[lopsa-discuss] change SLA and rates

folks as to what sort of change rate and schedule is considered reasonable for large orginizations. I'm especially interested in hearing from anyone in the financial sector. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.o

Re: [lopsa-discuss] change SLA and rates

e just the thoughts that come to mind without understanding > who the customers are or what constitutes a "security request". If > you are allowed to be more specific (I understand if you can't) please > do. the bulk of these are firewall changes. As such we are not comfo

Re: [lopsa-discuss] change SLA and rates

I know that many of our customers don't work this way, becouse when we need to coordinate changes to their firewalls we get told SLAs along the lines of firewall changes are done one day a week to one day a month, with all changes needing to be submitted at least a week prior to the implementation date. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] change SLA and rates

quot;you are harming me." > They want good service; you want to give them good service, so they will > hopefully welcome the opportunity to work with you on that common goal. we are working on this, but one of the questions that came up is 'how do other companies deal with this'

Re: [lopsa-discuss] change SLA and rates

l "you aren't being responsive enough to us" reactions and get the conversation to where it needs to be (starting with why we get 3 hours notice to implement tickets for a 6 month project). David Lang ___ Discuss mailing list Discuss@lops

Re: [lopsa-discuss] change SLA and rates

deployment and I > keep on feeling like the doctor that tells the patient "well, if it hurts > when you do that, stop doing that". in my experiance there is a strong tendancy to implement monitoring/alerting systems with the justification that you can then open up the firewall

[lopsa-discuss] tool for windows authentication against a radius server

ne give me pointers to such a tool? David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] tool for windows authentication against a radius server

from a token vendor, but they only want to >> support it going to their radius server and I need to have it go against a >> different one. >> >> can anyone give me pointers to such a tool? >> >> David Lang >> > have you considered doing 'norm

Re: [lopsa-discuss] tool for windows authentication against a radius server

got a tool that should work from a token vendor, but they only want >> to support it going to their radius server and I need to have it go >> against a different one. >> >> can anyone give me pointers to such a tool? >> >> David Lang >> > > Not sure

Re: [lopsa-discuss] tool for windows authentication against a radius server

running >> the vendor tool in a way that they won't support (an opensource tool >> doesn't guarentee support, but at least you have a chance) >> >> >> With my token server I do have the ability to use a linux pam module for >> authentication as

Re: [lopsa-discuss] tool for windows authentication against a radius server

27;s something to check on. I haven't looked at the > windows auth-client-world in a while. what other methods are available to have windows popup a window to interact with the user before authenticating them? David Lang ___ Discuss mailing list

Re: [lopsa-discuss] tool for windows authentication against a radius server

r, gets the challenge from the radius server, presents it to the user, gets the user response, sends it to the radius server, and checks to see if the user is approved or not. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/c

Re: [lopsa-discuss] tool for windows authentication against a radius server

On Wed, 26 Nov 2008, David Parter wrote: >> I'm looking for a GINA agent that I can install on windows to have it >> authenticate against a radius server that does the challenge/response >> authentication option (which requires asking for the userid, going to the &g

Re: [lopsa-discuss] facebook

t; other, er, revealing pictures that could bring unwanted attention to > yourself. Or, maybe you like the attention, in which case, make them > public - as long as your future bosses don't mind. Everything seems to > live forever on the net! keep in mind that something that you po

Re: [lopsa-discuss] PGP mail

hat the people you are needing to exchange messages with are already using PGP/GPG?) David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] licensing

know that the root password shouldn't be > 'root'? Can we all depend on everybody else knowing that? if a machine is not remotely accessable and there are physical controls around who can get at the box locally, what's the problem with the root password being 

Re: [lopsa-discuss] licensing

t green wires cannot be used this way, I don't remember reading it, but it may be there. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] licensing

agement' (and not much more difference in logging in as UID 500 and then doing a su or sudo to UID 0) I would prefer to have neither one take place, but if it is mandated that tool X must be able to remotely access the box and do things that can only be done as UID 0 you have to either no

Re: [lopsa-discuss] licensing

depending on your site's needs and what you think the odds are that someone is going to use the management account instead of root to hide their tracks) David Lang > If a user chooses a bad password, sure, if someone really wants to take > you down, they'll get in. But if root h

Re: [lopsa-discuss] Professional standards.

's speeding up with more new things and options each year than the year before. not to mention that the combinations of different pieces can interact in ways that nobody thinks of (until someone does, and creates a substantial company around it). how many people look at various Internet busi

Re: [lopsa-discuss] Automated system deployment w/API or SDK, for x86 servers

nd the remainder of the target disk was blank. Now > we are shoving entire 146G or larger datasets down the wire. what are the limits that you are running into (network bandwidth, server load, packet loss, other??) David Lang ___ Discuss mailing l

Re: [lopsa-discuss] Buy More Internet versus Mitigating Internet Use

you will save from this really enough to be worth the labor and ill will that taking action will generate? it very well may be, but you should think about it rather than just looking at the dollars spent on the bandwidth. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] Discuss Digest, Vol 42, Issue 17

. I think you would be hard pressed nowdays to find a box slow enough that it couldn't do this job (if you have an old PII system laying around it may be slow enough to have trouble at these bandwith levels) David Lang > The above quick look might help decide if you need to spe

[lopsa-discuss] power reliability

n for this. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] power reliability

x27;ve seen UPS systems that were reviewed by the maintinance company a week prior fail to handle a loss of power and shut everything down and other things. I thought the discussion I had on this topic was here, but apparently not. David Lang ___ Discuss mailin

Re: [lopsa-discuss] power reliability

On Thu, 7 May 2009, Tom Limoncelli wrote: > David, > > I'm confused if you are saying that a data-center sized UPS is a good > thing or bad thing. I do agree that even with a UPS there are other > power problems (we've all accidentally kicked a power cable and > cras

Re: [lopsa-discuss] Measuring Systems Team Performance

but if you removed the redundancy you run a very real risk of drasticly failing to meet your SLA with a single incident. how do you account for this? David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/

Re: [lopsa-discuss] Measuring Systems Team Performance

) however note that expensive raid controllers frequently include a significant amount of cache, and that can be a _significant_ perfomance difference over raw drives for writes and fsyncs. for most of my systems, I don't do raid if the box in in a HA setup (the exception b

Re: [lopsa-discuss] What VMware?

the old machine available to migrate from, and if I have that anyway, why not use that instead of live migration? I can see live migration as being handy for maintinance and planned changes, but it's not _that_ hard to plan to do the failover at off-peak times when a few seconds of outage ar

Re: [lopsa-discuss] What VMware?

ver $1k/year per server. your mid-range server probably cost at least $3k, and with a 3 year replacement cycle the cost of the server itself works out to a similar recurring price. David Lang > [1] Koomey, Jonathan G., "Estimating Regional Powe Consumption By > Servers: A Technical

Re: [lopsa-discuss] What VMware?

s when a few seconds of outage aren't a problem. > > It's all about "what can your environment handle". For some environments, a > couple seconds of outage is fine. For others, that's completely not > acceptable. You have to plan your budget dollars in

Re: [lopsa-discuss] What VMware?

ly enough that ping tests to the VM > itself didn't even drop packets. (Delayed, sure, but...) what is buffering the ping packets so that they get sent to the second system once it comes up? David Lang ___ Discuss mailing list Discuss@lopsa.or

Re: [lopsa-discuss] What VMware?

f you compared prices in California? electric prices in california can be up to ~$0.36 / kWh David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] What VMware?

achines) however, I don't believe that anyone (other than 'man rated' space and submarine systems are willing to accept the performance hit that this causes. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] What VMware?

ord. I fully believe that an application could be written to do this, but it would need to specificly take action to make sure that the DR system knew the new password before it changed it on the system, but just changing it and depending on vmware to replicate the changes in memory before the system crashes isn't the same guarantee. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] What VMware?

management, etc to each 'worker' employee. for some companies this latter accounting may be very reasonable (if your consultants are the ones generating the income, everything else is part of the cost of supporting those bodies), but for most a figure closer to 2x is more reason

Re: [lopsa-discuss] What VMware?

t point. the definition of 'last destructive I/O operation' is very slippery, it could consist of sending a network packet (and therefor updating the tcp sequence number) David Lang > -- Matt > It's not what I know that counts. > It's what I can remember in time to use

Re: [lopsa-discuss] What VMware?

eamless failover' or 'live migration' for many years. > Just because that particular company was clueless[2] is no reason to paint > the virtualization HA solutions with a broad brush. :) they are the most detailed example, but far from the only one. the problem is the te

Re: [lopsa-discuss] What VMware?

down to about 1.2 obviously, older datacenters with less efficiant layouts and less efficiant cooling equipment will run higher, and data centers in hot areas will run a bit higher but as averate numbers for a discussion like this x2 is is very reasonable David Lang > Even so, peopl

Re: [lopsa-discuss] Interfacing With The Bean-Counters

t was purchased what P.O. it was purchased with for everything else, imagine that you just walked in the door for your first day. what information would you want to have about particular machines. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

[lopsa-discuss] root password management

is other company and now the codebase has forked) any suggestions (including open source options)? David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional S

Re: [lopsa-discuss] root password management

companies doing commercial tools that >> do this >> >> Symark (Power Keeper) >> Quest >> and I'm forgetting the name of the third company (Symark's Power Keeper >> started off as a re-branding of this other company and now the codebase >> has fork

Re: [lopsa-discuss] root password management

On Thu, 16 Jul 2009, Aaron McCaleb wrote: > David, > > Cfengine, and in particular Cfengine3, will not provide a turnkey > solution for what you describe, which is why Ed prefaced this with "if > you look at this [as] a part of a larger opportunity". > > But Cfeng

[lopsa-discuss] hardware vendor reccomendations?

m a second common config is the same thing with 5x quad ethernet cards any suggestions? David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] Red Hat vs CentOS

ly enough to only support a single linux distro they will probably given you a hard time if you run Cent OS instead of Red Hat and it's not worth risking. David Lang___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/li

[lopsa-discuss] background tasks in shell scripts

ay to be sure that they have all completed before generating the final e-mail. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

[lopsa-discuss] source of geolocation data?

ones are more accurate, easiest to work with, cheapest, etc? since I am going to be doing heavy log crunching, I would prefer to fetch a local copy and query against that rather than querying out over the Internet. any thoughts? David Lang ___ Di

Re: [lopsa-discuss] source of geolocation data?

ge.net/projects/geoip/ I'm willing to pay, but the first two sites I found through google were $1300/year and $99/year that's a bit more of a range than I expected, so I figured I'd try and find out what people are using. David Lang ___

Re: [lopsa-discuss] swap or no swap that is the question

B flash > is out, wear leveling and 100 cycle flash will make even that point > moot) it all depends on how much you use the swap space. if you are using it a lot you could have problems (but you will also be very slow), if you don't use swap much you can get away with it. Da

Re: [lopsa-discuss] swap or no swap that is the question

( >> http://techreport.com/articles.x/16255 ), it's as much faster than a X25E >> as an X25E is from a normal hard drive. >> > I have evaluated a battery backed ram that was much slower than flash for ZIL > purposes. I will spare the vendor some embarassment, but

Re: [lopsa-discuss] swap or no swap that is the question

find lemons in any technology, many raid cards >> have traditionally just tried to be faster than the drives that they ran >> (enough to show an improvement), but the good ones compete with each other >> on performance, so with any of them I would not expect that sort of >

Re: [lopsa-discuss] Flash SSDs

our writes throughout the physical medium, > and alleviate at least some of the risk. it doesn't matter what the filesystem does, the flash translation layer that does the wear leveling changes things anyway. David Lang ___ Discuss mailing list Di

Re: [lopsa-discuss] easy question (I hope) to help a journalist (not me)

f services, and one of them may have had a problem do you include scheduled maintinance time as 'downtime'? David Lang > And to clarify: what's the longest yr main ERP app in yr data center > has gone w/o unscheduled downtime? > > I figure that the folks here

Re: [lopsa-discuss] easy question (I hope) to help a journalist (not me)

you need to be careful about people who brag too much about their security (remember 'unbreakable' oracle?). you can be good, you can have a solid track record, but you may still be only moments away from a major outage or breech. the name of the game is 'risk management/mitig

Re: [lopsa-discuss] easy question (I hope) to help a journalist (not me)

Emperor has no clothes' situation. David Lang > On Sep 16, 2009, at 6:54 PM, da...@lang.hm wrote: > >> On Wed, 16 Sep 2009, kn...@cxo.com wrote: >> >>> Hi -- been away from my computer. (Yes, that happens!) I wasn't including >>> scheduled downtime. >>

Re: [lopsa-discuss] easy question (I hope) to help a journalist (not me)

On Thu, 17 Sep 2009, kn...@cxo.com wrote: > Jeesh, did I open up a can of worms or what? Here I thought I was asking > a straightforward question. Boy, I've gotten an education -- thanks, > David. Clearly, I have a lot to think about and will go back to that > original intervi

Re: [lopsa-discuss] Application Whitelisting

go on to infect legitimate files. so just whitelisting isn't going to be enough, you are going to also need to do tamper detection (tripwire or equivalent) you also are going to have to figure out how to deal with users wanting to install things like browser toolbars and plugins. Davi

Re: [lopsa-discuss] Application Whitelisting

u may have a chance, but that's a lot further than I would have thought the term would mean. If that is what you mean, then you need to write a custom SELinux (or equivalent) policy for every application on your system. It will need to be significantly tighter than what any linux distro cu

Re: [lopsa-discuss] Standard list of what to monitor on the network.

are concerned (and what your response time looks like) you need the detailed view to anticipate problems, and to find out what's really wrong when you have HA or load balancing hiding internal flaws from your users. David Lang http://www.netqos.com/resourceroom/whitepapers/forms/han

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

ve company info on non-company systems. leaving the connectivity elsewhere available also makes it much easier for someone to use the home system to attack the company network. David Lang I want to talk to sysadmins who have been testing Windows 7 so we can get a good look at what sysadmin hea

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

something new to try and let their existing software tunnel seems wrong. 3. Microsoft doesn't have a good track record when creating new protocols, so I would not want to try and use this until it's been out for a little while and people have had a chance to beat on it. David Lang

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

x27;t have a good track record when creating new protocols, >> so I would not want to try and use this until it's been out for a little >> while and people have had a chance to beat on it. >> >> David Lang >> > > Heaven knows I have no desire to be an apologist,

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

r for Lisa's article. one thing to remember is that many (but definantly not all) people on this list are Unix/Linux centric. so the fact that we are not familiar with all the features of a windows product that hasn't even been released

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

lement a site to site VPN is very low, that would give you the benifits of being on the WAN without the cost of the WAN connection. David Lang___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list pro

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

. >> >> this doesn't even need to be a VPN on each machine, the cost of a router >> that can implement a site to site VPN is very low, that would give you the >> benifits of being on the WAN without the cost of the WAN connection. >> >> David Lang >

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

really do want to make sure that anti-virus and anti-spyware software >> is up to data on all systems, and ignoring some systems because they do not >> generate revenue saves money now, but is likely to cost a lot later. >> >> David Lang >> __

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

27;official' release date is Oct 22. however I'm seeing news stories that they jumped the gun for copies being shipped to individuals. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

to always use encryption, and then to do token authentication in addition to normal userid/password authentication. I cringe a bit at exposing anything that microsoft has written to the Internet, but I have not heard of problems with this specific setu

Re: [lopsa-discuss] OT slightly -- Help a journalist please? VPNs and Windows 7

d be to use one box with RDP as a 'jump box' like you would citrix. it may be that the encryption is only there with terminal services, not on a standard system. I'm not familiar enough to know where it is, but I know there are options to force 128 bit encryption on it. David La

Re: [lopsa-discuss] Handling files on a fileserver left by users who have resigned

ave stuff around to complicate e-discovery requests. David Lang > I can only think of these 2 methods: > 1) create local users to replace the AD user. > There no confusion about the person who generated the data long time > past, and institutional knowledge can be preserved. However,

Re: [lopsa-discuss] Handling files on a fileserver left by users who have resigned

smaller shop, UIDs aren't a problem, but username conflicts > can and do crop up. username conflicts are a problem anyway. when you look at logs years later do you really want to have to remember that user 'joe' means one person before July 2009 a different person as of Sep

Re: [lopsa-discuss] Handling files on a fileserver left by users who have resigned

period of time, then archive the >> files/e-mail/etc for some period of time, then delete them. >> >> time periods need to be decided by someone who can take the blame if >> they are too short and you delete something the company needs, or if >> they are too long and leave

Re: [lopsa-discuss] Chrome Download Creepiness anyone?

rogram" security dialogs, bypassing > the usual "This website is trying to download a file" confirmation and > security and download dialogs ... are you sure that it ran with admin privs and didn't just use your normal ones? David Lang > How do they do it? Do malicious peop

Re: [lopsa-discuss] Chrome Download Creepiness anyone?

the top of the line ones can intercept every system call the app makes and limit it) David Lang > Ed, I take it you hadn't changed any of the default security settings to > prevent such an occurrence, right? I'm also at a loss as to how it > automatically executed. > > --

Re: [lopsa-discuss] Chrome Download Creepiness anyone?

rompting, and for the browser vendor to set themselves up as such a highly trusted site. I don't agree with this decision, but it doesn't shock me. now the question is where this configuration is and how easy it is for the user to change it. David Lang ___

Re: [lopsa-discuss] Fwd: Measuring sysadmin performance

; [...] >> Are there any other scenarios that need to be considered other than >> "maintenance" and "projects"? >> >> -Bryan > > Incidents - unplanned problems that come up. If you do this, remember to somewhere do an evaluat

Re: [lopsa-discuss] Chrome Download Creepiness anyone?

grammed to do anything to your system > Well ... Maybe they did ask, in one of the 40-page long EULA's that I > accepted in some previous application install. > > It's not much of a stretch to start calling this spyware. it's only spyware if they are sending the informat

Re: [lopsa-discuss] Chrome Download Creepiness anyone?

plications like browsers are supposed to find out if such things are installed. I expect that if you went to the same site on firefox or IE you would get very similar results. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

[lopsa-discuss] perl on windows

windows servers? What do you folks who have to maintain windows systems do? David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http

[lopsa-discuss] high density wireless

a couple N capible devices (not for the speed, but for the extra channels to try and releive the RF congestion) Should I try and put smarts in the APs? or just let them be a flat net with one SSID and do everything at the gateway/DHCP server? So what am I not thinking of?

Re: [lopsa-discuss] high density wireless

Xirrus has run the network here (SCALE) for the last couple of years (without being a spectacular success). I don't know why, but they are not doing it this year. The budget does not extend to buying their type of equipment. David Lang On Tue, 12 Jan 2010, Jeremy Charles wrote: > D

Re: [lopsa-discuss] high density wireless

ut on the second floor > expect to be 'the guy' getting cursed at for the lousy > wireless service - it's part of the gig, y'know! ;-) yep, I just hope to do better than I've seen before. David Lang > - Richard > > Chuong Dao wrote: >> I've setup a fa

Re: [lopsa-discuss] high density wireless

the install, but if you end up resorting to Scotch at > the end of the week, we'll all understand! Scale is a friday-sunday show (I can get in thursday to setup the equipment) so it's not quite that bad. the downside is that I don't get much time to fix things either :-( David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] Linux patching back-out procedures

local access, which lowers > the threat rating significantly. They still need to be processed, but I > have mitigating factors to limit exposure and to track who could have > triggered the exploit. > > The number of critical alerts I've seen has gone down over the years, &

Re: [lopsa-discuss] Splunk under Xen

27;m in the process of doing a writeup of what we are doing for our high-volume splunk installation and will post it when I get it done. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

Re: [lopsa-discuss] high density wireless

channel you run it on (putting up an AP on the B/G channels _will_ run into severe interference, on A it has a chance, on N even more of a chance) 3. definantly coordinate what you do with your AP with what's in place already. David Lang great topic On Tue, Jan 12, 2010 at 12:19 PM, Ri

Re: [lopsa-discuss] If you only had 5 minutes to secure a server ...

n you can look over what's running by default and plan what you need to shutdown, reconfigure, or update. It all depends on how much is known and how much is unknown when you walk in. David Lang ___ Discuss mailing list Discuss@lopsa.org http:/

Re: [lopsa-discuss] If you only had 5 minutes to secure a server ...

nt-laptop policy. > The real answer in production is to use a token authentication that is not accessable to someone who hacks the client machine, but this is a game where such infrastructure is not feasible. David Lang ___ Discuss mailing list Discu

Re: [lopsa-discuss] If you only had 5 minutes to secure a server ...

it's not a big breakthrough, it's just that tokens have been low-volume devices purchased by entitied who care a lot about security and so are less sensitive to pricing. David LangOn Wed, Feb 03, 2010 at 07:46:28PM -0500, Chris Ricker spake thusly: > Check out the Yubikey produ

Re: [lopsa-discuss] splunk alternatives

ngs that you can use to query it. The problem comes when you can no longer fit it in ram and have to go to disk, at that point you need an application that does a lot of indexing (and/or spreads the load across multiple machines, depending on how much data you have and how fast you want your answ

Re: [lopsa-discuss] splunk alternatives

y 'do this search on data that arrived/arrives after 5 min ago' David Lang On Mon, 1 Mar 2010, Rob Das wrote: Date: Mon, 1 Mar 2010 10:26:38 -0800 From: Rob Das To: discuss@lopsa.org Subject: [lopsa-discuss] splunk alternatives First, please forgive me if this email is overly long.

Re: [lopsa-discuss] splunk alternatives

ormance will drop. How big a problem this is depends on what you are doing. The Dashboards are very nice, but to generate them (and update them) requires a lot of queries, so one person useing a dashboard can be the same as a dozen or more people doing individual queries. David Lang On Mon,

Re: [lopsa-discuss] splunk alternatives

you need higher performance. You don't have to make the decision up front. David Lang On Mon, 1 Mar 2010, Rob Das wrote: > By the way, real-time searching in Splunk (4.1) utilizes the same map-reduce > style parallelized architecture as historical search. > > You can use "

[lopsa-discuss] indoor replacement for GPS?

pping, and it only needs to support finding/tracking the position of one user. I'm willing to pay a couple hundred bucks for special hardware to do this, but not too much (it's coming out of my pocket) anyone have any thoughts on how to do th

Re: [lopsa-discuss] How to improve documentation habits

s, documentation in any format is better than what you have. David Lang ___ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/

[lopsa-discuss] movie credits

for the movie 'how to train your dragon' they gave explicit credits to system administrators (two categories, engineering and operations). This is the first time I've seen this listing explicitly rather than just under IT support or similar. David Lang P.S. it's also

Re: [lopsa-discuss] movie credits

licitly rather than just under >> IT support or similar. >> >> David Lang > > I've seen SysAdmin-related credits in Toy Story, the LotR movies and Avatar. > Sometimes labeled "systems engineering". > > Yeah, it's nice to see the SAs get so

Re: [lopsa-discuss] IPv6 and NAT

ed to allow) things would be significantly simpler, and over time that permiter where NAT took place could move from your router to your ISP to the ISPs connection to it's upstream providers to the routers between the ISPs and the servers, and this could happen pretty much transparently to the

Re: [lopsa-discuss] IPv6 and NAT

sing to access the Internet, or be accessed from the Internet still need IPv4 addresses. If you're going to do separate IP addresses internally that can't be accessed from the Internet, you may as well use the IPv4 RFC addresses. David Lang ___ Dis

Re: [lopsa-discuss] IPv6 and NAT

want to. If you wanted to, check your ink > levels from your mobile device while you're at Staples looking at a good > deal on ink. Or whatever. > > Who am I kidding! There will never be a good deal on ink at Staples! ;-) Sure, and it will let the spammers bypass your e-mail

  1   2   >