Re: Chinese Kiddos with Broken Dicts?
On Sat, 2009-05-09 at 22:35 -0700, Kurt Granroth wrote: That seems... unlikely. I have had thousands of unique IPs hit some of my hosts, many to never repeat after a round of attacks. The more plausible route is that they have a botnet of pwned boxes numbering in the hundreds of thousands and they just use them for random dictionary attacks. Once the dictionary attack is done (completely failed), they move on. One lesson to learn from this, though, is to NEVER allow name+password based logins over the Internet. If you open up port 22 to the world, then make sure you restrict logins to SSH key only. Most importantly: PasswordAuthentication no If a million monkeys can write the works of Shakespeare, then a million compromised zombies can eventually crack all of your passwords, too! I NEVER open port 22 for SSH to the Internet but always use a different port number I ALWAYS use denyhosts (but there are other programs that do much the same thing) that blocks connections after a pre-defined number of failed attempts within a pre-defined time period. I use a pretty low number of failed attempts and a fairly wide time window period. I used to pay attention to iptables reports and even once wrote a database program to import/sort/report on them because if you have a box on the Internet, you are going to get a lot of blocked attempts but I really felt that virtually all of that time and energy was wasted. I am no longer surprised nor worried about people port scanning my public IP addresses any more. I do employ SELinux these days for an added layer of protection but I don't know that I've had a system compromised in the last 10 years...but I did have several systems compromised a little over 10 years ago and started taking security very seriously. I do scan my own systems to verify which ports are open on the Internet. If you really want to know where your network is weakest...look at your wireless access point/router. But really, the biggest threat these days is using a web browser because you can't even trust the web sites you think that you trust. I sleep pretty well at night. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Chinese Kiddos with Broken Dicts?
This is the FIRST thing in setting up any secure server (along with say not running Apache or Mysql as root, etc.) Evidently you have not attended the HackFests, where more than a few of the group were well, able to gain a login on a machine with various tools including Brute Forcing via Muppet, and dictionary attacks. http://a.mongers.org/muppets/20040808-sshscan-1 http://blog.taragana.com/index.php/archive/brute-force-ssh-hacking-attempt-on-my-server-guess-who-was-responsible/ What you say? Nothing in the logs? Pwnership immediately cloaks all future access via nice wrappers for a list of binaries. Apt-get or yum refresh your ls, top, netstat, who, last. What you say? You ran a rootkit search and found nothing. Sorry but the simple truth is that most craft their own rootkits via simple gcc make to even mimic the time/date creation and the file size. Setup a quick Snort and log to another server with no SSH to catch them in your spider trap? On Sat, May 9, 2009 at 9:56 PM, Andrew Tuna Harris t...@supertunaman.comwrote: Excerpts from Lisa Kachold's message of Sat May 09 20:17:24 -0700 2009: Be afraid, very afraid! Oh hamburgers! You must put that IP in your firewall! Done. There's a good chance they already go in, if you didn't put in iptables brute force controls? OH SHI- How'd they get in? What's going on? : On Sat, May 9, 2009 at 5:39 PM, Andrew Tuna Harris t...@supertunaman.comwrote: Helloes. Yes, another thread about the Chinese. Okayso over the past couple days I've been seeing things like this: /var/log/messages:May 9 11:00:10 (none) sshd[688]: Connection from 200.111.157.187 port 51751 /var/log/messages:May 9 11:00:10 (none) sshd[688]: Did not receive identification string from 200.111.157.187 And then I don't hear from that ip ever again. What's going on here? Did the script that all those kiddies are using break? Should I be more concerned? Thanks! --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Chinese Kiddos with Broken Dicts?
Here's a video using custom dictionaries and netcat: http://bitcast-a.bitgravity.com/revision3/web/hak5/0511/hak5--0511--netcat-virtualization-wordpress--large.xvid.avi You only see the foolish ones in your logs, these exploits can also use an obfuscated source for a number of each of their source addresses, so what you see as a distributed attack, is actually just one person running a 5 day sized dictionary against the passwd file. Check hydra, Jack the ripper, brutus (list here): http://sectools.org/crackers.html On Sun, May 10, 2009 at 10:05 AM, Lisa Kachold lisakach...@obnosis.comwrote: This is the full lowdown on what to do: http://www.la-samhna.de/library/brutessh.html On Sun, May 10, 2009 at 9:57 AM, Lisa Kachold lisakach...@obnosis.comwrote: This is the FIRST thing in setting up any secure server (along with say not running Apache or Mysql as root, etc.) Evidently you have not attended the HackFests, where more than a few of the group were well, able to gain a login on a machine with various tools including Brute Forcing via Muppet, and dictionary attacks. http://a.mongers.org/muppets/20040808-sshscan-1 http://blog.taragana.com/index.php/archive/brute-force-ssh-hacking-attempt-on-my-server-guess-who-was-responsible/ What you say? Nothing in the logs? Pwnership immediately cloaks all future access via nice wrappers for a list of binaries. Apt-get or yum refresh your ls, top, netstat, who, last. What you say? You ran a rootkit search and found nothing. Sorry but the simple truth is that most craft their own rootkits via simple gcc make to even mimic the time/date creation and the file size. Setup a quick Snort and log to another server with no SSH to catch them in your spider trap? On Sat, May 9, 2009 at 9:56 PM, Andrew Tuna Harris t...@supertunaman.com wrote: Excerpts from Lisa Kachold's message of Sat May 09 20:17:24 -0700 2009: Be afraid, very afraid! Oh hamburgers! You must put that IP in your firewall! Done. There's a good chance they already go in, if you didn't put in iptables brute force controls? OH SHI- How'd they get in? What's going on? : On Sat, May 9, 2009 at 5:39 PM, Andrew Tuna Harris t...@supertunaman.comwrote: Helloes. Yes, another thread about the Chinese. Okayso over the past couple days I've been seeing things like this: /var/log/messages:May 9 11:00:10 (none) sshd[688]: Connection from 200.111.157.187 port 51751 /var/log/messages:May 9 11:00:10 (none) sshd[688]: Did not receive identification string from 200.111.157.187 And then I don't hear from that ip ever again. What's going on here? Did the script that all those kiddies are using break? Should I be more concerned? Thanks! --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: BlenderCAD 05-10-09
Hi Lisa, I appreciate your offer to setup NFS for me, however, I don't really want someone to just do it for me. I need to understand how to set it up and maintain it; and the other issues are more important. I really need someone to come over and help me resolve the remaining IPcop, SME server, Ubuntu server issues. If anyone is both willing and able to come over and help I would really appreciate it. I am really close to having everything working properly, although, I am not sure that I can resolve the remaining issues. The second BlenderCAD workshop was today and again no one showed. I intend on holding the BlenderCAD workshop every Sunday afternoon. Hopefully, people will come and contribute. I know that for years I have waited for someone else to write the CAD software for me, and it was only recently that I figured out that if I want a CAD program I was going to have to step up and do something. MatthewMPP Lisa Kachold wrote: Matthew, I can't come to BlenderCAD, but I have a few cards you can pick through? Also, if you give me ssh access, I can setup your NFS. 503-754-4452 On Fri, May 8, 2009 at 10:54 PM, Matthew A Coulliette matthew...@cox.net wrote: Hi everyone, Just a reminder to everyone that this Sunday is the 2nd BlenderCAD workshop. It is from 12-6pm every sunday, at my house (address below). BlenderCAD is not going to write itself; so I am trying to do my part and I invite everyone who also wants a full featured open source cad program to come over and help. No development experience required; just bring your passion for BlenderCAD. Here is what I was thinking that we should work on this Sunday. I still have not managed to get SME server and IPCop to work together properly. I could really use some help setting it up. I have the red green zones working; orange is almost working, and I have not really started on the blue zone yet. I think I need 4 unique ethernet cards and I only have 3. I believe I will need a 10/100 ethernet pci card that is not made by Intel, 3com, or RealTek, to get the blue zone working. (If anyone feels like donating one.) I also have the data server to setup. I want to install Ubuntu server edition on it, and use nfs to mount the something/data partition to the workstations when they boot up. Although, I am not really familiar with Ubuntu server or NFS. I could use some help with this also. I do have workstations ready for people to use if they want to start working on the webpage, artwork, documentation, or source code. I look forward to seeing all of you here on Sunday, 05-10-09, 12-6pm. BYOE. I have workstations, wired ethernet, and fridge space for you to use. Matthew Coulliette 1556 E. Grandview Mesa, AZ. 85203 Mobile Ph: 602-762-1791 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 "Contradictions do not exist." A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Ubuntu Jaunty Update Pop-Under
On Sat, 2009-05-09 at 14:12 -0700, koder wrote: Oh, THE Ted? There is only one ;) Thanks for the link to the bug. Since I am not involved in development and am never sure what constitutes a bug. I have never spent much time in there. A feature that I don't care for is not a bug. I have not seen anyplace to discuss desired features. I presume there is one. Well, bug is always a confusing term. But in general, requested feature that are more on the idea stage are better brought out in Brainstorm. http://brainstorm.ubuntu.com The brainstorm ideas are watched by the community team which then pushes for them to get on the schedule for UDS. I am running Ubuntu 8.04 and planning in sticking with it for a while, so I have not noticed the update behavior that was commented on, so I did not understand what the hoopla was all about. In general, for most users, I'd suggest going from LTS to LTS. While we love the support and testing and feedback that we get from all of the users on every release; for most folks LTS is a good solution. I also would like to see the Show Search entry icon go away. I have never used it, and the couple of times I tested it is did not do anything I wanted to use. This has been removed in the default desktop. It had a lot of promise, but hasn't yet lived up to it. Nokia has started putting money into Tracker development, so I'm hoping that it will at some point live up to what we thought it'd be. Of course, some may find the icons of tremendous use. Based on my understanding of the principle of Linux and Ubuntu design the route would be to leave it as a configurable option. Heh, I'm not sure that Linux in general has any principles of design. In general, it has about a thousand, which is part of the problem with the Linux desktop feeling disjoint. Not sure how to fix that. It might be something we're stuck with, though we're trying to fix it as best we can. What does irritate me though is that on my laptop the update tells me it can only do a partial update to my software. It does not tell me why. My options are to do a partial update to everything, or refuse to do any updates at all, for ever it seems. I don't know if that is a bug or not. I find it strange behavior. On an allied topic, many times an upgrade comes down with a description that says there is no information about the update, but it wants to install it anyway. If an update does not have a simple description available for it, is it ready for distribution? Or, perhaps to rephrase, if it isn't ready, including a description why is it being offered? Yes, these are both issues with add/remove software that we're working on. There is an effort for Karmic surrounding App Center -- though the name is very temporary -- which will fix these and a bunch of other issues with add/remove software and hopefully make it excellent again. The Ubuntu Desktop team is tackling it, if you'd like to participate I'd suggest talking about it on their mailing list or showing up at their weekly IRC meeting. Of course the UDS sessions discussing it will be broadcast on the Internet as well. (there is some two-way, but it's difficult) --Ted signature.asc Description: This is a digitally signed message part --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: Chinese Kiddos with Broken Dicts?
Take a look at sshblack, it works very well for me. http://www.pettingers.org/code/sshblack.html -Original Message- From: plug-discuss-boun...@lists.plug.phoenix.az.us [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Kurt Granroth Sent: Saturday, May 09, 2009 10:35 PM To: Main PLUG discussion list Subject: Re: Chinese Kiddos with Broken Dicts? That seems... unlikely. I have had thousands of unique IPs hit some of my hosts, many to never repeat after a round of attacks. The more plausible route is that they have a botnet of pwned boxes numbering in the hundreds of thousands and they just use them for random dictionary attacks. Once the dictionary attack is done (completely failed), they move on. One lesson to learn from this, though, is to NEVER allow name+password based logins over the Internet. If you open up port 22 to the world, then make sure you restrict logins to SSH key only. Most importantly: PasswordAuthentication no If a million monkeys can write the works of Shakespeare, then a million compromised zombies can eventually crack all of your passwords, too! On 5/9/09 8:17 PM, Lisa Kachold wrote: Be afraid, very afraid! You must put that IP in your firewall! There's a good chance they already go in, if you didn't put in iptables brute force controls? On Sat, May 9, 2009 at 5:39 PM, Andrew Tuna Harris t...@supertunaman.com mailto:t...@supertunaman.com wrote: Helloes. Yes, another thread about the Chinese. Okayso over the past couple days I've been seeing things like this: /var/log/messages:May 9 11:00:10 (none) sshd[688]: Connection from 200.111.157.187 port 51751 /var/log/messages:May 9 11:00:10 (none) sshd[688]: Did not receive identification string from 200.111.157.187 And then I don't hear from that ip ever again. What's going on here? Did the script that all those kiddies are using break? Should I be more concerned? --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: BlenderCAD 05-10-09
1) Today was MOTHERS DAY. We geeky types forget the social requirements and have unrealistic expectations of everyone, even in the PLUG. 2) It is very hard for people in this economy. They can't get to everything, so they are very picky, attending a RHEL RHCE study group, or a special concert in their free time (what little is left after pursuit of the legal tender). 3) Hang out, as people get to know you, and realize how fun hanging at your house is, they will come around. Or not, since: If you pursue what you are passionate about, continue to promote it, and post to the list, you will have contributed. Also, are their any CAD groups you can cross post to? On Sun, May 10, 2009 at 2:42 PM, Matthew A Coulliette matthew...@cox.netwrote: Hi Lisa, I appreciate your offer to setup NFS for me, however, I don't really want someone to just do it for me. I need to understand how to set it up and maintain it; and the other issues are more important. I really need someone to come over and help me resolve the remaining IPcop, SME server, Ubuntu server issues. If anyone is both willing and able to come over and help I would really appreciate it. I am really close to having everything working properly, although, I am not sure that I can resolve the remaining issues. The second BlenderCAD workshop was today and again no one showed. I intend on holding the BlenderCAD workshop every Sunday afternoon. Hopefully, people will come and contribute. I know that for years I have waited for someone else to write the CAD software for me, and it was only recently that I figured out that if I want a CAD program I was going to have to step up and do something. MatthewMPP Lisa Kachold wrote: Matthew, I can't come to BlenderCAD, but I have a few cards you can pick through? Also, if you give me ssh access, I can setup your NFS. 503-754-4452 On Fri, May 8, 2009 at 10:54 PM, Matthew A Coulliette matthew...@cox.netwrote: Hi everyone, Just a reminder to everyone that this Sunday is the 2nd BlenderCAD workshop. It is from 12-6pm every sunday, at my house (address below). BlenderCAD is not going to write itself; so I am trying to do my part and I invite everyone who also wants a full featured open source cad program to come over and help. No development experience required; just bring your passion for BlenderCAD. Here is what I was thinking that we should work on this Sunday. I still have not managed to get SME server and IPCop to work together properly. I could really use some help setting it up. I have the red green zones working; orange is almost working, and I have not really started on the blue zone yet. I think I need 4 unique ethernet cards and I only have 3. I believe I will need a 10/100 ethernet pci card that is not made by Intel, 3com, or RealTek, to get the blue zone working. (If anyone feels like donating one.) I also have the data server to setup. I want to install Ubuntu server edition on it, and use nfs to mount the something/data partition to the workstations when they boot up. Although, I am not really familiar with Ubuntu server or NFS. I could use some help with this also. I do have workstations ready for people to use if they want to start working on the webpage, artwork, documentation, or source code. I look forward to seeing all of you here on Sunday, 05-10-09, 12-6pm. BYOE. I have workstations, wired ethernet, and fridge space for you to use. Matthew Coulliette 1556 E. Grandview Mesa, AZ. 85203 Mobile Ph: 602-762-1791 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand -- --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings:http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Free Webhost
Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010, and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. oh, and any physical network infrastructure may not be replaced unless it has the identical regulatory regime and third party accesses as the prior infrastructure, with the most liberal (open access) being propogated forward into any improved infrastructure - with all prior infrastructure (wire to fiber - this is you) grandfatherd retroactively. Public services must be under a ratchet when it comes to increasing access to the channels, there is no ethical reason to improve our infrastructure and lock in our citizens into a monopoly. this is simply incremental servitude and a public bad. a kickback at best, a fraud on the state at worst. *if you need to have ports blocked, pay a bit extra, it's a service - not the base condition. one of many that could be offered just sayin' this should not be a problem for Arizonans - and probably the only thing that might save Arizona from becoming the west's most backward state. or you can just be meat on the hoof for out of state interests. its plantation technology and bad. On Sat, May 9, 2009 at 2:18 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, only linux type people would try to hammer down a vague requirement (cox use) out of sheer ethical intent, when the rest of the world equates stipulations this non-specific as a license to steal! On Wed, May 6, 2009 at 9:06 PM, James Mcphee jmc...@gmail.com wrote: I don't remember them specifying hardware vs software servers. I think we're assuming software servers in this case. On Wed, May 6, 2009 at 8:45 AM, Stephen cryptwo...@gmail.com wrote: server desktop and workstation are simply a role definition of how a computer is used regardless of OS/Hardware. It is our need to specialize hardware fro the roles and those needs that makes it common for people think that the hardware is what defines a role. On Tue, May 5, 2009 at 5:25 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, server under Linux is vague (since a desktop is certainly as powerful), however the business use stipulations also are unreasonable, unenforceable, and the description certainly doesn't cover home business or remote access for work purposes, as well? Many people run Windows MSN Entertainment servers; by definition TIVO or MythTV is a server? --- Lisa Playing Devil's Advocate! On Mon, May 4, 2009 at 6:28 PM, Judd Pickell pick...@gmail.com wrote: Depending on how you construe Server, I think that most people would be in violation of this, considering the vast amount of software that runs a process continually that listens on specific ports and responds to requests.. Sincerely, Judd On Mon, May 4, 2009 at 4:42 PM, Lisa Kachold lisakach...@obnosis.com wrote: I believe we all have our interpretation of laws and rules in America; unless there are consequences? Actually, you agree with the Acceptable Use Policy that you will not run a server. It also addresses business use in a vague way (doesn't everyone use their home office for business)? Commercial Use. The Service is designed for personal, non-business related use of the Internet and may not be used for commercial purposes. You may not resell or otherwise charge others to use the residential Service. You agree not to use the Service for operation as an Internet service provider, or for any other business enterprise, including, without limitation, IP address translation or similar facilities intended to provide additional access. Cox Business Services offers commercial Internet services. Servers. You may not operate, or allow others to operate, servers of any type or any other device, equipment, and/or software providing server-like functionality in connection with the Service, unless expressly authorized by Cox. http://www.cox.com/policy/ On Mon, May 4, 2009 at 2:47 PM, Bob Elzer bob.el...@gmail.com wrote: My interpretation of the AUP, is that they don't want you running then Next Slashdot or Face Book, with lots of traffic. If you are only going to use it for personal access, and maybe to show family photos to friends, then I don't think it would be a problem. Are we talking Hundreds, Thousands, or 20 visitors ? From:
Re: BlenderCAD 05-10-09
As it is mothers day i was not able to go to the workshop.. On Sun, May 10, 2009 at 4:22 PM, Lisa Kachold lisakach...@obnosis.com wrote: 1) Today was MOTHERS DAY. We geeky types forget the social requirements and have unrealistic expectations of everyone, even in the PLUG. 2) It is very hard for people in this economy. They can't get to everything, so they are very picky, attending a RHEL RHCE study group, or a special concert in their free time (what little is left after pursuit of the legal tender). 3) Hang out, as people get to know you, and realize how fun hanging at your house is, they will come around. Or not, since: If you pursue what you are passionate about, continue to promote it, and post to the list, you will have contributed. Also, are their any CAD groups you can cross post to? On Sun, May 10, 2009 at 2:42 PM, Matthew A Coulliette matthew...@cox.net wrote: Hi Lisa, I appreciate your offer to setup NFS for me, however, I don't really want someone to just do it for me. I need to understand how to set it up and maintain it; and the other issues are more important. I really need someone to come over and help me resolve the remaining IPcop, SME server, Ubuntu server issues. If anyone is both willing and able to come over and help I would really appreciate it. I am really close to having everything working properly, although, I am not sure that I can resolve the remaining issues. The second BlenderCAD workshop was today and again no one showed. I intend on holding the BlenderCAD workshop every Sunday afternoon. Hopefully, people will come and contribute. I know that for years I have waited for someone else to write the CAD software for me, and it was only recently that I figured out that if I want a CAD program I was going to have to step up and do something. MatthewMPP Lisa Kachold wrote: Matthew, I can't come to BlenderCAD, but I have a few cards you can pick through? Also, if you give me ssh access, I can setup your NFS. 503-754-4452 On Fri, May 8, 2009 at 10:54 PM, Matthew A Coulliette matthew...@cox.net wrote: Hi everyone, Just a reminder to everyone that this Sunday is the 2nd BlenderCAD workshop. It is from 12-6pm every sunday, at my house (address below). BlenderCAD is not going to write itself; so I am trying to do my part and I invite everyone who also wants a full featured open source cad program to come over and help. No development experience required; just bring your passion for BlenderCAD. Here is what I was thinking that we should work on this Sunday. I still have not managed to get SME server and IPCop to work together properly. I could really use some help setting it up. I have the red green zones working; orange is almost working, and I have not really started on the blue zone yet. I think I need 4 unique ethernet cards and I only have 3. I believe I will need a 10/100 ethernet pci card that is not made by Intel, 3com, or RealTek, to get the blue zone working. (If anyone feels like donating one.) I also have the data server to setup. I want to install Ubuntu server edition on it, and use nfs to mount the something/data partition to the workstations when they boot up. Although, I am not really familiar with Ubuntu server or NFS. I could use some help with this also. I do have workstations ready for people to use if they want to start working on the webpage, artwork, documentation, or source code. I look forward to seeing all of you here on Sunday, 05-10-09, 12-6pm. BYOE. I have workstations, wired ethernet, and fridge space for you to use. Matthew Coulliette 1556 E. Grandview Mesa, AZ. 85203 Mobile Ph: 602-762-1791 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- www.obnosis.com (503)754-4452 Contradictions do not exist. A. Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- A mouse trap, placed on top of your alarm clock, will prevent you from
Re: Free Webhost
Nice thought, but really, I don't think this is even viable. I'm sure the hackers would be all for that though. Oh goody! Now 95% of the people using cox are unprotected from everything! And the isp's responsibility would be limited to their modem (cpe). Can't get to your email? Yeah, we only provide bandwidth now so you have to provide your own email, but you can set up your own server! Can't get to the internet? Well we can see that your modem is functioning properly, must be a problem with your internal network... Verify that your IP/subnet/gw is configured properly. G'bye! Mom pop just want to be able to get on the internet to check their email and browse a bit. Their bandwidth would likely go down with the hundreds (thousands?) of port scanners that would be hammering their Windows ME box constantly. Why to they have to pay MORE and have to purchase extra equipment (router since they likely don't have one for their one pc) and learn about security when they don't have to, need to, or want to? Sent from my Verizon Wireless BlackBerry -Original Message- From: Ed p...@0x1b.com Date: Sun, 10 May 2009 17:13:12 To: Main PLUG discussion listplug-discuss@lists.plug.phoenix.az.us Subject: Re: Free Webhost Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010, and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. oh, and any physical network infrastructure may not be replaced unless it has the identical regulatory regime and third party accesses as the prior infrastructure, with the most liberal (open access) being propogated forward into any improved infrastructure - with all prior infrastructure (wire to fiber - this is you) grandfatherd retroactively. Public services must be under a ratchet when it comes to increasing access to the channels, there is no ethical reason to improve our infrastructure and lock in our citizens into a monopoly. this is simply incremental servitude and a public bad. a kickback at best, a fraud on the state at worst. *if you need to have ports blocked, pay a bit extra, it's a service - not the base condition. one of many that could be offered just sayin' this should not be a problem for Arizonans - and probably the only thing that might save Arizona from becoming the west's most backward state. or you can just be meat on the hoof for out of state interests. its plantation technology and bad. On Sat, May 9, 2009 at 2:18 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, only linux type people would try to hammer down a vague requirement (cox use) out of sheer ethical intent, when the rest of the world equates stipulations this non-specific as a license to steal! On Wed, May 6, 2009 at 9:06 PM, James Mcphee jmc...@gmail.com wrote: I don't remember them specifying hardware vs software servers. I think we're assuming software servers in this case. On Wed, May 6, 2009 at 8:45 AM, Stephen cryptwo...@gmail.com wrote: server desktop and workstation are simply a role definition of how a computer is used regardless of OS/Hardware. It is our need to specialize hardware fro the roles and those needs that makes it common for people think that the hardware is what defines a role. On Tue, May 5, 2009 at 5:25 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, server under Linux is vague (since a desktop is certainly as powerful), however the business use stipulations also are unreasonable, unenforceable, and the description certainly doesn't cover home business or remote access for work purposes, as well? Many people run Windows MSN Entertainment servers; by definition TIVO or MythTV is a server? --- Lisa Playing Devil's Advocate! On Mon, May 4, 2009 at 6:28 PM, Judd Pickell pick...@gmail.com wrote: Depending on how you construe Server, I think that most people would be in violation of this, considering the vast amount of software that runs a process continually that listens on specific ports and responds to requests.. Sincerely, Judd On Mon, May 4, 2009 at 4:42 PM, Lisa Kachold lisakach...@obnosis.com wrote: I believe we all have our interpretation of laws and rules in America; unless there are consequences? Actually, you agree with the Acceptable Use Policy that you will not run a server. It also addresses business use in a vague way (doesn't everyone use their home office for business)? Commercial Use. The Service
Re: Free Webhost
Never fear, we are on the precipice of Nationwide Wifi: http://www.fastcompany.com/news/2008/11/4-cheap-nationwide-wifi.html http://blogs.pcworld.com/staffblog/archives/007921.html Why mandate what is already available in competition? I.E. Any free company can now provide competition; they just need the media [co-ax cable, rj11] (like USWest). We already have your solution; it's called dial-up. Bandwidth and support costs are managed in these ways, at least for the most part. People like us are only perhaps 5% of the population. On Sun, May 10, 2009 at 5:55 PM, dorian.mon...@cox.net wrote: Nice thought, but really, I don't think this is even viable. I'm sure the hackers would be all for that though. Oh goody! Now 95% of the people using cox are unprotected from everything! And the isp's responsibility would be limited to their modem (cpe). Can't get to your email? Yeah, we only provide bandwidth now so you have to provide your own email, but you can set up your own server! Can't get to the internet? Well we can see that your modem is functioning properly, must be a problem with your internal network... Verify that your IP/subnet/gw is configured properly. G'bye! Mom pop just want to be able to get on the internet to check their email and browse a bit. Their bandwidth would likely go down with the hundreds (thousands?) of port scanners that would be hammering their Windows ME box constantly. Why to they have to pay MORE and have to purchase extra equipment (router since they likely don't have one for their one pc) and learn about security when they don't have to, need to, or want to? Sent from my Verizon Wireless BlackBerry -Original Message- From: Ed p...@0x1b.com Date: Sun, 10 May 2009 17:13:12 To: Main PLUG discussion listplug-discuss@lists.plug.phoenix.az.us Subject: Re: Free Webhost Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010, and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. oh, and any physical network infrastructure may not be replaced unless it has the identical regulatory regime and third party accesses as the prior infrastructure, with the most liberal (open access) being propogated forward into any improved infrastructure - with all prior infrastructure (wire to fiber - this is you) grandfatherd retroactively. Public services must be under a ratchet when it comes to increasing access to the channels, there is no ethical reason to improve our infrastructure and lock in our citizens into a monopoly. this is simply incremental servitude and a public bad. a kickback at best, a fraud on the state at worst. *if you need to have ports blocked, pay a bit extra, it's a service - not the base condition. one of many that could be offered just sayin' this should not be a problem for Arizonans - and probably the only thing that might save Arizona from becoming the west's most backward state. or you can just be meat on the hoof for out of state interests. its plantation technology and bad. On Sat, May 9, 2009 at 2:18 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, only linux type people would try to hammer down a vague requirement (cox use) out of sheer ethical intent, when the rest of the world equates stipulations this non-specific as a license to steal! On Wed, May 6, 2009 at 9:06 PM, James Mcphee jmc...@gmail.com wrote: I don't remember them specifying hardware vs software servers. I think we're assuming software servers in this case. On Wed, May 6, 2009 at 8:45 AM, Stephen cryptwo...@gmail.com wrote: server desktop and workstation are simply a role definition of how a computer is used regardless of OS/Hardware. It is our need to specialize hardware fro the roles and those needs that makes it common for people think that the hardware is what defines a role. On Tue, May 5, 2009 at 5:25 PM, Lisa Kachold lisakach...@obnosis.com wrote: Well, server under Linux is vague (since a desktop is certainly as powerful), however the business use stipulations also are unreasonable, unenforceable, and the description certainly doesn't cover home business or remote access for work purposes, as well? Many people run Windows MSN Entertainment servers; by definition TIVO or MythTV is a server? --- Lisa Playing Devil's Advocate! On Mon, May 4, 2009 at 6:28 PM, Judd Pickell pick...@gmail.com wrote:
Re: Free Webhost
On Sun, 2009-05-10 at 17:13 -0700, Ed wrote: Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010, and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. oh, and any physical network infrastructure may not be replaced unless it has the identical regulatory regime and third party accesses as the prior infrastructure, with the most liberal (open access) being propogated forward into any improved infrastructure - with all prior infrastructure (wire to fiber - this is you) grandfatherd retroactively. Public services must be under a ratchet when it comes to increasing access to the channels, there is no ethical reason to improve our infrastructure and lock in our citizens into a monopoly. this is simply incremental servitude and a public bad. a kickback at best, a fraud on the state at worst. *if you need to have ports blocked, pay a bit extra, it's a service - not the base condition. one of many that could be offered just sayin' this should not be a problem for Arizonans - and probably the only thing that might save Arizona from becoming the west's most backward state. or you can just be meat on the hoof for out of state interests. its plantation technology and bad. Ed, you raise an interesting issue but I'm not certain how useful/viable a citizens based referendum will be only because if history has shown us anything about the Arizona Legislature, they will simply overrule the citizens interests. I believe that one must consider the admonitions by Larry Lessig, especially on the issue of 'the last mile' (google it, he has several speeches out there including some that have been linked/discussed on the list before). Net Neutrality is very much a current issue and of course the moneyed interests are lobbying hard for their views but mostly at the federal level because this is likely where the legislation would ultimately come from. Clearly left unstated is the fact that probably like everywhere else, there really is little competition for Internet services for the consumer. In Arizona, we have Cox cable and US West and neither seem motivated to actually compete on pricing so our service rates never go down even though the infrastructure has long since been built and their cost of providing Internet services have gone way down. There was an interesting story in Wilson, North Carolina where the city couldn't interest any of the providers so they built their own... http://www.greenlightnc.com/about/faq/ Of course this has proven to be cheap, free to the local citizens so the telcos and cable providers in North Carolina have freaked out and gotten legislation currently under consideration in the state to prevent any other cities from doing the same thing as they claim it to be anti-competitive. Of course the same could be said for the public options for health care where the insurance companies and the drug companies would stand to lose several hundred billion dollars of profit each year. It would be nice if we actually educated the consumers about these very real options and how industry limits our choices, is not competitive and in general, will cause America to ultimately fall behind other countries in the technology race since we no longer have the best/fastest network backbone. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Your modest proposaal; was: Re: Free Webhost
On Sun, 10 May 2009, Ed wrote: Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010 , and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. Would you like a pony with that as well? Seriously, there is no such thing as a free lunch and passing a law to have the govenment entity, rather than the marketplace, add requirements on what may be offered, is a recipe for higher prices, and less features. IPv4 vs. IPv6 pricing are simply two different kettles of fish -- I've been wresting with ARIN BGP block pricing issues this week, for a new 'slice' product -- and while I would LIKE a pony, it's not gonna happen. I can probably give all my customers IPv6 at once -- but the infrastructure maturity, and application maturity, and tech abilities matureity for a pure IPv6 world are, as a practical matter, not there yet. Prove it to yourself - can you run your residential net entirely IPv6 with sendmail/exim/postfis, and bind/tinydns, and ssh, and your dhcp server dishing out only IPv6 content. As the problems are still there, there is a consumer desire for IPv4 for good reasons. I would LIKE to be able to dish out contiguous blocks, and to reassign customers here and there within an allocation, but the truth of the matter is that there is overhead default route, network and network broadcast over head which varies, depending on the number of IP's assigned. Solving allocations most efficiently is a 'knapsack packing' problem with the additional constraint that one has to co-ordinate changes with customers which may have nameserver details not easily changed. TANSTAAFL Having a monopoly provider out there adds yet another provider to compete against, and as a practical matter, they will either have subsidies of exonomies of scale that will eat alive a small niche provider such as I am affiliated with, into extincton. Then you'll have only that 'choice' to turn to. Wanna bet how FOSS friendly it will be? - Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss