Fri Mar 11 18:05:22 2005 From: spork (Charles Sprickman) Date: Fri, 11 Mar 2005 18:05:22 -0500 (EST) Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110580889.43298.20.camel@hunter> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> Message-ID: On Fri, 11 Mar 2005, pete wright wrote: > On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: >> On Fri, 11 Mar 2005, pete wright wrote: >> >>> I guess the main issue I have is that I will have to get a landline >>> phone connection if I want DSL which might make it too expensive for me >>> to switch. >> >> Not at all! Covad now has "naked dsl" which is dedicated pair ADSL that >> does not require an existing POTS line. The pair is used exclusively for >> DSL (much like SDSL). > > thanks again charles, > I think the ISP i've been checking out requires me to have a POTS line > for service, well i know they do because I just asked. I'm checking out > Covad now...it's a shame that I may not be able to go through a local > outfit. altho the prices from covad are not too bad....the plot > thikens ;) Oh no, I'm not talking about using Covad direct service, that sucks. :) You probably have a number of ISPs there that are covad resellers. Covad handles the DSL side, the ISP handles the IP/support/services side. Pop your address info into DSLReports.com and they should be able to give you a breakdown of who's around and who the telco party is... Charles > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > From lists Fri Mar 11 18:08:13 2005 From: lists (Francisco Reyes) Date: Fri, 11 Mar 2005 18:08:13 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <1110572982.43298.1.camel@hunter> References: <20050311004257.T12248@zoraida.natserv.net> <20050311054714.GE67989@finn.nomadlogic.org> <20050311073311.Q29139@zoraida.natserv.net> <1110572982.43298.1.camel@hunter> Message-ID: <20050311180637.O33378@zoraida.natserv.net> On Fri, 11 Mar 2005, pete wright wrote: >> I believe the default is 20K, which is fine for me. > > > hmmm...not too sure about that, may have changed w/ v4 > (from running btdownloadcurses.py w/ no args.) > > --max_upload_rate > maximum kB/s to upload at, 0 means no limit (defaults to 0) On V4 --max_upload_rate maximum kB/s to upload at, 0 means no limit (defaults to 20) From bob Fri Mar 11 18:10:06 2005 From: bob (Bob Ippolito) Date: Fri, 11 Mar 2005 18:10:06 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110580889.43298.20.camel@hunter> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> Message-ID: On Mar 11, 2005, at 5:41 PM, pete wright wrote: > On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: >> On Fri, 11 Mar 2005, pete wright wrote: >> >>> I guess the main issue I have is that I will have to get a landline >>> phone connection if I want DSL which might make it too expensive for >>> me >>> to switch. >> >> Not at all! Covad now has "naked dsl" which is dedicated pair ADSL >> that >> does not require an existing POTS line. The pair is used exclusively >> for >> DSL (much like SDSL). > > thanks again charles, > I think the ISP i've been checking out requires me to have a POTS line > for service, well i know they do because I just asked. I'm checking > out > Covad now...it's a shame that I may not be able to go through a local > outfit. altho the prices from covad are not too bad....the plot > thikens ;) Most of the time they require you to have a POTS line for installation.. you can ditch it once the service is activated. -bob From pete Fri Mar 11 18:07:39 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 15:07:39 -0800 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311180637.O33378@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311054714.GE67989@finn.nomadlogic.org> <20050311073311.Q29139@zoraida.natserv.net> <1110572982.43298.1.camel@hunter> <20050311180637.O33378@zoraida.natserv.net> Message-ID: <1110582459.43298.22.camel@hunter> On Fri, 2005-03-11 at 18:08 -0500, Francisco Reyes wrote: > On Fri, 11 Mar 2005, pete wright wrote: > > >> I believe the default is 20K, which is fine for me. > > > > > > hmmm...not too sure about that, may have changed w/ v4 > > (from running btdownloadcurses.py w/ no args.) > > > > --max_upload_rate > > maximum kB/s to upload at, 0 means no limit (defaults to 0) > > On V4 > --max_upload_rate > maximum kB/s to upload at, 0 means no limit (defaults to 20) awesome, they started using sane values for defaults ;) -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Fri Mar 11 18:09:41 2005 From: pete (pete wright) Date: Fri, 11 Mar 2005 15:09:41 -0800 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> Message-ID: <1110582581.43298.25.camel@hunter> On Fri, 2005-03-11 at 18:10 -0500, Bob Ippolito wrote: > On Mar 11, 2005, at 5:41 PM, pete wright wrote: > > > On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: > >> On Fri, 11 Mar 2005, pete wright wrote: > >> > >>> I guess the main issue I have is that I will have to get a landline > >>> phone connection if I want DSL which might make it too expensive for > >>> me > >>> to switch. > >> > >> Not at all! Covad now has "naked dsl" which is dedicated pair ADSL > >> that > >> does not require an existing POTS line. The pair is used exclusively > >> for > >> DSL (much like SDSL). > > > > thanks again charles, > > I think the ISP i've been checking out requires me to have a POTS line > > for service, well i know they do because I just asked. I'm checking > > out > > Covad now...it's a shame that I may not be able to go through a local > > outfit. altho the prices from covad are not too bad....the plot > > thikens ;) > > Most of the time they require you to have a POTS line for > installation.. you can ditch it once the service is activated. just spoke with covad and they can do it w/o any POTS which is nice, altho now charles has we worrying about the support they provide ;) i've checked out a couple local guy's here and they all seemed quite skeezy, except for labridge but alas they require a phone line (think they just resell verizon) and they are more expensive that covad. ok, time to go searching again... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From aron Fri Mar 11 18:22:46 2005 From: aron (Aron Roberts) Date: Fri, 11 Mar 2005 18:22:46 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <1110582581.43298.25.camel@hunter> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> <1110582581.43298.25.camel@hunter> Message-ID: <440d61f4cd2f8c4be592b41572e8a9f1@slam.cc> On Mar 11, 2005, at 6:09 PM, pete wright wrote: > > just spoke with covad and they can do it w/o any POTS which is nice, > altho now charles has we worrying about the support they provide ;) > i've checked out a couple local guy's here and they all seemed quite > skeezy, except for labridge but alas they require a phone line (think > they just resell verizon) and they are more expensive that covad. ok, > time to go searching again... > Speakeasy resells Covad and has DSL without a phone line... they call it "One Link" though in some areas they resell loops from other providers... or at least they used to. From lists Fri Mar 11 19:12:08 2005 From: lists (Francisco Reyes) Date: Fri, 11 Mar 2005 19:12:08 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311183518.F33378@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> Message-ID: <20050311191144.Q33756@zoraida.natserv.net> On Fri, 11 Mar 2005, Jan Schaumann wrote: > up. Any suggestions on torrents that could use more clients? > ftp://ftp.netbsd.org/pub/NetBSD/iso/1.6.2/*.torrent > ftp://ftp.netbsd.org/pub/NetBSD/iso/2.0/*.torrent Quite a lot of torrent files. :-) Picked 5 from 2.0.. 3 x i386, sparc, and amd64 From pete Fri Mar 11 19:53:55 2005 From: pete (Pete Wright) Date: Fri, 11 Mar 2005 16:53:55 -0800 (PST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311191144.Q33756@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050311191144.Q33756@zoraida.natserv.net> Message-ID: <38536.160.33.20.11.1110588835.squirrel@160.33.20.11> > On Fri, 11 Mar 2005, Jan Schaumann wrote: >> up. Any suggestions on torrents that could use more clients? >> ftp://ftp.netbsd.org/pub/NetBSD/iso/1.6.2/*.torrent >> ftp://ftp.netbsd.org/pub/NetBSD/iso/2.0/*.torrent > > Quite a lot of torrent files. :-) > Picked 5 from 2.0.. 3 x i386, sparc, and amd64 > I was thinking for a bit that it may be cool to have a tar ball that one could download that would have most of the popular BSD related torrents so a user could just grab the tar ball, and start downloading. Do you think is something people may be interested in? -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From jesse Fri Mar 11 20:31:07 2005 From: jesse (Jesse Callaway) Date: Fri, 11 Mar 2005 20:31:07 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> Message-ID: <20050312013107.GA51909@mail.theholymountain.com> On Fri, Mar 11, 2005 at 05:35:41PM -0500, Charles Sprickman wrote: > On Fri, 11 Mar 2005, pete wright wrote: > > >I guess the main issue I have is that I will have to get a landline > >phone connection if I want DSL which might make it too expensive for me > >to switch. > > Not at all! Covad now has "naked dsl" which is dedicated pair ADSL that > does not require an existing POTS line. The pair is used exclusively for > DSL (much like SDSL). Get out of town!! Really? That dial-tone crap kills me. -jesse > > Charles > > >-pete From jesse Fri Mar 11 20:36:15 2005 From: jesse (Jesse Callaway) Date: Fri, 11 Mar 2005 20:36:15 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> Message-ID: <20050312013615.GB51909@mail.theholymountain.com> On Fri, Mar 11, 2005 at 06:10:06PM -0500, Bob Ippolito wrote: > > On Mar 11, 2005, at 5:41 PM, pete wright wrote: > > >On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: > >>On Fri, 11 Mar 2005, pete wright wrote: > >> > >>>I guess the main issue I have is that I will have to get a landline > >>>phone connection if I want DSL which might make it too expensive for > >>>me > >>>to switch. > >> > >>Not at all! Covad now has "naked dsl" which is dedicated pair ADSL > >>that > >>does not require an existing POTS line. The pair is used exclusively > >>for > >>DSL (much like SDSL). > > > >thanks again charles, > > I think the ISP i've been checking out requires me to have a POTS > > line > >for service, well i know they do because I just asked. I'm checking > >out > >Covad now...it's a shame that I may not be able to go through a local > >outfit. altho the prices from covad are not too bad....the plot > >thikens ;) > > Most of the time they require you to have a POTS line for > installation.. you can ditch it once the service is activated. > > -bob > ehh... not so much. I tried that and it worked well with a small co in Westchester who had their equipment in the telco. It certainly did not work when I had SpeakEasy over the Covad DSLAM. If you get your pair dropped there is no getting it back due to the policy. And let's face it, housecleaning gets done sometimes and they just run through the telco with weapons and randomly tear down connects. I swear that must be what happens. Yes, it was ADSL both times. -jesse From bob Fri Mar 11 20:42:33 2005 From: bob (Bob Ippolito) Date: Fri, 11 Mar 2005 20:42:33 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <20050312013615.GB51909@mail.theholymountain.com> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> <20050312013615.GB51909@mail.theholymountain.com> Message-ID: On Mar 11, 2005, at 8:36 PM, Jesse Callaway wrote: > On Fri, Mar 11, 2005 at 06:10:06PM -0500, Bob Ippolito wrote: >> >> On Mar 11, 2005, at 5:41 PM, pete wright wrote: >> >>> On Fri, 2005-03-11 at 17:35 -0500, Charles Sprickman wrote: >>>> On Fri, 11 Mar 2005, pete wright wrote: >>>> >>>>> I guess the main issue I have is that I will have to get a landline >>>>> phone connection if I want DSL which might make it too expensive >>>>> for >>>>> me >>>>> to switch. >>>> >>>> Not at all! Covad now has "naked dsl" which is dedicated pair ADSL >>>> that >>>> does not require an existing POTS line. The pair is used >>>> exclusively >>>> for >>>> DSL (much like SDSL). >>> >>> thanks again charles, >>> I think the ISP i've been checking out requires me to have a POTS >>> line >>> for service, well i know they do because I just asked. I'm checking >>> out >>> Covad now...it's a shame that I may not be able to go through a local >>> outfit. altho the prices from covad are not too bad....the plot >>> thikens ;) >> >> Most of the time they require you to have a POTS line for >> installation.. you can ditch it once the service is activated. > > ehh... not so much. I tried that and it worked well with a small co in > Westchester who had their equipment in the telco. It certainly did not > work when I had SpeakEasy over the Covad DSLAM. If you get your pair > dropped there is no getting it back due to the policy. And let's face > it, housecleaning gets done sometimes and they just run through the > telco with weapons and randomly tear down connects. I swear that must > be what happens. Yes, it was ADSL both times. Really? I've done it with SpeakEasy SDSL twice (two apartments in Manhattan) with no problems over the past 4 years or so. They needed a verizon line to get it up, then I took it right down. -bob From jesse Fri Mar 11 21:39:34 2005 From: jesse (Jesse Callaway) Date: Fri, 11 Mar 2005 21:39:34 -0500 Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> <20050312013615.GB51909@mail.theholymountain.com> Message-ID: <20050312023934.GA52619@mail.theholymountain.com> On Fri, Mar 11, 2005 at 08:42:33PM -0500, Bob Ippolito wrote: > > Really? I've done it with SpeakEasy SDSL twice (two apartments in > Manhattan) with no problems over the past 4 years or so. They needed a > verizon line to get it up, then I took it right down. > > -bob > SDSL vs. ADSL... and from what I hear, I guess I'll have to be logical. From what I hear we must have had SDSL from Bestweb, but again it's making my brain hurt because I know we paid like $35.00/mo. Apparently SDSL with a dial tone is some sort of parlour trick meant to confuse regular folk like us. -jesse From spork Fri Mar 11 21:47:41 2005 From: spork (Charles Sprickman) Date: Fri, 11 Mar 2005 21:47:41 -0500 (EST) Subject: [nycbug-talk] preferred home office 'net connection In-Reply-To: <20050312023934.GA52619@mail.theholymountain.com> References: <1110576568.43298.8.camel@hunter> <3885337fa5bb18128a86a1c68969a634@slam.cc> <20050311215128.GA50455@yinaska.pair.com> <1110578180.43298.10.camel@hunter> <1110580889.43298.20.camel@hunter> <20050312013615.GB51909@mail.theholymountain.com> <20050312023934.GA52619@mail.theholymountain.com> Message-ID: On Fri, 11 Mar 2005, Jesse Callaway wrote: > Apparently SDSL with a dial tone is some sort of parlour trick meant to > confuse regular folk like us. There's no such thing as SDSL w/POTS on it, it was made from the get-go for a dry pair. Some may sell ADSL throttled on the downstream (Verizon, for one) as "business DSL", but that's not SDSL. Charles > -jesse > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From jschauma Fri Mar 11 23:00:19 2005 From: jschauma (Jan Schaumann) Date: Fri, 11 Mar 2005 23:00:19 -0500 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050311183518.F33378@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> Message-ID: <20050312040019.GA13945@netmeister.org> Francisco wrote: > On Fri, 11 Mar 2005, Jan Schaumann wrote: > > >>up. Any suggestions on torrents that could use more clients? > >ftp://ftp.netbsd.org/pub/NetBSD/iso/1.6.2/*.torrent > >ftp://ftp.netbsd.org/pub/NetBSD/iso/2.0/*.torrent > > Quite a lot of torrent files. :-) > Picked 5 from 2.0.. 3 x i386, sparc, and amd64 Cool - thanks! -Jan -- Probability factor of one to one. We have normality. I repeat, we have normality. Anything you still can't cope with is therefore your own lookout. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050311/642f0be2/attachment.bin From george Sat Mar 12 03:22:35 2005 From: george (G. Rosamond) Date: Sat, 12 Mar 2005 03:22:35 -0500 Subject: [nycbug-talk] Another Question about freeBSD In-Reply-To: <96b52a600503111344104e51fa@mail.gmail.com> References: <96b52a600503111344104e51fa@mail.gmail.com> Message-ID: <1bb3694f17fba7f5c53a2cee5f24ce01@sddi.net> On Mar 11, 2005, at 4:44 PM, Ryan Seu wrote: > Hey everyone, > > I, the noobie, am once again in need of some help :) > > Actually, there are two issues I'm trying to resolve with freeBSD. > > Question 1. I'm trying to get my sound card working. I managed to load > the generic sound driver (kldload snd_driver). I verified it by doing > (cat [file_name] > /dev/dsp ). It works fine until I try starting up > KDE. When the KDE is loading up, the intro-sound runs but hangs in the > middle. I went to the KDE controller to test the audio but nothing > comes out. I exit from KDE and go back to the terminal to verify the > sound (again, cat [file_name] > /dev/dsp) but nothing comes out this > time. Any suggestions? I'm aware of the fact that "snd_driver" > attempts to load up all the sound drivers until a match occurs (I > think). > > when I type kldload snd_driver, I get few lines of the following: > > sio1: configured ieq 3 not in bitmap of probed irqs 0 > sio1: port may not be enabled > > > Then I get the following: > > pcm0: port 0xedc0-0xedff, 0xee00-0xeeff mem > 0xfeb7f900-0xfeb7f99f, 0xfeb7fa00-0xfeb7fbff irq 17 at device 31.5 on > pci0 > pcm0: [GIANT-LOCKED] > pcm0: > > > Question 2. I'm also have an issue with my CD-ROM (actaully DVD/CD-RW > Combo but for now, I'm just trying to get the CD-ROM to work). I > checked the fstab and see the following line: > > /dev/acd0 /cdrom cd9660 ro,noauto 0 > 0 > > Unfortunately, when I look for acd0 in /dev/ I can't find it. I > checked dmesg but didn't find anything that looks like acd0. Any > suggestions? > It's probably /dev/acd0c g From mspitzer Sat Mar 12 01:26:30 2005 From: mspitzer (Marc Spitzer) Date: Sat, 12 Mar 2005 01:26:30 -0500 Subject: [nycbug-talk] AIM's new licence is dangerious Message-ID: <8c50a3c305031122265a74229c@mail.gmail.com> Here is the key bit, it says they effectivly have the right to copy/sell/use everything that goes through their aim software or servers: Content You Post You may only post Content that you created or which the owner of the Content has given you. You may not post or distribute Content that is illegal or that violates these Terms of Service. By posting or submitting Content on any AIM Product, you represent and warrant that (i) you own all the rights to this Content or are authorized to use and distribute this Content on the AIM Product and (ii) this Content does not and will not infringe any copyright or any other third-party right nor violate any applicable law or regulation. Although you or the owner of the Content retain ownership of all right, title and interest in Content that you post to any AIM Product, AOL owns all right, title and interest in any compilation, collective work or other derivative work created by AOL using or incorporating this Content. In addition, by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy. You waive any right to inspect or approve uses of the Content or to be compensated for any such uses. here is the full url: http://www.aim.com/tos/tos.adp marc From bob Sat Mar 12 05:32:54 2005 From: bob (Bob Ippolito) Date: Sat, 12 Mar 2005 05:32:54 -0500 Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <8c50a3c305031122265a74229c@mail.gmail.com> References: <8c50a3c305031122265a74229c@mail.gmail.com> Message-ID: <68d616167108aa4adaa6dfa36f3cca24@redivi.com> On Mar 12, 2005, at 1:26 AM, Marc Spitzer wrote: > Here is the key bit, it says they effectivly have the right to > copy/sell/use everything that goes through their aim software or > servers: ... > here is the full url: > > http://www.aim.com/tos/tos.adp Well it also states: The following terms and conditions apply to all users who either registered for AIM services or downloaded AIM updates or software on or after February 5, 2004. AIM users who do not register for AIM services or download AIM updates or software on or after February 5, 2004 and are members of the Netscape Network will remain bound by Netscape's terms and conditions. All other AIM users are bound by the aol.com terms and conditions. So a different TOS might apply... It's not cool either way, though. Maybe it'll drum up some users for Jabber? I'm certainly going to be using Jabber a lot more when Apple supports it in a few months. -bob From dgonzo Sat Mar 12 06:50:01 2005 From: dgonzo (Daniel Gonzalez) Date: Sat, 12 Mar 2005 06:50:01 -0500 Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <68d616167108aa4adaa6dfa36f3cca24@redivi.com> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> Message-ID: <4232D769.90303@optonline.net> Bob Ippolito wrote: > On Mar 12, 2005, at 1:26 AM, Marc Spitzer wrote: > >> Here is the key bit, it says they effectivly have the right to >> copy/sell/use everything that goes through their aim software or >> servers: > > ... > >> here is the full url: >> >> http://www.aim.com/tos/tos.adp > > > Well it also states: > > The following terms and conditions apply to all users who either > registered for AIM services or downloaded AIM updates or software on > or after February 5, 2004. AIM users who do not register for AIM > services or download AIM updates or software on or after February 5, > 2004 and are members of the Netscape Network will remain bound by > Netscape's terms and conditions. All other AIM users are bound by the > aol.com terms and conditions. > > So a different TOS might apply... > > It's not cool either way, though. Maybe it'll drum up some users for > Jabber? I'm certainly going to be using Jabber a lot more when Apple > supports it in a few months. > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > The license terms are disturbing...Does Jabber support AIM and YahooIM protocols? I didn't know there was a Jabber port for FreeBSD. Regards Dan Gonzalez 5ESS Maintenance Engineer Cablevision Lightpath dgonzo at optonline dot net From lists Sat Mar 12 10:57:42 2005 From: lists (Francisco Reyes) Date: Sat, 12 Mar 2005 10:57:42 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <38536.160.33.20.11.1110588835.squirrel@160.33.20.11> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050311191144.Q33756@zoraida.natserv.net> <38536.160.33.20.11.1110588835.squirrel@160.33.20.11> Message-ID: <20050312105506.S42490@zoraida.natserv.net> On Fri, 11 Mar 2005, Pete Wright wrote: > I was thinking for a bit that it may be cool to have a tar ball that one > could download that would have most of the popular BSD related torrents so > a user could just grab the tar ball, and start downloading. Do you think > is something people may be interested in? I am really not very familiar with NetBSD, but I think people will only download the torrent for the one architecture they intend to install. In my case I just wanted to help with torrent bandwith so downloaded several. I don't think most people will do more than one, maybe two, torrents get the file and go on their install business... so to answer your question.. I don't see how a tar file of several torrent files will help. From lists Sat Mar 12 11:07:57 2005 From: lists (lists at natserv.com) Date: Sat, 12 Mar 2005 11:07:57 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050312040019.GA13945@netmeister.org> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050312040019.GA13945@netmeister.org> Message-ID: <20050312105823.Q42490@zoraida.natserv.net> On Fri, 11 Mar 2005, Jan Schaumann wrote: >> Quite a lot of torrent files. :-) >> Picked 5 from 2.0.. 3 x i386, sparc, and amd64 > > Cool - thanks! > -Jan Any ideas which ones are most popular? So far I see activity on the i386. Obviously I want to help with whatever files are most active otherwise I am not really helping. If I don't see any activity on the sparc,amd for a few days may just pickup i386 for the 1.X branch. It would have been nice if they had used different names. I originally downloaded from the 2.X branch then when downloaded the 1.X noticed they had the same name and over-wrote what I had downloaded from the 2.X. :-( Went back and downloaded from 2.X again. Am I correct on thinking the 2.X branch is more active? Is the 1.X still fairly active? So far FreeSBIE has been the most active in the few days since I have had this up. So far hosting: FreeBSD 5.3 AMD and i386 NetBSD 2.X AMD, i386, sparc (sparc 64 I think) FreesBIE 1.1 I find helping with Torrents has to be one of the easiest way to contribute to a project. :-) Looking forward to future release dates for these projects. I figure that's when it will help the most having volunteers have their torrents up. From jonathan Sat Mar 12 11:52:15 2005 From: jonathan (Jonathan) Date: Sat, 12 Mar 2005 11:52:15 -0500 Subject: Jabber on FreeBSD was (Re: [nycbug-talk] AIM's new licence is dangerious) In-Reply-To: <4232D769.90303@optonline.net> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> <4232D769.90303@optonline.net> Message-ID: <42331E3F.6080308@kc8onw.net> Daniel Gonzalez wrote: > Bob Ippolito wrote: > >> On Mar 12, 2005, at 1:26 AM, Marc Spitzer wrote: >> >>> Here is the key bit, it says they effectivly have the right to >>> copy/sell/use everything that goes through their aim software or >>> servers: >>> here is the full url: >>> >>> http://www.aim.com/tos/tos.adp >> >> Well it also states: >> >> The following terms and conditions apply to all users who either >> registered for AIM services or downloaded AIM updates or software on >> or after February 5, 2004. AIM users who do not register for AIM >> services or download AIM updates or software on or after February 5, >> 2004 and are members of the Netscape Network will remain bound by >> Netscape's terms and conditions. All other AIM users are bound by the >> aol.com terms and conditions. >> >> So a different TOS might apply... >> >> It's not cool either way, though. Maybe it'll drum up some users for >> Jabber? I'm certainly going to be using Jabber a lot more when Apple >> supports it in a few months. >> >> -bob >> > The license terms are disturbing...Does Jabber support AIM and YahooIM > protocols? I didn't know there was a Jabber port for FreeBSD. > > > Regards > Dan Gonzalez I've been running Jabberd2 without any issues for >6 months. Not many users though mostly just me, my brothers, and a few friends. I don't actually run my own transports but there are transports out there for every IM protocol I've heard of. Some work quite well but some don't work very well in my experience. That may also partially be the fault of the server running the transport. I know of transports for AIM Yahoo! ICQ MSN Gadu-Gadu and IRC but have only successfully used AIM MSN and Yahoo! Jonathan From jschauma Sat Mar 12 12:27:31 2005 From: jschauma (Jan Schaumann) Date: Sat, 12 Mar 2005 12:27:31 -0500 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050312105823.Q42490@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050312040019.GA13945@netmeister.org> <20050312105823.Q42490@zoraida.natserv.net> Message-ID: <20050312172731.GA5316@netmeister.org> lists at natserv.com wrote: > Any ideas which ones are most popular? i386 should be by far the most popular, but amd64, macppc, sparc, sparc64, sgimips, and alpha should also see a fair number of requests. i386 also has a live CD and an image with binary third-party packages (i386pkg.iso.torrent), which probably are also quite popular. > Went back and downloaded from 2.X again. Am I correct on thinking the 2.X > branch is more active? Is the 1.X still fairly active? 2.0 is the last stable release, so I'd expect this one to be the more popular branch. 1.6.x is still supported, and while there clearly are a large number of people who use it in production use, I would expect downloads for new ISOs to be mainly requests for the new release. (Of course, I'm just speculating, here. I haven't looked at the actual ftp stats.) > I find helping with Torrents has to be one of the easiest way to > contribute to a project. :-) Much appreciated! Another easy way to contribute is by providing or helping with documentation. And of course we have http://www.netbsd.org/contrib/howto.html for other ideas... :-) -Jan -- http://www.ncadp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050312/52c7ecca/attachment.bin From lists Sat Mar 12 12:36:25 2005 From: lists (Francisco Reyes) Date: Sat, 12 Mar 2005 12:36:25 -0500 (EST) Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050312172731.GA5316@netmeister.org> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050312040019.GA13945@netmeister.org> <20050312105823.Q42490@zoraida.natserv.net> <20050312172731.GA5316@netmeister.org> Message-ID: <20050312123010.V43007@zoraida.natserv.net> On Sat, 12 Mar 2005, Jan Schaumann wrote: > i386 also has a live CD and an image with binary third-party packages > (i386pkg.iso.torrent), which probably are also quite popular. Serving all 3 for i386. i386cd i386live i386pkg > 2.0 is the last stable release, so I'd expect this one to be the more > popular branch. Ok. will stick to 2.0 Does NetBSD has tiers? Like architectures they release first before all others? I figure those would be the most active and the ones I may want to help with.. even if their traffic is low. From matt Sat Mar 12 12:50:47 2005 From: matt (Matt Juszczak) Date: Sat, 12 Mar 2005 12:50:47 -0500 (EST) Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <68d616167108aa4adaa6dfa36f3cca24@redivi.com> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> Message-ID: <20050312125031.G46312@neptune.atopia.net> The part about "No right to privacy" definitely has me concerned. I'm gonna switch to Jabber :) Anyone got a server? On Sat, 12 Mar 2005, Bob Ippolito wrote: > On Mar 12, 2005, at 1:26 AM, Marc Spitzer wrote: > >> Here is the key bit, it says they effectivly have the right to >> copy/sell/use everything that goes through their aim software or >> servers: > ... >> here is the full url: >> >> http://www.aim.com/tos/tos.adp > > Well it also states: > > The following terms and conditions apply to all users who either registered > for AIM services or downloaded AIM updates or software on or after February > 5, 2004. AIM users who do not register for AIM services or download AIM > updates or software on or after February 5, 2004 and are members of the > Netscape Network will remain bound by Netscape's terms and conditions. All > other AIM users are bound by the aol.com terms and conditions. > > So a different TOS might apply... > > It's not cool either way, though. Maybe it'll drum up some users for Jabber? > I'm certainly going to be using Jabber a lot more when Apple supports it in a > few months. > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > !DSPAM:4232c543404336795510037! > From jschauma Sat Mar 12 12:59:04 2005 From: jschauma (Jan Schaumann) Date: Sat, 12 Mar 2005 12:59:04 -0500 Subject: [nycbug-talk] BSD torrents? In-Reply-To: <20050312123010.V43007@zoraida.natserv.net> References: <20050311004257.T12248@zoraida.natserv.net> <20050311153058.GA26134@netmeister.org> <20050311183518.F33378@zoraida.natserv.net> <20050312040019.GA13945@netmeister.org> <20050312105823.Q42490@zoraida.natserv.net> <20050312172731.GA5316@netmeister.org> <20050312123010.V43007@zoraida.natserv.net> Message-ID: <20050312175904.GC5316@netmeister.org> Francisco Reyes wrote: > Does NetBSD has tiers? Like architectures they release first before all > others? No, releases are made for all architectures simultaneously. -Jan -- The reader is encouraged to add smileys where necessary to increase positive perception. Right here might be a good place: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050312/65fdd190/attachment.bin From pete Sat Mar 12 15:09:26 2005 From: pete (pete wright) Date: Sat, 12 Mar 2005 12:09:26 -0800 Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <20050312125031.G46312@neptune.atopia.net> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> <20050312125031.G46312@neptune.atopia.net> Message-ID: <1110658166.50011.0.camel@hunter> On Sat, 2005-03-12 at 12:50 -0500, Matt Juszczak wrote: > The part about "No right to privacy" definitely has me concerned. I'm > gonna switch to Jabber :) Anyone got a server? > there are plenty of public servers that one can use: http://www.jabber.org/network/ -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Sat Mar 12 15:11:46 2005 From: pete (pete wright) Date: Sat, 12 Mar 2005 12:11:46 -0800 Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <4232D769.90303@optonline.net> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> <4232D769.90303@optonline.net> Message-ID: <1110658306.50011.3.camel@hunter> On Sat, 2005-03-12 at 06:50 -0500, Daniel Gonzalez wrote: > > > The license terms are disturbing...Does Jabber support AIM and YahooIM > protocols? I didn't know there was a Jabber port for FreeBSD. > it depends on the client. Gaim for example supports OSCAR as well as jabber (and many other) protocols. So, if you are already using GAIM as your IM client then you can just register with a public jabber server and you should be good to go. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Sat Mar 12 23:22:09 2005 From: george (G. Rosamond) Date: Sat, 12 Mar 2005 23:22:09 -0500 Subject: [nycbug-talk] trojan ports. . . Message-ID: <0076a3b080f255d826234346a5e99b9b@sddi.net> Looks very useful. . . Thanks .ike. http://www.dalmatian.com/TrojanPortsfiles/nyheter9902.html George From dan Sun Mar 13 05:24:23 2005 From: dan (Dan Langille) Date: Sun, 13 Mar 2005 05:24:23 -0500 Subject: [nycbug-talk] trojan ports. . . In-Reply-To: <0076a3b080f255d826234346a5e99b9b@sddi.net> Message-ID: <4233CE87.15651.5E0E4932@localhost> On 12 Mar 2005 at 23:22, G. Rosamond wrote: > Looks very useful. . . > > Thanks .ike. > > http://www.dalmatian.com/TrojanPortsfiles/nyheter9902.html Note: last updated in 2001. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From mikel.king Sun Mar 13 08:01:22 2005 From: mikel.king (Mikel King) Date: Sun, 13 Mar 2005 08:01:22 -0500 Subject: [nycbug-talk] AIM's new licence is dangerious In-Reply-To: <20050312125031.G46312@neptune.atopia.net> References: <8c50a3c305031122265a74229c@mail.gmail.com> <68d616167108aa4adaa6dfa36f3cca24@redivi.com> <20050312125031.G46312@neptune.atopia.net> Message-ID: <423439A2.9010100@ocsny.com> Matt Juszczak wrote: > The part about "No right to privacy" definitely has me concerned. I'm > gonna switch to Jabber :) Anyone got a server? I had one setup for nycbug back when we were deliberating about irc channels and all that. Since no one used it I took it off line. If there so serious interest then I could relaunch. -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050313/1623a5df/attachment.html From dlavigne6 Sun Mar 13 08:27:09 2005 From: dlavigne6 (Dru) Date: Sun, 13 Mar 2005 08:27:09 -0500 (EST) Subject: [nycbug-talk] trojan ports. . . In-Reply-To: <4233CE87.15651.5E0E4932@localhost> References: <4233CE87.15651.5E0E4932@localhost> Message-ID: <20050313082350.W571@dru.domain.org> On Sun, 13 Mar 2005, Dan Langille wrote: > On 12 Mar 2005 at 23:22, G. Rosamond wrote: > >> Looks very useful. . . >> >> Thanks .ike. >> >> http://www.dalmatian.com/TrojanPortsfiles/nyheter9902.html > > Note: last updated in 2001. And this one is up-to-date (depending upon my schedule) and allows anyone to submit a new description: http://www.isecom.org/oprp Dru From spork Sun Mar 13 18:16:16 2005 From: spork (Charles Sprickman) Date: Sun, 13 Mar 2005 18:16:16 -0500 (EST) Subject: [nycbug-talk] FreeBSD 4.x and OS-X TCP problems (revisited) Message-ID: I posted this here a month or two ago and thought that I'd add this thread I started on freebsd-net: http://lists.freebsd.org/pipermail/freebsd-net/2005-March/006597.html Interesting stuff, and it was nice to see an OpenBSD developer chime in with some really great stuff. And if anyone has a good pointer for actually *understanding* what I've posted in my tcpdump packet captures, I'd be really happy. I get the dumb basics of tcp, but when it gets to window sizes and all that I'm totally lost. And if anyone here has an OS-X box and a FreeBSD 4.x box on the same 100Mb network, I'd love to see if you can see the same problem - just ftp a large file from os-x to fbsd and see if you get anything near line rate. Thanks, Charles From spork Sun Mar 13 18:22:00 2005 From: spork (Charles Sprickman) Date: Sun, 13 Mar 2005 18:22:00 -0500 (EST) Subject: [nycbug-talk] multi-boot madness Message-ID: Howdy, For a number of reasons I have two boxes that I want to install all current *BSDs on. So far I have been less than successful in finding/using a good boot-selector for this. I totally creamed something when I got to NetBSD. From what I gather GRUB is a decent choice, but then I run into my next problem... There appear to be evil floppy drive spirits that have rendered just about every floppy drive I own useless, so whatever I choose, it's all gotta be CD only (plus that's the future anyhow, right?). Any suggestions? From the little I can figure out about grub, it's hard to install it if you don't: -have a floppy drive -install linux I've been a BSD user and admin for a long time and I've been a complete "one os per machine" guy for all that time, so I'm really out of the loop on what's out there and have little understanding of the issues involved. Thanks, Charles From scottro Sun Mar 13 18:44:03 2005 From: scottro (Scott Robbins) Date: Sun, 13 Mar 2005 18:44:03 -0500 Subject: [nycbug-talk] multi-boot madness In-Reply-To: References: Message-ID: <20050313234403.GA11169@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Mar 13, 2005 at 06:22:00PM -0500, Charles Sprickman wrote: > Howdy, > > > -have a floppy drive > -install linux Things have improved. I haven't used it on FreeBSD for awhile, but grub is in the ports as well as NetBSD's packages. If you use Net's version check out my NetBSD page at http://home.nyc.rr.com/computertaijutsu/netbsd.html as it's a bit trickier there. There is also the GAG boot loader. I've used it, it can run from CD, and is also pretty easy to install. - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Joyce: Have we met? Spike: You hit me with an ax one time. Remember? Uh, 'Get the hell away from my daughter!' Joyce: Oh. So, do you, uh, live here in town? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCNNBD+lTVdes0Z9YRAmf6AJoDHeUzjnTnHMmgNyN/3MBktiIjDQCgpq7t ENxoh5sD9fK4kyPvKRTLqcc= =zrna -----END PGP SIGNATURE----- From lists Sun Mar 13 19:37:33 2005 From: lists (Francisco Reyes) Date: Sun, 13 Mar 2005 19:37:33 -0500 (EST) Subject: [nycbug-talk] multi-boot madness In-Reply-To: <20050313192508.H56045@zoraida.natserv.net> References: <20050313234403.GA11169@mail.scottro.net> <20050313192508.H56045@zoraida.natserv.net> Message-ID: <20050313193642.F56045@zoraida.natserv.net> >> There is also the GAG boot loader. I've used it, it can run from CD, >> and is also pretty easy to install. I found GAG very easy to use. Currently using it with Windows XP, Windows 2K and 2 different FreeBSDs. My first experience with a multi-boot environment in a long time. Last time I did it was back in the OS/2 days.. From george Sun Mar 13 21:08:03 2005 From: george (G. Rosamond) Date: Sun, 13 Mar 2005 21:08:03 -0500 Subject: [nycbug-talk] BSDCan Message-ID: <4ae79353c5980258340acc3b318c9857@sddi.net> It's high time to get on the BSDCan list at lists.nycbug.org. It's two months away, but registration is now open, and those interested should be looking at sorting out housing and transportation. The BSDCan list is the best place to start networking with others on these issues. George From okan Sun Mar 13 21:29:46 2005 From: okan (Okan Demirmen) Date: Sun, 13 Mar 2005 21:29:46 -0500 Subject: [nycbug-talk] multi-boot madness In-Reply-To: References: Message-ID: <20050314022946.GA69013@yinaska.pair.com> On Sun 2005.03.13 at 18:22 -0500, Charles Sprickman wrote: > Howdy, > > For a number of reasons I have two boxes that I want to install all > current *BSDs on. So far I have been less than successful in > finding/using a good boot-selector for this. I totally creamed something > when I got to NetBSD. From what I gather GRUB is a decent choice, but > then I run into my next problem... There appear to be evil floppy drive > spirits that have rendered just about every floppy drive I own useless, so > whatever I choose, it's all gotta be CD only (plus that's the future > anyhow, right?). > > Any suggestions? From the little I can figure out about grub, it's hard > to install it if you don't: > > -have a floppy drive > -install linux > > I've been a BSD user and admin for a long time and I've been a complete > "one os per machine" guy for all that time, so I'm really out of the loop > on what's out there and have little understanding of the issues involved. i use booteasy. "works for me" disclaimer ;) okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From tux Mon Mar 14 00:28:46 2005 From: tux (Kevin Reiter) Date: Mon, 14 Mar 2005 00:28:46 -0500 Subject: [nycbug-talk] multi-boot madness In-Reply-To: <20050314022946.GA69013@yinaska.pair.com> References: <20050314022946.GA69013@yinaska.pair.com> Message-ID: <4235210E.3030507@penguinnetwerx.net> gag works wonders. http://gag.sourceforge.net From george Mon Mar 14 00:33:49 2005 From: george (G. Rosamond) Date: Mon, 14 Mar 2005 00:33:49 -0500 Subject: [nycbug-talk] multi-boot madness In-Reply-To: <4235210E.3030507@penguinnetwerx.net> References: <20050314022946.GA69013@yinaska.pair.com> <4235210E.3030507@penguinnetwerx.net> Message-ID: <3f086e8d18f6a71a6aecdbd8917d92c7@sddi.net> On Mar 14, 2005, at 12:28 AM, Kevin Reiter wrote: > gag works wonders. > > http://gag.sourceforge.net > I'll try this next time, but from my past and limited experience with multiboots, I just installed FreeBSD last and stuck to that boot manager. I'm with Charles, in that one box per OS when possible. . . and the exception tends to be on a laptop. George From george Mon Mar 14 09:27:17 2005 From: george (George Georgalis) Date: Mon, 14 Mar 2005 09:27:17 -0500 Subject: [nycbug-talk] multi-boot madness In-Reply-To: <3f086e8d18f6a71a6aecdbd8917d92c7@sddi.net> References: <20050314022946.GA69013@yinaska.pair.com> <4235210E.3030507@penguinnetwerx.net> <3f086e8d18f6a71a6aecdbd8917d92c7@sddi.net> Message-ID: <20050314142717.GA30329@ixeon.local> On Mon, Mar 14, 2005 at 12:33:49AM -0500, G Rosamond wrote: > >On Mar 14, 2005, at 12:28 AM, Kevin Reiter wrote: > >>gag works wonders. >> >>http://gag.sourceforge.net >> > >I'll try this next time, but from my past and limited experience with >multiboots, I just installed FreeBSD last and stuck to that boot >manager. > >I'm with Charles, in that one box per OS when possible. . . and the >exception tends to be on a laptop. (for the benefit of the OP) if you multiboot with linux, be sure to install a bootloader 'in the first sector of the boot partition' bootblocks or gag will get you there from the mbr but without lilo or grub etc programmed to load the kernel, you're stuck. bootblocks or gag allow you to choose a slice to boot from, but linux normally installs the kernel loader in the mbr, if you get to your linux slice and there is no kernel loader there, it stops. have not fixed this recently, never mastered installing grub in boot partition first sector, but lilo is easy enough (eg specify hda4 vs hda) grub works well for loading the linux kernel, easy to configure easy to fix broken linux boots, but it's difficult for non typical tasks like imaging, the procedures and doc are confusing. I'd use it over lilo on the first sector of linux boot partitions, but stick with gag or bootblocks in your mbr(s), IMHO. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From steve Mon Mar 14 12:02:47 2005 From: steve (steverieger) Date: Mon, 14 Mar 2005 12:02:47 -0500 Subject: [nycbug-talk] Off Topic (Sun hardware) Message-ID: Are there any sun hardware folks here. If so I have a one time consulting job offer. Please let me know. From nomadlogic Mon Mar 14 15:00:05 2005 From: nomadlogic (pete wright) Date: Mon, 14 Mar 2005 12:00:05 -0800 Subject: [nycbug-talk] problems with email Message-ID: <57d7100005031412005b984349@mail.gmail.com> Hi all, So I guess it was a good thing I started researching DSL for my home last week. I think I completely fried my colocation server, which is in New York and I'm in LA. I'm now in the forced process of moving my email servers to my house and have a couple questions for the list. 1) I'm running a secondary MX server at my house, it is currently holding all of my domains email as "deferred" in it's postfix queue. My plan is to turn this into my Primary MX server soon. Any gotcha's I should look out for. My thinking is, make the changes in DNS, and once I see them here I'll flush the queue and hopefully my domains messages will get delivered back the local machine. Am I missing something here... (btw this will be done after I have my local IMAP mailboxen set up and running so the mail will have somewhere to be delivered to). 2) While I am in the process of dealing with broken email, I've done some research into using cyrus instead of courier as my imapd. Seems like it should address some of the performace issues I've noticed recently. I've not been able to find any info on google on migrating from Maildir/Courier to cyrus. Is this a job for fetchmail? -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From dlavigne6 Mon Mar 14 17:29:04 2005 From: dlavigne6 (Dru) Date: Mon, 14 Mar 2005 17:29:04 -0500 (EST) Subject: [nycbug-talk] serial remote access hardware recommendations Message-ID: <20050314172727.L553@dru.domain.org> Any recommendations for serial remote access hardware for a FreeBSD 5.2 box at a remote colo? They don't provide serial hardware and charge a service call when we can't get in over the network... Dru From nomadlogic Mon Mar 14 17:30:14 2005 From: nomadlogic (pete wright) Date: Mon, 14 Mar 2005 14:30:14 -0800 Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: <20050314172727.L553@dru.domain.org> References: <20050314172727.L553@dru.domain.org> Message-ID: <57d7100005031414302fa3c180@mail.gmail.com> On Mon, 14 Mar 2005 17:29:04 -0500 (EST), Dru wrote: > > Any recommendations for serial remote access hardware for a FreeBSD 5.2 > box at a remote colo? They don't provide serial hardware and charge a > service call when we can't get in over the network... > Hi Dru, There is a company that makes a pic card that you can put in a box and it allows you to ssh to the card then from there get a secure serial connection to the server. Here's the link: http://www.realweasel.com/intro.html I too would be interested in hearing any other options, other than having two boxes connected via serial cable... -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From dave-dated-1111445340.42c238 Mon Mar 14 17:49:20 2005 From: dave-dated-1111445340.42c238 (Dave Steinberg) Date: Mon, 14 Mar 2005 17:49:20 -0500 Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: <57d7100005031414302fa3c180@mail.gmail.com> References: <20050314172727.L553@dru.domain.org> <57d7100005031414302fa3c180@mail.gmail.com> Message-ID: <7ba866b693d9858b2a91711dfd2f7d6f@redterror.net> > There is a company that makes a pic card that you can put in a > box and it allows you to ssh to the card then from there get a secure > serial connection to the server. Here's the link: > > http://www.realweasel.com/intro.html > > I too would be interested in hearing any other options, other than > having two boxes connected via serial cable... There are a whole bunch of different options, largely based on what's available on eBay at a given moment: - Grab a multiport serial card and a small box (1U or maybe a soekris), and make yourself a little console server. I've got a cyclades 16-port setup that I'll be getting rid of soon if anyone's interested in purchasing it. Check your system's supported hardware docs and then do a bunch of googling or browsing on newegg. Run 'conserver' for fancy features. - I've had good success thus far with the small adapters from Lantronix like this series: http://www.lantronix.com/data-center-management/console-servers/scs100- scs200-scs400.html ... you can find them on eBay from time to time (I got an scs-200 for about $30 and its performed beautifully so far). - The baytech units on ebay often come with serial access. If you get one that has the 4 power plugs and 4 serial ports, you can not only access the console, but power cycle the unit in case of extreme failure. I've used a variety of these with great success. I think I have one of the Baytech DS-RPC-2 units if anyone's interested in that too. - Buy a full-fledged dedicated console server like one of the higher end lantronix models, or one from a competing company. I just got a unit from Perle off ebay, so I can't comment on it yet, but it supports the standard console-via-ssh stuff that you want, with about 100 different authentication methods that nobody will ever use (TACAS+?!). HTH, -- Dave Steinberg http://www.geekisp.com/ http://www.steinbergcomputing.com/ From alex Mon Mar 14 17:40:01 2005 From: alex (alex at pilosoft.com) Date: Mon, 14 Mar 2005 17:40:01 -0500 (EST) Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: <57d7100005031414302fa3c180@mail.gmail.com> Message-ID: On Mon, 14 Mar 2005, pete wright wrote: > On Mon, 14 Mar 2005 17:29:04 -0500 (EST), Dru > wrote: > > > > Any recommendations for serial remote access hardware for a FreeBSD > > 5.2 box at a remote colo? They don't provide serial hardware and > > charge a service call when we can't get in over the network... a) colo in a less retarded place, hint hint b) colo two servers, and connect serial from one into the other. This will only help if your server has proper serial support in BIOS (as in, you can control serial from BIOS) c) colocate a KVM-IP switch. Those things are proper. Not cheap, but proper. -alex From bruno Mon Mar 14 18:14:02 2005 From: bruno (bruno) Date: Mon, 14 Mar 2005 18:14:02 -0500 Subject: [nycbug-talk] problems with email In-Reply-To: <57d7100005031412005b984349@mail.gmail.com> References: <57d7100005031412005b984349@mail.gmail.com> Message-ID: <20050314231402.GK18486@loftmail.com> Hey Pete, On Mon, Mar 14, 2005 at 12:00:05PM -0800, pete wright wrote: > Hi all, > So I guess it was a good thing I started researching DSL for my > home last week. I think I completely fried my colocation server, > which is in New York and I'm in LA. I'm now in the forced process of > moving my email servers to my house and have a couple questions for > the list. > > 1) I'm running a secondary MX server at my house, it is currently > holding all of my domains email as "deferred" in it's postfix queue. > My plan is to turn this into my Primary MX server soon. Any gotcha's > I should look out for. My thinking is, make the changes in DNS, and > once I see them here I'll flush the queue and hopefully my domains > messages will get delivered back the local machine. Am I missing > something here... > (btw this will be done after I have my local IMAP mailboxen set up and > running so the mail will have somewhere to be delivered to). It might work.. If for some reason it won't, just create another box next to it on your home LAN and set up internal DNS to deliver there. As long as it finds the name, it should flush the queue. Just remember it will keep the mail in queue for around 4 days, or whatever time it is configured for. > > 2) While I am in the process of dealing with broken email, I've done > some research into using cyrus instead of courier as my imapd. Seems > like it should address some of the performace issues I've noticed > recently. I've not been able to find any info on google on migrating > from Maildir/Courier to cyrus. Is this a job for fetchmail? There is a program called mailutil, part of imap-uw that can at least take mbox and push it to cyrus, I'm not sure about Courier but in case it helps.. Bruno -- http://www.loftmail.com From spork Mon Mar 14 18:15:16 2005 From: spork (Charles Sprickman) Date: Mon, 14 Mar 2005 18:15:16 -0500 (EST) Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: <57d7100005031414302fa3c180@mail.gmail.com> References: <20050314172727.L553@dru.domain.org> <57d7100005031414302fa3c180@mail.gmail.com> Message-ID: On Mon, 14 Mar 2005, pete wright wrote: > On Mon, 14 Mar 2005 17:29:04 -0500 (EST), Dru wrote: >> >> Any recommendations for serial remote access hardware for a FreeBSD 5.2 >> box at a remote colo? They don't provide serial hardware and charge a >> service call when we can't get in over the network... >> > > > Hi Dru, > There is a company that makes a pic card that you can put in a > box and it allows you to ssh to the card then from there get a secure > serial connection to the server. Here's the link: > > http://www.realweasel.com/intro.html > > I too would be interested in hearing any other options, other than > having two boxes connected via serial cable... Digi has a few tiny terminal servers that support SSH: http://www.digi.com/products/externaldeviceservers/portserverts1mei.jsp That's a 1-port model, there's also 2 and 4 port models that are very small. Charles > -p > > > -- > ~~o0OO0o~~ > Pete Wright > www.nycbug.org > NYC's *BSD User Group > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From steve Mon Mar 14 18:16:16 2005 From: steve (steverieger) Date: Mon, 14 Mar 2005 18:16:16 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans Message-ID: Is this possible (fbsd 5.3) to have two ip's on two vlans, ie 192.168.0.19 and 10.20.2.19 From george Mon Mar 14 18:26:12 2005 From: george (G. Rosamond) Date: Mon, 14 Mar 2005 18:26:12 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans In-Reply-To: References: Message-ID: <52177e8001f28cc417e60b6739c6aea8@sddi.net> On Mar 14, 2005, at 6:16 PM, steverieger wrote: > Is this possible (fbsd 5.3) to have two ip's on two vlans, ie > 192.168.0.19 > and 10.20.2.19 > Two nic cards, two ips, vlan or not? yes. One nic card, two ips? yes. ifconfig__alias0=" " If I didn't answer your question, be a bit clearer. . . the subject line looks like it may be a different question than the body. g From EInker Mon Mar 14 18:43:11 2005 From: EInker (Inker, Evan) Date: Mon, 14 Mar 2005 23:43:11 -0000 Subject: [nycbug-talk] FreeBSD 5.21 Live CD (Frenzy v. 0.3) Message-ID: <386AEEE1B7BAC34CB4DDF394C2349278D6EC1F@w2cs-nyk02.gam.com> Not sure anyone has heard but a new Live CD of FreeBSD 5.21 is out. Click on Link to learn more..... http://frenzy.org.ua/eng/ Regards, Evan M. Inker **************************************************************************** This message contains confidential information and is intended only for the individual or entity named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as an invitation or offer to buy or sell any securities or related financial instruments. GAM operates in many jurisdictions and is regulated or licensed in those jurisdictions as required. **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050314/caac1dc9/attachment.html From okan Mon Mar 14 18:59:50 2005 From: okan (Okan Demirmen) Date: Mon, 14 Mar 2005 18:59:50 -0500 Subject: [nycbug-talk] problems with email In-Reply-To: <57d7100005031412005b984349@mail.gmail.com> References: <57d7100005031412005b984349@mail.gmail.com> Message-ID: <20050314235950.GA73396@yinaska.pair.com> On Mon 2005.03.14 at 12:00 -0800, pete wright wrote: > 2) While I am in the process of dealing with broken email, I've done > some research into using cyrus instead of courier as my imapd. Seems > like it should address some of the performace issues I've noticed > recently. I've not been able to find any info on google on migrating > from Maildir/Courier to cyrus. Is this a job for fetchmail? while this may not be an answer you are looking for, have you ever considered dovecot for imap? okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From jonathan Mon Mar 14 19:13:44 2005 From: jonathan (Jonathan) Date: Mon, 14 Mar 2005 19:13:44 -0500 Subject: [nycbug-talk] problems with email In-Reply-To: <20050314235950.GA73396@yinaska.pair.com> References: <57d7100005031412005b984349@mail.gmail.com> <20050314235950.GA73396@yinaska.pair.com> Message-ID: <423628B8.1080103@kc8onw.net> Okan Demirmen wrote: > On Mon 2005.03.14 at 12:00 -0800, pete wright wrote: > >>2) While I am in the process of dealing with broken email, I've done >>some research into using cyrus instead of courier as my imapd. Seems >>like it should address some of the performace issues I've noticed >>recently. I've not been able to find any info on google on migrating >>from Maildir/Courier to cyrus. Is this a job for fetchmail? > > > while this may not be an answer you are looking for, have you ever > considered dovecot for imap? > > okan > Does it handle huge email folders better than Courier (11,000+ messages)? If I have to check my mail through webmail it can take 2+ minutes just to open the folder :P Jonathan From nomadlogic Mon Mar 14 20:21:48 2005 From: nomadlogic (pete wright) Date: Mon, 14 Mar 2005 17:21:48 -0800 Subject: [nycbug-talk] problems with email In-Reply-To: <423628B8.1080103@kc8onw.net> References: <57d7100005031412005b984349@mail.gmail.com> <20050314235950.GA73396@yinaska.pair.com> <423628B8.1080103@kc8onw.net> Message-ID: <57d71000050314172164ad109b@mail.gmail.com> On Mon, 14 Mar 2005 19:13:44 -0500, Jonathan wrote: > Okan Demirmen wrote: > > On Mon 2005.03.14 at 12:00 -0800, pete wright wrote: > > > >>2) While I am in the process of dealing with broken email, I've done > >>some research into using cyrus instead of courier as my imapd. Seems > >>like it should address some of the performace issues I've noticed > >>recently. I've not been able to find any info on google on migrating > >>from Maildir/Courier to cyrus. Is this a job for fetchmail? > > > > > > while this may not be an answer you are looking for, have you ever > > considered dovecot for imap? > > > > okan > > > Does it handle huge email folders better than Courier (11,000+ > messages)? If I have to check my mail through webmail it can take 2+ > minutes just to open the folder :P > Actually this is the reason i'm moving off courier, and going to cyrus. I found this link interesting: http://www.usenix.org/events/lisa03/tech/full_papers/elprin/elprin_html/ for an update, I've got my primary MX record pointed to my internal server. I was also able to flush the cache, and have the mail get delivered locally (just by modifiying Postfix's main.cf to accept mail intended for mail.nomadlogic.org which was the server it was backing up.) For now i'm going to continue to use courier until things stable out. Then i'll contemplate moving to cyrus. -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From gladiator.wei Mon Mar 14 20:52:49 2005 From: gladiator.wei (Wei Liu) Date: Mon, 14 Mar 2005 20:52:49 -0500 Subject: [nycbug-talk] A problem of the nautilus-cd-burner in FreeBSD R5.3 Message-ID: <597e8855050314175224b89ee4@mail.gmail.com> Hello, I was experiencing a weird probelm with my FreeBSDR5.3 when I was trying to burn a CD using the nautilus-cd-burner. Here is the description of my operation: 1) Drag the files to burn:/// window, and then click "Write to CD", with the write speed being "Maximum Possible", Target to write being "ATAPI CD-RW 40/12/48X 100C 100C". 2) Click "Write files to CD", and a popup window appears saying "Writing to CD. Please wait. (Creating CD image)". Here I can see the progess bar is moving, and seems everything are OK 3) A few seconds later, progess bar disappears, nothing happens to CD burner, and nautilus-cd-burner left no respond. Using "dmesg", I got the following message: "pid 2505 (mkisofs), uid 1001 inumber 535 on /var: filesystem full" I found there is a big file named "image.iso.eh25zd" under /var/tmp directory. After I forced quit the dead nautilus-cd-burner, this file disappears. I tried to write my files to an ISO file first, and then burn it to CD using nautilus-cd-burner, everthing worked out smoothly. I have been using the FreeBSD4.10, and never encountered this problem. What can I do to solve this problem? Thanks for your help. Wei From george Mon Mar 14 21:07:53 2005 From: george (G. Rosamond) Date: Mon, 14 Mar 2005 21:07:53 -0500 Subject: [nycbug-talk] MW is modest. . . Message-ID: The tshirts are online. . . http://www.nycbug.org/index.php?NAV=Store From nomadlogic Mon Mar 14 20:31:37 2005 From: nomadlogic (pete wright) Date: Mon, 14 Mar 2005 17:31:37 -0800 Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: References: <20050314172727.L553@dru.domain.org> <57d7100005031414302fa3c180@mail.gmail.com> Message-ID: <57d71000050314173147586ca6@mail.gmail.com> On Mon, 14 Mar 2005 18:15:16 -0500 (EST), Charles Sprickman wrote: > On Mon, 14 Mar 2005, pete wright wrote: > > > On Mon, 14 Mar 2005 17:29:04 -0500 (EST), Dru wrote: > >> > >> Any recommendations for serial remote access hardware for a FreeBSD 5.2 > >> box at a remote colo? They don't provide serial hardware and charge a > >> service call when we can't get in over the network... > >> > > > > > > Hi Dru, > > There is a company that makes a pic card that you can put in a > > box and it allows you to ssh to the card then from there get a secure > > serial connection to the server. Here's the link: > > > > http://www.realweasel.com/intro.html > > > > I too would be interested in hearing any other options, other than > > having two boxes connected via serial cable... > > Digi has a few tiny terminal servers that support SSH: > > http://www.digi.com/products/externaldeviceservers/portserverts1mei.jsp > > That's a 1-port model, there's also 2 and 4 port models that are very > small. > That's pretty awesome...I'm bookmarking this thing right now :) -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From steve.rieger Mon Mar 14 22:17:32 2005 From: steve.rieger (Steve Rieger) Date: Mon, 14 Mar 2005 22:17:32 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans Message-ID: <1110856652.904f5be0steve.rieger@tbwachiat.com> i meant, i have a box with two nic's, can i put i know that i can put sepereate ips one for each card, but my question is. can i make it that these two i[p's are on different vlans. ie nic1 - 192.168.1.19 nic2 - 10.20.2.19 they have different gw's (of course) if so how do i go about doing this. i have them assigned but the default route is different for each ip. hence my question sorry, am a mn of not too many words. -----Original Message----- From: "G. Rosamond" To: steverieger Date: Mon, 14 Mar 2005 18:26:12 -0500 Subject: Re: [nycbug-talk] Two nic cards, separate vlans On Mar 14, 2005, at 6:16 PM, steverieger wrote: > Is this possible (fbsd 5.3) to have two ip's on two vlans, ie > 192.168.0.19 > and 10.20.2.19 > Two nic cards, two ips, vlan or not? yes. One nic card, two ips? yes. ifconfig__alias0=" " If I didn't answer your question, be a bit clearer. . . the subject line looks like it may be a different question than the body. g _______________________________________________ % NYC*BUG talk mailing list http://lists.nycbug.org/mailman/listinfo/talk %Be sure to check out our Jobs and NYCBUG-announce lists %We meet the first Wednesday of the month From okan Mon Mar 14 22:47:29 2005 From: okan (Okan Demirmen) Date: Mon, 14 Mar 2005 22:47:29 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans In-Reply-To: <1110856652.904f5be0steve.rieger@tbwachiat.com> References: <1110856652.904f5be0steve.rieger@tbwachiat.com> Message-ID: <20050315034729.GA19109@yinaska.pair.com> On Mon 2005.03.14 at 22:17 -0500, Steve Rieger wrote: > i meant, > i have a box with two nic's, can i put i know that i can put sepereate ips one for each card, but my question is. can i make it that these two i[p's are on different vlans. ie > > nic1 - 192.168.1.19 > nic2 - 10.20.2.19 > > > they have different gw's (of course) > > > if so how do i go about doing this. i have them assigned but the default route is different for each ip. hence my question maybe you can explain what you are trying to accomplish in the end. as for assigning different 2 IP's, in different subnets (as you have above), to 2 different interfaces, sure. as for different vlans, yes. for simplicity, think of a broadcast domain (subnet) and a vlan as the same thing. you can do many other things, but i think this is what you mean. now that you have 2 networks on 2 interfaces, this is where my question comes into play. which interface is for what? you can't have multiple default gateways (or any routes) unless you are thinking about per packet load balancing. i deleted your first post so i don't know what OS you are running, but multipathing isn't supported everywhere. now, you can have different weights on the routes, but then again my first question: what is the end goal? there are of course tons more options and things one *can* do, but we need some more info ;) cheers, okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From dgonzo Tue Mar 15 07:38:05 2005 From: dgonzo (Daniel Gonzalez) Date: Tue, 15 Mar 2005 07:38:05 -0500 Subject: [nycbug-talk] A problem of the nautilus-cd-burner in FreeBSD R5.3 In-Reply-To: <597e8855050314175224b89ee4@mail.gmail.com> References: <597e8855050314175224b89ee4@mail.gmail.com> Message-ID: <4236D72D.60803@optonline.net> I'm using 5.3-RELEASE also but I can't duplicate the trouble. I did notice that I used the default/auto partitioning scheme during the installation and /var is only allotted 250M. How large will the files be that you're trying to burn?. I don't know if I explained that clearly but here's what I get from df -m dgonzo@~: cat /etc/fstab # Device Mountpoint FStype Options Dump Pass# /dev/ad1s1b none swap sw 0 0 /dev/ad1s1a / ufs rw 1 1 /dev/ad1s1e /tmp ufs rw 2 2 /dev/ad1s1f /usr ufs rw 2 2 /dev/ad1s1d /var ufs rw 2 2 /dev/acd0 /cdrom cd9660 ro,noauto 0 0 dgonzo@~: df -m Filesystem 1M-blocks Used Avail Capacity Mounted on /dev/ad1s1a 247 56 171 25% / devfs 0 0 0 100% /dev /dev/ad1s1e 247 0 227 0% /tmp /dev/ad1s1f 6248 4129 1618 72% /usr */dev/ad1s1d 247 29 198 13% /var* dgonzo@~: Hope that helps. I'm relatively new to BSD (former Slackware user). For what it's worth, I've always had better luck using K3B. I don't know what your desktops requirements are, but it seems more intuitive to me. Regards Dan Gonzalez 5ESS Maintenance Engineer Cablevision Lightpath Wei Liu wrote: >Hello, > >I was experiencing a weird probelm with my FreeBSDR5.3 when I was trying >to burn a CD using the nautilus-cd-burner. Here is the description of my >operation: > >1) Drag the files to burn:/// window, and then click "Write to CD", with >the write speed being "Maximum Possible", Target to write being "ATAPI >CD-RW 40/12/48X 100C 100C". >2) Click "Write files to CD", and a popup window appears saying "Writing >to CD. Please wait. (Creating CD image)". Here I can see the progess bar >is moving, and seems everything are OK >3) A few seconds later, progess bar disappears, nothing happens to CD >burner, and nautilus-cd-burner left no respond. > >Using "dmesg", I got the following message: >"pid 2505 (mkisofs), uid 1001 inumber 535 on /var: filesystem full" > >I found there is a big file named "image.iso.eh25zd" under /var/tmp >directory. After I forced quit the dead nautilus-cd-burner, this file >disappears. > >I tried to write my files to an ISO file first, and then burn it to CD >using nautilus-cd-burner, everthing worked out smoothly. > >I have been using the FreeBSD4.10, and never encountered this problem. >What can I do to solve this problem? Thanks for your help. > >Wei >_______________________________________________ >% NYC*BUG talk mailing list >http://lists.nycbug.org/mailman/listinfo/talk >%Be sure to check out our Jobs and NYCBUG-announce lists >%We meet the first Wednesday of the month > > > From jschauma Tue Mar 15 09:13:49 2005 From: jschauma (Jan Schaumann) Date: Tue, 15 Mar 2005 09:13:49 -0500 Subject: [nycbug-talk] serial remote access hardware recommendations In-Reply-To: <20050314172727.L553@dru.domain.org> References: <20050314172727.L553@dru.domain.org> Message-ID: <20050315141349.GB10688@netmeister.org> Dru wrote: > > Any recommendations for serial remote access hardware for a FreeBSD 5.2 > box at a remote colo? They don't provide serial hardware and charge a > service call when we can't get in over the network... Probably overkill for just one box, but I've been using one of these Cyclades serial console appliances for a while to connect to all of my serial ports and have so far managed to populate 44 of the 48 ports. http://www.cyclades.com/products/2/ts_series Of course the problem with such a device is that it's running the Modified Linux Flavor of the Month(tm) and you can hardly do anything about the security holes, but so far it's been working just fine. The only thing that really irks me about these things is that they're so overprices. If you're on a budget, then you can actually knit your own by using a whole bunch of these USB-serial adapters (I think Belkin makes them)... -Jan -- My other computer also runs NetBSD! http://www.netbsd.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050315/a477acc0/attachment.bin From lists Tue Mar 15 09:22:30 2005 From: lists (michael) Date: Tue, 15 Mar 2005 09:22:30 -0500 Subject: [nycbug-talk] problems with email In-Reply-To: <57d71000050314172164ad109b@mail.gmail.com> References: <57d7100005031412005b984349@mail.gmail.com> <20050314235950.GA73396@yinaska.pair.com> <423628B8.1080103@kc8onw.net> <57d71000050314172164ad109b@mail.gmail.com> Message-ID: <20050315092230.483b270a@delinux.abwatley.com> On Mon, 14 Mar 2005 17:21:48 -0800 pete wright wrote: > Actually this is the reason i'm moving off courier, and going to > cyrus. I found this link interesting: > > http://www.usenix.org/events/lisa03/tech/full_papers/elprin/elprin_html/ > Good article, Pete. They lay out a pretty convincing argument for using Cyrus with BerkeleyDB. I will admit though, I have never really felt a noticable problem with my Courier services. But, I tend to sort my mail and leave no need for 11000+ messages in the INBOX, so it is not a fair comparison. I DO have some VERY large archive folders, but I tell my user agent not to check that folder everytime I check for new messages. Like most things, it runs great with a little planning. One small thing I like about maildir is the ease of use outside of a user agent. They are just files in a folder structure and this is a very familiar model to me. I can back up, move around, count, get sizes, search, and such to my hearts content. Also, they are just text files; I can cat|grep them easily if need be. just my 2 cents, Michael -- --- From paul Tue Mar 15 09:44:39 2005 From: paul (Paul Dlug) Date: Tue, 15 Mar 2005 09:44:39 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP Message-ID: <5649a42b2d2425e38907052232be0d8e@aps.org> I'm wondering if anyone has a solution to this, I've been searching on and off for a while and can't seem to find anything.. The problem I have is that I have a host open to the outside for SSH used by various remote employees and people working from home. This same host has a number of accounts that users SSH into from their desktops. Some of these accounts are shared between users (yes this is bad!) so they have insecure passwords. I would like to restrict the range of IP's that a specific account can connect from. I can't seem to find a way to do this, PAM seems to only give me a way to authorize a user to use SSH as a whole service, not by the IP address. Thanks, Paul From rick Tue Mar 15 10:12:04 2005 From: rick (Rick Aliwalas) Date: Tue, 15 Mar 2005 10:12:04 -0500 (EST) Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <5649a42b2d2425e38907052232be0d8e@aps.org> References: <5649a42b2d2425e38907052232be0d8e@aps.org> Message-ID: On Tue, 15 Mar 2005, Paul Dlug wrote: > The problem I have is that I have a host open to the outside for SSH used by > various remote employees and people working from home. This same host has a > number of accounts that users SSH into from their desktops. Some of these > accounts are shared between users (yes this is bad!) so they have insecure > passwords. > > I would like to restrict the range of IP's that a specific account can > connect from. I can't seem to find a way to do this, PAM seems to only give > me a way to authorize a user to use SSH as a whole service, not by the IP > address. If you're using ssh keys, you can pre-pend the pub keys w/ something like: "from=IP,IP,..." or from="*.foo.com,192.168.*,test.bar.com" If you're using OpenBSD, you could use authpf. -rick From mspitzer Tue Mar 15 10:37:43 2005 From: mspitzer (Marc Spitzer) Date: Tue, 15 Mar 2005 10:37:43 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <5649a42b2d2425e38907052232be0d8e@aps.org> References: <5649a42b2d2425e38907052232be0d8e@aps.org> Message-ID: <8c50a3c3050315073741530167@mail.gmail.com> On Tue, 15 Mar 2005 09:44:39 -0500, Paul Dlug wrote: > I'm wondering if anyone has a solution to this, I've been searching on > and off for a while and can't seem to find anything.. > > The problem I have is that I have a host open to the outside for SSH > used by various remote employees and people working from home. This > same host has a number of accounts that users SSH into from their > desktops. Some of these accounts are shared between users (yes this is > bad!) so they have insecure passwords. > > I would like to restrict the range of IP's that a specific account can > connect from. I can't seem to find a way to do this, PAM seems to only > give me a way to authorize a user to use SSH as a whole service, not by > the IP address. IPF, IPFW and PF come to mind. marc > > Thanks, > Paul > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From steve Tue Mar 15 10:50:04 2005 From: steve (steverieger) Date: Tue, 15 Mar 2005 10:50:04 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans In-Reply-To: <20050315034729.GA19109@yinaska.pair.com> Message-ID: On 3/14/05 10:47 PM, "Okan Demirmen" wrote: > On Mon 2005.03.14 at 22:17 -0500, Steve Rieger wrote: >> i meant, >> i have a box with two nic's, can i put i know that i can put sepereate ips >> one for each card, but my question is. can i make it that these two i[p's are >> on different vlans. ie >> >> nic1 - 192.168.1.19 >> nic2 - 10.20.2.19 >> >> >> they have different gw's (of course) > maybe you can explain what you are trying to accomplish in the end. > > as for assigning different 2 IP's, in different subnets (as you > have above), to 2 different interfaces, sure. as for different > vlans, yes. for simplicity, think of a broadcast domain (subnet) > and a vlan as the same thing. you can do many other things, but i > think this is what you mean. > > now that you have 2 networks on 2 interfaces, this is where my > question comes into play. which interface is for what? you can't > have multiple default gateways (or any routes) unless you are > thinking about per packet load balancing. i deleted your first post > so i don't know what OS you are running, but multipathing isn't > supported everywhere. now, you can have different weights on the > routes, but then again my first question: what is the end goal? > there are of course tons more options and things one *can* do, but > we need some more info ;) > > cheers, > okan On the primary ip (192.168.1.19) apache. Mysql, and ssh listen. The second ip addy is just so that this server can talk to that subnet. The 192 network does not have any access to the 10 network, but I would like to have this server poll various hardware in the 10 network via snmp, that's all So if I were to ping a host on the 10 network it will go out via the 10 nic card, and if I were to ping a host on the 192 network it goes out on the 192 nic. Hope I am making myself clear here. From paul Tue Mar 15 11:14:40 2005 From: paul (Paul Dlug) Date: Tue, 15 Mar 2005 11:14:40 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <8c50a3c3050315073741530167@mail.gmail.com> References: <5649a42b2d2425e38907052232be0d8e@aps.org> <8c50a3c3050315073741530167@mail.gmail.com> Message-ID: <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> On Mar 15, 2005, at 10:37 AM, Marc Spitzer wrote: > IPF, IPFW and PF come to mind. Yes but how, the firewall doesn't have knowledge of the user. Regarding the other comment I can see how to do this with SSH keys, unfortunately I need to use passwords for these user accounts. I need something that looks as close as possible to "plain ssh with passwords" so authpf or another pre-authentication method would be out of the picture. Thanks, Paul From okan Tue Mar 15 11:28:48 2005 From: okan (Okan Demirmen) Date: Tue, 15 Mar 2005 11:28:48 -0500 Subject: [nycbug-talk] Two nic cards, separate vlans In-Reply-To: References: <20050315034729.GA19109@yinaska.pair.com> Message-ID: <20050315162848.GA90234@yinaska.pair.com> On Tue 2005.03.15 at 10:50 -0500, steverieger wrote: > > On 3/14/05 10:47 PM, "Okan Demirmen" wrote: > > > On Mon 2005.03.14 at 22:17 -0500, Steve Rieger wrote: > >> i meant, > >> i have a box with two nic's, can i put i know that i can put sepereate ips > >> one for each card, but my question is. can i make it that these two i[p's are > >> on different vlans. ie > >> > >> nic1 - 192.168.1.19 > >> nic2 - 10.20.2.19 > >> > On the primary ip (192.168.1.19) apache. Mysql, and ssh listen. The second > ip addy is just so that this server can talk to that subnet. The 192 network > does not have any access to the 10 network, but I would like to have this > server poll various hardware in the 10 network via snmp, that's all > > So if I were to ping a host on the 10 network it will go out via the 10 nic > card, and if I were to ping a host on the 192 network it goes out on the 192 > nic. > > > Hope I am making myself clear here. yup. so you are close. assign ip's as you have them, then just add your default route, which is somewhere in the 192.168.1/24 block. everything is already taken care of - connections to your 10.20.2/24 would go out that the 10.20.2.19 interface, everything else is out the 192.168.1.19 interface. if you are curious, netstat -rnfinet or route get x.x.x.x to see what the routing table will do. cheers, okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From nomadlogic Tue Mar 15 14:14:10 2005 From: nomadlogic (pete wright) Date: Tue, 15 Mar 2005 11:14:10 -0800 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> References: <5649a42b2d2425e38907052232be0d8e@aps.org> <8c50a3c3050315073741530167@mail.gmail.com> <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> Message-ID: <57d7100005031511147592d8af@mail.gmail.com> > > Yes but how, the firewall doesn't have knowledge of the user. Regarding > the other comment I can see how to do this with SSH keys, unfortunately > I need to use passwords for these user accounts. I need something that > looks as close as possible to "plain ssh with passwords" so authpf or > another pre-authentication method would be out of the picture. > > just because you are using key's doesn't mean that you don't have to use a password. In fact it would probably be better to paasword protect your key's. Unless I'm missing something.... -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From nomadlogic Tue Mar 15 15:22:34 2005 From: nomadlogic (pete wright) Date: Tue, 15 Mar 2005 12:22:34 -0800 Subject: [nycbug-talk] SDF Message-ID: <57d7100005031512224a48ca9@mail.gmail.com> So, due to my recent computer woes I've had to get rid of my offsite server. Yet I'd still like to have a remote shell account somewhere. I've often used M-Net (m-net.arbornet.org) as a backup free shell account but have found this system to be very strained and a bit chaotic. I've also recently (in the past year or so) come to know of SDF (www.freeshell.org). After having some serious problems using M-Net I made the switch over to SDF and gotta say they have a great system. It's all Alpha-NetBSD based and because they have been in existence for so long the system feels very mature. The setup scripts are execellent, and despite the heavy load on the boxen it still seems quite responsive. If you have not done so yet, I'd check them out. I opted to pay a one time fee of $36 which gives me web hosting privs, full ssh access, email and DynDNS capabilites. They also have BBS archives and a pretty great gopher system running to (ahh gopher I hardly knew yee). As time goes on I can pay a little more and get DNS hosting and MySQL access (I think $10 or so). For what they offer, and the cost, I don't think of the $36 as a fee, but more of a donation to a great service. In any event, I'm quite stoked and think folks should check it out. IMO this is probably the best public access Unix system I've ever logged onto (including my various University accounts). -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From tillman Tue Mar 15 15:34:18 2005 From: tillman (Tillman Hodgson) Date: Tue, 15 Mar 2005 14:34:18 -0600 Subject: [nycbug-talk] SDF In-Reply-To: <57d7100005031512224a48ca9@mail.gmail.com> References: <57d7100005031512224a48ca9@mail.gmail.com> Message-ID: <20050315203418.GK44161@seekingfire.com> On Tue, Mar 15, 2005 at 12:22:34PM -0800, pete wright wrote: > It's all Alpha-NetBSD based and because they have been in existence > for so long the system feels very mature. The setup scripts are > execellent, and despite the heavy load on the boxen it still seems > quite responsive. If you have not done so yet, I'd check them out. I > opted to pay a one time fee of $36 which gives me web hosting privs, > full ssh access, email and DynDNS capabilites. They also have BBS > archives and a pretty great gopher system running to (ahh gopher I > hardly knew yee). As time goes on I can pay a little more and get DNS > hosting and MySQL access (I think $10 or so). For what they offer, > and the cost, I don't think of the $36 as a fee, but more of a > donation to a great service. > In any event, I'm quite stoked and think folks should check it out. > IMO this is probably the best public access Unix system I've ever > logged onto (including my various University accounts). I'll second that -- they run a public shell server like it ought to be run. ARPA membership is _cheap_ for what you get. -T, aka tillman at sdf.lonestar.org -- In the beginner's mind there are many possibilities. In the expert's mind there are few. - Suzuki-roshi From paul Tue Mar 15 16:17:30 2005 From: paul (Paul Dlug) Date: Tue, 15 Mar 2005 16:17:30 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <57d7100005031511147592d8af@mail.gmail.com> References: <5649a42b2d2425e38907052232be0d8e@aps.org> <8c50a3c3050315073741530167@mail.gmail.com> <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> <57d7100005031511147592d8af@mail.gmail.com> Message-ID: <28a463e5ee6de5f1e4ab90b0ee2c0e07@aps.org> On Mar 15, 2005, at 2:14 PM, pete wright wrote: > just because you are using key's doesn't mean that you don't have to > use a password. In fact it would probably be better to paasword > protect your key's. Unless I'm missing something.... Yes the keys are protected by passphrase but by "password" I mean plain unix password authentication, not authentication with SSH keys. As far as I know you can't apply the IP access restrictions to the password authentication scheme, only the keys authentication. --Paul From nomadlogic Tue Mar 15 16:24:32 2005 From: nomadlogic (pete wright) Date: Tue, 15 Mar 2005 13:24:32 -0800 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <28a463e5ee6de5f1e4ab90b0ee2c0e07@aps.org> References: <5649a42b2d2425e38907052232be0d8e@aps.org> <8c50a3c3050315073741530167@mail.gmail.com> <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> <57d7100005031511147592d8af@mail.gmail.com> <28a463e5ee6de5f1e4ab90b0ee2c0e07@aps.org> Message-ID: <57d710000503151324399fa591@mail.gmail.com> On Tue, 15 Mar 2005 16:17:30 -0500, Paul Dlug wrote: > > On Mar 15, 2005, at 2:14 PM, pete wright wrote: > > > just because you are using key's doesn't mean that you don't have to > > use a password. In fact it would probably be better to paasword > > protect your key's. Unless I'm missing something.... > > Yes the keys are protected by passphrase but by "password" I mean plain > unix password authentication, not authentication with SSH keys. As far > as I know you can't apply the IP access restrictions to the password > authentication scheme, only the keys authentication. > hmmm...i see what you mean. I was under the assumtion that sshd would pass on the auth. to what ever Unix authentication method you are using (PAM, Kerberos or what ever). At least that is how it behaves on my systems (and I believe that by default PAM is enabled in OpenSSH), not sure how you have things setup though. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From steve Tue Mar 15 16:57:23 2005 From: steve (steverieger) Date: Tue, 15 Mar 2005 16:57:23 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <57d710000503151324399fa591@mail.gmail.com> Message-ID: On 3/15/05 4:24 PM, "pete wright" wrote: > On Tue, 15 Mar 2005 16:17:30 -0500, Paul Dlug wrote: >> >> On Mar 15, 2005, at 2:14 PM, pete wright wrote: > > > hmmm...i see what you mean. I was under the assumtion that sshd would > pass on the auth. to what ever Unix authentication method you are > using (PAM, Kerberos or what ever). At least that is how it behaves > on my systems (and I believe that by default PAM is enabled in > OpenSSH), not sure how you have things setup though. > > -p > May I propose the following Use ldap for ssh authentication and only allow ssh to listen to one ip address. Or perhaps I am missing something here. From okan Tue Mar 15 17:11:38 2005 From: okan (Okan Demirmen) Date: Tue, 15 Mar 2005 17:11:38 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> References: <5649a42b2d2425e38907052232be0d8e@aps.org> <8c50a3c3050315073741530167@mail.gmail.com> <472b1d2aa050ad09da9d1c77e2deefe2@aps.org> Message-ID: <20050315221138.GB85754@yinaska.pair.com> paul, sorry i've deleted the orignal post, but if i get the jist of what you are looking for....as you've heard, doing this with ssh keys is easy, however, there are some other ways - setup 2 sshd processes, and bind one to another port, or maybe another aliased ip. then use the Alow{Users,Groups} option in each respective sshd_config. or you could just write a shell script that is the shell for the internal users, which checks source ip then exec()'s a real shell. i'm sure there are other ideas and ways... $.02 okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From jesse Tue Mar 15 17:35:14 2005 From: jesse (Jesse Callaway) Date: Tue, 15 Mar 2005 17:35:14 -0500 Subject: [nycbug-talk] Restricting OpenSSH by account/IP In-Reply-To: References: <57d710000503151324399fa591@mail.gmail.com> Message-ID: <20050315223514.GB80741@mail.theholymountain.com> On Tue, Mar 15, 2005 at 04:57:23PM -0500, steverieger wrote: > > > > On 3/15/05 4:24 PM, "pete wright" wrote: > > > On Tue, 15 Mar 2005 16:17:30 -0500, Paul Dlug wrote: > >> > >> On Mar 15, 2005, at 2:14 PM, pete wright wrote: > > > > > > hmmm...i see what you mean. I was under the assumtion that sshd would > > pass on the auth. to what ever Unix authentication method you are > > using (PAM, Kerberos or what ever). At least that is how it behaves > > on my systems (and I believe that by default PAM is enabled in > > OpenSSH), not sure how you have things setup though. > > > > -p > > > May I propose the following > > > Use ldap for ssh authentication and only allow ssh to listen to one ip > address. > > > Or perhaps I am missing something here. > I think you have to step down to ssh version 1, and use the RSAandRhosts deal. This means putting the right IP's in the user's .rhosts file. or, yeah, the firewall thing sounds good. SSH only for OutSideSSHIPs, which is defined to be this and that IP. You could then even have a little form on your intranet for keeping track of the IPs. whatismyipaddress.com has popups, but gets the trick done if you want to tell people to go there and email you. -jesse From mspitzer Tue Mar 15 17:45:40 2005 From: mspitzer (Marc Spitzer) Date: Tue, 15 Mar 2005 17:45:40 -0500 Subject: [nycbug-talk] Free Solaris 10 exams Message-ID: <8c50a3c305031514455e1d168c@mail.gmail.com> The tests count so if you pass you are certified: http://www.sun.com/training/certification/solaris/beta.html From o_sleep Wed Mar 16 06:39:13 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 16 Mar 2005 06:39:13 -0500 Subject: [nycbug-talk] Fwd: weird verizon problem In-Reply-To: <20041217195025.GC22883@sta> References: <20041217195025.GC22883@sta> Message-ID: <161a2aec66fb727843b7177316120f2e@belovedarctos.com> George, On Dec 17, 2004, at 2:50 PM, George Georgalis wrote: > no problems from pilosoft network, you can probably save a lot of > bandwidth on that picture, but for testing there shouldn't be a problem > that I know of. > > ...who knows. Finally found some resolution to this problem concerning problems with verizon users. I lowered my mtu on my server and router to 1480 and now it works. Thanks -Bjorn From ycui1 Wed Mar 16 10:30:28 2005 From: ycui1 (Paul Cui) Date: Wed, 16 Mar 2005 10:30:28 -0500 Subject: [nycbug-talk] problems with email In-Reply-To: <57d7100005031412005b984349@mail.gmail.com> References: <57d7100005031412005b984349@mail.gmail.com> Message-ID: <20050316153028.GA20529@tanami.bloomberg.com> On Mon, Mar 14, 2005 at 12:00:05PM -0800, pete wright wrote: > 1) I'm running a secondary MX server at my house, it is currently > holding all of my domains email as "deferred" in it's postfix queue. > My plan is to turn this into my Primary MX server soon. Any gotcha's > I should look out for. One thing you might need to check is that a lot of DSL provider block port 25. you probably want to verify that.. I'm with Cablevision and about 6 month ago. they blocked both incoming and outgoing port 25. From george Wed Mar 16 17:45:03 2005 From: george (George Georgalis) Date: Wed, 16 Mar 2005 17:45:03 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client Message-ID: <20050316224503.GA2839@ixeon.local> Thanks much to George R's suggestion. Preliminary tests work: port forwarding tcp 137,138,139,445 from gateway box to samba share box, on private lan, works. My preliminary was to do tcp only port forwarding of said ports to a box behind it running samba. The client is not able to "browse" discover the share, but if the (gateway) hostname, user and password (samba host) is specified, the client can mount user homes from the samba server through the firewall via tcp only (the protocol calls for tcp and udp 137,138,139). This means, a roaming windows client can setup (putty) ssh -R tunnels to a remote gateway which allows for smb connections from localhost to the private smbserver. So the roaming client can specify, via "netuse" the gateway as the location of their shares and mount the protected samba share through the encrypted tunnel. Details of that last paragraph no doubt need be revised... anyone with ideas for the installation, please let me know, on or off list. Below is the sum of an extended issue getting linksys vpn going... ----- Forwarded message from George Georgalis ----- Date: Tue, 15 Mar 2005 15:57:58 -0500 From: George Georgalis To: members at list.nysa.org Subject: RE: need help asap, will pay, ms vpn client >Date: Thu, 3 Mar 2005 11:48:21 -0500 >From: "Cokorinos, Greg" > >I know time is short but you want to might try using the Linksys QuickVPN client to connect to the RV042. >ftp://ftp.linksys.com/pub/network/Linksys_QuickVPN_1028.exe > >QuickVPN setup is described in the RV082 user guide, the bigger sibling. >ftp://ftp.linksys.com/pdf/rv082-ug-rev_C%20web.pdf > >I think QuickVPN will work on the RV042 too, since they run nearly the same imbedded linux firmware. Greg, That was very good information. Prior to purchasing the RV042, I researched the linksys website, various discussion lists and concluded the RV042 provided the requirement (windows, et al remote vpn access) and had no additional benefit than 8 lan ports vs 4. The references to the Linksys_QuickVPN_1028.exe client has been elusive, I've only seen it first in your email, and a search turned up discussion postings where people where having (probably unrelated) trouble. The only place the vpn client is mentioned in linksys literature is the RV082 user guide. But the most valuable bit of information is page 54 (63 actual) of the RV082 user guide pdf where it references the "VPN Client Access" sub tab of the VPN tab settings options. In that setting screen is a "VPN Client Users" dialog, where you can specify users/passwords etc for vpn access. That subtle bit of instructions is the *only* place I've seen reference to a major feature of the rv082 that sets it apart from the rv042 (aside form the extra ports). In all the product literature for the rv082 and rv042 they advertise VPN capability, but nothing to differentiate the VPN features of the two units. In a nutshell, roaming clients requiring vpn connect to the rv042 must complete an extensive and difficult (error prone) configuration. Which I was never able to successfully execute and you can read here: http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=207 Configuring IPSec between a Microsoft Windows 2000 or XP PC and a Linksys VPN Router After asking many technical people about a solution, the answer has always been you can use OpenVPN; but the rv042 should do fine for dedicated hardware. Even when linksys technical support was contacted by phone no indication that a client for (and only for) the rv082 was available was made. The best information from linksys was, your VPN appears setup correctly and we don't support the windows configuration. Today, after studying the rv082 manual and determining it has a VPN setting screen (VPN Client Users) not available with the rv042, which is the solution to "idiot proof" vpn client setup (not that the clients are idiots but they have better things to do than instructions above which I could not complete successfully), I called technical support explained the problem and posed the question why isn't this described in marketing literature. I was then navigated to download the rv082 user guide to see how the feature was described. :) // George >-----Original Message----- >From: George Georgalis [mailto:george at galis.org] >Sent: Tuesday, March 01, 2005 6:11 PM >To: jobs at list.nysa.org >Cc: members at list.nysa.org >Subject: need help asap, will pay, ms vpn client > > >I'm past urgency stage, an external audit is coming up and I must finish >documentation in addition to other technical issues. > >...Connecting to the linksys rv042 vpn by ipsec has been >elusive. Everybody consulted says it should work and/or be easy. > >I need help with determining the most simple, but reliable, documented >procedure (for non techies) for configuring M$ clients to use the vpn >tunnel to access a private lan. Bonus bucks for documenting the Linux >procedure. > >The clients must access the private lan of the rv042 linksys router, >from behind their standard isp nat firewall, on a dhcp ISP connection. >(eg behind soho firewall on cablemodem). > >Already setup is some fancy routing to give privileged access to the lan >side of the vpn device. So you can work from home and have both sides of >the device at your disposal. > >You are free to use 3rd party software, such as this vpn client >http://www.thegreenbow.com/vpn.html (trial license available) which we >seem to be able to use to get 99% there, still having problems with >finishing the tunnel. > >Needed it before last week. If you've done this before, and are >interested in helping finish, please contact me off list with your >terms. > >Thanks, >// George > -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org --------------------------------------------------------------------- To unsubscribe, e-mail: talk-unsubscribe at list.nysa.org For additional commands, e-mail: talk-help at list.nysa.org ----- End forwarded message ----- -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From george Wed Mar 16 17:52:32 2005 From: george (G. Rosamond) Date: Wed, 16 Mar 2005 17:52:32 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050316224503.GA2839@ixeon.local> References: <20050316224503.GA2839@ixeon.local> Message-ID: <1c085ee93cfbfa6d19aa38caa0f7e6c3@sddi.net> On Mar 16, 2005, at 5:45 PM, George Georgalis wrote: > Thanks much to George R's suggestion. Preliminary tests work: port > forwarding tcp 137,138,139,445 from gateway box to samba share box, on > private lan, works. Great to hear. . . cheap and simple VPN over SSH. > > My preliminary was to do tcp only port forwarding of said ports to a > box > behind it running samba. The client is not able to "browse" discover > the > share, but if the (gateway) hostname, user and password (samba host) > is specified, the client can mount user homes from the samba server > through the firewall via tcp only (the protocol calls for tcp and udp > 137,138,139). > > This means, a roaming windows client can setup (putty) ssh -R tunnels > to > a remote gateway which allows for smb connections from localhost to the > private smbserver. So the roaming client can specify, via "netuse" the > gateway as the location of their shares and mount the protected samba > share through the encrypted tunnel. How are you doing auth? private/pub keys? that would certainly be the most seamless from the end user perspective. > > Details of that last paragraph no doubt need be revised... anyone with > ideas for the installation, please let me know, on or off list. > > Below is the sum of an extended issue getting linksys vpn going... > From george Wed Mar 16 18:02:56 2005 From: george (George Georgalis) Date: Wed, 16 Mar 2005 18:02:56 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <1c085ee93cfbfa6d19aa38caa0f7e6c3@sddi.net> References: <20050316224503.GA2839@ixeon.local> <1c085ee93cfbfa6d19aa38caa0f7e6c3@sddi.net> Message-ID: <20050316230256.GC2839@ixeon.local> On Wed, Mar 16, 2005 at 05:52:32PM -0500, G Rosamond wrote: >On Mar 16, 2005, at 5:45 PM, George Georgalis wrote: > >>Thanks much to George R's suggestion. Preliminary tests work: >>port forwarding tcp 137,138,139,445 from gateway box to samba >>share box, on private lan, works. > >Great to hear. . . cheap and simple VPN over SSH. who would have thought SMB would work without udp, shew. >> >>My preliminary was to do tcp only port forwarding of said ports >>to a box behind it running samba. The client is not able to >>"browse" discover the share, but if the (gateway) hostname, user >>and password (samba host) is specified, the client can mount >>user homes from the samba server through the firewall via tcp >>only (the protocol calls for tcp and udp 137,138,139). >> >>This means, a roaming windows client can setup (putty) ssh -R >>tunnels to a remote gateway which allows for smb connections >>from localhost to the private smbserver. So the roaming client >>can specify, via "netuse" the gateway as the location of their >>shares and mount the protected samba share through the encrypted >>tunnel. > >How are you doing auth? private/pub keys? rsa/dsa pubkey to a crippled account on the gateway, which has port-forwarding done by root. haven't worked out the account particulars yet. I'm really most worried about the "ssh -R + netuse + map network drive" commands on MS, because I've not got my head completely around that only have the sense that it will work. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jesse Wed Mar 16 23:01:16 2005 From: jesse (Jesse Callaway) Date: Wed, 16 Mar 2005 23:01:16 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050316230256.GC2839@ixeon.local> References: <20050316224503.GA2839@ixeon.local> <1c085ee93cfbfa6d19aa38caa0f7e6c3@sddi.net> <20050316230256.GC2839@ixeon.local> Message-ID: <20050317040116.GA37088@mail.theholymountain.com> > >How are you doing auth? private/pub keys? > > rsa/dsa pubkey to a crippled account on the gateway, which has > port-forwarding done by root. haven't worked out the account > particulars yet. > > I'm really most worried about the "ssh -R + netuse + map network > drive" commands on MS, because I've not got my head completely > around that only have the sense that it will work. > > // George You'll be fine. You just have to make sure SSH doesn't time out on you. I think this is a "feature" of putty and you need to either make it go into the background upon connection or, if through the GUI (which allows for post-connect scripts) check off the box for "keep the connection alive" or whatever the verbiage is. It's also wicked easy to set up the port forwarding with the GUI. -jesse From jesse Wed Mar 16 23:05:18 2005 From: jesse (Jesse Callaway) Date: Wed, 16 Mar 2005 23:05:18 -0500 Subject: [nycbug-talk] SHA Message-ID: <20050317040518.GB37088@mail.theholymountain.com> So anyone have any news on the further implications of the SHA collisions found? There was a link in Cryptogram this month, but the paper was absurdly short with the only explicit information being in the form of what amounts to "evidence" that collisions were found. -jesse From bob Wed Mar 16 23:09:43 2005 From: bob (Bob Ippolito) Date: Wed, 16 Mar 2005 23:09:43 -0500 Subject: [nycbug-talk] SHA In-Reply-To: <20050317040518.GB37088@mail.theholymountain.com> References: <20050317040518.GB37088@mail.theholymountain.com> Message-ID: On Mar 16, 2005, at 23:05, Jesse Callaway wrote: > So anyone have any news on the further implications of the SHA > collisions found? There was a link in Cryptogram this month, but the > paper was absurdly short with the only explicit information being in > the form of what amounts to "evidence" that collisions were found. IIRC, despite the recent findings (I'm not sure if the full paper has even been published yet, so it's hard to say whether they're correct or not), SHA-1 still more secure than MD5... so until SHA-2 is finalized and readily available it's probably still your best choice for a hash algorithm. -bob From okan Wed Mar 16 23:10:51 2005 From: okan (Okan Demirmen) Date: Wed, 16 Mar 2005 23:10:51 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050316224503.GA2839@ixeon.local> References: <20050316224503.GA2839@ixeon.local> Message-ID: <20050317041051.GA35398@yinaska.pair.com> On Wed 2005.03.16 at 17:45 -0500, George Georgalis wrote: > My preliminary was to do tcp only port forwarding of said ports to a box > behind it running samba. The client is not able to "browse" discover the > share, but if the (gateway) hostname, user and password (samba host) > is specified, the client can mount user homes from the samba server > through the firewall via tcp only (the protocol calls for tcp and udp > 137,138,139). > > This means, a roaming windows client can setup (putty) ssh -R tunnels to > a remote gateway which allows for smb connections from localhost to the > private smbserver. So the roaming client can specify, via "netuse" the > gateway as the location of their shares and mount the protected samba > share through the encrypted tunnel. this may not be much help to your issue, but if are limiting your roaming clients to smb shares, why even use smb? win2k and above, osx, and any unix can do webdav. easy to setup on the samba server. and seemless to the client - looks like a smb share....and all on one port - 80 (and/or 443). just $0.02 okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From gladiator.wei Thu Mar 17 09:48:44 2005 From: gladiator.wei (Wei Liu) Date: Thu, 17 Mar 2005 09:48:44 -0500 Subject: [nycbug-talk] A problem of the nautilus-cd-burner in FreeBSD R5.3 In-Reply-To: <4236D72D.60803@optonline.net> References: <597e8855050314175224b89ee4@mail.gmail.com> <4236D72D.60803@optonline.net> Message-ID: <597e885505031706481b0f618a@mail.gmail.com> Thanks Dan. I used default/auto partition as you did, and df -m command yieds the almost same results as you showed here. But the problem persists. How did you install your nautilus-cd-burner? Did you install it using "pkg_add" or "make install"? I noticed that many pepole mentioned that nautilus-cd-burner has problems with traditional package "cdrtools". I even tried to compile it using the package "cjk-cdrtools", but the prblem remained unsolved. Regards, Wei On Tue, 15 Mar 2005 07:38:05 -0500, Daniel Gonzalez wrote: > I'm using 5.3-RELEASE also but I can't duplicate the trouble. I did > notice that I used the default/auto partitioning scheme during the > installation and /var is only allotted 250M. How large will the files be > that you're trying to burn?. I don't know if I explained that clearly > but here's what I get from df -m > > dgonzo@~: cat /etc/fstab > # Device Mountpoint FStype Options Dump > Pass# > /dev/ad1s1b none swap sw 0 0 > /dev/ad1s1a / ufs rw 1 1 > /dev/ad1s1e /tmp ufs rw 2 2 > /dev/ad1s1f /usr ufs rw 2 2 > /dev/ad1s1d /var ufs rw 2 2 > /dev/acd0 /cdrom cd9660 ro,noauto 0 0 > dgonzo@~: df -m > Filesystem 1M-blocks Used Avail Capacity Mounted on > /dev/ad1s1a 247 56 171 25% / > devfs 0 0 0 100% /dev > /dev/ad1s1e 247 0 227 0% /tmp > /dev/ad1s1f 6248 4129 1618 72% /usr > */dev/ad1s1d 247 29 198 13% /var* > dgonzo@~: > > Hope that helps. I'm relatively new to BSD (former Slackware user). For > what it's worth, I've always had better luck using K3B. I don't know > what your desktops requirements are, but it seems more intuitive to me. > > Regards > Dan Gonzalez > 5ESS Maintenance Engineer > Cablevision Lightpath > > > Wei Liu wrote: > > >Hello, > > > >I was experiencing a weird probelm with my FreeBSDR5.3 when I was trying > >to burn a CD using the nautilus-cd-burner. Here is the description of my > >operation: > > > >1) Drag the files to burn:/// window, and then click "Write to CD", with > >the write speed being "Maximum Possible", Target to write being "ATAPI > >CD-RW 40/12/48X 100C 100C". > >2) Click "Write files to CD", and a popup window appears saying "Writing > >to CD. Please wait. (Creating CD image)". Here I can see the progess bar > >is moving, and seems everything are OK > >3) A few seconds later, progess bar disappears, nothing happens to CD > >burner, and nautilus-cd-burner left no respond. > > > >Using "dmesg", I got the following message: > >"pid 2505 (mkisofs), uid 1001 inumber 535 on /var: filesystem full" > > > >I found there is a big file named "image.iso.eh25zd" under /var/tmp > >directory. After I forced quit the dead nautilus-cd-burner, this file > >disappears. > > > >I tried to write my files to an ISO file first, and then burn it to CD > >using nautilus-cd-burner, everthing worked out smoothly. > > > >I have been using the FreeBSD4.10, and never encountered this problem. > >What can I do to solve this problem? Thanks for your help. > > > >Wei > >_______________________________________________ > >% NYC*BUG talk mailing list > >http://lists.nycbug.org/mailman/listinfo/talk > >%Be sure to check out our Jobs and NYCBUG-announce lists > >%We meet the first Wednesday of the month > > > > > > > From george Thu Mar 17 19:24:02 2005 From: george (George Georgalis) Date: Thu, 17 Mar 2005 19:24:02 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050317041051.GA35398@yinaska.pair.com> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> Message-ID: <20050318002402.GA26974@sta.local> On Wed, Mar 16, 2005 at 11:10:51PM -0500, Okan Demirmen wrote: >On Wed 2005.03.16 at 17:45 -0500, George Georgalis wrote: >> My preliminary was to do tcp only port forwarding of said ports to a box >> behind it running samba. The client is not able to "browse" discover the >> share, but if the (gateway) hostname, user and password (samba host) >> is specified, the client can mount user homes from the samba server >> through the firewall via tcp only (the protocol calls for tcp and udp >> 137,138,139). >> >> This means, a roaming windows client can setup (putty) ssh -R tunnels to >> a remote gateway which allows for smb connections from localhost to the >> private smbserver. So the roaming client can specify, via "netuse" the >> gateway as the location of their shares and mount the protected samba >> share through the encrypted tunnel. > >this may not be much help to your issue, but if are limiting your >roaming clients to smb shares, why even use smb? win2k and above, >osx, and any unix can do webdav. easy to setup on the samba server. >and seemless to the client - looks like a smb share....and all on >one port - 80 (and/or 443). 443/htpasswd/mod_dav is on the gen two plan. I've never build apache2, and I can expect some trial and error with both apache2 and mod_dav, but I've got a set of other things that don't give me time in the day to, well you know, and this is a no mistakes, regulated production environment. Anybody want to demo mod_dav and/or write up a cheat sheet? I spent :20 trying to get apache21 to build on DFLY but there is something wrong with perl, so I've never had 2.1 up at all... // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From okan Thu Mar 17 19:46:13 2005 From: okan (Okan Demirmen) Date: Thu, 17 Mar 2005 19:46:13 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050318002402.GA26974@sta.local> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> <20050318002402.GA26974@sta.local> Message-ID: <20050318004613.GA19571@yinaska.pair.com> On Thu 2005.03.17 at 19:24 -0500, George Georgalis wrote: > >this may not be much help to your issue, but if are limiting your > >roaming clients to smb shares, why even use smb? win2k and above, > >osx, and any unix can do webdav. easy to setup on the samba server. > >and seemless to the client - looks like a smb share....and all on > >one port - 80 (and/or 443). > > 443/htpasswd/mod_dav is on the gen two plan. I've never build apache2, > and I can expect some trial and error with both apache2 and mod_dav, > but I've got a set of other things that don't give me time in the day > to, well you know, and this is a no mistakes, regulated production > environment. > > Anybody want to demo mod_dav and/or write up a cheat sheet? I spent > :20 trying to get apache21 to build on DFLY but there is something > wrong with perl, so I've never had 2.1 up at all... you don't need apache2 for mod_dav ...just apache1.3 with dso support. much better ;) okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From lists Thu Mar 17 20:58:02 2005 From: lists (lists at genoverly.net) Date: Fri, 18 Mar 2005 02:58:02 +0100 Subject: [nycbug-talk] Fw: Newsletter from O'Reilly Message-ID: <0MKz1m-1DC6mQ0pvN-0002Ob@mrelay.perfora.net> Begin forwarded message: ================================================================ O'Reilly News for User Group Members March 17, 2005 ================================================================ ---------------------------------------------------------------- Book News ---------------------------------------------------------------- -Aggressive Network Self-Defense -IPv6 Network Administration -Windows XP Hacks, 2nd Edition -QuickBooks 2005: The Missing Manual -Outlook 2003 Personal Trainer -Intrusion Prevention and Active Response -Python Pocket Reference, 3rd Edition -Word 2003 Personal Trainer -Learning Windows Server 2003 -Cyber Spying -MAKE Magazine ---------------------------------------------------------------- Upcoming Events ---------------------------------------------------------------- -Tom Stafford and Matt Webb ("Mind Hacks"), Foyles Bookshop, London, UK--March 23 -Bonnie Biafore ("QuickBooks: The Missing Manual" & "Online Investing Hacks"), EduFest, Denver, CO--March 26 -Bonnie Biafore, the AAII Denver Chapter Meeting, Denver, CO--April 4 ---------------------------------------------------------------- Conference News ---------------------------------------------------------------- -Register for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 -Where 2.0 Conference Debut ---------------------------------------------------------------- News ---------------------------------------------------------------- -From the Labs: ETech 2005 -The SafariU Revolution: An Interview with Professor Kent Sandoe -No Starch Titles Included in MIT Review Article -O'Reilly Learning Lab: $200 Instant Rebate -MAKE Subscriptions Available -Secure Batch Email with UUCP and SSH -Subversion UI Shootout -Building Connected Embedded Systems -Closed Source PHP -Getting Things Done with Your Mac -Exploring the Mac OS X Firewall -Inside StYNCies -Receive Podcasts Using Your PC -Enhanced Text Input in Windows Forms 2.0 -Go Wireless -Building Modular Applications with Seppia -Reducing Upgrade Risk with Aspect Oriented Programming -High Tech Hybrid: The Casio EX-P505 Digital Camera -Doc Wiley: Master of the 30-Hour Album -Customizing GMail with Grease Monkey -Why Consistency is Critical ---------------------------------------------------------------- >From Your Peers ---------------------------------------------------------------- -Powered by Detroit Flash/ColdFusion Conference, Detroit, MI--April 9-10 ================================================ Book News ================================================ Did you know you can request a free book to review for your group? Ask your group leader for more information. For book review writing tips and suggestions, go to: http://ug.oreilly.com/bookreviews.html Don't forget, you can receive 20% off any O'Reilly, No Starch, Paraglyph, Pragmatic Bookshelf, SitePoint, or Syngress book you purchase directly from O'Reilly. Just use code DSUG when ordering online or by phone 800-998-9938. http://www.oreilly.com/ ***Free ground shipping is available for online orders of at least $29.95 that go to a single U.S. address. This offer applies to U.S. delivery addresses in the 50 states and Puerto Rico. For more details, go to: http://www.oreilly.com/news/freeshipping_0703.html ---------------------------------------------------------------- New Releases ---------------------------------------------------------------- ***Aggressive Network Self-Defense ISBN: 1931836205 Publisher: Syngress The name says it all. This is the first book to analyze the technical, legal, and financial ramifications of revolutionary and controversial network strike-back and active defense techniques. The authors reveal tightly guarded secrets to expose your online attackers and provide valuable information for finding and prosecuting criminal hackers. Learn how to identify, target, and nullify your adversaries through expert techniques and real-life examples. http://www.oreilly.com/catalog/1931836205/ ***IPv6 Network Administration Publisher: O'Reilly ISBN: 0596009348 This essential guide explains what works, what doesn't, and most of all, what's practical about IPv6. A must-have for network administrators looking to fix their network's scalability and management problems, this book also covers other IPv6 benefits, such as routing, integrated auto-configuration, quality-of-services, enhanced mobility, and end-to-end security. http://www.oreilly.com/catalog/ipv6na/ Chapter 5, "Installation and Configuration," is available online: http://www.oreilly.com/catalog/ipv6na/chapter/index.html ***Windows XP Hacks, 2nd Edition Publisher: O'Reilly ISBN: 0596009186 "Windows XP Hacks, 2nd Edition" is an ideal all-in-one resource for XP beginners as well as experienced power users. Now completely revised and updated to cover Service Pack 2 (SP2), the second edition of this bestseller breaks down the new SP2 features, including IE pop-up blocker, Windows Firewall, and the new wireless client. You'll also find timesaving hacks for security, file distribution, digital media, web browsing, and more. http://www.oreilly.com/catalog/winxphks2/ Hack 36, "Surf Anonymously Without a Trace," is available online along with 9 others hacks: http://www.oreilly.com/catalog/winxphks2/chapter/index.html ***QuickBooks 2005: The Missing Manual Publisher: O'Reilly ISBN: 0596009011 "QuickBooks 2005: The Missing Manual" is a comprehensive guide that examines everything the QuickBooks Pro Windows edition has to offer, from invoices and inventory to assets and accounts payable. By covering details in a friendly and lighthearted way, the book explains when and why a feature is useful and then offers indispensable, relevant advice. Each page provides insightful tips and tricks to help readers become more efficient, sophisticated users no matter what the extent of their existing knowledge. http://www.oreilly.com/catalog/quickbookstmm/ ***Outlook 2003 Personal Trainer Publisher: O'Reilly ISBN: 0596009356 This fully illustrated book takes a modular approach to learning, allowing you to start with the fundamentals and then work your way up to advanced topics--at your own pace. Designed to address both beginners and experts, this handy reference is written in a non-technical style that you're bound to find engaging and informative. The companion CD tutorial guides you through each lesson interactively. http://www.oreilly.com/catalog/outlookpt/ Chapter 8, "Advanced E-Mail Features," is available online: http://www.oreilly.com/catalog/outlookpt/chapter/index.html ***Intrusion Prevention and Active Response Publisher: Syngress ISBN: 193226647X This is the first book-length work that specifically concentrates on the concept, implementation, and implications of intrusion prevention and active response. The authors establish a common understanding of the terminology and then compare the many approaches to intrusion prevention. In short, this book serves as a reference for next-generation IDS technology that provides active response and intrusion prevention functions both at the network and host levels. http://www.oreilly.com/catalog/193226647X/ ***Python Pocket Reference, 3rd Edition Publisher: O'Reilly ISBN: 0596009402 With its convenient, quick-reference format, this book is the perfect on-the-job reference that delivers need-to-know information at the flip of a page. This third edition has been refreshed to cover Python 2.4 and also includes an easy-lookup index to help developers find answers fast. The "Python Pocket Reference, 3rd Edition" serves as the perfect companion to "Learning Python" and "Programming Python." http://www.oreilly.com/catalog/pythonpr3/index.html ***Word 2003 Personal Trainer Publisher: O'Reilly ISBN: 0596009364 As the most complete and engaging tutorial available for Word, this invaluable guide details all of the latest advancements to Word 2003, featuring sections on templates, WordArt, charts, and drawings, plus advanced topics like how to perform mail merges and create web pages. To best guide learning, this Personal Trainer includes detailed diagrams, dozens of task-oriented lessons, and a fully interactive training simulation CD--everything you need to become a Word pro. http://www.oreilly.com/catalog/wordpt/index.html Chapter 8, "Performing a Mail Merge," is available online: http://www.oreilly.com/catalog/wordpt/chapter/index.html ***Learning Windows Server 2003 Publisher: O'Reilly ISBN: 0596006241 "Windows Server 2003" is the right server for a world dominated by enterprise networks and web-based server applications, but getting this server up and running is a formidable task. Our no-fluff guide gives you exactly what you need for installing, configuring, securing, and managing Server 2003, and offers hands-on advice for planning, implementing, and growing Windows networks without trying to teach you how to be a system administrator. http://www.oreilly.com/catalog/lwinsvr2003/index.html Chapter 10, "Windows Terminal Services," is available online: http://www.oreilly.com/catalog/lwinsvr2003/chapter/index.html ***Cyber Spying Publisher: Syngress ISBN: 1931836418 Have you ever wondered about that friend your spouse emails, or who they spend hours chatting online with? Are you curious about what your children are doing online, who they meet, and what they talk about? Do you worry about them finding drugs and other illegal items online, and wonder what they look at? This book shows you how to monitor and analyze your family's online behavior. http://www.oreilly.com/catalog/1931836418/index.html ***MAKE Subscriptions Available The annual subscription price for four issues is $34.95. When you subscribe with this link, you'll get a free issue--the first one plus four more for $34.95. So subscribe for yourself or friends with this great offer for charter subscribers: five volumes for the cost of four. Subscribe at: https://www.pubservice.com/MK/Subnew.aspx?PC=MK&PK=M5ZUGLA The MAKE blog is available at: http://www.makezine.com/blog/ ================================================ Upcoming Events ================================================ ***For more events, please see: http://events.oreilly.com/ ***Tom Stafford and Matt Webb ("Mind Hacks"), Foyles Bookshop, London, UK--March 23 Spend a mind boggling evening with "Mind Hacks" authors Tom Stafford and Matt Webb, who will demonstrate happiness, and optical tricks to see how the brain responds. In the process, you'll learn a little bit more about how this fearsomely complex organ works. No previous neuroscience experience necessary! Please bring a pen--and your brain--if you'd like to play along. The fun begins at 6:30 p.m. Tickets are 4 pounds (redeemable on the purchase of any O'Reilly title that evening), and can be booked by calling 0870 4202777, visiting Foyle's site, or dropping by the shop. 113-119 Charing Cross Road, London, UK http://www.foyles.co.uk/foyles/events.asp ***Bonnie Biafore ("QuickBooks: The Missing Manual" & "Online Investing Hacks"), EduFest, Denver, CO--March 26 Bonnie is a featured speaker at the NAIC Rocky Mountain Chapter EduFest. http://www.better-investing.org/chapter/denver/events/7571 ***Bonnie Biafore, AAII Denver Chapter Meeting, Denver, CO--April 4 Bonnie discusses online investing with members of the Denver Chapter of the American Association of Individual Investors. http://www.aaii.com/loclchap/aaiichap/denver/ ================================================ Conference News ================================================ ***Register for the 2005 MySQL Users Conference, Santa Clara, CA-- April 18-21 The MySQL Users Conference, co-presented by O'Reilly Media and MySQL AB, brings together experts, users, and industry leaders with unique MySQL insights, offering attendees a detailed look into new features in MySQL 5.0, sessions and workshops designed to teach best practices, and exposure to new open source technologies. For more information, go to: http://www.mysqluc.com/ Use code DSUG when you register, and receive 20% off the registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/mysqluc2005/create/ord_mysql05 ***Where 2.0 Conference Debut Join us at the first O'Reilly Where 2.0 Conference June 29-30 in San Francisco. Explore the emerging consumer and enterprise ecosystems around location-aware technologies--like GPS, RFID, WLAN, cellular networks, and networked sensors--that enable an ever-growing array of capabilities from local search and mapping to enterprise integration and commercial applications. Registration opens in April. http://conferences.oreillynet.com/where/ To receive up-to-date conference news and information, sign up for the conference newsletter on oreilly.com. ================================================ News From O'Reilly & Beyond ================================================ --------------------- General News --------------------- ***From the Labs: ETech 2005 On the opening day of O'Reilly's Emerging Technology Conference, attendees got a preview of projects that may or may not ever be released as full scale products from Microsoft, Yahoo!, and Google. http://www.oreillynet.com/pub/a/network/2005/03/16/etech_2.html For more ETech coverage: http://www.oreillynet.com/et2005/ ***The SafariU Revolution: An Interview with Professor Kent Sandoe Professor Kent Sandoe of the Information Systems Department of Chico State University wanted to produce a textbook on information security for his Systems Management course this semester, but at the last minute, those plans fell through. He turned to SafariU, O?€™Reilly?€™s new web-based platform for creating, publishing, and sharing textbooks. Read about his experience in this interview. http://www.oreilly.com/news/safariusandoe.html Visit SafariU for a video demo http://academic.oreilly.com/safariu-more.csp ***No Starch Titles Included in MIT Review Article "Hack License," by Simson Garfinkel ("Database Nation"), includes No Starch's "Hacking: The Art of Exploitation" and "Hacking the XBox." http://www.technologyreview.com/articles/05/03/issue/review_hack.asp ***O'Reilly Learning Lab: $200 Instant Rebate Learning programming languages and development techniques has never been easier. Using your web browser and Useractive's Learning Sandbox technology, the Learning Lab gives you hands-on, online training in a creative environment. This month, receive a $200 instant rebate (and a Certificate from the University of Illinois Office of Continuing Education upon course completion) when you enroll in any Certificate Series. http://www.oreilly.com/redirector.csp?link=UACert&type=news --------------------- Open Source --------------------- ***Secure Batch Email with UUCP and SSH Not everyone has reliable, always-on Internet access. For some, reliability has to come through software, not hardware. Fortunately, protocols designed to work around slow and unreliable networks still work. Christophe Prevotaux demonstrates how to set up FreeBSD, Postfix, and SSH to send and receive email via UUCP. http://www.onlamp.com/pub/a/bsd/2005/03/10/uucpmail.html ***Subversion UI Shootout As Subversion continues to take over from CVS, more advanced interfaces have started to appear. How do they compare to each other? How do they compare to the svn CLI tool? Jeremy Jones puts svn, RapidSVN, and TortoiseSVN though their paces and draws out UI principles along the way. http://www.onlamp.com/pub/a/onlamp/2005/03/10/svn_uis.html ***Building Connected Embedded Systems Embedded systems aren't all Linux; microcontrollers still dominate the scene. Erstwhile hardware hackers, rejoice! The tools for programming microcontrollers work just fine under Linux. George Belotsky starts a series on embedded development by demonstrating what you have to do to make Hello World run. http://www.onlamp.com/pub/a/onlamp/2005/03/10/microcontrollers.html ***Closed Source PHP A look at the many different options PHP Developers have for protecting their source code from prying eyes when creating commercial PHP Applications. http://www.sitepoint.com/blog-post-view.php?id=238739 --------------------- Mac --------------------- ***Getting Things Done with Your Mac Even the most savvy Mac user can have problems staying organized. A number of tips for using a Mac to help organize your life are available from 43 Folders and other sources. This article takes a look at them with the help of Merlin Mann himself. http://www.macdevcenter.com/pub/a/mac/2005/03/08/productivity.html ***Exploring the Mac OS X Firewall Like so many tools built in to Mac OS X, the firewall just works. But what's really going on inside it? Peter Hickman explains why the firewall works so well, and then takes you inside and shows you how to fiddle with things. In the end, he returns you safely to the default settings. http://www.macdevcenter.com/pub/a/mac/2005/03/15/firewall.html ***Inside StYNCies Stickies is one of the handiest little apps out there. It's been bundled with Apple's operating systems for ages, but Apple hasn't yet taken advantage of the new possibilities for it. This first installment of a two-part series works through building a partial implementation of StYNCies, a neat little utility that synchronizes your Stickies to your iPod and/or iDisk. http://www.macdevcenter.com/pub/a/mac/2005/03/11/cocoa.html --------------------- Windows/.NET --------------------- ***Receive Podcasts Using Your PC Receiving podcasts using free software, your PC, and a portable music player is a snap. Jake Ludington shows you how to do it in a few easy steps. http://www.windowsdevcenter.com/pub/a/windows/2005/03/15/podcasting_pc.html ***Enhanced Text Input in Windows Forms 2.0 Visual Studio 2005 provides enhanced controls for managing data input in Whidbey. In this new column by Jesse Liberty, he discusses the advanced WinForms Text Input control. http://www.ondotnet.com/pub/a/dotnet/2005/03/14/liberty.html ***Go Wireless Here's an excerpt from "Windows XP Annoyances for Geeks, 2nd Edition," that shows you how to set up a simple wireless network, connect that network to the Internet, connect your wireless devices to other people's wireless networks, and prevent others from sneaking onto your network. All without wires, and the most amazing thing is that it actually works. http://www.windowsdevcenter.com/pub/a/windows/excerpt/winxpannoy2_ch07_05/index.html --------------------- Java --------------------- ***Building Modular Applications with Seppia Isn't object-oriented programming supposed to be about code reuse? The Seppia framework encourages reuse by allowing you to combine functionality collected in multiple .jar files, stitching the behavior together with JavaScript. Lorenzo Puccetti has an introduction to this interesting framework. http://www.onjava.com/pub/a/onjava/2005/03/16/seppia.html ***Reducing Upgrade Risk with Aspect Oriented Programming Upgrading code in the field is usually frowned upon, if not prohibited outright, because of the risk and expense of pushing code changes through a release cycle. But could you just insert the tiny bit of code you need with AOP? Stephen B. Morris looks at how careful design and separation of responsibilities can make this less risky. http://www.onjava.com/pub/a/onjava/2005/03/16/aop-mgmt.html --------------------- Digital Media --------------------- ***High Tech Hybrid: the Casio EX-P505 Digital Camera The Casio EX-P505 is a smart-looking, 5-megapixel camera that fits in the palm of your hand. It captures full-frame, full-motion digital movies with ease, and it's packed with creative features sure to stir the imagination of fun-loving photographers. Derrick Story helps you decide if this is a high-tech toy or a real photographic tool. http://digitalmedia.oreilly.com/2005/03/09/casio_p505.html ***Doc Wiley: Master of the 30-Hour Album Pro Tools wiz Doc Wiley combines studio psychology and cutting-edge technology to coax the best performances out of artists ranging from U2 to Whitney Houston. Here are some of his favorite approaches. http://digitalmedia.oreilly.com/2005/03/16/doc.html --------------------- Web --------------------- ***Customizing Gmail with Grease Monkey Learn about using Firefox Extensions to customize Gmail, or any other web site you visit, thanks to the power of the Document Object Model and JavaScript. http://www.sitepoint.com/blog-post-view.php?id=239170 ***Why Consistency is Critical Consistency is the cornerstone of a positive user experience. But consistency means more than simply putting your nav at the top left, your search on the right. Gerry explores consistency, explaining what it is, why it's important, and the areas where consistency counts. http://www.sitepoint.com/article/why-consistency-is-critical ================================================ >From Your Peers =============================================== ***Powered by Detroit Flash/ColdFusion Conference, Detroit, MI-- April 9-10 The conference will feature expert speakers on Flash, ColdFusion, Flex, Dreamweaver, and more, with emphasis on development of Rich Internet Applications. Participants will engage in two days of cutting-edge seminars, talks, and discussions on the latest web development tools and techniques, while also enjoying the company of like-minded professionals. The event features Macromedia's Greg Rewis and Ben Forta as keynote speakers, and other top experts, including Kevin Hoyt, Michael Dinowitz, Hal Helms, Simon Horwith, Jeffry Houser, Charlie Arthart, Shlomy Gantz and Alexandru Costin. http://poweredbydetroit.org/ Don't forget to check out the O'Reilly UG wiki to see what user groups across the globe are up to: http://wiki.oreillynet.com/usergroups/index.cgi -- From mikel.king Thu Mar 17 22:57:27 2005 From: mikel.king (Mikel King) Date: Thu, 17 Mar 2005 22:57:27 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050318002402.GA26974@sta.local> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> <20050318002402.GA26974@sta.local> Message-ID: <423A51A7.7030102@ocsny.com> George Georgalis wrote: >On Wed, Mar 16, 2005 at 11:10:51PM -0500, Okan Demirmen wrote: > > >>On Wed 2005.03.16 at 17:45 -0500, George Georgalis wrote: >> >> >>>My preliminary was to do tcp only port forwarding of said ports to a box >>>behind it running samba. The client is not able to "browse" discover the >>>share, but if the (gateway) hostname, user and password (samba host) >>>is specified, the client can mount user homes from the samba server >>>through the firewall via tcp only (the protocol calls for tcp and udp >>>137,138,139). >>> >>>This means, a roaming windows client can setup (putty) ssh -R tunnels to >>>a remote gateway which allows for smb connections from localhost to the >>>private smbserver. So the roaming client can specify, via "netuse" the >>>gateway as the location of their shares and mount the protected samba >>>share through the encrypted tunnel. >>> >>> >>this may not be much help to your issue, but if are limiting your >>roaming clients to smb shares, why even use smb? win2k and above, >>osx, and any unix can do webdav. easy to setup on the samba server. >>and seemless to the client - looks like a smb share....and all on >>one port - 80 (and/or 443). >> >> > >443/htpasswd/mod_dav is on the gen two plan. I've never build apache2, >and I can expect some trial and error with both apache2 and mod_dav, >but I've got a set of other things that don't give me time in the day >to, well you know, and this is a no mistakes, regulated production >environment. > >Anybody want to demo mod_dav and/or write up a cheat sheet? I spent >:20 trying to get apache21 to build on DFLY but there is something >wrong with perl, so I've never had 2.1 up at all... > >// George > > > > I've set up dav before, and from what I recall the docs on apache's site were pretty straight forward, but I do remember there were some missing elements, I just don't recall if it was to do with php or dav. I'll poll my notes and see if it merits a DN article, is that a good idea? -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ -------------- next part -------------- A non-text attachment was scrubbed... Name: mikel.king.vcf Type: text/x-vcard Size: 347 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050317/0f96eb94/attachment.vcf From george Thu Mar 17 23:49:25 2005 From: george (G. Rosamond) Date: Thu, 17 Mar 2005 23:49:25 -0500 Subject: [nycbug-talk] Netcraft toolbar. . . Message-ID: <26a838d7ab965da81aa137a5f981d616@sddi.net> It's here: http://toolbar.netcraft.com/ It's a bit strange that they use Firefox as the browser example, but only have it ported to Win32 on IE. . . And, yes, Netcraft does run on BSD: http://ezine.daemonnews.org/200410/netcraft.html George From nomadlogic Fri Mar 18 00:00:31 2005 From: nomadlogic (pete wright) Date: Thu, 17 Mar 2005 21:00:31 -0800 Subject: [nycbug-talk] Netcraft toolbar. . . In-Reply-To: <26a838d7ab965da81aa137a5f981d616@sddi.net> References: <26a838d7ab965da81aa137a5f981d616@sddi.net> Message-ID: <57d7100005031721004be8691c@mail.gmail.com> On Thu, 17 Mar 2005 23:49:25 -0500, G. Rosamond wrote: > It's here: > > http://toolbar.netcraft.com/ > > It's a bit strange that they use Firefox as the browser example, but > only have it ported to Win32 on IE. . . > nah that's IE...it's just the wierd Fischer Price WinXP sking throwing you off. Notice the banner top right. looks pretty awesome...too bad i'll never be able to use it :( -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From bob Fri Mar 18 00:02:53 2005 From: bob (Bob Ippolito) Date: Fri, 18 Mar 2005 00:02:53 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <423A51A7.7030102@ocsny.com> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> <20050318002402.GA26974@sta.local> <423A51A7.7030102@ocsny.com> Message-ID: <2e4910d90faa23b4e33628f0e4ac2c82@redivi.com> On Mar 17, 2005, at 22:57, Mikel King wrote: > > > George Georgalis wrote: > >> On Wed, Mar 16, 2005 at 11:10:51PM -0500, Okan Demirmen wrote: >> >>> On Wed 2005.03.16 at 17:45 -0500, George Georgalis wrote: >>> >>>> My preliminary was to do tcp only port forwarding of said ports to >>>> a box >>>> behind it running samba. The client is not able to "browse" >>>> discover the >>>> share, but if the (gateway) hostname, user and password (samba host) >>>> is specified, the client can mount user homes from the samba server >>>> through the firewall via tcp only (the protocol calls for tcp and >>>> udp >>>> 137,138,139). >>>> >>>> This means, a roaming windows client can setup (putty) ssh -R >>>> tunnels to >>>> a remote gateway which allows for smb connections from localhost to >>>> the >>>> private smbserver. So the roaming client can specify, via "netuse" >>>> the >>>> gateway as the location of their shares and mount the protected >>>> samba >>>> share through the encrypted tunnel. >>>> >>> this may not be much help to your issue, but if are limiting your >>> roaming clients to smb shares, why even use smb? win2k and above, >>> osx, and any unix can do webdav. easy to setup on the samba server. >>> and seemless to the client - looks like a smb share....and all on >>> one port - 80 (and/or 443). >>> >> >> 443/htpasswd/mod_dav is on the gen two plan. I've never build apache2, >> and I can expect some trial and error with both apache2 and mod_dav, >> but I've got a set of other things that don't give me time in the day >> to, well you know, and this is a no mistakes, regulated production >> environment. >> >> Anybody want to demo mod_dav and/or write up a cheat sheet? I spent >> :20 trying to get apache21 to build on DFLY but there is something >> wrong with perl, so I've never had 2.1 up at all... >> > I've set up dav before, and from what I recall the docs on apache's > site were pretty straight forward, but I do remember there were some > missing elements, I just don't recall if it was to do with php or dav. > I'll poll my notes and see if it merits a DN article, is that a good > idea? The only "gotcha" I've ever run into configuring mod_dav is that you have to remember to add in a DAVLock parameter (I think that's what it's called -- RTFM). The other is that not all WebDAV clients are created equally. Some have weird issues (Mac OS X goes nuts if you WebDAV with resource forks in my experience) and some don't support it over https. -bob From nomadlogic Fri Mar 18 00:04:23 2005 From: nomadlogic (pete wright) Date: Thu, 17 Mar 2005 21:04:23 -0800 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <423A51A7.7030102@ocsny.com> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> <20050318002402.GA26974@sta.local> <423A51A7.7030102@ocsny.com> Message-ID: <57d7100005031721047b65b04@mail.gmail.com> > I've set up dav before, and from what I recall the docs on apache's site > were pretty straight forward, but I do remember there were some missing > elements, I just don't recall if it was to do with php or dav. I'll poll > my notes and see if it merits a DN article, is that a good idea? > If you have the time i think it's a great idea. I think I remember someone mentioning that DN needed more people to write for them. I know it's something I'd personally be interested in learning about. -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From george Fri Mar 18 00:07:02 2005 From: george (G. Rosamond) Date: Fri, 18 Mar 2005 00:07:02 -0500 Subject: [nycbug-talk] Netcraft toolbar. . . In-Reply-To: <57d7100005031721004be8691c@mail.gmail.com> References: <26a838d7ab965da81aa137a5f981d616@sddi.net> <57d7100005031721004be8691c@mail.gmail.com> Message-ID: <3949f656080e4e57a2c0be480e975613@sddi.net> On Mar 18, 2005, at 12:00 AM, pete wright wrote: > On Thu, 17 Mar 2005 23:49:25 -0500, G. Rosamond > wrote: >> It's here: >> >> http://toolbar.netcraft.com/ >> >> It's a bit strange that they use Firefox as the browser example, but >> only have it ported to Win32 on IE. . . >> > > nah that's IE...it's just the wierd Fischer Price WinXP sking throwing > you off. Notice the banner top right. looks pretty awesome...too bad > i'll never be able to use it :( > And don't *I* always get mocked as the dude who uses Windows? GG: next time we call Petee for a guy who has an operational Win32 box, 'cause I don't. ;-) g From okan Fri Mar 18 00:19:04 2005 From: okan (Okan Demirmen) Date: Fri, 18 Mar 2005 00:19:04 -0500 Subject: [nycbug-talk] Netcraft toolbar. . . In-Reply-To: <3949f656080e4e57a2c0be480e975613@sddi.net> References: <26a838d7ab965da81aa137a5f981d616@sddi.net> <57d7100005031721004be8691c@mail.gmail.com> <3949f656080e4e57a2c0be480e975613@sddi.net> Message-ID: <20050318051904.GB93038@yinaska.pair.com> On Fri 2005.03.18 at 00:07 -0500, G. Rosamond wrote: > > On Mar 18, 2005, at 12:00 AM, pete wright wrote: > > >On Thu, 17 Mar 2005 23:49:25 -0500, G. Rosamond > >wrote: > >>It's here: > >> > >>http://toolbar.netcraft.com/ > >> > >>It's a bit strange that they use Firefox as the browser example, but > >>only have it ported to Win32 on IE. . . > >> > > > >nah that's IE...it's just the wierd Fischer Price WinXP sking throwing > >you off. Notice the banner top right. looks pretty awesome...too bad > >i'll never be able to use it :( > > > > And don't *I* always get mocked as the dude who uses Windows? aha...however, it is a nessecary evil for some of us - at least i leave it in a corner and rdp to it. > GG: next time we call Petee for a guy who has an operational Win32 box, > 'cause I don't. > > ;-) > > g > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From bob Fri Mar 18 01:19:01 2005 From: bob (Bob Ippolito) Date: Fri, 18 Mar 2005 01:19:01 -0500 Subject: [nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client In-Reply-To: <20050318004613.GA19571@yinaska.pair.com> References: <20050316224503.GA2839@ixeon.local> <20050317041051.GA35398@yinaska.pair.com> <20050318002402.GA26974@sta.local> <20050318004613.GA19571@yinaska.pair.com> Message-ID: <08020c256cb0931772e1a53ddbcf0a9f@redivi.com> On Mar 17, 2005, at 7:46 PM, Okan Demirmen wrote: > On Thu 2005.03.17 at 19:24 -0500, George Georgalis wrote: >>> this may not be much help to your issue, but if are limiting your >>> roaming clients to smb shares, why even use smb? win2k and above, >>> osx, and any unix can do webdav. easy to setup on the samba server. >>> and seemless to the client - looks like a smb share....and all on >>> one port - 80 (and/or 443). >> >> 443/htpasswd/mod_dav is on the gen two plan. I've never build apache2, >> and I can expect some trial and error with both apache2 and mod_dav, >> but I've got a set of other things that don't give me time in the day >> to, well you know, and this is a no mistakes, regulated production >> environment. >> >> Anybody want to demo mod_dav and/or write up a cheat sheet? I spent >> :20 trying to get apache21 to build on DFLY but there is something >> wrong with perl, so I've never had 2.1 up at all... > > you don't need apache2 for mod_dav ...just apache1.3 with dso > support. > > much better ;) If you like to run old, probably unsupported, extensions .. sure :) -bob From dan Fri Mar 18 06:43:17 2005 From: dan (Dan Langille) Date: Fri, 18 Mar 2005 06:43:17 -0500 Subject: [nycbug-talk] BSDCan has more Europeans than NYers Message-ID: <423A7885.28683.7816520E@localhost> So far we have two registrations from NY. And six from Europe. I remember Germany, Norway, and France. Are you folks coming? -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Fri Mar 18 08:24:22 2005 From: jpb (Jim Brown) Date: Fri, 18 Mar 2005 08:24:22 -0500 Subject: [nycbug-talk] BSDCan has more Europeans than NYers In-Reply-To: <423A7885.28683.7816520E@localhost> References: <423A7885.28683.7816520E@localhost> Message-ID: <20050318132422.GA28432@sixshooter.v6.thrupoint.net> * Dan Langille [2005-03-18 06:43]: > So far we have two registrations from NY. And six from Europe. I > remember Germany, Norway, and France. > > Are you folks coming? > -- Hi Dan, I'd like to come. Still waiting on vactation arrangements. Aggravating! Best Regards, Jim B. From mspitzer Fri Mar 18 10:04:35 2005 From: mspitzer (Marc Spitzer) Date: Fri, 18 Mar 2005 10:04:35 -0500 Subject: [nycbug-talk] BSDCan has more Europeans than NYers In-Reply-To: <20050318132422.GA28432@sixshooter.v6.thrupoint.net> References: <423A7885.28683.7816520E@localhost> <20050318132422.GA28432@sixshooter.v6.thrupoint.net> Message-ID: <8c50a3c3050318070414eb69b@mail.gmail.com> On Fri, 18 Mar 2005 08:24:22 -0500, Jim Brown wrote: > * Dan Langille [2005-03-18 06:43]: > > So far we have two registrations from NY. And six from Europe. I > > remember Germany, Norway, and France. > > > > Are you folks coming? > > -- > > Hi Dan, > > I'd like to come. Still waiting on vactation arrangements. > Aggravating! me too. marc > > Best Regards, > Jim B. > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From mspitzer Fri Mar 18 11:05:45 2005 From: mspitzer (Marc Spitzer) Date: Fri, 18 Mar 2005 11:05:45 -0500 Subject: [nycbug-talk] Free BSD marketing material Message-ID: <8c50a3c30503180805780ca76e@mail.gmail.com> If you used BSD this could not happen to you: http://gpl-violations.org/ and pick some news items From dan Fri Mar 18 11:09:09 2005 From: dan (Dan Langille) Date: Fri, 18 Mar 2005 11:09:09 -0500 Subject: [nycbug-talk] Free BSD marketing material In-Reply-To: <8c50a3c30503180805780ca76e@mail.gmail.com> Message-ID: <423AB6D5.19902.7909B8AA@localhost> On 18 Mar 2005 at 11:05, Marc Spitzer wrote: > If you used BSD this could not happen to you: > http://gpl-violations.org/ and pick some news items As an advocate, I prefer to point out the benefits of what I advocate rather than point at what I do not advocate and pick at problems. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From mspitzer Fri Mar 18 11:14:59 2005 From: mspitzer (Marc Spitzer) Date: Fri, 18 Mar 2005 11:14:59 -0500 Subject: [nycbug-talk] Free BSD marketing material In-Reply-To: <423AB6D5.19902.7909B8AA@localhost> References: <8c50a3c30503180805780ca76e@mail.gmail.com> <423AB6D5.19902.7909B8AA@localhost> Message-ID: <8c50a3c3050318081472a42c93@mail.gmail.com> On Fri, 18 Mar 2005 11:09:09 -0500, Dan Langille wrote: > On 18 Mar 2005 at 11:05, Marc Spitzer wrote: > > > If you used BSD this could not happen to you: > > http://gpl-violations.org/ and pick some news items > > As an advocate, I prefer to point out the benefits of what I advocate > rather than point at what I do not advocate and pick at problems. "If you use BSD you do not get into the above legal/licence problems" is not a benefit? marc > > -- > Dan Langille : http://www.langille.org/ > BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ > > From dan Fri Mar 18 11:17:41 2005 From: dan (Dan Langille) Date: Fri, 18 Mar 2005 11:17:41 -0500 Subject: [nycbug-talk] Free BSD marketing material In-Reply-To: <8c50a3c3050318081472a42c93@mail.gmail.com> References: <423AB6D5.19902.7909B8AA@localhost> Message-ID: <423AB8D5.22739.79118B0B@localhost> On 18 Mar 2005 at 11:14, Marc Spitzer wrote: > On Fri, 18 Mar 2005 11:09:09 -0500, Dan Langille wrote: > > On 18 Mar 2005 at 11:05, Marc Spitzer wrote: > > > > > If you used BSD this could not happen to you: > > > http://gpl-violations.org/ and pick some news items > > > > As an advocate, I prefer to point out the benefits of what I advocate > > rather than point at what I do not advocate and pick at problems. > > "If you use BSD you do not get into the above legal/licence problems" > is not a benefit? It is not what you say, it is how you say it. You can achieve the same thing without pointing out the problems of others. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From mspitzer Fri Mar 18 11:24:48 2005 From: mspitzer (Marc Spitzer) Date: Fri, 18 Mar 2005 11:24:48 -0500 Subject: [nycbug-talk] Free BSD marketing material In-Reply-To: <423AB8D5.22739.79118B0B@localhost> References: <423AB6D5.19902.7909B8AA@localhost> <8c50a3c3050318081472a42c93@mail.gmail.com> <423AB8D5.22739.79118B0B@localhost> Message-ID: <8c50a3c30503180824501869a7@mail.gmail.com> On Fri, 18 Mar 2005 11:17:41 -0500, Dan Langille wrote: > On 18 Mar 2005 at 11:14, Marc Spitzer wrote: > > > On Fri, 18 Mar 2005 11:09:09 -0500, Dan Langille wrote: > > > On 18 Mar 2005 at 11:05, Marc Spitzer wrote: > > > > > > > If you used BSD this could not happen to you: > > > > http://gpl-violations.org/ and pick some news items > > > > > > As an advocate, I prefer to point out the benefits of what I advocate > > > rather than point at what I do not advocate and pick at problems. > > > > "If you use BSD you do not get into the above legal/licence problems" > > is not a benefit? > > It is not what you say, it is how you say it. You can achieve the > same thing without pointing out the problems of others. It is not a problem, it is a benefit, just ask them. And I am firmly in the "its what you say" camp. ah well oppinions differ, marc From dan Fri Mar 18 11:36:56 2005 From: dan (Dan Langille) Date: Fri, 18 Mar 2005 11:36:56 -0500 Subject: [nycbug-talk] Free BSD marketing material In-Reply-To: <8c50a3c30503180824501869a7@mail.gmail.com> References: <423AB8D5.22739.79118B0B@localhost> Message-ID: <423ABD58.10353.79232749@localhost> On 18 Mar 2005 at 11:24, Marc Spitzer wrote: > On Fri, 18 Mar 2005 11:17:41 -0500, Dan Langille wrote: > > On 18 Mar 2005 at 11:14, Marc Spitzer wrote: > > > > > On Fri, 18 Mar 2005 11:09:09 -0500, Dan Langille wrote: > > > > On 18 Mar 2005 at 11:05, Marc Spitzer wrote: > > > > > > > > > If you used BSD this could not happen to you: > > > > > http://gpl-violations.org/ and pick some news items > > > > > > > > As an advocate, I prefer to point out the benefits of what I advocate > > > > rather than point at what I do not advocate and pick at problems. > > > > > > "If you use BSD you do not get into the above legal/licence problems" > > > is not a benefit? > > > > It is not what you say, it is how you say it. You can achieve the > > same thing without pointing out the problems of others. > > It is not a problem, it is a benefit, just ask them. And I am firmly > in the "its what you say" camp. Ummm, whatever. I guess I need to be explicit here. You started out by referring to non-GPL compliance as a marketing material for FreeBSD. I suggested the same goal could be achieved by advocating the *benefits of BSD (e.g. you can do what you want with the code without risk of license infringement) instead of saying pointing out the problems of others (e.g. "look, if you use GPL software, *THIS* could happen to you!"). I feel one appraoch is much more professional than the other. You decide which on you want to do and I'll leave you to it. I think everyone nearly everyone understood my original point; I now withdraw from this thread. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Fri Mar 18 18:56:53 2005 From: george (G. Rosamond) Date: Fri, 18 Mar 2005 18:56:53 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support Message-ID: <4d6e984f48d2049eb9e9774347982f47@sddi.net> This is a thread well worth following. . . Begin forwarded message: > From: Theo de Raadt > Date: March 18, 2005 6:01:00 PM EST > To: "Richardson, Doug" > Cc: misc at openbsd.org > Subject: Re: Adaptec AAC raid support > >> I am surprised at your e-mail, and am very disappointed at your >> demeanor.... > > I myself am rather surprised as well, since this has been a FOUR MONTH > conversation with Adaptec.. > >> We here at Adaptec are doing all we can to provide you as much >> documentation as we possibly can in the timeframe that makes the most >> sense for both of us....and we had provided you documentation before >> on >> our driver, > > I am unaware of any other Adaptec RAID documentation having been > provided > to OpenBSD. > >> but what you are seeking now is more source information >> regarding our GUI management, etc... > > We are not asking for "source". We are asking for information as to > how to communicate with the controller so that it can perform the job > that it is advertised to perform. Your controllers are NOT performing > at the moment because you do not let vendors communicate with the RAID > management components. > >> I can understand you seeking this, as you as well as many other >> flavors >> of Linux/Unix are looking for the same thing...and though we would >> like >> to support "all" of the various flavors of these new operating >> systems, >> we can't do so in an economic fashion, as support for "all" of these >> varying flavors is just not possible... > > We are not asking for support. We are asking for documentation. > > Back when we asked for documentation for the Adaptec SCSI products, > Adaptec also translated that to mean "support". We did not want > support! Then Adaptec gave us documentation. > > Are you telling customers that unless they run an Adaptec approved > operating system ("supported") that they should NOT buy Adaptec RAID > products? > > Are you willing to start accepting returns for Adaptec RAID products > that customers have... which are not performing the tasks that RAID > controllers are expected to perform? > >> But, help is on the way.... >> >> We are coming out with an entire new rev of our firmware with the >> upcoming SAS/SATA-2 release in the July timeframe, and our plan is to >> provide a Software Development Kit (SDK), which will be generic in >> nature, and will have the documentation in hand that will help you to >> do >> the work on your side to continue to expand the support for Adaptec >> products in your OpenBSD OS.... > > And this scares us. A new firmware? That must be loaded onto a card, > for RAID management to work? And what of all the cards that are out > there now? > > From my viewpoint, the goal here is to make it harder to run on > operating systems other that Windows. > > Why don't you just give us the Adaptec RAID management firmware > documentation in some form before we just either > > 1) Reverse engineer it > > or > > 2) Entirely cease supporting Adaptec RAID controllers. > > There are other choices on the market. > >> Until then, you will need to be patient, as we are getting closer, but >> not fully there.... > > I heard a timeline of releasing such an SDK in July. If that is the > case, the earliest we would be able to include RAID management support > is likely May 2006 (misc readers: because the SDK would arrive after > our hackathon). > > Should we tell everyone who is running Adaptec RAID to choose other > products until such time? > > Should we tell the people (who we both know) running with over a > million > dollars worth of Adaptec RAID cards to ... simply trust their RAID > arrays > will not lose a drive? > > What is your message for those large customers who believed they were > buying a product that would give them greater uptime? > > From george Fri Mar 18 20:05:29 2005 From: george (G. Rosamond) Date: Fri, 18 Mar 2005 20:05:29 -0500 Subject: [nycbug-talk] acronym fun Message-ID: Thanks to HubertF. . . http://www.bjergand.dk/images/webtalk-acronyms.jpg I always understood I had no idea WTF meant. . . g From scottro Fri Mar 18 20:29:22 2005 From: scottro (Scott Robbins) Date: Fri, 18 Mar 2005 20:29:22 -0500 Subject: [nycbug-talk] more on acronym fun Message-ID: <20050319012922.GA40710@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I carelessly just replied to George rather than the list, but I think it's funny enough to waste a little bandwidth. I responded to his link with interesting versions of well-known acronyms with something I once saw on bash.org, which collects interesting irc quotes. Someone asked what stfu stood for. Someone answered him. He plaintively asked,"What's with you, I just want to know what stfu stands for?" Several more people answered him. Finally, someone took pity upon him and explained that they were simply answering his question. - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Buffy: Have I ever let you down? Giles: Do you want me to answer that, or shall I just glare? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD4DBQFCO4By+lTVdes0Z9YRAk/HAJYjVJG7iHJ9an2E7njvUGF+hnMLAKCmPTly ChQBDLIbvdcN1+OV0mmEwg== =DFBg -----END PGP SIGNATURE----- From spork Sat Mar 19 00:23:23 2005 From: spork (Charles Sprickman) Date: Sat, 19 Mar 2005 00:23:23 -0500 (EST) Subject: [nycbug-talk] Some DoS benchmarking Message-ID: Hey all, I don't know if anyone here reads the forums on DSLReports at all, but I stop by there now and then mostly for their Mac forum and to vent frustrations on the political boards. They have a unix forum, but it's mostly linux noobs asking about "Dropline Gnome", "Ubuntu" and many other things that make little sense to me. Anyhow, the site was recently DDoS'd and the frontend box couldn't handle it. Their upstream apparently was able to squash some of it so that it wasn't a bandwidth DoS, but the Linux 2.4.? kernel was spending an inordinate amount of time servicing interrupts from the network card. This thread has the site owner/admin musing over how to improve it. Needless to say the 3 BSD guys there didn't say "dude, drop linux and go to BSD", but we did all do some testing. I'm "sporkme". That "eatmeingreek" guy seems pretty clever... :) As you can see down the line I eventually wrangled some decent hardware and it performed great. I'm a bit stuck as far as getting the *senders* to generate more than 130,000 pps and 65Mb/s. At one point I had one dual 2.8 Xeon, one dual 2.0 Xeon and one dual 1.0 PIII box hitting it. The receiving box was totally responsive (running 4.11, BTW) and was only spending about 8% of the CPU servicing interrupts, and that's WITHOUT polling enabled in the kernel. Pretty impressive. I'm wondering if my little backend switch (I used the internal network for this) is the bottleneck? Thoughts? Observations? Hints on tuning polling (Hz value) if this were a real-world DDoS and I wanted to make sure I'm not wasting cycles processing garbage? http://www.dslreports.com/forum/remark,12920826 Thanks, Charles ___ Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet - www.bway.net spork at bway.net - 212.655.9344 From nomadlogic Sat Mar 19 01:09:58 2005 From: nomadlogic (pete wright) Date: Fri, 18 Mar 2005 22:09:58 -0800 Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: References: Message-ID: <57d710000503182209355762a7@mail.gmail.com> > As you can see down the line I eventually wrangled some decent hardware > and it performed great. I'm a bit stuck as far as getting the *senders* > to generate more than 130,000 pps and 65Mb/s. At one point I had one dual > 2.8 Xeon, one dual 2.0 Xeon and one dual 1.0 PIII box hitting it. The > receiving box was totally responsive (running 4.11, BTW) and was only > spending about 8% of the CPU servicing interrupts, and that's WITHOUT > polling enabled in the kernel. Pretty impressive. I'm wondering if my > little backend switch (I used the internal network for this) is the > bottleneck? > > Thoughts? Observations? Hints on tuning polling (Hz value) if this were > a real-world DDoS and I wanted to make sure I'm not wasting cycles > processing garbage? this looks pretty interesting. it may be worth checking out the freebsd archives (smp maybe?) to see what Robert Watson has to say about interrupts in the 5.x branch. shoot there may even be a test case in those archives. i'll try to check that out tonight if i have time before my shift ends. as an aside, the bsd sysstat/systat(1) utility has an ability to report interrupts (systat -vmstat). may be interesting run that during a test... -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From alex Sat Mar 19 01:27:19 2005 From: alex (alex at pilosoft.com) Date: Sat, 19 Mar 2005 01:27:19 -0500 (EST) Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: Message-ID: On Sat, 19 Mar 2005, Charles Sprickman wrote: > This thread has the site owner/admin musing over how to improve it. > Needless to say the 3 BSD guys there didn't say "dude, drop linux and go > to BSD", but we did all do some testing. I'm "sporkme". That > "eatmeingreek" guy seems pretty clever... :) They are clueless. > As you can see down the line I eventually wrangled some decent hardware > and it performed great. I'm a bit stuck as far as getting the *senders* > to generate more than 130,000 pps and 65Mb/s. At one point I had one For senders, use linux and pktgen module. > dual 2.8 Xeon, one dual 2.0 Xeon and one dual 1.0 PIII box hitting it. > The receiving box was totally responsive (running 4.11, BTW) and was > only spending about 8% of the CPU servicing interrupts, and that's > WITHOUT polling enabled in the kernel. Pretty impressive. I'm > wondering if my little backend switch (I used the internal network for > this) is the bottleneck? 130kpps ain't squat. It isn't even a 'ddos' in my book. :) I've been ddos'd with 5Mpps. I was able to route the traffic up to 1Mpps, filter and route 'clean' traffic up to 2Mpps. You really want polling. Really. Also, you need to be able to *filter* traffic somehow so it doesn't all hit apache, to distinguish ddos from non-ddos. There are many ways to do that, such as serving redirects with cookies etc. These are non-trivial. > Thoughts? Observations? Hints on tuning polling (Hz value) if this > were a real-world DDoS and I wanted to make sure I'm not wasting cycles > processing garbage? real-world ddos is measured in mpps, not kpps. -alex From ike Sat Mar 19 12:53:54 2005 From: ike (Isaac Levy) Date: Sat, 19 Mar 2005 12:53:54 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: Hey All, I just wanted to report from an old thread, regarding that I stumbled into the conversation I had been *actually* looking for- http://openntpd.org/ I'd been on the side of a conversation post-nycbug where someone was ranting about how much they loved openntpd, and I couldn't remember it when I made this post... -- Anyhow, does anyone happen to have any good experiences to share regarding using openntpd with FreeBSD systems? It *looks* quite straightforward from the site docs, but I'd love to hear some positive words- Rocket- .ike On Feb 28, 2005, at 12:17 PM, Isaac Levy wrote: > Hi All, > > I was just wanting to post on some of the post-meeting conversations > I've repeatedly over-heard about managing time-drift across clusters > of machines- (you know who you people are...) > > How do folks like to do this? Special tools beyond rockin' timed? > Anyone know any good urls on the topic (either practical or acidemic)? > > Rocket- > .ike From ike Sat Mar 19 13:24:27 2005 From: ike (Isaac Levy) Date: Sat, 19 Mar 2005 13:24:27 -0500 Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: References: Message-ID: <77e68f8adfe46d6cdb512717594975b6@lesmuug.org> On Mar 19, 2005, at 12:23 AM, Charles Sprickman wrote: [snip] > Anyhow, the site was recently DDoS'd and the frontend box couldn't > handle it. Their upstream apparently was able to squash some of it so > that it wasn't a bandwidth DoS, but the Linux 2.4.? kernel was > spending an inordinate amount of time servicing interrupts from the > network card. Did they post configuration and attack details, for the record, once they solved the problem? (or did I it them somewhere in the thread?) I'm kindof interested in how this attack worked- though I'm not surprised that some default in a Linux install was so susceptible to attack. > > This thread has the site owner/admin musing over how to improve it. > Needless to say the 3 BSD guys there didn't say "dude, drop linux and > go to BSD", but we did all do some testing. I'm "sporkme". That > "eatmeingreek" guy seems pretty clever... :) > > As you can see down the line I eventually wrangled some decent > hardware and it performed great. I'm a bit stuck as far as getting > the *senders* to generate more than 130,000 pps and 65Mb/s. At one > point I had one dual 2.8 Xeon, one dual 2.0 Xeon and one dual 1.0 PIII > box hitting it. The receiving box was totally responsive (running > 4.11, BTW) and was only spending about 8% of the CPU servicing > interrupts, and that's WITHOUT polling enabled in the kernel. Pretty > impressive. I'm wondering if my little backend switch (I used the > internal network for this) is the bottleneck? Well, to throw my quick .02? into this one; while your switch may be a bottleneck, I've found that reproducing true distributed network loads on servers is nearly impossible- insomuch as it's extremely difficult to repoduce the *type* of traffic that comes from say, a few thousand machines. Sick asynchronys entropy in packet latency, types of packet header changes based on routing, etc..- it all becomes an insane number of variables, which in most attacks, is more critical than the actual bandwidth consumed by a ddos. That said, a single box slinging fat packets is far easier for any system to deal with than a few thousand boxes trickling out a few packets in semi-synchronized bursts. I mean there's tons of ways to tweak out packets from a few boxes to come *closer* to all that distributed entropy and chaos, but in the end, it's still limited to the number of actual boxes and networks in the mix... > Thoughts? Observations? Hints on tuning polling (Hz value) if this > were a real-world DDoS and I wanted to make sure I'm not wasting > cycles processing garbage? Nah- I don't think you'll waste cycles- totally bound to learn some interesting stuff about performance/behavior, but I've just found for performance/etc... testing there's just nothing that compares to thousands of machines from around the world slamming things- production webserver traffic is the best place to learn, and the kiddies keep us busy with *plenty* of chances to learn :) > > http://www.dslreports.com/forum/remark,12920826 > > Thanks, > > Charles Good luck- sounds like fun! Rocket- .ike From alex Sat Mar 19 13:24:12 2005 From: alex (alex at pilosoft.com) Date: Sat, 19 Mar 2005 13:24:12 -0500 (EST) Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: <77e68f8adfe46d6cdb512717594975b6@lesmuug.org> Message-ID: On Sat, 19 Mar 2005, Isaac Levy wrote: > Well, to throw my quick .02? into this one; while your switch may be a > bottleneck, I've found that reproducing true distributed network loads > on servers is nearly impossible- insomuch as it's extremely difficult > to repoduce the *type* of traffic that comes from say, a few thousand > machines. Not really. See pktgen. > Sick asynchronys entropy in packet latency, types of packet header > changes based on routing, etc..- it all becomes an insane number of > variables, which in most attacks, is more critical than the actual > bandwidth consumed by a ddos. Whatever "Sick asynchronys entropy in packet latency" is supposed to mean - it does not enter into CPU utilization or DDoS susceptability. WRT "types of packet header changes based on routing" - you probably mean "flow-based routing" as practiced by Linux (I don't know BSD forwarding stack well enough to comment, but I believe it is similar). Yes, stock kernels are designed to optimize for 'typical' traffic (which means, number of flows established per second is 2 orders of magnitude lower than packets per second). That also means that performance is really a function of flows/second, and if hit with a ddos of 1 flow/packet (random src/dst), router (or host) will croak. > That said, a single box slinging fat packets is far easier for any > system to deal with than a few thousand boxes trickling out a few > packets in semi-synchronized bursts. I mean there's tons of ways to > tweak out packets from a few boxes to come *closer* to all that > distributed entropy and chaos, but in the end, it's still limited to the > number of actual boxes and networks in the mix... Not true. You can easily simulate proper ddos off a single box with pktgen. > > Thoughts? Observations? Hints on tuning polling (Hz value) if this > > were a real-world DDoS and I wanted to make sure I'm not wasting > > cycles processing garbage? > > Nah- I don't think you'll waste cycles- totally bound to learn some > interesting stuff about performance/behavior, but I've just found for > performance/etc... testing there's just nothing that compares to > thousands of machines from around the world slamming things- production > webserver traffic is the best place to learn, and the kiddies keep us > busy with *plenty* of chances to learn :) -alex From bschonhorst Sat Mar 19 14:02:49 2005 From: bschonhorst (Brad Schonhorst) Date: Sat, 19 Mar 2005 14:02:49 -0500 Subject: [nycbug-talk] Fork Bomb Attack Message-ID: <162850-22005361919249966@vcsnyc.org> Not sure if you've seen this yet but I just noticed this article on security focus about linux kernel security. Nice to see the BSD's didn't flinch at the described kernel attack. "It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions." http://www.securityfocus.com/columnists/308 -brad From ike Sat Mar 19 14:16:18 2005 From: ike (Isaac Levy) Date: Sat, 19 Mar 2005 14:16:18 -0500 Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: References: Message-ID: On Mar 19, 2005, at 1:24 PM, alex at pilosoft.com wrote: [snip] > Not really. See pktgen. [snip] Hey Alex- can you please stop trolling for a sec and explain what pktgen does to replicate thousands of actual machines in a ddos? Thanks- .ike From alex Sat Mar 19 14:28:50 2005 From: alex (alex at pilosoft.com) Date: Sat, 19 Mar 2005 14:28:50 -0500 (EST) Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: Message-ID: On Sat, 19 Mar 2005, Isaac Levy wrote: > On Mar 19, 2005, at 1:24 PM, alex at pilosoft.com wrote: > > [snip] > > Not really. See pktgen. > [snip] > > Hey Alex- can you please stop trolling for a sec and explain what > pktgen does to replicate thousands of actual machines in a ddos? can you pretty please with a sugar on top explain how 500 machines sending one packet per second are different from one machine sending 500 packets per second? packet is a packet is packet. by the time it gets to your host, it doesn't matter at all who or what or when sent it. no trolling, just cluebombs being dropped. -alex From nomadlogic Sat Mar 19 14:50:16 2005 From: nomadlogic (pete wright) Date: Sat, 19 Mar 2005 11:50:16 -0800 Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: References: Message-ID: <57d71000050319115046fefe72@mail.gmail.com> On Sat, 19 Mar 2005 14:28:50 -0500 (EST), alex at pilosoft.com wrote: > On Sat, 19 Mar 2005, Isaac Levy wrote: > > > On Mar 19, 2005, at 1:24 PM, alex at pilosoft.com wrote: > > > > [snip] > > > Not really. See pktgen. > > [snip] > > > > Hey Alex- can you please stop trolling for a sec and explain what > > pktgen does to replicate thousands of actual machines in a ddos? > can you pretty please with a sugar on top explain how 500 machines sending > one packet per second are different from one machine sending 500 packets > per second? > > packet is a packet is packet. by the time it gets to your host, it doesn't > matter at all who or what or when sent it. > > no trolling, just cluebombs being dropped. > OK guy's take this off list! This is a forum for adult conversations. People on this list expect to be treated as adults, as I am sure you expect to be treated as an adult. It is one thing to have honest discussions over differing opinions, however the tone of this conversation (and other conversations in the past) is not appropriate for this list. Plese respect this list, and the members of NYCBug. -pete -pete > -alex > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From ike Sat Mar 19 15:00:24 2005 From: ike (Isaac Levy) Date: Sat, 19 Mar 2005 15:00:24 -0500 Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: <57d71000050319115046fefe72@mail.gmail.com> References: <57d71000050319115046fefe72@mail.gmail.com> Message-ID: <719d208d11bfb29861001f7ae99c627f@lesmuug.org> Hi Pete, Alex, All, On Mar 19, 2005, at 2:50 PM, pete wright wrote: > OK guy's take this off list! This is a forum for adult conversations. > People on this list expect to be treated as adults, as I am sure you > expect to be treated as an adult. It is one thing to have honest > discussions over differing opinions, however the tone of this > conversation (and other conversations in the past) is not appropriate > for this list. Plese respect this list, and the members of NYCBug. > > -pete My sincerest apologies for taking a rude tone earlier in the thread here. I seriously am still interested in pktgen- it sounds interesting. Rocket- .ike From alex Sat Mar 19 14:59:46 2005 From: alex (alex at pilosoft.com) Date: Sat, 19 Mar 2005 14:59:46 -0500 (EST) Subject: [nycbug-talk] Some DoS benchmarking In-Reply-To: Message-ID: On Sat, 19 Mar 2005, Isaac Levy wrote: > On Mar 19, 2005, at 1:24 PM, alex at pilosoft.com wrote: > > [snip] > > Not really. See pktgen. > [snip] > > Hey Alex- can you please stop trolling for a sec and explain what > pktgen does to replicate thousands of actual machines in a ddos? I wasn't sure what you asked. If you are asking why pktgen is fast - it is because most of the logic for generation/sending of packets is in kernel, and there's no syscall/ctx switch overhead per packet. -alex From dave-dated-1111881703.0b398f Sat Mar 19 19:01:41 2005 From: dave-dated-1111881703.0b398f (Dave Steinberg) Date: Sat, 19 Mar 2005 19:01:41 -0500 Subject: [nycbug-talk] serial console help? Message-ID: <423CBD65.20200@redterror.net> Hey all, I was wondering if anyone might have had a similar experience to mine sometime in the past: I'm trying to connect a new console server to my OpenBSD box using the supplied pinouts for the rj45-db9 adapter. The funny thing is that when I make the connection, I'm able to type characters into the console server and see them on the screen (i.e. they're echo'd back, which wouldn't happen if it was a totally bad cable), but I never get any response from the OpenBSD machine. I used a serial diagnostic devices with LEDs and contrasted the output to a working null modem connection, and it told me that (if i'm reading it right) the CD signal (carrier detect) isn't being raised with my adapter. With the null modem, it seems to work. I've also read on nullmodem.com something like "some devices require CD (or DSR) to be raised before they send anything; if so, connect DSR and CD signals onto the DTR wire." Trouble is I'm not sure how to do that with a modular rj45 adapter. I've tried all the options for flow control, none seem to matter. Everything is set to 9600 8N1. Any advice? Thanks for your time! -- Dave Steinberg http://www.geekisp.com/ http://www.steinbergcomputing.com/ From alex Sat Mar 19 19:00:41 2005 From: alex (alex at pilosoft.com) Date: Sat, 19 Mar 2005 19:00:41 -0500 (EST) Subject: [nycbug-talk] serial console help? In-Reply-To: <423CBD65.20200@redterror.net> Message-ID: > I used a serial diagnostic devices with LEDs and contrasted the output > to a working null modem connection, and it told me that (if i'm reading > it right) the CD signal (carrier detect) isn't being raised with my > adapter. With the null modem, it seems to work. Turn off flow-control in your application. You should have options "hardware/software (xon/xoff)/none". Choose none. -alex From dave-dated-1111884176.e6dc0b Sat Mar 19 19:42:50 2005 From: dave-dated-1111884176.e6dc0b (Dave Steinberg) Date: Sat, 19 Mar 2005 19:42:50 -0500 Subject: [nycbug-talk] serial console help? In-Reply-To: References: Message-ID: <423CC70A.9020906@redterror.net> alex at pilosoft.com wrote: >>I used a serial diagnostic devices with LEDs and contrasted the output >>to a working null modem connection, and it told me that (if i'm reading >>it right) the CD signal (carrier detect) isn't being raised with my >>adapter. With the null modem, it seems to work. > > Turn off flow-control in your application. You should have options > "hardware/software (xon/xoff)/none". Choose none. Hey Alex - thanks for the quick reply. I swear I tried that, but I'll give it another go with whatever extra paranoia checks I can throw in there. Regards, -- Dave Steinberg http://www.geekisp.com/ http://www.steinbergcomputing.com/ From dave-dated-1111895296.7cfd74 Sat Mar 19 22:48:12 2005 From: dave-dated-1111895296.7cfd74 (Dave Steinberg) Date: Sat, 19 Mar 2005 22:48:12 -0500 Subject: [nycbug-talk] serial console help? In-Reply-To: References: Message-ID: <423CF27C.30304@redterror.net> alex at pilosoft.com wrote: >>I used a serial diagnostic devices with LEDs and contrasted the output >>to a working null modem connection, and it told me that (if i'm reading >>it right) the CD signal (carrier detect) isn't being raised with my >>adapter. With the null modem, it seems to work. > > Turn off flow-control in your application. You should have options > "hardware/software (xon/xoff)/none". Choose none. Just as a follow-up note - that was it. Thanks for the clue Alex! I had some funny business, though. Since I was trying to test on my home PC where my console is the screen, I thought it was equivelant to turn on a standard getty process for tty01, and just try and see if I got a login prompt there. That never worked - it was only when I actually booted with the console on the serial port was I able to communicate via the console server. In windows I was able to talk to the unit using the standard 9600 8N1 / no flow setting, but under OpenBSD it only seemed to work if I enabled hardware flow in /etc/remote (despite hardware flow being off on the console server). Both of those test cases were just over plain hyperterm / tip lines - not the console. Ah well, that was probably like 6 hours today. But at least I've got the wiring diagram right, and oddly enough I had a lot of fun doing it. Regards, -- Dave Steinberg http://www.geekisp.com/ http://www.steinbergcomputing.com/ From jpb Sun Mar 20 09:07:25 2005 From: jpb (Jim Brown) Date: Sun, 20 Mar 2005 09:07:25 -0500 Subject: [nycbug-talk] serial console help? In-Reply-To: <423CF27C.30304@redterror.net> References: <423CF27C.30304@redterror.net> Message-ID: <20050320140725.GA32829@sixshooter.v6.thrupoint.net> * Dave Steinberg [2005-03-19 22:48]: > > Ah well, that was probably like 6 hours today. But at least I've got > the wiring diagram right, and oddly enough I had a lot of fun doing it. > Keep those notes. Every 2 or 3 years you will have to do the same thing for some odd reason. Just long enough to have forgotten the details you've just uncovered. Kermit fan, Jim B. From dave-dated-1111941201.02d162 Sun Mar 20 11:33:16 2005 From: dave-dated-1111941201.02d162 (Dave Steinberg) Date: Sun, 20 Mar 2005 11:33:16 -0500 Subject: [nycbug-talk] serial console help? In-Reply-To: <20050320140725.GA32829@sixshooter.v6.thrupoint.net> References: <423CF27C.30304@redterror.net> <20050320140725.GA32829@sixshooter.v6.thrupoint.net> Message-ID: <423DA5CC.9020808@redterror.net> >>Ah well, that was probably like 6 hours today. But at least I've got >>the wiring diagram right, and oddly enough I had a lot of fun doing it. >> > > > Keep those notes. Every 2 or 3 years you will have to do the > same thing for some odd reason. Just long enough to have > forgotten the details you've just uncovered. That's a good point to make. One of the only reasons I was able to make the first adapter so quickly (nevermind the 5.5 hours of debugging afterwards) was b/c I had in my little box of serial joy the notes which mapped the RJ45 pin numbers to the modular plug colors. Those LED debuggers really make a difference. Regards, -- Dave Steinberg http://www.geekisp.com/ http://www.steinbergcomputing.com/ From ike Mon Mar 21 13:15:46 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 13:15:46 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <4d6e984f48d2049eb9e9774347982f47@sddi.net> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> Message-ID: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Wordup All, On Mar 18, 2005, at 6:56 PM, G. Rosamond wrote: > This is a thread well worth following. . . [snip OpenBSD Adapted RAID saga] For those of you who didn't follow this thread, OpenBSD 3.7 will ship without Adaptec RAID support, as made slashdot yesterday: http://bsd.slashdot.org/bsd/05/03/20/1944233.shtml? tid=137&tid=198&tid=190&tid=172&tid=7 IMHO: Go Theo. Walking the walk aint' easy, glad someone's tough in Open Source. -- With that stated, as the dust is settling with this issue- and myself being a bit outside of the daily-use OpenBSD camp, what is everyone going to use for RAID on OpenBSD? (I'm particularly interested in sata hardware raid...?!?) Rocket- .ike From george Mon Mar 21 13:49:46 2005 From: george (G. Rosamond) Date: Mon, 21 Mar 2005 13:49:46 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: On Mar 21, 2005, at 1:15 PM, Isaac Levy wrote: > Wordup All, > > On Mar 18, 2005, at 6:56 PM, G. Rosamond wrote: > >> This is a thread well worth following. . . > [snip OpenBSD Adapted RAID saga] > > For those of you who didn't follow this thread, OpenBSD 3.7 will ship > without Adaptec RAID support, as made slashdot yesterday: > > http://bsd.slashdot.org/bsd/05/03/20/1944233.shtml? > tid=137&tid=198&tid=190&tid=172&tid=7 That is true. . . > > IMHO: Go Theo. Walking the walk aint' easy, glad someone's tough in > Open Source. It seems a bit more complicated than that though. . . First, it is clear that the Adaptec debate has built more walls between OpenBSD and FreeBSD. That is why I would hold off on cheering for either Scott Long of FreeBSD and Theo of OpenBSD. Negative divisions, as opposed to different focuses and directions, is *not* good by any means. Second, the argument is a lot more complex, IMHO, than for or against open source. For those out of the loop on this one, and out of the loop seems like a good place to be sometimes, this brutal and often personal argument was cross posted between OBSD-misc and FreeBSD questions. To the extent that we matter, I would strongly NYCBUG's efforts need to work to keep the BSD projects on the same page. This is not competing 'distros', or open source v closed. But if one thing could be said about it, it's clear that FreeBSD and OpenBSD both have different approaches with vendors who do not provide the needed documentation. Scott Long of FreeBSD's argument was that we should work with the vendors, and just aim towards getting the hardware, such as the Adaptec RAID cards, up and operational, even if it means that we use closed binary drivers and utilities. Theo of OpenBSD, on the other hand, feels strongly that vendors not providing the necessary documentation, NOT source, after repeated queries are a huge problem. I'm not coming down on either side, but I also think that anything that builds walls between the projects is VERY BAD. When you have four groups of talented developers not approaching the politics of hardware porting on the same page, and they don't have the public presence or corporate backing of Linux, I think it's a big step backward for all. > > -- > With that stated, as the dust is settling with this issue- and myself > being a bit outside of the daily-use OpenBSD camp, what is everyone > going to use for RAID on OpenBSD? (I'm particularly interested in > sata hardware raid...?!?) > They are pushing all the other cards. . . most recently, the card mentioned repeatedly was the LSI/AMI MegaRAID. If anyone's interested in the argument, they should go back to the archives of either list. George From dan Mon Mar 21 14:03:47 2005 From: dan (Dan Langille) Date: Mon, 21 Mar 2005 14:03:47 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: References: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: <423ED443.7147.47A07F8@localhost> On 21 Mar 2005 at 13:49, G. Rosamond wrote: > First, it is clear that the Adaptec debate has built more walls between > OpenBSD and FreeBSD. That is why I would hold off on cheering for > either Scott Long of FreeBSD and Theo of OpenBSD. Negative divisions, > as opposed to different focuses and directions, is *not* good by any > means. What's the Scott Long connection to this? > They are pushing all the other cards. . . most recently, the card > mentioned repeatedly was the LSI/AMI MegaRAID. FWIW, I recently bought two new 64bit LSI SCSI card for US$34. I'm quite happy with it. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From marco Mon Mar 21 14:04:54 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 14:04:54 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: <20050321190454.GL12375@foo.metm.org> On Mon, Mar 21, 2005 at 01:15:46PM -0500, Isaac Levy wrote: >With that stated, as the dust is settling with this issue- and myself >being a bit outside of the daily-use OpenBSD camp, what is everyone >going to use for RAID on OpenBSD? (I'm particularly interested in sata >hardware raid...?!?) > What I wonder is if hardware is really the way to go. What's the difference in overhead btw say a hardware raid5 and putting the card in jbod mode and running raidctl. [ I have not googled this lately ] The huge advantages of software raid are : 1) a consistent interface across different hardware (useful that one time in three years that a disk needs to be replaced in some server and you don't remember the ctrl-F1 or whatever combo to get into a particular hardware vendor's raid software.) 2) tested code, the software raid code in any of the BSDs is probably a lot better tested that whatever is built into the raidcontroller-du-jour. I am not an expert, and certainly welcome others opinions, but I was convinced by the above arguement about a year ago and have been setting up software raids since. I would sacrifice performance for stability, especially since my bet is that the performance hit is not so bad. -- Marco From okan Mon Mar 21 14:16:56 2005 From: okan (Okan Demirmen) Date: Mon, 21 Mar 2005 14:16:56 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <423ED443.7147.47A07F8@localhost> References: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <423ED443.7147.47A07F8@localhost> Message-ID: <20050321191656.GA73782@yinaska.pair.com> On Mon 2005.03.21 at 14:03 -0500, Dan Langille wrote: > On 21 Mar 2005 at 13:49, G. Rosamond wrote: > > > First, it is clear that the Adaptec debate has built more walls between > > OpenBSD and FreeBSD. That is why I would hold off on cheering for > > either Scott Long of FreeBSD and Theo of OpenBSD. Negative divisions, > > as opposed to different focuses and directions, is *not* good by any > > means. > > What's the Scott Long connection to this? he *used* to work for Adaptec, therefore he had access to the docs. he wrote the freebsd driver and i believe the binary only part to do raid management, with said docs. he has also come out and said there are *lots* of bugs within each firmware for each card which need working around - he was the only one with that knowlegde when he worked there - not sure if he knows about how to workaround new bugs...question is why doesn't the community at large know about these "bugs" and more importantly, how to actually write the driver instead of reverse engineering it. > > They are pushing all the other cards. . . most recently, the card > > mentioned repeatedly was the LSI/AMI MegaRAID. > > FWIW, I recently bought two new 64bit LSI SCSI card for US$34. I'm > quite happy with it. and the raid cards are nice too. > -- > Dan Langille : http://www.langille.org/ > BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From marco Mon Mar 21 14:23:28 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 14:23:28 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321191656.GA73782@yinaska.pair.com> References: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <423ED443.7147.47A07F8@localhost> <20050321191656.GA73782@yinaska.pair.com> Message-ID: <20050321192328.GN12375@foo.metm.org> On Mon, Mar 21, 2005 at 02:16:56PM -0500, Okan Demirmen wrote: >there are *lots* of bugs within each firmware for each card which >need working around - Sorta screams software raid to me... :) -- Marco From ike Mon Mar 21 14:40:46 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 14:40:46 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: Wordup George, All, On Mar 21, 2005, at 1:49 PM, G. Rosamond wrote: >> [snip OpenBSD Adapted RAID saga] [snip] >> IMHO: Go Theo. Walking the walk aint' easy, glad someone's tough in >> Open Source. > > It seems a bit more complicated than that though. . . > > First, it is clear that the Adaptec debate has built more walls > between OpenBSD and FreeBSD. That is why I would hold off on cheering > for either Scott Long of FreeBSD and Theo of OpenBSD. Negative > divisions, as opposed to different focuses and directions, is *not* > good by any means. Ahh. I wasn't aware that this issue built any walls- (?) The FreeBSD support for Adaptec stuff is in the end, not so exiting. The aac driver feels solid, (I have 2 sata cards in FreeBSD production now), but the mgmt. utils are a bit wonkie- it would be REALLY GREAT imo to have drivers available which are solidly written from the ground up, to work with various built-in disk utilities (i.e. atacontrol vs. the aaccli wonkie stuff I'm using now...)- As a FreeBSD user and general advocate, I'm all for Theo on this one- and don't understand why anyone would argue with him? I mean, it's not like Theo is sticking the FreeBSD name on his intense stance? If the OpenBSD teams do it, I don't see how it wouldn't benefit the FreeBSD side down the road a bit... (but I'm not a driver developer, so I could be missing something fundamental here). All I know is I'd rather use cleaner mgmt. tools for Adaptec stuff in user space. Or am I missing something? (A real possibility with me these days...) -- /me checks pricewatch for Promise sata card prices/specs... Rocket- .ike From dan Mon Mar 21 14:42:06 2005 From: dan (Dan Langille) Date: Mon, 21 Mar 2005 14:42:06 -0500 Subject: [nycbug-talk] Hardware versus software RAID Message-ID: <423EDD3E.30833.49D1CDE@localhost> On 21 Mar 2005 at 14:23, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 02:16:56PM -0500, Okan Demirmen wrote: > >there are *lots* of bugs within each firmware for each card which > >need working around - > > Sorta screams software raid to me... :) I remember talking to someone about software RAID. They preferred hardware RAID because they would be bugs in the software RAID. I couldn't convince them that hardware RAID also uses software. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Mon Mar 21 14:53:00 2005 From: george (george at rob.us.to) Date: Mon, 21 Mar 2005 14:53:00 -0500 Subject: [nycbug-talk] fwd: Call to Action Against Software Patents Message-ID: <20050321145300.w7crf5dgdds0ocs4@gamma.sitelutions.com> TO: Our Industry Colleagues FROM: Andreas Gauger (1&1 Internet AG) and M?rten G. Mickos (MySQL AB) DATE: 21 March 2005 SUBJECT: Call to Action Against Software Patents Dear Colleagues: Software patents increasingly plague our industry and stifle innovation. Strategic and speculative misuse of software patents by large players and by productless entities are rampant. Entire market segments have been transformed into patent thickets. For several years in a row, software-related litigation costs have been growing faster than revenues from software sales. In a recent German survey, a majority of respondents feared that a software patent could take them out of business. However, software patents are not an unalterable fate. In the European Union, there is an excellent chance of defending the statutory exclusion of software patents, provided that we stand together and take decisive action now. Beyond the direct positive effect on a market of 450 million people, this would prove to the world that the problem of software patents can be solved politically over time. Certain sponsors of NoSoftwarePatents.com own some defensive patents, but let's make no mistake: Only lawmakers can provide us with a reliable line of defense against patent assertions. Until you own so many patents that even the largest player elects to cross-license with you (rather than to search for conflicts with your portfolio), you run the risk of being attacked. And even an infinite number of patents will not help you against patent profiteers without products of their own. Some of those "patent trolls" now dispose of financial resources amounting to tens or hundreds of millions of dollars. We owe it to the spirited resistance by volunteer activists that the EU has not yet enshrined software patents in statutory law. Last year, our companies decided that it was the right economic choice to complement the efforts of the Foundation for a Free Information Infrastructure with a sponsored campaign that is run by an industry veteran. We have deliberately given the campaign manager of NoSoftwarePatents.com the freedom to play hardball in a heated debate without being restrained by corporate communications policies. Yet the most important breakthroughs have been achieved in constructive discussions with politicians all across the democratic spectrum. After a controversial decision by the EU Council on 7 March, the European Parliament is now preparing to vote on a proposed directive in early July (second reading). We have various political and psychological success factors on our side. The European Parliament asked the EU Commission to restart the legislative process. The request was declined but shows that many parliamentarians are highly critical of the current proposal. Various national parliaments have backed our most important demands for amendments. The German Bundestag and the Spanish Senado even did so unanimously. For the next few months, Brussels will be the world capital of lobbyism. Various of the largest corporations, both from the USA and from Europe, know that this may be their last chance ever to impose a US-style software patent regime on the entire First World. They have started a last-ditch lobbying "blitzkrieg" backed by multi-million euro budgets. We are on the right track, but let's not leave it to chance. A single patent litigation can cost any one of us more than it takes all of us collectively to win this political battle. Please contact us now at partners at nosoftwarepatents.com. Best regards, Andreas Gauger M?rten G. Mickos From o_sleep Mon Mar 21 14:53:39 2005 From: o_sleep (Bjorn Nelson) Date: Mon, 21 Mar 2005 14:53:39 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: <8d7872979ea055277df582c590d2ce78@belovedarctos.com> .Ike, On Mar 21, 2005, at 2:40 PM, Isaac Levy wrote: > The FreeBSD support for Adaptec stuff is in the end, not so exiting. > The aac driver feels solid, (I have 2 sata cards in FreeBSD production > now), but the mgmt. utils are a bit wonkie- it would be REALLY GREAT > imo to have drivers available which are solidly written from the > ground up, to work with various built-in disk utilities (i.e. > atacontrol vs. the aaccli wonkie stuff I'm using now...)- Why do you consider the aaccli utility wonkie? -Bjorn From jesse Mon Mar 21 15:04:29 2005 From: jesse (Jesse Callaway) Date: Mon, 21 Mar 2005 15:04:29 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: <200503211504.29922.jesse@theholymountain.com> On Monday 21 March 2005 01:49 pm, G. Rosamond says: > On Mar 21, 2005, at 1:15 PM, Isaac Levy wrote: > > Wordup All, > > > > On Mar 18, 2005, at 6:56 PM, G. Rosamond wrote: > >> This is a thread well worth following. . . > > > > [snip OpenBSD Adapted RAID saga] > > > > For those of you who didn't follow this thread, OpenBSD 3.7 will ship > > without Adaptec RAID support, as made slashdot yesterday: > > > > > > http://bsd.slashdot.org/bsd/05/03/20/1944233.shtml?tid=137&tid=198&tid=190&tid=172&tid=7 (link was rejoined) > > I also thought, as I kind of elided to in the bar at some point, that one of the FreeBSD devs was actually employed by Adaptec and thus had access to stuff that the outside world doesn't. This also makes it hairy. I think the among problems getting the low-level docs out are: 1. They have to filter some of the stuff which might show how patented and fully-closed stuff was built. 2. They know that the open source community is awesome at finding bugs. They don't want to end up getting negative press. Without people peering into the workings of the card (or the interface to the card) a company can carefully market only the features. This is bad news for us, but is entirely up to the paranoid stockholder to figure out how to deal with in the long run. My opinion is that a lot of business will be lost if one continues to be so crass when it comes to emailing the damn pdf to the driver developers. Of course they are not considering that 3rd parties may even make their WHQL compliant (minus the application fee) drivers for free. ok, this is not really a numbered list anymore, but I don't think it's worth reformatting... The big problem is that it takes a good deal of motivation for someone to get the docs out in a way which is friendly to their bosses. -jesse From bruno Mon Mar 21 15:17:27 2005 From: bruno (bruno) Date: Mon, 21 Mar 2005 15:17:27 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> Message-ID: <20050321201727.GQ18486@loftmail.com> > For those of you who didn't follow this thread, OpenBSD 3.7 will ship > without Adaptec RAID support, as made slashdot yesterday: > > http://bsd.slashdot.org/bsd/05/03/20/1944233.shtml? > tid=137&tid=198&tid=190&tid=172&tid=7 > > IMHO: Go Theo. Walking the walk aint' easy, glad someone's tough in > Open Source. To make it a little more clear, it will have support but it will be disabled in GENERIC kernel. You will have to enable it if you need to use it. I didn't read slashdot so I don't know if they said this already. > -- > With that stated, as the dust is settling with this issue- and myself > being a bit outside of the daily-use OpenBSD camp, what is everyone > going to use for RAID on OpenBSD? (I'm particularly interested in sata > hardware raid...?!?) Not sure for SATA, perhaps LSI, I do know that Adaptec supposely has bugs in their SATA raid cards and they will freeze your server. For SCSI, LSI (or anything else by ami driver). Bruno -- http://www.loftmail.com From ike Mon Mar 21 15:18:15 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 15:18:15 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <8d7872979ea055277df582c590d2ce78@belovedarctos.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <8d7872979ea055277df582c590d2ce78@belovedarctos.com> Message-ID: <0fbd4fb224ea5fc3ab724a24f64b1c96@lesmuug.org> Hi Bjorn, All, On Mar 21, 2005, at 2:53 PM, Bjorn Nelson wrote: > .Ike, > > On Mar 21, 2005, at 2:40 PM, Isaac Levy wrote: >> The FreeBSD support for Adaptec stuff is in the end, not so exiting. >> The aac driver feels solid, (I have 2 sata cards in FreeBSD >> production now), but the mgmt. utils are a bit wonkie- it would be >> REALLY GREAT imo to have drivers available which are solidly written >> from the ground up, to work with various built-in disk utilities >> (i.e. atacontrol vs. the aaccli wonkie stuff I'm using now...)- > > Why do you consider the aaccli utility wonkie? > > -Bjorn Well, it's not that it's altogether bad, but I personally prefer very minimal/clean systems on a server, so the following aspects of aaccli are simply things I'd love to do away with: - One has to install aaccli separately (from ports, ok, not rocket science, but it's one more thing...) - No manual entry for aaccli - The aaccli utility itself, in interactive mode, feels like an AppleII cli app in it's design (not even curses based, apps with no forgiveness to backspace, etc..., bug me) - since it's rare that I use this utility interactively, takes me a sec to remember how to use it when I do... + The aaccli utility is simply scriptable, by feeding it return-deliniated textual commands, which is what I've done for common/checkup tasks (I wrapped the text in shell scripts). Trivial enough, but again, just one more thing to do... - It took me about 30 minutes to figure out how to use aaccli in the first place, reading through the help and trial-error with commands in interactive mode. -- All of that, I compare that to the simplicity of the builtin atacontrol(8) utility on FreeBSD: http://www.freebsd.org/cgi/man.cgi? query=atacontrol&apropos=0&sektion=0&manpath=FreeBSD+4.11- stable&format=html -or- http://tinyurl.com/5rx43 It behaves just like any other unix utility, so to me, it's more attractive. I'd just personally rather use atacontrol than aaccli- but aaccli and the Adaptec SATA cards I've got are working just great, no serious complaints, running solid in some of my production boxen. My .02? and whining- but you asked for it ;) (why do you ask btw?) Rocket- .ike From ike Mon Mar 21 15:21:30 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 15:21:30 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <200503211504.29922.jesse@theholymountain.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <200503211504.29922.jesse@theholymountain.com> Message-ID: <3bd1b1844b58248bb99c7d302e96e310@lesmuug.org> On Mar 21, 2005, at 3:04 PM, Jesse Callaway wrote: > 2. They know that the open source community is awesome at finding bugs And sometimes making them... :) "Hello, Adaptec Tech support? I've got this problem with your hardware, I'm using OpenBSD and I just..." Rocket- .ike From ike Mon Mar 21 15:22:50 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 15:22:50 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321201727.GQ18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321201727.GQ18486@loftmail.com> Message-ID: <90954b678d5988442125932bd4fc403b@lesmuug.org> On Mar 21, 2005, at 3:17 PM, bruno wrote: > Not sure for SATA, perhaps LSI, I do know that Adaptec supposely has > bugs in their SATA raid cards and they will freeze your server. On OpenBSD specifically? Rocket- .ike From nomadlogic Mon Mar 21 15:23:42 2005 From: nomadlogic (pete wright) Date: Mon, 21 Mar 2005 12:23:42 -0800 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321190454.GL12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> Message-ID: <57d7100005032112234c29a876@mail.gmail.com> On Mon, 21 Mar 2005 14:04:54 -0500, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 01:15:46PM -0500, Isaac Levy wrote: > >With that stated, as the dust is settling with this issue- and myself > >being a bit outside of the daily-use OpenBSD camp, what is everyone > >going to use for RAID on OpenBSD? (I'm particularly interested in sata > >hardware raid...?!?) > > > > What I wonder is if hardware is really the way to go. What's the difference in > overhead btw say a hardware raid5 and putting the card in jbod mode and running > raidctl. [ I have not googled this lately ] I think it probably depends on what you are going to be using your RAID setup in. For example on some systems I've worked on where we have needed high/sustained throughput we actually used a mixture of hardware RAID and software mirroring/parity management. The main benefit I see with hardware RAID controllers are Battery Backup Units and higher through-put with lower overhead, and lower system utilization when rebuilding disks. Also, to fully utilize features of the BBU for example, one needs interact directly with the SCSI controller. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From bruno Mon Mar 21 15:31:10 2005 From: bruno (bruno) Date: Mon, 21 Mar 2005 15:31:10 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321190454.GL12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> Message-ID: <20050321203110.GR18486@loftmail.com> > What I wonder is if hardware is really the way to go. What's the > difference in > overhead btw say a hardware raid5 and putting the card in jbod mode > and running > raidctl. [ I have not googled this lately ] If you do need performance software raid is sometimes not enough. > > I am not an expert, and certainly welcome others opinions, but I was > convinced > by the above arguement about a year ago and have been setting up > software raids > since. I would sacrifice performance for stability, especially since > my bet is > that the performance hit is not so bad. Sure, also software raid is quite a bit cheaper. It comes back to your needs, if you need to run 24/7 database with heavy IO, I'd get a hardware raid. Otherwise, software raid is nice and will work fine. There are other advantages to hardware raid, like ease of use, easier OS upgrades, and so on, but that all depends on the context, as always. Also raidctl can be a pain if your server crashes.. Bruno -- http://www.loftmail.com From bruno Mon Mar 21 15:39:30 2005 From: bruno (bruno) Date: Mon, 21 Mar 2005 15:39:30 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <90954b678d5988442125932bd4fc403b@lesmuug.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321201727.GQ18486@loftmail.com> <90954b678d5988442125932bd4fc403b@lesmuug.org> Message-ID: <20050321203930.GS18486@loftmail.com> On Mon, Mar 21, 2005 at 03:22:50PM -0500, Isaac Levy wrote: > On Mar 21, 2005, at 3:17 PM, bruno wrote: > > >Not sure for SATA, perhaps LSI, I do know that Adaptec supposely has > >bugs in their SATA raid cards and they will freeze your server. > > On OpenBSD specifically? I really only know OpenBSD and I'm not sure of the status of other BSDs for these RAIDs. The crashes might be related to the fact that they don't have docs to write a driver. The fact that there _is_ a bug(s) in firmware (if true of course) makes me avoid those cards on any OS. Bruno -- http://www.loftmail.com From okan Mon Mar 21 15:34:49 2005 From: okan (Okan Demirmen) Date: Mon, 21 Mar 2005 15:34:49 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <57d7100005032112234c29a876@mail.gmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <57d7100005032112234c29a876@mail.gmail.com> Message-ID: <20050321203449.GA95783@yinaska.pair.com> On Mon 2005.03.21 at 12:23 -0800, pete wright wrote: > On Mon, 21 Mar 2005 14:04:54 -0500, Marco Scoffier wrote: > > On Mon, Mar 21, 2005 at 01:15:46PM -0500, Isaac Levy wrote: > > >With that stated, as the dust is settling with this issue- and myself > > >being a bit outside of the daily-use OpenBSD camp, what is everyone > > >going to use for RAID on OpenBSD? (I'm particularly interested in sata > > >hardware raid...?!?) > > > > > > > What I wonder is if hardware is really the way to go. What's the difference in > > overhead btw say a hardware raid5 and putting the card in jbod mode and running > > raidctl. [ I have not googled this lately ] > > I think it probably depends on what you are going to be using your > RAID setup in. For example on some systems I've worked on where we > have needed high/sustained throughput we actually used a mixture of > hardware RAID and software mirroring/parity management. i agree with pete in that your decision of raid, and the level of raid, depends heavily on the application. a web server and a database server have different needs, hence a different approach is needed for each. okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From ike Mon Mar 21 15:43:34 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 15:43:34 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321203930.GS18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321201727.GQ18486@loftmail.com> <90954b678d5988442125932bd4fc403b@lesmuug.org> <20050321203930.GS18486@loftmail.com> Message-ID: On Mar 21, 2005, at 3:39 PM, bruno wrote: >>> Not sure for SATA, perhaps LSI, I do know that Adaptec supposely has >>> bugs in their SATA raid cards and they will freeze your server. >> >> On OpenBSD specifically? > > I really only know OpenBSD and I'm not sure of the status of other BSDs > for these RAIDs. The crashes might be related to the fact that they > don't have docs to write a driver. The fact that there _is_ a bug(s) > in firmware (if true of course) makes me avoid those cards on any OS. > > Bruno /me nods and winces... Rocket- .ike From dan Mon Mar 21 15:48:46 2005 From: dan (Dan Langille) Date: Mon, 21 Mar 2005 15:48:46 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321203930.GS18486@loftmail.com> References: <90954b678d5988442125932bd4fc403b@lesmuug.org> Message-ID: <423EECDE.27351.4DA260D@localhost> On 21 Mar 2005 at 15:39, bruno wrote: > On Mon, Mar 21, 2005 at 03:22:50PM -0500, Isaac Levy wrote: > > On Mar 21, 2005, at 3:17 PM, bruno wrote: > > > > >Not sure for SATA, perhaps LSI, I do know that Adaptec supposely has > > >bugs in their SATA raid cards and they will freeze your server. > > > > On OpenBSD specifically? > > I really only know OpenBSD and I'm not sure of the status of other BSDs > for these RAIDs. The crashes might be related to the fact that they > don't have docs to write a driver. The fact that there _is_ a bug(s) > in firmware (if true of course) makes me avoid those cards on any OS. FWIW, my main FreeBSD development box runs an Adaptec 2400A (4 x 80GB IDE drives) giving me RAID-5. I've not seen any problems. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From marco Mon Mar 21 15:57:28 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 15:57:28 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321203110.GR18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> Message-ID: <20050321205728.GP12375@foo.metm.org> On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: >If you do need performance software raid is sometimes not enough. > I was wondering if anyone had numbers on this. Are we talking +5% cpu utilisation and -5% throughput or +20% and -20% or more ?? Searched a bit for numbers but came up dry. Wouldn't you want to know this before hawking some hardware vendor's buggy proprietary closed-source ware on your sleek efficient less buggy everyday open source system ?? :) -- Marco From ike Mon Mar 21 15:59:04 2005 From: ike (Isaac Levy) Date: Mon, 21 Mar 2005 15:59:04 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <423EECDE.27351.4DA260D@localhost> References: <90954b678d5988442125932bd4fc403b@lesmuug.org> <423EECDE.27351.4DA260D@localhost> Message-ID: <3a459b52291fcae7e1ef569750c26562@lesmuug.org> On Mar 21, 2005, at 3:48 PM, Dan Langille wrote: > FWIW, my main FreeBSD development box runs an Adaptec 2400A (4 x 80GB > IDE drives) giving me RAID-5. I've not seen any problems. To add to that- I'm running two of the sata version of that card, 2400SA (4x 80gb SATA doing RAID-5, and the other 2x 80gb SATA- mirrored), and they've been quiet and solid with FreeBSD 4.9 and .10 so far. (my aaccli complaints are just whining, really- I like the cards just fine.) I do understand that the FreeBSD aac driver does contain that Adaptec driver blob, totally different design than the OpenBSD aac right, (back to the start of this thread); secret sauce... It works, but it does make me feel all dirty now. :) Rocket- .ike From daggerquill Mon Mar 21 16:09:18 2005 From: daggerquill (Jay Savage) Date: Mon, 21 Mar 2005 16:09:18 -0500 Subject: Harware vs. Software RAID (WAS: Re: [nycbug-talk] Fwd: Adaptec AAC raid support) In-Reply-To: <20050321190454.GL12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> Message-ID: <4ce365ec05032113097264a664@mail.gmail.com> On Mon, 21 Mar 2005 14:04:54 -0500, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 01:15:46PM -0500, Isaac Levy wrote: > >With that stated, as the dust is settling with this issue- and myself > >being a bit outside of the daily-use OpenBSD camp, what is everyone > >going to use for RAID on OpenBSD? (I'm particularly interested in sata > >hardware raid...?!?) > > > > What I wonder is if hardware is really the way to go. What's the difference in > overhead btw say a hardware raid5 and putting the card in jbod mode and running > raidctl. [ I have not googled this lately ] > > The huge advantages of software raid are : > > 1) a consistent interface across different hardware (useful that one time in > three years that a disk needs to be replaced in some server and you don't > remember the ctrl-F1 or whatever combo to get into a particular hardware > vendor's raid software.) > > 2) tested code, the software raid code in any of the BSDs is probably a lot > better tested that whatever is built into the raidcontroller-du-jour. > > I am not an expert, and certainly welcome others opinions, but I was convinced > by the above arguement about a year ago and have been setting up software raids > since. I would sacrifice performance for stability, especially since my bet is > that the performance hit is not so bad. It depends on how big you need your RAID to be, among other things, and what hardware you want to build it with. On IDE/ATA, you need one controller per disk or quickly run out of bandwidth. So your RAID is effectively limited to the number of PCI slots in your box. SCSI you can push a little farther. One thing harware RAID accomplishes for many people is to act as an IDE/SCSI bridge, taking advantage of the SCSI bus between the processor and the RAID controller, and then using cheaper IDE disks to actually build the RAID. and although I've never tried it, I suspect that if you tried to build, say, a multiterabyte software array with a dozen disks, you'd notice the overhead. From dan Mon Mar 21 16:12:04 2005 From: dan (Dan Langille) Date: Mon, 21 Mar 2005 16:12:04 -0500 Subject: Harware vs. Software RAID (WAS: Re: [nycbug-talk] Fwd: Adaptec AAC raid support) In-Reply-To: <4ce365ec05032113097264a664@mail.gmail.com> References: <20050321190454.GL12375@foo.metm.org> Message-ID: <423EF254.30799.4EF7ADD@localhost> On 21 Mar 2005 at 16:09, Jay Savage wrote: > On IDE/ATA, you need one controller per disk or quickly run out of > bandwidth. So your RAID is effectively limited to the number of PCI > slots in your box. Before someone else mentions it, one can buy an IDE card with multiple controllers, and plug it into one PCI slot. I'm a fan of hardware RAID now. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From o_sleep Mon Mar 21 16:33:27 2005 From: o_sleep (Bjorn Nelson) Date: Mon, 21 Mar 2005 16:33:27 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <0fbd4fb224ea5fc3ab724a24f64b1c96@lesmuug.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <8d7872979ea055277df582c590d2ce78@belovedarctos.com> <0fbd4fb224ea5fc3ab724a24f64b1c96@lesmuug.org> Message-ID: <983371032313d4aec55778841e056dd4@belovedarctos.com> .ike, On Mar 21, 2005, at 3:18 PM, Isaac Levy wrote: > > My .02? and whining- but you asked for it ;) (why do you ask btw?) Fair enough. For myself, I was pretty happy to find it. I am working with dell machines, and it's more favorable to the megaraid counterpart. It would be nice if raid manufacturers came up with hooks that would allow a unified interface. -Bjorn From marco Mon Mar 21 16:39:02 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 16:39:02 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321205728.GP12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> Message-ID: <20050321213902.GQ12375@foo.metm.org> On Mon, Mar 21, 2005 at 03:57:28PM -0500, Marco Scoffier wrote: >On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: >>If you do need performance software raid is sometimes not enough. >> >I was wondering if anyone had numbers on this. Are we talking +5% cpu >utilisation and -5% throughput or +20% and -20% or more ?? Searched a bit for >numbers but came up dry. ok found: http://marc.theaimsgroup.com/?l=openbsd-misc&m=110665117301231&w=2 Which compares raw disk with a raid5 and gets a ~10% cpu increase when running the raid. Does not compare a raid controller firmware managed raid vs kernel level openbsd raidctl managed raid5. I guess it is too hard to setup, unless someone is making boxes everyday, and has lots of similar hardware to test out. and http://www.daemonnews.org/200005/raidframe.html nice article about raidframe performance, but no comparisons. Uses the nice bonnie test : http://www.textuality.com/bonnie/ I understand its the knee jerk reaction to say hardware is faster, but knowing exactly how much faster helps to color the decision. Especially considering the drawback of not-even ncurses based, bios-like interface of most firmware raidcontroller software. -- Marco From bruno Mon Mar 21 16:57:44 2005 From: bruno (bruno) Date: Mon, 21 Mar 2005 16:57:44 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321205728.GP12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> Message-ID: <20050321215744.GT18486@loftmail.com> On Mon, Mar 21, 2005 at 03:57:28PM -0500, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: > >If you do need performance software raid is sometimes not enough. > > > I was wondering if anyone had numbers on this. Are we talking +5% cpu > utilisation and -5% throughput or +20% and -20% or more ?? Searched > a bit for > numbers but came up dry. I don't use numbers and I'm afraid I have none to offer. :) Those are more for managers. I've seen visible differences between hardware and software RAID, on both PC-like servers and big SUNs. It is more of a philosophy, I prefer hardware RAID to software RAID, again if I can afford it, and so on. There are many situations where software RAID is just fine. Again, all these situations are pretty specific, and everything will depend on that and on the environment, type of application, usage, what people expect from it... > > Wouldn't you want to know this before hawking some hardware vendor's buggy > proprietary closed-source ware on your sleek efficient less buggy > everyday open > source system ?? :) Yes, of course. I would not run a buggy hardware RAID, but there are good RAIDs out there. In any case, it is important to do the research first, to see if hardware RAID is needed or not. Bruno -- http://www.loftmail.com From marco Mon Mar 21 16:51:59 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 16:51:59 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <57d7100005032112234c29a876@mail.gmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <57d7100005032112234c29a876@mail.gmail.com> Message-ID: <20050321215159.GR12375@foo.metm.org> On Mon, Mar 21, 2005 at 12:23:42PM -0800, pete wright wrote: >The main benefit I see with hardware RAID controllers are Battery >Backup Units With the raid controller in JBOD mode wouldn't you still have the interface to the battery backup (which I didn't know about) but you would have the benefit of bypassing buggy firmware and using a nice consistent open source (less buggy etc.) raidframe or vinium. It seems to me that (how much?) performance is the only real (or supposed) benefit. Now, I've got to get back to work... -- Marco From marco Mon Mar 21 16:56:44 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 16:56:44 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321215744.GT18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> <20050321215744.GT18486@loftmail.com> Message-ID: <20050321215644.GS12375@foo.metm.org> On Mon, Mar 21, 2005 at 04:57:44PM -0500, bruno wrote: > >I don't use numbers and I'm afraid I have none to offer. :) Those are >more for managers. Hmmm... I just ment numbers as a way of quantifying visible difference, everyone needs numbers ... :) >I've seen visible differences between hardware and software RAID, on both >PC-like servers and big SUNs. It is more of a philosophy, I prefer hardware >RAID to software RAID, again if I can afford it, and so on. There are many >situations where software RAID is just fine. Again, all these situations are >pretty specific, and everything will depend on that and on the environment, >type of application, usage, what people expect from it... Thanks for the input, -- Marco From jhlists Mon Mar 21 17:05:50 2005 From: jhlists (jh) Date: Mon, 21 Mar 2005 17:05:50 -0500 Subject: Harware vs. Software RAID (WAS: Re: [nycbug-talk] Fwd: Adaptec AAC raid support) In-Reply-To: <4ce365ec05032113097264a664@mail.gmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <4ce365ec05032113097264a664@mail.gmail.com> Message-ID: <423F453E.5060005@hirschman.net> Jay Savage wrote: > > It depends on how big you need your RAID to be, among other things, > and what hardware you want to build it with. On IDE/ATA, you need one > controller per disk or quickly run out of bandwidth. So your RAID is > effectively limited to the number of PCI slots in your box. I have some experience with building large soft-raids using PCI IDE cards on FreeBSD and Linux. Some problems with this approach: * There are either few or no PCI-X IDE controllers out there (unless you count crappy firmware raid cards, which could work, I guess - but the price advantage of soft raid starts to go away). Hopefully PCIe will change this state of affairs. But using PCI only is not going to give you great performance - and that may be OK for some applications. I've found that using hardware RAID cards is essential for performance, if for no other reason than they work fine with wide PCI slots. I've also used the "many IDE card" approach for situations where "good enough" performance was, well, good enough. * At least one vendor, Promise, puts a "bug" in their firmware that limits how many PCI IDE cards can go in one system. I've verified this with Promise; their firmware makes any more than two cards simply not function. Avoid Promise at all costs. It is also worth mentioning that this was something that happened with newer firmware - older cards with downgrade firmware do not exhibit this, when flashed with newer firmware, they do. I've found SIIG cards, using a Silicon Image chipset, to be unencumbered by such foolishness, and they work fine (at least under Linux, haven't use them under FreeBSD as of yet). jonathan From okan Mon Mar 21 17:09:07 2005 From: okan (Okan Demirmen) Date: Mon, 21 Mar 2005 17:09:07 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321215744.GT18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> <20050321215744.GT18486@loftmail.com> Message-ID: <20050321220907.GA16734@yinaska.pair.com> On Mon 2005.03.21 at 16:57 -0500, bruno wrote: > On Mon, Mar 21, 2005 at 03:57:28PM -0500, Marco Scoffier wrote: > > On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: > > >If you do need performance software raid is sometimes not enough. > > > > > I was wondering if anyone had numbers on this. Are we talking +5% cpu > > utilisation and -5% throughput or +20% and -20% or more ?? Searched > > a bit for > > numbers but came up dry. > > I don't use numbers and I'm afraid I have none to offer. :) Those are > more for managers. I've seen visible differences between hardware and > software RAID, on both PC-like servers and big SUNs. imho, numbers are not just for managers and the ones putting down the cash. numbers are important, as you eluded, to the application and environment. i think numbers can make or break you when it comes to scaling and all the things one needs to think of whilst researching the solution for your environment. not picking on you, but "visible" and "feel" are words i don't like hearing in the context of hardware/software performance. numbers are key in my book. $.02 okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From spork Mon Mar 21 17:29:28 2005 From: spork (Charles Sprickman) Date: Mon, 21 Mar 2005 17:29:28 -0500 (EST) Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321205728.GP12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> Message-ID: On Mon, 21 Mar 2005, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: >> If you do need performance software raid is sometimes not enough. >> > I was wondering if anyone had numbers on this. Are we talking +5% cpu > utilisation and -5% throughput or +20% and -20% or more ?? Searched a bit for > numbers but came up dry. I suspect this may be a case of needing to take a second look at things. I've subscribed to the "hardware raid is always faster" due to past experience with old hardware (ie: Pentium 133, PII-300) boxes. It was pretty easy to see that hardware raid beat sw raid then. These days I'm betting it's closer to a tie. But then again vinum is simply too complicated for me, especially when trying to mirror the root partition. I simply can't keep all that stuff straight in my head, so I don't trust myself to do a quick recovery should something go wrong. On the other hand I pretty much trashed a machine with Adaptec's "raidutil" CLI tool. My fault, but what a horrible, horrible tool. No manpage either. While I hate "are you sure (y/n)?" dialogs, I'd like to see that on destructive operations with something like raidutil. Other than that, their cards have worked well for me so far; the only bugginess I see is in the management interface - sometimes the tools just can't connect to the card. > Wouldn't you want to know this before hawking some hardware vendor's buggy > proprietary closed-source ware on your sleek efficient less buggy everyday open > source system ?? :) Does anyone know what the situation is with other hardware? I've got a few boxes running older 3Ware IDE controllers, and one running their newer SATA controller. I'm very pleased with both for the most part. How do they stand WRT developer docs? What scsi raid hardware meets the "theo test" right now? Thanks, Charles > -- > Marco > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From bruno Mon Mar 21 18:01:35 2005 From: bruno (bruno) Date: Mon, 21 Mar 2005 18:01:35 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321220907.GA16734@yinaska.pair.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> <20050321215744.GT18486@loftmail.com> <20050321220907.GA16734@yinaska.pair.com> Message-ID: <20050321230135.GU18486@loftmail.com> On Mon, Mar 21, 2005 at 05:09:07PM -0500, Okan Demirmen wrote: > On Mon 2005.03.21 at 16:57 -0500, bruno wrote: > > On Mon, Mar 21, 2005 at 03:57:28PM -0500, Marco Scoffier wrote: > > > On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: > > > >If you do need performance software raid is sometimes not enough. > > > > > > > I was wondering if anyone had numbers on this. Are we talking +5% cpu > > > utilisation and -5% throughput or +20% and -20% or more ?? Searched > > > a bit for > > > numbers but came up dry. > > > > I don't use numbers and I'm afraid I have none to offer. :) Those are > > more for managers. I've seen visible differences between hardware and > > software RAID, on both PC-like servers and big SUNs. > > imho, numbers are not just for managers and the ones putting down > the cash. numbers are important, as you eluded, to the application > and environment. i think numbers can make or break you when it comes > to scaling and all the things one needs to think of whilst researching > the solution for your environment. not picking on you, but "visible" > and "feel" are words i don't like hearing in the context of > hardware/software performance. numbers are key in my book. Sure. All I gave was my opinion, which you can take for what it is, my opinion. I'm glad you educated everyone not to base their purchase on "visible" and "feel" words, that sure was not what I wanted. Perhaps my post was then useless. I only hoped to help someone. Oh well. Bruno -- http://www.loftmail.com From okan Mon Mar 21 18:04:12 2005 From: okan (Okan Demirmen) Date: Mon, 21 Mar 2005 18:04:12 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321230135.GU18486@loftmail.com> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> <20050321215744.GT18486@loftmail.com> <20050321220907.GA16734@yinaska.pair.com> <20050321230135.GU18486@loftmail.com> Message-ID: <20050321230412.GA26642@yinaska.pair.com> On Mon 2005.03.21 at 18:01 -0500, bruno wrote: > On Mon, Mar 21, 2005 at 05:09:07PM -0500, Okan Demirmen wrote: > > On Mon 2005.03.21 at 16:57 -0500, bruno wrote: > > > On Mon, Mar 21, 2005 at 03:57:28PM -0500, Marco Scoffier wrote: > > > > On Mon, Mar 21, 2005 at 03:31:10PM -0500, bruno wrote: > > > > >If you do need performance software raid is sometimes not enough. > > > > > > > > > I was wondering if anyone had numbers on this. Are we talking +5% cpu > > > > utilisation and -5% throughput or +20% and -20% or more ?? Searched > > > > a bit for > > > > numbers but came up dry. > > > > > > I don't use numbers and I'm afraid I have none to offer. :) Those are > > > more for managers. I've seen visible differences between hardware and > > > software RAID, on both PC-like servers and big SUNs. > > > > imho, numbers are not just for managers and the ones putting down > > the cash. numbers are important, as you eluded, to the application > > and environment. i think numbers can make or break you when it comes > > to scaling and all the things one needs to think of whilst researching > > the solution for your environment. not picking on you, but "visible" > > and "feel" are words i don't like hearing in the context of > > hardware/software performance. numbers are key in my book. > > Sure. All I gave was my opinion, which you can take for what it is, my > opinion. I'm glad you educated everyone not to base their purchase on > "visible" and "feel" words, that sure was not what I wanted. Perhaps > my post was then useless. I only hoped to help someone. Oh well. no. you're post was not useless. i didn't intend to knock on your post (re: not picking on you). i merely wanted to make a point about something i've seen more and more lately, hence my $.02...that's all ;) okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From trish Mon Mar 21 18:05:33 2005 From: trish (Trish Lynch) Date: Mon, 21 Mar 2005 18:05:33 -0500 (EST) Subject: [nycbug-talk] Cameron Grant Message-ID: <20050321175701.A612@ultra.bsdunix.net> Hi everyone, its taken me a while to get around to writing this from yesterday. Cameron Grant was a FreeBSD committer (cg at freebsd.org)who rewrote the sound system in its entirety for FreeBSD 4 back in 1999/2000. Cameron was severely disabled and was confined to his house/bed for several years. His wife Kris, who moved to the UK and took care of him full-time, and then they got married was also an important part of the FreeBSD community, since she helped him with all his work. On Sunday, March 20th, Cameron Grant passed away. I have been in contact with Kris, because they were both extremely good friends of mine, and I have been trying to offer as much support as possible to them. I am passing on this information for Kris, who really could use our community's support right now: "Some people have asked me if I want flowers sent, or would rather money given to charities. Cameron was never really big on cut flowers (he hated buying them for me, because they just die) so I've been trying to think of things he would've wanted to see helped out. So far I've come up with: 1. Me (Cameron always wanted to give me everything I ever wanted. He didn't get a chance to really make any kind of provision for me, and he always wanted to.) (Just as an aside, supporting Cameron was her only decent means of support, it was a full-time job for her, this is not a greed-based thing, in my personal opinion, she could use the support, however she has given many other charities to which donations in Cam's honor can be given for those who are uncomfiortable with this) 2. Great Ormond Street Children's Hospital (http://www.gosh.org/donate/index.html), or the Royal Brompton Hospital ( http://www.rbh.nthames.nhs.uk/InternetSection/fundraising/fundraising.asp) (they're pretty much tied. They both did masses for him.) 3. A rat rescue charity (http://www.theratrescue.co.uk/ ), or failing that, the RSPCA or your local animal rescue. (Animals, particularly our pet rats, made a big difference to the quality of his life, and he's always loved them.) 4. The Muscular Dystrophy Organization (http://www.muscular-dystrophy.org/fundraising/index.html) (while it seems now that the diagnosis might not have been correct, since he was 13 Cameron believed he had two forms of MD, and the organization provides assistance, equipment, and information to people with MD.) 5. The FreeBSD project (am looking for a url for this)(Some of you may know that Cameron was a FreeBSD committer, and completely rewrote the sound system and created newpcm for the FreeBSD 4 kernel. He thought a lot of FreeBSD, and save the desktop computer, which ran Windows for accessiblity reasons, everything else in the house he could get at ran freeBSD exclusively.) I know it's not exactly a short list, but I wanted people to be able to pick a cause they supported, too. I do feel quite strange about putting myself on the list right up at the top, but I'm trying to make and order this list as Cameron would have. (In fact, I'm friends-locking this so I don't get fandom_wanked or something, but please, feel free to share whichever information you think appropriate with other people.)" Thanks all, Trish -- Trish Lynch trish at bsdunix.net Ecartis Core Team trish at listmistress.org EFNet IRC Operator/SysAdmin @ irc.dkom.at AilleCat at EFNet Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16 From marco Mon Mar 21 18:25:42 2005 From: marco (Marco Scoffier) Date: Mon, 21 Mar 2005 18:25:42 -0500 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <20050321203110.GR18486@loftmail.com> <20050321205728.GP12375@foo.metm.org> Message-ID: <20050321232542.GV12375@foo.metm.org> On Mon, Mar 21, 2005 at 05:29:28PM -0500, Charles Sprickman wrote: >But then again vinum is simply too complicated for me, especially when >trying to mirror the root partition. I simply can't keep all that stuff >straight in my head, so I don't trust myself to do a quick recovery should >something go wrong. They may have written about Vinium in too much detail in the freebsd handbook. I too have shied away from vinium, but raidframe raidctl is quite intuitive and nice. -- Marco From george Mon Mar 21 19:07:31 2005 From: george (G. Rosamond) Date: Mon, 21 Mar 2005 19:07:31 -0500 Subject: [nycbug-talk] Canary Wireless device . . . . Message-ID: Finally received my Canary Wireless detector today. .. after a few months wait. It's very small. . . the exact size in online. Small enough to comfortably fit in your pocket. http://www.canarywireless.com/ It doesn't seem to recognize WPA encryption, doesn't give more than a three bar range of signal strength, and the FAQ does document a number of wireless access points not detected. .. nevertheless, I'm looking forward to seeing how it operates around Manhattan. George From nomadlogic Mon Mar 21 19:52:05 2005 From: nomadlogic (pete wright) Date: Mon, 21 Mar 2005 16:52:05 -0800 Subject: [nycbug-talk] Fwd: Adaptec AAC raid support In-Reply-To: <20050321215159.GR12375@foo.metm.org> References: <4d6e984f48d2049eb9e9774347982f47@sddi.net> <8bdd0adc5edb29efdafcbfed587d5fcc@lesmuug.org> <20050321190454.GL12375@foo.metm.org> <57d7100005032112234c29a876@mail.gmail.com> <20050321215159.GR12375@foo.metm.org> Message-ID: <57d71000050321165274f22515@mail.gmail.com> On Mon, 21 Mar 2005 16:51:59 -0500, Marco Scoffier wrote: > On Mon, Mar 21, 2005 at 12:23:42PM -0800, pete wright wrote: > >The main benefit I see with hardware RAID controllers are Battery > >Backup Units > > With the raid controller in JBOD mode wouldn't you still have the interface to > the battery backup (which I didn't know about) but you would have the benefit > of bypassing buggy firmware and using a nice consistent open source (less buggy > etc.) raidframe or vinium. It seems to me that (how much?) performance is the > only real (or supposed) benefit. > sure. i think that is most likely a benifit of running a mixture of hardware striping and software RAID (in my case tracking parity etc.) Granted most of the work I have done with these types of setups are *not* open source. Specifically it's been with IBM Fiber Channell disk array's attached to SGI Octane's. I found that having the flexibility to utilize some of the features on the disk controller as well as features with software RAID to be quite helpfull (although more complicated to manage). While I do not have any emperical evidence of there being a benefit of using hardware RAID, but I feel pretty comfortable in stating that hardware is the way to go if performance is paramount for what you want done (in my case playing back high resolution video). Can it be done on software, sure, altho I do not think the system will not be as stable or scalable. -pete > Now, I've got to get back to work... > yea i gotta start :) -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From george Tue Mar 22 09:19:30 2005 From: george (G. Rosamond) Date: Tue, 22 Mar 2005 09:19:30 -0500 Subject: [nycbug-talk] IBM Anti-UCE. . . Message-ID: IBM looking to focus on anti-uce, will have spam bounced to sender. http://money.cnn.com/2005/03/22/technology/ibm_spam/index.htm?cnn=yes With Apple Mail, this can be done manually. . . But of course what isn't mentioned is that a huge amount of spam out there is from *spoofed* accounts, so I've already been getting spam that is from my spoofed mail domain. George From okan Tue Mar 22 09:50:30 2005 From: okan (Okan Demirmen) Date: Tue, 22 Mar 2005 09:50:30 -0500 Subject: [nycbug-talk] IBM Anti-UCE. . . In-Reply-To: References: Message-ID: <20050322145029.GB4022@yinaska.pair.com> On Tue 2005.03.22 at 09:19 -0500, G. Rosamond wrote: > IBM looking to focus on anti-uce, will have spam bounced to sender. > > http://money.cnn.com/2005/03/22/technology/ibm_spam/index.htm?cnn=yes > > With Apple Mail, this can be done manually. . . > > But of course what isn't mentioned is that a huge amount of spam out > there is from *spoofed* accounts, so I've already been getting spam > that is from my spoofed mail domain. not sure you read that correctly. it will not bounce to sender, but rather, as the paper states, "to the computer that sent the mail." this is along the lines of openbsd's spamd(8), but they imply they "bounce" the mail, while spamd(8) merely rejects it very very slowly. correct me if i mis-read :) okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Tue Mar 22 11:16:00 2005 From: george (G. Rosamond) Date: Tue, 22 Mar 2005 11:16:00 -0500 Subject: [nycbug-talk] Undeadly on BSDCert Message-ID: <86925adc6deb83f1f61ee578110a1d8f@sddi.net> There's a bit of discussion on Undeadly.org about the BSD Certification stuff.. . http://undeadly.org/cgi?action=article&sid=20050322012850 From jcullip Tue Mar 22 14:40:34 2005 From: jcullip (Jason Cullip) Date: Tue, 22 Mar 2005 14:40:34 -0500 Subject: [nycbug-talk] Sendmail Question Message-ID: <424074B2.2030900@outpost.com> How can I block messages coming from our server going to a specific email address using sendmail? We do not want to block all email go to x at xdomain.com, just a single email address. Thank you in advance Jason From steve.rieger Tue Mar 22 14:51:40 2005 From: steve.rieger (Steve Rieger) Date: Tue, 22 Mar 2005 14:51:40 -0500 Subject: [nycbug-talk] Sendmail Question In-Reply-To: <424074B2.2030900@outpost.com> Message-ID: Vi /etc/aliases ; add x at domain.com /dev/null Newaliaes done On 3/22/05 2:40 PM, "Jason Cullip" wrote: > How can I block messages coming from our server going to a specific > email address using sendmail? We do not want to block all email go to > x at xdomain.com, just a single email address. > > Thank you in advance > > Jason > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From jcullip Tue Mar 22 14:54:45 2005 From: jcullip (Jason Cullip) Date: Tue, 22 Mar 2005 14:54:45 -0500 Subject: [nycbug-talk] Sendmail Question In-Reply-To: References: Message-ID: <42407805.8050201@outpost.com> Thanks Steve. Problem resolved. Looks like it works if you add it to the access file as well x at domain.com REJECT Steve Rieger wrote: >Vi /etc/aliases ; add x at domain.com /dev/null > > >Newaliaes > > > >done > > >On 3/22/05 2:40 PM, "Jason Cullip" wrote: > > > >>How can I block messages coming from our server going to a specific >>email address using sendmail? We do not want to block all email go to >>x at xdomain.com, just a single email address. >> >>Thank you in advance >> >>Jason >> >> >>_______________________________________________ >>% NYC*BUG talk mailing list >>http://lists.nycbug.org/mailman/listinfo/talk >>%Be sure to check out our Jobs and NYCBUG-announce lists >>%We meet the first Wednesday of the month >> >> >> >> > > > From steve.rieger Tue Mar 22 14:56:34 2005 From: steve.rieger (Steve Rieger) Date: Tue, 22 Mar 2005 14:56:34 -0500 Subject: [nycbug-talk] Sendmail Question In-Reply-To: <42407805.8050201@outpost.com> Message-ID: The problem I have with reject is Your mail server has to send that mail out again, which adds to overhead. I would just drop it. On 3/22/05 2:54 PM, "Jason Cullip" wrote: > Thanks Steve. Problem resolved. Looks like it works if you add it to > the access file as well > > x at domain.com REJECT > > > Steve Rieger wrote: > >> Vi /etc/aliases ; add x at domain.com /dev/null >> >> >> Newaliaes >> >> >> >> done >> >> >> On 3/22/05 2:40 PM, "Jason Cullip" wrote: >> >> >> >>> How can I block messages coming from our server going to a specific >>> email address using sendmail? We do not want to block all email go to >>> x at xdomain.com, just a single email address. >>> >>> Thank you in advance >>> >>> Jason >>> >>> >>> _______________________________________________ >>> % NYC*BUG talk mailing list >>> http://lists.nycbug.org/mailman/listinfo/talk >>> %Be sure to check out our Jobs and NYCBUG-announce lists >>> %We meet the first Wednesday of the month >>> >>> >>> >>> >> >> >> > > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From mikel.king Tue Mar 22 15:22:51 2005 From: mikel.king (Mikel King) Date: Tue, 22 Mar 2005 15:22:51 -0500 Subject: [nycbug-talk] Sendmail Question In-Reply-To: <424074B2.2030900@outpost.com> References: <424074B2.2030900@outpost.com> Message-ID: <42407E9B.4030905@ocsny.com> Jason Cullip wrote: > How can I block messages coming from our server going to a specific > email address using sendmail? We do not want to block all email go to > x at xdomain.com, just a single email address. > > Thank you in advance > > Jason > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month access.db enter the following into the /etc/mail/access mail at domain.com REJECT then while in /etc/mail run makemap hash access I'm wondering if anyone else out there is using optimum online in the tri-state area? I recently switched from Earthlink DSL, and I'm having a devil of a time getting my OpenBSD 3.6 box to relay mail. I'm having a hard time pinpointing the problem here. Sometimes the error is a timeout while sending DATA, other times it's "Refused to talk to me: 421 Connection not accepted at this time". Stranger still, I have aliases set up so roots mail goes to an external address as well as a local box, and sometimes, but not always, some of the delivery failure messages find their way to the external address. I've tried with and without transport_maps, smtp_sasl_auth_enable, differnt values for relay_transport, everything I can think of. I've included the current settings if anyone wants to take a look. Thanks, Jay Savage __DATA__ queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = _postfix myhostname = jsavage.homeunix.net mydomain = jsavage.homeunix.net myorigin = jsavage.homeunix.net inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, hypatia.$mydomain unknown_local_recipient_reject_code = 550 mynetworks_style = host relayhost = mail.optonline.net alias_maps = hash:/etc/mail/aliases alias_database = hash:/etc/mail/aliases recipient_delimiter = + debug_peer_level = 2 debugger_command = sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/bin/newaliases mailq_path = /usr/local/sbin/mailq setgid_group = _postdrop html_directory = /usr/local/share/doc/postfix/html manpage_directory = /usr/local/man sample_directory = /etc/postfix readme_directory = /usr/local/share/doc/postfix/readme masquerade_domains = jsavage.homeunix.net transport_maps = hash:/etc/postfix/transport # smtp_sasl_auth_enable = yes # smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd # smtp_sasl_security_options = # relay_transport = smtp From daggerquill Tue Mar 22 17:59:19 2005 From: daggerquill (Jay Savage) Date: Tue, 22 Mar 2005 17:59:19 -0500 Subject: Comcast/optimum onlie, OpenBSD and Postfix (Was: [nycbug-talk] (no subject)) In-Reply-To: <4ce365ec050322145716c611b1@mail.gmail.com> References: <4ce365ec050322145716c611b1@mail.gmail.com> Message-ID: <4ce365ec0503221459b451a99@mail.gmail.com> On Tue, 22 Mar 2005 17:57:37 -0500, Jay Savage wrote: > I'm wondering if anyone else out there is using optimum online in the > tri-state area? I recently switched from Earthlink DSL, and I'm > having a devil of a time getting my OpenBSD 3.6 box to relay mail. > > I'm having a hard time pinpointing the problem here. Sometimes the > error is a timeout while sending DATA, other times it's "Refused to > talk to me: 421 Connection not accepted at this time". > > Stranger still, I have aliases set up so roots mail goes to an > external address as well as a local box, and sometimes, but not > always, some of the delivery failure messages find their way to the > external address. > > I've tried with and without transport_maps, smtp_sasl_auth_enable, > differnt values for relay_transport, everything I can think of. I've > included the current settings if anyone wants to take a look. > > Thanks, > > Jay Savage > > __DATA__ > queue_directory = /var/spool/postfix > command_directory = /usr/local/sbin > daemon_directory = /usr/local/libexec/postfix > mail_owner = _postfix > myhostname = jsavage.homeunix.net > mydomain = jsavage.homeunix.net > myorigin = jsavage.homeunix.net > inet_interfaces = all > mydestination = $myhostname, localhost.$mydomain, localhost, > $mydomain, hypatia.$mydomain > unknown_local_recipient_reject_code = 550 > mynetworks_style = host > relayhost = mail.optonline.net > alias_maps = hash:/etc/mail/aliases > alias_database = hash:/etc/mail/aliases > recipient_delimiter = + > debug_peer_level = 2 > debugger_command = > sendmail_path = /usr/local/sbin/sendmail > newaliases_path = /usr/bin/newaliases > mailq_path = /usr/local/sbin/mailq > setgid_group = _postdrop > html_directory = /usr/local/share/doc/postfix/html > manpage_directory = /usr/local/man > sample_directory = /etc/postfix > readme_directory = /usr/local/share/doc/postfix/readme > masquerade_domains = jsavage.homeunix.net > transport_maps = hash:/etc/postfix/transport > # smtp_sasl_auth_enable = yes > # smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > # smtp_sasl_security_options = > # relay_transport = smtp > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From daggerquill Tue Mar 22 18:07:05 2005 From: daggerquill (Jay Savage) Date: Tue, 22 Mar 2005 18:07:05 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) Message-ID: <4ce365ec05032215074d709532@mail.gmail.com> er, sorry about the blank subject... I'm wondering if anyone else out there is using optimum online in the tri-state area? I recently switched from Earthlink DSL, and I'm having a devil of a time getting my OpenBSD 3.6 box to relay mail. I'm having a hard time pinpointing the problem here. Sometimes the error is a timeout while sending DATA, other times it's "Refused to talk to me: 421 Connection not accepted at this time". Stranger still, I have aliases set up so roots mail goes to an external address as well as a local box, and sometimes, but not always, some of the delivery failure messages find their way to the external address. I've tried with and without transport_maps, smtp_sasl_auth_enable, differnt values for relay_transport, everything I can think of. I've included the current settings if anyone wants to take a look. Thanks, Jay Savage __DATA__ queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = _postfix myhostname = jsavage.homeunix.net mydomain = jsavage.homeunix.net myorigin = jsavage.homeunix.net inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, hypatia.$mydomain unknown_local_recipient_reject_code = 550 mynetworks_style = host relayhost = mail.optonline.net alias_maps = hash:/etc/mail/aliases alias_database = hash:/etc/mail/aliases recipient_delimiter = + debug_peer_level = 2 debugger_command = sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/bin/newaliases mailq_path = /usr/local/sbin/mailq setgid_group = _postdrop html_directory = /usr/local/share/doc/postfix/html manpage_directory = /usr/local/man sample_directory = /etc/postfix readme_directory = /usr/local/share/doc/postfix/readme masquerade_domains = jsavage.homeunix.net transport_maps = hash:/etc/postfix/transport # smtp_sasl_auth_enable = yes # smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd # smtp_sasl_security_options = # relay_transport = smtp From o_sleep Tue Mar 22 18:15:28 2005 From: o_sleep (Bjorn Nelson) Date: Tue, 22 Mar 2005 18:15:28 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4ce365ec05032215074d709532@mail.gmail.com> References: <4ce365ec05032215074d709532@mail.gmail.com> Message-ID: <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> Jay, On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: > I'm wondering if anyone else out there is using optimum online in the > tri-state area? I recently switched from Earthlink DSL, and I'm > having a devil of a time getting my OpenBSD 3.6 box to relay mail. Are you using PPPoE? You might want to lower your MTU. I was having problems with clients accessing my web server until I lowered my MTU to 1484. -Bjorn From tux Tue Mar 22 18:26:29 2005 From: tux (Kevin Reiter) Date: Tue, 22 Mar 2005 18:26:29 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> References: <4ce365ec05032215074d709532@mail.gmail.com> <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> Message-ID: <4240A9A5.8080307@penguinnetwerx.net> On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: > >> I'm wondering if anyone else out there is using optimum online in the >> tri-state area? I recently switched from Earthlink DSL, and I'm >> having a devil of a time getting my OpenBSD 3.6 box to relay mail. They (OptOnline) block ports 25 and 80. I had my mail server working fine for over a year, and one day it just stopped working. It took me awhile to find out the reason behind it. Unless you have one of their business packages, according to their license agreement, you're forbidden from running *any* servers. Of course, there's ways around that, but I haven't found a port redirector for mail yet... Real PITA if you ask me, but since I can't get DSL (too far from the CO) it's my only option here in northern Jersey. If anyone manages to find a way around this problem, I'd appreciate being kept in the loop. Kev From jonathan Tue Mar 22 18:44:49 2005 From: jonathan (Jonathan) Date: Tue, 22 Mar 2005 18:44:49 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4240A9A5.8080307@penguinnetwerx.net> References: <4ce365ec05032215074d709532@mail.gmail.com> <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> <4240A9A5.8080307@penguinnetwerx.net> Message-ID: <4240ADF1.9060701@kc8onw.net> Kevin Reiter wrote: > On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: > >> >>> I'm wondering if anyone else out there is using optimum online in the >>> tri-state area? I recently switched from Earthlink DSL, and I'm >>> having a devil of a time getting my OpenBSD 3.6 box to relay mail. > > > They (OptOnline) block ports 25 and 80. I had my mail server working > fine for over a year, and one day it just stopped working. It took me > awhile to find out the reason behind it. Unless you have one of their > business packages, according to their license agreement, you're > forbidden from running *any* servers. Of course, there's ways around > that, but I haven't found a port redirector for mail yet... > > Real PITA if you ask me, but since I can't get DSL (too far from the CO) > it's my only option here in northern Jersey. If anyone manages to find > a way around this problem, I'd appreciate being kept in the loop. > > Kev No-IP (no-ip.com) offers "Mail Reflector" services where they will accept mail on your behalf and then forward it to your own mail server on a different (not 25) port. I have not used it myself but the pricing looks quite reasonable. Jonathan From daggerquill Tue Mar 22 19:45:17 2005 From: daggerquill (Jay Savage) Date: Tue, 22 Mar 2005 19:45:17 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4240A9A5.8080307@penguinnetwerx.net> References: <4ce365ec05032215074d709532@mail.gmail.com> <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> <4240A9A5.8080307@penguinnetwerx.net> Message-ID: <4ce365ec050322164520e8fead@mail.gmail.com> On Tue, 22 Mar 2005 18:26:29 -0500, Kevin Reiter wrote: > On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: > > > >> I'm wondering if anyone else out there is using optimum online in the > >> tri-state area? I recently switched from Earthlink DSL, and I'm > >> having a devil of a time getting my OpenBSD 3.6 box to relay mail. > > They (OptOnline) block ports 25 and 80. I had my mail server working > fine for over a year, and one day it just stopped working. It took me > awhile to find out the reason behind it. Unless you have one of their > business packages, according to their license agreement, you're > forbidden from running *any* servers. Of course, there's ways around > that, but I haven't found a port redirector for mail yet.. I understand all that, but I'm don't really care about inbound (yet). I'm not trying to connect to my own machine on 25, I'm trying to connect out bound to theirs. With transport set as smtp, the connection should appear to them as just another smtp client sending mail. At least I think it should. I don't have problems connecting to mail.optonline.net:25 with any of my other smtp clients or "lite" servers written with Net::SMTP, MIME::Lite, or Mail::Mailer. which leads me to believe that this is something in the postfix config, especially since returned mail occasionally gets bounced out. Or maybe there is a server that does a better job of presenting itself as a an smtp client? I guess I could set smtp id string to masquerade as pine, or outlook,or something. I'll look into the MTU's, as well. Thanks, --jay From nomadlogic Tue Mar 22 19:47:39 2005 From: nomadlogic (pete wright) Date: Tue, 22 Mar 2005 16:47:39 -0800 Subject: [nycbug-talk] XFS in FreeBSD Message-ID: <57d710000503221647394b66ba@mail.gmail.com> This is quite exciting: http://lists.freebsd.org/pipermail/freebsd-current/2005-March/047744.html I would have to say that XFS, and it's supporting utilites, would be a huge benefit for the BSD family despite it's GPL status. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From tux Tue Mar 22 19:50:44 2005 From: tux (Kevin Reiter) Date: Tue, 22 Mar 2005 19:50:44 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4ce365ec050322164520e8fead@mail.gmail.com> References: <4ce365ec05032215074d709532@mail.gmail.com> <82d397e430edb7e385daef80e2afa12c@belovedarctos.com> <4240A9A5.8080307@penguinnetwerx.net> <4ce365ec050322164520e8fead@mail.gmail.com> Message-ID: <4240BD64.2010604@penguinnetwerx.net> Jay Savage wrote: > On Tue, 22 Mar 2005 18:26:29 -0500, Kevin Reiter wrote: > >>On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: > I understand all that, but I'm don't really care about inbound (yet). > I'm not trying to connect to my own machine on 25, I'm trying to > connect out bound to theirs. With transport set as smtp, the > connection should appear to them as just another smtp client sending > mail. At least I think it should. I don't have problems connecting > to mail.optonline.net:25 with any of my other smtp clients or "lite" > servers written with Net::SMTP, MIME::Lite, or Mail::Mailer. which > leads me to believe that this is something in the postfix config, > especially since returned mail occasionally gets bounced out. Or > maybe there is a server that does a better job of presenting itself as > a an smtp client? I guess I could set smtp id string to masquerade as > pine, or outlook,or something. I'll look into the MTU's, as well. My apologies for not phrasing my original response correctly. I should have said that OptOnline blocks anything outgoing for mail unless it's to their own servers, or you use a different port. For example, I have 3 domains that I use mail for. If I try to use my domain's outgoing mail server on the standard port, the connection gets refused, times out, etc. If I change the outgoing mail to mail.optonline.net, it goes out just fine. If I set my outgoing mail server to my domain mail server on a port other than the default (IMAP, S/IMAP, etc.), it goes out just fine. Sorry about the confusion earlier - I was on the phone finding out I've just been made a partner of another company, so I wasn't thinking too clearly :) -Kev From steve Wed Mar 23 11:34:24 2005 From: steve (steverieger) Date: Wed, 23 Mar 2005 11:34:24 -0500 Subject: [nycbug-talk] Monitoring > 1000 devices Message-ID: Hi all, Am going to start a nice discussion here about monitoring, and would like your opinions. Having used nagios, zabbix, cricket, mrtg (not a true monitoring package), and a few others to keep an eye on all my devices around the world. The devices are made up of the following types. 500 cisco need to monitor about 20 different things on each device 300 servers need to monitor about 40 different things on each device, including apache, mysql, network, uptime, checksum of /usr/local/sbin/sshd, etc..... 100 printers need to monitor about 10 different things, purely via snmp 10 windows servers need to monitor about 15 things, mostly via snmp, but an agent would be ok. nagios which comes to mind is great but a bit of a pain to set up for such a large env. Adding a whole new group of servers or devices might take a few days. Zabbix is awesome, it can monitor everything either via agent or snmp, and is very extensible. But zabbix has some issues on the recovery side when monitoring via snmp. Mrtg does what it is supposed to, and I get my sexy graphs. But I get no notification if something is amiss. so do any of you know if there is a tool out there that can run an auto discovery, something like netdisco, and also monitors according to the parameters I set. From george Wed Mar 23 11:54:04 2005 From: george (George Georgalis) Date: Wed, 23 Mar 2005 11:54:04 -0500 Subject: [nycbug-talk] Monitoring > 1000 devices In-Reply-To: References: Message-ID: <20050323165404.GA10069@ixeon.local> On Wed, Mar 23, 2005 at 11:34:24AM -0500, steverieger wrote: >Hi all, > >Am going to start a nice discussion here about monitoring, and would like >your opinions. > >Having used nagios, zabbix, cricket, mrtg (not a true monitoring package), >and a few others to keep an eye on all my devices around the world. The >devices are made up of the following types. >500 cisco > need to monitor about 20 different things on each device >300 servers > need to monitor about 40 different things on each device, including >apache, mysql, network, uptime, checksum of /usr/local/sbin/sshd, etc..... >100 printers > need to monitor about 10 different things, purely via snmp >10 windows servers > need to monitor about 15 things, mostly via snmp, but an agent would be >ok. > > nagios which comes to mind is great but a bit of a pain to set up for >such a large env. Adding a whole new group of servers or devices might take >a few days. Zabbix is awesome, it can monitor everything either via agent or >snmp, and is very extensible. But zabbix has some issues on the recovery >side when monitoring via snmp. Mrtg does what it is supposed to, and I get >my sexy graphs. But I get no notification if something is amiss. > > so do any of you know if there is a tool out there that can run an auto >discovery, something like netdisco, and also monitors according to the >parameters I set. > not sure about auto discovery... nmap? http://kernel.org/pub/software/admin/mon/html/ http://kernel.org/pub/software/admin/mon/ you will probably want very specific tests and alerts, with lots of control: mon. technically mon isn't a monitor, it's a scheduler that prevents test from running concurently, and configures for "do alert script if test x (which runs every 3 minutes) fails 3 times in a row, only send one alert per 3 hours, and run status restored script after service is restored" it comes with cgi reports and lots of test and alert scripts, or make your own. you can do mrtg on the test script data if you want. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From o_sleep Wed Mar 23 12:01:18 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 23 Mar 2005 12:01:18 -0500 Subject: [nycbug-talk] Monitoring > 1000 devices In-Reply-To: References: Message-ID: Steve, On Mar 23, 2005, at 11:34 AM, steverieger wrote: > so do any of you know if there is a tool out there that can run an > auto > discovery, something like netdisco, and also monitors according to the > parameters I set. One application that I have been using that dips into these parameters is a ciscoworks replacement called nedi. It uses the Cisco Descovery Protocol to look up other network devices. It's great for finding what ip is plugged into what switch port. http://nedi.web.psi.ch/ -Bjorn From truk Wed Mar 23 15:24:04 2005 From: truk (Kurt Miller) Date: Wed, 23 Mar 2005 15:24:04 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix,and OpenBSD (WAS (No Subject)) References: <4ce365ec05032215074d709532@mail.gmail.com> Message-ID: <071401c52fe6$41f55d70$150110ac@focus> From: "Jay Savage" > er, sorry about the blank subject... > > I'm wondering if anyone else out there is using optimum online in the > tri-state area? I recently switched from Earthlink DSL, and I'm > having a devil of a time getting my OpenBSD 3.6 box to relay mail. > > I'm having a hard time pinpointing the problem here. Sometimes the > error is a timeout while sending DATA, other times it's "Refused to > talk to me: 421 Connection not accepted at this time". > > Stranger still, I have aliases set up so roots mail goes to an > external address as well as a local box, and sometimes, but not > always, some of the delivery failure messages find their way to the > external address. > > I've tried with and without transport_maps, smtp_sasl_auth_enable, > differnt values for relay_transport, everything I can think of. I've > included the current settings if anyone wants to take a look. > > Thanks, > > Jay Savage Here's how I do it for sendmail. Maybe may be you could figure out what's different about Postfix from it. $ cvs diff -u gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc Index: gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc,v retrieving revision 1.4 diff -u -r1.4 openbsd-localhost.mc --- gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 10 Dec 2001 20:57:11 -0000 1.4 +++ gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 23 Mar 2005 20:19:38 -0000 @@ -23,6 +23,9 @@ FEATURE(nouucp, `reject')dnl FEATURE(`accept_unresolvable_domains')dnl FEATURE(`no_default_msa')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`masquerade_envelope')dnl +FEATURE(`genericstable',`hash /etc/mail/genericstable')dnl MAILER(local)dnl MAILER(smtp)dnl DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl @@ -35,3 +38,5 @@ dnl Some broken nameservers will return SERVFAIL (a temporary failure) dnl on T_AAAA (IPv6) lookups. define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl +define(`SMART_HOST', `mail.optonline.net')dnl +GENERICS_DOMAIN(`niobe.zonesville.com')dnl From steve.rieger Wed Mar 23 15:29:40 2005 From: steve.rieger (Steve Rieger) Date: Wed, 23 Mar 2005 15:29:40 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4240ADF1.9060701@kc8onw.net> Message-ID: I use no-ip.com for three domains, web and smtp. Works great, the only outage on their dns was about 2 years ago. If you want to test let me know I will set it up for you on an extra domain I have. On 3/22/05 6:44 PM, "Jonathan" wrote: > Kevin Reiter wrote: >> On Mar 22, 2005, at 6:07 PM, Jay Savage wrote: >> >>> >>>> I'm wondering if anyone else out there is using optimum online in the >>>> tri-state area? I recently switched from Earthlink DSL, and I'm >>>> having a devil of a time getting my OpenBSD 3.6 box to relay mail. >> >> >> They (OptOnline) block ports 25 and 80. I had my mail server working >> fine for over a year, and one day it just stopped working. It took me >> awhile to find out the reason behind it. Unless you have one of their >> business packages, according to their license agreement, you're >> forbidden from running *any* servers. Of course, there's ways around >> that, but I haven't found a port redirector for mail yet... >> >> Real PITA if you ask me, but since I can't get DSL (too far from the CO) >> it's my only option here in northern Jersey. If anyone manages to find >> a way around this problem, I'd appreciate being kept in the loop. >> >> Kev > > No-IP (no-ip.com) offers "Mail Reflector" services where they will > accept mail on your behalf and then forward it to your own mail server > on a different (not 25) port. I have not used it myself but the pricing > looks quite reasonable. > > Jonathan > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From daggerquill Wed Mar 23 16:03:13 2005 From: daggerquill (Jay Savage) Date: Wed, 23 Mar 2005 16:03:13 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <071401c52fe6$41f55d70$150110ac@focus> References: <4ce365ec05032215074d709532@mail.gmail.com> <071401c52fe6$41f55d70$150110ac@focus> Message-ID: <4ce365ec05032313031205a0f@mail.gmail.com> On Wed, 23 Mar 2005 15:24:04 -0500, Kurt Miller wrote: > Here's how I do it for sendmail. Maybe may be you could figure > out what's different about Postfix from it. > > $ cvs diff -u gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc > Index: gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc > =================================================================== > RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc,v > retrieving revision 1.4 > diff -u -r1.4 openbsd-localhost.mc > --- gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 10 Dec 2001 20:57:11 -0000 1.4 > +++ gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 23 Mar 2005 20:19:38 -0000 > @@ -23,6 +23,9 @@ > FEATURE(nouucp, `reject')dnl > FEATURE(`accept_unresolvable_domains')dnl > FEATURE(`no_default_msa')dnl > +FEATURE(`always_add_domain')dnl > +FEATURE(`masquerade_envelope')dnl > +FEATURE(`genericstable',`hash /etc/mail/genericstable')dnl > MAILER(local)dnl > MAILER(smtp)dnl > DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl > @@ -35,3 +38,5 @@ > dnl Some broken nameservers will return SERVFAIL (a temporary failure) > dnl on T_AAAA (IPv6) lookups. > define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl > +define(`SMART_HOST', `mail.optonline.net')dnl > +GENERICS_DOMAIN(`niobe.zonesville.com')dnl Actually, that helps a great deal. what does your generics table look like: is everything being re-written to you at optonline.net, or is it going through as-is? Thanks, --jay From george Wed Mar 23 16:47:27 2005 From: george (George Georgalis) Date: Wed, 23 Mar 2005 16:47:27 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix, and OpenBSD (WAS (No Subject)) In-Reply-To: <4ce365ec05032313031205a0f@mail.gmail.com> References: <4ce365ec05032215074d709532@mail.gmail.com> <071401c52fe6$41f55d70$150110ac@focus> <4ce365ec05032313031205a0f@mail.gmail.com> Message-ID: <20050323214727.GA3979@sta.local> On Wed, Mar 23, 2005 at 04:03:13PM -0500, Jay Savage wrote: >> +define(`SMART_HOST', `mail.optonline.net')dnl And that's the crux of it. I was doing fine with optonline filtering port 80, but when I moved, the new location filtered in/out port 25 as well. so I switched to dsl. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From truk Wed Mar 23 16:48:34 2005 From: truk (Kurt Miller) Date: Wed, 23 Mar 2005 16:48:34 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix,and OpenBSD (WAS (No Subject)) References: <4ce365ec05032215074d709532@mail.gmail.com> <071401c52fe6$41f55d70$150110ac@focus> <4ce365ec05032313031205a0f@mail.gmail.com> Message-ID: <072501c52ff2$0ffdf5a0$150110ac@focus> From: "Jay Savage" > On Wed, 23 Mar 2005 15:24:04 -0500, Kurt Miller wrote: > >> Here's how I do it for sendmail. Maybe may be you could figure >> out what's different about Postfix from it. >> >> $ cvs diff -u gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc >> Index: gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc >> =================================================================== >> RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc,v >> retrieving revision 1.4 >> diff -u -r1.4 openbsd-localhost.mc >> --- gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 10 Dec 2001 20:57:11 -0000 1.4 >> +++ gnu/usr.sbin/sendmail/cf/cf/openbsd-localhost.mc 23 Mar 2005 20:19:38 -0000 >> @@ -23,6 +23,9 @@ >> FEATURE(nouucp, `reject')dnl >> FEATURE(`accept_unresolvable_domains')dnl >> FEATURE(`no_default_msa')dnl >> +FEATURE(`always_add_domain')dnl >> +FEATURE(`masquerade_envelope')dnl >> +FEATURE(`genericstable',`hash /etc/mail/genericstable')dnl >> MAILER(local)dnl >> MAILER(smtp)dnl >> DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl >> @@ -35,3 +38,5 @@ >> dnl Some broken nameservers will return SERVFAIL (a temporary failure) >> dnl on T_AAAA (IPv6) lookups. >> define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl >> +define(`SMART_HOST', `mail.optonline.net')dnl >> +GENERICS_DOMAIN(`niobe.zonesville.com')dnl > > Actually, that helps a great deal. what does your generics table look > like: is everything being re-written to you at optonline.net, or is it > going through as-is? Only my login is being re-written, but I'm the only one logging in. $ cat /etc/mail/genericstable truk truk at optonline.net For root I use a .forward to a different user at optonline.net. -Kurt From truk Wed Mar 23 17:25:23 2005 From: truk (Kurt Miller) Date: Wed, 23 Mar 2005 17:25:23 -0500 Subject: [nycbug-talk] Comcast/Optimum Online, Postfix,and OpenBSD (WAS (No Subject)) References: <4ce365ec05032215074d709532@mail.gmail.com> <071401c52fe6$41f55d70$150110ac@focus> <4ce365ec05032313031205a0f@mail.gmail.com> <20050323214727.GA3979@sta.local> Message-ID: <073c01c52ff7$35733f20$150110ac@focus> From: "George Georgalis" > On Wed, Mar 23, 2005 at 04:03:13PM -0500, Jay Savage wrote: > >>> +define(`SMART_HOST', `mail.optonline.net')dnl > > And that's the crux of it. I was doing fine with optonline filtering > port 80, but when I moved, the new location filtered in/out port 25 as > well. so I switched to dsl. Yea, their filtering sucks, but the speed is great. :-) I get 4300/850 kbps download/upload speeds with altq prioritizing empty TCP ACKs (http://www.benzedrine.cx/ackpri.html). Speed tests run from http://nyc.speakeasy.net/. I recall seeing my download speeds be above 5000 kbps at times. -Kurt From spork Wed Mar 23 21:02:10 2005 From: spork (Charles Sprickman) Date: Wed, 23 Mar 2005 21:02:10 -0500 (EST) Subject: [nycbug-talk] FreeBSD jail docs/faqs (5.x) Message-ID: Hi all, I finally got the last of the parts in for a new shell server, and one thing that's really integral to my planning of how we're going to divvy things up on that box is me getting up to speed on jails under FreeBSD. In general, my Google skills have just been going downhill, and it really shows in this case. I'm simply trying to find something that's a higher level overview of things, and something that goes into real-world experiences more than the manpages do. And of course, something that is specific to 5.x - I found a good amount of stuff on 4.x. So if you've got any favorite HOWTOs, FAQs, etc. forward them on. If I get a good collection, perhaps I could submit a doc to the nycbug site that combines the best information from all of them. You may be wondering "why jails on a shell server?" and that's surely a good question. I've got big plans for this box. We're putting a huge amount of storage on it and launching a number of new services. It will provide shell access for customers that want that sort of thing, it will house member web pages, offer a simple to setup blog solution, and possibly offer backup services via AFP (we have many Mac customers) and Samba. Ideally I'd like to have each major service in a jail. I know it can be done without jails, and I know that jails are not perfect security, but I want to run with the "onion security" paradigm: security is best when you have many layers, and jails would be one of those layers. My biggest concern is sharing filesystems across jails. There was recently some talk about "mount_union" and "nullfs" on -hackers that kind of indicated there's some issues there. If anyone has some docs that outline what works and what doesn't as far as sharing filesystems safely and efficiently across jails, that's one of my major stumbling blocks. Thanks, Charles ___ Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet - www.bway.net spork at bway.net - 212.655.9344 From nomadlogic Wed Mar 23 21:09:20 2005 From: nomadlogic (pete wright) Date: Wed, 23 Mar 2005 18:09:20 -0800 Subject: [nycbug-talk] FreeBSD jail docs/faqs (5.x) In-Reply-To: References: Message-ID: <57d71000050323180962cb24c8@mail.gmail.com> On Wed, 23 Mar 2005 21:02:10 -0500 (EST), Charles Sprickman wrote: > Hi all, > > I finally got the last of the parts in for a new shell server, and one thing > that's really integral to my planning of how we're going to divvy things up on > that box is me getting up to speed on jails under FreeBSD. > > In general, my Google skills have just been going downhill, and it really > shows in this case. I'm simply trying to find something that's a higher > level overview of things, and something that goes into real-world > experiences more than the manpages do. And of course, something that is > specific to 5.x - I found a good amount of stuff on 4.x. So if you've got > any favorite HOWTOs, FAQs, etc. forward them on. If I get a good > collection, perhaps I could submit a doc to the nycbug site that combines > the best information from all of them. > I've found that this link from the freebsd arch. handbook to be pretty usefull: http://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/jail.html This along with the new Design and Implementation book by Kurt have both helped get my head around what's going on with the jail subsystem from a higher level. -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From spork Wed Mar 23 22:40:01 2005 From: spork (Charles Sprickman) Date: Wed, 23 Mar 2005 22:40:01 -0500 (EST) Subject: [nycbug-talk] multi-boot madness In-Reply-To: <4235210E.3030507@penguinnetwerx.net> References: <20050314022946.GA69013@yinaska.pair.com> <4235210E.3030507@penguinnetwerx.net> Message-ID: On Mon, 14 Mar 2005, Kevin Reiter wrote: > gag works wonders. > > http://gag.sourceforge.net Yeah, that was easy as pie. Loading up Dragonfly in a few minutes. :) Thanks! Charles > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From george Thu Mar 24 10:06:25 2005 From: george (George R.) Date: Thu, 24 Mar 2005 10:06:25 -0500 Subject: [nycbug-talk] ThinkPads Message-ID: <79eca87e473395c0a305226994f9d89d@sddi.net> So I should be making the ThinkPad move in the next week. Probably T42. I would love to hear some feedback on wireless support and the other features, such as the fingerprint reader. Anyone played with that on a BSD? George From okan Thu Mar 24 10:15:53 2005 From: okan (Okan Demirmen) Date: Thu, 24 Mar 2005 10:15:53 -0500 Subject: [nycbug-talk] ThinkPads In-Reply-To: <79eca87e473395c0a305226994f9d89d@sddi.net> References: <79eca87e473395c0a305226994f9d89d@sddi.net> Message-ID: <20050324151553.GA18194@yinaska.pair.com> On Thu 2005.03.24 at 10:06 -0500, George R. wrote: > So I should be making the ThinkPad move in the next week. Probably T42. > > I would love to hear some feedback on wireless support and the other > features, such as the fingerprint reader. Anyone played with that on a > BSD? i *know* you of all people did, but check dmesgd ;) check to see what the deal is with the irda and sd slot, which may or may not get in the way of the fingerprint reader. in general, i'd say the thinkpads are great for any flavor of bsd. i've got 3 of them (old ones), but i'm looking at getting an x40 for myself soon. not much of anwser to your question though... okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Thu Mar 24 11:16:22 2005 From: george (George R.) Date: Thu, 24 Mar 2005 11:16:22 -0500 Subject: [nycbug-talk] ThinkPads In-Reply-To: <20050324151553.GA18194@yinaska.pair.com> References: <79eca87e473395c0a305226994f9d89d@sddi.net> <20050324151553.GA18194@yinaska.pair.com> Message-ID: <3c622830639174854556ebadbc629008@sddi.net> On Mar 24, 2005, at 10:15 AM, Okan Demirmen wrote: > On Thu 2005.03.24 at 10:06 -0500, George R. wrote: >> So I should be making the ThinkPad move in the next week. Probably >> T42. >> >> I would love to hear some feedback on wireless support and the other >> features, such as the fingerprint reader. Anyone played with that on >> a >> BSD? > > i *know* you of all people did, but check dmesgd ;) check to see Now *that's* insight OD. .. .yeah, there's nothing on the T-series ThinkPads. I'm interested in hearing feedback from those who are actually using a BSD on ThinkPads. . . ;-' > what the deal is with the irda and sd slot, which may or may not > get in the way of the fingerprint reader. in general, i'd say the > thinkpads are great for any flavor of bsd. i've got 3 of them (old > ones), but i'm looking at getting an x40 for myself soon. > > not much of anwser to your question though... > It was an earnest start. . . There is scattered info on the internet of course. . . but if anyone has any experience, please chime in. . . I just installed FBSD 5.3 on a T42 for a buddy dual booting with WinXP, but didn't get a chance to do much configuration beyond the basic install. George From george Thu Mar 24 13:06:11 2005 From: george (George R.) Date: Thu, 24 Mar 2005 13:06:11 -0500 Subject: [nycbug-talk] NYC*BUG Store Message-ID: <47dd448e828b25acb8286ec2f272c614@sddi.net> We now have the online store.. .if anyone didn't notice. http://nycbug.org/index.php?NAV=Store We have real pictures going up soon of the tshirts. Hopefully we can sell lots. .. They are really nice. . . g From jpb Thu Mar 24 13:25:11 2005 From: jpb (Jim Brown) Date: Thu, 24 Mar 2005 13:25:11 -0500 Subject: [nycbug-talk] ThinkPads In-Reply-To: <79eca87e473395c0a305226994f9d89d@sddi.net> References: <79eca87e473395c0a305226994f9d89d@sddi.net> Message-ID: <20050324182511.GC13610@sixshooter.v6.thrupoint.net> * George R. [2005-03-24 10:06]: > So I should be making the ThinkPad move in the next week. Probably T42. > > I would love to hear some feedback on wireless support and the other > features, such as the fingerprint reader. Anyone played with that on a > BSD? > > George ThruPoint provides all consultants with a laptop. We're now using ThinkPads. The new guys are getting T-42s. I have a T41, which will be eventually traded in for a T42. If you really need the info, I can try to borrow one over the weekend and boot up various BSDs to see how it fares. Let me know, Jim B. From nomadlogic Thu Mar 24 15:23:33 2005 From: nomadlogic (pete wright) Date: Thu, 24 Mar 2005 12:23:33 -0800 Subject: [nycbug-talk] ThinkPads In-Reply-To: <79eca87e473395c0a305226994f9d89d@sddi.net> References: <79eca87e473395c0a305226994f9d89d@sddi.net> Message-ID: <57d71000050324122364aa4348@mail.gmail.com> On Thu, 24 Mar 2005 10:06:25 -0500, George R. wrote: > So I should be making the ThinkPad move in the next week. Probably T42. > > I would love to hear some feedback on wireless support and the other > features, such as the fingerprint reader. Anyone played with that on a > BSD? > I've got an X31. love it. 5 hours battery, APM works fine with 4.x. Had and issue with interrupts on the em0 (intel gig-e NIC) device with 5.3-BETA's. Havn't tested it out with -CURRENT tho. Wifi support I *believe* is centrino...I didn't go for that option. I already had a Cisco card (an device) that works fine via pcmcia. -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From lists Thu Mar 24 22:05:56 2005 From: lists (Hans Zaunere) Date: Thu, 24 Mar 2005 22:05:56 -0500 Subject: [nycbug-talk] Free Magazines Message-ID: <0MKz5u-1DEf943N5m-000191@mrelay.perfora.net> Hey everyone, apologies for the cross post, I have a stack of good Dr. Dobbs, Sysadmin, and other magazines that I'm about to throw away. If anyone wants some or all of them (over magazines in all), please drop me an email off list and we'll organize a time to meetup. H From george Fri Mar 25 09:37:03 2005 From: george (George R.) Date: Fri, 25 Mar 2005 09:37:03 -0500 Subject: [nycbug-talk] Newspaper on 'hackers' Message-ID: Better stop playing with GENERIC, that's all I can say: http://www.indystar.com/articles/7/231738-6957-021.html From nomadlogic Fri Mar 25 14:00:29 2005 From: nomadlogic (pete wright) Date: Fri, 25 Mar 2005 11:00:29 -0800 Subject: [nycbug-talk] Newspaper on 'hackers' In-Reply-To: References: Message-ID: <57d71000050325110044d63b3c@mail.gmail.com> On Fri, 25 Mar 2005 09:37:03 -0500, George R. wrote: > Better stop playing with GENERIC, that's all I can say: > > http://www.indystar.com/articles/7/231738-6957-021.html > here's a greate quote: "This vandalism costs companies nearly $2,000 a year per employee -- $15 billion total -- in lost productivity. It forces individual users to invest in protective software, clogs the Internet, leads to identity theft, and creates a monumental headache for computer users, retarding the growth of legitimate commerce." I like how they go from $2000 per employee to $15billion in total with out ever stating one source, where they get these numbers from or what "$15 billion total" means. Ahh...gotta love Op Ed. news. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From matt Fri Mar 25 16:44:09 2005 From: matt (Matthew Terenzio) Date: Fri, 25 Mar 2005 16:44:09 -0500 Subject: [nycbug-talk] FreeBSD servers Message-ID: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> Anyone have any experience with serverpronto.com. I love the sound of a $30 dedicated FreeBSD server but they look like they are bragging about 99.9% uptime. That sounds like over three days down a year. Otherwise if Uptime is critical, what jailing hosts do you recommend that are less than $30. Please, no jokes like "If uptime is critical, don't be so cheap!" : ) Hub.org is a great deal but there was a little too much downtime for this project. Matt From marco Fri Mar 25 17:07:10 2005 From: marco (Marco Scoffier) Date: Fri, 25 Mar 2005 17:07:10 -0500 Subject: [nycbug-talk] FreeBSD servers In-Reply-To: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> References: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> Message-ID: <20050325220710.GA2529@foo.metm.org> On Fri, Mar 25, 2005 at 04:44:09PM -0500, Matthew Terenzio wrote: >I love the sound of a $30 dedicated FreeBSD server but they look like >they are bragging about 99.9% uptime. >That sounds like over three days down a year. More like a third of a day. 100 - 99.9 = 0.1 percent downtime. 0.1 is to 100 as x is to 365 (0.1/100 = x/365) becomes: x = 0.1 * 365 / 100 = .365 days down a year .365 * 24 hrs = ~ 8.7hrs down a year. Assuming the 99.9% figure is accurate. If they had said 99.99% that would be less than 1hr of downtime a year. In my opinion 99 anything is a marketing term. What is it with this list and numbers ... :) -- Marco From okan Fri Mar 25 17:34:33 2005 From: okan (Okan Demirmen) Date: Fri, 25 Mar 2005 17:34:33 -0500 Subject: [nycbug-talk] FreeBSD servers In-Reply-To: <20050325220710.GA2529@foo.metm.org> References: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> <20050325220710.GA2529@foo.metm.org> Message-ID: <20050325223433.GA30771@yinaska.pair.com> On Fri 2005.03.25 at 17:07 -0500, Marco Scoffier wrote: > What is it with this list and numbers ... :) funny man...hah ;) -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From matt Fri Mar 25 19:15:43 2005 From: matt (Matthew Terenzio) Date: Fri, 25 Mar 2005 19:15:43 -0500 Subject: [nycbug-talk] TSearch2 install Message-ID: <92ef6bb87ff5f0703b78ba99e4c668f2@jobsforge.com> I'm a bit new with FreeBSD here. Software installation is so easy, maybe it's TOO easy. Perhaps I'll take this to the postgres list but I wanted to ask if it was FreeBSD related first. Anyone have any experience with TSearch2 and Postgres 7.3. I have a working Postgres installation and TSearch2 is a postgresql contrib, so I installed that Port. Seemed fine. When I try: $ psql database < tsearch2.sql SET BEGIN NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index 'pg_ts_dict_pkey' for table 'pg_ts_dict' CREATE TABLE ERROR: Load of file /usr/local/lib/postgresql/tsearch2.so failed: dlopen '/usr/local/lib/postgresql/tsearch2.so' failed. (/usr/local/lib/postgresql/tsearch2.so: Undefined symbol "errcode_for_file_access") ERROR: current transaction is aborted, queries ignored until end of transaction block ERROR: current transaction is aborted, queries ignored until end of transaction block tsearch2.so is indeed in that directory and available permission-wise what might Undefined symbol "errcode_for_file_access") mean? But ultimately my question is just "Has anyone successfully installed TSearch2 on FreeBSD?" Thanks, Matt From george Fri Mar 25 22:05:42 2005 From: george (George R.) Date: Fri, 25 Mar 2005 22:05:42 -0500 Subject: [nycbug-talk] OnLamp from Dru Message-ID: Dru Lavigne's recent OnLamp article is entitled 'make for Nonprogrammers'. . . http://www.onlamp.com/pub/a/bsd/2005/03/24/FreeBSD_Basics.html (maybe she should get in the habit of showing off her works and not hiding it from us in her normal modest style ;-) g From george Sat Mar 26 11:43:22 2005 From: george (George R.) Date: Sat, 26 Mar 2005 11:43:22 -0500 Subject: [nycbug-talk] Fwd: talk subscription notification Message-ID: <72bb58ade29b039b50765b86ddf0d93b@sddi.net> FYI all. . . We are now on Gmane. . . (no relation to me). g Begin forwarded message: > From: dummy-bounces at lists.nycbug.org > Date: March 26, 2005 11:13:18 AM EST > To: talk-owner at lists.nycbug.org > Subject: talk subscription notification > > Gmane Administrator has been successfully > subscribed to talk. > > > From lists Sat Mar 26 12:43:23 2005 From: lists (Francisco Reyes) Date: Sat, 26 Mar 2005 12:43:23 -0500 (EST) Subject: [nycbug-talk] FreeBSD servers In-Reply-To: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> References: <7e4d1fb6544b4df3f0dcd60da31eef8c@jobsforge.com> Message-ID: <20050326124149.G49808@zoraida.natserv.net> On Fri, 25 Mar 2005, Matthew Terenzio wrote: > Otherwise if Uptime is critical, what jailing hosts do you recommend that are > less than $30. > Please, no jokes like "If uptime is critical, don't be so cheap!" : ) For reliability and low downtimes I highly recommend http://addy.com, however they are NOT cheap if you need many domains. -- http://stringsutils.com Utility for developers. Compute length, MD5, CRC and more. From lists Sat Mar 26 13:21:39 2005 From: lists (Francisco Reyes) Date: Sat, 26 Mar 2005 13:21:39 -0500 (EST) Subject: [nycbug-talk] Short term support contract (windows to FreeBSD migration) Message-ID: <20050326131309.J50109@zoraida.natserv.net> Yesterday met with a prospect client to discuss some development work. They mentioned they need a short term contract for a support person. This is what I know. *There is a series of offices running windows server with file serving, email and printer sharing. *They plan to hire a junior person do to 50% support and 50% development. *They want to hire a senior person to take over the existing network and help transition the new employee they plan to hire. This contract person CAN as part of the transition switch over the window server to FreeBSD as long as there is no service disruption. Email will very likely be moved to an ISP along with some web hosting. They don't particularly care whether it stays on windows or gets moved, but I think it would much more stable to move them over to FreeBSD so I proposed it and they didn't have a problem with the idea. They may also be interested in having this person be a resource to help the junior person in the future. Interested parties please send me your info as part of the email (no attachments). From macuser Sat Mar 26 21:03:29 2005 From: macuser (Pastor Mac) Date: Sat, 26 Mar 2005 21:03:29 -0500 Subject: [nycbug-talk] iTunes For *BSD/Linux? Message-ID: As always, fwiw, but, hey, you never know what's in the skunkworks... http://macosrumors.com/20050324B.php Pax, Mike McDonald Made on a Macintosh. From ryanseu Sun Mar 27 15:19:56 2005 From: ryanseu (Ryan Seu) Date: Sun, 27 Mar 2005 15:19:56 -0500 Subject: [nycbug-talk] freeBSD and Checkpoint Message-ID: <96b52a60050327121928563ae0@mail.gmail.com> Hi guys, I'm thinking about trying to install Checkpoint VPN-1/Firewall-1 NG FP3 on freeBSD 5.3. Are there any BSD specific security issues I should worry about? I've checked out the Checkpoint site but since I haven't actaully purchased a license yet (im going to use the evaluation version to test it out first) I can't access some of the security documentations they've published. Also, I'm not exactly clear on how checkpoint will work in freeBSD environment because I'm used to Windows GUI when installing the security rules and policies. ryan From okan Sun Mar 27 16:12:02 2005 From: okan (Okan Demirmen) Date: Sun, 27 Mar 2005 16:12:02 -0500 Subject: [nycbug-talk] freeBSD and Checkpoint In-Reply-To: <96b52a60050327121928563ae0@mail.gmail.com> References: <96b52a60050327121928563ae0@mail.gmail.com> Message-ID: <20050327211202.GE47526@yinaska.pair.com> On Sun 2005.03.27 at 15:19 -0500, Ryan Seu wrote: > Hi guys, I'm thinking about trying to install Checkpoint > VPN-1/Firewall-1 NG FP3 on freeBSD 5.3. Are there any BSD specific > security issues I should worry about? I've checked out the Checkpoint > site but since I haven't actaully purchased a license yet (im going to > use the evaluation version to test it out first) I can't access some > of the security documentations they've published. Also, I'm not > exactly clear on how checkpoint will work in freeBSD environment > because I'm used to Windows GUI when installing the security rules and > policies. Ryan, I'm sure you have a reason for trying this, but mind if I ask why? I think that may be general question you get. FreeBSD 5.x tree has a very nice firewall built in, OpenBSD's pf(4). Sure there are things pf(4) can't do yet, but will you require those features? pf(4) does other things that CheckPoint doesn't (as well as other firewalls), but what are your requirements? Not getting into a match between CheckPoint vs pf(4).... If you are going to run CheckPoint because of "business requirements," make sure FreeBSD itself is approved. Addtionaly, are you sure CheckPoint will run on today's FreeBSD? Yes, Nokia's IPSO is a heavily modified FreeBSD, but I think that may even be before the a.out -> elf conversion, which was a long long time ago in FreeBSD. Nokia does very little to keep its release in check with today's FreeBSD. Check with them first. As for CheckPoint GUI's and what not, CheckPoint is CheckPoint - doesn't matter what platform runs underneath it - the CheckPoint stuff stays the same. Depending on the underlying OS, there may be other things, such as IPSO's Voyager, and things like that.... Okan -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From dlavigne6 Sun Mar 27 16:26:19 2005 From: dlavigne6 (dlavigne6 at sympatico.ca) Date: Sun, 27 Mar 2005 16:26:19 -0500 Subject: [nycbug-talk] freeBSD and Checkpoint Message-ID: <20050327212619.IYVU1659.tomts14-srv.bellnexxia.net@mxmta.bellnexxia.net> > > From: Okan Demirmen > Date: 2005/03/27 Sun PM 04:12:02 EST > To: talk at lists.nycbug.org > Subject: Re: [nycbug-talk] freeBSD and Checkpoint > > On Sun 2005.03.27 at 15:19 -0500, Ryan Seu wrote: > > Hi guys, I'm thinking about trying to install Checkpoint > > VPN-1/Firewall-1 NG FP3 on freeBSD 5.3. Are there any BSD specific > > security issues I should worry about? I've checked out the Checkpoint > > site but since I haven't actaully purchased a license yet (im going to > > use the evaluation version to test it out first) I can't access some > > of the security documentations they've published. Also, I'm not > > exactly clear on how checkpoint will work in freeBSD environment > > because I'm used to Windows GUI when installing the security rules and > > policies. > > Ryan, > > I'm sure you have a reason for trying this, but mind if I ask why? > I think that may be general question you get. FreeBSD 5.x tree has > a very nice firewall built in, OpenBSD's pf(4). Sure there are > things pf(4) can't do yet, but will you require those features? > pf(4) does other things that CheckPoint doesn't (as well as other > firewalls), but what are your requirements? Not getting into a > match between CheckPoint vs pf(4).... > > If you are going to run CheckPoint because of "business requirements," > make sure FreeBSD itself is approved. Addtionaly, are you sure > CheckPoint will run on today's FreeBSD? Yes, Nokia's IPSO is a > heavily modified FreeBSD, but I think that may even be before the > a.out -> elf conversion, which was a long long time ago in FreeBSD. > Nokia does very little to keep its release in check with today's > FreeBSD. Check with them first. Having heard the scoop from Nokia support engineers in class, IPSO is a heavily modified 2.x FreeBSD kernel. Scheduled to be replaced sometime in the next year or so with a Linux kernel. Were you aiming to install the firewall module or the GUI client? Dru From lists Mon Mar 28 10:14:06 2005 From: lists (michael) Date: Mon, 28 Mar 2005 10:14:06 -0500 Subject: [nycbug-talk] embedded firewall Message-ID: <20050328101406.231866d1@delinux.abwatley.com> I was trying out yet-another-firewall on my Soekris this weekend. I loaded m0n0wall and liked what I saw. Because I did not compile and install the components myself, it is a little uncomfortable. But I found it simple and easy. The web interface was very well done. While I was googling for something related to that, I came across a similar project: pfSense http://pfsense.org/ It is similar, but self-admittedly, different from m0n0wall. If you read the site, they take great pains to compliment them, it is just that the project goals differ. It looks pretty cool: pf, CARP, NTOP, ALTQ, ssh. It states it is alpha-alpha, but, has anyone loaded it up? Michael -- --- From spork Tue Mar 29 19:09:55 2005 From: spork (Charles Sprickman) Date: Tue, 29 Mar 2005 19:09:55 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space Message-ID: Hey all, This is a bit OT, but I'm thinking there's a decent audience of people here who might have some good input on this... The building that one of my clients is in right now has been sold and will be going residential. This is a pain, as it involves moving servers and whatnot, but on the bright side, the current building is a bandwidth ghetto. Any suggestions for space in Manhattan that's somewhat reasonable and is in a building that's fairly well-wired and on-net with most carriers? Bonus points if there's UPS/Generator power and other amenities that would make pulling in a dozen or so cabinets less of an endeavour (ie: "no, we can't give you enough power" or "no, we don't have enough A/C capacity for you", or "yeah, we can pull that fiber to the next floor but it will cost you $1000/month")... They would entertain anything that's somewhat near $25/square foot depending on how friendly it is to tech business. Thanks! Charles From george Tue Mar 29 19:13:10 2005 From: george (George R.) Date: Tue, 29 Mar 2005 19:13:10 -0500 Subject: [nycbug-talk] [OT] Office Space In-Reply-To: References: Message-ID: <483dce2e55651f155f2d11f17033edfb@sddi.net> On Mar 29, 2005, at 7:09 PM, Charles Sprickman wrote: > Hey all, > > This is a bit OT, but I'm thinking there's a decent audience of people > here who might have some good input on this... > > The building that one of my clients is in right now has been sold and > will be going residential. This is a pain, as it involves moving > servers and whatnot, but on the bright side, the current building is a > bandwidth ghetto. > > Any suggestions for space in Manhattan that's somewhat reasonable and > is in a building that's fairly well-wired and on-net with most > carriers? Bonus points if there's UPS/Generator power and other > amenities that would make pulling in a dozen or so cabinets less of an > endeavour (ie: "no, we can't give you enough power" or "no, we don't > have enough A/C capacity for you", or "yeah, we can pull that fiber to > the next floor but it will cost you $1000/month")... > > They would entertain anything that's somewhat near $25/square foot > depending on how friendly it is to tech business. > This list is a good starting point, but from the real estate people I've dealt with before around Manhattan, I've been surprised how much they are in the loop regarding technology. You might also want to contact your preferred carriers about them having fiber straight into buildings. . . they may have a list or something. . . It's always nice dodging the brutal copper last mile with fiber. . . George From alex Tue Mar 29 19:22:26 2005 From: alex (alex at pilosoft.com) Date: Tue, 29 Mar 2005 19:22:26 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: Message-ID: On Tue, 29 Mar 2005, Charles Sprickman wrote: > Any suggestions for space in Manhattan that's somewhat reasonable and is > in a building that's fairly well-wired and on-net with most carriers? > Bonus points if there's UPS/Generator power and other amenities that > would make pulling in a dozen or so cabinets less of an endeavour (ie: > "no, we can't give you enough power" or "no, we don't have enough A/C > capacity for you", or "yeah, we can pull that fiber to the next floor > but it will cost you $1000/month")... > > They would entertain anything that's somewhat near $25/square foot > depending on how friendly it is to tech business. You are one hopeful man. :) a) 25$/sqft constrains your choices significantly just based on real estate pricing. Rules out midtown, and constrains you to downtown. b) There are carrier hotels buildings which cater explicitly to businesses that need power/connectivity. There aren't that many of them: 111 8th, 60 Hudson, 601 W 26, 32 AoA, 75 Broad. You probably don't want that - usually space there is quite a bit more expensive than in non-carrier-hotel. Also, space is rarely built out, and buildings b) There are just buildings where there are lots of carriers. All Rudin-owned buildings are like that (55 broad, where I am, for example. 110 Wall, 32 AoA, 345 Park, 90 Pine). Out of my head, I can say that 50 Broad, 60 Broad, 65 B'way, 100 William are like that. c) Generator - unless you are in a carrier hotel (see a) - fuggetaboutit. I am lucky enough to be in my current space where I have exclusive lease the on the sole genset of 55 Broad building, but things like that are rare or non-existant. If building doesn't have a genset, consider 150k$-500k$ cost to install it (god bless Local 3). If building has a genset, it is probably already taken by someone for exclusive use. d) Electricity - again, unless you are in a carrier hotel, you will be paying through the nose. *generally* the space in Manhattan comes with about 0.1A/sqft of power built. So, if all you want to put are 10 racks (300A), just take 5000 sqft of space and you'll have enough power. Maybe. If space does not come with adequate power, keep in mind, it will cost *high* amount of money to bring in power. This is in pretty much every building - again, thank the electricians unions and professional engineers. If you are talking about a large new lease, you may extract some money as concessions from landlord. e) Connectivity - generally, downtown in a 20+ story building, buildings are "lit" by a fair number of carriers. I have lit building lists for various carriers that I work with, hit me up and I'll give it to you. There are some carriers that have publically available lists, but most don't. http://www.lglass.net/upload/buildings/NEW%20YORK_website%208-2004.pdf Generally, I think 25$/sqft in a nice "lit" building is tough. Definitely forget about genset though. -alex From mikel.king Tue Mar 29 20:04:56 2005 From: mikel.king (Mikel King) Date: Tue, 29 Mar 2005 20:04:56 -0500 Subject: [nycbug-talk] [OT] Office Space In-Reply-To: References: Message-ID: <4249FB38.3030904@ocsny.com> Charles Sprickman wrote: > Hey all, > > This is a bit OT, but I'm thinking there's a decent audience of people > here who might have some good input on this... > > The building that one of my clients is in right now has been sold and > will be going residential. This is a pain, as it involves moving > servers and whatnot, but on the bright side, the current building is a > bandwidth ghetto. > > Any suggestions for space in Manhattan that's somewhat reasonable and > is in a building that's fairly well-wired and on-net with most > carriers? Bonus points if there's UPS/Generator power and other > amenities that would make pulling in a dozen or so cabinets less of an > endeavour (ie: "no, we can't give you enough power" or "no, we don't > have enough A/C capacity for you", or "yeah, we can pull that fiber to > the next floor but it will cost you $1000/month")... > > They would entertain anything that's somewhat near $25/square foot > depending on how friendly it is to tech business. > > Thanks! > > Charles Well this is generally a tough one, because for your $:sqr ft ratio it isn't going to happen anywhere in Manhattan, I mean not for the above mentioned amenities. You'd be better off dropping your rackable gear into a nice colo like 111 eighth ave, where you'll have you genset backup, huge amounts of bandwidth from every major and several minor carriers and oodles of ac too boot. Then you'll be able to rent yourself a nice dirt cheap flat somewhere else that suits your fancy. -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ From alex Tue Mar 29 20:00:53 2005 From: alex (alex at pilosoft.com) Date: Tue, 29 Mar 2005 20:00:53 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: <4249FB38.3030904@ocsny.com> Message-ID: On Tue, 29 Mar 2005, Mikel King wrote: > Well this is generally a tough one, because for your $:sqr ft ratio it > isn't going to happen anywhere in Manhattan, I mean not for the above > mentioned amenities. You'd be better off dropping your rackable gear > into a nice colo like 111 eighth ave, where you'll have you genset > backup, huge amounts of bandwidth from every major and several minor > carriers and oodles of ac too boot. Then you'll be able to rent yourself > a nice dirt cheap flat somewhere else that suits your fancy. I wouldn't be so pessimistic. I say, "tough but possible". It all depends on details. If this request was about a year ago, we could've shared the office space/datacenter at 55 Broad (I have 5000 sqft that I'm currently subletting to a proprietary trading firm at mid-teens per sqft - unfortunately, I couldn't find any tenant back then). downtown rents have come down. at my building (55 broad), you can get raw space for low 20s per/sqft, and the building is fairly well lit as far as carriers go. You won't get the genset though. -alex From mikel.king Tue Mar 29 20:23:34 2005 From: mikel.king (Mikel King) Date: Tue, 29 Mar 2005 20:23:34 -0500 Subject: [nycbug-talk] [OT] Office Space In-Reply-To: References: Message-ID: <4249FF96.1070409@ocsny.com> alex at pilosoft.com wrote: >On Tue, 29 Mar 2005, Mikel King wrote: > > > >>Well this is generally a tough one, because for your $:sqr ft ratio it >>isn't going to happen anywhere in Manhattan, I mean not for the above >>mentioned amenities. You'd be better off dropping your rackable gear >>into a nice colo like 111 eighth ave, where you'll have you genset >>backup, huge amounts of bandwidth from every major and several minor >>carriers and oodles of ac too boot. Then you'll be able to rent yourself >>a nice dirt cheap flat somewhere else that suits your fancy. >> >> >I wouldn't be so pessimistic. I say, "tough but possible". It all depends >on details. If this request was about a year ago, we could've shared the >office space/datacenter at 55 Broad (I have 5000 sqft that I'm currently >subletting to a proprietary trading firm at mid-teens per sqft - >unfortunately, I couldn't find any tenant back then). > >downtown rents have come down. at my building (55 broad), you can get raw >space for low 20s per/sqft, and the building is fairly well lit as far as >carriers go. You won't get the genset though. > >-alex > > Getting a permit to install a genset is next to impossible now. I mean after the blackout you'd think things would have loosened up a bit. Yes I know it was a bit pessimistic but you have to admit it is an awful lot to ask for the $. -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com t:212.727.2100x132 +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ From alex Tue Mar 29 20:14:23 2005 From: alex (alex at pilosoft.com) Date: Tue, 29 Mar 2005 20:14:23 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: <4249FF96.1070409@ocsny.com> Message-ID: On Tue, 29 Mar 2005, Mikel King wrote: > Getting a permit to install a genset is next to impossible now. I mean > after the blackout you'd think things would have loosened up a bit. Yes > I know it was a bit pessimistic but you have to admit it is an awful lot > to ask for the $. Yep. If you compromise on genset, you can get the rest ;) Yes, genset installation is insanely expensive. God bless unions and those New Yorkers that think NYC should be as quiet as Kalamazoo, Michigan on a snowy day. Grr. -alex From spork Tue Mar 29 20:38:05 2005 From: spork (Charles Sprickman) Date: Tue, 29 Mar 2005 20:38:05 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: References: Message-ID: On Tue, 29 Mar 2005 alex at pilosoft.com wrote: > On Tue, 29 Mar 2005, Charles Sprickman wrote: > >> They would entertain anything that's somewhat near $25/square foot >> depending on how friendly it is to tech business. > You are one hopeful man. :) Yeah, I know... Shoestring budget. > a) 25$/sqft constrains your choices significantly just based on real > estate pricing. Rules out midtown, and constrains you to downtown. That's totally fine. > b) There are carrier hotels buildings which cater explicitly to businesses > that need power/connectivity. There aren't that many of them: 111 8th, 60 > Hudson, 601 W 26, 32 AoA, 75 Broad. You probably don't want that - usually > space there is quite a bit more expensive than in non-carrier-hotel. Also, > space is rarely built out, and buildings Good information, I'm fishing around and that's probably enough to save me the effort of looking at space like that. > b) There are just buildings where there are lots of carriers. All > Rudin-owned buildings are like that (55 broad, where I am, for example. > 110 Wall, 32 AoA, 345 Park, 90 Pine). Out of my head, I can say that 50 > Broad, 60 Broad, 65 B'way, 100 William are like that. I think that would more than meet their needs. The current space is only 4 stories and there's no fiber at all. Just having a few majors in there and someone that offers newer services like metro ethernet would be a really great help. > c) Generator - unless you are in a carrier hotel (see a) - fuggetaboutit. > I am lucky enough to be in my current space where I have exclusive lease > the on the sole genset of 55 Broad building, but things like that are rare > or non-existant. If building doesn't have a genset, consider 150k$-500k$ > cost to install it (god bless Local 3). If building has a genset, it is > probably already taken by someone for exclusive use. Again, good information, and I suppose that means they should rule out doing anything long-term there that is totally mission-critical. > d) Electricity - again, unless you are in a carrier hotel, you will be > paying through the nose. *generally* the space in Manhattan comes with > about 0.1A/sqft of power built. So, if all you want to put are 10 racks > (300A), just take 5000 sqft of space and you'll have enough power. Maybe. > If space does not come with adequate power, keep in mind, it will cost > *high* amount of money to bring in power. This is in pretty much every > building - again, thank the electricians unions and professional > engineers. If you are talking about a large new lease, you may extract > some money as concessions from landlord. Yeah, also in the past most places I've worked have been smaller buildings where the union rules are a little loose. But I imagine that in a highrise, everything is "by the book" and you pay out the nose. Any idea how cross-connects between tenants are handled in a larger building? Do they charge any recurring fees as a general rule once the fiber is installed? > e) Connectivity - generally, downtown in a 20+ story building, buildings > are "lit" by a fair number of carriers. I have lit building lists for > various carriers that I work with, hit me up and I'll give it to you. > There are some carriers that have publically available lists, but most > don't. > http://www.lglass.net/upload/buildings/NEW%20YORK_website%208-2004.pdf That's good news. I assume that if a ConEd or similar "new" carrier is in there there are options beyond the standard telco services. For starters, a 10Mb ethernet drop that could be turned up to 100 in the future would be great. > Generally, I think 25$/sqft in a nice "lit" building is tough. Definitely > forget about genset though. They can probably go a little higher if they are willing to shrink a little bit. The space they are in now is a loft-like thing that is really too big for 10 people. Thanks Alex, Charles > -alex > > From alex Tue Mar 29 20:33:10 2005 From: alex (alex at pilosoft.com) Date: Tue, 29 Mar 2005 20:33:10 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: Message-ID: On Tue, 29 Mar 2005, Charles Sprickman wrote: > > *high* amount of money to bring in power. This is in pretty much every > > building - again, thank the electricians unions and professional > > engineers. If you are talking about a large new lease, you may extract > > some money as concessions from landlord. > > Yeah, also in the past most places I've worked have been smaller > buildings where the union rules are a little loose. But I imagine that > in a highrise, everything is "by the book" and you pay out the nose. > Any idea how cross-connects between tenants are handled in a larger > building? Do they charge any recurring fees as a general rule once the > fiber is installed? Smaller buildings - yes, you might get around with 'looser' rules, but carrier selection is likely to be non-existant. There are companies like Intellispace and EurekaGGN who have a number of small crappy buildings lit, but they charge relative fortune. They aren't interested in doing transport either, only retail transit. Also, consider getting Cogent's lit building list. Cogent has excellent network, don't let anyone tell you otherwise and certainly good value for the price. Yes, large buildings = by the book. I can't speak for every building, but expect to pay ~100$ MRC plus 1000-2000$ NRC for copper crossconnect inside the building (this is how much I'm paying to connect to my customers in 55 Broad). > > Generally, I think 25$/sqft in a nice "lit" building is tough. > > Definitely forget about genset though. > > They can probably go a little higher if they are willing to shrink a > little bit. The space they are in now is a loft-like thing that is > really too big for 10 people. Tricky. This is too small to have much negotiating room. In 55 broad, you can get raw (unbuilt) office space for low 20s, and then get some transit from pilosoft. and possibly colocate the mission-critical stuff with us, that'd be backed up by our generator :) From spork Tue Mar 29 20:47:56 2005 From: spork (Charles Sprickman) Date: Tue, 29 Mar 2005 20:47:56 -0500 (EST) Subject: [nycbug-talk] [OT] Office Space In-Reply-To: <4249FB38.3030904@ocsny.com> References: <4249FB38.3030904@ocsny.com> Message-ID: On Tue, 29 Mar 2005, Mikel King wrote: > Well this is generally a tough one, because for your $:sqr ft ratio it isn't > going to happen anywhere in Manhattan, I mean not for the above mentioned > amenities. You'd be better off dropping your rackable gear into a nice colo > like 111 eighth ave, where you'll have you genset backup, huge amounts of > bandwidth from every major and several minor carriers and oodles of ac too > boot. Then you'll be able to rent yourself a nice dirt cheap flat somewhere > else that suits your fancy. I probably should have covered this more in my initial post, but they are basically doing that already (at 111 eighth, actually). But there is some need for some low-cost client co-lo in-house, and there's some stuff I'd like to work on in-house without committing to a $700/month cabinet before we figure out if it's profitable or not. What Alex posted about backup power and other pipe dreams was helpful; I won't go chasing that stuff. But having electricity and cooling available for a handful of cabinets is something I should probably hold firm on. Thanks, Charles > -- > Cheers, > Mikel King > Optimized Computer Solutions, INC > 39 West Fourteenth Street > Second Floor > New York, NY 10011 > http://www.ocsny.com > t:212.727.2100x132 > > +------------------------------------------+ > You may like them. You will see. You may > like them in a tree. > http://www.FreeBSD.org > http://www.OpenOffice.org > http://www.Mozilla.org > +------------------------------------------+ > How do you spell cooperation? Pessimists use > each other, but optimists help each other. > Collaboration feeds your spirit, while > competition only stokes your ego. You'll > find the best way to get along. > +------------------------------------------+ > > From matt Wed Mar 30 07:01:01 2005 From: matt (Matthew Terenzio) Date: Wed, 30 Mar 2005 07:01:01 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source Message-ID: <7ec683f442706e2df586de46952fbc74@jobsforge.com> It claims Solaris, Microsoft and Red hat to be the dominating Operating Systems headed for an epic battle. http://www.informationweek.com/story/showArticle.jhtml? articleID=159907676 From o_sleep Wed Mar 30 08:00:38 2005 From: o_sleep (Bjorn Nelson) Date: Wed, 30 Mar 2005 08:00:38 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <7ec683f442706e2df586de46952fbc74@jobsforge.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> Message-ID: <871837159bbe2d674eafdbe42b338ce3@belovedarctos.com> On Mar 30, 2005, at 7:01 AM, Matthew Terenzio wrote: > > It claims Solaris, Microsoft and Red hat to be the dominating > Operating Systems headed for an epic battle. > > http://www.informationweek.com/story/showArticle.jhtml? > articleID=159907676 Have to love those SPRAC processors. -Bjorn From nomadlogic Wed Mar 30 13:23:32 2005 From: nomadlogic (pete wright) Date: Wed, 30 Mar 2005 10:23:32 -0800 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <7ec683f442706e2df586de46952fbc74@jobsforge.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> Message-ID: <57d7100005033010234ac7f441@mail.gmail.com> On Wed, 30 Mar 2005 07:01:01 -0500, Matthew Terenzio wrote: > > It claims Solaris, Microsoft and Red hat to be the dominating Operating > Systems headed for an epic battle. > > http://www.informationweek.com/story/showArticle.jhtml? > articleID=159907676 > "Sun stakes out a role as being the only company "truly committed to open source as a means of driving innovation and adoption," according to president Schwartz." and yet java is closed source (despite the repeated claims that they will...then won't...then will open up java), and they have given how much support to the BSD community? I'm sorry, while I do respect the hardware and software engineers at Sun whenever I hear Jason Schwartz get quoted it just leaves a bad taste in my mouth. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From mspitzer Wed Mar 30 13:58:30 2005 From: mspitzer (Marc Spitzer) Date: Wed, 30 Mar 2005 13:58:30 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <57d7100005033010234ac7f441@mail.gmail.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> Message-ID: <8c50a3c30503301058571ec132@mail.gmail.com> On Wed, 30 Mar 2005 10:23:32 -0800, pete wright wrote: > On Wed, 30 Mar 2005 07:01:01 -0500, Matthew Terenzio wrote: > > > > It claims Solaris, Microsoft and Red hat to be the dominating Operating > > Systems headed for an epic battle. > > > > http://www.informationweek.com/story/showArticle.jhtml? > > articleID=159907676 > > > > "Sun stakes out a role as being the only company "truly committed to > open source as a means of driving innovation and adoption," according > to president Schwartz." > > and yet java is closed source (despite the repeated claims that they > will...then won't...then will open up java), and they have given how > much support to the BSD community? What percentage of there target market is BSD( minux OSX)? If the numbers are not there then it is fair for them to decide there is no bang for the engineering buck here and not spend the money. And there exists ports to freebsd at least and do not forget about linux emulation mode. Also there is nothing stopping the open source community from building java from scratch, all of the important bits are published, jvm, language and library specs for version X, so all that would be needed is people who are willing to do the work. The problem here is that it is a *lot* of work for each version and the libs that make it useful. We are talking a significant number of man/years here, this translates into millions of dollars of donated time/money to see it happens. Also how many opensource QA hackers are out there, production grade means lots of QA. > > I'm sorry, while I do respect the hardware and software engineers at > Sun whenever I hear Jason Schwartz get quoted it just leaves a bad > taste in my mouth. he did open source Solaris and Staroffice/Openoffice is that not good enough even if he never opensources java? That is a lot of stuff and I think that openoffice still has a bunch of Sun engineers working on the project as their day job. I know that is the case for Solaris. And Sun should only give their property away when they believe it is in there best interests, otherwise management is not acting in the investors best interests and that *is* there job. marc From nomadlogic Wed Mar 30 15:29:45 2005 From: nomadlogic (pete wright) Date: Wed, 30 Mar 2005 12:29:45 -0800 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <8c50a3c30503301058571ec132@mail.gmail.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> Message-ID: <57d710000503301229703dbc44@mail.gmail.com> On Wed, 30 Mar 2005 13:58:30 -0500, Marc Spitzer wrote: > > What percentage of there target market is BSD( minux OSX)? If the > numbers are not there then it is fair for them to decide there is no > bang for the engineering buck here and not spend the money. And there > exists ports to freebsd at least and do not forget about linux > emulation mode. I'd check out netcraft and just to see how many websites run some variant of BSD which from my recent experience seems like a key market for Sun/Java. At my current employer we use *a lot* of jsp's and such, unfortunately for me using BSD in this situation would be a no go from the start. While the FreeBSD Foundation has been working on getting more robust support for FreeBSD working it does not seem like it has been the easiest thing out there. While it's great that we are able to use linux emulation as well (I mean options are a great thing) I still think there are definite benefits of having the language supported natively. > > Also there is nothing stopping the open source community from building > java from scratch, all of the important bits are published, jvm, > language and library specs for version X, so all that would be needed > is people who are willing to do the work. The problem here is that it > is a *lot* of work for each version and the libs that make it useful. > We are talking a significant number of man/years here, this translates > into millions of dollars of donated time/money to see it happens. > Also how many opensource QA hackers are out there, production grade > means lots of QA. > The only project I've seen that is actually making any headway in doing this is the Gnu Java Compiler...which is GNU for better or worse. I believe RedHat is one of the primary backers on this project. It looks very interesting. And I guess we should also remember IBM has their own version of Java out too, which if I remember correctly ran quite a bit quicker than Sun's implementaion on i386 gnu/linux...although that was several years ago. > > > > I'm sorry, while I do respect the hardware and software engineers at > > Sun whenever I hear Jason Schwartz get quoted it just leaves a bad > > taste in my mouth. > > he did open source Solaris and Staroffice/Openoffice is that not good > enough even if he never opensources java? That is a lot of stuff and > I think that openoffice still has a bunch of Sun engineers working on > the project as their day job. I know that is the case for Solaris. > And they went ahead and made java pretty much an integral part OOo with the 2.x brach, for better or worse. (check out: http://tinyurl.com/5gv2y its a newsforge article) And yea, your right about them having engineers working on this project (I've met several personally I think most of them are based in Europe, atleast they were a couple years ago). > And Sun should only give their property away when they believe it is > in there best interests, otherwise management is not acting in the > investors best interests and that *is* there job. > Yea totally, no doubt. I agree with you here. Sure, they don't have to open anything up. Would I like to see Java opened up, yea it'd help me out for sure. So I guess I'm just being greedy ;) -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From matt Wed Mar 30 15:49:51 2005 From: matt (Matthew Terenzio) Date: Wed, 30 Mar 2005 15:49:51 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <8c50a3c30503301058571ec132@mail.gmail.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> Message-ID: On Mar 30, 2005, at 1:58 PM, Marc Spitzer wrote: > he did open source Solaris and Staroffice/Openoffice is that not good > enough even if he never opensources java? I'm not arguing for or against Sun or Opening Java up, but one concern is fragmentation. Gosling has talked about it before. Things can be open, but you don't want to have to think, "Will this Perl script work the same on Darwin as it does on Red Hat?" And because of it's semi-openness in the past, it is a concern that complete Java openess could lead to one saying, " This works on on IBM Java on Linux." Many of you know better than I how different flavors of the Java API have application server vendors leading their clients down that path of lockdown I totally will not disagree if someone responds and says, "That is open source and that is good." Matt From unixenigma Wed Mar 30 16:42:13 2005 From: unixenigma (G T) Date: Wed, 30 Mar 2005 13:42:13 -0800 (PST) Subject: [nycbug-talk] OpenBSD 3.7 /may19/ Atheros a/b/g support Message-ID: <20050330214213.38796.qmail@web53903.mail.yahoo.com> Hey I dont know about you guys but I found it to be one of the coolest/important feature they will have in 3.7 Support of Atheros IEEE 802.11a/b/g and other wireless stuff through ath, iwi, ipw is finally here. And of course many new versions/programs will be ported. I hate it when whatever you need never get updated in the tree in OBSD, so I am looking forward to have fun with the new stable release. Which ports tree is updated more often from all BSD flavors? So you dont have to wait until next stable release. Thanks GT __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 From mspitzer Wed Mar 30 16:44:14 2005 From: mspitzer (Marc Spitzer) Date: Wed, 30 Mar 2005 16:44:14 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <57d710000503301229703dbc44@mail.gmail.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> <57d710000503301229703dbc44@mail.gmail.com> Message-ID: <8c50a3c30503301344795abfe0@mail.gmail.com> On Wed, 30 Mar 2005 12:29:45 -0800, pete wright wrote: > On Wed, 30 Mar 2005 13:58:30 -0500, Marc Spitzer wrote: > > > > > What percentage of there target market is BSD( minux OSX)? If the > > numbers are not there then it is fair for them to decide there is no > > bang for the engineering buck here and not spend the money. And there > > exists ports to freebsd at least and do not forget about linux > > emulation mode. > > I'd check out netcraft and just to see how many websites run some > variant of BSD which from my recent experience seems like a key market > for Sun/Java. At my current employer we use *a lot* of jsp's and > such, unfortunately for me using BSD in this situation would be a no > go from the start. That is a somewhat misleading number. The reason I feel this way is that, from my limited exp, once you say Java/servlets/EJB etc the hosting providers say you have money to spend and package accordingly, even for the low end. You do not get the cheap mass market LAMP/BAMP packages. you get the "low end" dedicated server packages. Or CoLo packages. After all if you are doing java you have a "budget" and we want our chunk. > > While the FreeBSD Foundation has been working on getting more robust > support for FreeBSD working it does not seem like it has been the > easiest thing out there. While it's great that we are able to use > linux emulation as well (I mean options are a great thing) I still > think there are definite benefits of having the language supported > natively. All it takes for sun to do that is money, for example IFF I could call sun up and say I want native support for freebsd and will pay for the people to do it, sign a contract and cut a check I do not see the problem. But I am not rich. > > > > > Also there is nothing stopping the open source community from building > > java from scratch, all of the important bits are published, jvm, > > language and library specs for version X, so all that would be needed > > is people who are willing to do the work. The problem here is that it > > is a *lot* of work for each version and the libs that make it useful. > > We are talking a significant number of man/years here, this translates > > into millions of dollars of donated time/money to see it happens. > > Also how many opensource QA hackers are out there, production grade > > means lots of QA. > > > > The only project I've seen that is actually making any headway in > doing this is the Gnu Java Compiler...which is GNU for better or > worse. I believe RedHat is one of the primary backers on this > project. It looks very interesting. And I guess we should also > remember IBM has their own version of Java out too, which if I > remember correctly ran quite a bit quicker than Sun's implementaion on > i386 gnu/linux...although that was several years ago. Both efforts are/were funded, to different degrees perhaps, and because of that things got done. And the freebsd port is having problems because it is primarily a volunteer effort with a small team and a large code base to port. > > > > > > > I'm sorry, while I do respect the hardware and software engineers at > > > Sun whenever I hear Jason Schwartz get quoted it just leaves a bad > > > taste in my mouth. > > > > he did open source Solaris and Staroffice/Openoffice is that not good > > enough even if he never opensources java? That is a lot of stuff and > > I think that openoffice still has a bunch of Sun engineers working on > > the project as their day job. I know that is the case for Solaris. > > > > And they went ahead and made java pretty much an integral part OOo > with the 2.x brach, for better or worse. > (check out: http://tinyurl.com/5gv2y its a newsforge article) Sun trys to make everything depend on java, marketing demands it. > > And yea, your right about them having engineers working on this > project (I've met several personally I think most of them are based in > Europe, atleast they were a couple years ago). > > > And Sun should only give their property away when they believe it is > > in there best interests, otherwise management is not acting in the > > investors best interests and that *is* there job. > > > > Yea totally, no doubt. I agree with you here. Sure, they don't have > to open anything up. Would I like to see Java opened up, yea it'd > help me out for sure. So I guess I'm just being greedy ;) I am greedy too, human nature after all. But I an no big fan of java, 70s tech with a large marketing budget. marc From mspitzer Wed Mar 30 16:49:52 2005 From: mspitzer (Marc Spitzer) Date: Wed, 30 Mar 2005 16:49:52 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> Message-ID: <8c50a3c305033013494e63464f@mail.gmail.com> On Wed, 30 Mar 2005 15:49:51 -0500, Matthew Terenzio wrote: > > On Mar 30, 2005, at 1:58 PM, Marc Spitzer wrote: > > > he did open source Solaris and Staroffice/Openoffice is that not good > > enough even if he never opensources java? > > I'm not arguing for or against Sun or Opening Java up, but one concern > is fragmentation. > Gosling has talked about it before. > Things can be open, but you don't want to have to think, "Will this > Perl script work the same on Darwin as it does on Red Hat?" You already do have to, it also happens with java. > And because of it's semi-openness in the past, it is a concern that > complete Java openess could lead to one saying, " This works on on IBM > Java on Linux." > Many of you know better than I how different flavors of the Java API > have application server vendors leading their clients down that path of > lockdown >From an API stability stand point java seems screwwey. Every java app I installed has installed its own version of the jre it was built with just to be sure it was there, ie to be sure the program worked. > > I totally will not disagree if someone responds and says, "That is open > source and that is good." that is an argument for another thread. marc From nomadlogic Wed Mar 30 17:16:49 2005 From: nomadlogic (pete wright) Date: Wed, 30 Mar 2005 14:16:49 -0800 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source In-Reply-To: <8c50a3c30503301344795abfe0@mail.gmail.com> References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> <57d710000503301229703dbc44@mail.gmail.com> <8c50a3c30503301344795abfe0@mail.gmail.com> Message-ID: <57d7100005033014166339b788@mail.gmail.com> On Wed, 30 Mar 2005 16:44:14 -0500, Marc Spitzer wrote: > > I'd check out netcraft and just to see how many websites run some > > variant of BSD which from my recent experience seems like a key market > > for Sun/Java. At my current employer we use *a lot* of jsp's and > > such, unfortunately for me using BSD in this situation would be a no > > go from the start. > > That is a somewhat misleading number. The reason I feel this way is > that, from my limited exp, once you say Java/servlets/EJB etc the > hosting providers say you have money to spend and package accordingly, > even for the low end. You do not get the cheap mass market LAMP/BAMP > packages. you get the "low end" dedicated server packages. Or CoLo > packages. After all if you are doing java you have a "budget" and we > want our chunk. > ok I can see that, sure. But still, one could deduce from the hosting numbers that BSD is a great platform to host and serve web pages/apps from (but I'm sure we all feel that way ;) (big 'ol snip 'cause I think we are on the same wave length here) on a side note, are there any Java dev's on the list? If so, what are your feelings on this. From my perspective I'd love to see more support open support for Java/BSD, coming from an administrative angle. Does it matter to you all? -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From nomadlogic Wed Mar 30 17:20:39 2005 From: nomadlogic (pete wright) Date: Wed, 30 Mar 2005 14:20:39 -0800 Subject: [nycbug-talk] OpenBSD 3.7 /may19/ Atheros a/b/g support In-Reply-To: <20050330214213.38796.qmail@web53903.mail.yahoo.com> References: <20050330214213.38796.qmail@web53903.mail.yahoo.com> Message-ID: <57d7100005033014205cd8650a@mail.gmail.com> On Wed, 30 Mar 2005 13:42:13 -0800 (PST), G T wrote: > Hey > I dont know about you guys but I found it to be one of > the coolest/important feature they will have in 3.7 > Support of Atheros IEEE 802.11a/b/g and other wireless > stuff through ath, iwi, ipw is finally here. > And of course many new versions/programs will be > ported. > I hate it when whatever you need never get updated in > the tree in OBSD, so I am looking forward to have fun > with the new stable release. can't wait either, I hope every one has their subscriptions ;) > Which ports tree is updated more often from all BSD > flavors? So you dont have to wait until next stable > release. > If I understand you question correctly, the FreeBSD ports tree is release independent (more or less) so it get's updated pretty much continuously. -pete > Thanks > GT > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - 250MB free storage. Do more. Manage less. > http://info.mail.yahoo.com/mail_250 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From bruno Wed Mar 30 18:01:52 2005 From: bruno (bruno) Date: Wed, 30 Mar 2005 18:01:52 -0500 Subject: [nycbug-talk] OpenBSD 3.7 /may19/ Atheros a/b/g support In-Reply-To: <20050330214213.38796.qmail@web53903.mail.yahoo.com> References: <20050330214213.38796.qmail@web53903.mail.yahoo.com> Message-ID: <20050330230152.GA27060@loftmail.com> On Wed, Mar 30, 2005 at 01:42:13PM -0800, G T wrote: > Hey > I dont know about you guys but I found it to be one of > the coolest/important feature they will have in 3.7 > Support of Atheros IEEE 802.11a/b/g and other wireless > stuff through ath, iwi, ipw is finally here. > And of course many new versions/programs will be > ported. > I hate it when whatever you need never get updated in > the tree in OBSD, so I am looking forward to have fun > with the new stable release. > Which ports tree is updated more often from all BSD > flavors? So you dont have to wait until next stable > release. You could always run OBSD -current which has the latest and greatest of everything. Bruno -- http://www.loftmail.com From unixenigma Wed Mar 30 21:34:18 2005 From: unixenigma (G T) Date: Wed, 30 Mar 2005 18:34:18 -0800 (PST) Subject: [nycbug-talk] OpenBSD 3.7 /may19/ Atheros a/b/g support In-Reply-To: 6667 Message-ID: <20050331023418.41744.qmail@web53902.mail.yahoo.com> --- bruno wrote: > On Wed, Mar 30, 2005 at 01:42:13PM -0800, G T wrote: > > Hey > > I dont know about you guys but I found it to be > one of > > the coolest/important feature they will have in > 3.7 > > Support of Atheros IEEE 802.11a/b/g and other > wireless > > stuff through ath, iwi, ipw is finally here. > > And of course many new versions/programs will be > > ported. > > I hate it when whatever you need never get updated > in > > the tree in OBSD, so I am looking forward to have > fun > > with the new stable release. > > Which ports tree is updated more often from all > BSD > > flavors? So you dont have to wait until next > stable > > release. > > You could always run OBSD -current which has the > latest and greatest > of everything. > > Bruno Thanks guys > > -- > http://www.loftmail.com > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce > lists > %We meet the first Wednesday of the month > __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ From truk Wed Mar 30 23:07:30 2005 From: truk (Kurt Miller) Date: Wed, 30 Mar 2005 23:07:30 -0500 Subject: [nycbug-talk] Sun, Microsoft Red Hat and Open Source References: <7ec683f442706e2df586de46952fbc74@jobsforge.com> <57d7100005033010234ac7f441@mail.gmail.com> <8c50a3c30503301058571ec132@mail.gmail.com> Message-ID: <01a101c535a7$28fcbdb0$150110ac@focus> From: "Matthew Terenzio" > On Mar 30, 2005, at 1:58 PM, Marc Spitzer wrote: > >> he did open source Solaris and Staroffice/Openoffice is that not good >> enough even if he never opensources java? > > I'm not arguing for or against Sun or Opening Java up, but one concern > is fragmentation. > Gosling has talked about it before. > Things can be open, but you don't want to have to think, "Will this > Perl script work the same on Darwin as it does on Red Hat?" > And because of it's semi-openness in the past, it is a concern that > complete Java openess could lead to one saying, " This works on on IBM > Java on Linux." > Many of you know better than I how different flavors of the Java API > have application server vendors leading their clients down that path of > lockdown And so .... you have hit the nail on the head. Sun has made the jre/sdk source available under the SCSL. However, they have not made the TCK's available to the community. You can pay them $50,000 to get access to them if you want. Without the TCK's you can not verify the compatibility of the jre/sdk. Without verifying the compatibility of the jre/sdk, you can't use the jre/sdk for anything more then personal and individual use. Both the SCSL and their new research license restrict the _use_ of the jre/sdk in ways that prevent a business from running any application (say tomcat or whatever) on it. Until Sun makes the TCK's available to the community without fee, open source java is just a publicity stunt. -Kurt From kacanski_s Thu Mar 31 10:25:38 2005 From: kacanski_s (Aleksandar Kacanski) Date: Thu, 31 Mar 2005 07:25:38 -0800 (PST) Subject: [nycbug-talk] Some thoughts... Message-ID: <20050331152539.4237.qmail@web53607.mail.yahoo.com> Hello, I just recently joined. I would like to know when is the next meeting and how often do we get informed regarding meetings and presentations? I consult for academia and industry. Currently I am working and teaching at CUNY. I am setting up a network and bunch of labs for the transitional high school, part of the project financed by several research foundations. I am using FreeBSD implementations for FW's (m0n0wall) and core services like DNS,SMTP,NTP,SNMP ...ghosting backup and recovery ... As usual I am trying to get buy in from faculty and staff on droping exchange and domain controllers, DNS and MS-LDAP for some collaborative environment. I am looking into two products, opengroupware and OPEN-XCHANGE. Anyone had any experience with these two products in BSD/Linux environments ... - Regards, Sasha Aleksandar (Sasha) Kacanski __________________________________ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs From ike Thu Mar 31 10:38:57 2005 From: ike (Isaac Levy) Date: Thu, 31 Mar 2005 10:38:57 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: <20050331152539.4237.qmail@web53607.mail.yahoo.com> References: <20050331152539.4237.qmail@web53607.mail.yahoo.com> Message-ID: <5bcbad9ac6bb3c4e38d0c61c87ef4439@lesmuug.org> Hi Sasha, On Mar 31, 2005, at 10:25 AM, Aleksandar Kacanski wrote: > Hello, > I just recently joined. I would like to know when is > the next meeting and how often do we get informed > regarding meetings and presentations? Sign up to the Nyc*BUG Announce list! http://lists.nycbug.org/mailman/listinfo/announce-nycbug Meetings are every 1st Wednesday of the month. > I consult for academia and industry. Currently I am > working and teaching at CUNY. > I am setting up a network and bunch of labs for the > transitional high school, part of the project financed > by several research foundations. > I am using FreeBSD implementations for FW's (m0n0wall) > and core services like DNS,SMTP,NTP,SNMP ...ghosting > backup and recovery ... > As usual I am trying to get buy in from faculty and > staff on droping exchange and domain controllers, DNS > and MS-LDAP for some collaborative environment. > I am looking into two products, opengroupware and > OPEN-XCHANGE. > Anyone had any experience with these two products in > BSD/Linux environments ... - I don't have experience with these, but since your on FreeBSD, it's easy to test things out from ports installs: http://www.freebsd.org/cgi/ports.cgi?query=opengroupware&stype=all Open-Xchange doesn't seem to be in ports, but their site points to docs here for install: http://homepage.univie.ac.at/peter.schober/OX_on_FreeBSD.html Good luck, have fun, see you at the next meeting- Rocket- .ike From steve.rieger Thu Mar 31 11:34:02 2005 From: steve.rieger (Steve Rieger) Date: Thu, 31 Mar 2005 11:34:02 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: <5bcbad9ac6bb3c4e38d0c61c87ef4439@lesmuug.org> Message-ID: On 3/31/05 10:38 AM, "Isaac Levy" wrote: > Hi Sasha, > > On Mar 31, 2005, at 10:25 AM, Aleksandar Kacanski wrote: > >> Hello, >> I just recently joined. I would like to know when is >> the next meeting and how often do we get informed >> regarding meetings and presentations? > > Sign up to the Nyc*BUG Announce list! > > http://lists.nycbug.org/mailman/listinfo/announce-nycbug > > Meetings are every 1st Wednesday of the month. > >> I consult for academia and industry. Currently I am >> working and teaching at CUNY. >> I am setting up a network and bunch of labs for the >> transitional high school, part of the project financed >> by several research foundations. >> I am using FreeBSD implementations for FW's (m0n0wall) >> and core services like DNS,SMTP,NTP,SNMP ...ghosting >> backup and recovery ... >> As usual I am trying to get buy in from faculty and >> staff on droping exchange and domain controllers, DNS >> and MS-LDAP for some collaborative environment. >> I am looking into two products, opengroupware and >> OPEN-XCHANGE. >> Anyone had any experience with these two products in >> BSD/Linux environments ... - > > I don't have experience with these, but since your on FreeBSD, it's > easy to test things out from ports installs: > > http://www.freebsd.org/cgi/ports.cgi?query=opengroupware&stype=all > > Open-Xchange doesn't seem to be in ports, but their site points to docs > here for install: > > http://homepage.univie.ac.at/peter.schober/OX_on_FreeBSD.html > > > Good luck, have fun, see you at the next meeting- > > Rocket- > .ike > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > Pretty much you will need linux compat for any of these to work. Not too hard, and will take a bit of time. Also neither of these can be installed from ports. -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From o_sleep Thu Mar 31 11:37:08 2005 From: o_sleep (Bjorn Nelson) Date: Thu, 31 Mar 2005 11:37:08 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: <20050331152539.4237.qmail@web53607.mail.yahoo.com> References: <20050331152539.4237.qmail@web53607.mail.yahoo.com> Message-ID: <95e006536c6ecc44f46d02b1abd004fa@belovedarctos.com> Sasha, I work at Baruch in CUNY as well, cheers. -Bjorn On Mar 31, 2005, at 10:25 AM, Aleksandar Kacanski wrote: > Hello, > I just recently joined. I would like to know when is > the next meeting and how often do we get informed > regarding meetings and presentations? > I consult for academia and industry. Currently I am > working and teaching at CUNY. > I am setting up a network and bunch of labs for the > transitional high school, part of the project financed > by several research foundations. > I am using FreeBSD implementations for FW's (m0n0wall) > and core services like DNS,SMTP,NTP,SNMP ...ghosting > backup and recovery ... > As usual I am trying to get buy in from faculty and > staff on droping exchange and domain controllers, DNS > and MS-LDAP for some collaborative environment. > I am looking into two products, opengroupware and > OPEN-XCHANGE. > Anyone had any experience with these two products in > BSD/Linux environments ... - > > Regards, > > Sasha > > > Aleksandar (Sasha) Kacanski > > > > __________________________________ > Do you Yahoo!? > Make Yahoo! your home page > http://www.yahoo.com/r/hs > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From ike Thu Mar 31 11:40:45 2005 From: ike (Isaac Levy) Date: Thu, 31 Mar 2005 11:40:45 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: References: Message-ID: On Mar 31, 2005, at 11:34 AM, Steve Rieger wrote: > Pretty much you will need linux compat for any of these to work. Not > too > hard, and will take a bit of time. Also neither of these can be > installed > from ports. Yikes. /me has some humble pie with my coffee here... Thanks for the save Steve- (/me just learned a lesson to shut my trap except on things I've run and know...) -- Steve- is OpenGroupWare broken from ports? It looked interesting to me for a project I'm on and was thinking of trying it out... Rocket- .ike From steve.rieger Thu Mar 31 11:46:54 2005 From: steve.rieger (Steve Rieger) Date: Thu, 31 Mar 2005 11:46:54 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: Message-ID: On 3/31/05 11:40 AM, "Isaac Levy" wrote: > On Mar 31, 2005, at 11:34 AM, Steve Rieger wrote: > >> Pretty much you will need linux compat for any of these to work. Not >> too >> hard, and will take a bit of time. Also neither of these can be >> installed >> from ports. > > Yikes. /me has some humble pie with my coffee here... > > Thanks for the save Steve- (/me just learned a lesson to shut my trap > except on things I've run and know...) > > -- > Steve- is OpenGroupWare broken from ports? It looked interesting to me > for a project I'm on and was thinking of trying it out... > > Rocket- > .ike > > > > Yes pretty much it was marked as broken almost a year ago. I did install both of these sucsessfully from source though, what are your reqs for this project. Also for those that don't know check out www.opensourcecms.com its a great resource. But feel free to ask any questions I installed just about everything on that page at least once. -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From nomadlogic Thu Mar 31 12:36:03 2005 From: nomadlogic (pete wright) Date: Thu, 31 Mar 2005 09:36:03 -0800 Subject: [nycbug-talk] PXEBoot NetBSD Message-ID: <57d710000503310936405e796b@mail.gmail.com> Ok I've been hacking on getting my soekris boxen running NetBSD via pxebooting. The only doc I've found on the net is in relation to pxebooting --> mounting root via NFS. Ideally i'd like to do pxeboot-->install. Has anyone here done something similiar. Here's the main doc i've been following: http://www.netbsd.org/Documentation/network/netboot/ I can get tftp to dole out the PXE image, but then I believe it expects a NetBSD kernel and root filesystem to boot. I am more familiar with doing this on OpenBSD where they have a prebuild pxe install image available. Am I missing something obvious here, or should I just go with NetBooting a base system then dd'ing it to my Flash drive? -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group From anthony Thu Mar 31 14:29:26 2005 From: anthony (Anthony Sofia) Date: Thu, 31 Mar 2005 13:29:26 -0600 Subject: [nycbug-talk] PXEBoot NetBSD In-Reply-To: <57d710000503310936405e796b@mail.gmail.com> References: <57d710000503310936405e796b@mail.gmail.com> Message-ID: <20050331192926.GA52560@dryhump.net> Pete, I've done this before to install on a thinkpad. Just get the boot-big.fs and get the kernel image out of it. Name the file netbsd and copy it into the nfsroot you specified in dhcpd. I also copied the /usr/mdec/boot.net into the nfsroot for some reason... (Sorry I did this many months ago and took no notes). Hopefully this helps you out. On Thu, Mar 31, 2005 at 09:36:03AM -0800, pete wright said: >Ok I've been hacking on getting my soekris boxen running NetBSD via >pxebooting. The only doc I've found on the net is in relation to >pxebooting --> mounting root via NFS. Ideally i'd like to do >pxeboot-->install. Has anyone here done something similiar. Here's >the main doc i've been following: > >http://www.netbsd.org/Documentation/network/netboot/ > > >I can get tftp to dole out the PXE image, but then I believe it >expects a NetBSD kernel and root filesystem to boot. I am more >familiar with doing this on OpenBSD where they have a prebuild pxe >install image available. Am I missing something obvious here, or >should I just go with NetBooting a base system then dd'ing it to my >Flash drive? Anthony Sofia (anthony at dryhump.net) -- I'll take care of those murderous trolls. From ike Thu Mar 31 23:48:34 2005 From: ike (Isaac Levy) Date: Thu, 31 Mar 2005 23:48:34 -0500 Subject: [nycbug-talk] Some thoughts... In-Reply-To: <20050331120829.C563@dru.domain.org> References: <20050331120829.C563@dru.domain.org> Message-ID: <5729f87578c6a84fb809064479742e71@lesmuug.org> Wordup Dru, all, On Mar 31, 2005, at 12:09 PM, Dru wrote: >> >> -- >> Steve- is OpenGroupWare broken from ports? It looked interesting to >> me for a project I'm on and was thinking of trying it out... >> >> Rocket- >> .ike > > > That's funny, IKE, I'm installing Opengroupware at this very moment on > Fedora 3. Any idea what apxs is? > > Dru APXS is the Apache Extension Tool- (must have loaded it into my brain for a split second in the last few years, but can't think of more than what it is, beyond the acronym definition). I found this man page, if it's relevant though: http://httpd.apache.org/docs/programs/apxs.html -- I'm thinking that the Opengroupware stuff uses something meant to run as an Apache Extension module? Hrm... /me reads the manual myself here... Rocket- .ike