We have been using Canit for about a year (and MIMEDefang for four years before that) and it is freaking awesome. If pointy-clicky through a web interface is enough of a GUI, that is.
It is _highly_ configurable and super flexible. You can have one stream for the whole company's inbound mail, one stream per user, or use a user's attribute in AD (accessable through LDAP) to "dynamically" map their email to a stream. Cripe, you can plumb it any which way you want.
In our case, I have our CanIT host sitting in front of five mail servers (one exchange, one groupwise, one netmail, one linux/sendmail host for application generated email and one OS/400 mail - not domino) each hosting one or more domains, or different POs in the same domain and not quite 1000 users. To say the least, we are in the middle of some consolidation. CanIT is acting as the smarthost, and has been hucking packets between systems with nary a hitch over the past year and a bit.
You can tell canit to strip training links from other systems and stuff it's own in the boilerplate or in the headers. If you want, you can have it send a daily reminder if you have messages in the trap.
Since the time we have installed it, we have been hit with a Joe Job, hammered by random word spam, you name it. Our mail servers and our users see none of it. Between greylisting RPTN (think distributed spam tagging database) and a handful of custom rules, we dispose of somewhere over 99% of spam. 3 false positives over the past 6 months or so, and they were easily released from the trap.
And the hardware? We use a recycled three year old Poweredge 350. 1GB ram 1GB CPU. The only time there is a load above 0.02 on the machine is when it is merging the RPTN data.
Sorry if I am coming across as a fanboy, but damnit, I like this package. If you don't want to manage "another server" get the appliance an just use a web browser.
ObDisclaimer: I wrote the first spin on the SuSE rpms (spec file, that is) for RP based on their Redhat spec file.
Ther are two ways you can do LPARs. If you have enough available, Physical IO resources for each LPAR, then you can assign each LPAR it's own NIC, Hard Disc controller, SCSI controller for Tape, etc.
If you don't have enough Physical IO, then you can have an instance of your favorite os (Linux, AIX or os/400) "own" all of the physical IO and serve out it's resources to the other LPARS.
_or_ you can have a mix of the two. For example, you could have one LPAR running Linux for iptables, squid, etc. with it's own NIC as a firewall, another LPAR running, say, AIX, DB2 and (shudder) websphere as an app server, and a third LPAR doing file/print etc. with it's own nic. Each partition owns it's own disks (RAID controllers, actually). Now, through the HMC, you can add a virtual nic to each partition, (which appears as a physical device to the OS inside the partition,) configure them appropriately, and you have a DMZ network, and the equivalent of a small server room in a single box.
As far as architecture goes, the power5 boxes are NUMA. The (multi-core, yay!) CPUs each have their own RAM, but will use ram belonging to other CPUs if needed. The service processor plays traffic cop and only allows a partition to access resources that have been assigned to it, as well as being the physical embodiment of all of the virtual devices.
So... in reality, the Service Processor is about the closest thing to a host OS on these machines, that is, if you are not using any VIO. It's pretty robust, and is even hot swappable on some of the higher end boxes.
That said, if it crashes, ALL of your LPARS come to a grinding halt.
Actually, LPAR on power5 is _quite_ different, if you are used to LPAR on iSeries.
The pSeries and zSeries guys have had an HMC (HSC, actually) for years. Now that IBM is trying to make it more friendly for the iSeries folks, it actually has a gui. Iv'e talked to quite a few AIX guys that really like the interface, and just as many that want their command line back.
Of course those guys are very happy to learn that a quick click on the HMC desktop, and you have a shell.
Anyways... on iSeries power5, you have no os/400 LPAR 0, The enforcement of resource allocation has been taken over by the instance of linux running on the Service Processor. If you have the hardware resources, you can have each Linux LPAR own it's own NIC, disk controller, etc. Otherwise, you can use the VIO server (Virtual IO server, it's a stripped down AIX install) or even use SuSE to provide disk and network.
But then again, you could use one of your i5/OS partitions to host VIO.
Same goodies exist now across the entire power line, iSeries, pSeries and OpenPower.
We've had our i5 for not quite a year now. 7 LPARS, 4 i5/OS, 3 SLES9, 3 out of 4 CPUs enabled and used, and it runs like a champ.
Personally, what I am waiting for is a POWER5 blade...
Fine, so we get the numbnuts who lost it to file the report and give us the report number.
"Okay, yes... we have recieved a call home from the laptop, and we know where it is!"
Great! Now when do we get it back?
"Wellll, you cant..."
and it just got worse from there. The police wouldn't retrieve the laptop, and these clowns wouldn't tell us where the machine was. But at least we knew:
- it was in fact stolen and not in the hands of the numbnuts employee - it was in fact connected to the internet, being used, right then - we couldn't get it back - someone was at least enjoying their brand new laptop...
damnnit! This shit just annoys me. I'm going home.
First, OS/400 != AIX but the price tag still hurts.
I think the GP has a few wires crossed, but from what I have seen, one of the big benefits is that you can tap into the big-arsed IO pool of the iSeries.
"how is this different..." you ask? Well, the iSeries is basically one giant transaction engine. It does not have the time to deal with pithy little issues like disk IO, so _all_ the IO tasks are delegated to IO processors. Not just stuff like "calculate parity on these blocks written to disk", but higher level tasks like "keep this file which exists at these blocks on disk in sync with the chunks in memory at this location as I ask for them" and so forth as I understand.
As you mention, the iSeries is hidiously expensive if you just want to run Linux at full tilt. But it's the right choice to collapse a bunch of other Linux boxen down on to [3] if you are already paying to use OS/400 (i5/OS these days) on part of the machine. If you want to run a db server or app server full tilt on the machine, you would do better with an OpenPower machine. If you want to do virtual machines without the Virtual IO bottleneck on those, just assign one of the RAID controllers (no separate IO processors here...) to the other partition and let 'er rip[1].
As far as an ad in disguise as a story, well, I'm interested.
Cheers! John
[1] Keep in mind that if you are doing that, you probably need an IO tower for extra disk and cards, etc. [2] [2] But then again, if you don't need that much high speed disk or partitioned hardware, maybe you are looking at the wrong platform, and VMWare is the better solution for you. [3] it costs $1,000 to activate an extra CPU on the machine, IIRC. Then set up your favorite distro, and voila, your machine is doing more useful work for you, and using otherwise unused resources, without paying for another CPU worth of OS/400. For the midrange guys that bareley knew that Linux exists, it's huge news
Would you beleive there is a certain "one world" of HR software by an IBM business partner out there whose applications are java and run on websphere, but insist that they will only run on RedHat linux on x86 or Win2K/2003?
(sigh.)
Other than our iSeries, [1] we are a Netware [2] shop. So for us, it makes sense (because of licencing, etc.) that we go to SuSE Linux as we upgrade/migrate machines. What really irritates me though, is that [6] there are still vendors out there who insist their product only runs on RedHat. Of course, that assertation becomes even more assinine when you have done the digging to find out that their product is nothing more than a set of java servlets on tomcat!
Sorry, where was I going? Right. We are moving to SuSE over the next while, and dropping our RedHat machines. Part of the reason is that there is alot more consistancy between the x86 and POWER ports than on RedHat[7]. I have a hunch that IBM will bring the major vendors around though.
Cheers! (and sorry for the rambling...) John
[1] LPAR'd [4] i5 Woohoo! [2] soon to be OES - which is nothing but SLES9 [3] running the netware services on top of it [3] = SuSE Linux Enterprise Server [4] Not to start a flamewar, but I rather like IBM's partitioning tools. [5] They feel alot better than Sun's [5] One exception is that you get the feeling some parts are not entirely "finished". There are a couple of things that are clearly stubs for future functionality. For example, I challenge anyone to post instructions on how to get the "frame management" to do something useful. [6]...Despite the fact that IBM has dropped some big bucks into Novell, and has made it clear to pretty well everyone that that is their preference... [7] I am even an RHCE, would you beleive. I am not bashing RedHat, just pointing out what we are doing based on our actual, first hand experiences with both platforms
A chronic lack of discipline is a problem I had with one particular developer.
He was always be whining "I need the root password", etc.
He always received a polite response of "what are you trying to do" which was usually replied to with silence. Ocasionally he replied with "I need access to such-and-such log file", at which point I would check or modify the perms on the log, and add him to the appropriate group.
But noooo....
That wasn't good enough. The little wanker goes and tries to start a public pissing match by dragging the internal clients, and both of our managers into it. What basically came out in the wash is that he was using my alleged lack of cooperation as an excuse for him not getting work done on his projects. (of couse the fact he was browsing news sites and other crap all day had nothing to do with it) Fortunately, since both managers knew better, and had a gaggle of otherwise productive and satisfied, if not always happy, developers, that quickly turned into a CLM for him.
Morals for the OP...: 1) If you ain't "Got Root" you don't need it. 2) Your sysadmin probably has set up all the access you need to do your job. Ask them. 3) You don't need root. 4) If there is something that you can't do, there is a reason. Situations do change however, so remeber to ASK YOUR ADMIN WHY before asking to have something changed. 5) see #3 6) Playing politics will result in considerable weeping and gnashing of teeth on your part if you are not doing your job.
Now... Behave, and get your nose back into what you are supposed to be doing!
That actually brings up a really good point. What exactly is supposed to be doing on the site?
If the O.P. is just supposed to be managing content, then web pages, images, and database content are his domain. Period. Live with it, or ask the sysadmin to set up a test/staging server that he has access to, and maybe root on, then all content changes get rsynced accross.
If he is supposed to be managing the app servers (ie: mod_perl code, or something that would require apache to get the occasion kick in the crotch) then he does need a bit more access. But that can still be done with group memberships, sudo, and a bit of work on the SA's part to write some scripts to do some of the dirty work.
My advice, would be for him to just _ask_ his SA stright out, "I need to do X part of my job, which means I need access to Y* resource. In the past I have done it like Z, but how would you like me to do it?" (Where "Y" != "a root shell".)
BTW, I AM a sysadmin. Devlopers who whine at me continually that they need root access get told to go think about what they really need, then come back. If you approach your SA with a plan for what you want to do, and how you want it done, then work _with_ him to make it happen, (it _is_ a two way steet) you will find that you will have less crap work to do "managing" a system, and he will have less crap work to do cleaning up after a developer. (less crap == happy sysadmin == better work environment)
I have half a dozen login sessions on my box at home running under screen for *months* at a time.
I can go to work, ssh to my home box, type "screen -rd" and get back to where I left off at home. The apps continue to run just fine and as they are attached to a pty, xterm resizes (or a re-attach from a different sized xterm) are not a problem. (except for btlaunchmanycurses.py Grrrrr...)
What gets really handy is when you use screen-aware apps like elinks, and you get to use "open link in new window" in a text mode browser.
Yay!
My one word of warning (more than one word actually... more like one point) is that ssh-agent forwarding within screen gets a little weird. Google for "ssh agent screen" to find a method of updating your environment that you like.
Cheers. John
Re:Okay, here's how to do it...
on
Paid To Spam
·
· Score: 1
Hey, I like that...
Once the messages get hashed the fist time they get nuked everywhere!
That in itself is probably of more value than the $1/hour that they would be paying.
It might also provide some more insight into how we can overcome the obfuscation that is added into the messages.
Hmmm... (/self goes and takes another look at the website)
John
Okay, here's how to do it...
on
Paid To Spam
·
· Score: 2, Informative
Providing you have a Linux(tm) (or something) firewall handy, and a junk windows box to run the proggie on, you can set up a few rules with iptables, bind, and sendmail to put this together as follows:
1 - install crapware on the junk machine 2 - on the fw, have iptables transparently redirect all outboud smtp traffic to the local copy of sendmail 3 - configure bind on FW to be a root, and put a wildcard MX record in to point to your FW as the MX for world+dog 4 - have sendmail configured to accept all messages from everywhere (the wildcard MX record above will aid in this) 5 - work some virtusertable magic to get sendmail to dump all messages to a local account whose mailspool dumps to dev/null 6 - ??? 7 - Profit!
Of course, we would have to include some exceptions to allow some presumed "test" or "tracker" messages through to let the company know that the program is running, and to fool them into thinking you are sending the spam out, but hey...
Slashdot Mirror
I will second canit!
We have been using Canit for about a year (and MIMEDefang for four years before that) and it is freaking awesome. If pointy-clicky through a web interface is enough of a GUI, that is.
It is _highly_ configurable and super flexible. You can have one stream for the whole company's inbound mail, one stream per user, or use a user's attribute in AD (accessable through LDAP) to "dynamically" map their email to a stream. Cripe, you can plumb it any which way you want.
In our case, I have our CanIT host sitting in front of five mail servers (one exchange, one groupwise, one netmail, one linux/sendmail host for application generated email and one OS/400 mail - not domino) each hosting one or more domains, or different POs in the same domain and not quite 1000 users. To say the least, we are in the middle of some consolidation. CanIT is acting as the smarthost, and has been hucking packets between systems with nary a hitch over the past year and a bit.
You can tell canit to strip training links from other systems and stuff it's own in the boilerplate or in the headers. If you want, you can have it send a daily reminder if you have messages in the trap.
Since the time we have installed it, we have been hit with a Joe Job, hammered by random word spam, you name it. Our mail servers and our users see none of it. Between greylisting RPTN (think distributed spam tagging database) and a handful of custom rules, we dispose of somewhere over 99% of spam. 3 false positives over the past 6 months or so, and they were easily released from the trap.
And the hardware? We use a recycled three year old Poweredge 350. 1GB ram 1GB CPU. The only time there is a load above 0.02 on the machine is when it is merging the RPTN data.
Sorry if I am coming across as a fanboy, but damnit, I like this package. If you don't want to manage "another server" get the appliance an just use a web browser.
ObDisclaimer: I wrote the first spin on the SuSE rpms (spec file, that is) for RP based on their Redhat spec file.
Cheers!
John
I mean, the praying mantis canibalizes it's mate in the process of reproduction, but I'm pretty sure nobody's saying that's a good thing in humans.
Technically, if you are Catholic, you are a cannibal. Transubstatiation is one of the central cannons of the faith.
Personally, there is a whole heap of stuff from The Book that I am scratching my head over.
John
Okay, what do they use for the VPN link?
For that matter, which company do you work for? I am terribly curious.
Very tasty food, BTW.
Thanks.
John
Well, if the design is actually made public, then it becomes entirely possible to program it into an fpga.
Grab a few more bts from the opencores website and Voila! Instant open computer,without annoying DRM chips or anything.
And, while it might not be as easy as going to RadioScrap, finding a place that will sell you an FPGA is not _that_ hard.
That is, providing that the chip design, etc, actually does become freely available. Otherwise, this whole thing is just a marketing ploy by sun.
Cheers!
John
I can vouch fo it.
Both IBM and MS consider 1 multi core CPU as a single CPU.
Thus, the Dual chip dual core machines we have are licenced for DB2 or MSSQL as dual CPU machines.
Wheeee!
Try running just "mythfrontend". It's quite capable by itself...
Unfortunately, it also has PAM authentication on by default which essentially overrides the PasswordAuthentication off parameter.
Fark!
To expand on the other reply you got:
Ther are two ways you can do LPARs. If you have enough available, Physical IO resources for each LPAR, then you can assign each LPAR it's own NIC, Hard Disc controller, SCSI controller for Tape, etc.
If you don't have enough Physical IO, then you can have an instance of your favorite os (Linux, AIX or os/400) "own" all of the physical IO and serve out it's resources to the other LPARS.
_or_ you can have a mix of the two. For example, you could have one LPAR running Linux for iptables, squid, etc. with it's own NIC as a firewall, another LPAR running, say, AIX, DB2 and (shudder) websphere as an app server, and a third LPAR doing file/print etc. with it's own nic. Each partition owns it's own disks (RAID controllers, actually). Now, through the HMC, you can add a virtual nic to each partition, (which appears as a physical device to the OS inside the partition,) configure them appropriately, and you have a DMZ network, and the equivalent of a small server room in a single box.
As far as architecture goes, the power5 boxes are NUMA. The (multi-core, yay!) CPUs each have their own RAM, but will use ram belonging to other CPUs if needed. The service processor plays traffic cop and only allows a partition to access resources that have been assigned to it, as well as being the physical embodiment of all of the virtual devices.
So... in reality, the Service Processor is about the closest thing to a host OS on these machines, that is, if you are not using any VIO. It's pretty robust, and is even hot swappable on some of the higher end boxes.
That said, if it crashes, ALL of your LPARS come to a grinding halt.
Cheers.
John
Actually, LPAR on power5 is _quite_ different, if you are used to LPAR on iSeries.
The pSeries and zSeries guys have had an HMC (HSC, actually) for years. Now that IBM is trying to make it more friendly for the iSeries folks, it actually has a gui. Iv'e talked to quite a few AIX guys that really like the interface, and just as many that want their command line back.
Of course those guys are very happy to learn that a quick click on the HMC desktop, and you have a shell.
Anyways... on iSeries power5, you have no os/400 LPAR 0, The enforcement of resource allocation has been taken over by the instance of linux running on the Service Processor. If you have the hardware resources, you can have each Linux LPAR own it's own NIC, disk controller, etc. Otherwise, you can use the VIO server (Virtual IO server, it's a stripped down AIX install) or even use SuSE to provide disk and network.
But then again, you could use one of your i5/OS partitions to host VIO.
Same goodies exist now across the entire power line, iSeries, pSeries and OpenPower.
We've had our i5 for not quite a year now. 7 LPARS, 4 i5/OS, 3 SLES9, 3 out of 4 CPUs enabled and used, and it runs like a champ.
Personally, what I am waiting for is a POWER5 blade...
Cheers!
John.
You are thinking of CARDIAC - "Cardboard Illustrated Aid to Computing"
Go here for a reconstruction in Java.
Cheers!
John
It is outright bullshit!
We had a laptop stolen and called it in.
"Oh, you need to file a police report"
Fine, so we get the numbnuts who lost it to file the report and give us the report number.
"Okay, yes... we have recieved a call home from the laptop, and we know where it is!"
Great! Now when do we get it back?
"Wellll, you cant..."
and it just got worse from there. The police wouldn't retrieve the laptop, and these clowns wouldn't tell us where the machine was. But at least we knew:
- it was in fact stolen and not in the hands of the numbnuts employee
- it was in fact connected to the internet, being used, right then
- we couldn't get it back
- someone was at least enjoying their brand new laptop...
damnnit! This shit just annoys me. I'm going home.
On a related note, (only somewhat though...)
Have you had many failed power supplies?
Or are you taking advantage of dual PSUs plugged into redundant power sources?
TIA!
John
how about this one:
Dual PPC 970
Oh come now...
It's MEC all the way!
Cheers!
No shit!
2 CPU cores per module, 6MB? L1 cache and 36MB L2 cache per core, all on one P3 sized module.
John
Question, do you have the machine LPAR'd or are you using it stand alone?
Guessing by the price, I wouldn't think you have an HMC, but I am interested nonetheless.
Thanks
John
First, OS/400 != AIX but the price tag still hurts.
I think the GP has a few wires crossed, but from what I have seen, one of the big benefits is that you can tap into the big-arsed IO pool of the iSeries.
"how is this different..." you ask? Well, the iSeries is basically one giant transaction engine. It does not have the time to deal with pithy little issues like disk IO, so _all_ the IO tasks are delegated to IO processors. Not just stuff like "calculate parity on these blocks written to disk", but higher level tasks like "keep this file which exists at these blocks on disk in sync with the chunks in memory at this location as I ask for them" and so forth as I understand.
As you mention, the iSeries is hidiously expensive if you just want to run Linux at full tilt. But it's the right choice to collapse a bunch of other Linux boxen down on to [3] if you are already paying to use OS/400 (i5/OS these days) on part of the machine. If you want to run a db server or app server full tilt on the machine, you would do better with an OpenPower machine. If you want to do virtual machines without the Virtual IO bottleneck on those, just assign one of the RAID controllers (no separate IO processors here...) to the other partition and let 'er rip[1].
As far as an ad in disguise as a story, well, I'm interested.
Cheers!
John
[1] Keep in mind that if you are doing that, you probably need an IO tower for extra disk and cards, etc. [2]
[2] But then again, if you don't need that much high speed disk or partitioned hardware, maybe you are looking at the wrong platform, and VMWare is the better solution for you.
[3] it costs $1,000 to activate an extra CPU on the machine, IIRC. Then set up your favorite distro, and voila, your machine is doing more useful work for you, and using otherwise unused resources, without paying for another CPU worth of OS/400. For the midrange guys that bareley knew that Linux exists, it's huge news
Support.
...Despite the fact that IBM has dropped some big bucks into Novell, and has made it clear to pretty well everyone that that is their preference...
Would you beleive there is a certain "one world" of HR software by an IBM business partner out there whose applications are java and run on websphere, but insist that they will only run on RedHat linux on x86 or Win2K/2003?
(sigh.)
Other than our iSeries, [1] we are a Netware [2] shop. So for us, it makes sense (because of licencing, etc.) that we go to SuSE Linux as we upgrade/migrate machines. What really irritates me though, is that [6] there are still vendors out there who insist their product only runs on RedHat. Of course, that assertation becomes even more assinine when you have done the digging to find out that their product is nothing more than a set of java servlets on tomcat!
Sorry, where was I going? Right. We are moving to SuSE over the next while, and dropping our RedHat machines. Part of the reason is that there is alot more consistancy between the x86 and POWER ports than on RedHat[7]. I have a hunch that IBM will bring the major vendors around though.
Cheers! (and sorry for the rambling...)
John
[1] LPAR'd [4] i5 Woohoo!
[2] soon to be OES - which is nothing but SLES9 [3] running the netware services on top of it
[3] = SuSE Linux Enterprise Server
[4] Not to start a flamewar, but I rather like IBM's partitioning tools. [5] They feel alot better than Sun's
[5] One exception is that you get the feeling some parts are not entirely "finished". There are a couple of things that are clearly stubs for future functionality. For example, I challenge anyone to post instructions on how to get the "frame management" to do something useful.
[6]
[7] I am even an RHCE, would you beleive. I am not bashing RedHat, just pointing out what we are doing based on our actual, first hand experiences with both platforms
You are correct about the recording surface, but wrong about the "protection" thing.
t ml ?tid=137&tid=198
Labels on CDR(w) media tends to be a _bad_ thing.
http://slashdot.org/articles/03/11/08/043254.sh
A chronic lack of discipline is a problem I had with one particular developer.
He was always be whining "I need the root password", etc.
He always received a polite response of "what are you trying to do" which was usually replied to with silence. Ocasionally he replied with "I need access to such-and-such log file", at which point I would check or modify the perms on the log, and add him to the appropriate group.
But noooo....
That wasn't good enough. The little wanker goes and tries to start a public pissing match by dragging the internal clients, and both of our managers into it. What basically came out in the wash is that he was using my alleged lack of cooperation as an excuse for him not getting work done on his projects. (of couse the fact he was browsing news sites and other crap all day had nothing to do with it) Fortunately, since both managers knew better, and had a gaggle of otherwise productive and satisfied, if not always happy, developers, that quickly turned into a CLM for him.
Morals for the OP...:
1) If you ain't "Got Root" you don't need it.
2) Your sysadmin probably has set up all the access you need to do your job. Ask them.
3) You don't need root.
4) If there is something that you can't do, there is a reason. Situations do change however, so remeber to ASK YOUR ADMIN WHY before asking to have something changed.
5) see #3
6) Playing politics will result in considerable weeping and gnashing of teeth on your part if you are not doing your job.
Now... Behave, and get your nose back into what you are supposed to be doing!
Good Luck,
John
That actually brings up a really good point. What exactly is supposed to be doing on the site?
If the O.P. is just supposed to be managing content, then web pages, images, and database content are his domain. Period. Live with it, or ask the sysadmin to set up a test/staging server that he has access to, and maybe root on, then all content changes get rsynced accross.
If he is supposed to be managing the app servers (ie: mod_perl code, or something that would require apache to get the occasion kick in the crotch) then he does need a bit more access. But that can still be done with group memberships, sudo, and a bit of work on the SA's part to write some scripts to do some of the dirty work.
My advice, would be for him to just _ask_ his SA stright out, "I need to do X part of my job, which means I need access to Y* resource. In the past I have done it like Z, but how would you like me to do it?" (Where "Y" != "a root shell".)
BTW, I AM a sysadmin. Devlopers who whine at me continually that they need root access get told to go think about what they really need, then come back. If you approach your SA with a plan for what you want to do, and how you want it done, then work _with_ him to make it happen, (it _is_ a two way steet) you will find that you will have less crap work to do "managing" a system, and he will have less crap work to do cleaning up after a developer. (less crap == happy sysadmin == better work environment)
Cheers!
John
First, RONJA:
http://ronja.twibright.com/
"Ronja (Reasonable Optical Near Joint Access) is an Free Hardware (like Free Software) project of optical point-to-point data link"
Is DIY, and will get you 10Mbps as far as 1.4 Km. Seems like a good project to collaborate on with your friend.
Or if you have money to burn, you can always buy a "free-space optics" laser head from these guys, who have gear that goes over 1Gbps
http://www.laserbit.net/
Cheers!
John
I will admit to being a screen junkie.
I have half a dozen login sessions on my box at home running under screen for *months* at a time.
I can go to work, ssh to my home box, type "screen -rd" and get back to where I left off at home. The apps continue to run just fine and as they are attached to a pty, xterm resizes (or a re-attach from a different sized xterm) are not a problem. (except for btlaunchmanycurses.py Grrrrr...)
What gets really handy is when you use screen-aware apps like elinks, and you get to use "open link in new window" in a text mode browser.
Yay!
My one word of warning (more than one word actually... more like one point) is that ssh-agent forwarding within screen gets a little weird. Google for "ssh agent screen" to find a method of updating your environment that you like.
Cheers.
John
Hey, I like that...
Once the messages get hashed the fist time they get nuked everywhere!
That in itself is probably of more value than the $1/hour that they would be paying.
It might also provide some more insight into how we can overcome the obfuscation that is added into the messages.
Hmmm... (/self goes and takes another look at the website)
John
Providing you have a Linux(tm) (or something) firewall handy, and a junk windows box to run the proggie on, you can set up a few rules with iptables, bind, and sendmail to put this together as follows:
1 - install crapware on the junk machine
2 - on the fw, have iptables transparently redirect all outboud smtp traffic to the local copy of sendmail
3 - configure bind on FW to be a root, and put a wildcard MX record in to point to your FW as the MX for world+dog
4 - have sendmail configured to accept all messages from everywhere (the wildcard MX record above will aid in this)
5 - work some virtusertable magic to get sendmail to dump all messages to a local account whose mailspool dumps to dev/null
6 - ???
7 - Profit!
Of course, we would have to include some exceptions to allow some presumed "test" or "tracker" messages through to let the company know that the program is running, and to fool them into thinking you are sending the spam out, but hey...
Anything else I am missing?
John