After refreshing and reading the postings from the first few minutes, I realized that the servers were going to be slashdotted and I needed to get in there quickly! I got the patch, compiled it, and make modules_install failed with unresolved symbols in all of the ACPI power management stuff. Took it all out and recompiled again, and I'm up in it now.
I'm on a ThinkPad 570, p2 566 128MB, RH71, 2.4.10, X 4.0.3, ximian Red Carpet - fully updated. On first boot, it hung on freeing unused kernel memory. Hard reboot and it booted all the way to X. It seemed much slower. Much much slower. Now that its up in X, its quicker. It sure is weird seeing the swap going unused in the cpu/mem/swap monitor as well as in vmstat and top. The cpu monitor shows much more activity.. not a higher load mind you, its just a lot jumpier than it was under 2.4.9. Not a very scientific analysis I know, but that's all I can give you:)
Re:But the question everyone is asking is
on
Linux Kernel 2.4.10
·
· Score: 1
You're forgetting that 2.5 is the development kernel.
You're absolutely right. Six year user here, and I have never booted a devel kernel once. I do forget about that odd/even thing. When I think about how far back I stay from the bleeding edge, I realize how true the phrase I use when training a newcomer is:
the more you learn, the more you realize you don't know.
Come to think of it, my laptop (ThinkPad 570) has been freaking out on me the last couple of days. I'll be using it when all of a sudden the hard disk activity will peg.. the system gets so loaded that sar statistics even stop.. twice now, after letting it run with a pegged hdd for a couple hours I've had to just shut it off hard.
RH71, 2.4.9, and Ximian Gnome desktop. I use Red Carpet to keep everything up to date, and occasionally compile some things by hand when no updated RPM is available, like OpenSSH 2.9.2p2.
Re:But the question everyone is asking is
on
Linux Kernel 2.4.10
·
· Score: 1
2.0 went to what, 2.0.34? And they released a lot less frequently back then.. I'm not holding my breath for 2.5.. there's too much I'm waiting for in 2.4 still
I've given an IBM NetVista S40 legacy-free to two other guys so the three of us can try to get X working on 'em. I spent a couple hours hand patching some stuff in drivers/char/agp and drivers/video to improve the AGP handling for an i810e, but make bzImage still isn't compiling..
I'm probably not going to upgrade to 2.4.10 on that box for quite some time.. my laptop, though.. I use that every day so I like to try out new kernels. Anyone know if kernel bug reporting will ever get as easy as Ximian's? That is just plain nice.
Didn't notice, but it really makes sense. I'm trying to remember what their site and coverage was like for the Gulf War. Obviously not as good as it is now.. I just don't recall where CNN stood..
Some creepy, personal notes: I interviewed for my IBM job at 33 Maiden Lane, visible on the middle zoom image. The woman who brought me into the company was doing some Domino consulting on the 92nd floor of one of the towers a week before the crash. The day of the crash she was in Boston taking an Akamai class at the Akamai headquarters. The class was about to get underway when the first crash occured. A couple hours later it was revealed that the Akamai co-founder and CTO was in one of the planes that hit the towers. Now my friend is back in NYC doing disaster recovery consulting for that customer -- who lost 70 employees.
And come to find out my Mom (an insurance underwriter in Florida) handle's that very same company's life, health, executive officers, and business continuity coverage. My mom's writing checks in Florida to cover the disaster recovery charges coming from one of my closest friends in NYC.
They say every person in America was touched by the disaster. I think if someone started a "six degrees of the WTC disaster" site, survivors and other affected people just might make many new friends.
I find it weird that the Trade Centers had so much gold and silver!
Have you ever been to the area? It really is the World Financial Center. I used to always chuckle when I would stumble across so-called "World Trade Centers" or "World Financial Centers" in other cities like L.A. or San Francisco. I've commuted to NYC off and on for 12 years now, and even cut through the towers to change trains for a year.
When I watch this coverage on CNN, I have to say it really is impossible to show the scope of that place on tv. People wouldn't believe how close the NYSE is to ground zero. And forget about how many financial institutions are down there. They really did strike at the heart of the global economy. But New Yorkers have thick skins. And yes, the reserves are in big time vaults way down in the basement. AT&T had 200,000 phone lines in B6. God knows how far down the vaults are and how thick their walls are.
Well there's no hard evidence that osama bin laden had anything to do with the wtc (event 1), or the events in Nyrobi or the American Embassy there.
Dude, do you *really* have access to all of the intelligence gathering at the highest level of our government? I didn't think so. I don't either. Those of us at the man-on-the-street level will never ever know the fullest extent of what the CIA, NSA and FBI know about stuff like that. We can only hear what the government spins and leaks. As the investigation from the attack unfolds, can you tell us the story behind all 200+ people on the FBI's wanted list in this investigation? Again, I didn't think so.
Don't sit there and repeat shit you overheard from some tree hugger in an anti-war sit-in at Berkeley. Someone has evidence somehwere. If you think we're going to install a puppet government in Afghanistan with absolutely no evidence at all, then we have a fundamental disagreement in the way things work, and neither of us can prove our opinions beyond a reasonable doubt.
Just don't act like you're all knowing WRT government intelligence, please.
That's called a honeynet or a honeypot.. like putting honey on the far side of your property to make the bees stay away from the house. Its suitable for situations where human attackers would target a specific entity, usually a company with highly sought after assets. The protecting admin would do the things you mentioned and try use interesting machine names on the false network so as to make the attackers think they are going after the machines holding the data they want. The admins would even go as far as creating databases loaded with false data to really keep the (again, human) attackers busy trying to figure out what to do with all this useless stuff if they make it all the way into the database server.
Worms like Code Red and Nimda just semi-randomly select IP addresses of machines to connect to and try to infect. If you maintain a network with dozens or hundreds of IP addresses, you would install LaBrea at a point where it can see all traffic coming into your network. If it sees lots of connection attempts coming in for an IP address that does not appear to be in use on your network, it will forge fake packets pretending to come from the host that the worm is trying to connect to, and make the worm suffer through an excruciatingly slow connection that never gets anywhere once its started.
Nimda doesn't look at the names of the computers its attacking or look for "interesting stuff" on those computers. It just chooses an IP address and attacks the hell out of it.
The other replier touched on it, but LaBrea doesn't actually pull the connections into the machine running the tarpit. It sniffs the wire for packets going by specifically looking for repeated connection attempts to IP addresses that don't appear to be responding.
After it witnesses the predetermined number of failed connection attempts, it invents a fake MAC address for this would-be victim, and puts fake packets on the wire simulating replies from that would-be victim. The router gets the faked ARP reply and allows the attacker in. LaBrea first forces the remote attacker to use extremely short packets to minimize the amount of traffic it can send, and then begins the infrequent transmissions just frequently enough to keep the connection alive.
When you use the special "trap and keep" mode, it can keep a connection stalled with as few at 1215ish bytes **per hour**. If at any time a new machine comes up on the network with the IP address that has been tarpitted, LaBrea just stops faking the connection. Of course, the new machine will inherit the connections that were stalled, and will inherit connections with extremely short MSS's too.
If you're going to mention snort, at least mention hogwash.. it uses snort rules to sanitize packets before allowing them to come all the way into the network (if at all)..
Thanks very much for the suggestion, but it actually didn't work. I flushed the ipchains rules long enough to try it and it still didn't go. I was using a local entry in/etc/hosts for the remote server, and felt that the -L parameter might be having problems. Sure enough, I changed
-L 1025:remotename:25 remotename -p
to
-L 1025:localhost:25 remotename -p
and its working fine now. Don't know why I never tried that before, but I did and it works now. Let me qualify that. I'm on 56k and the server is on cable. This port forwarding works fine for mail (smtp and pop3), but it keeps falling apart when I try to run Webmin over the tunnel. Not that the tunnel breaks down, the packets just slow down to zero. I get the Webmin logo, and then it just stalls out.
I'll see how well it holds up the next time I'm local to the box. This box is there as a real favor from a friend, so he only port forwards my zip code to the box. In other words, I can either ssh to a console or tunnel everything else over ssh. I guess now I can look into forwarding X over ssh for when I'm at his place (or parked out back.. we use wireless, hence all this ssh'ing)
and I'm getting sick and tired of checking for replies to my postings only to find that the "1 reply" or even "2 replies" listed don't really exist. WTFIUWT?
Osama Bin Laden has been well regarded as the world's leading user of steganography. His people were hiding instructions woven into pornographic pictures and mp3's distributed via the net. With basic stego tools you can hide either text or a binary into another binary. By gpg'ing files for one or more recipients or using a separately negotiated shared key and hiding the ascii armor versions in pictures or even text (using 'snow'), regular everyday Usenet-reading folks would never detect this activity.
The government probably could, but only if they really could scan every post and reassemble every binary in a 30GB daily Usenet full feed. And at best, all they would get is a GPG file which could theoretcially take thousands of years to crack. They want to reduce the crack time to thousands of seconds.
You know, this got me thinking. I haven't had the time to read *all* 17,500 posts related to this tragedy. In the few thousand I have been through, I haven't seen anyone wonder about the future about the NSA's SELinux.
Now we all know that any government-sanctioned encryption scheme is going to be relatively weak, like 56-bit DES. When you add backdoors, all our data is going to be about as safe as an anti-aircraft gunner in Afghanistan next Friday -- not very. Now I realize that so far their project has focued on strong interprocess protection vs data security in the raw sense, i.e. strong encryption. BUT, with a name like "Security Enhanced Linux" one would think that strong encryption, still freely available so far, would become a focal point in their products down the road.h
What would happen if/when the NSA has to abandon the SELinux project because a) its illegal to use backdoor-free strong encryption, and b) they can't publish their distro without releasing the source code to their changes per the GPL.
If Linux goes to the skunkworks, we're going to need a new mascot. The dark sunglasses on tux won't cover it anymore.
In other news, I have been able to do POP3 over SSH in the past, but with ssh 2.9p2 on all my clients and servers, I try to port forward 25 for secure smtp, and I get:
channel_open_failure: 2: reason 1 bla bla bla
connection closed by foreign host
the remote host has ssh listening on a non-standard port, and ipchains blocks all other ports. When I ssh to the box I am able to connect to port 25 on localhost. I have the "no passphrase" ssh login working fine.
I've been trying to check out some of Apache's advanced offerings, but I can't get much beyond Jakarta. Specifically, I've wanted to check out Cocoon and Jetspeed.. to check out the free portal offerings before trying out my employer's offering, IBM Enterprise Information Portal.
Jarkarta is easy to get running. I can get the sample servlets running in just a few minutes. Yet I've had the summer off, and have never gotten Cocoon to run once. The closest I've gotten was the famed "Internal Execution Error: servlet not initialized". I can tell you its extremely frustrating to think you have *finally* found the configuration error only to see the same result for a couple of months.
Perhaps my problems stem from not having any Java experience to build from, so I'm not even sure how things like CLASSPATH work. Sometimes I've seen CLASSPATH include a directory like a normal PATH declaration, but then I've also seen CLASSPATH declarations include specific jar files. I've been able to get IBM's Xeena and the Alice chatbot to run under Java, but forget about these complex setups.
I'm also never sure if the jar files from the twenty supporting packages you have to download and install before Cocoon or Jetspeed need to be copied to $JAVA_HOME/jre/lib/ext or just have variables like $ANT_HOME defined. Its a real daunting task for a true Java newbie. There doesn't seem to be a definitive word across the documentation on how these things should all be installed. In particular, there are some jar files that are either multiply downloaded (xerces and xalan come to mind) or don't exist anymore. Would someone at the project actually listen if I submit corrections to their documentation?
I finally said "f-it for now" and I've moved on to PHP-Nuke. If its that hard to get started, I don't even want to know what it'll take to maintain or upgrade it. Plus I can run PHP-Nuke on Sourceforge. I didn't want to move on to IBM's Enterprise Information Portal until I had a free offering to compare it to, but if it's a matter of rpm -ivh or./setup.ksh (IBM loves Korn Shell:) then the free offering will definitely fall way short.
Why can't these virus writers code their shit such that it checks the type of webserver running on the victim..
Why can't these virus writers just finally once and for all write a virus that will completely *blow away* the box? Or at least remove the TCP/IP stack.. that would keep an MCSE busy for a couple of days and their server off the network, too.
I close my eyes, and daydream about a microsoft-free Internet if not for just half a day.
speaking of which, I may be nuts but I thought that there's an encrypted mode SMTP that newer sendmails try by default, like S/SMTP or something, but I can't find anything on it..
I notice The Cure's "Killing an arab" made it thru...
DAMMIT, you beat me to it!:) Opie and Anthony in New York were also playing the list during the evening drive time, and adding some of their own, like "Ahab the Arab". I IM'ed them asking them to play Killing an Arab.. my tape backups beckoned so I never found out if they played it after all.
I would have definitely put that one near the top of the list..
It actually makes a *huge* difference to the insurance companies. They don't have to cover any damages suffered by acts of war. My mom is an underwriter at a very large insurance company, and a declaration of war will decide if they have to pay out close to a billion-with-a-b dollars.
Interesting note: the World Trade Center (Port Authority) only had insurance to cover the loss of one of the towers. They never imagined they would lose both towers at once. Also my mom's company has some of the buildings and companies covered straight up, but her company will pay on some other coverages only after the first $90 million gets paid by primary coverage.
Did you hear that there's something like $500 **million** worth of gold and silver in the basement that was used to secure many of the financial transactions?! Holy crapoli that's a lotta bucks.
I was in NYC about 30 blocks away when the Twin Towers were bombed in 93. Yes, New York (at least) has been a big target since 1993. Bin Laden was known to want to knock down the Twin Towers specifically. And any history scholar will tell you that Washington D.C. has always been, and will always be, probably the world's most prolific target. That's the biggest fish there is.
Wow a 454 **thousand** slashdot userid. If you're only 16 or so, then i understand why you didn't think New York was a big terrorism target.
You're awesome! You were exactly correct. Lucent makes the Orinoco/EC (ethernet converter). Its about the size of an external modem with an ethernet port and a pcmcia slot and brings 802.11 to any hardwire ethernet device. $220 at CDW, without a PCMCIA card. A little pricey but exactly what I need.
I haven't looked for the Cisco, with their history of "corporate pricing". I don't even wanna know:)
I appreciate your post, but I may not have been clear in my request. I already have an access point. I cannot run ethernet to where a computer is located, and that PC does not have ISA or PCI slots so it cannot have a PCI to PCMCIA adapter installed. My only choice is to run an ethernet cable from the computer into some kind of device that will make the machine act as a **client** to my **existing** access point, not wire it to another access point that will compete with my existing access point.
Unless I didn't catch something on the airport page stating that the airport can be converted to a client device instead of an access point. I don't need another access point, though. Thanks again for trying to help.
Slashdot Mirror
All your Al-Qaeda (the base) are belong to U.S.
Definitely +1, Underrated!
After refreshing and reading the postings from the first few minutes, I realized that the servers were going to be slashdotted and I needed to get in there quickly! I got the patch, compiled it, and make modules_install failed with unresolved symbols in all of the ACPI power management stuff. Took it all out and recompiled again, and I'm up in it now.
:)
I'm on a ThinkPad 570, p2 566 128MB, RH71, 2.4.10, X 4.0.3, ximian Red Carpet - fully updated. On first boot, it hung on freeing unused kernel memory. Hard reboot and it booted all the way to X. It seemed much slower. Much much slower. Now that its up in X, its quicker. It sure is weird seeing the swap going unused in the cpu/mem/swap monitor as well as in vmstat and top. The cpu monitor shows much more activity.. not a higher load mind you, its just a lot jumpier than it was under 2.4.9. Not a very scientific analysis I know, but that's all I can give you
You're forgetting that 2.5 is the development kernel.
You're absolutely right. Six year user here, and I have never booted a devel kernel once. I do forget about that odd/even thing. When I think about how far back I stay from the bleeding edge, I realize how true the phrase I use when training a newcomer is:
the more you learn, the more you realize you don't know.
Come to think of it, my laptop (ThinkPad 570) has been freaking out on me the last couple of days. I'll be using it when all of a sudden the hard disk activity will peg.. the system gets so loaded that sar statistics even stop.. twice now, after letting it run with a pegged hdd for a couple hours I've had to just shut it off hard.
RH71, 2.4.9, and Ximian Gnome desktop. I use Red Carpet to keep everything up to date, and occasionally compile some things by hand when no updated RPM is available, like OpenSSH 2.9.2p2.
2.0 went to what, 2.0.34? And they released a lot less frequently back then.. I'm not holding my breath for 2.5.. there's too much I'm waiting for in 2.4 still
I've given an IBM NetVista S40 legacy-free to two other guys so the three of us can try to get X working on 'em. I spent a couple hours hand patching some stuff in drivers/char/agp and drivers/video to improve the AGP handling for an i810e, but make bzImage still isn't compiling..
I'm probably not going to upgrade to 2.4.10 on that box for quite some time.. my laptop, though.. I use that every day so I like to try out new kernels. Anyone know if kernel bug reporting will ever get as easy as Ximian's? That is just plain nice.
Didn't notice, but it really makes sense. I'm trying to remember what their site and coverage was like for the Gulf War. Obviously not as good as it is now.. I just don't recall where CNN stood..
Some creepy, personal notes: I interviewed for my IBM job at 33 Maiden Lane, visible on the middle zoom image. The woman who brought me into the company was doing some Domino consulting on the 92nd floor of one of the towers a week before the crash. The day of the crash she was in Boston taking an Akamai class at the Akamai headquarters. The class was about to get underway when the first crash occured. A couple hours later it was revealed that the Akamai co-founder and CTO was in one of the planes that hit the towers. Now my friend is back in NYC doing disaster recovery consulting for that customer -- who lost 70 employees.
And come to find out my Mom (an insurance underwriter in Florida) handle's that very same company's life, health, executive officers, and business continuity coverage. My mom's writing checks in Florida to cover the disaster recovery charges coming from one of my closest friends in NYC.
They say every person in America was touched by the disaster. I think if someone started a "six degrees of the WTC disaster" site, survivors and other affected people just might make many new friends.
I find it weird that the Trade Centers had so much gold and silver!
Have you ever been to the area? It really is the World Financial Center. I used to always chuckle when I would stumble across so-called "World Trade Centers" or "World Financial Centers" in other cities like L.A. or San Francisco. I've commuted to NYC off and on for 12 years now, and even cut through the towers to change trains for a year.
When I watch this coverage on CNN, I have to say it really is impossible to show the scope of that place on tv. People wouldn't believe how close the NYSE is to ground zero. And forget about how many financial institutions are down there. They really did strike at the heart of the global economy. But New Yorkers have thick skins. And yes, the reserves are in big time vaults way down in the basement. AT&T had 200,000 phone lines in B6. God knows how far down the vaults are and how thick their walls are.
Well there's no hard evidence that osama bin laden had anything to do with the wtc (event 1), or the events in Nyrobi or the American Embassy there.
Dude, do you *really* have access to all of the intelligence gathering at the highest level of our government? I didn't think so. I don't either. Those of us at the man-on-the-street level will never ever know the fullest extent of what the CIA, NSA and FBI know about stuff like that. We can only hear what the government spins and leaks. As the investigation from the attack unfolds, can you tell us the story behind all 200+ people on the FBI's wanted list in this investigation? Again, I didn't think so.
Don't sit there and repeat shit you overheard from some tree hugger in an anti-war sit-in at Berkeley. Someone has evidence somehwere. If you think we're going to install a puppet government in Afghanistan with absolutely no evidence at all, then we have a fundamental disagreement in the way things work, and neither of us can prove our opinions beyond a reasonable doubt.
Just don't act like you're all knowing WRT government intelligence, please.
That's called a honeynet or a honeypot.. like putting honey on the far side of your property to make the bees stay away from the house. Its suitable for situations where human attackers would target a specific entity, usually a company with highly sought after assets. The protecting admin would do the things you mentioned and try use interesting machine names on the false network so as to make the attackers think they are going after the machines holding the data they want. The admins would even go as far as creating databases loaded with false data to really keep the (again, human) attackers busy trying to figure out what to do with all this useless stuff if they make it all the way into the database server.
Worms like Code Red and Nimda just semi-randomly select IP addresses of machines to connect to and try to infect. If you maintain a network with dozens or hundreds of IP addresses, you would install LaBrea at a point where it can see all traffic coming into your network. If it sees lots of connection attempts coming in for an IP address that does not appear to be in use on your network, it will forge fake packets pretending to come from the host that the worm is trying to connect to, and make the worm suffer through an excruciatingly slow connection that never gets anywhere once its started.
Nimda doesn't look at the names of the computers its attacking or look for "interesting stuff" on those computers. It just chooses an IP address and attacks the hell out of it.
wouldn't this tie up connections?
The other replier touched on it, but LaBrea doesn't actually pull the connections into the machine running the tarpit. It sniffs the wire for packets going by specifically looking for repeated connection attempts to IP addresses that don't appear to be responding.
After it witnesses the predetermined number of failed connection attempts, it invents a fake MAC address for this would-be victim, and puts fake packets on the wire simulating replies from that would-be victim. The router gets the faked ARP reply and allows the attacker in. LaBrea first forces the remote attacker to use extremely short packets to minimize the amount of traffic it can send, and then begins the infrequent transmissions just frequently enough to keep the connection alive.
When you use the special "trap and keep" mode, it can keep a connection stalled with as few at 1215ish bytes **per hour**. If at any time a new machine comes up on the network with the IP address that has been tarpitted, LaBrea just stops faking the connection. Of course, the new machine will inherit the connections that were stalled, and will inherit connections with extremely short MSS's too.
If you're going to mention snort, at least mention hogwash.. it uses snort rules to sanitize packets before allowing them to come all the way into the network (if at all)..
How about, "and we already saw how well they played along with Kerberos.."
you idiot troll
Thanks very much for the suggestion, but it actually didn't work. I flushed the ipchains rules long enough to try it and it still didn't go. I was using a local entry in /etc/hosts for the remote server, and felt that the -L parameter might be having problems. Sure enough, I changed
-L 1025:remotename:25 remotename -p
to
-L 1025:localhost:25 remotename -p
and its working fine now. Don't know why I never tried that before, but I did and it works now. Let me qualify that. I'm on 56k and the server is on cable. This port forwarding works fine for mail (smtp and pop3), but it keeps falling apart when I try to run Webmin over the tunnel. Not that the tunnel breaks down, the packets just slow down to zero. I get the Webmin logo, and then it just stalls out.
I'll see how well it holds up the next time I'm local to the box. This box is there as a real favor from a friend, so he only port forwards my zip code to the box. In other words, I can either ssh to a console or tunnel everything else over ssh. I guess now I can look into forwarding X over ssh for when I'm at his place (or parked out back.. we use wireless, hence all this ssh'ing)
Thanks again for the suggestion.
Steve
and I'm getting sick and tired of checking for replies to my postings only to find that the "1 reply" or even "2 replies" listed don't really exist. WTFIUWT?
Osama Bin Laden has been well regarded as the world's leading user of steganography. His people were hiding instructions woven into pornographic pictures and mp3's distributed via the net. With basic stego tools you can hide either text or a binary into another binary. By gpg'ing files for one or more recipients or using a separately negotiated shared key and hiding the ascii armor versions in pictures or even text (using 'snow'), regular everyday Usenet-reading folks would never detect this activity.
The government probably could, but only if they really could scan every post and reassemble every binary in a 30GB daily Usenet full feed. And at best, all they would get is a GPG file which could theoretcially take thousands of years to crack. They want to reduce the crack time to thousands of seconds.
You know, this got me thinking. I haven't had the time to read *all* 17,500 posts related to this tragedy. In the few thousand I have been through, I haven't seen anyone wonder about the future about the NSA's SELinux.
Now we all know that any government-sanctioned encryption scheme is going to be relatively weak, like 56-bit DES. When you add backdoors, all our data is going to be about as safe as an anti-aircraft gunner in Afghanistan next Friday -- not very. Now I realize that so far their project has focued on strong interprocess protection vs data security in the raw sense, i.e. strong encryption. BUT, with a name like "Security Enhanced Linux" one would think that strong encryption, still freely available so far, would become a focal point in their products down the road.h
What would happen if/when the NSA has to abandon the SELinux project because a) its illegal to use backdoor-free strong encryption, and b) they can't publish their distro without releasing the source code to their changes per the GPL.
If Linux goes to the skunkworks, we're going to need a new mascot. The dark sunglasses on tux won't cover it anymore.
In other news, I have been able to do POP3 over SSH in the past, but with ssh 2.9p2 on all my clients and servers, I try to port forward 25 for secure smtp, and I get:
channel_open_failure: 2: reason 1 bla bla bla
connection closed by foreign host
the remote host has ssh listening on a non-standard port, and ipchains blocks all other ports. When I ssh to the box I am able to connect to port 25 on localhost. I have the "no passphrase" ssh login working fine.
Any ideas, anyone?
I've been trying to check out some of Apache's advanced offerings, but I can't get much beyond Jakarta. Specifically, I've wanted to check out Cocoon and Jetspeed.. to check out the free portal offerings before trying out my employer's offering, IBM Enterprise Information Portal.
./setup.ksh (IBM loves Korn Shell :) then the free offering will definitely fall way short.
Jarkarta is easy to get running. I can get the sample servlets running in just a few minutes. Yet I've had the summer off, and have never gotten Cocoon to run once. The closest I've gotten was the famed "Internal Execution Error: servlet not initialized". I can tell you its extremely frustrating to think you have *finally* found the configuration error only to see the same result for a couple of months.
Perhaps my problems stem from not having any Java experience to build from, so I'm not even sure how things like CLASSPATH work. Sometimes I've seen CLASSPATH include a directory like a normal PATH declaration, but then I've also seen CLASSPATH declarations include specific jar files. I've been able to get IBM's Xeena and the Alice chatbot to run under Java, but forget about these complex setups.
I'm also never sure if the jar files from the twenty supporting packages you have to download and install before Cocoon or Jetspeed need to be copied to $JAVA_HOME/jre/lib/ext or just have variables like $ANT_HOME defined. Its a real daunting task for a true Java newbie. There doesn't seem to be a definitive word across the documentation on how these things should all be installed. In particular, there are some jar files that are either multiply downloaded (xerces and xalan come to mind) or don't exist anymore. Would someone at the project actually listen if I submit corrections to their documentation?
I finally said "f-it for now" and I've moved on to PHP-Nuke. If its that hard to get started, I don't even want to know what it'll take to maintain or upgrade it. Plus I can run PHP-Nuke on Sourceforge. I didn't want to move on to IBM's Enterprise Information Portal until I had a free offering to compare it to, but if it's a matter of rpm -ivh or
Why can't these virus writers code their shit such that it checks the type of webserver running on the victim..
Why can't these virus writers just finally once and for all write a virus that will completely *blow away* the box? Or at least remove the TCP/IP stack.. that would keep an MCSE busy for a couple of days and their server off the network, too.
I close my eyes, and daydream about a microsoft-free Internet if not for just half a day.
speaking of which, I may be nuts but I thought that there's an encrypted mode SMTP that newer sendmails try by default, like S/SMTP or something, but I can't find anything on it..
anyone know of any such thing?
I notice The Cure's "Killing an arab" made it thru...
:) Opie and Anthony in New York were also playing the list during the evening drive time, and adding some of their own, like "Ahab the Arab". I IM'ed them asking them to play Killing an Arab.. my tape backups beckoned so I never found out if they played it after all.
DAMMIT, you beat me to it!
I would have definitely put that one near the top of the list..
It actually makes a *huge* difference to the insurance companies. They don't have to cover any damages suffered by acts of war. My mom is an underwriter at a very large insurance company, and a declaration of war will decide if they have to pay out close to a billion-with-a-b dollars.
Interesting note: the World Trade Center (Port Authority) only had insurance to cover the loss of one of the towers. They never imagined they would lose both towers at once. Also my mom's company has some of the buildings and companies covered straight up, but her company will pay on some other coverages only after the first $90 million gets paid by primary coverage.
Did you hear that there's something like $500 **million** worth of gold and silver in the basement that was used to secure many of the financial transactions?! Holy crapoli that's a lotta bucks.
I was in NYC about 30 blocks away when the Twin Towers were bombed in 93. Yes, New York (at least) has been a big target since 1993. Bin Laden was known to want to knock down the Twin Towers specifically. And any history scholar will tell you that Washington D.C. has always been, and will always be, probably the world's most prolific target. That's the biggest fish there is.
Wow a 454 **thousand** slashdot userid. If you're only 16 or so, then i understand why you didn't think New York was a big terrorism target.
You're awesome! You were exactly correct. Lucent makes the Orinoco/EC (ethernet converter). Its about the size of an external modem with an ethernet port and a pcmcia slot and brings 802.11 to any hardwire ethernet device. $220 at CDW, without a PCMCIA card. A little pricey but exactly what I need.
:)
I haven't looked for the Cisco, with their history of "corporate pricing". I don't even wanna know
Thanks!
I appreciate your post, but I may not have been clear in my request. I already have an access point. I cannot run ethernet to where a computer is located, and that PC does not have ISA or PCI slots so it cannot have a PCI to PCMCIA adapter installed. My only choice is to run an ethernet cable from the computer into some kind of device that will make the machine act as a **client** to my **existing** access point, not wire it to another access point that will compete with my existing access point.
Unless I didn't catch something on the airport page stating that the airport can be converted to a client device instead of an access point. I don't need another access point, though. Thanks again for trying to help.