On a tangential note, we recently started up an office/plant in the Denver area and ended up going with Qwest for the two landlines. The cable is underground from the road to the building, with no conduit and we had very intermittent service. A tech "diagnosed" the problem as the cable between the road and the building and said it needed to be replaced, at our expense. As an interim solution, he ran a cable above ground, which is lying on our driveway/parking lot (at least covered by a thin coating of snow, ha!). The tech claimed that in CO, their tariff states that for business service, the business is response for underground wiring; essentially their responsibility stops at the splice box at the road. I had already reviewed the tariff and couldn't find anything specific about responsibility, and its generally been my experience in other states that if the telco owns it, they fix it. Any CO telco/tariff experts here that care to chime in?
Reminds me of the days on IRC when newbies looking for warez were given the hot ftp site of 127.0.0.1.. For some reason, they could never login, but many were so grateful that folks would be so charitable to give out a site..
Er, so you run a hosting company and cPanel is confirmed buggy, by you, and yet you continue to run it? And why should I ever consider hosting with you? Rather than moan and complain about the bugs, find another software package that is more secure. Or write your own... Tolerance of poor software is why it still exists..
We made an almost identical decision a few years ago, between OTRS and WebHelpDesk. We have over 23,000 tickets and haven't fully implemented asset tracking, but have encountered very few problems, save a memory leak somewhere in the Linux version. I've also implemented this for a few remote sites (different organizations), and the multiple platforms it runs on is definitely a plus. It is definitely not cheap - you won't touch it for $300, but as someone else noted, there are no cheap commercial offerings in this software realm.
Why wouldn't I be worried about Parallels? Because they're only targeting the workstation marketplace. There is plenty of room for both of them to coexist. I'm running a copy of Parallels Desktop on my MacBook Pro now (its in the window behind Firefox right now, running Windows). And I'm running ESX Server at work, for server applications. Now granted, I started out using VMWare 1.0, which was for a workstation only (where Parallels is now). But I think that VMWare has enough of a head start that Parallels is of not much concern to them...
Because probably the single biggest monopoly in the world produces software that has them "integrated". Most people can't see outside that paradigm. I personally would rather have two excellent stand alone apps that don't force me to use a proprietary protocol to interface with a proprietary backend system, rather than one bloated app (which runs on one operating system)...
The first problem is that Netscape probably didn'tadd much to their Directory Service towards the end, and it is unclear how much Fedora has had to put resources into code cleanups and bug fixes, as opposed to adding the capabilities it is going to need.
Well, check the CVS log, or join the mailing list and find out. For starters, beside bug fixes, the entire admin server backend has been replaced with an Apache httpd.worker model - its loads light-years faster than the original ns-httpd admin interface.
The second problem is that there needs to be an Open Source system compatible with (and preferably better than) Microsoft's Active Directory. The LDAP side of that is absolutely critical. For this directory server to be of much interest to network administrators, this package absolutely must support two-way communication with Microsoft Active Directory's LDAP. It can support more - and it would be great if, for once, Open Source "embraced and extended" something from The Other Side...
LDAP is LDAP. Active Directory is not LDAP - it provides a LDAP-like interface to data and it does it Microsoft's way. If you need to integrate your FDS with AD, then have a look at http://directory.fedora.redhat.com/wiki/Download under the Windows Synchronization section.
To be of interest to system admins, it needs to work with PAM and preferably one of the standard "unified" admin interfaces, like Webmin or (yes, it is still used) linuxconf, in addition to specialized tools. It needs both. Specialized but simple command-line tools are great for doing batch tasks or quick tasks, which will be the bulk of routine tasks. More complex tasks, changing configuration files, etc, are often easier in a unified interface. For extremely precise operations, user interfaces hide too much detail, so for those you often do have to use some hefty command-line and probably a text editor for control and config files.
For you to comment, you might want to learn a little bit about the layers of an application stack. And note that LDAP defines a protocol (over the wire) and a service. You can wrap whatever you want around it for administration (just like you can any LDAP server)..
Yes, but by changing the port number, you are no longer the lowest hanging fruit. And in some cases, security by obscurity is just enough to put you high enough up the tree that it is enough. For instance, a mass-scanning worm on port 3389 for listening RDP sockets won't find you. That kind of change would never be meant to suffice as full protection, but there is merit to it, just like there's merit in changing the default SQL Server port...
Horde, with Gollem, could do the trick for you. Gollem will tie to a number of different file server backends. Horde can use Active Directory/LDAP for authentication (and you can get a whole bunch of other useful Horde modules to boot).
It depends if your web app is written for a web browser or written for IE. We've got "web apps" that only work with IE; patch IE, break web app. Don't patch IE, open yourself up to all the known security issues. Its not quite as simple as move it to the web and solve all your patching problems (hint - web servers need patched too...)
You should be aware that AppGen essentially pulled a fast one with support of their home accounting software, Moneydance. Moneydance was a Java accounting program, written by Sean Reilly. Originally it was shareware (something like $25.00) but it wasn't crippled in any way if you didn't register. Later, Sean sold the rights to AppGen. Initially, they had a number of developers working on it, including Sean, but then a mysterious silence descended on the project. Later, it turns out, AppGen basically let go of all their people working on the Moneydance side of things but still had a shell of a website for it (I can't get to it currently). However, they were still taking orders for the product. Recently, someone hinted of big news on the moneydance mailing list that was to be forthcoming in the next few weeks but I don't know what that is and it hasn't been announced yet.
So buyer beware. Appgen handled the whole process rather poorly, IMHO, and info was not very timely or even available after Sean was left go. Bottom line - I don't think very highly of them as a company.
Moneydance is not, unfortunately, open source. It is fairly feature complete and stable though, considering it hasn't been updated in over a year. Still works good for me - if it ain't broke (too bad), don't fix it.
Kevin
Small form factor PC sans the bells and whistles?
on
Shuttle SS51 Reviewed
·
· Score: 1
I've looked at small form factor PC's like this before and while it might be great that they added an AGP slot for those that use these machines for LAN parties or as their primary desktop, I'd actually like something similar, sans all the bells and whistles. Basically, I'm looking for something that has two PCI slots so I can install a quad-port ethernet card and a wireless card and run OpenBSD on it and use it as a firewall. Methinks the console is going to look that same, whether the bus is 4X AGP or even a serial console for that matter:)
So all I really need is mouse/keyboard + ethernet + serial + 2 PCI slots. I could actually get away with only the serial port and 2 PCI slots, using that as a console and using the quad-port card for network connections but I like to have a physically separate network jack that sort of matches the logical layout of the network so I'd like onboard ethernet.
Does anyone have any recommendations for a PC like this? A Pentium running at a decent speed would work fine for a firewall - the problem is no one was making small form factor PCs like this when the Pentium was around. Maybe I need to look at embedded solutions as well - it just pains me to have a big clunky Dell Optiplex as my firewall when I could get away with a quarter of the shelf space but it also pains me to have to buy a machine with an AGP slot, when all I want is 80x24 text graphics...
I wonder how many of these so called environmentalists actually have any understanding of geological temperature cycles or if they buy hook, line, and sinker, everything their group feeds them (in this case, it looks like I can pick on GreenPeace). I'm not talking about data we've obtained over the past 100 years. I'm talking about cycles that might not be spotted unless you look at data over thousands or tens of thousands of years. And since we haven't been collecting data that long, well, I guess we can't spot those kinds of cycles.
I'm not saying that mankind hasn't had some sort of short or maybe even longer term effect on the environment. However, to champion global warming simply because of human actions is very short-sighted. I graduated with a degree in geoscience and one of the courses I took was in mathematical modelling of geologic processes. In that course, we constructed a model for the carbon cycle, trying to account for the fluxes of carbon into a system (aka the earth). While a model is only that, a model, it was inherently clear that any number of lurking variables could introduce drastic changes into the system, which in turn could have adverse effects on a whole bunch of other things.
Also, consider this thought: make a graph and plot temperature vs. time over a 20,000 year period. You should get some sort of sinusoidal curve. Now drill down to the past 100 years. You'll probably still see some sort of sinusoidal curve. We might be heading towards the apex of the curve now but it will go down again. Thinking of it another way: pick a spot on the globe. Plot temperature vs. time for that spot, for 100,000 years. Probably a smooth curve. But now, suppose your data was granular enough to plot by century, decade, year or even day. You know what? You're going to start seeing more sinusoidals with different periods - definitely a yearly and a daily period. So you're going to see a sinusoidal thats composed of many smaller sinusoidals. My theory is that we, as humans, are excaberating one of those shorter period sinusoidals. We might be bumping the temperature up on a century sinusoidal curve but in the context of thousands (or tens of thousands) of years, if you step back and look at the curve, you won't notice a difference.
Thats not to say that global warming isn't happening. Its just to say that the sensationalism that environmentalists spout is just that - a huge churning PR machine that preys on people who look at things from a myopic viewpoint and believe everything they're told (the TV said it so it must be true!).
How about this: instead of tacking on yet another fee for frivolous items that students have to pay at institutions of higher learning, drop the fee and let the students have the extra $50-$500 a year. Let them buy their own technology with that extra cash instead of letting some bureaucrat pad the coffers of the university.
I use MOL on my Lombard Powerbook at work. It has to be one of the most clever and most useful PPC linux apps that was ever written. It is _extremely_ fast with respect to emulation because it isn't really emulation at all; the PPC calls are all native. No need to translate PPC calls to x86 like you would when running VirtualPC on a Mac.
The only problem I've had of late is that the network device stops working after about three hours but I just kill MOL and restart it. From past experience with MacOS, rebooting every three hours is often necessary anyway:)
All in all, an excellent program. And its not so much that it allows you to run MacOS programs under Linux, ala MacOS emulators for Windoze - it is a complete virtual PPC machine within a PPC machine.
My laptop has YellowDog Linux 2.0 on it but I also ran MOL on Debian unstable for awhile with good success. I also run it at home on my Apple Network Server - I was able to install MacOS from scratch using MOL by setting the boot device to the CD.
Rule 1: If you're an ANY admin, you have to stay on top of *EVERY* patch. You don't patch, your company loses money because of your negligence. If you don't patch, you deserve to lose your job.
I have no love for Microsoft products but its unfair to single out NT admins as having to keep up on every patch. It would be just as easy to package up a worm that exploits known holes in UNIX installs (BIND, sendmail, telnet, ucd-snmp, etc...) and that would expose the incompetence of some UNIX admins as well. Now granted, I've always maintained that, as a general rule, UNIX admins are generally more on top of things than NT admins but there's enough Linux installs out there (because its cheap and it does the job) that aren't properly patched that someone could probably have a field day with a "Toor" worm for Linux.. Just my $0.02
My guess would be that CNN was under a much higher load than slashdot, mainly because your average 'Net user would go to CNN for news and probably has never even heard of slashdot.org. Also, by CmdrTaco's account, slashdot's peak traffic was three times greater than normal (or their previous peak - I'm not sure which). I know I personally tried to load CNN's site far more than three times what I normally do (which is at most once a day). So yes, slashdot was able to scale but I'm guessing it was able to survive only because the increase in load wasn't as great as the load heaped on CNN and other news sites.
Just a conjecture. I'm not privvy to CNN load averages or request numbers.
Wonder if its coincidence or not? I was travelling in western Pennsylvania Sunday afternoon and on about six different occasions, the speedometer in my car dropped from 70mph to zero mph. It would stay there for a few miles, then all of the sudden, it would blip back to 70mph. Its a strange feeling driving down the interstate with your speedometer and odometer at zero and some fixed mileage, respectively. Seems fine today - I'm not sure if its mechanical or an electrical sensor, although I suspect its the latter. Similar experiences anyone?
Hrm, maybe users need reminded that/tmp == TEMPORARY == it gets deleted at will (i.e at reboot or when tmp gets cleaned up based on file age). Users should expect that temporary files in a temporary directory disappear after reboot. They should also learn not to put "permanent" files there if they want them stored "permanently".
For new users, I would recommend getting a copy of "Securing and Optimizing Linux - Red Hat edition" available from http://www.linuxdoc.org. Its more of a checklist of what to disable with Red Hat (which I feel Red Hat should do by default but...) but its a good place to start to at least close some of the holes that Red Hat leaves open with a default install. Red Hat is notorious for having a myriad of dependencies which result in things like sendmail getting installed and activated, even though you disable it - at one point, I counted like a dozen packages that I specifically deselected and they still got installed anyway.
My personal opinion is that if you are running *nix, you should know this stuff. Not every end user is going to be a *nix expert but being ignorant of the operating system you are using is something that irritates me. However, I also believe that if vendors like Red Hat are going to market to the home user, they need to educate the home user and/or make their default install more secure. It is lame and irresponsible to just install everything and enable everything by default.
The guide I mentioned above is a good checklist for fixing open security problems in that it helps you whittle your install down to only the files you need. Its hard to get hacked via the rpc.statd exploit if you don't have the NFS stuff installed. However, one major problem I have with that guide is that it functions mainly as a checklist (not to mention that its 95% regurgitated config files, READMEs, RPM listings, file listings, and kernel sysctl Documentation) is that is mostly a checklist. Its long on the "delete this package, that package, make this change, do this, then that" and short on explaining why or how a service or package is a real problem. Of course not everyone cares about the inner details of exploiting services but the best defense, in my opinion, is a good dose of common sense and a good notion of how someone can exploit what you have. For that, experience is the best teacher and I haven't found a HOWTO for common sense anywhere (maybe thats why so many people are clueless). If you want a sort of overview of how hackers operate and how they might exploit something, I might recommend "Hacking Exposed" by Stuart McClure and Joel Scambray.
Hope this helps. email kSeviTn_OmyPer@iuS13.kP12.pAa.uMs if I can be of more help. (Remove the STOP SPAM)
Another sure sign that the company is getting larger is that they recently reduced their associates' compensation from $0.03 per impression to $0.01 per impression. It doesn't really bother me as its definitely not a major source of income for me - rather I figure I might as well get paid to use a search engine that I normally use anyway. But when they slash your payout by two-thirds, it says that they're trying to bring their expenditures into line more.
- we ordered two Dell Poweredge 4400 servers with Linux three months ago. Still don't have them both. Missing parts, non-returned phone calls, one server shipped with root password installed that I had to crack. Horrendous experience. There's probably a horror story for every major vendor out there - we're the poster child for Dell horror stories.
Slashdot Mirror
On a tangential note, we recently started up an office/plant in the Denver area and ended up going with Qwest for the two landlines. The cable is underground from the road to the building, with no conduit and we had very intermittent service. A tech "diagnosed" the problem as the cable between the road and the building and said it needed to be replaced, at our expense. As an interim solution, he ran a cable above ground, which is lying on our driveway/parking lot (at least covered by a thin coating of snow, ha!). The tech claimed that in CO, their tariff states that for business service, the business is response for underground wiring; essentially their responsibility stops at the splice box at the road. I had already reviewed the tariff and couldn't find anything specific about responsibility, and its generally been my experience in other states that if the telco owns it, they fix it. Any CO telco/tariff experts here that care to chime in?
Reminds me of the days on IRC when newbies looking for warez were given the hot ftp site of 127.0.0.1.. For some reason, they could never login, but many were so grateful that folks would be so charitable to give out a site..
Er, so you run a hosting company and cPanel is confirmed buggy, by you, and yet you continue to run it? And why should I ever consider hosting with you? Rather than moan and complain about the bugs, find another software package that is more secure. Or write your own... Tolerance of poor software is why it still exists..
We made an almost identical decision a few years ago, between OTRS and WebHelpDesk. We have over 23,000 tickets and haven't fully implemented asset tracking, but have encountered very few problems, save a memory leak somewhere in the Linux version. I've also implemented this for a few remote sites (different organizations), and the multiple platforms it runs on is definitely a plus. It is definitely not cheap - you won't touch it for $300, but as someone else noted, there are no cheap commercial offerings in this software realm.
Why wouldn't I be worried about Parallels? Because they're only targeting the workstation marketplace. There is plenty of room for both of them to coexist. I'm running a copy of Parallels Desktop on my MacBook Pro now (its in the window behind Firefox right now, running Windows). And I'm running ESX Server at work, for server applications. Now granted, I started out using VMWare 1.0, which was for a workstation only (where Parallels is now). But I think that VMWare has enough of a head start that Parallels is of not much concern to them...
Because probably the single biggest monopoly in the world produces software that has them "integrated". Most people can't see outside that paradigm. I personally would rather have two excellent stand alone apps that don't force me to use a proprietary protocol to interface with a proprietary backend system, rather than one bloated app (which runs on one operating system)...
The first problem is that Netscape probably didn'tadd much to their Directory Service towards the end, and it is unclear how much Fedora has had to put resources into code cleanups and bug fixes, as opposed to adding the capabilities it is going to need.
Well, check the CVS log, or join the mailing list and find out. For starters, beside bug fixes, the entire admin server backend has been replaced with an Apache httpd.worker model - its loads light-years faster than the original ns-httpd admin interface.
The second problem is that there needs to be an Open Source system compatible with (and preferably better than) Microsoft's Active Directory. The LDAP side of that is absolutely critical. For this directory server to be of much interest to network administrators, this package absolutely must support two-way communication with Microsoft Active Directory's LDAP. It can support more - and it would be great if, for once, Open Source "embraced and extended" something from The Other Side...
LDAP is LDAP. Active Directory is not LDAP - it provides a LDAP-like interface to data and it does it Microsoft's way. If you need to integrate your FDS with AD, then have a look at http://directory.fedora.redhat.com/wiki/Download under the Windows Synchronization section.
To be of interest to system admins, it needs to work with PAM and preferably one of the standard "unified" admin interfaces, like Webmin or (yes, it is still used) linuxconf, in addition to specialized tools. It needs both. Specialized but simple command-line tools are great for doing batch tasks or quick tasks, which will be the bulk of routine tasks. More complex tasks, changing configuration files, etc, are often easier in a unified interface. For extremely precise operations, user interfaces hide too much detail, so for those you often do have to use some hefty command-line and probably a text editor for control and config files.
For you to comment, you might want to learn a little bit about the layers of an application stack. And note that LDAP defines a protocol (over the wire) and a service. You can wrap whatever you want around it for administration (just like you can any LDAP server)..
http://directory.fedora.redhat.com/wiki/Plugins
Just about everything about it is extensible by plugins, including data storage.
Yes, but by changing the port number, you are no longer the lowest hanging fruit. And in some cases, security by obscurity is just enough to put you high enough up the tree that it is enough. For instance, a mass-scanning worm on port 3389 for listening RDP sockets won't find you. That kind of change would never be meant to suffice as full protection, but there is merit to it, just like there's merit in changing the default SQL Server port...
Horde, with Gollem, could do the trick for you. Gollem will tie to a number of different file server backends. Horde can use Active Directory/LDAP for authentication (and you can get a whole bunch of other useful Horde modules to boot).
It depends if your web app is written for a web browser or written for IE. We've got "web apps" that only work with IE; patch IE, break web app. Don't patch IE, open yourself up to all the known security issues. Its not quite as simple as move it to the web and solve all your patching problems (hint - web servers need patched too...)
You should be aware that AppGen essentially pulled a fast one with support of their home accounting software, Moneydance. Moneydance was a Java accounting program, written by Sean Reilly. Originally it was shareware (something like $25.00) but it wasn't crippled in any way if you didn't register. Later, Sean sold the rights to AppGen. Initially, they had a number of developers working on it, including Sean, but then a mysterious silence descended on the project. Later, it turns out, AppGen basically let go of all their people working on the Moneydance side of things but still had a shell of a website for it (I can't get to it currently). However, they were still taking orders for the product. Recently, someone hinted of big news on the moneydance mailing list that was to be forthcoming in the next few weeks but I don't know what that is and it hasn't been announced yet.
So buyer beware. Appgen handled the whole process rather poorly, IMHO, and info was not very timely or even available after Sean was left go. Bottom line - I don't think very highly of them as a company.
Moneydance is not, unfortunately, open source. It is fairly feature complete and stable though, considering it hasn't been updated in over a year. Still works good for me - if it ain't broke (too bad), don't fix it.
Kevin
I've looked at small form factor PC's like this before and while it might be great that they added an AGP slot for those that use these machines for LAN parties or as their primary desktop, I'd actually like something similar, sans all the bells and whistles. Basically, I'm looking for something that has two PCI slots so I can install a quad-port ethernet card and a wireless card and run OpenBSD on it and use it as a firewall. Methinks the console is going to look that same, whether the bus is 4X AGP or even a serial console for that matter :)
So all I really need is mouse/keyboard + ethernet + serial + 2 PCI slots. I could actually get away with only the serial port and 2 PCI slots, using that as a console and using the quad-port card for network connections but I like to have a physically separate network jack that sort of matches the logical layout of the network so I'd like onboard ethernet.
Does anyone have any recommendations for a PC like this? A Pentium running at a decent speed would work fine for a firewall - the problem is no one was making small form factor PCs like this when the Pentium was around. Maybe I need to look at embedded solutions as well - it just pains me to have a big clunky Dell Optiplex as my firewall when I could get away with a quarter of the shelf space but it also pains me to have to buy a machine with an AGP slot, when all I want is 80x24 text graphics...
I wonder how many of these so called environmentalists actually have any understanding of geological temperature cycles or if they buy hook, line, and sinker, everything their group feeds them (in this case, it looks like I can pick on GreenPeace). I'm not talking about data we've obtained over the past 100 years. I'm talking about cycles that might not be spotted unless you look at data over thousands or tens of thousands of years. And since we haven't been collecting data that long, well, I guess we can't spot those kinds of cycles.
I'm not saying that mankind hasn't had some sort of short or maybe even longer term effect on the environment. However, to champion global warming simply because of human actions is very short-sighted. I graduated with a degree in geoscience and one of the courses I took was in mathematical modelling of geologic processes. In that course, we constructed a model for the carbon cycle, trying to account for the fluxes of carbon into a system (aka the earth). While a model is only that, a model, it was inherently clear that any number of lurking variables could introduce drastic changes into the system, which in turn could have adverse effects on a whole bunch of other things.
Also, consider this thought: make a graph and plot temperature vs. time over a 20,000 year period. You should get some sort of sinusoidal curve. Now drill down to the past 100 years. You'll probably still see some sort of sinusoidal curve. We might be heading towards the apex of the curve now but it will go down again. Thinking of it another way: pick a spot on the globe. Plot temperature vs. time for that spot, for 100,000 years. Probably a smooth curve. But now, suppose your data was granular enough to plot by century, decade, year or even day. You know what? You're going to start seeing more sinusoidals with different periods - definitely a yearly and a daily period. So you're going to see a sinusoidal thats composed of many smaller sinusoidals. My theory is that we, as humans, are excaberating one of those shorter period sinusoidals. We might be bumping the temperature up on a century sinusoidal curve but in the context of thousands (or tens of thousands) of years, if you step back and look at the curve, you won't notice a difference.
Thats not to say that global warming isn't happening. Its just to say that the sensationalism that environmentalists spout is just that - a huge churning PR machine that preys on people who look at things from a myopic viewpoint and believe everything they're told (the TV said it so it must be true!).
How about this: instead of tacking on yet another fee for frivolous items that students have to pay at institutions of higher learning, drop the fee and let the students have the extra $50-$500 a year. Let them buy their own technology with that extra cash instead of letting some bureaucrat pad the coffers of the university.
I use MOL on my Lombard Powerbook at work. It has to be one of the most clever and most useful PPC linux apps that was ever written. It is _extremely_ fast with respect to emulation because it isn't really emulation at all; the PPC calls are all native. No need to translate PPC calls to x86 like you would when running VirtualPC on a Mac.
:)
The only problem I've had of late is that the network device stops working after about three hours but I just kill MOL and restart it. From past experience with MacOS, rebooting every three hours is often necessary anyway
All in all, an excellent program. And its not so much that it allows you to run MacOS programs under Linux, ala MacOS emulators for Windoze - it is a complete virtual PPC machine within a PPC machine.
My laptop has YellowDog Linux 2.0 on it but I also ran MOL on Debian unstable for awhile with good success. I also run it at home on my Apple Network Server - I was able to install MacOS from scratch using MOL by setting the boot device to the CD.
Rule 1: If you're an ANY admin, you have to stay on top of *EVERY* patch. You don't patch, your company loses money because of your negligence. If you don't patch, you deserve to lose your job.
I have no love for Microsoft products but its unfair to single out NT admins as having to keep up on every patch. It would be just as easy to package up a worm that exploits known holes in UNIX installs (BIND, sendmail, telnet, ucd-snmp, etc...) and that would expose the incompetence of some UNIX admins as well. Now granted, I've always maintained that, as a general rule, UNIX admins are generally more on top of things than NT admins but there's enough Linux installs out there (because its cheap and it does the job) that aren't properly patched that someone could probably have a field day with a "Toor" worm for Linux.. Just my $0.02
My guess would be that CNN was under a much higher load than slashdot, mainly because your average 'Net user would go to CNN for news and probably has never even heard of slashdot.org. Also, by CmdrTaco's account, slashdot's peak traffic was three times greater than normal (or their previous peak - I'm not sure which). I know I personally tried to load CNN's site far more than three times what I normally do (which is at most once a day). So yes, slashdot was able to scale but I'm guessing it was able to survive only because the increase in load wasn't as great as the load heaped on CNN and other news sites.
Just a conjecture. I'm not privvy to CNN load averages or request numbers.
Since VALinux is involved, it might also explain why anonymous ftp to ftp.valinux.com isn't working either...
Wonder if its coincidence or not? I was travelling in western Pennsylvania Sunday afternoon and on about six different occasions, the speedometer in my car dropped from 70mph to zero mph. It would stay there for a few miles, then all of the sudden, it would blip back to 70mph. Its a strange feeling driving down the interstate with your speedometer and odometer at zero and some fixed mileage, respectively. Seems fine today - I'm not sure if its mechanical or an electrical sensor, although I suspect its the latter. Similar experiences anyone?
Hrm, maybe users need reminded that /tmp == TEMPORARY == it gets deleted at will (i.e at reboot or when tmp gets cleaned up based on file age). Users should expect that temporary files in a temporary directory disappear after reboot. They should also learn not to put "permanent" files there if they want them stored "permanently".
My personal opinion is that if you are running *nix, you should know this stuff. Not every end user is going to be a *nix expert but being ignorant of the operating system you are using is something that irritates me. However, I also believe that if vendors like Red Hat are going to market to the home user, they need to educate the home user and/or make their default install more secure. It is lame and irresponsible to just install everything and enable everything by default.
The guide I mentioned above is a good checklist for fixing open security problems in that it helps you whittle your install down to only the files you need. Its hard to get hacked via the rpc.statd exploit if you don't have the NFS stuff installed. However, one major problem I have with that guide is that it functions mainly as a checklist (not to mention that its 95% regurgitated config files, READMEs, RPM listings, file listings, and kernel sysctl Documentation) is that is mostly a checklist. Its long on the "delete this package, that package, make this change, do this, then that" and short on explaining why or how a service or package is a real problem. Of course not everyone cares about the inner details of exploiting services but the best defense, in my opinion, is a good dose of common sense and a good notion of how someone can exploit what you have. For that, experience is the best teacher and I haven't found a HOWTO for common sense anywhere (maybe thats why so many people are clueless). If you want a sort of overview of how hackers operate and how they might exploit something, I might recommend "Hacking Exposed" by Stuart McClure and Joel Scambray.
Hope this helps. email kSeviTn_OmyPer@iuS13.kP12.pAa.uMs if I can be of more help. (Remove the STOP SPAM)
Yep - I've made a whopping $19.41 in the past 2.5 months according to my revenue report. Time to retire ;)
Another sure sign that the company is getting larger is that they recently reduced their associates' compensation from $0.03 per impression to $0.01 per impression. It doesn't really bother me as its definitely not a major source of income for me - rather I figure I might as well get paid to use a search engine that I normally use anyway. But when they slash your payout by two-thirds, it says that they're trying to bring their expenditures into line more.
- we ordered two Dell Poweredge 4400 servers with Linux three months ago. Still don't have them both. Missing parts, non-returned phone calls, one server shipped with root password installed that I had to crack. Horrendous experience. There's probably a horror story for every major vendor out there - we're the poster child for Dell horror stories.