Wasn't the idea behind open source to make more choices available. To allow you to tailor things the way *YOU* want. If people want to use Microsoft, let them. That is their choice.
I have been down this path.... My suggestion is this:
1. Go to a large university, they have the most interesting campus networks and will have the latest technology. 2. Pick a major, any major. 3. Get a job working for the networking group as a student employee.
I went this route, and I have not looked back. I learned a great deal about everything from ISDN to OC-48 SONET connections. But the key is a large university. You will also find you have alot of chances to play with the equipment and get some valuable experience. I learned basic Cisco knowledge on a 12008 GSR (carrier class, $300K router). You wont get a chance to do that anywhere else. Just my 2 cents.
Well, if these are going to be in a bunch of racks, name each rack with a 6 character name, and name each machine [rackname][Unit].domain.com. So if the system is in Unit1 of the the rack moocow, it's name would be moocow01.domain.com. That helps locate them quick too.
I am curious as to what that consider linux and what they dont. If they are counting the number of security vunerabilities of all the available linux utilities and kernel or just the 'core' parts. I know I personally would have a different definition of what programs make the the core linux and which ones are optional. GPM recently contained a vulnerability, but I dont consider it important or required at all.
You might want to look at the Thinkpad X20 and X21 series laptops. Not only does IBM go out of its way to make sure they are fully linux compatable, but they are less than 4 pounds. I have one, and installed a SanDisk FLASH IDE Hard drive in it (just ordered a 1.2GB drive infact) and am getting 4hours+ battery life which is not bad on the standard battery. They also have a PCMCIA and a Compact Flash Slot so you can expand the storage easily. I currently have a 128MB Flash IDE Drive, and some compact flash cards I use. Slackware can be made to fit nicely on the small amount of space. The laptops also dont have lots of bells and wistles, and are fairly simple, with many options on built in network cards. You have a choice of wireless or 100Base-T 3Com brand.
Where I work we use one-time passwords. We have special cards that you punch in a personal code and it gives you a one-time use password that expires after use or after 30 seconds. The routers authenticate using TACACS to a server that is synchronized with the cards. Makes it nearly impossible to break into them remotely.
Another thing router admins need to be aware of is the way they set up SNMP. SNMP can be used to modify just about ANY part of a router. All the attacked needs to know is the read/write string (basically a static passsword). And because SNMP uses UDP, it has the potential of being spoofed if access lists are used to determine which machines may send SNMP commands. The only way to guard against this is edged filters everywhere and keeping the location of the password server and SNMP allowed hosts in a secure segment/area.
Look at http://www.redhat.com/about/presscenter/2001/press _Q42001.html - It states that RedHet only lost $0.03 per share. Which is not break even, but is pretty good compared to their earlier losses.
Slashdot Mirror
Wasn't the idea behind open source to make more choices available. To allow you to tailor things the way *YOU* want. If people want to use Microsoft, let them. That is their choice.
I have been down this path.... My suggestion is this:
1. Go to a large university, they have the most interesting campus networks and will have the latest technology.
2. Pick a major, any major.
3. Get a job working for the networking group as a student employee.
I went this route, and I have not looked back. I learned a great deal about everything from ISDN to OC-48 SONET connections. But the key is a large university. You will also find you have alot of chances to play with the equipment and get some valuable experience. I learned basic Cisco knowledge on a 12008 GSR (carrier class, $300K router). You wont get a chance to do that anywhere else. Just my 2 cents.
Problem with this is that just about every AUP out there has a clause that reads along the lines of:
"[isp] reserves the right to terminate this agreement at anytime"
So they dont even have to give you a bandwidth number. They alright got you to agree to let them cancel your connection at their discression.
According to their website here: http://www.lantronix.com/news/pr/2003/02-24-xport. html they are available in single unit quantities for $49.00.
Well, if these are going to be in a bunch of racks, name each rack with a 6 character name, and name each machine [rackname][Unit].domain.com. So if the system is in Unit1 of the the rack moocow, it's name would be moocow01.domain.com. That helps locate them quick too.
I am curious as to what that consider linux and what they dont. If they are counting the number of security vunerabilities of all the available linux utilities and kernel or just the 'core' parts. I know I personally would have a different definition of what programs make the the core linux and which ones are optional. GPM recently contained a vulnerability, but I dont consider it important or required at all.
You might want to look at the Thinkpad X20 and X21 series laptops. Not only does IBM go out of its way to make sure they are fully linux compatable, but they are less than 4 pounds. I have one, and installed a SanDisk FLASH IDE Hard drive in it (just ordered a 1.2GB drive infact) and am getting 4hours+ battery life which is not bad on the standard battery. They also have a PCMCIA and a Compact Flash Slot so you can expand the storage easily. I currently have a 128MB Flash IDE Drive, and some compact flash cards I use. Slackware can be made to fit nicely on the small amount of space. The laptops also dont have lots of bells and wistles, and are fairly simple, with many options on built in network cards. You have a choice of wireless or 100Base-T 3Com brand.
Where I work we use one-time passwords. We have special cards that you punch in a personal code and it gives you a one-time use password that expires after use or after 30 seconds. The routers authenticate using TACACS to a server that is synchronized with the cards. Makes it nearly impossible to break into them remotely.
Another thing router admins need to be aware of is the way they set up SNMP. SNMP can be used to modify just about ANY part of a router. All the attacked needs to know is the read/write string (basically a static passsword). And because SNMP uses UDP, it has the potential of being spoofed if access lists are used to determine which machines may send SNMP commands. The only way to guard against this is edged filters everywhere and keeping the location of the password server and SNMP allowed hosts in a secure segment/area.
Look at http://www.redhat.com/about/presscenter/2001/press _Q42001.html - It states that RedHet only lost $0.03 per share. Which is not break even, but is pretty good compared to their earlier losses.