I concur regarding tikiwiki, we migrated from tikiwiki to twiki, which seems much better so far. I haven't delved into twiki's code, but that's because I haven't had to.
So at my company Corporate uses sharepoint 2006 which is abysmal. search stinks, pretty much the only thing it's good at is storing/sharing word documents, pp presentations, etc.
I don't agree with setting the SSH port to non-standard, it is trivial for any determined attacker to figure out which one you've changed it to. Use one of the port/log monitoring daemons that are mentioned further down the page.
That being said I used to work for a hosting company with a few thousand linux servers, most of them running cPanel (cPanel is a hunk of insecure crap). We'd get a few script kiddie break ins a week. Our solution with dramatically reduced the amount of break-ins (In addition to the SSH mods by the grand-parent) were:
1) put/tmp as a separate partition and mount it as noexec, nosuid. Make sure your programs php/httpd use/tmp for temporary files, caches and session info. This simple step stopped 80% of attacks. 2) host allow/deny is your friend 3) rpm -V is your friend, most script kiddies/attackers are not bright enough to alter the rpm db, they will simply replace system binaries.
there are a few more but I can't seem to remember them.
I work for a company which switched from CVS->gnuarch->Mercurial (For the gnuarch, switch it was when we were small and the lone diva developer made the decision for us) (For the mercurial (Hg) switch we evaluated SVN, Git and a few others before settling on mercurial)
Hg has made merging a dream, and everything else is really easy. The biggest headache from the dev's was for a period of about two weeks where they had issues with the extra "Push" step.
I believe that Netbeans and Eclipse have Hg plugins and TortoiseHg is pretty nice there's even a tortoiseHg-nautalis plugin for you gnome users out there.
Overall, Hg is probably the best SCM that I've used.
So far the ones that are being called unMerkin are the ones that seem to be incapable of speaking in any manner other than yelling and screaming about "Death Panels". Rather than contributing to the discussion they are denying everyone else the chance to contribute to the discussion.
Yeah I like OCS Inventory + GLPI, for network monitoring I use Nagios, though I'm seriously considering checking out OpenNMS to replace my Nagios 2.9 installation.
They're pushing the GPS tracked version, because it can do many *nice* extras, like depending on where and what time you drive the rate is more or less...
If you're commuting to the city during rush hour, they charge more. If your going through it at 4AM they charge less.
Plus, it'll probably have other Good features that the government will promise never to use. Which, I predict, that a few years after the nationwide rollout after people are used to it, there will be a "Save the Children from " style campaign sponsored by MADD where they go "The gov already has this capability in our cars! All they have to do is turn it on!"
At which point all the congress critters and their supporters will be happy that they have something to contribute to "Saving Children" and pass more legislation, which the CIA NSA FBI can all sit back and relax, because the features that they've been using all along are now "legal".
All that being said there are GOOD implementations of AD and there are BAD implementations of AD. LDAP/Directory Servers in general are complicated, it takes quite some time and experience to know how do a Good implementation with one. Same as everything else.
Seriously though, there are many people that read slashdot that actually have used most if not all of these different Directory solutions. They need to use them because they are professionals that help run companies, Directory Servers, as a class, are the only way to sanely manage anywhere from a couple dozen users and machines to hundreds or thousands of users and machines.
It doesn't matter whether it's OSS vs Closed Source or Microsoft vs Everyone Else, Once you have REAL experience with more than one Directory server, you will realize that AD is truly the "Best of Breed" of Directory Servers.
Ad is very nice, we use it for Auth in a mixed env as well. I work in QA, the way that I've actually got mine setup is ADS run by Corp, FDS run by QA. FDS has Pass Though Authentication turned on.
You may want to checkout Fedora Directory Server and FreeIPA combo for linux/unix solutions
My first job was working as a bagboy at a local supermarket, Since I was 14 I could only legally works something like 10 hours a week (Something like that, it's been a long time) I got paid every two weeks and the union took more than 1/2 my pay check for dues.... What did I get in return? The right to complain to the union steward... When I did have a complaint the union steward didn't want to hear a word of it and basically told me to stop bothering her. I quit 2 weeks after that and have vowed never to work for a union again. They're bigger thieves than the corps.
I've worked for MegaCorp before I did not enjoy being a number, since then, I've worked for small to medium companies.. Currently I work for a medium sized company ~200 (MX Logic). I joined the company when it was >100.
I may work more hours for less pay than I would at MegaCorp, but at least I feel that the things that I do directly contribute to the company. That I am not just on a hampster wheel is a good thing to feel. Also I know the CEO, CFO and all other execs on a first name basis.
All that being said, I'd say if you have a *good* offer on the table you should consider it. Most likely they'll ask you to stay on for at least a year, after that if you feel like number 49327405-4 in the org you should leave and use the money they bought your small company with to start a new one.
Sounds like you want FreeIPA, currently it only support identity management, but according to the roadmap, version 2 sould be out in april/may sometime and will support policies and auditing....
Slashdot Mirror
I've been reading /. since before they had accounts as well, I'm on my 4 or 5th slashdot account otherwise I'd have a low 4 digit number.
Uhhh dude, you can set yum up tp pull from the install cd's
here's an example /etc/yum.repos.d/myrepos.repo file.
[rhel5cdrom]
name=RHEL5 CDROM
baseurl=file:////mnt/cdrom/Server
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mxlogic
then do
yum install mysql http php
It's not hard secure intranet to not, just spend about 30 seconds teaching yourself how to do it. Seriously, this thread is like people going:
DUDE you mean I have to dbl click on it?!?! windows sux0rs
redhat 5.4 has been out for weeks now.
Yeah, I'd just like to point out something on death panels... We already have them, and they're private - for profit - death panels.
I prefer Mercurial>git>SVN, otherwise grandparent is a good suggestion.
I concur regarding tikiwiki, we migrated from tikiwiki to twiki, which seems much better so far. I haven't delved into twiki's code, but that's because I haven't had to.
So at my company Corporate uses sharepoint 2006 which is abysmal. search stinks, pretty much the only thing it's good at is storing/sharing word documents, pp presentations, etc.
The techs use twiki, which is much nicer.
I don't agree with setting the SSH port to non-standard, it is trivial for any determined attacker to figure out which one you've changed it to. Use one of the port/log monitoring daemons that are mentioned further down the page.
That being said I used to work for a hosting company with a few thousand linux servers, most of them running cPanel (cPanel is a hunk of insecure crap). We'd get a few script kiddie break ins a week. Our solution with dramatically reduced the amount of break-ins (In addition to the SSH mods by the grand-parent) were:
1) put /tmp as a separate partition and mount it as noexec, nosuid. Make sure your programs php/httpd use /tmp for temporary files, caches and session info. This simple step stopped 80% of attacks.
2) host allow/deny is your friend
3) rpm -V is your friend, most script kiddies/attackers are not bright enough to alter the rpm db, they will simply replace system binaries.
there are a few more but I can't seem to remember them.
I work for a company which switched from CVS->gnuarch->Mercurial (For the gnuarch, switch it was when we were small and the lone diva developer made the decision for us) (For the mercurial (Hg) switch we evaluated SVN, Git and a few others before settling on mercurial)
Hg has made merging a dream, and everything else is really easy. The biggest headache from the dev's was for a period of about two weeks where they had issues with the extra "Push" step.
I believe that Netbeans and Eclipse have Hg plugins and TortoiseHg is pretty nice there's even a tortoiseHg-nautalis plugin for you gnome users out there.
Overall, Hg is probably the best SCM that I've used.
SunnyD - It's got Electrolytes!
I might have kept a landline, if it weren't for the fact that the only calls that I ever got on it were Telemarketers.
You forgot about the part where Rich Coke Addict gets elected as President and totally F's this country.
But it's OK 'cause he was Born Again and has One-On-Ones with God now.
So far the ones that are being called unMerkin are the ones that seem to be incapable of speaking in any manner other than yelling and screaming about "Death Panels". Rather than contributing to the discussion they are denying everyone else the chance to contribute to the discussion.
The other thing that drug companies like doing is paying the generic producers to not produce generics
Yeah I like OCS Inventory + GLPI, for network monitoring I use Nagios, though I'm seriously considering checking out OpenNMS to replace my Nagios 2.9 installation.
They're pushing the GPS tracked version, because it can do many *nice* extras, like depending on where and what time you drive the rate is more or less...
If you're commuting to the city during rush hour, they charge more. If your going through it at 4AM they charge less.
Plus, it'll probably have other Good features that the government will promise never to use. Which, I predict, that a few years after the nationwide rollout after people are used to it, there will be a "Save the Children from " style campaign sponsored by MADD where they go "The gov already has this capability in our cars! All they have to do is turn it on!"
At which point all the congress critters and their supporters will be happy that they have something to contribute to "Saving Children" and pass more legislation, which the CIA NSA FBI can all sit back and relax, because the features that they've been using all along are now "legal".
The article uses the term "Single Use"
I may have a job opportunity for you, if you would just please fill out the following app, I'll process it immediately.
Name:
SSN:
Address:
Mother Maiden Name:
Name of your childhood pet:
List of checking/saving accounts.
1.
2.
3.
List of online sites that you have accounts with as well as username and passwords for said accounts.
1.
2.
3.
If you run out of space, please use additional posts to continue your list.
Bad form I know...
All that being said there are GOOD implementations of AD and there are BAD implementations of AD. LDAP/Directory Servers in general are complicated, it takes quite some time and experience to know how do a Good implementation with one. Same as everything else.
tastes like crow!
Seriously though, there are many people that read slashdot that actually have used most if not all of these different Directory solutions. They need to use them because they are professionals that help run companies, Directory Servers, as a class, are the only way to sanely manage anywhere from a couple dozen users and machines to hundreds or thousands of users and machines.
It doesn't matter whether it's OSS vs Closed Source or Microsoft vs Everyone Else, Once you have REAL experience with more than one Directory server, you will realize that AD is truly the "Best of Breed" of Directory Servers.
SunDS, FDS and Novell eDirectory are all based on Netscapes DS,
FDS and RHDS are the direct descendants of Netscape DS, which was purchased by AOL and then by Redhat who then Open Sourced it.
Ad is very nice, we use it for Auth in a mixed env as well. I work in QA, the way that I've actually got mine setup is ADS run by Corp, FDS run by QA. FDS has Pass Though Authentication turned on.
You may want to checkout Fedora Directory Server and FreeIPA combo for linux/unix solutions
My first job was working as a bagboy at a local supermarket, Since I was 14 I could only legally works something like 10 hours a week (Something like that, it's been a long time) I got paid every two weeks and the union took more than 1/2 my pay check for dues.... What did I get in return? The right to complain to the union steward... When I did have a complaint the union steward didn't want to hear a word of it and basically told me to stop bothering her. I quit 2 weeks after that and have vowed never to work for a union again. They're bigger thieves than the corps.
I've worked for MegaCorp before I did not enjoy being a number, since then, I've worked for small to medium companies.. Currently I work for a medium sized company ~200 (MX Logic). I joined the company when it was >100.
I may work more hours for less pay than I would at MegaCorp, but at least I feel that the things that I do directly contribute to the company. That I am not just on a hampster wheel is a good thing to feel. Also I know the CEO, CFO and all other execs on a first name basis.
All that being said, I'd say if you have a *good* offer on the table you should consider it. Most likely they'll ask you to stay on for at least a year, after that if you feel like number 49327405-4 in the org you should leave and use the money they bought your small company with to start a new one.
Sounds like you want FreeIPA, currently it only support identity management, but according to the roadmap, version 2 sould be out in april/may sometime and will support policies and auditing....
http://freeipa.org/
Get off my Lawn!
I had to whistle into the phone in my day....
Actually my first was a 300baud with accoustic coupler....