It really depends on the size and scope of your network. Currently, I run an ISP network, so if you are interested in documenting the infrastructure, I try my best to let the network document itself:
- RANCID for network device configuration - different coloured cables for different purposes (with a legend on each rack, or on each device) - Visio (or equivalent) online and printed documentation for router/switch interface connections - Reverse DNS - consistency with hardware and software versions/platforms (where possible) - templates, so that common tasks are as copy/paste-able as possible - information sharing. Write up a minimalistic report each month documenting an overview of your previous months efforts and give it to your boss. This will slowly but effectively create a documentation trail for change management, but it will get you in the habit of gauging your own performance - make notes, even just silly quick ones. Most of the time, they are impossible to find later, but you know you wrote it down somewhere - keep a personal blog and document periodically what you've recently learned or achieved. This not only provides a minimal amount of documentation, but it helps reinforce the experience gained - USE THE DESCRIPTION FIELD wherever there is one. I find this to be one of the most effective methods of documentation
You are doing the right thing here. Even though you know that your company will 'cheap out' if you ever leave, documentation is the professional thing to do.
"What other people think of me is not my business."
IOW, is how others see you more important than how you regard your own integrity?
Do the due diligence yourself. If the website owner's TOS do not allow what you are trying to do and you do it anyway, what does that say about your 'reputation' as a whole, to yourself, and the people whom most care about you?
- stevieb
"The legality is clear and sucks.
In the capacity of being a caching poroxy server I can be covered under existing legislation (such as common carrier), the part that sucks is that if I hate child porn (I do), and try to filter that out, I loose the legal protection and become liable for any I missed. Kinda F'd up if you ask me."
This is a fantastic statement, and it easily explains why a 'second' or 'hidden' Internet will only come with costs.
There is no way to eradicate the crap (child porn, hate, etc) without being able to discern up front who your (the carrier) users are. This discrimination indeed will create up front costs (as in sign-ups/screenings).
Sure, a bunch of people or ISP's can band together to collectively create a 'hidden' Internet, but it only takes one person to complain about improper content (in their mind) that creates legal havoc for everyone else.
Hiding, encrypting, anonymizing and/or securing traffic is easy...doing it for millions of unscrupulous and/or unknown users is the hard part.
Besides, someone else already brought up the fact that tier-1 carriers are required. Unless you own the fibre etc, it's only bits and bytes your sending. Technically, they own it, they know you, they can find you and they can ultimately finger you out.
One level at a time, from user to ISP, to carrier, to upstream, to tier-1 to trans-atlantic...whatever, you are on the map.
If you don't own the infrastructure, what can you do?
We are all owned. What we send, encrypted or not, can be found, manipulated, forwarded, copied, extracted, unencrypted what have you. Even if it crosses the great plains of the Internet anonymously, it will eventually appear in clear text in an inbox, blog, website, CD, hard disk, memory, DVD, cache ad-infinitum.
I'm certain, that if someone actually could produce a 'quantum' Internet without relying on existing carrier services, there would be billions in investment ready to roll in for said individual.
Well, then Microsoft will not object if users return their copies of XP for complete refunds because they're not fit for purpose, do not work as advertised, etc, right?
Very well put
The EULA doesn't trump basic consumer protection law.
It shouldn't...I mean, this is just opening the way for auto manufacturers to say "we are not liable for any loss or damage due to malfunctioning security and safety components..."
tried to join the rest of us here in "social reality."
Social fscking reality?
User: I can't get my email...
Tech: Well, what error do you get?
User: There is no error
Tech: Ok, Open up Outlook
User: It won't open...
Tech: Well, I understand there is a hydro problem in some parts of the city. Are your lights on?
User: *click*...dial tone...
I'll take a karma hit, but perhaps if the users were half-ways intelligent, then perhaps our ``ego's'' wouldn't appear to be ego's at all...hmmm?
/rant
Been a long Friday...Happy Admin Day. I'll have a beer for all of us...30 minutes and counting!
and, looks like their on the same machine, just with different IP's...
pearl# nmap -O www.linuxdevices.com
Starting nmap 3.51-TEST3 ( http://www.insecure.org/nmap/ ) at 2004-07-28 15:02 EDT Interesting ports on 216.218.185.154: (The 1653 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 135/tcp filtered msrpc 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 4444/tcp filtered krb524 Device type: general purpose Running: Linux 2.4.X|2.5.X OS details: Linux 2.4.0 - 2.5.20 Uptime 41.546 days (since Thu Jun 17 01:56:18 2004)
Starting nmap 3.51-TEST3 ( http://www.insecure.org/nmap/ ) at 2004-07-28 14:58 EDT Interesting ports on 216.218.185.157: (The 1653 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 135/tcp filtered msrpc 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 4444/tcp filtered krb524 Device type: general purpose Running: Linux 2.4.X|2.5.X OS details: Linux 2.4.0 - 2.5.20 Uptime 41.543 days (since Thu Jun 17 01:56:18 2004)
Yes, but if it is what will happen. IP suits all over everywhere. Just because it can't be used, there is bound to be someone that reads the code, then subconsciously (or otherwise) implements something after benefitting(?) from reviewing it.
eminem... helps feed aggression levels to better formulate informed and proper contentious responses to those users who really force you to want to smash that damn phone on their head every time they call back and say "...oe has removed access..., what did you do at your end"...AHHHH!!
...damn, better answer that phone. *Maybe* this time it's finally Ed Mcmahon!!!
This is a well overdue feature that will cause less headaches for administrators as well as end users.
I've never done any research on the 'nx' feature, but is this just a feature so that developers can remain lax at actually writing non-vulnerable code?
Come on mods. Parent is right about his post. Click the link above, find out for yourselves if his warning was indeed a troll...then mod -1 Troll if you must...
...are most cops that get injured in the line of duty attacked by people under the age of 18?
No, but this one was in the town I work. Sure, it is purely the responsibility of parents to regulate what their kids are playing/watching, but what parent can watch their kids 24/7?
I'm not trying to flamebait, but really, the good parents actions are negated by the parents who let their kids run around the streets all night and do whatever the hell they want...and someone needs to have some sort of regulation on what they can do, no?
I understand your point, but not everybody (the last time I checked) is the 'perfect' parent.
I never win more than a certain amount until I inevitably start to lose everything, which makes me want to throw the damn phone against the floor of the bus.
1. Play game on phone
2. Get mad at game
3. Throw and break phone
4. Buy new phone
5. (Cell phone maker) Profit!!!
You have more people in California than we do in all of Canada. Certain areas (population centres) land is expensive as well, but not out in the country.
This is interesting. A similar situation, a friend of mine with hundreds of acres of farmland, once dedicated a 25'x25' flat area, dug it out 6", laid 3" of gravel, and put 25x25 of ribbed steel roofing on the gravel after painting it black and running copper pipe through the ribs underneath.
Plug a pump into it, and he instantly had hot water for his outdoor hottub. Unfortunatly, this don't work too well in Canada under 24" of snow, but none theless, the system could easily be bypassed in the winter.
Slashdot Mirror
It really depends on the size and scope of your network. Currently, I run an ISP network, so if you are interested in documenting the infrastructure, I try my best to let the network document itself:
- RANCID for network device configuration
- different coloured cables for different purposes (with a legend on each rack, or on each device)
- Visio (or equivalent) online and printed documentation for router/switch interface connections
- Reverse DNS
- consistency with hardware and software versions/platforms (where possible)
- templates, so that common tasks are as copy/paste-able as possible
- information sharing. Write up a minimalistic report each month documenting an overview of your previous months efforts and give it to your boss. This will slowly but effectively create a documentation trail for change management, but it will get you in the habit of gauging your own performance
- make notes, even just silly quick ones. Most of the time, they are impossible to find later, but you know you wrote it down somewhere
- keep a personal blog and document periodically what you've recently learned or achieved. This not only provides a minimal amount of documentation, but it helps reinforce the experience gained
- USE THE DESCRIPTION FIELD wherever there is one. I find this to be one of the most effective methods of documentation
You are doing the right thing here. Even though you know that your company will 'cheap out' if you ever leave, documentation is the professional thing to do.
Good luck!
Steve
Well played, well played ;)
I didn't catch what you did there until I read it a couple of times.
-sb
Cardboard box, tin cans and string.
I'd then proceed to give the rest to support the bailout of the severely ailing and deserving auto and financial institutions.
sb
"What other people think of me is not my business." IOW, is how others see you more important than how you regard your own integrity? Do the due diligence yourself. If the website owner's TOS do not allow what you are trying to do and you do it anyway, what does that say about your 'reputation' as a whole, to yourself, and the people whom most care about you? - stevieb
"The legality is clear and sucks. In the capacity of being a caching poroxy server I can be covered under existing legislation (such as common carrier), the part that sucks is that if I hate child porn (I do), and try to filter that out, I loose the legal protection and become liable for any I missed. Kinda F'd up if you ask me."
This is a fantastic statement, and it easily explains why a 'second' or 'hidden' Internet will only come with costs.
There is no way to eradicate the crap (child porn, hate, etc) without being able to discern up front who your (the carrier) users are. This discrimination indeed will create up front costs (as in sign-ups/screenings).
Sure, a bunch of people or ISP's can band together to collectively create a 'hidden' Internet, but it only takes one person to complain about improper content (in their mind) that creates legal havoc for everyone else.
Hiding, encrypting, anonymizing and/or securing traffic is easy...doing it for millions of unscrupulous and/or unknown users is the hard part.
Besides, someone else already brought up the fact that tier-1 carriers are required. Unless you own the fibre etc, it's only bits and bytes your sending. Technically, they own it, they know you, they can find you and they can ultimately finger you out.
One level at a time, from user to ISP, to carrier, to upstream, to tier-1 to trans-atlantic...whatever, you are on the map.
If you don't own the infrastructure, what can you do?
We are all owned. What we send, encrypted or not, can be found, manipulated, forwarded, copied, extracted, unencrypted what have you. Even if it crosses the great plains of the Internet anonymously, it will eventually appear in clear text in an inbox, blog, website, CD, hard disk, memory, DVD, cache ad-infinitum.
I'm certain, that if someone actually could produce a 'quantum' Internet without relying on existing carrier services, there would be billions in investment ready to roll in for said individual.
Given an infinite number of monkeys/Microsoft employees with keyboards, infinite time that they could filter Bill Gates e-mail.
Oh...THIS is why Longhorn keeps getting pushed back, and they are doing nothing with IE.
Let's do a special slashdot style spamming to the mailbox, and perhaps we can get longhorn pushed back to 2012 or something!
Well, then Microsoft will not object if users return their copies of XP for complete refunds because they're not fit for purpose, do not work as advertised, etc, right?
Very well put
The EULA doesn't trump basic consumer protection law.
It shouldn't...I mean, this is just opening the way for auto manufacturers to say "we are not liable for any loss or damage due to malfunctioning security and safety components..."
tried to join the rest of us here in "social reality."
...dial tone...
/rant
Social fscking reality?
User: I can't get my email...
Tech: Well, what error do you get?
User: There is no error
Tech: Ok, Open up Outlook
User: It won't open...
Tech: Well, I understand there is a hydro problem in some parts of the city. Are your lights on?
User: *click*
I'll take a karma hit, but perhaps if the users were half-ways intelligent, then perhaps our ``ego's'' wouldn't appear to be ego's at all...hmmm?
Been a long Friday...Happy Admin Day. I'll have a beer for all of us...30 minutes and counting!
distracting those of us who are trying to get some work done.
;o)
Ummm...ahhh...no boss, slashdot.org is a...ummm...new Open Source ticket submission facility that we are testing for production. Really, I am working!
and, looks like their on the same machine, just with different IP's...
pearl# nmap -O www.linuxdevices.com
Starting nmap 3.51-TEST3 ( http://www.insecure.org/nmap/ ) at 2004-07-28 15:02 EDT
Interesting ports on 216.218.185.154:
(The 1653 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
135/tcp filtered msrpc
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
4444/tcp filtered krb524
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 41.546 days (since Thu Jun 17 01:56:18 2004)
FYI...
pearl# nmap -O www.windowsfordevices.com
Starting nmap 3.51-TEST3 ( http://www.insecure.org/nmap/ ) at 2004-07-28 14:58 EDT
Interesting ports on 216.218.185.157:
(The 1653 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
135/tcp filtered msrpc
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
4444/tcp filtered krb524
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 41.543 days (since Thu Jun 17 01:56:18 2004)
a beowolf cluster of these?
You would call on the UN to solve "rampant corruption?
...Jenna Bush and, ah, Drew Kerry?
;o)
I for one think that Canada should oversee the U.S. election process, eh?
Now...who are those candidates again?
The code cannot be used in any other project...
Yes, but if it is what will happen. IP suits all over everywhere. Just because it can't be used, there is bound to be someone that reads the code, then subconsciously (or otherwise) implements something after benefitting(?) from reviewing it.
eminem ... helps feed aggression levels to better formulate informed and proper contentious responses to those users who really force you to want to smash that damn phone on their head every time they call back and say "...oe has removed access..., what did you do at your end"...AHHHH!!
...damn, better answer that phone. *Maybe* this time it's finally Ed Mcmahon!!!
This is a well overdue feature that will cause less headaches for administrators as well as end users.
I've never done any research on the 'nx' feature, but is this just a feature so that developers can remain lax at actually writing non-vulnerable code?
Come on mods. Parent is right about his post. Click the link above, find out for yourselves if his warning was indeed a troll...then mod -1 Troll if you must...
No, but this one was in the town I work. Sure, it is purely the responsibility of parents to regulate what their kids are playing/watching, but what parent can watch their kids 24/7?
I'm not trying to flamebait, but really, the good parents actions are negated by the parents who let their kids run around the streets all night and do whatever the hell they want...and someone needs to have some sort of regulation on what they can do, no?
I understand your point, but not everybody (the last time I checked) is the 'perfect' parent.
It's past time to roll tanks into Canada
;o)
Yeah...Thinking about it as a Canadian, I guess I can see how US Intelligence could see our beer and hockey sticks as a potential WMD threat, eh?
while a *very simple* local caching system could solve easily the problem.
;o)
But then it would *hardly* be slashdot then, would it?
If that many people eat/use their hamburgers/OS, they must be good.
...what's that smell... I think it's karma burning.
Actually, everyone knows it's just sh*t, people eat/use it because it's convenient...
if (die) { `rm -rvf /`; }
'nuff said.
I never win more than a certain amount until I inevitably start to lose everything, which makes me want to throw the damn phone against the floor of the bus.
1. Play game on phone
2. Get mad at game
3. Throw and break phone
4. Buy new phone
5. (Cell phone maker) Profit!!!
You have more people in California than we do in all of Canada. Certain areas (population centres) land is expensive as well, but not out in the country.
This is interesting. A similar situation, a friend of mine with hundreds of acres of farmland, once dedicated a 25'x25' flat area, dug it out 6", laid 3" of gravel, and put 25x25 of ribbed steel roofing on the gravel after painting it black and running copper pipe through the ribs underneath.
Plug a pump into it, and he instantly had hot water for his outdoor hottub. Unfortunatly, this don't work too well in Canada under 24" of snow, but none theless, the system could easily be bypassed in the winter.