From fluhmann at gmail.com Tue Feb 2 15:14:11 2010 From: fluhmann at gmail.com (Jeremy Fluhmann) Date: Tue Feb 2 15:14:13 2010 Subject: [SATLUG] Texas Linux Fest - Spread the word: registration now open! In-Reply-To: References: Message-ID: <7f7c2d5e1002021314k2ada026ak69cb583ce18310ae@mail.gmail.com> FYI ---------- Forwarded message ---------- Date: Tue, Feb 2, 2010 at 2:59 PM Subject: Spread the word: registration now open! To: texaslinuxfest@googlegroups.com Hi all, We're thrilled to announce that registration is now officially open! Just visit http://register.texaslinuxfest.org to get started. We have two ticket levels -- both include full access to the program, expo floor, and evening events. The supporter ticket is for those who can afford it, and helps underwrite the cost of putting on the event; that's $40 and in addition to the all-access pass you get the official Texas Linux Fest t-shirt and the conference bag. The enthusiast level ticket is for people who just can't swing full price, it's $15, and doesn't include either item. But, as mentioned, you still get to attend the talks and the booths. If you've been waiting, browse right over and dust off your keyboard, because this is your chance. Thanks to the hard work of our friends at SCALE and the always-helpful Paypal, we're using Paypal's Payflow process to handle payments, so we can accept VISA, Mastercard, American Express, and Discover. You do not need a Paypal account! From bruce.dubbs at gmail.com Tue Feb 2 15:47:54 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Tue Feb 2 15:47:58 2010 Subject: [SATLUG] Texas Linux Fest - Spread the word: registration now open! In-Reply-To: <7f7c2d5e1002021314k2ada026ak69cb583ce18310ae@mail.gmail.com> References: <7f7c2d5e1002021314k2ada026ak69cb583ce18310ae@mail.gmail.com> Message-ID: <4B689D8A.8030904@gmail.com> > ---------- Forwarded message ---------- > Date: Tue, Feb 2, 2010 at 2:59 PM > Subject: Spread the word: registration now open! > To: texaslinuxfest@googlegroups.com > > > Hi all, > > We're thrilled to announce that registration is now officially open! Just > visit http://register.texaslinuxfest.org to get started. > > We have two ticket levels -- both include full access to the program, expo > floor, and evening events. The supporter ticket is for those who can afford > it, and helps underwrite the cost of putting on the event; that's $40 and in > addition to the all-access pass you get the official Texas Linux Fest > t-shirt and the conference bag. The enthusiast level ticket is for people > who just can't swing full price, it's $15, and doesn't include either item. > But, as mentioned, you still get to attend the talks and the booths. > > If you've been waiting, browse right over and dust off your keyboard, > because this is your chance. Thanks to the hard work of our friends at > SCALE and the always-helpful Paypal, we're using Paypal's Payflow process to > handle payments, so we can accept VISA, Mastercard, American Express, and > Discover. You do not need a Paypal account! Wow, this is weak. The page doesn't say when or where. A little quesing leads to: http://texaslinuxfest.org/ Austin -- April 10, 2010, Monarch Event Center. On I35 about 5 miles north of downtown. -- Bruce From kcoriginal at yahoo.com Tue Feb 2 16:35:34 2010 From: kcoriginal at yahoo.com (kcoriginal@yahoo.com) Date: Tue Feb 2 16:42:34 2010 Subject: [SATLUG] Texas Linux Fest - Spread the word: registration now open! In-Reply-To: <7f7c2d5e1002021314k2ada026ak69cb583ce18310ae@mail.gmail.com> References: <7f7c2d5e1002021314k2ada026ak69cb583ce18310ae@mail.gmail.com> Message-ID: <2204755-1265150157-cardhu_decombobulator_blackberry.rim.net-713392666-@bda203.bisx.prod.on.blackberry> HA HA HA Niiiiice...! Sent via BlackBerry by AT&T -----Original Message----- From: Jeremy Fluhmann Date: Tue, 2 Feb 2010 15:14:11 To: The San Antonio Linux User's Group Mailing List Subject: [SATLUG] Texas Linux Fest - Spread the word: registration now open! FYI ---------- Forwarded message ---------- Date: Tue, Feb 2, 2010 at 2:59 PM Subject: Spread the word: registration now open! To: texaslinuxfest@googlegroups.com Hi all, We're thrilled to announce that registration is now officially open! Just visit http://register.texaslinuxfest.org to get started. We have two ticket levels -- both include full access to the program, expo floor, and evening events. The supporter ticket is for those who can afford it, and helps underwrite the cost of putting on the event; that's $40 and in addition to the all-access pass you get the official Texas Linux Fest t-shirt and the conference bag. The enthusiast level ticket is for people who just can't swing full price, it's $15, and doesn't include either item. But, as mentioned, you still get to attend the talks and the booths. If you've been waiting, browse right over and dust off your keyboard, because this is your chance. Thanks to the hard work of our friends at SCALE and the always-helpful Paypal, we're using Paypal's Payflow process to handle payments, so we can accept VISA, Mastercard, American Express, and Discover. You do not need a Paypal account! -- _______________________________________________ SATLUG mailing list SATLUG@satlug.org http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe Powered by Rackspace (www.rackspace.com) From satlug at sbcglobal.net Wed Feb 3 13:49:57 2010 From: satlug at sbcglobal.net (Don Wright) Date: Wed Feb 3 13:50:01 2010 Subject: [SATLUG] Follow up to Nate's IPv6 Presentation at ther OS Fest Message-ID: <6lkjm5l4pmbpgbd69atgb6km596ta8d5ee@4ax.com> For anyone wanting further materials on using IPv6, here's a note from the Debian Administration (Tips and Resources) site. --DonW http://www.debian-administration.org/article/Running_IPv6_in_practice -- Migraine: All the fun of a hangover without the bother of getting drunk. From dkowis at shlrm.org Wed Feb 3 17:42:29 2010 From: dkowis at shlrm.org (David Kowis) Date: Wed Feb 3 17:42:51 2010 Subject: [SATLUG] Follow up to Nate's IPv6 Presentation at ther OS Fest In-Reply-To: <6lkjm5l4pmbpgbd69atgb6km596ta8d5ee@4ax.com> References: <6lkjm5l4pmbpgbd69atgb6km596ta8d5ee@4ax.com> Message-ID: <4B6A09E5.7030501@shlrm.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/3/2010 1:49 PM, Don Wright wrote: > For anyone wanting further materials on using IPv6, here's a note from > the Debian Administration (Tips and Resources) site. --DonW > > http://www.debian-administration.org/article/Running_IPv6_in_practice > Don't use Hurricane Electric. They have blocked IRC over ipv6 in the past and I've had troubles with the tunnel working and staying up. 10 Steps to IPv6 http://www.sixxs.net/faq/account/?faq=10steps sixxs.net is quite good, and they have a PoP(Point of Presence) in Dallas. They use a piece of software called aiccu, and it does an excellent job keeping the tunnel up. I have had a tunnel, and subnet, with them for a long time now, and am consistently satisfied. The rest of the guide should apply just fine using sixxs.net's tunnel once you get the tunnel up. David -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iQGcBAEBAgAGBQJLagnlAAoJEMnf+vRw63ObVSQMAK5zroluY28XlSeYKm0N4qBI 2QifCj4635VztX/EeUZoUNe/jVHtwds1i4g17MwkFK58h+M1tkhmTSEFFLQWMc2E OGF8rNNNfdCUr40r0OCF24SpM5e/EQpZv1qRGjc2x3pqOkl5RX3hCqKTzPfjZ/Zu w6xl5W6LbkkBce2xfEmmGFyEczEi2RtQWgVCmP9Joz3I8gSw2pEGa2P2k27CvM3i GI7+iWcwaOa5CvSvNK5r/33ksGh1KL/x70XrMJzmQvHB4jSjyOYcUASkTUWJpXZ4 6Iu2N7yN/AmWB9hZkybgvJHrGGpdj34LTeEV4d8isrJXG7YsvUFA244tq8/h0Nce MKo6pr/R3C3JP7hSumSI3eLwPvcfZsQzJc1nokfPyyGTMyLVnPkgMpqFJHDPTp0A 7REVi5mjHatB3kSG1KAbx3lwG5vseo/c3qfnmrUyuJo3sGrj+0Rb5DLe9IM2suVV 9cO/mZwWFdgijkfcE5W4FXEpQ0bxsB6nbNYwl0SC8Q== =519L -----END PGP SIGNATURE----- From dondavis at reglue.org Wed Feb 3 18:04:03 2010 From: dondavis at reglue.org (Don Davis) Date: Wed Feb 3 18:04:05 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? Message-ID: <4B6A0EF3.3080609@reglue.org> Trying to put together a list of Texas educators that use Gnu/Linux. If you are a Texas educator (or in a Texas school) using Gnu/Linux, please fill out the survey. If not, please pass it on to someone who is or who may know an educator. There's a survey on this page to gather the http://www.mguhlin.org/2010/02/think-different-in-schools-neisd.html This direct link to the survey may or may not work: http://spreadsheets.google.com/viewform?formkey=dG5pUGhleDcyOEJNR2pESVM4U3had3c6MA From swayneswayne at gmail.com Wed Feb 3 20:29:23 2010 From: swayneswayne at gmail.com (swayne swayne) Date: Wed Feb 3 20:29:45 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: <4B6A0EF3.3080609@reglue.org> References: <4B6A0EF3.3080609@reglue.org> Message-ID: do you mean in there home or at work because i have got my mom using it at home and i am a future educator and i use it as well On Wed, Feb 3, 2010 at 6:04 PM, Don Davis wrote: > Trying to put together a list of Texas educators that use Gnu/Linux. > If you are a Texas educator (or in a Texas school) using Gnu/Linux, please > fill out the survey. If not, please pass it on to someone who is or who may > know an educator. > > > There's a survey on this page to gather the > http://www.mguhlin.org/2010/02/think-different-in-schools-neisd.html > This direct link to the survey may or may not work: > > http://spreadsheets.google.com/viewform?formkey=dG5pUGhleDcyOEJNR2pESVM4U3had3c6MA > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From dondavis at reglue.org Wed Feb 3 20:33:39 2010 From: dondavis at reglue.org (Don Davis) Date: Wed Feb 3 20:33:41 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: References: <4B6A0EF3.3080609@reglue.org> Message-ID: <4B6A3203.2040502@reglue.org> At school. What are you going to teach? swayne swayne wrote: > do you mean in there home or at work because i have got my mom using it at > home and i am a future educator and i use it as well > > On Wed, Feb 3, 2010 at 6:04 PM, Don Davis wrote: > >> Trying to put together a list of Texas educators that use Gnu/Linux. >> If you are a Texas educator (or in a Texas school) using Gnu/Linux, please >> fill out the survey. If not, please pass it on to someone who is or who may >> know an educator. >> >> >> There's a survey on this page to gather the >> http://www.mguhlin.org/2010/02/think-different-in-schools-neisd.html >> This direct link to the survey may or may not work: >> >> http://spreadsheets.google.com/viewform?formkey=dG5pUGhleDcyOEJNR2pESVM4U3had3c6MA >> -- >> _______________________________________________ >> SATLUG mailing list >> SATLUG@satlug.org >> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe >> Powered by Rackspace (www.rackspace.com) >> From swayneswayne at gmail.com Wed Feb 3 21:52:51 2010 From: swayneswayne at gmail.com (swayne swayne) Date: Wed Feb 3 21:53:12 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: <4B6A3203.2040502@reglue.org> References: <4B6A0EF3.3080609@reglue.org> <4B6A3203.2040502@reglue.org> Message-ID: i dont know anyone who uses at school most of the districts here are in whit dell and i dont know were i am going to teach i am still in collage On Wed, Feb 3, 2010 at 8:33 PM, Don Davis wrote: > At school. > > What are you going to teach? > > > > swayne swayne wrote: > >> do you mean in there home or at work because i have got my mom using it at >> home and i am a future educator and i use it as well >> >> On Wed, Feb 3, 2010 at 6:04 PM, Don Davis wrote: >> >> Trying to put together a list of Texas educators that use Gnu/Linux. >>> If you are a Texas educator (or in a Texas school) using Gnu/Linux, >>> please >>> fill out the survey. If not, please pass it on to someone who is or who >>> may >>> know an educator. >>> >>> >>> There's a survey on this page to gather the >>> http://www.mguhlin.org/2010/02/think-different-in-schools-neisd.html >>> This direct link to the survey may or may not work: >>> >>> >>> http://spreadsheets.google.com/viewform?formkey=dG5pUGhleDcyOEJNR2pESVM4U3had3c6MA >>> -- >>> _______________________________________________ >>> SATLUG mailing list >>> SATLUG@satlug.org >>> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe >>> Powered by Rackspace (www.rackspace.com) >>> >>> > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From bkfuth at gmail.com Wed Feb 3 22:12:08 2010 From: bkfuth at gmail.com (steve kolars) Date: Wed Feb 3 22:12:10 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: References: <4B6A0EF3.3080609@reglue.org> <4B6A3203.2040502@reglue.org> Message-ID: <9b6ae23d1002032012r7267066cr726b1b8fd5e609f6@mail.gmail.com> >> Trying to put together a list of Texas educators that use Gnu/Linux. > >>> If you are a Texas educator (or in a Texas school) using Gnu/Linux, > >>> please > >>> fill out the survey. If not, please pass it on to someone who is or who > >>> may > >>> know an educator. > >>> > >>> > >>> There's a survey on this page to gather the > >>> http://www.mguhlin.org/2010/02/think-different-in-schools-neisd.html > >>> This direct link to the survey may or may not work: > >>> > >>> > >>> > http://spreadsheets.google.com/viewform?formkey=dG5pUGhleDcyOEJNR2pESVM4U3had3c6MA > >>> -- > What is this for? Steve From dondavis at reglue.org Thu Feb 4 06:58:39 2010 From: dondavis at reglue.org (Don Davis) Date: Thu Feb 4 06:58:42 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: <9b6ae23d1002032012r7267066cr726b1b8fd5e609f6@mail.gmail.com> References: <4B6A0EF3.3080609@reglue.org> <4B6A3203.2040502@reglue.org> <9b6ae23d1002032012r7267066cr726b1b8fd5e609f6@mail.gmail.com> Message-ID: <4B6AC47F.5070703@reglue.org> > > What is this for? > That's a good question. As an educator, I'd like to be able to network with other educators and schools that use Gnu/Linux. It would also help to build up a support system. (I understand that Gnu/Linux has a great community support structure, but many conversations in regards to education can best take place (or are more meaningful) within a context of educators.) One example: Bob is a tech coordinator. He wants to know if a Gnu/Linux system is right for him and his school. He gets on his local LUG list and talks to a lot of great people but at the end of the day they won't have had experience with the programs and configurations he's interested in e.g.: Which textbooks do you use with that? What about the credit recovery programs? How does Study Island, Grade Speed, A+, D2SC, ... work with that? I'm also sharing a talk with educators and thought it would be helpful to have a map of schools using Gnu/Linux (Debian edu does something similar.) My preliminary presentation layouts are here: http://linuxltsptcea2010.pbworks.com/ http://linuxltsptcea2010.pbworks.com/FAQs Thank you. From satlugacct at jchampion.com Fri Feb 5 21:51:46 2010 From: satlugacct at jchampion.com (John Champion) Date: Fri Feb 5 21:51:53 2010 Subject: [SATLUG] Do you know any Texas schools or educators that use Gnu/Linux? In-Reply-To: <4B6AC47F.5070703@reglue.org> References: <4B6A0EF3.3080609@reglue.org> <4B6A3203.2040502@reglue.org> <9b6ae23d1002032012r7267066cr726b1b8fd5e609f6@mail.gmail.com> <4B6AC47F.5070703@reglue.org> Message-ID: <1cb556d11002051951l3323ac1bpaee391511fc34d6c@mail.gmail.com> I teach a Linux/Unix class at UIW and we definitely use Linux/Unix in that class but I must confess..the classroom lab PCs are running Sun VirtualBox/Ubuntu but I have more than half of the class that have Linux as a dual-boot option on their laptops. Does that count? john On Thu, Feb 4, 2010 at 6:58 AM, Don Davis wrote: > > >> What is this for? >> >> > That's a good question. As an educator, I'd like to be able to network with > other educators and schools that use Gnu/Linux. It would also help to build > up a support system. (I understand that Gnu/Linux has a great community > support structure, but many conversations in regards to education can best > take place (or are more meaningful) within a context of educators.) > One example: > Bob is a tech coordinator. He wants to know if a Gnu/Linux system is right > for him and his school. He gets on his local LUG list and talks to a lot of > great people but at the end of the day they won't have had experience with > the programs and configurations he's interested in e.g.: > Which textbooks do you use with that? > What about the credit recovery programs? > How does Study Island, Grade Speed, A+, D2SC, ... work with that? > > I'm also sharing a talk with educators and thought it would be helpful to > have a map of schools using Gnu/Linux (Debian edu does something similar.) > > My preliminary presentation layouts are here: > http://linuxltsptcea2010.pbworks.com/ > http://linuxltsptcea2010.pbworks.com/FAQs > > Thank you. > > > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From geofff at w5omr.shacknet.nu Fri Feb 5 22:04:40 2010 From: geofff at w5omr.shacknet.nu (Geoff) Date: Fri Feb 5 22:04:46 2010 Subject: [SATLUG] Palm Pre w/Linux Message-ID: <4B6CEA58.90805@w5omr.shacknet.nu> So... that'll be the next phone i'm getting, because it -has- linux as the OS, because it can be made into a wifi router, and you -can- tether it to a wifi device. My question is, are there any other phones (droid) out there that can do the same? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From pixelnate at gmail.com Fri Feb 5 22:20:01 2010 From: pixelnate at gmail.com (Nate) Date: Fri Feb 5 22:20:04 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6CEA58.90805@w5omr.shacknet.nu> References: <4B6CEA58.90805@w5omr.shacknet.nu> Message-ID: <4B6CEDF1.90008@gmail.com> On 2/5/10 10:04 PM, Geoff wrote: > So... that'll be the next phone i'm getting, because it -has- linux as > the OS, because it can be made into a wifi router, and you -can- tether > it to a wifi device. > > Bravo. So you are going with Verizon, then? I am holding out for the Pre on AT&T. The wife really wants an iPhone, so I have to wait for now. Just be aware that in the tests (admittedly non-scientific tests) the Pre's wifi sharing is about half the speed of Verizon's MiFi service. Just FYI. Any tethering is good tethering. Hear that Sprint? I don't know if their tethering is worth $40/mo, though. > My question is, are there any other phones (droid) out there that can do > the same? > I don't think so. Unless you jailbreak your phone. Now that I think about it, you could probably share the wifi connection from an N900 (and it runs linux). But you'd have to go with T-Maybe and pay full price for the phone. Maemo isn't the most user-friendly UI, but since you're using linux anyway, you are undoubtedly used to that. It does have the best mobile browser available, though. ~Nate From geofff at w5omr.shacknet.nu Sat Feb 6 04:03:27 2010 From: geofff at w5omr.shacknet.nu (Geoff) Date: Sat Feb 6 04:03:28 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6CEDF1.90008@gmail.com> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> Message-ID: <4B6D3E6F.4010909@w5omr.shacknet.nu> Nate wrote: > On 2/5/10 10:04 PM, Geoff wrote: >> So... that'll be the next phone i'm getting, because it -has- linux as >> the OS, because it can be made into a wifi router, and you -can- tether >> it to a wifi device. >> >> > Bravo. So you are going with Verizon, then? oh, HELL no! ;-) Sprint. Since i'm there now with my Crackberry Curve 8350i (with another nextel and a rumor on that account that are fixing to expire from contract) adding the Palm Pre is going to be simply 9.95/mo for an additional line, to be used on the Data share program. Beats the snot outta paying $60/mo for a flippin' air-card! > I am holding out for the Pre on AT&T. The wife really wants an iPhone, > so I have to wait for now. The bitter-half has the rumor and the other nextel. I just asked her if she -had- to have NexTel, since i'm the only one she talks to. So, I -think- I've got her talked into a Blackberry Curve, or a Droid. We saw one of those demonstrated last night by a friend. Sweet machine, for the "toy" aspect of it... but can it be tethered, and it, too, is on Sprint. I'm not sure of the OS, but I -know- that with the Pre, you can get to the command line and have root access of the phone. I likes dat! ;-) > > Just be aware that in the tests (admittedly non-scientific tests) the > Pre's wifi sharing is about half the speed of Verizon's MiFi service. It's more than what I have now. As long as it'll move data, I think I'll be ok, tethering it to my laptop for running down the road is the desire. I wonder if it'll be enough for low-quality VoIP? I drive hot-shot around the Houston area, now, mostly because 1) it pays the bills. Occasionally, I'll get out to some remote spot that the dispatchers have 1) given the wrong address, 2) given the wrong street name or 3) given the wrong company name. Sure, I get the page on the phone, and it's there in black and white, but that doesn't resolve the short-circuit between the keyboard and the operators chair. The Crackberry has come to my rescue now, multiple times and I've only had it Three weeks. But, because the 8350i is on the iDEN network, it does some funky schite, and is slower than a heard of snails, charging through a field of peanut-butter. If the war-department is gonna get a crackberry as well, she might as well get something that's gonna be at least less frustrating than -this- silly thing. That (the frustration) will go away for me with the Pre, using it as a wifi router, as then (when the silly iDEN phone is within wifi range) I'll be able to re-connect to Pandora (while on the road) and turn my crackberry back into my (as she calls it) my ipod! ;-) > Just FYI. Any tethering is good tethering. Hear that Sprint? I don't > know if their tethering is worth $40/mo, though. The neat thing about the Palm Pre, is that if it's on the shared data plan (simply everything), you never have to use minutes on it. Everything is data ;-) $9.95 is -much- easier to pay than $60/mo, or $40/mo for tethering. Just don't -tell- 'em, you want the Pre for Tethering! >> My question is, are there any other phones (droid) out there that can do >> the same? >> > I don't think so. Unless you jailbreak your phone. I wouldn't want to jailbreak the droid if I got it. I'd have to wait till the warranty ran out, first. Age does that to ya. the older you get, the more important insurance is. > > Now that I think about it, you could probably share the wifi > connection from an N900 (and it runs linux). But you'd have to go with > T-Maybe ya lost me there. T(nt)-Mobile doesn't do it for me. I never -have- been impressed with them, and still regard them somewhere between cricket and pocket. (can we agree that those are the bottom feeders of the cell phone industry?) -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From j at jvpappas.net Sat Feb 6 09:38:59 2010 From: j at jvpappas.net (John Pappas) Date: Sat Feb 6 09:39:01 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6CEDF1.90008@gmail.com> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> Message-ID: <4c0ec4451002060738v306d1036xf2510a879b2cf94@mail.gmail.com> On Fri, Feb 5, 2010 at 21:20, Nate wrote: > OnI don't think so. Unless you jailbreak your phone. > I have both a jailbroken and non-jailbroken iPhone tethering enabled (USB/BT. "WiFi Hotspot" requires either PDAnet or MyFi, thus Jailbreak required). (see http://www.mobilecrunch.com/2009/11/03/tutorial-how-to-tether-on-an-iphone-3g-or-3gs-running-os-3-1-2/ ) HTH, John From dkowis at shlrm.org Sat Feb 6 10:16:11 2010 From: dkowis at shlrm.org (David Kowis) Date: Sat Feb 6 10:16:35 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6CEA58.90805@w5omr.shacknet.nu> References: <4B6CEA58.90805@w5omr.shacknet.nu> Message-ID: <4B6D95CB.2050309@shlrm.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/5/2010 10:04 PM, Geoff wrote: > So... that'll be the next phone i'm getting, because it -has- linux as > the OS, because it can be made into a wifi router, and you -can- tether > it to a wifi device. > > My question is, are there any other phones (droid) out there that can do > the same? My android phone (G1) using the Cyanogen mod from http://www.cyanogenmod.com can tether via wifi, bluetooth, or usb. Linux is the OS, android is the user front-end to the stuff. Only google's apps are proprietary, and the only one that comes to mid right now is gmail. (I'm sure there are others.) I wish the G1 had more CPU power, probably would be solved by the Nexus One, which Cyanogenmod has an OS for that gives it all the good stuff I have now. David -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iQGcBAEBAgAGBQJLbZXLAAoJEMnf+vRw63Obd2QL/2+c4FQp8FaXVmdkYZ7hL4IJ DUurWMtnlRP5RbyTlrEjXg/BqeOLAsJiT+/JUoXBBwRFhKZLweS1zuPRksB99S/z IUdInL3uFyxgqYreMw+l1VlVpp/2p87Y7GqlCOJJfH5ZxXCxNXwZDeMuMU5T/whs RbpCS8a+hLlp9yGJ+U8RsHqzKkyw8jXkgA8OLdRYUmAH0j1DPVtiv1pf2HXXlu2U sq161Yhcdptffn979a+5Gq4hQrUMsqgtdyzFXepktkg7tefUQvg52G88kGHOZylh YJuIJsktIbkHHYn1O2l1bg+2ELkfeNaFMSEkv6UQGPED1fd0wLB1zm+sIOZlQ6qC DxjaqUqPnLNc3jLSTlX7zZFx+ddFNNQdHpXiG3oqGL5b55t3dHAEms/Rl9+KXar2 51DFRaaxqzxTCIAhhwNTqRYmCvWlh6eU6s7Bv5jE+Sm/W9EaYlcINp2QFCE4PXfn zBZC+8EZrm6UY9ho3Q55xYs3wRCeZ+QGK5tY1EXhZA== =XHbx -----END PGP SIGNATURE----- From pixelnate at gmail.com Sat Feb 6 11:49:10 2010 From: pixelnate at gmail.com (Nate) Date: Sat Feb 6 11:49:14 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6D3E6F.4010909@w5omr.shacknet.nu> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> <4B6D3E6F.4010909@w5omr.shacknet.nu> Message-ID: <4B6DAB96.8000706@gmail.com> On 2/6/10 4:03 AM, Geoff wrote: > Nate wrote: > >> On 2/5/10 10:04 PM, Geoff wrote: >> >>> So... that'll be the next phone i'm getting, because it -has- linux as >>> the OS, because it can be made into a wifi router, and you -can- tether >>> it to a wifi device. >>> >>> >>> >> Bravo. So you are going with Verizon, then? >> > oh, HELL no! ;-) Sprint. Since i'm there now with my Crackberry Curve > 8350i (with another nextel and a rumor on that account that are fixing > to expire from contract) adding the Palm Pre is going to be simply > 9.95/mo for an additional line, to be used on the Data share program. > > Beats the snot outta paying $60/mo for a flippin' air-card! > I don't think you can tether with a Sprint Pre. One of the features that separates the Pre from Pre Plus (Verizon) is that that the Plus has the tethering app. You might be able to tether with a homebrew app, but don't expect Sprint to be happy about it. ~Nate From dondavis at reglue.org Sat Feb 6 12:23:16 2010 From: dondavis at reglue.org (Don Davis) Date: Sat Feb 6 12:23:22 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions Message-ID: <4B6DB394.905@reglue.org> I'm running Debian Squeeze on a laptop. 1. At my university there are encrypted and unencrypted wireless connections. If I connect to the unencrypted I can get a dhcp lease. I can then ping the address that gave the connection (1.1.1.2) and ping the listed gateway (10.0.37.24). However I cannot ping google. The name never resolves. Additionally, if I try to ping DNS servers by address # 208.67.216.230, or the MIT, or google DNS server there is no connection available. I see that people around me are connecting with no problem. What could be going on? 2. The university also offers a wpa connection. I've been googling this and the finds and their usefulness are not always stellar, insightful, or current. I would like the shortest way to get wpa connectivity going. The packages wpagui and wpa_supplicant are installed. I have to start wpa_supplicant first. I have a basic wpa_supplicant.conf file, but I have no faith that it is correct. If I start wpa_supplicant and then scan with wpagui I can find the wpa networks but authentication doesn't work for various reasons. How do I know which encryption algorithm to select? what are safe defaults? Thank you for your time, D Davis From satlug at sbcglobal.net Sat Feb 6 14:37:21 2010 From: satlug at sbcglobal.net (Don Wright) Date: Sat Feb 6 14:37:22 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: <4B6DB394.905@reglue.org> References: <4B6DB394.905@reglue.org> Message-ID: <56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com> Don Davis wrote: > ... I would like the shortest way to get wpa connectivity going. >The packages wpagui and wpa_supplicant are installed. I have to start >wpa_supplicant first. I have a basic wpa_supplicant.conf file, but I >have no faith that it is correct. wpa_supplicant and friends: http://w1.fi/wpa_supplicant/ (that second char is a one, not an I, if you're typing) Here are the main items from the SATLUG demo server (Debian testing/unstable) with wireless. One key is automatically starting wpa_supplicant when connecting, using these lines in /etc/network/interfaces. (use the name of your interface if different) allow-hotplug wlan0 iface wlan0 inet dhcp wpa-conf /etc/wpa_supplicant.conf The relevant part of /etc/wpa_supplicant.conf is pretty easy, too. Replace the quoted text with the values for your situation. ### WPA-PSK secured AP (repeat for each SSID) network={ ssid="myssid" key_mgmt=WPA-PSK psk="secretpassphrase" } If this doesn't get you any closer, post the output of iwlist wlan0 scan and we might have some additional suggestions. -- There are two rules in this business: 1. Don't tell all you know. From dondavis at reglue.org Sat Feb 6 15:18:56 2010 From: dondavis at reglue.org (Don Davis) Date: Sat Feb 6 15:19:02 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: <56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com> References: <4B6DB394.905@reglue.org> <56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com> Message-ID: <4B6DDCC0.7010802@reglue.org> > > ### WPA-PSK secured AP (repeat for each SSID) > network={ > ssid="myssid" > key_mgmt=WPA-PSK > psk="secretpassphrase" > } > I'm not longer at the university, but I know that I needed to enter a username and password specific to that user name. I also know that it was some form of wpa2. If I use wpa_password to generate the password from the pass phrase, should I keep the psk="foo"? How do I know if I should use WPA-PSK or other options? Any experience with wpagui? From geofff at w5omr.shacknet.nu Sat Feb 6 20:02:45 2010 From: geofff at w5omr.shacknet.nu (Geoff) Date: Sat Feb 6 20:02:46 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6DAB96.8000706@gmail.com> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> <4B6D3E6F.4010909@w5omr.shacknet.nu> <4B6DAB96.8000706@gmail.com> Message-ID: <4B6E1F45.6010507@w5omr.shacknet.nu> Nate wrote: > > > I don't think you can tether with a Sprint Pre. Sure you can. i've seen it done ;-) > You might be able to tether with a homebrew app, but don't expect > Sprint to be happy about it. as I said, if I don't tell 'em... gotta love oss, though... -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From daniel at rugmonster.org Sat Feb 6 21:02:17 2010 From: daniel at rugmonster.org (Daniel J. Givens) Date: Sat Feb 6 21:02:24 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: <4B6DDCC0.7010802@reglue.org> References: <4B6DB394.905@reglue.org> <56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com> <4B6DDCC0.7010802@reglue.org> Message-ID: If it's asking for a u/n & p/w, it isn't wpa-psk (pre-shared key). It depends on what type of authentication they are doing, but PEAP is the most common, I believe. Any reason you aren't using Network Manager for this? You don't have to be running Gnome or KDE to use it and it more-or-less just works in most cases. -- Daniel J. Givens On Feb 6, 2010, at 3:18 PM, Don Davis wrote: > >> ### WPA-PSK secured AP (repeat for each SSID) >> network={ >> ssid="myssid" >> key_mgmt=WPA-PSK >> psk="secretpassphrase" >> } > > I'm not longer at the university, but I know that I needed to enter > a username and password specific to that user name. I also know that > it was some form of wpa2. > If I use wpa_password to generate the password from the pass phrase, > should I keep the psk="foo"? > How do I know if I should use WPA-PSK or other options? > Any experience with wpagui? > > > > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) From kcoriginal at yahoo.com Sun Feb 7 10:18:17 2010 From: kcoriginal at yahoo.com (kcoriginal@yahoo.com) Date: Sun Feb 7 10:18:46 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: References: <4B6DB394.905@reglue.org><56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com><4B6DDCC0.7010802@reglue.org> Message-ID: <244727143-1265559522-cardhu_decombobulator_blackberry.rim.net-864143071-@bda203.bisx.prod.on.blackberry> He could have been using wpa-psk and then being authenticated to a proxy to finish getting his packets authorized to be routed around wherever... That's the scenario I have at my employer presently when I Linux CLI with wireless. First I enter a psk, then I need a user/pass... Hth kc Sent via BlackBerry by AT&T -----Original Message----- From: "Daniel J. Givens" Date: Sat, 6 Feb 2010 21:02:17 To: The San Antonio Linux User's Group Mailing List Subject: Re: [SATLUG] wpa_supplicant and wireless/networking questions If it's asking for a u/n & p/w, it isn't wpa-psk (pre-shared key). It depends on what type of authentication they are doing, but PEAP is the most common, I believe. Any reason you aren't using Network Manager for this? You don't have to be running Gnome or KDE to use it and it more-or-less just works in most cases. -- Daniel J. Givens On Feb 6, 2010, at 3:18 PM, Don Davis wrote: > >> ### WPA-PSK secured AP (repeat for each SSID) >> network={ >> ssid="myssid" >> key_mgmt=WPA-PSK >> psk="secretpassphrase" >> } > > I'm not longer at the university, but I know that I needed to enter > a username and password specific to that user name. I also know that > it was some form of wpa2. > If I use wpa_password to generate the password from the pass phrase, > should I keep the psk="foo"? > How do I know if I should use WPA-PSK or other options? > Any experience with wpagui? > > > > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) -- _______________________________________________ SATLUG mailing list SATLUG@satlug.org http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe Powered by Rackspace (www.rackspace.com) From dondavis at reglue.org Sun Feb 7 10:29:34 2010 From: dondavis at reglue.org (Don Davis) Date: Sun Feb 7 10:29:35 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: <244727143-1265559522-cardhu_decombobulator_blackberry.rim.net-864143071-@bda203.bisx.prod.on.blackberry> References: <4B6DB394.905@reglue.org><56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com><4B6DDCC0.7010802@reglue.org> <244727143-1265559522-cardhu_decombobulator_blackberry.rim.net-864143071-@bda203.bisx.prod.on.blackberry> Message-ID: <4B6EEA6E.8040006@reglue.org> PEAP is most common. Good to know. > > Any reason you aren't using Network Manager for this? You don't have > to be running Gnome or KDE to use it and it more-or-less just works in > most cases. > I'm used using the cli for my wireless, but I haven't used WPA before. I'll add it. It works well with WPA? From firestorm.v1 at gmail.com Sun Feb 7 11:07:27 2010 From: firestorm.v1 at gmail.com (FIRESTORM_v1) Date: Sun Feb 7 11:07:32 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6E1F45.6010507@w5omr.shacknet.nu> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> <4B6D3E6F.4010909@w5omr.shacknet.nu> <4B6DAB96.8000706@gmail.com> <4B6E1F45.6010507@w5omr.shacknet.nu> Message-ID: <869de8471002070907g1dea5014s405e346190940fc3@mail.gmail.com> i'll toss in my .02c... Yes you can tether with the Pre, all you need to do is statically assign IPs and set up iptables to do nat. :P Downside is you can't launch it from the UI, you have to ssh in and reconfigure it manually (or via scripts). The downside is that you may/will kill the UI in the process and have to recover via a reboot. (If I'm wrong, let me know, I want to be able to pushbutton tether through wifi but the WebOS is weird about direct access). FIRESTORM_v1 On Sat, Feb 6, 2010 at 8:02 PM, Geoff wrote: > Nate wrote: >> >> >> I don't think you can tether with a Sprint Pre. > > Sure you can. ?i've seen it done ;-) > >> ?You might be able to tether with a homebrew app, but don't expect >> Sprint to be happy about it. > > as I said, if I don't tell 'em... > > > gotta love oss, though... > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From daniel at rugmonster.org Sun Feb 7 13:42:35 2010 From: daniel at rugmonster.org (Daniel J. Givens) Date: Sun Feb 7 13:42:39 2010 Subject: [SATLUG] wpa_supplicant and wireless/networking questions In-Reply-To: <4B6EEA6E.8040006@reglue.org> References: <4B6DB394.905@reglue.org><56frm559pr8721ko1tingmmu3ep9m7nj0j@4ax.com><4B6DDCC0.7010802@reglue.org> <244727143-1265559522-cardhu_decombobulator_blackberry.rim.net-864143071-@bda203.bisx.prod.on.blackberry> <4B6EEA6E.8040006@reglue.org> Message-ID: On Feb 7, 2010, at 10:29 AM, Don Davis wrote: > I'll add it. It works well with WPA? Yep. Only way I've ever done it. From geofff at w5omr.shacknet.nu Mon Feb 8 06:45:43 2010 From: geofff at w5omr.shacknet.nu (Geoff) Date: Mon Feb 8 06:45:46 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <869de8471002070907g1dea5014s405e346190940fc3@mail.gmail.com> References: <4B6CEA58.90805@w5omr.shacknet.nu> <4B6CEDF1.90008@gmail.com> <4B6D3E6F.4010909@w5omr.shacknet.nu> <4B6DAB96.8000706@gmail.com> <4B6E1F45.6010507@w5omr.shacknet.nu> <869de8471002070907g1dea5014s405e346190940fc3@mail.gmail.com> Message-ID: <4B700777.7080808@w5omr.shacknet.nu> FIRESTORM_v1 wrote: > i'll toss in my .02c... > Yes you can tether with the Pre, all you need to do is statically > assign IPs and set up iptables to do nat. :P > > Downside is you can't launch it from the UI, you have to ssh in and > reconfigure it manually (or via scripts). The downside is that you > may/will kill the UI in the process and have to recover via a reboot. > > (If I'm wrong, let me know, I want to be able to pushbutton tether > through wifi but the WebOS is weird about direct access). > > This is the message my buddy, Kirk (who is in the telecommunication business, setting up ip-phones for businesses, etc), sent me... > This message was typed on my laptop while sitting in (hi wife's) > hospital room. > The message is being sent from my office computer via a remote desktop > connection > The laptop is connected via wifi to my palm pre using the standard sprint > data package for the phone. > > That's right.....my palm pre is once again a WiFi router! Woohoo!!!!! It -was- a wifi router before an "upgrade" which stopped that. Reverting to a point prior to the upgrade would have "broken" some of the other features of the phone. I'll get him to send me the details on how it's done, and share with y'all. That I -know- it can be done, is the reason why I want a Palm Pre. (I forget your name/callsign - but, are you still in Houston?) -Geoff -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From morfic at gmail.com Mon Feb 8 11:41:05 2010 From: morfic at gmail.com (Daniel Goller) Date: Mon Feb 8 11:41:08 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <4B6CEA58.90805@w5omr.shacknet.nu> References: <4B6CEA58.90805@w5omr.shacknet.nu> Message-ID: <13bb8ce11002080941l5e137bc5k123ee98dbc27a386@mail.gmail.com> Most any Android based phone can be tethered once they are rooted. I have tethered my HTC Magic 32B ("myTouch") before, done it on the Acer Liquid, and have yet to try it on a new low cost device from Acer that actually has all the bits included. (I might have to tell them to include that on the Liquid) Problem is your selection of Android devices for sprint is probably limited. On Fri, Feb 5, 2010 at 10:04 PM, Geoff wrote: > So... that'll be the next phone i'm getting, because it -has- linux as > the OS, because it can be made into a wifi router, and you -can- tether > it to a wifi device. > > My question is, are there any other phones (droid) out there that can do > the same? > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From mguhlin at gmail.com Mon Feb 8 11:52:52 2010 From: mguhlin at gmail.com (Miguel Guhlin) Date: Mon Feb 8 11:53:17 2010 Subject: [SATLUG] Palm Pre w/Linux In-Reply-To: <13bb8ce11002080941l5e137bc5k123ee98dbc27a386@mail.gmail.com> References: <4B6CEA58.90805@w5omr.shacknet.nu> <13bb8ce11002080941l5e137bc5k123ee98dbc27a386@mail.gmail.com> Message-ID: <680452b51002080952s342ae8f9mc88ee4e2f00f5e8b@mail.gmail.com> Don't know if this is helpful as a reference point. Thanks to all of you for inspiring the post: http://www.mguhlin.org/2010/02/tethering-your-smartphone-whatever-that.html The post deals with Android as well as iPhones. Take care, Miguel Guhlin Phone: 210-617-3330 Email - mguhlin@gmail.com Blog: http://mguhlin.org Portfolio: http://mguhlin.net On Mon, Feb 8, 2010 at 11:41 AM, Daniel Goller wrote: > Most any Android based phone can be tethered once they are rooted. > I have tethered my HTC Magic 32B ("myTouch") before, done it on the > Acer Liquid, and have yet to try it on a new low cost device from Acer > that actually has all the bits included. (I might have to tell them to > include that on the Liquid) > > Problem is your selection of Android devices for sprint is probably > limited. > > On Fri, Feb 5, 2010 at 10:04 PM, Geoff wrote: > > So... that'll be the next phone i'm getting, because it -has- linux as > > the OS, because it can be made into a wifi router, and you -can- tether > > it to a wifi device. > > > > My question is, are there any other phones (droid) out there that can do > > the same? > > > > > > > > -- > > This message has been scanned for viruses and > > dangerous content by MailScanner, and is > > believed to be clean. > > > > -- > > _______________________________________________ > > SATLUG mailing list > > SATLUG@satlug.org > > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > > Powered by Rackspace (www.rackspace.com) > > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From edeleonjr at gmail.com Mon Feb 8 12:39:01 2010 From: edeleonjr at gmail.com (Ernest De Leon) Date: Mon Feb 8 12:39:23 2010 Subject: [SATLUG] OT: Looking for a Network Engineer/Admin Message-ID: I need a network Engineer/Admin for a minimum 1 year contract with a DoD client. Clearance is preferred but can be taken care of so long as you have a clean background. Please contact me off list for more info. This is a Cisco gig, and you should be able to architect and implement a solution from scratch. Ernest From swayneswayne at gmail.com Mon Feb 8 17:29:06 2010 From: swayneswayne at gmail.com (swayne swayne) Date: Mon Feb 8 17:29:31 2010 Subject: [SATLUG] Wiki Message-ID: how can i create and account to edit the wiki i click on create account and nothing happens From nate.durr at gmail.com Mon Feb 8 17:44:41 2010 From: nate.durr at gmail.com (Nate Durr) Date: Mon Feb 8 17:44:46 2010 Subject: [SATLUG] Follow up to Nate's IPv6 Presentation at ther OS Fest In-Reply-To: <4B6A09E5.7030501@shlrm.org> References: <6lkjm5l4pmbpgbd69atgb6km596ta8d5ee@4ax.com> <4B6A09E5.7030501@shlrm.org> Message-ID: <3c1d8f0c1002081544v2ecb67cdn293e0abe91ca12a3@mail.gmail.com> > > Don't use Hurricane Electric. They have blocked IRC over ipv6 in the > past and I've had troubles with the tunnel working and staying up. > Hurricane Electric is quick and straight forward compared to sixxs. I have had no problems with the tunnel staying up. You will run into problems using HE for your tunnel if your IP address changes often. I was up and running with ipv6 from HE in less then an hour, and getting an additional /48 allocation was quick. > 10 Steps to IPv6 > http://www.sixxs.net/faq/account/?faq=10steps > > sixxs.net is quite good, and they have a PoP(Point of Presence) in > Dallas. They use a piece of software called aiccu, and it does an > excellent job keeping the tunnel up. I have had a tunnel, and subnet, > with them for a long time now, and am consistently satisfied. Using aiccu with sixxs is easier if you are behind a NAT, because HE only supports 6in4 tunnels. While sixxs supported more tunnel options they force you to wait for approval to often. When I did my testing with sixxs it was during the Holidays so the wait could be a non-issue now. I am still using HE for ipv6 connectivity at my house, but still find having the aiccu client on my laptop really handy because it traverses NAT. I also find having two providers makes makes troubleshooting easier. Thanks for the heads up on the blocked IRC. Later, Nate From bruce.dubbs at gmail.com Mon Feb 8 17:46:46 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Mon Feb 8 17:46:50 2010 Subject: [SATLUG] Wiki In-Reply-To: References: Message-ID: <4B70A266.2060608@gmail.com> swayne swayne wrote: > how can i create and account to edit the wiki i click on create account and > nothing happens Read the Main Page: Administration note Self registration to modify pages on this wiki has been disabled due to spam. If a SATLUG member wants to obtain registration to update the wiki pages, send a request to mailto:officers@satlug.org with your requested user name and password. -------- Actually that won't work very well though. I redirected my email to /dev/null because 99% of the traffic I received from the satlug email address was due to spam. One of the other officers could redirect to me though. Send me info directly at bruce.dubbs@gmail and I'll set you up (once I remember how :) ) -- Bruce From swayneswayne at gmail.com Mon Feb 8 18:12:23 2010 From: swayneswayne at gmail.com (swayne swayne) Date: Mon Feb 8 18:12:45 2010 Subject: [SATLUG] Wiki In-Reply-To: <4B70A266.2060608@gmail.com> References: <4B70A266.2060608@gmail.com> Message-ID: oops sorry for spamming the mailing list On Mon, Feb 8, 2010 at 5:46 PM, Bruce Dubbs wrote: > swayne swayne wrote: > >> how can i create and account to edit the wiki i click on create account >> and >> nothing happens >> > > Read the Main Page: > > Administration note > > Self registration to modify pages on this wiki has been disabled due to > spam. If a SATLUG member wants to obtain registration to update the wiki > pages, send a request to mailto:officers@satlug.org with your requested > user name and password. > -------- > Actually that won't work very well though. I redirected my email to > /dev/null because 99% of the traffic I received from the satlug email > address was due to spam. One of the other officers could redirect to me > though. > > Send me info directly at bruce.dubbs@gmail and I'll set you up (once I > remember how :) ) > > -- Bruce > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From dondavis at reglue.org Mon Feb 8 19:12:11 2010 From: dondavis at reglue.org (dondavis@reglue.org) Date: Mon Feb 8 19:12:14 2010 Subject: [SATLUG] Follow up to Nate's IPv6 Presentation at ther OS Fest In-Reply-To: <3c1d8f0c1002081544v2ecb67cdn293e0abe91ca12a3@mail.gmail.com> References: <6lkjm5l4pmbpgbd69atgb6km596ta8d5ee@4ax.com> <4B6A09E5.7030501@shlrm.org> <3c1d8f0c1002081544v2ecb67cdn293e0abe91ca12a3@mail.gmail.com> Message-ID: > > I am still using HE for ipv6 connectivity at my house, but still find > having the aiccu client on my laptop really handy because it traverses > NAT. I also find having two providers makes makes troubleshooting > easier. Thanks for the heads up on the blocked IRC. I use HE as well for ipv6 connectivity. I have a static IP address. My router keeps the tunnel open. The tunnel has only ever gone down when I rebooted the router. From alesmerises at satx.rr.com Mon Feb 8 23:10:57 2010 From: alesmerises at satx.rr.com (Alan Lesmerises) Date: Mon Feb 8 23:10:59 2010 Subject: [SATLUG] OT: Router-related question Message-ID: <4B70EE61.2000506@satx.rr.com> My system is connected to a NetGear FVS318v3 VPN Router which in-turn is connected to a cable modem (service is through TWC). The router seems to be 'losing' its connection (or at least the ability to communicate) with the cable modem (& hence the Internet) on a fairly regular basis. This is true for any system plugged into the router (MS Windows or Linux). I can re-establish my Internet connection if I reset the router (i.e., turn the power off & then back on). This is somewhat of a PITA, but at least the router is readily accessible. However, my wife doesn't always know what to do to reset the connection, and she's getting frustrated (& so am I). Also, my plans are to eventually relocate the router someplace where it won't be quite so easily accessible, so resetting it won't be quite so easy in the future. So I have 2 basic questions -- (1) Does anyone have any idea why this problem might be occurring, and (2) is there a command or something that I can send to the router to have it reset itself without having to manually power it down/up? TIA. Al Lesmerises From edeleonjr at gmail.com Mon Feb 8 23:37:37 2010 From: edeleonjr at gmail.com (Ernest De Leon) Date: Mon Feb 8 23:37:59 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B70EE61.2000506@satx.rr.com> References: <4B70EE61.2000506@satx.rr.com> Message-ID: I can tell you from personal experience that TW cycles the same equipment between customers (broken or not). Before I mess with your router, I would replace the modem. Just take it in and tell them that it's bad. They will exchange it for a new one. See if the behavior persists. I once had a similar behavior and it had something to do with the splitter the install tech had placed in the box outside. They sent a tech out and once he put in the new splitter, the problem went away. If the behavior persists, take the router out of the equation and hook up a linux box directly to the modem. See if the box loses connectivity as well or if it maintains it. If it maintains connectivity, the router may be the issue and may need to be replaced. If it also loses connectivity, the problem is most likely on the TWC side. On Mon, Feb 8, 2010 at 11:10 PM, Alan Lesmerises wrote: > My system is connected to a NetGear FVS318v3 VPN Router which in-turn is > connected to a cable modem (service is through TWC). The router seems to be > 'losing' its connection (or at least the ability to communicate) with the > cable modem (& hence the Internet) on a fairly regular basis. This is true > for any system plugged into the router (MS Windows or Linux). I can > re-establish my Internet connection if I reset the router (i.e., turn the > power off & then back on). > > This is somewhat of a PITA, but at least the router is readily accessible. > However, my wife doesn't always know what to do to reset the connection, > and she's getting frustrated (& so am I). Also, my plans are to eventually > relocate the router someplace where it won't be quite so easily accessible, > so resetting it won't be quite so easy in the future. > > So I have 2 basic questions -- (1) Does anyone have any idea why this > problem might be occurring, and (2) > is there a command or something that I can send to the router to have it > reset itself without having to manually power it down/up? > > TIA. > > Al Lesmerises > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From demeler at biochem.uthscsa.edu Tue Feb 9 06:48:11 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Tue Feb 9 06:48:24 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B70EE61.2000506@satx.rr.com> Message-ID: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> > So I have 2 basic questions -- (1) Does anyone have any idea why this > problem might be occurring, and (2) Al, this is hard to say, it could be the cable modem, or it could be the router. > is there a command or something that I can send to the router to have it > reset itself without having to manually power it down/up? Most routers run a web server on the first address of their subnet (if your address is 192.168.0.xxx then try to put this into the web browser URL field: 192.168.0.1). You should get a login prompt (if you forgot the login prompt you need to reset it by holding in the reset button for 5 secs, and then you have to reprogram all settings different from the default settings). After successful login you should look for a page that gives you the current status. One of the status items should be the DHCP connection to TWC. There should be a button that says "DHCP RELEASE" or "DHCP RENEW". CLick on those and see if this solves the problem. You may have to do it a couple of times. If this solves your problem, then most likely this is a TWC or a cable modem issue and you need to talk to them to either fix their network or give you a new modem. Hope that helps. -Borries From j at jvpappas.net Tue Feb 9 08:37:12 2010 From: j at jvpappas.net (John Pappas) Date: Tue Feb 9 08:37:15 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> References: <4B70EE61.2000506@satx.rr.com> <201002091248.o19CmBA1030530@biochem.uthscsa.edu> Message-ID: <4c0ec4451002090637k622f69b5r9801668d1230322c@mail.gmail.com> On Tue, Feb 9, 2010 at 05:48, Borries Demeler wrote: > > So I have 2 basic questions -- (1) Does anyone have any idea why this > > problem might be occurring, and (2) > > Al, this is hard to say, it could be the cable modem, or it could be the > router. > When I had this problem, the "visible" symptom to the (L2) tech was "flapping" due to incorrect signal strength. Ask them for the operating characteristics of your line (line dbi or signal strength particularly) as that can isolate a weak cable or splitter. > > is there a command or something that I can send to the router to have it > > reset itself without having to manually power it down/up? > DDWRT can cron a reboot, but not sure that you can "conditionally reset" based on loss of connectivity. The corrective action that "fixes" it is a router reset? Does the WAN port IP change when reset? Often, if the modem cycles the connection the router will loose connection, even though it shouldn't. If this solves your problem, then most likely this is a TWC or a cable modem > issue and you need to talk to them to either fix their network or give you > a new modem. > The correction in my case was 2 fold: replace the modem, and then replace both trunk and modem line by running a new, direct line from demarc to modem location, with the following splitter config: 2 way from trunk-TV, modem, and a 4way for TVs. I am sure a 6 or 8 way could have been used instead, but linemen aren't usually packing them, so he used a 2+4 config. If the tech can isolate a signal issue, they will have you replace the modem first (as they have to do no work to do that) and then if that does not "fix", they will send a lineman to fix the line. HTH, John > Hope that helps. -Borries > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From alesmerises at satx.rr.com Tue Feb 9 22:01:01 2010 From: alesmerises at satx.rr.com (Alan Lesmerises) Date: Tue Feb 9 22:00:59 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> References: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> Message-ID: <4B722F7D.5030805@satx.rr.com> Borries Demeler wrote: >> So I have 2 basic questions -- (1) Does anyone have any idea why this >> problem might be occurring, and (2) >> > Al, this is hard to say, it could be the cable modem, or it could be the router. > That seems to be the consensus -- I'll have to troubleshoot them to be sure which one's the problem. >> is there a command or something that I can send to the router to have it >> reset itself without having to manually power it down/up? >> > Most routers run a web server on the first address of their subnet > (if your address is 192.168.0.xxx then try to put this into the web browser > URL field: 192.168.0.1). You should get a login prompt (if you forgot the > login prompt you need to reset it by holding in the reset button for 5 secs, > and then you have to reprogram all settings different from the default settings). > After successful login you should look for a page that gives you the current > status. One of the status items should be the DHCP connection to TWC. There > should be a button that says "DHCP RELEASE" or "DHCP RENEW". CLick on those > and see if this solves the problem. You may have to do it a couple of times. > > If this solves your problem, then most likely this is a TWC or a cable modem > issue and you need to talk to them to either fix their network or give you > a new modem. > > Hope that helps. -Borries > I knew I could log into the router (to assign IP's, change firewall settings, etc.), but I was hoping there was some sort of command string that I could send to the router that would make it do the DHCP Renew (or whatever) without having to log in, etc. That way, if my wife was having trouble, I could have her run a script to send the appropriate command, and the connection would get reset. Al Lesmerises From alesmerises at satx.rr.com Tue Feb 9 22:09:28 2010 From: alesmerises at satx.rr.com (Alan Lesmerises) Date: Tue Feb 9 22:09:24 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4c0ec4451002090637k622f69b5r9801668d1230322c@mail.gmail.com> References: <4B70EE61.2000506@satx.rr.com> <201002091248.o19CmBA1030530@biochem.uthscsa.edu> <4c0ec4451002090637k622f69b5r9801668d1230322c@mail.gmail.com> Message-ID: <4B723178.2030703@satx.rr.com> John Pappas wrote: > On Tue, Feb 9, 2010 at 05:48, Borries Demeler > wrote: > >>> So I have 2 basic questions -- (1) Does anyone have any idea why this >>> problem might be occurring, and (2) >>> >> Al, this is hard to say, it could be the cable modem, or it could be the >> router. > When I had this problem, the "visible" symptom to the (L2) tech was > "flapping" due to incorrect signal strength. Ask them for the operating > characteristics of your line (line dbi or signal strength particularly) as > that can isolate a weak cable or splitter. > I did recently have some trouble that was related to signal strength, and the tech replaced something in the junction box at the end of the block, but I didn't catch the specifics. It seemed to correct the problem at the time, though. >>> is there a command or something that I can send to the router to have it >>> reset itself without having to manually power it down/up? >>> > DDWRT can cron a reboot, but not sure that you can "conditionally reset" > based on loss of connectivity. > > The corrective action that "fixes" it is a router reset? Does the WAN port > IP change when reset? Often, if the modem cycles the connection the router > will loose connection, even though it shouldn't. > Powering down then turning it back on (after ~10-15 secs) will re-establish my Internet connection nearly every time. There have been a couple of instances where the cable modem didn't seem to get a signal, but that appears to have been a different issue. > If this solves your problem, then most likely this is a TWC or a cable modem > >> issue and you need to talk to them to either fix their network or give you >> a new modem. > The correction in my case was 2 fold: replace the modem, and then replace > both trunk and modem line by running a new, direct line from demarc to modem > location, with the following splitter config: 2 way from trunk-TV, modem, > and a 4way for TVs. I am sure a 6 or 8 way could have been used instead, > but linemen aren't usually packing them, so he used a 2+4 config. > > If the tech can isolate a signal issue, they will have you replace the modem > first (as they have to do no work to do that) and then if that does not > "fix", they will send a lineman to fix the line. > > HTH, > John > Sounds like I'll need to check out the cables as I'm doing the troubleshooting. Thanks. Al Lesmerises From e2eiod at gmail.com Wed Feb 10 06:56:36 2010 From: e2eiod at gmail.com (Robert Pearson) Date: Wed Feb 10 06:56:40 2010 Subject: [SATLUG] Hadoop, MapReduce And Public/Private Cloud Computing Message-ID: Frank Huddleston has mentioned Hadoop in several posts about Home Cloud Computing. This post is mainly an FYI for those too busy to have time to read much... Anyone interested in Hadoop can search the SATLUG email archives and get all the previous posts about Hadoop. The current Hadoop post of interest (to me) is: "A petascale parallel database" by Robin Harris on Monday, 8 February, 2010 [Article excerpt] "MapReduce and its Open Source version, Hadoop, are parallel data analysis tools. A few lines of code can drive massive data reductions across thousands of nodes. Cool. Powerful though it is, Hadoop isn?t a database. Classic structured data analysis of the model/load/process type isn?t what it was designed for" One of the Comments is very interesting - included here for your convenience: [StorageMojo Comment by nate Tuesday, 9 February, 2010 at 11:43 am] [Begin Comment] I was talking to a developer working on a project that will be running on hadoop soon and was interested to hear his comments on hadoop itself, it?s extremely poorly written, apparently Yahoo built it mostly by outsourcing the development overseas to some low quality coders, and the result is some pretty poor code. It can work it?s just not that good. I find it pretty interesting how much stuff google does internally such as their own file system, mapreduce, server builds, their own switches and routers, their own http server, their own java servlet server. Meanwhile others struggle to keep up trying to use as much off the shelf stuff as possible because they don?t have the engineering resources internally to even begin to approach doing it themselves, even a Microsoft insider admitted as much recently in an interview http://www.theregister.co.uk/2010/02/03/microsoft_bing_number_two_wannabe/ I suppose the message here is hope & pray you aren?t in a market that google is or might become interested in at some point if your relying on hadoop. Because whatever you can do, they can do 1000x faster with their ~billion servers, and their ~million PhDs. [End Comment] [rdpcomment] "file system, mapreduce, server builds, their own switches and routers, their own http server, their own java servlet server" all key components of Enterprise Computing and its BIG brother, Cloud Computing" So for a Home Cloud you would need: "your heavily modified file system, Hadoop (mapreduce), your custom server builds, your hand picked switches and routers, your own http server, your own java servlet server". You could use COTS (Commercial Off The Shelf) components for the Home Cloud since bandwidth and throughput will not make the difference between your making a profit and surviving. This means that a new market for Private Cloud components is developing to supply some of the Google in-house developed components. "Why private clouds are part of the future" by Robin Harris on Friday, 5 February, 2010 [Article excerpt] "I?ve grappled with the question of private clouds for the last couple of years. The advantages of web scale systems became more obvious, but the human desire for reliable data access and control has not receded. Public and private will not displace each other: they will coexist just as public and private power sources coexist today. No doubt public clouds will claim the majority of the market whether measured in dollars or exabytes, but private clouds will remain significant contributors to our data infrastructure for decades, if not centuries, to come." [End Excerpt] [rdpcomment - IMHO,YMMV the rise of Private Clouds is a major shift in the computing paradigm] From hharadon at gmail.com Wed Feb 10 07:28:38 2010 From: hharadon at gmail.com (Howard Haradon) Date: Wed Feb 10 07:28:40 2010 Subject: [SATLUG] Reminder: Meeting at SAC Tonite at 7PM Message-ID: Hope to see everyone in room 122 (basement of the Nail Center) for Bruce Dubbs talk on GRUB 2. Howard -- Howard Haradon San Antonio, TX USA From afcasta at satx.rr.com Wed Feb 10 09:27:33 2010 From: afcasta at satx.rr.com (afcasta@satx.rr.com) Date: Wed Feb 10 09:27:38 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B70EE61.2000506@satx.rr.com> Message-ID: <20100210152733.UQQBY.491390.root@cdptpa-web02-z01> I have the same problem with TWC. I log onto my router, and release/renew my IP address. I agree this is a PITA - I never had this issue with ISDN. Perhaps DSL is more reliable, but I went with TWC because DSL wasn't available in my area when I hooked up to TWC. Al Castanoli ---- Alan Lesmerises wrote: > My system is connected to a NetGear FVS318v3 VPN Router which in-turn is > connected to a cable modem (service is through TWC). The router seems > to be 'losing' its connection (or at least the ability to communicate) > with the cable modem (& hence the Internet) on a fairly regular basis. > This is true for any system plugged into the router (MS Windows or > Linux). I can re-establish my Internet connection if I reset the router > (i.e., turn the power off & then back on). > > This is somewhat of a PITA, but at least the router is readily > accessible. However, my wife doesn't always know what to do to reset > the connection, and she's getting frustrated (& so am I). Also, my > plans are to eventually relocate the router someplace where it won't be > quite so easily accessible, so resetting it won't be quite so easy in > the future. > > So I have 2 basic questions -- (1) Does anyone have any idea why this > problem might be occurring, and (2) > is there a command or something that I can send to the router to have it > reset itself without having to manually power it down/up? > > TIA. > > Al Lesmerises > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) From toddwbucy at grandecom.net Wed Feb 10 10:00:14 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 10:00:16 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B722F7D.5030805@satx.rr.com> References: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> <4B722F7D.5030805@satx.rr.com> Message-ID: <1265817614.2331.1.camel@redpill-laptop> On Tue, 2010-02-09 at 22:01 -0600, Alan Lesmerises wrote: > Borries Demeler wrote: > >> So I have 2 basic questions -- (1) Does anyone have any idea why this > >> problem might be occurring, and (2) > >> > > Al, this is hard to say, it could be the cable modem, or it could be the router. > > > That seems to be the consensus -- I'll have to troubleshoot them to be > sure which one's the problem. > >> is there a command or something that I can send to the router to have it > >> reset itself without having to manually power it down/up? > >> > > Most routers run a web server on the first address of their subnet > > (if your address is 192.168.0.xxx then try to put this into the web browser > > URL field: 192.168.0.1). You should get a login prompt (if you forgot the > > login prompt you need to reset it by holding in the reset button for 5 secs, > > and then you have to reprogram all settings different from the default settings). > > After successful login you should look for a page that gives you the current > > status. One of the status items should be the DHCP connection to TWC. There > > should be a button that says "DHCP RELEASE" or "DHCP RENEW". CLick on those > > and see if this solves the problem. You may have to do it a couple of times. > > > > If this solves your problem, then most likely this is a TWC or a cable modem > > issue and you need to talk to them to either fix their network or give you > > a new modem. > > > > Hope that helps. -Borries > > > I knew I could log into the router (to assign IP's, change firewall > settings, etc.), but I was hoping there was some sort of command string > that I could send to the router that would make it do the DHCP Renew (or > whatever) without having to log in, etc. That way, if my wife was > having trouble, I could have her run a script to send the appropriate > command, and the connection would get reset. > > Al Lesmerises > you could always build a router and then write the script. But I dont think that most consumer routers will let you do stuff like that. Todd From bruce.dubbs at gmail.com Wed Feb 10 10:04:45 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 10 10:04:50 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <20100210152733.UQQBY.491390.root@cdptpa-web02-z01> References: <20100210152733.UQQBY.491390.root@cdptpa-web02-z01> Message-ID: <4B72D91D.8090107@gmail.com> afcasta@satx.rr.com wrote: > I have the same problem with TWC. I log onto my router, and > release/renew my IP address. I agree this is a PITA - I never > had this issue with ISDN. Perhaps DSL is more reliable, but I > went with TWC because DSL wasn't available in my area when I > hooked up to TWC. I don't know why you need to do this. I've had TWC for a year or so now and have never had to renew an IP address. The system has gone down a couple of times on me and I've logged into the router to confirm it was them and not me, but I've never had to reset or renew the IP address. -- Bruce From toddwbucy at grandecom.net Wed Feb 10 10:07:44 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 10:07:52 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265817614.2331.1.camel@redpill-laptop> References: <201002091248.o19CmBA1030530@biochem.uthscsa.edu> <4B722F7D.5030805@satx.rr.com> <1265817614.2331.1.camel@redpill-laptop> Message-ID: <1265818064.2331.3.camel@redpill-laptop> On Wed, 2010-02-10 at 10:00 -0600, redpill wrote: > On Tue, 2010-02-09 at 22:01 -0600, Alan Lesmerises wrote: > > Borries Demeler wrote: > > >> So I have 2 basic questions -- (1) Does anyone have any idea why this > > >> problem might be occurring, and (2) > > >> > > > Al, this is hard to say, it could be the cable modem, or it could be the router. > > > > > That seems to be the consensus -- I'll have to troubleshoot them to be > > sure which one's the problem. > > >> is there a command or something that I can send to the router to have it > > >> reset itself without having to manually power it down/up? > > >> > > > Most routers run a web server on the first address of their subnet > > > (if your address is 192.168.0.xxx then try to put this into the web browser > > > URL field: 192.168.0.1). You should get a login prompt (if you forgot the > > > login prompt you need to reset it by holding in the reset button for 5 secs, > > > and then you have to reprogram all settings different from the default settings). > > > After successful login you should look for a page that gives you the current > > > status. One of the status items should be the DHCP connection to TWC. There > > > should be a button that says "DHCP RELEASE" or "DHCP RENEW". CLick on those > > > and see if this solves the problem. You may have to do it a couple of times. > > > > > > If this solves your problem, then most likely this is a TWC or a cable modem > > > issue and you need to talk to them to either fix their network or give you > > > a new modem. > > > > > > Hope that helps. -Borries > > > > > I knew I could log into the router (to assign IP's, change firewall > > settings, etc.), but I was hoping there was some sort of command string > > that I could send to the router that would make it do the DHCP Renew (or > > whatever) without having to log in, etc. That way, if my wife was > > having trouble, I could have her run a script to send the appropriate > > command, and the connection would get reset. > > > > Al Lesmerises > > > you could always build a router and then write the script. But I dont > think that most consumer routers will let you do stuff like that. > > Todd > one more thing...are you sure you want other people to remotely run arbitrary scripts on your gateway router? Todd From demeler at biochem.uthscsa.edu Wed Feb 10 10:20:05 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Wed Feb 10 10:20:11 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B72D91D.8090107@gmail.com> Message-ID: <201002101620.o1AGK53g005844@biochem.uthscsa.edu> > > afcasta@satx.rr.com wrote: > > I have the same problem with TWC. I log onto my router, and > > release/renew my IP address. I agree this is a PITA - I never > > had this issue with ISDN. Perhaps DSL is more reliable, but I > > went with TWC because DSL wasn't available in my area when I > > hooked up to TWC. > > I don't know why you need to do this. I've had TWC for a year or so now > and have never had to renew an IP address. The system has gone down a > couple of times on me and I've logged into the router to confirm it was > them and not me, but I've never had to reset or renew the IP address. > > -- Bruce Lucky you. -b. From demeler at biochem.uthscsa.edu Wed Feb 10 10:21:10 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Wed Feb 10 10:21:13 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265818064.2331.3.camel@redpill-laptop> Message-ID: <201002101621.o1AGLAfP006171@biochem.uthscsa.edu> > one more thing...are you sure you want other people to remotely run > arbitrary scripts on your gateway router? > Todd You can control which IP is allowed to do it, for example, only allow ssh connections from the private side, then it wouldn't be just anyone. -b. From toddwbucy at grandecom.net Wed Feb 10 10:40:35 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 10:40:42 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <201002101621.o1AGLAfP006171@biochem.uthscsa.edu> References: <201002101621.o1AGLAfP006171@biochem.uthscsa.edu> Message-ID: <1265820035.2331.8.camel@redpill-laptop> On Wed, 2010-02-10 at 10:21 -0600, Borries Demeler wrote: > > one more thing...are you sure you want other people to remotely run > > arbitrary scripts on your gateway router? > > Todd > > You can control which IP is allowed to do it, for example, only allow > ssh connections from the private side, then it wouldn't be just anyone. > > -b. sure you can and IP addresses can be spoofed. I'm just saying that one should really consider the risks of opening up remote access and control of their home gateway router as it often doubles as their primary firewall. Todd From bruce.dubbs at gmail.com Wed Feb 10 10:49:21 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 10 10:49:24 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265820035.2331.8.camel@redpill-laptop> References: <201002101621.o1AGLAfP006171@biochem.uthscsa.edu> <1265820035.2331.8.camel@redpill-laptop> Message-ID: <4B72E391.6050506@gmail.com> redpill wrote: > On Wed, 2010-02-10 at 10:21 -0600, Borries Demeler wrote: >>> one more thing...are you sure you want other people to remotely run >>> arbitrary scripts on your gateway router? >>> Todd >> You can control which IP is allowed to do it, for example, only allow >> ssh connections from the private side, then it wouldn't be just anyone. >> >> -b. > sure you can and IP addresses can be spoofed. But the interface that the ip address comes in on can't be spoofed. -- Bruce From demeler at biochem.uthscsa.edu Wed Feb 10 10:50:06 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Wed Feb 10 10:50:08 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265820035.2331.8.camel@redpill-laptop> Message-ID: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> > > On Wed, 2010-02-10 at 10:21 -0600, Borries Demeler wrote: > > > one more thing...are you sure you want other people to remotely run > > > arbitrary scripts on your gateway router? > > > Todd > > > > You can control which IP is allowed to do it, for example, only allow > > ssh connections from the private side, then it wouldn't be just anyone. > > > > -b. > sure you can and IP addresses can be spoofed. I'm just saying that one > should really consider the risks of opening up remote access and control > of their home gateway router as it often doubles as their primary > firewall. How do you spoof a private (192.168.x.x, 10.x.x.x) address on a public network? I thought they were never routed. -b. From toddwbucy at grandecom.net Wed Feb 10 11:06:13 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 11:06:16 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> Message-ID: <1265821573.2331.11.camel@redpill-laptop> On Wed, 2010-02-10 at 10:50 -0600, Borries Demeler wrote: > > > > On Wed, 2010-02-10 at 10:21 -0600, Borries Demeler wrote: > > > > one more thing...are you sure you want other people to remotely run > > > > arbitrary scripts on your gateway router? > > > > Todd > > > > > > You can control which IP is allowed to do it, for example, only allow > > > ssh connections from the private side, then it wouldn't be just anyone. > > > > > > -b. > > sure you can and IP addresses can be spoofed. I'm just saying that one > > should really consider the risks of opening up remote access and control > > of their home gateway router as it often doubles as their primary > > firewall. > > How do you spoof a private (192.168.x.x, 10.x.x.x) address on a public network? I thought > they were never routed. > > -b. In this case you wouldn't have to. He said that the script would be run from his wife's laptop. One could assume that means via wifi. Crack the wifi encryption (lets hope he's not using WEP) spoof the ip and your in. Todd From daniel at rugmonster.org Wed Feb 10 11:58:47 2010 From: daniel at rugmonster.org (Daniel J. Givens) Date: Wed Feb 10 11:58:57 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265820035.2331.8.camel@redpill-laptop> References: <201002101621.o1AGLAfP006171@biochem.uthscsa.edu> <1265820035.2331.8.camel@redpill-laptop> Message-ID: On Feb 10, 2010, at 10:40 AM, redpill wrote: > sure you can and IP addresses can be spoofed. How viable is it to spoof an IP on a TCP connection going across the Internet where MITM isn't possible without compromising ever router between? I see people throw around the spoofed IP FUD, but have yet to see it be an issue with TCP connections off of a LAN. The only thing I've seen it used maliciously for outside of a single network segment environment is for UDP packet floods. From daniel at rugmonster.org Wed Feb 10 12:04:37 2010 From: daniel at rugmonster.org (Daniel J. Givens) Date: Wed Feb 10 12:04:45 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265821573.2331.11.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> Message-ID: On Feb 10, 2010, at 11:06 AM, redpill wrote: > In this case you wouldn't have to. He said that the script would be > run > from his wife's laptop. One could assume that means via wifi. Crack > the > wifi encryption (lets hope he's not using WEP) spoof the ip and your > in. That's a lot of work. Someone would have to really have a reason to go to those measures and they probably could care less about a home router. Is it all a possible scenario? Sure, but you have to look at it framed with actual risk in mind. You could go crazy chasing down every possible scenario, but that doesn't make sense unless you're uber-paranoid. From hharadon at gmail.com Wed Feb 10 12:50:47 2010 From: hharadon at gmail.com (Howard Haradon) Date: Wed Feb 10 12:50:50 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B70EE61.2000506@satx.rr.com> References: <4B70EE61.2000506@satx.rr.com> Message-ID: On Mon, Feb 8, 2010 at 11:10 PM, Alan Lesmerises wrote: > My system is connected to a NetGear FVS318v3 VPN Router which in-turn is > connected to a cable modem (service is through TWC). ?The router seems to be > 'losing' its connection (or at least the ability to communicate) with the > cable modem (& hence the Internet) on a fairly regular basis. ?This is true > for any system plugged into the router (MS Windows or Linux). ?I can > re-establish my Internet connection if I reset the router (i.e., turn the > power off & then back on). > > This is somewhat of a PITA, but at least the router is readily accessible. > ?However, my wife doesn't always know what to do to reset the connection, > and she's getting frustrated (& so am I). ?Also, my plans are to eventually > relocate the router someplace where it won't be quite so easily accessible, > so resetting it won't be quite so easy in the future. > > So I have 2 basic questions -- (1) Does anyone have any idea why this > problem might be occurring, and (2) > is there a command or something that I can send to the router to have it > reset itself without having to manually power it down/up? > > TIA. Al Lesmerises I can contribute 3 things that may help in diagnosing the problem: 1. I was a TW user with a router for about 6-7 years and had no such disconnects except infrequent outages that happened about 2-3 times per year. My opinion is that resetting the device is only a stop-gap measure, not a fix. 2. With my DSL modem I can surf to it at addr. 192.168.0.1 and there are various diagnostic tools including a log that documents drops should they be happening at the modem or between the modem and the router's WAN port. You likely have a similar facility with the TW device. 3. Likewise, I can surf to my router's diagnostic tool kit and view a log that provides a record of problem events. Hope this is useful, HH -- Howard Haradon San Antonio, TX USA From toddwbucy at grandecom.net Wed Feb 10 14:25:53 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 14:25:55 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> Message-ID: <1265833553.2331.60.camel@redpill-laptop> On Wed, 2010-02-10 at 12:04 -0600, Daniel J. Givens wrote: > On Feb 10, 2010, at 11:06 AM, redpill wrote: > > > In this case you wouldn't have to. He said that the script would be > > run > > from his wife's laptop. One could assume that means via wifi. Crack > > the > > wifi encryption (lets hope he's not using WEP) spoof the ip and your > > in. > > That's a lot of work. Someone would have to really have a reason to go > to those measures and they probably could care less about a home > router. Is it all a possible scenario? Sure, but you have to look at > it framed with actual risk in mind. You could go crazy chasing down > every possible scenario, but that doesn't make sense unless you're > uber-paranoid. uber-paranoid...really? can you be too paranoid when it comes to your personal information (financial or otherwise) in this day and age? Does the above scenario require a directed attack against a specific AP? Yes, but given that it is now easier (and safer for the thief) to crack your AP's encryption then it is for him to kick in your front door, maybe we should all be a bit more paranoid. In my view leaving the gateway routers ssh port open, even if only internally and for specific IP and MAC, is tantamount to leaving the front door key under the flower pot on the front porch. This is especially true if the WIFI AP is on the very same router/firewall that the ssh port is open on, a very common setup for home gateway routers. but hey maybe I am only this paranoid cuz I happen to be studying for my security+ exam. regards Todd From bruce.dubbs at gmail.com Wed Feb 10 14:34:35 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 10 14:34:39 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265833553.2331.60.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> Message-ID: <4B73185B.8080908@gmail.com> redpill wrote: > Does the above scenario require a directed attack against a specific AP? > Yes, but given that it is now easier (and safer for the thief) to crack > your AP's encryption then it is for him to kick in your front door, > maybe we should all be a bit more paranoid. > In my view leaving the > gateway routers ssh port open, even if only internally and for specific > IP and MAC, is tantamount to leaving the front door key under the flower > pot on the front porch. This is especially true if the WIFI AP is on > the very same router/firewall that the ssh port is open on, a very > common setup for home gateway routers. So don't use wifi. Ethernet cable isn't expensive. -- Bruce From toddwbucy at grandecom.net Wed Feb 10 14:38:36 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 14:38:44 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B73185B.8080908@gmail.com> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <4B73185B.8080908@gmail.com> Message-ID: <1265834316.2331.70.camel@redpill-laptop> On Wed, 2010-02-10 at 14:34 -0600, Bruce Dubbs wrote: > redpill wrote: > > > Does the above scenario require a directed attack against a specific AP? > > > Yes, but given that it is now easier (and safer for the thief) to crack > > your AP's encryption then it is for him to kick in your front door, > > maybe we should all be a bit more paranoid. > > > In my view leaving the > > gateway routers ssh port open, even if only internally and for specific > > IP and MAC, is tantamount to leaving the front door key under the flower > > pot on the front porch. This is especially true if the WIFI AP is on > > the very same router/firewall that the ssh port is open on, a very > > common setup for home gateway routers. > > So don't use wifi. Ethernet cable isn't expensive. > > -- Bruce exactly what I would recommend, but at the very least one should place wifi APs within a DMZ. Todd From satlug at sbcglobal.net Wed Feb 10 14:54:16 2010 From: satlug at sbcglobal.net (Don Wright) Date: Wed Feb 10 14:54:12 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265833553.2331.60.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> Message-ID: <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> On Wed, Todd (redpill) wrote: > <...> In my view leaving the >gateway routers ssh port open, even if only internally and for specific >IP and MAC, is tantamount to leaving the front door key under the flower >pot on the front porch. No ssh? How do you admin headless boxes? --Don -- Enterprise software fault, warp core dumped. From demeler at biochem.uthscsa.edu Wed Feb 10 14:55:10 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Wed Feb 10 14:55:14 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265833553.2331.60.camel@redpill-laptop> Message-ID: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> > > Does the above scenario require a directed attack against a specific AP? > Yes, but given that it is now easier (and safer for the thief) to crack > your AP's encryption then it is for him to kick in your front door, > maybe we should all be a bit more paranoid. In my view leaving the > gateway routers ssh port open, even if only internally and for specific > IP and MAC, is tantamount to leaving the front door key under the flower > pot on the front porch. This is especially true if the WIFI AP is on > the very same router/firewall that the ssh port is open on, a very > common setup for home gateway routers. > > but hey maybe I am only this paranoid cuz I happen to be studying for my > security+ exam. > > regards > Todd My laptop is on a wired connection, but let's for the sake of argument assume you manage to pull a DHCP address on my wifi network, you would still need a password to get into my computer, router and my personal info, just as you would for any other of the millions of computers connected to the network with ssh. And even if you manage to bypass security on my router, how is that going to give you access to my laptop? You might be able to mess with my network (which I'll figure out immediately), but its another story altogether to break into my computer. Seems like a lot of effort for little return. BTW, I have had ssh open to the outside since forever, blocking script kiddies and being half-way reasonable about what IPs I allow in, I NEVER had a problem. Of course, absence of evidence is not evidence of absence...but the more you block your computer the less functional it becomes, and I like to actually use my computer. If you are paranoid over data loss, encrypt your info and back it up off-line. PS. my computer runs linux, so security is acceptable. PPS. Good luck with the exam :-) -b. From edeleonjr at gmail.com Wed Feb 10 15:05:01 2010 From: edeleonjr at gmail.com (Ernest De Leon) Date: Wed Feb 10 15:05:24 2010 Subject: [SATLUG] Google to build out experimental Gigabit fiber to the home internet.... Message-ID: In case you haven't seen it.... http://googleblog.blogspot.com/2010/02/think-big-with-gig-our-experimental.html I already emailed the mayor to answer the RFI, Please do so if you support it. Ernest From toddwbucy at grandecom.net Wed Feb 10 15:58:12 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 15:58:15 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> Message-ID: <1265839092.2331.72.camel@redpill-laptop> On Wed, 2010-02-10 at 14:54 -0600, Don Wright wrote: > On Wed, Todd (redpill) wrote: > > <...> In my view leaving the > >gateway routers ssh port open, even if only internally and for specific > >IP and MAC, is tantamount to leaving the front door key under the flower > >pot on the front porch. > > No ssh? How do you admin headless boxes? --Don > > -- > Enterprise software fault, warp core dumped. through a serial port if you have a halfway decent router. Todd From bruce.dubbs at gmail.com Wed Feb 10 16:10:53 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 10 16:10:56 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265839092.2331.72.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> Message-ID: <4B732EED.1040707@gmail.com> redpill wrote: > On Wed, 2010-02-10 at 14:54 -0600, Don Wright wrote: >> On Wed, Todd (redpill) wrote: >>> <...> In my view leaving the gateway routers ssh port open, even >>> if only internally and for specific IP and MAC, is tantamount to >>> leaving the front door key under the flower pot on the front >>> porch. >> No ssh? How do you admin headless boxes? --Don > through a serial port if you have a halfway decent router. You could also burn EEPROMs and replace them. There is always a trade off between security and convenience. -- Bruce From toddwbucy at grandecom.net Wed Feb 10 16:15:28 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 16:15:36 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> References: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> Message-ID: <1265840128.2331.89.camel@redpill-laptop> On Wed, 2010-02-10 at 14:55 -0600, Borries Demeler wrote: > > > > Does the above scenario require a directed attack against a specific AP? > > Yes, but given that it is now easier (and safer for the thief) to crack > > your AP's encryption then it is for him to kick in your front door, > > maybe we should all be a bit more paranoid. In my view leaving the > > gateway routers ssh port open, even if only internally and for specific > > IP and MAC, is tantamount to leaving the front door key under the flower > > pot on the front porch. This is especially true if the WIFI AP is on > > the very same router/firewall that the ssh port is open on, a very > > common setup for home gateway routers. > > > > but hey maybe I am only this paranoid cuz I happen to be studying for my > > security+ exam. > > > > regards > > Todd > > My laptop is on a wired connection, but let's for the sake of argument > assume you manage to pull a DHCP address on my wifi network, Once your on the network you don't need to get to your laptop or any other host. Just wait for someone to access a bank account. > you would > still need a password to get into my computer, router and my personal info, > just as you would for any other of the millions of computers connected > to the network with ssh. And even if you manage to bypass security on > my router, how is that going to give you access to my laptop? You might > be able to mess with my network (which I'll figure out immediately), > but its another story altogether to break into my computer. Seems like > a lot of effort for little return. > > BTW, I have had ssh open to the outside since forever, blocking script > kiddies and being half-way reasonable about what IPs I allow in, I > NEVER had a problem. famous last words... the sort of attack i described would be relatively easy to hide as once in, as it only requires monitoring. > Of course, absence of evidence is not evidence of > absence...but the more you block your computer the less functional it > becomes, and I like to actually use my computer. If you are paranoid > over data loss, encrypt your info and back it up off-line. > true dat security is always a balancing act. I just recommend that one seriously consider opening up ports. especially ssh ports to the gateway router. I personally only open that particular port up when I know that I am going to be working on my system from the outside. > PS. my computer runs linux, so security is acceptable. I love Linux just as much as the next lugger but I do not automatically assume that its secure just because its Linux. Security is a practice not an operating system. Todd From daniel at rugmonster.org Wed Feb 10 17:04:06 2010 From: daniel at rugmonster.org (Daniel J. Givens) Date: Wed Feb 10 17:04:14 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265840128.2331.89.camel@redpill-laptop> References: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> <1265840128.2331.89.camel@redpill-laptop> Message-ID: On Wed, 10 Feb 2010 16:15:28 -0600, redpill wrote: > Once your on the network you don't need to get to your laptop or any > other host. Just wait for someone to access a bank account. That's what HTTPS is for. Anything sensitive traversing the network should be sent via encrypted connections. -- Daniel From satlug at sbcglobal.net Wed Feb 10 17:50:24 2010 From: satlug at sbcglobal.net (Don Wright) Date: Wed Feb 10 17:50:22 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B732EED.1040707@gmail.com> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> <4B732EED.1040707@gmail.com> Message-ID: >>> No ssh? How do you admin headless boxes? --Don redpill replied: >> through a serial port if you have a halfway decent router. Bruce added: >You could also burn EEPROMs and replace them. > >There is always a trade off between security and convenience. Great suggestions. How do you implement them on a virtual device located somewhere in the Cloud? Notice I didn't confine my query to small home devices. It sounds like you're saying SSH is so insecure it shouldn't be used even in non-critical situations. If so, what is the replacement? --Don -- There are two rules in this business: 1. Don't tell all you know. From henry.pugsley at gmail.com Wed Feb 10 18:49:07 2010 From: henry.pugsley at gmail.com (Henry Pugsley) Date: Wed Feb 10 18:49:09 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1003aeaa1002101648h2a6fe1a2tb5d28432ba6f9bab@mail.gmail.com> References: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> <1265840128.2331.89.camel@redpill-laptop> <1003aeaa1002101648h2a6fe1a2tb5d28432ba6f9bab@mail.gmail.com> Message-ID: <1003aeaa1002101649u781a8d7bvbb133354f815c1bc@mail.gmail.com> There are several appliances that proxy HTTPS by basically doing a man-in-the-middle attack that is virtually undetectable in the browser. If Cisco and RSA can figure it out, so can a dedicated cracker fishing for bank accounts. Combine DNS spoofing and an SSL attack and your browser will happily show a green padlock for any valid SSL certificate. DNS is not authenticated in any way and is cleartext. Allowing someone access to layer1 of your network and depending on layer2-7 security to keep you safe is playing with fire. -Henry On Feb 10, 2010 5:04 PM, "Daniel J. Givens" wrote: On Wed, 10 Feb 2010 16:15:28 -0600, redpill wrote: > Once your on the network you don't need to get to your laptop or any > other host. Just wait for ... That's what HTTPS is for. Anything sensitive traversing the network should be sent via encrypted connections. -- Daniel -- _______________________________________________ SATLUG mailing list SATLUG@satlug.org http://ala... From toddwbucy at grandecom.net Wed Feb 10 20:39:15 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 20:39:17 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> <4B732EED.1040707@gmail.com> Message-ID: <1265855955.2331.109.camel@redpill-laptop> On Wed, 2010-02-10 at 17:50 -0600, Don Wright wrote: > >>> No ssh? How do you admin headless boxes? --Don > > redpill replied: > >> through a serial port if you have a halfway decent router. > > Bruce added: > >You could also burn EEPROMs and replace them. > > > >There is always a trade off between security and convenience. > > Great suggestions. How do you implement them on a virtual device located > somewhere in the Cloud? Notice I didn't confine my query to small home > devices. > > It sounds like you're saying SSH is so insecure it shouldn't be used > even in non-critical situations. If so, what is the replacement? --Don > I wouldn't say that SSH is insecure, its not. My point is that SSH or for that matter any form of encrypted communication is only as secure as the practices that surround their use. SSH encryption can be cracked (http://www.youtube.com/watch?v=7CP-JB4QARo), SSL can be cracked (http://www.youtube.com/watch?v=7kQ_nTRt37c), and its getting easier and easier to do so. I understand that stuff has to get done and these protocols will be used what I am saying is that you should never think that just because you are using HTTPS or SSH you secure. In the above scenario All someone would need to do is run a tcpdump (say tcpdump -nXSe -s 1545 -c 5000 -t port 443 -w somefilename) scp the capfile out of the network. once the cap file is out of the network it can be analyzed and decrypted at the cracker's leisure. the point is your never as secure as you think you are. Todd From pcdls.ronin at gmail.com Wed Feb 10 20:59:04 2010 From: pcdls.ronin at gmail.com (pcdls.ronin) Date: Wed Feb 10 20:59:16 2010 Subject: [SATLUG] Reminder: Meeting at SAC Tonite at 7PM In-Reply-To: References: Message-ID: <4B737278.5090705@gmail.com> Howard Haradon wrote: > Hope to see everyone in room 122 (basement > of the Nail Center) for Bruce Dubbs talk on GRUB > 2. > > Howard > Tried making it to that meeting. But, there was no place to park for us non-students. After circling around, asking around for a general parking spot, I eventually gave up, cursed myself for venturing into downtown SA, and went home. Hope it was a good talk. It would have been my first LUG meeting. In spite of all that, I'll try again next time. Pete From toddwbucy at grandecom.net Wed Feb 10 21:04:54 2010 From: toddwbucy at grandecom.net (redpill) Date: Wed Feb 10 21:04:57 2010 Subject: [SATLUG] Reminder: Meeting at SAC Tonite at 7PM In-Reply-To: <4B737278.5090705@gmail.com> References: <4B737278.5090705@gmail.com> Message-ID: <1265857494.2331.133.camel@redpill-laptop> On Wed, 2010-02-10 at 20:59 -0600, pcdls.ronin wrote: > Howard Haradon wrote: > > Hope to see everyone in room 122 (basement > > of the Nail Center) for Bruce Dubbs talk on GRUB > > 2. > > > > Howard > > > Tried making it to that meeting. But, there was no place to park for us > non-students. After circling around, asking around for a general > parking spot, I eventually gave up, cursed myself for venturing into > downtown SA, and went home. Hope it was a good talk. It would have > been my first LUG meeting. > > In spite of all that, I'll try again next time. > > Pete next time just park in the student parking in front of Nail Tech. The police don't give to many problems after 6pm and I think that you are authorized to park there for the meeting. I am sure someone on the list can confirm this. Todd From alesmerises at satx.rr.com Wed Feb 10 21:39:39 2010 From: alesmerises at satx.rr.com (Alan Lesmerises) Date: Wed Feb 10 21:39:33 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265821573.2331.11.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> Message-ID: <4B737BFB.6000609@satx.rr.com> redpill wrote: > one more thing...are you sure you want other people to remotely run > arbitrary scripts on your gateway router? > The security issue _had_ crossed my mind, but I didn't even know if the option even existed yet ... > In this case you wouldn't have to. He said that the script would be run > from his wife's laptop. One could assume that means via wifi. Crack the > wifi encryption (lets hope he's not using WEP) spoof the ip and your in. Actually, the router has CAT5 hard-wire connections only, so there's no wifi encryption to crack. Thanks to everyone for your comments. I didn't expect such a big response to my question, but I found all of it pretty instructive. There were also many good suggestions that I'll definitely look into. HH -- I'll have to look into whether my router and/or the cable modem maintains an event log & what kinds of diagnostics tools are there (if any). Hopefully, I can find some breadcrumbs to follow. Thanks. Al Lesmerises From bruce.dubbs at gmail.com Wed Feb 10 22:19:59 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 10 22:20:03 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1003aeaa1002101649u781a8d7bvbb133354f815c1bc@mail.gmail.com> References: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> <1265840128.2331.89.camel@redpill-laptop> <1003aeaa1002101648h2a6fe1a2tb5d28432ba6f9bab@mail.gmail.com> <1003aeaa1002101649u781a8d7bvbb133354f815c1bc@mail.gmail.com> Message-ID: <4B73856F.3070300@gmail.com> Henry Pugsley wrote: > There are several appliances that proxy HTTPS by basically doing a > man-in-the-middle attack that is virtually undetectable in the browser. If > Cisco and RSA can figure it out, so can a dedicated cracker fishing for bank > accounts. > > Combine DNS spoofing and an SSL attack and your browser will happily show a > green padlock for any valid SSL certificate. Yes, the browser will but ssh won't. > DNS is not authenticated in any way and is cleartext. Well it could be: http://www.dnssec.net/ -- Bruce From hc at lookcee.com Thu Feb 11 00:34:03 2010 From: hc at lookcee.com (Herb Cee) Date: Thu Feb 11 00:34:06 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B737BFB.6000609@satx.rr.com> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <4B737BFB.6000609@satx.rr.com> Message-ID: <4B73A4DB.5030009@lookcee.com> Alan Lesmerises wrote: > redpill wrote: >> one more thing...are you sure you want other people to remotely run >> arbitrary scripts on your gateway router? >> > The security issue _had_ crossed my mind, but I didn't even know if > the option even existed yet ... > >> In this case you wouldn't have to. He said that the script would be run >> from his wife's laptop. One could assume that means via wifi. Crack the >> wifi encryption (lets hope he's not using WEP) spoof the ip and your in. > Actually, the router has CAT5 hard-wire connections only, so there's > no wifi encryption to crack. > > Thanks to everyone for your comments. I didn't expect such a big > response to my question, but I found all of it pretty instructive. > There were also many good suggestions that I'll definitely look into. > > HH -- I'll have to look into whether my router and/or the cable modem > maintains an event log & what kinds of diagnostics tools are there (if > any). Hopefully, I can find some breadcrumbs to follow. Thanks. > > Al Lesmerises I will chime in that I enjoyed following this thread and learned some things. Thanks to all. I have had problems with my DSL connect dropping and sometimes resetting auto but many times I have had to full boot. Then I noticed that the disconnect was occurring when any heavy starting load went on the power feed. (elect space heater or stove) and I used a volt meter and discovered that if the voltage spike dropped below 105 volts the modem would drop. I put the wall plug transformer on a diff circuit and that cured the prob. I doubt this helps Allan, but it is nice to know. Good luck hh From dondavis at reglue.org Thu Feb 11 06:28:19 2010 From: dondavis at reglue.org (Don Davis) Date: Thu Feb 11 06:28:20 2010 Subject: [SATLUG] OT: also for educators, proposed statewide database Message-ID: <4B73F7E3.3070006@reglue.org> This basically describes the proposed state wide database system. http://ritter.tea.state.tx.us/taa/comm020110.html >Please see the recent Correspondence to Districts posted this week at >http://ritter.tea.state.tx.us/taa/comm020110.html regarding our >upcoming Texas Student Data System (TSDS) regional workshops. The TEA >urges you to consider participating in one of these workshops to help >guide the design of the new data system. >Whether you are a classroom teacher, a campus administrator, or a >district administrator, your input is crucial to the process. Please >consider taking advantage of this opportunity to participate. The opportunity to participate could be a call for open standards especially the possibility of retrieving the data in an open format such as CSV. (I do not consider parsing PDFs into csv's to be ideal.) Here's a brief description: http://www.tea.state.tx.us/index2.aspx?id=7639&menu_id=938 Here's a flow chart: http://www.tea.state.tx.us/index2.aspx?id=7642&menu_id=938 It's possible for Texas school employees to provide feedback here: http://texasstudentdatasystem.org/feedback/ This is where it might be advisable to advocate the exporting of data to non-proprietary standards such as CSV and promote an open API. From dkowis at shlrm.org Thu Feb 11 07:23:43 2010 From: dkowis at shlrm.org (David Kowis) Date: Thu Feb 11 07:31:32 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265855955.2331.109.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> <4B732EED.1040707@gmail.com> <1265855955.2331.109.camel@redpill-laptop> Message-ID: <4B7404DF.2000702@shlrm.org> On 2/10/2010 8:39 PM, redpill wrote: > I wouldn't say that SSH is insecure, its not. My point is that SSH or > for that matter any form of encrypted communication is only as secure as > the practices that surround their use. SSH encryption can be cracked > (http://www.youtube.com/watch?v=7CP-JB4QARo), SSL can be cracked > (http://www.youtube.com/watch?v=7kQ_nTRt37c), and its getting easier and > easier to do so. > I understand that stuff has to get done and these protocols will be used > what I am saying is that you should never think that just because you > are using HTTPS or SSH you secure. > In the above scenario All someone would need to do is run a tcpdump (say > tcpdump -nXSe -s 1545 -c 5000 -t port 443 -w somefilename) scp the > capfile out of the network. once the cap file is out of the network it > can be analyzed and decrypted at the cracker's leisure. > the point is your never as secure as you think you are. This is true, but one has to weigh the value and expiry of the data. For example, scping an excel spreadsheet at home with a shopping list on it isn't worth some l33t haxx0rs time. Crypto is a balance of security and expiry of the important data. This is why changing passwords is important, if not as important as once a month (as some companies believe it is.) Note that the posted ssh cracking video isn't actually compromising the crypto, but logging in due to poor password selection. And they're doing a MITM attack to compromise your ssl link. If you've got your ssh host keys identified, you should be able to counter this. They present a false certificate. So this is still not compromising the crypto, but compromising a foolish user. If you can set up a verified secure connection, you should be in good shape, unless someone with a Cray 3 wants your mp3s you're scp'ing to work :) David From dkowis at shlrm.org Thu Feb 11 07:24:18 2010 From: dkowis at shlrm.org (David Kowis) Date: Thu Feb 11 07:32:03 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <1265855955.2331.109.camel@redpill-laptop> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> <4B732EED.1040707@gmail.com> <1265855955.2331.109.camel@redpill-laptop> Message-ID: <4B740502.7040901@shlrm.org> On 2/10/2010 8:39 PM, redpill wrote: > I wouldn't say that SSH is insecure, its not. My point is that SSH or > for that matter any form of encrypted communication is only as secure as > the practices that surround their use. SSH encryption can be cracked > (http://www.youtube.com/watch?v=7CP-JB4QARo), SSL can be cracked > (http://www.youtube.com/watch?v=7kQ_nTRt37c), and its getting easier and > easier to do so. Neat videos by the way. Forgot to mention that. David From dondavis at reglue.org Thu Feb 11 07:48:05 2010 From: dondavis at reglue.org (Don Davis) Date: Thu Feb 11 07:48:06 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B7404DF.2000702@shlrm.org> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <3076n5hvdsv7e3jpsf3sbaq7f79d2v55rn@4ax.com> <1265839092.2331.72.camel@redpill-laptop> <4B732EED.1040707@gmail.com> <1265855955.2331.109.camel@redpill-laptop> <4B7404DF.2000702@shlrm.org> Message-ID: <4B740A95.4060500@reglue.org> > > If you can set up a verified secure connection, you should be in good > shape, unless someone with a Cray 3 wants your mp3s you're scp'ing to > work :) How many ps3s would they need? http://www.wired.com/threatlevel/2008/12/berlin/ From hharadon at gmail.com Thu Feb 11 09:01:29 2010 From: hharadon at gmail.com (Howard Haradon) Date: Thu Feb 11 09:01:31 2010 Subject: [SATLUG] Reminder: Meeting at SAC Tonite at 7PM In-Reply-To: <1265857494.2331.133.camel@redpill-laptop> References: <4B737278.5090705@gmail.com> <1265857494.2331.133.camel@redpill-laptop> Message-ID: On Wed, Feb 10, 2010 at 9:04 PM, redpill wrote: > On Wed, 2010-02-10 at 20:59 -0600, pcdls.ronin wrote: >> Howard Haradon wrote: >> > Hope to see everyone in room 122 (basement >> > of the Nail Center) for Bruce Dubbs talk on GRUB >> > 2. >> > >> > Howard >> > >> Tried making it to that meeting. ?But, there was no place to park for us >> non-students. ?After circling around, asking around for a general >> parking spot, I eventually gave up, cursed myself for venturing into >> downtown SA, and went home. ?Hope it was a good talk. ?It would have >> been my first LUG meeting. >> >> In spite of all that, I'll try again next time. >> >> Pete > next time just park in the student parking in front of Nail Tech. ?The > police don't give to many problems after 6pm and I think that you are > authorized to park there for the meeting. ?I am sure someone on the list > can confirm this. > > Todd Yes, those attending SAC sponsored events are allowed to use ordinary student parking, not any faculty or staff places. I am starting a new topic devoted to this parking question. HH -- Howard Haradon San Antonio, TX USA From hharadon at gmail.com Thu Feb 11 10:27:49 2010 From: hharadon at gmail.com (Howard Haradon) Date: Thu Feb 11 10:27:52 2010 Subject: [SATLUG] Parking for SATLUG at SAC Message-ID: There are some questions about parking at the college for our meetings. Here are some points about SAC parking: 1. It is OK for members to park in student areas, but not in any spots reserved for staff or faculty. 2. It's a good idea to place a sign with large letters on your dashboard saying "Attending SAC Sponsored Event" 3. If you do get a ticket while parked in a student spot, just turn it over to Glenn Boswell or Steve Kolars. They will get the ticket fixed. 4. There is a new, multi-story parking garage just to the east of the Nail Tech Center. It can reached from N. Main St. or from Howard St. Here is a link to a PDF map showing this garage. Perhaps Steve or Glenn will post to make additions or corrections to this information. Howard -- Howard Haradon San Antonio, TX From bkfuth at gmail.com Thu Feb 11 10:39:46 2010 From: bkfuth at gmail.com (steve kolars) Date: Thu Feb 11 10:39:48 2010 Subject: [SATLUG] Parking for SATLUG at SAC In-Reply-To: References: Message-ID: <9b6ae23d1002110839j58795882t5f802b27f3a8208d@mail.gmail.com> On your sign you might say append Event in NTC 122" Steve On Thu, Feb 11, 2010 at 10:27 AM, Howard Haradon wrote: > There are some questions about parking at > the college for our meetings. Here are some > points about SAC parking: > > 1. It is OK for members to park in student areas, > but not in any spots reserved for staff or faculty. > > 2. It's a good idea to place a sign with large > letters on your dashboard saying "Attending > SAC Sponsored Event" > > 3. If you do get a ticket while parked in a student > spot, just turn it over to Glenn Boswell or Steve > Kolars. They will get the ticket fixed. > > 4. There is a new, multi-story parking garage just to > the east of the Nail Tech Center. It can reached > from N. Main St. or from Howard St. Here is a > link to a PDF map showing this garage. > > > > Perhaps Steve or Glenn will post to make additions > or corrections to this information. > > Howard > -- > Howard Haradon > San Antonio, TX > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From j at jvpappas.net Fri Feb 12 09:37:02 2010 From: j at jvpappas.net (John Pappas) Date: Fri Feb 12 09:37:06 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B73185B.8080908@gmail.com> References: <201002101650.o1AGo6bo012607@biochem.uthscsa.edu> <1265821573.2331.11.camel@redpill-laptop> <1265833553.2331.60.camel@redpill-laptop> <4B73185B.8080908@gmail.com> Message-ID: <4c0ec4451002120737u47c00a86g7d73f5fe678ceaf5@mail.gmail.com> On Wed, Feb 10, 2010 at 14:34, Bruce Dubbs wrote: > So don't use wifi. Ethernet cable isn't expensive > It is when you have to run it to other rooms and you want a "professional" look (ie don't want cable runs hanging off you walls outside), or if you want to run to a downstairs room with no external walls to run along in the first place. I am not lucky enough to have a house that is "old-work wire" friendly. My last house I rewired with infrastructure, home-run cabling (4 wire, Dual Cat5/RG6 bundle) to at least 2 opposite locations in each room (one story, 3 bed, living room, garage, Satellite, cable, and phone NID) and doubled up the living room. Total material was ~$800. if you consider my time ~= to an apprentice electrician (~60/h) or "Home Theater Installer" (~75-80/h), it took about 32 hours of work. Assuming that I am 50% less effective per hour than a "pro", then it would only take them ~16 hours, costing another ~$800 in labor. I would not think that most would consider that inexpensive. I will grant you that 4x cat5 and 4x RG6 per room may be overkill, but if you want a "professional" look, you need at least a Cat5/RG6 combo in a couple of spots per room, which would not have halved my material expense, and time would have been the same, since it takes about the same amount of time to run a bundle of wire for each drop as it does to run 1 wire for a drop. Just my $.02. John From tweeksjunk2 at theweeks.org Sat Feb 13 16:58:50 2010 From: tweeksjunk2 at theweeks.org (Tweeks) Date: Sat Feb 13 16:58:58 2010 Subject: [SATLUG] Fun XCSSA Meeting.. Message-ID: <201002131658.50955.tweeksjunk2@theweeks.org> XCSSA Meeting: Christmas Lights, Confetti Canons, Robots and Rockets! Monday 7pm http://xcssa.org/archives/XCSSA_2010-02-15.html#NEXT Tweeks From tweeksjunk2 at theweeks.org Sat Feb 13 17:03:46 2010 From: tweeksjunk2 at theweeks.org (Tweeks) Date: Sat Feb 13 17:03:55 2010 Subject: [SATLUG] OT: Router-related question In-Reply-To: <4B73856F.3070300@gmail.com> References: <201002102055.o1AKtBvC022790@biochem.uthscsa.edu> <1003aeaa1002101649u781a8d7bvbb133354f815c1bc@mail.gmail.com> <4B73856F.3070300@gmail.com> Message-ID: <201002131703.46745.tweeksjunk2@theweeks.org> On Wednesday 10 February 2010 10:19:59 pm Bruce Dubbs wrote: > Henry Pugsley wrote: > > There are several appliances that proxy HTTPS by basically doing a > > man-in-the-middle attack that is virtually undetectable in the browser. I wouldn't call it an "Attack". They're simple the termination point for the SSL session setup.. gaining access to the symmetric encryption key. > > If Cisco and RSA can figure it out, so can a dedicated cracker fishing > > for bank accounts. As they say for realestate.. Location, Location location.. ;) > > Combine DNS spoofing and an SSL attack and your browser will happily show > > a green padlock for any valid SSL certificate. This is why I run my own DNS.. via "." :) Never trust someone else's DNS. Tweeks From dondavis at reglue.org Sun Feb 14 18:57:51 2010 From: dondavis at reglue.org (Don Davis) Date: Sun Feb 14 18:57:52 2010 Subject: [SATLUG] OT: CMS or EMS recommendations Message-ID: <4B789C0F.6070805@reglue.org> Which open source solution would you recommend for inventory tracking, event planning, and account management? It it for a small organization and should ideally be accessible by multiple people. From Channing.ML at channingc.com Mon Feb 15 23:37:01 2010 From: Channing.ML at channingc.com (Channing.ML@channingc.com) Date: Mon Feb 15 23:37:04 2010 Subject: [SATLUG] OT: CMS or EMS recommendations In-Reply-To: <4B789C0F.6070805@reglue.org> References: <4B789C0F.6070805@reglue.org> Message-ID: <4B7A2EFD.9010008@channingc.com> Don Davis wrote: > Which open source solution would you recommend for inventory tracking, > event planning, and account management? > > It it for a small organization and should ideally be accessible by > multiple people. > Take a look at Liferay Social Office, or their Portal product. I'm standing up Portal right now for work. Channing From edeleonjr at gmail.com Wed Feb 17 19:09:43 2010 From: edeleonjr at gmail.com (Ernest De Leon) Date: Wed Feb 17 19:10:05 2010 Subject: [SATLUG] Test Message-ID: Haven't seen any new thread come through, so I'm just checking that the list is still up and running... E From pjcrux at gmail.com Wed Feb 17 19:29:51 2010 From: pjcrux at gmail.com (Peter Cross) Date: Wed Feb 17 19:29:57 2010 Subject: [SATLUG] Test In-Reply-To: References: Message-ID: <7c63fb3d1002171729i47529b58hbc072ef6b467461c@mail.gmail.com> received On Wed, Feb 17, 2010 at 7:09 PM, Ernest De Leon wrote: > Haven't seen any new thread come through, so I'm just checking that the > list > is still up and running... > > E > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > -- Cheers! Peter J. Cross San Antonio, TX "Experience has taught mankind the necessity of auxiliary precautions" -James Madison, Federalist Paper No. 51 Please consider the environment before printing this email From edeleonjr at gmail.com Wed Feb 17 19:31:20 2010 From: edeleonjr at gmail.com (Ernest De Leon) Date: Wed Feb 17 19:31:42 2010 Subject: [SATLUG] Test In-Reply-To: <7c63fb3d1002171729i47529b58hbc072ef6b467461c@mail.gmail.com> References: <7c63fb3d1002171729i47529b58hbc072ef6b467461c@mail.gmail.com> Message-ID: sounds good... On Wed, Feb 17, 2010 at 7:29 PM, Peter Cross wrote: > received > > On Wed, Feb 17, 2010 at 7:09 PM, Ernest De Leon > wrote: > > > Haven't seen any new thread come through, so I'm just checking that the > > list > > is still up and running... > > > > E > > -- > > _______________________________________________ > > SATLUG mailing list > > SATLUG@satlug.org > > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > > Powered by Rackspace (www.rackspace.com) > > > > > > -- > Cheers! > > Peter J. Cross > San Antonio, TX > > "Experience has taught mankind the necessity of auxiliary precautions" > -James Madison, Federalist Paper No. 51 > > Please consider the environment before printing this email > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From hharadon at gmail.com Thu Feb 18 19:15:02 2010 From: hharadon at gmail.com (Howard Haradon) Date: Thu Feb 18 19:15:05 2010 Subject: [SATLUG] March's Meeting Topic Message-ID: This was just now posted to our web site: Thursday, March 11 - Ernest De Leon presents a demonstration of DD-WRT, the Linux-based router firmware. Ernest will lead a live install of the firmware on a Linksys WRT series router. Hope to see a big crowd for this interesting topic. March 11 - 7:00PM - Nail Tech Center, Rm. 122 HH -- Howard Haradon San Antonio, TX USA From toddwbucy at grandecom.net Fri Feb 19 14:18:26 2010 From: toddwbucy at grandecom.net (redpill) Date: Fri Feb 19 14:18:33 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) Message-ID: <1266610706.4183.117.camel@redpill-laptop> Its been real quite lately, so I thought why not start a discussion about tcpdump. As mentioned in an earlier post I am taking Kolars's TCP/IP class at SAC and the following problem is one he issued in class. My goals in doing this are to stimulate list conversation and to gain feedback from the community about my approach. goal: write a tcpdump filter, which isolates half-open handshakes. In other words I need to get all of the syn/acks which have no corresponding acks. this is useful in detecting stealth syn probes via nmap. My approach to this problem utilizes tee and a as of yet to be written awk or sed script. the general idea is to filter for missing acks through the sequence numbers. Furthermore given the nature of this filter and the the three way handshake this a post-hoc analysis. I am however trying to minimize the delay by outputting to text file output for further filtering with awk or sed. One foreseeable problem with this approach is once the binary file is tee'ed to a text file the file size will explode. So watching file size will be an issue that will be tweaked as this script develops. The general idea with using awk to sort all scanned packets by sequence number then to group packets into triplets (syn, syn/ack,ack). incomplete triplets are then outputted to the console and/or text file for further analysis. as it stands now I have written the following tcpdump filter: tcpdump -nXSe -C 256 -G 30 -i eth0 -w tcpdump/tcpdump.021910. -W 120 'tcp[13]==18 || tcp[13]==16 || tcp[13]=4 || tcp[13]==2 || tcp[13]=1' > tcpdump/text/tcpdump.021910. I have read the man page on this backwards and forwards but am still a bit unclear about how the -C -G and -W. Fist, the -C option is to set a size limit on the capture file. I am assuming megabytes instead of kilobytes. Is this correct? I am using this switch because it rotates file writes as set by the -W switch. My concern however is that the tcpdump does not write with this switch as it could truncate valid handshakes and lead to false positives. my solution is to keep this set pretty high but not so high that file size gets out of control. Second, the -G option sets the the time for the next file write at 30 seconds. It also adds a file count at the end of the file name. This will be lowered to a more reasonable 120-180 seconds (2-3 min) once the awk portion of this is written. Any handshake that takes longer then that should be regarded as suspicious. Third, the -W option sets the max amount of files to be written as 120. the idea is that wen used with -G 30 the script will run for 1 hour before starting over. Question: when will tcpdump write the next file, when the file size reaches 256 meg or when the timer hits 30seconds. I am inclined to think that write happens when either one becomes true. Is this correct? As it concerns the -C -G and -W switches the values on these will change and are purposely set high. My primary concern is in the timing between tcpdump writes and awk filtering. the filter is pretty self explanatory, I am filtering for syn, syn/ack, and ack. In order to increase the usefulness of this filter I have added the reset and fin flags and were not required by the assignment. As noted above, intention of the awk is to filter for half open handshakes and other anomalies associated with session opens, closings and resets. Once the tcpdump side of this script is ready I will begin writing the awk portion. I have tested this filter and created trafic using the following nmap command: nmap -sS -sV -O -PE -PA localhost while listening to NPR science friday from tpr.org's website. I let it run for about 10 min. the output from tcpdump when closed: ^C883 packets captured 883 packets received by filter 0 packets dropped by kernel the contents of the ~/tcpdump folder: tcpdump.021910.000 text the contents of the ~/tcpdump/text folder: tcpdump.021910. Obviously this is not the desired output. What I want in both folders is the following: tcpdump.021910.000 tcpdump.021910.001 tcpdump.021910.002 ... ... tcpdump.021910.119 this is especially important with the text portion as I want to have the awk script run automatically once a new text file has been written Finally, if there is a more direct approach to accomplishing the said goal I am all ears as I am beginning to feel like I am chasing my tail. thanks Todd From toddwbucy at grandecom.net Fri Feb 19 14:31:50 2010 From: toddwbucy at grandecom.net (redpill) Date: Fri Feb 19 14:31:58 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <1266610706.4183.117.camel@redpill-laptop> References: <1266610706.4183.117.camel@redpill-laptop> Message-ID: <1266611510.4183.169.camel@redpill-laptop> Update: Before I sent the out the last post, I forgot to check the test file, which was empty. I have changed the script as such: sudo tcpdump -nXSe -C 256 -G 30 -i wlan0 -W 120 'tcp[13]==18 || tcp[13]==16 || tcp[13]=4 || tcp[13]==2 || tcp[13]=1'| tee tcpdump/text/tcpdump.021910. problem is that the text files are still not written sequentially and packets are all in one text file. Is it possible to output directly to awk is some way? Thanks Todd From hc at lookcee.com Fri Feb 19 16:42:28 2010 From: hc at lookcee.com (Herb Cee) Date: Fri Feb 19 16:42:30 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <1266610706.4183.117.camel@redpill-laptop> References: <1266610706.4183.117.camel@redpill-laptop> Message-ID: <4B7F13D4.1090907@lookcee.com> redpill wrote: > Its been real quite lately, so I thought why not start a discussion > about tcpdump. As mentioned in an earlier post I am taking Kolars's > TCP/IP class at SAC and the following problem is one he issued in class. > My goals in doing this are to stimulate list conversation and to gain > feedback from the community about my approach. > > goal: write a tcpdump filter, which isolates half-open handshakes. In > other words GRRRRR wi you redpill you forced me run all the math in my head not daring to move arms to reach KB. having to determine if my fear of shattering the icicles would penetrate the LCD. Arrrgggg Liquid-CD and have the what ever gook is in there run out all over. I hate risking my old IBM clicky KB ... Would it maybe explode like an air bag right in my face. I also am terrified of exploding files I got virtual tons of .txt's ... would be carpet bombing ...... Crap, I can't do the math and had to risk it. The fear was groundless since the icicles were imagined, now I just don't care Todd I'm cold. giggle sorry Todd, so far out of my ken but interesting. Figure the list will warm up in inverse proportions to the freezes. hh From satlug at sbcglobal.net Fri Feb 19 17:04:04 2010 From: satlug at sbcglobal.net (Don Wright) Date: Fri Feb 19 17:04:06 2010 Subject: [SATLUG] Free software licenses upheld in court Message-ID: <2s5un5tn5r3a40vv1f5bmt607e4741l2o0@4ax.com> One of the first lawsuits regarding enforcement of Free software licenses (GPL et al) has resulted in victory for the Free software developers. Cost for pirating Free software? $100,000 A Big Victory for F/OSS: Jacobsen v. Katzer is Settled http://www.consortiuminfo.org/standardsblog/article.php?story=201002190850472 (Featured on Groklaw News) -- Migraine: All the fun of a hangover without the bother of getting drunk. From Channing.ML at ChanningC.com Fri Feb 19 22:31:55 2010 From: Channing.ML at ChanningC.com (Channing) Date: Fri Feb 19 22:32:41 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <1266611510.4183.169.camel@redpill-laptop> References: <1266610706.4183.117.camel@redpill-laptop> <1266611510.4183.169.camel@redpill-laptop> Message-ID: <4B7F65BB.3010403@ChanningC.com> redpill wrote: > Update: Before I sent the out the last post, I forgot to check the test > file, which was empty. > I have changed the script as such: > > sudo tcpdump -nXSe -C 256 -G 30 -i wlan0 -W 120 'tcp[13]==18 || > tcp[13]==16 || tcp[13]=4 || tcp[13]==2 || tcp[13]=1'| tee > tcpdump/text/tcpdump.021910. > > problem is that the text files are still not written sequentially and > packets are all in one text file. Is it possible to output directly to > awk is some way? > > Thanks > Todd > > Hi Todd, First off - Drop the use of tee(1), I think you are confusing what you feel like you need to /see/ versus what you need to feed to your packet interrogator. (ie - tcpdump {switches} {either pipe to packet interrogator, or look below for another option} The file size issue is only an issue if you write to files that grow. Write a script that does the following: 1) create a named pipe 2) start your dump redirecting the output to the named pipe and run it in the background 3) start reading from the named pipe with your packet interrogator Here is a hint ... interrogator < {named pipe} (if you use cat(1) here, the "gray beards" will come and knee-cap you for UUOC ;) ) 4) send the annonomolies from your packet interrogator to standard out (in other words, don't redirect it) 5) when you run this new program, you can then take the output and let it continue to go to the screen (STDOUT), or redirect it to somewhere else *) extra credit - use trap(1) to remove the named pipe upon program termination Sequencing and parsing of the packets is another venture. My preference would be PERL, but everyone has their favorite X for doing Y. :) HTH, Channing From toddwbucy at grandecom.net Sat Feb 20 07:58:36 2010 From: toddwbucy at grandecom.net (redpill) Date: Sat Feb 20 07:58:38 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <4B7F65BB.3010403@ChanningC.com> References: <1266610706.4183.117.camel@redpill-laptop> <1266611510.4183.169.camel@redpill-laptop> <4B7F65BB.3010403@ChanningC.com> Message-ID: <1266674316.4183.197.camel@redpill-laptop> > Hi Todd, > > First off - Drop the use of tee(1), I think you are confusing what you > feel like you need to /see/ versus what you need to feed to your packet > interrogator. (ie - tcpdump {switches} {either pipe to packet > interrogator, or look below for another option} > > The file size issue is only an issue if you write to files that grow. > Write a script that does the following: > 1) create a named pipe > 2) start your dump redirecting the output to the named pipe and run > it in the background > 3) start reading from the named pipe with your packet interrogator > Here is a hint ... interrogator < {named pipe} (if you use > cat(1) here, the "gray beards" will come and knee-cap you for UUOC ;) ) > 4) send the annonomolies from your packet interrogator to standard > out (in other words, don't redirect it) > 5) when you run this new program, you can then take the output and > let it continue to go to the screen (STDOUT), or redirect it to > somewhere else > *) extra credit - use trap(1) to remove the named pipe upon program > termination > > Sequencing and parsing of the packets is another venture. My preference > would be PERL, but everyone has their favorite X for doing Y. :) > > HTH, > Channing > > > thanks for the advice I will give it more thought. I like the idea of a named pipe. I will experiment some more today to see what I come up with. Thanks Todd From dondavis at reglue.org Sun Feb 21 08:31:15 2010 From: dondavis at reglue.org (Don Davis) Date: Sun Feb 21 08:31:21 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <4B7F65BB.3010403@ChanningC.com> References: <1266610706.4183.117.camel@redpill-laptop> <1266611510.4183.169.camel@redpill-laptop> <4B7F65BB.3010403@ChanningC.com> Message-ID: <4B8143B3.4030609@reglue.org> This is an interesting thread. What are you checking for? RST packets received right after syn packets? not receipt of ack packages after syn-ack packages? What approach will you take? Would keeping a list of received syn packets on the stack and removing them when ack packets are received or tracking all the syn-ack packets you send and waiting for the ack packets work? Which tcpdump switches did he not need? Channing wrote: > redpill wrote: >> Update: Before I sent the out the last post, I forgot to check the test >> file, which was empty. >> I have changed the script as such: >> >> sudo tcpdump -nXSe -C 256 -G 30 -i wlan0 -W 120 'tcp[13]==18 || >> tcp[13]==16 || tcp[13]=4 || tcp[13]==2 || tcp[13]=1'| tee >> tcpdump/text/tcpdump.021910. >> >> problem is that the text files are still not written sequentially and >> packets are all in one text file. Is it possible to output directly to >> awk is some way? >> Thanks >> Todd >> >> > Hi Todd, > > First off - Drop the use of tee(1), I think you are confusing what you > feel like you need to /see/ versus what you need to feed to your packet > interrogator. (ie - tcpdump {switches} {either pipe to packet > interrogator, or look below for another option} > > The file size issue is only an issue if you write to files that grow. > Write a script that does the following: > 1) create a named pipe > 2) start your dump redirecting the output to the named pipe and run it > in the background > 3) start reading from the named pipe with your packet interrogator > Here is a hint ... interrogator < {named pipe} (if you use cat(1) > here, the "gray beards" will come and knee-cap you for UUOC ;) ) > 4) send the annonomolies from your packet interrogator to standard out > (in other words, don't redirect it) > 5) when you run this new program, you can then take the output and let > it continue to go to the screen (STDOUT), or redirect it to somewhere else > *) extra credit - use trap(1) to remove the named pipe upon program > termination > > Sequencing and parsing of the packets is another venture. My preference > would be PERL, but everyone has their favorite X for doing Y. :) > > HTH, > Channing > > > From firestorm.v1 at gmail.com Mon Feb 22 02:44:44 2010 From: firestorm.v1 at gmail.com (FIRESTORM_v1) Date: Mon Feb 22 02:44:47 2010 Subject: [SATLUG] Software RAID suggestions Message-ID: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> Hello Everyone: I have a question concerning software RAID. Unfortunately I'm cursed with the Promise TX4310 "fake" raid card and am wanting to separate the RAID array (w/controller) from my gaming rig in an effort to cut down on power and with the fact that I recently discovered XBMC (FTW!) My experience with software RAID in Linux is many years old and did not end on a good note and I was hoping of anyone here had any good suggestions/stories/pitfalls that they could share with me. From research I've done with this particular RAID card, the best thing to do is to set it for JBOD mode (4x 750GB) and then use the Linux RAID tools to build a software RAID set. I plan on using the same setup as currently deployed with a RAID 5 configuration. I plan to boot from a dedicated hard drive not part of the 4 drive set and want this to be as good of a system as I can make it without having to worry about losing my data again. Unfortunately, the last time I tried this was with IDE drives and when one went out, the entire array died and was unrecoverable. The array would not even work in "degraded" mode to allow me to salvage my data. A lot of the research I've done in regards to linux support for this card has people sayingt that it works, but they never come back to say how the performance or the longevity of the array is, fault recovery, etc. I appreciate your insight and any information you can provide me. FIRESTORM_v1 From dkowis at shlrm.org Mon Feb 22 07:21:14 2010 From: dkowis at shlrm.org (David Kowis) Date: Mon Feb 22 07:29:31 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> Message-ID: <4B8284CA.3040607@shlrm.org> On 2/22/2010 2:44 AM, FIRESTORM_v1 wrote: > Hello Everyone: > > I appreciate your insight and any information you can provide me. Personally, I wouldn't use any functionality of the "RAID" features of the card. Just let it add 4 drives (if you've got 4) to the system, and then set up software raid using mdadm like you normally would. I'd try to avoid using any features of those "raid" cards if possible, just have it be a second IDE controller. I have managed to recover from a software RAID failure (RAID1 using mdadm, not on an external "raid" card though, just a plain ide PCI card.) and that went relatively well. David From demeler at biochem.uthscsa.edu Mon Feb 22 07:39:10 2010 From: demeler at biochem.uthscsa.edu (Borries Demeler) Date: Mon Feb 22 07:39:15 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <4B8284CA.3040607@shlrm.org> Message-ID: <201002221339.o1MDdAE1019498@biochem.uthscsa.edu> My experiences with software RAID5 (especially on promise cards) has been bad. When I used it and a drive went bad I was not able to rebuild the array and I recall that I had some data loss. Therefore I have not used it anylonger. However, RAID0 works fine, but it is not the safest way to keep your data. It gives good I/O performance with maximum disk space, but is not redundant. RAID0 with mirroring is probably the best I can recommend under Linux software RAID. I'd stay away from RAID5 and get a decent RAID hardware solution for that. -b. From kcoriginal at yahoo.com Mon Feb 22 08:12:13 2010 From: kcoriginal at yahoo.com (kcoriginal@yahoo.com) Date: Mon Feb 22 08:12:59 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> Message-ID: <1088581711-1266847975-cardhu_decombobulator_blackberry.rim.net-1091887316-@bda2205.bisx.prod.on.blackberry> I have had enormous success over the years, with eBay acquired, hp/Compaq hardware RAID cards. Truly enterprise-grade, real, honest hardware RAID cards, for a lot cheaper than you'd think. You can find Ultra 160s and SATA 150s, all day long, for less than $50. Those controllers will handle the newer, faster drives flawlessly; and you get solid RAID peace-of-mind. And, if you want the latest speeds, the Ultra 320s and SATA 300s aren't much over $100, and frequently dip WELL below that figure. Thanks to SAS technology pushing down the prices, these real solutions are available to the rest of us. I have found those cards rebuild near-automatically, completely OS independent. I have an hp P400 I picked up for $125, shipped - 8 - SATA 300s. kc Sent via BlackBerry by AT&T -----Original Message----- From: FIRESTORM_v1 Date: Mon, 22 Feb 2010 02:44:44 To: The San Antonio Linux User's Group Mailing List Subject: [SATLUG] Software RAID suggestions Hello Everyone: I have a question concerning software RAID. Unfortunately I'm cursed with the Promise TX4310 "fake" raid card and am wanting to separate the RAID array (w/controller) from my gaming rig in an effort to cut down on power and with the fact that I recently discovered XBMC (FTW!) My experience with software RAID in Linux is many years old and did not end on a good note and I was hoping of anyone here had any good suggestions/stories/pitfalls that they could share with me. From research I've done with this particular RAID card, the best thing to do is to set it for JBOD mode (4x 750GB) and then use the Linux RAID tools to build a software RAID set. I plan on using the same setup as currently deployed with a RAID 5 configuration. I plan to boot from a dedicated hard drive not part of the 4 drive set and want this to be as good of a system as I can make it without having to worry about losing my data again. Unfortunately, the last time I tried this was with IDE drives and when one went out, the entire array died and was unrecoverable. The array would not even work in "degraded" mode to allow me to salvage my data. A lot of the research I've done in regards to linux support for this card has people sayingt that it works, but they never come back to say how the performance or the longevity of the array is, fault recovery, etc. I appreciate your insight and any information you can provide me. FIRESTORM_v1 -- _______________________________________________ SATLUG mailing list SATLUG@satlug.org http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe Powered by Rackspace (www.rackspace.com) From toddwbucy at grandecom.net Mon Feb 22 09:39:22 2010 From: toddwbucy at grandecom.net (redpill) Date: Mon Feb 22 09:39:28 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <4B8143B3.4030609@reglue.org> References: <1266610706.4183.117.camel@redpill-laptop> <1266611510.4183.169.camel@redpill-laptop> <4B7F65BB.3010403@ChanningC.com> <4B8143B3.4030609@reglue.org> Message-ID: <1266853162.31227.26.camel@redpill-laptop> On Sun, 2010-02-21 at 08:31 -0600, Don Davis wrote: > This is an interesting thread. > > What are you checking for? RST packets received right after syn packets? what I am looking for is half-open connections, which might indicate that someone is doing a stealth syn scan ('tcp[13]==18 || tcp[13]==16 || tcp[13]==2'). I have since removed the reset (tcp[13]=4) and fin (tcp[13]=1) as they were extraneous. > What approach will you take? Today is the first chance that I have had to come back to this problem since Channing's suggestion that I use a named pipe. > Would keeping a list of received syn packets on the stack and removing > them when ack packets are received or tracking all the syn-ack packets > you send and waiting for the ack packets work? As I have it set up I am monitoring all syn, syn/ack, and ack packets. The general idea is to set up a tripwire at the gateway that would be set off when a given number of half-open connections exceeds a given point within a certain time period. > > Which tcpdump switches did he not need? > I should be able to drop the -C -G and -W switches if I use the named pipe. as to my use of those switches, my understanding of them has changed since writing the first post. When used together these dump 256 minutes worth of data in 30 second files: tcpdump -G 30 -C 256 -w filename -W 20. This is obviously wrong, something like tcpdump -G 20 -C 3 -w filename -W 20. would have been more appropriate. Todd From toddwbucy at grandecom.net Mon Feb 22 10:14:33 2010 From: toddwbucy at grandecom.net (redpill) Date: Mon Feb 22 10:14:41 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <1266853162.31227.26.camel@redpill-laptop> References: <1266610706.4183.117.camel@redpill-laptop> <1266611510.4183.169.camel@redpill-laptop> <4B7F65BB.3010403@ChanningC.com> <4B8143B3.4030609@reglue.org> <1266853162.31227.26.camel@redpill-laptop> Message-ID: <1266855273.31227.63.camel@redpill-laptop> success!!! the following worked for me # Create named file mkfifo -m 700 tcpdump-namedpipe # write to named pipe tcpdump -nSUe -i wlan0 -w /home/redpill/tcpdump/tcpdump-namedpipe 'tcp[13]==18 || tcp[13]==16 || tcp[13]==2' Now I can concentrate on the awk portion of this script. thanks Channing Todd From tuupes80 at hotmail.com Mon Feb 22 11:49:24 2010 From: tuupes80 at hotmail.com (Stewart Smith) Date: Mon Feb 22 11:49:29 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <1088581711-1266847975-cardhu_decombobulator_blackberry.rim.net-1091887316-@bda2205.bisx.prod.on.blackberry> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com>, <1088581711-1266847975-cardhu_decombobulator_blackberry.rim.net-1091887316-@bda2205.bisx.prod.on.blackberry> Message-ID: The HP raid cards also have either battery back up or in the newest ones flash memory. The battery/flash holds any unposted information. You should be able to move that raid card out of a failed computer and onto another one and have it complete the last write. While this has been a feature for years, I haven't heard of anyone actually doing this. Software disk mirroring has been a part of the HP suite of high availability software for around 15 years now on the enterprise class UNIX systems. The idea here is to eliminate any single point of failure. If you use software raid, and you want to keep the system up, no matter what, mirror across two controllers if you can. Stewart > Subject: Re: [SATLUG] Software RAID suggestions > To: satlug@satlug.org > From: kcoriginal@yahoo.com > Date: Mon, 22 Feb 2010 14:12:13 +0000 > > I have had enormous success over the years, with eBay acquired, hp/Compaq hardware RAID cards. Truly enterprise-grade, real, honest hardware RAID cards, for a lot cheaper than you'd think. You can find Ultra 160s and SATA 150s, all day long, for less than $50. Those controllers will handle the newer, faster drives flawlessly; and you get solid RAID peace-of-mind. > > And, if you want the latest speeds, the Ultra 320s and SATA 300s aren't much over $100, and frequently dip WELL below that figure. Thanks to SAS technology pushing down the prices, these real solutions are available to the rest of us. > > I have found those cards rebuild near-automatically, completely OS independent. > > I have an hp P400 I picked up for $125, shipped - 8 - SATA 300s. > > kc > Sent via BlackBerry by AT&T > > -----Original Message----- > From: FIRESTORM_v1 > Date: Mon, 22 Feb 2010 02:44:44 > To: The San Antonio Linux User's Group Mailing List > Subject: [SATLUG] Software RAID suggestions > > Hello Everyone: > > I have a question concerning software RAID. Unfortunately I'm cursed > with the Promise TX4310 "fake" raid card and am wanting to separate > the RAID array (w/controller) from my gaming rig in an effort to cut > down on power and with the fact that I recently discovered XBMC (FTW!) > > My experience with software RAID in Linux is many years old and did > not end on a good note and I was hoping of anyone here had any good > suggestions/stories/pitfalls that they could share with me. From > research I've done with this particular RAID card, the best thing to > do is to set it for JBOD mode (4x 750GB) and then use the Linux RAID > tools to build a software RAID set. I plan on using the same setup as > currently deployed with a RAID 5 configuration. > > I plan to boot from a dedicated hard drive not part of the 4 drive set > and want this to be as good of a system as I can make it without > having to worry about losing my data again. > > Unfortunately, the last time I tried this was with IDE drives and when > one went out, the entire array died and was unrecoverable. The array > would not even work in "degraded" mode to allow me to salvage my data. > > A lot of the research I've done in regards to linux support for this > card has people sayingt that it works, but they never come back to say > how the performance or the longevity of the array is, fault recovery, > etc. > > I appreciate your insight and any information you can provide me. > > FIRESTORM_v1 > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) _________________________________________________________________ Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/ From dkowis at shlrm.org Tue Feb 23 07:21:30 2010 From: dkowis at shlrm.org (David Kowis) Date: Tue Feb 23 07:29:49 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <201002221339.o1MDdAE1019498@biochem.uthscsa.edu> References: <201002221339.o1MDdAE1019498@biochem.uthscsa.edu> Message-ID: <4B83D65A.4080000@shlrm.org> On 2/22/2010 7:39 AM, Borries Demeler wrote: > My experiences with software RAID5 (especially on promise cards) has been bad. > When I used it and a drive went bad I was not able to rebuild the array and > I recall that I had some data loss. Therefore I have not used it anylonger. > However, RAID0 works fine, but it is not the safest way to keep your data. > It gives good I/O performance with maximum disk space, but is not redundant. > RAID0 with mirroring is probably the best I can recommend under Linux software RAID. > I'd stay away from RAID5 and get a decent RAID hardware solution for that. > -b. My server runs software RAID5 through mdadm. Not using any fancy controller cards or anything, just the onboard sata controller and a 5-bay hotswap thing so I can easily replace one if it goes away. The RAID5 checksum calculation hasn't seemed to bog down the system or anything like that. And I haven't had any problems with the disks or anything yet, so I don't know how well it'll survive a failure, I guess I could simulate one by yanking the disk out. David From j at jvpappas.net Tue Feb 23 10:32:24 2010 From: j at jvpappas.net (John Pappas) Date: Tue Feb 23 10:32:26 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> Message-ID: <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> This is my trimmed (actual email was over 12K) post that included my layout and was bounced. If any of you want that verbose mail, let me know and I will send explicitly off list. On Tue, Feb 23, 2010 at 10:26, John Pappas wrote: > > On Mon, Feb 22, 2010 at 02:44, FIRESTORM_v1 wrote: > >> Hello Everyone: >> >> I have a question concerning software RAID. Unfortunately I'm cursed >> with the Promise TX4310 "fake" raid card and am wanting to separate >> the RAID array (w/controller) from my gaming rig in an effort to cut >> down on power and with the fact that I recently discovered XBMC (FTW!) >> > > Kernel RAID tools are very mature, and other than a couple (mostly very low > level) idiosyncrasies, very stable. I have been running a mirrored OS > (2x250GB, md0/1/3, boot/root/swap respectively), 5xR5 (5X500GB md2) Data > setup for years and have not lost data, even across upgrades and distro > changes. I even run LVM on top of those md (except md0=/boot). I have > occasionally run into an issue where I had to resync the drives even though > there was no actual "failed" or bad drive. With a boot MD there is a chance > that the wrong (error-ed or bad) physical drive will get booted. Simple > repair with boot CD, as then that MD is no longer the boot volume. > > >> My experience with software RAID in Linux is many years old and did >> not end on a good note and I was hoping of anyone here had any good >> suggestions/stories/pitfalls that they could share with me. From >> research I've done with this particular RAID card, the best thing to >> do is to set it for JBOD mode (4x 750GB) and then use the Linux RAID >> tools to build a software RAID set. I plan on using the same setup as >> currently deployed with a RAID 5 configuration. >> > > I have had no devastating problems (related to SW-RAID :), and all the > others have been surmountable with a little research and planning. I have > run into a couple of issues (no data effect) that were related to the RAID > superblock version, specifically 0.9 has the system ID embedded in the GUID, > while 1.0+ has a host field that holds the system ID. This matters when the > MDs are numbered, as "foreign" mds are numbered from 126, so I mysteriously > got md126 and md127 after an upgrade, and could not for the life of me > determine how to get mdadm to use the numbers that I was explicitly > assigning to the md via GUIDs in the /etc/mdadm.conf file. Once I updated > the GUIDs on the 0.9's and hostname on the 1.0+ they became "local" md > devices and numbering worked as expected. > > I would use a partition for the md (as with LVM; ie /dev/sdb1 rather than > /dev/sdb directly), as it prevents one thinking that the drive is empty, and > facilitates the auto discovery of md/pv data through partition type (fd or > 8e respectively). > > Those 750's will take a REALLY long time to rebuild, especially if there is > only one CPU core on the system or if they system is busy. Those XOR calcs > take time, as the CPU has to do it, as opposed to the HW RAID controller > silicon. > > >> I plan to boot from a dedicated hard drive not part of the 4 drive set >> and want this to be as good of a system as I can make it without >> having to worry about losing my data again. >> > > A HW RAID card with BBU (Battery backed cache unit) will be the most > resilient, as that is one of the best ways to plug the RAID5 hole (other > than not use R5). Without that expense, I would say that kernel RAID would > be the next best thing. I would also contend that kernel RAID is even > better than the "hybrid" or "fake" (parity is driver calculated, rather than > hardware calculated) RAID, as the tools are built into the OS, rather than > having the reliance on the driver; not to mention much more portable and > well documented. > > >> Unfortunately, the last time I tried this was with IDE drives and when >> one went out, the entire array died and was unrecoverable. The array >> would not even work in "degraded" mode to allow me to salvage my data. >> > > Without having a exact and detailed rundown on what happened, I cannot > accurately comment on your perception of kernel RAID's resilience; but > SATA's native hot-swap capability will alleviate the post-failure > replacement issue and some of the other Hardware level issues that probably > contributed to your event. > > >> A lot of the research I've done in regards to linux support for this >> card has people sayingt that it works, but they never come back to say >> how the performance or the longevity of the array is, fault recovery, >> etc. >> > > As long as the controller does not do anything "under the sheets" to a JBOD > disk, then kernel RAID works great. If the controller tries to be smart (or > the disk was at one point a member of a RAID volume controlled by that > controller) then there can be gotchas. > > >> I appreciate your insight and any information you can provide me > > > Keep me apprised of your decision, and I have included my layout below: > From art.hall at sbcglobal.net Wed Feb 24 10:22:02 2010 From: art.hall at sbcglobal.net (Arthur Hall) Date: Wed Feb 24 10:22:06 2010 Subject: [SATLUG] CD Playing Order Message-ID: <718927.61540.qm@web82305.mail.mud.yahoo.com> Need some help with a puzzling situation.? I've installed Ubuntu 9.04 on two PCs for refugee families.? The sound system works fine (for a change), but when I insert a music CD using VLC it wants to play tracks in this order: 10, 11, 12, etc. to 19.? Then it plays 1, 20, 21, etc.?? Does anyone know of a simple way to get it to play in "normal" order?? Thanks. Art From Channing.ML at channingc.com Tue Feb 23 11:00:07 2010 From: Channing.ML at channingc.com (Channing) Date: Wed Feb 24 14:55:58 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> Message-ID: <4B840997.2060204@channingc.com> John Pappas wrote: > This is my trimmed (actual email was over 12K) post that included my layout > and was bounced. If any of you want that verbose mail, let me know and I > will send explicitly off list. > > On Tue, Feb 23, 2010 at 10:26, John Pappas wrote: > So sad that this has to be micromanaged. Not that anyone asked, but really, if you don't like the way a post is written, or formatted - don't read it. Ignored posters will either go away, or be provided a push in the right direction by someone in the community. For the record, I chose to stay out of the original discussion as I was opposed to the reasons behind the change, but figured it wasn't worth the bandwidth to go into battle over. The reality of the outcome is what John ran into above. I'm not trolling here and I don't plan to respond further but I did figure that it was time to share my view. Just my .02 From Channing.ML at channingc.com Tue Feb 23 12:32:33 2010 From: Channing.ML at channingc.com (Channing) Date: Wed Feb 24 14:55:59 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> Message-ID: <4B841F41.2090706@channingc.com> John Pappas wrote: > This is my trimmed (actual email was over 12K) post that included my layout > and was bounced. If any of you want that verbose mail, let me know and I > will send explicitly off list. > > On Tue, Feb 23, 2010 at 10:26, John Pappas wrote: > So sad that this has to be micromanaged. Not that anyone asked, but really, if you don't like the way a post is written (or formatted), don't read it. Ignored posters will either go away, or be provided a push in the right direction by someone in the community. For the record, I chose to stay out of the original discussion as I was opposed to the reasons behind the change, but figured it wasn't worth the bandwidth to go into battle over. The reality of the outcome is what John ran into above. I'm not trolling here and I don't plan to respond further but I did figure that it was time to share my view. Just my .02 From jdchoate at gmail.com Wed Feb 24 15:03:00 2010 From: jdchoate at gmail.com (John D Choate) Date: Wed Feb 24 15:03:10 2010 Subject: [SATLUG] CD Playing Order In-Reply-To: <718927.61540.qm@web82305.mail.mud.yahoo.com> References: <718927.61540.qm@web82305.mail.mud.yahoo.com> Message-ID: <201002241503.01145.jdchoate@gmail.com> On Wednesday 24 February 2010 10:22:02 Arthur Hall wrote: > Need some help with a puzzling situation. I've installed Ubuntu 9.04 on two PCs for refugee families. The sound system works fine (for a change), but when I insert a music CD using VLC it wants to play tracks in this order: 10, 11, 12, etc. to 19. Then it plays 1, 20, 21, etc. Does anyone know of a simple way to get it to play in "normal" order? Thanks. > Art > Is this a commercial CD, or a home-burned one? If it is a compilation or re-burn from downloaded or ripped tracks, then the tracks will need their ID3 tags or file names modified. The meta tags contain track name and number information which will override the filenames when played. What may be happening is that in the file names and/or meta tags, the tracks are numbered 1,2,3,4,5,6,7,8,9,10,11, etc. That should be changed to be 01,02,03,04, etc. Include that '0' in the first nine tracks and they should then all play before number 10. So even if you have the track names starting with "01 - name", "02 - name" etcetera, they will play out of order if the meta tags have different, or no, track numbering. Look for an ID3 tag editor for your system to accomplish this. For KDE, 'kid3' does a nice job. I have no idea about for Gnome though. John C. From dondavis at reglue.org Wed Feb 24 18:12:18 2010 From: dondavis at reglue.org (Don Davis) Date: Wed Feb 24 18:12:23 2010 Subject: [SATLUG] Odd behavior with sed and $ Message-ID: <4B85C062.5080701@reglue.org> I'm trying to replace the end of lines in a file with " using sed. When I cat one file it works as predicted. When I cat another and use sed it doesn't; instead it is replacing the initial character with ". (Yes I have enlarged the terminal screen.) Why? cat -E shows $ in front. Using cat -v I see ^M at the end of the line. What is ^M in hat notation? (Where do I find this?) From bruce.dubbs at gmail.com Wed Feb 24 18:20:19 2010 From: bruce.dubbs at gmail.com (Bruce Dubbs) Date: Wed Feb 24 18:20:22 2010 Subject: [SATLUG] Odd behavior with sed and $ In-Reply-To: <4B85C062.5080701@reglue.org> References: <4B85C062.5080701@reglue.org> Message-ID: <4B85C243.20209@gmail.com> Don Davis wrote: > Using cat -v I see ^M at the end of the line. What is ^M in hat > notation? (Where do I find this?) ^M is a carriage return as in CR LF. To get rid of these, I use vim: vim -b filename :%s/\r// :wq Some distros have a program, dos2unix, that does the same thing. -- Bruce From dondavis at reglue.org Wed Feb 24 20:14:07 2010 From: dondavis at reglue.org (Don Davis) Date: Wed Feb 24 20:14:20 2010 Subject: [SATLUG] Odd behavior with sed and $ In-Reply-To: <4B85C243.20209@gmail.com> References: <4B85C062.5080701@reglue.org> <4B85C243.20209@gmail.com> Message-ID: <4B85DCEF.2080301@reglue.org> Thank you. sed -e 's/\r//g' works as well. I should have suspected carriage return, but I don't remember seeing this problem before. Bruce Dubbs wrote: > Don Davis wrote: > >> Using cat -v I see ^M at the end of the line. What is ^M in hat >> notation? (Where do I find this?) > > ^M is a carriage return as in CR LF. > > To get rid of these, I use vim: > > vim -b filename > > :%s/\r// > :wq > > Some distros have a program, dos2unix, that does the same thing. > > -- Bruce > > > From tweeksjunk2 at theweeks.org Wed Feb 24 22:18:15 2010 From: tweeksjunk2 at theweeks.org (Tweeks) Date: Wed Feb 24 22:18:35 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <1266853162.31227.26.camel@redpill-laptop> References: <1266610706.4183.117.camel@redpill-laptop> <4B8143B3.4030609@reglue.org> <1266853162.31227.26.camel@redpill-laptop> Message-ID: <201002242218.16422.tweeksjunk2@theweeks.org> On Monday 22 February 2010 09:39:22 am redpill wrote: > On Sun, 2010-02-21 at 08:31 -0600, Don Davis wrote: > > This is an interesting thread. > > > > What are you checking for? RST packets received right after syn packets? > > what I am looking for is half-open connections, which might indicate > that someone is doing a stealth syn scan Why not just use portsentry.. it detects stealth scans, such as SYN/half-open, FIN, NULL, XMAS, and out-of-band packets... and is very modular in nature. Unless you're doing this as a learning experince.. which I totally respect. ;) Tweels From tweeksjunk2 at theweeks.org Wed Feb 24 22:22:33 2010 From: tweeksjunk2 at theweeks.org (Tweeks) Date: Wed Feb 24 22:22:41 2010 Subject: [SATLUG] Odd behavior with sed and $ In-Reply-To: <4B85DCEF.2080301@reglue.org> References: <4B85C062.5080701@reglue.org> <4B85C243.20209@gmail.com> <4B85DCEF.2080301@reglue.org> Message-ID: <201002242222.33415.tweeksjunk2@theweeks.org> On Wednesday 24 February 2010 08:14:07 pm Don Davis wrote: > Thank you. sed -e 's/\r//g' > works as well. > I should have suspected carriage return, but I don't remember seeing > this problem before. You won't see it much on Linux/UN*X... unless you operate MSDOS/Windows files much. ;) Tweeks From daniel at rugmonster.org Thu Feb 25 11:43:45 2010 From: daniel at rugmonster.org (Daniel Givens) Date: Thu Feb 25 11:43:49 2010 Subject: [SATLUG] Odd behavior with sed and $ In-Reply-To: <4B85C243.20209@gmail.com> References: <4B85C062.5080701@reglue.org> <4B85C243.20209@gmail.com> Message-ID: On Feb 24, 2010, at 6:20 PM, Bruce Dubbs wrote: > Don Davis wrote: > >> Using cat -v I see ^M at the end of the line. What is ^M in hat notation? (Where do I find this?) > Some distros have a program, dos2unix, that does the same thing. If you happen to be interacting with Windows users and need to give them logs or some other plain text formatted file, it's very kind to run the file through unix2dos before giving it to them. And dos2unix is the easiest (less typing/room for error) way to get rid of those characters. I happen to deal with both scenarios quite frequently. From rmarker at encoresupportsystems.com Thu Feb 25 14:44:55 2010 From: rmarker at encoresupportsystems.com (Marker, Robert) Date: Thu Feb 25 14:45:00 2010 Subject: [SATLUG] Disk Imaging Software Message-ID: I am looking for OSS to create/recover disaster recovery images of a number of desktops. Unfortunately this requirement is immersed in a total WinDoz environment but I want to use a Linux based boot CD application to create/recover the images via a 1TB USB external drive. The idea is to be able to replace a failed HDD and have a user back on line without the pain of rebuild. Everything I have research thus far wants to run on the desktop and has enough unnecessary features to choke a horse. I figure after several hours of search I would ask the experts for a recommendation. Long time lurker learning every bit I can (playing with DSL on a couple of very limited Tinkpad 380's at the present) and occasionally get a chance to post. Thanks, Robert From gregswift at gmail.com Thu Feb 25 14:54:27 2010 From: gregswift at gmail.com (Greg Swift) Date: Thu Feb 25 14:54:33 2010 Subject: [SATLUG] Disk Imaging Software In-Reply-To: References: Message-ID: <4e3f91d71002251254w79a234bdscd574d6a4d1b6a2a@mail.gmail.com> On Thu, Feb 25, 2010 at 14:44, Marker, Robert < rmarker@encoresupportsystems.com> wrote: > I am looking for OSS to create/recover disaster recovery images of a > number of desktops. Unfortunately this requirement is immersed in a > total WinDoz environment but I want to use a Linux based boot CD > application to create/recover the images via a 1TB USB external drive. > The idea is to be able to replace a failed HDD and have a user back on > line without the pain of rebuild. Everything I have research thus far > wants to run on the desktop and has enough unnecessary features to choke > a horse. I figure after several hours of search I would ask the experts > for a recommendation. > > Long time lurker learning every bit I can (playing with DSL on a couple > of very limited Tinkpad 380's at the present) and occasionally get a > chance to post. > It has been a while since I used it, but check out g4u. It can do local or network copying, but I'm not sure how it feels about usb hard drives. http://www.feyrer.de/g4u/ -greg From satlug at sbcglobal.net Thu Feb 25 15:24:07 2010 From: satlug at sbcglobal.net (Don Wright) Date: Thu Feb 25 15:24:08 2010 Subject: [SATLUG] Disk Imaging Software In-Reply-To: References: Message-ID: On Thu, 25 Feb 2010 14:44:55 -0600, "Marker, Robert" wrote: >I am looking for OSS to create/recover disaster recovery images of a >number of desktops. DistroWatch.com lists 10 distributions under the category "Rescue". Of the list, the most regularly updated is SystemRescueCD. http://www.sysresccd.org/ A number of utility-oriented distros (PartedMagic, CloneZilla) include one or more partition copy/clone utilities as well as the venerable GParted editor. These are categorized in DistroWatch as "Specialist". I regularly use SystemRescueCD or Trinity Rescue Kit for backup of NTFS partitions. I like having backups in at least two forms on different media, such as hard drive and USB flash drive, before making big changes to a computer system. --Don -- Be well - or at least have interesting symptoms! From dkowis at shlrm.org Thu Feb 25 15:25:58 2010 From: dkowis at shlrm.org (David Kowis) Date: Thu Feb 25 15:34:21 2010 Subject: [SATLUG] Disk Imaging Software In-Reply-To: References: Message-ID: <4B86EAE6.5060106@shlrm.org> On 2/25/2010 3:24 PM, Don Wright wrote: > On Thu, 25 Feb 2010 14:44:55 -0600, "Marker, Robert" > wrote: > >> I am looking for OSS to create/recover disaster recovery images of a >> number of desktops. > > > DistroWatch.com lists 10 distributions under the category "Rescue". Of > the list, the most regularly updated is SystemRescueCD. > http://www.sysresccd.org/ > > A number of utility-oriented distros (PartedMagic, CloneZilla) include > one or more partition copy/clone utilities as well as the venerable > GParted editor. These are categorized in DistroWatch as "Specialist". > > I regularly use SystemRescueCD or Trinity Rescue Kit for backup of NTFS > partitions. I like having backups in at least two forms on different > media, such as hard drive and USB flash drive, before making big changes > to a computer system. --Don I can highly recommend the SysRescueCD. CloneZilla is definately the way to do backups of windows machines. You can do it over NFS, Samba (windows file shares), ssh, or a locally attached harddrive. Works wonderfully, the ntfs cloning knows to remove pagefiles so they don't take up unecessary space on the image. It's not quite as pretty as norton ghost, but can do everything ghost can do. I've used CloneZilla at work to image the workstations we were using. I'd then image them across the network real quick and people had their desktop ready to go in a short while. I think clonezilla can do multicast cloning, but you might check up on that. David From jeremymann at gmail.com Thu Feb 25 18:31:19 2010 From: jeremymann at gmail.com (Jeremy Mann) Date: Thu Feb 25 18:31:24 2010 Subject: [SATLUG] Disk Imaging Software In-Reply-To: References: Message-ID: <79ec289f1002251631x3ac835eftacd14d2f6a10ca10@mail.gmail.com> On Thu, Feb 25, 2010 at 2:44 PM, Marker, Robert wrote: > I am looking for OSS to create/recover disaster recovery images of a > number of desktops. Unfortunately this requirement is immersed in a > total WinDoz environment but I want to use a Linux based boot CD > application to create/recover the images via a 1TB USB external drive. > The idea is to be able to replace a failed HDD and have a user back on > line without the pain of rebuild. Everything I have research thus far > wants to run on the desktop and has enough unnecessary features to choke > a horse. I figure after several hours of search I would ask the experts > for a recommendation. Robert, my personal favorite is partimage/partimaged. I use it extensively on our departmental loaner laptops. It comes on the SystemRescueCD (which is by far my favorite rescue CD). I don't know if it can work with an external drive, but I use it in server mode. I keep the partimaged daemon running on our main server (this holds the disk image files). When I need to reimage a laptop, I boot SystemRescueCD, start partimage and tell it where my server is and image name. Using the network I'm able to reimage a 40GB laptop in under 15 minutes. -- Jeremy Mann jeremy@biochem.uthscsa.edu University of Texas Health Science Center Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu Phone: (210) 567-2672 From mguhlin at gmail.com Thu Feb 25 19:43:36 2010 From: mguhlin at gmail.com (Miguel Guhlin) Date: Thu Feb 25 19:43:59 2010 Subject: [SATLUG] Disk Imaging Software In-Reply-To: <4B86EAE6.5060106@shlrm.org> References: <4B86EAE6.5060106@shlrm.org> Message-ID: <680452b51002251743o64a86c2fr3fe93771dbb822f3@mail.gmail.com> You definitely need to consider FOG. http://www.mguhlin.org/2009/05/fog-free-computer-cloning-solution.html Some other solutions: http://www.mguhlin.org/2010/01/download-la-mode-reimaging-solutions.html Miguel Guhlin Phone: 210-617-3330 Email - mguhlin@gmail.com Blog: http://mguhlin.org Portfolio: http://mguhlin.net On Thu, Feb 25, 2010 at 3:25 PM, David Kowis wrote: > On 2/25/2010 3:24 PM, Don Wright wrote: > >> On Thu, 25 Feb 2010 14:44:55 -0600, "Marker, Robert" >> wrote: >> >> I am looking for OSS to create/recover disaster recovery images of a >>> number of desktops. >>> >> >> >> DistroWatch.com lists 10 distributions under the category "Rescue". Of >> the list, the most regularly updated is SystemRescueCD. >> http://www.sysresccd.org/ >> >> A number of utility-oriented distros (PartedMagic, CloneZilla) include >> one or more partition copy/clone utilities as well as the venerable >> GParted editor. These are categorized in DistroWatch as "Specialist". >> >> I regularly use SystemRescueCD or Trinity Rescue Kit for backup of NTFS >> partitions. I like having backups in at least two forms on different >> media, such as hard drive and USB flash drive, before making big changes >> to a computer system. --Don >> > > I can highly recommend the SysRescueCD. CloneZilla is definately the way to > do backups of windows machines. > > You can do it over NFS, Samba (windows file shares), ssh, or a locally > attached harddrive. Works wonderfully, the ntfs cloning knows to remove > pagefiles so they don't take up unecessary space on the image. > > It's not quite as pretty as norton ghost, but can do everything ghost can > do. > > I've used CloneZilla at work to image the workstations we were using. I'd > then image them across the network real quick and people had their desktop > ready to go in a short while. I think clonezilla can do multicast cloning, > but you might check up on that. > > David > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From bkfuth at gmail.com Thu Feb 25 23:20:47 2010 From: bkfuth at gmail.com (steve kolars) Date: Thu Feb 25 23:20:58 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <201002242218.16422.tweeksjunk2@theweeks.org> References: <1266610706.4183.117.camel@redpill-laptop> <4B8143B3.4030609@reglue.org> <1266853162.31227.26.camel@redpill-laptop> <201002242218.16422.tweeksjunk2@theweeks.org> Message-ID: <9b6ae23d1002252120s4250732av1c80308dd3429c5d@mail.gmail.com> On Wed, Feb 24, 2010 at 10:18 PM, Tweeks wrote: > On Monday 22 February 2010 09:39:22 am redpill wrote: > > On Sun, 2010-02-21 at 08:31 -0600, Don Davis wrote: > > > This is an interesting thread. > > > > > > What are you checking for? RST packets received right after syn > packets? > > > > what I am looking for is half-open connections, which might indicate > > that someone is doing a stealth syn scan > > Why not just use portsentry.. it detects stealth scans, such as > SYN/half-open, > FIN, NULL, XMAS, and out-of-band packets... and is very modular in nature. > > Unless you're doing this as a learning experince.. which I totally respect. > ;) > Bingo! Steve > > Tweels > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From jeremymann at gmail.com Fri Feb 26 08:52:20 2010 From: jeremymann at gmail.com (Jeremy Mann) Date: Fri Feb 26 08:52:22 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs Message-ID: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Good morning all.. I've come into a weird problem with the new 2.6.18-164 kernel for RHEL5. On 3 of my systems, the kernel does not get passed "BIOS data check". The kernel and the ramdisk loads, then it prints out that message and simply hangs. I've tried all combinations I could find via Google, but nothing is working. If I load the old kernel, it works fine. Any insights on this? -- Jeremy Mann jeremy@biochem.uthscsa.edu University of Texas Health Science Center Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu Phone: (210) 567-2672 From gregswift at gmail.com Fri Feb 26 09:19:31 2010 From: gregswift at gmail.com (Greg Swift) Date: Fri Feb 26 09:19:35 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Message-ID: <4e3f91d71002260719n154a9194l5d0fe9c3b38928d8@mail.gmail.com> On Fri, Feb 26, 2010 at 08:52, Jeremy Mann wrote: > Good morning all.. I've come into a weird problem with the new > 2.6.18-164 kernel for RHEL5. On 3 of my systems, the kernel does not > get passed "BIOS data check". The kernel and the ramdisk loads, then > it prints out that message and simply hangs. I've tried all > combinations I could find via Google, but nothing is working. If I > load the old kernel, it works fine. Any insights on this? > > we've been running that kernel for a while, and in general it works better than the previous ones. I'd call up Red Hat, or maybe hop into RHN and grab the kernel from 5.5 beta to see if it works better. -greg From jeremymann at gmail.com Fri Feb 26 09:24:06 2010 From: jeremymann at gmail.com (Jeremy Mann) Date: Fri Feb 26 09:24:08 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: <4e3f91d71002260719n154a9194l5d0fe9c3b38928d8@mail.gmail.com> References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> <4e3f91d71002260719n154a9194l5d0fe9c3b38928d8@mail.gmail.com> Message-ID: <79ec289f1002260724i6ea218bbm44bb28c4114294fc@mail.gmail.com> On Fri, Feb 26, 2010 at 9:19 AM, Greg Swift wrote: > we've been running that kernel for a while, and in general it works better > than the previous ones. I'd call up Red Hat, or maybe hop into RHN and grab > the kernel from 5.5 beta to see if it works better. On those 3 systems I'm using LILO instead of Grub because their filesystems are 256 inode based Ext3. Next I'm going to try upgrading Grub and use it as the bootloader. I have a feeling its LILO that's the problem and not the actual kernel. -- Jeremy Mann jeremy@biochem.uthscsa.edu University of Texas Health Science Center Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu Phone: (210) 567-2672 From satlug at sbcglobal.net Fri Feb 26 10:11:57 2010 From: satlug at sbcglobal.net (Don Wright) Date: Fri Feb 26 10:11:59 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Message-ID: Jeremy Mann wrote: >... new 2.6.18-164 kernel for RHEL5. Wow. Debian _stable_ is on 2.6.26 and grub2. I'm just sayin'... --Don (running 2.6.32) -- Be well - or at least have interesting symptoms! From jeremymann at gmail.com Fri Feb 26 10:22:59 2010 From: jeremymann at gmail.com (Jeremy Mann) Date: Fri Feb 26 10:23:01 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Message-ID: <79ec289f1002260822r5d1c13faoedb2cabb7eb59a01@mail.gmail.com> On Fri, Feb 26, 2010 at 10:11 AM, Don Wright wrote: > Jeremy Mann wrote: > >>... new 2.6.18-164 kernel for RHEL5. > > Wow. Debian _stable_ is on 2.6.26 and grub2. > > I'm just sayin'... > > ?--Don (running 2.6.32) We run RHEL kernels because they are provided by and supported by Lustre. -- Jeremy Mann jeremy@biochem.uthscsa.edu University of Texas Health Science Center Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu Phone: (210) 567-2672 From dkowis at shlrm.org Fri Feb 26 10:31:42 2010 From: dkowis at shlrm.org (David Kowis) Date: Fri Feb 26 10:40:07 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Message-ID: <4B87F76E.1070801@shlrm.org> On 2/26/2010 10:11 AM, Don Wright wrote: > Jeremy Mann wrote: > >> ... new 2.6.18-164 kernel for RHEL5. > > Wow. Debian _stable_ is on 2.6.26 and grub2. > > I'm just sayin'... Yeah, RHEL is like 7 year stable. So it is OLD. However, they supposedly backport drivers and fixes, so it's really only the core that's old. Hardware support should be good to go. I tend to run the newer kernels too, however. David From henry.pugsley at gmail.com Fri Feb 26 12:15:15 2010 From: henry.pugsley at gmail.com (Henry Pugsley) Date: Fri Feb 26 12:15:18 2010 Subject: [SATLUG] help with tcpdump (grab a beer its a long post) In-Reply-To: <9b6ae23d1002252120s4250732av1c80308dd3429c5d@mail.gmail.com> References: <1266610706.4183.117.camel@redpill-laptop> <4B8143B3.4030609@reglue.org> <1266853162.31227.26.camel@redpill-laptop> <201002242218.16422.tweeksjunk2@theweeks.org> <9b6ae23d1002252120s4250732av1c80308dd3429c5d@mail.gmail.com> Message-ID: <1003aeaa1002261015t3b25d3c1ica40f34cba26d260@mail.gmail.com> On Thu, Feb 25, 2010 at 11:20 PM, steve kolars wrote: > On Wed, Feb 24, 2010 at 10:18 PM, Tweeks wrote: > >> >> Why not just use portsentry.. it detects stealth scans, such as >> SYN/half-open, >> FIN, NULL, XMAS, and out-of-band packets... and is very modular in nature. >> >> Unless you're doing this as a learning experince.. which I totally respect. >> ;) >> > > Bingo! > > Steve > >> >> Tweels Or you could just use iptables by itself .. http://bindshell.nl/netfilter/portscan-obfuscation.txt .. check the section on Half-open scans. -Henry From rmarker at encoresupportsystems.com Fri Feb 26 12:53:58 2010 From: rmarker at encoresupportsystems.com (Marker, Robert) Date: Fri Feb 26 12:54:15 2010 Subject: [SATLUG] Disk Imaging Software - Solved In-Reply-To: <680452b51002251743o64a86c2fr3fe93771dbb822f3@mail.gmail.com> Message-ID: On Thu, Feb 25, 2010 at 3:25 PM, David Kowis wrote: > On 2/25/2010 3:24 PM, Don Wright wrote: > >> On Thu, 25 Feb 2010 14:44:55 -0600, "Marker, Robert" >> wrote: >> >> I am looking for OSS to create/recover disaster recovery images of a >>> number of desktops. >>> >> >> >> DistroWatch.com lists 10 distributions under the category "Rescue". Of >> the list, the most regularly updated is SystemRescueCD. >> http://www.sysresccd.org/ >> >> A number of utility-oriented distros (PartedMagic, CloneZilla) include >> one or more partition copy/clone utilities as well as the venerable >> GParted editor. These are categorized in DistroWatch as "Specialist". >> >> I regularly use SystemRescueCD or Trinity Rescue Kit for backup of NTFS >> partitions. I like having backups in at least two forms on different >> media, such as hard drive and USB flash drive, before making big changes >> to a computer system. --Don >> > > I can highly recommend the SysRescueCD. CloneZilla is definately the way to > do backups of windows machines. > > You can do it over NFS, Samba (windows file shares), ssh, or a locally > attached harddrive. Works wonderfully, the ntfs cloning knows to remove > pagefiles so they don't take up unecessary space on the image. > > It's not quite as pretty as norton ghost, but can do everything ghost can > do. > > I've used CloneZilla at work to image the workstations we were using. I'd > then image them across the network real quick and people had their desktop > ready to go in a short while. I think clonezilla can do multicast cloning, > but you might check up on that. > > David > > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > -- Clonezilla is the ticket. Running the Live disk and have 2 desktops of several imaged. There's something very Poetic about Linux and Open Source setting up disaster recovery for M$. Thanks for the assistance. Robert _______________________________________________ SATLUG mailing list SATLUG@satlug.org http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe Powered by Rackspace (www.rackspace.com) From firestorm.v1 at gmail.com Fri Feb 26 13:39:04 2010 From: firestorm.v1 at gmail.com (FIRESTORM_v1) Date: Fri Feb 26 13:39:06 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <4B840997.2060204@channingc.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> <4B840997.2060204@channingc.com> Message-ID: <869de8471002261139g682c6330x4a1ebd081e2a7cfb@mail.gmail.com> An update: Ok, so I've lucked out and it looks like the RAID card jumps into JBOD mode when there is no array defined. Thankfully this means I don't have to fudge with drivers, it "just works" in Ubuntu Jaunty. It's been ages since I've done this, and I took a look at /proc/mdstat after I started building the new array. Here's what it shows: Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10] md0 : active raid5 sde[4] sdd[2] sdc[1] sdb[0] 2197723392 blocks level 5, 64k chunk, algorithm 2 [4/3] [UUU_] [>....................] recovery = 3.3% (24638696/732574464) finish=2483.9min speed=4747K/sec unused devices: My only concern is that the third line [UUU_] looks a little odd. I expected [UUUU] since I have 4 SATA drives and I specified their devices on the commandline: # mdadm --create /dev/md0 --level=5 --raid-devices=4 /dev/sdb /dev/sdc /dev/sdd /dev/sde I don't recall anyone specifying what the [UUU_] but can someone tell me if I'm chasing ghosts or letting myself get too nervous? Thank you all, your recommendations have been very helpful! FIRESTORM_v1 From gregswift at gmail.com Fri Feb 26 15:15:33 2010 From: gregswift at gmail.com (Greg Swift) Date: Fri Feb 26 15:15:36 2010 Subject: [SATLUG] RHEL5 and 2.6.18-164 system hangs In-Reply-To: References: <79ec289f1002260652u482ce4a1ua036c321abec6f25@mail.gmail.com> Message-ID: <4e3f91d71002261315m6f4e5f95lad4c459f05fbc4b1@mail.gmail.com> that doesnt really work when you look at the target market of rhel vs debian. Rhel wont leave this kernel version until v6, but rhel5 will continue to provide security and bug patches on 2.6.18 for several years. On 2010-02-26, Don Wright wrote: > Jeremy Mann wrote: > >>... new 2.6.18-164 kernel for RHEL5. > > Wow. Debian _stable_ is on 2.6.26 and grub2. > > I'm just sayin'... > > --Don (running 2.6.32) > > -- > Be well - or at least have interesting symptoms! > -- > _______________________________________________ > SATLUG mailing list > SATLUG@satlug.org > http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe > Powered by Rackspace (www.rackspace.com) > From jeremymann at gmail.com Fri Feb 26 16:51:02 2010 From: jeremymann at gmail.com (Jeremy Mann) Date: Fri Feb 26 16:51:06 2010 Subject: [SATLUG] Software RAID suggestions In-Reply-To: <869de8471002261139g682c6330x4a1ebd081e2a7cfb@mail.gmail.com> References: <869de8471002220044p56cfb0dbq9d5262811ddf004a@mail.gmail.com> <4c0ec4451002230826y38bb3e24s77b39951c5197b1a@mail.gmail.com> <4c0ec4451002230832v266bde64h202e6a095bd8e80f@mail.gmail.com> <4B840997.2060204@channingc.com> <869de8471002261139g682c6330x4a1ebd081e2a7cfb@mail.gmail.com> Message-ID: <79ec289f1002261451q217f4518nbc3fa547a1f88330@mail.gmail.com> On Fri, Feb 26, 2010 at 1:39 PM, FIRESTORM_v1 wrote: > My only concern is that the third line [UUU_] looks a little odd. ? I > expected [UUUU] since I have 4 SATA drives and I specified their > devices on the commandline: > > # ?mdadm --create /dev/md0 --level=5 --raid-devices=4 /dev/sdb > /dev/sdc /dev/sdd /dev/sde > > I don't recall anyone specifying what the [UUU_] but can someone tell > me if I'm chasing ghosts or letting myself get too nervous? Matt, "_" means one drive is offline, but that could be the one that is rebuilding. Once its finished check it again with : cat /proc/mdstat If it still shows one drive as "_", you got problems and your RAID array is running in degraded mode. -- Jeremy Mann jeremy@biochem.uthscsa.edu University of Texas Health Science Center Bioinformatics Core Facility http://www.bioinformatics.uthscsa.edu Phone: (210) 567-2672 From tweeksjunk2 at theweeks.org Sat Feb 27 00:08:05 2010 From: tweeksjunk2 at theweeks.org (Tweeks) Date: Sat Feb 27 00:08:19 2010 Subject: [SATLUG] Disk Imaging Software - Solved In-Reply-To: References: Message-ID: <201002270008.05677.tweeksjunk2@theweeks.org> On Friday 26 February 2010 12:53:58 pm Marker, Robert wrote: [...] > -- > Clonezilla is the ticket. Running the Live disk and have 2 desktops of > several imaged. There's something very Poetic about Linux and Open > Source setting up disaster recovery for M$. +1 on clonezilla.. in the 90's and ealry 0's Ghost was the ticket.. but now.. I'm sold on clonezilla for classroom setups as well as machine backups like this. Tweeks