We need a better Internet in America
From: "Greg Rundlett (freephile)" > I hope this message is considered "on topic" because > a) the Internet was/is built on Linux You just lost all of us who worked on ARPAnet. Of course, there aren't that many of us, so maybe it doesn't matter. The follow on to the ARPAnet, the Internet, started around 1980 with the publishing of the core Internet protocols and porting classics like the new (1973) FTP and Telnet protocols and new ones like NFS and the rest of ONC-RPC. Linux didn't appear until 1991 or so. I was "off net" in 1980, but I think BSD Unix is to the Internet as TENEX and PDP-10s were to the ARPAnet. Linux and Windows came along later. In V2, you might try dropping the "was". Sorry, I guess that wasn't the point you were making -Ric ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
We need a better Internet in America
The "Net Neutrality" fight goes on, and today the fight became even more urgent for Americans. I hope this message is considered "on topic" because a) the Internet was/is built on Linux b) the Internet is the lingua franca of the 21st century where spoken language is being matched by machine translation, and communication transcends time and space [1]. Letter I sent via http://www.freepress.net/ The public and the president have expressed overwhelming support for Net Neutrality. The FCC must act to keep the Internet open and free of corporate gatekeepers. In fact, neutrality isn't enough, we need aggressive investment by the public to create a public infrastructure that can help from losing ground. Countries like South Korea are doing it right http://en.wikipedia.org/wiki/National_broadband_plans_from_around_the_world#South_Korea In the U.S. we pay more, but get less than other countries http://www.billshrink.com/blog/5787/internet-penetration-costs/ You still have the power to protect the public interest. Please stand with us and keep the Internet in the hands of the people whose own prosperity depends on it every day. Greg Rundlett [1] What I mean is that if you consider the Internet to be a bunch of protocols and "pipes" endowed with a limitless soft intelligence, then it's easy to see how it's the infrastructure for communication, culture, economy, politics, law, socialization, science, education, etc... It's the new mechanism for all the world's people to interact, transact, communicate and share. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT] Terminal width
Bill McGonigle writes: > > On 04/05/2010 11:17 PM, Joshua Judson Rosen wrote: > > My FreeRunner runs at ~280 DPI > > Wow, that's impressive. How is reading black-on-white text on it? Not bad, actually :) However: > There's a supposition that eInk is better than LCD due to resolution, > but your screen easily exceeds FAX and is approaching laser. One of the oft-cited things that `ink' displays (including eInk, laser-print, etc.) have going for them is actually not their resolution, but the mere fact that they're illuminated from the viewing side rather than behind; another less-frequently-cited advantage is that black-and-white `ink' displays are *actually just black and white* rather than simulating white via RGB--with these super-high pixel-densities, the individual colour-elements are packed-in at almost *900 per inch*, which is enough for the ridge-marks in fingerprints on the screen to actually create a lenticular `shimmering rainbow' effect Luckly, the shimmering-fingerprints issue actually isn't *usually* all *that* bad, and can be remedied by wiping the screen clean (preferably in a horizontal motion ;)) Text can be made *amazingly* small on the FreeRunner before it becomes unreadable due to pixelation--I much sooner run into the limits of my vision, and my vision's pretty good. The itsy-bitsy text on the OpenStreetMap tiles is even pretty readable..., but only if the screen is close enough to one's face that one can really focus on it. I just had to hack it because I wanted to be able to know where I was at a *glance*, like when I'm driving. -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr." ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
SOLVED Re: [OT?] call for info on security professional certifications
On Tue, Apr 6, 2010 at 1:11 PM, Benjamin Scott wrote: > Table AP3.T1 in 8570.01-M lists approved certification programs for > the various roles and levels. They're all tech industry certification > organizations -- CompTIA, GIAC/SANS, and ISC². > I think this plus wikipedia/google covers it for our needs. Thanks Ben! ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: NFS stops responding
Benjamin Scott writes: > On Mon, Apr 5, 2010 at 9:15 AM, Kevin D. Clark wrote: > >> Is there anything like a "diff" utility for pcap captures? > > > > I'm still giving some thought into how I'd actually do this in general. > > Hmmm. > > The application I was thinking of was taking captures at various > points where the traffic is nominally identical, to see if it really > *is* identical. Say, this looks interesting: http://www.eff.org/testyourisp/pcapdiff/ Regards, --kevin keywords: pcap diff wireshark tcpdump -- alumni.unh.edu!kdc / http://kdc-blog.blogspot.com/ GnuPG: D87F DAD6 0291 289C EB1E 781C 9BF8 A7D8 B280 F24E Wipe him down with gasoline 'til his arms are hard and mean From now on boys this iron boat's your home So heave away, boys. -- Tom Waits ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT?] call for info on security professional certifications
On Tue, Apr 6, 2010 at 12:23 PM, Alan Johnson wrote: >> The DoD is now requiring all staff who work in an Information >> Assurance role to maintain security certifications. That includes >> staff of commercial contractors. > > You mean, like clearance levels, or some tech security cert? I mean tech industry security certs. DoD security clearances are entirely about granting access to information. "Information Assurance" (IA) is what the DoD calls computer security these days. It applies to all computers, not just those processing classified information. IA has had other names, like COMPUSEC and INFOSEC. They adopted the "IA" name due to issues where stuff was protected against disclosure but not (e.g.) backed up, so a hard disk failure would result in lost data. "So secure, nobody can access it." The name change is intended to help reflect requirements for not just confidentiality, but also integrity and availability. Like most large organizations, the DoD is big on name changes. Anyway, DoD Directive 8570.01, "Information Assurance Training, Certification, and Workforce Management", issued 2004AUG15, requires anyone working in an IA role to have certifications. That includes not only techies, but also managers of techies. It includes not just DoD proper, but any DoD contractor. Those requirements are slowly trickling down. DoD Manual 8570.01-M, "Information Assurance Workforce Improvement Program", spells out who needs what. It makes a distinction between people-management roles vs technical roles. It also identifies levels of each, basically scope, so a guy taking care of one PC is different vs a guy in charge of 1000s. Table AP3.T1 in 8570.01-M lists approved certification programs for the various roles and levels. They're all tech industry certification organizations -- CompTIA, GIAC/SANS, and ISC². It's actually a fairly reasonable take on the matter, given that the DoD is one of the world's largest organizations, and has an obvious need for strong computer security. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT?] call for info on security professional certifications
On Tue, Apr 6, 2010 at 12:23 PM, Alan Johnson wrote: > On Tue, Apr 6, 2010 at 11:23 AM, Benjamin Scott wrote: > >> On Tue, Apr 6, 2010 at 10:30 AM, Alan Johnson wrote: >> > What we are trying to figure out is if we >> > should included any certifications in either the "required" or "desired" >> > qualifications. >> > >I have yet to see tests or courseware, but looking at the >> brochureware, the GIAC/SANS and ISC^2 certifications describe what >> look like good programs, once you get beyond the fundamental levels. >> > > Thanks! > The SANS stuff is generally good. They're associated with Usenix but I think they might be more rigorous. Personally, while I place relatively little value on fancy pieces of >> paper, I don't think they're worthless, either. >> >> I agree. >> Full disclosure: I have no college degree and no major >> certifications. [However, on several occasions, I've been told I'm >> "certifiable". ;-) ] >> > > As are many of the best techs I know. =) > We all know techs like that. And Engineering PhDs that can't. I guess the certs, etc really depend on the job description. The certs might be so far away from what you need that direct application is irrelevant. Some of them might be more for pen testing then defensive admin. -- If it's fixed, don't break it ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT?] call for info on security professional certifications
On Tue, Apr 6, 2010 at 11:23 AM, Benjamin Scott wrote: > On Tue, Apr 6, 2010 at 10:30 AM, Alan Johnson wrote: > > What we are trying to figure out is if we > > should included any certifications in either the "required" or "desired" > > qualifications. > > Some of this depends on what the job duties will really entail. > That is, whether the "IT Security Officer" going to be more about > managing people and workloads than actually vetting the technical > aspects of security. You emphasize production systems; in that case, > I presume more technical stuff. Tech certs are, of course, more > applicable for tech stuff. > I had tech certs in mind, but if this jobs is done right, it will required a lot of upwards management, IMHO. I didn't think "certified boss manager" was an option, but I like to check it out if it is! =) Seriously though, I don't believe downward management skills are an issue here, but policy creation, implementation, and enforcement are sure to be at the heart of the job. > The DoD is now requiring all staff who work in an Information > Assurance role to maintain security certifications. That includes > staff of commercial contractors. > You mean, like clearance levels, or some tech security cert? > I have yet to see tests or courseware, but looking at the > brochureware, the GIAC/SANS and ISC^2 certifications describe what > look like good programs, once you get beyond the fundamental levels. > Thanks! > Personally, while I place relatively little value on fancy pieces of > paper, I don't think they're worthless, either. > > Certifications are commonly used as part of a resume screening > process. If you get 1000 applications, narrowing the field is > difficult. So require a certification, and you at least filter out > the people who spam every tech job they see. > Yes, I expect it will only be used as a filter if the volume is significant. > > Full disclosure: I have no college degree and no major > certifications. [However, on several occasions, I've been told I'm > "certifiable". ;-) ] > As are many of the best techs I know. =) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
[GNHLUG] Seacoast/UNH/Durham/SLUG - Mon 12 Apr - Hacking Waves
What : Hacking Waves Date : Mon 12 April 2010 Time : 7 PM to 9 PM Where: Room 301, Morse Hall, UNH, Durham, NH This month, SLUG will feature a sequel of sorts to last month's meeting[1]. Last month, we explored Google Wave[2]. This month, Rob tells me we'll be playing with this Wave stuff some more. The first choice is PyGoWave[3], which is an Free/Open Source implementation of the Wave concept and protocols, built using Python and Django. The project was started before Google released their own implementation, and continues to evolve independently, but aims at interoperability. Rob hopes to be able to demonstrate setting up a PyGoWave site/server. If that falls through for whatever reason, the fall-back topic is Google Wave Robots[4] -- what they are, how they work, and how one might go about creating them. So we'll definitely be going something with Waves, we're just a little hand-wavy on the specifics. ;-) [1] http://thread.gmane.org/gmane.org.user-groups.linux.gnhlug/19136/focus=19139 [2] http://wave.google.com/ [3] http://pygowave.net/ [4] http://code.google.com/apis/wave/extensions/robots/ === About SLUG === SLUG is the Seacoast Linux User Group, and is a chapter of GNHLUG, the Greater NH Linux User Group. Rob Anderson is the SLUG coordinator, and reliably comes up with interesting topics each month. SLUG meets the second Monday of every month, same time, same place. You can find out more about SLUG and GNHLUG at their websites. http://slug.gnhlug.org http://www.gnhlug.org Meetings take place starting at 7:00 PM. Meetings are open to all. The meeting proper ends around 9ish, but it's not uncommon to find hangers-on there until 10 or later. They take place in Room 301 (the third floor conference room), of Morse Hall, at the University of New Hampshire, in Durham. ___ gnhlug-announce mailing list gnhlug-annou...@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-announce/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT?] call for info on security professional certifications
On Tue, Apr 6, 2010 at 10:30 AM, Alan Johnson wrote: > What we are trying to figure out is if we > should included any certifications in either the "required" or "desired" > qualifications. Some of this depends on what the job duties will really entail. That is, whether the "IT Security Officer" going to be more about managing people and workloads than actually vetting the technical aspects of security. You emphasize production systems; in that case, I presume more technical stuff. Tech certs are, of course, more applicable for tech stuff. Some will depend on the nature of the employer/supervisor. Some places really like certifications and such; others are almost hostile to them; most are in-between. The DoD is now requiring all staff who work in an Information Assurance role to maintain security certifications. That includes staff of commercial contractors. I have yet to see tests or courseware, but looking at the brochureware, the GIAC/SANS and ISC^2 certifications describe what look like good programs, once you get beyond the fundamental levels. Personally, while I place relatively little value on fancy pieces of paper, I don't think they're worthless, either. Certifications are commonly used as part of a resume screening process. If you get 1000 applications, narrowing the field is difficult. So require a certification, and you at least filter out the people who spam every tech job they see. Full disclosure: I have no college degree and no major certifications. [However, on several occasions, I've been told I'm "certifiable". ;-) ] -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [OT] Terminal width
On 04/05/2010 11:17 PM, Joshua Judson Rosen wrote: > My FreeRunner runs at ~280 DPI Wow, that's impressive. How is reading black-on-white text on it? There's a supposition that eInk is better than LCD due to resolution, but your screen easily exceeds FAX and is approaching laser. BTW, screen geeks (readers of this thread) may find a silly little javascript calculator I did a while ago (when 16:9 started coming on the market): http://bfccomputing.com/calcs/screen.html occasionally useful. I suppose I ought to add dpi to it now. -Bill -- Bill McGonigle, Owner BFC Computing, LLC http://bfccomputing.com/ Telephone: +1.603.448.4440 Email, IM, VOIP: b...@bfccomputing.com VCard: http://bfccomputing.com/vcard/bill.vcf Social networks: bill_mcgonigle/bill.mcgonigle ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
[OT?] call for info on security professional certifications
My employer is putting together a position description for an IT Security Officer. We expect this to be a senior level sys admin with at least some specific security experience. What we are trying to figure out is if we should included any certifications in either the "required" or "desired" qualifications. I'm not particularly interested in general network certifications like a CCNA which touch on security concepts, but if there is some kind of "white-hat hacker school for the gifted" cert, or something in between, I'd love to hear about it. A little more back ground: our corporate IT environment is MS (currently), so certs in that department would not hurt, but my understanding is that this position is going to be primarily focused on our production systems. Our production stack is primarily MySQL, NFS, and Java on Linux, but we are working on a project that will make the Solaris kernel a key component. We have Juniper SRXs at the edge currently, managed by a third party, but I'm trying to convince my bosses that we should replace them with pfSense managed by internal resources, partly for security reasons. Direct suggestions as well as "me too" comments are appreciated since we are trying to get a feel for concensus. ___ Alan Johnson a...@datdec.com ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Hot New OSS projects
Greetings Maddog, On Monday 05 April 2010 11:00, Jon 'maddog' Hall wrote: > I am writing an article for the Linux Foundation about the "10 Hot > New OSS Projects", but because I have a warped and twisted view of > things in the world, I know that my ideas* of "Hot, New OSS Projects" > may be a lot different than many other people's ideas. Do you know Ray Barrett? He has a very valuable OSS project underway to supply free integrated circuit generation tools to US semiconductor foundries. Since it is open-source, the foundry tweeks the software to match its processes, then makes it available for free to the designers who wish to design ICs for fabrication there. (I think I got that right; it was a noisy-environment conversation.) To provide maintenance revenue, Ray and his partner would be available to help designers with specific problems. The web site for American Research & Development is www.arndfl.com. I think Ray lives in Merrimack, so you might want to interview him. He has a lot of market insight. Jim Kuzdrall ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/