13 June 2002
Question & Answer Sessions
- Does anyone have any interesting 'fortune' databases?
- Go forth, find interesting quotes, go nuts.
- Looking for a 1Gb firewall Sun config.
- XXX want to firewall a 1Gb line to YYYY (an auto company) using
a 400Mb router. Right.
- Cisco 6000 IDS blade?
- O300 + EMC = random errors?
- Talk to MJO about it ... he can find someone with a clue.
- Looking for someone with experience using freeware rad
contollers -- know any?
- Anyone play around with any free IDS's?
- Most everyone's playing with snort.
"Honeypots with snort are fun." -- MJO
- Is there a JRE for DOS?
- Not that anyone's aware of.
"Use Tcl." -- Clif Flynt, who isn't here, but would have said this
if he had been.
- Any other questions?
- Sure ... oodles.
- Does MJO remember Gerald from SGI Chicago?
- Gerry Quinn? Sure!
- Personal liability and network security question?
- Opinions vary on who's responsible and/or liable for stupid network
tricks ordered by clueless management.
- Neal's looking.
- Need a place to live in the Ann Arbor area?
- Talk to Troy, if you're interested in a quality domicile.
- What's Paul Hooper's e-mail address?
- It's been noted, but we're not going to publish it here.
- What's firstname.lastname@example.org's e-mail address?
- Inquiries are being made . . .
- Anyone know someone who can rebuild notebook batteries?
- Troy's Sony battery needs replacing -- look for Battery Lady,
who does that sort of thing. Or Battery Plus on Packard.
- How do you programaticly extract the WAN address from inside a
- 'lynx -dump' with some perl stuff is probably your best bet.
Silly tricks with traceroute?
- Any experience with IBM VPN servers (Sig -- Linux)?
- No experiences here.
- Is Comcast blocking IPsec?
- Blocking ... dropping ... whatever.
"If you're using Comcast and you're not loosing IPsec
capability, you will soon." -- anonymous IT dude a major company
- When are they going to block IPsec in the AA area?
- Paul Haas is getting vast amount of SPAM from his secondart MX
-- any suggested tactics?
- Get your secondary MX provider to beef up their anti-spam procedures.
- What's your favorite SPAM solution?
- 17 grams of SPAM to 125 cc alcohol.
Spam Assassin, a popular procmail suite, is pretty useful.
- Did anyone try to go to one of those "how to SPAM" lunches?
- Nobody, apparently.
- Any interesting SCSI exploits?
- Possibly crashing a machine with garbage packets, but no real
break-in ideas. There are so many other TCP-based attacks, it's
hard to imagine a SANs attack.
- How about a policy HowTo?
- No one has any suggestions for good "policy templates," it seems.
- Who wants to know?
- Anyone running a honeypot on their intranet?
- Yes, but nothing interesting turns up. (Misconfigured WinBoxen,
for the most part.)
MJO's Beetle had problems the past couple weeks. Other "driver" and "bug"
annecdotes swapped. Hilarity ensued.
We called it a presentation and moved on.
Rumor & Innuendo (No names, please)
MJO has speakers. Really.
"Exploits are a lot of fun, let me tell you."
"An Ann Arbor company is threatening to sue SGI."