Re: Linux in China?
On Thu, 15 Nov 2012, Ted Gould wrote: The MS representatives believe that the reason Ubuntu is big in China is because people are buying machines to pirate Windows. Unfortunately it's hard to prove that isn't the case (which is one of the reasons they argue it). So, in general, it's hard to say how big in this case, but There is nothing 'unfortunate' about it at all -- The MSFT representatives are parrotting a party line, and trying to frame a debate about intellectual property rights which China agreed to enforce as part of joining WIPO. Open Source does not have a dog in that fight Open Source does not control the actions of its purchasers or users, nor have an obligation to facilitate control schemes that others might want adopted. Just the opposite -- see Stallman's Four Freedoms essays over time -- By and large, it seeks to provide software freedom of many forms I don't recall Microsoft _asking_ the FSF about the new UEFI bootloaders which vastly complicate the rights of owners of hardware wanting to use Open Source before functionally mandating it to the large manufacturers. They just rammed it through with market power -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Chase access w/ linux
On Mon, 22 Oct 2012, Robert Holtzman wrote: Anyone in the group have an account with Chase? If so, are you having any problems logging in while running Linux? They've moved the password box since the last time I logged in (previously it was stacked, now it is side by side) but no problems at all CentOS 6, current updates, firefox -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
website hosting
On Sun, 22 Jan 2012, Michael Havens wrote: Well, I'm going to to register my first domain and get hosting with godaddy (unless you know of something better). Anyways, I don't know which hosting plan to go with, web hosting economy or 5-page website builder. It rather depends on WHY you feel the need for a domain, and one assumes (b/c of the mention of hosting, and the subject line) website blog sites are free with a google account at blogspot.com. email handling in a custom domain is free for up to ten users with google apps (down a rather had to find link). mimimal websites are free thru google sites, as well. domain registrations are $10 a year at google apps [they hand off the registration to emon or go-daddy, which is a hard price to get under for a low volume domain registrant But all this is self support and has no learning opportunity; if you want to have a live person at the other end of the phone to ask questions of, you may want more Not enough info to really frame a good answer -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Scientific Linux
On Thu, 12 Jan 2012, Ben Browning wrote: Its primary purpose is to reduce duplicated effort of the labs, and to have a common install base for the various experimenters. EG not a prod OS, in my opinion. ehh? It and CentOS are almost indistinguishable to a sysadmin who i not a distribution builder; the remaining principal of the distribution is: Connie Sieh, who is a friend. the other long time member recently went to work at Red Hat -- Russ herrold herrold centos org --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Scientific Linux
On Thu, 12 Jan 2012, Ben Browning wrote: On Thu, Jan 12, 2012 at 3:34 PM, R P Herrold herr...@owlriver.com wrote: It and CentOS are almost indistinguishable to a sysadmin who i not a distribution builder; the remaining principal of the distribution is: Connie Sieh, who is a friend. the other long time member recently went to work at Red Hat My understanding is that it's a limited release cycle to aid in stability from a development point of view. Nope ... tracks along with RHEL, just like CentOS, PU-IAS, and others If the patch cycle is as quick as Cent/RHEL, it may be prod-ready. net patch cycles have historically track out substantially identically; CentOS just completed a re-engineering cycle with the 6 major release which, with any luck, will shorten the release turn But saying It's indistinguishable from CentOS just makes me think Why not just use CentOS then? If it lacks any compelling, distinguishing feature , I don't know why I wouldn't use the ubiquitous, widely supported option. Under that argument, simply pay for RHEL [1]. Diversity is good -- Russ herrold [1] http://orcorc.blogspot.com/2009/03/i-saw-mommy-kissing-santa.html and http://orcorc.blogspot.com/2009/03/nine-pregnant-gals-in-queue.html --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
determining 'arch' -- was: blank
On Fri, 25 Nov 2011, Michael Havens wrote: how do I tell if I have a 32 bit system or a 64 bit? Functional test: test booting with a live CD of each type --- a 32 bit only capable processor will 'choke' on the 64 bit CD -- the 64 will handle either. SO .. a 32 bit CD will boot on either type of hardware 'Read the label' test Once the unit is up with a 32 bit CD, inspect the processor strings and verify at the vendor's cat /proc/cpuinfo If it is a unit with a vendor provided 'build sheet' it may call out the specific processor and stepping, but be wary here --- some hardware manufacturer's disable capabilities the processor has ... Laptops particularly may have a virtualizaion capable processor, but such is disabled often -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: SSH Tutorial?
On Tue, 22 Nov 2011, der.hans wrote: Does anyone on the list know of a good tutorial on SSH Tunneling? I am interested in learning how to create a tunnel to a POP3 port? ssh -L 1110:localhost:110 your.mail.server.com The fetchmail man page discusses such, and fetchmail will do it for you. I did this for many years when I pulled mail locally for reading -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: , Maybe you missed it....
On Sun, 20 Nov 2011, Michael Havens wrote: lshw was not to be found. I even tried 'find lshw.txt /' clearly not valid find syntax ... find / -name lshw.txt would be one proper one -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: I've got a VPS, now what M's should I RTF?
== .-- -... ---.. ... -.- -.-- Copyright (C) 2011 R P Herrold herr...@owlriver.com My words are not deathless prose, but they are mine. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
I've got a VPS, now what M's should I RTF?
On Sun, 7 Aug 2011, Steven wrote: As I do consider RTFM do be a decent answer, does anyone have some preferred, How not to be an idiot with your new VPS, guides? harden it, take backups so you can get back online with a baseline image http://www.pmman.com/usage/hardening/ -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
PXE Menu Screenshots
On Thu, 4 Aug 2011, lthiels...@gmail.com wrote: Does anyone know how to do screenshots of PXE menus? The only things I can imagine are - running something like a menu.c32 emulator on the PXE server, or - faking a PXE boot from a running OS pretending to be a PXE client. I've not yet found anything to do it short of a camera. Any ideas? It is pretty easy to do a domU inside a dom0, under Xen,, where there is an option to show a VNC console of the unit being installed to an arbitrary viewer of the VNC data Once can then screenshot (or even record a flash movie) to taste, and get 'to the pixel' clarity -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
adding an rpm to a kickstart repo
On Mon, 11 Jul 2011, Steven A. DuChene wrote: I have copied the various files off of a Redhat dvd to a kickstart server and created a working ks.cfg file. I am able to kickstart servers with the default install files that were on the original DVD media. However I want to be able to update some of the rpms with newer ones like a newer kernel. I also need to add one or two custom rpms of my own. I tried just copying my small add-on rpm into the Packages directory and then adding that rpm name into my ks.cfg file but I got an error during the resulting kickstart operation that the rpm was not available. I am pretty sure I need to update the repo files that tell the system what rpms are available. I installed the createrepo rpm along with some other dependencies required but I have not been able to find any definite directions on how to accomplish this. Has anyone here ever done something like this and can provide some direction on how to proceed from this point or point me towards some definite documentation on the process? The usual approach is to set up a separate local archive, and to run 'createrepo' to build the files 'yum' needs, and to handle it in %post but it is perfectly possible to dump new (later NEVR) packages into a local image of an archive and to run 'createrepo' on that directory --- RPM and anaconda, and in recent RHEL, yum will pick up the change That said, there is (or at least was, I have not verified this is still present for a while -- doco indicates it is still there, but anaconda doco is notoriously bad) the ability to add a './RHupdates/' directory to hold such a package repository that anaconda will 'automatically find' http://fedoraproject.org/wiki/Anaconda/Updates all that said, it is easier usually in the ks.cfg %post stanza, to: a) use a 'HERE' document to drop the local repostitory specification into /etc/yum.repos.d/ and then b) run yum -y --enablerepo=(localrepo) update yum clean all -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: CentOS 6 almost ready!
On Mon, 11 Jul 2011, Dennis Kibbe wrote: On Sun, 2011-07-10 at 12:00 -0400, R P Herrold wrote: There are are no publicly known SSL issues in the openssl maintained by CentOS Please state the CVE, or if a private zero day, Lisa, please One thing that people might not realize is that Red Hat back ports security fixes so you can't just look at the version number and assume that if it's not the latest it's flawed. That is not unique to Red Hat derived matter. It is true with anything relying on external banners, whether from an external package name, or from a greeting banner advertised, only publishes what its author wants to say ... We formerly offered shell accounts at an ISP I adminned, and we consciously editted /etc/issue to advertise that the host was a plain old i386 architecture, when in point of fact it was on an Alpha People regularly carried in exploits for that particular version of Red Hat Linux, or RPMs for the i386 architecture, and sought to install or unpack and run them ... it did not work of course, and it permitted us to identify people who needed closer attention by looking for the core files left behind In a similar fashion, for colocated hosting, a client will occasionally send along the results from a naiive vulnerability scanner service, that is merely reading such banners. In speaking with the people selling such snake oil, they are at least honest enough to admit that they don't have working exploits, but are rather just a banner scanning service, building a list from reading various mailing lists First we check if the report is accurate; as they almost never are [when they are, they imply that some updates were needed], we therefore change the banners displayed, and silence the report --- one received a few weeks ago asserted a vulnerability in our Linux IIS webserver ... how else to fix it? ;) In the case of Lisa's asserted exploit against the current CentOS openssl, one might trivially see what CVE are addressed, and which are not thus: rpm -q --changelog openssl | grep CVE which yields for this CentOS 5 box: [herrold@bronson ~]$ rpm -q --changelog openssl | grep CVE - fix CVE-2010-4180 - completely disable code for - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) - fix CVE-2009-3555 - support the safe renegotiation extension and - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which - mention the RFC5746 in the CVE-2009-3555 doc - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data() - fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems) - fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 - fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304) - fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671) - fix CVE-2007-3108 - side channel attack on private keys (#250581) - fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309881) - fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321221) - CVE-2006-2940 fix was incorrect (#208744) - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) - fix CVE-2006-2940 - parasitic public keys DoS (#207274) - fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940) - fix CVE-2006-4343 - sslv2 client DoS (#206940) - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180) [herrold@bronson ~]$ = Lisa? Still waiting on a reply to: Please state the CVE, or if a private zero day, Lisa, please state the vector so I may set up a unit running the allegedly vulnerable service or services [ie over http, smtp. pop, whatever] for you to demonstrate this assertion -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: CentOS 6 almost ready!
On Sun, 10 Jul 2011, Lisa Kachold wrote: Thanks - I am especially interested in see the SSL updated. Currently the stable SSL available from the repo for CentOs 5 is exploitable. There are are no publicly known SSL issues in the openssl maintained by CentOS Please state the CVE, or if a private zero day, Lisa, please state the vector so I may set up a unit running the allegedly vulnerable service or services [ie over http, smtp. pop, whatever] for you to demonstrate this assertion -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: CentOS 6 almost ready!
On Sat, 9 Jul 2011, Dan Lund wrote: Just in time for Red Hat 7 to come ;) The RHEL following 6 (unnamed, presently) is slated for Q4 2012 presently [1] at page 5 being a recent publicly released document by Red Hat -- Russ herrold [1] http://www.pmman.com/doc/Red_Hat_IBM_s390_ISV_call_May-2011.pdf --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ZoneMinder Video - Configuration
On Wed, 15 Jun 2011, Jim March wrote: Zoneminder...umm... IT'S A TRAP! Seriously, it's the most hideously evil critter around. It's basically the worst form of open source project. MASSIVE dependencies. Not just Video4Linux, but Apache, MySQL and more. Hell, for best efficiency you need to set the disk up as ReiserFS due to the bazillion tiny files it creates. so harsh ... I packed up all the dependencies for doing the install under CentOS 5 is less than 2 hours. No big deal It DOES splat all over SELinux, but as most Zoneminder installations (such as the initial inquirant's usecase) are dedicated to function without end user accounts having login's (I cannot believe I am saying this), it is probably OK to disable SElinux in this particular case Writing the SELinux rules takes less than a couple of hours running the darn thing (I did it), but ... I'll agree that THAT is a bear, due to the overly formal approach that SELinux doco takes [or perhaps, as there is not enough 'real world, 'Joe Admin' entries out there for Google to find ;) ] I tried to add to the ZM and SELinux pile with: http://orcorc.blogspot.com/2011/05/what-not-to-buy-dynex-13mp-webcam.html which blog post enumerates the dependency chain in install order ... I dunno that I ever 'pushed' the soluton out to FTP space, but I could ... -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
basic LAMP security 101
On Fri, 15 Apr 2011, Stephen wrote: on security i can read, there is quite a bit out there, but its a muddy mess to know who is talking out their collective backside and who actually is giving you something useful. I do know we have some very good security geeks here and hope to borrow (beg) some pearls of wisdom. Take and test periodic backups Run your updates Only run network listening services that you intend to; remove un-used packages, disable unused accounts, disable shell access where not appropriate (email only type clients) As possible add wrappers, and iptables to restrict unwanted probes (does a netblock from Bulgaria REALLY need to connect to your box?) Read your log files, and if repeated probes, dictionary attacks are occurring, consider rate limiting such (see fail2ban, and the like) http://www.pmman.com/usage/hardening/ -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Configuring repositories for Yum on RHEL 6
On Wed, 15 Dec 2010, keith smith wrote: I've been trying to find a list of official RHEL yum repository and all I find are beta repositories. Do I want to use yum or RPM? Either can do remote archive retrievals -- but Red Hat does not release the post-Beta binaries of its enterprise product to the general internet, choosing to provide access only through their RHN (Red Hat Network) which uses strong authentication methods keyed to each individually licensed install CentOS 6 will be along, soon enough ; Scientific Linux has a candidate out there as well -- Russ herrold herrold at centos dot org --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: How do I free swap
On Thu, 4 Nov 2010, Bryan O'Neal wrote: Setting swapiness is how I can deal with a recurrence but it will not flush current swap. And I can not shut down any process to perform swap off. :( then you have not yet adequately provided for failover -- If a process 'can not be shut down', it has not business being on only one server without a failover capacity Solve the failover problem, and you both increase reliability of the service, and make possible regular administration -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: [OT] android phone, possible to get a good deal?
On Sat, 18 Sep 2010, Jim March wrote: http://www.newegg.com/Product/Product.aspx?Item=N82E16875176145 To get Android 2.1 you have to spend almost $500: http://www.newegg.com/Product/Product.aspx?Item=N82E16875176195 Wait just a bit and that should be upgradeable to 2.2? Not being sold at at New Egg, but I see Archos 7 and 10 internet tablets, for about $300, running Android 2.2 out of the gate, and seemingly well supported as to following new releases at Angstrom I have devices at older Android levels (it is not clear they have the processor 'horsepower' and ram to support later Android levels, which I imported directly from China) being a couple of essentially unsupported, no-name development chassis. I will be seeing about building trimmed down versions, and loading later Android versions over the mext couple weeks, via the Angstrom builder -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
URGENT question on Qwest WiFi routers...
On Thu, 26 Aug 2010, Jim March wrote: I need to know if anybody has encountered a WiFi router that automatically creates an SSID consisting of myqwest followed with no spaces by four numbers - seems to be standard base 10 vs. hex or whatever. I need to I have encountered such, but not specifically in the 'myqwest' vendor namespace; Many '2-wire' routers chose to set a SSID, based on a hash of the MAC address plus a 'salt', and perhaps an initial setup 'password' based on the UUID (serial number) of the unit A hash is used to prevent a predictable sequence attack inot a search space bigger than afforded by say WEP; I have not looked as to the later wireless WPA / WPA2 -- as I recall there was a design flaw in WPA necessitating the '2' variant This is, I believe, a common and reasonable approach to permit a customer to have limited config rights, and if it becomes necessary to reconfig from scratch, to push a 'restore to factory' recessed button with a paperclip, and clean up a mess -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT (slightly): SSL Requirement
On Mon, 16 Aug 2010, Shawn Badger wrote: Also, some SSL providers allow for wild card certs as well, *.domain.com, that may also work for you, but they are expensive from what I heard. less that $200 per year from almost any 'in the chain' CA -- dunno if that is considered high or low. If you NEED a lot of secured content traversal, it would seen that one can amortize that pretty quickly. If you simply want to hand out certs to lots of friends boxes, all mashed into a communal domain, perhaps not -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
OT (slightly): SSL Requirement
On Fri, 13 Aug 2010, Eric Shubert wrote: I don't necessarily believe everything I see, and would like to check on something I read. Is the following statement true or false? SSL requires a distinct outbound IP for every distinct certificate (different domain name). Clearly technically not true, but not in the way you probably expect -- One can have a SSL certificate for the purposes of securing web content, and a separate one for the purpose of securing email transfer -- check the headers of this piece, whch use a StartSSL [highly recommended] certificate for opportunistic SSL layer transport of content If you had added the qualifier 'for a given protocol (TCP) and port (443) pair', it would be true in the usual case, absent heroic and non-customary approaches My understanding is that multiple hosts with distinct certificates could coexist behind a NAT'd firewall on a single public address and still provide SSL connections via the public address. Would someone who's more knowledgeable than I about this care to shed some light on the subject? I assume web connection here. I put to one side a 'wildcard' certificate where several boxes all offer a connection secured by a single credential. TLS/SSL protected email to multiple clients using differing certificates, as the negotitaion occurs 'late enough' that one could 'hand off' a connection, perhaps, to a second unit inside a load balancer, to complete the SSL/TLS connection setup. The flaw with a webbish (port 443) delivery in your setup is based on when in the request the secured connection is set up The negotiation and establishment of the SSL tunnel occurs BEFORE any hostname part (indeed, any part) of the URL is transmitted. How would the NAT device know which credential to offer? How can the remote end verify that an offered certificate is not on a recovation list at the CA? If a connection were established to point A on the outside, with a 301, 302 type redirector to a 'new' URL 'inside' it might be doable as a new secured connection setup can occur, and if there is low volume and a unique client IP at the far end, but this cannot be counted upon ... I see a suggestion tht a Level 3 router can sniff the request and do internal direction. I am aware of no such mechanism to do this only up to L3 of the stack in a web session. The needed session credentials are not yet knowable at the time of the negotiation ond DH key exchange of the session encryption key. Once that session is set up, there is not a mechanism for a 'handoff' of a running session, for that is the essence of a Man in the Middle attack -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Kaseya Agents You
On Thu, 12 Aug 2010, Lisa Kachold wrote: It can be used for malicious reasons. so can almost any tool As you later note: It is not cheap. Free applications and online tools exist to do the samething. drop in a VNC server, pre-key it, and hide it from the process table listing, and one is home in a Windows environment; munge a kernel module, and one can attain the same effect in Linux. Apple has similar in OS/X ... back to the lead post ... It is currently being used by NSA and government surveillance of citizens of interest, or it can be used for technical support purposes. A strong assertion. A search turns up just another vendor, in the marketing hunt trying to sell to the Homeland Security 'garrison state' http://www.kaseya.com/ with a FIPS-140-2 certification. They are co-marketing with Microsoft http://www.microsoft.com/sbs/en/us/software-solutions.aspx and they seem to advert having sold to the U S Air Force Conspicuously absent from a google search is non 'tinfoil hat' evidence beyond supposition and capabilities, and actually showing improper use by a federal agency Please, prove me wrong with URLs I missed -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Kaseya Agents You
On Thu, 12 Aug 2010, Lisa Kachold wrote: OPPS, I seem to have started a political conversation! no, you made some assertions as to technical matter [with seemingly a Linux client hook], and I asked for some URLs to demonstrate the basis for your belief. A third party wanted to be a lawyer on a mailing list with some hearsay as well, but that is out of scope here My question echoes that of Joe Friday: All we want are the facts, ma'am I can perform my own analysis and argue almost any side of an opinion given facts I can rely upon --- On *Thu, 8/12/10, R P Herrold herr...@owlriver.com* wrote: Lisa, for context: It is currently being used by NSA and government surveillance of citizens of interest, or it can be used for technical support purposes. herrold: A strong assertion. ... snip ... Conspicuously absent from a google search is non 'tinfoil hat' evidence beyond supposition and capabilities, and actually showing improper use by a federal agency Please, prove me wrong with URLs I missed -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Kaseya Agents You
On Thu, 12 Aug 2010, Lisa Kachold wrote: http://www.fas.org/irp/offdocs/eo/eo-13224.htm http://www.whitehouse.gov/the_press_office/FreedomofInformationAct/ http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy My question echoes that of Joe Friday: All we want are the facts, ma'am conspicuously absent from any of those links is any mention of Kaseya FISA warrants may be disliked but have been judicially upheld [footnote 89 in the wiki article]. As that article notes one may structure one's affairs to address the possibilities they afford the US federal government [how being out of scope here] -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Kaseya Agents You
On Thu, 12 Aug 2010, Lisa Kachold wrote: conspicuously absent from any of those links is any mention of Kaseya There are too many links to reference. This is common security knowledge. as they are so profuse, let's agree to just look at the best two you know of. Standing by -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
ChaosVPN Agoralink warzone CTF
On Wed, 11 Aug 2010, Lisa Kachold wrote: This is a development network with specified CTF areas and warzones. CTF as in 'Capture The Flag' by rooting another's instance? Why would one want to encourage a person dedicated to taking over a boxes access to bandwidth one is accountable for, let alone machines? I confess I don't 'get it', other than on a testing bench setup in a physically isolated network. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: The inevitable eventual cost of computers.
On Tue, 27 Jul 2010, Stephen Partington wrote: For me MS is going to be part of the world for a long time, even if the company self destructs next year. And a Large portion of software will work only on MS, if I want to use any of this software I will have a compatible platform. I am truly interested. Putting to one side use cases of recreational computing [dedicated game platforms, whether Wii, X-Box, etc have protocol format blockers as well as as other 'proprietary' stickiness to try to lock a person to a given platform, and frankly, better 'pedal to the metal' performance], and putting aside applications which need to manipulate a intentionally properietary data API (DRM'd, patent wall, or public key protected content), what applications are you using that 'require' a non FOSS platorm? Stated differently: What do you need to do to earn a living, that FOSS cannot do? I would love to have the core API's used open sourced and see wine get the funding to work with it. But that's unlikely. Patent protected codecs, and per seat licensed DRM wrapped 'trade secret' implementations become available that way ... Wine provides operability at the 'use a binary intended a foreign OS' environment level, sort of like a sparrow wearing scuba gear to go after a meal of grubs in a creekbed. If a person is willing accept moving around on crutches, that is a future, I guess, but is it worth committing to using adaptive devices, or to find or participate in building the FOSS alternative? -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: How to report Internet Abuse
On Mon, 26 Jul 2010, Shawn Badger wrote: What about adding the ip into the /etc/hosts.deny fie? I don't know if Apache uses TCP wrappers, but if it does then this would be an easy solution. ask it, and see if libwrap is present: ;) $ ldd /usr/sbin/httpd | grep wrap I think the best solution is to use iptables though, because you should really already be running it on anything that is public facing. iptables to just port 80/tcp will work fine -A INPUT -m state --state NEW -m tcp -p tcp -s \ the.bad.guy.ip --dport 80 -j REJECT [backslash continueations used here, to avoid wrapping issues -- not supported in the real config files, in say CentOS, in /etc/sysconfig/iptables ] but The 'correct method; from an apache POV is a 'Deny' rule in the config file, which avoids some workarounds Directory / Order Deny,Allow Deny from the.bad.guy.ip Allow from All /Directory or such -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Why is %#$ X11 failing to authorize this SSH connection? :(
On Mon, 26 Jul 2010, kitepi...@kitepilot.com wrote: So I do: kitepi...@beechjet:~$ ssh -vvv -fCX ay...@turbocommander VirtualBox /tmp/junkX11-VirtualBox.log 21 And I get my Virtual Box screen up and I can do whatever I want except to star a VM because: When I do this: kitepi...@beechjet:~$ ssh -vvv -fCX ay...@turbocommander 'VBoxManage startvm Unum' /tmp/junkX11-VBoxManage.log 21 X11 fails to authorize! You flopped the URLs and the session logs relative toyour narrative so I identify them the first http://www.kitepilot.com/junkX11-VBoxManage.log debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384 debug1: client_request_x11: request from 127.0.0.1 33887 debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 1: new [x11] debug1: confirm x11 debug3: Wrote 48 bytes for a total of 3015 debug2: X11 connection uses different authentication protocol. X11 connection rejected because of wrong authentication. debug2: X11 rejected 1 i0/o0 the secondhttp://www.kitepilot.com/junkX11-VirtualBox.log debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384 debug1: client_request_x11: request from 127.0.0.1 33888 debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 1: new [x11] debug1: confirm x11 debug3: Wrote 48 bytes for a total of 2999 debug3: Wrote 464 bytes for a total of 3463 The MIT magic cookie exchange, needed for xauth and credentials forwarding is failing on the first The command being passed in is: debug1: Sending command: VBoxManage startvm Unum Something like this may work from the client side su - -c VBoxManage startvm Unum per: info su: ... login startup file(s). Additionaly `DISPLAY' and `XAUTHORITY' environment variables are preserved as well for PAM functionality Run the first inside a terminal login subshell, and it should succeed The management interface probably does not spawn a pty by default and it is needed for the authentication exchange -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Deleting specific files from many sub folders
On Mon, 26 Jul 2010, Bryan O'Neal wrote: I have a bunch of .au files I want to get rid but I don't want to hunt them down in every darn sub directory. Suggestions? Move into the top directory of that set find . -name *.au manifest.txt Scan manifest.txt with your favorite editor and look for stuff you wish to retain -- mv them into new name suffixes Repeat the first step and make sure are happy for all listed there to go away Run one more time then like this: find . -name *.au -a -exec rm {} \; All done -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Deleting specific files from many sub folders
On Mon, 26 Jul 2010, Bryan O'Neal wrote: Thanks :) for extra credit, if you are worried about ever wanting them later, manifest.txt may be handed to tar and a backup file created and tuen burined to archiving media ;) from that same directory tar zcf acme.tar.gz -T manifest.txt - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OK, how do I count files in a directory QUICK!!!
On Fri, 2 Jul 2010, Matt Graham wrote: That's a bit strange. I'd think ls -1U --color=never would spit everything out almost as fast as possible, considering. nope: 'ls' sorts -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
MySQL reporting question
On Mon, 21 Jun 2010, der.hans wrote: I need to match the most recently entered status from t2 with stuff from t1 in MySQL. t1.stuff, t2.status == $some_val where max(t2.timestamp) and t1.varchar1 == t2.varchar1 and t2.varchar2 == t2.varchar2 I can also add columns to either table. ugghhh -- you mention MySQL in the subject line, but just because one has a hammer does not mean everything is a nail. The MySQL database server kernel engine can use a journal and serialization of transactions to attain ACID. This can slow things down a lot if used There is the 'new' interest in 'eventually consistent' databases. Can you use 'almost the latest' data? [some problem domains do not admit a use case permitting this, but some do: consider: DNS which might update detail all the way through only every couple of weeks in some cases] I would take a hint and amend my code to emit both the insert to t1 AND a destructive update write to 'last seen' location outside of the database. A strict SQL approach is gonna kill you on retrieval time and lock serialization This avoids that killing JOIN I would also generate a hash of t1.varchar1, t2.varchar1, t2.varchar2 and t2.varchar2 as each is written and as you are sorting (selecting, but ... ) on max(t2.timestamp) and generate a series of the first four directory permuted values, each in their own tree, and spread that across sufficient spindles that the write and read load performance can keep up As this point we need to look at the structure for the problem domain t1.stuff, t2.status == $some_val and we lack enough to design further the structures needed ... I had to automate precompution of 'cribs' of subsets of data and pre-populate a cache for a call center application I wote, to keep up with the database read load on one project. If I were doing it again, I would drill in even more 'out of database' cacheing Financial markets data is often like this -- one needs very fast access to arbitrary data, and usually just the latest trade or the lastest day's trade data; after that it is merely of less time critical access needs. We recently spent several months with the trading-shim working in this area -- Russ herrold 614 488 6954 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
google CL tools
On Sun, 20 Jun 2010, Stephen wrote: http://www.theregister.co.uk/2010/06/20/google_command_line_tool/ I think this is a great thing... I have seen on the relevant mailing lists that it has been moving through the review and packaging process in both Debian and Fedora for the last week -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: CloudLinux
On Fri, 18 Jun 2010, unixprgrm...@gmail.com wrote: Cloud computing is like having sex in Time Square. Everything is viewable to everyone, but only those who are interested are going to delay their busy schedules to stop and see what is going on. As far as encryption goes, cracking it is only a matter of time and computing power. You may not be able to crack it in an amount time that makes the data usable or valuable; but, it is only a matter of time, before computing power cracking algorithms catch up and allow you to crack in seconds what was previously uncrackable in decades. 'CloudLinux', the CentOS downstream fork is not cloud computing, although in their marketing puffery, they position themselves as: 'CloudLinux is the only commercially supported OS designed specifically for the service provider market' -- http://www.cloudlinux.com/solutions/compare/ I call B*ll sh*t http://www.cloudlinux.com/support/index.php Serverity [sic; thus in the original] 1 2 Buiness [sic] days ... where: Severity One (Urgent) Catastrophic - OMG help me now. Includes loss of production, data and no workaround, major security breach. I'd be embarrased to have written that (putting to one side the spelling errors) advert PMman time to self-recovery is minutes to having the DRP back-up image fallback spinning and live, and depending on the care the instance owner took, and the depth of their purse, later fallback images. If one wished to buy 24x7x365, we already have trained staffing in place for 'truck roll' to the DC, know our pricing, and will consult and quote to serious inquiries. In most instances no truck roll is needed as we maintain out of band access to the backside network, have remotely controllable power and console access (KVM over IP backhaul to dedicated management servers), and there is not much other than re-plugging cables that we cannot do remotely .../ -- And opinions are like belly-buttons ... 'Everything is viewable to everyone' is laughably ignorant of the reality 3DES issued (giving ca 112 bits of symmetric cipher strength) because the horizon showed that governmental strength mechanical attacks were 'too close'. FIPS 140 is in the -2 update for just this reason, and to comply at the highest levels and to surmount obtaining a certification lab's 'sign-off' on the same costs on the order of tens of millions of dollars. But like RHEL and CentOS a person can obtain results to the FIPS level cited without the certification for little more than skull sweat and testing I just generated a 2048 strength public/private key pair (asymmetrical crypto) as the horizon to cracking that is not within my life expectancy. the number of atoms in the universe are less than the number of sequential stir guesses needed. Frankly, without a defect in the algorithms to permit ruling out wide swaths of the key-space, the universe runs out of power before current crypto properly done. OTP does not NEED hardware RNG's potted in epoxy as the early BellCore reference implementation showed The cyber ninja swat team operatives getting into the data center need to successfully get past: - fob based ACL 1 - fob based ACL 2 - all the cameras - hand geometry ACL 1 - hand geometry ACL 2 - outer cage 1 (fob based ACL) - inner cage door 1 (key locked ACL) ... each with continuous and redundant monitoring 'inside' the protected loop, and echoed to the outside DRP site to even get to anything [i.e., the physical layer attacks] more than they can get sniffing and journalling all the traffic in and out of a given IP for a 'corpus' to crack This is far, far more than we had at the Naval Ship R and D center during the Nixon administration, except we do not have armed Marine guards with loaded M-16's at port arms at the entry point at that long ago data-center. All I need to do is slow them down and be alerted All management of hosts at that DC are done through SSH and certificate backed SSL; there are partitioning and fire-breaks, and two discrete and isolated back side 'God network' network segment for control that simply does NOT go out of the locked cabinet; it is based on an implementation that passed the then CISP (now PCI) credit card data security assessment, conducted by the author of the v2 of that specification without any down-tick or question at all as to the Unix/Linux part of the data security model and implementation. The Windows side passed because of the use of physically isolated network segments, VPN tunnels, proxies for application isolation, and use of a doubly protected physical layer _Some_ cloud computing may be performed as a public promiscuity, but I assure that that generalization quoted at the top this post is not meaningful,
Re: Slicehost / xen hosting size
On Tue, 1 Jun 2010, Matt Graham wrote: From: Steve Phariss sphar...@gmail.com looking at slicehost and a couple other hosts but I am not sure of the size host I should get (or even the best company to go with). The website runs OSCommerce, Wordpress, Zenphoto, IMAP, Roundcube (or other webmail) and one or two various web apps for testing. She also hosts short term, low traffic websites for misc uses. Any ideas on proper sizing? How much traffic per day does the server get? How much disk space do all the things installed and all the user data take up? What's the average load on the machine? The answers to those questions will determine the size of the host you need. I'm using the smallest slicehost available because I just don't need that much CPU. I did a 'show and tell' talkthrough at a UAT meeting perhaps 6 weeks ago, of the 'pmman' virtual server product. One aspect it has is an ability to dial up ram and hard drive space (and bandwidth soft-caps) after the base install under the end user's control, in just seconds Steve, please contact me offlist for a 30 day trial instance, gratis, to see if it meets your needs. http://www.pmman.com/ -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
ditching Apple products due to boycotts?
On Mon, 17 May 2010, keith smith wrote: Maybe. What if we were to go into deflation? Wouldn't that help? herrold, earlier: This looks like wishful thinking. The outsourcing/offshoring genie is out of the bottle, and nothing is going to put it back Deflation relative to what? Gold? The CHF? The JPY? The EUR? Why should a loss in purchasing power of a unit amount of one currency affect non-lockstep linked currencies at all? Bretton Woods ended those days Prediction of the path financial markets will take appear to be a multi factor, non-linear problem, with path dependencies. Anyone saying they _know_ otherwise should be encouraged to play against you in a markets simulation where you run a true random strategy. If they can consistently articulate a durable strategy that produces above market gains, follow it What if AZ were the first mover in a economic game where it restricted non-documented guest workers and TX and FL followed suit, but NM and CA did not. Where will budget and employment crises continue longer? Opinons are cheap; horse races are held regularly to settle differences of opinion as to which of a collection of horses can run the fastest. One problem with the study of economics, and behavioural economics, is that there is no 'experimental lab'; and 'repeatable starting conditions' repetition of history, to settle arguments like this. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ditching Apple products due to boycotts?
On Mon, 17 May 2010, keith smith wrote: I think if taxes were reduced by 25% or even 50% we would see deflation. We need to deflate. If one reduces taxes (I assume here, you mean the net effective Federla ones), the federal deficit goes up faster, and the feds need to borrow more to fund its payment obligations. This sucks funds away from the private sector, who then need to 'outbid' the feds for business borrowing. Bidding up rates to but (here, rent the use of money) the use right of same asset sounds like price increases with no change in the underlying. That is asset price inflation I dont ses the causal link you are suggesting exists to cause a deflation. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ditching Apple products due to boycotts?
On Mon, 17 May 2010, keith smith wrote: So what would you do if you were in charge? Negative agenda don't resonate with voters, so these need to be 'dressed up' as positives, but I wont sugar coat it here Not suggest that protectionism (here, a boycott) is anything but a distorion of a market based economy Remove 'too big to fail' guarantees, explicit and implicit, from the economic system, and move to a market based economy Not lend money on no security into Western Europe and allow the Greece socialist experiment reform itself without my intervention Not 'juice the stock market' to make people reading their 401k statements feel 'happy' at the expense of eating the heart out of the country's future Not have liability caps on offshore drilling operations Call 'bullsh*t' when people who have not read, or are not intellectionally honest about SB 1270 call it racist or anti-immigrant Vote out and work effectively to remove from influnce people in and out of public office who hide behind lies I am not a libertarian by any stretch of the imagination, but much they have long proposed simply makes sense standing alone -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
ot- not even computer related
On Thu, 22 Apr 2010, Michael Havens wrote: when you watch and it goes to commercial sometimes they show less than one second of a commercial and then go to another one... anyone know why? local 'drop in' adverts run on top of (in place of) the national feed; additionally one can buy differnt drop in's for different customers, as is a commonly pitched 'advanage' of placing adverts through a Cable operator. Obviously clock synchronization down to the sub second is not attained as to 'cuts' between content feeds; when this happens, the 'blips' appear You can see this kind of 'missed switching timing' a lot on CNBC and so forth -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
volatile repo for CentOS
On Wed, 21 Apr 2010, der.hans wrote: Does CentOS have something similar to debian-volatile that tracks packages that change a lot and need more frequent updates than happen in slow-moving distros like CentOS and Debian? There are official and unofficial ones -- testing is close to what you seek, but not systematically fed, nor weeded http://wiki.centos.org/AdditionalResources/Repositories Most of what I package is either from scratch, or from Raw Hide, and ends up, in SRPM form, at: http://www.owlriver.com/projects/ORC/ and my mirror If you have a particular need, send me an enail, and I can usually publish a solution that works on CentOS in short order. If it needs security updates and tracking, we need to discuss the matter more deeply. - Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Nigerian Scammers Are Now Calling On the Telepone!
On Mon, 5 Apr 2010, Mark Phillips wrote: Very cool.I wish I had the presence of mind to say something like that! you dont follow the right blogs: http://orcorc.blogspot.com/2010/02/caller-id-wiretapping-call-recording.html ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
How to export text from a .chm file?
On Thu, 1 Apr 2010, j...@actionline.com wrote: How can I export the text from a .chm file? In particular when it is broken into multiple chapters? The FOSS project 'calibre' handles this http://www.mobileread.com/forums/showthread.php?t=26980 through internediate conversions to more portible formats. calibre builds and installs trivially under CentOS 5 -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: plug] VOIP Shopping time
On Mon, 29 Mar 2010, gm5729 wrote: I put together my own voip tis past weekend. After looking at like 4-5 FOSS websites. I was honestly more confused then when I started looking around. Everything to me looked like stuff for call centers. I just want a simple phone. On my list, the Grandstream BT-201 and the -102 are each a conventional looking black telephone with some feature butons and lights, look like a 'desk keyset' in an office, but with the property that instead of running back to a local phone controller usually over CAT-3 cabling, these units are assigned an IP, and connected through a RJ-45 ethernet connection, and routed like any other computer device. Call control signals, voice data, and other signals (think: hold buttons, and message waiting lights) are manageable through SIP to a central Freeswitch or Asterisk 'PBX' which need not be on site The rest of the units I mentioned are ATA -- analog telephone adapters, exporting FXS and FXO -- subscriber, and central office type lines, respectively -- which a plain old 'dumb' POTS phone's RJ-11 may be plugged -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
VOIP shopping time
I've been handed a short deadline project that includes a part in which I need to provision and ship a SIP based VOIP unit to a FOSS conference site, which would then offer dial-in and free SIP 'listen only' of the proceedings on a conference bridge But I am away from my office, with the weekend preventing me from calling and getting a unit shipped out to me tonight I have spent the day poking around, trying to find a local vendor I can drive to, here in the Valley, and pick up a unit or two to qualify (or borrow for a couple of weeks) No joy at Best Buy or Fry's. Anyone have a source that comes to mind? -- Russ herrold Linksys PAP2-NA 2xFXS, 1xLAN port ATA VOIP Phone Adapter (SIP) Linksys SPA1001 1xFXS, 1xLAN Analog VoIP Phone Adapter (SIP) Linksys SPA2102-NA VoIP 2xFXS, 1xLAN, 1xWAN ... Linksys now being part of Cisco Cisco SPA8800 IP Telephony Gateway 4 FXS, 4 FXO, or optionally 8 FXO Grandstream HT-286 VOIP Adapter - PAP2 1xFXS Grandstream HT-502, HT-503 1xLAN, 1xWAN, 1xFXS, 1xFXO ATA Grandstream BT-201 1xLAN one line keyset, w 2.5 mm headset jack Grandstream GXW-4008 8 Port FXS IP Analog Gateway Grandstream Budgetone-102 1xLAN one line keyset --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Best cable prices.
On Fri, 5 Feb 2010, j...@actionline.com wrote: Someone just recommended monoprice.com for cables and I inadvertently information, why not have a menu/link on the PLUG page specifically for best sources and best prices? Who is the webmaster for the PLUG website? the archives contain this answer, over and over google: lists.PLUG.phoenix.az.us webmaster of the PLUG site Second cut is it really somethng that a webmaster needs to do, or would a wiki suffice -- their time is no lsee valuable to them than yours to you, and I dont se an offer to pay for such a service and I think the broader issue is: is this really Linux related [and thus PLUG], or something Google does better -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
RE: DNS
On Sat, 28 Nov 2009, Bob Elzer wrote: You do know that you can use any DNS server you want to, right ? two caveat's here: 1. a common policy to avoid load problems on nameservers is to limit relies to non-customer IP's to only those domains for which one is authoritative for 2. an ISP can use provide an interception of DNS answers fairly trivially for making sure a customer passes through a web view of a terms and conditions page (consider the usual intercepts one encounters at hotels, which may be done that way, along with other methods) There is a crpytographically secure answer mechanism to prevent such false results from going undetected, but it is not yet in wide distribution. --Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
loading fresh system from rpm list?
On Mon, 23 Nov 2009, Steven A. DuChene wrote: I have been requested to load a duplicate system based on the list of rpms present on the original system. This is a CentOS Does anyone know of a tool that would allow me to do a fresh load of a bare system based on a list of desired rpms? master: rpm -qa --qf '%{name}\n' | grep -v kernel | sort | \ uniq /tmp/rpmlist.txt clone: do a minimal install scp master:/tmp/rpmlist.txt . yum install rpmlist.txt Then on the clone, run: rpm -qa --qf '%{name}\n' | grep -v kernel | sort | \ uniq /tmp/rpmlist.txt diff -u rpmlist.txt /tmp/rpmlist.txt and rpm -e any strays present on the clone, and note anything not present, and repair to taste [this can happen over time as the items in a point respin change, or if a non-CentOS archive is used] - Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: loading fresh system from rpm list?
On Mon, 23 Nov 2009, Steven A. DuChene wrote: The original system is a VERY minimal install and that is what the owner wants me to mimic on the second system. He very carefully went through and removed any packages he did not absolutely need so rather than duplicate that work I thought I could somehow just work from his list of rpms on the original system. I would worry that he broke dependencies unless he was using an audit tool. To trust, but verify, see: http://www.owlriver.com/tips/broken-system/ and I would like a pink pony. ;) As no such ponies are on my horizon, this paragraph was there for just that reason http://www.herrold.com/pink-150x.jpg I am also the initial reference author for the 'tiny centos' page, describing a methodology to getting to small installs http://www.owlriver.com/tips/tiny-centos/ I'll probably re-work this email series up into another tip. Dennis Kibbe also made me do some work on the weekend with a question he raised. No rest for the weary. http://wiki.centos.org/PackageManagement/Yum/Priorities Then on the clone, run: rpm -qa --qf '%{name}\n' | grep -v kernel | sort | \ uniq /tmp/rpmlist.txt diff -u rpmlist.txt /tmp/rpmlist.txt and rpm -e any strays present on the clone, and note anything not present, and repair to taste [this can happen over time as the items in a point respin change, or if a non-CentOS archive is used] We have a product we use for testing such stripped boxes, as well as for production, and we make it available to customers: http://www.pmman.com/ -- Russ herrold (480) 389-6968 --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
x509's or ????
On Tue, 17 Nov 2009, GK wrote: I am trying to figure out a way to tame the password beast. Is there something I can do along the lines of an SSL cert or a GPG key that I could use to sign the website in question and use that key as long as I want? The internet police will not come and arrest you for using a self-signed SSL certificate with a very long expiration date -- I would probably avoid going into 2034, though as supporting subsystems may balk. I'm not picking anybody out but I bet Lisa answers first *grinz* ;) yeah -- probably -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: x509's or ????
On Tue, 17 Nov 2009, Eric Cope wrote: I also think Lisa will have something to say... ducks / I am probably beyond her range atm ;0 - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: Anyone know of a simple credit card billing option?
On Sat, 31 Oct 2009, JD Austin wrote: I eventually went with Authorize.net with a real merchant account since it was too big of a risk selling some things on Paypal (they always side with the buyer). hunh. This has not been my experience, having qualified a merchant account for a couple of businesses under Pay Pal's clearing bank. Actually, as I think about it, that merchant account have had not had a single disputed chargeback upheld in the last five years. This does not mean that a 'hold' on funds is not placed during a dispute's resolution, but that is standard anywhere in the ISO (independent servicing organizations) part of the credit card industry [I worked as a consultant to a major national firm for many years in this space, on IT, PCI/CISP, and risk department automation matters]. An adequately capitalized and 'real' and non-adult content business addresses that 'risk' by having a 'throwaway' bank account (and at a financial instution not holding the business 'normal' accounts to avoid a possible 'right of offset') behind the remittance account, and sucking funds out to taste. [Note that part of obtaining a merchant account usually includes signing a contract providing for guarantee by a 'deep pocket' behind an account, and an arbitration clause -- part of the cost of being a real business] - Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: [securityalerts] New Moodle releases 1.9.6 and 1.8.10: Security fixes
On Mon, 26 Oct 2009, Lisa Kachold wrote: Moodle announces more security issues. By sending out this advance security notice of known exploits to registered Moodle sites before the security fixes and press release it's clear that Moodle does not fully appreciate the state of web security today. Literally thousands of web systems exploiters are already targeting school based Moodle php/mysql sites! and so ? so are sendmail and bind and the Linux kernel each of which announce their holes as well -- Forwarded message -- From: mar...@moodle.com Subject: [securityalerts] New Moodle releases 1.9.6 and 1.8.10: Security fixes To: securityale...@lists.moodle.org You are getting this email because you subscribed to the Moodle security alerts list when you registered your Moodle site. (Thanks for registering, by the way!) I would read this that moodle cares enough to run a security alerts ML exploder, and that they care enough to use it. It seems like sour grapes to complain that the 'free soup' is not seasoned as you like it. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
ot - I got a call today
On Wed, 21 Oct 2009, mike havens wrote: This call was from Atlanta, Georgia. 770.999. was the number. After a little research I found out about ID Spoofing. Was this a soofed number? Or else is a special number or something like that? The call was from someone verifying an application 'I' filled out.I don't think so! perhaps spoofed, but is seems to be an assigned block NANPA: Assigned Atlanta Nw, Georgia (Bellsouth Telecomm INC DBA Southern Bell TEL TEL) per http://whocalled.us/lookup/770999 A person who controls a SS-7 switch through a PRI can do amazing things as to the displayed 'caller ID' to an end customer -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: TSA Secure Flight?
On Fri, 2 Oct 2009, Dorian Monroe wrote: ... If they don't have some kind of id, then they're not flying. Not much new about that. well, no -- I lost a wallet, and at PHX just had my smiling face and a home-printed boarding pass as ID -- had to go through a secondary screening, but not more than an additional 2 minutes. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Time to Trade in My Blackberry
On Mon, 31 Aug 2009, David Huerta wrote: With ammo prices being what they are now, maybe a small box of .45mm? oohhh -- needle gun flechette ammo, straight out of Dickson's Dorsai series -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: Politics/Ethics: Operation PinWale - Obama Administration Seeks Emergency Control of the Internet
On Sun, 30 Aug 2009, Lisa Kachold wrote: No, I didn't notice it was right! My Bad! OT is fine! Ryan, in case you didn't notice--there ARE NO RULES! “If you are not one of us, you are one of them... They still live in a world that is based on rules; because of that, they are never going to be as strong or as fast as you can be.” -- The Matrix --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Sonoran Penguin
On Wed, 5 Aug 2009, Joshua Zeidner wrote: Which is why practically nothing ever happens :( On Wed, Aug 5, 2009 at 5:26 PM, Lisa Kacholdlisakach...@obnosis.com wrote: Committee? No, we just make improvements. No one gets to control things. ignoring the top posting's misposition [ ;) ], that is because one cannot improve on perfection? -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Sonoran Penguin
On Wed, 5 Aug 2009, Joshua Zeidner wrote: Nothing substantial can be organized unless there is clear management. Who will determine what is an 'improvement' and what is a total failure? PLUG needs to grow up and harness the talents that we currently have in abundance. Stop with these silly games pretending no one is running the show. Someone pays the domain renewal bill (if any); someone pays, or calls a favor, with the location the box is hosted; someone has root on that box. Find those answers, and you have the throat to choke. Unhappy with those answers? Can't figure it out? Fork and out-perform the incumbent. Running code talks. This is FOSS after all. No slam on der Hans, or Lisa. Running a LUG is hard; running it for years and years is even harder Bring your own domain registration for a LUG, and I'll provide access to a host for a virthost website, mailing list, etc on a box that has in its past hosted Distrowatch, the Metro Detroit LUG, the Tampa LUG, a couple of defunct LUGs, and the Central OH LUG (currently). Others as well, but I fergit. But kvetching about it and not acting is just pointless. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Sonoran Penguin
On Tue, 4 Aug 2009, Joshua Zeidner wrote: I made it with GIMP. How come no one liked it when I posted it I need to fire my PR manager. I read email with [al]pine in a monochrome terminal, fast and low, and tossing read pieces out. If it was in an early email, I missed it. I cannot say that I saw repetition of a URL where I might view it, although the compliments seem to indicate its worth. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Geek/Tech/Entrepreneur Stuff to do in PHX
On Fri, 31 Jul 2009, Lisa Kachold wrote: Don't you know about Rule #999? Ignore all forum comments in regular press (outside of technical forums, where you ignore %50. A sound rule. I may quote you the next time The Register calls ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Fedora rpmbuild direcories
On Thu, 16 Jul 2009, Lisa Kachold wrote: Yes I remember the scripts! That's a WHILE ago Russ! Brush ourselves off, we are in the company of FAME (dusty though it might be)! * chuckle * no flies nor dust on me -- stop in at #centos on freenode IRC any weekday for the show I consider der Hans to be PLUG's most well known celebrity Another pioneer, also in the Valley is Kirk Bauer (of autorpm) who has an updated Edition of his APress sysadmin book out http://apress.com/book/view/9781430210597 -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Fedora rpmbuild direcories
On Wed, 15 Jul 2009, Lisa Kachold wrote: I believe that FC4 changed /usr/fedora to /src/redhat. When you import the kernel sources, you will then have a rpmbuild directory. u ... actually I documented this practice and approach (a ./rpmbuild/ in the user's home) long before that as part of a move to building all as non-root http://www.oldrpm.org/hintskinks/buildtree/ seemingly in 2002, but it was common before that see also: http://www.owlriver.com/tips/non-root/ where I note at the end: The techniques work from the earliest days of rpm, with minor changes. That is, it will work fine on: Red Hat Linux, Netwinder Linux, Alpha Linux, Aurora Linux, YellowDog Linux, cAos Linux, Red Hat Fedora and any other distribution which uses the RPM Package Manager. For a while Fedora carried my little setup script in one of its packages. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: [sorta]: from wired.com : Why Isn't Wireless [IP] Everywhere?
On Tue, 9 Jun 2009, Mike Schwartz wrote: I was thinking tangentially about this the other day -=- We forget it now, but recall the 'urgency' for the regulated telco's to 'add more wireline phone numbers' during the dial-up phase of the internet roll-in? Wired number pool allocations with all the fax, dialup PPP links, pager, and related devices (I exclude cellular numbers here), and the pulling of copper in the 'last mile' 'outside' network were 'urgent', a crisis, and now are in the rate base we all end up paying for, essentially 'forever' for customers unable to totally drop wireline services [VOIP and wireless only go so far -- some businesses cannot take the risk of being 'unavailable'] The answer of course as to 'Why' usually includes a 'TANSTAAFL' aspect ;) What will WiMax, wireless, or whatever be supplanated by 'tomorrow', and what commercial company can 'thread the needle' to provision it at just the right 'profit maximizing point'? -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
OT: What does this symbol mean §
On Thu, 21 May 2009, Josef Lowder wrote: Can anyone tell me what this symbol means? § a 'section' mark, in a legal context -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: List of Command Line Tools
On Tue, 19 May 2009, James Mcphee wrote: I have an admin that loves to open bunches of screen sessions and leave them open forever. This eventually kills the box, obviously. Screen is a great tool that does not in any way prevent people from doing goofy things. Why should the application perform a task which ulimit can be configured to address, if there is an abuse? ... and a 'sysadmin' who does such needs after being appraised of the issue, not to be trusted with admin rights. Again the solution is not in the space of the tool, but in the space of the management of the affected system ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: Most fun in Arizona?
On Sat, 16 May 2009, Eric Shubert wrote: If you're in the area, you might want to check out Biosphere II (http://www.b2science.org/visitor-tours.html). Haven't done this one myself. I considered Biosphere a big fat nothing and with nothing around it as a fallback worth seeing [a wasted trip to a worthless stop]; much better to stay in town, and take the time to spend a half-day at Taliesin West http://www.franklloydwright.org/t_west.html If you take the time to read a bit about Frank Lloyd Wright and his work first and check out a 'coffee table' book or two first, you'll probably be able to convice the tour leader to let you 'hang back' and drink in the energy in the building. Next trip I'll probably do the 'Behind the Scenes' trip. I talking my way into being able to self guide this way at the Oak Park home of Wright a couple weeks ago, and found that well worthwhile. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Your modest proposaal; was: Re: Free Webhost
On Sun, 10 May 2009, Ed wrote: Would anyone like to start a state initiative that limits our ISPs to managing only the bandwidth of their service as provided to users (enforcing Network Neutrality), require that all customers must be provided only static IP addresses, and full port ranges* - with rare technical temporary exceptions granted by the corporation commission, the option to the customer of IPv6 or IPv4 at no cost diffrerential as of 2010 , and finally that any customer that is experiencing a to the property line/to the wall monopoly on wire or optical line based service may elect to be covered under a corporation commision managed, rate service monoply controle. Would you like a pony with that as well? Seriously, there is no such thing as a free lunch and passing a law to have the govenment entity, rather than the marketplace, add requirements on what may be offered, is a recipe for higher prices, and less features. IPv4 vs. IPv6 pricing are simply two different kettles of fish -- I've been wresting with ARIN BGP block pricing issues this week, for a new 'slice' product -- and while I would LIKE a pony, it's not gonna happen. I can probably give all my customers IPv6 at once -- but the infrastructure maturity, and application maturity, and tech abilities matureity for a pure IPv6 world are, as a practical matter, not there yet. Prove it to yourself - can you run your residential net entirely IPv6 with sendmail/exim/postfis, and bind/tinydns, and ssh, and your dhcp server dishing out only IPv6 content. As the problems are still there, there is a consumer desire for IPv4 for good reasons. I would LIKE to be able to dish out contiguous blocks, and to reassign customers here and there within an allocation, but the truth of the matter is that there is overhead default route, network and network broadcast over head which varies, depending on the number of IP's assigned. Solving allocations most efficiently is a 'knapsack packing' problem with the additional constraint that one has to co-ordinate changes with customers which may have nameserver details not easily changed. TANSTAAFL Having a monopoly provider out there adds yet another provider to compete against, and as a practical matter, they will either have subsidies of exonomies of scale that will eat alive a small niche provider such as I am affiliated with, into extincton. Then you'll have only that 'choice' to turn to. Wanna bet how FOSS friendly it will be? - Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: Problems with GoDaddy SSL cert request
On Thu, 7 May 2009, Eric Shubert wrote: I've never been able to reach a real person at GD (phone or email). strange -- I have a couple hundred registrations scattered among three businsses, and we have no problem reaching them at the stated phone numbers -- LD for us, but a local PHX call -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Cross-platform virtual meetings
On Mon, 23 Mar 2009, Joe wrote: My company is in the process of trying to set up virtual meetings, including things like screencasting/sharing, voice, video, whiteboard, etc. The office is all Mac, our clients are mostly Windows, and I'm on Linux. I pitched something like this for the CentOS GSoC application -- see: http://wiki.centos.org/GSOC/Projects at Reference VVW Squawk Box as I am pretty sure that FOSS space does not have a nice bundel doing all this (although the pieces and parts seem to be all pretty well done). As the CentOS project was not selected in last week's round of projects, we'll not have an intern working this issue BUT, nothing says doing the further task decomposition and implementation has to be a GSoC project, though -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: SELinux vs. AppArmor vs. Standard vs. What?
On Sat, 1 Nov 2008, Ted Gould wrote: I'm going to top post, you'll have to deal :) :0 w * ^List-Id:.*plug-discuss\.lists\.plug\.phoenix\.az\.us * ^From:[EMAIL PROTECTED] /dev/null no problem -- this procmail rule will handle the matter -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: SELinux vs. AppArmor vs. Standard vs. What?
On Fri, 31 Oct 2008, Craig White wrote: On Sat, 1 Nov 2008, Ted Gould wrote: I'm going to top post, you'll have to deal :) I suspect as iPhone's and other handheld convenient devices become more prevalent, the top post will become normal and accepted. Yeah -- that is the argument that Notes and Outlook uses put forth; Gmail too. But none of those were Ted's MUA: X-Mailer: Evolution 2.24.1 Having and using Gmail, and both a Blackberry and an iTouch which I use for email, I assure that all support trimming, 'at the bottom', and 'interspersed' posting in a straightforward manner. I'm not sure that kill file is always the best answer and Ted Gould is pretty knowledgeable and one whose postings I definitely want to read. I'm pretty sure that consciously flouting known conventions of a mailing list [regardless of a smiley] is an indicator that the person doing it prefers to burden everyone else, rather than do what that person 'knows' the expectation is. If you leave food out on the counters, you get roaches; if you reward improper behaviour, the exceptions swallow up the rule, and entropy wins sooner. If the rule is wrong, lobby to change it; my vote on Ted's proposal to dump 'don't top post' was stated publicly in my post. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ISP Infedelity / Touchy-Feelly Photons
On Sun, 26 Oct 2008, Matt Graham wrote: After a long battle with technology, der.hans wrote: Am 26. Okt, 2008 schwätzte Tuna so: I don't know which ISP is the least evil and corrupt around here, Common problem. They're all evil and corrupt, but some of them are less evil than others. wow -- harsh, coming from der.hans -- considering I manage an ISP and all as part of what I do. Complaints are all monitored, and root cause analysis performed when needed. Weekly management review of metrics. Rates are published, and honored. Ombudsman 'fairy god-parent' 'make goods' as needed. You must have ended hanging out with the wrong folks -- usually happens becuase people consider ISP services fungible and buy solely on price considreations. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ISP Infedelity / Touchy-Feelly Photons
On Sun, 26 Oct 2008, der.hans wrote: wow -- harsh, coming from der.hans -- considering I manage an Actually, those weren't my words. Matt was replying to tuna at that point, but using an email from me to do it :). my apology -- the comment of attributon is of course withdrawn. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: ISP Infedelity / Touchy-Feelly Photons
On Sun, 26 Oct 2008, [EMAIL PROTECTED] wrote: I too run a wireless ISP. hmmm ... an ISP I consulted at tried deployment of a non FCC type certified 802.11 solution a few years ago, but I was uneasy with their casual attitude, and certainly did not understand the business model. Goodness, that was late 2000. They are gone now. Another I worked with used the Motorola kit which is duly licensed, but it seemed too fragile around lightning and again, they are now gone. I could use some help shaping my line though... I assume you mean the non-connectivity part. That is the anchor which makes the case for using a local, rather than a national 'rackshack' Enrique PS: My ISP runs exclusively in Linux. Mostly LFS. As the customer is always right, we offer whatever the customer wants on the colo side of the shop; the Windows boxes are in migration into virtual instances, so we can move them between datacenters, after a local week long power outage exposed problems in one 'data hotel's backup power implementation. For hysterical, historical reasons, billing is in Optigold (OS/X), but we batch post process invoice images, etc into well-named PDFs, and then out to the site, and back onto Linux hardware. An ancient Sun running SunOS 2.4 ? was still doing DNS and the cutomer provisioning code (written back in 1994 ?) in perl 4 until a re-write earlier this year. Linux everywhere else (CentOS actually) of course. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: gnuplot - HTML
On Wed, 3 Sep 2008, Austin Godber wrote: [EMAIL PROTECTED] wrote: My boss needs a moving rotating gnuplot to work on a web page. We saw some docs point to some installable severlets and API's but they were dead links. Has anyone done gnuplot on a web page? Can it be a video or animated gif or does it have to be interactive? I haven't seen anything on interactive gnuplot embedded in HTML. That would be interesting. Check John Bollinger's Bollinger Bands and related websites -- the handles at the sides of the plots permit dialling through presentations. http://www.BollingerBands.com/ http://www.EquityTrader.com/ Also the home gnuplot website has a rather nice collections of screenshots. http://gnuplot.info/ There is also an R project web driven tool, but I forget the project name at the moment. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
GCC C/C++ application to run on Windows
On Fri, 15 Aug 2008, keith smith wrote: I'm thinking of writing a small application that can run on both Linux and Windows written in GCC C/C++ that will utilize MySql running on Linux . sounds like the 'trading shim, about which I presented at PLUG a while back http://www.trading-shim.org/ Initially I need the application to run on Windows XP or Vista and connect to the Linux box to access MySql. * nod * Is it possible to write an application using GCC that will run both on Linux and Windows? If so what should I be looking into? sure -- use Cygwin, for the Windows side, and your favorite Linux distribution. For extra credit, do it on OS/X as well. We also build the doco under TeX, and emit pdf's at the end of the process. We have scripts which build: Debian testing shim-debian.sh CentOS 4 and 5 shim-builder.sh OS/Xshim-OSX.sh Windows shim-Win.sh all from a common tarball, at: ftp://ftp.owlriver.com/pub/local/COLUG/ We talk through getting the shim going on Windows (until blocked by immaturity in the Windows C++ environment [not likely to be encountered, but we have sepcial needs), in the mailing list archive at: http://www.trading-shim.org/pipermail/ts-general/2008-May/thread.html Is there a better approach? None of which I am aware. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: GCC C/C++ application to run on Windows
On Fri, 15 Aug 2008, David Bendit wrote: Using some pre-compiler flags and logic, it wouldn't be too hard to write code that would compile on both systems, though you cannot run the same executable on both systems. The shim largely does it (in C++) without #IFDEF h*ll -- the trick is to use interfaces at the right abstraction levels. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Safely Landed in Ohio
On Tue, 22 Jul 2008, Austin Godber wrote: I just thought I would mention that I am now in Ohio and settling in. A syndicated summary of my trip out and first few weeks here is available here: http://friendfeed.com/godber good news -- there is a COLUG meeting today (Wednesday) covering iScsi http://www.colug.net/ -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Multiple Boot from PXE Scenario
On Thu, 29 May 2008, Jason Spatafore wrote: Sorry about the delay -- I've been travelling, just returned, and am ploughing through the email compost heap ... 1. I would like to use a system where servers can be PXEBooted to the network. doable for any reasonable hardware, thanks in part the Intel Wired for Management - initatives back in 1998 and 1999 - see: http://www.owlriver.com/tips/pxe-install/ and of course H Peter Arvin's Syslinux efforts. 2. The system needs to be able to boot from image files after being PXEBooted. For example, image files can/will be .iso (CD-ROM), .usb (USB Drive Images created with dd), .img for floppy images, and .dvd for DVD based images. Not sure I would use 'dd', but doable. See Method C at: http://www.owlriver.com/tips/hands-off/ but rather than upgrading a local HD image, chain-boot into the next (post selection time) operation system setup. We use that initial image to collect the desired profile, and to 'prime the pump' to use the MAC address NEXT PXE reboot Here's how I see the system working. A technician boots to the PXE environment and is presented a menu...say the menu is asking for an 8 digit number. The technician inputs the 8 digit number (12345678) and a script of some kind locates the corresponding image file. Once I had posted the desired profile, I would THEM use the MAC address. I do something like this to emit 'custom' kickstart configurations on the fly. See: http://www.owlriver.com/tips/tiny-centos/ The script then determines the type of image that is used based off the extension. In this example, let's say the filename is 12345678.iso. The script now knows that it must use iso9660 for the filesystem. The script then loads that iso file and the system boots just like it was running from a CD-ROM. The 'smarts' can live on the back end in the PXE/Next server side and be of arbitrary complexity. Databases, LDAP, and all the modern tools to tie into a LAMP server are MUCH easier to develop, debug, and handle on the server side than at the clients. Now, everything I have read so far states that this is impossible due to the way systems boot. ummm ... no. Been there, done that, have the Tee-shirt. Does anybody have ideas on how to get something like this to work? Can you boot an ISO file *as if* it was a direct attached CD-ROM drive? Can you do the same with other image types? Yup -- done in xen instances all the time; before that, fond in LTSP applications -- no reason one cannot have a standard (and thin) Xen Dom0, and any DomU you wish -- Linux, Windows, whatever. good luck -- very doable. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Microsoft joins OLPC
On Sat, 17 May 2008, Joshua Zeidner wrote: There were a lot of indications that something was amiss at OLPC, over a year ago there was this story: http://www.computerworld.com/action/article.do?command=viewArticleBasicarticleId=9054618 a story datelined December 13 2007 is 'over a year ago'? My calendars must be running slow. ;) - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: CentOS for tomorrow as well
On Thu, 10 Apr 2008, Mike Schwartz wrote: Yay, someone from my new LUG visiting my old LUG! When 'der Hans' and I were talking about topics, I gave him a link to any number of topics I can discuss without further preparation from my consulting practice: http://www.owlriver.com/tips/ which also outlinks to: http://www.colug.net/presentations/ and he chose 'CentOS' I find that LUG people are really interested in 'real world' work done using Open Source tools for paying customers, and so 'sanitize' work done for customers, publish the sources to fully meet (surpass actually) GPL obligations at: http://www.owlriver.com/projects/ORC/ and write up some presentation notes as documentation and present at the next LUG my travels take me to. The page at: http://www.colug.net/lugs.php was initially assembled by me for MY convenience so I can schedule trips to match local LUG meeting timetables. I recall at least one occasion when this CentOS guy (R Herrold) attended a West Side PLUG meeting, and his knowledge of (in that case) licensing concepts was so great that the speaker (wisely I think) relied a lot on audience participation, to get optimal benefit from Mr. Herrold's knowledge. I tend to have strong opinions on FOSS and am trained as and enjoy being an advocate [U Mich Law School ;) -- but as I was there, I was also writing a LISP to implement RPG II printmask drivers on a Sycor 340 -- a very early 8080]; I always try to be respectful to local leaders, and I greatly respect 'der Hans' efforts on behalf of the Linux / BSD / LOPSA 'nix community here in the Valley; locals may not know it, but he casts a long shadow, and I listen as he speaks. I might not attend tonight (I live *way* on the W side...) but IMHO it should be very worth while Hope all had fun. The 'aftermeeting' lasted another hour in the parking lot ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: east side meeting and asterisk stuff
On Fri, 28 Mar 2008, Geek Girl wrote: Lol it has noting to do with the spec file it has to do with trixbox not being stable... ... but 'trixbox' is not asterisk; in the #centos IRC channel on freenode, where I might be found daily, my lieutenants and I regularly are beseiged by refugees with the *BROKEN* downstream fork, of CentOS, called trixbox (and others too) The problem was sufficently common that we have a whole wiki page devoted to the problem: http://wiki.centos.org/TipsAndTricks/BrokenVserver Asterisk packagings are tricky as well, as most do not get along with the packaging system, but want to unroll and build tarballs as root (another *very bad idea*). Mine do not share that defect, and will build as non-root, and run just fine. for example their 2.4 branch was pretty stable but now they released 2.6 and overwrote the 2.4 repositories and everything updates to 2.6. Plus 2.4 was still buggy...They are actually in the process of testing a nother revision this eve at trixbox but they are even skeptical of weather or not it is fixed. Plus they they are known for hosing their repos regularly... Then all you have done is confirmed that the trixbox developers cannot write an effective test plan, and cannot identify and fix regressions. Or maintain repositories ;) Seems to me this is a good reason not to use the particular product; or to get involved and displace the non-competents (if possible); or failing all that, fork and do it right (think: OpenPBX). Brian Adams ? at OpenPBX had me speak at their 'ClueCon' convention a couple years ago about CentOS and telephony, and the OS in use split about 50:50 between CentOS and Debian, from a show of hands; - Russ herrold links from prior email: http://wiki.centos.org/PackageManagement/Rpm ftp://ftp.owlriver.com/pub/mirror/ORC/asterisk/ --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
east side meeting and asterisk stuff
On Fri, 28 Mar 2008, [EMAIL PROTECTED] wrote: I recommend PIAF because you can see it from the source level without having to deal with crappy RPM's If the rpms are poorly written (in their .spec file, one assumes), why not amend them; Writing a good .spec file is reasonably trivial. see: http://wiki.centos.org/PackageManagement/Rpm or use mine; if you have a problem with their form, and it is a well formed objection, I'll glady improve them. Just send a private email. ftp://ftp.owlriver.com/pub/mirror/ORC/asterisk/ This set is a bit old in the ersions [I'll update at some point], but has worked here forom omnths without so much as a quiver. of course you may have issues with the RPM packaging system; I can see how using the sources, so you cannot ask a package database when a new exploit comes along, to see if you are vulnerable, might be prefered, as it offers the opportunity to wade through sources and versions over and over again. Job security, so to speak. RPM managed sysadmin is boring. ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Getting a new package added to CentOS
On Mon, 25 Feb 2008, Mike Schwartz wrote: On Mon, Feb 25, 2008 at 2:13 PM, Charles Jones [EMAIL PROTECTED] wrote: Craig White wrote: On Mon, 2008-02-25 at 14:01 -0700, Charles Jones wrote: Craig White wrote: On Mon, 2008-02-25 at 13:57 -0700, Charles Jones wrote: I'm on a quest to get Hobbit Monitor ( http://www.sourceforge.net/projects/hobbitmon ) added to several linux 'Lots of back and forth with speculation without asking or research', I was thinking as I read the thread. I'll speak only from my personal knowledge and observations, and would note that this in no way constitutes any sort of statement by any one but yours truly. distros. Someone has already gotten it into Mandriva and Debian. I sort of volunteered to package it for Fedora (hopefully fc9), and CentOS. I believe that dag is starting to bundle for EPEL too... nope -- He was driven away with torches and pitchforks ;) -- the details are painful and recurrent with the Fedora folks holding to a policy of 'their way or the highway' as I see it. This battle has raged since before CentOS existed, and at the end of the day, the long time 'independent packagers' cannot help but get tired of being a punching bag for the political nitpicking and posturing of the Fedora folks (who seem to posture well, but 'play well with others', less well.) Then the packagers stop wasting their time on fedora, and turns back to productive pursuits (like actually packaging, running build systems, and the like). I carry 529 packagings, it seems. 'Most all work with all CentOS versions: http://www.owlriver.com/projects/ORC/ Inter-repository co-operation is useful, as it prevents complaints from a casual user; clearly externally marking which repositority provided which package in a simple rpm -q (packagename) Such efforts have been torpedoed by 'onlookers' with @redhat.com in their email addresses. Transcripts make this clear. What's the difference between EPEL and CentOSPlus ? At the end of the day -- EPEL is the captive of Red Hat; the independent packaging efforts are not. Red Hat committed to, and then backed away from its commitment to set up a freestanding foundation to make Fedora decisions -- their right, as they own it lock stock and barrel. cAos, and later the centos-sub project to cAos (later spun out as a free-standing project) were a reaction for a need for freedom for RH derived RPM based packaging distributions. https://www.redhat.com/archives/epel-devel-list/2007-May/msg00156.html https://www.redhat.com/archives/epel-devel-list/2007-June/msg00031.html There as a meeting at FOSDEM last weekend -- perhaps things will get better. We'll see.. I've not heard a formal report yet. my $0.02 -- Russ Herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: accounting via spreadsheet
On Tue, 29 Jan 2008, keith smith wrote: You have quite the credentials there. I was just feeling dog tired at the prospect of doing it again/ ') - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: accounting via spreadsheet
On Thu, 31 Jan 2008, keith smith wrote: Seems like we are re-writing things every 10 years and that cycle might speedup. I thot 'internet time' ended at the dot com blow-up a few years back. ;) - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: accounting via spreadsheet
On Tue, 29 Jan 2008, keith smith wrote: Is there a need for an accounting application that will give the user access to their data? What platform would it run on? Win or Linux or both? not sure who that was directed to -- my reply below: R P Herrold [EMAIL PROTECTED] wrote: On Mon, 28 Jan 2008, [EMAIL PROTECTED] wrote: Once upon a time I had the job of integrating QuickBooks data with our online order processing system (PHP/MySQL application). snip thanks!! I have worked in heterogenous environments (dumb serial terminal, Windows putty, *nix terminal program, mac OS/X terminal program) providing accounting (GL, AR, AP, check writing, financial reporting, custom reports, PR) (and indeed full shop floor management: Job costing, BOM, scheduling, pick lists, bill of lading) with a TUI interface with a couple of solutions: ROI, and Add+On, running respectively on HP-UX, and SCO (pre Daryl); I've written parts of over the years since s/360 days in COBOL (PR, inventory management, scheduling). My particular desire it to be able to ditch QuickBooks (basic accounting [therefore not even with tamper resistant journalling], and checkwriting) and by so doing, poweroff the Windows 95 box I keep alive for it, and to move to a FOSS solution, but to retain the ability to have a accounting professional not 'ream me' (by requiring re-keying all from scratch) if/when I need that accounting professional to 'bless' my books and the reports produced therefrom. I _can_ write it again; I just don't _want_ to do it alone nor should it need to be done from scratch in the FOSS world at this late date ;) -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Semi-OT: Referral for Linux-friendly accountant
On Mon, 28 Jan 2008, der.hans wrote: Am 28. Jan, 2008 schwätzte R P Herrold so: I do almost everything via my credit union's web interface. I'd rather have support for GNUCash to kick off the transaction electronically. To each his/her own :). ouch -- web UI's are usually not 'touch-type' friendly Actually I was in N Scottsdale when I wrote that, but yes, Were your ears ringing? I mentioned several times this weekend having someone sit in and correct my whole presentation as I was giving it :). ;) yeah -- the band at the Pinnacle Peak Patio was crankin' out both Western AND Country music Sat night. - R --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OT: accounting via spreadsheet
On Mon, 28 Jan 2008, [EMAIL PROTECTED] wrote: Once upon a time I had the job of integrating QuickBooks data with our online order processing system (PHP/MySQL application). We set up scripts to periodically dump relevant QB data, parse it, and import it snip anymore. Just thought that might at least give you a new set of terms to Google for. thanks!! -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: plug] Re: Semi-OT: Referral for Linux-friendly accountant
On Sun, 27 Jan 2008, der.hans wrote: Am 22. Jan, 2008 schwätzte R P Herrold so: I need that laser check printing capability, and want two way import /export, though ;) Were it supported and in GNUCash would FreeCheck do what you need? http://www.sandeen.net/freecheck/ Looks like it hasn't changed in 5 years. Yes - - I held this and one other project in mind when I was writing [my mention of LaTeX miniboxes to handle font alignment, was because my testing with one - I fergit which, had 'ragged' spacing on the MICR line, which I know from experience causes bank rejects and special handling fees ;( ] I have offered bounties in the past; this thread from #centos at irc.freenode.net months ago; I affirm and renew it here. We need to concentrate the bounties and requests for service such that someone sees the business opportunity in supporting Free Software and open data formats. I need an accountant who'll work with Free Software. It sounds like Vaughn does as well. You're $elsewhere, but still need the Free Software aspect even if you don't need an accountant in the Phoenix area. Actually I was in N Scottsdale when I wrote that, but yes, when one needs an accountant, one needs one admitted in the $STATE the services are needed. State by state, and political subdivision variances are to overwhelming, to pay for an account to be good at all of them. Familiarity with local practice and requirements makes sense in selecting any professional services provider. I don't need to import data from a proprietary format, but it would be awesome if we could move people from QuickBooks to some Free Software program. 'Chicken and egg' problem to some degree in assembling the 'critical mass' for any accounting firm to make the jump is providing competency in the market of servicing true FOSS accounting packages -- By articulating desire for an import / export interchange solution, my thought was that the accountant would not need to leave their comfortable fog of a familiar format. A son in law is on the home stretch of a Masters of Accounting program, and set to work for one of the 'Big Four'. He reports that part of his coursework last semester included getting good with a SQL-Server explorer / wizard which had pre-programmed routines to spot common accounting fraud tricks (gaps in PO or Check Number series; gaps in transaction dates; suspicious payee similarities; and so forth) but practically focussing on where the real world usage is. I assume that the corner accountant has similar tools to take the QB accountant interchange reports, and to 'cook' tax filings and so forth out of them. -- Russ Herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Semi-OT: Referral for Linux-friendly accountant
On Tue, 22 Jan 2008, Vaughn Treude wrote: Randy Melder wrote: Why stop at GNU Cash? You could always hand-write your ledgers, invoices, PLs, and Balance Sheets. Then you're truly liberated. I mean, why give them more money? They've stolen from you at least $250 over the last 10 years. Those evil-doers. How can anyone run a business with thieves like that? chuckle -- I *still* run an 'ancient' Windows 95 box, which has moved through multiple chassis and hard drives (using rsync to move the entire system image from a failing drive to the next one [three such moves so far], and 'grub' to select booting into the W95 image rather than the Linux (CentOS) installation), __just__ for QuickBooks, and the laser check MICR printing print filter program I have used. As I have accounting data going continuously back to 1992 from when I formerly used an earlier TUI Quicken, I am not eager to move from something that does not match those abilities. But it's not the money, it's the ownership of data issue. I would willingly pay twice as much [$1000 was quoted] for a program that would extract the data from QB and put them into an open format than to get the QB update. Writing such an extractor is clearly doable (and as we shall see in a moment with the emergence of a SDK, and a willingness to move to later versions), probably not _that_ hard to do. I need that laser check printing capability, and want two way import /export, though ;) I have offered bounties in the past; this thread from #centos at irc.freenode.net months ago; I affirm and renew it here. 15:13 orc_orc LoF^[Lawbringer]: not at all -- I don't use Windows at all and in the main have not since 1995, except for a lone Win95 box printing MICR checks in QuickBooks on an isolated subnet 15:14 * Evolution shows orc_orc the wonders of gnu-cash 15:14 Zathrus Evolution: quickbooks != quicken 15:14 orc_orc Evolution: will it catch Windows printer driver calls and do HP LJ 6 font substitutions to print MICR ink checks directly? [the thought being to set QB up inside Wine] 15:15 Evolution orc_orc: probably not. 15:15 orc_orc if so, and if it can read the backfiles in QB, I am so gone 15:15 @hughesjr orc_orc: it will if you take the source code and write something to do that :P 15:15 orc_orc hughesjr: I will do so in my copious spare time ;) 15:17 orc_orc I hereby offer a standing bounty of $400 for addition of those two features to gnucash, with conformance tests being acceptance of checks by my bank's clearance engine without reject; and import, use, export and availability of my QB company data [Intuit formerly published a 'qif' -- quickbooks interchange format for (hopefully) lossless imports and exports; but to my understanding has moved to a SDK, in an 'Intuit Developers Network': http://developer.intuit.com/ -- I suspect my version is 'too early' per the supported version chart at: http://developer.intuit.com/QuickBooksSDK/Briefing/?id=110] 15:23 orc_orc Evolution: yes -- and a filter can solve that, Zathrus: there is a prefectly fine MICR font for latex, and with [LaTeX] miniboxes, one can control positioning just fine -- trick is to add a filter/interpreter and I have not done it or tasked a PFY -- thus the bounty offer === I was thinking then of the bounties which appear from time to time in the 'wine' project and Code Weavers CrossOver space: http://www.codeweavers.com/ The QuickBook series is largely supported; the laser print queue interceptor I use is _very_ Windows printer queue internals specific, and not listed http://www.codeweavers.com/compatibility/browse/name/?letter=q; I have no problem 'paying' for open source development; This question about a 'business ready' replacement or companion to QB has come up a couple times on this list; the 'downside risk' need to be able to 'export from QB' the accountant review copies {and the less difficult laser check printing MICR issue} are my stoppoints. Perhaps this list can get a large enough mass of 'bounties' together? http://www.gnucash.org/ is dead atm for me, although the domain is not expired, so I cannot cruise and see of there is a wider community of bounties may already be already present there. -- Russ herrold --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Presentations in Linux (live whiteboarding)
On Thu, 6 Sep 2007, Ted Gould wrote: [1] http://xournal.sourceforge.net/ a lovely find ... packaged up into SRPM for for CentOS 4 and 5 (and should work on the Fedora crowd's boxes too) at: ftp://ftp.owlriver.com/pub/local/ORC/xournal/ Thanks, Ted. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss