SEMiSLUG Notes
9 October 2003
Question & Answer Sessions
- Bind 9 logging: what would you like it to do?
- Create subsets of logging in the config file with comments about
what to expect for each section that uncommented.
It's hard to come up with a good config that you can explain to
a newbie sysadmin over the phone. And there are so many types
of servers with various things that are significant to each.
- How do you hijack a static IP?
- Mike wants a static IP on one of his servers that can be handed
off to a dial-up or VPN user. It's got to be easy for the
end user. No one is sure of the way to go about this.
- OpenAFS: server on freebsd, client on windows. Got any
experience/pointers?
- Well ... no. SCS, who asked the question, may be the first kid
on the block to play with this.
- Why is MJO filtching all of the snacks?
- There were there.
- Secure account access over the net that won't violate consumer/bank
Federal regulatary hoo-hah?
- We have no idea. (Unless they want to purchase special hardware.)
Name, SSN, and account number have to come across reliably; this
is hard to verify.
"There's no solution for clueless customer."
Check out FASFA and how they've set things up.
But, as mentioned above, we don't really know.
- Neo-terrace, remote access VPN sort of stuff; got any recommendations?
- Goals: to allow remote access to a corporation from a wide range
of clue levels. (This sounds mostly hopeless.) A few thousand
users. They'll want to do e-mail and web. Neo-Terrace may be
the only choice, if you don't want to install things on the
client's machine.
"Netscreen is worth looking into." And Netscreen announced
they're buying Neo-terrace. "It doesn't suck."
But nobody has any new pointers to offer.
- DVD internal PC writers and software recommendations?
- Write to John Ridley. Ask him what's good this week.
- Where are we meeting next month?
- Let's call Zingerman's Upstairs our fall-back position.
Someone needs to talk to them about it.
- Is FedEx more secure than the Internet?
- There's a suggestion to use FedEx to distribute security
updates. There's accountabilty (address delivered to,
signature, etc.) that isn't there with Internet delivery.
In some ways, this is straight out of "Brazil."
- Ethereal -- can you use it to throttle bandwidth?
- It's much easier to setup a little firewall box. FreeBSD and
dummynet and Bob's your uncle.
- Who wants to buy harddrives?
- See SCS about splitting up a lot of 9GB SCA refurb drives.
It's good quality stuff; Steve's been dealing with the
folks selling the drives for about 15 years.
- FreeS/WAN on Linux -- does it work?
- That's what I've heard.
- Jobs?
- Steve King's firmware job is still open, as far as I know.
-
Presentation
Alas, Steve King has a major presentation tomorrow and is not able to
be here this month. We'll try again in a month or two.
Rumor & Innuendo (No names, please)
MJO says:
58E695D9ED3C41A1FA771A325212F599A293BC07AE1BBD79F8FE06C60D630EEA
A56C654AE597D5B84C5D1F484D77F951079A480D0F5269EB9B6A70840BB0BE0F
F8B2ED5DB268697BDA4161ED0C1498452D5F51CE9EC1AC1758E3091EEDF135DA
983C11FA4AED03183D28D0F6426A44C7635E475D13ABE68864281D0F50D63713
E03BD5169A04939758E33D78158CD299F838BABADD69546E4DEF44584DA7E7C2
3DB86FAFA7F64A35553AE2275EF21082CF67CF4045C77F86215611FFB09D4C9A
FF6E4067252529194BA2ADA9948008A3AC3567BD460B68B54E3CFC1149AFFC66
378D9A620F294465054E7A7F18919227669D11E2C2E08AA7FF66
We appologize for being unable to provide the decryption key for this
rumor.