RE: [H] Open Source Heretic
No its actually pretty cheap compared to other security products. I think we are in the 20 dollar range per seat as compared to 40+ for most AV and IPS solutions. But don't quote me on the price thing. But the thing that is coolest is that you can control applications network access. So you can allow media players to run but block them from the network. Or you could just block media players all together. Or you can block media players for everyone but allow it for a group of users. I worked on the QA of that product then moved into the security team and do research into Malware for that product. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Ruset Sent: Friday, July 15, 2005 12:17 PM To: The Hardware List Subject: Re: [H] Open Source Heretic That looks pretty damn cool. I bet it's expensive as hell, though. Mesdaq, Ali wrote: Ahh yes that would be awesome to do. And group policies do rock. But if you want to take it a little bit further you should check out CPM from Websense great application control ability. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Ruset Sent: Thursday, July 14, 2005 7:05 PM To: The Hardware List Subject: Re: [H] Open Source Heretic What I was trying to say is that if I could lock down Windows machines with a central policy fed from a Linux machine, that would be great. I have found that a proper implementation of Group Policy and locking down end-user machines fairly tight has saved me countless hours of troubleshooting and repairing Windows client PC's. Computers that I have built and locked down are still running strong, five years after I deployed them. With zero maintenance. I love active directory and group policy. Locking down a Linux machine is a bit tougher. I found a nice tool called Kiosk Tool for KDE, but it doesn't have any sort of central mechanisim for managing clients. Mesdaq, Ali wrote: Did you mean if you could lock down a linux machine?
Re: [H] Open Source Heretic
1) How many people pay for MS support for Windows? There are SO MANY more qualified MS Admins than Linux admins. It's easier to support in-house. Plus, in my experience, Windows is more reliable than Linux for some applications. Hell, I wish my Linux DNS server was as reliable as my Windows server was. 2) You can innovate on an idea, but it will be hard to fund development to bring the idea to fruition. And, since it's open source, someone can just take your code, modify it, and call it their own. To create business level applications, you need money. The Open Source model does not allow for that. Thane Sherrington wrote: Interesting article: http://www.forbes.com/technology/2005/05/26/cz_dl_0526linux.html The problems I see with his argument are: 1)He says that if you charge for service, then you are saying you are giving people crap that requires service. But of course that's exactly what the closed source companies do right now. Plus selling service means it is in your best interest to make the lowest support software possible, as that makes you more money (people will still pay for the safety blanket of support, just like they do for insurance.) 2)He says that open source doesn't have the money to allow innovation. I disagree - it doesn't take money to come up with an idea. If it's a good idea, and you need it, then you can create a program that does it. Since you are doing it for yourself, you don't expect to be paid. Once you've finished it, you can release it as open source, and sell support on it, which then allows you to improve the product. T
Re: [H] Open Source Heretic
At 11:54 AM 14/07/2005, Ben Ruset wrote: Okay, so you pay for the software from MS *and* get support for a period of time. With Linux you're not paying for software and then have to find some 3rd party vendor. That's how I understand it, yes. (It is also my understanding that at some point, you pay for MS support.) I don't think anybody will disagree that it's easier to admin a Windows server than a Linux server. Can't comment on that. It is easier to admin a Netware server than a Windows server. Yeah, but how long will that take? If it takes you 5 years to develop a program on your own when a funded company could have it done in 5 weeks, how does that help computing in general? And competition is not take my product and modify it it's usually lets create a product of our own that does X but also does Y. Except that once a program is released as FOSS, there could end up being many more people working on the program than in a funded company. At least, that's what I read. I've never worked in either, so I can't say from personal experience. I wonder how many Samba implementations have paid support. Or how many mySQL loads are supported by mySQL the company, vs the number of free installs out there. There's a lot of people using a lot of software without paying a dime. Why spend a ton of money to develop software when the vast number of users will end up taking your ideas for free. Sort of like pirated Windows, I guess. :) T
Re: [H] Open Source Heretic
That's how I understand it, yes. (It is also my understanding that at some point, you pay for MS support.) You pay $X for a copy of Windows 2003 Server. After that is paid, you don't have to pay a dime for support if you don't want to. I can't comment on products like SQL server or whatnot, but my understanding is that if you buy a copy of MS software, you're not obligated to pay for support if you don't want. Except that once a program is released as FOSS, there could end up being many more people working on the program than in a funded company. At least, that's what I read. I've never worked in either, so I can't say from personal experience. Okay, but the point I was making is that it's easier and faster to develop when you're funded rather than when you're a hobbyist working on a project in your off-hours. But the only way products will get funded is if there is a decent enough revenue model. By making a nice, friendly easy to use FOSS product (which requires a lot of time and effort) you make it less and less likely to be able to charge for support. What I have seen companies to is release FOSS code, but have a commercial version that has better features. That is a good way to help bring in income. At the same time, however, you have two products that you have to spend money to develop, and one competes against the other. How many Fedora Core servers are in production vs. RHEL? Sort of like pirated Windows, I guess. :) And that proves my point. MS has gone gung-ho to cut piracy down by Product Activation. So obviously product sales is a major factor in their income. Otherwise they could just say well, we'll make it up in support charges.
Re: [H] Open Source Heretic
At 12:21 PM 14/07/2005, Ben Ruset wrote: You pay $X for a copy of Windows 2003 Server. After that is paid, you don't have to pay a dime for support if you don't want to. That's true now, but I have paid for MS support in the past, so I assume that there still is for pay support now - or will be in the future. Okay, but the point I was making is that it's easier and faster to develop when you're funded rather than when you're a hobbyist working on a project in your off-hours. But the only way products will get funded is if there is a decent enough revenue model. By making a nice, friendly easy to use FOSS product (which requires a lot of time and effort) you make it less and less likely to be able to charge for support. Yeah, you're probably right. Oh well, FOSS was cool while it lasted. It'll probably hang around for small apps, but I can't see it surviving as a real competitor to closed source. T
RE: [H] Open Source Heretic
At 12:38 PM 14/07/2005, Chris Reeves wrote: cohesiveness is almost non-existant. IE, Adobe can call Microsoft and say Hey, here's what we are going to do.. and they know that the answers MS gives them represent a stable coding base, and their team can be assigned individual roles. Actually, a friend of mine worked for Nortel, and they finally scrapped Windows development because MS couldn't give them accurate answers as to how the software worked or would work in the future. Your other points are no doubt true, but I'm not sure that MS (or any other large company) is any more cohesive than any large group of people. I think the problem with Linux right now is perceived ease of use. As Ben points out, once ease of use is resolved, that may well end service sales, so that hardly works out. The same friend from Norton feels that software development is doomed. You have two options, he feels: 1)release buggy, incomplete software to force people onto the upgrade treadmill to keep revenue coming in (but this costs you a fortune in support) or 2)release functional software, which means no support costs, but no residual income from upgrades. T
Re: [H] Open Source Heretic
Thane Sherrington wrote: Actually, a friend of mine worked for Nortel, and they finally scrapped Windows development because MS couldn't give them accurate answers as to how the software worked or would work in the future. Sounds like a very specialized case. I can't see Nortel dropping their Contivity VPN client for Windows. That's product suicide. Your other points are no doubt true, but I'm not sure that MS (or any other large company) is any more cohesive than any large group of people. From what I have heard from people who are MS developers, a lot of applications and what not are developed in small teams, and then testing goes on campus wide. I think the problem with Linux right now is perceived ease of use. As Ben points out, once ease of use is resolved, that may well end service sales, so that hardly works out. It's not a perception issue. :) Until Linux apps can be configured as easily as Microsoft apps (without having to go to the command line and edit files), Linux will be the realm of senior level, expensive staff. Configuring Linux apps from a GUI is getting better, but unfortunately there are no standards between vendors, let alone between the same vendor's different versions! Give it a few years, though, and it hopefully will improve. The same friend from Norton feels that software development is doomed. You have two options, he feels: 1)release buggy, incomplete software to force people onto the upgrade treadmill to keep revenue coming in (but this costs you a fortune in support) or 2)release functional software, which means no support costs, but no residual income from upgrades. That's what's killing Microsofy with Office. Office 97 does everything that most casual office workers need to do. There really is no compelling reason to go to a newer version of Office unless you need some really obscure feature. And who is going to roll out Office upgrades at $250 a pop just to get access to some new Excel feature?
Re: [H] Open Source Heretic
Yup. But I bet it's designed to only work on RedHat Enterprise 4 with Kernel version 2.6.x.x.x and once you load some other package or update the server the whole thing breaks until Nortel releases an update. Developing on Linux is likely very easy as long as you limit yourself to a narrow deployment base. We only support this on X server, version X, with only X kernel, and X packages installed. Thane Sherrington wrote: At 01:28 PM 14/07/2005, Ben Ruset wrote: Sounds like a very specialized case. I can't see Nortel dropping their Contivity VPN client for Windows. That's product suicide. They were building a PC-based system to handle multiple phonelines (up to 256?.) MS Telephony system is completely useless, requiring bizarre kludges to make it work. They finally switched to another OS (I believe it was Linux), as support costs were killing them. T
Re: [H] Open Source Heretic
Ok, I was going to try and stay out of this, but... On Thu, 2005-07-14 at 12:33 -0400, Ben Ruset wrote: Find me a Linux server that lets me configure things like DHCP and Dynamic DNS in a GUI window. Microsoft lets me do that. Dynamic DNS is a kludge, and ugly one at that. The workstation should not have control over it's hostname, that is the network's job. It took me 15 hours to get it working under Linux, whereas it took 5 minutes to do with Windows. And it's not nearly as stable as my Windows DHCP/DNS server was. I'm restarting the damn things almost every day. Never had to do that with Windows. Is it the DNS part, or the dynamic DNS part that is unstable, and what version of bind is it running. I have run DNS servers with uptimes in the years range. Configuring bind and dhcpd should take no more than an hour, and that includes writing the zone files, and doing static addresses via dhcp for printers, etc. This is the type of thing that I do a single class lecture and lab on, and have time left over. Don't even get me started on Samba. That's just a disaster to get working right. And as a domain controller it just sucks. Who wants NT4 functionality anymore? Samba domains work group for up to 250 nodes, and a few thousand users. Samba 3 has been very solid for us, and we are migrating systems off of a windows 2000 AD domain. We even have an interdomain trust setup between the two. Oh yea, people who don't want to pay for software to run their business. :) We have a Microsoft Enterprise agreement. I can install Windows 2003 server on any of the servers here I want, and not have a single charge to my office. I don't trust our 5TB of storage to be managed by Windows and NTFS. I don't trust our backups to be managed by windows (we have been burned by that before). Now we run baclua, and just put in a new dual opteron to run it (sql database adds were dragging the old 800MHz Xeon down). The tape drive is a $44K changer from Qualstar. Harry Chris Reeves wrote: *shrug* I cannot answer the issues with Nortel, though, based on how their business works, I know there have to be hundreds ;) I would agree on Ease of Use being an issue. But the fanboys seem convinced to not be high on that as a top goal. I've played recently with things like Xandros Pro, etc. and find that they are probably close to the right track. Get a linux distro with fully function run Windows apps built in, and you've got something. CW
Re: [H] Open Source Heretic
Harry McGregor wrote: Dynamic DNS is a kludge, and ugly one at that. The workstation should not have control over it's hostname, that is the network's job. The workstations name is set locally. What I mean is that when it gets an IP address from DHCP, DHCP updates DNS records with the computer's IP address. Is it the DNS part, or the dynamic DNS part that is unstable, and what version of bind is it running. named seems to be failing. I get complaints about journal files being out of sync and name resolution then stops entirely or works badly until I delete the journal and restart named. It's BIND 9.2.4 as ships in Red Hat Enterprise w/ all of the updates applied. I have run DNS servers with uptimes in the years range. I have too. Non dynamic DNS is easy and pretty much rock solid. Configuring bind and dhcpd should take no more than an hour, and that includes writing the zone files, and doing static addresses via dhcp for printers, etc. This is the type of thing that I do a single class lecture and lab on, and have time left over. Again, trying to make it work the way that I did (with the DHCP server applying the updates) took a lot of time, most of which was spent on research and testing. I wrote a HOWTO for reference so it would likely only take me 30m-1h to setup from scratch now. Again, though, this is to do something that takes less than 5 minutes with the competitive product, which does not force me to muck around in config files. :) Samba domains work group for up to 250 nodes, and a few thousand users. Samba 3 has been very solid for us, and we are migrating systems off of a windows 2000 AD domain. We even have an interdomain trust setup between the two. I find things like Group Policy and other benefits of AD to far outweigh what Samba offers. We have a Microsoft Enterprise agreement. I can install Windows 2003 server on any of the servers here I want, and not have a single charge to my office. I don't trust our 5TB of storage to be managed by Windows and NTFS. I don't trust our backups to be managed by windows (we have been burned by that before). Now we run baclua, and just put in a new dual opteron to run it (sql database adds were dragging the old 800MHz Xeon down). The tape drive is a $44K changer from Qualstar. While I have never had 5tb of storage to deal with, I have never been burnt by Windows or NTFS for things like file shares, etc. In addition, the backup software I have used has been pretty reliable. If you want some sort of enterprise level backup software then call Commvault and get a Galaxy backup pointing to a virtual tape drive on a SAN. :) My whole point about Linux is that it's still way too hard to use and administrate. Unless, like you, you live and breathe Linux and are well skilled in it. I consider myself to be reasonably competent in Linux, yet find myself struggling often to get tasks that are simple in the Windows world done under Linux.
Re: [H] Open Source Heretic
At 13:07 7/14/2005, Harry McGregor, wrote: Now we run baclua, and just... Bacula? http://www.Google.com/search?q=Bacula Start Here to Find It Fast! - http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names - http://domains.us-webmasters.com/
Re: [H] Open Source Heretic
Yep, sorry about the typo. http://www.bacula.org/ Harry On Thu, 2005-07-14 at 14:13 -0500, W. D. wrote: At 13:07 7/14/2005, Harry McGregor, wrote: Now we run baclua, and just... Bacula? http://www.Google.com/search?q=Bacula Start Here to Find It Fast!™ - http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names - http://domains.us-webmasters.com/
Re: [H] Open Source Heretic
At 12:28 PM 7/14/2005, Ben Ruset typed: That's what's killing Microsofy with Office. Office 97 does everything that most casual office workers need to do. There really is no compelling reason to go to a newer version of Office unless you need some really obscure feature. And who is going to roll out Office upgrades at $250 a pop just to get access to some new Excel feature? This is why O2k3 has more collaboration tools won't run on 98 machines. MSFT knows that most of the stuff that is borrowed is not being done so by corporations. What gets me is that MSFT tells us as system builders, developers, beta testers, programmers etc etc that they are for small business but I don't know of one small business that actually uses Share Point Portal Services. While centralized collaboration is great for larger companies who have depts that are larger than most small businesses many medium sized business still would rather just rely on in house email than spend the extra loot. Let's face it to make a buck one doesn't spend any more than they have to get the product out the door. --+-- Wayne D. Johnson Ashland, OH, USA 44805 http://www.wavijo.com
Re: [H] Open Source Heretic
Sharepoint is free though. It's actually pretty cool, from what small amount of time I've played with it. Wayne Johnson wrote: At 12:28 PM 7/14/2005, Ben Ruset typed: That's what's killing Microsofy with Office. Office 97 does everything that most casual office workers need to do. There really is no compelling reason to go to a newer version of Office unless you need some really obscure feature. And who is going to roll out Office upgrades at $250 a pop just to get access to some new Excel feature? This is why O2k3 has more collaboration tools won't run on 98 machines. MSFT knows that most of the stuff that is borrowed is not being done so by corporations. What gets me is that MSFT tells us as system builders, developers, beta testers, programmers etc etc that they are for small business but I don't know of one small business that actually uses Share Point Portal Services. While centralized collaboration is great for larger companies who have depts that are larger than most small businesses many medium sized business still would rather just rely on in house email than spend the extra loot. Let's face it to make a buck one doesn't spend any more than they have to get the product out the door. --+-- Wayne D. Johnson Ashland, OH, USA 44805 http://www.wavijo.com
RE: [H] Open Source Heretic
I think that all depends on the company and the knowledge of the IT staff. If the IT staff understands business requirements and productivity issues then they can build solutions that make people more productive thus bringing or saving more money in the long run. MS products give the ability to be extremely collaborative but you just have to know what you're doing. You can probably achieve the same from open source but you have to know what you're doing to a much higher degree. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wayne Johnson Sent: Thursday, July 14, 2005 3:37 PM To: The Hardware List Subject: Re: [H] Open Source Heretic At 12:28 PM 7/14/2005, Ben Ruset typed: That's what's killing Microsofy with Office. Office 97 does everything that most casual office workers need to do. There really is no compelling reason to go to a newer version of Office unless you need some really obscure feature. And who is going to roll out Office upgrades at $250 a pop just to get access to some new Excel feature? This is why O2k3 has more collaboration tools won't run on 98 machines. MSFT knows that most of the stuff that is borrowed is not being done so by corporations. What gets me is that MSFT tells us as system builders, developers, beta testers, programmers etc etc that they are for small business but I don't know of one small business that actually uses Share Point Portal Services. While centralized collaboration is great for larger companies who have depts that are larger than most small businesses many medium sized business still would rather just rely on in house email than spend the extra loot. Let's face it to make a buck one doesn't spend any more than they have to get the product out the door. --+-- Wayne D. Johnson Ashland, OH, USA 44805 http://www.wavijo.com
Re: [H] Open Source Heretic
At 06:41 PM 7/14/2005, Ben Ruset typed: Sharepoint is free though. Running it on a separate server sure isn't free Office 2k3 isn't free. Without Outlook 2k3, Sharepoint is severely limited. It's actually pretty cool, from what small amount of time I've played with it. Yes it's pretty neat as I beta tested the thing but as I was trying to point out, this is not enough reason for most companies to upgrade their office suite from MSFT. --+-- Wayne D. Johnson Ashland, OH, USA 44805 http://www.wavijo.com
Re: [H] Open Source Heretic
If an office already has a Windows 2003 server then they could just load it on that one. Chances are most new offices would end up with at least one Win2k3 server. I haven't played with it through Outlook, but with Office and IE it worked pretty nice. Wayne Johnson wrote: At 06:41 PM 7/14/2005, Ben Ruset typed: Sharepoint is free though. Running it on a separate server sure isn't free Office 2k3 isn't free. Without Outlook 2k3, Sharepoint is severely limited. It's actually pretty cool, from what small amount of time I've played with it. Yes it's pretty neat as I beta tested the thing but as I was trying to point out, this is not enough reason for most companies to upgrade their office suite from MSFT. --+-- Wayne D. Johnson Ashland, OH, USA 44805 http://www.wavijo.com