I recently took an exam that covered IP6, so I was *determined* to get it working through a tunnel broker or some such means, just to say I did. I fired up test-ip6.com and...I was already on it.
My shared office had recently upgraded their modem from AT&T, which apparently supports v6 out of the box. Absolutely zero manual config on the router or client. Found out later, it's the same with Comcast where I live (northern California).
OTOH, I work at an ISP that has IP6 nowhere on its radar. I haven't raised the issue yet because I'm so new, but I have a few guesses:
- We still have a lot of unused v4 addresses in several public/24s. Address depletion is, well, pretty much the only major driving force behind v6.
- We are an education network, servicing only schools and school sites, so our number of clients are relatively few, and each client maybe only needs 2-3 public IPs (1 for NATing traffic, and maybe 1 or 2 for public-facing servers)
- Potential security risk (I'm not talking about the FUD that NAT=security, I'm talking about things like the v6 flood that, well, crashes any Windows box with v6 enabled[1])
- Huge cost to ensure that *every* device, server and router can handle v6, that all network staff are adequately trained, etc.
So, it comes down to huge cost with little to no appreciable gain (for our organization). Sure, routing gets simpler, no NAT overhead, but it's not like v4 is going to disappear overnight. Dual stack is the way it's going to be for a very, very long time. My grandkids may see widespread native v6. Maybe.
It's kind of strange to me that people would first investigate eating insects before plants. Evidence has never been stronger[1] that a plant-based diet can fully supply all nutritional needs. It's even in Wikipedia's list of common misconceptions that a vegan/vegetarian diet doesn't supply enough protein.[2] Do ants seem more appetizing than some whole grains and legumes? Really?
Disclosure: I'm vegan for health and environmental reasons.
I really want to learn more, don't mind hard work, enjoy challenges, and am perfectly willing to spend hours and hours for months on end to learn command line.
Then Arch should suit you nicely.
It's a very "shell-intensive" distro, but it's exceptionally well-documented. On one computer/screen, get the Arch Wiki open (possibly with linuxcommand.com in another tab), and get a fresh install of Arch on another computer/screen. If you don't have 2 computers, just load Arch in a VM. Arch is probably the best "learn Linux the hard way(tm)" distro around.
That's basically how I learned, and I'm infinitely better for it.
Microsoft has a great rule about system messages that require the user to make a decision. They should be NEAT: necessary, explained, actionable, and tested.
I have FreNAS set up on a fairly modest box, originally intended to just host a few files. Then I got curious about just this thing, and installed squid in transparent mode with squidGuard. I want to block tracking and ad content at the network level as a security and privacy concern. I installed a blacklist from squidGuard's website and enabled the appropriate domain and url lists.
After about a week, I must say I'm rather impressed. Caching all http traffic while simultaneously blocking ads and trackers noticeably improved website response times, both for cached and non-cached pages. This improvement is even more dramatic on slower connections. So far, no false positives and only first-party ads aren't blocked. Even better, the transparent proxy means no client-side configuration.
As far as lists affecting speed, squidGuard stores domains in a Berkeley-DB optimized database format that does not degrade performance with even huge blacklists (I think my blacklists are running over 1M domains right now). The real speed hit comes from using regex. However, my simple domain-based blacklist works so well I feel no need to go that route. Besides, I don't want to block first-party ads.
Interesting. I have a simple domain-based adblocker in place on my pfSense gateway, and Yahoo's ads load because they're hosted on yimg.com. Adblocking would basically disappear if they were simply hosted first-party.
FreeNAS + OpenVPN is my "cloud" storage. Decent Comcast upstream at home means I have direct access to all my files anywhere, via a single UDP socket secured with certificate-based authentication and encryption. I take special solace knowing I own the hardware my data touches, and FDE on all endpoints ensures another layer of protection.
This story jumped out at me because I graduated from an LWSD school back in '04.
One of my hacker / cracker / script kiddie friends nabbed an 0day version of Agobot from IRC, got itchy one day, and executed it at school. I remember clear as day sitting in chemistry, and the intercom sounded, "Teachers, please shut down all computers in your classroom."
The entire school's network was down for a week as the IT staff manually disinfected each computer. My friend was "expelled" into a head-start program at the local community college, while his parents paid a $5,000 fine for the disinfecting labor.
Wait, you're talking about needing to get the job before you can get Linux experience?
If you read my OP, you'd know I already have Linux experience, and a decent amount of it at that. The catch-22 I mentioned refers to the level of Linux experience it seems many jobs require. I can't get 3+ years professional RHEL experience until I get a job administering RHEL, at least presumably. I could install my own home server running RHEL, but I don't know if that would translate to "professional experience." I also don't have hands-on access to advanced server hardware, fibre channel networking, and a dozen other things employers may look for.
Even as someone who has an extensive background in Windows, I disagree that Windows is easier. I oversee a few SBS servers, and I nearly went mad trying to solve a simple permissions issue. Everything "should" have worked, I even tested it in the Effective Permissions dialog. Still nothing. Linux? ~$ sudo chmod 744 mydir. Done. I also like scripting, and I could spend all day in the shell no problem. Where did you get the idea to the contrary?
A "freelance IT consultant" is a guy who plays WoW 24/7 with breaks to answer the door for pizza deliveries or go fix friend's computers in exchange for chee-toes.
I've never played WoW, and I've run a successful, licensed consulting business for several years now, with many returning clients.
You want to be a Linux professional, but don't know what you want to do with it. That's strange to me. That's like saying "I want to use a screwdriver for a living, but don't know what I want to do with it."
Why is that strange? Your analogy is grossly oversimplified. I'm narrowing my career path to a particular set of tools and software that I'm beginning to understand and respect. It's like I'm saying, "I know want to be a lawyer, I'm just not sure if I want to do case law, patent law, family law or some other kind of law." Really, is that so absurd?
Get a job. Somewhere. Anywhere.
Of course, how could I be so obtuse? I'll just get a job anywhere, why did I even ask a question in the first place?
Fair enough, I appreciate your perspective, but it doesn't answer the most fundamental question I asked: how did you become a paid professional who uses Linux regularly (if you do)?
To use your analogy, I want to become a very talented chef, one that involves mastering knife handling. I'm already pretty good at knife handling, but I want to get better. I enjoy cooking so much, that I want to make a career out of it instead of just goofing off. The trouble is, I don't know how to get hired as a chef if all the restaurants want 3+ years experience as a very talented chef. I also know that whatever chef I end up as, I want to handle knives in the process. I don't want to be a pastry chef or sous chef; I want to cut and chop and pare with masterful precision as some kind of chef that uses knives (I want to use Linux, no matter what profession I take on; the analogy has somewhat broken down here, but you get the idea, I hope).
I'm looking for a "bus boy" type position, where I can be exposed to the kinds of technology I want to master, and work my way up the food chain. I just don't know how to do that.
Huge Flash seizure-inducing videos with sound that play automatically? Go to hell.
Some sites (even slashdot) get so heavy laden with adverts that simply loading any content becomes a headache on high-latency connections like HughesNet. FF + ABP to the rescue.
The OP mentions limited budget and huge volumes of data to back up locally. Working within these constraints, a solution comes into focus:
FreeNAS + rsnapshot. Both are free ($0) and accomplish essentially what Time Machine does for Macs, but to/from almost any hardware. Bear in mind that any solution offering any semblance of security for 8TB of data won't be cheap.
Probably the biggest investment will be the NAS box itself, and of that, the HDDs will most likely cost the most. 8TB of RAIDed storage will easily cost >$500. The other hardware need not be much, it just needs enough SATA ports and power to run the HDDs, plus a GigE NIC.
rsnapshot keeps very intelligent backups, only recording diffs between backups using hardlinks. It's not too difficult to set up, and it's totally automated. The net result is a bunch of, well, snapshots, going back a few hours, days, months, even years if you like (and have storage for).
There's just no way to offer a fireproof solution for this much data without investing serious cash. Definitely store the NAS as physically separate as possible from the original data. The NAS only needs power and a single Cat6 cord, so it's conceivable to place it in a detached building or something. Keep in mind, heat and humidity will become an issue in extremes.
"The human body does not require meat."
Yes it does. At most I could accept that due to our technology we can (hardly) substitute meat with something else.
[citation needed]
T. Colin Cambpell, a Ph.D. studied the matter in depth for decades alongside other researchers and revealed, among many other things, that a) our bodies require far less protein than many believe, and b) plants provide an abundance of all required nutrients. Check out the China Study, a spectacular read. Also, a quick look at the vegan wiki entry verifies this ad nauseum. I'm not a hardliner, but there's a *lot* of misinformation floating around this thread, not the least of which revolves around meat being the only viable source of human protein.
Would any of the people commenting on the widespread corruption of the US gov't, and the apparent apathy of the citizenry, care to offer practical advice on how to change things?
Vote? Yeah, that really helps when both candidates are just flipsides of the same messed up coin, products of the same system, never keep campaign promises, and the entire electoral process is either corrupt or obsolete (electoral college)?
Demonstrate? Yeah, that really made a huge difference during OWS. The only difference it made is in the minds of those who demonstrated, who felt like they did something meaningful. No real change.
Strike? That's a leverage tactic for affecting change in the workplace, not so much gov't.
Seriously, I'm not trolling. I really want to know what average US citizen can do to help change things for the better, even in small ways.
Google has given us helpful search, gold-standard free email and a proliferating mobile platform (amongst other innovations).
Apple has given us (legal, idiot-proof) music in our pockets, a phone that does "everything" (at least to Joe consumer), and the first consumer-friendly tablet (amongst other innovations).
Microsoft has given us half-assed clones of all the above, a few failed ventures and yet another attempt to stifle competition, secure boot. (amongst other blunders).
I once enjoyed the thought of 'liberating' my friends and family from the shackles of Windows in a similar way. I even installed Ubuntu on a client's computer when I worked in a repair shop, when a desperate mother came seeking a way for her daughter to avoid viruses.
After installing Ubuntu, the client responded positively. Shortly after, I got a call asking how to get their printer working, and how to install MSN messenger. I scrambled to find a *nix clone...ah, aMSN, bingo! OK, install from repos, done.
Now, printer. OK, bring it in with the computer so I can install it. It's a Canon, but it's not in the default CUPS package (at the time). Hit up Canon's website. They have a binary, but it doesn't install right. Crap. I don't remember how it worked out, but I think I got it working after several hours of free labor.
Moral of the story is: don't do this unless you're 100% OK with hand-holding each one of these people with every issue that arises, and are willing to take responsibility for failure if you can't fix a problem.
IMO, desktop Linux is currently appropriate for two audiences: tech-savvy, capable adventurers who want to try something new and don't mind finding answers on their own, or the very computer illiterate, who use machines for literally just getting online and checking email. Even then, you run some risks.
Seems Khan Academy poses more a threat to paid tutoring services than formal education. I view Khan as a free, anytime, anywhere tutor rather than a replacement for earning a BS from an accredited institution.
Sure, SQL injection shouldn't work, but it wouldn't matter as much if Yahoo hashed passwords in bcrypt or similar. Why the hell do they store cleartext passwords in a database?
Slashdot Mirror
I recently took an exam that covered IP6, so I was *determined* to get it working through a tunnel broker or some such means, just to say I did. I fired up test-ip6.com and...I was already on it.
My shared office had recently upgraded their modem from AT&T, which apparently supports v6 out of the box. Absolutely zero manual config on the router or client. Found out later, it's the same with Comcast where I live (northern California).
OTOH, I work at an ISP that has IP6 nowhere on its radar. I haven't raised the issue yet because I'm so new, but I have a few guesses:
So, it comes down to huge cost with little to no appreciable gain (for our organization). Sure, routing gets simpler, no NAT overhead, but it's not like v4 is going to disappear overnight. Dual stack is the way it's going to be for a very, very long time. My grandkids may see widespread native v6. Maybe.
[1] http://samsclass.info/ipv6/proj/flood-router6a.htm
It's kind of strange to me that people would first investigate eating insects before plants. Evidence has never been stronger[1] that a plant-based diet can fully supply all nutritional needs. It's even in Wikipedia's list of common misconceptions that a vegan/vegetarian diet doesn't supply enough protein.[2] Do ants seem more appetizing than some whole grains and legumes? Really?
Disclosure: I'm vegan for health and environmental reasons.
[1] https://en.wikipedia.org/wiki/Veganism#Health_arguments
[2] https://en.wikipedia.org/wiki/List_of_common_misconceptions#Human_body_and_health
Then Arch should suit you nicely.
It's a very "shell-intensive" distro, but it's exceptionally well-documented. On one computer/screen, get the Arch Wiki open (possibly with linuxcommand.com in another tab), and get a fresh install of Arch on another computer/screen. If you don't have 2 computers, just load Arch in a VM. Arch is probably the best "learn Linux the hard way(tm)" distro around.
That's basically how I learned, and I'm infinitely better for it.
I have FreNAS set up on a fairly modest box, originally intended to just host a few files. Then I got curious about just this thing, and installed squid in transparent mode with squidGuard. I want to block tracking and ad content at the network level as a security and privacy concern. I installed a blacklist from squidGuard's website and enabled the appropriate domain and url lists.
After about a week, I must say I'm rather impressed. Caching all http traffic while simultaneously blocking ads and trackers noticeably improved website response times, both for cached and non-cached pages. This improvement is even more dramatic on slower connections. So far, no false positives and only first-party ads aren't blocked. Even better, the transparent proxy means no client-side configuration.
As far as lists affecting speed, squidGuard stores domains in a Berkeley-DB optimized database format that does not degrade performance with even huge blacklists (I think my blacklists are running over 1M domains right now). The real speed hit comes from using regex. However, my simple domain-based blacklist works so well I feel no need to go that route. Besides, I don't want to block first-party ads.
Interesting. I have a simple domain-based adblocker in place on my pfSense gateway, and Yahoo's ads load because they're hosted on yimg.com. Adblocking would basically disappear if they were simply hosted first-party.
FreeNAS + OpenVPN is my "cloud" storage. Decent Comcast upstream at home means I have direct access to all my files anywhere, via a single UDP socket secured with certificate-based authentication and encryption. I take special solace knowing I own the hardware my data touches, and FDE on all endpoints ensures another layer of protection.
Looks intentional: http://www.guardian.co.uk/world/2012/nov/29/syria-blocks-internet
This story jumped out at me because I graduated from an LWSD school back in '04.
One of my hacker / cracker / script kiddie friends nabbed an 0day version of Agobot from IRC, got itchy one day, and executed it at school. I remember clear as day sitting in chemistry, and the intercom sounded, "Teachers, please shut down all computers in your classroom."
The entire school's network was down for a week as the IT staff manually disinfected each computer. My friend was "expelled" into a head-start program at the local community college, while his parents paid a $5,000 fine for the disinfecting labor.
Funny to read a similar story 8 years later...
IPv6 will prevail when running v4 becomes more expensive than deploying v6.
If you read my OP, you'd know I already have Linux experience, and a decent amount of it at that. The catch-22 I mentioned refers to the level of Linux experience it seems many jobs require. I can't get 3+ years professional RHEL experience until I get a job administering RHEL, at least presumably. I could install my own home server running RHEL, but I don't know if that would translate to "professional experience." I also don't have hands-on access to advanced server hardware, fibre channel networking, and a dozen other things employers may look for.
Even as someone who has an extensive background in Windows, I disagree that Windows is easier. I oversee a few SBS servers, and I nearly went mad trying to solve a simple permissions issue. Everything "should" have worked, I even tested it in the Effective Permissions dialog. Still nothing. Linux? ~$ sudo chmod 744 mydir. Done. I also like scripting, and I could spend all day in the shell no problem. Where did you get the idea to the contrary?
OP here:
This is not helpful at all.
I've never played WoW, and I've run a successful, licensed consulting business for several years now, with many returning clients.
Why is that strange? Your analogy is grossly oversimplified. I'm narrowing my career path to a particular set of tools and software that I'm beginning to understand and respect. It's like I'm saying, "I know want to be a lawyer, I'm just not sure if I want to do case law, patent law, family law or some other kind of law." Really, is that so absurd?
Of course, how could I be so obtuse? I'll just get a job anywhere, why did I even ask a question in the first place?
OP here:
Fair enough, I appreciate your perspective, but it doesn't answer the most fundamental question I asked: how did you become a paid professional who uses Linux regularly (if you do)?
To use your analogy, I want to become a very talented chef, one that involves mastering knife handling. I'm already pretty good at knife handling, but I want to get better. I enjoy cooking so much, that I want to make a career out of it instead of just goofing off. The trouble is, I don't know how to get hired as a chef if all the restaurants want 3+ years experience as a very talented chef. I also know that whatever chef I end up as, I want to handle knives in the process. I don't want to be a pastry chef or sous chef; I want to cut and chop and pare with masterful precision as some kind of chef that uses knives (I want to use Linux, no matter what profession I take on; the analogy has somewhat broken down here, but you get the idea, I hope).
I'm looking for a "bus boy" type position, where I can be exposed to the kinds of technology I want to master, and work my way up the food chain. I just don't know how to do that.
A whitelist approach seems most reasonable to me.
Simple, unobtrusive text ads? Sure.
Huge Flash seizure-inducing videos with sound that play automatically? Go to hell.
Some sites (even slashdot) get so heavy laden with adverts that simply loading any content becomes a headache on high-latency connections like HughesNet. FF + ABP to the rescue.
The OP mentions limited budget and huge volumes of data to back up locally. Working within these constraints, a solution comes into focus:
FreeNAS + rsnapshot. Both are free ($0) and accomplish essentially what Time Machine does for Macs, but to/from almost any hardware. Bear in mind that any solution offering any semblance of security for 8TB of data won't be cheap.
Probably the biggest investment will be the NAS box itself, and of that, the HDDs will most likely cost the most. 8TB of RAIDed storage will easily cost >$500. The other hardware need not be much, it just needs enough SATA ports and power to run the HDDs, plus a GigE NIC.
rsnapshot keeps very intelligent backups, only recording diffs between backups using hardlinks. It's not too difficult to set up, and it's totally automated. The net result is a bunch of, well, snapshots, going back a few hours, days, months, even years if you like (and have storage for).
There's just no way to offer a fireproof solution for this much data without investing serious cash. Definitely store the NAS as physically separate as possible from the original data. The NAS only needs power and a single Cat6 cord, so it's conceivable to place it in a detached building or something. Keep in mind, heat and humidity will become an issue in extremes.
[citation needed]
T. Colin Cambpell, a Ph.D. studied the matter in depth for decades alongside other researchers and revealed, among many other things, that a) our bodies require far less protein than many believe, and b) plants provide an abundance of all required nutrients. Check out the China Study, a spectacular read. Also, a quick look at the vegan wiki entry verifies this ad nauseum. I'm not a hardliner, but there's a *lot* of misinformation floating around this thread, not the least of which revolves around meat being the only viable source of human protein.
Would any of the people commenting on the widespread corruption of the US gov't, and the apparent apathy of the citizenry, care to offer practical advice on how to change things?
Vote? Yeah, that really helps when both candidates are just flipsides of the same messed up coin, products of the same system, never keep campaign promises, and the entire electoral process is either corrupt or obsolete (electoral college)?
Demonstrate? Yeah, that really made a huge difference during OWS. The only difference it made is in the minds of those who demonstrated, who felt like they did something meaningful. No real change.
Strike? That's a leverage tactic for affecting change in the workplace, not so much gov't.
Seriously, I'm not trolling. I really want to know what average US citizen can do to help change things for the better, even in small ways.
Anyone know of successful at-home internal failure repair, e.g. head crash? I know it's super risky, but tools are available to replace heads, etc.
I once enjoyed the thought of 'liberating' my friends and family from the shackles of Windows in a similar way. I even installed Ubuntu on a client's computer when I worked in a repair shop, when a desperate mother came seeking a way for her daughter to avoid viruses.
After installing Ubuntu, the client responded positively. Shortly after, I got a call asking how to get their printer working, and how to install MSN messenger. I scrambled to find a *nix clone...ah, aMSN, bingo! OK, install from repos, done.
Now, printer. OK, bring it in with the computer so I can install it. It's a Canon, but it's not in the default CUPS package (at the time). Hit up Canon's website. They have a binary, but it doesn't install right. Crap. I don't remember how it worked out, but I think I got it working after several hours of free labor.
Moral of the story is: don't do this unless you're 100% OK with hand-holding each one of these people with every issue that arises, and are willing to take responsibility for failure if you can't fix a problem.
IMO, desktop Linux is currently appropriate for two audiences: tech-savvy, capable adventurers who want to try something new and don't mind finding answers on their own, or the very computer illiterate, who use machines for literally just getting online and checking email. Even then, you run some risks.
Seems Khan Academy poses more a threat to paid tutoring services than formal education. I view Khan as a free, anytime, anywhere tutor rather than a replacement for earning a BS from an accredited institution.
Does this feature work transparently and automatically, or does one need to enable it?
Even many in law enforcement--cops, judges, etc--support ending prohibition on drugs: http://leap.cc
Sure, SQL injection shouldn't work, but it wouldn't matter as much if Yahoo hashed passwords in bcrypt or similar. Why the hell do they store cleartext passwords in a database?
BTW, the file is called yahoo-disclosure.txt.