13 March 2003

Question & Answer Sessions

1. UltraDMA/100 on a Dell PowerEdge 600SC under Linux ... how?

Take a look at hdparm for how to set the IDE controller parameter. (And make sure you have the right cable.)

2. Dummynet/AltQ or NISTnet?

Stick with the DummyNet stuff for now.

3. 1k mail = 50MB sendmail process?!?

Bad MIME header? Bad resolver? Try to capture one of the messages and pick it appart. Try forcing the process to dump core and check the callback stack. Or start a systrace on the running process.

4. MLM with good search ability?

Sympa is fairly good at this.

5. WWW proxy auth via NT domain login?

Buy a NetApp - it does it and it's transparent to IE.

6. winbind experience?

Vendorland seems to want to talk to NT active directories. "I want to be a client to my active directory; it's the best thing since sliced spam." None of us are really sure why, however.

7. Caching DNS on Windoze - is there one?

bind is available for Windows, I'm told. Run bind.

8. Good digital photo tools that are not Adobe Photoshop.

Gimp. Other than that, there's a reason Photoshop costs so much. Look for an older version of Photoshop that someone no longer needs, perhaps?

9. Anyone want to buy a Motorcycle with a GPS mount?

No. But if you change your mind, see Troy. (Post it on eBay.)

10. Got any SOHO-router-with-56k-dial-up-capability recommendations?

SMC Barricade, but that didn't work. Look for a Dragon (sold by Linksys a while back). Or Apple's Airport.

11. Kokia IP30 comments?


11. CommanderX webserver experience?

It's any RJ45 plug that's a web server. It's an RJ45 on one side and serial port on the other. It's tiny. It's cool.

11. Why does MJO have so many 11's?

This one goes to 11.

11-1/2. Comments regarding Checkpoint DMZ or any firewall along VLAN?

Checkpoint and Nokia support VLAN.

11-3/4. Jobs?

Post 'em if you're buying, let us know if your selling.

11-7/8. Why is there no number 12?

You are Number 6.


MJO talks about the recent sendmail hole

Full Disclosure: You find a hole, announce it on Bugtrack, then update your resume and call yourself a security analyst. The Office of Homeland Security is playing up how they coordinated the whole project when, in reality, they did virtually nothing. "They had a rousing success in sticking their heads in the sand and not saying anything." On The Subject Of Anti-SPAM Messures
There aren't any DNS blacklists that are any good. There's no money for the maintenance, so they tend to be ineffective. (Or worse, they can be falsely positive.) Bayesian Filtering
Visit for a nice tool.

Rumor & Innuendo (No names, please)

Expect more security advisories soon.

[ Return to the SEMiSLUG minutes page ]