From star at starshine.org Tue Jan 14 07:28:45 2003 From: star at starshine.org (Heather Stern) Date: Tue, 14 Jan 2003 07:28:45 -0800 Subject: Meeting this Thursday, Jan 16, 7:30pm Message-ID: <20030114152845.GA16779@starshine.org> My apologies that this didn't go out yesterday. There was a lot (computing wise) going on at my labs yesterday, but things are looking good in that regard. Anyways, this is the week containing the Third Thursday, so the monthly meeting of BayLISA is day after tomorrow. Get it into your PDAs and mention it at the water cooler in case your fellow IT staff would like to come. Topic - Secure Remote Access to Your Serial Consoles Speaker - David K.Z. "Zonker" Harris When - 7:30 pm until oh, 9:30 or so... expect to get out around 10. Where - Apple Campus, De Anza Building Three (3) 10500 N. De Anza Blvd Cupertino De Anza Building 3 is rather near the 280 exit on De Anza; exit south, and when you encounter the light at Mariani turn left, then *immediate* right into the blue-apple parking lot. Go around the building along the De Anza side and park on the other side, because that's where you'll find the entrance to the building next to the auditorium we're using. If you zoom past you can make a u-turn around the divided highway at Lazaneo (sp?) where there is a Donut Wheel shop. Folks coming from another direction (perhaps the 85, whose De Anza exit is notably south of here) should be aware that this is north of Steven's Creek so do not get fooled by the numbering at the businesses of S.De Anza Blvd. Anyways, coming up De Anza from the south you can take a blue-apple entrance into the right half of the lot very easily. Afterdinner opportunities in the area are being checked on. Last time a fairly small afterdinner group went to TGI Friday's by Vallco, which was noisy, but had good service and is open quite late. -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ *- From kovar at 1srg.org Tue Jan 14 21:29:26 2003 From: kovar at 1srg.org (David C. Kovar) Date: Tue, 14 Jan 2003 21:29:26 -0800 Subject: Good Sun VAR? Message-ID: <009501c2bc57$1e6b2470$66d82e0a@DCKDesktop> Good evening, It seems like every few years I need to fund a new Sun VAR because the staff or policies have changed at the one I've been happy with for awhile and it's that time again. Can anyone recommend a good Sun VAR - someone who's professional, ships on time, doesn't do high pressure sales, knows their product line, understands that not all projects will get funded, and will be around six months from now? Thanks very much. -David From Lee_Levenson at adaptec.com Wed Jan 15 09:39:39 2003 From: Lee_Levenson at adaptec.com (Levenson, Lee) Date: Wed, 15 Jan 2003 09:39:39 -0800 Subject: Good Sun VAR? Message-ID: David. Look into these two VAR's, they are both very good in the EDA arena: ACS (Applied Computer Solutions) EOS (Eakins Open Systems) Sun sales could also recommend a VAR that matches your business needs. Lee Lee Levenson Senior UNIX Systems Administrator Adaptec, Incorporated 691 South Milpitas Boulevard Milpitas, CA 95035 lee_levenson at adaptec.com (408) 957-2540 ( Direct ) -----Original Message----- From: David C. Kovar [mailto:kovar at 1srg.org] Sent: Tuesday, January 14, 2003 9:29 PM To: baylisa at baylisa.org Subject: Good Sun VAR? Good evening, It seems like every few years I need to fund a new Sun VAR because the staff or policies have changed at the one I've been happy with for awhile and it's that time again. Can anyone recommend a good Sun VAR - someone who's professional, ships on time, doesn't do high pressure sales, knows their product line, understands that not all projects will get funded, and will be around six months from now? Thanks very much. -David From extasia at mindspring.com Wed Jan 15 17:08:59 2003 From: extasia at mindspring.com (David Alban) Date: Wed, 15 Jan 2003 17:08:59 -0800 Subject: [baylisa] SIG-beer west this Saturday in San Francisco Message-ID: <20030115170859.A17171@new.gerasimov.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SIG-beer-west Saturday, January 18, 2002 at 6:00pm San Francisco, CA Beer. Mental stimulation. This event: * Saturday, 01/18/2003, 6:00pm, at the Toronado, San Francisco Coming events (third Saturdays): * Saturday, 02/15/2003, 6:00pm * Saturday, 03/15/2003, 6:00pm * Saturday, 04/19/2003, 6:00pm * Saturday, 05/17/2003, 6:00pm San Francisco's next social event for computer sysadmins and their friends, sig-beer-west, will take place on Saturday, January 18, 2002 at the [1]Toronado in San Francisco, CA. The Toronado has an impressive selection of [2]draught and [3]bottled beer. Festivities will start at 6:00pm and continue until we've all left. The Toronado has an excellent selection of beer, but no food. It is perfectly okay to score food from neighboring establishments and bring it back to the Toronado to eat. Also, after we are all full with beer we may roam off to a nearby restaurant. [1] http://www.toronado.com/ [2] http://www.toronado.com/draft.htm [3] http://www.toronado.com/bottles.htm Everyone is welcome at this event. We mean it! Please feel free to forward this info and to invite friends, co-workers, and others who might enjoy lifting a glass with interesting folks from all over the place. (O.K., you do have to be of legal drinking age to attend.) For directions to the Toronado, please use the [4]excellent directions at their website. When you show up at the Toronado, you should look for some kind of botched sig-beer-west sign. We will try to make it obvious who we are. :-) [4] http://www.toronado.com/map.htm Note: Check the tables in the back room for us if you don't see us at the tables by the bar. The back room is back and to the left. Any Comments, Questions, or Suggestions of Things to Do Later on That Evening ... email [5]Fiid or [6]David. [5] fiid AT fiid DOT net [6] extasia AT mindspring DOT com sig-beer-west FAQ 1. Q: Your announcement says "computer sysadmins and their friends". How do I know if I'm a friend of a computer sysadmin? I don't even know what one is. A: You're a friend of a computer sysadmin if you can find the sig-beer-west sign at this month's sig-beer-west event. 2. Q: I'm not really a beer person. In fact I'm interested in hanging out, but not in drinking. Would I be welcome? A: Absolutely! The point is to enjoy each others' company. Please do join us. 3. Q: Is parking difficult around the Toronado, like maybe I should factor this into my travel time? A: Yes. ______________________________________________________________________ sig-beer-west was started when a couple Washington, D.C. based systems administrators who moved to the San Francisco Bay area wanted to continue a [7]dc-sage tradition, sig-beer, which is described in dc-sage web space as: SIG-beer, as in "Special Interest Group - Beer" ala ACM, or as in "send the BEER signal to that process". The original SIG-beer gathering takes place in Washington DC, usually on the first Saturday night of the month. [7] http://www.dc-sage.org/ ______________________________________________________________________ Last modified: $Date: 2003/01/06 20:20:55 $ - -- Live in a world of your own, but always welcome visitors. *** Come to sig-beer-west! http://www.gerasimov.net/~alban/sig.beer.west.html Unix sysadmin available: http://www.gerasimov.net/~alban/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+JgX5Ph0M9c/OpdARAnzsAJ92m0YRmiUth1lr0ZWu6CGf+CUl6QCgq0KV 53Ve9AIObGG5fiDLIPEulso= =5X89 -----END PGP SIGNATURE----- From Phil_Rufin at trendmicro.com Wed Jan 15 14:19:16 2003 From: Phil_Rufin at trendmicro.com (Phil_Rufin at trendmicro.com) Date: Wed, 15 Jan 2003 14:19:16 -0800 Subject: Usability Testers needed Message-ID: <615ECA26AE53DA4486191CB2231B010D04823425@US-ENDOR.us.trendnet.org> Greetings, System/Network Administrators and IT Personnel: At Trend Micro, we are always looking for new solution to protect you from virus and other malicious content threats. Currently, development is underway on our latest product. As a part of our development process, I would like to invite you to participate in an upcoming usability test on January 29, 30, and 31, 2003. The test takes about 120 minutes, during which time we'll ask you to use the product and provide your opinion on the ease of use, designs, features, and look & feel. Tester's profile: * System/Network Administrator or IT Personnel * Must have experience in network security Because space is limited, please respond to this email ASAP if you are interested so we can arrange a time that is convenient for you. Please note that the test will be conducted at the following site: Trend Micro, Inc. office 2nd floor, 10101 North De Anza Blvd. Cupertino, CA 95014 USA To express our gratitude for your help and participation, we are offering $100 remuneration to participants who complete the test; transportation expenses will not be covered. Note: You must be 18+ to sign a non-disclosure agreement (NDA). If you have any questions, please feel free to contact me at phil_rufin at trendmicro.com or call 1-800-307-5336 (enter extension number: 6337). Sincerely, Trend Micro Product Development Team. Teofilo Monge Rufin, Jr., Ph.D. Technical Writer/Usability Testing Coordinator Trend Micro Inc. 10101 North De Anza Blvd Cupertino, CA 95014 Tel. No: 1-408-863-6337 (direct) Cell Phone No: 1-408-316-8903 Fax. No: 1-408-863-6534 Email: Website: http://www.trendmicro.com/ From star at starshine.org Thu Jan 16 11:39:54 2003 From: star at starshine.org (Heather Stern) Date: Thu, 16 Jan 2003 11:39:54 -0800 Subject: BayLISA Tonight 7:30 pm Message-ID: <20030116193954.GA7104@starshine.org> Greetings fellow sysadmins. This is the Third Thursday so... That's right, we're meeting tonight! 7:30 pm. Cupertino. Apple Campus at De Anza Bldg 3. To not waste time looking things up the address is 10500 NORTH De Anza Blvd. That's as in -north- of Stevens Creek. It is *highly* recommended that you wend (or while :> ) your way to the 280 and take the De Anza exit, because it's really less than a block away from the Apple campus there. Our entrance is on the south side of the building. Blue apples on the parking signs. David K.Z. "Zonker" Harris Secure Remote Access to your Serial Consoles Bring: Anyone interested in serial consoles - junior, senior, just curious are all welcome. Your checkbook, if you're not a member and would like to join... or even if you'd just like to support BayLISA bringing in cool speakers every month. We do allow announcments at the mike; make them extra brief, and have URLs for us. Thx in advance. We will have snacks and sodas, never fear. Want a pint glass? :> I'm advised by our hosts we'll definitely have a table this time too. It's perfectly fine to arrive up to a half hour early. Special Note: BIG Student Discount on membership. And $20 off your own if you bring someone who joins or renews tonight. cheap ascii map, not to correct angle or scale S.F. <==== 101 =====+============> San Jose' : : S.F. <==== 280 =====+============> San Jose' |De |Anza infinite. --+--Mariani-----< ) | __'____ \ / | [___x__] `-loop' |- | +--Lazaneo-- | | ------------Stevens-+-Creek-Blvd------------ | ==== . ==== . ==== . =85= | ==+= | ==== -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ *- From star at starshine.org Thu Jan 16 18:18:24 2003 From: star at starshine.org (Heather Stern) Date: Thu, 16 Jan 2003 18:18:24 -0800 Subject: [Invite to CISSP class for BayLisa folks] Message-ID: <20030117021824.GE7156@starshine.org> Fellow sysadmins, perhaps attending or teching one of these classes would be of interest to you. Please contact the addresses provided in the message; I have no relation with the sender and no opinion in any direction on the classes. -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ *- ----- Forwarded message from "Edwards, Greg" ----- From: "Edwards, Greg" Subject: Invite to CISSP class for BayLisa folks To: "'star at starshine.org'" Heather/Star Could you send out the below on the CISSP class being offered by the SV-ISSA in Menlo Park? Thank you. Greg Edwards Dear Members of the Silicon Valley Chapter of ISSA, The Silicon Valley Chapter of ISSA is sponsoring the offering of the CISSP review sessions from April 3 through May 15, 2003. E*Trade Inc. in Menlo Park, CA has graciously offered their conference room facility and staff to accommodate these sessions. The total cost for this offering is $50 per ISSA member. We strongly encourage members to spread the word of this offering and invite non-members of ISSA to join the Chapter to gain this benefit! To join ISSA, please sign up at https://www.issa.org/signupform.taf . The seven sessions will cover the following material to help members to prepare for the CISSP examinations: Domain 1 - Access Control Systems and Methodology Domain 2 - Telecommunications and Network Security Domain 3 - Security Management Practices Domain 4 - Applications and Systems Development Security Domain 5 - Cryptography Domain 6 - Security Architecture and Models Domain 7 - Operations Security Domain 8 - Business Continuity Planning and Disaster Recovery Planning Domain 9 - Law, Investigations, and Ethics Domain 10 - Physical Security Each session will run from 6:30PM until 9:30PM on every Thursday evening between April 3 and May 15, 2003. Local experts in each of the CISSP domains will moderate these sessions. To register for these sessions, please send an email to: Henry Teng at henry.teng at philips.com . Also if you are interested in teaching one or more of the domains, please send an email with the Domain you intend to teach, your qualifications, and week of preference to: Henry Teng at henry.teng at philips.com. A couple of volunteers are needed to facilitate the logistics of the sessions too. Regards, Henry Teng, CISSP Director of Education, ISSA/SV ----- End forwarded message ----- From scott at benetech.org Thu Jan 16 18:46:54 2003 From: scott at benetech.org (Scott Weikart) Date: Thu, 16 Jan 2003 18:46:54 -0800 Subject: [Invite to CISSP class for BayLisa folks] In-Reply-To: <20030117021824.GE7156@starshine.org> References: <20030117021824.GE7156@starshine.org> Message-ID: <0301161846540A.01518@sandino.dnsalias.org> Just to be clear, this is $50 for all ten sessions (plus membership) ... per Greg Edwards . -scott On Thursday 16 January 2003 6:18 pm, Heather Stern wrote: > Fellow sysadmins, perhaps attending or teching one of these classes > would be of interest to you. Please contact the addresses provided > in the message; I have no relation with the sender and no opinion > in any direction on the classes. > > -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ > *- > > ----- Forwarded message from "Edwards, Greg" ----- > > From: "Edwards, Greg" > Subject: Invite to CISSP class for BayLisa folks > To: "'star at starshine.org'" > > Heather/Star > > Could you send out the below on the CISSP class being offered by the > SV-ISSA in Menlo Park? > > Thank you. > > Greg Edwards > > Dear Members of the Silicon Valley Chapter of ISSA, > > The Silicon Valley Chapter of ISSA is sponsoring the offering of the CISSP > review sessions from April 3 through May 15, 2003. E*Trade Inc. in Menlo > Park, CA has graciously offered their conference room facility and staff to > accommodate these sessions. The total cost for this offering is $50 per > ISSA member. We strongly encourage members to spread the word of this > offering and invite non-members of ISSA to join the Chapter to gain this > benefit! To join ISSA, please sign up at > https://www.issa.org/signupform.taf . > > The seven sessions will cover the following material to help members to > prepare for the CISSP examinations: > > Domain 1 - Access Control Systems and Methodology > Domain 2 - Telecommunications and Network Security > Domain 3 - Security Management Practices > Domain 4 - Applications and Systems Development Security > Domain 5 - Cryptography > Domain 6 - Security Architecture and Models > Domain 7 - Operations Security > Domain 8 - Business Continuity Planning and Disaster Recovery Planning > Domain 9 - Law, Investigations, and Ethics > Domain 10 - Physical Security > > Each session will run from 6:30PM until 9:30PM on every Thursday evening > between April 3 and May 15, 2003. Local experts in each of the CISSP > domains will moderate these sessions. > To register for these sessions, please send an email to: Henry Teng at > henry.teng at philips.com . > Also if you are interested in teaching one or more of the domains, please > send an email with the Domain you intend to teach, your qualifications, and > week of preference to: Henry Teng at henry.teng at philips.com. A couple of > volunteers are needed to facilitate the logistics of the sessions too. > Regards, > Henry Teng, CISSP > Director of Education, ISSA/SV > > ----- End forwarded message ----- From greg.edwards at lmco.com Thu Jan 16 19:40:47 2003 From: greg.edwards at lmco.com (Edwards, Greg) Date: Thu, 16 Jan 2003 19:40:47 -0800 Subject: [Invite to CISSP class for BayLisa folks] Message-ID: Further The $50 goes to Xeroxing the handouts (mostly). The instructors are not being paid. The meeting room is donated. The local ISSA (SV, SF) want you to join (and hope you will stay for more than one year). Other CISSP review courses are $2-4k. Note, taking a CISSP review course is NOT enough to pass. You have to do a fair bit of outside work, or be very knowledgeable in all areas of InfoSec. Greg -----Original Message----- From: Scott Weikart [mailto:scott at benetech.org] Sent: Thursday, January 16, 2003 6:47 PM To: baylisa at baylisa.org Subject: Re: [Invite to CISSP class for BayLisa folks] Just to be clear, this is $50 for all ten sessions (plus membership) ... per Greg Edwards . -scott On Thursday 16 January 2003 6:18 pm, Heather Stern wrote: > Fellow sysadmins, perhaps attending or teching one of these classes > would be of interest to you. Please contact the addresses provided > in the message; I have no relation with the sender and no opinion > in any direction on the classes. > > -* Heather Stern * Arch (secretary) BayLISA Board * http://www.baylisa.org/ > *- > > ----- Forwarded message from "Edwards, Greg" ----- > > From: "Edwards, Greg" > Subject: Invite to CISSP class for BayLisa folks > To: "'star at starshine.org'" > > Heather/Star > > Could you send out the below on the CISSP class being offered by the > SV-ISSA in Menlo Park? > > Thank you. > > Greg Edwards > > Dear Members of the Silicon Valley Chapter of ISSA, > > The Silicon Valley Chapter of ISSA is sponsoring the offering of the CISSP > review sessions from April 3 through May 15, 2003. E*Trade Inc. in Menlo > Park, CA has graciously offered their conference room facility and staff to > accommodate these sessions. The total cost for this offering is $50 per > ISSA member. We strongly encourage members to spread the word of this > offering and invite non-members of ISSA to join the Chapter to gain this > benefit! To join ISSA, please sign up at > https://www.issa.org/signupform.taf . > > The seven sessions will cover the following material to help members to > prepare for the CISSP examinations: > > Domain 1 - Access Control Systems and Methodology > Domain 2 - Telecommunications and Network Security > Domain 3 - Security Management Practices > Domain 4 - Applications and Systems Development Security > Domain 5 - Cryptography > Domain 6 - Security Architecture and Models > Domain 7 - Operations Security > Domain 8 - Business Continuity Planning and Disaster Recovery Planning > Domain 9 - Law, Investigations, and Ethics > Domain 10 - Physical Security > > Each session will run from 6:30PM until 9:30PM on every Thursday evening > between April 3 and May 15, 2003. Local experts in each of the CISSP > domains will moderate these sessions. > To register for these sessions, please send an email to: Henry Teng at > henry.teng at philips.com . > Also if you are interested in teaching one or more of the domains, please > send an email with the Domain you intend to teach, your qualifications, and > week of preference to: Henry Teng at henry.teng at philips.com. A couple of > volunteers are needed to facilitate the logistics of the sessions too. > Regards, > Henry Teng, CISSP > Director of Education, ISSA/SV > > ----- End forwarded message ----- From afactor at afactor.com Sun Jan 19 21:51:19 2003 From: afactor at afactor.com (Alan Factor) Date: Sun, 19 Jan 2003 21:51:19 -0800 Subject: webhosting recommendations with procmail Message-ID: <3E2B8E57.4030205@afactor.com> Could anyone please recommend a good cheap (>$30) webhosting site that allows procmail (i.e. allows .forward files)? Thanks, Alan From bill at wards.net Mon Jan 20 03:18:38 2003 From: bill at wards.net (William R Ward) Date: Mon, 20 Jan 2003 03:18:38 -0800 Subject: webhosting recommendations with procmail In-Reply-To: <3E2B8E57.4030205@afactor.com> References: <3E2B8E57.4030205@afactor.com> Message-ID: <15915.56078.325027.818881@komodo.home.wards.net> Alan Factor writes: >Could anyone please recommend a good cheap (>$30) webhosting site that >allows procmail (i.e. allows .forward files)? I recommend using fetchmail on your home Linux box to pull the mail from your POP/IMAP account, and then run procmail locally. That's what I do and it works great. -- William R Ward bill at wards.net http://www.wards.net/~bill/ ----------------------------------------------------------------------------- "A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines." - Emerson From david at catwhisker.org Mon Jan 20 06:17:13 2003 From: david at catwhisker.org (David Wolfskill) Date: Mon, 20 Jan 2003 06:17:13 -0800 (PST) Subject: webhosting recommendations with procmail In-Reply-To: <15915.56078.325027.818881@komodo.home.wards.net> Message-ID: <200301201417.h0KEHDvH094309@bunrab.catwhisker.org> >Date: Mon, 20 Jan 2003 03:18:38 -0800 >From: bill at wards.net (William R Ward) >I recommend using fetchmail on your home Linux box to pull the mail >from your POP/IMAP account, and then run procmail locally. That's >what I do and it works great. Ummm.... Back when I was a dialup customer (with a static IP address) of an ISP that refused to deliver mail to dialup customers via SMTP or UUCP, I used that technique (well, except I was running SunOS 4.1.1_U1 on my 3/60, vs. Linux... and it was easier for me to cobble up a Perl script to handle the local re-delivery than to figure out how to use procmail). It is my perception that the cited technique can be made to work within its inherent limitations, but I would definitely not recommend the technique without disclosure of the limitations. What is at issue (as far as I'm concerned) is that the technique involves picking up the mail after "final delivery" ahs been accomplished (and thus, after the envelope information has been discarded) and trying to go through the process of figuring out where the message should go once the envelope is gone. For "normal" messages, this can work out reasonably well. You just need to be sure the re-delivery is only to local addresses. (Had you been using the technique, and had I sent this message both to you and to the baylisa@ list, I would be rather perturbed (wearing the postmaster at baylisa.org hat) had your system sent a copy of the message to you, as well as re-injecting it to the baylisa at baylisa.org list. I expect you would be less-than-thrilled about the results of that, as well.) Where things really get unpleasant is where all of the following hold: * You have multiple local recipients for messages. * You use the same POP-box for at least 2 of the above. * A message arrives with at least 2 of the above as recipients. * At least one of the above recipients is specified as a Bcc:. The salient issue is that by their nature, Bcc: recipients are *only* specified in the envelope -- not in the message headers. And delivery to a POP-box (as noted above) is "final delivery" from the perspective of the MTA, so the envelope information is discarded. I assume(!) in the following that it is important to you that the existence of a Bcc: recipient for a message should not be readily apparent to other recipients of the message. I further assume that it is important to deliver a given message (only) to its intended recipient(s). Given the above situation, we have incompatible requirements. The only ways I have found that come anywhere close to addressing the last assumption are: * Prior to discarding the envelope information, record the addresses (at least for the domain(s) served by the POP-box) in some special headers. Unfortunately, that risks disclosing a Bcc: recipient. * Provide (at minimum) one copy of the message for all exposed recipients (for the domain served by the POP-box), and one for each Bcc: recipient in that domain; the latter would also have a special header added for the redelivery phase. There is something unsettling (to me) of having multiple instantiations of a message (i.e., same Message-Id) traversing the same network, but with different content (the special headers). And changing the Message-ID strikes me as perversity incarnate. Further, the redelivery phase would need to pay attention to the special header and only use that for determining the recipient(s) -- not the regular recipient-specifying headers (To:, Cc:, Apparently-To:, Apparently-Cc:). Thus, from my perspective, using a single POP-box for receiving messages for more than one recipient is a fundamentally flawed approach. What works? Any mechanism that preserves the envelope. SMTP does this; so does UUCP (for all its cruftiness). For the case of a recipient who has connectivity only episodically, "normal" SMTP is unlikely to be usable; that is what ETRN is for -- as long as the connectivity is for a static IP. For dynamic IP, try to find an implementation of ODMR (On-Demand Mail Relay), RFC 2645. (Unfortunately, we (at Whistle) were unable to get the implementation of ODMR that Jennifer Myers did released before IBM effectively shut the operation down. It was based on the same queueing mechanism that Terry Lambert & I did for ETRN, using sendmail 8.9.3 as a base, and which was the topic of the "Short but Cool" talklet I gave on 16 Dec 1999. That material -- including the patches -- was released, but by that time, sendmail's queueing had diverged from 8.9's so much that updating it to more recent sendmail wasn't feasible, from our perspective.) Now, all of this isn't directly helpful for the person doing the original query. Sorry about that. As for me, I was lucky enough to get a static IP assignment from Pac*Bell when I got residential DSL, and I run my own SMTP server here at home. I create new email aliases when the need becomes apparent, and Things Just Work. And if I get too much spam from a domain or netblock, I can blacklist the domain or netblock -- at the MTA level (where I think it should be done, if it is done). Cheers, david (links to my resume at http://www.catwhisker.org/~david) -- David H. Wolfskill david at catwhisker.org I have no confidence in results obtained through the use of Microsoft products. From bill at wards.net Mon Jan 20 10:43:05 2003 From: bill at wards.net (William R Ward) Date: Mon, 20 Jan 2003 10:43:05 -0800 Subject: webhosting recommendations with procmail In-Reply-To: <200301201417.h0KEHDvH094309@bunrab.catwhisker.org> References: <15915.56078.325027.818881@komodo.home.wards.net> <200301201417.h0KEHDvH094309@bunrab.catwhisker.org> Message-ID: <15916.17209.33325.636050@komodo.home.wards.net> David Wolfskill writes: >>Date: Mon, 20 Jan 2003 03:18:38 -0800 >>From: bill at wards.net (William R Ward) > >>I recommend using fetchmail on your home Linux box to pull the mail >>from your POP/IMAP account, and then run procmail locally. That's >>what I do and it works great. > >Ummm.... Back when I was a dialup customer (with a static IP >address) of an ISP that refused to deliver mail to dialup customers via >SMTP or UUCP, I used that technique (well, except I was running SunOS >4.1.1_U1 on my 3/60, vs. Linux... and it was easier for me to cobble up >a Perl script to handle the local re-delivery than to figure out how to >use procmail). > >It is my perception that the cited technique can be made to work within >its inherent limitations, but I would definitely not recommend the >technique without disclosure of the limitations. > >What is at issue (as far as I'm concerned) is that the technique involves >picking up the mail after "final delivery" ahs been accomplished (and >thus, after the envelope information has been discarded) and trying to >go through the process of figuring out where the message should go once >the envelope is gone. Well, in my case, the envelope itself may be gone but enough information remains - principally, since my ISP uses qmail, there is a "Delivered-To:" header added which indicates what the envelope recipient (at my domain) was. This is what I use in my .procmailrc to filter mail with. >For "normal" messages, this can work out reasonably well. You just need >to be sure the re-delivery is only to local addresses. (Had you been >using the technique, and had I sent this message both to you and to the >baylisa@ list, I would be rather perturbed (wearing the >postmaster at baylisa.org hat) had your system sent a copy of the message >to you, as well as re-injecting it to the baylisa at baylisa.org list. I >expect you would be less-than-thrilled about the results of that, as >well.) I don't re-deliver; I filter using the headers of the message. Re-injecting it into sendmail would cause that problem, but I don't do that - my .fetchmailrc calls procmail directly. >Where things really get unpleasant is where all of the following hold: > >* You have multiple local recipients for messages. That doesn't happen in my case, but if it did it would be fetchmailed and procmailed twice. If you have the entire domain's email go into a single IMAP/POP folder and do any alias explosion with procmail, it's less of a problem, but you could still have multiple local addresses explicitly in the envelope of the message. >* You use the same POP-box for at least 2 of the above. >* A message arrives with at least 2 of the above as recipients. >* At least one of the above recipients is specified as a Bcc:. These are not an issue for me for the abovementioned reasons. >The salient issue is that by their nature, Bcc: recipients are *only* >specified in the envelope -- [...] Since qmail puts the Delivered-To: header in, this isn't a problem. My ISP is sasquatch.com, if anyone wants to give all this a try. >Now, all of this isn't directly helpful for the person doing the >original query. Sorry about that. As for me, I was lucky enough to get >a static IP assignment from Pac*Bell when I got residential DSL, and I >run my own SMTP server here at home. I create new email aliases when >the need becomes apparent, and Things Just Work. And if I get too much >spam from a domain or netblock, I can blacklist the domain or netblock >-- at the MTA level (where I think it should be done, if it is done). Static IP's are not necessary for this. You can use Dynamic DNS (www.dyndns.org) to get the appearance of static IP for any broadband account. I use AT&T Broadband, and even though technically it's not a static IP, the IP has never changed except when my MAC address has changed. But I run a program that updates Dynamic DNS regularly just in case. So while I don't have a static IP, I do have "wards.dyndns.org." (While it's true that you can't use a CNAME for an MX record, if you really want mail delivered to your home box, you don't actually need to have an MX record... Just have the domain's CNAME point to your Dynamic DNS hostname with no MX.) --Bill. -- William R Ward bill at wards.net http://www.wards.net/~bill/ ----------------------------------------------------------------------------- "A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines." - Emerson From chuck+baylisa at 2003.snew.com Mon Jan 20 11:05:01 2003 From: chuck+baylisa at 2003.snew.com (Chuck Yerkes) Date: Mon, 20 Jan 2003 14:05:01 -0500 Subject: webhosting recommendations with procmail In-Reply-To: <15916.17209.33325.636050@komodo.home.wards.net> References: <15915.56078.325027.818881@komodo.home.wards.net> <200301201417.h0KEHDvH094309@bunrab.catwhisker.org> <15916.17209.33325.636050@komodo.home.wards.net> Message-ID: <20030120190501.GC3070@snew.com> Quoting William R Ward (bill at wards.net): > David Wolfskill writes: > >>Date: Mon, 20 Jan 2003 03:18:38 -0800 > >>From: bill at wards.net (William R Ward) > > > >What is at issue (as far as I'm concerned) is that the technique involves > >picking up the mail after "final delivery" ahs been accomplished (and > >thus, after the envelope information has been discarded) and trying to > >go through the process of figuring out where the message should go once > >the envelope is gone. > > Well, in my case, the envelope itself may be gone but enough > information remains - principally, since my ISP uses qmail, there is a > "Delivered-To:" header added which indicates what the envelope > recipient (at my domain) was. This is what I use in my .procmailrc to > filter mail with. Which is simple enough to add to any MTA (as an admin). > >original query. Sorry about that. As for me, I was lucky enough to get > >a static IP assignment from Pac*Bell when I got residential DSL, and I ... > Static IP's are not necessary for this. You can use Dynamic DNS > (www.dyndns.org) to get the appearance of static IP for any broadband > account. I use AT&T Broadband, and even though technically it's not a > static IP, the IP has never changed except when my MAC address has > changed. But I run a program that updates Dynamic DNS regularly just > in case. So while I don't have a static IP, I do have > "wards.dyndns.org." > > (While it's true that you can't use a CNAME for an MX record, if you > really want mail delivered to your home box, you don't actually need > to have an MX record... Just have the domain's CNAME point to your > Dynamic DNS hostname with no MX.) You have that address except when you are not on the net for a time. e.g. 1) your machine crashes for a time and isn't available. 2) when your provider, which never would make a mistake, makes a mistake. Someone else comes in, gets your IP while your down and, if they have an SMTP server, gets mail hitting them. Odds may be low, but it can happen. My twisted workaround is that mail hits a machine with a static IP (friends, etc) and relays to my machine via a tunnel. If my dynamic DNS changes, that tunnel doesn't end right so the new holder of that IP won't get my mail - they will get some very odd packets expecting them to have a tunnel, but so what? Tunnels can be IPSec or simply IPv6/IPv4 or even IPv4/IPv4. From bill at wards.net Mon Jan 20 11:08:14 2003 From: bill at wards.net (William R Ward) Date: Mon, 20 Jan 2003 11:08:14 -0800 Subject: webhosting recommendations with procmail In-Reply-To: <20030120190501.GC3070@snew.com> References: <15915.56078.325027.818881@komodo.home.wards.net> <200301201417.h0KEHDvH094309@bunrab.catwhisker.org> <15916.17209.33325.636050@komodo.home.wards.net> <20030120190501.GC3070@snew.com> Message-ID: <15916.18718.285595.833542@komodo.home.wards.net> Chuck Yerkes writes: >Quoting William R Ward (bill at wards.net): >> Static IP's are not necessary for this. You can use Dynamic DNS >> (www.dyndns.org) to get the appearance of static IP for any broadband >> account. I use AT&T Broadband, and even though technically it's not a >> static IP, the IP has never changed except when my MAC address has >> changed. But I run a program that updates Dynamic DNS regularly just >> in case. So while I don't have a static IP, I do have >> "wards.dyndns.org." [...] > >You have that address except when you are not on the net for a time. e.g. >1) your machine crashes for a time and isn't available. >2) when your provider, which never would make a mistake, makes a mistake. > >Someone else comes in, gets your IP while your down and, if >they have an SMTP server, gets mail hitting them. Odds may >be low, but it can happen. Yes, I agree. That's one reason I let an ISP handle the SMTP traffic for my domains. Actually I should clarify: I get my connection through AT&T Broadband (cable modem), but have my SMTP and WWW hosted with sasquatch.com. >My twisted workaround is that mail hits a machine with a static >IP (friends, etc) and relays to my machine via a tunnel. That works too. >If my dynamic DNS changes, that tunnel doesn't end right so the >new holder of that IP won't get my mail - they will get some >very odd packets expecting them to have a tunnel, but so what? >Tunnels can be IPSec or simply IPv6/IPv4 or even IPv4/IPv4. Or even ssh. --Bill. -- William R Ward bill at wards.net http://www.wards.net/~bill/ ----------------------------------------------------------------------------- "A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines." - Emerson From star at starshine.org Mon Jan 20 17:35:29 2003 From: star at starshine.org (Heather Stern) Date: Mon, 20 Jan 2003 17:35:29 -0800 Subject: [Balug] Meeting tomorrow, 21 Jan Message-ID: <20030121013529.GA2936@starshine.org> With apologies for the short lead time. BALUG has a much more sysadminly topic than usual. Also, rather like SIG Beer West it's one of the places where we can actually get some use out of our pint glasses :) Normally I'd offer carpooling for up to 2 people, but Jim and I have a client in the city tomorrow, so not this time... It does get out early enough to successfully reach CalTrain and BART for rides back to your normal locale, if you feel like dodging the parking issues. It's worth noting that there's a cheap parking garage on Kearny, though, and street parking is not as bad around there as it is elsewhere in SF. It is a pain, but actually possible to find parking for beasties like our van. . | . Heather Stern | star at starshine.org --->*<--- Starshine Technical Services - * - consulting at starshine.org ' | ` Sysadmin Support and Training | (800) 938-4078 ----- Forwarded message from Heather Stern ----- To: balug-talk at balug.org Okay folks, here's the scoop. Tomorrow's the third tuesday - today, if you're a bit slow to pick up the mail or too busy at the end of a standard workday. Those of us who indulge in the chinese food portions at BALUG will be fed in the lower restaurant this time. There's a group in the banquet hall ahead of us which is SUPPOSED to clear out at 8pm to 8:30, conveniently the time we start to get some attention and get the announcements going and introduce our speaker. They're sorry for the slip up in dates that led to the tight booking, but I enjoy the main restaurant food, so I suspect you won't mind *that* much. We've got a VP from Celestix... one with techie clue, or so I am advised... to tell us about the trevails they went through turning their grand dreams from an ordinary day on the sysadmin front (we all set up networking and firewalling, I suppose) to an embedded gadget which grandmas and shipping clerks can plug in and get going. Since they have more than one model of such appliances he'll also discuss the kind of things about the general problem of making a good embedded app. As always there will be door prizes and a grand time chatting with fellow geeks. Remember, if you want vegetarian or kosher meals please RSVP right away. Other than that RSVPs are encouraged but not required (and thx to everyone who has already. You know who you are.) You can reply to me privately if it's easier than hitting the web gadget (meetReg.html). . | . Heather Stern --->*<--- Starshine Technical Services ' | ` BALUG Webmaster _______________________________________________ Balug-talk mailing list Balug-talk at balug.org http://www.balug.org/mailman/listinfo/balug-talk ----- End forwarded message ----- From claw at kanga.nu Fri Jan 24 23:47:24 2003 From: claw at kanga.nu (J C Lawrence) Date: Fri, 24 Jan 2003 23:47:24 -0800 Subject: OT: Conference venues and audio recording? Message-ID: <29504.1043480844@kanga.nu> This is wildly off-topic, for which I apologise profusely. I'm hoping y'all have worked with small conferences enough to know some ropes I don't. I'm setting up a small technical conference in a couple months and am looking for a venue. We're also looking for a cheap audio setup so that we can record the talks, Q&A's etc. The constraints: -- Cheap. This is a small technical hobbyist group. -- Preferably near SJC (weekend of 8th March, same week as GDC -- the audience will also be at GDC). -- Space for ~30 people, a speakers area, and tables -- Not a banked theater of seats. Conversation and milling about are essential components of the affair. -- Audio setup could be as simple as a couple mics for the speakers and one on the floor for Q&A. Ultimately we just want MP3's out of it. -- 'Net connectivity is good, not essential. Wireless, even slow wireless or POTS dialup is just fine. Suggestions? Please reply off-list and I'll summarise if/as requested. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw at kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live. From tony at usenix.org Wed Jan 29 13:47:19 2003 From: tony at usenix.org (Tony Del Porto) Date: Wed, 29 Jan 2003 13:47:19 -0800 Subject: moving machine room - need wiring contractor Message-ID: <3D55302E-33D3-11D7-A290-00039346994C@usenix.org> Hey folks, We're moving our machine room and need a good wiring contractor to isolate and move our active T1s from a mess of unused copper and T1 loopback equipment. Any recommendations? Thanks! Tony From jxh at jxh.com Wed Jan 29 14:13:45 2003 From: jxh at jxh.com (Jim Hickstein) Date: Wed, 29 Jan 2003 14:13:45 -0800 Subject: moving machine room - need wiring contractor In-Reply-To: <3D55302E-33D3-11D7-A290-00039346994C@usenix.org> References: <3D55302E-33D3-11D7-A290-00039346994C@usenix.org> Message-ID: <33010000.1043878425@jxh.mirapoint.com> Donny Walker of Walker Communications was a vendor I used some years ago to wire up a new building. He and his team did an outstanding job. www.walkercomm.com From dsmith at FinancialEngines.com Wed Jan 29 14:16:34 2003 From: dsmith at FinancialEngines.com (David Smith) Date: Wed, 29 Jan 2003 14:16:34 -0800 Subject: moving machine room - need wiring contractor In-Reply-To: <3D55302E-33D3-11D7-A290-00039346994C@usenix.org> References: <3D55302E-33D3-11D7-A290-00039346994C@usenix.org> Message-ID: <20030129221634.GD3626@mayhem.pa.fngn.com> Tony, TD Communications has done amazing work for us and are very quick. www.tdcommunications.com Cheers, David On Wed, 29 Jan 2003, Tony Del Porto wrote: > Hey folks, > > We're moving our machine room and need a good wiring contractor to > isolate and move our active T1s from a mess of unused copper and T1 > loopback equipment. Any recommendations? > > Thanks! > > Tony -- David Smith Voice: 650-565-7750 Fax: 650-565-4905 From strata at virtual.net Wed Jan 29 15:12:48 2003 From: strata at virtual.net (Strata Rose Chalup) Date: Wed, 29 Jan 2003 18:12:48 -0500 Subject: unix laptop question: closing the lid Message-ID: <3E385FF0.F3632A11@virtual.net> Hi folks, Can anyone point me to an easy way to have BSD or Linux running on a laptop and *not* go to sleep or hibernate when the lid is closed? Here in our motorhome, space is at a premium, and cats roam all horizontal surfaces. Thus re-using my old laptop as a server requires that the lid be kept closed. Sure, I could break off the plastic flanges that activate the "lid is closed" microswitch, but I would really rather not trash the laptop. Of course, if the screen is on all the time with the lid closed, that generates quite a bit of heat from the backlighting, so I need a way to lie to APM and have it turn off the screen for me, too. The laptop in question is a Thinkpad 770. I haven't decided for sure if I am going to run NetBSD or RedHat on it. I'll be administering it via the local LAN. thanks much, Strata -- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** ========================================================================= From jadelman2000 at yahoo.com Wed Jan 29 16:28:26 2003 From: jadelman2000 at yahoo.com (Jesse Adelman) Date: Wed, 29 Jan 2003 16:28:26 -0800 (PST) Subject: unix laptop question: closing the lid In-Reply-To: <3E385FF0.F3632A11@virtual.net> Message-ID: <20030130002826.14240.qmail@web10107.mail.yahoo.com> Hi, Strata, Check out these two web sites: http://panopticon.csustan.edu/thood/tp600lnx.htm and http://www.linux-laptop.net/ The first site is the home of Thomas Hood's excellent "Debian GNU/Linux on the Thinkpad 600" You may be saying "but I have a 770" - don't miss his excellent tpctl utilities for controlling the firmware of the Thinkpads, including system state. The second site is a general site for Linux on Laptops. I have a Thinkpad 600X with dual-boot W2K and Red Hat 7.3 + Ximian, and it's sweet. Got rsync+ssh syncing backups to my desktop, and de-uglified the fonts (via Thomas Hood's site), and I've got a slick machine. Not using it for a "server", but I do use it in my consulting work to demonstrate Web apps I'm testing and deploying using Apache. Good luck, Jesse Adelman --- Strata Rose Chalup wrote: > > Hi folks, > > Can anyone point me to an easy way to have BSD or Linux running on > a laptop and *not* go to sleep or hibernate when the lid is closed? > > Here in our motorhome, space is at a premium, and cats roam all > horizontal surfaces. Thus re-using my old laptop as a server > requires > that the lid be kept closed. Sure, I could break off the plastic > flanges that activate the "lid is closed" microswitch, but I would > really rather not trash the laptop. Of course, if the screen is on > all the time with the lid closed, that generates quite a bit of > heat from the backlighting, so I need a way to lie to APM and have > it turn off the screen for me, too. > > The laptop in question is a Thinkpad 770. I haven't decided for > sure if I am going to run NetBSD or RedHat on it. I'll be > administering it via the local LAN. > > thanks much, > Strata > > -- > ======================================================================== > Strata Rose Chalup [KF6NBZ] strata "@" > virtual.net > VirtualNet Consulting > http://www.virtual.net/ > ** Project Management & Architecture for ISP/ASP Systems Integration > ** > ========================================================================= ===== -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jesse Adelman http://www.boldandbusted.com/ (just resume now) -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ From sc at sfik.com Wed Jan 29 15:47:10 2003 From: sc at sfik.com (Simon Cooper) Date: Wed, 29 Jan 2003 15:47:10 -0800 (PST) Subject: unix laptop question: closing the lid In-Reply-To: <3E385FF0.F3632A11@virtual.net> Message-ID: What happens when the lid closes is normally a BIOS setting. I've used a very old Thinkpad 720 as a server in exactly the way you want. I've had success with Linux when the kernel has been built with APM. You'll also want to turn on the power saving feature of CONFIG_APM_DISPLAY_BLANK. Either switch away from X or don't run it. You should then be able to close the lid and it will blank some time later (a BIOS setting controlled this value as well). If you don't want the disk to run all the time, then either use the BIOS to set the idle timeout or use "hdparm". I've found that shutting disks down doesn't work well with journaling filesystem (they keep spinning the disk up), I think there *used* to be special code in Linux's ext2 to not sync if only the superblock timestamp was to be updated. I don't know if this is still true. Oh, yeah - also mount the FS "noatime" so that cached file accesses won't cause a disk write. Caveat: my ThinkPad is/was very old - a folding keyboard type with only a 486SX processor! This stuff may not work as well on newer more "fancy" hardware. Good luck, Simon. On Wed, 29 Jan 2003, Strata Rose Chalup wrote: > > Hi folks, > > Can anyone point me to an easy way to have BSD or Linux running on > a laptop and *not* go to sleep or hibernate when the lid is closed? > > Here in our motorhome, space is at a premium, and cats roam all > horizontal surfaces. Thus re-using my old laptop as a server requires > that the lid be kept closed. Sure, I could break off the plastic > flanges that activate the "lid is closed" microswitch, but I would > really rather not trash the laptop. Of course, if the screen is on > all the time with the lid closed, that generates quite a bit of > heat from the backlighting, so I need a way to lie to APM and have > it turn off the screen for me, too. > > The laptop in question is a Thinkpad 770. I haven't decided for > sure if I am going to run NetBSD or RedHat on it. I'll be > administering it via the local LAN. > > thanks much, > Strata > > From jesse at boldandbusted.com Wed Jan 29 16:16:48 2003 From: jesse at boldandbusted.com (Jesse Adelman) Date: Wed, 29 Jan 2003 16:16:48 -0800 (PST) Subject: unix laptop question: closing the lid In-Reply-To: <3E385FF0.F3632A11@virtual.net> Message-ID: <20030130001648.85753.qmail@web10105.mail.yahoo.com> Hi, Strata, Check out these two web sites: http://panopticon.csustan.edu/thood/tp600lnx.htm and http://www.linux-laptop.net/ The first site is the home of Thomas Hood's excellent "Debian GNU/Linux on the Thinkpad 600" You may be saying "but I have a 770" - don't miss his excellent tpctl utilities for controlling the firmware of the Thinkpads, including system state. The second site is a general site for Linux on Laptops. I have a Thinkpad 600X with dual-boot W2K and Red Hat 7.3 + Ximian, and it's sweet. Got rsync+ssh syncing backups to my desktop, and de-uglified the fonts (via Thomas Hood's site), and I've got a slick machine. Not using it for a "server", but I do use it in my consulting work to demonstrate Web apps I'm testing and deploying using Apache. Good luck, Jesse Adelman --- Strata Rose Chalup wrote: > > Hi folks, > > Can anyone point me to an easy way to have BSD or Linux running on > a laptop and *not* go to sleep or hibernate when the lid is closed? > > Here in our motorhome, space is at a premium, and cats roam all > horizontal surfaces. Thus re-using my old laptop as a server > requires > that the lid be kept closed. Sure, I could break off the plastic > flanges that activate the "lid is closed" microswitch, but I would > really rather not trash the laptop. Of course, if the screen is on > all the time with the lid closed, that generates quite a bit of > heat from the backlighting, so I need a way to lie to APM and have > it turn off the screen for me, too. > > The laptop in question is a Thinkpad 770. I haven't decided for > sure if I am going to run NetBSD or RedHat on it. I'll be > administering it via the local LAN. > > thanks much, > Strata > > -- > ======================================================================== > Strata Rose Chalup [KF6NBZ] strata "@" > virtual.net > VirtualNet Consulting > http://www.virtual.net/ > ** Project Management & Architecture for ISP/ASP Systems Integration > ** > ========================================================================= ===== -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jesse Adelman http://www.boldandbusted.com/ (just resume now) -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ From kovar at 1srg.org Wed Jan 29 17:04:23 2003 From: kovar at 1srg.org (David C. Kovar) Date: Wed, 29 Jan 2003 17:04:23 -0800 Subject: moving machine room - need wiring contractor In-Reply-To: <20030129221634.GD3626@mayhem.pa.fngn.com> Message-ID: <003101c2c7fb$8ab60aa0$01000001@DCKDesktop> I will second this recommendation. I've used TD Communications for about 6 years now and am immensely pleased with them. -David -----Original Message----- From: owner-baylisa at baylisa.org [mailto:owner-baylisa at baylisa.org] On Behalf Of David Smith Sent: Wednesday, January 29, 2003 2:17 PM To: Tony Del Porto Cc: baylisa at baylisa.org Subject: Re: moving machine room - need wiring contractor Tony, TD Communications has done amazing work for us and are very quick. www.tdcommunications.com Cheers, David On Wed, 29 Jan 2003, Tony Del Porto wrote: > Hey folks, > > We're moving our machine room and need a good wiring contractor to > isolate and move our active T1s from a mess of unused copper and T1 > loopback equipment. Any recommendations? > > Thanks! > > Tony -- David Smith Voice: 650-565-7750 Fax: 650-565-4905 From lanning at monsoonwind.com Wed Jan 29 17:52:05 2003 From: lanning at monsoonwind.com (Robert Hajime Lanning) Date: Thu, 30 Jan 2003 01:52:05 +0000 (UTC) Subject: unix laptop question: closing the lid In-Reply-To: <3E385FF0.F3632A11@virtual.net> Message-ID: I have a Thinkpad 600X. There is an option to not have the lid do anything. Two ways to configure this. One is with the PS2.EXE program (for DOS) that can set this up. The other is the tpctl program for Linux. This requires a kernel module called thinkpad.o to be loaded. (available from the same place as tpctl.) On Wed, 29 Jan 2003, Strata Rose Chalup wrote: > > Hi folks, > > Can anyone point me to an easy way to have BSD or Linux running on > a laptop and *not* go to sleep or hibernate when the lid is closed? > > Here in our motorhome, space is at a premium, and cats roam all > horizontal surfaces. Thus re-using my old laptop as a server requires > that the lid be kept closed. Sure, I could break off the plastic > flanges that activate the "lid is closed" microswitch, but I would > really rather not trash the laptop. Of course, if the screen is on > all the time with the lid closed, that generates quite a bit of > heat from the backlighting, so I need a way to lie to APM and have > it turn off the screen for me, too. > > The laptop in question is a Thinkpad 770. I haven't decided for > sure if I am going to run NetBSD or RedHat on it. I'll be > administering it via the local LAN. > > thanks much, > Strata > > -- END OF LINE From alvin at maggie.linux-consulting.com Thu Jan 30 13:35:00 2003 From: alvin at maggie.linux-consulting.com (alvin at maggie.linux-consulting.com) Date: Thu, 30 Jan 2003 13:35:00 -0800 (PST) Subject: bad customers and court cases Message-ID: hi ya sysadminers donno if this is off topic or not...but am betting that some of you been thru this loop before... and maybe entertaining to those that havent yet had the pleasure of bad clients just curious if any of you have taken your ex-clients to court ( small claims in my case ) anyway .. they didnt pay their invoices.. so i filed suit... and the fun starts they in turn claiming all kinds of jibberish for non-payment long after 1-2 month the contract ended - one of their made up invoices is to bill me for not providing passwds ... that they spent $3500 to get root acces amongst 3 people w/ PhDs - yes, i told um to do the following on linux boxes reboot lilo# init 1 # passwd reboot but their wanna-be nt weinnies dont get it...some of them w/ PhDs ... actually lots of um "claim" to have PhDs - and it took them 3 weeks to move a working lan from the old office to their new offices... - i say just change the wan ip# on the router and they would have been done - other hilarious part ... they moved their dns servers at networksolutions and blame me and billed me for going offline :-) ( they had fri-sat-sun to make sure its all right.. but didnt do so ) = = anyway... how you can help ?? = - please forward me offline, that you can get into a linux box ( when you're sitting in front of it ) ... that you can get into any linux box in a matter of 2-3 minutes ( few seconds from the lilo prompt ) - only first names will be used to show that people ( competent ones ) can get into any linux box in a few minutes - nope.. i didnt install any passwd to lilo ... -- putting on the asbestos just in case :-) thanx alvin From gwen at reptiles.org Thu Jan 30 14:16:20 2003 From: gwen at reptiles.org (Gwendolynn ferch Elydyr) Date: Thu, 30 Jan 2003 17:16:20 -0500 (EST) Subject: bad customers and court cases In-Reply-To: Message-ID: <20030130170111.E420-100000@iguana.reptiles.org> On Thu, 30 Jan 2003 alvin at maggie.linux-consulting.com wrote: > just curious if any of you have taken your ex-clients to > court ( small claims in my case ) I've yet to actually end up in court, but I've certainly had to go through the preliminaries before. > anyway .. they didnt pay their invoices.. > so i filed suit... and the fun starts Did you have written documentation of what they expected you to do, and what the completion criteria were? > they in turn claiming all kinds of jibberish for non-payment > long after 1-2 month the contract ended > > - one of their made up invoices is to bill me for not providing > passwds ... that they spent $3500 to get root acces amongst > 3 people w/ PhDs Did you provide them with password? (not how to change them, but with the passwords?), and was that specified in your written scope of work? > but their wanna-be nt weinnies dont get it...some of them > w/ PhDs ... actually lots of um "claim" to have PhDs > > - and it took them 3 weeks to move a working lan from the old office > to their new offices... > - i say just change the wan ip# on the router and they would > have been done > > - other hilarious part ... they moved their dns servers at > networksolutions and blame me and billed me for going offline :-) > ( they had fri-sat-sun to make sure its all right.. but didnt do > so ) > > = anyway... how you can help ?? I'm going to sound dreadfully patrician for a momment. If you're working as a consultant, you have to leave the BOFH attitude at home. I know that this list isn't necessarily one that your client subscribes to - but it's absolutely amazing how far one misaimed comment can go. > - please forward me offline, that you can get into a linux > box ( when you're sitting in front of it ) ... that you can > get into any linux box in a matter of 2-3 minutes > ( few seconds from the lilo prompt ) > - only first names will be used to show that > people ( competent ones ) can get into any linux box in > a few minutes *blink* I think that I'm missing something here. Am I correct in reading that you want professional sysadmins to send you documented evidence of being able to easily hack into a linux box for entry into the court record? > -- putting on the asbestos just in case :-) I'm going to flame a little bit here. I empathize strongly with the desire to get paid for the work that you've done. It really sucks to get stiffed. _However_ If you're doing consulting work, you desperately need a written scope of work that both parties have signed off on, with completion criteria. That way, there's no ambiguity about whether the job has actually been performed as desired. To turn things around: "We hired a consultant that came in and did a bunch of stuff for us. Since then, our office LAN has been down for weeks, we can't login to our linux boxes (and haven't been given passwords either!), our website hasn't been reachable, and the consultant keeps on telling us that we're all idiots. Obviously, since we've had so many problems, we don't want to pay the consultant until they're all fixed - so now s/he's taking us to court!" Sounds like a pretty justifiable complaint to me. Perhaps you can add some more details about what work was expected, so that it's clearer that your complaint is justified. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." From jimd at starshine.org Thu Jan 30 14:28:33 2003 From: jimd at starshine.org (Jim) Date: Thu, 30 Jan 2003 14:28:33 -0800 Subject: bad customers and court cases In-Reply-To: References: Message-ID: <20030130222833.GB7392@mars.starshine.org> On Thu, Jan 30, 2003 at 01:35:00PM -0800, alvin at maggie.linux-consulting.com wrote: > > hi ya sysadminers > donno if this is off topic or not...but am betting > that some of you been thru this loop before... > and maybe entertaining to those that havent yet had the pleasure > of bad clients > just curious if any of you have taken your ex-clients to > court ( small claims in my case ) > > anyway .. they didnt pay their invoices.. > so i filed suit... and the fun starts > > they in turn claiming all kinds of jibberish for non-payment > long after 1-2 month the contract ended > > - one of their made up invoices is to bill me for not providing > passwds ... that they spent $3500 to get root acces amongst > 3 people w/ PhDs > > - yes, i told um to do the following on linux boxes > > reboot > lilo# init 1 > # passwd > reboot > > but their wanna-be nt weinnies dont get it...some of them > w/ PhDs ... actually lots of um "claim" to have PhDs > > - and it took them 3 weeks to move a working lan from the old office > to their new offices... > - i say just change the wan ip# on the router and they would > have been done > > - other hilarious part ... they moved their dns servers at > networksolutions and blame me and billed me for going offline :-) > ( they had fri-sat-sun to make sure its all right.. but didnt do > so ) > > = > = anyway... how you can help ?? > = > - please forward me offline, that you can get into a linux > box ( when you're sitting in front of it ) ... that you can > get into any linux box in a matter of 2-3 minutes > ( few seconds from the lilo prompt ) > - only first names will be used to show that > people ( competent ones ) can get into any linux box in > a few minutes As the Linux Gazette Answer Guy I've answered this question MANY times. It's readily found in google with the phrase: linux lost password ... (4th link down when I just did it now). Here it is summarized for you: LILO: type init=/bin/sh rw mount /usr # ignore errors if /usr not sep. fs passwd sync umount /usr # ignore error mount -o remount,ro / exec /sbin/init 6 Actually uses a whole nine steps --- two of which are harmlessly superfluous on systems where /usr isn't a separate filesystem. > - nope.. i didnt install any passwd to lilo ... I've written more detailed description of how to break in using a rescue disc/diskette, mostly: fdisk -l for each type 83 partition: mount it on /mnt/tmp look for a /mnt/tmp/etc directory (and confirm that this is really your desired rootfs) if found rootfs: mount *its* /usr on /mnt/tmp/usr break cd /mnt/tmp chroot . /bin/sh passwd exit cd / umount /mnt/tmp/usr umount /mnt/tmp reboot ... about a baker's dozen steps to this procedure, complicated by a loop, conditional and break while searching for the rootfs. > -- putting on the asbestos just in case :-) > thanx > alvin Can you tell I've been doing exactly this kind of support blindly for lots of people all over the world for about six years? -- Jim Dennis From bill at wards.net Thu Jan 30 15:18:01 2003 From: bill at wards.net (William R Ward) Date: Thu, 30 Jan 2003 15:18:01 -0800 Subject: bad customers and court cases In-Reply-To: <20030130170111.E420-100000@iguana.reptiles.org> References: <20030130170111.E420-100000@iguana.reptiles.org> Message-ID: <15929.45737.351642.309869@komodo.home.wards.net> Gwendolynn ferch Elydyr writes: >*blink* I think that I'm missing something here. Am I correct in reading >that you want professional sysadmins to send you documented evidence of >being able to easily hack into a linux box for entry into the court >record? If you have console access you can hack into anything. That's not news. He's not talking about having professional sysadmins tell how to hack into a linux box over a network! But for the most part, I find I have to agree with your analysis. If Alvin met a set of *written* objectives and didn't get paid, then I hope he wins. But I get the impression that is not the case, and he's likely to be laughed out of court if not countersued. But IANAL. --Bill. -- William R Ward bill at wards.net http://www.wards.net/~bill/ ----------------------------------------------------------------------------- "A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines." - Emerson From chuck+baylisa at 2003.snew.com Thu Jan 30 16:27:30 2003 From: chuck+baylisa at 2003.snew.com (Chuck Yerkes) Date: Thu, 30 Jan 2003 19:27:30 -0500 Subject: bad customers and court cases In-Reply-To: References: Message-ID: <20030131002730.GA25553@snew.com> Quoting alvin at maggie.linux-consulting.com (alvin at maggie.linux-consulting.com): ... > dunno if this is off topic or not...but am betting > that some of you been thru this loop before... > and maybe entertaining to those that havent yet had the pleasure > of bad clients > > just curious if any of you have taken your ex-clients to > court ( small claims in my case ) I'm going to look at the Meta level of this. I used to consult in film (both computer and film work) and I mostly just consult computer stuff now. I just came off 4 years in a Pro Services group for a company. My first manager there wasn't quite my style. She was very managerial and you could see training kick in. Fine manager, just not personally my style. HOWEVER, in calls and on client visits, she honed right in on objectives. Early on: What do we need to have done to get paid by you? What is the sign off point? And we always worked towards that. I recall her every time I work with a client now. It's not new, but keeping that goal in mind is KEY when working as a consultant. Documenting it at the start and having EVERY STATUS report to the client cover where we are in relation to that. At no point should we be unclear about the goal. If the client starts with "I thought YOU guys would setup the load balancer" we can clearly point out that that's not in our goals - though we'd be happy to alter the contract (and price) and take care of that. Okay, that said: As an indy consultant (film and 'puter), an appropriate way to get paid is to use a "mechanic's lien." This is an instrument that basically came from "I did work (on your car?) and you didn't pay me." I've also learned from a partner to never threaten suit. If you're serious, file the suit and threaten not to drop it. Certainly, you may *discuss* it with the client, but threats are empty. There's no way I can comment on your circumstances; IANAL and all that. It's sad that it gets to this point. It's always best to work out what would make the client happy and what they and you would be willing to settle for. I've settled in a court hallway before (idiot landlord). The legal action can provide a time motivator for all parties. From chuck+baylisa at 2003.snew.com Thu Jan 30 16:32:11 2003 From: chuck+baylisa at 2003.snew.com (Chuck Yerkes) Date: Thu, 30 Jan 2003 19:32:11 -0500 Subject: unix laptop question: closing the lid In-Reply-To: References: <3E385FF0.F3632A11@virtual.net> Message-ID: <20030131003211.GB25553@snew.com> Quoting Robert Hajime Lanning (lanning at monsoonwind.com): > I have a Thinkpad 600X. There is an option to not have the lid do anything. Are there heat implications to this? I used to have a Vaio 14" laptop (terrible support for anything, tho FreeBSD was stable - tho without support for the modem, firewire, or sound and X ran only with a native Linux driver at the time). One week it decided that it would no longer sleep on close. I learned this with a very warm laptop bag and near dead batteries as I got onto a plane. Rather than really chasing down the problem, I turned it into a Mac and my life was better. But the Vaio in this state seemed warm and I wondered if the design presumed some airflow from the vents and keyboard above. From berry at housebsd.org Thu Jan 30 16:43:55 2003 From: berry at housebsd.org (Sean Berry) Date: Thu, 30 Jan 2003 18:43:55 -0600 (CST) Subject: unix laptop question: closing the lid In-Reply-To: <20030131003211.GB25553@snew.com> Message-ID: > I used to have a Vaio 14" laptop (terrible support for anything, tho > FreeBSD was stable - tho without support for the modem, firewire, or > sound and X ran only with a native Linux driver at the time). > > One week it decided that it would no longer sleep on close. I learned > this with a very warm laptop bag and near dead batteries as I got onto a > plane. Rather than really chasing down the problem, I turned it into a > Mac and my life was better. > > But the Vaio in this state seemed warm and I wondered if the design > presumed some airflow from the vents and keyboard above. Several of the machines I've owned seem to have this assumption. From cyrus at lendvay.com Thu Jan 30 17:03:57 2003 From: cyrus at lendvay.com (Cyrus Lendvay) Date: Thu, 30 Jan 2003 17:03:57 -0800 Subject: unix laptop question: closing the lid In-Reply-To: References: Message-ID: <3E39CB7D.1010001@lendvay.com> Yes, many laptops (Dell's for sure) use the keyboard for heat disbursement. Don't know if the IBM's do the same. -Cyrus Sean Berry wrote: >>But the Vaio in this state seemed warm and I wondered if the design >>presumed some airflow from the vents and keyboard above. >> >> > >Several of the machines I've owned seem to have this assumption. > > From lanning at monsoonwind.com Thu Jan 30 17:06:33 2003 From: lanning at monsoonwind.com (Robert Hajime Lanning) Date: Fri, 31 Jan 2003 01:06:33 +0000 (UTC) Subject: unix laptop question: closing the lid In-Reply-To: <20030131003211.GB25553@snew.com> Message-ID: The original question was stating that this machine would be a server sitting on a table. I never pack up my thinkpad without it atleast suspended. If you are running the CPU at full power you must have ventilation. Also, the longest battery life I have seen with these machines is about 3.5 hours. I can have my thinkpad suspended to memory for about 3 days. In hibernation (suspend to disk) it is indefinit. On Thu, 30 Jan 2003, Chuck Yerkes wrote: > Quoting Robert Hajime Lanning (lanning at monsoonwind.com): > > I have a Thinkpad 600X. There is an option to not have the lid do anything. > > Are there heat implications to this? > > I used to have a Vaio 14" laptop (terrible support for anything, > tho FreeBSD was stable - tho without support for the modem, > firewire, or sound and X ran only with a native Linux driver > at the time). > > One week it decided that it would no longer sleep on close. > I learned this with a very warm laptop bag and near dead > batteries as I got onto a plane. Rather than really chasing > down the problem, I turned it into a Mac and my life was > better. > > But the Vaio in this state seemed warm and I wondered if the design > presumed some airflow from the vents and keyboard above. > > -- END OF LINE From windsor at warthog.com Thu Jan 30 18:26:13 2003 From: windsor at warthog.com (Rob Windsor) Date: Thu, 30 Jan 2003 20:26:13 -0600 Subject: unix laptop question: closing the lid In-Reply-To: Your message of "Thu, 30 Jan 2003 17:03:57 PST." <3E39CB7D.1010001@lendvay.com> Message-ID: <200301310226.h0V2QEk24441@warthog.com> On Thu, 30 Jan 2003 17:03:57 PST, verily did Cyrus Lendvay write: > Yes, many laptops (Dell's for sure) use the keyboard for heat > disbursement. Don't know if the IBM's do the same. Laptops that rely largely on the keyboard for heat dissipation would be rather useless with a docking station or port replicator (with monitor, where lid is kept closed). IBM laptops have had an internal cooling fan for quite some time. I've used an IBM lapdog 600X and T21 for long periods ( >10 hrs) with the lid closed. I would expect that Strata's 770 to be fine in that respect. Rob++ ---------------------------------------- Internet: windsor at warthog.com __o Life: Rob at Carrollton.Texas.USA.Earth _`\<,_ (_)/ (_) The weather is here, wish you were beautiful. From brian.street at bayarea.net Thu Jan 30 18:59:22 2003 From: brian.street at bayarea.net (Brian Street) Date: Thu, 30 Jan 2003 18:59:22 -0800 Subject: Wireless questions Message-ID: Hello everyone, I wonder how many of you out there have experience in wireless networks. I'm being asked by a client if it is possible to set up a wireless network for 125 tenants in an apartment complex. Of course, I said it was but wasn't very sure as to the costs involved. Unfortunately, I don't have any experience with wireless networks. I think I have him talked into upgrading from his IDSL to a T1 if I can provide the information for the infrastructure. The way I figure it, I should be able to get a wireless router and a Linux box to interface between the ISP's router and the tenants and their up! Of course, the questions I have are: 1.) Does it make a difference how big the router is (duh?) for 125 users? 2.) Is the T1 sufficient for the internet pipe? I thought it probably should be because most of the bottleneck might be in the wireless side anyway since it can't operate at 10 Mb yet, right? I presume I would need a server, with user accounts, as well though to keep freeloaders off the network. Thanks for all input. Brian. From jxh at jxh.com Thu Jan 30 19:30:23 2003 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 30 Jan 2003 19:30:23 -0800 Subject: Wireless questions In-Reply-To: References: Message-ID: <2147483647.1043955023@[10.9.18.6]> > I wonder how many of you out there have experience in wireless networks. I know somehow who does. See www.bawug.org, and talk to Tim Pozar. He's spoken at several BayLISA meetings about this sort of thing. As for the T1, my cable-modem provider seems to have dozens of subscribers (in an apartment complex) sharing a single T1. The RF segment in this case is wired, and nominal 10Mbps. Seems to work OK. There are also outfits that sell equipment into that market; let me see, what was their name? Office on Arques just east of Central.... From brian.street at bayarea.net Thu Jan 30 19:39:56 2003 From: brian.street at bayarea.net (Brian Street) Date: Thu, 30 Jan 2003 19:39:56 -0800 Subject: Wireless questions In-Reply-To: <2147483647.1043955023@[10.9.18.6]> Message-ID: Thanks Jim. The kicker here is that the ISP doesn't provide any services other than the T1 drop, so I'll have to build out the rest of the network. As it turns out, tonight was the monthly bawug meeting and I've missed it! Brian. -----Original Message----- From: Jim Hickstein [mailto:jxh at jxh.com] Sent: Thursday, January 30, 2003 7:30 PM To: Brian Street Cc: baylisa at baylisa.org Subject: Re: Wireless questions > I wonder how many of you out there have experience in wireless networks. I know somehow who does. See www.bawug.org, and talk to Tim Pozar. He's spoken at several BayLISA meetings about this sort of thing. As for the T1, my cable-modem provider seems to have dozens of subscribers (in an apartment complex) sharing a single T1. The RF segment in this case is wired, and nominal 10Mbps. Seems to work OK. There are also outfits that sell equipment into that market; let me see, what was their name? Office on Arques just east of Central.... From david at catwhisker.org Thu Jan 30 19:42:42 2003 From: david at catwhisker.org (David Wolfskill) Date: Thu, 30 Jan 2003 19:42:42 -0800 (PST) Subject: Wireless questions In-Reply-To: Message-ID: <200301310342.h0V3ggrj017940@bunrab.catwhisker.org> >From: "Brian Street" >Date: Thu, 30 Jan 2003 18:59:22 -0800 >I wonder how many of you out there have experience in wireless networks. I'm >being asked by a client if it is possible to set up a wireless network for >125 tenants in an apartment complex. Of course, I said it was but wasn't >very sure as to the costs involved. Unfortunately, I don't have any >experience with wireless networks. I suggest you take a look at the Bay Area Wireless User Group (BAWUG; Web site http://www.bawig.org/). I'm at one of the BAWUG meetings as I type this. >.... >Of course, the questions I have are: >1.) Does it make a difference how big the router is (duh?) for 125 users? >2.) Is the T1 sufficient for the internet pipe? A lot is going to depend on usage patterns: if the net is idle except for 10 AM - 11 AM on odd-numbered Tuesdays, and then all 125 users are trying to download ISO images at once, your average utilization will be low, and you'll likely have 125 unhappy former customers. >I thought it probably should be because most of the bottleneck might be in >the wireless side anyway since it can't operate at 10 Mb yet, right? It's true that the wireless generally doesn't get to 10 Mb/s; but the T1 is only 1.544 Mb/s -- and 802.11b definitely can swamp that, no problem. >I presume I would need a server, with user accounts, as well though to keep >freeloaders off the network. You could probably do a lot worse than to research "NoCat Authentication". Cheers, david (links to my resume at http://www.catwhisker.org/~david) -- David H. Wolfskill david at catwhisker.org I have no confidence in results obtained through the use of Microsoft products. From jxh at jxh.com Thu Jan 30 20:47:02 2003 From: jxh at jxh.com (Jim Hickstein) Date: Thu, 30 Jan 2003 20:47:02 -0800 Subject: Wireless questions In-Reply-To: References: Message-ID: <2147483647.1043959622@[10.9.18.6]> > The kicker here is that the ISP doesn't provide any services other than > the T1 drop, so I'll have to build out the rest of the network. (I can't resist a plug.) Go check out http://www.imap-partners.net/ . It's me, plus some other guys. If I may say so, we possess clue. We could talk to you about a reseller arrangement. (Or you could host a single domain for all these people.) If web hosting is required, we can talk about that as well. > As it turns out, tonight was the monthly bawug meeting and I've missed it! D'oh! From chuck+baylisa at 2003.snew.com Thu Jan 30 22:14:40 2003 From: chuck+baylisa at 2003.snew.com (Chuck Yerkes) Date: Fri, 31 Jan 2003 01:14:40 -0500 Subject: Wireless questions In-Reply-To: References: Message-ID: <20030131061440.GA27405@snew.com> Quoting Brian Street (brian.street at bayarea.net): > I wonder how many of you out there have experience in wireless > networks. I'm being asked by a client if it is possible to set up > a wireless network for 125 tenants in an apartment complex. Of > course, I said it was but wasn't ... Bear with me for a moment... I just bought a house in an area of oakland hills that had no Internet. Moving from static-IP DSL, and with a two system admin house, this was ungood. I played with getting a T1 and paying for it by doing wireless Internet for neighbors. Maybe a little cohosting for some friends who are paying for it elsewhere. All for the "cause" and all that. It was such a good idea that a guy down the street was doing just the same thing. (And a layoff meant that a cheaper solution was quickly desired, so I'm on AT&T broadband for a couple months). Okay, the guy down the street is a cellular guy, not a computer guy. So he's been recommending certain antennae (fine) and a Cisco "wireless bridge". Up to 8 ARP addresses per box for several hundred $$$. It wants line of sight from his house or the house of another person on the net. Mostly. Slightly more tangentially: I've been working with small boxes like various Soekris boxes. A pair of wireless cards means one uplink, and one (optional) for inside the house. Two built in ethernets. Boots from a compact flash, runs BSD, does NAT and IPv6 and perhaps the whole proprietary Cisco spanning tree stuff and 8 ARP addresses per remote box can go away. What are your issues gonna be? Well, walls are a big one. You don't mention the building. I talked about a T1 with an NYC apartment building near an old apartment I had. Pre-wireless, but running Ethernet to 200 apartments was pretty moot since they had cable running to all the apts. They wouldn't have done wireless because of lots of brick and plaster with wire lathe (faraday cage) meant that reception for *FM* *radio* was pretty bad. You don't mention the building, but what it's made of it key. How it's laid out is key. You're gonna have to run some cable. Either ethernet and/or antenna. Antennae only go so far, but running ethernet once for each of several apartments and burying a small A.P. either in a cooperative apt (they're not high power) is easier than Ethernet per apartment. Power over Ethernet (PoE) works for lots of newer devices. You have Coax cable to each apt (cable), how hard would it be to pull CAT 5 for each of those? Esp since 30-50% might not be interested at all at first. Hell, is injecting your own ethernet onto the Coax possible with end users using cable modems? My college redistributed cable and we added a couple channels for school use. It's doable, but you become the local cable company for the apt. dwellers. Privacy: WEP is crap. 128bit wep isn't much better than 56bit. It's like speaking piglatin, but faster to maintain privacy. Wireless invites sniffing and hacking into it. You *could* change keys every week or so. You could force an additional authentication (like hotels: log into a web page, your ARP address is allowed for N hours). IPSec for 125 people would suck. It's a problem with no simple solution. Several Access Points should cover 125+ people depending on the layout. A single box can provide two separate access points, I believe (2 or 3 cards, antennae distributed up to 30' away) There's tons of info out there and that density is not something I've dealt with. The first Apple Airports could support maybe 15 people per unit. I know that's cranked up a bunch with newer devices (including newer Airports) Antennae are key. There are several that are powerful and/or attractive for inside use. My (orig) airport doesn't cover a (good sized, non-pennisula, drywall) house well. A little antenna changes that. A good one means that I talk to the guy down the street really well (800 feet and through another house). Will a T1 work for them? I couldn't say. My (ex) office had 125 technical people on the computers a lot and a T1; worked mostly pretty well. I might run a decent mail server inside the network. 1000 people is trivial - a Pentium/600 with 256MB of RAM running an IMAP server can do what you need with decent disk. Another for anti-spam/virus filtering, maybe webmail. More value add. But that's me and I run mail a lot. Bandwidth shaping will be key (every school knows this). Limiting web per user to keep bandwidth hogs from killing everyone. Leave SOME I/O for email, etc. ALTQ does this adequately. Disruption: 802.11g is almost a spec, so products are coming out. Much faster than 11a, but that's only useful for peer to peer, not the T1. It sounds like an interesting challenge. From alvin at maggie.linux-consulting.com Fri Jan 31 03:37:32 2003 From: alvin at maggie.linux-consulting.com (alvin at maggie.linux-consulting.com) Date: Fri, 31 Jan 2003 03:37:32 -0800 (PST) Subject: bad customers and court cases - summary In-Reply-To: <200301302202.h0UM28IO016473@bunrab.catwhisker.org> Message-ID: hi all thanx to those that replied ... but... - question still stands... though i/we know the answer ( how long does it take you to log into a box that you're sitting ( in front of... and have permission to change its root passwd - the joke/annoyance is it took them 3 days and 3 PhDs and lots of emails back-n-forth ... xx telling yy what to do whom in turn tells zzz what to do... and backup that "it didnt work" ( they didnt understand the answers -- oh well .. = my stance ( in normal mode of working environment ) .. - if they/you need to ask me for the root passwd, than i say you dont need it.. they/you should know how to get root access properly and do all the proper documentation/followups ( esp since it's gonna trigger lots of my host/network IDS's ) -------- > If I wanted to get access to a box (Linux or whatever), and I had physical > access to the box, and I had available a box running something sufficiently > similar (but over which I had complete control), I would: > > * Power off the "target" box. > * Disconnect the drive(s) in question. not necessary to take those precautions ... ---------- me> anyway .. they didnt pay their invoices.. me> so i filed suit... and the fun starts > Did you have written documentation of what they expected you to do, and > what the completion criteria were? - its ongoing .. over a year.... and always changing ... "typical admin duties" > Did you provide them with password? (not how to change them, but with > the passwords?), and was that specified in your written scope of work? - they said change it... on my last day.. so i did... - i do NOT write down(save) passwd so i dont know what it was/is - 2-4 days after my last day, they figured out they dont know how to log into the box... thus the fun starts > *blink* I think that I'm missing something here. Am I correct in reading > that you want professional sysadmins to send you documented evidence of > being able to easily hack into a linux box for entry into the court > record? - think most of us, can log into a linux/*nix and even windoze boxes in a matter of minutes ... - and i wanted a list of tom/dick/harry/sally/mary/jane to give to the court ... ( just first name ) that it wont take 3 dayz and 3 PnD and and tons of "email support traffic" after the their termination of the contract ( 2 week warning ... no exit interview etc ) - but 2 months after the last day.. stil no check.. and they refusing to pay .. just to wiggle out of it.. and since they dont need any mroe help.. gues they figure why not ... and came up with a dozen ridiculous comments/statements the i'll be presenting to the court... including 3 days for PhDs to get into the linux boxes > If you're doing consulting work, you desperately need a written scope of > work that both parties have signed off on, with completion criteria. > That way, there's no ambiguity about whether the job has actually been > performed as desired. -- daily emails of what was sked to be done... what was done... and what's pending and/or action items .. - no complaints till AFTER end of contracts - no complaints for the duration of the 2 months of the contracts that they have NOT paid their bills - just a cheezy cfo that wanna save a nickel jim> LILO: type init=/bin/sh rw jim> mount /usr # ignore errors if /usr not sep. fs jim> passwd jim> jim> jim> sync jim> umount /usr # ignore error jim> mount -o remount,ro / jim> exec /sbin/init 6 we're assuming they know how to get into single user mode.... at lilo prompt ... that is probably the screwup .... - in redhat... once in single user... just use passwd .. .. reboot ... - reboot is "hit control-alt-delete" ( they are windoze winnies.. so they can do that ( w/o too much trouble - lot simpler ... jim> Can you tell I've been doing exactly this kind of support blindly jim> for lots of people all over the world for about six years? ditto... and its fun when they know what to do ... after giving um the hints and do this/that... ( for more info ... google/yahoo/excite/alltheweb it etc.. ) bill> But for the most part, I find I have to agree with your analysis. bill> If Alvin met a set of *written* objectives and didn't get paid, then bill> I hope he wins. But I get the impression that is not the case, and bill> he's likely to be laughed out of court if not countersued. But bill> IANAL. i hope they dont bother to show up .. :-) win by default.. and make it easy... - paperwork is hopefully been served properly... ( finding good/reasonalbe/knowledgeable process servers is ( no trivial matter either -- one of my points will be.. - bring me any unix box... and i'll be in that box within a minute ... after its ready for lilo prompting ... or boot> for sun.. etc.etc.. - and that all that occurred AFTER the last day of contract so it too should be billed .... in addition to prev unpaid invoices well d-day is coming up soon ... so its time to prepare and rehearse the points i'll be making in court... time to generate paperwork and documents.... in a reasonable form for the court to see/read/understand... more explantory that this outline/email stuff i type.. :-) have fun alvin From jimd at starshine.org Fri Jan 31 07:40:02 2003 From: jimd at starshine.org (Jim) Date: Fri, 31 Jan 2003 07:40:02 -0800 Subject: bad customers and court cases - summary In-Reply-To: References: <200301302202.h0UM28IO016473@bunrab.catwhisker.org> Message-ID: <20030131154002.GC11524@mars.starshine.org> On Fri, Jan 31, 2003 at 03:37:32AM -0800, alvin at maggie.linux-consulting.com wrote: > hi all > thanx to those that replied ... but... > - question still stands... though i/we know the answer > ( how long does it take you to log into a box that you're sitting > ( in front of... and have permission to change its root passwd On a bad day: 5 minutes. (About one step every 30 seconds but most of the time is waiting for the BIOS to get me to the LILO prompt). > jim> LILO: type init=/bin/sh rw > jim> mount /usr # ignore errors if /usr not sep. fs > jim> passwd > jim> > jim> > jim> sync > jim> umount /usr # ignore error > jim> mount -o remount,ro / > jim> exec /sbin/init 6 > > we're assuming they know how to get into single user mode.... at lilo > prompt ... that is probably the screwup .... > - in redhat... once in single user... > just use passwd .. .. Actually "single" is the wrong answer for many cases. Many Linux distributions have an sulogin program and will require the root password in order to log into single user mode. My directions have been battle tested on the Internet for several years. They've been refined, even updated for GRUB (which I omitted from my summary as irrelevant to Alvin's case). EVERY STEP IS THERE FOR A REASON! > bill> But for the most part, I find I have to agree with your analysis. > bill> If Alvin met a set of *written* objectives and didn't get paid, then > bill> I hope he wins. But I get the impression that is not the case, and > bill> he's likely to be laughed out of court if not countersued. But > bill> IANAL. -- Jim Dennis From strata at virtual.net Fri Jan 31 08:14:35 2003 From: strata at virtual.net (Strata Rose Chalup) Date: Fri, 31 Jan 2003 11:14:35 -0500 Subject: unix laptop question: closing the lid References: Message-ID: <3E3AA0EB.D28C76C5@virtual.net> Robert (and others), The heat issue is definitely something I'm concerned about, and plan to at least partially address by making sure that the screen, with heat-generating backlight, is off while the laptop runs. I have a small wire rack, originally sold for cooling baked goods, in the bag with each of my Thinkpads. I run them on the cooling rack, since the bottom right-hand area gets so incredibly warm, especially when the air temps are in the high 70's or above . Also, with the wire feet of the cooling rack turned outward, the surface of the rack provides an extra measure of protection for the laptop in the bag. cheers, Strata Robert Hajime Lanning wrote: > > The original question was stating that this machine would be a server sitting > on a table. -- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** ========================================================================= From strata at virtual.net Fri Jan 31 08:19:21 2003 From: strata at virtual.net (Strata Rose Chalup) Date: Fri, 31 Jan 2003 11:19:21 -0500 Subject: Wireless questions References: Message-ID: <3E3AA209.C8F15DEE@virtual.net> Brian, Sounds like a fun project! It's possible that Jamie Zawinski's linux kiosk code might be of interest as a "micro-ISP" for the apartment complex. You can find it at: http://www.dnalounge.com/backstage/src/kiosk/ I haven't tried using it yet. We keep nudging Jamie to come speak at BayLISA about running these free kiosks at his club, but he doesn't get down the peninsula very often. cheers, Strata Brian Street wrote: > ... I'm > being asked by a client if it is possible to set up a wireless network for > 125 tenants in an apartment complex. ... -- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** ========================================================================= From strata at virtual.net Fri Jan 31 08:32:10 2003 From: strata at virtual.net (Strata Rose Chalup) Date: Fri, 31 Jan 2003 11:32:10 -0500 Subject: Wireless questions References: <200301310342.h0V3ggrj017940@bunrab.catwhisker.org> Message-ID: <3E3AA50A.BEF8F892@virtual.net> Wups, I missed this in the first pass, sorry. There are now off-the-shelf boxes that implement one of two wireless protocols that will do 11Mb/s, 802.11g and some kind of extended protocol that specifically works with Apple AirPort. Here's a link on troubleshooting wireless cards, which also includes links to some mfr's cards that run 11Mb (such as my Orinoco Gold card): http://www.laptop.lib.utah.edu/global/inst/wireless_troubleshooting.html You might find the following LISA papers of interest, all about dealing with a freeform computer lab environment where you have folks who are authorized and folks who may or may not be: Dealing with Public Ethernet Jacks - Switches, Gateways, and Authentication http://www.usenix.org/publications/library/proceedings/lisa99/beck.html NetReg: An Automated DHCP Registration System http://www.usenix.org/publications/library/proceedings/lisa99/valian.html cheers, Strata David Wolfskill wrote: > >From: "Brian Street" > >I thought it probably should be because most of the bottleneck might be in > >the wireless side anyway since it can't operate at 10 Mb yet, right? > > It's true that the wireless generally doesn't get to 10 Mb/s; but the T1 > is only 1.544 Mb/s -- and 802.11b definitely can swamp that, no problem. -- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** ========================================================================= From strata at virtual.net Fri Jan 31 08:44:33 2003 From: strata at virtual.net (Strata Rose Chalup) Date: Fri, 31 Jan 2003 11:44:33 -0500 Subject: bad customers and court cases - summary References: Message-ID: <3E3AA7F1.3108D219@virtual.net> Alvin, I don't want to ruin your day, but it sounds like there's an aspect of lawsuit with which you're unfamiliar. Just because you win doesn't mean you get paid. If it is a small-claims case, with the limit of $5K maximum, there is no particular recourse if the client is ordered to pay but does not pay. In small-claims, too, the judgement is final and there is no appeal. If the amount is greater than $5K, and it is a regular court case, ie a "real" lawsuit, there is still no guarantee that you will actually be paid, and you will also have to pay legal fees whether or not the client ever pays. Collecting a judgement in a lawsuit can be quite difficult. They can also choose to appeal, which will tie up the case and cause you to spend more in legal fees. You may want to think about other ways to resolve this if you are counting on getting the money anytime soon on this. Without any speculation as to who is "in the right" here, or which party has contributed more to the disagreement, I will say this: they almost certainly have deeper pockets than you do, and if you get someone there annoyed enough they may be willing to spend several times what they actually owe you in order to get out of paying you. People are not generally rational about these things. cheers, and best of luck, Strata alvin at maggie.linux-consulting.com wrote: > i hope they dont bother to show up .. :-) win by default.. > and make it easy... > - paperwork is hopefully been served properly... > ( finding good/reasonalbe/knowledgeable process servers is > ( no trivial matter either -- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** ========================================================================= From mark at bitshift.org Fri Jan 31 09:33:07 2003 From: mark at bitshift.org (Mark C. Langston) Date: Fri, 31 Jan 2003 09:33:07 -0800 Subject: bad customers and court cases - summary In-Reply-To: ; from alvin@maggie.linux-consulting.com on Fri, Jan 31, 2003 at 03:37:32AM -0800 References: <200301302202.h0UM28IO016473@bunrab.catwhisker.org> Message-ID: <20030131093307.P281@bitshift.org> On Fri, Jan 31, 2003 at 03:37:32AM -0800, alvin at maggie.linux-consulting.com wrote: > > hi all > > thanx to those that replied ... but... > - question still stands... though i/we know the answer > ( how long does it take you to log into a box that you're sitting > ( in front of... and have permission to change its root passwd > > - the joke/annoyance is it took them 3 days and 3 PhDs and > lots of emails back-n-forth ... xx telling yy what to do whom > in turn tells zzz what to do... and backup that "it didnt work" > ( they didnt understand the answers -- oh well .. > > = my stance ( in normal mode of working environment ) .. > - if they/you need to ask me for the root passwd, than i say > you dont need it.. they/you should know how to get root > access properly and do all the proper documentation/followups > ( esp since it's gonna trigger lots of my host/network IDS's ) It sounds like they were paying you to give them (and document) root access. [...snip] > -- one of my points will be.. > - bring me any unix box... and i'll be in that box within > a minute ... after its ready for lilo prompting ... > or boot> for sun.. etc.etc.. I think the point here is not that you're capable of doing it, but that you didn't do it for the client, after not giving them access to their own systems through your actions. Forgive me, but your attitude seems to be, "I did all this work for them, and they're just too stupid to understand what a great job I did." While that may be true, it's not going to win you any sympathy in a court of law, and if you displayed any of that attitude while on the job, you probably don't have a leg to stand on (IANAL). As a consultant, you should always be the epitome of professionalism, no matter what your opinion of the client or their ability. That they are left in an untenable situation actually says more about your ability as a consultant, rather than their knowledge of computers. If you were an employee of mine, you'd be headed quickly for the door about now. -- Mark C. Langston mark at bitshift.org Systems & Network Admin http://bitshift.org From benjy at feen.com Fri Jan 31 09:48:24 2003 From: benjy at feen.com (Benjamin Feen) Date: Fri, 31 Jan 2003 09:48:24 -0800 Subject: DNA kiosks was Re: Wireless questions In-Reply-To: <3E3AA209.C8F15DEE@virtual.net> References: <3E3AA209.C8F15DEE@virtual.net> Message-ID: <20030131174824.GL26445@pianosa.catch22.org> On Fri, Jan 31, 2003 at 11:19:21AM -0500, Strata Rose Chalup wrote: > It's possible that Jamie Zawinski's linux kiosk code might be of > interest as a "micro-ISP" for the apartment complex. You can find > it at: > > http://www.dnalounge.com/backstage/src/kiosk/ > > I haven't tried using it yet. We keep nudging Jamie to come speak > at BayLISA about running these free kiosks at his club, but he doesn't > get down the peninsula very often. I use the kiosks every now and then; they really do seem to be usable and solid. One thing I don't think is mentioned on that page: the flatscreens have been made more abuse-proof with Plexiglas or something like it, since some vandal (visigoth?) punched a monitor out. It's such a nice thing to be able to go to a club while oncall, knowing that you'll be able to sit down in a corner and ssh out if necessary... Benjamin Feen benjamin(AT)feen.com http://www.monkeybagel.com From pf-baylisa at freret.org Fri Jan 31 10:59:24 2003 From: pf-baylisa at freret.org (Payne Freret) Date: Fri, 31 Jan 2003 10:59:24 -0800 Subject: bad customers and court cases - summary Message-ID: 10:30 am Fri 31 Jan 2003 Strata wrote > In small-claims, too, the judgement is final and there is > no appeal. This isn't quite correct. From the California Code of Civil Procedure, 116.710. (a) The plaintiff in a small claims action shall have no right to appeal the judgment on the plaintiff's claim, but a plaintiff who did not appear at the hearing may file a motion to vacate the judgment in accordance with Section 116.720. (b) The defendant with respect to the plaintiff's claim, and a plaintiff with respect to a claim of the defendant, may appeal the judgment to the superior court in the county in which the action was heard. Also note 116.770 (c) Article 5 (commencing with Section 116.510) on hearings in the small claims court applies in hearings on appeal in the superior court, except that attorneys may participate. Payne Freret From jxh at jxh.com Fri Jan 31 11:40:37 2003 From: jxh at jxh.com (Jim Hickstein) Date: Fri, 31 Jan 2003 11:40:37 -0800 Subject: bad customers and court cases - summary In-Reply-To: References: Message-ID: <58910000.1044042037@jxh.mirapoint.com> > (b) The defendant with respect to the plaintiff's claim, > and a plaintiff with respect to a claim of the defendant, > may appeal the judgment to the superior court in the > county in which the action was heard. But appelate courts only consider matters of law, not of fact. The judge in the lower court has to have made a mistake (in someone's opinion). Without giving my own opinion on the facts, this one sounds straightforward as a matter of law. IANAL, but it's sort of a hobby. Prediction: Since the contract was so vague, having a consultant not give you access to your own systems (without regard to competence to overcome this, on either side) will seem to a layman (such as the judge) to be a reasonable basis for a complaint; the consultant will win a judgement entiting him to partial payment for partial completion of the work (the defendant's own assessment of how much his PhDs' time is worth will be heavily discounted); and he will never collect a dime. I think I'd just write them a letter apologizing for the misunderstanding, and offering to take a partial payment in exchange for never darkening their door again. It's likely to lose you fewer other customers. (A negative customer tells ten prospects.) From pf-baylisa at freret.org Fri Jan 31 12:22:34 2003 From: pf-baylisa at freret.org (Payne Freret) Date: Fri, 31 Jan 2003 12:22:34 -0800 Subject: bad customers and court cases - summary Message-ID: 12:02 pm Fri 31 Jan 2003 After Payne wrote > > (b) The defendant with respect to the plaintiff's claim, > > and a plaintiff with respect to a claim of the defendant, > > may appeal the judgment to the superior court in the > > county in which the action was heard. Jim Hickstein countered > But appelate courts only consider matters of law, not of > fact. The judge in the lower court has to have made a > mistake (in someone's opinion). Not for appeals of Small Claims judgements. Again from the California Code of Civil Procedure, 16.770. (a) The appeal to the superior court shall consist of a new hearing before a judicial officer other than the judicial officer who heard the action in the small claims division. (d) The scope of the hearing shall include the claims of all parties who were parties to the small claims action at the time the notice of appeal was filed. The hearing shall include the claim of a defendant that was heard in the small claims court. The code used to describe the appeal as a "trial du novo." Now it calls it simply a "new hearing." Payne Freret From jxh at jxh.com Fri Jan 31 12:48:04 2003 From: jxh at jxh.com (Jim Hickstein) Date: Fri, 31 Jan 2003 12:48:04 -0800 Subject: bad customers and court cases - summary In-Reply-To: References: Message-ID: <76170000.1044046084@jxh.mirapoint.com> > Not for appeals of Small Claims judgements. Again from the > California Code of Civil Procedure, Oh! Neat! (Geez, they'll let _anybody_ use the Internet these days. :-) From dannyman at toldme.com Fri Jan 31 16:46:19 2003 From: dannyman at toldme.com (Danny Howard) Date: Fri, 31 Jan 2003 16:46:19 -0800 Subject: bad customers and court cases - summary In-Reply-To: <20030131093307.P281@bitshift.org> References: <200301302202.h0UM28IO016473@bunrab.catwhisker.org> <20030131093307.P281@bitshift.org> Message-ID: <20030201004618.GG24759@pianosa.catch22.org> On Fri, Jan 31, 2003 at 09:33:07AM -0800, Mark C. Langston wrote: > On Fri, Jan 31, 2003 at 03:37:32AM -0800, alvin at maggie.linux-consulting.com wrote: > > -- one of my points will be.. > > - bring me any unix box... and i'll be in that box within > > a minute ... after its ready for lilo prompting ... > > or boot> for sun.. etc.etc.. > > I think the point here is not that you're capable of doing it, but that > you didn't do it for the client, after not giving them access to their > own systems through your actions. > > Forgive me, but your attitude seems to be, "I did all this work for > them, and they're just too stupid to understand what a great job I did." Just to state the obvious, if your customers were smart enough to understand all this stuff on their own, they'd never have had to hire you in the first place. If you're selling your expert knowledge, then you have to package it appropriately. This sounds like: "I'm a car mechanic. I want to take my customer to court because they won't pay me. They claim I never did the work for them because when I gave them their car back, it took them two weeks to shimmy the lock, and during that whole time they couldn't drive the car anywhere to make their deliveries. They had THREE PhDs trying to follow my simple instructions to bend a coat hanger and slide it down between the window and the door panel to catch the lock. I mean, how simple is this? How long would it take you? I don't trust anyone with the keys if they can't simply break into the car inside of five minutes. It's sad enough they didn't even have a slim jim." From tony at usenix.org Fri Jan 31 23:45:30 2003 From: tony at usenix.org (Tony Del Porto) Date: Fri, 31 Jan 2003 23:45:30 -0800 Subject: Wireless questions In-Reply-To: Message-ID: <2349F19F-35B9-11D7-847D-00039346994C@usenix.org> Brian, Here's my story so far: http://www.delporto.com/tony/projects/wireless.html It isn't really the same as your situation; I have two clients in a four unit building and it is more of a co-op than a business. As others have advised wireless is tricky - things like refrigerators, thermal pane (pain) windows, and microwaves can cause periodic or permanent blocks to an otherwise strong signal. Placement is pretty important as is equipment choice. Cisco's 1200 series is *nice*, but at $700 a pop, hard to field. The 350 series is also a good choice as it has the same 100mw output as the 1200 series, but, in the basic version, doesn't have removable antennas. Cisco equipment has some monitoring features not found in consumer grade stuff, and can handle as many users as you feel like throwing at it. I know from experience that the 1200 can take an 8 foot drop and keep working....I buy stronger tape now. Have fun! Tony