Re: I need help with IPCop.

2009-08-04 Thread Eric Shubert 
Matthew A Coulliette wrote:
> Hi Lisa & Eric,
> 
> 
> Questions:
> Can you just assign an ip number to a computer?

Yes, for the most part. You also need to give it a subnet mask, so it 
knows what the network and broadcast addresses are. The network and 
broadcast addresses are the first and last address of the subnet.

> Or does something up
> stream of it, (a computer, router, dhcp server, whatever), have to be
> made aware of that computer's ip number.

Not necessarily, but usually a DNS server of some sort will need an 
entry for it so that other computers can 'find' it by name.

> Example, when I assign static ip's on the green zone, I always enter the
> ip on both IPCop and the workstation.

You shouldn't need to assign ip addresses on the hosts on the green 
subnet. Just specify those hosts as DHCP, and let IPCop divvy out the 
addresses. If you want to give a host on green subnet a fixed (static) 
addresses (like for a network printer or file server for instance), use 
the "Current fixed leases" section of IPCop's DHCP Server page.

To use IPCop as your local DNS server, specify IPCop's green IP address 
as the "Primary DNS Server" in the DHCP section of the same page. Then 
add entries in the "Edit Hosts" page for the host addresses you need to 
reference locally (from the green subnet).

> I setup the network interfaces for
> my data server (192.168.0.2) and it worked like a charm, however, I
> entered the static ip on both IPCop and the data server. Assuming, I
> enter an ip on the web server (192.168.2.2), on what machine upstream of
> the web server do I enter the ip?

Just enter it on the "Edit Hosts" page and you should be fine. I think 
your problem was that you weren't using DHCP, so the green hosts didn't 
know to look to IPCop for name resolution. You could also add IPCop's 
green address to the /etc/resolv.conf file of each green host, but that 
sorta defeats the purpose of using DHCP, which will handle this 
automagically for you.

> 
> 
> Eric Shubert wrote:
>>
>> Note, you can add your orange server(s) to the 'hosts' list with it's 
>> (orange subnet) address, so that computers on the green network can get 
>> it's address via dhcp/dns and access it via its private (orange subnet) 
>> address. Make sure that dhcp is configured to specify the ipcop itself 
>> as the dns resolver for your green subnet.
> Okay, this helps. But, isn't the 'hosts' list just to help the
> 192.168.0.1 dns name server?

Yes. For servers on the orange subnet, you'll either need to use an 
external DNS resolver (as Craig mentioned), or you can install a caching 
nameserver on your orange host itself. This is as it should be.

If you choose to use an external resolver, you can use the DNS resolver 
provided by your ISP, or you might check http://www.dnsserverlist.org/ 
for an alternative, or you might use http://opendns.com/. There are many 
choices available.

If you choose to simply run a resolving nameserver on your orange host 
itself, you can simply
# yum install caching-nameserver bind-chroot
(for RHEL/CentOS for example) on the orange host, then use 127.0.0.1 as 
your resolver address (in your /etc/resolv.conf file). It's a good idea 
to have one or two additional "nameserver" records in your resolv.conf 
file, just in case there's a problem with the primary (first) one.

Once you have a caching nameserver set up on an orange host, any 
additional servers on the orange subnet can use that resolver as well. 
You might need to tweak the config a little to allow other machines to 
query it though - I'm not sure how tight the default configuration is 
for caching-nameserver.

> 
> Here is what I did. Can you tell me why it did not work?
> 
> First, I added the web server's ip (192.168.2.2) to IPCop's 'hosts' list.
> 
> 
> Then on the Ubuntu Web Server:
> vi /etc/network/interfaces
> #The loopback network interface.
> auto lo
> iface lo inet loopback
> 
> #The primary network interface.
> auto eth0
> iface eth0 inet static
> address 192.168.2.2
> gateway 192.168.2.1
> netmask 255.255.255.0
> network 192.168.2.0
> broadcast 192.168.2.255
> 
> vi /etc/resolv.conf
> search 25century.org (same as green)
> nameserver 192.168.0.1 (green nic)
> (IPCop says not to use IPCop for the orange DNS. What name server should
> I use?)

Craig and I explained this. It does no good to reference the green 
subnet from a machine on the orange subnet, because you can't get to the 
green from orange (unless you define a pinhole, but that's generally not 
a good/secure practice).

> Any advice?

After making the changes I've described, test again. If it's still not 
working, you'll need to describe in more detail what you did to conclude 
that "it did not work". That's not very descriptive. ;)

Let us know how you make out.

-- 
-Eric 'shubes'

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists

Re: I need help with IPCop.

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 08:10 -0700, Eric Shubert wrote:
> Once you have a caching nameserver set up on an orange host, any 
> additional servers on the orange subnet can use that resolver as
> well. 
> You might need to tweak the config a little to allow other machines
> to 
> query it though - I'm not sure how tight the default configuration is 
> for caching-nameserver.

that is probably a bad security risk though if you are careful with
iptables rules, you can be specific about which hosts are allowed to
access port 53 (udp/tcp).

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: I need help with IPCop.

2009-08-04 Thread Eric Shubert 
Craig White wrote:
> On Tue, 2009-08-04 at 08:10 -0700, Eric Shubert wrote:
>> Once you have a caching nameserver set up on an orange host, any 
>> additional servers on the orange subnet can use that resolver as
>> well. 
>> You might need to tweak the config a little to allow other machines
>> to 
>> query it though - I'm not sure how tight the default configuration is 
>> for caching-nameserver.
> 
> that is probably a bad security risk though if you are careful with
> iptables rules, you can be specific about which hosts are allowed to
> access port 53 (udp/tcp).
> 
> Craig
> 
> 
I don't think the risk would be very high:
.) IPCop wouldn't allow access from outside of the orange subnet.
.) installing chroot-bind reduces the risk as well.

-- 
-Eric 'shubes'

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: I need help with IPCop.

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 09:26 -0700, Eric Shubert wrote:
> Craig White wrote:
> > On Tue, 2009-08-04 at 08:10 -0700, Eric Shubert wrote:
> >> Once you have a caching nameserver set up on an orange host, any 
> >> additional servers on the orange subnet can use that resolver as
> >> well. 
> >> You might need to tweak the config a little to allow other machines
> >> to 
> >> query it though - I'm not sure how tight the default configuration is 
> >> for caching-nameserver.
> > 
> > that is probably a bad security risk though if you are careful with
> > iptables rules, you can be specific about which hosts are allowed to
> > access port 53 (udp/tcp).
> > 
> > Craig
> > 
> > 
> I don't think the risk would be very high:
> .) IPCop wouldn't allow access from outside of the orange subnet.
> .) installing chroot-bind reduces the risk as well.

I could be wrong about this but my understanding of a DMZ is that it
would be mapped to a public IP address and nothing would be filtered at
all inbound from untrusted Internet and thus the services are exposed to
everyone, which is why DMZ is not allowed to access the 'green' network.
DMZ systems are just routed public addresses. You can probably add
filtering/firewalling on IPCop for DMZ hosts if you choose but I don't
know that. Bind servers have a history of being exploited and unless you
are willing to do the research in order to secure a public DNS service,
just don't do it.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Mysql updating dates in a table

2009-08-04 Thread Craig White 
I need to update almost all (but not quite all) records in a data table
because the dates were imported like '08/04/09' instead of '2009-08-04'

I am looking at the mysql reference manual but it doesn't appear that it
would be easy to script a line by line 'update' from a csv file.

Now I still have the csv files (and a copy with the dates fixed) and I
suppose I could 'find', 'delete' and then 'import' again but there are
relational records so mysql would probably prevent me from doing that
unless I suspend all relational checks when I delete those records prior
to reimporting them with the fixed dates.

What's the best way to accomplish this?

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Eric Cope 
how many tables?

On Tue, Aug 4, 2009 at 3:44 PM, Craig White  wrote:

> I need to update almost all (but not quite all) records in a data table
> because the dates were imported like '08/04/09' instead of '2009-08-04'
>
> I am looking at the mysql reference manual but it doesn't appear that it
> would be easy to script a line by line 'update' from a csv file.
>
> Now I still have the csv files (and a copy with the dates fixed) and I
> suppose I could 'find', 'delete' and then 'import' again but there are
> relational records so mysql would probably prevent me from doing that
> unless I suspend all relational checks when I delete those records prior
> to reimporting them with the fixed dates.
>
> What's the best way to accomplish this?
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
Eric Cope
http://cope-et-al.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Austin William Wright 
Craig White wrote:
> I need to update almost all (but not quite all) records in a data table
> because the dates were imported like '08/04/09' instead of '2009-08-04'
>
> I am looking at the mysql reference manual but it doesn't appear that it
> would be easy to script a line by line 'update' from a csv file.
>
> Now I still have the csv files (and a copy with the dates fixed) and I
> suppose I could 'find', 'delete' and then 'import' again but there are
> relational records so mysql would probably prevent me from doing that
> unless I suspend all relational checks when I delete those records prior
> to reimporting them with the fixed dates.
>
> What's the best way to accomplish this?
>
> Craig
If there are no records from before 2000, and they are MM/DD/YY, back up
the table first, then try:

UPDATE `tablename` SET
`columnname`=CONCAT("20",SUBSTRING_INDEX(SUBSTRING_INDEX(`columnname`,"/",-2),"/",-1),"-",SUBSTRING_INDEX(`columnname`,"/",1),"-",SUBSTRING_INDEX(SUBSTRING_INDEX(`columnname`,"/",-2),"/",1))

then

|ALTER TABLE |`tablename`| CHANGE |`columnname`| |`columnname`| DATE NOT
NULL |

Replace all instances of tablename and columnname with the targets, and
change DATE NOT NULL as necessary. That should work.

Austin Wright.
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Austin William Wright 
Austin William Wright wrote:
> [...]
> Replace all instances of tablename and columnname with the targets, and
> change DATE NOT NULL as necessary. That should work.
Whoops, Thunderbird formatted my fonts for me, ignore the pipes (wysiwyg
fail):
ALTER TABLE `tablename` CHANGE `columnname` `columnname` DATE NOT NULL

Austin Wright.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 15:46 -0700, Eric Cope wrote:
> how many tables?
> 
> On Tue, Aug 4, 2009 at 3:44 PM, Craig White 
> wrote:
> I need to update almost all (but not quite all) records in a
> data table
> because the dates were imported like '08/04/09' instead of
> '2009-08-04'
> 
> I am looking at the mysql reference manual but it doesn't
> appear that it
> would be easy to script a line by line 'update' from a csv
> file.
> 
> Now I still have the csv files (and a copy with the dates
> fixed) and I
> suppose I could 'find', 'delete' and then 'import' again but
> there are
> relational records so mysql would probably prevent me from
> doing that
> unless I suspend all relational checks when I delete those
> records prior
> to reimporting them with the fixed dates.
> 
> What's the best way to accomplish this?

one table (salesorders and at least one related table
(salesorderdetails) which as you might suspect is the line items table
for salesorders.

I need to keep the orders from 8/1/2009 through 8/4/2009 and fix the
rest but the rest have to be either deleted and imported again (probably
best) or simply updated from another file (which I have in CSV format
and the dates are fixed properly).

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 16:05 -0700, Austin William Wright wrote:
> Craig White wrote:
> > I need to update almost all (but not quite all) records in a data table
> > because the dates were imported like '08/04/09' instead of '2009-08-04'
> >
> > I am looking at the mysql reference manual but it doesn't appear that it
> > would be easy to script a line by line 'update' from a csv file.
> >
> > Now I still have the csv files (and a copy with the dates fixed) and I
> > suppose I could 'find', 'delete' and then 'import' again but there are
> > relational records so mysql would probably prevent me from doing that
> > unless I suspend all relational checks when I delete those records prior
> > to reimporting them with the fixed dates.
> >
> > What's the best way to accomplish this?
> >
> > Craig
> If there are no records from before 2000, and they are MM/DD/YY, back up
> the table first, then try:
> 
> UPDATE `tablename` SET
> `columnname`=CONCAT("20",SUBSTRING_INDEX(SUBSTRING_INDEX(`columnname`,"/",-2),"/",-1),"-",SUBSTRING_INDEX(`columnname`,"/",1),"-",SUBSTRING_INDEX(SUBSTRING_INDEX(`columnname`,"/",-2),"/",1))
> 
> then
> 
> |ALTER TABLE |`tablename`| CHANGE |`columnname`| |`columnname`| DATE NOT
> NULL |
> 
> Replace all instances of tablename and columnname with the targets, and
> change DATE NOT NULL as necessary. That should work.

thanks but I have the dates fixed in the CSV file.

Your command doesn't list a file name to read so I can't see how that
could work at all.

The dates looked right in the CSV file "2009-08-04" for example but OOo
actually saved that sample as 08/04/2009 so when imported, the month,
date and year were all wrong. So I've got a repaired CSV file with the
dates saved in the correct form.

So I either have to run an command that updates the records from a file
matching the primary key with the first column in the CSV file and then
replacing specific date fields with specific columns or just delete the
records and re-import, which seems easiest if I can delete records while
related indexes are ignored.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread JD Austin 
http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html*
You can use Str_to_date to convert it to a date.
*Date*/*timestamp data should be* *one of the date types (Datetime, date,
timestamp).
I'd do it like this (all sql and won't lose data):

   1. Add a column to the table that is date/datetime/timestamp (in your
   case date looks right)
   2. update the new column using the str_to_date function
   3. Check for rows that have nulls in that column - fix them
   4. set the existing column value to NULL
   5. change the column to a date using alter table.
   6. update the column to be whatever you called the new column you added.
   7. Drop the new column that you added.
   8. add not null constraint to your original date column

--
JD Austin
Twin Geckos Technology Services LLC
j...@twingeckos.com
480.288.8195x201
http://www.twingeckos.com


Pablo Picasso
- "Computers are useless. They can only give you answers."

On Tue, Aug 4, 2009 at 3:44 PM, Craig White  wrote:

> I need to update almost all (but not quite all) records in a data table
> because the dates were imported like '08/04/09' instead of '2009-08-04'
>
> I am looking at the mysql reference manual but it doesn't appear that it
> would be easy to script a line by line 'update' from a csv file.
>
> Now I still have the csv files (and a copy with the dates fixed) and I
> suppose I could 'find', 'delete' and then 'import' again but there are
> relational records so mysql would probably prevent me from doing that
> unless I suspend all relational checks when I delete those records prior
> to reimporting them with the fixed dates.
>
> What's the best way to accomplish this?
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 16:21 -0700, JD Austin wrote:
> http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html
> You can use Str_to_date to convert it to a date.
> Date/timestamp data should be one of the date types (Datetime, date,
> timestamp).
> I'd do it like this (all sql and won't lose data):
>  1. Add a column to the table that is date/datetime/timestamp (in
> your case date looks right)
>  2. update the new column using the str_to_date function
>  3. Check for rows that have nulls in that column - fix them
>  4. set the existing column value to NULL
>  5. change the column to a date using alter table.
>  6. update the column to be whatever you called the new column you
> added.
>  7. Drop the new column that you added.
>  8. add not null constraint to your original date column

Yes, I am on dev.mysql.com... (v5.0 is correct too)

OK, well they imported as dates...just wrong dates, completely wrong
dates.

I have done 'set' the contents of one field from another field before I
think...that was easy.

So how would I import records with the same primary key and just add a
new date field to the existing records with matching primary key?

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread JD Austin 
If the current column was a date type there had to be a ton of failures!
If you have unique values in the data you can just craft update statements
from the csv file. Use excel/OO Calc, perl, etc to parse apart the original
file to create update table statements that you can pipe back to mysql after
you test a few.

--
JD Austin
Twin Geckos Technology Services LLC
j...@twingeckos.com
480.288.8195x201
http://www.twingeckos.com


Jonathan Swift
- "May you live every day of your life."

On Tue, Aug 4, 2009 at 4:26 PM, Craig White  wrote:

> On Tue, 2009-08-04 at 16:21 -0700, JD Austin wrote:
> > http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html
> > You can use Str_to_date to convert it to a date.
> > Date/timestamp data should be one of the date types (Datetime, date,
> > timestamp).
> > I'd do it like this (all sql and won't lose data):
> >  1. Add a column to the table that is date/datetime/timestamp (in
> > your case date looks right)
> >  2. update the new column using the str_to_date function
> >  3. Check for rows that have nulls in that column - fix them
> >  4. set the existing column value to NULL
> >  5. change the column to a date using alter table.
> >  6. update the column to be whatever you called the new column you
> > added.
> >  7. Drop the new column that you added.
> >  8. add not null constraint to your original date column
> 
> Yes, I am on dev.mysql.com... (v5.0 is correct too)
>
> OK, well they imported as dates...just wrong dates, completely wrong
> dates.
>
> I have done 'set' the contents of one field from another field before I
> think...that was easy.
>
> So how would I import records with the same primary key and just add a
> new date field to the existing records with matching primary key?
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

OT: Elance and Outsourcing Room

2009-08-04 Thread Eric Cope 
I recently received an email saying I had finished registering at
outsourceroom.com (I have never heard of them). My username, name, email all
matched my typical business identification. I googled them and found a
report on ripoff report saying they scraped data from Elance.com. This
certainly aligns with my story. Anyone else have this issue?

-- 
Eric Cope
http://cope-et-al.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Mysql updating dates in a table

2009-08-04 Thread Craig White 
On Tue, 2009-08-04 at 16:41 -0700, JD Austin wrote:
> If the current column was a date type there had to be a ton of
> failures!
> If you have unique values in the data you can just craft update
> statements from the csv file. Use excel/OO Calc, perl, etc to parse
> apart the original file to create update table statements that you can
> pipe back to mysql after you test a few.

OK, well, just to be clear...

the orderdate column is indeed a date and for example, an imported
column like '10/12/06' imported as 2010-12-06 instead of 2006-12-06 and
apparently any of the dates it couldn't make sense of were given the
'default' value of '-00-00' so there weren't any failures at all.

I think I see what you mean now about using OOo to craft update
statements...

AC2 ="UPDATE salesorders SET orderdate = '"&$N$2&"' WHERE orderno \
= '"&$A$2&;'"
AC3 ="UPDATE salesorders SET orderdate = "'&$N$2&'" WHERE orderno \
= '"&$A$2&;'"

and then just paste special (text only) into a word processor and save
it so I just run,

mysql my_database < mysql-update.sql

I think that's got to be close...

thanks

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: I need help with IPCop.

2009-08-04 Thread Eric Shubert 
Craig White wrote:
> On Tue, 2009-08-04 at 09:26 -0700, Eric Shubert wrote:
>> Craig White wrote:
>>> On Tue, 2009-08-04 at 08:10 -0700, Eric Shubert wrote:
 Once you have a caching nameserver set up on an orange host, any 
 additional servers on the orange subnet can use that resolver as
 well. 
 You might need to tweak the config a little to allow other machines
 to 
 query it though - I'm not sure how tight the default configuration is 
 for caching-nameserver.
>>> 
>>> that is probably a bad security risk though if you are careful with
>>> iptables rules, you can be specific about which hosts are allowed to
>>> access port 53 (udp/tcp).
>>>
>>> Craig
>>>
>>>
>> I don't think the risk would be very high:
>> .) IPCop wouldn't allow access from outside of the orange subnet.
>> .) installing chroot-bind reduces the risk as well.
> 
> I could be wrong about this but my understanding of a DMZ is that it
> would be mapped to a public IP address and nothing would be filtered at
> all inbound from untrusted Internet and thus the services are exposed to
> everyone, which is why DMZ is not allowed to access the 'green' network.
> DMZ systems are just routed public addresses. You can probably add
> filtering/firewalling on IPCop for DMZ hosts if you choose but I don't
> know that. Bind servers have a history of being exploited and unless you
> are willing to do the research in order to secure a public DNS service,
> just don't do it.
> 
> Craig
> 
> 

Yeah, I agree. Putting a DNS resolver on an IPCop orange subnet isn't 
really a public DNS service though.

I don't believe that IPCop's orange subnet is a DMZ according to your 
understanding. With IPCop, the orange subnet (sometimes referred to as a 
DMZ but I'm not sure that's entirely accurate given your understanding) 
is a private subnet all its own. Traffic is NAT'd from red (public) to 
orange, so the hosts there aren't exposed as much as if they had public 
addresses. All traffic to orange hosts from the public side needs to be 
routed specifically with port forwarding.

At least that's how I've been setting it up. I could be wrong as well 
(it's been known to happen). ;)

-- 
-Eric 'shubes'

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Sonoran Penguin

2009-08-04 Thread Lisa Kachold 
I can't remember who made it!  I think it was one of younger guys!

I don't have all that email thread from 2 years ago!

On 8/3/09, Dazed_75  wrote:
> On Fri, Jul 31, 2009 at 7:33 PM, Lisa Kachold
> wrote:
>
>> Just like it says!
>>
>> --
>>
>> (623)239-3392
>> (503)754-4452 www.obnosis.com
>>
>
> I love it as well.  The silhouette effect is so different from the usual
> penguin stuff that it really stands out.
>
> Lisa, if you made this, I wonder if you tried making the penguin more in the
> foreground with something so he could be a bit bigger in the picture
> compared to the saguaro without it just looking like an abnormally large
> penguin?
>
> --
> Dazed_75 a.k.a. Larry
>
> The spirit of resistance to government is so valuable on certain occasions,
> that I wish it always to be kept alive.
>  - Thomas Jefferson
>


-- 
http://linuxgazette.net/165/kachold.html
(623)239-3392
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Sonoran Penguin

2009-08-04 Thread Joshua Zeidner 
  I made it with GIMP.  How come no one liked it when I posted it
I need to fire my PR manager.

  come to think of it, it does look better when Lisa posted it. :)

  -jmz

On Tue, Aug 4, 2009 at 6:35 PM, Lisa Kachold wrote:
> I can't remember who made it!  I think it was one of younger guys!
>
> I don't have all that email thread from 2 years ago!
>
> On 8/3/09, Dazed_75  wrote:
>> On Fri, Jul 31, 2009 at 7:33 PM, Lisa Kachold
>> wrote:
>>
>>> Just like it says!
>>>
>>> --
>>>
>>> (623)239-3392
>>> (503)754-4452 www.obnosis.com
>>>
>>
>> I love it as well.  The silhouette effect is so different from the usual
>> penguin stuff that it really stands out.
>>
>> Lisa, if you made this, I wonder if you tried making the penguin more in the
>> foreground with something so he could be a bit bigger in the picture
>> compared to the saguaro without it just looking like an abnormally large
>> penguin?
>>
>> --
>> Dazed_75 a.k.a. Larry
>>
>> The spirit of resistance to government is so valuable on certain occasions,
>> that I wish it always to be kept alive.
>>  - Thomas Jefferson
>>
>
>
> --
> http://linuxgazette.net/165/kachold.html
> (623)239-3392
> (503)754-4452 www.obnosis.com
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Sonoran Penguin

2009-08-04 Thread R P Herrold 
On Tue, 4 Aug 2009, Joshua Zeidner wrote:

>  I made it with GIMP.  How come no one liked it when I posted it
>  I need to fire my PR manager.

I read email with [al]pine in a monochrome terminal, fast and 
low, and tossing read pieces out.  If it was in an early 
email, I missed it.  I cannot say that I saw repetition of a 
URL where I might view it, although the compliments seem to 
indicate its worth.

-- Russ herrold
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Sonoran Penguin

2009-08-04 Thread Joshua Zeidner 
  If everyone likes this, I can offer to write a Drupal template for
the PLUG site using this concept.

  -jmz


On Tue, Aug 4, 2009 at 8:03 PM, R P Herrold wrote:
> On Tue, 4 Aug 2009, Joshua Zeidner wrote:
>
>>  I made it with GIMP.  How come no one liked it when I posted it
>>  I need to fire my PR manager.
>
> I read email with [al]pine in a monochrome terminal, fast and
> low, and tossing read pieces out.  If it was in an early
> email, I missed it.  I cannot say that I saw repetition of a
> URL where I might view it, although the compliments seem to
> indicate its worth.
>
> -- Russ herrold
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss