Of course you can release whatever Informatioin you got (as long as you obtained it by yourself). What i meant was, that if you want a timely and well tested fix, you should talk to the vendor and not just release stuff.
As i wrote in another post, Lynn used ISS ressources and extra connections to find this problem (however it might look) and than decided to go on his own. Also, as i posted before, ISS is a competitor of cisco and actually needs the publicity.
I mean, cisco publishes a whole lot of advisories. They also (and they are afaik the only networking vendor who does this) openly publish their bug database (And yes, they call it "Bug toolkit" and not feature toolkit:-) ). Other vendors are actually using it to talk bad about cisco at customer sites (they quote bug reports while not publishing their own ones).
Also, if this really was a HW related issue, a fix will take some time. A month isn't always enough (testing etc.)
I agree with you partially. As I posted before, my experience with PSIRT has been a good one. I reported a vulnerability (traffic with certain characteristics-multicasts and flooded unicasts- from vlan 1 was leaked on a port, which had a special voice vlan configuration) which would never be serious if one used proper design (not using vlan 1 for any "real" traffic). Still the aknowledged the problem and fixed it rather fast. Still, maybe my experience might not be the rule.
What really worries me is the whole ISS connection. Obviously he worked at ISS when discovering the vulnerability. Now, ISS get's a lot more information and cooperation from cisco than a normal individual would. So he likely had the advantage of ISS' corporate Infrastructure. Than he leaked the problem without ISS' consent. As you very correctly stated: Likely this isn't about the publics right to know, but rather about publicity.
I really look forward to see the research once it's public. Yes, they made a major finding if one is able to launch extra processes in IOS using existing vulnerabilities. Still, I don't believe we had a likely cover up here. Remember: ISS is actually a competitor of cisco (in the IPS market) and they need this kind of stuff to keep up their reputation is a security company. So little chance for cisco to bury this thing...
I can't help but wonder, if this in the end really about gaining some publicity and in the end making more money.
Cisco is actually very upfront and cooperative when you report things which might be a vulnerability (I have personally dealt with PSIRT). The people who work there are actually so polite, it's kind of annoying (I have been thanked about 2 dozen times for reporting a very minor finding).
They do however expect you to play by the rules. Even if you are the person who found a bug, you are expected to let Engineers fix the bug before you release the information. Also, there is policy in place, which makes sure major ISPs (Carriers) are informed first, so they can do upgrades before the PSIRT release is made public.
All that makes sense, since we are really talking about essential infrastructure.
Of course, all that kind of takes away the coolness of reporting a vulnerability and you will get a lot less publicity (cisco credits you) than what you would get, if you just post to some mailing list.
If he really released information he researched at ISS without consent, well, he should face consequences. Because I obviously was to gain from it (getting a new job, making a name or himself). Hopefully he wasn't just doing it for the publicity.
Nat means that several ext. addresses are used.
If you are using just one public ip, it's NAPT/PAT(network addr. Port translation/ port address translation).
First of all, yes spreadsheets can be very important for network documentation, but i think a spreadsheet alone is insufficient(at least once the network reaches a certain size)
Think about it, what if something happens to you?
You (and your admin colleagues) may have everything in their minds. Where is which router, what does it connect, what vlans are configured on that switch, what uplinks, stp configuration, redundant interfaces/links.
Now what if sonmething happens to you and your colleagues.
Suddenly someone else has to administer the network, and if the network has a certain size, it will be a taunting task to find out how exactly the topology(physical as well as logical) is structured.
Also a graphical map prevents misunterstandings and generally speeds up the process of making topological changes to your network.
If you have a consultant or external support at your site, it helps. Show them the diagram instead of explaining for half an hour.
For me it also is very nice to have such a diagram, from time to time it's very helpfull to take a step back and look at such a map when troubleshooting.
It helps when you work with other admins, because you can draw and comment on a printed out version of the map.
I think the mistake a lot of people are making(especially with visio VNE) is to win graphic design awards when drawing network maps, that's not the purpose of it.
Keep them simple, with only a limited set of stencils(but then again comment them well).
At last drawing the network maps helps to understand the network, if you for example have a junior admin at your site, let him draw a map, he will understand the network much better(if you build the network yourself, drawing a map obviously very seldom helps your undertsanding;-) )
Also drawing network maps is important when proposing network designs to customers or suggesting network changes to executives(see, this is very the firewall is going, protecting your precious e-mail server).
Well,
just found this http://www.cisco.com/warp/public/503/2.html>
standard networking symbols from cisco, in a whole slew of formats, with a reference pdf
Well, I have to say, Visio is really the tool you are looking for. Visio Network Edition to be exact(although i think the normal version will do, but VNE includes a incredibly large amount of stencils)
On the free software side of things, there is KIVIO which aims to be a Visio clone for X.
I can't tell you how far it has gotten, but it looks decent, and if there would be(i just don't know if the formats are compatible) a way to import stencils from visio it might just do0 the job.
Nevertheless, if you have a really large network to draw, my suggestions is to go with visio.
It is very capable and extremely easy to use.
Just don't forget to export the files to pdf or ps(maybe also html, but last i checked the html output of visio wasn't too fantastic)
As for standard symbols, check out some of cisco CCO's network maps.
You'll find a example of pretty much every way of connecting network equipment there, generally with nice example maps.
DO I sound like a Cisco Borg?;-)
The way these maps are structured and also the set of symbols is pretty much the standard(IMHO this is the way to draw network maps, but then again i could be wrong).
Before you start i suggest you think what kind of map you want(how much detail, just logical or real topology, do you want to use generic or product specific - generally i would say, go with generic symbols)
Another way to go would be to use on of the expensive NMS packages(cisco works, HP Openview) with which you can draw very nice network maps(actually that's just a effect of managaing via this products, maybe there already exists one of this products at your company
One problem might be to export this maps(i can't tell, have'nt used one of these packages extensively) and the map formats are proprietary.
For normal "drawing" of maps, Visio is definitely the best choice
Well TUX is indeed one of the
fastest webserver, it's written by Ingo Molnar
what makes it special? Well, It runs in kernel space, that's why it's so fast. It's also not meant to completely replace a full fletched web server like apache.
look at this link:http://dot.kde.org/979768484/
a lot of talk about licensing issues and a apparent feud between the kompany and magellan developers
Must sys that it still looks nice tho
As for the projector:
As you are talking about data projectors which essentially aren't meant for video images there are two different options as far as I'm aware
DLP - a technology developed by TI(look it up if you have time - it's very cool stuff)
LCD
AFAIK the DLP projectors have better color depth and are generally speaking smaller and lighter then LCD modells.
I've used quite a few LCD Projectors(the most expensive at about 7000 USD so I don't know about absolut top of the line modells) and I always was able to see some kind of rasterisation and I also wasn't quite sadisfied with the color depth(you see that kind of thing when watching soccer games)
I recently have been able to try out two diffent DLP projectors, one from Compaq and the other from a small company that actualy manufactures them for compaq - still the base parts are always from TI - I can look up the exact specs of the ones I used if you mail me) and I liked them a lot.
As far as I know DLP is also the technology used in the first digital cinema projectors
Some other negative points about projectors:
The do make noise(both LCD and DLP) may not matter but still this can be disturbing
the Bulbs burn out pretty fast as someone already mentioned, and are ridiculously expensive
If you are a heavy smoker after time your picture will become blurred(doesn't apply that much if you use the thing at a bar or something tis may matter
If you really want the best picture quality and no nois at all get a 3 Color tube projector. Which in contrary are pretty bulky and expensive
from the article: low-end Internet-appliance server
I gues that's not exactly the Server market AMD wants too get their fingers in. It may be a lucrative but that's not ther server market Intel dominates. I guess there are already a lot of homegrown AMD based "Servers" in a lot of offices
Besides that it's not even a new customer for AMD. As the article states: already supplies the K6-II processor for Cobalt's current one-rack Internet server
Must be a very big server if it takes a whole rack(Just kidding, I know it's one U)
well, I am usnig various tools. As of yet I haven't found one package that does it all, but a lot of small programs that make an pretty nice package. I don't know what you mean exactly with Networkmanagment/I think there a different meanings which all focus on differnet areas of networking)
Netsaint I think netsaint i very cool. I.t checks for services in various network devices therefore reporting on uptime etc.. Sends out emails if one device goes down and so on. Very configurable. Love it, also ties in nicely with Cricket(link the devices with their respective cricket pages).A reporting tool for netsaint(Impress your boss!!)here
Cricket bases on rrdtool which is written by Tobi Oetikers(the guy who wrote MRTG. If you look at the rrdtool page you see various other frontends, I just happen to like cricket. Great for graphing routers and switches(and pretty much else) through snmp(you can configure it to graph other things, for example their is a package that creates graphs of the RTA's of devices in netsaint(look at the cricket contrib page.
ntop ntop, a sniffe with a web based interfaces(and a console one) were nice for monitoring various aspects of parts the network. Check out one of the newer cvs snapshots
I haven't had time to check out OpenNMS yet.
Another nice tool is ethereal, a awesome gui sniffer.
One thing that is especially great about netsaint and cricket and netsaint is the great number of 3rd party addons, which make life a lot easier
From the TOS
[you may not]post, publish, transmit, reproduce, distribute or in any way exploit any information, software or other material obtained through Services for commercial purposes
What? I mean I'm not an native english speaker so I might get something wrong here but that paragraph just seems ridicilous and quite over the top.
Still I like the part about not downloaded viruses
I just can imagine the support calls right now: USER:Ummm, my computer behaves kinda strange and Mcafee says I got a virus, and yeah some files are missing
TechSupport: Bad luck pal, I'm terminating your account right now
From the e-mail: but by the software that controls the licensed devices
SO what does this mean? AT what level would that be implemented?
BIOS; HD Controller; OS?
I actually think you would have to have a carefully crafted cooperation between the HDD, the Disc Controller na dfinally the OS. So does that mean that once on of those links doesn't work the whole CP Scheme will not work?
I still don't quite get it how this stuff could work, even with appliances like tivo.
However it's scary seeing you rights fading out more and more each day.
quick, delete the post.
Taco's gonna see this, well actually just the word PERL and we are all done.
No more "Standards are important for the web" Articles, just rotating logos all over slashdot. And an fscking intro, NOOOOOOO
Oh the humanity.
Well, it's probably to late allready.
Automatic network/Internet configuration
don't most distros already have that? I think most commercial/newbie friendly distros already are up to bar at this point with Windows. Maybe easier setting up of smb shares would be useful here but maybe that is already done in some distros
Tough, preconfigured security for network/Internet access
Right. But what does that mean exactly? Lot of closed services. If you rstrict to much unexperience users will be frustrated.
A conservative roster of applications, including an email client; a Web browser; office tools such as a word processor, a spreadsheet, and presentation apps; an image editor; a media player; an HTML editor; Telnet, FTP, and other network utilities
isn't that what the DE's are trying to do? I mean if I look at either gnome or kde they offer pretty much all those features. Does Windows offer a complete Office suite at no extra cost? No ( I'm not saying those apps shouldn't be included in a distro).
A single window manager that integrates the best of existing desktop environments into a pared-down, easily configurable workspace
New users at first won't care about which WM they are running, at least I didn't care at the beginning.
You install the DE of your choice, WM doesn't matter that much for a new User.
A modicum of accessories such as a calculator and an address book
same as two questiosn above
User-friendly network administration tools
what?, come on, we are talking about mister J. Random User here, he won't have to administer a network.;-)
The Article has some valid points tho.
The reasons is simple - socialization. Being a successful adult is as much a function of charisma as a function of intelligence
good point, basically. Still in my opinion intelligence is one part of being a charismatic person. But we could discuss something like that for hours
I agree with you, if the kid never develops sufficent "emotional" and "social" intelligence he will have it even harder a life than he is already going to have. As you have mentioned it is quite hard to fit into you peer group when you basically just don't fit in. It's basically a question of inerests, the kid will certainly be interested in a lot of things which others of his age won't even have heard about.
So as this post
post mentions don't just concentrate on academical things, take him out, show him the world.
Teach him a instrument whatever, but don't just let him become focused on just one aspect of education.
After all he is just a young boy, just because he now is interested in computers that doesn't mean it's the only thing he is going to be interested in and if you don't show other interesting things he will never know what he has missed.
Well Jabber can at least help you for now. There are several transports you can import into the native jabber system so that you can communicate with various IM's. While Jabber is far away from perfect for now i see a lot of promise and it works(at least when sending text messages to other IM's)
you can get the latest Jabber news and a roundup of clients at JabberCentral. Various Plattforms are supported right now.
Slashdot Mirror
Of course you can release whatever Informatioin you got (as long as you obtained it by yourself). What i meant was, that if you want a timely and well tested fix, you should talk to the vendor and not just release stuff.
:-) ). Other vendors are actually using it to talk bad about cisco at customer sites (they quote bug reports while not publishing their own ones).
As i wrote in another post, Lynn used ISS ressources and extra connections to find this problem (however it might look) and than decided to go on his own. Also, as i posted before, ISS is a competitor of cisco and actually needs the publicity.
I mean, cisco publishes a whole lot of advisories. They also (and they are afaik the only networking vendor who does this) openly publish their bug database (And yes, they call it "Bug toolkit" and not feature toolkit
Also, if this really was a HW related issue, a fix will take some time. A month isn't always enough (testing etc.)
I agree with you partially.
As I posted before, my experience with PSIRT has been a good one. I reported a vulnerability (traffic with certain characteristics-multicasts and flooded unicasts- from vlan 1 was leaked on a port, which had a special voice vlan configuration) which would never be serious if one used proper design (not using vlan 1 for any "real" traffic). Still the aknowledged the problem and fixed it rather fast. Still, maybe my experience might not be the rule.
What really worries me is the whole ISS connection. Obviously he worked at ISS when discovering the vulnerability. Now, ISS get's a lot more information and cooperation from cisco than a normal individual would. So he likely had the advantage of ISS' corporate Infrastructure. Than he leaked the problem without ISS' consent. As you very correctly stated: Likely this isn't about the publics right to know, but rather about publicity.
I really look forward to see the research once it's public. Yes, they made a major finding if one is able to launch extra processes in IOS using existing vulnerabilities. Still, I don't believe we had a likely cover up here. Remember: ISS is actually a competitor of cisco (in the IPS market) and they need this kind of stuff to keep up their reputation is a security company. So little chance for cisco to bury this thing...
I can't help but wonder, if this in the end really about gaining some publicity and in the end making more money.
Cisco is actually very upfront and cooperative when you report things which might be a vulnerability (I have personally dealt with PSIRT). The people who work there are actually so polite, it's kind of annoying (I have been thanked about 2 dozen times for reporting a very minor finding).
They do however expect you to play by the rules. Even if you are the person who found a bug, you are expected to let Engineers fix the bug before you release the information.
Also, there is policy in place, which makes sure major ISPs (Carriers) are informed first, so they can do upgrades before the PSIRT release is made public.
All that makes sense, since we are really talking about essential infrastructure.
Of course, all that kind of takes away the coolness of reporting a vulnerability and you will get a lot less publicity (cisco credits you) than what you would get, if you just post to some mailing list.
If he really released information he researched at ISS without consent, well, he should face consequences. Because I obviously was to gain from it (getting a new job, making a name or himself). Hopefully he wasn't just doing it for the publicity.
Nat means that several ext. addresses are used.
If you are using just one public ip, it's NAPT/PAT(network addr. Port translation/ port address translation).
Well,7 271
5 5
(to the sound of the lumberjack song)
I'm a Karma whore, and I'm okay.
I post all night and karma whore all day
(/to the sound of the lumberjack song)
karma whoring deluxe link to previous post:
http://slashdot.org/comments.pl?sid=21846&cid=233
the whole article:
http://slashdot.org/article.pl?sid=01/09/21/15542
First of all, yes spreadsheets can be very important for network documentation, but i think a spreadsheet alone is insufficient(at least once the network reaches a certain size)
;-) )
Think about it, what if something happens to you?
You (and your admin colleagues) may have everything in their minds. Where is which router, what does it connect, what vlans are configured on that switch, what uplinks, stp configuration, redundant interfaces/links.
Now what if sonmething happens to you and your colleagues.
Suddenly someone else has to administer the network, and if the network has a certain size, it will be a taunting task to find out how exactly the topology(physical as well as logical) is structured.
Also a graphical map prevents misunterstandings and generally speeds up the process of making topological changes to your network.
If you have a consultant or external support at your site, it helps. Show them the diagram instead of explaining for half an hour.
For me it also is very nice to have such a diagram, from time to time it's very helpfull to take a step back and look at such a map when troubleshooting.
It helps when you work with other admins, because you can draw and comment on a printed out version of the map.
I think the mistake a lot of people are making(especially with visio VNE) is to win graphic design awards when drawing network maps, that's not the purpose of it.
Keep them simple, with only a limited set of stencils(but then again comment them well).
At last drawing the network maps helps to understand the network, if you for example have a junior admin at your site, let him draw a map, he will understand the network much better(if you build the network yourself, drawing a map obviously very seldom helps your undertsanding
Also drawing network maps is important when proposing network designs to customers or suggesting network changes to executives(see, this is very the firewall is going, protecting your precious e-mail server).
Well,
just found this http://www.cisco.com/warp/public/503/2.html>
standard networking symbols from cisco, in a whole slew of formats, with a reference pdf
Well, I have to say, Visio is really the tool you are looking for. Visio Network Edition to be exact(although i think the normal version will do, but VNE includes a incredibly large amount of stencils)
On the free software side of things, there is KIVIO which aims to be a Visio clone for X.
I can't tell you how far it has gotten, but it looks decent, and if there would be(i just don't know if the formats are compatible) a way to import stencils from visio it might just do0 the job.
Nevertheless, if you have a really large network to draw, my suggestions is to go with visio.
It is very capable and extremely easy to use.
Just don't forget to export the files to pdf or ps(maybe also html, but last i checked the html output of visio wasn't too fantastic)
As for standard symbols, check out some of cisco CCO's network maps.
You'll find a example of pretty much every way of connecting network equipment there, generally with nice example maps.
DO I sound like a Cisco Borg?;-)
The way these maps are structured and also the set of symbols is pretty much the standard(IMHO this is the way to draw network maps, but then again i could be wrong).
Before you start i suggest you think what kind of map you want(how much detail, just logical or real topology, do you want to use generic or product specific - generally i would say, go with generic symbols)
Another way to go would be to use on of the expensive NMS packages(cisco works, HP Openview) with which you can draw very nice network maps(actually that's just a effect of managaing via this products, maybe there already exists one of this products at your company
One problem might be to export this maps(i can't tell, have'nt used one of these packages extensively) and the map formats are proprietary.
For normal "drawing" of maps, Visio is definitely the best choice
I thought i just mention this one: http://hpinkjet.sourceforge.net/
This aren't exactly news, the sources were released on February 26th.
More info can be found at www.sapdb.org
not much but still:i d=12102
http://www.linuxgram.com/newsitem.phtml?sid=108&a
look here:
http://www.livejournal.com/files/code/
Well TUX is indeed one of the fastest webserver, it's written by Ingo Molnar
what makes it special? Well, It runs in kernel space, that's why it's so fast. It's also not meant to completely replace a full fletched web server like apache.
check out this older slashdot article
on such a project9 79781930/979783107/979801945/
again dot.kde.org http://dot.kde.org/979768484/979777064/979778240/
look at this link:http://dot.kde.org/979768484/
a lot of talk about licensing issues and a apparent feud between the kompany and magellan developers
Must sys that it still looks nice tho
As you are talking about data projectors which essentially aren't meant for video images there are two different options as far as I'm aware
DLP - a technology developed by TI(look it up if you have time - it's very cool stuff)
LCD
AFAIK the DLP projectors have better color depth and are generally speaking smaller and lighter then LCD modells.
I've used quite a few LCD Projectors(the most expensive at about 7000 USD so I don't know about absolut top of the line modells) and I always was able to see some kind of rasterisation and I also wasn't quite sadisfied with the color depth(you see that kind of thing when watching soccer games)
I recently have been able to try out two diffent DLP projectors, one from Compaq and the other from a small company that actualy manufactures them for compaq - still the base parts are always from TI - I can look up the exact specs of the ones I used if you mail me) and I liked them a lot.
As far as I know DLP is also the technology used in the first digital cinema projectors
Some other negative points about projectors:
The do make noise(both LCD and DLP) may not matter but still this can be disturbing
the Bulbs burn out pretty fast as someone already mentioned, and are ridiculously expensive
If you are a heavy smoker after time your picture will become blurred(doesn't apply that much if you use the thing at a bar or something tis may matter
If you really want the best picture quality and no nois at all get a 3 Color tube projector. Which in contrary are pretty bulky and expensive
from the article:
low-end Internet-appliance server
I gues that's not exactly the Server market AMD wants too get their fingers in. It may be a lucrative but that's not ther server market Intel dominates. I guess there are already a lot of homegrown AMD based "Servers" in a lot of offices
Besides that it's not even a new customer for AMD. As the article states:
already supplies the K6-II processor for Cobalt's current one-rack Internet server
Must be a very big server if it takes a whole rack(Just kidding, I know it's one U)
Netsaint I think netsaint i very cool. I.t checks for services in various network devices therefore reporting on uptime etc.. Sends out emails if one device goes down and so on. Very configurable. Love it, also ties in nicely with Cricket(link the devices with their respective cricket pages).A reporting tool for netsaint(Impress your boss!!)here
Cricket bases on rrdtool which is written by Tobi Oetikers(the guy who wrote MRTG. If you look at the rrdtool page you see various other frontends, I just happen to like cricket. Great for graphing routers and switches(and pretty much else) through snmp(you can configure it to graph other things, for example their is a package that creates graphs of the RTA's of devices in netsaint(look at the cricket contrib page.
ntop ntop, a sniffe with a web based interfaces(and a console one) were nice for monitoring various aspects of parts the network. Check out one of the newer cvs snapshots
I haven't had time to check out OpenNMS yet. Another nice tool is ethereal, a awesome gui sniffer.
One thing that is especially great about netsaint and cricket and netsaint is the great number of 3rd party addons, which make life a lot easier
From the TOS [you may not]post, publish, transmit, reproduce, distribute or in any way exploit any information, software or other material obtained through Services for commercial purposes What? I mean I'm not an native english speaker so I might get something wrong here but that paragraph just seems ridicilous and quite over the top.
Still I like the part about not downloaded viruses
I just can imagine the support calls right now:
USER:Ummm, my computer behaves kinda strange and Mcafee says I got a virus, and yeah some files are missing
TechSupport: Bad luck pal, I'm terminating your account right now
LOOK! There allready is xbill for windows:
http://www.azzit.de/xbill/
From the e-mail:
but by the software that controls the licensed devices
SO what does this mean? AT what level would that be implemented?
BIOS; HD Controller; OS?
I actually think you would have to have a carefully crafted cooperation between the HDD, the Disc Controller na dfinally the OS. So does that mean that once on of those links doesn't work the whole CP Scheme will not work? I still don't quite get it how this stuff could work, even with appliances like tivo.
However it's scary seeing you rights fading out more and more each day.
quick, delete the post.
Taco's gonna see this, well actually just the word PERL and we are all done.
No more "Standards are important for the web" Articles, just rotating logos all over slashdot. And an fscking intro, NOOOOOOO
Oh the humanity.
Well, it's probably to late allready.
Automatic network/Internet configuration
don't most distros already have that? I think most commercial/newbie friendly distros already are up to bar at this point with Windows. Maybe easier setting up of smb shares would be useful here but maybe that is already done in some distros
Tough, preconfigured security for network/Internet access
Right. But what does that mean exactly? Lot of closed services. If you rstrict to much unexperience users will be frustrated.
A conservative roster of applications, including an email client; a Web browser; office tools such as a word processor, a spreadsheet, and presentation apps; an image editor; a media player; an HTML editor; Telnet, FTP, and other network utilities isn't that what the DE's are trying to do? I mean if I look at either gnome or kde they offer pretty much all those features. Does Windows offer a complete Office suite at no extra cost? No ( I'm not saying those apps shouldn't be included in a distro).
A single window manager that integrates the best of existing desktop environments into a pared-down, easily configurable workspace
New users at first won't care about which WM they are running, at least I didn't care at the beginning.
You install the DE of your choice, WM doesn't matter that much for a new User.
A modicum of accessories such as a calculator and an address book same as two questiosn above
User-friendly network administration tools what?, come on, we are talking about mister J. Random User here, he won't have to administer a network.;-)
The Article has some valid points tho.
The reasons is simple - socialization. Being a successful adult is as much a function of charisma as a function of intelligence
good point, basically. Still in my opinion intelligence is one part of being a charismatic person. But we could discuss something like that for hours
I agree with you, if the kid never develops sufficent "emotional" and "social" intelligence he will have it even harder a life than he is already going to have. As you have mentioned it is quite hard to fit into you peer group when you basically just don't fit in. It's basically a question of inerests, the kid will certainly be interested in a lot of things which others of his age won't even have heard about.
So as this post post mentions don't just concentrate on academical things, take him out, show him the world.
Teach him a instrument whatever, but don't just let him become focused on just one aspect of education.
After all he is just a young boy, just because he now is interested in computers that doesn't mean it's the only thing he is going to be interested in and if you don't show other interesting things he will never know what he has missed.
Well Jabber can at least help you for now. There are several transports you can import into the native jabber system so that you can communicate with various IM's. While Jabber is far away from perfect for now i see a lot of promise and it works(at least when sending text messages to other IM's)
you can get the latest Jabber news and a roundup of clients at JabberCentral. Various Plattforms are supported right now.