Las Vegas does not get any power from Hoover Dam unless it's purchased on the open market. The power generated by the Hoover Dam belongs to California and Arizona. If Nevada receives any power generated by the Hoover Dam, it's because it's purchased through the energy market just the same as if it was purchased from any other energy provider.
-- While some relocation expenses are tax deductible, a lot aren't. If your company is paying for them, they'll tax you on anything they pay out. Consider asking for a bonus to cover these expenses.
-- With any movers try to get something in writing which guarantees delivery by a certain date with penalties for not making that date. Especially with auto movers. Auto movers made my life a living hell for over a month. During a hectic time such as a relocation, it's just not worth the headache.
-- Make sure you have full coverage insurance with the movers. Not just replacement value.
-- Don't use DAS auto shippers. Just don't. Trust me.
I've been very happy with Lux Scientae. They were one of the few companies I could find that offered all of the email features I needed for multiple domains that I own. They do web hosting as well but I haven't used that.
Read here and here. The second link is mainly for Mac's but also has a bunch of relevant information.
I also suggest you ask further questions on this topic over at the AVS forum. Slashdot is great but for this type of thing, you'll get better info over there.
I personally used linode.com for around 2 months and I was very impressed with their service. The ability to "reinstall" any OS instantly and play around was a really cool feature with endless possabilities. Best of all, their control software _just_worked_.
You might also want to look into getting a dedicated server. I just picked up a P3 800 with 256MB of ram for $40/month. Most VDS supplies are charging that much for a lot less horsepower. There are plenty of deals out there to be had. Check out www.webhostingtalk.com.
I work for a major MSSP. Yes, it's common practice to try and upsell our managed security services based off of consulting gigs. No, I've never heard of them trying to cut out the local security guy.
I feel safe saying that every engineer I work with understands that our service is provided to supplement existing security practices. We can provide some security services which companies cannot perform on thier own. Whether because of cost or technical reasons. We cannot replace a companies entire security team. There are too many small details which need to be handled which an MSSP cannot do remotely. Nor do we want to. We'd also much rather work with a knowledgeable insider than get an imcompetant IT manager who's claim to fame was programming cobol 20 years ago.
My guess is, some overzealous sales weenie got you canned. He probably pitched the MSSP services to the suits. The suits probably replied they already had in house security expertise. The sales weenie, fearing he would lose the sale, pitched the MSSP as a replacement for you. Something he never should have done. Most sales people will do anything they have to do to make the sale.
I think your totally misunderstanding the situation.
Working for an MSSP, a major competitor of Symantec, let me share some insight. Let's say we're monitoring the standard deviation of hits to certain ports and all of the sudden we see 10x more traffic then usual. Less then 5 minutes later we're seeing 100 or 1000x the usual traffic. Step one, protect our customers. End of story. You don't have time to fire off an email to incidents@securityfocus.com, you do everything you can to figure out what is attacking and you and who of your customers is vulnerable.
Can you imagine how much business an MSSP would lose if they fired off an incident report to major mailing lists at 11:15 and one of thier customers got hacked at 11:20? From the customers perspective that's total negligence. We knew about the attack and we even released an advisory but we couldn't protect you, sorry.
It's great to fire off a notice to incidents@, it shows the company is proactive and noticed the attack quickly. Something important to customers looking to get managed security services. One of the prime selling points of an MSSP is that we, by monitoring many customers, can notice trends and attacks quicker than you could by yourself.
I have an Agatetech "Q" USB harddrive. It's amazing how handy these things are.
Sad story. I've been keeping my financial data in an excel spreadsheet on a floppy for over a year. Despite the horrendous history of floppies, I never lost data. About a month after I bought my "Q" drive I had it plugged into my Win98 box when the power went out. Once I regained power I tried to use the drive but the filesystem was fucked. Everytime I tried to access the drive I'd get something to the effect of "Can't access file system. Would you like to format"? I tried emailing Agatetech support to see if they had any recovery utilities. I never heard a response. In the end I formatted and called it a loss.
Agatetech has the coolest looking drive IMO but thier support sucks ass and I wouldn't put too much trust in thier reliability.
I've been through this whole situation myself. I started off by wanting to do exactly what you did. I even looked into making my own cases via sheet metal or plexiglass. In the end I went with standard rackmount cases. I didn't like the look of individual shelves with motherboards and cables hanging all over the place. I didn't like towers sitting on shelves in a rackmount cabinet. It didn't give me that "cool" feeling I was looking for. Your results may vary. You might be happy with that. I wasn't and in the end it cost me because I had to trash everything I had done up until that point and start from scratch
Here's a couple ideas that I thought were pretty neat.
Nexel Shelving. It's pretty cheap and works great as a computer shelf. You can grab a 48" x 84" x 24" rack for around $200. Stick some mid towers on the bottom shelf. Use the middle shelf for monitors. Third shelf up for more towers and the top shelf for storage. Since the rack is made of wire it's easy to zip tie down all the cables.
Office Cabinet. You know the cabinets I'm talking about, you see them in every office enviroment. The ugly putty looking things. You can find these real cheap at office liquidation sales. Stick the towers on the shelves. Cut a hole in the back for one of the windows fans you find at Home Depot. Cut some ventilation in the shelves. Instant rack. The nice thing about this system is you can close it and lock it. Cabling is somewhat difficult though.
Rackmount
This is the way to go in my opinion. It's definately expensive but this is exactly what you want to do. That was the whole point of rackmount! If your not in any hurry, ebay is a great place to find rackmount equipment. Older cabinets can be found for around $100 and easily painted and fixed up. Cases generally go around $150-$250 for the decent ones. The smaller cases bieng more expensive. I can put together a solid 1U case for under $800.
SBC. This kinda goes along with the rackmount option. This can be even more expensive sometimes. Find a big 8U case that supports a 20 slot passive backplane. Get a 4 segment, 20 slot passive backplane. Now add four SBC's and you got four full computers in one box. BoomRack makes a nice 8U case although retail is around $1200. SBC's can be found a lot of times pretty cheap on ebay.
My last words of warning:
If you do buy rackmount I would avoid the Top Power cases. I've found them to be horribly engineered.
Boomrack makes really nice cases although thier a tad more expensive than most others.
Rackmount Pro has some good prices and great service but watch out for the Top Power cases they sell.
Stay away from ebay sellers that sell from Atlantec. While I can't prove it I'm relatively positive that they have a bunch of shill accounts that they use to bid up thier auctions. They always start off low and then in the last day they'll be bid up to retail price by someone with zero to two feedback. Normally I woudn't think anything of this but it happens EVERYTIME! Thier items never sell for more than a couple dollars less then what they sell for in thier web store.
Can you tell me how to soft link the embroidery on my OpenSSH shirt to the new name?
There's a lot more to this argument then a name change. I wish it would be that easy. Unfortunately it has a sort of domino effect to many other things as well. I'm not incredulous enough to believe that people would work past the name change but I do think that he should have thought about this years ago.
"Granted this is larger than djbdns, but this is no reason to abandon what is known to work, and work well."
I hope your not speaking from a security perspective. BIND is notorious for security holes. For many including myself, this was the proverbial straw that broke the camels back. While it is true that BIND 9 was completely rewritten many believe this will not alleviate the security issues that have plagued BIND in the past.
"Has the djbdns code been audited?"
Well, he does offer a $500 security guarantee. Something no one has claimed as of yet. Djbns was designed from the ground up with security in mind. Djbns has to date proven to be secure. I'm not ingorant enough to claim that it's uncrackable but so far it's record speaks pretty highly. Something BIND can't do.
"Has it been tested in a large scale comercial environment?"
From the FAQ: "How fast is tinydns? Can it handle a huge number of incoming queries?
Answer: One site reported receiving 500 queries per second per server at peak times for data from a 350-megabyte data.cdb. The tinydns process handled about 7000 queries per second of CPU time. The CPU was a Pentium III-550.
This example, and lab tests, suggest that tinydns can easily handle the.com server load. However, I don't have enough data on the distribution of.com queries to carry out a realistic experiment."
Maybe you shouldn't be so quick to dismiss a product until you actually take the time to look at it.
I haven't looked in about a month but SGI was selling these directly off Ebay for $1395. I bought mine off there and I love it. I just looked and I don't see any right now but you might keep your eyes open. Do a search on "1600sw".
I was under the impression that using the multilink adapter was a bad thing because it required converting the signal from digital to analog.
I don't recommend doing business with Computer Surplus Outlet. They are the most unprofessional, dishonest bastards I've ever had the displeasure of doing business with.
I sold them a large amount of computer surplus recently and I was originally quoted $1909 for all the parts. After repeatedly sending emails and bieng told "the check will go out tomorrow", I finally got paid $1800 almost a month after I sent the parts. I've emailed them several more times asking about the rest of my payment and they refuse to answer my emails.
Apparently I'm not alone in my hatred for this company. Check out Reseller ratings. They have a very low score compared to many other retailers.
Now correct me if I'm wrong. Wouldn't it be possible to just do an nslookup on the hostname and use the ip instead? Sure I realize that no system will be fool proof. And yes, I realize that web browsers could be forced to do reverse lookups and check the hostname.
All in all, I think it's a great idea. It makes it hard for kids to view porn and easy for adults to find it. I just don't think changing the.tld's will allow much better url filtering than we have now.
I think it would be a great idea. Think about it. Websites that wish to provide content to mobile users could offer a slimmed down version of thier site available at.wap.
You want to read the latest headlines on your Handspring? Head over to slashdot.wap. With the way that wireless computing is going. I can't think of a better tld.
I'm going to direct this at Mr. Simpson as he seems to be greatly involved in this discussion.
In your opinion what is a good possible solution for this? Is NAI likely to release a patch? What about a new version which does not include the ADK feature? I can also see how this might be a desired feature for corporations who want to use the ADK's for thier intended use. Is it likely NAI would release a kludge in a vain attempt to keep this feature in the code? What is your opinion of NAI and do you think they'll do the "right" thing?
Obviously with the growing popularity or PKI this can be seen as a good thing or a bad thing. Good in the fact that it exposes an inherent flaw in public key cryptography and might make some people seriously think about the implications of a public key infrastructure. Bad in the fact that a widely used version of PGP has a potentialy serious hole in it. I wonder how long the NSA has known about this one.
How appropriate this quote of yours seems.
"Mary had a crypto key, she kept it in escrow,
and everything that Mary said, the Feds were sure to know."
-- Sam Simpson, July 9, 1998
Slashdot Mirror
Las Vegas does not get any power from Hoover Dam unless it's purchased on the open market. The power generated by the Hoover Dam belongs to California and Arizona. If Nevada receives any power generated by the Hoover Dam, it's because it's purchased through the energy market just the same as if it was purchased from any other energy provider.
A couple of recommendations:
-- While some relocation expenses are tax deductible, a lot aren't. If your company is paying for them, they'll tax you on anything they pay out. Consider asking for a bonus to cover these expenses.
-- With any movers try to get something in writing which guarantees delivery by a certain date with penalties for not making that date. Especially with auto movers. Auto movers made my life a living hell for over a month. During a hectic time such as a relocation, it's just not worth the headache.
-- Make sure you have full coverage insurance with the movers. Not just replacement value.
-- Don't use DAS auto shippers. Just don't. Trust me.
I've been very happy with Lux Scientae. They were one of the few companies I could find that offered all of the email features I needed for multiple domains that I own. They do web hosting as well but I haven't used that.
I also suggest you ask further questions on this topic over at the AVS forum. Slashdot is great but for this type of thing, you'll get better info over there.
I personally used linode.com for around 2 months and I was very impressed with their service. The ability to "reinstall" any OS instantly and play around was a really cool feature with endless possabilities. Best of all, their control software _just_worked_.
You might also want to look into getting a dedicated server. I just picked up a P3 800 with 256MB of ram for $40/month. Most VDS supplies are charging that much for a lot less horsepower. There are plenty of deals out there to be had. Check out www.webhostingtalk.com.
I feel safe saying that every engineer I work with understands that our service is provided to supplement existing security practices. We can provide some security services which companies cannot perform on thier own. Whether because of cost or technical reasons. We cannot replace a companies entire security team. There are too many small details which need to be handled which an MSSP cannot do remotely. Nor do we want to. We'd also much rather work with a knowledgeable insider than get an imcompetant IT manager who's claim to fame was programming cobol 20 years ago.
My guess is, some overzealous sales weenie got you canned. He probably pitched the MSSP services to the suits. The suits probably replied they already had in house security expertise. The sales weenie, fearing he would lose the sale, pitched the MSSP as a replacement for you. Something he never should have done. Most sales people will do anything they have to do to make the sale.
I'd recommend The Code Book by Simon Singh. Excellent very entertaining book tracing the history of cryptography.
Working for an MSSP, a major competitor of Symantec, let me share some insight. Let's say we're monitoring the standard deviation of hits to certain ports and all of the sudden we see 10x more traffic then usual. Less then 5 minutes later we're seeing 100 or 1000x the usual traffic. Step one, protect our customers. End of story. You don't have time to fire off an email to incidents@securityfocus.com, you do everything you can to figure out what is attacking and you and who of your customers is vulnerable.
Can you imagine how much business an MSSP would lose if they fired off an incident report to major mailing lists at 11:15 and one of thier customers got hacked at 11:20? From the customers perspective that's total negligence. We knew about the attack and we even released an advisory but we couldn't protect you, sorry.
It's great to fire off a notice to incidents@, it shows the company is proactive and noticed the attack quickly. Something important to customers looking to get managed security services. One of the prime selling points of an MSSP is that we, by monitoring many customers, can notice trends and attacks quicker than you could by yourself.
They also acquired Recourse Technologies and Riptech. Symantec corporate
Hows that?
Sad story. I've been keeping my financial data in an excel spreadsheet on a floppy for over a year. Despite the horrendous history of floppies, I never lost data. About a month after I bought my "Q" drive I had it plugged into my Win98 box when the power went out. Once I regained power I tried to use the drive but the filesystem was fucked. Everytime I tried to access the drive I'd get something to the effect of "Can't access file system. Would you like to format"? I tried emailing Agatetech support to see if they had any recovery utilities. I never heard a response. In the end I formatted and called it a loss.
Agatetech has the coolest looking drive IMO but thier support sucks ass and I wouldn't put too much trust in thier reliability.
For those who are intersted, here are some manufacturers: :: Thumbdrive :: FlashDIO :: DiskOnKey
Agatetech
If your not using yours, I'd be interested in buying it if your want to sell it. My friend saw my 32MB Q drive and he wants one.
Check here:Using CVS to manage a website
DNS & Bind - Maybe not the best shelf life but still a very good reference
TCP/IP Illustrated Volume 1
TCP/IP Illustrated Volume 2
Unix Network Programming Volume 1
Secrets and Lies
Building Internet Firewallws
Practical Unix and Internet Security
Design and Implementation of the 4.4BSD Operating System
Unix System Administration Handbook
Here's a couple ideas that I thought were pretty neat.
My last words of warning:
If you do buy rackmount I would avoid the Top Power cases. I've found them to be horribly engineered.
Boomrack makes really nice cases although thier a tad more expensive than most others.
Rackmount Pro has some good prices and great service but watch out for the Top Power cases they sell.
Stay away from ebay sellers that sell from Atlantec. While I can't prove it I'm relatively positive that they have a bunch of shill accounts that they use to bid up thier auctions. They always start off low and then in the last day they'll be bid up to retail price by someone with zero to two feedback. Normally I woudn't think anything of this but it happens EVERYTIME! Thier items never sell for more than a couple dollars less then what they sell for in thier web store.
There's a lot more to this argument then a name change. I wish it would be that easy. Unfortunately it has a sort of domino effect to many other things as well. I'm not incredulous enough to believe that people would work past the name change but I do think that he should have thought about this years ago.
LiNT
I hope your not speaking from a security perspective. BIND is notorious for security holes. For many including myself, this was the proverbial straw that broke the camels back. While it is true that BIND 9 was completely rewritten many believe this will not alleviate the security issues that have plagued BIND in the past.
"Has the djbdns code been audited?"
Well, he does offer a $500 security guarantee. Something no one has claimed as of yet. Djbns was designed from the ground up with security in mind. Djbns has to date proven to be secure. I'm not ingorant enough to claim that it's uncrackable but so far it's record speaks pretty highly. Something BIND can't do.
"Has it been tested in a large scale comercial environment?"
From the FAQ: "How fast is tinydns? Can it handle a huge number of incoming queries?
Answer: One site reported receiving 500 queries per second per server at peak times for data from a 350-megabyte data.cdb. The tinydns process handled about 7000 queries per second of CPU time. The CPU was a Pentium III-550.
This example, and lab tests, suggest that tinydns can easily handle the .com server load. However, I don't have enough data on the distribution of .com queries to carry out a realistic experiment."
Maybe you shouldn't be so quick to dismiss a product until you actually take the time to look at it.
LiNT
I was under the impression that using the multilink adapter was a bad thing because it required converting the signal from digital to analog.
LiNT
I sold them a large amount of computer surplus recently and I was originally quoted $1909 for all the parts. After repeatedly sending emails and bieng told "the check will go out tomorrow", I finally got paid $1800 almost a month after I sent the parts. I've emailed them several more times asking about the rest of my payment and they refuse to answer my emails.
Apparently I'm not alone in my hatred for this company. Check out Reseller ratings. They have a very low score compared to many other retailers.
LiNT
Takes a big man to sit on his ass and insult someone.
If you think Jello is a nimrod, fine, that's your opinion but take the time to back up your argument before you libel someone.
LiNT
http://64.29.18.113/
All in all, I think it's a great idea. It makes it hard for kids to view porn and easy for adults to find it. I just don't think changing the .tld's will allow much better url filtering than we have now.
LiNT
You want to read the latest headlines on your Handspring? Head over to slashdot.wap. With the way that wireless computing is going. I can't think of a better tld.
LiNT
Incidents Mailing List FAQ
LiNT
In your opinion what is a good possible solution for this? Is NAI likely to release a patch? What about a new version which does not include the ADK feature? I can also see how this might be a desired feature for corporations who want to use the ADK's for thier intended use. Is it likely NAI would release a kludge in a vain attempt to keep this feature in the code? What is your opinion of NAI and do you think they'll do the "right" thing?
Obviously with the growing popularity or PKI this can be seen as a good thing or a bad thing. Good in the fact that it exposes an inherent flaw in public key cryptography and might make some people seriously think about the implications of a public key infrastructure. Bad in the fact that a widely used version of PGP has a potentialy serious hole in it. I wonder how long the NSA has known about this one.
How appropriate this quote of yours seems.
"Mary had a crypto key, she kept it in escrow, and everything that Mary said, the Feds were sure to know."
-- Sam Simpson, July 9, 1998
LiNT