Slashdot Mirror

But the point the person warning made is valid. I would add: do you want to go through the hassle of having your gear siezed for a week+ (if you're lucky it'll be that short) while the local PD check it for whatever? No thanks.

I used to run an open AP (freenet.artoo.net) and friends would often park in front my house and use it (since that's mostly who knew about it)... it was kinda funny to see someone pop in front to check their email real fast (actually, they were independant consultants and linux geeks that I knew). At least I made people register a username and password so I could keep track of them and their MAC address. I had things pretty locked down and forced them through a proxy (with logs of websites). I had a proxy that filtered stuff as well (squidguard) so noone was surfing "questionable stuff" through my ADSL.

It was pretty cool, but still not work the risk of getting all my computer gear seized.

Fedora Core 1 forum posting with people who have already done it. It seems pretty easy from the looks of it. I'm going to do it just as soon as I get some free time...

And for the love of god, please read the whole thread. Don't ever install a kernel with rpm -Uvh. Leave yourself a backup (rpm -ivh).

I have Fedora boxen unpatched simply because the patch system is fsck'd.

• http://www.muug.mb.ca/fedora-updates.html
• http://www.fedora.us/wiki/FedoraMirrorList
• http://fedora.artoo.net/faq/#FedoraYumRepos

I like many people here, felt that Redhat made a giant PR mistake (for the opensource commmunity which got Redhat where they are today) when it turned redhat into fedora. The perception was, "Redhat needs to make money, so we're only supporting the enterprise versions. You'll need to pay for our software. You'll need to pay for binary patches, and you'll need to pay for support. No more free lunch. See ya' later."

Okay, so... I got over that (sort of...) and tried a whole bunch of different distributions, including Fedora core 1.

What I found was that I really like the fedora model, and can see that with just a little more momentum, it could become something far better that the original free redhat releases ever were.

If you are like I was, and have sworn off redhat for hacking/non-work purposes for whatever ideological reasons, I urge you to read the unofficial Fedora FAQ and actually give it a try.

I have been quite impressed with Fedora and with yum for updates. Make sure to get a new yum.conf file from the unofficial faq site before you try to update your system -- redhat's patch sites are almost always flooded. Then try adding in some of the development channels and do "yum install $package1 $package2 $package3".Add yum to run from cron/as a daemon to update your system.

I just wish now that *someone* would release a version of fedora core that includes support for mp3 and various popular video formats so that it would make a usable desktop for most people out of the box. What's to stop someone from releasing ISOs of feature-overloaded-fedora that would include most of the stuff that the repositories are currently building to "fix" fedora?

But back on the topic -- Before you swear off Fedora, give it a try with an open mind.

Regarding the hijacking of the session, just do what NoCatAuth does: spawn an ssl'd pop-up that has a 5-minute refresh rate. Worst case, the hijacker gets 3-4 minutes of surfing, and then are forced to re-authenticate.

NoCatAuth is what I use at home. Even if you spoof my MAC, you still have to auth as me before you can go anywhere.

I'm with you. Recently, as a complete 'nix beginner, I downloaded Fedora and set it up on an FX5600 with 4496 drivers.

They broke Enemy Territory and some other OGL apps, but 15 minutes, google and the Unofficial Fedora FAQ got things working perfectly.

Now I've got sideband addressing and fast writes working too, performance is a more than a match for Windows. I get no lockups at all and I don't consider 15 minutes of my time too much to ask.

I'm just wondering if most of these people with stability problems have looked into all the FAQs and message boards, like this one linked from nVidia's own driver page.

I had lots of problems getting NVidia to work with FC1. Things would kind of work, but other things wouldn't. Getting TuxRacer to work is a good litmus test.

Then I found this page of unofficial FC1 FAQ. Yay...!!

Here's what to do - it worked for me:

Use these instructions if there are no RPMs available, or if the available RPMs don't work for you.

Make sure you have the lastest drivers.

Now print this out, or write it down. Then:

1. You must have kernel-source installed for this to work. Check the "Add/Remove Applications" tool in System Settings on the red-hat menu.
2. Shut down X (as root, do telinit 3 in a terminal).
3. Log in as root and go to the directory where you downloaded the nVidia drivers.
4. Type CC="gcc32" sh NVIDIA-Linux-x86-1.0-4496-pkg2.run --add-this-kernel.
5. There will be some whirring and wailing, and then do CC="gcc32" sh NVIDIA-Linux-x86-1.0-4496-pkg2-custom.run That will do a correct install of your nVidia drivers.
6. Follow nVidia's instructions to set up the driver. (Read the "EDITING YOUR XF86CONFIG FILE" section.)
7. You can now restart X by typing telinit 5.

If none of this works, do rpm -e --nodeps XFree86-Mesa-libGL and then restart your computer. The need to do this should soon be eliminated -- watch this FAQ or the fedora-list. Note that if you update XFree86, this package will be reinstalled and you will need to remove it again. This solves the "DRI" problem.

It's also worth mentioning the Unofficial Fedora FAQ for all your Fedora frustrations.

After reading this and following some of it to fix some of the problems I had (esp. NVidia binary only driver, slowish performance. DRI screensavers crashing), I was much happier.
http://fedora.artoo.net/faq/#nVidia for the NVidia fix, and just http://fedora.artoo.net/faq for the full FAQ.

It's also worth mentioning the Unofficial Fedora FAQ for all your Fedora frustrations.

After reading this and following some of it to fix some of the problems I had (esp. NVidia binary only driver, slowish performance. DRI screensavers crashing), I was much happier.
http://fedora.artoo.net/faq/#nVidia for the NVidia fix, and just http://fedora.artoo.net/faq for the full FAQ.

Weird, another craptastic "review" from Eugenia. A quick look around the intarweb and she would have found this little gem. It answers several of her gripes, including the Flash and Rhythmbox problems she ran into. She's also using apt when yum is set up out of the box and works pretty well. If she had stuck to yum there would have been far fewer problems with her install.

It is classic Eugenia fare. I really wish the slashdot editors would stop posting her damnable reviews whenever they're submitted. Her reviews consist equally of false information and cheerleading for her geek underdog of the hour. Some weeks it is Windows, others it is some unknown and unused Linux distro, and most of the time there's a quip added about Be.

Please post informed reviews rather than overhyped trolling.

Replying to myself... Linux.Ars did a short intro to Fedora here, though it is not a full review.

If you need help installing it, checkout the #fedora unofficial FAQ, it answers 90% of people's questions, and if you're new to Linux, we have thread at Ars that should help you along.

If you want to know how Fedora is, you should probably ask people that use it, it's unfortunate that such a good release is mired with the typical anti-Red Hat sentiment. What's next? "OMFG Red Hat is sleeping with my wife!"

BTW: We the FAQ contains info for nVidia and RhythmBox.

You'd think the guy would at least try RedHat's suggested support mechanism: irc://irc.freenode.net#fedora where we link to this unofficial FAQ and will help users solve these problems.

Folks there have been solving these questions as they pop up. Sometimes there is no fix, sometimes it turns out to be something stupid in FC1 that shouldn't be that way, but it is a .0 release, and there often are work-arounds or fixes.

BTW: We the FAQ contains info for nVidia and RhythmBox.

You'd think the guy would at least try RedHat's suggested support mechanism: irc://irc.freenode.net#fedora where we link to this unofficial FAQ and will help users solve these problems.

Folks there have been solving these questions as they pop up. Sometimes there is no fix, sometimes it turns out to be something stupid in FC1 that shouldn't be that way, but it is a .0 release, and there often are work-arounds or fixes.

Those from the #fedora IRC channel on irc.freenode.net have started an unofficial FAQ.

I highly suggest browsing through the various issues others have had, before you decide to upgrade from RH or try a fresh install.

fedora.artoo.net.

wget -c http://download.fedora.redhat.com/pub/fedora/linux /core/1/i386/iso/MD5SUM

[jroysdon@r2 yarrow-binary-i386-iso]$ cat MD5SUM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

76ef22495d186580e47efd8d7a65fe6b yarrow-i386-disc1.iso
fd23fe32fafe7557f5d1fa1d311 00580 yarrow-i386-disc2.iso
6a26b34069639d0c31465d4079a 8e1b2 yarrow-i386-disc3.iso
98d272db5f44cb724a35330bd87 b86a2 yarrow-SRPMS-disc1.iso
e52d51072ef140472fa8401535 f788db yarrow-SRPMS-disc2.iso
ca1a011b6b0b3956b587d9b456 01b773 yarrow-SRPMS-disc3.iso

[jroysdon@r2 yarrow-binary-i386-iso]$ md5sum *.iso
76ef22495d186580e47efd8d7a65fe6b yarrow-i386-disc1.iso
fd23fe32fafe7557f5d1fa1d311 00580 yarrow-i386-disc2.iso
6a26b34069639d0c31465d4079a 8e1b2 yarrow-i386-disc3.iso

Doh, ZIP really is your friend with these PDFs (60% compression, ~2mb vs ~6mb):

IPv4:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

IPv6:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

Doh, ZIP really is your friend with these PDFs (60% compression, ~2mb vs ~6mb):

IPv4:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

IPv6:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

Doh, ZIP really is your friend with these PDFs (60% compression, ~2mb vs ~6mb):

IPv4:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

IPv6:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

Doh, ZIP really is your friend with these PDFs (60% compression, ~2mb vs ~6mb):

IPv4:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

IPv6:
diversityanalysis.zip
doj-attorney-diversity-unredacted.zip

I suggest downloading each file completely, and then viewing locally (vs viewing with a plug-in, downloading one page at a time in your browser). Trying to pull down a page at a time as you scroll isn't efficient with PDFs unless you're local (10mbit+):

IPv4:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

IPv6:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

I suggest downloading each file completely, and then viewing locally (vs viewing with a plug-in, downloading one page at a time in your browser). Trying to pull down a page at a time as you scroll isn't efficient with PDFs unless you're local (10mbit+):

IPv4:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

IPv6:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

I suggest downloading each file completely, and then viewing locally (vs viewing with a plug-in, downloading one page at a time in your browser). Trying to pull down a page at a time as you scroll isn't efficient with PDFs unless you're local (10mbit+):

IPv4:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

IPv6:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

I suggest downloading each file completely, and then viewing locally (vs viewing with a plug-in, downloading one page at a time in your browser). Trying to pull down a page at a time as you scroll isn't efficient with PDFs unless you're local (10mbit+):

IPv4:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

IPv6:
diversityanalysis.pdf
doj-attorney-diversity-unredacted.pdf

eth0:2 Link encap:Ethernet HWaddr 00:10:4B:21:48:CF
inet addr:64.94.110.11 Bcast:255.255.255.255 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xde00

<VirtualHost 63.172.195.4>
DocumentRoot /var/www/html/wildcard
ServerName wildcard.artoo.net
ServerAlias *.net
ServerAlias *.com
CustomLog logs/access_log.wildcard combined
</VirtualHost>

We've set a /32 route to one of our webservers and have a *.net and *.com alias for http://wildcard.artoo.net. At least this way customers know WTF is going on and can complain to Congress/ICANN, or just go try Google, but mainly VeriSign gets no traffic.

IPv6 Mirror

I moved 3 years ago and had the druggie who moved in after me at my former address open a credit card with my bank in my name (not too hard, I was born, married, and bought a house in this state). I didn't find out until 6 months later, since they'd never gotten payment (it was opened with the old address and for whatever reason no bills were ever forwarded to me). I got a call at work, from the bank, wondering why I wasn't paying on my credit card. "What credit card, I only have an ATM/Debit card with you?" Found it he'd opened it 2 weeks after I moved, don't know how he got all the info. He tested it for a fill-up at the gas station right down the street, then went to SF and filled up one more time, then bought a $1000 digital camera, and never used the card again.

I took the rest of the day off to get things taken care of (file a police report, call all the places I had major accounts with, write them letters, etc.). Basically nothing came of it, it was marked fraud and removed from my credit report (but would have caused me problems if I'd not known about it and had been trying to buy a car or a house, fortunately I'd already bought both).

Since then I've had another credit card used fraudulently. It's a card I use exclusively for online purchases, nothing else. I was happening to check the balance and saw 3 charges the day before, two in England and one in France - two were expensive travel cruises and one was for a couple hundred dollars worth of sports gear from an online store (all of it booked online). I called my credit card company and told them I had no clue what the purchases were. They put a freeze on the account and none of the transactions went through (even though I'd not have been liable anyway), but that was just dumb luck.

What I really like about that credit card company (MBNA) is that they new offer a feature called "Shop Safe." It allows you to set a maximum amount for a purchase and an expiration date, and then generates a temporary credit card number. I love this idea and I cannot understand why more companies don't do it.

I really think credit card companies should allow you to specify that you won't allow the card to be used for online purchases. I've got 3 cards with photos on them, and that's how I'd have those set: no purchases that are not in person (ban both online and phone purchases). For those purchases I'll generate a random number thru MBNA with a cap set.

Even that wouldn't stop the places that don't have humans handling the cards (gas pumps, self-checkouts at Home Depot, etc.,) and even places with humans aren't helpful (restraunts never ask for ID even with it written on the signature strip, and some places with the VISA/ATM stand out for the customer to swipe it themselves).

My brother was recently doing credit checks and compiled the following info for those that wish to (if you're denied a job or credit, you're elibable to free report):
credit report info.

Further, if Linksys, etc. came out with IPv6 aware devices, and at first the were acting as NAT/proxy to IPv4 and at the same time tunneling routers for IPv6, and eventually just IPv6 on both sides with NAT/proxy for old IPv4 hosts to get to IPv6. It's only a matter of time, especially with Cisco buying Linksys.

Plus, the beauty of IPv6 is that so long as your tunnel broker remains the same, your IPv6 site address should as well, and your if you're using EUI-64 you're PCs will remain the same (using the auto-assigned IPv6 address from their MAC address), so things like DynDNS (or maintain your own DNS) could get you to all your PCs at home without a VPN tunnel. Eventually when things flip-flop and there is more IPv6 traffic and all the ISPs go IPv6 native, you wouldn't need the tunnel broker and for sure you're home net would just stay the same.

I've yet to mess with IPv6 IPSEC, but naturally you could encrypt as well (or just SSH as I do).

I'm mainly jazzed as I just got my /48 up and working with Sprintv6.net and BGP4+ today (still not native, but tunneling through only 2 Sprint IPv4 routers to get to the 6Bone cuts latenacy from 200-300ms back down to nearly normal).

I plan to start mirroring more and more content and providing it only via IPv6 ;-)

ftp://r2.ipv6.artoo.net/pub/

Only just today I posted this article about how not to get spam for users of my servers. When 97% of all spam emails within a 6 month period come from website-harvested addresses, it's pretty clear that posting your email address on a website is just plain stupid. Use a form to allow users to contact you, but never allow them to be able to get your address.

IPv6 mirror

Here's my IPv6 RedHat 9 mirror:

ftp://r2.ipv6.artoo.net/pub/redhat/linux/9/

I've been downloading the 3 ISOs from official RedHat mirrors, but until I can get the MD5SUM straight from RedHat's ftp site, I always leave them under "unofficial." Of course, anytime you download from a mirror site, you should grab the MD5SUM from the master site and compare against it.

I wish RedHat had a MD5-only ftp site folks can get ISOs from abroad but check them.

ftp://r2.ipv6.artoo.net/pub/animatrix/

In an effort to try and get more and more geeks using IPv6, I think I'll be mirroring content like this:

ftp://r2.ipv6.artoo.net/pub/soulpix/

Both DivX and QT formats have been mirrored.

If you don't have native IPv6 access (hmm, who does?) you can get tunneling access for free from he.net and a number of other tunnel brokers.

There are at least a dozen different places a totally anonymous person can get free internet access in my town in very obvious places (that's not including hundreds I've located via wardriving). The easiest and fastest are the public library and the community college library. Speaking of which, my local community college has a nice open WiFi net. Better lock it down so the communists, err terrorists, don't hack any inappropriately connected resources (why should any vital US infrastructure systems EVER be connected to the internet?).

Why should every military base have it's own internet access? Sounds like suicide letting G.I. Joe order up ADSL and let him connect it to a secure network. ALL military internet access should be required to flow out a small handful of highly fortified internet connection points. Even modems should be banned. If the government had HALF a clue it wouldn't matter how insecure the internet was. Paraphrasing here, but it goes roughly like this: Remove the plank out of your own eye before you try to remove the splinter from mine.

Having said that, I believe if you're going to run an open AP, you need to do so responsibly. You need to filter SMTP access so someone doesn't use your bandwidth and IPs to use an open SMTP relay to spam folks (and yes, of course the SMTP relay shouldn't be open, but you shouldn't give them high speed anonymous access to it either). You should be able to account for who is using your internet access, if nothing more than a MAC address and email account. Yeah, a totally open WiFi network world wide would be cool, but each WiFi operator should be aware and able to shut down abusive behavior.

For my own "open" WiFi at freenet.artoo.net I use NoCAT to authenticate all users. Yeah, it wasn't as easy as unboxing an AP and plugging it in, but it wasn't that hard to configure, and now I know exactly who is connecting within any 5 minute sliding window (it uses pushed SSL auth to verify the original sign-on is still valid, and will block and force an SSL redirect to a login page if the original SSL auth isn't kept up). So, worst case is someone could wait for another WiFi user to go idle and spoof their MAC address, and they get 5 minutes of access.

Or if you're too lazy to cable from the front of your house to a back bedroom, but have more than one node in each room. I did this for 6 months before I finally cabled things.

Now I use my WAP11s at each end of the house as APs.

freenet.artoo.net/

Someone posted very early on how to get the file without having to download it each time (faking client as Quicktime). Mirror of the files out so far (limited to 3 anonymous users until after 7pm PST):

ftp://artoo.net/pub/starwars/

Funny how this somewhat lacking story gets approved, but yet my post with some actual substance, was rejected last week.

Anyway, here's was my original post:
I was sitting around last night and came up a pipe dream of sharing my ADSL with the rest of my low-income neighbors. I'd like some practical feedback from those of you with experience with Linksys gear (or advise another economical brand, but they seem to be pretty decent as far as low-end 5 port switches and also routers).

My main concern is being able to control any sort of topology loops (STP is used in standard bridging/switching, what about wireless?). How can I control which Linksys acting as a Bridge connects to which other bridges?

Any other design concerns in my little pilot test? What about scaling this to homes beyond... how many Bridges can be connected in series before problems occur?

Details are posted at the following (currently):
http://jason.artoo.net/#home
(now under):
http://jason.artoo.net/#hacker

If a day or two goes by and I blog more, it'll always be up at:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6148163
Newest posts here:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6334347

http://jason.roysdon.net/blogger/hacker/2001_10_01 _index.html#6334590

Funny how this somewhat lacking story gets approved, but yet my post with some actual substance, was rejected last week.

Anyway, here's was my original post:
I was sitting around last night and came up a pipe dream of sharing my ADSL with the rest of my low-income neighbors. I'd like some practical feedback from those of you with experience with Linksys gear (or advise another economical brand, but they seem to be pretty decent as far as low-end 5 port switches and also routers).

My main concern is being able to control any sort of topology loops (STP is used in standard bridging/switching, what about wireless?). How can I control which Linksys acting as a Bridge connects to which other bridges?

Any other design concerns in my little pilot test? What about scaling this to homes beyond... how many Bridges can be connected in series before problems occur?

Details are posted at the following (currently):
http://jason.artoo.net/#home
(now under):
http://jason.artoo.net/#hacker

If a day or two goes by and I blog more, it'll always be up at:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6148163
Newest posts here:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6334347

http://jason.roysdon.net/blogger/hacker/2001_10_01 _index.html#6334590

Funny how this somewhat lacking story gets approved, but yet my post with some actual substance, was rejected last week.

Anyway, here's was my original post:
I was sitting around last night and came up a pipe dream of sharing my ADSL with the rest of my low-income neighbors. I'd like some practical feedback from those of you with experience with Linksys gear (or advise another economical brand, but they seem to be pretty decent as far as low-end 5 port switches and also routers).

My main concern is being able to control any sort of topology loops (STP is used in standard bridging/switching, what about wireless?). How can I control which Linksys acting as a Bridge connects to which other bridges?

Any other design concerns in my little pilot test? What about scaling this to homes beyond... how many Bridges can be connected in series before problems occur?

Details are posted at the following (currently):
http://jason.artoo.net/#home
(now under):
http://jason.artoo.net/#hacker

If a day or two goes by and I blog more, it'll always be up at:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6148163
Newest posts here:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6334347

http://jason.roysdon.net/blogger/hacker/2001_10_01 _index.html#6334590

Funny how this somewhat lacking story gets approved, but yet my post with some actual substance, was rejected last week.

Anyway, here's was my original post:
I was sitting around last night and came up a pipe dream of sharing my ADSL with the rest of my low-income neighbors. I'd like some practical feedback from those of you with experience with Linksys gear (or advise another economical brand, but they seem to be pretty decent as far as low-end 5 port switches and also routers).

My main concern is being able to control any sort of topology loops (STP is used in standard bridging/switching, what about wireless?). How can I control which Linksys acting as a Bridge connects to which other bridges?

Any other design concerns in my little pilot test? What about scaling this to homes beyond... how many Bridges can be connected in series before problems occur?

Details are posted at the following (currently):
http://jason.artoo.net/#home
(now under):
http://jason.artoo.net/#hacker

If a day or two goes by and I blog more, it'll always be up at:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6148163
Newest posts here:
http://jason.artoo.net/blogger/home/2001_10_01_ind ex.html#6334347

http://jason.roysdon.net/blogger/hacker/2001_10_01 _index.html#6334590

http://jason.artoo.net/2001-06-04/Rack_3_sm.png

I'll admit, at the moment I'm the only one I know to have gone this far, but I've got a number of co-workers that have done either the video capture thing or the mp3 output to stereo. Yes, we're "geeks," but as soon as it's put together in an easy to install and use packages, folks will buy it, if it's marketed right.