Lots of technical books are collaborations. That's why so many suck! It's hard to read when the writing style changes from chapter to chapter, ideas do not carry through the book as they should and writing skills vary dramatically.
Notify IBM, Active State, the original copyright holders and the FSF. Let them all know about the obvious GPL violations of their code.
You, fighting this alone, will almost certainly lose to your employer but, the involvement of outsiders could cause your employer to think twice about their pending actions.
Of course, following this advice will almost certainly result in your firing for any of a number of reasons so, you would be best served by also contacting a good lawyer, in advance.
Briefly looking over the M0n0wall website, it appears to be just a firewall rather than a wireless hotspot solution. Did I miss a feature or did you fail to post all of the configuration modifications that you had to make in order to turn M0n0wall and FreeRADIUS into a captive portal?
I'm not trying to be offensive but, how is M0n0wall better than the likes of ZoneCD or NoCat Auth? I understand that 'you' found NoCat complicated as compared to M0n0wall but, is that an accurate assessment or is it simply your situation because of your preference to BSD?
Anyone else would get a message to find another way to contact me to be added to the whitelist, to enter the passcode to get through, or they be routed to/dev/null.
Anyone showing up as "UNKNOWN", "UNAVAILABLE", or originating numbers coming from outside the country would automatically be re-routed to/dev/null. I would sort of expect these options to be built into the software and easily enabled by end users as that would make the most sense.
Re:Can somebody answer this
on
Deploying OpenLDAP
·
· Score: 5, Interesting
Most of the large deployments (at least in the millions of users) I have seen do this. Once you have the suffix named, then it is often best to just leave it relatively flat below that (e.g., all users below "ou=People,dc=example,dc=com") and use attributes within the entries to provide logical arrangements of users.
Just how many LDAP deployments of millions of users have you seen? That were flat no less?
I've seen hundreds of implementations. Most of the ones I've seen had thousands or hundreds of thousands of objects in them and one had over a million objects. I have not seen any implementation, with more than a couple of hundred objects, that was flat.
The thought of a flat tree with millions of objects sounds like a replication nightmare!
Re:Can somebody answer this
on
Deploying OpenLDAP
·
· Score: 4, Insightful
Geographic division of the LDAP tree is very common and works best for most situations but it is not a requirement. Depending on your environment you may prefer to divide the tree by department(political) or by function, or any other way you can think of. What usually makes the decision for you is your business process and network operation/replication.
There are many books available that cover this topic. From this review, I would skip this particular book.
The purpose of the project was to demonstrate the students newly learned CG animation skills. Real Lego blocks would require stop motion animation rather than CG animation.
Why Legos at all? Why not? Do you have a theme for a mini movie that will demonstrate your 1337 CG skillz?
Have you heard of rsync? rcp? ssh logins? How about nfs? How about centralized home directories? How about running an application that is stored on the network?
Rsyc - Synchronizes files doesn't really help with specifics like settings in Gconf or updates to Postfix alias databases or RPM installations.
Rcp - insecure. Better to use scp or sftp.
Ssh logins - that's what I said in the original post.
Nfs - File sharing isn't systems management.
Centralized Home directories - the only way to go for network connected uses.
Running apps from the network - excellent when possible. But, doesn't work with some apps, with large apps when bandwidth is an issue, or with people disconnected from the network such as laptops.
Also, many of the above services are not available on Windows, only Linux/Unix. This limits your options for network management as even your environment seems to have Windows as well as Linux.
I'm not trying to flame you but, rather point out that it isn't a case of Windows-centric thinking. It is a case of network-wide management thinking. Thinking in terms of doing as much as possible from a central point with the greatest of ease. Volume and automation.
The imaging that you describe in your environment is likely the same one the ZenWorks uses, PXE booting. While it can be setup on almost any network it is fiddly to say the least. ZenWorks makes its setup much easier and it is only a small part of what ZenWorks does. For instance, can they take a backup image of your workstation remotely because, your hard drives S.M.A.R.T. is predicting a failure or they want to have a backup for some other reason? PXE doesn't do this but, with ZenWorks they can, and now it doesn't matter if your running Windows or Linux.
The most important question is: what does it really mean for Linux users, administrators and developers?
They are not referring to making Linux like Windows. They are referring to making the management of Linux, through ZenWorks, like the management of Windows, through ZenWorks. This is an important feature for ZenWorks and its users and is a feature that Novell has been missing for some time, despite their previous claims of ZenWorks Linux support.
ZenWorks is a fantastic tool and is extremely powerful. It performs functions such as hardware and software inventory, application installation and removal, remote control, system policy management and more. But, ZenWorks primary area of support has been Windows systems. Novell claimed that it supported Linux and PDA's but, this support was very limited. Now, with ZenWorks 7, the supported features for Linux approach the level of the Windows features that have always been there.
First off, you need to understand what ZenWorks can do. ZenWorks is a system for controlling and managing workstations and servers network-wide from a single location, using policies that are stored in eDirectory, Novell's directory service. With ZenWorks, an administrator can control settings like Windows Policies and KDE kiosk configuration. With ZenWorks an administrator can install and remove applications, patches and configurations remotely from a single location. With ZenWorks, an administrator can install new operating systems or reinstall broken operating systems remotely, from a single location.
Some of these things you can do with Linux already and some of them you can't. Or at least, you can't do them easily. This new ZenWorks is supposed to make it brain dead easy to do these things for 10 systems or 10,000 systems. The key concepts are ease and volume/automation. Sure, you could write a script to ssh into your systems and install some software or what-have-you but, it will be different every time and too often requires some form of manual intervetion. Most importantly, nothing about the script will be useable on Windows workstations. You'll have to use different scripts and scripting languages for those systems so, the overhead is relatively high.
Here are a couple of scenarios. Suppose your working the helpdesk and a user calls to say that their PC isn't working. You open up the management console and quickly locate the PC in question from amongst the thousands in your firm. With two clicks you are connected to the PC and remotely controlling it. Regardless of whether the PC is Windows or Linux, the procedure is the same.
Now you see that the PC isn't actually broken, as the user reported but, it is simply missing an application because the user had moved in from another department and had not yet been configured to use that application. A couple of clicks associates the user with the application and the application is automatically installed and made available to the user. Again, Windows or Linux, the procedure is the same in ZenWorks.
Now, let's suppose that during the install of the application, the user unplugged the PC. I don't know why they did it, they just did it. They're a user, OK? Anyway, for what ever reason the disk is corrupted and the OS is hosed. You instruct the user to restart the machine and choose the appropriate option from the boot menu. The PC is reimaged with a fresh copy of the OS and the appropriate applications are reinstalled. In ten minutes the user is up and running with no user or admninistrator intervention. Again, Windows or Linux, the procedure is the same from within ZenWorks.
Now, let's assume a different scenario. This time, let's assume that your boss has decided that the company will now use the latest Windows 200X on all workstations. This is a massive upgrade that requires not only the installation of a new OS but also the installation or upgrade of numerous applications that were being used before but no longer work under the new Windows version. Even if you use RIS or Ghost
10 Your mother told you to stop being such a pack rat. 9. Disks fill up, no matter how cheap they are. Low cost doesn't excuse gluttony. 8. Backups take forever. 7. Restores take an eternity, especially if your not confident. 6. Mail client gets slower and slower. 5. Searches take too long. 4. Mail clients make mistakes, especially on big stores. See #7 3. Your CYA evidence may be used against you. 2. A mail store is not a file system and SMTP is not a file transfer protocol.
And the number one reason to delete your old email...
1. IT'S ALL A BUNCH OF USELESS CRAP JUST AS IT WAS WHEN YOU FIRST RECEIVED IT!!
This is not an uncommon policy at non-public companies. In fact, I like to use it as a means/excuse to recover storage space on mail systems.
But, in Microsoft's case, they were able to provide emails from before and after the negotiating period. It was only during the 35 week window that the emails were mysteriously purged.
I don't have an immediate solution for this. Myth Recommend and WishTV have already been mentioned. Although the two of them are better than nothing at all, neither of them is what Tivo does.
However, if you are a developer and are thinking of starting such a project, I have a recommendation. I would suggest that you use Bayesian analysis of the descriptions of the user's recorded shows. Sort of like Spamassassin for TV shows. The spam detection algorithm could be adapted to identify possibly desireable shows, just as it is used to identify possible spam.
By the way. If none already exists, this post serves as prior art should anyone try to patent the idea. It is now an obvious invention.
With licenses valid for ten years, they will likely cost the same as cellular licenses. Millions of dollars! They may even have to do lotteries like they do with the cellular providers.
Sony now has a new CEO. The new CEO is a media and content proponent rather than a hardware man like his predecessor of ten years.
This will most likely mean a shift for Sony from being a hardware company to a content company. It will also mean hightend interest in DRM and copy protection on Sony's part.
Personally, I think it's a big mistake for Sony to forget "their old slogan".
Troll my fanny. Have a read of the Linux SATA RAID faq. Notice all the claims that the RAID controllers aren't really hardware RAID controllers?
These claims are like the old claims that winmodems weren't really modems. Remember that? Strangely, now that someone figured it out, almost all winmodems work with Linux now and they are real modems again.
The fact that these RAID controllers are working RAID controllers for other operating systems but, don't work on Linux means that they really are hardware RAID controllers, contrary to the faq's claims. It means that LINUX does NOT support them. It means that no Linux developers have figured out how to make them work, yet.
I'm also willing to bet that Linux inability to work with many SATA RAID controllers is one of the primary, undisclosed, reasons that the majority of the controllers in the article weren't scored.
Oops, there's a problem. Let's just pretend it doesn't exist.
From the article: Theimer said; "We want to be competitive with something like Red Hat."
That shouldn't be a problem. At these prices Windows 2003 is already cheaper. It's only when you start adding CALs that Microsoft gets more expensive and people won't be buying a lot of CALs for a supercomputing cluster.
I have not tried this one but, I saw it a few months ago and thought that it looked interesting. It isn't as powerful as OpenNMS or Nagios but it does have some advantages of its own.
This one is Don O'Neill's own combination of several different small packages. Basically, it provides a very nice front end to fairly extensive MRTG monitoring. But, it does give you an idea of what you can do and it certainly looks customizable.
I doubt that you meant it that way but, your post has rubbed me the wrong way. Your's is just the latest in a long running series of similar posts where the blame for a situation is redirected at the victim.
The tapes were believed to be stolen by airport bagage handlers during shipment to BoA's offsite facility, likely another datacenter. It's still under investigation so the news agencies are not yet able to accurately report exactly what happened.
By all accounts BoA has made reasonable effort to protect its data, its tapes and its customers. BoA, and by proxy its customers, are the victim of theft. The blame lies squarely on the shoulders of the thieves and no where else.
In ANY incident, there will always be something more that could have been done to prevent the incident from happening. But, it becomes a question or reasonable care. Was reasonable care taken? It certainly seems as if it was in this case.
Let's put the blame where it belongs. Don't redirect the blame to the victims.
they set the VPN interface to be the default route, and then they remove any other routes.
Too true. and adding a host route or two resolves the issue.
route add mac'sIP mask 255.255.255.255 eth0'sIP
It may also be necessary to add a host route for the local eth0 interface as well, depends on how far your VPN client goes. I'd put it in a batch file so that I could run it each time I bring up the VPN.
Slashdot Mirror
Lots of technical books are collaborations. That's why so many suck! It's hard to read when the writing style changes from chapter to chapter, ideas do not carry through the book as they should and writing skills vary dramatically.
I much prefer a single author.
Notify IBM, Active State, the original copyright holders and the FSF. Let them all know about the obvious GPL violations of their code.
You, fighting this alone, will almost certainly lose to your employer but, the involvement of outsiders could cause your employer to think twice about their pending actions.
Of course, following this advice will almost certainly result in your firing for any of a number of reasons so, you would be best served by also contacting a good lawyer, in advance.
Briefly looking over the M0n0wall website, it appears to be just a firewall rather than a wireless hotspot solution. Did I miss a feature or did you fail to post all of the configuration modifications that you had to make in order to turn M0n0wall and FreeRADIUS into a captive portal?
I'm not trying to be offensive but, how is M0n0wall better than the likes of ZoneCD or NoCat Auth? I understand that 'you' found NoCat complicated as compared to M0n0wall but, is that an accurate assessment or is it simply your situation because of your preference to BSD?
Anyone else would get a message to find another way to contact me to be added to the whitelist, to enter the passcode to get through, or they be routed to /dev/null.
/dev/null. I would sort of expect these options to be built into the software and easily enabled by end users as that would make the most sense.
Anyone showing up as "UNKNOWN", "UNAVAILABLE", or originating numbers coming from outside the country would automatically be re-routed to
This is already available and has been for years. It's called Anonymous Call Rejection(ACR)
I'm sorry if I Slashdot The Campbells.
Most of the large deployments (at least in the millions of users) I have seen do this. Once you have the suffix named, then it is often best to just leave it relatively flat below that (e.g., all users below "ou=People,dc=example,dc=com") and use attributes within the entries to provide logical arrangements of users.
Just how many LDAP deployments of millions of users have you seen? That were flat no less?
I've seen hundreds of implementations. Most of the ones I've seen had thousands or hundreds of thousands of objects in them and one had over a million objects. I have not seen any implementation, with more than a couple of hundred objects, that was flat.
The thought of a flat tree with millions of objects sounds like a replication nightmare!
Geographic division of the LDAP tree is very common and works best for most situations but it is not a requirement. Depending on your environment you may prefer to divide the tree by department(political) or by function, or any other way you can think of. What usually makes the decision for you is your business process and network operation/replication.
There are many books available that cover this topic. From this review, I would skip this particular book.
Well, I have a Cirrus Logic 5401 VGA controller.
I'll sell it to you but, it won't be cheap.
The purpose of the project was to demonstrate the students newly learned CG animation skills. Real Lego blocks would require stop motion animation rather than CG animation.
Why Legos at all? Why not? Do you have a theme for a mini movie that will demonstrate your 1337 CG skillz?
How much did it cost to produce this "little" student project?
3D computer graphics animation.
Professional sound and scoring.
Real life movie stars for voices.
All this stuff costs Disney millions of dollars for a 90 minute movie. How much did it cost for this little project?
Now I'm not a system administrator
From your post, obviously not.
Have you heard of rsync? rcp? ssh logins? How about nfs? How about centralized home directories? How about running an application that is stored on the network?
Rsyc - Synchronizes files doesn't really help with specifics like settings in Gconf or updates to Postfix alias databases or RPM installations.
Rcp - insecure. Better to use scp or sftp.
Ssh logins - that's what I said in the original post.
Nfs - File sharing isn't systems management.
Centralized Home directories - the only way to go for network connected uses.
Running apps from the network - excellent when possible. But, doesn't work with some apps, with large apps when bandwidth is an issue, or with people disconnected from the network such as laptops.
Also, many of the above services are not available on Windows, only Linux/Unix. This limits your options for network management as even your environment seems to have Windows as well as Linux.
I'm not trying to flame you but, rather point out that it isn't a case of Windows-centric thinking. It is a case of network-wide management thinking. Thinking in terms of doing as much as possible from a central point with the greatest of ease. Volume and automation.
The imaging that you describe in your environment is likely the same one the ZenWorks uses, PXE booting. While it can be setup on almost any network it is fiddly to say the least. ZenWorks makes its setup much easier and it is only a small part of what ZenWorks does. For instance, can they take a backup image of your workstation remotely because, your hard drives S.M.A.R.T. is predicting a failure or they want to have a backup for some other reason? PXE doesn't do this but, with ZenWorks they can, and now it doesn't matter if your running Windows or Linux.
Please see my other post on this article here.
The most important question is: what does it really mean for Linux users, administrators and developers?
They are not referring to making Linux like Windows. They are referring to making the management of Linux, through ZenWorks, like the management of Windows, through ZenWorks. This is an important feature for ZenWorks and its users and is a feature that Novell has been missing for some time, despite their previous claims of ZenWorks Linux support.
ZenWorks is a fantastic tool and is extremely powerful. It performs functions such as hardware and software inventory, application installation and removal, remote control, system policy management and more. But, ZenWorks primary area of support has been Windows systems. Novell claimed that it supported Linux and PDA's but, this support was very limited. Now, with ZenWorks 7, the supported features for Linux approach the level of the Windows features that have always been there.
First off, you need to understand what ZenWorks can do. ZenWorks is a system for controlling and managing workstations and servers network-wide from a single location, using policies that are stored in eDirectory, Novell's directory service. With ZenWorks, an administrator can control settings like Windows Policies and KDE kiosk configuration. With ZenWorks an administrator can install and remove applications, patches and configurations remotely from a single location. With ZenWorks, an administrator can install new operating systems or reinstall broken operating systems remotely, from a single location.
Some of these things you can do with Linux already and some of them you can't. Or at least, you can't do them easily. This new ZenWorks is supposed to make it brain dead easy to do these things for 10 systems or 10,000 systems. The key concepts are ease and volume/automation. Sure, you could write a script to ssh into your systems and install some software or what-have-you but, it will be different every time and too often requires some form of manual intervetion. Most importantly, nothing about the script will be useable on Windows workstations. You'll have to use different scripts and scripting languages for those systems so, the overhead is relatively high.
Here are a couple of scenarios. Suppose your working the helpdesk and a user calls to say that their PC isn't working. You open up the management console and quickly locate the PC in question from amongst the thousands in your firm. With two clicks you are connected to the PC and remotely controlling it. Regardless of whether the PC is Windows or Linux, the procedure is the same.
Now you see that the PC isn't actually broken, as the user reported but, it is simply missing an application because the user had moved in from another department and had not yet been configured to use that application. A couple of clicks associates the user with the application and the application is automatically installed and made available to the user. Again, Windows or Linux, the procedure is the same in ZenWorks.
Now, let's suppose that during the install of the application, the user unplugged the PC. I don't know why they did it, they just did it. They're a user, OK? Anyway, for what ever reason the disk is corrupted and the OS is hosed. You instruct the user to restart the machine and choose the appropriate option from the boot menu. The PC is reimaged with a fresh copy of the OS and the appropriate applications are reinstalled. In ten minutes the user is up and running with no user or admninistrator intervention. Again, Windows or Linux, the procedure is the same from within ZenWorks.
Now, let's assume a different scenario. This time, let's assume that your boss has decided that the company will now use the latest Windows 200X on all workstations. This is a massive upgrade that requires not only the installation of a new OS but also the installation or upgrade of numerous applications that were being used before but no longer work under the new Windows version. Even if you use RIS or Ghost
10 Your mother told you to stop being such a pack rat.
9. Disks fill up, no matter how cheap they are. Low cost doesn't excuse gluttony.
8. Backups take forever.
7. Restores take an eternity, especially if your not confident.
6. Mail client gets slower and slower.
5. Searches take too long.
4. Mail clients make mistakes, especially on big stores. See #7
3. Your CYA evidence may be used against you.
2. A mail store is not a file system and SMTP is not a file transfer protocol.
And the number one reason to delete your old email...
1. IT'S ALL A BUNCH OF USELESS CRAP JUST AS IT WAS WHEN YOU FIRST RECEIVED IT!!
This is not an uncommon policy at non-public companies. In fact, I like to use it as a means/excuse to recover storage space on mail systems.
But, in Microsoft's case, they were able to provide emails from before and after the negotiating period. It was only during the 35 week window that the emails were mysteriously purged.
I don't have an immediate solution for this. Myth Recommend and WishTV have already been mentioned. Although the two of them are better than nothing at all, neither of them is what Tivo does.
However, if you are a developer and are thinking of starting such a project, I have a recommendation. I would suggest that you use Bayesian analysis of the descriptions of the user's recorded shows. Sort of like Spamassassin for TV shows. The spam detection algorithm could be adapted to identify possibly desireable shows, just as it is used to identify possible spam.
By the way. If none already exists, this post serves as prior art should anyone try to patent the idea. It is now an obvious invention.
With licenses valid for ten years, they will likely cost the same as cellular licenses. Millions of dollars! They may even have to do lotteries like they do with the cellular providers.
What a remarkable "coincidence".
I never put any credence into the ativirus companies writing viruses conspiracy theories but, that one's just too fishy.
Sony now has a new CEO. The new CEO is a media and content proponent rather than a hardware man like his predecessor of ten years.
This will most likely mean a shift for Sony from being a hardware company to a content company. It will also mean hightend interest in DRM and copy protection on Sony's part.
Personally, I think it's a big mistake for Sony to forget "their old slogan".
Sony -- Because caucasians are too damn big!
Troll my fanny. Have a read of the Linux SATA RAID faq. Notice all the claims that the RAID controllers aren't really hardware RAID controllers?
These claims are like the old claims that winmodems weren't really modems. Remember that? Strangely, now that someone figured it out, almost all winmodems work with Linux now and they are real modems again.
The fact that these RAID controllers are working RAID controllers for other operating systems but, don't work on Linux means that they really are hardware RAID controllers, contrary to the faq's claims. It means that LINUX does NOT support them. It means that no Linux developers have figured out how to make them work, yet.
I'm also willing to bet that Linux inability to work with many SATA RAID controllers is one of the primary, undisclosed, reasons that the majority of the controllers in the article weren't scored.
Oops, there's a problem. Let's just pretend it doesn't exist.
From the article: Theimer said; "We want to be competitive with something like Red Hat."
That shouldn't be a problem. At these prices Windows 2003 is already cheaper. It's only when you start adding CALs that Microsoft gets more expensive and people won't be buying a lot of CALs for a supercomputing cluster.
Boot from the Knoppix CD
Open Konsole
type su
type knoppix-installer
answer the prompts
reboot
Done.
I have not tried this one but, I saw it a few months ago and thought that it looked interesting. It isn't as powerful as OpenNMS or Nagios but it does have some advantages of its own.
This one is Don O'Neill's own combination of several different small packages. Basically, it provides a very nice front end to fairly extensive MRTG monitoring. But, it does give you an idea of what you can do and it certainly looks customizable.
I doubt that you meant it that way but, your post has rubbed me the wrong way. Your's is just the latest in a long running series of similar posts where the blame for a situation is redirected at the victim.
The tapes were believed to be stolen by airport bagage handlers during shipment to BoA's offsite facility, likely another datacenter. It's still under investigation so the news agencies are not yet able to accurately report exactly what happened.
By all accounts BoA has made reasonable effort to protect its data, its tapes and its customers. BoA, and by proxy its customers, are the victim of theft. The blame lies squarely on the shoulders of the thieves and no where else.
In ANY incident, there will always be something more that could have been done to prevent the incident from happening. But, it becomes a question or reasonable care. Was reasonable care taken? It certainly seems as if it was in this case.
Let's put the blame where it belongs. Don't redirect the blame to the victims.
Its a bad idea anyway.
Even Apple is dropping Firewire.
USB wins! Yea! What did it win?
they set the VPN interface to be the default route, and then they remove any other routes.
Too true. and adding a host route or two resolves the issue.
route add mac'sIP mask 255.255.255.255 eth0'sIP
It may also be necessary to add a host route for the local eth0 interface as well, depends on how far your VPN client goes. I'd put it in a batch file so that I could run it each time I bring up the VPN.