Increased uptime requirements arise when enterprises stack multiple workloads onto a single server, making it even more essential to keep the server running. "The entire environment becomes as critical as the most critical application running on it," Mann explains. "It is also more difficult to schedule downtime for maintenance, because you need to find a window that's acceptable for all workloads, so uptime requirements become much higher."
No, no, no. First of all, in a real enterprise type solution (something this author seems unfamiliar with) the entire environment is redundant. "the" server? You don't run anything on "the" server, you run it on a server and you just move the virtual machine(s) to another server as needed when there is a problem or maintenance is needed. It is actually very easy to deal with hardware failures.. you don't ever have to schedule downtime, you just move the VMs, fix the broken node, and move on. For software maintenance you just snapshot the image, do your updates, and if they don't work out, you're back online in no time.
In a physical server environment, each application runs on a separate box with a dedicated network interface card (NIC), Mann explains. But in a virtual environment, multiple workloads share a single NIC, and possibly one router or switch as well.
Uh... well maybe you would just install more nics? It seems the "expert" quoted in this article has played around with some workstation level product and has no idea how enterprise level solutions actually work.
The only valid point I find in this whole article is the mention of additional training and support costs. These can be significant, but the flexibility and reliability of the virtualized environment is very often well worth the cost.
How can Apple have released a fix if Vista was at fault? Hmm?
You apparently know nothing, and I mean nothing about how software works in the Windows world. Software companies constantly have to "fix" their software because of bugs or changes in the underlying Windows systems they rely upon. This is simply the way things are done in the Windows world.
Would you say that Fedex uses a series of tubes to deliver packages to your door?
While on one level an analogy like tubes might make a certain kind of sense, for me at least it immediately brings to mind some kind of silly Rube Goldberg contraption with emails being put into bank teller container things and shot off across the internet in a burst of air. Plus he didn't say the internet works LIKE a series a tubes, he said IT IS a series of tubes. And thats just.... funny.
I've run into similar requirements and ended up using ncurses and a couple higher level curses based libraries. not so bad really... and it does a very respectable job of working on various term types in case thats an issue for you.
What more were you hoping to find? maybe there is a library that provides it if you were more specific in what you need. windowing, scroll areas, color, etc are all provided in curses anyways iirc.
first off, when i said "these checks" i meant all of (and only) the RFC 2821 compliance checks which relate to using FQDNs. The RFC specifies several places where they are required. And while you may question whether they are effective at fighting spam, they are required by the SMTP spec, simple as that. My 20% number refers to non FQDN used in the sender address and non FQDN used as the HELO hostname (technically there is another form allowed in the HELO phase but thats relatively rare).
I understand that it can be frustrating when you are forced to use a system that is outside of your control, but your complaint should be with your provider that is violating the RFC, not the people who deny your mail because of your provider's misconfiguration.
sqlgrey at least will consider attempts for the same user from addresses in the same/24 to be equivalent, which helps a lot with this. but yes, sometimes this can be a problem. sqlgrey also has a dynamically updated list of sending domains/servers to exclude from greylisting due to known incompatibility, so this avoids problems with many "popular" third party mailers. I had given up on greylisting, but actually i'm having great results now that i use sqlgrey.
Non FQDNs on the sender, recipient or hostname... Most spam does not fail FQDN checks.
uhh... what?? Tons of spammers fail these checks. Compromised Windows boxes acting as spam zombies almost always fail these checks, and as have increasingly becoming a major source of spam over the last couple years, these types of checks have become more and more effective. On the largest mail system I have access to stats on (about 200k messages per day) these checks blocked about 20% of all mail yesterday.
You could consider it "yet another check...", catching some but not all mail, making there be less to check, but it has false positive problems that cause problems in this regard. I am in fact staff on an IRC network while has been forced to require an email check for nickname registration, and we have problems with mail servers rejecting our mail in some cases because of FQDNs problems. Others, like Gmail, accept it and it arrives instantly.
It isn't my area of knowledge but I'm assured that getting a FQDN isn't possible with our shell hosting, and these unnecessary filters creates a LOT of pain for users and staff who then must personally email the person to verify the email.
Is this a good idea if it hits false positive problems, and misses quite a lot anyway? Other checks would catch most spammers failing FQDN, and the number of false positives to spammers blocked who otherwise wouldn't be seems quite high. Sounds like sour grapes to me. Anyone who is telling you it isnt possible to configure your mail server correctly probably just doesn't understand how to do it.
Is FQDN supposed to be required for email servers?
Yes. Check out RFC 2821, section 4. And maybe take note of how many other people posted replies to this story suggesting the exact same types of strict checking for compliance with the standards. If you don't fix your server, expect the rejections to increase as more and more servers start requiring that mail server admins get their acts together.
well we are way off topic here, but this can happen for several reasons. first off, anything in the headers can (and often is) completely fake. Second, there is a big difference between the "To:" field in a message's headers and the SMTP envelope RCPT TO: address. If you're geniunely interested, I'd suggest looking at RFC 2821 and 2822 which are free online, or maybe skimming a book on SMTP.
We block tons of spam simply by requiring the sending server to strictly follow RFC 2821. A HELO name that follows the rules seems particularly difficult for the spammers to configure. Non FQDNs on the sender, recipient or hostname... sending domains that don't even exist in DNS, servers using your domain name or your IP address and their HELO... a whole variety of strange things that only spammers (and once in a while really bad sysadmins) do. Then you can go a step further and require that someone's sending domain actually have dns properly setup for mail delivery (a "you can't mail me if I can't mail you" kind of thing).
Also, some grey listing systems are better than others. One that really works well for me is sqlgrey http://sqlgrey.sourceforge.net/ Sqlgrey comes with a fairly decent list of servers to exclude due to their inability to properly follow specs, so you don't lose mail from most of the broken but nonspammer servers. This list is also updated automagically and seems to work pretty well.. makes greylisting actually usable, for us at least.
P.S. Don't want to start any holy wars, but if you're trying to fight mail and want a system thats easy to config and just works, postfix is a really great mail server.
A NAT in front of your windows box does do a lot to prevent trouble while you're patching up a new install. As long as you immediately get up to date (before using the machine for anything else) then I'd think this is fine.
The problem is people who rely on a NAT device for some sort of security *in place of* security patching. Many exploits work just fine through NAT if you're actually using the machine to surf the web or read email, and way too many people seem to not understand this.
20-30 tabs at a time? at 1024x768? you paid for extra ram, but are using a monitor from 1994? this is a resource allocation error but it is not the fault of Mozilla.
hehe fault get it?
So they fine MS... assuming MS actually pays (seems kind of unlikely), what are they going to do with the cash? I RTFA and it didn't mention it. I'd love to see it go to aiding the folks that MS's anticompetitive tactics have hampered, but how would that work? Or would they give it to charity, use it to lower taxes a tiny bit, something positive for people?
Finally someone is thinking about a solution to perhaps the biggest problem with all of these telephones we have floating around these days. Frankly I don't see how we've managed for so long. What we need is some kind of numbering system, where somehow each phone in the world can be uniquely identified by a sequence of digits, and then some way to map a person or business's name to those numbers. Maybe then some userspace tools to "assist" people who want to query this "directory". If someone could find a way to provide access to this "directory assistance" from the phone device itself, well I think you'd really have something.
Obviously it will take time to implement any comprehensive scheme that could achieve the critical mass and universal acceptance that any such system would need to actually be useful, but perhaps in time and with a new TLD or two, we can make it happen.
Their "Port 25" website is in fact not accessable via port 25 at all. On a hunch I tried port 80 and some kind of web site about port 25 came up. This is apparently another embrace and extend type of thing, where port 25 is now accessable only via port 80 and god knows where they've extended port 80 to or what's actually running on port 25.
Thanks for your support. Perhaps more importantly (and please foreward this everyone you know, we're trying to earn our very own snopes entry):
ok so I've seen about 55 thousand social spams reminding me about the unique sequence of numbers that will line up in the time and date early this morning. I'm sure you have too. But then I saw this post and it totally changed things for me:
People! Time is of the essence! There is something much more important about to happen, and it's up to YOU to help create vital awareness!!
Ever since man invented the methods used to keep track of time, some of them have secretly known that certain combinations of numbers were inevitable. It was literally just a matter of time. And now, in just a short while, the worst combination of times and dates ever known to a God fearing man will attack us... with unknown consequences!
At 6 minutes and 6 seconds past 6AM on June 6th, 2006 we will hit the dreaded "demon happy hour" that so many historians have been warning us about for centuries or even decades. 6:6:6 6/6/6 could be the end of everything that we hold dear. The release of eternal damnation and the beginning of THE END (it's for real!).
Only a massive shared consciousness of aware but unthinking masses can spread the grace and love required to stave off this certain affliction. Do your part to spread the word!
If you forward this message to 10 friends within 6 hours and 66 minutes time, you can help to prevent the end of the world. Do your part today to help stamp out Satan's minions. Do it for the children, or just do it for God's sake.
PS if you forward this message to 20 friends in 20 minutes, you will meet the person of your dreams within 20 days
PPS I did this it works!!! -Steve
PPPS I am Steven's bitch and he is totally hawt - Megan
ok, so gee I now might actually have a reason to upgrade all those NT4 and 2000 server licenses I have.. still a score for MS. And enterprise/datacenter edition are not exactly cheap. People using older server software or the much more common standard editions of MS's server OS are still now in a situation to pay more for licenses if they want to make use of this "free" VM technology. You may have found an exception, but I think my point is still valid for many if not most scenarios. After all, why would *any* company give something away if not to in the long run sell more product? it wouldn't be responsible to their shareholders and it certainly wouldn't be characteristic for a company like MS.
Seems like a no brainer to me... anyone silly enough to be running MS VM is probably going to be running more silly MS operating systems with it, which means now MS can sell multiple (expensive) server licenses per box. Oh yeah, the VM is free. But you still have to buy Windows, in this case several times perhaps. If I was running that place I'd have been giving away the ability to purchase multiple OS per box all along.
I have read 5 articles on this whole thing now. I still am not sure exactly what it is that Eolas has patented... the ability to run activeX without clicking an extra button? or something about havign external applications of any kind able to process content inside the browser window? Can anyone explain?
Also, I found this quote from Eolas:
"We released our browser back in 1995 to the world free for non-commercial use, so that should be an indicator to people that the open-source community shouldn't have anything to fear from us. "
Does Firefox/mozilla use any of the disputed technology? I would guess not if it's only ActiveX we're dealing with, but I'm not sure.. quicktime and realplayer were mentioned in one article. Any then I wonder, if Eolas really won't go after open source projects that use their tech, then could Firefox be outfitted to do exactly what IE will no longer be able too, and so then save people the trouble of redesigning all these sites?
"In the real world, when you are in a bad neighborhood it is very clear," said Mustaque Ahamad, director of Georgia Tech's Information Security Center. "But online, you have no idea whether you or your computer system is in any kind of danger."
That's BS
Here's how to determine if you're in a bad "cyberhood" in 3 easy steps with great accuracy and very reasonable false positive rate:
1. Are you illegally downloading content (music/movies/software/etc)? If yes, you are in a bad neighborhood.
2. Are you being offered something for nothing? If yes, you are in a bad neighborhood.
3. Pr0n? If yes, you are in a bad neighbothood.
Come on people, its not rocket science. Where my 50k?
Interesting.. AKAIK the Linksys WRT54G was first sold in the US in early 2003. Even if you purchased one of the first batch, and it burned out in 2 years, and then you bought another, and it did the same, this puts you somewhere in early 2007. Care to share the contents of a recent newspaper?
Really, I don't disbelieve that you had a bad experience. But one of your devices had to be a 1st gen practically prototype version. The second was still probably older than my first. Sometimes it takes a few tries to get something right, and sometimes the right software makes bitter hardware better. What firmware were you running on these failed devices?
I used to have a house full of PCs doing various things that really didn't need to be done. It's a hobby, its fun. A few years ago I decided to take a different path. Instead of spending time finding out how many things I could get connected to my network, I tried to get rid of as much as possible without losing any functionality. The results have pleased the gf as well as reducing my power bill by $50+/month.
Start with the firewall.. I had a Dell server running linux and iptables, freeswan, traffic shaping etc. It rarely even broke a sweat as a firewall, although I really liked having a linux shell on my edge router for testing purposes.. nothing beats tcpdump for figuring out whats going on, and you can't get that type of functionality from even a fancy hardware firewall.
Or can you? Enter the linksys WRT54G. It's a tiny little box with no moving parts. It essentially has 5 nics which can be grouped into switches. It has a 802.11g interface and allows easy connection of big antennas. But most importantly, it runs linux. It runs linux, iptables, tc etc very well, and all the diagnostic tools I wanted to have are still available. This thing has easily paid for itself in power saved.
Next stop, the file server. We all need a box that runs 24/7 and stores massive amounts of files (read pr0n). Once again, I was able to replace a full server with a tiny box. This one is called the linksys NSLU2... a tiny box with two usb ports and a nic. It runs linux, actually it runs Debian which is incredible and kind of blows my mind. But anyways, now all my files are served up by this little thing. It also runs postfix and does some network monitoring for me. Another great feature is that since the drives are all USB, I can turn off the ones that have things I don't need all the time on them. When I need something off them, just turn the drive on and a few seconds later its available.
Third and final optimization was my combination of both a linux and a windows desktop. Todays PCs are really fast, kind of ridiculously fast if you arent playing the latest shoot em up. VMware is free now, and I have found that as long as you have plenty of ram, running linux on win or win on linux are both very usable. So two desktop machines have become one with an extra GB ram. Even better, I can fire up an extra windows box if I want to test something that I don't trust on my real machine (experimenting with WMF's and such) or an extra linux box to try out a new distro etc...
So I've gone from 4 PCs that ran 24/7 to one (and of course a laptop, and a hx4700 ppc, etc etc The small toys don't count;). I originally thought that these little devices would be unreliable, after all they are pretty cheap. But, both currently have uptimes over 100 days. I even kept the firewall/wireless ap running during a hurricane here last year, they run forever on a ups that wouldn't keep a PC running 15 minutes. It's suprising how quiet the office has become. Over time you don't notice the noise that several PCs can make, but it's significant. I can watch TV in there and hear it without disturbing anyone late at night. The room used to be significantly hotter than all the other rooms in my house, now it's not noticable. I've reclaimed a huge amount of space in my office. Sure, visitors might not immediately realize that I am a total geek, but sometimes that's ok.
PS I don't mean to be advertising Linksys stuff.. you can get similar devices that run the same firmwares and linux distros from other vendors. Check out http://www.openwrt.org/ and http://www.nslu2-linux.org/ for more info.
Slashdot Mirror
No, no, no. First of all, in a real enterprise type solution (something this author seems unfamiliar with) the entire environment is redundant. "the" server? You don't run anything on "the" server, you run it on a server and you just move the virtual machine(s) to another server as needed when there is a problem or maintenance is needed. It is actually very easy to deal with hardware failures.. you don't ever have to schedule downtime, you just move the VMs, fix the broken node, and move on. For software maintenance you just snapshot the image, do your updates, and if they don't work out, you're back online in no time.
In a physical server environment, each application runs on a separate box with a dedicated network interface card (NIC), Mann explains. But in a virtual environment, multiple workloads share a single NIC, and possibly one router or switch as well.
Uh... well maybe you would just install more nics? It seems the "expert" quoted in this article has played around with some workstation level product and has no idea how enterprise level solutions actually work.
The only valid point I find in this whole article is the mention of additional training and support costs. These can be significant, but the flexibility and reliability of the virtualized environment is very often well worth the cost.
You apparently know nothing, and I mean nothing about how software works in the Windows world. Software companies constantly have to "fix" their software because of bugs or changes in the underlying Windows systems they rely upon. This is simply the way things are done in the Windows world.
While on one level an analogy like tubes might make a certain kind of sense, for me at least it immediately brings to mind some kind of silly Rube Goldberg contraption with emails being put into bank teller container things and shot off across the internet in a burst of air. Plus he didn't say the internet works LIKE a series a tubes, he said IT IS a series of tubes. And thats just.... funny.
the author was obviously being sarcastic. take your finger off the trigger and put the gun down.
I've run into similar requirements and ended up using ncurses and a couple higher level curses based libraries. not so bad really... and it does a very respectable job of working on various term types in case thats an issue for you. What more were you hoping to find? maybe there is a library that provides it if you were more specific in what you need. windowing, scroll areas, color, etc are all provided in curses anyways iirc.
I understand that it can be frustrating when you are forced to use a system that is outside of your control, but your complaint should be with your provider that is violating the RFC, not the people who deny your mail because of your provider's misconfiguration.
sqlgrey at least will consider attempts for the same user from addresses in the same /24 to be equivalent, which helps a lot with this. but yes, sometimes this can be a problem. sqlgrey also has a dynamically updated list of sending domains/servers to exclude from greylisting due to known incompatibility, so this avoids problems with many "popular" third party mailers. I had given up on greylisting, but actually i'm having great results now that i use sqlgrey.
uhh... what?? Tons of spammers fail these checks. Compromised Windows boxes acting as spam zombies almost always fail these checks, and as have increasingly becoming a major source of spam over the last couple years, these types of checks have become more and more effective. On the largest mail system I have access to stats on (about 200k messages per day) these checks blocked about 20% of all mail yesterday.
You could consider it "yet another check...", catching some but not all mail, making there be less to check, but it has false positive problems that cause problems in this regard. I am in fact staff on an IRC network while has been forced to require an email check for nickname registration, and we have problems with mail servers rejecting our mail in some cases because of FQDNs problems. Others, like Gmail, accept it and it arrives instantly.It isn't my area of knowledge but I'm assured that getting a FQDN isn't possible with our shell hosting, and these unnecessary filters creates a LOT of pain for users and staff who then must personally email the person to verify the email.
Is this a good idea if it hits false positive problems, and misses quite a lot anyway? Other checks would catch most spammers failing FQDN, and the number of false positives to spammers blocked who otherwise wouldn't be seems quite high.
Sounds like sour grapes to me. Anyone who is telling you it isnt possible to configure your mail server correctly probably just doesn't understand how to do it.
Is FQDN supposed to be required for email servers?
Yes. Check out RFC 2821, section 4. And maybe take note of how many other people posted replies to this story suggesting the exact same types of strict checking for compliance with the standards. If you don't fix your server, expect the rejections to increase as more and more servers start requiring that mail server admins get their acts together.
HTH
Also, some grey listing systems are better than others. One that really works well for me is sqlgrey http://sqlgrey.sourceforge.net/ Sqlgrey comes with a fairly decent list of servers to exclude due to their inability to properly follow specs, so you don't lose mail from most of the broken but nonspammer servers. This list is also updated automagically and seems to work pretty well.. makes greylisting actually usable, for us at least.
P.S. Don't want to start any holy wars, but if you're trying to fight mail and want a system thats easy to config and just works, postfix is a really great mail server.
A NAT in front of your windows box does do a lot to prevent trouble while you're patching up a new install. As long as you immediately get up to date (before using the machine for anything else) then I'd think this is fine. The problem is people who rely on a NAT device for some sort of security *in place of* security patching. Many exploits work just fine through NAT if you're actually using the machine to surf the web or read email, and way too many people seem to not understand this.
you'll all burn, monkeys
20-30 tabs at a time? at 1024x768? you paid for extra ram, but are using a monitor from 1994? this is a resource allocation error but it is not the fault of Mozilla. hehe fault get it?
So they fine MS... assuming MS actually pays (seems kind of unlikely), what are they going to do with the cash? I RTFA and it didn't mention it. I'd love to see it go to aiding the folks that MS's anticompetitive tactics have hampered, but how would that work? Or would they give it to charity, use it to lower taxes a tiny bit, something positive for people?
Obviously it will take time to implement any comprehensive scheme that could achieve the critical mass and universal acceptance that any such system would need to actually be useful, but perhaps in time and with a new TLD or two, we can make it happen.
Their "Port 25" website is in fact not accessable via port 25 at all. On a hunch I tried port 80 and some kind of web site about port 25 came up. This is apparently another embrace and extend type of thing, where port 25 is now accessable only via port 80 and god knows where they've extended port 80 to or what's actually running on port 25.
Thanks for your support. Perhaps more importantly (and please foreward this everyone you know, we're trying to earn our very own snopes entry):
ok so I've seen about 55 thousand social spams reminding me about the
unique sequence of numbers that will line up in the time and date
early this morning. I'm sure you have too. But then I saw this post
and it totally changed things for me:
People! Time is of the essence! There is something much more important
about to happen, and it's up to YOU to help create vital awareness!!
Ever since man invented the methods used to keep track of time, some
of them have secretly known that certain combinations of numbers were
inevitable. It was literally just a matter of time. And now, in just a
short while, the worst combination of times and dates ever known to a
God fearing man will attack us... with unknown consequences!
At 6 minutes and 6 seconds past 6AM on June 6th, 2006 we will hit the
dreaded "demon happy hour" that so many historians have been warning
us about for centuries or even decades. 6:6:6 6/6/6 could be the end
of everything that we hold dear. The release of eternal damnation and
the beginning of THE END (it's for real!).
Only a massive shared consciousness of aware but unthinking masses can
spread the grace and love required to stave off this certain
affliction. Do your part to spread the word!
If you forward this message to 10 friends within 6 hours and 66
minutes time, you can help to prevent the end of the world. Do your
part today to help stamp out Satan's minions. Do it for the children,
or just do it for God's sake.
PS if you forward this message to 20 friends in 20 minutes, you will
meet the person of your dreams within 20 days
PPS I did this it works!!! -Steve
PPPS I am Steven's bitch and he is totally hawt - Megan
server fires cause slashdot stories sorry.. someone had to do it
ok, so gee I now might actually have a reason to upgrade all those NT4 and 2000 server licenses I have.. still a score for MS. And enterprise/datacenter edition are not exactly cheap. People using older server software or the much more common standard editions of MS's server OS are still now in a situation to pay more for licenses if they want to make use of this "free" VM technology. You may have found an exception, but I think my point is still valid for many if not most scenarios. After all, why would *any* company give something away if not to in the long run sell more product? it wouldn't be responsible to their shareholders and it certainly wouldn't be characteristic for a company like MS.
Seems like a no brainer to me... anyone silly enough to be running MS VM is probably going to be running more silly MS operating systems with it, which means now MS can sell multiple (expensive) server licenses per box. Oh yeah, the VM is free. But you still have to buy Windows, in this case several times perhaps. If I was running that place I'd have been giving away the ability to purchase multiple OS per box all along.
I have read 5 articles on this whole thing now. I still am not sure exactly what it is that Eolas has patented... the ability to run activeX without clicking an extra button? or something about havign external applications of any kind able to process content inside the browser window? Can anyone explain?
Also, I found this quote from Eolas:
"We released our browser back in 1995 to the world free for non-commercial use, so that should be an indicator to people that the open-source community shouldn't have anything to fear from us. "
Does Firefox/mozilla use any of the disputed technology? I would guess not if it's only ActiveX we're dealing with, but I'm not sure.. quicktime and realplayer were mentioned in one article. Any then I wonder, if Eolas really won't go after open source projects that use their tech, then could Firefox be outfitted to do exactly what IE will no longer be able too, and so then save people the trouble of redesigning all these sites?
"In the real world, when you are in a bad neighborhood it is very clear," said Mustaque Ahamad, director of Georgia Tech's Information Security Center. "But online, you have no idea whether you or your computer system is in any kind of danger."
That's BS
Here's how to determine if you're in a bad "cyberhood" in 3 easy steps with great accuracy and very reasonable false positive rate:
1. Are you illegally downloading content (music/movies/software/etc)? If yes, you are in a bad neighborhood.
2. Are you being offered something for nothing? If yes, you are in a bad neighborhood.
3. Pr0n? If yes, you are in a bad neighbothood.
Come on people, its not rocket science. Where my 50k?
Interesting.. AKAIK the Linksys WRT54G was first sold in the US in early 2003. Even if you purchased one of the first batch, and it burned out in 2 years, and then you bought another, and it did the same, this puts you somewhere in early 2007. Care to share the contents of a recent newspaper? Really, I don't disbelieve that you had a bad experience. But one of your devices had to be a 1st gen practically prototype version. The second was still probably older than my first. Sometimes it takes a few tries to get something right, and sometimes the right software makes bitter hardware better. What firmware were you running on these failed devices?
Start with the firewall.. I had a Dell server running linux and iptables, freeswan, traffic shaping etc. It rarely even broke a sweat as a firewall, although I really liked having a linux shell on my edge router for testing purposes.. nothing beats tcpdump for figuring out whats going on, and you can't get that type of functionality from even a fancy hardware firewall.
Or can you? Enter the linksys WRT54G. It's a tiny little box with no moving parts. It essentially has 5 nics which can be grouped into switches. It has a 802.11g interface and allows easy connection of big antennas. But most importantly, it runs linux. It runs linux, iptables, tc etc very well, and all the diagnostic tools I wanted to have are still available. This thing has easily paid for itself in power saved.
Next stop, the file server. We all need a box that runs 24/7 and stores massive amounts of files (read pr0n). Once again, I was able to replace a full server with a tiny box. This one is called the linksys NSLU2... a tiny box with two usb ports and a nic. It runs linux, actually it runs Debian which is incredible and kind of blows my mind. But anyways, now all my files are served up by this little thing. It also runs postfix and does some network monitoring for me. Another great feature is that since the drives are all USB, I can turn off the ones that have things I don't need all the time on them. When I need something off them, just turn the drive on and a few seconds later its available.
Third and final optimization was my combination of both a linux and a windows desktop. Todays PCs are really fast, kind of ridiculously fast if you arent playing the latest shoot em up. VMware is free now, and I have found that as long as you have plenty of ram, running linux on win or win on linux are both very usable. So two desktop machines have become one with an extra GB ram. Even better, I can fire up an extra windows box if I want to test something that I don't trust on my real machine (experimenting with WMF's and such) or an extra linux box to try out a new distro etc...
So I've gone from 4 PCs that ran 24/7 to one (and of course a laptop, and a hx4700 ppc, etc etc The small toys don't count ;). I originally thought that these little devices would be unreliable, after all they are pretty cheap. But, both currently have uptimes over 100 days. I even kept the firewall/wireless ap running during a hurricane here last year, they run forever on a ups that wouldn't keep a PC running 15 minutes. It's suprising how quiet the office has become. Over time you don't notice the noise that several PCs can make, but it's significant. I can watch TV in there and hear it without disturbing anyone late at night. The room used to be significantly hotter than all the other rooms in my house, now it's not noticable. I've reclaimed a huge amount of space in my office. Sure, visitors might not immediately realize that I am a total geek, but sometimes that's ok.
PS I don't mean to be advertising Linksys stuff.. you can get similar devices that run the same firmwares and linux distros from other vendors. Check out http://www.openwrt.org/ and http://www.nslu2-linux.org/ for more info.
that lab sounds freaking great. any pictures online? i would love to have a vax or two and a pdp 11 on hand.