SEMiSLUG Notes
12 November 1998
Question & Answer Sessions
- Web-based DNS management tools? Preferably free?
- There's a few perl things, but they're not scalable. (Not good
for ISP use.) Steve Yorick may have something, or write in-house.
Troy may have seen something, but he can't recall the name.
It would be nice if it was bulletproof enough for clients to
edit. If you know of anything, contact Ivars (ivars@ic.net).
- NT versus unix as a platform for running a firewall?
- NT isn't really up to the challenge. It'll take twice the
horsepower to do what a unix box will do. Also, you can't strip an
NT box down enough to have a safe system, versus running a unix box
with a minimum of services.
NT will crash more often than a unix box.
NT is easy to set up, but it's ease of use is bought at the expense
of reliability and robostness.
- CORBA: is it a 300-ton solution in search of a problem? What good is it,
really?
- It is, at least, a concensus standard. There's little experience
among those sitting in the room. It's worth looking at further,
if you're interested in that sort of thing.
- What sort of interconnectivity are web sites with multiple servers
using? Do they share a DB or have separate DB's, what physical
connection, etc.?
- Heavy processors (e.g. SGI Origin 2000's, Sequent's ) for the really
heavy traffic sites. 100 megabit switch connecting the boxes.
- netstat equivalent for WinNT?
- There _should_ be a netstat.exe on the box. MKS toolkit may have
something. Check the SDK's on http://www.microsoft.com/ for
a better version.
- Kick-ass server case needed. Got sources? (It's for a RAID box.)
How about really nice desktop cases?
- See what http://www.pricewatch.com and see what sort of cases
they're tracking.
- Diamond(?) has a wireless connectivity kit (LanStar?); has anyone heard
anything about it? Is there non-DOS support for it?
- Someone said it works great if you have high visibility and under
100 ft. Could be fun to play with. Steve Yorick has played with
a few similar widgets and likes the BreezeComm offering.
Troy will post more as he learns more.
- Reconciling firewalls and dial-in use; how common is it to put the
dial-in outside the firewall?
- No one here has set up a system like this. Callback modems are a
possibility, but not always practical (e.g. travelling staff at a
hotel). Use a challenge-response system instead. Think about
using OPIE.
- Any good tools for RADIUS accounting? Something under $10,000?
- Pay the money for a good commercial package. Or try the one
Ivars is using.
-
Presentation
SANS '98 -- Scott Vowels talks about this year's conference.
Intrusion Detection was the hot topic this year.
Attendees were less friendly than you'd expect at a computer conference.
Almost like they were suspicious of everyone that talked to them.
Some of the presentations tended to be a little over the heads of the
people attending them, but much of it was interesting.
Lots of statistics being quoted, but no one wants to talk able where
they're getting their statistics from.
Common complaint: it's hard to get management to take this seriously
until there's a significant intrusion.
[I'm half asleep and couldn't concentrate, thus the skimpy notes.
Look for more info at http://sans.org -- Gabe]
Discussion followed on personal experiences with intrusions. Session
highjacking is an interesting attack that's hard to defend against
(strong encryption is about it). ssh is your friend. Strong, end-to-end
encryption.
Rumor & Innuendo (No names, please)
Microsoft Networking: who's computer do you want to visit today?
Uwin is an interesting offering for "unix on top of Windows."
NT5 will not support the Alpha, officially. But many of the developers
are using Alpha's and are required to make sure their code compiles
cleanly on the Alpha.
Arbor Brewing Co. goes to a very limited menu at 22:00.