SEMiSLUG Notes
14 November 2002
Question & Answer Sessions
- PC diagnostics that can be run on machine with no OS (e.g. from a
floppy)?
- memtst86.exe is a good one. Best bet may be check Google for "pc
diagnostic software."
There's a guy in Europe with a one or two disk set that's good.
- Reasonable way to read 5.25" disks?
- With a 5.25" drive. Pick one up used somewhere.
- Recommendations for misbehaving HP ProCurve 5300 switches?
- If you call HP and complain -- they'll have another one to you
quickly.
- Why does he care?
- Because he didn't know they're so good about sending a replacement
out.
- Anybody have a parallel port loopback dongle and software to test a
parallel port.
- The wiring diagrams are available on the net, but finding the
software is not working out. Try to use Laplink on it; if that
fails, the port is a problem.
- Why does Linux suck?
- Because it's Linux and you should run run FreeBSD. Most of your
problem is that you're running RedHat. Try SuSE. Or Debian.
(Or even Slackware.)
But FreeBSD is the most recommended solution.
- Why does Becki think Linux sucks?
- It's giving her too much grief.
- Why does Larry think that Becki thinks Linux sucks?
- He can just tell these things.
- Why does IPsec suck?
- The standard sucks.
- Any suggestions for 802.11 site survey without spending more than $10,000?
- Offer $100 to anyone who can break in. Announce it on an
IRC "hacker wannabe" channel.
- Troy isn't here, but ... does anyone want to live with him?
- Nope.
- Troy still isn't here, but ... does anyone want to hire him?
- Not at the moment.
- Ed's looking for a new job ... does anyone want to hire him?
- If so, let him know. Drew is looking, too. And Neal.
- Does anyone have any requests for AA city council now that we have a
tenuous "in" there?
- Timing the lights so that you can drive down Main Street without
stopping every block.
- Is Comcast's offer of high-speed Internet connection genuine?
- Depends on what you consider "high speed".
- Oh! Uh ... Mitch Kapor is supposedly funding an open source PIM. Anyone
heard anything about it?
- 'Chandler' -- http://blogs.osafoundation.org/mitch/
discussion at http://iu.berkeley.edu/rdhyee/discuss/msgReader$644
implementation tools: Python+ZODB+wxPython+Jabber+RDF
- For anyone who telecommutes, how do you proove to your boss that you're
actually doing somthine?
- Communication is the key. Talk alot, point to the trouble tickets
you've closed, keep your name in front of people.
- How do you throttle spiders with Apache? What modules are recommended?
- Set up iptables (or ipfw) to restrict bandwidth to offending networks.
Take a look at the shaper module for Linux.
- Got a Nomadix clone?
- Hmmm ... dunno. 'nocat' might be usable. And Waveport is a possible
competitor.
-
Presentation
Ed Vielmetti -- What I Didn't Do at NANOG
"I wasn't well, so I didn't go."
- - - - - - - - - - - -
Becki Kain -- What I Thought of SANS
Forensics and Honeypot sessions
SANS is cool in that they use all open source software. A lot of people
don't have tens of thousands of dollars to by proprietary tools, so this
is good.
Forensics: Most important thing is a floppy with a command interpreter
and a few dependable tools. A write-protected floppy.
[picobsd is a terrific platform for this. -- MRW]
You have to be careful what you change ... rebooting, pulling the
network cable, or just letting it run can change the evidence. Give
a lot of thought to what you're going to do and how it will affect
the evidence.
Make sure your target media, when copying to that media.
'ethereal' rocks ... get it, learn it.
[Will get many of these nifty tools from Becki later.]
Becki will talk about the honeypot class some other time.
- - - - - - - - - - - -
Chad Childers -- Other SANS stuff
Rats ... I forgot to type during this.
Concerned about draconian "homeland" legislation? Call you Congress Critter.
Congress switchboard: 800-839-5276
SANS is looking for people to write short HOWTO guides. (For pay.)
Go to www.sans.org and look around.
Rumor & Innuendo (No names, please)
Nothing of note.