A couple months ago, I built myself a nice little cheap desktop for about $400. I'd say I did pretty well. Here are the specs:
Athlon XP 2000+ proc VIA KT266 motherboard with 1 AGP/4 PCI slots, 6 USB ports, onboard S3 ProSavage8 video, 10/100 networking, and the usual motherboard stuff 256MB RAM 80GB WD hard drive Floppy drive 16X DVD-ROM drive 48X CD-RW drive Mini-tower case
Err sorry, when I said "built", I meant "bought an emachines T2082". Emachines USED to be crap, but these days they're using mostly off-the-shelf components. I have yet to find anything proprietary or icky about this computer. Sure I upped the RAM to 512MB and added a decent video card, but everything else is fine.
As for the Athlon64 system, it appears they released it TOO quietly... their web site doesn't even mention it.
First of all, I would like to say that while I'm not a Red Hat zealot, I'm am a Red Hat sympathizer. I've been a Red Hat user since RHL 4.2, and will continue to use their products when possible. I'm not the happiest with what has happened in the recent months, but I see that this will overall be best for the company.
I manage about 40 machines, most of which are currently running RHL 7.2 and 7.3. We are in the process of transitioning to a gentoo-based distro. A custom stage 3 tarball has been created that can be plopped onto a server and already contains the extra utilities needed as a base level for our servers (ntpd, screen, etc). I've frozen the portage tree, and are side-porting updated software that has been released as the result of a GLSA. This prevents the server set from being too "bleeding edge", while still being secure.
That being said, it'll take a good deal of time to convert 40 servers over from RHL to gentoo. The Progency announcement is great for us, it gives us a bit of insurance against a flaw coming out that we can't immediately solve. Personally, I'd like nothing more than running RHEL on our servers. RHEL focuses more on stability than new whiz-bang features, and the 5-year support life is a plus. But RHEL costs money, money we can't really justify right now. And unfortunately, our business size (small to medium) is no longer the target customer size for Red Hat's business. They're going after the 1000ish-server and 10000ish-workstation market. Again, annoyed, but at least understandable.
I see Red Hat's biggest mistake being announcing the Fedora project AFTER announcing the EOLs on RHL. If they would have announced Fedora and released Fedora Core 1, say 6 months before even announcing the EOL of RHL products, it would have eased the fears of many people. I have Fedora Core 1 running on a workstation, and it works pretty damn well IMHO. But I would not run it in a production environment yet because it's new and unproven and scary.
Secondly, the argument about RHL 9 being out less than a year before being EOLed: Red Hat DID announce that they would only be supporting RHL 9 for a short time, but they probably should have said it louder than they did. Alternatively, if they would have gotten off the ground with the Fedora project earlier like I mentioned above, RHL 9 should have become Fedora Core 1, and would have played into the above strategy.
So that's my take on this. Red Hat could have done things much differently to avoid annoying the smaller linux sysadmin, but that's all in the past now. Like it or not, Red Hat is moving in a new direction, and I wish them the best of luck. I just wish that my position didn't prevent me from moving along with them. Also, kudos to Progency for stepping up to the plate and providing transition support for these products.
By the way, it's "Red Hat". Not "RedHat". Just because the two words in their company name are short doesn't allow you to merge them together. Pretty soon you'll have people going to Slash Dot to read about AlanCox speaking out against Micro Soft:)
Human nature seems to dictate that 1) people will disagree on anything, even what color the sky is, and 2) people will complain. As seen in the previous story on initial reactions to the number porability law, there were +5 comments complaining about EVERY cell carrier. Since this story specifically has to do AT&T wireless, there are obviously more complaints about AT&T than other carriers. Therefore, I thought I'd post my own personal experience.
I've had AT&T Wireless for about 4 years now and have had no complaints about them. When I started, I bought a nokia 5165, got some minutes, and 6 months of free text messaging. When I called after the 6 month period was up, I asked for them to drop the messaging service since I didn't use it that much. Their reply was "how about another 6 months free?" This continued each 6 months for about 2 years. All good things must come to an end though, and they finally started charging a couple bucks (since then I have learned that I cannot live without text messaging).
The reception has been the best I've encountered, experiencing it for 2 years in the SF bay area, and the previous 2 years in Nevada. My employers have bought me other providers, but none would work as well as AT&T, so I kept my personal phone with them. (If you must know, cingular's reception was horrible for me. Of course your mileage can and will vary. Sprint works okay for me, but AT&T still works better.)
As for service... I've only had to call maybe a dozen times in 4 years. All of the times I've been impressed with their service. Or should I say, while my view of the world's customer service is at an all time low, AT&T has provided some of the least crappy customer service, irregardless of industry. They've reversed late charges just because I've asked, and I don't recall ever being on hold a long time.
The last time I called was about 3 months ago. My 5165 died (4 years for a cellphone is impressive, these days a cellphone's lifespan seems to be about 6 hours), so I bought a nokia 3360 online, called customer service up, was on hold for about 3 minutes, and it took maybe another 4-5 minutes to get the new phone activated.
So I'm happy. But I'm also knocking on wood, since the last company I praised on slashdot was my SBC DSL, and as a result, my DSL line went down about an hour later. Heh. Also, as it's been mentioned before in these comments, the problems with number portability are probably not some evil scheme by AT&T Wireless. Their problems are affecting both switchovers TO them as well as FROM them. Remember, being evil means screwing the customer AFTER they become a customer of yours, not before.
Standard disclaimer: All corporations are evil. Some are just not as evil as others.
Sprint's specs list a maximum of 128kbps on the Vision service, and I get very close to that. But you must remember that speed and latency are completely different. I've seen an average or 300-800ms latency on Vision. If you start a large download, I'll see close to the the full 128kbps. However, the latency makes the average web surfing or ssh session (send a little, receive a little, repeat) feels as slow as a 28.8k modem.
If AT&T can decrease the latency rather than increase the speed, I'm there!
Maybe you should re-read The Fedora(TM) Project's press release...
There is substantial evidence for prior use of the name Fedora(TM) by the Cornell and Virginia teams starting in 1998. This includes published papers, web sites, software releases, and public presentations.
Note to self: never try to first post again. Stupid fo0bar. Anyways, yeah, they've been using the Fedora name since 1998, but besides being "something on a computer", the two projects have almost nothing in common. After all, we have a RDBMS named Phoenix as well as a BIOS named Phoenix (and for a short time a browser named Phoenix). They're all computer software, right?
Sorry, I should probably elaborate. From reading the university Fedora website, it appears that while work on the project itself was around since 1998, it wasn't actually released to the public under the Fedora name until May 2003.
Meanwhile, Fedora Linux started in December 2002 as a collection of 3rd party RPMs
Perhaps Warren Togami should take exeption to Virginia/Cornell using the Fedora name 5 months after the (now Red Hat) Fedora project was started.
Founded December 2002 by University of Hawaii Computer Science student
Warren Togami, the previous Fedora Linux Project is an international
team of volunteer software developers united for the development of high
quality 3rd party RPM packages for the Red Hat Linux platform.
RHL was at version 9, and now they're switching to Fedora Linux 1.0. There's only one logical reason for this. Apple has patented the use of "10" (or "X") in versions. Think about it... how many software projects have gotten to version 10 without chaning their version number system (to "2006", "GP", "Supa-Dupa")? Very few, and those that chose to use version 10 are licensing the technology from Apple.
I know this is true. I heard it from a guy on the internet.
This kind of security thinking is akin to hiding your head in the sand. FIX THE PROBLEM! Don't legislate bans on exploits. DESIGN SUCH THINGS SECURELY IN THE FIRST PLACE! It wouldn't be that hard to have developed it with a cryptographically secure access code system in the first place. Sheesh!
Exactly! Just like I was saying... There should be no law against painting your car like a police car and putting red and blue lights on your top. FIX THE PROBLEM! It's the police's fault that it's so easy to mimic an emergency vehicle by flashing red and blue lights. DESIGN SUCH THINGS SECURELY IN THE FIRST PLACE! This existing law is unconstitutional! Sheesh!
Yes, I know. I was just playing along with the original post; I could have just as easily picked ATM or PIN to go with.
And as it seems to be the custom in your culture to end each correspondence with an insult, I should do the same to avoid offending you. I fucked your sister and your shoes are ugly.
(Sorry, I don't like ATM machines and PR relations and PIN numbers; I couldn't help but post);-)
PR relations eh? PR stands for "public relations", so "PR relations" would be an increase of public relations (of 1 public) for each relation that goes by.
Incredible! I want one of those public relations squared in my company!
FYI, this seems to be from AT&T Business Services, IE backbone and ip operations. So their customers (the people they are asking) in this case are other ISPs, datacenters, etc, and the whitelist is for sending email to AT&T itself. This has nothing to do with other AT&T services (remember, "AT&T" is essentially about a hundred different companies that happen to share the same name), so this should not affect some grandma trying to send to an attbi account. That being said, whether what they're doing is good remains to be seen.
(Interestingly enough, I *DO* work for a datacenter that has IP and transit services through AT&T, and have not received one of these emails yet...)
I will then suppose that when you buy 512MB memory module, you expect it to have exactly 512000000 bytes of capacity, right? It's the proper way, right?
I would expect the module to contain 536870912 bytes, but that's only because I know that memory manufacturers are using the wrong unit of measurement. If they advertised the module as 512MiB, then I would clearly know the capacity. (But probably nobody else would because most of the industry has been perpetuating this incorrect unit of measurement. Who's misleading people again?)
Look at it this way. Say there are 2 local hardware stores. If somebody walks into Store A and buys a 1 yard board, he gets a 1 yard (3 foot) board. Then he walks into Store B and sees a 1 yard board advertised, but it's actually 1 meter (~3.28 feet). But nobody complains because they're "close enough".
Over time the two stores become national home improvement retailers. People are also buying more lumber in bulk. But because of Store B's false advertising early on (even if it is advantageous to the customer), people are now convinced that 1 yard is ~3.28 feet. So when they go into Store A and ask for 10,000 yards of lumber, they get angry that they're "only" getting 30,000 feet of lumber, not 32,808 like they expect.
Store A (hard drive manufacturers) are the ones in the right, but because Store B (pretty much everybody else) made the populus accept the "close enough" argument, Store A is now looking bad.
Now I would believe the HD makers are doing this for the pure love of standards if only they would clearly describe the product as having size calculated with nontraditional units.
First, nearly every hard drive I've bought in the last 8 years or so have had that warning. Second, I'm going to love the day I walk into Home Depot and see the disclaimer, "1 foot is represented as 12 inches here. Your method of representing feet may vary."
Seen in isolation it doesn't really matter. But the point remains that the HD sellers are using the wrong count and the question that comes to the person who knows is "why?". The answer is simple - to mislead, by making the customer feel they are getting more than they actually are. In a free market it is important that any attempts to mislead the consumer be addressed, for it is a greedy system.
The hard drive manufacturers are not trying to mislead anybody. They are using the correct notation for the capacity of the drive. 1GB is 1,000,000,000 bytes; 1GiB is 1,073,741,824. And since an 80GB disk is 80,000,000,000 bytes, they are in the right. As it stands, pretty much everybody else is in the wrong, and it just happens to make hard drive manufacturers looks a bit better.
If anybody's still following this thread... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.
Somewhat off-topic, but relevant to the whole Verisign DNS idiocy... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.
[Pine's] not free software, so RedHat won't ship it.
Close, but the reason is this: Red Hat CANNOT ship pine, techically. This is because Red Hat includes its own patches in nearly every RPM it releases. (This is usually to fix a bug in hardware X with glibc Y that only occurs Z minutes each year... you get the idea.) While Pine's license allows for the creation of patches against the product, it does not allow for distributing patches binaries, without prior approval from UofW. Whether those patches are available to the end user is irrelevant, Pine's authors don't like "modified" binaries to be released.
Of course, source-based ports systems like Gentoo or *BSD are fine, due to their nature, but distros like Red Hat don't want to go through the hoops involved with Pine, so they just choose not to.
I've had a couple people email me, asking what IPs these connects came from so people could firewall off ESA. From what I've seen, each scan is from a different network, most likely random dialup ISPs (though somehow that could be a violation of the ISPs' AUPs).
However, for FTP traffic, I noticed a pattern: all used an anonymous FTP password of guest@nowhere.com. Almost all (relevant) google hits for that address were people talking about these automated mails, so it looks like this is what you should look out for. Also, I can't seem to find a legit FTP client that sends that password, so false positives shouldn't be a problem.
If you run vsftpd, you can put this in your vsftpd.conf:
When AT&T forwarded that threat to me, they included a legal contact at the company to speak to about any questions, etc (I removed this before I posted to the gentoo mirrors list, including just the stuff the ESA sent to AT&T). I called him up and got the general idea that companies like AT&T see hundreds of these per day, most of them invalid, and just forward them to their customers out of courtesy. They never seem to actually disconnect service because of an automated threat.
It seems the only people these days that take the DMCA seriously are organizations like the ESA.
I check Slashdot today and see my name in a linked article. (I am Ryan, the person who posted to the gentoo mirrors list.)
As I mentioned in the list post, yes, this is silly and amusing, but it still has to be treated seriously. I met with our company lawyer yesterday (who is pretty well-versed in the DMCA, and hence has slightly less than glowing praise about it). The basic response of course is to reply, explaining that they are in error and to consider the matter closed.
While I would like nothing better than to go after these people for gross abuse of the legal system, my company, like many other companies, cannot justify the costs associated with going to court over something like this. This is why you should donate to an organization like the EFF, and tell them you are concerned about the DMCA and its effects.
(Standard IANAL disclaimer for the following:) Also, check out this form if you are a mirror provider. It deals specifically with the DMCA, but does not necessarily provide protection against, but it may help. It is intended for transit providers/datacenters (which we are), but from reading its defintion of a "service provider", mirror sites MAY (again, IANAL) qualify in the same respect.
We're sorry. We meant to say a Fortune *500,000,000* company. It was actually a lemonade stand, and they were using old RedHat disks as coasters. We traded them a license for 2 cups of lemonade.
Does the lemonade stand get free licenses if they switch to Caldera Openlinux coasters?
SuSE happened to have their area right next to Microsoft's. I attended a presentation for Openexchange (SuSE's answer to Microsoft Exchange). The presenter would occasionally say things like "and later I'll explain how Openexchange saves you money over SOME OTHER GROUPWARE PRODUCT WHO SHALL REMAIN NAMELESS", while staring at the Microsoft guys.
In the end I received a Geeko plush toy and a copy of their boxed professional desktop product. Yaaa swag.
Slashdot Mirror
A couple months ago, I built myself a nice little cheap desktop for about $400. I'd say I did pretty well. Here are the specs:
Athlon XP 2000+ proc
VIA KT266 motherboard with 1 AGP/4 PCI slots, 6 USB ports, onboard S3 ProSavage8 video, 10/100 networking, and the usual motherboard stuff
256MB RAM
80GB WD hard drive
Floppy drive
16X DVD-ROM drive
48X CD-RW drive
Mini-tower case
Err sorry, when I said "built", I meant "bought an emachines T2082". Emachines USED to be crap, but these days they're using mostly off-the-shelf components. I have yet to find anything proprietary or icky about this computer. Sure I upped the RAM to 512MB and added a decent video card, but everything else is fine.
As for the Athlon64 system, it appears they released it TOO quietly... their web site doesn't even mention it.
First of all, I would like to say that while I'm not a Red Hat zealot, I'm am a Red Hat sympathizer. I've been a Red Hat user since RHL 4.2, and will continue to use their products when possible. I'm not the happiest with what has happened in the recent months, but I see that this will overall be best for the company.
:)
I manage about 40 machines, most of which are currently running RHL 7.2 and 7.3. We are in the process of transitioning to a gentoo-based distro. A custom stage 3 tarball has been created that can be plopped onto a server and already contains the extra utilities needed as a base level for our servers (ntpd, screen, etc). I've frozen the portage tree, and are side-porting updated software that has been released as the result of a GLSA. This prevents the server set from being too "bleeding edge", while still being secure.
That being said, it'll take a good deal of time to convert 40 servers over from RHL to gentoo. The Progency announcement is great for us, it gives us a bit of insurance against a flaw coming out that we can't immediately solve. Personally, I'd like nothing more than running RHEL on our servers. RHEL focuses more on stability than new whiz-bang features, and the 5-year support life is a plus. But RHEL costs money, money we can't really justify right now. And unfortunately, our business size (small to medium) is no longer the target customer size for Red Hat's business. They're going after the 1000ish-server and 10000ish-workstation market. Again, annoyed, but at least understandable.
I see Red Hat's biggest mistake being announcing the Fedora project AFTER announcing the EOLs on RHL. If they would have announced Fedora and released Fedora Core 1, say 6 months before even announcing the EOL of RHL products, it would have eased the fears of many people. I have Fedora Core 1 running on a workstation, and it works pretty damn well IMHO. But I would not run it in a production environment yet because it's new and unproven and scary.
Secondly, the argument about RHL 9 being out less than a year before being EOLed: Red Hat DID announce that they would only be supporting RHL 9 for a short time, but they probably should have said it louder than they did. Alternatively, if they would have gotten off the ground with the Fedora project earlier like I mentioned above, RHL 9 should have become Fedora Core 1, and would have played into the above strategy.
So that's my take on this. Red Hat could have done things much differently to avoid annoying the smaller linux sysadmin, but that's all in the past now. Like it or not, Red Hat is moving in a new direction, and I wish them the best of luck. I just wish that my position didn't prevent me from moving along with them. Also, kudos to Progency for stepping up to the plate and providing transition support for these products.
By the way, it's "Red Hat". Not "RedHat". Just because the two words in their company name are short doesn't allow you to merge them together. Pretty soon you'll have people going to Slash Dot to read about AlanCox speaking out against Micro Soft
Let me guess... You're talking about a Gigabyte 7NNXP motherboard?
:)
(I went through the same hurdles
I've had AT&T Wireless for about 4 years now and have had no complaints about them. When I started, I bought a nokia 5165, got some minutes, and 6 months of free text messaging. When I called after the 6 month period was up, I asked for them to drop the messaging service since I didn't use it that much. Their reply was "how about another 6 months free?" This continued each 6 months for about 2 years. All good things must come to an end though, and they finally started charging a couple bucks (since then I have learned that I cannot live without text messaging).
The reception has been the best I've encountered, experiencing it for 2 years in the SF bay area, and the previous 2 years in Nevada. My employers have bought me other providers, but none would work as well as AT&T, so I kept my personal phone with them. (If you must know, cingular's reception was horrible for me. Of course your mileage can and will vary. Sprint works okay for me, but AT&T still works better.)
As for service... I've only had to call maybe a dozen times in 4 years. All of the times I've been impressed with their service. Or should I say, while my view of the world's customer service is at an all time low, AT&T has provided some of the least crappy customer service, irregardless of industry. They've reversed late charges just because I've asked, and I don't recall ever being on hold a long time.
The last time I called was about 3 months ago. My 5165 died (4 years for a cellphone is impressive, these days a cellphone's lifespan seems to be about 6 hours), so I bought a nokia 3360 online, called customer service up, was on hold for about 3 minutes, and it took maybe another 4-5 minutes to get the new phone activated.
So I'm happy. But I'm also knocking on wood, since the last company I praised on slashdot was my SBC DSL, and as a result, my DSL line went down about an hour later. Heh. Also, as it's been mentioned before in these comments, the problems with number portability are probably not some evil scheme by AT&T Wireless. Their problems are affecting both switchovers TO them as well as FROM them. Remember, being evil means screwing the customer AFTER they become a customer of yours, not before.
Standard disclaimer: All corporations are evil. Some are just not as evil as others.
Sprint's specs list a maximum of 128kbps on the Vision service, and I get very close to that. But you must remember that speed and latency are completely different. I've seen an average or 300-800ms latency on Vision. If you start a large download, I'll see close to the the full 128kbps. However, the latency makes the average web surfing or ssh session (send a little, receive a little, repeat) feels as slow as a 28.8k modem.
If AT&T can decrease the latency rather than increase the speed, I'm there!
There is substantial evidence for prior use of the name Fedora(TM) by the Cornell and Virginia teams starting in 1998. This includes published papers, web sites, software releases, and public presentations.
Note to self: never try to first post again. Stupid fo0bar. Anyways, yeah, they've been using the Fedora name since 1998, but besides being "something on a computer", the two projects have almost nothing in common. After all, we have a RDBMS named Phoenix as well as a BIOS named Phoenix (and for a short time a browser named Phoenix). They're all computer software, right?
Meanwhile, Fedora Linux started in December 2002 as a collection of 3rd party RPMs
Founded December 2002 by University of Hawaii Computer Science student Warren Togami, the previous Fedora Linux Project is an international team of volunteer software developers united for the development of high quality 3rd party RPM packages for the Red Hat Linux platform.
I know this is true. I heard it from a guy on the internet.
Exactly! Just like I was saying... There should be no law against painting your car like a police car and putting red and blue lights on your top. FIX THE PROBLEM! It's the police's fault that it's so easy to mimic an emergency vehicle by flashing red and blue lights. DESIGN SUCH THINGS SECURELY IN THE FIRST PLACE! This existing law is unconstitutional! Sheesh!
And as it seems to be the custom in your culture to end each correspondence with an insult, I should do the same to avoid offending you. I fucked your sister and your shoes are ugly.
Love,
fo0bar
PR relations eh? PR stands for "public relations", so "PR relations" would be an increase of public relations (of 1 public) for each relation that goes by.
Incredible! I want one of those public relations squared in my company!
FYI, this seems to be from AT&T Business Services, IE backbone and ip operations. So their customers (the people they are asking) in this case are other ISPs, datacenters, etc, and the whitelist is for sending email to AT&T itself. This has nothing to do with other AT&T services (remember, "AT&T" is essentially about a hundred different companies that happen to share the same name), so this should not affect some grandma trying to send to an attbi account. That being said, whether what they're doing is good remains to be seen.
(Interestingly enough, I *DO* work for a datacenter that has IP and transit services through AT&T, and have not received one of these emails yet...)
Nope. An 80GB hard drive is 80,000,000,000 bytes, whereas a 512 "MB" (should actually be MiB) memory module is 536,870,912 bytes.
I would expect the module to contain 536870912 bytes, but that's only because I know that memory manufacturers are using the wrong unit of measurement. If they advertised the module as 512MiB, then I would clearly know the capacity. (But probably nobody else would because most of the industry has been perpetuating this incorrect unit of measurement. Who's misleading people again?)
Look at it this way. Say there are 2 local hardware stores. If somebody walks into Store A and buys a 1 yard board, he gets a 1 yard (3 foot) board. Then he walks into Store B and sees a 1 yard board advertised, but it's actually 1 meter (~3.28 feet). But nobody complains because they're "close enough".
Over time the two stores become national home improvement retailers. People are also buying more lumber in bulk. But because of Store B's false advertising early on (even if it is advantageous to the customer), people are now convinced that 1 yard is ~3.28 feet. So when they go into Store A and ask for 10,000 yards of lumber, they get angry that they're "only" getting 30,000 feet of lumber, not 32,808 like they expect.
Store A (hard drive manufacturers) are the ones in the right, but because Store B (pretty much everybody else) made the populus accept the "close enough" argument, Store A is now looking bad.
Now I would believe the HD makers are doing this for the pure love of standards if only they would clearly describe the product as having size calculated with nontraditional units.
First, nearly every hard drive I've bought in the last 8 years or so have had that warning. Second, I'm going to love the day I walk into Home Depot and see the disclaimer, "1 foot is represented as 12 inches here. Your method of representing feet may vary."
The hard drive manufacturers are not trying to mislead anybody. They are using the correct notation for the capacity of the drive. 1GB is 1,000,000,000 bytes; 1GiB is 1,073,741,824. And since an 80GB disk is 80,000,000,000 bytes, they are in the right. As it stands, pretty much everybody else is in the wrong, and it just happens to make hard drive manufacturers looks a bit better.
If anybody's still following this thread... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.
Somewhat off-topic, but relevant to the whole Verisign DNS idiocy... I have thrown up a database of patched nameservers here (don't worry about arouse.net, it's not a porn site), which currently allows you to check to see if a nameserver has been patched to block return of 'A' results for non-existent domains, and allows you to add to the database if it is a patched server.
[Pine's] not free software, so RedHat won't ship it.
Close, but the reason is this: Red Hat CANNOT ship pine, techically. This is because Red Hat includes its own patches in nearly every RPM it releases. (This is usually to fix a bug in hardware X with glibc Y that only occurs Z minutes each year... you get the idea.) While Pine's license allows for the creation of patches against the product, it does not allow for distributing patches binaries, without prior approval from UofW. Whether those patches are available to the end user is irrelevant, Pine's authors don't like "modified" binaries to be released.
Of course, source-based ports systems like Gentoo or *BSD are fine, due to their nature, but distros like Red Hat don't want to go through the hoops involved with Pine, so they just choose not to.
I've had a couple people email me, asking what IPs these connects came from so people could firewall off ESA. From what I've seen, each scan is from a different network, most likely random dialup ISPs (though somehow that could be a violation of the ISPs' AUPs).
s ftpd.banned_emails
However, for FTP traffic, I noticed a pattern: all used an anonymous FTP password of guest@nowhere.com. Almost all (relevant) google hits for that address were people talking about these automated mails, so it looks like this is what you should look out for. Also, I can't seem to find a legit FTP client that sends that password, so false positives shouldn't be a problem.
If you run vsftpd, you can put this in your vsftpd.conf:
deny_email_enable=YES
banned_email_file=/etc/v
and putting guest@nowhere.com in vsftpd.banned_emails.
When AT&T forwarded that threat to me, they included a legal contact at the company to speak to about any questions, etc (I removed this before I posted to the gentoo mirrors list, including just the stuff the ESA sent to AT&T). I called him up and got the general idea that companies like AT&T see hundreds of these per day, most of them invalid, and just forward them to their customers out of courtesy. They never seem to actually disconnect service because of an automated threat.
It seems the only people these days that take the DMCA seriously are organizations like the ESA.
Still, good point.
As I mentioned in the list post, yes, this is silly and amusing, but it still has to be treated seriously. I met with our company lawyer yesterday (who is pretty well-versed in the DMCA, and hence has slightly less than glowing praise about it). The basic response of course is to reply, explaining that they are in error and to consider the matter closed.
While I would like nothing better than to go after these people for gross abuse of the legal system, my company, like many other companies, cannot justify the costs associated with going to court over something like this. This is why you should donate to an organization like the EFF, and tell them you are concerned about the DMCA and its effects.
(Standard IANAL disclaimer for the following:) Also, check out this form if you are a mirror provider. It deals specifically with the DMCA, but does not necessarily provide protection against, but it may help. It is intended for transit providers/datacenters (which we are), but from reading its defintion of a "service provider", mirror sites MAY (again, IANAL) qualify in the same respect.
Does the lemonade stand get free licenses if they switch to Caldera Openlinux coasters?
SuSE happened to have their area right next to Microsoft's. I attended a presentation for Openexchange (SuSE's answer to Microsoft Exchange). The presenter would occasionally say things like "and later I'll explain how Openexchange saves you money over SOME OTHER GROUPWARE PRODUCT WHO SHALL REMAIN NAMELESS", while staring at the Microsoft guys.
In the end I received a Geeko plush toy and a copy of their boxed professional desktop product. Yaaa swag.
The opposite will help them more. Download RHL9 and send them the $40 you would have spent on their discontinued box set. Or do both :)