...f-prot (www.f-prot.com) also makes a free version which i haven't tried but have seen praised
Interestingly, f-prot also makes a Linux version. Good for watching Samba shares, perhaps. I just downloaded it, though, so I'm not sure what its capabilities are.
The suggestions thus far are all good, and here's another...
Put in two more servers (how important is this? otoh, two smtp servers can be, by today's standards "low-end" systems and perform just fine) and have the mail make one more stop on the way at these, and put the anti-spam machinery there. So the flow of mail would look like this:
MX1 --\/--A.S.1--\/--internal mail/pop/imap
MX2 --/\--A.S.2--/\--servers
so no matter what the spammer does, everything is still scanned, leaving you not to worry about CoLo'd servers, or what ISP(s) you use as MX'ers. You could, of course, do this with one A.S. server, but you've got all those backup MX'ers, so it'd be a shame to introduce a single point of failure now.
I know you said no back-packs, but there are classier alternatives - for example, put it all in a nice leather briefcase and it certainly isn't Batman like.
Ah HA! This paper was, in fact, NOT written by the esteemed group of security experts that are listed - the true author is the famed author
Umberto Eco as is evidenced by the document information in the PDF file.
Few people know that the author of The Name of the Rose and Foucault's Pendulum is also a secret info-sec expert.
Also amazing is that, for all of the insecurities brought on by Microsoft's products, the authors still used it to write this paper (or at least to create the PDF). Based on that, I would assume that this paper has been hacked, and not believe anything it says.
So, if you were going to build one of these yourself, what would you use for backup?
Say, for example, you have an old tower, a couple of 80GB IDE disks in it (no scsi), and one spare PCI slot. The whole thing is worth well under $1000, so is there a tape drive (or other hi-cap backup device) that would be suitable for this?
You can get Seagate Travan drive on ebay for about $200, but they do 10GB native, which makes for something around 10 tapes for a complete backup - not very practical.
There are internal IDE/EIDE AIT drives with decent capacities, but they are in the $1000 range.
So, do people:
Not back up their systems.
Use a 50 pack of CDs everytime (if so, what software?
Spend a G on a drive?
Spend less on a drive and invest in tapes? (again, using what software to span the tapes and keep track of them?)
Maybe this should be (or already was?) an Ask Slashdot...
"email isn't our forte" + "company is planning on taking care of its own email, by setting up our own server" !?!?
Don't do this. Pick whatever platform you use and can support, look for someone you can pay to do this, document it, and turn it over to you with instructions for maintainance and upgrading. Email isn't always simple, and these days doing it right (IMAP, anti-spam, security, etc.) can be quite a trick. Learning about email is great, but experimenting on your company is not a good long-term employment stratagy.
how odd is it that as I'm typing this "Dr. Strangelove" just started on TCM...
I vaguely recall learning that some incredibly large fraction of the cost of a nuclear power plant (and thus what the utility charges) is legal fees getting it built, and that is why no new plants have been built in the last 20 or so years
Yes, nuclear plants produce very dangerous byproducts. However, you know right where they are - in those little metal tubes. Contrast with coal/natural gas/oil plants. Much of the waste from those plants is, well, sort of everywhere. If the non-nuclear power plants had the same emissions standards (even if it was just the same radiation emmission standards) as nuclear power plants, electricity would be fantastically expensive.
Nuclear waste can be stored and processed and transported safely. It's done every day. I've seen it. Why isn't it re-processed? Again, the legal fees in defending the construction of a plant make it cheaper to leave it at the plants.
Nuclear plants in the U.S (and Europe and Asia) cannot blow up like Chernobyl. In two sentences: When Chernobyl (and like reactors, known as RBMKs) get hot, the reaction rate increases, then they get hotter, then the reaction rate increase, then they get hotter, until the structure can't take it. Non-RBMK's (all of the reactors in US, Europe, Asia, etc.) have a negative coefficient of reactivity; when they get hot the reaction slows. This is a property of physics, not of any external controls.
Interesting that there is a "shortage" of nuclear workers. Of the 10 people in my undergraduate nuclear engineering class (U. of Michigan, 1989-93), 4 are in IT-related fields, 1 is in the nuclear Navy, 1 is doing brain cancer treatment research (nuclear medicine), 1 is managing hotels, and I've lost track of the other three. It's tough to find work as an entry-level nuclear engineer, even if you want it.
Personally, I believe nuclear power is the lesser evil of coal, oil, and natural gas.
Construction of solar panels generates all sorts of nasty waste, and panels, by definition, make shade where there used to be sun - for all of the interest in solar power these two facts are often overlooked. Perhaps we just don't like the desert ecosystem.:) Panels on building, if they can be constructed with minimum environmental damage, are a good idea, but just can't produce enough power at those sizes to matter too much.
Wind and tide power have promise; nice mechanical systems with (hopefully) manageable environmental impacts.
Hydro-electric pretty much defines negative environmental impact.
Geothermal is great. In Iceland.
A. Caird
B.S. Nuc. Eng. 1993 U. of Michigan
M.S. Nuc. Eng. 1996 U. of Michigan
(but I've never worked as a nuclear engineer; IT jobs are available in nearly every city in the world, computational reactor design jobs are not)
Another entry in the "good free software for plotting that is like Matlab" catagory (yes, very specific), is Octave.
From their web site:
"GNU Octave is a high-level language, primarily intended for numerical computations. It provides a convenient command line interface for solving linear and nonlinear problems numerically, and for performing other numerical experiments using a language that is mostly compatible with Matlab. It may also be used as a batch-oriented language."
For me, this will get me to buy CDs again. $13 vs $19 is only $6, so for every 2 CDs I buy, I (almost) get a 3rd free. Not too bad. Also, this may drive down used CD prices, which would also be nice.
The interesting things will be to see (a) how long this lasts, (b) if CD sales actually go up in any worthwhile way, and (c) if the vast price-fixing conspiracy of RIAA slaves actually does get all of the CD prices down.
In another bit of randomness, does anyone else find this insulting? Aren't the record companies saying "Well, we screwed you for years, but it looks like you finally caught on, so we'll cave a little and it'll look like we're no longer screwing you"? Gee, thanks. Since you spent most of your trust on $6+ per CD, how about you expose the real cost, profit strucure, and royalty disbursement and we'll decided if we are or are not still being screwed.
Discuss.
"power corrupts. powerpoint corrupts absolutely." e. tufte
Some servers give you this for free. I use Suns (E450s) and they report CPU and environmental temperature. Then I use BigBrother and the temperature larrd module to graph it. BigBrother is at bb4.com and the modules (temp. and larrd) at deadcat.net. It's not fancy, but it was cheap and easy.
You could try to webify it. Lots of things talk to Access over the web; even from a Unix web server. Look at ODCBSocketServer+Perl for doing it from Unix; ASP, ColdFusion, WinPerl, etc. for doing it from Windows.
Of course, everyone else is right, you really, really shouldn't use Access for anything. At all. Ever.
Gibraltar is pretty much what you just described. It worked very well for me in the past, although it looks like development has slowed down (no updates, at least to the free version, in over a year).
Anyone else look at the appendix and think "TeX"? Looking at the PDF document info, it came from "book.tex"...:)
TeX is a most excellent portable typesetting system that is all ascii based (that is, works on nearly all platforms, goes well with CVS, vi, emacs, and automated scripts and is easily legible even before being processed into a beautifully formatted document) and free.
Hey, I said this was off topic, but it warms my heart to see TeX used these days. Plus, TeX is bug free.
For the size room you're making, instead of a raised floor, consider a cable tray (basically, a ladder a meter from the ceiling) in which you can lay cables. Raised floors are better, but also cost a mint and aren't always practical to install.
Also, as everyone said, power. keep in mind that the UPSes you'll need probably don't plug into normal outlets; pick them out, and call the electrician - Hubble twist-lock-y things are what you need, but check out APC (and other) web sites for the specs on the plug; you don't need to know what they mean, just copy them carefully for the electrician.
The portable air conditioners are nice, but still need drains - talk to the facilities people while you're doing the lay-out - if there are pipes in the walls in a convenient place, take advantage of them and put the A/C units by them.
Don't worry too much about humidity. back in the day you had to 'cause there was paper in the computer rooms from the big line printers. i doubt you have that, so make sure the A/C people realize that and don't sell you super-fancy humidity controls that you likely don't need.
As has been mentioned - a meter behind the racks, and 2 meters in front, computers are heavy and the more space you have the easier it will be to get them in the racks.
IMO, don't use it for storage, no shelves, no drawers in the desk/table, etc. It's a machine room, not a storage room. Put the computers in, and stay the hell out. It's temping, since it's locked, and probably not full, etc. But don't do it, you'll lose control really fast, and it'll be a disaster.
Again, power: circuits, and more circuits. However many you have, you don't have enough. One room I designed has two 30A circuits per rack, and in some cases that's not enough, mounted on the cable tray so cords don't go back to the wall behind the racks - remember, you need to be able to walk (and carry heavy things) back there.
Also, in addition to a phone, put normal old network jacks in the walls. I know, you'll have switches in there somewhere, but probably not near where you want the desk, and nor does the cable tray go there. If you're having cabling done anyhow, a few jacks right near the patch panel are cheap and well worth it.
Leave room for expansion, pack it as tight as you can. Remember, when you add hardware, you need to add A/C and maybe UPS and power. Leave lots of room. If you're over 60-70% full today, you're in trouble real soon now.
Well, you won't be getting a Halon system any more, as they have been outlawed due to the CFC laws. I'm sure there's some non-CFC-based replacement tho.
FM 200 - in a big red tank and buttons by the doors (on the outside, so you can (a) not worry about access when the place is on fire and (b) not suffocate yourself when you evacuate the aforementioned big red tank).
The Detroit Metro hotel Rubicon is at this year is actually not very close to downtown Detroit at all. The airport is about 20-30 minutes from the "real" downtown, and about 30-40 minutes from Ann Arbor, which is the anti-Detroit (or, as is written on the city maps "5 square miles surrounded by reality"). So if you want the real Detroit, you can get there, and if you want to avoid it, stay in Ann Arbor, and drive 30 minutes a day.
Don't let the city of Detroit (most murders in 2001!!!, up 1 from 2000, to just over 1.33 per day) scare you away from Rubi, you won't be anywhere near it.
OTOH, perhaps Rubi doesn't want any fraidy-cats around or they'd move it to Ann Arbor or Southfield or somewhere a little less frightening to those who watch the news.
... and the churches and other buildings really are beautiful if you get down there in the day - bring a camera, there are some amazing sights (both beautiful and ugly).
> Real synching of clocks can be done with NTP
> [ntp.org], the network time protocol. And yes, it
> can sync one computer's time to GPS...
ntp is good, and the ntp.org site is good, too. also good is that NT has an NTP client as part of the NT Server Resource Kit. Microsoft has an article about this on TechNet.
This in combination with some external software to drive your internal NTP server should keep all of your nodes on the correct time.
Although this doesn't address your need for fast restores, one method of doing this that you likely already know, is to mirror all of the data, break the mirror, backup the static half of the mirror for as long as you like, bring the mirror back together, and let the RAID software worry about the sync'ing of the data (Veritas can do this, I've done it using Veritas for disk mgmt and Legato for backups.) This means your backup window, from the perspective of the application, is 0, and from the perspective of the backsups nearly as long as you need.
However, you aren't the first person to have this problem, and I'm sure Oracle as solved this problem. If it's as important as you say, I would pay them for this knowledge.
A security company local to me (D/A Central) sells and supports software from Lenel that does professional digital security systems, including video. We evaluated this as part of a security system purchase, and it was really expensive. We ended up going with a less sophisticated (and analog) system from Galaxy Control Systems (seriously). The demos of the Lenel stuff were quite impressive, and they were serious enough that I imagine that the data they collected would stand up in court (to comment on a previous poster's concern). BTW, almost all of this stuff is Windows only, but continues to work if the controlling computer is unavailable. However, the security of that computer becomes paramount (ours isn't on the network and is in a locked room, for example). If your company is serious, X10 and some random freshmeat probably isn't the way to go; what security company supports that, anyhow? Find a company in your area that sells Lenel (or whatever) and have them do it right for you.
I have an 8mb Disk-on-Key, and it works great with Linux (modprobe usb-storage ; mount/dev/sda1//mnt/dok), Windows 2000 (no need for drivers, or, for that matter, even administrative rights; it installs great as a normal user), and Windows ME. A friend of mine has one also, and it works with Windows95 after the driver installation.
Like the original poster, I store gpg and ssh keys on it, and complete ssh distributions for several platforms.
My only complaint is that I and my friend have broke the plastic case within weeks of getting them. I had mine replaced by M-Systems at no cost to me (except shipping and inconvenience), but he just Elmer's Glued his back together. The electronics survived both times
For the ~$60 I paid, it has been worth it to have a portable ssh client and my keys with me.
Slashdot Mirror
Interestingly, f-prot also makes a Linux version. Good for watching Samba shares, perhaps. I just downloaded it, though, so I'm not sure what its capabilities are.
Put in two more servers (how important is this? otoh, two smtp servers can be, by today's standards "low-end" systems and perform just fine) and have the mail make one more stop on the way at these, and put the anti-spam machinery there. So the flow of mail would look like this:
MX1 --\/--A.S.1--\/--internal mail/pop/imap
MX2 --/\--A.S.2--/\--servers
so no matter what the spammer does, everything is still scanned, leaving you not to worry about CoLo'd servers, or what ISP(s) you use as MX'ers. You could, of course, do this with one A.S. server, but you've got all those backup MX'ers, so it'd be a shame to introduce a single point of failure now.
illigitimi non carborundum
Ah HA! This paper was, in fact, NOT written by the esteemed group of security experts that are listed - the true author is the famed author Umberto Eco as is evidenced by the document information in the PDF file.
Few people know that the author of The Name of the Rose and Foucault's Pendulum is also a secret info-sec expert.
Also amazing is that, for all of the insecurities brought on by Microsoft's products, the authors still used it to write this paper (or at least to create the PDF). Based on that, I would assume that this paper has been hacked, and not believe anything it says.
Fight Back!
</humor>
Say, for example, you have an old tower, a couple of 80GB IDE disks in it (no scsi), and one spare PCI slot. The whole thing is worth well under $1000, so is there a tape drive (or other hi-cap backup device) that would be suitable for this?
You can get Seagate Travan drive on ebay for about $200, but they do 10GB native, which makes for something around 10 tapes for a complete backup - not very practical.
There are internal IDE/EIDE AIT drives with decent capacities, but they are in the $1000 range.
So, do people:
Maybe this should be (or already was?) an Ask Slashdot...
Don't do this. Pick whatever platform you use and can support, look for someone you can pay to do this, document it, and turn it over to you with instructions for maintainance and upgrading. Email isn't always simple, and these days doing it right (IMAP, anti-spam, security, etc.) can be quite a trick. Learning about email is great, but experimenting on your company is not a good long-term employment stratagy.
In any case, good luck, mail is cool.
A. Caird
B.S. Nuc. Eng. 1993 U. of Michigan
M.S. Nuc. Eng. 1996 U. of Michigan
(but I've never worked as a nuclear engineer; IT jobs are available in nearly every city in the world, computational reactor design jobs are not)
Take it for what it's worth.
From their web site: "GNU Octave is a high-level language, primarily intended for numerical computations. It provides a convenient command line interface for solving linear and nonlinear problems numerically, and for performing other numerical experiments using a language that is mostly compatible with Matlab. It may also be used as a batch-oriented language."
The interesting things will be to see (a) how long this lasts, (b) if CD sales actually go up in any worthwhile way, and (c) if the vast price-fixing conspiracy of RIAA slaves actually does get all of the CD prices down.
In another bit of randomness, does anyone else find this insulting? Aren't the record companies saying "Well, we screwed you for years, but it looks like you finally caught on, so we'll cave a little and it'll look like we're no longer screwing you"? Gee, thanks. Since you spent most of your trust on $6+ per CD, how about you expose the real cost, profit strucure, and royalty disbursement and we'll decided if we are or are not still being screwed.
Discuss.
"power corrupts. powerpoint corrupts absolutely." e. tufte
Good luck.
Andrew
You could try to webify it. Lots of things talk to Access over the web; even from a Unix web server. Look at ODCBSocketServer+Perl for doing it from Unix; ASP, ColdFusion, WinPerl, etc. for doing it from Windows.
Of course, everyone else is right, you really, really shouldn't use Access for anything. At all. Ever.
Best of luck.Gibraltar is pretty much what you just described. It worked very well for me in the past, although it looks like development has slowed down (no updates, at least to the free version, in over a year).
What ever happened to experimentation, isnt' this part of the scientific method? :)
http://itakura.kes.vslib.cz/legoteam/projekt2_ENG. html
is a link that seems to work.
TeX is a most excellent portable typesetting system that is all ascii based (that is, works on nearly all platforms, goes well with CVS, vi, emacs, and automated scripts and is easily legible even before being processed into a beautifully formatted document) and free.
Hey, I said this was off topic, but it warms my heart to see TeX used these days. Plus, TeX is bug free.
-
Also, as everyone said, power. keep in mind that the UPSes you'll need probably don't plug into normal outlets; pick them out, and call the electrician - Hubble twist-lock-y things are what you need, but check out APC (and other) web sites for the specs on the plug; you don't need to know what they mean, just copy them carefully for the electrician.
-
The portable air conditioners are nice, but still need drains - talk to the facilities people while you're doing the lay-out - if there are pipes in the walls in a convenient place, take advantage of them and put the A/C units by them.
-
Don't worry too much about humidity. back in the day you had to 'cause there was paper in the computer rooms from the big line printers. i doubt you have that, so make sure the A/C people realize that and don't sell you super-fancy humidity controls that you likely don't need.
-
As has been mentioned - a meter behind the racks, and 2 meters in front, computers are heavy and the more space you have the easier it will be to get them in the racks.
-
IMO, don't use it for storage, no shelves, no drawers in the desk/table, etc. It's a machine room, not a storage room. Put the computers in, and stay the hell out. It's temping, since it's locked, and probably not full, etc. But don't do it, you'll lose control really fast, and it'll be a disaster.
-
Again, power: circuits, and more circuits. However many you have, you don't have enough. One room I designed has two 30A circuits per rack, and in some cases that's not enough, mounted on the cable tray so cords don't go back to the wall behind the racks - remember, you need to be able to walk (and carry heavy things) back there.
-
Also, in addition to a phone, put normal old network jacks in the walls. I know, you'll have switches in there somewhere, but probably not near where you want the desk, and nor does the cable tray go there. If you're having cabling done anyhow, a few jacks right near the patch panel are cheap and well worth it.
-
Leave room for expansion, pack it as tight as you can. Remember, when you add hardware, you need to add A/C and maybe UPS and power. Leave lots of room. If you're over 60-70% full today, you're in trouble real soon now.
Good luck.FM 200 - in a big red tank and buttons by the doors (on the outside, so you can (a) not worry about access when the place is on fire and (b) not suffocate yourself when you evacuate the aforementioned big red tank).
Don't let the city of Detroit (most murders in 2001!!!, up 1 from 2000, to just over 1.33 per day) scare you away from Rubi, you won't be anywhere near it.
OTOH, perhaps Rubi doesn't want any fraidy-cats around or they'd move it to Ann Arbor or Southfield or somewhere a little less frightening to those who watch the news.
> Real synching of clocks can be done with NTP
ntp is good, and the ntp.org site is good, too. also good is that NT has an NTP client as part of the NT Server Resource Kit. Microsoft has an article about this on TechNet.> [ntp.org], the network time protocol. And yes, it
> can sync one computer's time to GPS...
This in combination with some external software to drive your internal NTP server should keep all of your nodes on the correct time.
However, you aren't the first person to have this problem, and I'm sure Oracle as solved this problem. If it's as important as you say, I would pay them for this knowledge.
cure brain cancer, more here and here ObDisclaimer: Kent is a friend of mine.
A security company local to me (D/A Central) sells and supports software from Lenel that does professional digital security systems, including video. We evaluated this as part of a security system purchase, and it was really expensive. We ended up going with a less sophisticated (and analog) system from Galaxy Control Systems (seriously). The demos of the Lenel stuff were quite impressive, and they were serious enough that I imagine that the data they collected would stand up in court (to comment on a previous poster's concern). BTW, almost all of this stuff is Windows only, but continues to work if the controlling computer is unavailable. However, the security of that computer becomes paramount (ours isn't on the network and is in a locked room, for example). If your company is serious, X10 and some random freshmeat probably isn't the way to go; what security company supports that, anyhow? Find a company in your area that sells Lenel (or whatever) and have them do it right for you.
Like the original poster, I store gpg and ssh keys on it, and complete ssh distributions for several platforms.
My only complaint is that I and my friend have broke the plastic case within weeks of getting them. I had mine replaced by M-Systems at no cost to me (except shipping and inconvenience), but he just Elmer's Glued his back together. The electronics survived both times
For the ~$60 I paid, it has been worth it to have a portable ssh client and my keys with me.