Re: decent dial-up providers in Andover, MA?
Sorry for the late response but I just remembered that wireless outfit I mentioned within the last several weeks (based in Lawrence, I believe) could be a possibility if you're close enough to their tower - it's possible that they don't suck... I've already forgotten their name but you should be able to find it in the GNHLUG archives if interested. * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: SLUG meeting 7/8/02 7pm in Morse Hall rm 301 on VideoCD
Actually UNH doesn't Street number anything. If you look at the map off the slug web site "http://slug.gnhlug.org/morse";, we're about in the middle of "College Road" (the 90deg bend is around Morse hall). If you find either end of that road you've found it. Hope that helps. -- Robert E. Anderson email: [EMAIL PROTECTED] Systems Programmer phone: (603) 862-3489 UNH Research Computing Centerfax: (603) 862-1761 -- * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: SLUG meeting 7/8/02 7pm in Morse Hall rm 301 on VideoCD
Can anyone give me the exact address please? So that I could find a shortest route from my place. G. Subject: SLUG meeting 7/8/02 7pm in Morse Hall rm 301 on VideoCD * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: virus information
On Mon, 8 Jul 2002, at 1:40pm, Michael O'Donnell wrote: > I don't know why Derek mentioned my email address in the body of his > message, or why his message was (apparently) distributed via the GNHLUG > list. I do happen to be an AT&T customer but neither the IP address nor > the virus-laden transmissions in question are mine. I'm guessing he simply sent the message to every address in his address book, and did not intend to send it to the mailing list. At least he didn't need a squeegee this time. ;-) -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do not | | necessarily represent the views or policy of any other person, entity or | | organization. All information is provided without warranty of any kind. | * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: virus information
I don't know why Derek mentioned my email address in the body of his message, or why his message was (apparently) distributed via the GNHLUG list. I do happen to be an AT&T customer but neither the IP address nor the virus-laden transmissions in question are mine. * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
virus information
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] Subject: virus information Reply-To: Twice in the last 24 hours, I've received e-mail with a virus attached. The IP address which both e-mails came from is the same: 66.31.4.184. This is an AT&T cable modem customer, so I'm sending this message to everyone I know who has or might have a cable modem, as well as several of the mailing lists I'm on. Here's what I can tell you about the e-mail, and corresponding attachment: - This appears to be a typcial MS-Outlook virus. I probably received this mail because I am listed in the sender's address book - both originated from the same IP address: 66.31.4.184. This appears to be a cable modem, and based on the traceroute info, it's probably in the Nashua, NH area. But can't be certain. - The e-mail client which sent the e-mail was Microsoft Outlook - The sender was forged -- it is either random, or it is someone who is listed in the sender's address book - I don't recall the From: address of the first mail and didn't save it. The second one was [EMAIL PROTECTED] I do remember that the first one was also a hotmail address. I'm leaning toward this being a random, made up address... - The attachment of the first mail was supposedly a screen saver, called lovers.scr. It was an MS-DOS executable. - The attachment of the second mail was masked as an MP3, but was actually a windows PIF file. The headers of the message revealed there were no intermediate hops; the messages both originated at the IP address listed, and were delivered directly to me. This suggests that the virus which delivered them is one of the variants that uses its own SMTP engine. I have no inclination to try to do any other analysis on the virus to try to determine which it is. As I use Linux, I'm impervious to Windows viruses. I just want them to stop arriving here. Based on the IP address, you should be able to figure out if you were the one who sent me these messages. For those who might not know how, to determine your IP address, follow these directions: 1. click on the start menu 2. select "run..." 3. type in winipcfg and press enter 4. make sure your ethernet card (not PPP Adaptor) is selected in the drop-down selection box This should bring up a window that contains a variety of network information. Your IP address should be listed here. Note that you did not actually send this e-mail to me; someone used your buggy MS-Outlook client to do it for them. If you are the owner of this IP address, I would like you to let me know. If I continue to get viruses from this IP address, I will call AT&T and complain about it, and it's not out of the realm of possibility that they will turn your service off as a result. Obviously, I'd rather that didn't happen... If you tell me that it's your IP, I will not notify AT&T. I would also ask that, if this is your IP, you do one or more of the following: - update your virus scanning software, or install some if you don't have any. - stop using Microsoft Outlook; it is the #1 method by which virii propogate today. - barring that, please visit www.windowsupdate.com (you must use internet explorer for this) and install all critical updates, to ensure that you have the latest security fixes, which should prevent this from happening in the future. Thanks. - -- Derek Martin [EMAIL PROTECTED] - - I prefer mail encrypted with PGP/GPG! GnuPG Key ID: 0x81CFE75D Retrieve my public key at http://pgp.mit.edu Learn more about it at http://www.gnupg.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9KcMCdjdlQoHP510RAkRJAKCxbV2HO8PnamhYORUthBn3I5UShQCfRiRi j7dKnfxZnS68k3lmIG5M8PA= =IYlU -END PGP SIGNATURE- * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: Corporate IT policy (was: Open SSH for Red Hat 6.2)
On Mon, 2002-07-08 at 00:37, [EMAIL PROTECTED] wrote: > On 7 Jul 2002, at 9:26pm, Kenneth E. Lussier wrote: > > The people saying that they should be able to run whatever they want *ARE* > > the IT department. > > It seemed obvious to me that that is not the case. If they were the IT > department, the IT department would not be telling them to do something they > did not want to do. I must have misunderstood the begining of this, then. I understood this to be that managers, not IT, was the one saying that they had to use Windows. > > So, it would stand to reason that there are slightly different rules for > > the IT department then there are for ordinary users. > > That statement can be interpreted two different ways. > > On one hand, it could mean that the IT staff of course has all the root > passwords and such, and is entrusted to perform privileged operations, and > thus of course has to have different rules. It also means that since IT is responsible for supporting *NIX, Windows, VMS, whatever, so they need the most effective and efficient system in order to support all of those things. So what they run on their desktop will be different than the "common" user. > But it could also mean that the IT staff has different rules because > "we're IT and we can do what we want to". If you consider that acceptable, > well, that's your right, but you'll never work in a shop I control. Well, you have the right position, but the wrong attitude emphasized. It's not that IT can do whatever they want, but rather, if they are the ones who are responsible for determining standards, etc., then they need to be to be doing these sorts of things first. That way, when a user comes along and wants to do something other than the norm, the IT department can either allow or deny based on fact, reasoning, and knowledge rather than supposition. > > I think that the difference is *who* the user is. If a sales or marketing > > person wants to do their own thing, you know that only bad things will > > happen. > > I realize you're saying that with tongue-in-cheek, but it is none-the-less > an attitude I see quite a bit. Far too often, I encounter IT staffers who > think they are the members of some special elite, and that rules do not > apply to them. I consider that to be the worst kind of corruption -- like a > crooked cop. IT staff, if anything, should live up to a higher standard. IT should be held to the same standards that they set for others in most cases. As I said before, the rules are slightly different because they are the IT department. IT people should have root on the systems that they support. Marketing doesn't need root. Things like that. That doesn't mean that they can abuse their authority. However, since they are the IT department, and they are responsible for the network, and every system on it, then there are a lot of rules that don't apply to them. For example, if one of my users decided to scan my network, I would remove them from the network. I, however, scan my network on a regular basis. It's part of my job. That's what it comes down to. If you do your job, then there really isn't any time left over to do much else. > "Who watches the watchers?" It's a nice saying, but it is quite impossible to always have someone watching the watchers. It comes down to "Do you trust the people that you have hired to do their jobs?" C-Ya, Kenny -- "Tact is just *not* saying true stuff" -- Cordelia Chase Kenneth E. Lussier Sr. Systems Administrator Zuken, USA PGP KeyID CB254DD0 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCB254DD0 * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: Corporate IT policy (was: Open SSH for Red Hat 6.2)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So far I've been quietly amused by this thread. :) But now I'd like to make several points that people have sort of been dancing around in this discussion, but haven't really hit upon, that I've seen so far. 1. There was, in fact, a discussion about root access had on this list not all that long ago (I think it was about a year ago). However, being one of the primary players in (and IIRC the instigator of) that thread, I would like to point out that the "no root access" argument supported by both Paul and I was NOT that no user should ever have root access to their desktop. It was instead about the fact that under most circumstances, in an environment where security was considered important by management, that no user should NEED to have root access to their desktop (being the machine from which they access corporate IT resources like e-mail and such -- root access to "lab" machines might still be required for various reasons). While I agree with both sides on many points in the *present* discussion, I stand by that point of view. It does not preclude the idea that a skilled employee could run whatever software makes them most productive in a) environments where security is not as important, or b) on machines that have less or no access to company IT resources. Depending on exactly what level of security is required, I'll even add c) in an environment where having root access to a lone Unix workstation doesn't amount to anything, such as an environment whose IT resources are all based on Windows services. In such an environment, much of the problems associated with a user having root access to their desktop disappear (i.e. there is no NIS domain to snarf, no NFS volumes to run ragged over, etc.). If I were in a situation where I were managing an environment that had a need to control root access to users' workstations, but I had users who needed to have root access to Unix workstations to do their job, I wouldn't have any problem with that provided they were in a segregated lab, or were somehow otherwise blocked off from accessing the company's IT resources. 2. In general, I agree that the IT staff usually has sufficient skill to determine what software makes them most productive. But, as anyone who has worked in IT has seen, there are always users who *think* they are skilled enough to make that same determination, but aren't. In both cases, what they should be allowed to run depends on the situation, and on the company's policy. If the company has a corporate policy that "no one shall run anything but Windows on any system connected to the corporate network," and the IT department has been tasked with strict enforcement of that policy, then the IT people should adhere to it also. However, I will admit freely that I will never work in such a place by choice (desperation for a paycheck does not count as choice). A more sensible and user-friendly approach is to have a policy which states that corporate machines will be pre-installed with supported software, and any other software installed is not supported. If you have a problem with any software you've installed, you're on your own. If you have problems that you can't overcome yourself, your system will be replaced with one that conforms to the corporate standard. If, because of your own incompetence to use and/or manage the software you've installed, you damage corporate systems, or cause problems with the corporate network, you will be subject to disciplinary action up to and including termination. And, in the event that the company has software which is not permitted to be used (such as AOL or MS-Outlook), those titles should be expressly listed in the policy, and disciplinary actions should be taken against users who break the policy. I believe there are occasions when there should be a list of banned software, but I also believe a title shouldn't go on such a list without a very good reason (like oh, say, it's primary use is to easily propogate Internet worms)... Obviously, any number of other variations are possible here. The corporation should choose a policy that makes sense to its environment, but should try to accomodate users as much as is reasonable. Contrary to popular belief, I am not in favor of policies which blindly restrict users and/or make their jobs difficult. Whenever such a policy is instituted, there ought to be a very compelling reason for doing so. 3. If you are going to have any kind of strictly enforced policy, the people who enforce the policy MUST be subject to the same policies and disciplinary actions imposed on others. The IT department will lose credibility and respect if the situation is otherwise. It is also unwise to have policies which are evaluated on a case-by-case basis, where the sole criteria is a subjective, if not somewhat arbitrary judgement of the individual user's computer skill. This is the sort of thing that breeds discrimination law
SLUG meeting 7/8/02 7pm in Morse Hall rm 301 on VideoCD
The next meeting is Monday 7/8/2002 at 7pm in Morse Hall room 301. Video CDs are normal CD-R(CD-RW) in a format that can be played on many DVD players. There are some variants that allow higher resolution and more capabilities. What I was looking for was a way to burn my photos such that I could watch them on my large format TV, as well as having a web front end. To date I've not been 100% successful. But I can burn slideshows just short of a 100 pictures and have had some luck with the AVI videos produced by my camera. At my current VCD proficiency level training VCDs and special slideshow VCDs are doable. I'm still working out the best that I can do toward my goal of archiving my photos. At this point I do not think I can achive the original intent, but I should be able to get fairly close. Part of the demo will be using "nautilus" to manipulate photograpic images in a nicer manner than I've been used to. This graphical file browser has come a long way, if your like me, you may not have even noticed! -- Robert E. Anderson email: [EMAIL PROTECTED] Systems Programmer phone: (603) 862-3489 UNH Research Computing Centerfax: (603) 862-1761 -- * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug-announce' in the message body. * * To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *
Re: Corporate IT policy (was: Open SSH for Red Hat 6.2)
In a message dated: Mon, 08 Jul 2002 01:40:47 EDT [EMAIL PROTECTED] said: >On Mon, 8 Jul 2002, at 12:46am, [EMAIL PROTECTED] wrote: >> In other words, if I'm not requesting any assistance from corp IT .. > > Paul, I would expect you, of all people, not to take that stance. You and >I both know that simply connecting a system to a network involves it in the >whole support tangle. I disagree. If I come in and connect to the network, regardless of whether it's a corporate supported system or not, I can cause problems. What's the difference if that system is running the sanctioned software or not? I can cause the same, if not more problems with Windows as an average user than I can with Linux as a responsible user. Now, if you're talking malicious intent, that's different. In that case, just having any access to the network at all, be it physical or otherwise, is problematic. But I don't think you're inferring malicious intent. >From there, you can cause problems, and/or you will complain when >things don't work. I will complain when things don't work no matter what. However, at this point in time, as a Linux user, I'm more likely to know *where* the problem really lies, and call IT and provide them with a very explicit diagnosis of the problem far beyond the typical "Duh, the internet is down." Additionally, if I'm running any non-supported software, whether it's Linux or Netscape, I cannot expect *any* support from the corporate IT group at all in relation to that software. Period. That's why it's called "Unsupported". >I refuse to believe that you would honestly allow anyone to just walk >in and plug their own equipment, running God-only-knows-what, into a >network you are responsible for. You're a better admin then that. Yes, I am a good admin, but I'm also a realist and understand that I can't stop anyone from doing this is they're so determined. I can do things which will make their live miserable, like using DHCP to statically assign IP addresses based on MAC address. And anyone with a cable modem knows how difficult it is by-pass that configuration :) I may create separate networks for non-employees to connect their laptops to, or segregate conference rooms from the corporate network. But ultimately, other than just having a policy stating "Thou shalt not do this", there's little I *can* do to prevent this from happening. It's even worse in a large company where there are so many people, varying and disparate needs, and an understaffed IT group. You really need to know how to pick your battles. Forcing someone to use one OS over another is a battle I'd choose not to fight. I've tried and lost too many times. It's far easier to say "Sure, go ahead, but don't ask for help!". > Now, as I understand it, in your current situation, corporate IT >effectively trusts you and your group to do things right for you and your >group, irregardless of what OS you run. That distinction is critical, for >what I hope are obvious reasons. (picking nits here. There is no such word as irregardless! It's either 'regardless' or 'irrespective') Corporate IT doesn't know me from a hole in the wall. And AFAIK, they also don't have a policy against running Linux, UNIX, or MacOS for that matter. They don't support any of it, and will go out of their way to actively avoid any support type questions you may have surrounding anything but "supported software". In the end, it's much like running Linux at home and trying to call a non-Linux ISP for connection support. Mention the word Linux, and automatically it's your problem that they can't help you with. Even if you're calling to tell them their mail server is configured as an open relay :) >> Totally different scenario. > > I don't think so. Yes, the circumstances were different, but the ultimate >issue is the same: Does user convience override corproate policy? In my >book, the answer is "no". If that means I have to run MS-Windows, I run >MS-Windows, or quit. As it happens, I am rather more likely to do the >latter then the former. That does not give me the right to violate said >policy. Okay, provided there is actually a policy which states I can not do something, I agree. However, in one these e-mails, I did mention that if this was an actively enforced policy, that I would end up seeking employment elsewhere, didn't I? I agree, user convenience should not over-ride corporate policy. However, I think, as in all cases, a blanket statement cannot apply. Every situation is different. When user convenience actively threatens the smooth workings of the company, or sacrifices security "just because" then it's time to enforce policy. When there is no other policy being violated or problem being caused, then you need to pick your battles. It's like speeding. Going 75 in a 65 zone isn't usually an enforced "policy", however, going 75 in a 65 zone, and weaving in and out of traffic u