SEMiSLUG Notes

13 June 2002

Question & Answer Sessions

Does anyone have any interesting 'fortune' databases?

Go forth, find interesting quotes, go nuts.

Looking for a 1Gb firewall Sun config.

XXX want to firewall a 1Gb line to YYYY (an auto company) using a 400Mb router. Right.

Cisco 6000 IDS blade?

Nope.

O300 + EMC = random errors?

Talk to MJO about it ... he can find someone with a clue.

Looking for someone with experience using freeware rad contollers -- know any?

Nope.

Anyone play around with any free IDS's?

Most everyone's playing with snort.

"Honeypots with snort are fun." -- MJO

Is there a JRE for DOS?

Not that anyone's aware of.

"Use Tcl." -- Clif Flynt, who isn't here, but would have said this
    if he had been.

    Any other questions?

    Sure ... oodles.

    Does MJO remember Gerald from SGI Chicago?

    Gerry Quinn? Sure!

    Personal liability and network security question?

    Opinions vary on who's responsible and/or liable for stupid network tricks ordered by clueless management.

    Jobs?

    Neal's looking.

    Need a place to live in the Ann Arbor area?

    Talk to Troy, if you're interested in a quality domicile.

    What's Paul Hooper's e-mail address?

    It's been noted, but we're not going to publish it here.

    What's paulh@hamjudo.com's e-mail address?

    Inquiries are being made . . .

    Anyone know someone who can rebuild notebook batteries?

    Troy's Sony battery needs replacing -- look for Battery Lady, who does that sort of thing. Or Battery Plus on Packard.

    How do you programaticly extract the WAN address from inside a Linksys router?

    'lynx -dump' with some perl stuff is probably your best bet. Silly tricks with traceroute?

    Any experience with IBM VPN servers (Sig -- Linux)?

    No experiences here.

    Is Comcast blocking IPsec?

    Blocking ... dropping ... whatever.

    "If you're using Comcast and you're not loosing IPsec capability, you will soon." -- anonymous IT dude a major company

    When are they going to block IPsec in the AA area?

    Probably.

    Paul Haas is getting vast amount of SPAM from his secondart MX -- any suggested tactics?

    Get your secondary MX provider to beef up their anti-spam procedures.

    What's your favorite SPAM solution?

    17 grams of SPAM to 125 cc alcohol.

    Spam Assassin, a popular procmail suite, is pretty useful.

    Did anyone try to go to one of those "how to SPAM" lunches?

    Nobody, apparently.

    Any interesting SCSI exploits?

    Possibly crashing a machine with garbage packets, but no real break-in ideas. There are so many other TCP-based attacks, it's hard to imagine a SANs attack.

    How about a policy HowTo?

    No one has any suggestions for good "policy templates," it seems.

    Privacy?

    Who wants to know?

    Anyone running a honeypot on their intranet?

    Yes, but nothing interesting turns up. (Misconfigured WinBoxen, for the most part.)

    Presentation

    

MJO's Beetle had problems the past couple weeks.  Other "driver" and "bug"
annecdotes swapped.  Hilarity ensued.  

We called it a presentation and moved on.

    Rumor & Innuendo (No names, please)

    MJO has speakers. Really.

    "Exploits are a lot of fun, let me tell you."

    "An Ann Arbor company is threatening to sue SGI."

    [ Return to the SEMiSLUG minutes page ]