9 October 2003

Question & Answer Sessions

Bind 9 logging: what would you like it to do?

Create subsets of logging in the config file with comments about what to expect for each section that uncommented.

It's hard to come up with a good config that you can explain to a newbie sysadmin over the phone. And there are so many types of servers with various things that are significant to each.

How do you hijack a static IP?

Mike wants a static IP on one of his servers that can be handed off to a dial-up or VPN user. It's got to be easy for the end user. No one is sure of the way to go about this.

OpenAFS: server on freebsd, client on windows. Got any experience/pointers?

Well ... no. SCS, who asked the question, may be the first kid on the block to play with this.

Why is MJO filtching all of the snacks?

There were there.

Secure account access over the net that won't violate consumer/bank Federal regulatary hoo-hah?

We have no idea. (Unless they want to purchase special hardware.) Name, SSN, and account number have to come across reliably; this is hard to verify.

"There's no solution for clueless customer."

Check out FASFA and how they've set things up.

But, as mentioned above, we don't really know.

Neo-terrace, remote access VPN sort of stuff; got any recommendations?

Goals: to allow remote access to a corporation from a wide range of clue levels. (This sounds mostly hopeless.) A few thousand users. They'll want to do e-mail and web. Neo-Terrace may be the only choice, if you don't want to install things on the client's machine.

"Netscreen is worth looking into." And Netscreen announced they're buying Neo-terrace. "It doesn't suck."

But nobody has any new pointers to offer.

DVD internal PC writers and software recommendations?

Write to John Ridley. Ask him what's good this week.

Where are we meeting next month?

Let's call Zingerman's Upstairs our fall-back position. Someone needs to talk to them about it.

Is FedEx more secure than the Internet?

There's a suggestion to use FedEx to distribute security updates. There's accountabilty (address delivered to, signature, etc.) that isn't there with Internet delivery.

In some ways, this is straight out of "Brazil."

Ethereal -- can you use it to throttle bandwidth?

It's much easier to setup a little firewall box. FreeBSD and dummynet and Bob's your uncle.

Who wants to buy harddrives?

See SCS about splitting up a lot of 9GB SCA refurb drives. It's good quality stuff; Steve's been dealing with the folks selling the drives for about 15 years.

FreeS/WAN on Linux -- does it work?

That's what I've heard.


Steve King's firmware job is still open, as far as I know.


Alas, Steve King has a major presentation tomorrow and is not able to
be here this month.  We'll try again in a month or two.

Rumor & Innuendo (No names, please)

MJO says:

    58E695D9ED3C41A1FA771A325212F599A293BC07AE1BBD79F8FE06C60D630EEA A56C654AE597D5B84C5D1F484D77F951079A480D0F5269EB9B6A70840BB0BE0F F8B2ED5DB268697BDA4161ED0C1498452D5F51CE9EC1AC1758E3091EEDF135DA 983C11FA4AED03183D28D0F6426A44C7635E475D13ABE68864281D0F50D63713 E03BD5169A04939758E33D78158CD299F838BABADD69546E4DEF44584DA7E7C2 3DB86FAFA7F64A35553AE2275EF21082CF67CF4045C77F86215611FFB09D4C9A FF6E4067252529194BA2ADA9948008A3AC3567BD460B68B54E3CFC1149AFFC66 378D9A620F294465054E7A7F18919227669D11E2C2E08AA7FF66

We appologize for being unable to provide the decryption key for this rumor.

[ Return to the SEMiSLUG minutes page ]