From ike at lesmuug.org  Wed Aug  2 12:46:20 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Wed, 2 Aug 2006 12:46:20 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
Message-ID: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>

Hi Folks,

I'm emailing to somewhat gently sound the alarm, there's an esoteric  
Apache vulnerability which is not getting much attention (and from  
what I understand, didn't even hit the Apache lists when the patches  
were released?)

I went through patching systems this weekend after seeing this story,

http://isc.sans.org/diary.php?storyid=1523

Anouncements:

Apache 1.3.37 http://www.apache.org/dist/httpd/Announcement1.3.html
Apache 2.0.59 http://www.apache.org/dist/httpd/Announcement2.0.html
Apache 2.2.3  http://www.apache.org/dist/httpd/Announcement2.2.html

--
Thing is, today this hit undeadly, indeed a fine publication online-  
but a far cry from what I'd consider 'sane channels' for breaking  
security vulnerability information.  (i.e. nothing has even yet been  
posted to 'announce at httpd.apache.org' mailing list)

With that, this vulnerability is important, (if you use/enable  
mod_rewrite, or run on systems without ProPolice/SSP stack guards).

Best,
.ike




From okan at demirmen.com  Wed Aug  2 13:06:28 2006
From: okan at demirmen.com (Okan Demirmen)
Date: Wed, 2 Aug 2006 13:06:28 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
In-Reply-To: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
References: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
Message-ID: <20060802170628.GJ27267@clam.khaoz.org>

On Wed 2006.08.02 at 12:46 -0400, Isaac Levy wrote:
> Hi Folks,
> 
> I'm emailing to somewhat gently sound the alarm, there's an esoteric  
> Apache vulnerability which is not getting much attention (and from  
> what I understand, didn't even hit the Apache lists when the patches  
> were released?)
> 
> I went through patching systems this weekend after seeing this story,
> 
> http://isc.sans.org/diary.php?storyid=1523
> 
> Anouncements:
> 
> Apache 1.3.37 http://www.apache.org/dist/httpd/Announcement1.3.html
> Apache 2.0.59 http://www.apache.org/dist/httpd/Announcement2.0.html
> Apache 2.2.3  http://www.apache.org/dist/httpd/Announcement2.2.html
> 
> --
> Thing is, today this hit undeadly, indeed a fine publication online-  
> but a far cry from what I'd consider 'sane channels' for breaking  
> security vulnerability information.  (i.e. nothing has even yet been  
> posted to 'announce at httpd.apache.org' mailing list)

Not to be too picky, but the story on undeadly arrived on 07/31,
OpenBSD errata on 07/30, while the patch went in 07/28.

I can't speak for the other projects, but I'm sure they have somewhat
similar dates...and I can't speak for apache.org, for I haven't even
looked...it also hit the secunia lists as well.

I couldn't tell you why it has not gotten a lot of attention. Maybe
people who use mod_rewrite don't know that they do _use_ mod_rewrite, or
maybe the folks who do are quiet and just patch. If this were a php
thing, I'm sure more attention would have been paid; for, for some
reason, unknown to me, people use php.

> With that, this vulnerability is important, (if you use/enable  
> mod_rewrite, or run on systems without ProPolice/SSP stack guards).

thanks ike.


From af.dingo at gmail.com  Wed Aug  2 13:11:27 2006
From: af.dingo at gmail.com (Jeff Quast)
Date: Wed, 2 Aug 2006 13:11:27 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
In-Reply-To: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
References: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
Message-ID: <c1feb8190608021011v3b4651mb4a35919f74bfdc1@mail.gmail.com>

On 8/2/06, Isaac Levy <ike at lesmuug.org> wrote:
> Hi Folks,
>
> I'm emailing to somewhat gently sound the alarm, there's an esoteric
> Apache vulnerability which is not getting much attention (and from
>
> Thing is, today this hit undeadly, indeed a fine publication online-

Today? Are you saying that undeadly.org was affected by this
vulnerability today? It doesn't even run apache ...

OpenBSD announced the patch on Sunday
http://www.openbsd.org/errata.html , with the modification time of the
28th as well.
Undeadly posted the story on this on Monday.
If you are concerned about missing this sort of thing on OpenBSD
(Undeadly is for and by the openbsd community), then there are rss
feeds for this as well http://undeadly.org/cgi?action=errata . There
is no harm in using a daily crontab that uses ftp to retrieve
errata.html, doing a diff, and if different then emailing root.

I just wanted to clarify the statement "today this hit undeadly". I
don't want somebody taking this the wrong way and thinking undeadly
was hacked!!

Thanks,
jdq


From dan at langille.org  Wed Aug  2 13:19:35 2006
From: dan at langille.org (Dan Langille)
Date: Wed, 02 Aug 2006 13:19:35 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
In-Reply-To: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
Message-ID: <44D0A667.25285.2A08DF14@dan.langille.org>

On 2 Aug 2006 at 12:46, Isaac Levy wrote:

> Hi Folks,
> 
> I'm emailing to somewhat gently sound the alarm, there's an esoteric  
> Apache vulnerability which is not getting much attention (and from  
> what I understand, didn't even hit the Apache lists when the patches  
> were released?)
> 
> I went through patching systems this weekend after seeing this story,
> 
> http://isc.sans.org/diary.php?storyid=1523
> 
> Anouncements:
> 
> Apache 1.3.37 http://www.apache.org/dist/httpd/Announcement1.3.html
> Apache 2.0.59 http://www.apache.org/dist/httpd/Announcement2.0.html
> Apache 2.2.3  http://www.apache.org/dist/httpd/Announcement2.2.html
> 
> --
> Thing is, today this hit undeadly, indeed a fine publication online-  
> but a far cry from what I'd consider 'sane channels' for breaking  
> security vulnerability information.  (i.e. nothing has even yet been  
> posted to 'announce at httpd.apache.org' mailing list)
> 
> With that, this vulnerability is important, (if you use/enable  
> mod_rewrite, or run on systems without ProPolice/SSP stack guards).

The FreeBDS ports tree was patched (at least for www/apache13) on the 
27th:
  http://www.freshports.org/www/apache13/

Something was added to security/vuxml about this on the 28th:
  http://www.freshports.org/security/vuxml/
  http://www.vuxml.org/freebsd/dc8c08c7-1e7c-11db-88cf-
000c6ec775d9.html  (or http://tinyurl.com/jwa97)

Those with security/portaudit installed would have been notified of 
this issue and urged to upgrade.  It is because of issues such as 
this that I run security/portaudit on all my FreeBSD boxes.

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From ahpook at verizon.net  Wed Aug  2 13:49:08 2006
From: ahpook at verizon.net (Ah Pook)
Date: Wed, 02 Aug 2006 13:49:08 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
In-Reply-To: <20060802170628.GJ27267@clam.khaoz.org>
References: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
	<20060802170628.GJ27267@clam.khaoz.org>
Message-ID: <200608021349.08659.ahpook@verizon.net>

On Wednesday 02 August 2006 1:06 pm, Okan Demirmen wrote:
> I couldn't tell you why it has not gotten a lot of attention. Maybe
> people who use mod_rewrite don't know that they do _use_ mod_rewrite,
> or maybe the folks who do are quiet and just patch.

Mostly the latter, around here.


From ike at lesmuug.org  Wed Aug  2 13:55:04 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Wed, 2 Aug 2006 13:55:04 -0400
Subject: [nycbug-talk] Apache Vuln, mod_rewrite
In-Reply-To: <20060802170628.GJ27267@clam.khaoz.org>
References: <C58ED0E0-2FB1-4E90-A37F-EE55B5E6F262@lesmuug.org>
	<20060802170628.GJ27267@clam.khaoz.org>
Message-ID: <C0340465-2455-4872-B67B-78615F363754@lesmuug.org>

Hi All,

On Aug 2, 2006, at 1:06 PM, Okan Demirmen wrote:

> I couldn't tell you why it has not gotten a lot of attention.

Yeah.  Hrmph.
I'm a bit dissappointed in the way Apache is being run here,  
especially in the context of the scale of it's use.  With 2.2  
(ohboy), I'm starting to become slowly convinced there's plenty of  
room for other serious http contenders (not just based on licensing  
issues), though I still love and rely on Apache for many  
applications...  I'm sure a lot of us do.


On Aug 2, 2006, at 1:11 PM, Jeff Quast wrote:
> I just wanted to clarify the statement "today this hit undeadly". I
> don't want somebody taking this the wrong way and thinking undeadly
> was hacked!!

My bad, correction:
today this *news* hit undeadly (more like, today I noticed it on  
undeadly)


--
Regarding the *BSD response:

On Aug 2, 2006, at 1:11 PM, Jeff Quast wrote:
> OpenBSD announced the patch on Sunday
> http://www.openbsd.org/errata.html , with the modification time of the
> 28th as well.

On Aug 2, 2006, at 1:19 PM, Dan Langille wrote:
> The FreeBDS ports tree was patched (at least for www/apache13) on the
> 27th:
>   http://www.freshports.org/www/apache13/
>
> Something was added to security/vuxml about this on the 28th:
>   http://www.freshports.org/security/vuxml/
>   http://www.vuxml.org/freebsd/dc8c08c7-1e7c-11db-88cf-
> 000c6ec775d9.html  (or http://tinyurl.com/jwa97)


It's great to see that various maintainers in the *BSD world are on  
top of this :)

Rocket,
.ike




From skreuzer at f2o.org  Thu Aug  3 11:56:42 2006
From: skreuzer at f2o.org (Steven Kreuzer)
Date: Thu, 03 Aug 2006 11:56:42 -0400
Subject: [nycbug-talk] MD5 Presentation
Message-ID: <44D21CBA.9020500@f2o.org>

Greetings-

First, I want to thank everyone who was at last nights meeting. I hope
everyone enjoyed the presentation and would love to hear some feedback,
both good and bad.

If anyone is interested, I have posted the slides from the presentation,
as well as a C program called md5user, which is a small proof of concept
program that takes a username as an argument, and returns the path to
where their data would be on the filesystem.

example:
$ md5user sjk
/home/29/29/3/steven

You can find everything at http://steven.freeshell.org/nycbug/md5/

SK


From nboeger at khmere.com  Thu Aug  3 12:29:00 2006
From: nboeger at khmere.com (Nathan Boeger)
Date: Thu, 03 Aug 2006 12:29:00 -0400
Subject: [nycbug-talk] MD5 Presentation
In-Reply-To: <44D21CBA.9020500@f2o.org>
References: <44D21CBA.9020500@f2o.org>
Message-ID: <44D2244C.50004@khmere.com>

Also, the original paper can be found here:

http://www.khmere.com/papers/

-nb

Steven Kreuzer wrote:
> Greetings-
>
> First, I want to thank everyone who was at last nights meeting. I hope
> everyone enjoyed the presentation and would love to hear some feedback,
> both good and bad.
>
> If anyone is interested, I have posted the slides from the presentation,
> as well as a C program called md5user, which is a small proof of concept
> program that takes a username as an argument, and returns the path to
> where their data would be on the filesystem.
>
> example:
> $ md5user sjk
> /home/29/29/3/steven
>
> You can find everything at http://steven.freeshell.org/nycbug/md5/
>
> SK
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>
>
>   



From nycbug-list at 2xlp.com  Thu Aug  3 12:39:12 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Thu, 3 Aug 2006 12:39:12 -0400
Subject: [nycbug-talk] MD5 Presentation
In-Reply-To: <44D21CBA.9020500@f2o.org>
References: <44D21CBA.9020500@f2o.org>
Message-ID: <487B06FA-CBE4-40D8-B2D4-5929AB81CE6F@2xlp.com>


On Aug 3, 2006, at 11:56 AM, Steven Kreuzer wrote:

> First, I want to thank everyone who was at last nights meeting. I hope
> everyone enjoyed the presentation and would love to hear some  
> feedback,
> both good and bad.
>
> If anyone is interested, I have posted the slides from the  
> presentation,
> as well as a C program called md5user, which is a small proof of  
> concept
> program that takes a username as an argument, and returns the path to
> where their data would be on the filesystem.

wish i could have made the presentation.

i'm doing nearly the same thing.  just one off

my system maps serials onto directories as such

	abcdefg...z= md5_hex( serial )
	${img_root}/abc/def/ghi/abcdefg...z/

i found the performance of 3x3 hex strings on the directory to be  
great.  i tried 2x2 base64 strings, and it worked fine performance  
wise, but i didn't get the distribution i wanted-- and i didn't like  
dealing with .+ chars

images are served as
	http://imagserver/hash.jpg

and apache translates to a file via mod_rewrite.  i need to recode it  
as a c module one day, so i can tweak a bit more performance.

i tried doing a reverse mapping off of serials too

	123456789 - > 9/98/987/9876/123456789

i think its based off of Benson's law of mathematics.  it works  
well.  i just  decided that i wanted to obfuscate serials to the public.




// Jonathan Vanasco

| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -




From nycbug-list at 2xlp.com  Thu Aug  3 14:44:46 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Thu, 3 Aug 2006 14:44:46 -0400
Subject: [nycbug-talk] MD5 Presentation
In-Reply-To: <487B06FA-CBE4-40D8-B2D4-5929AB81CE6F@2xlp.com>
References: <44D21CBA.9020500@f2o.org>
	<487B06FA-CBE4-40D8-B2D4-5929AB81CE6F@2xlp.com>
Message-ID: <607B6B40-9A34-4501-A049-E7630CCA7D68@2xlp.com>


On Aug 3, 2006, at 12:39 PM, Jonathan Vanasco wrote:

> i think its based off of Benson's law of mathematics.  it works
> well.  i just  decided that i wanted to obfuscate serials to the  
> public.

To answer a few offlist questions;

Sorry for the confusion folks, its Benford, not Benson

	http://www.ezrstats.com/Benford.htm
	http://mathworld.wolfram.com/BenfordsLaw.html

Ironically, the IRS started using it recently to flag returns for audit.

It has to do with leading digit distribution-- 1 is more likely to be  
the first digit than a 9-- 30% more on average

if you're storing stuff into buckets off a serial though, you feel it  
worse, as you encounter geometic expansion under base 10

ie: 1-3, 11-13 , 111-113

	1/
	2/
	3/
	9/
	1/1
	1/2/
	1/3/
	1/9/
	1/1/1
	1/1/2
	1/1/3

	vs

	1/1
	2/1
	3/1
	1/1/1
	2/1/1
	3/1/1

		


if you 'front load' your buckets, you'll get a highly uneven ( read:  
completely worthless ) distribution -- you only get a new bucket when  
you're up by a factor of 10

if you back load your buckets though, you'll get a clean distribution  
-- every 10 items you get a new bucket

getting back to the hashing algorithm-- on the OP.  i should add:

let's say you're storing a serial

	while a GREAT advantage of it is that you're getting a better  
representation of a number to store , as it has a better distribution  
of characters ( 11 vs alkjkas )
	the BEST advantage ( i found) is this:
		you get to bucket a base 10 id in a 16bit space ( i use md5_hex )
		at what point does directory performance degrade?  in the mid  
thousands.
			2 md5hex chars = 256 buckets / dir
			3 md5hex chars = 4096
			2 md5 base 64 chars = 4096

			3 md5 base 32 = 1024

	personally, i think 3 md5 base 32 chars would have been the best  
choice for my appllications-- but it was a PITA to implement across  
languages.  perl/python/php all have base16/base64 as default, so i  
just used that.

	i while ago i tested.  freebsd works great with 4096 directories.  i  
didn't like the performance of ex2fs w/3 levels of 4096 dirs on my  
debian box , but 1024 was on par with freebsd.

you can't realistically implemt it using digits, even taking benford  
into account, because you run into the issue where you start having  
images in the same dir as buckets:

	123.gif
	1123.gif

		3/2/1/123.gif
		3/2/1/1/123.gif

the only way to get past that is to zero-pad your images to be a  
certain length.  but then you get
	0/0/0/0/3/2/1/123.gif

and you'll have a ton of zeros until your site grows.  until you hit  
the upper limit that you defined with 0s- which means your system is  
finitely scalable, not infinitely.

the point of this story being- if you're storing massive things, do  
as steve said and map to md5.  you can even script most webservers to  
translate filenames to an internal mapping, so people can pull the  
image based on a serial or some text name, and everything is seamless.


// Jonathan Vanasco

| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -




From ike at lesmuug.org  Fri Aug  4 11:17:54 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Fri, 4 Aug 2006 08:17:54 -0700
Subject: [nycbug-talk] traceroute postcard, DENIED
Message-ID: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>

Hey All,

Was trying to traceroute from my cingular GPRS line in Vegas, so I  
could send list a traceroute postcard.... but totally denied, (even  
via icmp with the -I flag) :(

Does anyone know how else to run a traceroute on a network that is  
disallowing it via normal means?

--
Aside from that, Defcon begins this morning, NYC*BUG crew we've found  
so far are:

George
Bruno
Marc
me

There's 9 of us staying in a very big spacious room, mini-bar is  
stocked, pfsense running a wired lan, 4 dozen bagels imported from  
NY, all's swell.

If anyone knows anyone else here, our crew are all carrying plastic  
pineapples for our drinks- tell people to grab us and say hi!

On behalf of Bruno and George too,
Rocket-
.ike




From af.dingo at gmail.com  Fri Aug  4 11:53:04 2006
From: af.dingo at gmail.com (Jeff Quast)
Date: Fri, 4 Aug 2006 11:53:04 -0400
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
Message-ID: <c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>

On 8/4/06, Isaac Levy <ike at lesmuug.org> wrote:
> Hey All,
>
> Was trying to traceroute from my cingular GPRS line in Vegas, so I
> could send list a traceroute postcard.... but totally denied, (even
> via icmp with the -I flag) :(
>

tcptraceroute, it should be in ports


From ike at lesmuug.org  Fri Aug  4 11:59:34 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Fri, 4 Aug 2006 08:59:34 -0700
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
Message-ID: <C7CF358E-554C-4CF9-97B3-D46C21B32663@lesmuug.org>

On Aug 4, 2006, at 8:53 AM, Jeff Quast wrote:

>> Was trying to traceroute from my cingular GPRS line in Vegas, so I
>> could send list a traceroute postcard.... but totally denied, (even
>> via icmp with the -I flag) :(
>>
>
> tcptraceroute, it should be in ports

Sweet, it's in darwinports too!  Whee!  Will just take FOREVER on my  
1500 baud cingular GPRS line... :)

Thanks!
.ike




From ike at lesmuug.org  Fri Aug  4 12:08:06 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Fri, 4 Aug 2006 09:08:06 -0700
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
Message-ID: <24993D6A-583F-4325-8BB6-E99C838A6389@lesmuug.org>

On Aug 4, 2006, at 8:53 AM, Jeff Quast wrote:

> tcptraceroute, it should be in ports

Crud- denied just like the other traceroute:

--
Selected device ppp0, address 166.214.99.60, port 49469 for outgoing  
packets
Tracing the path to nycbug.org (64.90.179.103) on TCP port 80 (http),  
30 hops max
1  172.26.248.2  884.255 ms  881.918 ms  538.222 ms
2  172.26.248.2  635.212 ms  563.591 ms  692.685 ms
3  * * *
4  * * *
5  * * *
6  * * *
7  * * *
8  * * *
9  * * *
10  * * *
11  * * *
12  www.nycbug.org (64.90.179.103) [open]  1379.441 ms  573.291 ms   
598.946 ms
--

Hrm.

/me shrugs

Rocket-
.ike




From pete at nomadlogic.org  Fri Aug  4 13:13:18 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Fri, 4 Aug 2006 13:13:18 -0400
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <24993D6A-583F-4325-8BB6-E99C838A6389@lesmuug.org>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
	<24993D6A-583F-4325-8BB6-E99C838A6389@lesmuug.org>
Message-ID: <20060804171318.GC50983@sunset.nomadlogic.org>

On Fri, Aug 04, 2006 at 09:08:06AM -0700, Isaac Levy wrote:
> On Aug 4, 2006, at 8:53 AM, Jeff Quast wrote:
> 
> > tcptraceroute, it should be in ports
> 
> Crud- denied just like the other traceroute:
> 
> --
> Selected device ppp0, address 166.214.99.60, port 49469 for outgoing  
> packets
> Tracing the path to nycbug.org (64.90.179.103) on TCP port 80 (http),  
> 30 hops max
> 1  172.26.248.2  884.255 ms  881.918 ms  538.222 ms
> 2  172.26.248.2  635.212 ms  563.591 ms  692.685 ms
> 3  * * *
> 4  * * *
> 5  * * *
> 6  * * *
> 7  * * *
> 8  * * *
> 9  * * *
> 10  * * *
> 11  * * *
> 12  www.nycbug.org (64.90.179.103) [open]  1379.441 ms  573.291 ms   
> 598.946 ms
> --
> 
> Hrm.
> 
> /me shrugs
> 

hey, what's the IP of your phone...i'll try to trace it from my end.

-p


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From af.dingo at gmail.com  Fri Aug  4 13:34:04 2006
From: af.dingo at gmail.com (Jeff Quast)
Date: Fri, 4 Aug 2006 13:34:04 -0400
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <20060804171318.GC50983@sunset.nomadlogic.org>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
	<24993D6A-583F-4325-8BB6-E99C838A6389@lesmuug.org>
	<20060804171318.GC50983@sunset.nomadlogic.org>
Message-ID: <c1feb8190608041034y5509d9afsb5154b78ad8a49cc@mail.gmail.com>

On 8/4/06, Pete Wright <pete at nomadlogic.org> wrote:
> On Fri, Aug 04, 2006 at 09:08:06AM -0700, Isaac Levy wrote:
> > On Aug 4, 2006, at 8:53 AM, Jeff Quast wrote:
> >
> > > tcptraceroute, it should be in ports
> >
> > Crud- denied just like the other traceroute:
> >
>
> hey, what's the IP of your phone...i'll try to trace it from my end.
>

How about
http://www.dnsstuff.com/tools/tracert.ch?ip=166.214.99.60

(If it is, in fact, 166.214.99.60 )

in that case.. there are several icmp filters on your uplink, this
only goes as far as atlanta (AT&T wireless)


From nycbug-list at 2xlp.com  Fri Aug  4 14:21:13 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Fri, 4 Aug 2006 14:21:13 -0400
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <c1feb8190608041034y5509d9afsb5154b78ad8a49cc@mail.gmail.com>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
	<24993D6A-583F-4325-8BB6-E99C838A6389@lesmuug.org>
	<20060804171318.GC50983@sunset.nomadlogic.org>
	<c1feb8190608041034y5509d9afsb5154b78ad8a49cc@mail.gmail.com>
Message-ID: <2AD02246-B417-4FEF-B341-437E947627EB@2xlp.com>

forgive my ignorance-

would it be possible to accomplish this via a different protocol that  
someone forgot to block?

i'm thinking what would essentially be the opposite of how people  
figured out you can set up reverse ssh proxies via icmp to get free  
wireless in those pay-per-minute wireless zones


From alex at pilosoft.com  Fri Aug  4 14:35:15 2006
From: alex at pilosoft.com (alex at pilosoft.com)
Date: Fri, 4 Aug 2006 14:35:15 -0400 (EDT)
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <2AD02246-B417-4FEF-B341-437E947627EB@2xlp.com>
Message-ID: <Pine.LNX.4.44.0608041435070.22278-100000@bawx.pilosoft.com>

On Fri, 4 Aug 2006, Jonathan Vanasco wrote:

> forgive my ignorance-
> 
> would it be possible to accomplish this via a different protocol that  
> someone forgot to block?
> 
> i'm thinking what would essentially be the opposite of how people  
> figured out you can set up reverse ssh proxies via icmp to get free  
> wireless in those pay-per-minute wireless zones
man tcptraceroute

-alex



From mikel.king at ocsny.com  Fri Aug  4 19:59:08 2006
From: mikel.king at ocsny.com (Mikel King)
Date: Fri, 04 Aug 2006 19:59:08 -0400
Subject: [nycbug-talk] Daemon News
Message-ID: <1DE06EEE-A7F4-429A-9A2B-8F107AC33EC1@ocsny.com>

New issue is being put together. We have several interesting articles  
on queue and I have just published a brief editorial that could use  
some evangelizing. I am actually looking to build a team of article  
evangelists marketing wiztypes to aide in getting the word out when  
we publish an article.

Thanks,
Mikel


From pete at nomadlogic.org  Mon Aug  7 11:42:35 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Mon, 7 Aug 2006 11:42:35 -0400
Subject: [nycbug-talk] NYCBUG cvsup server
In-Reply-To: <074CD4C9-6EF4-4F91-8BA2-095A2847D07F@belovedarctos.com>
References: <62565.160.33.20.11.1154102370.squirrel@webmail.nomadlogic.org>
	<A7AEB432-ED14-4529-A367-2C666C31F762@belovedarctos.com>
	<074CD4C9-6EF4-4F91-8BA2-095A2847D07F@belovedarctos.com>
Message-ID: <20060807154235.GB65484@sunset.nomadlogic.org>

On Sat, Aug 05, 2006 at 09:03:54AM -0400, Bjorn Nelson wrote:
> Pete,
> 
> Looks like it has maintained a pretty good average, 164.62, compared  
> to 691.78 on cvsup6 which is about a fifth of the time:
> 

Execellent, thanks for the info Bjorn!  I'll let you know when I have
the FTP server up (should be soon).  

-pete

> 8/05      171.31 real        21.59 user         6.72 sys
> 8/04      164.08 real        21.70 user         6.61 sys
> 8/03      140.52 real        21.32 user         6.73 sys
> 8/02      166.49 real        21.27 user         6.86 sys
> 8/01      170.35 real        21.24 user         6.86 sys
> 7/31      174.94 real        21.28 user         6.70 sys
> 7/30      111.48 real        21.61 user         6.45 sys <--  
> freebsd.nycbug.org
> 7/29      720.17 real        21.64 user         6.56 sys
> 7/28      708.69 real        21.64 user         6.42 sys
> 7/27      643.29 real        21.41 user         6.40 sys
> 7/26      645.94 real        21.06 user         6.54 sys
> 7/25      580.25 real        21.41 user         6.66 sys
> 7/24      787.54 real        21.11 user         6.77 sys
> 7/23      775.39 real        21.40 user         6.48 sys
> 7/22      730.21 real        20.87 user         6.75 sys
> 7/21      634.55 real        20.99 user         6.36 sys <--  
> cvsup6.freebsd.org
> 
> -Bjorn
> 
> 
> On Jul 29, 2006, at 11:05 AM, Bjorn Nelson wrote:
> 
> >Pete,
> >
> >Good job on setting this up.  So far my times from  
> >cvsup6.freebsd.org have been (300 EST):
> >7/29      720.17 real        21.64 user         6.56 sys
> >7/28      708.69 real        21.64 user         6.42 sys
> >7/27      643.29 real        21.41 user         6.40 sys
> >7/26      645.94 real        21.06 user         6.54 sys
> >7/25      580.25 real        21.41 user         6.66 sys
> >7/24      787.54 real        21.11 user         6.77 sys
> >7/23      775.39 real        21.40 user         6.48 sys
> >7/22      730.21 real        20.87 user         6.75 sys
> >7/21      634.55 real        20.99 user         6.36 sys
> >
> >I just switched for freebsd.nycbug.org and ran it today for the  
> >following times:
> >      110.05 real        21.11 user         6.88 sys
> >
> >Which looks great and encouraging, but keep in mind this is only 7  
> >hours since my last run instead of 24 and it's a saturday (does  
> >more dev work happen on the weekends or during the week?).  I will  
> >try to submit a weeks worth of cvsup times next week to see a  
> >comparison.
> >
> >-Bjorn
> >
> >On Jul 28, 2006, at 11:59 AM, Peter Wright wrote:
> >
> >>Hi All,
> >>     I'm very pleased to annouce the availability of NycBUG's very  
> >>own
> >>cvsup server for FreeBSD is available for use by our members!  It is
> >>our hope that this machine will eventually become an official FreeBSD
> >>mirror, yet before I make any annoucements to hubs@ I'd like to give
> >>our members a first crack at this box.  So, feel free to do your
> >>nightly /usr/src and /usr/ports sync's off of:
> >>
> >>freebsd.nycbug.org
> >>
> >>Once again I'd like to thank New York Internet <www.nyi.net> for  
> >>donating
> >>bandwidth and rackspace to our BUG - and the community in large.   
> >>And our
> >>very own Gman for donating the gear.  Thanks guys, I couldn't have  
> >>slacked
> >>off at work for hours setting this up if it wasn't for you ;^)
> >>
> >>Have Fun!
> >>
> >>-pete
> >>
> >>-- 
> >>~~oO00Oo~~
> >>Peter Wright
> >>pete at nomadlogic.org
> >>www.nomadlogic.org/~pete
> >>310.869.9459
> >>_______________________________________________
> >>% NYC*BUG talk mailing list
> >>http://lists.nycbug.org/mailman/listinfo/talk
> >>%Be sure to check out our Jobs and NYCBUG-announce lists
> >>%We meet the first Wednesday of the month
> >
> 

-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From nycbug-list at 2xlp.com  Mon Aug  7 23:13:12 2006
From: nycbug-list at 2xlp.com (Jonathan)
Date: Mon, 7 Aug 2006 23:13:12 -0400
Subject: [nycbug-talk] tsung?
Message-ID: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>


Has anyone been able to compile Tsung (http://tsung.erlang- 
projects.org/) on FreeBSD?

Its not working out nicely for me, and I can't seem to find any  
success stories online.

Thanks.

// Jonathan Vanasco

| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -




From pete at nomadlogic.org  Mon Aug  7 23:25:17 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Mon, 7 Aug 2006 23:25:17 -0400
Subject: [nycbug-talk] tsung?
In-Reply-To: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>
References: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>
Message-ID: <20060808032514.GA89277@sunset.nomadlogic.org>

On Mon, Aug 07, 2006 at 11:13:12PM -0400, Jonathan wrote:
> 
> Has anyone been able to compile Tsung (http://tsung.erlang- 
> projects.org/) on FreeBSD?
> 
> Its not working out nicely for me, and I can't seem to find any  
> success stories online.
> 
> Thanks.
> 

how far are you getting?  it seems to be dependent upon a fair amount of
other code that is part of the project...


looks pretty interesting though.

-p

-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From anthony.elizondo at gmail.com  Tue Aug  8 05:03:27 2006
From: anthony.elizondo at gmail.com (Anthony Elizondo)
Date: Tue, 8 Aug 2006 05:03:27 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
Message-ID: <a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>

On 7/24/06, Isaac Levy <ike at lesmuug.org> wrote:
> Hey All,
>
> The EFF is putting on a Dunk-Tank fundraiser at Defcon 14, and I've
> been coerced to represent NYC*BUG in the wet-seat, all for a fine
> cause, the EFF.
>
> http://taosecurity.blogspot.com/2006/07/call-for-def-con-dunk-tank-
> volunteers.html
>
> Anyone who's been itching to get in a potshot with me will have a
> clear shot in Vegas, check the dunk-booth for the schedule, and pass
> the word.

For those who couldn't make it to Defcon, some pictures taken by
Declan McCullagh/CNet are available at
http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html

Ike can be seen in photo 3.

> Rocket-
> .ike

Anthony


From okan at demirmen.com  Tue Aug  8 08:00:10 2006
From: okan at demirmen.com (Okan Demirmen)
Date: Tue, 8 Aug 2006 08:00:10 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
Message-ID: <20060808120009.GY27267@clam.khaoz.org>

On Tue 2006.08.08 at 05:03 -0400, Anthony Elizondo wrote:
> For those who couldn't make it to Defcon, some pictures taken by
> Declan McCullagh/CNet are available at
> http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html
> 
> Ike can be seen in photo 3.

tell me that is george tossing the softball.


From george at sddi.net  Tue Aug  8 09:29:07 2006
From: george at sddi.net (George R.)
Date: Tue, 08 Aug 2006 09:29:07 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <20060808120009.GY27267@clam.khaoz.org>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
	<20060808120009.GY27267@clam.khaoz.org>
Message-ID: <44D891A3.3030302@sddi.net>

Okan Demirmen wrote:
> On Tue 2006.08.08 at 05:03 -0400, Anthony Elizondo wrote:
>> For those who couldn't make it to Defcon, some pictures taken by
>> Declan McCullagh/CNet are available at
>> http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html
>>
>> Ike can be seen in photo 3.
> 
> tell me that is george tossing the softball.

Who else?

;-)

g


From bschonhorst at gmail.com  Tue Aug  8 10:14:32 2006
From: bschonhorst at gmail.com (Brad Schonhorst)
Date: Tue, 8 Aug 2006 10:14:32 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <44D891A3.3030302@sddi.net>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
	<20060808120009.GY27267@clam.khaoz.org> <44D891A3.3030302@sddi.net>
Message-ID: <7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>

On 8/8/06, George R. <george at sddi.net> wrote:
> Okan Demirmen wrote:
> > On Tue 2006.08.08 at 05:03 -0400, Anthony Elizondo wrote:
> >> For those who couldn't make it to Defcon, some pictures taken by
> >> Declan McCullagh/CNet are available at
> >> http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html
> >>
> >> Ike can be seen in photo 3.
> >
> > tell me that is george tossing the softball.
>
> Who else?
>
> ;-)
>

>From the picture, looks like George had to pay the $20 to dunk Ike


From george at sddi.net  Tue Aug  8 10:22:27 2006
From: george at sddi.net (George R.)
Date: Tue, 08 Aug 2006 10:22:27 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>	
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>	
	<20060808120009.GY27267@clam.khaoz.org> <44D891A3.3030302@sddi.net>
	<7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>
Message-ID: <44D89E23.6090101@sddi.net>

Brad Schonhorst wrote:
> On 8/8/06, George R. <george at sddi.net> wrote:
>> Okan Demirmen wrote:
>> > On Tue 2006.08.08 at 05:03 -0400, Anthony Elizondo wrote:
>> >> For those who couldn't make it to Defcon, some pictures taken by
>> >> Declan McCullagh/CNet are available at
>> >> http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html
>> >>
>> >> Ike can be seen in photo 3.
>> >
>> > tell me that is george tossing the softball.
>>
>> Who else?
>>
>> ;-)
>>
> 
>> From the picture, looks like George had to pay the $20 to dunk Ike
> 

Yes, we spent a lot, but I dunked him 4x. . .

I was pretty much the Ron Guidry from what we all saw. . .

But what can you expect?  The attendees weren't exactly athletes.

The only person I saw who paid the $20 was the guy in NYCBUG *least*
likely to give to the EFF ;-)

DefCon was a blast. . . lots of good meetings, awesome people.  We seem
to be well-known and respected way beyond.  And of course Ike's Jail
talk was a hit with a huge attendance.  Probably biggest audience yet to
see that talk, and certainly beyond anyone's expectations.

g


From anthony.elizondo at gmail.com  Tue Aug  8 10:59:40 2006
From: anthony.elizondo at gmail.com (Anthony Elizondo)
Date: Tue, 8 Aug 2006 10:59:40 -0400
Subject: [nycbug-talk] tsung?
In-Reply-To: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>
References: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>
Message-ID: <a49e62c80608080759n297b4c71qa82eb7d51b5a428a@mail.gmail.com>

On 8/7/06, Jonathan <nycbug-list at 2xlp.com> wrote:
>
> Has anyone been able to compile Tsung (http://tsung.erlang-
> projects.org/) on FreeBSD?
>
> Its not working out nicely for me, and I can't seem to find any
> success stories online.

I had some free time this morning so I installed lang/erlang (that
took a while) and then tried to compile Tsung.

I was able to successfully compile it using gmake. My only hint that I
was supposed to use gmake instead of make was that erlang itself
depends on devel/gmake.

Here is what I did:

svn export https://svn.process-one.net/tsung/trunk/
./configure
gmake clean; gmake

I didn't try to go any farther. Hope this helps.

> Thanks.
>
> // Jonathan Vanasco

Anthony


From pete at nomadlogic.org  Tue Aug  8 13:07:25 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Tue, 8 Aug 2006 10:07:25 -0700 (PDT)
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
Message-ID: <34826.160.33.20.11.1155056845.squirrel@webmail.nomadlogic.org>


> On 7/24/06, Isaac Levy <ike at lesmuug.org> wrote:
>> Hey All,
>>
>> The EFF is putting on a Dunk-Tank fundraiser at Defcon 14, and I've
>> been coerced to represent NYC*BUG in the wet-seat, all for a fine
>> cause, the EFF.
>>
>> http://taosecurity.blogspot.com/2006/07/call-for-def-con-dunk-tank-
>> volunteers.html
>>
>> Anyone who's been itching to get in a potshot with me will have a
>> clear shot in Vegas, check the dunk-booth for the schedule, and pass
>> the word.
>
> For those who couldn't make it to Defcon, some pictures taken by
> Declan McCullagh/CNet are available at
> http://news.com.com/Photos+Hacking+at+Defcon/2300-1029_3-6102806.html
>
> Ike can be seen in photo 3.
>

hey thanks for the link.  i sorta remember some of that stuff too.  must
have been a good defcon ;)

-pete


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From nycbug-list at 2xlp.com  Tue Aug  8 13:25:48 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Tue, 8 Aug 2006 13:25:48 -0400
Subject: [nycbug-talk] tsung?
In-Reply-To: <a49e62c80608080759n297b4c71qa82eb7d51b5a428a@mail.gmail.com>
References: <06E9D1BA-5883-4C5D-8A69-4415BF8E6152@2xlp.com>
	<a49e62c80608080759n297b4c71qa82eb7d51b5a428a@mail.gmail.com>
Message-ID: <0EA79B43-1367-429F-B8B3-EAC29814CADC@2xlp.com>


On Aug 8, 2006, at 10:59 AM, Anthony Elizondo wrote:

> I didn't try to go any farther. Hope this helps.

brilliant.

i never thought of gmake -- i was going crazy installing possible  
dependencies

nice catch

it'll be interesting to see how tsung performs.  ab and httperf are  
way outdated, and i've heard this is the only benching tool that is  
semi-maintained now.


From spork at bway.net  Tue Aug  8 13:59:59 2006
From: spork at bway.net (Charles Sprickman)
Date: Tue, 8 Aug 2006 13:59:59 -0400 (EDT)
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <44D89E23.6090101@sddi.net>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org> 
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com> 
	<20060808120009.GY27267@clam.khaoz.org> <44D891A3.3030302@sddi.net>
	<7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>
	<44D89E23.6090101@sddi.net>
Message-ID: <Pine.OSX.4.61.0608081359070.14670@white.nat.fasttrackmonkey.com>

On Tue, 8 Aug 2006, George R. wrote:

> And of course Ike's Jail talk was a hit with a huge attendance. 
> Probably biggest audience yet to see that talk, and certainly beyond 
> anyone's expectations.

So it was kind of like the Who's last "farewell tour"? :)

C

> g
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>


From ike at lesmuug.org  Tue Aug  8 14:53:14 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Tue, 8 Aug 2006 14:53:14 -0400
Subject: [nycbug-talk] Defcon 14 Misc Thread
Message-ID: <164359C7-39FD-4E6D-A806-924247985ED2@lesmuug.org>

Hey All,

So I thought I'd start a thread to keep any Defcon 14 related ramble  
together...

It was an AMAZING con this year, just under 7,000 people registered!   
I really want to have more of us out there next year!

--
Saw this today:
http://news.com.com/2300-1029_3-6102806-3.html?tag=ne.gall.pg

That's George, trying to dunk ike- (representing NYC*BUG with his T- 
Shirt).  People kept feeding him dollars, George has a far better arm  
than most of us geeks...  Marc S. got in some good throws too...

Rocket-
.ike




From ike at lesmuug.org  Tue Aug  8 15:56:32 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Tue, 8 Aug 2006 15:56:32 -0400
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <Pine.OSX.4.61.0608081359070.14670@white.nat.fasttrackmonkey.com>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org>
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com>
	<20060808120009.GY27267@clam.khaoz.org> <44D891A3.3030302@sddi.net>
	<7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>
	<44D89E23.6090101@sddi.net>
	<Pine.OSX.4.61.0608081359070.14670@white.nat.fasttrackmonkey.com>
Message-ID: <7AD76DC2-8676-4875-9C40-B30295B52FAA@lesmuug.org>

Oops, missed reading this thread before my other new post-

On Aug 8, 2006, at 10:22 AM, George R. wrote:
> The only person I saw who paid the $20 was the guy in NYCBUG *least*
> likely to give to the EFF ;-)

Heh...  We need access to a dunk-tank for NYC*BUG stuff.  :)

On Aug 8, 2006, at 1:59 PM, Charles Sprickman wrote:

> So it was kind of like the Who's last "farewell tour"? :)

Precisely.  Laser light show and massive smoke machines included. :)

Rocket-
.ike




From spork at bway.net  Tue Aug  8 17:26:03 2006
From: spork at bway.net (Charles Sprickman)
Date: Tue, 8 Aug 2006 17:26:03 -0400 (EDT)
Subject: [nycbug-talk] Defcon 14 EFF Dunk Tank, NYC*BUG represented!
In-Reply-To: <7AD76DC2-8676-4875-9C40-B30295B52FAA@lesmuug.org>
References: <6BA7B30E-D872-4DFC-B393-82B75F5D3D87@lesmuug.org> 
	<a49e62c80608080203u1aab726fs357a8c15e8147469@mail.gmail.com> 
	<20060808120009.GY27267@clam.khaoz.org> <44D891A3.3030302@sddi.net>
	<7708fd680608080714le5fc55ci3e99c93a6b1328f3@mail.gmail.com>
	<44D89E23.6090101@sddi.net>
	<Pine.OSX.4.61.0608081359070.14670@white.nat.fasttrackmonkey.com>
	<7AD76DC2-8676-4875-9C40-B30295B52FAA@lesmuug.org>
Message-ID: <Pine.OSX.4.61.0608081725440.14670@white.nat.fasttrackmonkey.com>

On Tue, 8 Aug 2006, Isaac Levy wrote:

> Oops, missed reading this thread before my other new post-
>
> On Aug 8, 2006, at 10:22 AM, George R. wrote:
>> The only person I saw who paid the $20 was the guy in NYCBUG *least*
>> likely to give to the EFF ;-)
>
> Heh...  We need access to a dunk-tank for NYC*BUG stuff.  :)

Or a drunk tank!

<rimshot>

C

> On Aug 8, 2006, at 1:59 PM, Charles Sprickman wrote:
>
>> So it was kind of like the Who's last "farewell tour"? :)
>
> Precisely.  Laser light show and massive smoke machines included. :)
>
> Rocket-
> .ike
>
>
>


From george at sddi.net  Tue Aug  8 22:44:26 2006
From: george at sddi.net (George R.)
Date: Tue, 08 Aug 2006 22:44:26 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
Message-ID: <44D94C0A.8090102@sddi.net>

If you hadn't heard yet, this project is looking to accumulate some
numbers on FreeBSD usage. . .

http://bsdstats.hub.org/

To be honest, I'm a little bit nervous with it pulling php scripts from
http://bsdstats.hub.org/scripts even though it's sending them to
/dev/null in /usr/local/etc/periodic/monthly/300.statistics.

Although they are running the most recent OpenSSH at least:

scanssh -s ssh bsdstats.hub.org

200.46.208.137:22 SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903

g


From dlavigne6 at sympatico.ca  Wed Aug  9 09:07:53 2006
From: dlavigne6 at sympatico.ca (Dru)
Date: Wed, 9 Aug 2006 09:07:53 -0400 (EDT)
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44D94C0A.8090102@sddi.net>
References: <44D94C0A.8090102@sddi.net>
Message-ID: <20060809090345.N616@dru.domain.org>



On Tue, 8 Aug 2006, George R. wrote:

> If you hadn't heard yet, this project is looking to accumulate some
> numbers on FreeBSD usage. . .
>
> http://bsdstats.hub.org/
>
> To be honest, I'm a little bit nervous with it pulling php scripts from
> http://bsdstats.hub.org/scripts even though it's sending them to
> /dev/null in /usr/local/etc/periodic/monthly/300.statistics.
>
> Although they are running the most recent OpenSSH at least:


If it makes you feel any safer, this system is run by Marc Fournier 
(scrappy at hub.org) who hosts the PostgreSQL projects' servers.

The script is the result of this thread on freebsd-advocacy:

http://lists.freebsd.org/pipermail/freebsd-advocacy/2006-July/002813.html
http://lists.freebsd.org/pipermail/freebsd-advocacy/2006-July/002824.html

Dru


From lists at genoverly.net  Wed Aug  9 09:31:51 2006
From: lists at genoverly.net (michael)
Date: Wed, 9 Aug 2006 09:30:51 -0401
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <20060809090345.N616@dru.domain.org>
References: <44D94C0A.8090102@sddi.net>
	<20060809090345.N616@dru.domain.org>
Message-ID: <20060809093051.47f1b54e@openpad.genoverly.com>

On Wed, 9 Aug 2006 09:07:53 -0400 (EDT)
Dru <dlavigne6 at sympatico.ca> wrote:

> If it makes you feel any safer, this system is run by Marc Fournier 
> (scrappy at hub.org) who hosts the PostgreSQL projects' servers.
> 
> The script is the result of this thread on freebsd-advocacy:
> 
> http://lists.freebsd.org/pipermail/freebsd-advocacy/2006-July/002813.html
> http://lists.freebsd.org/pipermail/freebsd-advocacy/2006-July/002824.html
> 
> Dru


Funny.. the OP in those links put up another link as a reference:
(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
really understood that cheesy bravado.  Why would you want to brag that
you have not patched your box for the last 6 years?  And not just brag..
but to register it and have it available on a website, along side
other poorly maintained boxen.. like it is a badge of honor.


-- 

michael


From anthony.elizondo at gmail.com  Wed Aug  9 10:04:25 2006
From: anthony.elizondo at gmail.com (Anthony Elizondo)
Date: Wed, 9 Aug 2006 10:04:25 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44D94C0A.8090102@sddi.net>
References: <44D94C0A.8090102@sddi.net>
Message-ID: <a49e62c80608090704h39c4d34dwf6b6c9e7a2b46322@mail.gmail.com>

On 8/8/06, George R. <george at sddi.net> wrote:
> If you hadn't heard yet, this project is looking to accumulate some
> numbers on FreeBSD usage. . .
>
> http://bsdstats.hub.org/
>
> To be honest, I'm a little bit nervous with it pulling php scripts from
> http://bsdstats.hub.org/scripts even though it's sending them to
> /dev/null in /usr/local/etc/periodic/monthly/300.statistics.

I want to help the cause so I ran it on one machine as a test and it
seemed to do... nothing. It sat and chugged for 2-3 seconds and it
produced no output. No logs. It didn't send mail to root or
scrappy at hub.org

Anthony


From george at sddi.net  Wed Aug  9 20:30:06 2006
From: george at sddi.net (George R.)
Date: Wed, 09 Aug 2006 20:30:06 -0400
Subject: [nycbug-talk] ike's blog
Message-ID: <44DA7E0E.80100@sddi.net>

If anyone didn't catch this. . . updated with more stuff:

http://defcon14-ike.blogspot.com/

I've got a lot of picts to upload to gallery.nycbug.org, but i'll let
everyone know.

g


From george at sddi.net  Wed Aug  9 21:37:36 2006
From: george at sddi.net (George R.)
Date: Wed, 09 Aug 2006 21:37:36 -0400
Subject: [nycbug-talk] some notes from DefCon
Message-ID: <44DA8DE0.6060702@sddi.net>

Some interesting things to check out:

RFID meeting
rfidguardian.org
rfidvirus.org

firekeeper.mozdev.org: a firefox extension to enable snort-like capability.

gpg webmail: can't seem to find much on this project, but it's
self-explanatory

isilon.com: apparently some people on this list are using them and their
network distributed file system. ..

g


From techneck at goldenpath.org  Thu Aug 10 10:03:28 2006
From: techneck at goldenpath.org (Tim Allender)
Date: Thu, 10 Aug 2006 10:03:28 -0400
Subject: [nycbug-talk] Virtual Machine's for Macs
Message-ID: <44DB3CB0.2040704@goldenpath.org>

What do you guys use for this?

Tim


From af.dingo at gmail.com  Thu Aug 10 11:27:01 2006
From: af.dingo at gmail.com (Jeff Quast)
Date: Thu, 10 Aug 2006 11:27:01 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <20060809093051.47f1b54e@openpad.genoverly.com>
References: <44D94C0A.8090102@sddi.net> <20060809090345.N616@dru.domain.org>
	<20060809093051.47f1b54e@openpad.genoverly.com>
Message-ID: <c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>

On 8/9/06, michael <lists at genoverly.net> wrote:
> Funny.. the OP in those links put up another link as a reference:
> (http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> really understood that cheesy bravado.  Why would you want to brag that
> you have not patched your box for the last 6 years?  And not just brag..
> but to register it and have it available on a website, along side
> other poorly maintained boxen.. like it is a badge of honor.
>

http://www.blahonga.org/~art/diffs/index.html

"In various discussions one can often hear the argument "I can't
reboot my machine, it will give me bad uptime.". For some reason some
communities are using the uptime of a machine as a compensation for
something else being small. This creates bad system administration
practices.
This diff remedies the problem by allowing people to enlarge their
Epenis by arbitrarily adjusting their uptime through sysctl. Not
tested other than that it builds. "

Too funny. I send this patch out to anybody who just _has_ to mention
their awsome uptime. What a joke.


From dan at langille.org  Thu Aug 10 11:45:54 2006
From: dan at langille.org (Dan Langille)
Date: Thu, 10 Aug 2006 11:45:54 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
References: <20060809093051.47f1b54e@openpad.genoverly.com>
Message-ID: <44DB1C72.26012.4C1E55F@dan.langille.org>

On 10 Aug 2006 at 11:27, Jeff Quast wrote:

> On 8/9/06, michael <lists at genoverly.net> wrote:
> > Funny.. the OP in those links put up another link as a reference:
> > (http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> > really understood that cheesy bravado.  Why would you want to brag that
> > you have not patched your box for the last 6 years?  And not just brag..
> > but to register it and have it available on a website, along side
> > other poorly maintained boxen.. like it is a badge of honor.
> >
> 
> http://www.blahonga.org/~art/diffs/index.html
> 
> "In various discussions one can often hear the argument "I can't
> reboot my machine, it will give me bad uptime.". For some reason some
> communities are using the uptime of a machine as a compensation for
> something else being small. This creates bad system administration
> practices.
> This diff remedies the problem by allowing people to enlarge their
> Epenis by arbitrarily adjusting their uptime through sysctl. Not
> tested other than that it builds. "
> 
> Too funny. I send this patch out to anybody who just _has_ to mention
> their awsome uptime. What a joke.

To be fair, it is fairly common to get uptimes of > 200 days without 
being subject to possible exploitation without patching.  It all 
depends upon what you are running and whether or not you have local 
users.  Not all patches require rebooting.  Many can be applied and 
installed without a reboot.

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From pete at nomadlogic.org  Thu Aug 10 11:55:46 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Thu, 10 Aug 2006 11:55:46 -0400
Subject: [nycbug-talk] some notes from DefCon
In-Reply-To: <44DA8DE0.6060702@sddi.net>
References: <44DA8DE0.6060702@sddi.net>
Message-ID: <20060810155545.GB3385@sunset.nomadlogic.org>

On Wed, Aug 09, 2006 at 09:37:36PM -0400, George R. wrote:
> Some interesting things to check out:
> 
> RFID meeting
> rfidguardian.org
> rfidvirus.org
> 
> firekeeper.mozdev.org: a firefox extension to enable snort-like capability.
> 
> gpg webmail: can't seem to find much on this project, but it's
> self-explanatory
> 
> isilon.com: apparently some people on this list are using them and their
> network distributed file system. ..
> 

not to do the sales pitch thing (as i'm sure they have people they pay
to do that) but isilon NAS clusters are pretty interesting and FreeBSD
based.  they implement a propritary clutered file system on top of a
FreeBSD userland and kernel.  it's pretty interesting - and seems to
scale pretty well.

-pete 



-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From spork at bway.net  Thu Aug 10 14:32:25 2006
From: spork at bway.net (Charles Sprickman)
Date: Thu, 10 Aug 2006 14:32:25 -0400 (EDT)
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
References: <44D94C0A.8090102@sddi.net> <20060809090345.N616@dru.domain.org>
	<20060809093051.47f1b54e@openpad.genoverly.com>
	<c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
Message-ID: <Pine.OSX.4.61.0608101428290.14670@white.nat.fasttrackmonkey.com>

On Thu, 10 Aug 2006, Jeff Quast wrote:

> Too funny. I send this patch out to anybody who just _has_ to mention
> their awsome uptime. What a joke.

Just for giggles, here's a machine that totally predates me.  It is no 
longer in use, and it's running FreeBSD 4.3.  It regularly spits out some 
errors about the drive having some issues reading some blocks:

(da0:ahc0:0:0:0): READ(10). CDB: 28 0 0 3c 4b 4d 0 0 2 0
(da0:ahc0:0:0:0): RECOVERED ERROR info:3c4b4e asc:17,1
(da0:ahc0:0:0:0): Recovered data with retries field replaceable unit: d0 
sks:80,1

I'm fairly certain that if it were powered down there is a good chance the 
drive would not spin back up.  That said:

spork at nameserver[~]$ uptime
  2:30PM  up 1872 days,  1:55, 1 user, load averages: 0.01, 0.02, 0.00

Absolutely insane, as it used to actually do real work.  It's been through 
9/11 and a few subsequet blackouts, but 111 8th avenue kicks ass. :)

C

> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>


From george at sddi.net  Thu Aug 10 16:30:57 2006
From: george at sddi.net (George R.)
Date: Thu, 10 Aug 2006 16:30:57 -0400
Subject: [nycbug-talk] NYCBSDCon CFP
Message-ID: <44DB9781.7060100@sddi.net>

Spread the word . . .

NYCBSDCon CFP Closing August 15th

The deadline for the NYCBSDCon "Call for Presentations" is this coming
Tuesday, August 15th.

NYCBSDCon will be held at Columbia University in New York City on
October 28th and 29th.

Details on the CFP are online at http://www.nycbsdcon.org/cfp.  The
program committee will notify accepted submissions on September 1st.

The website for last year's NYCBSDCon is available at
http://2005.nycbsdcon.org.



From bschonhorst at gmail.com  Thu Aug 10 16:56:16 2006
From: bschonhorst at gmail.com (Brad Schonhorst)
Date: Thu, 10 Aug 2006 16:56:16 -0400
Subject: [nycbug-talk] Virtual Machine's for Macs
In-Reply-To: <44DB3CB0.2040704@goldenpath.org>
References: <44DB3CB0.2040704@goldenpath.org>
Message-ID: <7708fd680608101356n760593c4uac3e35ab30fb2e80@mail.gmail.com>

On 8/10/06, Tim Allender <techneck at goldenpath.org> wrote:
> What do you guys use for this?
>

Depends on what your specific needs are.  Off the top of my head:

Virtual PC (SLOW)
Parallels (intel only)
Boot Camp (intel only dual boot)

-Brad


From ike at lesmuug.org  Thu Aug 10 17:48:49 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Thu, 10 Aug 2006 17:48:49 -0400
Subject: [nycbug-talk] ike's blog
In-Reply-To: <44DA7E0E.80100@sddi.net>
References: <44DA7E0E.80100@sddi.net>
Message-ID: <524E483B-FBDC-4E00-8BE8-8EDD94A98262@lesmuug.org>

On Aug 9, 2006, at 8:30 PM, George R. wrote:

> If anyone didn't catch this. . . updated with more stuff:
>
> http://defcon14-ike.blogspot.com/
>
> I've got a lot of picts to upload to gallery.nycbug.org, but i'll let
> everyone know.
>
> g

Yeah, but I haven't gotten to much *interesting* stuff yet...   
Slammed with work...

Rocket-
.ike




From bschonhorst at gmail.com  Thu Aug 10 19:21:47 2006
From: bschonhorst at gmail.com (Brad Schonhorst)
Date: Thu, 10 Aug 2006 19:21:47 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
References: <44D94C0A.8090102@sddi.net> <20060809090345.N616@dru.domain.org>
	<20060809093051.47f1b54e@openpad.genoverly.com>
	<c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
Message-ID: <7708fd680608101621m71912d45t947e9d172611dc47@mail.gmail.com>

On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
> On 8/9/06, michael <lists at genoverly.net> wrote:
> > Funny.. the OP in those links put up another link as a reference:
> > (http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> > really understood that cheesy bravado.  Why would you want to brag that
> > you have not patched your box for the last 6 years?  And not just brag..
> > but to register it and have it available on a website, along side
> > other poorly maintained boxen.. like it is a badge of honor.
> >
>
> http://www.blahonga.org/~art/diffs/index.html
>
> "In various discussions one can often hear the argument "I can't
> reboot my machine, it will give me bad uptime.". For some reason some
> communities are using the uptime of a machine as a compensation for
> something else being small. This creates bad system administration
> practices.
> This diff remedies the problem by allowing people to enlarge their
> Epenis by arbitrarily adjusting their uptime through sysctl. Not
> tested other than that it builds. "
>
> Too funny. I send this patch out to anybody who just _has_ to mention
> their awsome uptime. What a joke.
>

If you take a look at some of the stats, its clear that the UpTime
stat has become meaningless.  Take a look at the top uptimes reported,
surely these have been falsified...

# OperatingSystem Total Uptime
1  Linux  40496 days
2  FreeBSD  31365 days
3  NetBSD  11613 days


From driodeiros at gmail.com  Fri Aug 11 03:34:54 2006
From: driodeiros at gmail.com (David Rio Deiros)
Date: Fri, 11 Aug 2006 00:34:54 -0700
Subject: [nycbug-talk] Virtual Machine's for Macs
In-Reply-To: <7708fd680608101356n760593c4uac3e35ab30fb2e80@mail.gmail.com>
References: <44DB3CB0.2040704@goldenpath.org>
	<7708fd680608101356n760593c4uac3e35ab30fb2e80@mail.gmail.com>
Message-ID: <20060811073454.GA18222@mail5.console.net>

On Thu, Aug 10, 2006 at 04:56:16PM -0400, Brad Schonhorst wrote:
> On 8/10/06, Tim Allender <techneck at goldenpath.org> wrote:
> > What do you guys use for this?
> >
> 
> Depends on what your specific needs are.  Off the top of my head:
> 
> Virtual PC (SLOW)
> Parallels (intel only)
> Boot Camp (intel only dual boot)

I would add one more to the list. It doesn't follow the same concept
than the ones in your list but it has been out there for quite long
time now: qemu for macosx http://www.kju-app.org/kju/.

Also, I don't know what you are planning to do with this tools but,
I found this article quite interesting:

http://julipedia.blogspot.com/2006/04/netbsdi386-development-under-os-x.html

David


From spork at bway.net  Sat Aug 12 18:33:05 2006
From: spork at bway.net (Charles Sprickman)
Date: Sat, 12 Aug 2006 18:33:05 -0400 (EDT)
Subject: [nycbug-talk] SATA RAID options under FBSD 4.x
Message-ID: <Pine.OSX.4.61.0608121830180.14670@white.nat.fasttrackmonkey.com>

Hi all,

What's out there for somewhat high performance RAID controllers under 
FreeBSD 4.x?  I've been playing with a 3Ware 9550SX under 6.1 and it's 
great - blows away our old scsi stuff and is much better than the older 
3Ware cards.  But no driver (twa) for 4.x.  Same story with Areca and the 
LSI SATA RAID cards.

Adaptec is something I'm looking to stay away from.  What else is there?

Also...  I noticed the freebsd-scsi list is pretty dead these days.  Is 
there another list where general scsi/raid questions might get a larger 
audience?

Thanks,

Charles


From dan at langille.org  Sat Aug 12 21:42:48 2006
From: dan at langille.org (Dan Langille)
Date: Sat, 12 Aug 2006 21:42:48 -0400
Subject: [nycbug-talk] SATA RAID options under FBSD 4.x
In-Reply-To: <Pine.OSX.4.61.0608121830180.14670@white.nat.fasttrackmonkey.com>
Message-ID: <44DE4B58.8193.11310AFE@dan.langille.org>

On 12 Aug 2006 at 18:33, Charles Sprickman wrote:

> Hi all,
> 
> What's out there for somewhat high performance RAID controllers under 
> FreeBSD 4.x?  I've been playing with a 3Ware 9550SX under 6.1 and it's 
> great - blows away our old scsi stuff and is much better than the older 
> 3Ware cards.  But no driver (twa) for 4.x.  Same story with Areca and the 
> LSI SATA RAID cards.

I can also vouch for that 3Ware card:

   http://www.freebsddiary.org/dual-opteron-raptors.php
   http://www.freebsddiary.org/3ware-9550SX-8LP-cli.php

And next week, I'll have a NetSaint plugin for that card.

> 
> Adaptec is something I'm looking to stay away from.  What else is there?
> 
> Also...  I noticed the freebsd-scsi list is pretty dead these days.  Is 
> there another list where general scsi/raid questions might get a larger 
> audience?

Is there a particular reason why you can't use 6.1 in this situation?

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From spork at bway.net  Sun Aug 13 00:03:49 2006
From: spork at bway.net (Charles Sprickman)
Date: Sun, 13 Aug 2006 00:03:49 -0400 (EDT)
Subject: [nycbug-talk] SATA RAID options under FBSD 4.x
In-Reply-To: <44DE4B58.8193.11310AFE@dan.langille.org>
References: <44DE4B58.8193.11310AFE@dan.langille.org>
Message-ID: <Pine.OSX.4.61.0608122359360.14670@white.nat.fasttrackmonkey.com>

On Sat, 12 Aug 2006, Dan Langille wrote:

> On 12 Aug 2006 at 18:33, Charles Sprickman wrote:
>
>> Hi all,
>>
>> What's out there for somewhat high performance RAID controllers under
>> FreeBSD 4.x?  I've been playing with a 3Ware 9550SX under 6.1 and it's
>> great - blows away our old scsi stuff and is much better than the older
>> 3Ware cards.  But no driver (twa) for 4.x.  Same story with Areca and the
>> LSI SATA RAID cards.
>
> I can also vouch for that 3Ware card:
>
>   http://www.freebsddiary.org/dual-opteron-raptors.php
>   http://www.freebsddiary.org/3ware-9550SX-8LP-cli.php

Nice!  I get an Opteron sometime next week with the 12 port card.  I went 
with the multilane connectors/backplane, so hopefully cabling things up 
should be tidy - each connector handles four drives.

> And next week, I'll have a NetSaint plugin for that card.

Excellent.  I currently have a little script for these and the adaptecs 
that I drop in /usr/local/etc/periodic/daily.  I don't trust running the 
adaptec tool more than once a day.  Even that makes me a little nervous. 
:)

>>
>> Adaptec is something I'm looking to stay away from.  What else is there?
>>
>> Also...  I noticed the freebsd-scsi list is pretty dead these days.  Is
>> there another list where general scsi/raid questions might get a larger
>> audience?
>
> Is there a particular reason why you can't use 6.1 in this situation?

It's a devel box and all the production boxes are still 4.11.  Also I 
found out I can't use most of the modern cards - from what I can see both 
the Areca and 3Ware cards only are available in PCI-X/e and the box is old 
enough to not have either....

Additionally I have seen some hard lockups on a warm boot with the 3Ware 
card.  Disabling ACPI seems to make it happen less often, but 6.1 is 
giving me some jitters on this hardware combination.

Thanks,

Charles

> -- 
> Dan Langille : Software Developer looking for work
> my resume: http://www.freebsddiary.org/dan_langille.php
>
>
>


From dan at langille.org  Sun Aug 13 07:58:43 2006
From: dan at langille.org (Dan Langille)
Date: Sun, 13 Aug 2006 07:58:43 -0400
Subject: [nycbug-talk] SATA RAID options under FBSD 4.x
In-Reply-To: <Pine.OSX.4.61.0608122359360.14670@white.nat.fasttrackmonkey.com>
References: <44DE4B58.8193.11310AFE@dan.langille.org>
Message-ID: <44DEDBB3.12933.1364EAAD@dan.langille.org>

On 13 Aug 2006 at 0:03, Charles Sprickman wrote:

> On Sat, 12 Aug 2006, Dan Langille wrote:
> 
> > On 12 Aug 2006 at 18:33, Charles Sprickman wrote:
> >
> >> Hi all,
> >>
> >> What's out there for somewhat high performance RAID controllers under
> >> FreeBSD 4.x?  I've been playing with a 3Ware 9550SX under 6.1 and it's
> >> great - blows away our old scsi stuff and is much better than the older
> >> 3Ware cards.  But no driver (twa) for 4.x.  Same story with Areca and the
> >> LSI SATA RAID cards.
> >
> > I can also vouch for that 3Ware card:
> >
> >   http://www.freebsddiary.org/dual-opteron-raptors.php
> >   http://www.freebsddiary.org/3ware-9550SX-8LP-cli.php
> 
> Nice!  I get an Opteron sometime next week with the 12 port card.  I went 
> with the multilane connectors/backplane, so hopefully cabling things up 
> should be tidy - each connector handles four drives.

Good plan.  Last night I figured I could just buy shorter cables and 
solve the messy problem I have.

> >> Adaptec is something I'm looking to stay away from.  What else is there?
> >>
> >> Also...  I noticed the freebsd-scsi list is pretty dead these days.  Is
> >> there another list where general scsi/raid questions might get a larger
> >> audience?
> >
> > Is there a particular reason why you can't use 6.1 in this situation?
> 
> It's a devel box and all the production boxes are still 4.11.  Also I 
> found out I can't use most of the modern cards - from what I can see both 
> the Areca and 3Ware cards only are available in PCI-X/e and the box is old 
> enough to not have either....
> 
> Additionally I have seen some hard lockups on a warm boot with the 3Ware 
> card.  Disabling ACPI seems to make it happen less often, but 6.1 is 
> giving me some jitters on this hardware combination.

This box is well ventilated.  Very very noisy.  I run it only when 
the family is out of the house. 

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From lists at genoverly.net  Sun Aug 13 08:28:24 2006
From: lists at genoverly.net (michael)
Date: Sun, 13 Aug 2006 08:28:24 -0400
Subject: [nycbug-talk] OpenBSD article on IBM site
Message-ID: <20060813082824.34f54d6b@wit.genoverly.com>


	Take a closer look at OpenBSD
	Security where it counts
	Tim McIntire (tm at timmcintire.net), Consultant, Freelance Writer
	08 Aug 2006

	    OpenBSD is quite possibly the most secure operating system
	on the planet. Every step of the development process focuses on
	building a secure, open, and free platform. UNIX? and Linux?
	administrators take note: Without realizing it, you probably
	use tools ported from OpenBSD every day. Maybe it's time to
	give the whole operating system a closer look.


http://www-128.ibm.com/developerworks/aix/library/au-openbsd.html?ca=dgr-lnxw07OpenBSD

There's nothing earth shattering here, but it is always fun to see BSD
mentioned on Big Blue's site.

-- 

Michael



From max at neuropunks.org  Sun Aug 13 19:56:05 2006
From: max at neuropunks.org (Max Gribov)
Date: Sun, 13 Aug 2006 19:56:05 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <7708fd680608101621m71912d45t947e9d172611dc47@mail.gmail.com>
References: <44D94C0A.8090102@sddi.net>
	<20060809090345.N616@dru.domain.org>	<20060809093051.47f1b54e@openpad.genoverly.com>	<c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
	<7708fd680608101621m71912d45t947e9d172611dc47@mail.gmail.com>
Message-ID: <44DFBC15.2050009@neuropunks.org>

Brad Schonhorst wrote:

>On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
>  
>
>>On 8/9/06, michael <lists at genoverly.net> wrote:
>>    
>>
>>>Funny.. the OP in those links put up another link as a reference:
>>>(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
>>>really understood that cheesy bravado.  Why would you want to brag that
>>>you have not patched your box for the last 6 years?  And not just brag..
>>>but to register it and have it available on a website, along side
>>>other poorly maintained boxen.. like it is a badge of honor.
>>>      
>>>
well, you only have to reboot when you patch the kernel.
fbsd at least has a pretty good record of not having too broken of a
kernel, and sometimes there are issues which one does not have to patch
since they were removed from the custom compiled kernel.

uptime can be considered "badge of honor"  in a sense that the os you're
using does not have too many kernel issues, the fact that you made a
custom enough kernel not to worry about useless issues, and plus the
fact that things rarely go wrong in the bsd server world.

i had an uptime of a year once, which was broken by a dead scsi disk.
was a fbsd5.2.1 box on sparc64, a webserver. i was pretty proud that the
box was configured properly not to die all the time. just ask any NT
admin : )

some pointless 2c....


From nycbug at cyth.net  Sun Aug 13 20:42:06 2006
From: nycbug at cyth.net (Ray Lai)
Date: Sun, 13 Aug 2006 20:42:06 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44DFBC15.2050009@neuropunks.org>
References: <44D94C0A.8090102@sddi.net> <20060809090345.N616@dru.domain.org>
	<20060809093051.47f1b54e@openpad.genoverly.com>
	<c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
	<7708fd680608101621m71912d45t947e9d172611dc47@mail.gmail.com>
	<44DFBC15.2050009@neuropunks.org>
Message-ID: <20060814004229.GO31505@cybertron.cyth.net>

On Sun, Aug 13, 2006 at 07:56:05PM -0400, Max Gribov wrote:
> Brad Schonhorst wrote:
> 
> >On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
> >  
> >
> >>On 8/9/06, michael <lists at genoverly.net> wrote:
> >>    
> >>
> >>>Funny.. the OP in those links put up another link as a reference:
> >>>(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> >>>really understood that cheesy bravado.  Why would you want to brag that
> >>>you have not patched your box for the last 6 years?  And not just brag..
> >>>but to register it and have it available on a website, along side
> >>>other poorly maintained boxen.. like it is a badge of honor.
> >>>      
> >>>
> well, you only have to reboot when you patch the kernel.
> fbsd at least has a pretty good record of not having too broken of a
> kernel, and sometimes there are issues which one does not have to patch
> since they were removed from the custom compiled kernel.
> 
> uptime can be considered "badge of honor"  in a sense that the os you're
> using does not have too many kernel issues, the fact that you made a
> custom enough kernel not to worry about useless issues, and plus the
> fact that things rarely go wrong in the bsd server world.

I generally reboot machines after daemons are patched as well, in case
the startup process got trashed due to config changes or something.
It's better to find out immediately rather than after you have forgotten
the change six months later.

-Ray-


From dan at langille.org  Sun Aug 13 22:13:42 2006
From: dan at langille.org (Dan Langille)
Date: Sun, 13 Aug 2006 22:13:42 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <20060814004229.GO31505@cybertron.cyth.net>
References: <44DFBC15.2050009@neuropunks.org>
Message-ID: <44DFA416.24457.1673ABBF@dan.langille.org>

On 13 Aug 2006 at 20:42, Ray Lai wrote:

> On Sun, Aug 13, 2006 at 07:56:05PM -0400, Max Gribov wrote:
> > Brad Schonhorst wrote:
> > 
> > >On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
> > >  
> > >
> > >>On 8/9/06, michael <lists at genoverly.net> wrote:
> > >>    
> > >>
> > >>>Funny.. the OP in those links put up another link as a reference:
> > >>>(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> > >>>really understood that cheesy bravado.  Why would you want to brag that
> > >>>you have not patched your box for the last 6 years?  And not just brag..
> > >>>but to register it and have it available on a website, along side
> > >>>other poorly maintained boxen.. like it is a badge of honor.
> > >>>      
> > >>>
> > well, you only have to reboot when you patch the kernel.
> > fbsd at least has a pretty good record of not having too broken of a
> > kernel, and sometimes there are issues which one does not have to patch
> > since they were removed from the custom compiled kernel.
> > 
> > uptime can be considered "badge of honor"  in a sense that the os you're
> > using does not have too many kernel issues, the fact that you made a
> > custom enough kernel not to worry about useless issues, and plus the
> > fact that things rarely go wrong in the bsd server world.
> 
> I generally reboot machines after daemons are patched as well, in case
> the startup process got trashed due to config changes or something.
> It's better to find out immediately rather than after you have forgotten
> the change six months later.

Are you speaking theoretically or do you have practical examples of 
such instances?

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From nycbug at cyth.net  Mon Aug 14 01:14:04 2006
From: nycbug at cyth.net (Ray Lai)
Date: Mon, 14 Aug 2006 01:14:04 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44DFA416.24457.1673ABBF@dan.langille.org>
References: <44DFBC15.2050009@neuropunks.org>
	<44DFA416.24457.1673ABBF@dan.langille.org>
Message-ID: <20060814051427.GP31505@cybertron.cyth.net>

On Sun, Aug 13, 2006 at 10:13:42PM -0400, Dan Langille wrote:
> On 13 Aug 2006 at 20:42, Ray Lai wrote:
> 
> > On Sun, Aug 13, 2006 at 07:56:05PM -0400, Max Gribov wrote:
> > > Brad Schonhorst wrote:
> > > 
> > > >On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
> > > >  
> > > >
> > > >>On 8/9/06, michael <lists at genoverly.net> wrote:
> > > >>    
> > > >>
> > > >>>Funny.. the OP in those links put up another link as a reference:
> > > >>>(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> > > >>>really understood that cheesy bravado.  Why would you want to brag that
> > > >>>you have not patched your box for the last 6 years?  And not just brag..
> > > >>>but to register it and have it available on a website, along side
> > > >>>other poorly maintained boxen.. like it is a badge of honor.
> > > >>>      
> > > >>>
> > > well, you only have to reboot when you patch the kernel.
> > > fbsd at least has a pretty good record of not having too broken of a
> > > kernel, and sometimes there are issues which one does not have to patch
> > > since they were removed from the custom compiled kernel.
> > > 
> > > uptime can be considered "badge of honor"  in a sense that the os you're
> > > using does not have too many kernel issues, the fact that you made a
> > > custom enough kernel not to worry about useless issues, and plus the
> > > fact that things rarely go wrong in the bsd server world.
> > 
> > I generally reboot machines after daemons are patched as well, in case
> > the startup process got trashed due to config changes or something.
> > It's better to find out immediately rather than after you have forgotten
> > the change six months later.
> 
> Are you speaking theoretically or do you have practical examples of 
> such instances?

Of course it's happened to me.  Newer daemons are sometimes missing
libraries or no longer accept old config file syntaxes.

-Ray-


From mspitzer at gmail.com  Mon Aug 14 01:22:37 2006
From: mspitzer at gmail.com (Marc Spitzer)
Date: Mon, 14 Aug 2006 01:22:37 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44DFBC15.2050009@neuropunks.org>
References: <44D94C0A.8090102@sddi.net> <20060809090345.N616@dru.domain.org>
	<20060809093051.47f1b54e@openpad.genoverly.com>
	<c1feb8190608100827y64c77652t2afcecb54bc3f57c@mail.gmail.com>
	<7708fd680608101621m71912d45t947e9d172611dc47@mail.gmail.com>
	<44DFBC15.2050009@neuropunks.org>
Message-ID: <8c50a3c30608132222m184cfe03sbf42ddfdab540b66@mail.gmail.com>

On 8/13/06, Max Gribov <max at neuropunks.org> wrote:
>
> uptime can be considered "badge of honor"  in a sense that the os you're
> using does not have too many kernel issues, the fact that you made a
> custom enough kernel not to worry about useless issues, and plus the
> fact that things rarely go wrong in the bsd server world.
>

I think uptime, as we are talking about it, is kinda silly.
Personally I am in favor of rebooting production boxes at least
quarterly.  It can be really interesting to see what shakes loose.
Also it gives you a framework of scheduled outages to do other stuff
in, non critical patches or a bit of kernel tuning etc.  Also the Idea
of patching libraries and not rebooting without a very good reason,
and a lot of checking to see you actually restarted *EVERYTHING* that
calls it, is asking for trouble.  I do not think the system will
reload the same shared lib if there is a copy sitting in memory,
rebooting fixes this issue.

Geeks should not do Tarzan, after we beat our chests we need to check
for bruises.

marc

-- 
"We trained very hard, but it seemed that every time we were beginning to
form into teams we would be reorganized. I was to learn later in life that
we tend to meet any new situation by reorganizing, and a wonderful method it
can be for creating the illusion of progress, while producing confusion,
inefficiency and demoralization."
-Gaius Petronius, 1st Century AD


From dan at langille.org  Mon Aug 14 07:32:54 2006
From: dan at langille.org (Dan Langille)
Date: Mon, 14 Aug 2006 07:32:54 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <20060814051427.GP31505@cybertron.cyth.net>
References: <44DFA416.24457.1673ABBF@dan.langille.org>
Message-ID: <44E02726.15581.18739AEC@dan.langille.org>

On 14 Aug 2006 at 1:14, Ray Lai wrote:

> On Sun, Aug 13, 2006 at 10:13:42PM -0400, Dan Langille wrote:
> > On 13 Aug 2006 at 20:42, Ray Lai wrote:
> > 
> > > On Sun, Aug 13, 2006 at 07:56:05PM -0400, Max Gribov wrote:
> > > > Brad Schonhorst wrote:
> > > > 
> > > > >On 8/10/06, Jeff Quast <af.dingo at gmail.com> wrote:
> > > > >  
> > > > >
> > > > >>On 8/9/06, michael <lists at genoverly.net> wrote:
> > > > >>    
> > > > >>
> > > > >>>Funny.. the OP in those links put up another link as a reference:
> > > > >>>(http://www.mreriksson.net/uptimes/) The Uptime Project.  I never
> > > > >>>really understood that cheesy bravado.  Why would you want to brag that
> > > > >>>you have not patched your box for the last 6 years?  And not just brag..
> > > > >>>but to register it and have it available on a website, along side
> > > > >>>other poorly maintained boxen.. like it is a badge of honor.
> > > > >>>      
> > > > >>>
> > > > well, you only have to reboot when you patch the kernel.
> > > > fbsd at least has a pretty good record of not having too broken of a
> > > > kernel, and sometimes there are issues which one does not have to patch
> > > > since they were removed from the custom compiled kernel.
> > > > 
> > > > uptime can be considered "badge of honor"  in a sense that the os you're
> > > > using does not have too many kernel issues, the fact that you made a
> > > > custom enough kernel not to worry about useless issues, and plus the
> > > > fact that things rarely go wrong in the bsd server world.
> > > 
> > > I generally reboot machines after daemons are patched as well, in case
> > > the startup process got trashed due to config changes or something.
> > > It's better to find out immediately rather than after you have forgotten
> > > the change six months later.
> > 
> > Are you speaking theoretically or do you have practical examples of 
> > such instances?
> 
> Of course it's happened to me.  Newer daemons are sometimes missing
> libraries or no longer accept old config file syntaxes.

Anyone else had this experience?

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From dan at langille.org  Mon Aug 14 07:34:42 2006
From: dan at langille.org (Dan Langille)
Date: Mon, 14 Aug 2006 07:34:42 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <8c50a3c30608132222m184cfe03sbf42ddfdab540b66@mail.gmail.com>
References: <44DFBC15.2050009@neuropunks.org>
Message-ID: <44E02792.16505.187542DF@dan.langille.org>

On 14 Aug 2006 at 1:22, Marc Spitzer wrote:

> On 8/13/06, Max Gribov <max at neuropunks.org> wrote:
> >
> > uptime can be considered "badge of honor"  in a sense that the os you're
> > using does not have too many kernel issues, the fact that you made a
> > custom enough kernel not to worry about useless issues, and plus the
> > fact that things rarely go wrong in the bsd server world.
> >
> 
> I think uptime, as we are talking about it, is kinda silly.
> Personally I am in favor of rebooting production boxes at least
> quarterly.  It can be really interesting to see what shakes loose.
> Also it gives you a framework of scheduled outages to do other stuff
> in, non critical patches or a bit of kernel tuning etc.  Also the Idea
> of patching libraries and not rebooting without a very good reason,
> and a lot of checking to see you actually restarted *EVERYTHING* that
> calls it, is asking for trouble.  I do not think the system will
> reload the same shared lib if there is a copy sitting in memory,
> rebooting fixes this issue.

With reference to your last statement, why do you think that?  Is 
this theory restricted to shared libs?

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From jonathan at kc8onw.net  Mon Aug 14 08:16:24 2006
From: jonathan at kc8onw.net (Jonathan Stewart)
Date: Mon, 14 Aug 2006 08:16:24 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44E02726.15581.18739AEC@dan.langille.org>
References: <44DFA416.24457.1673ABBF@dan.langille.org>
	<44E02726.15581.18739AEC@dan.langille.org>
Message-ID: <44E06998.1050701@kc8onw.net>

Dan Langille wrote:
> On 14 Aug 2006 at 1:14, Ray Lai wrote:
> 
>> On Sun, Aug 13, 2006 at 10:13:42PM -0400, Dan Langille wrote:
>>> On 13 Aug 2006 at 20:42, Ray Lai wrote:
>>>
>>>> I generally reboot machines after daemons are patched as well, in case
>>>> the startup process got trashed due to config changes or something.
>>>> It's better to find out immediately rather than after you have forgotten
>>>> the change six months later.
>>> Are you speaking theoretically or do you have practical examples of 
>>> such instances?
>> Of course it's happened to me.  Newer daemons are sometimes missing
>> libraries or no longer accept old config file syntaxes.
> 
> Anyone else had this experience?

I have, I can't name a specific instance right now although I think I
did have trouble with the dovecot .9x to 1.x transition.  I'm also
pretty sure I forgot to read updating so that one was my fault though.
I think I also had a port change to modern rc.d files and I had to set
the _enable variable in /etc/rc.conf but missed the port message because
portupgrade scrolled it right off the screen so when the server
restarted the daemon did not...

Jonathan


From mspitzer at gmail.com  Mon Aug 14 08:55:04 2006
From: mspitzer at gmail.com (Marc Spitzer)
Date: Mon, 14 Aug 2006 08:55:04 -0400
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44E02792.16505.187542DF@dan.langille.org>
References: <44DFBC15.2050009@neuropunks.org>
	<8c50a3c30608132222m184cfe03sbf42ddfdab540b66@mail.gmail.com>
	<44E02792.16505.187542DF@dan.langille.org>
Message-ID: <8c50a3c30608140555l6413fedkf2269107aec1250@mail.gmail.com>

On 8/14/06, Dan Langille <dan at langille.org> wrote:
> On 14 Aug 2006 at 1:22, Marc Spitzer wrote:
>
> > On 8/13/06, Max Gribov <max at neuropunks.org> wrote:
> > >
> > > uptime can be considered "badge of honor"  in a sense that the os you're
> > > using does not have too many kernel issues, the fact that you made a
> > > custom enough kernel not to worry about useless issues, and plus the
> > > fact that things rarely go wrong in the bsd server world.
> > >
> >
> > I think uptime, as we are talking about it, is kinda silly.
> > Personally I am in favor of rebooting production boxes at least
> > quarterly.  It can be really interesting to see what shakes loose.
> > Also it gives you a framework of scheduled outages to do other stuff
> > in, non critical patches or a bit of kernel tuning etc.  Also the Idea
> > of patching libraries and not rebooting without a very good reason,
> > and a lot of checking to see you actually restarted *EVERYTHING* that
> > calls it, is asking for trouble.  I do not think the system will
> > reload the same shared lib if there is a copy sitting in memory,
> > rebooting fixes this issue.
>
> With reference to your last statement, why do you think that?  Is
> this theory restricted to shared libs?
>

Yes it is restricted to shared libs, the static lib got ya is that you
need to rebuild/restart
everything that uses the lib or you still have the problem.  Getting
back on topic, the way I understand dynamic linking is that before
loading libc, for example, it will check to see if libc is already in
memory from a previously started program, like your shell, and if it
is it links against the in memory copy.  The easy way to not have this
problem is just bounce the box, if at all possible.  If not then I
would start ldding things and groveling through memory looking for
symbol names, and ask here for a better way if possible, to make sure
that the lib is really gone from memory and I can start things up
again that use it, the first one loads from disk and the rest link it
in.  The thing to keep in mind is that you are not really patching
disk images but what is in memory.  As long as the program sits on
disk it is safe and harmless

marc

-- 
"We trained very hard, but it seemed that every time we were beginning to
form into teams we would be reorganized. I was to learn later in life that
we tend to meet any new situation by reorganizing, and a wonderful method it
can be for creating the illusion of progress, while producing confusion,
inefficiency and demoralization."
-Gaius Petronius, 1st Century AD


From tillman at seekingfire.com  Mon Aug 14 09:51:40 2006
From: tillman at seekingfire.com (Tillman Hodgson)
Date: Mon, 14 Aug 2006 07:51:40 -0600
Subject: [nycbug-talk] FBSD sysutils/bsdstats
In-Reply-To: <44E06998.1050701@kc8onw.net>
References: <44DFA416.24457.1673ABBF@dan.langille.org>
	<44E02726.15581.18739AEC@dan.langille.org>
	<44E06998.1050701@kc8onw.net>
Message-ID: <20060814135140.GA17010@seekingfire.com>

On Mon, Aug 14, 2006 at 08:16:24AM -0400, Jonathan Stewart wrote:
> Dan Langille wrote:
> > Anyone else had this experience?
> 
> I have, I can't name a specific instance right now although I think I
> did have trouble with the dovecot .9x to 1.x transition.  I'm also
> pretty sure I forgot to read updating so that one was my fault though.
> I think I also had a port change to modern rc.d files and I had to set
> the _enable variable in /etc/rc.conf but missed the port message because
> portupgrade scrolled it right off the screen so when the server
> restarted the daemon did not...

I've had that exact issue with RCng several times, as ports change their
rc scripts.

I've also run into situations with NFS dependencies between systems
that make startup order of daemons very important to get right.

-T


-- 
I work for an investment bank. I have dealt with code written by stock
exchanges. I have seen how the computer systems that store your money are run.
If I ever make a fortune, I will store it in gold bullion under my bed.
    - A.S.R. quote (Matthew Crosby)


From o_sleep at belovedarctos.com  Mon Aug 14 19:49:05 2006
From: o_sleep at belovedarctos.com (Bjorn Nelson)
Date: Mon, 14 Aug 2006 19:49:05 -0400
Subject: [nycbug-talk] traceroute postcard, DENIED
In-Reply-To: <c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
References: <A5B6D864-0B12-4DFE-AAB9-7E90B545AEE0@lesmuug.org>
	<c1feb8190608040853w2cd0959ctc1701c3a86341573@mail.gmail.com>
Message-ID: <83DAB55C-BF03-4326-9107-D39CDFEDBC44@belovedarctos.com>

Ike,

On Aug 4, 2006, at 11:53 AM, Jeff Quast wrote:

> On 8/4/06, Isaac Levy <ike at lesmuug.org> wrote:
>> Hey All,
>>
>> Was trying to traceroute from my cingular GPRS line in Vegas, so I
>> could send list a traceroute postcard.... but totally denied, (even
>> via icmp with the -I flag) :(
>>
>
> tcptraceroute, it should be in ports

George Georgalis has recommended mtr to me in the past for this kind  
of thing.  You could try that as well although it's probably using  
the same method.

-Bjorn


From ike at lesmuug.org  Tue Aug 15 02:36:07 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Tue, 15 Aug 2006 02:36:07 -0400
Subject: [nycbug-talk] SATA RAID options under FBSD 4.x
In-Reply-To: <Pine.OSX.4.61.0608121830180.14670@white.nat.fasttrackmonkey.com>
References: <Pine.OSX.4.61.0608121830180.14670@white.nat.fasttrackmonkey.com>
Message-ID: <CDACF140-95B8-4496-B348-EEA63C1756CD@lesmuug.org>

On Aug 12, 2006, at 6:33 PM, Charles Sprickman wrote:

> Hi all,
>
> What's out there for somewhat high performance RAID controllers under
> FreeBSD 4.x?

OMG- return of the living dead thread!!!!!

Good luck Charles...  You know I feel you on this.

Rocket-
.ike




From techneck at goldenpath.org  Tue Aug 15 11:14:41 2006
From: techneck at goldenpath.org (Tim Allender)
Date: Tue, 15 Aug 2006 11:14:41 -0400
Subject: [nycbug-talk] Exploring pfSense (and an issue with States)
Message-ID: <44E1E4E1.3090306@goldenpath.org>

After reading the topic for next months meeting, I looked into monowall 
and pfsense.
We had a little linksys router facilitating our DSL connection and I've 
been thinking of switching that out since I came to this company.
So, after rolling out a batch of computers I took one of the old ones 
and, last Friday installed pfSense on it and switched out the linksys.
(PIII 550 MHz, 384 Mgs)
I'm very impressed.
I re-setup the VPNs we are using.
Switched it over to the "Advanced Outgoing NAT" to get NAT working for 
our Jersey network as well.
(Not cool, I know, but they get their internet over our T1. Hey, that's 
the way I found it =)

So.... last night, from home, I figured I'd just take a peek at whats 
all up and open on the office network in the middle of the night.
I have a VPN connection to my house, so I just nmap the 10/24 network.
And, I'm watching the pfSense interface the whole time.
# of States starts going up.
And up.
And up.
Around 8000ish states I'm thinking, "hmm, I wonder what happens when we 
exceed the maximum."
(Oh yea, baby. Load test time!)
And I figure, "hey, worst case scenario, I reboot and restore the back 
up, no problem"

After 10005 states, it went to "Undefined", my shell froze (not 
disconnected) but froze up as if the machine was hung.
The http server stopped responding.

All new connection attempts failed. No ping, nothing.

I figured something like that'd happen. But, I wanted to see for myself 
at an off time.
I figured that either the states will expire and everything will be ok 
again. Or, I'll just go in a little early and reboot the box.
Everything was fine and back to normal in the morning after the states 
had expired.

So, my experience leaves me with some questions:

1. Max number of states:
I can change the max number of states. But why is 10000 the default? and 
what impact will raising it have?
I figure this states table is stored in memory. What's a reasonable 
maximum for 384 megs? These states have to be processed, though, so it's 
a processing power limitation too, no?
If I raise it very high, and then under heavy load it runs out of 
memory, what happens?
Will pfSense do the smart thing and start dropping the oldest inactive 
states? ~Is~ that the smart thing? And, I guess either it isn't or it 
won't otherwise it probably would have done it in this case.

2: Time to expire / Peremptory clean up of states:
Can I change the amount of time states remain in the table, maybe based 
on state type, protocol type or other factors? and what impact would 
that have?
Is there a way to selectively drop states based on priority as the state 
table approaches capacity?

3. Hardware
I like that I can do more with less. But, I'm looking at my options 
here. If I have a choice, and it's reasonable, I'd rather have more than 
less.
Soekris is cool. But their top of the line boxes are only half of what 
this super craptacular box is that I'm working with here.
What about other barebones embedded architectures? I'm thinking, like, 
Soekris only with PowerPC procs and memory sockets (as opposed to 
soldered memory).
And, why for godsakes do these things never come with gigabit or fe 
ports? Yes, I realize that for WAN routing 100mbps is 10x more than 
adequet.
But, I'd like to break the LAN down into subnets and I'd need to route 
them, at 1 gig+ speeds to the application servers if I can.
When we say "FreeBSD runs on ppc architecture," what boxes are we 
talking about? Who sells it? Are we talking about embedded boxes?
What other architectures (that fbsd runs on) are popular for embedded 
systems?


From george at sddi.net  Tue Aug 15 16:13:17 2006
From: george at sddi.net (George R.)
Date: Tue, 15 Aug 2006 16:13:17 -0400
Subject: [nycbug-talk] from Dru's blog. . .
Message-ID: <44E22ADD.8010606@sddi.net>

http://tinyurl.com/go7lv

g


From ahpook at verizon.net  Tue Aug 15 20:20:08 2006
From: ahpook at verizon.net (Ah Pook)
Date: Tue, 15 Aug 2006 20:20:08 -0400
Subject: [nycbug-talk] Gaim transfers with pf
Message-ID: <200608152020.09527.ahpook@verizon.net>

Help!  How?!

Is there some sort of magical secret to getting file transfers to work 
in Gaim through pf?  I dimly remember them working at some point, but 
that was so long ago I have no idea what changed.  Outgoing seems ok.  
Incoming just times out, and the other side claims I've cancelled.  I 
think all the relevant ports are forwarded, but I'd love to know if 
anybody has this working before I spend another 80 hours fiddling 
around.

Gaim is 1.5.0, pf is from obsd 3.8 release.


From ike at lesmuug.org  Tue Aug 15 21:54:24 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Tue, 15 Aug 2006 21:54:24 -0400
Subject: [nycbug-talk] from Dru's blog. . .
In-Reply-To: <44E22ADD.8010606@sddi.net>
References: <44E22ADD.8010606@sddi.net>
Message-ID: <42BC53D0-166D-4B8A-B50C-D34802744571@lesmuug.org>

On Aug 15, 2006, at 4:13 PM, George R. wrote:

> http://tinyurl.com/go7lv
>
> g

/me rubs my eyes, wonders if this is for real?  Hot stuff.

Rocket-
.ike




From nycbug at chrisbuechler.com  Tue Aug 15 18:54:28 2006
From: nycbug at chrisbuechler.com (Chris Buechler)
Date: Tue, 15 Aug 2006 18:54:28 -0400
Subject: [nycbug-talk] Exploring pfSense (and an issue with States)
In-Reply-To: <44E1E4E1.3090306@goldenpath.org>
References: <44E1E4E1.3090306@goldenpath.org>
Message-ID: <44E250A4.5030309@chrisbuechler.com>

Tim Allender wrote:
> After reading the topic for next months meeting, I looked into monowall 
> and pfsense.
>   

Very cool!  first I've heard of that topic at the meeting. 

You're in luck, a core contributing member of both projects happens to 
hang out here, though I'm almost half way across the country from NYC 
(met Ike and others up at BSDCan the last couple years).  :) 

<snip>
> After 10005 states, it went to "Undefined", my shell froze (not 
> disconnected) but froze up as if the machine was hung.
> The http server stopped responding.
>
> All new connection attempts failed. No ping, nothing.
>
> I figured something like that'd happen. But, I wanted to see for myself 
> at an off time.
>   

Yep, once the max number is hit, no new connections will be accepted.  
That means you'll lose your web GUI access (with all the ajax, it can 
open several dozen states per webGUI session alone), though SSH, as long 
as you use keepalives in the client, should not drop (existing 
connection, existing state). 


> I figured that either the states will expire and everything will be ok 
> again. Or, I'll just go in a little early and reboot the box.
> Everything was fine and back to normal in the morning after the states 
> had expired.
>   

With most normal traffic, the application will close out the states 
itself, so you won't have to wait for the timeout.  Behavior of port 
scanners will vary. 

> So, my experience leaves me with some questions:
>
> 1. Max number of states:
> I can change the max number of states. But why is 10000 the default? and 
> what impact will raising it have?
>   

10,000 is the default because it's more than most networks will need, 
and is low enough to make running in 64 MB RAM feasible. 


> I figure this states table is stored in memory. What's a reasonable 
> maximum for 384 megs? 
The general rule of thumb with pf is ~1 KB RAM per state.  You could 
probably use 300 MB RAM for states alone (depending on what other 
features you use), so you could have 300K+ states.  


> These states have to be processed, though, so it's 
> a processing power limitation too, no?
>   

That wouldn't really be directly related to the number of states, 
though.  Packets per second, and throughput, are very CPU-dependent.  
It's unlikely you could push enough pps or Mbps through a 500 MHz box to 
exhaust a 100K state table (which in a typical network with mostly web 
and mail traffic would probably mean somewhere around a 100 Mb Internet 
pipe, but it varies widely, so it's impossible to accurately guess). 

It's fair to say states are only limited by RAM, but your ability to 
fill those states is limited by CPU and the quality of your NIC's. 


> If I raise it very high, and then under heavy load it runs out of 
> memory, what happens?
>   

On a full install, it'll just start swapping to disk, and you'll end up 
with the performance problems stemming from that.  It's highly unlikely 
you'd run out of RAM with 384 MB, unless there was a problem. 


> Will pfSense do the smart thing and start dropping the oldest inactive 
> states? 

It won't drop anything prematurely.  If you're out of RAM and swap (or 
don't have swap), processes will start dying because they're out of 
memory, and the whole system will turn into a mess pretty quickly.  The 
system itself should continue to work, but userland things like the 
webGUI, caching DNS server, etc. will die.  The system will never "fail 
open" though. 

The point isn't what happens when you run out of memory, it's avoiding 
that happening in the first place.  :)  With 384 MB RAM, you'll never 
see that happen. 


> 2: Time to expire / Peremptory clean up of states:
> Can I change the amount of time states remain in the table, maybe based 
> on state type, protocol type or other factors? and what impact would 
> that have?
> Is there a way to selectively drop states based on priority as the state 
> table approaches capacity?
>   

You can only change the state lifetime globally, but there are several 
state-related advanced options on the rules pages.  So you can set it up 
so, say, outbound HTTP is allowed no more than 10K states of a 30K state 
table, and SMTP is allowed 5K, etc. etc.  It's very flexible and 
powerful with all the advanced options, there are plenty of commercial 
enterprise class firewalls that can't do that. 


> 3. Hardware
> I like that I can do more with less. But, I'm looking at my options 
> here. If I have a choice, and it's reasonable, I'd rather have more than 
> less.
> Soekris is cool. But their top of the line boxes are only half of what 
> this super craptacular box is that I'm working with here.
>   

Yep - your only considerations, if looking at PC vs. embedded, would be 
power cost and consumption, heat dissipation, noise, and reliability.  
that 500 MHz box probably takes around 75 wt, while a Soekris or WRAP 
board will run at around 3-4 wt.  It's nowhere near enough of a 
difference cost-wise, even if running 24/7/365, to make up for the cost 
of the box.  If heat and noise are a concern, or high reliability (no 
moving parts on embedded, vs. an old PC that could die at any time) then 
I'd suggest looking at embedded systems. 

You mention Soekris, lately I've preferred PC Engines WRAP systems due 
to lower cost for essentially the same thing.  A WRAP is the same as a 
4801, minus the SFF IDE and PCI slot, but around the same price as a 
4501 (if not cheaper).  Netgate (www.netgate.com) is my preferred source 
in the US. 


> What about other barebones embedded architectures? I'm thinking, like, 
> Soekris only with PowerPC procs and memory sockets (as opposed to 
> soldered memory).
>   

eh, I'd stick with x86 personally.  Hacom has several options for mid 
range to higher end equipment, I have some of their hardware that 
they've donated for m0n0wall and pfsense testing purposes and it's been 
great.  http://www.hacom.net/

I also have one of these:
http://linitx.com/product_info.php?products_id=909

I got it after a couple other project members messed with it, so I'm not 
sure if it actually came over to the US from the UK, or where it came 
from (it was donated by LinITX).  I know you can get them in the US 
though.  I use it for my core router at home, routing several VLAN's on 
my home network.  (just because I can...)  :) 


> And, why for godsakes do these things never come with gigabit or fe 
> ports? 

The vast majority of them don't have the processor power to push 100 Mb, 
much less 1 Gb.  Through a Soekris 4501, you can get ~17 Mb with 
m0n0wall, ~12 Mb with pfsense (the difference entirely due to 
performance differences between FreeBSD 4.x and 6.x, stock OS 
installations perform identically).  A Soekris 4801 or WRAP will get you 
in the mid 40 Mb range on FreeBSD 4.x, in the low 30 Mb on 6.x.  Your 
500 MHz will probably get 50-75 Mb, depending on what kind of NIC's you 
have in it.  To push gig at wire speed, you need a ~2+ GHz or so, plus 
good NIC's and a bus sufficient to holding up to such abuse (i.e. PCI-X 
or PCI-e, not 32 bit PCI). 

> But, I'd like to break the LAN down into subnets and I'd need to route 
> them, at 1 gig+ speeds to the application servers if I can.
>   

The only really good way to do this is to use a L3 switch.  No firewall 
or router will ever be able to match the kind of performance a L3 switch 
will give you.  But I know there are people out there running pfsense on 
Dell PowerEdge 2850 dual Xeon 3.6 systems, new HP dual Xeons, etc. that 
route gig speeds.  That's far from a box you can slap together from 
spare parts though.  Or if it is, can I scavenge through your spare 
parts?  :) 

If you need wire speed gigabit performance, look at a new(er) 1U or 2U 
standard server, with onboard gig NIC's. 

hope that cleared up more questions than it raises.  :) 

cheers,
-Chris


From pete at nomadlogic.org  Wed Aug 16 12:45:05 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Wed, 16 Aug 2006 12:45:05 -0400
Subject: [nycbug-talk] Gaim transfers with pf
In-Reply-To: <200608152020.09527.ahpook@verizon.net>
References: <200608152020.09527.ahpook@verizon.net>
Message-ID: <20060816164451.GA43501@sunset.nomadlogic.org>

On Tue, Aug 15, 2006 at 08:20:08PM -0400, Ah Pook wrote:
> Help!  How?!
> 
> Is there some sort of magical secret to getting file transfers to work 
> in Gaim through pf?  I dimly remember them working at some point, but 
> that was so long ago I have no idea what changed.  Outgoing seems ok.  
> Incoming just times out, and the other side claims I've cancelled.  I 
> think all the relevant ports are forwarded, but I'd love to know if 
> anybody has this working before I spend another 80 hours fiddling 
> around.
> 
> Gaim is 1.5.0, pf is from obsd 3.8 release.

hmm..my crystal ball seems to be not working well today, maybe post your
pf rule set so we can help you.

-p


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From ahpook at verizon.net  Wed Aug 16 13:13:41 2006
From: ahpook at verizon.net (Ah Pook)
Date: Wed, 16 Aug 2006 13:13:41 -0400
Subject: [nycbug-talk] Gaim transfers with pf
In-Reply-To: <20060816164451.GA43501@sunset.nomadlogic.org>
References: <200608152020.09527.ahpook@verizon.net>
	<20060816164451.GA43501@sunset.nomadlogic.org>
Message-ID: <200608161313.41501.ahpook@verizon.net>

On Wednesday 16 August 2006 12:45 pm, Pete Wright wrote:
> hmm..my crystal ball seems to be not working well today, maybe post
> your pf rule set so we can help you.

Sorry, it was meant to be more of a "does anyone have this working or 
not?" question.  Seems to be a Gaim issue - file transfers are monkeyed 
if both people are behind NAT boxes.  <oblig OT noise apology>


From ike at lesmuug.org  Wed Aug 16 14:56:53 2006
From: ike at lesmuug.org (Isaac Levy)
Date: Wed, 16 Aug 2006 14:56:53 -0400
Subject: [nycbug-talk] Some Used Hardware Cheap
References: <D4A65BEE231964448F27948FA4DB95710190BBEC@exchange.jungle.local>
Message-ID: <F94D3F43-487B-41AC-96BC-8912B1FDD2B6@lesmuug.org>

Hi Folks,

Hardware heads-up:

An associate of mine  is moving their office, they have a bunch of  
stuff for sale 'no reasonable offer refused' (i.e. they are moving  
tomorrow, and need to get rid of the stuff, so cheap..)

Not listed below, they also have a Cisco 2610 that's on it's way out  
the door- and misc. hubs/etc...

Location:
SoHo
150 Varick Street, New York, NY 10013

Contact:
Sean 212-918-0104

Timing:
TOMORROW.

Best,
.ike



Begin forwarded message:

> Subject: Jungle Inventory
>
> Computers:
>
> 6 - Power Mac G4
>
> 6 ? Imac
>
> 3 ? Acer Veritron 7100
>
>
>
> Monitors:
>
> 6 ? Avitron 19? monitors
>
> 7 ? Acer Veritron V771 monitors
>
> 1 ? View Sonic G5790 monitors
>
>
>
> Laptops:
>
> Acer Travelmate 524TE
>
> Dell Latitude C600
>
> Dell Latitude CSx
>
> Compaq Presario 1200
>
> Acer Travelmate 612TXCi
>
> IBM Thinkpad A21e
>
> 3 ? IBM Thinkpad  i Series




From techneck at goldenpath.org  Thu Aug 17 14:19:27 2006
From: techneck at goldenpath.org (Tim Allender)
Date: Thu, 17 Aug 2006 14:19:27 -0400
Subject: [nycbug-talk] Xen curious
Message-ID: <44E4B32F.2070508@goldenpath.org>

I'm glad to read that Xen and Intel's VT (Vanderpool) have made it 
currently possible to run unmodified Windows OS's as guests.

I've not seen it done yet, myself. I'm thinking of giving it a try this 
weekend and I'm wondering if any one else out there's doing this
on FreeBSD (or any other platform, whatever).

Tim


From mspitzer at gmail.com  Fri Aug 18 19:16:52 2006
From: mspitzer at gmail.com (Marc Spitzer)
Date: Fri, 18 Aug 2006 19:16:52 -0400
Subject: [nycbug-talk] book sale
Message-ID: <8c50a3c30608181616lfdae6d9k86eeade1b8ac2c69@mail.gmail.com>

$9 books at:
http://www.syngress.com/bookseries/?series=Number%209

-- 
"We trained very hard, but it seemed that every time we were beginning to
form into teams we would be reorganized. I was to learn later in life that
we tend to meet any new situation by reorganizing, and a wonderful method it
can be for creating the illusion of progress, while producing confusion,
inefficiency and demoralization."
-Gaius Petronius, 1st Century AD


From joshmccormack at travelersdiary.com  Fri Aug 18 20:06:02 2006
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Fri, 18 Aug 2006 20:06:02 -0400
Subject: [nycbug-talk] contact manager (w/ phone syn?)
Message-ID: <e22ad7830608181706i7e563a3co35a2a07a74c6cf5@mail.gmail.com>

Is there any contact manager for *BSDs that people especially like?
Ideally it would syn with cell phones somehow.

I've tried to live with Plaxo, but it's just not doing it for me.


Josh


From techneck at goldenpath.org  Mon Aug 21 13:20:05 2006
From: techneck at goldenpath.org (Tim Allender)
Date: Mon, 21 Aug 2006 13:20:05 -0400
Subject: [nycbug-talk] contact manager (w/ phone syn?)
In-Reply-To: <e22ad7830608181706i7e563a3co35a2a07a74c6cf5@mail.gmail.com>
References: <e22ad7830608181706i7e563a3co35a2a07a74c6cf5@mail.gmail.com>
Message-ID: <44E9EB45.1040804@goldenpath.org>

I'm wondering the same thing, with a bit of a twist.
I remember some mention of people running things like perl or python on 
their cell phones, and thinking to myself recently,
"Hmm.... Perl (or python) contact manager?"

I've not found the time to look further into it, yet. But if any of you 
want to share your phone cell hacking secrets, the drinks are on me!

Tim

Josh McCormack wrote:
> Is there any contact manager for *BSDs that people especially like?
> Ideally it would syn with cell phones somehow.
>
> I've tried to live with Plaxo, but it's just not doing it for me.
>
>
> Josh
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>   



From lists at genoverly.net  Mon Aug 21 13:49:05 2006
From: lists at genoverly.net (michael)
Date: Mon, 21 Aug 2006 13:49:05 -0400
Subject: [nycbug-talk] interesting take on securing data
Message-ID: <20060821134905.29807b9a@openpad.genoverly.com>

Securing data by scattering the pieces

New software divides digital documents and other files into slices,
then stores the slices on the Internet. 

By John Markoff
The New York Times
Published: August 20, 2006, 9:50 PM PDT 


http://news.com.com/Securing+data+by+scattering+the+pieces/2100-7355_3-6107557.html

-- 

michael


From joshmccormack at travelersdiary.com  Mon Aug 21 14:41:05 2006
From: joshmccormack at travelersdiary.com (Josh McCormack)
Date: Mon, 21 Aug 2006 14:41:05 -0400
Subject: [nycbug-talk] contact manager (w/ phone syn?)
In-Reply-To: <44E9EB04.5040409@goldenpath.org>
References: <e22ad7830608181706i7e563a3co35a2a07a74c6cf5@mail.gmail.com>
	<44E9EB04.5040409@goldenpath.org>
Message-ID: <e22ad7830608211141h648bdf62s4cdc2dc572f51b37@mail.gmail.com>

I think I might check if I can do this for a month, to try it out:
http://www.cingular.com/media/voicedial_addressbook
"VoiceDial safely stores thousands of numbers in your personal address
book. If you ever lose or change phones, you won't need to manually
re-enter all those names and numbers."  It stores them on their
network and you access your list over it. This should be free, but is
like $5/month, and it should sync up with your phone instead of
accessing the list on the network, but whatever....

KMobileTools looks interesting though not very documented and I'm
hesitate to bork my phone.

I'll probably try out Motorola's Mobile Phone Tools (Windows).

I know iSync (Mac) works to some extent, and I should be getting my
hands on a Mac soon, so I might try that.

I haven't found anything about Perl or Python or anything else very
interesting on my phone   - perhaps on Linux OS phones?

Josh




On 8/21/06, Tim Allender <techneck at goldenpath.org> wrote:
> I'm wondering the same thing, with a bit of a twist.
> I remember some mention of people running things like perl or python on
> their cell phones, and thinking to myself recently,
> "Hmm.... Perl (or python) contact manager?"
>
> I've not found the time to look further into it, yet. But if any of you
> want to share your phone cell hacking secrets, the drinks are on me!
>
> Tim
>
> Josh McCormack wrote:
> > Is there any contact manager for *BSDs that people especially like?
> > Ideally it would syn with cell phones somehow.
> >
> > I've tried to live with Plaxo, but it's just not doing it for me.
> >
> >
> > Josh
> > _______________________________________________
> > % NYC*BUG talk mailing list
> > http://lists.nycbug.org/mailman/listinfo/talk
> > %Be sure to check out our Jobs and NYCBUG-announce lists
> > %We meet the first Wednesday of the month
> >
>
>


From nycbug-list at 2xlp.com  Wed Aug 23 04:27:45 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Wed, 23 Aug 2006 04:27:45 -0400
Subject: [nycbug-talk] apache on freebsd
Message-ID: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>


I'm running modperl2 under freebsd / apache2 (prefork  , built from  
ports )

a 'startup.pl' file in the httpd.conf loads a ton of modules before  
apache forks, to take advantage of memory sharing

on my osx dev boxes, that means
	80 MB memory on parent apache
	10-20 MB memory per child process

on my freebsd6 box though, i'm seeing
	121 MB memory on parent apache
	121 MB memory per child process

i don't know why freebsd is using 40mb more memory, but right now i  
don't care.... my bigger problem is that apache is just not sharing  
memory

some friends on the mod-perl who use freebsd list are checking on  
things-- but i figured i should check to see if anyone here is  
running apache2 or apache2+modperl under freebsd6 and might have a  
clue from the other perspective

i've got the same apache binary running a few different ways on my  
server ( using different httpd.conf files to create tailored  
servers ).  from what i can tell, no apache processes are sharing  
memory, mod_perl or not.

anyone have an idea what could cause this?




From pete at nomadlogic.org  Wed Aug 23 11:20:45 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Wed, 23 Aug 2006 11:20:45 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
Message-ID: <20060823152041.GA36573@sunset.nomadlogic.org>

On Wed, Aug 23, 2006 at 04:27:45AM -0400, Jonathan Vanasco wrote:
> 
> I'm running modperl2 under freebsd / apache2 (prefork  , built from  
> ports )
> 
> a 'startup.pl' file in the httpd.conf loads a ton of modules before  
> apache forks, to take advantage of memory sharing
> 
> on my osx dev boxes, that means
> 	80 MB memory on parent apache
> 	10-20 MB memory per child process
> 
> on my freebsd6 box though, i'm seeing
> 	121 MB memory on parent apache
> 	121 MB memory per child process
> 
> i don't know why freebsd is using 40mb more memory, but right now i  
> don't care.... my bigger problem is that apache is just not sharing  
> memory
> 
> some friends on the mod-perl who use freebsd list are checking on  
> things-- but i figured i should check to see if anyone here is  
> running apache2 or apache2+modperl under freebsd6 and might have a  
> clue from the other perspective
> 
> i've got the same apache binary running a few different ways on my  
> server ( using different httpd.conf files to create tailored  
> servers ).  from what i can tell, no apache processes are sharing  
> memory, mod_perl or not.
> 
> anyone have an idea what could cause this?
> 
> 

couple questions, are the binaries built in the same manner on OSX and
6.1 (i.e. using same configure flag's).  also, are you loading the same
modules on each host at runtime?

what is the main concern about how much memory the apache process
is taking up, could it be that FreeBSD is being more aggressive in
caching?  also, is each child process taking up 121Megs of virtual
memory or resident memory (ps should show you this info in detail)?


-pete

-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From nycbug-list at 2xlp.com  Wed Aug 23 13:17:02 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Wed, 23 Aug 2006 13:17:02 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <20060823152041.GA36573@sunset.nomadlogic.org>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
Message-ID: <A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>


On Aug 23, 2006, at 11:20 AM, Pete Wright wrote:
> couple questions, are the binaries built in the same manner on OSX and
> 6.1 (i.e. using same configure flag's).

No, they're *slightly* different, though I've combed through the docs  
to see if anything could be at fault

  ----
OSX
	-D APR_USE_SYSVSEM_SERIALIZE
	-D APR_USE_PTHREAD_SERIALIZE
	-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT

FreeBSD
	Server loaded:  APR 0.9.12, APR-UTIL 0.9.12
	Compiled using: APR 0.9.12, APR-UTIL 0.9.12
	-D APR_HAS_SENDFILE
	-D APR_USE_FLOCK_SERIALIZE
  ----

> also, are you loading the same
> modules on each host at runtime?

They're both using the  same Perl modules.

For apache modules, they both have compiled in
   core.c
   prefork.c
   http_core.c
   mod_so.c

OSX has more compiled in:
   mod_access.c
   mod_auth.c
   mod_include.c
   mod_deflate.c
   mod_log_config.c
   mod_env.c
   mod_setenvif.c
   mod_mime.c
   mod_dav.c
   mod_status.c
   mod_autoindex.c
   mod_asis.c
   mod_cgi.c
   mod_dav_fs.c
   mod_negotiation.c
   mod_dir.c
   mod_imap.c
   mod_actions.c
   mod_userdir.c
   mod_alias.c
   mod_rewrite.c

FreeBSD handle
	alias
	acccess
	dir
	env
	mome
	log_config
	rewrite
as dso mods

FreeBSD doesn't have  anything extra , as its the production machine  
and supposed to be 'lean' (its behind a reverse proxy. ,lighty, soon  
to be nginx, is the port80 server )

Both are
	Apache/2.0.58

And load the  same versions of mod_perl and libapreq as their only  
dynamic modules

> what is the main concern about how much memory the apache process
> is taking up, could it be that FreeBSD is being more aggressive in
> caching?
> also, is each child process taking up 121Megs of virtual
> memory or resident memory (ps should show you this info in detail)?

on OSX, immediately after an httpd startup, Apache spawns
	1 parent server	80552  30796
	1 child server	76560   2960

freeBSD spawns
	1 parent 55148 51736
	1 child 	55412 51956

After 1  request,
	OSX child is + 14mb resident
	FreeBSD child is + 120k resident

The freebsd stuff is irking me, because on some startups I see it  
with 55 MB of RES + VMEM, and on others its with 120  (i always STOP  
then START the server.  restarts leak like a sieve )







From pete at nomadlogic.org  Wed Aug 23 13:48:19 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Wed, 23 Aug 2006 10:48:19 -0700 (PDT)
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
Message-ID: <31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>


>
> On Aug 23, 2006, at 11:20 AM, Pete Wright wrote:
>> couple questions, are the binaries built in the same manner on OSX and
>> 6.1 (i.e. using same configure flag's).
>
> No, they're *slightly* different, though I've combed through the docs
> to see if anything could be at fault
>
>   ----
> OSX
> 	-D APR_USE_SYSVSEM_SERIALIZE
> 	-D APR_USE_PTHREAD_SERIALIZE
> 	-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>
> FreeBSD
> 	Server loaded:  APR 0.9.12, APR-UTIL 0.9.12
> 	Compiled using: APR 0.9.12, APR-UTIL 0.9.12
> 	-D APR_HAS_SENDFILE
> 	-D APR_USE_FLOCK_SERIALIZE
>   ----
>
guessing here, but the SYSVSEM and PTHREAD options could cause a disparity
between memory usuage....this is the output from apachectl -V correct? 
you are using the prefork model correct (sorry can't remember).

<snipping modules for the moment>

>
>> what is the main concern about how much memory the apache process
>> is taking up, could it be that FreeBSD is being more aggressive in
>> caching?
>> also, is each child process taking up 121Megs of virtual
>> memory or resident memory (ps should show you this info in detail)?
>
> on OSX, immediately after an httpd startup, Apache spawns
> 	1 parent server	80552  30796
> 	1 child server	76560   2960
>
> freeBSD spawns
> 	1 parent 55148 51736
> 	1 child 	55412 51956
>
> After 1  request,
> 	OSX child is + 14mb resident
> 	FreeBSD child is + 120k resident

hmm...according to your results httpd on FreeBSD is only taking 120k
resident, while OSX is using 14megs resident.  the httpd is not taking any
requests either during these samples correct?
>
> The freebsd stuff is irking me, because on some startups I see it
> with 55 MB of RES + VMEM, and on others its with 120  (i always STOP
> then START the server.  restarts leak like a sieve )

hmm...wierd.  never seen the leak restarting apache via rc.d, it shouldn't
as it kills all httpd process the goes through the start function.  so
that may be a bug.


-p


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From nycbug-list at 2xlp.com  Wed Aug 23 14:41:44 2006
From: nycbug-list at 2xlp.com (Jonathan Vanasco)
Date: Wed, 23 Aug 2006 14:41:44 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
	<31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
Message-ID: <5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>


On Aug 23, 2006, at 1:48 PM, Peter Wright wrote:

>> OSX
>> 	-D APR_USE_SYSVSEM_SERIALIZE
>> 	-D APR_USE_PTHREAD_SERIALIZE
> uessing here, but the SYSVSEM and PTHREAD options could cause a  
> disparity
> between memory usuage....this is the output from apachectl -V correct?
> you are using the prefork model correct (sorry can't remember).

prefork, yes

-V, yes ( httpd -V , actually )

according to the docs, the 2 APR options only have to do with binding  
to the sockets.  i could be  wrong.  but i haven't foudn anything  
that would result in a memory difference like that.
>>

>> on OSX, immediately after an httpd startup, Apache spawns
>> 	1 parent server	80552  30796
>> 	1 child server	76560   2960
>>
>> freeBSD spawns
>> 	1 parent 55148 51736
>> 	1 child 	55412 51956
>>
>> After 1  request,
>> 	OSX child is + 14mb resident
>> 	FreeBSD child is + 120k resident
>
> hmm...according to your results httpd on FreeBSD is only taking 120k
> resident, while OSX is using 14megs resident.  the httpd is not  
> taking any
> requests either during these samples correct?

no.  the numbers above are vsize / resident after startup

the +120k / +14 mb are the resident sizes after one request

ie:

osx		76560 16960
freebsd	55412 52070

memory in mod_perl grows like crazy because of the way variables are  
allocated.
children tend to double in size within 500 requests-- at which time  
they're killed off my MaxRequestsPerChild and a new server with the  
parent's memory imprint is spawned

i've been going crazy trying to tame mp-- most developers just toss  
memory at the server and don't care as its 'faster than developer  
time' -- what they fail to remember, is that time is neither created  
nor destroyed.   that approach just shifts work onto whomever  
maintains the box.


> hmm...wierd.  never seen the leak restarting apache via rc.d, it  
> shouldn't
> as it kills all httpd process the goes through the start function.  so
> that may be a bug.

i don't use rc.d-- i just use a custom apachectl script (which might  
be similar to rc.d ).  i have 4 apaches running on my system (same  
binary, different configurations).  one is handled by the rc.d and  
system.  the rest have their own setups tailored to specific  
functions, and managed independantly.

apachectl restart jut reloads the confs and kills off the children.   
if you're using a mod_xxx interpreter, it'll often just double the  
size of whatever it loads.  its less of a bug and more of a  
behavior.  a hard stop / start is the only way to handle it.





From pete at nomadlogic.org  Wed Aug 23 14:57:09 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Wed, 23 Aug 2006 11:57:09 -0700 (PDT)
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
	<31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
	<5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
Message-ID: <62395.160.33.20.11.1156359429.squirrel@webmail.nomadlogic.org>


>
> On Aug 23, 2006, at 1:48 PM, Peter Wright wrote:
>
>>> OSX
>>> 	-D APR_USE_SYSVSEM_SERIALIZE
>>> 	-D APR_USE_PTHREAD_SERIALIZE
>> uessing here, but the SYSVSEM and PTHREAD options could cause a
>> disparity
>> between memory usuage....this is the output from apachectl -V correct?
>> you are using the prefork model correct (sorry can't remember).
>
> prefork, yes
>
> -V, yes ( httpd -V , actually )
>
> according to the docs, the 2 APR options only have to do with binding
> to the sockets.  i could be  wrong.  but i haven't foudn anything
> that would result in a memory difference like that.
>>>
>
>>> on OSX, immediately after an httpd startup, Apache spawns
>>> 	1 parent server	80552  30796
>>> 	1 child server	76560   2960
>>>
>>> freeBSD spawns
>>> 	1 parent 55148 51736
>>> 	1 child 	55412 51956
>>>
>>> After 1  request,
>>> 	OSX child is + 14mb resident
>>> 	FreeBSD child is + 120k resident
>>
>> hmm...according to your results httpd on FreeBSD is only taking 120k
>> resident, while OSX is using 14megs resident.  the httpd is not
>> taking any
>> requests either during these samples correct?
>
> no.  the numbers above are vsize / resident after startup
>
> the +120k / +14 mb are the resident sizes after one request
>
> ie:
>
> osx		76560 16960
> freebsd	55412 52070
>
> memory in mod_perl grows like crazy because of the way variables are
> allocated.
> children tend to double in size within 500 requests-- at which time
> they're killed off my MaxRequestsPerChild and a new server with the
> parent's memory imprint is spawned
>
> i've been going crazy trying to tame mp-- most developers just toss
> memory at the server and don't care as its 'faster than developer
> time' -- what they fail to remember, is that time is neither created
> nor destroyed.   that approach just shifts work onto whomever
> maintains the box.
>
>
>> hmm...wierd.  never seen the leak restarting apache via rc.d, it
>> shouldn't
>> as it kills all httpd process the goes through the start function.  so
>> that may be a bug.
>
> i don't use rc.d-- i just use a custom apachectl script (which might
> be similar to rc.d ).  i have 4 apaches running on my system (same
> binary, different configurations).  one is handled by the rc.d and
> system.  the rest have their own setups tailored to specific
> functions, and managed independantly.
>
> apachectl restart jut reloads the confs and kills off the children.
> if you're using a mod_xxx interpreter, it'll often just double the
> size of whatever it loads.  its less of a bug and more of a
> behavior.  a hard stop / start is the only way to handle it.
>
>


hmm...well you've stumped me on this one :)  havn't done mod_perl work in
ages for better or worse (moved to jakarta/tomcat)...

-p


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From george at galis.org  Wed Aug 23 15:44:30 2006
From: george at galis.org (George Georgalis)
Date: Wed, 23 Aug 2006 15:44:30 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
	<31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
	<5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
Message-ID: <20060823194430.GB11029@run.galis.org>

On Wed, Aug 23, 2006 at 02:41:44PM -0400, Jonathan Vanasco wrote:
>
>apachectl restart jut reloads the confs and kills off the children.   
>if you're using a mod_xxx interpreter, it'll often just double the  
>size of whatever it loads.  its less of a bug and more of a  
>behavior.  a hard stop / start is the only way to handle it.
>

I understand that you do not want to graceful when using mod_perl
-- known memory leak problem.  not sure what that means with restart,
but try changing your scripts to do a "stop", wait for pid, etc
then "start".

// George
 

-- 
George Georgalis, systems architect, administrator <IXOYE><


From josh at freek.com  Wed Aug 23 16:47:28 2006
From: josh at freek.com (Josh Rivel)
Date: Wed, 23 Aug 2006 16:47:28 -0400
Subject: [nycbug-talk] [OT] Looking for AUI transciever
Message-ID: <20060823204728.GC1575@freek.com>

I know this is quite off topic, but I figured with all the computer geeks
on this list, someone has one of these lying around that they aren't
using ;)  I need a AUI -> 10baseT transciever for a Cisco 2509 at work.
Or, if someone knows a place in NYC that sells 'em.  I already tried
Cables and Chips and J&R, neither of them carry them.

I will gladly pick up/pay you for your trouble, I work in lower NYC.

Thanks...

Josh


From george at galis.org  Wed Aug 23 20:19:12 2006
From: george at galis.org (George Georgalis)
Date: Wed, 23 Aug 2006 20:19:12 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <20060823194430.GB11029@run.galis.org>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
	<31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
	<5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
	<20060823194430.GB11029@run.galis.org>
Message-ID: <20060824001912.GC11029@run.galis.org>

On Wed, Aug 23, 2006 at 03:44:30PM -0400, George Georgalis wrote:
>On Wed, Aug 23, 2006 at 02:41:44PM -0400, Jonathan Vanasco wrote:
>>
>>apachectl restart jut reloads the confs and kills off the children.   
>>if you're using a mod_xxx interpreter, it'll often just double the  
>>size of whatever it loads.  its less of a bug and more of a  
>>behavior.  a hard stop / start is the only way to handle it.
>>
>
>I understand that you do not want to graceful when using mod_perl
>-- known memory leak problem.  not sure what that means with restart,
>but try changing your scripts to do a "stop", wait for pid, etc
>then "start".
>

heh, and I thought I was making a contribution!

// George


-- 
George Georgalis, systems architect, administrator <IXOYE><


From pete at nomadlogic.org  Thu Aug 24 18:26:41 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Thu, 24 Aug 2006 15:26:41 -0700 (PDT)
Subject: [nycbug-talk] postgres incremental backups?
Message-ID: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>

Hi All,
I have a postgres 7.4.x database which we will be using for a data
warehousing project.  We project the initial database clusters will be in
the ~200-300gig range (served from a NetApp volume).  As I mentioned we
are using release 7.4, as we have experienced stability problems with 8.x
in some specific circumstances.  Is there a good way to do incremental
backups of pgsql db's that does not require taking the database down?  I
guess I am looking for something similar to PITR (point in time recovery)
for 7.4.x.  What are other folks out there using?

thanks!
-pete


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From bob at redivi.com  Thu Aug 24 18:55:04 2006
From: bob at redivi.com (Bob Ippolito)
Date: Thu, 24 Aug 2006 15:55:04 -0700
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
Message-ID: <6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>

On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
> Hi All,
> I have a postgres 7.4.x database which we will be using for a data
> warehousing project.  We project the initial database clusters will be in
> the ~200-300gig range (served from a NetApp volume).  As I mentioned we
> are using release 7.4, as we have experienced stability problems with 8.x
> in some specific circumstances.  Is there a good way to do incremental
> backups of pgsql db's that does not require taking the database down?  I
> guess I am looking for something similar to PITR (point in time recovery)
> for 7.4.x.  What are other folks out there using?

The only thing I can think of is Slony-I [1]. It should cover all of
your needs and give you a safe online way to replicate your cluster to
some future 8.1.x or 8.2 when the time comes.

Out of curiosity, what kind of stability problems are you referring to?

[1] http://slony.info/

-bob


From pete at nomadlogic.org  Thu Aug 24 19:19:59 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Thu, 24 Aug 2006 16:19:59 -0700 (PDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
Message-ID: <5962.160.33.20.11.1156461599.squirrel@webmail.nomadlogic.org>


> On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
>> Hi All,
>> I have a postgres 7.4.x database which we will be using for a data
>> warehousing project.  We project the initial database clusters will be
>> in
>> the ~200-300gig range (served from a NetApp volume).  As I mentioned we
>> are using release 7.4, as we have experienced stability problems with
>> 8.x
>> in some specific circumstances.  Is there a good way to do incremental
>> backups of pgsql db's that does not require taking the database down?  I
>> guess I am looking for something similar to PITR (point in time
>> recovery)
>> for 7.4.x.  What are other folks out there using?
>
> The only thing I can think of is Slony-I [1]. It should cover all of
> your needs and give you a safe online way to replicate your cluster to
> some future 8.1.x or 8.2 when the time comes.
>

great thanks bob, i'll have to check that out!

> Out of curiosity, what kind of stability problems are you referring to?
>
i did not have first hand experience with it (and the dev. left who was
running into the problem) but from what I understood was that we were
having bad transaction log's fill our cluster volume pretty quickly.  he
submitted a bug (BUG #2104: pg_xlog/ trace files not reclaimed by server).
 to tell you the truth - i am not sure if the bug is a side effect of his
code/app or if it is an issue with postgres....



-p



-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From alex at pilosoft.com  Thu Aug 24 19:25:40 2006
From: alex at pilosoft.com (alex at pilosoft.com)
Date: Thu, 24 Aug 2006 19:25:40 -0400 (EDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
Message-ID: <Pine.LNX.4.44.0608241924540.1311-100000@bawx.pilosoft.com>

On Thu, 24 Aug 2006, Peter Wright wrote:

> I have a postgres 7.4.x database which we will be using for a data
> warehousing project.  We project the initial database clusters will be
> in the ~200-300gig range (served from a NetApp volume).  As I mentioned
> we are using release 7.4, as we have experienced stability problems with
> 8.x in some specific circumstances.  Is there a good way to do
> incremental backups of pgsql db's that does not require taking the
> database down?  I guess I am looking for something similar to PITR
> (point in time recovery) for 7.4.x.  What are other folks out there
> using?
7.4 at this point might be as well called prehistoric. Upgrade.

What problems have you seen with 8.x?

-alex



From bob at redivi.com  Thu Aug 24 19:42:15 2006
From: bob at redivi.com (Bob Ippolito)
Date: Thu, 24 Aug 2006 16:42:15 -0700
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <5962.160.33.20.11.1156461599.squirrel@webmail.nomadlogic.org>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
	<5962.160.33.20.11.1156461599.squirrel@webmail.nomadlogic.org>
Message-ID: <6a36e7290608241642m3ae2cfc9k8a87aa73c1810d4f@mail.gmail.com>

On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
>
> > On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
> >> Hi All,
> >> I have a postgres 7.4.x database which we will be using for a data
> >> warehousing project.  We project the initial database clusters will be
> >> in
> >> the ~200-300gig range (served from a NetApp volume).  As I mentioned we
> >> are using release 7.4, as we have experienced stability problems with
> >> 8.x
> >> in some specific circumstances.  Is there a good way to do incremental
> >> backups of pgsql db's that does not require taking the database down?  I
> >> guess I am looking for something similar to PITR (point in time
> >> recovery)
> >> for 7.4.x.  What are other folks out there using?
> >
> > The only thing I can think of is Slony-I [1]. It should cover all of
> > your needs and give you a safe online way to replicate your cluster to
> > some future 8.1.x or 8.2 when the time comes.
> >
>
> great thanks bob, i'll have to check that out!
>
> > Out of curiosity, what kind of stability problems are you referring to?
> >
> i did not have first hand experience with it (and the dev. left who was
> running into the problem) but from what I understood was that we were
> having bad transaction log's fill our cluster volume pretty quickly.  he
> submitted a bug (BUG #2104: pg_xlog/ trace files not reclaimed by server).
>  to tell you the truth - i am not sure if the bug is a side effect of his
> code/app or if it is an issue with postgres....

That's odd, I've got about 6 PG 8.1 installations of a couple hundred
GB each and I haven't seen anything like that. It also sounds like he
couldn't reproduce the issue.

My only guess is that he forgot to vacuum ever.. cause if you roll
over two billion transactions or whatever without vacuuming then
you've got problems. PG 8.1 has autovacuum (and previous versions had
an autovacuum daemon in contrib) that makes that pretty much a
non-issue... but you do have to turn it on either way. I think the
FreeBSD port has a cron job for a nightly vacuum though, but who knows
what the issue was.

My suggestion would be to get Slony-I up and going, and then replicate
to an 8.1 DB and see if anything like that happens over a few months..
and if not, then switch that to the master and upgrade all of the
machines to 8.1... or just wait for 8.2 and try that.

Another option is Bizgres.. the open source bizgres lives somewhere
between the current stable release and the next release (e.g. bizgres
used to be 8.0 with partitioned tables, now it's 8.1 with bitmap
indexes and an improved sort).

The commercial bizgres is expensive but sounds like it would be good
for really big databases because it scales over a cluster (both in
storage and query execution, but the way it locks doesn't sound
suitable for all apps).

-bob


From pete at nomadlogic.org  Thu Aug 24 19:56:06 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Thu, 24 Aug 2006 16:56:06 -0700 (PDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <6a36e7290608241642m3ae2cfc9k8a87aa73c1810d4f@mail.gmail.com>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
	<5962.160.33.20.11.1156461599.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241642m3ae2cfc9k8a87aa73c1810d4f@mail.gmail.com>
Message-ID: <13577.160.33.20.11.1156463766.squirrel@webmail.nomadlogic.org>


> On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
>>
>> > On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
>> >> Hi All,
>> >> I have a postgres 7.4.x database which we will be using for a data
>> >> warehousing project.  We project the initial database clusters will
>> be
>> >> in
>> >> the ~200-300gig range (served from a NetApp volume).  As I mentioned
>> we
>> >> are using release 7.4, as we have experienced stability problems with
>> >> 8.x
>> >> in some specific circumstances.  Is there a good way to do
>> incremental
>> >> backups of pgsql db's that does not require taking the database down?
>>  I
>> >> guess I am looking for something similar to PITR (point in time
>> >> recovery)
>> >> for 7.4.x.  What are other folks out there using?
>> >
>> > The only thing I can think of is Slony-I [1]. It should cover all of
>> > your needs and give you a safe online way to replicate your cluster to
>> > some future 8.1.x or 8.2 when the time comes.
>> >
>>
>> great thanks bob, i'll have to check that out!
>>
>> > Out of curiosity, what kind of stability problems are you referring
>> to?
>> >
>> i did not have first hand experience with it (and the dev. left who was
>> running into the problem) but from what I understood was that we were
>> having bad transaction log's fill our cluster volume pretty quickly.  he
>> submitted a bug (BUG #2104: pg_xlog/ trace files not reclaimed by
>> server).
>>  to tell you the truth - i am not sure if the bug is a side effect of
>> his
>> code/app or if it is an issue with postgres....
>
> That's odd, I've got about 6 PG 8.1 installations of a couple hundred
> GB each and I haven't seen anything like that. It also sounds like he
> couldn't reproduce the issue.
>
> My only guess is that he forgot to vacuum ever.. cause if you roll
> over two billion transactions or whatever without vacuuming then
> you've got problems. PG 8.1 has autovacuum (and previous versions had
> an autovacuum daemon in contrib) that makes that pretty much a
> non-issue... but you do have to turn it on either way. I think the
> FreeBSD port has a cron job for a nightly vacuum though, but who knows
> what the issue was.
>
> My suggestion would be to get Slony-I up and going, and then replicate
> to an 8.1 DB and see if anything like that happens over a few months..
> and if not, then switch that to the master and upgrade all of the
> machines to 8.1... or just wait for 8.2 and try that.
>
> Another option is Bizgres.. the open source bizgres lives somewhere
> between the current stable release and the next release (e.g. bizgres
> used to be 8.0 with partitioned tables, now it's 8.1 with bitmap
> indexes and an improved sort).
>
> The commercial bizgres is expensive but sounds like it would be good
> for really big databases because it scales over a cluster (both in
> storage and query execution, but the way it locks doesn't sound
> suitable for all apps).
>
> -bob
>

yea, i wasn't too sure exactly how much trouble shooting he put into
getting his code to play nice with 8.x.  i'm sure he was vacuuming/etc as
we talked about that - so for lack of further evidence i'm guessing his
code was doing something nasty (at the time of the bug report it was
causing a deadlock for example).

for this data warehousing project i think i'm going to recommend using 8.x
(despite the fact that we generally try to shy away from non-vendor built
applications for business critical tasks...sigh redhat...but that's
another sad story).  the code that was causing problems before has a much
differnent load profile than the code we will be implementing on this new
cluster - so i feel a bit safer in my decision.

thanks for your input!

-pete



-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From spork at bway.net  Thu Aug 24 22:10:38 2006
From: spork at bway.net (Charles Sprickman)
Date: Thu, 24 Aug 2006 22:10:38 -0400 (EDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
Message-ID: <Pine.OSX.4.61.0608242208270.291@white.nat.fasttrackmonkey.com>

On Thu, 24 Aug 2006, Bob Ippolito wrote:

> The only thing I can think of is Slony-I [1]. It should cover all of
> your needs and give you a safe online way to replicate your cluster to
> some future 8.1.x or 8.2 when the time comes.
>
> [1] http://slony.info/

Just out of curiousity, is Slony the de-facto replication solution for 
Postgres?  I remember last time I looked (quite some time ago) there were 
a variety of solutions...  I don't recall if any were particularly mature 
at the time.

Thanks,

Charles

> -bob
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
>


From dan at langille.org  Thu Aug 24 22:52:27 2006
From: dan at langille.org (Dan Langille)
Date: Thu, 24 Aug 2006 22:52:27 -0400
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <Pine.OSX.4.61.0608242208270.291@white.nat.fasttrackmonkey.com>
References: <6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
Message-ID: <44EE2DAB.911.6A871E@dan.langille.org>

On 24 Aug 2006 at 22:10, Charles Sprickman wrote:

> On Thu, 24 Aug 2006, Bob Ippolito wrote:
> 
> > The only thing I can think of is Slony-I [1]. It should cover all of
> > your needs and give you a safe online way to replicate your cluster to
> > some future 8.1.x or 8.2 when the time comes.
> >
> > [1] http://slony.info/
> 
> Just out of curiousity, is Slony the de-facto replication solution for 
> Postgres?  I remember last time I looked (quite some time ago) there were 
> a variety of solutions...  I don't recall if any were particularly mature 
> at the time.

I think it is, yes.  FWIW, I'm about to deploy a Slony implementation 
to a financial instituation in NYC/HK.  It took me about a day to 
figure out how to use it and get together the scripts for managing 
it.  Slony is very feature rich.

Replication is one thing. Learning how to failover is another.  :)
  
-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From bob at redivi.com  Thu Aug 24 22:55:17 2006
From: bob at redivi.com (Bob Ippolito)
Date: Thu, 24 Aug 2006 19:55:17 -0700
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <Pine.OSX.4.61.0608242208270.291@white.nat.fasttrackmonkey.com>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<6a36e7290608241555s1eb01c2bh86bf7f2e84a0d13f@mail.gmail.com>
	<Pine.OSX.4.61.0608242208270.291@white.nat.fasttrackmonkey.com>
Message-ID: <6a36e7290608241955m64cd7430t482550dd033ea1f0@mail.gmail.com>

On 8/24/06, Charles Sprickman <spork at bway.net> wrote:
> On Thu, 24 Aug 2006, Bob Ippolito wrote:
>
> > The only thing I can think of is Slony-I [1]. It should cover all of
> > your needs and give you a safe online way to replicate your cluster to
> > some future 8.1.x or 8.2 when the time comes.
> >
> > [1] http://slony.info/
>
> Just out of curiousity, is Slony the de-facto replication solution for
> Postgres?  I remember last time I looked (quite some time ago) there were
> a variety of solutions...  I don't recall if any were particularly mature
> at the time.

I don't know if it's de-facto, but it's the only free solution that I
found that was reasonably designed. The other ones seem to be
synchronous or otherwise unreliable-by-design. As far as case studies
go, Slony-I was originally developed by Afilias (the registrar for the
".info" TLD), and I'm relativley certain it's involved in most of
their business-criticial apps for replication and load balancing.

Interestingly, I first found out about it at BSDCan 2004 :)

-bob


From nycbug-list at 2xlp.com  Thu Aug 24 23:55:16 2006
From: nycbug-list at 2xlp.com (Jonathan)
Date: Thu, 24 Aug 2006 23:55:16 -0400
Subject: [nycbug-talk] apache on freebsd
In-Reply-To: <5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
References: <42EC43D0-6629-4E73-BB94-5EBEE25B95EA@2xlp.com>
	<20060823152041.GA36573@sunset.nomadlogic.org>
	<A0FBC115-2D67-45B2-87C6-F8FB0C149C90@2xlp.com>
	<31148.160.33.20.11.1156355299.squirrel@webmail.nomadlogic.org>
	<5B8CD5C7-77EA-4FB2-B0F8-FF0E496A8BDB@2xlp.com>
Message-ID: <3E9BA02D-A6B5-4898-8401-DBBDE6D178B9@2xlp.com>


Well, FWIW, I figured out my problem-- Apache was sharing memory fine.

Every OS just seems to handle reporting shared memory in a completely  
different , fucking retarded, way from one another.

When memory is Copy-On-Write, its even worse.  Not one gives any real  
clue as to what the actual shared vs private memory is.

After a few hours profiling my app with FreeBSD , OS X and Ubuntu,  
some friends on the modperl list suggested i just stop non-essential  
services and keep maxing out apache instances until my server starts  
to die from swapping.    (btw, Ubuntu is actually pretty nice.  its  
kind of like debian, but is actually maintained.  no more  
'experimental' on every port.  there are a few things assbackwards  
about it, but its incredibly usable),

anyways, that worked.  monitoring total physical memory and swap use,  
and increasing / using processes i found out that despite reporting  
at 55mb each, my mod_perl instances were more like 10-12, and pulled  
in  a shared memory imprint of about 47mb.  apache, before any mod- 
perl use, was clocking in at about 2.5mb of memory each process.  on  
first request, about 9mb of private gets allocated per process.   
anything using DBI adds another 1mb minimum to each child ( DBI  
caches a lot of random stuff privately ), and most requests add some  
more random stuff.  Sadly, libgtop, getrusage, and ps and top were  
pretty much worthless in their stats.



// Jonathan Vanasco

| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
- - - - - - - - - - - - - - - -




From af.dingo at gmail.com  Fri Aug 25 17:38:45 2006
From: af.dingo at gmail.com (Jeff Quast)
Date: Fri, 25 Aug 2006 17:38:45 -0400
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
Message-ID: <c1feb8190608251438i551c7acdpfb01a13a8d4865c8@mail.gmail.com>

On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
> Hi All,
> I have a postgres 7.4.x database which we will be using for a data
> warehousing project.  We project the initial database clusters will be in
> the ~200-300gig range (served from a NetApp volume).  As I mentioned we
> are using release 7.4, as we have experienced stability problems with 8.x
> in some specific circumstances.  Is there a good way to do incremental
> backups of pgsql db's that does not require taking the database down?  I
> guess I am looking for something similar to PITR (point in time recovery)
> for 7.4.x.  What are other folks out there using?
>
> thanks!
> -pete
>

I don't know much about postgresql. But I use cvs to do incremental
backups of a (relatively much smaller) mysql database:

#!/bin/sh
export CVSROOT=/var/cvs
dbserver=127.0.0.1
username=xxx
password=xxx
database=xxx_db
tables="table1 table2"
dump=`mktemp /tmp/dbXXXXX`
dest=$HOME/cvs/xxx/xxx

/usr/local/bin/mysqldump \
        -u ${username} -p${password} \
        ${database} ${tables} > $dump
if [ $? -ne 0 ]; then
        echo "Failure in mysqldump"
else
        # insert newlines and tabs for readability and cleaner diff'n
        sed s/'),/),\
        '/g < ${dump} > ${dump}.swp
        sed s/'VALUES (/VALUES\
        ('/g < ${dump}.swp > ${dest}
        rm -f ${dump} ${dump}.swp
        cvs ci -m "dump of database '${database}', tables '${tables}'" $dest
fi

This gives suprisingly very readable split-diff's like in cvsweb.
Albeit the database dump is only ~200MB, not GB :D - i run this on a
weekly cron job.


From pete at nomadlogic.org  Fri Aug 25 17:53:41 2006
From: pete at nomadlogic.org (Peter Wright)
Date: Fri, 25 Aug 2006 14:53:41 -0700 (PDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <c1feb8190608251438i551c7acdpfb01a13a8d4865c8@mail.gmail.com>
References: <19008.160.33.20.11.1156458401.squirrel@webmail.nomadlogic.org>
	<c1feb8190608251438i551c7acdpfb01a13a8d4865c8@mail.gmail.com>
Message-ID: <29464.160.33.20.11.1156542821.squirrel@webmail.nomadlogic.org>


> On 8/24/06, Peter Wright <pete at nomadlogic.org> wrote:
>> Hi All,
>> I have a postgres 7.4.x database which we will be using for a data
>> warehousing project.  We project the initial database clusters will be
>> in
>> the ~200-300gig range (served from a NetApp volume).  As I mentioned we
>> are using release 7.4, as we have experienced stability problems with
>> 8.x
>> in some specific circumstances.  Is there a good way to do incremental
>> backups of pgsql db's that does not require taking the database down?  I
>> guess I am looking for something similar to PITR (point in time
>> recovery)
>> for 7.4.x.  What are other folks out there using?
>>
>> thanks!
>> -pete
>>
>
> I don't know much about postgresql. But I use cvs to do incremental
> backups of a (relatively much smaller) mysql database:
>
> #!/bin/sh
> export CVSROOT=/var/cvs
> dbserver=127.0.0.1
> username=xxx
> password=xxx
> database=xxx_db
> tables="table1 table2"
> dump=`mktemp /tmp/dbXXXXX`
> dest=$HOME/cvs/xxx/xxx
>
> /usr/local/bin/mysqldump \
>         -u ${username} -p${password} \
>         ${database} ${tables} > $dump
> if [ $? -ne 0 ]; then
>         echo "Failure in mysqldump"
> else
>         # insert newlines and tabs for readability and cleaner diff'n
>         sed s/'),/),\
>         '/g < ${dump} > ${dump}.swp
>         sed s/'VALUES (/VALUES\
>         ('/g < ${dump}.swp > ${dest}
>         rm -f ${dump} ${dump}.swp
>         cvs ci -m "dump of database '${database}', tables '${tables}'"
> $dest
> fi
>
> This gives suprisingly very readable split-diff's like in cvsweb.
> Albeit the database dump is only ~200MB, not GB :D - i run this on a
> weekly cron job.

interesting, we have no problems versioning our backups etc - for us the
primary problem is that you do not want to have to stop your database to
perform a backup.  we do snapshot our volume that the DB is hosted off of
so we have our DR plan taken care of, but what we really want is an Oracle
style transaction log we also build incremental's off of.  These features
have been implemented in version 8.x of postgres...so now i'm knee deep in
porting our internal systems code to work with ver. 8 :^)

-pete


-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459


From alex at pilosoft.com  Fri Aug 25 17:59:09 2006
From: alex at pilosoft.com (alex at pilosoft.com)
Date: Fri, 25 Aug 2006 17:59:09 -0400 (EDT)
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <29464.160.33.20.11.1156542821.squirrel@webmail.nomadlogic.org>
Message-ID: <Pine.LNX.4.44.0608251758430.1311-100000@bawx.pilosoft.com>

On Fri, 25 Aug 2006, Peter Wright wrote:

> > I don't know much about postgresql. But I use cvs to do incremental
> > backups of a (relatively much smaller) mysql database:
Have fun doing diffs on 200GB files ;)




From dan at langille.org  Fri Aug 25 18:26:15 2006
From: dan at langille.org (Dan Langille)
Date: Fri, 25 Aug 2006 18:26:15 -0400
Subject: [nycbug-talk] postgres incremental backups?
In-Reply-To: <Pine.LNX.4.44.0608251758430.1311-100000@bawx.pilosoft.com>
References: <29464.160.33.20.11.1156542821.squirrel@webmail.nomadlogic.org>
Message-ID: <44EF40C7.24032.49D2BE2@dan.langille.org>

On 25 Aug 2006 at 17:59, alex at pilosoft.com wrote:

> On Fri, 25 Aug 2006, Peter Wright wrote:
> 
> > > I don't know much about postgresql. But I use cvs to do incremental
> > > backups of a (relatively much smaller) mysql database:
>
> Have fun doing diffs on 200GB files ;)

I backup FreshPorts by using pg_dump to create freshports.sql.  Then 
I use rsync to update a copy of that file which I keep at home.  
Later, that copy is dumped to tape (using Bacula).  The use of rsync 
reduces time and bandwidth.

-- 
Dan Langille : Software Developer looking for work
my resume: http://www.freebsddiary.org/dan_langille.php




From runfreebsd at yahoo.com  Sun Aug 27 13:59:31 2006
From: runfreebsd at yahoo.com (Bill)
Date: Sun, 27 Aug 2006 10:59:31 -0700 (PDT)
Subject: [nycbug-talk] ifconfig wi0 "10 number HEX key" arg ?
Message-ID: <20060827175931.57636.qmail@web37502.mail.mud.yahoo.com>

 Hello Family,

I'm on a wifi network where all the other Unix(like) and Windows
laptops seem to be able to pass a "ten" (10) digit number as the
"hex" key.

In the "ifconfig" manpage for FreeBSD-6.1 it states, under the
stanza for "wepkey" that the number must be 5 or 13 chars long.

The number that is being used for the 10 digit key is:  

	1466466946

So, I've tried numerous calc's to see if I can convert this to a
HEX, 5 or 13 char output and was wondering if I'm missing something.

Of course, when WEP is turned off the wireless nic works find.
Orinoco_Gold card.

TIA

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


From dlavigne6 at sympatico.ca  Sun Aug 27 14:23:54 2006
From: dlavigne6 at sympatico.ca (Dru)
Date: Sun, 27 Aug 2006 14:23:54 -0400 (EDT)
Subject: [nycbug-talk] ifconfig wi0 "10 number HEX key" arg ?
In-Reply-To: <20060827175931.57636.qmail@web37502.mail.mud.yahoo.com>
References: <20060827175931.57636.qmail@web37502.mail.mud.yahoo.com>
Message-ID: <20060827142219.R624@dru.domain.org>



On Sun, 27 Aug 2006, Bill wrote:

> Hello Family,
>
> I'm on a wifi network where all the other Unix(like) and Windows
> laptops seem to be able to pass a "ten" (10) digit number as the
> "hex" key.
>
> In the "ifconfig" manpage for FreeBSD-6.1 it states, under the
> stanza for "wepkey" that the number must be 5 or 13 chars long.
>
> The number that is being used for the 10 digit key is:
>
> 	1466466946
>
> So, I've tried numerous calc's to see if I can convert this to a
> HEX, 5 or 13 char output and was wondering if I'm missing something.
>
> Of course, when WEP is turned off the wireless nic works find.
> Orinoco_Gold card.


Bill Moran and myself had this same issue at the Postgres Anniversary 
Summit. Converting to hex didn't solve it. Any solution to this would be 
greatly appreciated :-)

Dru


From cclymer at gmail.com  Sun Aug 27 15:09:57 2006
From: cclymer at gmail.com (Chris Clymer)
Date: Sun, 27 Aug 2006 15:09:57 -0400
Subject: [nycbug-talk] ifconfig wi0 "10 number HEX key" arg ?
In-Reply-To: <20060827142219.R624@dru.domain.org>
References: <20060827175931.57636.qmail@web37502.mail.mud.yahoo.com>
	<20060827142219.R624@dru.domain.org>
Message-ID: <44F1EE05.6060704@chrisclymer.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dru wrote:
>
> On Sun, 27 Aug 2006, Bill wrote:
>
>> Hello Family,
>>
>> I'm on a wifi network where all the other Unix(like) and Windows
>> laptops seem to be able to pass a "ten" (10) digit number as the
>> "hex" key.
>>
>> In the "ifconfig" manpage for FreeBSD-6.1 it states, under the
>> stanza for "wepkey" that the number must be 5 or 13 chars long.
>>
>> The number that is being used for the 10 digit key is:
>>
>> 1466466946
>>
>> So, I've tried numerous calc's to see if I can convert this to a
>> HEX, 5 or 13 char output and was wondering if I'm missing
>> something.
>>
>> Of course, when WEP is turned off the wireless nic works find.
>> Orinoco_Gold card.
>
>
> Bill Moran and myself had this same issue at the Postgres
> Anniversary Summit. Converting to hex didn't solve it. Any solution
> to this would be greatly appreciated :-)
>
> Dru _______________________________________________ % NYC*BUG talk
> mailing list http://lists.nycbug.org/mailman/listinfo/talk %Be sure
> to check out our Jobs and NYCBUG-announce lists %We meet the first
> Wednesday of the month
10 digits should be a HEX key for a 64-bit WEP network.  Is it
possible you're trying to use 128-bit?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE8e4EyAc5jM0nFbgRAiDPAJ9VJK1nyQgWmYfufxsbeQ4NrJAcKQCfSLBD
tHKqq/NRxjsTOl34cP8Q20c=
=t4TY
-----END PGP SIGNATURE-----



From lists at genoverly.net  Thu Aug 31 09:02:40 2006
From: lists at genoverly.net (michael)
Date: Thu, 31 Aug 2006 09:02:40 -0400
Subject: [nycbug-talk] Charles M. Hannum on NetBSD
Message-ID: <20060831090240.4aadb83a@wit.genoverly.com>

wow.. this has hit several lists, but if you missed it somehow..

	"The NetBSD Project has stagnated to the point of irrelevance.
	It has gotten to the point that being associated with the
	project is often more of a liability than an asset.  I will
	attempt to explain how this happened, what the current state of
	affairs is, and what needs to be done to attempt to fix the
	situation."

http://mail-index.netbsd.org/netbsd-users/2006/08/30/0016.html

-- 

Michael


From lists at genoverly.net  Thu Aug 31 09:07:47 2006
From: lists at genoverly.net (michael)
Date: Thu, 31 Aug 2006 09:07:47 -0400
Subject: [nycbug-talk] OpenBSD article on IBM site
In-Reply-To: <20060813082824.34f54d6b@wit.genoverly.com>
References: <20060813082824.34f54d6b@wit.genoverly.com>
Message-ID: <20060831090747.6f3b2a29@wit.genoverly.com>

On Sun, 13 Aug 2006 08:28:24 -0400
michael <lists at genoverly.net> wrote:

> There's nothing earth shattering here, but it is always fun to see BSD
> mentioned on Big Blue's site.
> 

Go IBM! -- another BSD article.

Get to know NetBSD
An operating system that travels 
Tim McIntire (tm at timmcintire.net), Consultant, Freelance Writer

29 Aug 2006

    NetBSD runs on more hardware platforms than any other UNIX?
derivative due to smart design decisions and a commitment to portable
code. Whether you're porting an operating system to a proprietary
embedded system or looking for stability and compatibility across
hardware platforms in the lab, NetBSD and its open license is a
compelling alternative to Linux? and the GNU Public License (GPL).


http://www-128.ibm.com/developerworks/aix/library/au-netbsd.html?ca=dgr-lnxw01NetBSD

-- 

Michael



From alex at pilosoft.com  Thu Aug 31 09:21:15 2006
From: alex at pilosoft.com (alex at pilosoft.com)
Date: Thu, 31 Aug 2006 09:21:15 -0400 (EDT)
Subject: [nycbug-talk] Charles M. Hannum on NetBSD
In-Reply-To: <20060831090240.4aadb83a@wit.genoverly.com>
Message-ID: <Pine.LNX.4.44.0608310920490.1311-100000@bawx.pilosoft.com>

On Thu, 31 Aug 2006, michael wrote:

> 	"The NetBSD Project has stagnated to the point of irrelevance.
> 	It has gotten to the point that being associated with the
> 	project is often more of a liability than an asset.  I will
> 	attempt to explain how this happened, what the current state of
> 	affairs is, and what needs to be done to attempt to fix the
> 	situation."
> 
> http://mail-index.netbsd.org/netbsd-users/2006/08/30/0016.html
I bet Theo is laughing his ass out right now :)

-alex



From njt at ayvali.org  Thu Aug 31 10:22:47 2006
From: njt at ayvali.org (N.J. Thomas)
Date: Thu, 31 Aug 2006 10:22:47 -0400
Subject: [nycbug-talk] NetBSD and HP RISC (was Re: Charles M. Hannum on
	NetBSD)
In-Reply-To: <20060831090240.4aadb83a@wit.genoverly.com>
References: <20060831090240.4aadb83a@wit.genoverly.com>
Message-ID: <20060831142247.GH27076@ayvali.org>

* michael <lists at genoverly.net> [2006-08-31 09:02:40 -0400]:
> wow.. this has hit several lists, but if you missed it somehow..
> 
> 	"The NetBSD Project has stagnated to the point of irrelevance.

Ca. 2004 a friend of mine gave me a monstrous HP RISC workstation (whose
exact model number escapes me at the moment). I was fairly proficient
with FreeBSD and OpenBSD at that point, and I'd been on the lookout for
an excuse to play with NetBSD. This machine with its esoteric
architecture seemed like the perfect fit, after all, NetBSD ran on
everything, right?

Well, oddly enough, it didn't on this one. This particular HP series had
only an experimental NetBSD port and a bit of digging through the
archives showed that calling it "experimental" was being optimistic at
best -- but both OpenBSD (hppa) and Linux (PARISC) had native, fully
supported ports.

I ended up having to move from the state, so I had to give the machine
away to someone (it weighed about 150 pounds), but I always found it
suspicious that the OS that purported to run on everything wouldn't work
on this particular architecture which really didn't seem all that exotic
to me.

Thomas

-- 
N.J. Thomas
njt at ayvali.org
Etiamsi occiderit me, in ipso sperabo


From pete at nomadlogic.org  Thu Aug 31 12:01:55 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Thu, 31 Aug 2006 12:01:55 -0400
Subject: [nycbug-talk] Charles M. Hannum on NetBSD
In-Reply-To: <20060831090240.4aadb83a@wit.genoverly.com>
References: <20060831090240.4aadb83a@wit.genoverly.com>
Message-ID: <20060831160151.GA6097@sunset.nomadlogic.org>

On Thu, Aug 31, 2006 at 09:02:40AM -0400, michael wrote:
> wow.. this has hit several lists, but if you missed it somehow..
> 
> 	"The NetBSD Project has stagnated to the point of irrelevance.
> 	It has gotten to the point that being associated with the
> 	project is often more of a liability than an asset.  I will
> 	attempt to explain how this happened, what the current state of
> 	affairs is, and what needs to be done to attempt to fix the
> 	situation."
> 
> http://mail-index.netbsd.org/netbsd-users/2006/08/30/0016.html
> 

i agree, wow.  although (while being an outsider to the netbsd project)
i found his email to be really well written.  i can see alot of the
issues he raised as being very pertinent to any community based project
(software or not).  

can someone refer me to a link to the "coup" with the NetBSD foundation
he refered to?

thanks!
-p

-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459



From pete at nomadlogic.org  Thu Aug 31 12:11:43 2006
From: pete at nomadlogic.org (Pete Wright)
Date: Thu, 31 Aug 2006 12:11:43 -0400
Subject: [nycbug-talk] OpenBSD article on IBM site
In-Reply-To: <20060831090747.6f3b2a29@wit.genoverly.com>
References: <20060813082824.34f54d6b@wit.genoverly.com>
	<20060831090747.6f3b2a29@wit.genoverly.com>
Message-ID: <20060831161143.GB6097@sunset.nomadlogic.org>

On Thu, Aug 31, 2006 at 09:07:47AM -0400, michael wrote:
> On Sun, 13 Aug 2006 08:28:24 -0400
> michael <lists at genoverly.net> wrote:
> 
> > There's nothing earth shattering here, but it is always fun to see BSD
> > mentioned on Big Blue's site.
> > 
> 
> Go IBM! -- another BSD article.
> 
> Get to know NetBSD
> An operating system that travels 
> Tim McIntire (tm at timmcintire.net), Consultant, Freelance Writer
> 
> 29 Aug 2006
> 
>     NetBSD runs on more hardware platforms than any other UNIX?
> derivative due to smart design decisions and a commitment to portable
> code. Whether you're porting an operating system to a proprietary
> embedded system or looking for stability and compatibility across
> hardware platforms in the lab, NetBSD and its open license is a
> compelling alternative to Linux? and the GNU Public License (GPL).
> 
> 
> http://www-128.ibm.com/developerworks/aix/library/au-netbsd.html?ca=dgr-lnxw01NetBSD
> 
> -- 
> 

lol...talk about timing :)

-pete

-- 
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459