From chuck+baylisa at snew.com  Thu Jul  1 12:10:19 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Thu, 1 Jul 2004 15:10:19 -0400
Subject: [NYSA] CACert: certificate authority certificates, obtain one, become issuer
Message-ID: <20040701191019.GB24635@2004.snew.com>

This just sounds interesting as an idea.  So I'm sharing.
(I don't expect that y'all will be heading to the Apple store
in NYC ;)


----- Forwarded message from Matthew Barr <mbarr at mbarr.net> -----

From: Matthew Barr <mbarr at mbarr.net>
To: nysa-members at nysa.org
Subject: [NYSA] CACert: certificate authority certificates, obtain one, become issuer

OK- I realize that this is cross posting, etc, etc, etc.  However, for  
those of you that aren't familar w/ CACert, you should be.  Who uses  
self signed certs?  This will let get you *real* certs, and possibly be  
able to help issue others.  Look it up online.  Next monday ( july 5)  
at the apple store in SoHo.

Matthew

Matthew Barr
Managing Partner
Datalyte Consulting, LLC
mailto:mbarr at datalyte.com
cell: (646) 765-6878

Begin forwarded message:

>There will be a joint event with other NYC user groups Monday, July  
>5th,
>6:00-8:00PM at the Apple(tm) Store, in SoHO.
>
>        Apple Store, 103 Prince Street, west off Broadway
>
>The visitors are CA Cert officials. Visit:
>
>        http://www.CACert.org/
>
>CA Cert is expanding their network of assurers for a free SSL
>certificate solution. Meaning, you can be issued a CACert certificate  
>of
>authority (business or individual) on the spot, OR, you can become an
>issuer of certificates.
>
>Note: You *must* bring two forms of photograph identification. For
>example, a passport, and a driver's license. Follow the identification
>requirements for obtaining a U.S. passport (as an example) and you will
>be fine. See:
>
>        http://www.usps.gov/
>
>----------------------------------------------------------------------- 
>-
>Mass Transit Directions:
>These are *approximate* directions! Quickly verify by asking a passerby
>
>Subway:
>-------
>
>R/W: *RECOMMENDED*  Take the R/W lines to the "Prince st" station.   
>Exit the
>train station and walk east on Prince st.
>
>B/D/F/V:  Take B/D/F/V lines to "Broadway-Lafayette st".  Walk east on
>Houston st until you hit Broadway.  Walk south on Broadway for a single
>block to Prince st.  Walk east on Prince st.
>
>C/E:  Take C/E lines to "Spring st".  Walk west on Spring st, until  
>you hit
>West-Broadway.  Walk north on West-Boardway for a single block to  
>Prince
>st.  Once on Prince st, walk west.
>
>Bus:
>----
>
>M1:  Take either northbound, or southbound buses, and try to get off as
>close as possible to Prince st.  You will need to walk east on Prince  
>st.
>
>M5/M21:  Take bus eastward bound on Houston St.  get off as near as  
>possible
>to Greene St, and simply walk south a single block to Prince st.
>
>M6:  Take either northbound/southbound buses, and get off as close as
>possible to Prince St.  If taking the northbound bus you will need to  
>walk
>west on Prince st.  If taking southbound Prince st, you will need to  
>walk
>east on Prince st.
>----------------------------------------------------------------------- 
>-
>
>JB: Edited and merged from copy by George Rosamond, Sunny Dubey
>_______________________________________________
>nylug-announce mailing list
>nylug-announce at mail.nylug.org
>http://www.nylug.org/mailman/listinfo/nylug-announce


From star at starshine.org  Thu Jul  1 15:38:16 2004
From: star at starshine.org (Heather Stern)
Date: Thu, 1 Jul 2004 15:38:16 -0700
Subject: July 1 Board Meeting: Pho Hoa, Mountain View, 7pm
In-Reply-To: <Pine.LNX.4.31.0406301256260.5288-100000@emperor.deirdre.org>
References: <40E3177B.6050706@virtual.net> <Pine.LNX.4.31.0406301256260.5288-100000@emperor.deirdre.org>
Message-ID: <20040701223816.GB7401@starshine.org>

On Wed, Jun 30, 2004 at 12:57:42PM -0700, Deirdre Saoirse Moen wrote:
> On Wed, 30 Jun 2004, Strata R Chalup wrote:
> 
> > Given people's usual schedule, let's go for arriving at 7pm and
> > starting the actual meeting by 7:30pm.   I will be on time unless
> > a meteor hits or a production system goes down.  :-/
> 
> Rick and I will likely be available by cell. We should be in North
> Hollywood then.

Ahhh!

Ok, I'll make sure to cell-call you guys then...


-* Heather Stern * President - BayLISA Board * http://www.baylisa.org/ *-


From star at starshine.org  Thu Jul  1 15:57:10 2004
From: star at starshine.org (Heather Stern)
Date: Thu, 1 Jul 2004 15:57:10 -0700
Subject: BayLISA Board meets tonight (July 1) 
Message-ID: <20040701225710.GC7401@starshine.org>


  If anyone is coming from the Los Gatos/Saratoga/Campbell direction 
  to go to join us at the board meeting tonight, I can ride with you.

  To your advantage I know where we are going as (of course, being
  President) I have been there a few times before.  The carpool lane
  also has its moments, at the hour we'd be travelling.

  To everyone else this merely serves as an FYI and reminder that the
  board meeting *is* tonight, so if you are interested in joining us 
  at Pho Hoa in Mountain View (Castro Street) to aid BayLISA's inner 
  workings, please do. 

-* Heather Stern * President - BayLISA Board * http://www.baylisa.org/ *-

  . | .   Heather Stern                  |         star at starshine.org
--->*<--- Starshine Technical Services - * - consulting at starshine.org
  ' | `   Sysadmin Support and Training  |        (800) 938-4078
					     cell (408) 761-4912


From alvin at Mail.Linux-Consulting.com  Thu Jul  1 16:54:48 2004
From: alvin at Mail.Linux-Consulting.com (Alvin Oga)
Date: Thu, 1 Jul 2004 16:54:48 -0700 (PDT)
Subject: BayLISA Board meets tonight (July 1) 
In-Reply-To: <20040701225710.GC7401@starshine.org>
Message-ID: <Pine.LNX.3.96.1040701165333.4235A-100000@Maggie.Linux-Consulting.com>


hi ya h

On Thu, 1 Jul 2004, Heather Stern wrote:

>   To everyone else this merely serves as an FYI and reminder that the
>   board meeting *is* tonight, so if you are interested in joining us 
>   at Pho Hoa in Mountain View (Castro Street) to aid BayLISA's inner 
>   workings, please do. 

i'll come crash your party ... to see what's cooking

and nope, i'm in the opposite direction from you guyz

c ya
alvin




From tony at usenix.org  Thu Jul  1 19:08:29 2004
From: tony at usenix.org (Tony Del Porto)
Date: Thu, 1 Jul 2004 19:08:29 -0700
Subject: [NYSA] CACert: certificate authority certificates, obtain one, become issuer
In-Reply-To: <20040701191019.GB24635@2004.snew.com>
References: <20040701191019.GB24635@2004.snew.com>
Message-ID: <B5CB5C17-CBCC-11D8-8E73-00039346994C@usenix.org>

On Jul 1, 2004, at 12:10 PM, Chuck Yerkes wrote:

> This just sounds interesting as an idea.  So I'm sharing.
> (I don't expect that y'all will be heading to the Apple store
> in NYC ;)

Please forgive this self serving post, but CACert has been at USENIX'04 
in Boston all week signing folks up and doing BoFs.

O'Reilly has a piece here:

http://www.onlamp.com/pub/wlg/5142

I spoke with a marketing and pr guy a bit about getting organizational 
certs and he told me they aren't quite there yet. They're working on 
setting up a very automated way for orgs to manage their certs despite 
changing staff and machines. At the moment they can do certs for people 
they can authenticate with government photo i.d. I'd love to replace 
the private certs we use for secure imap with something that doesn't 
cause MUAs to gripe about unrecognized certs...

Tony Del Porto
SysAdmin, Conference Network Coordinator
USENIX Association
2560 9th Street, Suite 215, Berkeley CA 94710
tony at usenix.org | www.usenix.org | www.sage.org



From jimd at starshine.org  Sat Jul  3 13:07:19 2004
From: jimd at starshine.org (jimd at starshine.org)
Date: Sat, 3 Jul 2004 13:07:19 -0700
Subject: "Broadcast TCP"??!?
In-Reply-To: <200406301417.i5UEHkF8012366@bunrab.catwhisker.org>
References: <200406301417.i5UEHkF8012366@bunrab.catwhisker.org>
Message-ID: <20040703200719.GB4366@mercury.starshine.org>

On Wed, Jun 30, 2004 at 07:17:46AM -0700, David Wolfskill wrote:
> This may be "old hat" to some of y'all, but I don't get out much, and
> I found it perversely amusing....
 
> Today, I noted this:

 ...
 
 
> The ones that got my attention, though, were the ones directed at
> 64.62.202.255:25.  I don't recall seeing an attempt to send TCP traffic
> to a broadcast address before.  (UDP, sure; that often makes sense.  TCP?)
 
> Anyway, I found it oddly amusing, and thought I'd share....
 
 My first guess would be just some buggy bit of spamware.  Tries 0..255
 inclusive on each octet?

-- 
Jim Dennis


From jeff at drinktomi.com  Tue Jul  6 11:58:02 2004
From: jeff at drinktomi.com (Jeff With The Big Yellow Suit)
Date: Tue, 06 Jul 2004 11:58:02 -0700
Subject: "Broadcast TCP"??!?
In-Reply-To: <20040703200719.GB4366@mercury.starshine.org>
References: <200406301417.i5UEHkF8012366@bunrab.catwhisker.org> <20040703200719.GB4366@mercury.starshine.org>
Message-ID: <40EAF63A.8020706@drinktomi.com>

On Wed, Jun 30, 2004 at 07:17:46AM -0700, David Wolfskill wrote:

 > The ones that got my attention, though, were the ones
 > directed at 64.62.202.255:25. I don't recall seeing an
 > attempt to send TCP traffic to a broadcast address
 > before. (UDP, sure; that often makes sense. TCP?)
 >
 > Anyway, I found it oddly amusing, and thought I'd share....

 


My two initial guesses would be defective software or
some kind of fingerprinting program.  I suspect that
different TCP implementations would respond to the
non-sensical packets in different ways.  That could be
useful for identification.

-jeff





From michael at halligan.org  Tue Jul 13 11:37:58 2004
From: michael at halligan.org (Michael T. Halligan)
Date: Tue, 13 Jul 2004 11:37:58 -0700 (PDT)
Subject: Local Printers?
Message-ID: <Pine.LNX.4.44L0.0407131137490.18819-100000@mail.halligan.org>


I need to get an ER diagram that's about 45" x 61" printed up, 
as well as several network diagrams that are going to be about 40" x 40"

Does anybody know of a good, preferrably SF printshop that can do this?


-------------------
BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile





From dan_bethe at yahoo.com  Tue Jul 13 13:17:22 2004
From: dan_bethe at yahoo.com (Dan Bethe)
Date: Tue, 13 Jul 2004 13:17:22 -0700 (PDT)
Subject: Local Printers?
In-Reply-To: <Pine.LNX.4.44L0.0407131137490.18819-100000@mail.halligan.org>
Message-ID: <20040713201722.37483.qmail@web11003.mail.yahoo.com>

--- "Michael T. Halligan" <michael at halligan.org> wrote:
> 
> I need to get an ER diagram that's about 45" x 61" printed up, 
> as well as several network diagrams that are going to be about 40" x 40"
> 
> Does anybody know of a good, preferrably SF printshop that can do this?

Hi Michael.  Kinko's can do that.  48" wide and virtually infinitely long on a
roll.  It's inkjet, either b/w or color.  Couple bucks per square foot, I
think, not much.  Color laser's a lot more for photographic quality but you
don't need that.  Call ahead and ask which locations have it, and whether
they're set up to print directly from a computer file to the large roll or
whether it's a photocopier/enlarger.  Either setup varies in availability.  You
might be able to print from a laptop if you have drivers, which they usually
have on a cd.

All Kinko's in SF:

http://yp.yahoo.com/py/ypResults.py?stx=kinko%27s&stp=a&tab=B2C&city=San+Francisco&state=CA&uzip=94103&country=us&msa=7360&slt=37.774200&sln=-122.417068&cs=4&Submit=Search


		
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail


From strata at virtual.net  Tue Jul 13 13:27:52 2004
From: strata at virtual.net (Strata R Chalup)
Date: Tue, 13 Jul 2004 13:27:52 -0700
Subject: BayLISA Monthly: 7/15/04: Through a Sniffer Darkly: Covert Communications
 Channels, Mark Langston
Message-ID: <40F445C8.5050007@virtual.net>

       BayLISA Monthly Technical Talk & General Meeting

Please RSVP to rsvp at baylisa.org so that we can get an idea of how many
will be attending.  This event is open to the general public. You do not
need to be a member to attend.
--------
Where: Apple Computer, Town Hall Auditorium
Addr:  Four Infinite Loop, Cupertino, CA
http://www.baylisa.org/locations/current.html
--------
Date:  Thursday, 15 Jul7 2004
Time:  7:30pm - 9:30pm PST

Through a Sniffer Darkly: Covert Communications Channels
Mark C Langston

Today's networks provide unprecedented freedom to communicate. With this freedom comes responsibility, and the means to detect, shape, and control communications have become a necessary part of systems administration.

We'll briefly examine the two primary means of controlling network communications today -- firewalls and intrusion detection systems -- and survey various techniques of evading these tools. We'll discuss port-knocking, data hiding, steganography, and other techniques, leading up to a demonstration of Sifr's Obfuscator, running code that builds on ideas such as Ron Rivest's Chaffing and Winnowing technique and data-hiding methods demonstrated by Simple Nomad's NCovert tool.

--------
BayLISA meets every month on the 3rd Thursday of the month.  A short
period of announcements of general interest to the sysadmin community is
presented, followed by a technical talk.  Anyone may make an
announcement; typical are upcoming presentations, user group meetings,
employment offers, etc.

For further information on BayLISA, check out our web site:
http://www.baylisa.org/

Directions and details about the current meeting and future events:
http://www.baylisa.org/events/

BayLISA makes video tapes of the meetings available to members.  Tape
library is often available at the general meeting, or for more
information on available videos, please send email to "video at baylisa.org".

If you have suggestions for speakers, or would like to volunteer to
present a talk at one of our meetings, please email the Board and
Working Group at "blw at baylisa.org".  Thanks!
--------

















From chuck+baylisa at snew.com  Tue Jul 13 14:42:33 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Tue, 13 Jul 2004 14:42:33 -0700
Subject: Local Printers?
In-Reply-To: <Pine.LNX.4.44L0.0407131137490.18819-100000@mail.halligan.org>
References: <Pine.LNX.4.44L0.0407131137490.18819-100000@mail.halligan.org>
Message-ID: <20040713214233.GA1242@2004.snew.com>

Quoting Michael T. Halligan (michael at halligan.org):
> 
> I need to get an ER diagram that's about 45" x 61" printed up, 
> as well as several network diagrams that are going to be about 40" x 40"
> 
> Does anybody know of a good, preferrably SF printshop that can do this?

Once upon a time, I worked with architects and they ALWAYS have
E size plotters.

I have a network diagram that's 2x3 E-size sheets (worldwide network
of a wall st corp).

A couple ad agencies I know in the city have large gorgeous printers
and large lesser printers (test prints).  Some copy shops will do it.
I like to try locally owned before I hit the Kinko's level ones (your
money, leaving town).


From mark at bitshift.org  Thu Jul 15 22:24:34 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Thu, 15 Jul 2004 22:24:34 -0700
Subject: Open source project I announced this evening..
Message-ID: <20040716052434.GA14836@bitshift.org>

This evening, I announced a distributed, peer-to-peer reputation
management system designed to aid in stopping spam.  For those of you
who didn't get the URL, it's:

http://sufficiently-advanced.net/ .  The project name is GOSSiP:
Gossip Optimized for Selective Spam Prevention.  An architectural draft
(in development) is available, as well as a mailing list.

I'd also like to thank everyone who took the time to come hear me
prattle on this evening.  I enjoyed it immensely.

-- 
Mark C. Langston                                    Sr. Unix SysAdmin
mark at bitshift.org                                       mark at seti.org
Systems & Network Admin                                SETI Institute
http://bitshift.org                               http://www.seti.org


From extasia at extasia.org  Fri Jul 16 00:01:57 2004
From: extasia at extasia.org (David Alban)
Date: Fri, 16 Jul 2004 00:01:57 -0700
Subject: [baylisa] SIG-BEER-WEST this Saturday 7/17 in Cupertino
Message-ID: <20040716000157.A22380@gerasimov.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


SIG-beer-west[1]
Saturday, July 17, 2004 at 6:00pm
San Francisco, CA

Beer.   Mental stimulation.

    [1] http://extasia.org/sig-beer-west/

        Note:  I'm having problems connecting to the website, so it
               has not been updated with the info herein.

This event: 
  Saturday, 07/17/2004, 6:00pm, at the BJ's Brewhouse[3], Cupertino

    [3] http://bjsbrewhouse.com/home_page/home_main.html

Coming events (third Saturdays): 
  Saturday, 08/21/2004, 6:00pm, location to be determined 
  Saturday, 09/18/2004, 6:00pm, location to be determined 
  Saturday, 10/16/2004, 6:00pm, location to be determined 
  Saturday, 11/20/2004, 6:00pm, location to be determined 

San Francisco's next social event for techies and their friends,
sig-beer-west, will take place at 6:00pm on Saturday, July 17, 2004
at BJ's Brewhouse[4] located at 10690 N De Anza Blvd[5] in Cupertino,
CA (next to Apple).

    [4] http://bjsbrewhouse.com/home_page/home_main.html
    [5] http://bjsbrewhouse.com/restaurants_page/cupertino.html

Here's a review shamelessly pulled from Brew-Monkey.Com.[6]

    [6] http://www.brew-monkey.com/forums/topic.asp?TOPIC_ID=11

   I checked out the new BJ's location at the Westfield mall in south
   San Jose last night and wanted to share my impressions.

   First, it's a comfortable pub to sit and enjoy a pint. Plenty of wood
   and breweriana covering the walls. A wall of televisions in back of
   the bar so you can catch most any sport or other TV experience. The
   large serving staff is quick to attend. Last night's bartender, John,
   was quite knowledgeable- especially about the BJ's beers. I did not
   order food but the menu indicated typical pub fare with the usual
   deep-fried appetizer treats, burgers, sandwiches and actual entrees.
   The plates coming out of the kitchen were piled high, looked great and
   smelled wonderful. The food prices may have been a little higher than
   we like paying but no more so than other San Jose stops.

   I ordered a 7 beer sampler, for $7.95 which consists of the six 4 oz
   glasses of the standard BJ's beers and one 4 oz glass of a special
   beer.

   Following are my impressions of the six standard BJ's beers:

   BJ's Blonde[7]: Delicate Kolsch style blonde ale. Slight malt and
   aromatic hops are evident well balanced with hop bittering.

    [7] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_blonde.html

   Harvest Heffeweizen[8]: Nice bannana/clove character. It's very
   similar to the latest heffeweizen I've brewed!

    [8] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_hefe.html

   Piranha Ale[9]: As they say "A hoppy, American-style pale ale made
   with Yakima Valley's best hops. bittered with Chinook, while
   dry-hopped with the snappy flavor and bite of Cascade hops." This was
   my personal favorite of them all.

    [9] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_piranha.html

   Jeremiah Red[10]: An Irish style red ale loosely based on strong ale
   style. I felt there was something funny going on with the selected
   malts. Perhaps some smoked or peated malt along with brown? I would've
   preferred more hops, but it's not an American style red (amber).

    [10] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_jeremiah.html

   PM Porter[11]: Seems like they were going for Fuller's London Porter.
   It's creamy, served on the nitro tap. I would prefer more chocolate
   malt and less brown. This was the bartender's favorite.

    [11] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_porter.html

   Tatonka Stout[12]: I enjoyed the heady chocolate nose of their
   imperial stout. But felt the taste was lacking due to the muddled malt
   character. An easy drinking, big 8.1% ABV stout. It's just that I
   would prefer more character, more like Old Rasputin or Inebriator.
   I got two BJ's seasonal or special beers.

    [12] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_tatonka.html

   Nutty Brunette[13]: Is a respectable brown ale but should probably
   have more hop aroma and bittering if it is supposed to be an American
   brown ale.

    [13] http://bjsbrewhouse.com/brewery_page/beerprofiles/profile_nutty.html

   BJ's IPA: I liked the hoppy nose but didn't care for the funky (almost
   buttery) taste which I attributed to the hops. Not sure which hops
   were used in this but am guessing Warrier. Again, I think it is well
   made just not to my taste.

   Along with their own beers there are some notable guest beers
   available. Last night draft selections included a number of fruited
   beers along with * Sierra Nevada pale bock & summerfest and * Chimay
   white label. BJ's also has a respectable number of bottled Belgian
   beers for the adventurous.

   It is unfortunate the Cupertino and Westfield Mall (south San Jose)
   locations do not brew but each of the beers does have a unique
   character. I wondered if this distinctiveness is a result of the beers
   being brewed at different BJ's locations. I recommend checking out
   BJ's and their beers.

   Beware, parking is challenging at both locations which is the reason
   valet parking is available!

   Roger.

Festivities will start at 6:00pm and continue until we've all
left.

BJ's is right next to Apple. Here's a map.[14]

    [14] http://tinyurl.com/5llqn

When you show up, you should look for some kind of home made
sig-beer-west sign. We will try to make it obvious who we are. :-) 
Note:  Please look for the sig-beer-west sign, not for a particular
person. sig-beer-west may have different hosts from month to
month.

Everyone is welcome at this event. We mean it! Please feel free to
forward this information and to invite friends, co-workers, and
others (all of legal drinking age) who might enjoy lifting a glass
with interesting folks from all over the place.

Can't come this month? Mark your calendar for next month.   (Do it
now before you forget!)  sig-beer-west occurs on the third Saturday
of each month.

Any questions, comments, suggestions of things to do later on that
evening, or new venue suggestions ... email the current sig-beer-west
Instigator.  The Instigator's Username is extasia. The Instigator's
email address is *the Username* at *the Username* dot *org*.

sig-beer-west FAQ

  1.  Q: Your announcement says "techies and their friends".  How do
         I know if I'm a techie, or a friend of one?

      A: Well, actually, you don't have to be a techie to attend. 
         You just have to be able to find the sig-beer-west sign at
         this month's event.  That's it.   Simple, huh?

  2.  Q: I'm not really a beer person. In fact I'm interested in
         hanging out, but not in drinking. Would I be welcome?

      A: Absolutely! The point is to hang out with fun, interesting
         folks.  Please do join us.

  3.  Q: Is parking difficult, like maybe I should factor this into
         my travel time?
      A: Yes, but the earlier you arrive, the better your chances of
         finding a spot.
       __________________________________________________________________

sig-beer-west was started in February 2002 when a couple Washington,
D.C. based systems administrators who moved to the San Francisco Bay
area wanted to continue a dc-sage[15] tradition, sig-beer, which is
described in dc-sage web space as:

    [15] http://www.dc-sage.org/

  SIG-beer, as in "Special Interest Group - Beer" ala ACM, or as in
  "send the BEER signal to that process".

The original SIG-beer gathering takes place in Washington DC, usually
on the first Saturday night of the month.
       __________________________________________________________________

       Last modified:  $Date: 2004/07/16 06:02:41 $


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA93xVPh0M9c/OpdARAlo5AJ0XPdBOH+ORtTxotuhalHoFuDBkXwCcDa1U
0Cyzi9RI1hmyppCTJdAHztg=
=is9D
-----END PGP SIGNATURE-----


From michael at halligan.org  Fri Jul 16 19:30:13 2004
From: michael at halligan.org (Michael T. Halligan)
Date: Fri, 16 Jul 2004 19:30:13 -0700 (PDT)
Subject: Does anybody have a cisco router for sale I could pick up tonight?
Message-ID: <Pine.LNX.4.44L0.0407161929110.4347-100000@mail.halligan.org>

I just received a 1720 in the mail from ebay, and it came without a
power switch.  I need to install one at a client site tommorrow. Does
anybody (preferrably in SF or Burlingame) have a router for sale they
could sell me tonight? 1601 or 1720?

Michael




From baylisa-local at merlins.org  Fri Jul 16 22:26:46 2004
From: baylisa-local at merlins.org (Marc MERLIN)
Date: Fri, 16 Jul 2004 22:26:46 -0700
Subject: job offers @ google
In-Reply-To: <20040624013324.GB21001@puppy.inorganic.org> <Pine.LNX.4.44L0.0406161234440.11885-100000@mail.halligan.org>
References: <40CF59E9.4050805@arrl.net> <Pine.LNX.4.44L0.0406161234440.11885-100000@mail.halligan.org> <20040624013324.GB21001@puppy.inorganic.org> <40CF59E9.4050805@arrl.net> <Pine.LNX.4.44L0.0406161234440.11885-100000@mail.halligan.org>
Message-ID: <20040717052646.GA24949@merlins.org>

On Wed, Jun 16, 2004 at 12:41:22PM -0700, Michael T. Halligan wrote:
> From a friend of mine at Google : 
> 
> --
> Contrary to popular belief, Google IS actually hiring, we just have
> ridiculously high standards. I myself only got hired because of a

Maybe a little high in engineering, but it's also because the jobs
require it (i.e. non trivial stuff)
For sysadmins, I can talk about that more easily since I do a fair
amount of phone screens and interviews there:
People who actually meet something close to what the job descriptions
ask for have been getting offers in my experience.
In my experience, again, it's often been a problem of zillions of people
pretending to know a lot more than they actually know.

A fair amount of employers ask for things they don't really need or
understand too well, so it's not uncommon for candidates to show up even
if they aren't really good matches.
For google, the job reqs pretty much mean what they say, and candidates
are expected to have the required skills.

> referral.  If you don't have either a degree, or 2x as much experience as
> the job posting and a half dozen delivered papers/articles to your name,
> don't bother.

Not true IMO. If you actually meet the requirements, that would be fine
(although some of the engineering positions may indeed ask for
additional things like degrees and papers, but that's a small subset)

Note again that none of this is an official google answer, just what I
think I've seen personally.
If you'd like a referral for some of the positions on
http://www.google.com/jobs/, contact me off list and I can refer your
resume.

On Wed, Jun 23, 2004 at 06:33:24PM -0700, Roy S. Rapoport wrote:
> A few more notes based on some experience and talking to people who work
> there (I do not work at Google, BTW):
> 
> 1. Google is not likely the kind of company where you can take a look at
> the requirements and think "Oh, I can build up to that pretty quickly."

That's mostly true. It's a gamble to hire someone who doesn't have the
required skills yet but who may be able to acquire them later.

> 2. Assume everyone you talk to at Google will be smarter than you (this is
> probably a safe assumption anyway); 
 
It's almost true for all of us. It's easier to properly gauge a
candidate if the interviewers know at least as much as the interviewee
(if you are really brilliant, you'll then be scored as "brilliant", not "knew
enough to meet the job req")

> 3. Whatever you do, try to get to eat lunch at their cafeteria as part of
> the interview process ("I'm sorry, I'm only available 11am to 3pm.  Can we
> roll lunch into this?")  :)

right :)

> 4. If at first you don't succeed, try, try again.  If you'd like, I can
> show you my first two rejection letters.  I'm working on my third.

Absolutely, especially if you apply for different positions, or after
having acquired some skills that you think were missing. No rejection is
forever. For that matter with the positions opening, there may be a
better matching position soon after you have been rejected for another
one. Sometimes google is able to go through the pool of resume and
contact candidates after the fact, but not always due to the sheer load
of jobs and candidates

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/   |   Finger marc_f at merlins.org for PGP key


From baylisa-local at merlins.org  Fri Jul 16 22:30:22 2004
From: baylisa-local at merlins.org (Marc MERLIN)
Date: Fri, 16 Jul 2004 22:30:22 -0700
Subject: LJ 4 toner?
Message-ID: <20040717053022.GB24949@merlins.org>

Eh guys,

So I bought an LJ4 plus at a flea market, along with a PS module.
Turns out that module (looks like a memory SIMM) will work in the LJ4,
but not the LJ4+

On the other hand, the printer was supposed to have toner, but the toner
is empty.

Questions:
1) Do you know of a possible trade for the Postscript module I can't use
   vs a toner cartridge (reasonably new)?

2) Do you other have a used toner cartridge that you're willing to get rid
   of (I'm looking for at least a thousand pages left or something like that)

Thanks
Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/   |   Finger marc_f at merlins.org for PGP key


From star at starshine.org  Mon Jul 19 15:34:05 2004
From: star at starshine.org (Heather Stern)
Date: Mon, 19 Jul 2004 15:34:05 -0700
Subject: BayLISA -> BayISSA
In-Reply-To: <20040617180843.GN12051@linuxmafia.com>
References: <982A2933712F3740921D842654ED470D06D2E365@emss01m12.us.lmco.com> <20040617180843.GN12051@linuxmafia.com>
Message-ID: <20040719223405.GA15974@starshine.org>

> > Another thing to think about is the exclusivity implies by the acronum 
> > 'LISA'.
> 
> This is a FAQ.
> 
> > Who defines what's 'Large'? 
> 
> USENIX / SAGE, BayLISA, and BBLISA do.  Some readers are perhaps
> unfamiliar with the history of the term in this context, which is
> something of a holdover.  A large system is, if memory serves, one
> capable of real multiuser.  Ergo, my 3 lb. VAIO qualifies.  ;->
 
Systems with users who aren't the administrators, containing multiple
OS' qualify.  A site with more than 3 OS' present needing special
sysadmin attention is a large site, although with one OS' you can get
hallway arguments over whether 50 or 100 users is a good breaking
point.  So if your complex home network contains dual boot systems, a
bastion host segment for the "house" webserver, and you're the Geek
In Charge...

Large is in the sense of complexity, not in the systems themselves.

While I mostly use Linux at my site I find that my home network is more
complex than many of my small business clients.  I have users from
other parts of the planet as well as locally.  I have remote admins.
I have multiple hardware platforms.  I have operating systems running
in chroot and hardware-emulated environments - that non-admins use.
I have no doubt I count as a large site.  That I don't need an AC system
sufficient to chill two floors worth of office cubies is immaterial.

> > And yet, within the acronym LISA, I see no room for network 
> > administrators, or network service administrators ... or database 
> > administrators, for that matter. 
 
Depends on what you think a system is - IOS counts as an operating
system, to nearly every Cisco engineer I've ever met.  And many modern
database setups are so complex they have filesystem and device driver
logic with them - that makes them an OS, too.

Both have their special breed of complexity, which makes them welcome
here.

>    synecdoche.  noun.  ("syn?ec?do?che")
> 
>    A figure of speech in which a part is used for the whole (as hand
>    for sailor), the whole for a part (as the law for police officer),
>    the specific for the general (as cutthroat for assassin), the general
>    for the specific (as thief for pickpocket), or the material for the
>    thing made from it (as steel for sword).
> 
> > The acronym 'LISA' is dated [...]

rofl!  Should $GROUPNAME switch its referent to a new programming
language because shell is so passe' ?  I think not.  But I needed
a good laugh anyway, thanks!

  . | .   Heather Stern                  |         star at starshine.org
--->*<--- Starshine Technical Services - * - consulting at starshine.org
  ' | `   Sysadmin Support and Training  |        (800) 938-4078


From bill at wards.net  Tue Jul 20 12:30:59 2004
From: bill at wards.net (William R Ward)
Date: Tue, 20 Jul 2004 12:30:59 -0700
Subject: Peninsula Linux Users' Group, Thursday, July 22, 2004
Message-ID: <16637.29427.306929.528993@komodo.home.wards.net>


We have a meeting of the Peninsula Linux Users' Group (PenLUG) this
week!  Here are the details about this meeting.  For more information
or directions go to
	http://www.penlug.org/

Our website is a TWiki; please feel free to create a user account and
modify the website if you have something to contribute.  Thanks!

Date:		Thursday, July 22, 2004
Time:		7:00 - 9:00 PM
Location:	100 Oracle Parkway, Redwood Shores, CA 94065
		Room 1op104

Conference Call: If you cannot attend in person, but would like to
dial in and listen, please send mail to conferencecall at penlug.org and
we will try to accomodate you.

Agenda:
=======

7:00 - 8:00 PM:	Presentation by Bill Ward: "Drawing with OpenOffice.org"
8:00 - 8:30 PM:	Planning & Discussion for LinuxWorld and Linux Picnic
8:30 - 9:00 PM: Members' Minutes
       9:00 PM: Adjourn to IHOP (Belmont) for social & food time

Presentation by Bill Ward: "Drawing with OpenOffice.org"
========================================================

Most Linux users know that the OpenOffice.org productivity suite can
be used as a substitute for Microsoft Word, Excel, and PowerPoint. But
there is a part of OpenOffice that many people underuse, which doesn't
exist in Microsoft Office at all: Draw. Bill will go through this
powerful utility's main features, showing how it can be used to create
flyers and brochures.

Planning & Discussion for LinuxWorld and Linux Picnic
=====================================================

The LinuxWorld Expo and Linux Picnic will be here in a few weeks, and
we need to discuss PenLUG's participation.

For LinuxWorld (at the Moscone Center in San Francisco) we will be
participating in a "LUG Booth" along with other bay area user
groups. We need volunteers to staff that booth. Also, we have free
passes available for the exhibits hall from Prentice-Hall publishers.

The annual Linux Picnic is also coming up. Be sure to RSVP for your
free food. It will be a lot of fun as it is every year.

Members' Minutes
================

Members will have an opportunity to take a few minutes to...

    * Describe their latest Linux discovery
    * Ask questions and get help from other members
    * Discuss Linux projects

You can just stand up and talk, or give a short demo or presentation.
If you need audio/visual support for your Members' Minute, please
contact Bill in advance to arrange for your needs.

Although it is NOT required, we like to have an idea of how many
people to expect, so if possible please email rsvp at penlug.org if you
are planning to attend.

-- 
William R Ward            bill at wards.net          http://www.wards.net/~bill/
-----------------------------------------------------------------------------
 "Movies are like life with all the dull parts left out." - Alfred Hitchcock


From chuck+baylisa at snew.com  Tue Jul 20 16:17:41 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Tue, 20 Jul 2004 16:17:41 -0700
Subject: FWD: Re: [NYSA] A few things related to a job change
Message-ID: <20040720231741.GD5351@2004.snew.com>

Luke had sent this to a NY System Admin group list I'm on.

Mess of books, couple machines.

I thought of y'all.


----- Forwarded message from Luke Boyett <luke at cns.nyu.edu> -----

From: Luke Boyett <luke at cns.nyu.edu>
Date: Tue, 20 Jul 2004 17:46:45 -0400
Subject: Re: [NYSA] A few things related to a job change

Since I didn't get any strong bites here on selling my technical books, 
I'm listing them on Ebay @ $100 for the lot of them.

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&rd=1&item=6914120139

I also have my Sun Blade 100 and HP 9000 B180L w/ HP-UX 11i CDs listed 
as well (which can be found by clicking on "view seller's other 
items").

Just thought someone here might want to know everything is going cheap.

Feel free to forward on.

-Luke

>"Mastering Regular Expressions" (O'Reilly)
>"Managing NFS & NIS" (O'Reilly)
>"Learning Cocoa" (O'Reilly)
>"Checkpoint NG" (Syngress)
>"Sun Certified Network Administrator for Solaris 8" (Sun)
>"Just Java 2" (Sun)
>"Learning Carbon" (O'Reilly)
>"Practical Unix & Internet Security, 3rd Ed" by Garfinkel & Spafford 
>(O'Reilly)
>"Solaris 8 Security" (New Riders)
>"CCSA Exam Cram"
>"Real World Linux Security" by Bob Toxen
>"Essential Check Poing Firewall-1"
>"Hack Proofing Your Network"
>"Unix Administration" by Bozidar Levi
>"Solaris 8 Essential Reference" (New Riders)
>"Network Intrusion Detection, 2nd ed" by Stephen Northcutt (New Riders)
>"Unix Network Programming, vol 1 & 2" by Richard Stevens
>"Revolutionary Guide to Assembly Language" (Wrox)
>"Mac OS X in A Nutshell" (O'Reilly)
>"Apache: The Definitive Guide" (O'Reilly)
>"Access Database Design and Programming" (O'Reilly)
>"MySQL Cookbook" (O'Reilly)


From sigje at sigje.org  Wed Jul 21 10:35:34 2004
From: sigje at sigje.org (Jennifer Davis)
Date: Wed, 21 Jul 2004 10:35:34 -0700 (PDT)
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
Message-ID: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>


The meeting started off with Heather asking about distribution of OSes. 
It seems like BayLISA represents a good slice of just about everything. 
That means that you can probably find an expert on just about anything 
within our group.

Jim Dennis mentioned the 4th annual Linux picnic which will be held on 
August 7.  There was a mention as to Jon 'maddog' possibly attending.  It 
will be held at Sunnyvale Baylands Park, Sunnyvale, CA.

Heather also brought up a deal available from ThinkGeek.  Add $50 dollars 
worth of goods to your shopping cart.  Add the "Have you grokked your 
sysadmin" shirt to your cart, and you will get that shirt for free in 
honor of Sys Admin month.

I announced about the services group working on web services, and a new 
management facility for users coming soon.  I also informed people that if 
they wanted to contribute all they had to do was send an email to baylisa. 
Many thanks given to Roy Rapoport who donated the future www.baylisa.org 
home system, _and_ has been responsible for leading the development work 
for the new membership facilities for the website.

Mark Langston began with an introduction.  As Strata was getting tape to 
record the speech, Mark talked about GOSSIP, an Open Source project 
meant for peer to peer reputation management 
(http://sufficiently-advanced.net/), and his job at the SETI Institute. 
This intro material was actually just as interesting as the talk itself 
with a discussion about what the SETI Institute does (and doesn't do like 
SETI at home), and his responsibilities.

His talk about covert communication channels was pretty comprehensive for 
the length of the speech.  Starting with a high level discussion of 
firewalls and IDS, and how data is determined to be good or bad, Mark 
introduced his topic.  I especially liked the phrase 'slow escalation of 
armed race in security' with regards to the race to secure networks and 
data, and the people that want to compromise these links.

Groklaw (http://www.groklaw.net/) was a site that Mark mentioned as being 
a good place to start to read about some of the issues.  EFF 
(http://www.eff.org/) was also mentioned.

Using the software Corundum on a Mac OS X system, Mark showed how a 
message could be easily hidden within a cartoon without any way to detect 
it with the human eye.

Mark explained the idea of chaffing and winnowing, one method of covert 
communications.  Each word in a seperate packet with an integer 
authentication byte.  The authentic words have the even auth byte, so 
anyone can see the entire message but it is obscurred by all the extra 
words which could form messages themselves.

Mark also explained the fact that firewalls with their crispy shells do 
not protect the chewy center, and described how even locked down 
completely he could communicate through the firewall (by affecting the 
logs - 1 way communication).

Inspired by nConvert's idea of hiding data, Mark wrote a program which 
uses UDP instead.  nConvert relies on tcp sequence number, comes from a 
single source, goes to a particular address, and has packets of identical 
length.  This means an IDS can block it.  Mark's software uses the IP 
header field IP_ID as it's ignored although sometimes mangled by certain 
OSes.  It seems like anything that can be randomly added was made random. 
He varies the length, the source address, delays, and the garbage packets. 
Mark demonstrated this software which he had set up on 2 different systems 
at home.

I was really impressed by Mark's presentation in how he built from common 
well known ground of firewalls and IDS to the point of showing his 
software and the data hidden within the actual headers.  I could see how 
with an improved version of Mark's software, anyone within a company could 
compromise any data outwards and how difficult it would be to prevent this 
let alone track down the responsible person.  It highlights the importance 
of companies addressing internal policies with regards to securing data, 
and preventing people from getting access to what they shouldn't have at 
the very least.

The slides should be up on the website soon, and a recording was made of 
the presentation.  Members should contact the board at blw at baylisa.org if 
they want to checkout the tape.

Finally, if someone brings cold beverages next month, I will again bring 
the Krispy Kremes :)

Jennifer


From jxh at jxh.com  Wed Jul 21 12:10:24 2004
From: jxh at jxh.com (Jim Hickstein)
Date: Wed, 21 Jul 2004 14:10:24 -0500
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer
 Darkly
In-Reply-To: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>
Message-ID: <6F6F142A0AB143E44655B819@[10.9.18.3]>

Great write-up!   Thanks, especially from those of us who couldn't be there
in person.  I hope this turns into a new tradition....


From mark at bitshift.org  Wed Jul 21 12:30:30 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Wed, 21 Jul 2004 12:30:30 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <6F6F142A0AB143E44655B819@[10.9.18.3]>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <6F6F142A0AB143E44655B819@[10.9.18.3]>
Message-ID: <20040721193030.GG86438@bitshift.org>

On Wed, Jul 21, 2004 at 02:10:24PM -0500, Jim Hickstein wrote:
> Great write-up!   Thanks, especially from those of us who couldn't be there
> in person.  I hope this turns into a new tradition....


Agreed!  Thanks, Jennifer!

One correction (on my part, not Jennifer's):  The EFF recommendation was
spot on; I don't know what I was thinking of when I mentioned Groklaw,
but it's irrelevant to the point I was making.

As I mentioned onstage, my brain largely shuts down when I give talks.
This is just one such example.

Also (not mentioned by Jennifer, but I brought it up onstage, and it was
wrong), I misspoke when talking about the "watering hole" frequency of
hydrogen.  I said it was 2.4GHz, when in fact it's 1.42GHz.

Finally, the current (dead-tree) newsletter from the SETI Institute has
a wonderful write-up explaining the differences between SETI and
SETI at Home, written by Jill Tarter.  There may also be a version online
at http://www.seti.org/explorer/ .  Those of you interested in how what
we do differs from what SETI at Home attempts are encouraged to read it.
It's more lucid an explanation than I'm capable of.


-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org


From david at catwhisker.org  Wed Jul 21 15:37:49 2004
From: david at catwhisker.org (David Wolfskill)
Date: Wed, 21 Jul 2004 15:37:49 -0700 (PDT)
Subject: Regular expressions and Solaris 8
Message-ID: <200407212237.i6LMbnqp010122@bunrab.catwhisker.org>

As (some of) you may recall, in my role as postmaster at baylisa.org I make
use of a couple of different approaches to try to squelch spam at
BayLISA'a MTA.

One of those approaches is a content filter that uses regular
expressions.  The bulk of the specification I use for it are intended to
look for certain "spamvertized" domains.  (The census of these is now at
about 3975.)

Thus, a typical regex deployed for this use looked like

	`([^-0-9a-z]|([=%]2[ef]))2LD(=2E|\.)TLD`ie

where:
* the ` are the delimiters -- I didn't use / because sometimes I specify
  more of a URL, and they often have / characters in them.

* "2LD" is the second-level domain

* "TLD" is the top-level domain

* "ie" (after the closing delimiter) denotes case-insensitive matching
  and extended regular expression syntax.


Well, this morning, I received a spam that mentioned a known
spamvertized domain.  On looking at the spam a bit more closely, I saw
that the doamin name in question was left-anchored on the line; thus,
the above regex would not match (because it's looking for some sort of
delimiter to the left of the doamin name).

So I poked around in Jeffrey Friedl's _Mastering Regular Expressions_
and found that the construct "\<" may be used to serve as a "left
word-anchor" ... in some regular expression implementations.

I then tried using "egrep"on one of my FreeBSD boxen (running the same
flavor of FreeBSD as my home firewall/MTA) and found that a regex of the
form

	`\>2LD(=2E|\.)TLD`ie

fed to egrep appeared to work.

Then I got a little more adventurous:  some spammers like to use encodin
constructs for the URLS; I tried

	`(\<|([=%]2[ef]))2LD(=2E|\.)TLD`ie

and that appeared to work very nicely.

(The next step, assuming all works OK, is to use

	`(\<|([=%]2[ef]))2LD(=2E|\.)TLD\>`ie

though that's not really foolproof.)


However, when I tried the same egrep test on the BayLISA machine, it
failed to find the lines in question -- so I thought that maybe Solaris
8 didn't have supportfor \< and \> in its regex library.

But the regexp)5) man page seems to indicate that the construct is
recognized.

Anyone have any clue whether this ought to work or not?  (Note that the
application is a "milter," not egrep (per se).

Thanks,
david
-- 
David H. Wolfskill				david at catwhisker.org
I do not "unsubscribe" from email "services" to which I have not explicitly
subscribed.  Rather, I block spammers' access to SMTP servers I control,
and encourage others who are in a position to do so to do likewise.


From rsr at inorganic.org  Wed Jul 21 15:55:12 2004
From: rsr at inorganic.org (Roy S. Rapoport)
Date: Wed, 21 Jul 2004 15:55:12 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>
Message-ID: <20040721225512.GA2877@puppy.inorganic.org>

On Wed, Jul 21, 2004 at 10:35:34AM -0700, Jennifer Davis wrote:
> I was really impressed by Mark's presentation in how he built from common 
> well known ground of firewalls and IDS to the point of showing his 
> software and the data hidden within the actual headers.  I could see how 
> with an improved version of Mark's software, anyone within a company could 
> compromise any data outwards and how difficult it would be to prevent this 
> let alone track down the responsible person. 

We shouldn't overstate the case.  Mark wrote a sweet piece of software, but
in any real world implementation it's got some limitations especially when
traversing networks.

Mark's software requires the sender to be able to get UDP packets on the
network of the recipient.  There is one, and only one, case where you're
practically guaranteed this will be allowed:  When the recipient and sender
are on the same network.  

There are numerous ways one could (and in some cases should) block outbound
packets generated by Mark's software:
1. A reasonable sysadmin must block outbound packets that are not actually
coming from its own IP address space; 
2. A reasonable sysadmin should, if they're concerned about security, do
internal filtering to ensure people can't IP-spoof across internal
networks; 
3. A reasonable case can be made that one should not allow inbound/outbound
UDP packets from desktop systems; 
4. Most reasonably-locked-down proxy systems will make this problem go away
(at my last work, the number of people who could go to the outside world
without having to go through an authenticating proxy that ONLY did HTTP
could be counted on the fingers of two hands after a bloody machine shop
accident).

-roy


From mark at bitshift.org  Wed Jul 21 16:12:12 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Wed, 21 Jul 2004 16:12:12 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <20040721225512.GA2877@puppy.inorganic.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <20040721225512.GA2877@puppy.inorganic.org>
Message-ID: <20040721231212.GL86438@bitshift.org>

> 
> There are numerous ways one could (and in some cases should) block outbound
> packets generated by Mark's software:
> 1. A reasonable sysadmin must block outbound packets that are not actually
> coming from its own IP address space; 
> 2. A reasonable sysadmin should, if they're concerned about security, do
> internal filtering to ensure people can't IP-spoof across internal
> networks; 


Agreed wholeheartedly.  In fact, one of the things I usually do when I
describe/present this code is say, "Now, see?  If you'd do some
source-address spoof-prevention, you wouldn't have this problem!"

What I generally don't point out (because it should be fairly obvious)
is that source-address filtering at the firewall and router solves a
host of other problems as well, all generally associated with various
types of malware.

-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org


From rsr at inorganic.org  Wed Jul 21 17:06:54 2004
From: rsr at inorganic.org (Roy S. Rapoport)
Date: Wed, 21 Jul 2004 17:06:54 -0700
Subject: Regular expressions and Solaris 8
In-Reply-To: <200407212237.i6LMbnqp010122@bunrab.catwhisker.org>
References: <200407212237.i6LMbnqp010122@bunrab.catwhisker.org>
Message-ID: <20040722000654.GA5720@puppy.inorganic.org>

On Wed, Jul 21, 2004 at 03:37:49PM -0700, David Wolfskill wrote:
> 	`(\<|([=%]2[ef]))2LD(=2E|\.)TLD\>`ie
> 
> though that's not really foolproof.)
> 
> 
> However, when I tried the same egrep test on the BayLISA machine, it
> failed to find the lines in question -- so I thought that maybe Solaris
> 8 didn't have supportfor \< and \> in its regex library.
> 
> But the regexp)5) man page seems to indicate that the construct is
> recognized.
> 
> Anyone have any clue whether this ought to work or not?  (Note that the
> application is a "milter," not egrep (per se).

egrep may or may not implement regexp.  Example:

On my Solaris 9 box:
cat foo | /usr/bin/egrep -e '(\<|([=%]2[ef]))okjewel(=2E|\.)net\>'

Doesn't work but
cat foo | egrep -e '(\<|([=%]2[ef]))okjewel(=2E|\.)net\>'

does.  Difference? 'egrep' is /usr/local/bin/egrep which is the GNU
version.

-roy


From chuck+baylisa at snew.com  Wed Jul 21 17:41:49 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Wed, 21 Jul 2004 17:41:49 -0700
Subject: Regular expressions and Solaris 8
In-Reply-To: <200407212237.i6LMbnqp010122@bunrab.catwhisker.org>
References: <200407212237.i6LMbnqp010122@bunrab.catwhisker.org>
Message-ID: <20040722004149.GA27419@2004.snew.com>

I'll point to the egrep/grep in /usr/xpg4/bin/
and perhaps /usr/sfw/bin/  (sun freeware).

Sun's grep and diff packages are lovely and should be kept.
In a museum.  On any Solaris machine I control, these are two
packages that quickly get replaced with something from the past
decade.

(note also that sun's egrep is about 10x faster than Sun's grep,
so I just "alias grep=egrep").

So I'd just offer that trying a proper grep (BSD's if it will
compile, GNU-grep which will compile) might make you happier.

Now anyone here work at Sun wanna talk to them about "doing an
Apple" and perhaps taking a lot of the userland apps from BSD?
whoish, diff, grep, REAL z-utils (zgrep, zcat).  OpenBSD has
a BSD licenced diff and non-FSF gzip and friends (libz had a BSD
ok license and all the routines where there waiting...).

I tire of working around Solaris' tools.

But have I mentioned that netbds's www.pkgsrc.org  stuff makes
me happier on Solaris? (and AIX and MacOS and...)

Quoting David Wolfskill (david at catwhisker.org):
> As (some of) you may recall, in my role as postmaster at baylisa.org I make
> use of a couple of different approaches to try to squelch spam at
> BayLISA'a MTA.
> 
> One of those approaches is a content filter that uses regular
> expressions.  The bulk of the specification I use for it are intended to
> look for certain "spamvertized" domains.  (The census of these is now at
> about 3975.)
> 
> Thus, a typical regex deployed for this use looked like
> 
> 	`([^-0-9a-z]|([=%]2[ef]))2LD(=2E|\.)TLD`ie
> 
> where:
> * the ` are the delimiters -- I didn't use / because sometimes I specify
>   more of a URL, and they often have / characters in them.
> 
> * "2LD" is the second-level domain
> 
> * "TLD" is the top-level domain
> 
> * "ie" (after the closing delimiter) denotes case-insensitive matching
>   and extended regular expression syntax.
> 
> 
> Well, this morning, I received a spam that mentioned a known
> spamvertized domain.  On looking at the spam a bit more closely, I saw
> that the doamin name in question was left-anchored on the line; thus,
> the above regex would not match (because it's looking for some sort of
> delimiter to the left of the doamin name).
> 
> So I poked around in Jeffrey Friedl's _Mastering Regular Expressions_
> and found that the construct "\<" may be used to serve as a "left
> word-anchor" ... in some regular expression implementations.
> 
> I then tried using "egrep"on one of my FreeBSD boxen (running the same
> flavor of FreeBSD as my home firewall/MTA) and found that a regex of the
> form
> 
> 	`\>2LD(=2E|\.)TLD`ie
> 
> fed to egrep appeared to work.
> 
> Then I got a little more adventurous:  some spammers like to use encodin
> constructs for the URLS; I tried
> 
> 	`(\<|([=%]2[ef]))2LD(=2E|\.)TLD`ie
> 
> and that appeared to work very nicely.
> 
> (The next step, assuming all works OK, is to use
> 
> 	`(\<|([=%]2[ef]))2LD(=2E|\.)TLD\>`ie
> 
> though that's not really foolproof.)

> However, when I tried the same egrep test on the BayLISA machine, it
> failed to find the lines in question -- so I thought that maybe Solaris
> 8 didn't have supportfor \< and \> in its regex library.
> 
> But the regexp)5) man page seems to indicate that the construct is
> recognized.
> 
> Anyone have any clue whether this ought to work or not?  (Note that the
> application is a "milter," not egrep (per se).


From peter at usestrict.org  Thu Jul 22 09:29:44 2004
From: peter at usestrict.org (Piotr T Zbiegiel)
Date: Thu, 22 Jul 2004 09:29:44 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <20040721225512.GA2877@puppy.inorganic.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <20040721225512.GA2877@puppy.inorganic.org>
Message-ID: <40FFEB78.6050803@usestrict.org>

Roy S. Rapoport wrote:
> We shouldn't overstate the case.  Mark wrote a sweet piece of software, but
> in any real world implementation it's got some limitations especially when
> traversing networks.
> 
> Mark's software requires the sender to be able to get UDP packets on the
> network of the recipient.  There is one, and only one, case where you're
> practically guaranteed this will be allowed:  When the recipient and sender
> are on the same network.  

People probably never describe your ideas as devilish, fiendish, or 
devious, do they?  Personally, I see Mark's code more easily harnessed 
as a call-back mechanism.  Combine that with the log message 
communication mechanism and you have 2-way communications!  But what do 
I know.  While Mark's tool may not be "kiddie-ready", it does raise 
interesting issues.  Just because you or I or even Mark may not be able 
to figure out all the logistics and problems with this mechanism doesn't 
mean that someone else can't come along, see it all clearly, and create 
one hell of a evil application, put it in a worm or rootkit, and let it rip.

> 
> There are numerous ways one could (and in some cases should) block outbound
> packets generated by Mark's software:
> 1. A reasonable sysadmin must block outbound packets that are not actually
> coming from its own IP address space; 
> 2. A reasonable sysadmin should, if they're concerned about security, do
> internal filtering to ensure people can't IP-spoof across internal
> networks; 

Much of the world is not populated with reasonable sysadmins.  Also, 
let's talk about practical.  Most network guys I know wouldn't burden 
every single router they have with anti-spoofing ACLs for every segment 
they have, they'd put anti-spoofing at the border routers only.

Furthermore, how hard is it to spoof packets from your internal IP 
space.  Let's see, internal IP space is 10/8, that a lot of IPs you 
could spoof.  That would defeat your anti-spoofing ACLs on the border 
routers.

> 3. A reasonable case can be made that one should not allow inbound/outbound
> UDP packets from desktop systems; 

Tell that to the Veep who's breathing down your neck about random app 
#235421 working at their house and not in the office.  He needs that app 
to work now, dammit!  I can't tell you how many times security is 
"overruled" in the name of convenience and functionality.

> 4. Most reasonably-locked-down proxy systems will make this problem go away
> (at my last work, the number of people who could go to the outside world
> without having to go through an authenticating proxy that ONLY did HTTP
> could be counted on the fingers of two hands after a bloody machine shop
> accident).

And what about the 99% of other businesses that don't use proxies for 
outgoing internet access?  Where is this crazy world where all the 
sysadmins are reasonable and security minded and all access is locked 
down without a laundry list of crazy apps like *azaa and IM?  I wanna 
move there, my job would be wonderful then!

The long and short of it is that the world is full of networks that 
don't have all the right settings.  It's great to to use the terms 
"reasonable" and "best-practice" but that's not how things always work. 
    There will always be a place for the wily hacker, cracker, 
script-kiddie, worm, rootkit, etc. as long as there is an Internet. 
Don't dismiss things as unworkable, you may be reading an article on it 
in Phrack before you know it...

Later,
Peter


From rsr at inorganic.org  Thu Jul 22 11:30:12 2004
From: rsr at inorganic.org (Roy S. Rapoport)
Date: Thu, 22 Jul 2004 11:30:12 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <40FFEB78.6050803@usestrict.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <20040721225512.GA2877@puppy.inorganic.org> <40FFEB78.6050803@usestrict.org>
Message-ID: <20040722183012.GB17845@puppy.inorganic.org>

On Thu, Jul 22, 2004 at 09:29:44AM -0700, Piotr T Zbiegiel wrote:
> People probably never describe your ideas as devilish, fiendish, or 
> devious, do they?

Hee.  No comment.

> Personally, I see Mark's code more easily harnessed 
> as a call-back mechanism.  Combine that with the log message 
> communication mechanism

Which requires the recipient to be able to listen to the log messages.
Becuse you do have desktops and admin systems on the same network, right?

> While Mark's tool may not be "kiddie-ready", it does raise 
> interesting issues.

Of course it does.  I'll also say it's clever, and neat, and damn smart,
which I'm sure are all qualities that are applicable to Mark, too.  

> Just because you or I or even Mark may not be able 
> to figure out all the logistics and problems with this mechanism doesn't 
> mean that someone else can't come along, see it all clearly, and create 
> one hell of a evil application, put it in a worm or rootkit, and let it rip.

When did I say otherwise?

> The long and short of it is that the world is full of networks that 
> don't have all the right settings.  It's great to to use the terms 
> "reasonable" and "best-practice" but that's not how things always work. 
>    There will always be a place for the wily hacker, cracker, 
> script-kiddie, worm, rootkit, etc. as long as there is an Internet. 
> Don't dismiss things as unworkable, you may be reading an article on it 
> in Phrack before you know it...

One of the problems I've found with IT people (and God damn, but if it
doesn't show up in our meetings sometimes) is the desire we occasionally
have to show how smart we are by finding points on which to disagree.  

I never said Mark's program would not work; nor did I say that there
wouldn't be a bunch of places in the world where it would work rather well.
What I did say was that saying "Oh my God! There's no way to stop it!" is
simplistic and wrong.  There _are_ ways of stopping it from working; those
ways have costs associated with them, and sysadmins will need to
communicate those costs to businesses which will then need to decide
whether or not the benefit of stopping covert communication channels is
worth the costs.  Some places will; some places won't.  I'm not even
necessarily advocating what is right in this case (other than "thou shalt
do egress filtering."  I still believe sysadmins who don't need to be
spanked), just pointing out that there are solutions to this problem.

-roy


From sigje at sigje.org  Thu Jul 22 11:46:03 2004
From: sigje at sigje.org (Jennifer Davis)
Date: Thu, 22 Jul 2004 11:46:03 -0700 (PDT)
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer
 Darkly
In-Reply-To: <40FFEB78.6050803@usestrict.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org>
 <20040721225512.GA2877@puppy.inorganic.org> <40FFEB78.6050803@usestrict.org>
Message-ID: <Pine.NEB.4.60.0407221128140.14275@slick.sigje.org>

> The long and short of it is that the world is full of networks that don't 
> have all the right settings.  It's great to to use the terms "reasonable" and 
> "best-practice" but that's not how things always work.    There will always 
> be a place for the wily hacker, cracker, script-kiddie, worm, rootkit, etc. 
> as long as there is an Internet. Don't dismiss things as unworkable, you may 
> be reading an article on it in Phrack before you know it...

Yes, which is exactly what impressed me about Mark's presentation.  It 
drew on knowledge that I did know regarding firewalls and IDS and expanded 
it showing me vulnerabilities that I didn't even think of.  For me it 
wasn't so much the software itself, because it was a proof of concept. 
Sure, Mark can improve it a lot, but what he did have was enough to take 
my understanding of what I needed to be aware of to another level.

Thanks again Mark!

Jennifer



From peter at usestrict.org  Thu Jul 22 14:50:04 2004
From: peter at usestrict.org (Piotr T Zbiegiel)
Date: Thu, 22 Jul 2004 14:50:04 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <20040722183012.GB17845@puppy.inorganic.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <20040721225512.GA2877@puppy.inorganic.org> <40FFEB78.6050803@usestrict.org> <20040722183012.GB17845@puppy.inorganic.org>
Message-ID: <4100368C.1000109@usestrict.org>

Roy S. Rapoport wrote:
> On Thu, Jul 22, 2004 at 09:29:44AM -0700, Piotr T Zbiegiel wrote:
> 
>>People probably never describe your ideas as devilish, fiendish, or 
>>devious, do they?
> 
> 
> Hee.  No comment.
> 

It's just because you said "reasonable" so many time in your email.

> 
>>Personally, I see Mark's code more easily harnessed 
>>as a call-back mechanism.  Combine that with the log message 
>>communication mechanism
> 
> 
> Which requires the recipient to be able to listen to the log messages.
> Becuse you do have desktops and admin systems on the same network, right?

There's that lack of "evil-genius" vision again.  Why did so many at the 
meeting latch onto the comment that was made about how you can't see the 
log messages over the wire because you are on a different segment.  Is 
that supposed to stop me?  Is that supposed to be a problem?  We're 
sysadmins, we should know better than that.

If I am infiltrating your company from the outside and you have 
perimeter firewalls and DMZs my first stop will be your web, mail, and 
dns servers.  All of them write logs, all are ripe for subversion. 
Remember, no one said the recipient of the messages had to be human.

And let's not even talk about internal attackers, cracking most places 
is trivial from the inside.

No one said you have to listen to the log messages at your desk.  One 
owned server + a little arp poisoning and it starts routing all the 
packets on the segment through its network interface.  Now I can see all 
the log messages coming by and a whole lot more.

And that's just one idea.  There's a million more ways to subvert the 
network.  Some of them are practically unstoppable if you expect to have 
a functional, scalable network that isn't a management nightmare.

Remember just because you don't see the possibilities doesn't mean that 
other more devilish, fiendish, and devious people don't see them either.

Later,
Peter


From mark at bitshift.org  Fri Jul 23 10:27:12 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Fri, 23 Jul 2004 10:27:12 -0700
Subject: BayLISA - July 15, 2004 - Mark Langston's Through a Sniffer Darkly
In-Reply-To: <4100368C.1000109@usestrict.org>
References: <Pine.NEB.4.60.0407210932340.27717@slick.sigje.org> <20040721225512.GA2877@puppy.inorganic.org> <40FFEB78.6050803@usestrict.org> <20040722183012.GB17845@puppy.inorganic.org> <4100368C.1000109@usestrict.org>
Message-ID: <20040723172712.GC86438@bitshift.org>



[...snip]

Well, my primary goal was to get people thinking about security.  It
looks like I accomplished that goal.

If anyone's going to be in Las Vegas next week for either Black Hat or
Defcon, let me know and perhaps we can grab a bite or something.


-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org


From michael at halligan.org  Fri Jul 23 15:46:21 2004
From: michael at halligan.org (Michael T. Halligan)
Date: Fri, 23 Jul 2004 15:46:21 -0700 (PDT)
Subject: Reliable laptops around $1k?
Message-ID: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>

I haven't used a laptop in years.. My experience has always been if it's
not a thinkpad, it will be a piece of junk.. Barring Dell (who I refuse
to give my business to), what kind of luck have people had within the
past year in "around a thousand" laptops?  I need to get something for
my wife, and it has to be pretty reliable, as well as light and having a
good battery life.. and of course, must run linux well.  


-------------------
BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile




From mark at bitshift.org  Wed Jul 21 16:09:22 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Wed, 21 Jul 2004 16:09:22 -0700
Subject: *whimper* NIS kerfluffle
Message-ID: <20040721230922.GK86438@bitshift.org>

First, an unrelated rant:  Why does Sun feel it necessary to have
Solaris's resolver, as the first step in any resolution attempt, perform
a reverse lookup on the IPs listed in /etc/resolv.conf?  I mean, I know
I *should* have in-addr.arpa zones for the various blocks I administer,
but is it really necessary to break forward resolution in this
particular and somewhat obscure manner?  Furrfu!


Now, onto the NIS kerfluffle:

I've got a box.  It's a Solaris box.  It's an NIS client.  It, like any
good Solaris NIS client, tries to start NIS at boot.  It can't.  Rather,
as far as I can tell, it won't.

I've done all the standard things -- check /etc/hosts to ensure the
hostnames (and various versions of the FQDN for good measure) of each
NIS master are listed correctly.  Check the interface configuration to
ensure it's putting data on the wire properly.  Verified /var/yp/* is
correct.  And so forth.

I've even narrowed the NIS master list in ypinit -c down to a single
host.  I've tried using its IP rather than the hostname.  I've tried
blowing away /var/yp and starting from scratch.  I've tried moving over
a known-good client's /usr/lib/netsvc/yp.

Nada.  When ypbind starts, even if I just start it manually, ypwhich
continues to claim it can't bind to a master.  *any* master.  Which is
annoying.

rpcinfo -b 100004 1 from another client on the same network verifies
that this misbehaving host is indeed an NIS client.  rpcinfo -p on the
misbeahving host...


...hangs.  As does any other rpcinfo attempt, as long as ypbind is
running.  As soon as it's killed, rpcinfo behaves just as it should.

There are no log entries from inetd or rpcbind regarding this little
issue.  Running rpcbind -D produces nothing when this occurs.  There's
no tli_* log message indicating a socket or door problem.

but, pkill ypbind, and things behave swimmingly in rpc-land.

To add insult to injury, if I start things up using
/usr/lib/netsvc/ypbind -ypsetme, then follow this with a /usr/sbin/ypset
<name_of_master>, NIS starts just fine on this misbegotten doorstop.
ypwhich gives the correct info.  ypcat <mapname> works, for any value of
mapname the server may contain.  In short, NIS works.

Interestingly, starting ypbind -broadcast sometimes works, sometimes
won't, depending on which slave answers the broadcast first.  They'll
all allow this cheese grater's ypwhich to report the master it's bound
to, but sometimes ypcat <mapname> will fail with an RPC error.


Grr.  Argh.


I'm no RPC guru.  In fact, RPC bothers me on many levels.  But I can't
for the life of me see what's causing this problem.  I've been staring
at it off and on for two days now, and I think I've just overthought it.
Am I missing something simple?  Is there some bit of NIS trivia I've
managed to overlook?

Anyone?  Buehler?

-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org



From rsr at inorganic.org  Fri Jul 23 16:18:16 2004
From: rsr at inorganic.org (Roy S. Rapoport)
Date: Fri, 23 Jul 2004 16:18:16 -0700
Subject: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>
References: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>
Message-ID: <20040723231816.GB26279@puppy.inorganic.org>

On Fri, Jul 23, 2004 at 03:46:21PM -0700, Michael T. Halligan wrote:
> I haven't used a laptop in years.. My experience has always been if it's
> not a thinkpad, it will be a piece of junk.. Barring Dell (who I refuse
> to give my business to), what kind of luck have people had within the
> past year in "around a thousand" laptops?  I need to get something for
> my wife, and it has to be pretty reliable, as well as light and having a
> good battery life.. and of course, must run linux well.  

I have two friends who recently got ThinkPad R-series laptops for in that
neighborhood.  They love them, with one or two minor caveats.

-roy


From npc at gangofone.com  Fri Jul 23 16:16:37 2004
From: npc at gangofone.com (Nick Christenson)
Date: Fri, 23 Jul 2004 16:16:37 -0700 (PDT)
Subject: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>
Message-ID: <200407232316.i6NNGbOa011148@prometheus.gangofone.com>


> I haven't used a laptop in years.. My experience has always been if it's
> not a thinkpad, it will be a piece of junk.. 

Hasn't been my experience.  My Toshibas have taken a pounding and done 
okay (my Libretto running FreeBSD is still my travel laptop after more 
than 7 years of hard service).  The Sonys are nice, but they've been too 
fragile for my tastes.  The IBMs are fine, but I've had and heard of problems 
putting Linux on some models.

I think the only IBM in the ~$1K range new is the G40, and it's both
BIG and doesn't play all that well with Linux, IIRC.  I could be mistaken,
though.  It has been some time since I've been laptop shopping, thankfully.

> Barring Dell (who I refuse
> to give my business to), what kind of luck have people had within the
> past year in "around a thousand" laptops?  I need to get something for
> my wife, and it has to be pretty reliable, as well as light and having a
> good battery life.. and of course, must run linux well.  

Light and reliable and good battery life and around $1K is self-exclusionary
by some reasonable measures of each requirement.  However, I am the owner
of two laptops that may meet many of your requirements.

The first is a Compaq Preseario 2190/US (now the 2100Z series).  Seems 
sturdy, cost ~$1K, runs Linux (see 
http://www.jetcafe.org/~npc/articles/linux-on-compaq-laptop.html),
weighs about 7 lbs. (a bit heavier than I'm guessing you want), Athlon
based, battery life doesn't seem to be awesome, but doesn't truly suck.  
I'm satisfied with it.  I use it as terminal around the house and in the
field for wireless testing.

The second is an Apple iBook.  Don't be so quick to reject this idea!
It's 5 lbs., runs OS X or you can put Yellow Dog Linux on it, costs ~$1100,
battery life is pretty good, and seems reasonably sturdy (as long as you 
have a recent model without the bad screens).  So, technically, this one
matches everything you asked about... .

Definitely check out:
http://www.linux-laptop.net/
before you buy.  There's some good advice there.

-- 
Nick Christenson
npc at gangofone.com


From chuck+baylisa at snew.com  Fri Jul 23 17:45:55 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Fri, 23 Jul 2004 17:45:55 -0700
Subject: Reliable laptops around $1k?
In-Reply-To: <200407232316.i6NNGbOa011148@prometheus.gangofone.com>
References: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org> <200407232316.i6NNGbOa011148@prometheus.gangofone.com>
Message-ID: <20040724004555.GA21570@2004.snew.com>

Quoting Nick Christenson (npc at gangofone.com):
...
> The second is an Apple iBook.  Don't be so quick to reject this idea!
> It's 5 lbs., runs OS X or you can put Yellow Dog Linux on it, costs ~$1100,
> battery life is pretty good, and seems reasonably sturdy (as long as you 
> have a recent model without the bad screens).  So, technically, this one
> matches everything you asked about... .

Ummm, how do I put this?
"Holy crap! Hell has frozen over"?

I'd suggested this offlist actually, but then I've carried Powerbooks
for 10 years.  I *kinda* miss MachTen.  I *do* miss the duo and
docking it so nicely.

I've got a 1999 Powerbook.  One of the  batteries lasts 10 minutes
(I can carry it into the kitchen or upstairs and plug it in) or
sleep for at least a day - enough to get home.  It's old.  Batteries
die and need to be replaced.

Dual head with OS X and a 20" monitor attached.  I like that.

5 years and going ain't bad.


I'll note that with an OpenBoot Prom and a wired net, "boot net"
works just wonderfully.  It was how I checked out NetBSD and OpenBSD
on it without risking commitment of the disk to an unknown OS.

I keep leaning towards a BSD on it, just because OS X is *so**bloated*.

On the GirlF's 17" with 1GB of RAM, it's not a problem.  But with
192 in a machine that refuses to take more (it should, it doesn't),
it's a little piggy.

No native OpenOffice (no, I don't avoid word because it doesn't
work on my platforms; I avoid word because I don't like it or it's
parent.  I'd take Word 3.1 or maybe 5, but last I looked, it was
demanding 200MB of RAM or something silly.  My work is about the
same as what I did with the "huge" 8MB FrameMaker).


But for a "normal human" to use, it runs consumer apps like Quicken
(a need for my partner) and such, and it runs a unix.   Just get
the AppleCare and make sure you get to get the new versions of the
OS as they come out.

(applecare took care of a first model airport that died of capacitor).

And understand that the favorite apple customer is the one who's about
to buy.   The laptop I'm on arrived the day Steve Jobs said "And today,
all G3s will come with 20GB harddrives!"   (this has an 8).
I still resent their inability to do *transition* (usb added? ADB and
serial removed).

You can make me an offer on an Apple //+.  I think I still have quicken
for it.  And visicalc.  Not sure of the floppies' conditions though. 
Anyone have NFS for ProDos?


From deirdre at deirdre.net  Fri Jul 23 18:07:04 2004
From: deirdre at deirdre.net (Deirdre Saoirse Moen)
Date: Fri, 23 Jul 2004 18:07:04 -0700 (PDT)
Subject: Reliable laptops around $1k?
In-Reply-To: <200407232316.i6NNGbOa011148@prometheus.gangofone.com>
Message-ID: <Pine.LNX.4.31.0407231800490.26464-100000@emperor.deirdre.org>

On Fri, 23 Jul 2004, Nick Christenson wrote:

> The second is an Apple iBook.  Don't be so quick to reject this idea!
> It's 5 lbs., runs OS X or you can put Yellow Dog Linux on it, costs
> ~$1100, battery life is pretty good, and seems reasonably sturdy (as
> long as you have a recent model without the bad screens).  So,
> technically, this one matches everything you asked about... .

And if you don't mind BSD too much, you can skip the Linux part entirely.

I love my iBook. :)

-- 
_Deirdre  web: http://deirdre.net    blog: http://deirdre.org/blog/
"Memes are a hoax! Pass it on!"



From mark at bitshift.org  Fri Jul 23 19:00:38 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Fri, 23 Jul 2004 19:00:38 -0700
Subject: *whimper* NIS kerfluffle
In-Reply-To: <200407240001.RAA31266@redwood.taos.com>
References: <20040721230922.GK86438@bitshift.org> <200407240001.RAA31266@redwood.taos.com>
Message-ID: <20040724020038.GJ86438@bitshift.org>

On Fri, Jul 23, 2004 at 05:01:33PM -0700, Darren Dunham wrote:
> 
> broadcast or pointed at a server (is /var/yp/binding/<domain>/ypservers
> populated)?

/var/yp/binding/<domain>/ypservers is populated.  When pointed at a
server, it reliably fails.  When I use -broadcast, it sometimes works,
sometimes doesn't (multiple slaves on the same net).  When it "works"
with broadcast, the maps can't be transferred.  rpcinfo still exhibits
the hanging behavior I describe when it "works" in this manner.

> 
> > rpcinfo -b 100004 1 from another client on the same network verifies
> > that this misbehaving host is indeed an NIS client.  rpcinfo -p on the
> > misbeahving host...
> 
> > ...hangs.  As does any other rpcinfo attempt, as long as ypbind is
> > running.  As soon as it's killed, rpcinfo behaves just as it should.
> 
> Never seen that at all... I would probably truss() ypbind and/or rpcinfo
> to see if that gave any additional clues.

Did.  It wasn't informative.  Also ran the rpc daemons in debug mode,
with no further clue provided.

> 
> > To add insult to injury, if I start things up using
> > /usr/lib/netsvc/ypbind -ypsetme, then follow this with a /usr/sbin/ypset
> > <name_of_master>, NIS starts just fine on this misbegotten doorstop.
> > ypwhich gives the correct info.  ypcat <mapname> works, for any value of
> > mapname the server may contain.  In short, NIS works.
> > 
> > Interestingly, starting ypbind -broadcast sometimes works, sometimes
> > won't, depending on which slave answers the broadcast first.  They'll
> > all allow this cheese grater's ypwhich to report the master it's bound
> > to, but sometimes ypcat <mapname> will fail with an RPC error.
> 
> Bad server on the subnet?  (shouldn't cause rpcbind to hang though)
> 

Nope.  Others use it reliably.

> (Did you mean 'server it's bound to' rather than 'master'?)
> 

I did.  I tend to slip and say "master" when I'm referring to the
slaves, because of the likelihood the master may have disappeared.

> If ypwhich shows a bound server, but ypcat fails, I'd think security
> settings on the server (securenets file?)

Hm.  Hadn't checked that.  I'll have a look.

> 
> > I'm no RPC guru.  In fact, RPC bothers me on many levels.  But I can't
> > for the life of me see what's causing this problem.  I've been staring
> > at it off and on for two days now, and I think I've just overthought it.
> > Am I missing something simple?  Is there some bit of NIS trivia I've
> > managed to overlook?
> 
> OS is 8?  Something else?

Yep.  8.

> 
> I can't say I've seen anything quite like that before.  
> 


Me either, and I've been using it since before the lawsuit over the use
of "Yellow Pages".


-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org


From lanning at monsoonwind.com  Fri Jul 23 19:33:06 2004
From: lanning at monsoonwind.com (Robert Hajime Lanning)
Date: Fri, 23 Jul 2004 19:33:06 -0700 (PDT)
Subject: *whimper* NIS kerfluffle
In-Reply-To: <20040721230922.GK86438@bitshift.org>
References: <20040721230922.GK86438@bitshift.org>
Message-ID: <57106.192.55.4.36.1090636386.squirrel@192.55.4.36>


<quote who="Mark C. Langston">
> To add insult to injury, if I start things up using
> /usr/lib/netsvc/ypbind -ypsetme, then follow this with a
> /usr/sbin/ypset
> <name_of_master>, NIS starts just fine on this misbegotten doorstop.
> ypwhich gives the correct info.  ypcat <mapname> works, for any value
> of mapname the server may contain.  In short, NIS works.
>
> Interestingly, starting ypbind -broadcast sometimes works, sometimes
> won't, depending on which slave answers the broadcast first.  They'll
> all allow this cheese grater's ypwhich to report the master it's bound
> to, but sometimes ypcat <mapname> will fail with an RPC error.

This sounds like a possible netmask issue on the network interface.
Make sure the interface is configured correctly. (ip, netmask, broadcast)

-- 
END OF LINE
       -MCP



From chuck+baylisa at snew.com  Fri Jul 23 20:24:29 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Fri, 23 Jul 2004 20:24:29 -0700
Subject: pkgsrc/osx Re: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.31.0407231800490.26464-100000@emperor.deirdre.org>
References: <200407232316.i6NNGbOa011148@prometheus.gangofone.com> <Pine.LNX.4.31.0407231800490.26464-100000@emperor.deirdre.org>
Message-ID: <20040724032429.GA38192@2004.snew.com>

Quoting Deirdre Saoirse Moen (deirdre at deirdre.net):
> On Fri, 23 Jul 2004, Nick Christenson wrote:
> 
> And if you don't mind BSD too much, you can skip the Linux part entirely.
> 
> I love my iBook. :)

And have I recently mentioned that I really like (not quite love)
NetBSD's pkgsrc on OS X?   (It's their instance of /usr/ports/ on
Mac OS X, Solaris and now AIX, Linux and working on OSF/1).


cd /usr/pkgsrc/mail/mutt ; /usr/pkg/bin/bmake install package clean

and I get a REAL mail reader for the Mac.

(and for ELM curmudgeons, that works too).

Love will come when cyrus 2.2 compiles right.


From pmm at igtc.com  Fri Jul 23 18:49:16 2004
From: pmm at igtc.com (Paul M. Moriarty)
Date: Fri, 23 Jul 2004 18:49:16 -0700
Subject: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>
References: <Pine.LNX.4.44L0.0407231545150.4697-100000@mail.halligan.org>
Message-ID: <20040724014915.GG5366@igtc.igtc.com>

Michael T. Halligan writes:
> I haven't used a laptop in years.. My experience has always been if it's
> not a thinkpad, it will be a piece of junk.. Barring Dell (who I refuse
> to give my business to), what kind of luck have people had within the
> past year in "around a thousand" laptops?  I need to get something for
> my wife, and it has to be pretty reliable, as well as light and having a
> good battery life.. and of course, must run linux well.  
> 

Have you looked at the IBM-refurbished Thinkpads for sale on eBay?  If
you wait, you'll find one at your price.  Also, www.ecost.com was
blowing out some older T23s dirt cheap a week or so ago.  Don't know if
they're still avail.

- Paul -


From dan_bethe at yahoo.com  Fri Jul 23 22:28:11 2004
From: dan_bethe at yahoo.com (Dan Bethe)
Date: Fri, 23 Jul 2004 22:28:11 -0700 (PDT)
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724032429.GA38192@2004.snew.com>
Message-ID: <20040724052811.42174.qmail@web51709.mail.yahoo.com>

--- Chuck Yerkes <chuck+baylisa at snew.com> wrote:
> Quoting Deirdre Saoirse Moen (deirdre at deirdre.net):
> > On Fri, 23 Jul 2004, Nick Christenson wrote:
> > 
> > And if you don't mind BSD too much, you can skip the Linux part entirely.

Here's a tangent!  You could run MacOS (even 10) on ppc linux for years, thanks
to Mac-on-Linux.  And now, you can run Linux on MacOS, thanks to qemu!  Qemu is
a portable, free, virtual machine with an optional emulator mode.  So you can
run a multitude of OSs from a plethora of binary architectures on a veritable
bevy of OSs and binary architectures.  It's too good not to share!

Observe!

http://www.freeoszoo.org/screenshots.php

> > I love my iBook. :)

I know!  :)

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


From michael at halligan.org  Fri Jul 23 22:55:09 2004
From: michael at halligan.org (Michael T. Halligan)
Date: Fri, 23 Jul 2004 22:55:09 -0700 (PDT)
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724052811.42174.qmail@web51709.mail.yahoo.com>
Message-ID: <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>

So what is the status of being able to run Windows on a MAC? My wife
has to run some windows based accounting/HR software, as well as be able
to remote desktop into some clients' servers for emergency maintenance..
The nice thing about linux x86 is I can always run vmware..

I've personally been drooling over the 17" powerbook for a while, but am
waiting until next quarter to buy one.

On Fri, 23 Jul 2004, Dan Bethe wrote:

> --- Chuck Yerkes <chuck+baylisa at snew.com> wrote:
> > Quoting Deirdre Saoirse Moen (deirdre at deirdre.net):
> > > On Fri, 23 Jul 2004, Nick Christenson wrote:
> > > 
> > > And if you don't mind BSD too much, you can skip the Linux part entirely.
> 
> Here's a tangent!  You could run MacOS (even 10) on ppc linux for years, thanks
> to Mac-on-Linux.  And now, you can run Linux on MacOS, thanks to qemu!  Qemu is
> a portable, free, virtual machine with an optional emulator mode.  So you can
> run a multitude of OSs from a plethora of binary architectures on a veritable
> bevy of OSs and binary architectures.  It's too good not to share!
> 
> Observe!
> 
> http://www.freeoszoo.org/screenshots.php
> 
> > > I love my iBook. :)
> 
> I know!  :)
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 

-------------------
BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile




From deirdre at deirdre.net  Fri Jul 23 22:57:51 2004
From: deirdre at deirdre.net (Deirdre Saoirse Moen)
Date: Fri, 23 Jul 2004 22:57:51 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
References: <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
Message-ID: <65E128FD-DD36-11D8-8676-000A95F018D8@deirdre.net>

On Jul 23, 2004, at 10:55 PM, Michael T. Halligan wrote:

> So what is the status of being able to run Windows on a MAC? My wife
> has to run some windows based accounting/HR software, as well as be 
> able
> to remote desktop into some clients' servers for emergency 
> maintenance..
> The nice thing about linux x86 is I can always run vmware..

There's always virtual PC. I don't run it, but I know many people who 
do.

-- 
_Deirdre                                             http://deirdre.net
"Cannot run out of time. There is infinite time. You are finite. 
Zathras is finite. This....is wrong tool."  -- Zathras



From dan_bethe at yahoo.com  Sat Jul 24 00:27:33 2004
From: dan_bethe at yahoo.com (Dan Bethe)
Date: Sat, 24 Jul 2004 00:27:33 -0700 (PDT)
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <65E128FD-DD36-11D8-8676-000A95F018D8@deirdre.net>
Message-ID: <20040724072733.8999.qmail@web51710.mail.yahoo.com>

--- Deirdre Saoirse Moen <deirdre at deirdre.net> wrote:
> On Jul 23, 2004, at 10:55 PM, Michael T. Halligan wrote:
> 
> > So what is the status of being able to run Windows on a MAC? My wife
> > has to run some windows based accounting/HR software, as well as be 

I don't know.  You'd have to try it!  Check the screenshots and the mailing
list.

Check tightvnc.com for your remote display needs.  The built-in firewall
hopping via ssh is great.

> > The nice thing about linux x86 is I can always run vmware..

Yeah and you can always run the free qemu for the same functionality.  :)

> There's always virtual PC. I don't run it, but I know many people who 
> do.

Yes VirtualPC is technically superior in virtually (ha!) every end-user-visible
way, but very nonfree.  :)  VirtualPC is very polished and with a high degree
of automatic host/guest OS interoperability.  All the same functionality is
achievable with free software although with more manual intervention and
currently at lower performance, but in a technical sense, the sky is the limit.

On another tangent, I have a friend who installed MacOS 10 in 5 hours in the
free PearPC emulator, hosted on Linux for ia32.  And Qemu can even run Wine
(winehq.com) on ppc linux.  Qemu can transparently register foreign Linux
binaries as executable by the host OS via qemu's binary emulation/translation
layer.

btw when i say "free", i mean "software libre".


		
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail


From deirdre at deirdre.net  Sat Jul 24 00:41:02 2004
From: deirdre at deirdre.net (Deirdre Saoirse Moen)
Date: Sat, 24 Jul 2004 00:41:02 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724072733.8999.qmail@web51710.mail.yahoo.com>
References: <20040724072733.8999.qmail@web51710.mail.yahoo.com>
Message-ID: <D0082167-DD44-11D8-8676-000A95F018D8@deirdre.net>

On Jul 24, 2004, at 12:27 AM, Dan Bethe wrote:

> --- Deirdre Saoirse Moen <deirdre at deirdre.net> wrote:
>> There's always virtual PC. I don't run it, but I know many people who
>> do.
>
> Yes VirtualPC is technically superior in virtually (ha!) every 
> end-user-visible
> way, but very nonfree.  :)

Last I checked, unless the reality distortion field has gone awry, 
Windows was very non-free.

-- 
_Deirdre  web: http://deirdre.net        blog: http://deirdre.org/blog/
yarn: http://fuzzyorange.com    cat's blog: http://fuzzyorange.com/vsd/
"Memes are a hoax! Pass it on!"



From chuck+baylisa at snew.com  Sat Jul 24 10:23:32 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Sat, 24 Jul 2004 10:23:32 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
Message-ID: <20040724172332.GA17797@2004.snew.com>

Quoting Michael T. Halligan (michael at halligan.org):
> So what is the status of being able to run Windows on a MAC? My wife

When I showed up at my first West Coast job (a startup) and They said,
 "ok, we have to get you guys laptops.  What do you like?"

I pointed at the 14" nice bright computer in front of me that
was running, as I recall, Visio.  14" being a bit rare then,
she thought it looked good.  Oh, what it is?  I pointed at
the Apple logo.  She looked.  She looked at the windows
desktop.  At the apple.  the start menu.  Shook her head,
"that's just wrong."

I killed the windows window and kicked open the RedHat instance
of Virtual PC.  The 266MHz "wall st" emulating Windows 95 was
about the same speed as the 233MHz desktop PCs they had (mine,
oddly enough, only ran FreeBSD.)

That was 1998.  Virtual PC presented a, er, virtualized x86
machine.  Enough to install FreeBSD or Linux or that gaming
OS - the one with all the holes.

Oh, "They" got me a sony viao that was ok at BSD but couldn't run
windows reliably - regular hard seizes.  I worked around it
forever, but customers kept passing me excel and visio stuff  so
I confiscated an ex-marketer's Mac.

> I've personally been drooling over the 17" powerbook for a while, but am
> waiting until next quarter to buy one.

I'm sitting at one now.  I deeply phear a screen smack.  In 12
years, I've only had 1 laptop break.  I pulled out a G3, started
it up and - oh,  the screen was in fragments.  No idea how it
happened.


From hunt at frostypenguin.net  Sat Jul 24 10:50:00 2004
From: hunt at frostypenguin.net (Jeremy Hunt)
Date: Sat, 24 Jul 2004 10:50:00 -0700
Subject: *whimper* NIS kerfluffle
In-Reply-To: <20040724020038.GJ86438@bitshift.org>
References: <20040721230922.GK86438@bitshift.org> <200407240001.RAA31266@redwood.taos.com> <20040724020038.GJ86438@bitshift.org>
Message-ID: <E2A8952B-DD99-11D8-A921-00039384D62A@frostypenguin.net>


On Jul 23, 2004, at 7:00 PM, Mark C. Langston wrote:
>
>>
>>> To add insult to injury, if I start things up using
>>> /usr/lib/netsvc/ypbind -ypsetme, then follow this with a 
>>> /usr/sbin/ypset
>>> <name_of_master>, NIS starts just fine on this misbegotten doorstop.
>>> ypwhich gives the correct info.  ypcat <mapname> works, for any 
>>> value of
>>> mapname the server may contain.  In short, NIS works.
>>>
>>> Interestingly, starting ypbind -broadcast sometimes works, sometimes
>>> won't, depending on which slave answers the broadcast first.  They'll
>>> all allow this cheese grater's ypwhich to report the master it's 
>>> bound
>>> to, but sometimes ypcat <mapname> will fail with an RPC error.
>>

If nothing else works you might to do a "boot net" if you have a 
jumpstart image handy, just to check and make sure running a presumably 
clean copy of the OS works as expected. If that doesn't work you might 
also want to take a crack at running VTS on the machine. I had a 
machine 2 weeks ago that has having random issues with doing LDAP binds 
(nope, no NIS) which eventually progressed to other random issues. 
After running VTS for 4 days it finally came back and reported the 
onboard NIC was bad. After Sun replaced the system board it's been 
working like a champ. Well as good as a Sun machine can.

I'm not sure how beneficial the above will be but if you're completely 
stuck it definitely won't hurt. Very bizarre though.

Glad to see actual technical discussions taking place on this list. For 
a while I thought I was subscribed to flamewars at baylisa.org

-Jeremy



From jxh at jxh.com  Sat Jul 24 11:18:47 2004
From: jxh at jxh.com (Jim Hickstein)
Date: Sat, 24 Jul 2004 13:18:47 -0500
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724172332.GA17797@2004.snew.com>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com>
 <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
 <20040724172332.GA17797@2004.snew.com>
Message-ID: <633C4E4AE1C3FC007BC90873@[10.9.18.3]>

> I'm sitting at one now.  I deeply phear a screen smack.  In 12
> years, I've only had 1 laptop break.  I pulled out a G3, started
> it up and - oh,  the screen was in fragments.  No idea how it
> happened.

To judge by the repairs we had to do on our fleet of ThinkPads, they leap
off of buildings under their own power. :-)

If you get a new ThinkPad, get the 3-year warranty from IBM.  It paid off
for us, handsomely, though the machines were much more rugged than the
Dells they replaced.

Personally, I have a G4 TiBook (Mercury) that's now 4 years old and still
fast enough (barely).  A UNIX machine that can print: revolutionary!  A Mac
with ifconfig(8): incredible!  I recommend them to anyone, but especially
geeks, who need ifconfig(8) and all that.  (Earlier I went through a phase
of dual-booting OS 9 and LinuxPPC on my Wallstreet, the one with travel
stickers from all over the world.  OS X is better.)


From jxh at jxh.com  Sat Jul 24 11:24:26 2004
From: jxh at jxh.com (Jim Hickstein)
Date: Sat, 24 Jul 2004 13:24:26 -0500
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <65E128FD-DD36-11D8-8676-000A95F018D8@deirdre.net>
References: <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
 <65E128FD-DD36-11D8-8676-000A95F018D8@deirdre.net>
Message-ID: <2FCC58EA207D08474838232E@[10.9.18.3]>

> There's always virtual PC. I don't run it, but I know many people who do.

I run it.  Well, walk it.  It's not for the heads-down user of anything on
Windows.  (For that I keep a nearby Linux/x86 PC running vmware, displaying
to my desktop G5 with X.  X11, that is.  Even so, I haven't had to touch it
in quite a while.  MS Project, Visio, and Garmin GPS software, are the only
things I still do there.)

The last VPC version I bought did not support the G5, and I haven't
upgraded yet. (It wasn't available last time I looked.)  Now that Microsoft
has acquired it, it's only a matter of time before it gratuitously breaks
certain host OSs that don't start with W.  And the latest thing I ran
inside it was W2KPro; no doubt XP is even slower, and the one after that
... well, you can guess.  I'll hang onto that vmware machine for a while,
yet, but keep VPC for travelling.


From rolnif at mac.com  Sat Jul 24 11:27:33 2004
From: rolnif at mac.com (John Martinez)
Date: Sat, 24 Jul 2004 11:27:33 -0700
Subject: *whimper* NIS kerfluffle
In-Reply-To: <57106.192.55.4.36.1090636386.squirrel@192.55.4.36>
References: <20040721230922.GK86438@bitshift.org> <57106.192.55.4.36.1090636386.squirrel@192.55.4.36>
Message-ID: <215F0D1D-DD9F-11D8-8D58-000D9329BA8E@mac.com>


On Jul 23, 2004, at 7:33 PM, Robert Hajime Lanning wrote:

>
> This sounds like a possible netmask issue on the network interface.
> Make sure the interface is configured correctly. (ip, netmask, 
> broadcast)

One other possibility that I've seen is that your network interface is 
experiencing lots of errors. Try netstat -I.

If you see lots or errors, it could be that autonegotiation isn't 
working correctly. You may need to hard set it on 10/100 interfaces. 
You can do that with ndd. Check out 
<http://docs.sun.com/db/doc/816-2348-10?q=hme> for more info, if for 
example, you have an hme interface.

The suggestion of net booting is also a good one to try out.

-john



From mark at bitshift.org  Sat Jul 24 11:55:23 2004
From: mark at bitshift.org (Mark C. Langston)
Date: Sat, 24 Jul 2004 11:55:23 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <633C4E4AE1C3FC007BC90873@[10.9.18.3]>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org> <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]>
Message-ID: <20040724185523.GA23315@bitshift.org>

On Sat, Jul 24, 2004 at 01:18:47PM -0500, Jim Hickstein wrote:
> 
> Personally, I have a G4 TiBook (Mercury) that's now 4 years old and still
> fast enough (barely).  A UNIX machine that can print: revolutionary!  A Mac
> with ifconfig(8): incredible!  I recommend them to anyone, but especially
> geeks, who need ifconfig(8) and all that.  (Earlier I went through a phase
> of dual-booting OS 9 and LinuxPPC on my Wallstreet, the one with travel
> stickers from all over the world.  OS X is better.)


Indeed.  The talk I gave in July was from a 12" Powerbook, which I
bought after eBaying my 15" Titanium Powerbook.  One other nice thing
about Apple notebooks:  resale value.  I paid over $3k when I bought the
15" new the day it came out (and got it just a day before I had to get
on a plane to Arecibo for a month).  When I eBayed it over a year later,
I got $2k for it, and if I wasn't in a hurry to sell, could have gotten
more.

Try that with a Dell. :)

I went with the 12" Aluminum because, while I occasionally miss the
screen real-estate, it's the same speed as the 15" I sold, and the added
portability much more than makes up for it (I've got a Sager upstairs
that has a desktop 3.2GHz P4 in it.  I bought it for gaming.  It's
wonderful for gaming.  It's also an additional 12lbs in my backpack.
Ouch!)

As I told Strata just a week or so ago, I won't go on about the joys of
OS X, because pretty much every *nix geek I know that's picked up a
Powerbook has fallen in various degrees of love with it.  As far as the
*nix crowd goes, they sell themselves.  I knew it was a bona fide
phenomenon when I walked into LISA one year and damned near everyone
attending was sporting not the standard bestickered Vaios and Thinkpads
and Dells running Linux or a BSD of years past, but Powerbooks.  Even
the terminal room was chock full of shiny new Apple desktops, and was
sponsored by Apple.  Of course, I'd already drunk the Kool-Aid by then,
so I wasn't too surprised at the mass conversion.  But I'm sure others
were stuck by it.  It was quite a sight to walk through the halls and
see one glowing Apple after another, each independently purchased by
people generally posessed of Clue.


-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark at bitshift.org   http://sufficiently-advanced.net    mark at seti.org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org         P2P Antispam          http://www.seti.org


From rick at linuxmafia.com  Sat Jul 24 12:22:13 2004
From: rick at linuxmafia.com (Rick Moen)
Date: Sat, 24 Jul 2004 12:22:13 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <633C4E4AE1C3FC007BC90873@[10.9.18.3]>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org> <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]>
Message-ID: <20040724192213.GN19398@linuxmafia.com>

Quoting Jim Hickstein (jxh at jxh.com):

> Personally, I have a G4 TiBook (Mercury) that's now 4 years old and still
> fast enough (barely).  A UNIX machine that can print: revolutionary!

Praise _is_ owed to the Church of Steve for publicising CUPS, though
they hardly created it.  Although consenting Unixers retain the right
to experience the Pain That Is lpr if they insist, Apple has helped
alert them to the fact -- already known to many of us -- that they can
safeword out of it.  On any *ix.

Deirdre recently gave me her old G3 iBook, and I'll definitely keep
Panther around as a dual-boot component:  Rumour insists that NeXTStep
is still alive under there somewhere; if I scrape off enough of that
lamentable candy coating, it might become visible again.  And when I get
tired of being in someone else's church, there's yaboot, and so on.

#include <long_term_advantages_of_real_open_source.h>

-- 
Cheers,                           "This is Unix.  Stop acting so helpless."
Rick Moen                                               -- D.J. Bernstein
rick at linuxmafia.com


From jxh at jxh.com  Sat Jul 24 12:28:56 2004
From: jxh at jxh.com (Jim Hickstein)
Date: Sat, 24 Jul 2004 14:28:56 -0500
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724185523.GA23315@bitshift.org>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com>
 <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
 <20040724172332.GA17797@2004.snew.com>
 <633C4E4AE1C3FC007BC90873@[10.9.18.3]> <20040724185523.GA23315@bitshift.org>
Message-ID: <9EAF4A73082B90A1228EA54B@[10.9.18.3]>

> It was quite a sight to walk through the halls and
> see one glowing Apple after another, each independently purchased by
> people generally posessed of Clue.

Indeed.  Only they (Apple) didn't do it with Kool-Ade.  Or, rather, if
Kool-Ade gave you super powers, and someone else was trying to get you to
go back to drinking water, you might put up a fuss.

  http://www.jxh.com/slogans.html#suffer


From rick at linuxmafia.com  Sat Jul 24 13:02:12 2004
From: rick at linuxmafia.com (Rick Moen)
Date: Sat, 24 Jul 2004 13:02:12 -0700
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <9EAF4A73082B90A1228EA54B@[10.9.18.3]>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org> <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]> <20040724185523.GA23315@bitshift.org> <9EAF4A73082B90A1228EA54B@[10.9.18.3]>
Message-ID: <20040724200212.GP19398@linuxmafia.com>

Quoting Jim Hickstein (jxh at jxh.com):

>   http://www.jxh.com/slogans.html

Oh my.  Much, much usefulness here.



From jxh at jxh.com  Sat Jul 24 14:05:15 2004
From: jxh at jxh.com (Jim Hickstein)
Date: Sat, 24 Jul 2004 16:05:15 -0500
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040724200212.GP19398@linuxmafia.com>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com>
 <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
 <20040724172332.GA17797@2004.snew.com>
 <633C4E4AE1C3FC007BC90873@[10.9.18.3]> <20040724185523.GA23315@bitshift.org>
 <9EAF4A73082B90A1228EA54B@[10.9.18.3]>
 <20040724200212.GP19398@linuxmafia.com>
Message-ID: <4DEB47C3354A2FC881A25A86@[10.9.18.3]>

>>   http://www.jxh.com/slogans.html
> 
> Oh my.  Much, much usefulness here.

Well... I'm not sure how useful they turn out to be in practice, but it
feels good to recite one of them, at the right moment. :-)


From chuck+baylisa at snew.com  Sat Jul 24 15:08:24 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Sat, 24 Jul 2004 15:08:24 -0700
Subject: lpr/cups (was laptops)
In-Reply-To: <20040724192213.GN19398@linuxmafia.com>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org> <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]> <20040724192213.GN19398@linuxmafia.com>
Message-ID: <20040724220824.GA46310@2004.snew.com>

Quoting Rick Moen (rick at linuxmafia.com):
> Quoting Jim Hickstein (jxh at jxh.com):
> 
> > Personally, I have a G4 TiBook (Mercury) that's now 4 years old and still
> > fast enough (barely).  A UNIX machine that can print: revolutionary!
> 
> Praise _is_ owed to the Church of Steve for publicising CUPS, though
> they hardly created it.  Although consenting Unixers retain the right
> to experience the Pain That Is lpr if they insist, Apple has helped
> alert them to the fact -- already known to many of us -- that they can
> safeword out of it.  On any *ix.

Now, let's fear the bugs that are in there that Will Be Found.
I'd feel better with basic privsep and chrooting in CUPS.

But yeah, after 20 years of LPR (and those EVIL printcap settings for
setting up serial printers and plotters), it was good that someone
made it such that I can open a window and LOOK AT 100 jobs queued
for a printer that's broken and DRAG all those jobs to the twin
printer down the hall.

For all the Good of LPR, good lord it's dated and missing functionality.


From trockij at transmeta.com  Sat Jul 24 18:05:17 2004
From: trockij at transmeta.com (Jim Trocki)
Date: Sat, 24 Jul 2004 18:05:17 -0700 (PDT)
Subject: lpr/cups (was laptops)
In-Reply-To: <20040724220824.GA46310@2004.snew.com>
Message-ID: <Pine.LNX.4.44.0407241802280.24900-100000@dp.transmeta.com>

On Sat, 24 Jul 2004, Chuck Yerkes wrote:

> setting up serial printers and plotters), it was good that someone
> made it such that I can open a window and LOOK AT 100 jobs queued
> for a printer that's broken and DRAG all those jobs to the twin
> printer down the hall.
> 
> For all the Good of LPR, good lord it's dated and missing functionality.

lprng allows you to:

$ lpc move brokenprinter all twinprinter

no DRAGging necessary. and lprng also allows you to LOOK AT queued jobs,
too (without dragging anything).




From chuck+baylisa at snew.com  Sun Jul 25 10:43:30 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Sun, 25 Jul 2004 10:43:30 -0700
Subject: lpr/cups (was laptops)
In-Reply-To: <4102FCB6.6090806@pacbell.net>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com> <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org> <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]> <20040724192213.GN19398@linuxmafia.com> <20040724220824.GA46310@2004.snew.com> <4102FCB6.6090806@pacbell.net>
Message-ID: <20040725174330.GA58024@2004.snew.com>

Quoting richard childers / kg6hac (fscked at pacbell.net):
> In defense of a venerable piece of software that has endured for over 
> two decades:
> 
> An adept UNIX administrator should be able to requeue jobs to another 
> printer queue through any number of mechanisms without having to resort 
> to a graphic user interface, in my humble opinion - there is nothing 
> inherent in lpr(1), lpd(8) or lpc(8) that keeps one from carrying out 
> such an operation.

An adept administrator.

Vs. a secretarial level person.  Vs. a guy at the printer who has
given up on getting ol' ps1 to work.

10 years ago I was bored with requests, taking me from my *real*
work, asking me to redirect the ps1 queue to ps2.


While there's "nothing inherent" in the package that keeps me
"from carrying out the operation", there's nothing in the package
that enables or aids people in doing so.



From trockij at transmeta.com  Sun Jul 25 11:36:41 2004
From: trockij at transmeta.com (Jim Trocki)
Date: Sun, 25 Jul 2004 11:36:41 -0700 (PDT)
Subject: lpr/cups (was laptops)
In-Reply-To: <20040725174330.GA58024@2004.snew.com>
Message-ID: <Pine.LNX.4.44.0407251126510.24900-100000@dp.transmeta.com>

On Sun, 25 Jul 2004, Chuck Yerkes wrote:

> An adept administrator.
> 
> Vs. a secretarial level person.  Vs. a guy at the printer who has
> given up on getting ol' ps1 to work.
>
> 10 years ago I was bored with requests, taking me from my *real*
> work, asking me to redirect the ps1 queue to ps2.

this is why it's a good idea to write and maintain a set of howto
documents for use by everyone responsible for dealing with the system
so they can cheat and refer to them to quickly find out how to do
common tasks.

"dragging and dropping" imho is not a natural and instinctive behavior.
you have to learn it just like you have to learn "lpc move" or learn
how to refer to the faq or system documentation.



From vraptor at employees.org  Sun Jul 25 18:50:29 2004
From: vraptor at employees.org (vraptor at employees.org)
Date: Sun, 25 Jul 2004 18:50:29 -0700 (PDT)
Subject: lpr/cups (was laptops)
In-Reply-To: <Pine.LNX.4.44.0407251126510.24900-100000@dp.transmeta.com>
References: <Pine.LNX.4.44.0407251126510.24900-100000@dp.transmeta.com>
Message-ID: <20040725184337.D11100@willers.employees.org>

On Sun, 25 Jul 2004, Jim Trocki wrote:


> this is why it's a good idea to write and maintain a set of howto
> documents for use by everyone responsible for dealing with the system
> so they can cheat and refer to them to quickly find out how to do
> common tasks.

Hey, can you send some of those users who read documentation/FAQs
over to my customer site?  Cause the people I work for can't even
write down what they want us to do, much less figure out how to do
something for themselves.

> "dragging and dropping" imho is not a natural and instinctive behavior.
> you have to learn it just like you have to learn "lpc move" or learn
> how to refer to the faq or system documentation.

That all depends on what OS you "grew up on"--and I doubt that the
business admin support staff "grew up" bashing around a CLI.

=Nadine=



From vraptor at employees.org  Sun Jul 25 19:22:27 2004
From: vraptor at employees.org (vraptor at employees.org)
Date: Sun, 25 Jul 2004 19:22:27 -0700 (PDT)
Subject: recycling
In-Reply-To: <A6CB57A0-BDD1-11D8-AF36-0030657CE32A@extragalactic.net>
References: <Pine.LNX.3.96.1040611171335.5256A-100000@Maggie.Linux-Consulting.com>
 <A6CB57A0-BDD1-11D8-AF36-0030657CE32A@extragalactic.net>
Message-ID: <20040725191601.L11100@willers.employees.org>


Tossing my two cents in on this a month+ late, but
useful info for others I hope...

<http://www.hackettelec.com/>

Hackette Electronics in San Jose is a 100% recycle
facility.  They will take electronics in any quantity
without disposal fees, with the exception of monitors.

If you bring monitors with other gear of sufficient
quantity, they do not require a disposal fee.  If you
bring in monitors alone, they charge $10/monitor. 
This fee is $5 less than the other recycle facilities
in the South Bay that I am aware of.

I took all my old dead x86 and printer stuff down there
when I recently did a major clean up in preparation for
my move.  I know a lot of sys admins are pack rats, so
this might make the process of winnowing a little easier. 
:-)

=Nadine=


From vraptor at employees.org  Sun Jul 25 19:34:49 2004
From: vraptor at employees.org (vraptor at employees.org)
Date: Sun, 25 Jul 2004 19:34:49 -0700 (PDT)
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <9EAF4A73082B90A1228EA54B@[10.9.18.3]>
References: <20040724052811.42174.qmail@web51709.mail.yahoo.com>
 <Pine.LNX.4.44L0.0407232253540.6202-100000@mail.halligan.org>
 <20040724172332.GA17797@2004.snew.com> <633C4E4AE1C3FC007BC90873@[10.9.18.3]>
 <20040724185523.GA23315@bitshift.org> <9EAF4A73082B90A1228EA54B@[10.9.18.3]>
Message-ID: <20040725192814.P11100@willers.employees.org>

On Sat, 24 Jul 2004, Jim Hickstein wrote:

>> It was quite a sight to walk through the halls and
>> see one glowing Apple after another, each independently purchased by
>> people generally posessed of Clue.
>
> Indeed.  Only they (Apple) didn't do it with Kool-Ade.  Or, rather, if
> Kool-Ade gave you super powers, and someone else was trying to get you to
> go back to drinking water, you might put up a fuss.

For those of you considering an iBook/Powerbook, currently
there is a promotion whereby you can get a $200 rebate when
you buy either plus an iPod.  You get the rebate even if
you use an educational (one jr/community college class
qualifies)/corporate discount when purchasing.

This might be a good way to assuage the spouse/SO if you
get in trouble for buying yourself expensive "toys". ;-)
Or a nice rationalization for those of you lusting after
both...

*cough*

You can also get refurb'd 1Ghz G3/G4 iBooks for <$1K--
click the "Special Deals" on the lower right @ the Apple
store webpage.

=Nadine=


From cos at indeterminate.net  Sun Jul 25 20:26:04 2004
From: cos at indeterminate.net (John Costello)
Date: Sun, 25 Jul 2004 20:26:04 -0700 (PDT)
Subject: recycling
In-Reply-To: <20040725191601.L11100@willers.employees.org>
Message-ID: <Pine.LNX.4.44.0407252018360.12900-100000@olivia.indeterminate.net>

On Sun, 25 Jul 2004 vraptor at employees.org wrote:
> 
> Tossing my two cents in on this a month+ late, but
> useful info for others I hope...

Hm, I don't remember seeing the original.  Glad you posted, Nadine.

Heya, Guy!  Hope you landed on your feet after techtv.

> <http://www.hackettelec.com/>
> 
> Hackette Electronics in San Jose is a 100% recycle
> facility.  They will take electronics in any quantity
> without disposal fees, with the exception of monitors.

There also is Alameda County Computer Resource Center, 
http://www.accrc.org, which has an affiliate in Marin.  They do charge $5 
for computers and varying fees for other items, but I like them because 
they recycle in an environmentally friendly manner.  (Looks like Hackette 
does too.)  Additionally, ACRC is a non-profit organization.  If you 
recycle equipment through them, you can write off the value of the 
equipment.
 
> =Nadine=
> 

-----
John Costello - cos at indeterminate dot net
"What if nothing matters?  What if everything matters?"--Hobbes
"Which would be worse?"--Calvin



From dan_bethe at yahoo.com  Sun Jul 25 23:19:18 2004
From: dan_bethe at yahoo.com (Dan Bethe)
Date: Sun, 25 Jul 2004 23:19:18 -0700 (PDT)
Subject: qemu Re: Reliable laptops around $1k?
In-Reply-To: <20040725192814.P11100@willers.employees.org>
Message-ID: <20040726061918.51332.qmail@web51703.mail.yahoo.com>

> For those of you considering an iBook/Powerbook, currently
> there is a promotion whereby you can get a $200 rebate when

Also, look into joining the Apple Developer Connection.  Even if you arent a
software engineer, you can just pay the annual subscription fee and you, and
your friends if you're nice, get a discount from the Apple Store.  Last I knew,
they were doing a quarterly software bundle mailed out to all ADC members which
included free MacOS upgrades which are normally $120 or so.


		
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail


From dan_bethe at yahoo.com  Sun Jul 25 23:21:46 2004
From: dan_bethe at yahoo.com (Dan Bethe)
Date: Sun, 25 Jul 2004 23:21:46 -0700 (PDT)
Subject: recycling
In-Reply-To: <Pine.LNX.4.44.0407252018360.12900-100000@olivia.indeterminate.net>
Message-ID: <20040726062146.19001.qmail@web51705.mail.yahoo.com>

Also see this in Pleasanton and Hayward for repurposing donated electronics
toward cause-based organizations:

http://isfisf.org/

And this, in general:

http://www.electronicsrecycling.org/Registration/EIAList.aspx?state=CA


	
		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 


From Kristyn.Greenwood at oracle.com  Tue Jul 27 17:22:12 2004
From: Kristyn.Greenwood at oracle.com (Kristyn Greenwood)
Date: Tue, 27 Jul 2004 17:22:12 -0700
Subject: Can I Send this Email on BayLisa mailing list?
Message-ID: <4106F1B4.7010807@oracle.com>

Dear BayLISA members,

I am writing this letter to ask for your help in recruiting Email 
Administrators to participate within a usability study. The purpose of 
this study is to gain an understanding of the tasks that the typical 
Email Administrator performs on a regular basis and the methods and 
tools that they use. Participating email administrators and their 
managers (and referrers) will receive a small gift as a thank you for 
their participation.

Objectives:               
We are interested in learning about the activities of email 
administrators and the types of tasks they typically perform, and the 
tools that they use. We are interested in observing email administrators 
during a typical day (four hour observation) followed by a short (30 
min. ) interview, between Aug. 1st and Sept. 15th.

The feedback from this study will help us to make quality usability 
improvements to many Oracle products. It does not matter if the 
individuals observed are using Oracle software.

Study Participant Requirements:      
All individuals whose primary role is to administer and maintain their 
organization's electronic mail system. Regardless of the type of email 
system administered or the tools used.

    * Must be currently administering the company's electronic mail system.
    * Have at least 6 months of experience at their current position
    * Have a minimum of 1 years experience working as a email administrator


What Do you Need to Do?
If you would like to participate or are interested in learning more 
more, please contact me via email or phone and I will be happy provide 
further details about the study and answer any questions. Please also 
feel free to forward this message to other who might be interested in 
participating.

Thanks, Kristyn Greenwood, Study Coordinator
Principal Usability Engineer - UID
Kristyn.greenwood at Oracle.com
650-506-4760


From chuck+baylisa at snew.com  Tue Jul 27 17:39:37 2004
From: chuck+baylisa at snew.com (Chuck Yerkes)
Date: Tue, 27 Jul 2004 17:39:37 -0700
Subject: recycling
In-Reply-To: <20040725191601.L11100@willers.employees.org>
References: <Pine.LNX.3.96.1040611171335.5256A-100000@Maggie.Linux-Consulting.com> <A6CB57A0-BDD1-11D8-AF36-0030657CE32A@extragalactic.net> <20040725191601.L11100@willers.employees.org>
Message-ID: <20040728003937.GA26381@2004.snew.com>

Quoting vraptor at employees.org (vraptor at employees.org):

...
> I took all my old dead x86 and printer stuff down there
> when I recently did a major clean up in preparation for
> my move.  I know a lot of sys admins are pack rats, so
> this might make the process of winnowing a little easier. 

Packrats!  No.
Archivists.  When the big quake comes and you all need a
box that can run Ultrix*, you'll be crawling to my door.

chuck

* also CP/M, ProDOS, OSF/1, SunOS 3.5, whatever my Motorola Mini
  runs.  No VMS.  I walked away (renee).


From strata at virtual.net  Tue Jul 27 18:52:12 2004
From: strata at virtual.net (Strata R. Chalup)
Date: Tue, 27 Jul 2004 18:52:12 -0700
Subject: BayLISA 8/19/04:  Tom Limoncelli
Message-ID: <410706CC.9020809@virtual.net>


I will be updating the website shortly, but wanted to pre-announce-- our 
August speaker will be Tom Limoncelli, author and speaker 
extraordinaire.  Tom will be in the Bay Area next month and graciously 
volunteered to extend his trip slightly so that he can be our August 
speaker. 

Tom has been putting a lot of thought into 'Best Practices', and how 
they may or may not scale across different types of organizations.  He's 
also working on a new book about time management and interrupt-handling 
for sysadmins, and will be treating us to some excerpts!   We'll post an 
official blurb soon.

cheers,
Strata