Re: [lopsa-tech] Configuration management on AIX

Cfengine certainly runs on AIX systems, just as it runs on pretty much anything UNIX-like. Its minimal dependencies translate into very high portability - it runs on anything from cell phones to underwater autonomous vehicles. I don't have anything else to recommend, but I appreciate you're doing

Re: [lopsa-tech] Cloud Databases?

PostgreSQL can excel in the cloud. Make sure to use XLarge High CPU instances if you're on Amazon. I have a copy of EnterpriseDB's presentation (slides) to Los Angeles Postgres Users Group from about a year ago at http://www.verticalsysadmin.com/tech/PostgreSQL_Cloud.pdf with more details, inclu

[lopsa-tech] Aleksey's article on the Configuration Management Summit 2010 now online at www.linux-mag.com

My write-up of the Configuration Management Summit 2010, presenting Bcfg2, Cfengine, Chef and Puppet, is now online at: http://www.linux-mag.com/id/7841 I learned a lot putting this together and I hope the material is of use to you! Best, -at ___ Tech

Re: [lopsa-tech] Recommendations for Hosted/Managed Exchange providers?

We're on Microsoft hosted exchange (mail.microsoftonline.com) and it sucks. There are intermittent delays on inbound mail, going up to 15 min or more; whereas Gmail shows the same message nearly instantly. There've been other pain factors but right now the delay on inbound email is the one that b

Re: [lopsa-tech] Advice: Getting an operations team to document changes/actions

Hi. First of all very well done for raising the bar at your work. Second, management buy-in can make or break your activity. Lack of management buy can break your activity. I highly recommend "Visible Ops". Check it out. They've studied successful IT shops and identified what they have in co

Re: [lopsa-tech] Logging end of UDP "connection" with iptables

Hi, Jeremy. If you don't find the answer here, try the netfilter user mailing list, email "subscribe netfiter" in the body of the message to majord...@vger.kernel.org I also got some great help on #iptables on IRC, it was a gnarly problem and one of the developers was online, he worked with me fo

Re: [lopsa-tech] Centralized Switch Management

RANCID might help too. Brent has a great summary of it at http://www.netomata.com/blog/brent_chapman/2010/03/26/120 Aleksey ___ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League

Re: [lopsa-tech] Looking for info from Seasoned SCO Admins

If you don't find anybody on this list, try asking Tony at http://aplawrence.com/ He's got lots of SCO Open Server experience and was able to help me when I needed SCO help. Aleksey On Thu, Sep 1, 2011 at 7:28 AM, John BORIS wrote: > I am looking for someone who has worked with SCO Open Server

[lopsa-tech] "Which open source configuration management tool should I use?" a collection of resources

This is my attempt to help answer "Which open source configuration management tool should I use?" http://verticalsysadmin.com/blog/uncategorized/which-open-source-configuration-management-tool-should-i-use Comments and additions welcome. Best, -at ___

[lopsa-tech] Successful attack reported on SSL encryption (TLS 1.0) - HTTPS decryption

This just hit my radar: a successful attack on SSL (TLS 1.0) http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ Apache httpd does not yet support TLS 1.1 or 1.2 (Per http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslprotocol) This looks ungood. (I don't see any defense.) I

Re: [lopsa-tech] Successful attack reported on SSL encryption (TLS 1.0) - HTTPS decryption

There's some discussion on HN about it: http://news.ycombinator.com/item?id=3015498 ___ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators ht

Re: [lopsa-tech] hosting mailing lists for a K-8 school

Dear David, www.mailchimp.com is a mailing list provider They have what they call "The Forever Free Plan" Send up to 12,000 emails per month No contracts No credit card required They have additional functionality which costs more. I've used them before (though not heavily) and they've

Re: [lopsa-tech] scalability dos and don'ts for startups

Hi, Trey. I'd like to recommend On Designing and Deploying Internet-Scale Services James Hamilton - Windows Live Services Platform (currently at Amazon) November 2007 http://www.usenix.org/event/lisa07/tech/full_papers/hamilton/hamilton_html/ I've added this to the nascent guide to system admin

[lopsa-tech] Aleksey's "Why use Configuration Management" article live on SysAdvent blog

http://sysadvent.blogspot.com/2011/12/day-19-why-use-configuration-management.html It's my first illustrated article. (Hat off to Joseph Kern for the illustrations.) The Configuration Management Rosetta Stone looks nothing like I envisioned it, we were constrained by the narrow format of the blo

[lopsa-tech] Dreamhack 12,000 person LAN party in Sweden

Thought this might be of professional interest here: http://www.extremetech.com/extreme/107245-inside-the-worlds-largest-lan-party Cisco provided the networking (120 Gbps routers) for a 12,000 person LAN party ___ Tech mailing list Tech@lists.lopsa.org

[lopsa-tech] computer generation of network diagrams

This is super-cool. I've been looking for something like this. nwdiag will generate a network diagram from a text input: http://blockdiag.com/en/nwdiag/index.html It used to be it was such a pain and so time consuming to edit our network diagram that I'd batch up the updates and do it once a ye

Re: [lopsa-tech] computer generation of network diagrams

The attributes you can set on nodes and edges are documented here: http://blockdiag.com/en/blockdiag/examples.html On Wed, Jan 18, 2012 at 2:43 AM, Mark Eisenblaetter wrote: > Wow, not bad. > > I think i will test it. > > Mark > > On Wed, Jan 18, 2012 at 4:46 AM, Aleksey

Re: [lopsa-tech] computer generation of network diagrams

On Tue, Jan 17, 2012 at 7:46 PM, Aleksey Tsalolikhin wrote: > looks like nwdiag is based on GraphViz To qualify the above: while the nwdiag language looks and feels like the GraphViz DOT language and may have been inspired by it, nwdiag has an original source code base. On Wed, Jan 18, 2

Re: [lopsa-tech] Ancient SCO Xenix system troubleshooting - advice/resources?

On Fri, Jun 22, 2012 at 11:17 AM, John Stoffel wrote: ... > This is a good looking reference for some of the issue you might run > into: > >  http://aplawrence.com/Linux/scolindiff.html A.P. Lawrence himself is available for consultation as well - he was quite helpful to me on a SCO Unix issue.

[lopsa-tech] George documents cyber attack from Russia

Interesting report from Georgia documenting a cyber attack from Russia, and Georgia's response (including cracking the attacker's computer and taking pictures of him using his own camera): http://dea.gov.ge/uploads/CERT%20DOCS/Cyber%20Espionage.pdf ___ T

[lopsa-tech] Any experience with Switch SuperNAP Data Centers in Las Vegas

Hi, Does anybody here have experience with Switch? (http://www.switchlv.com/) Their colo facilities look incredible. I just got a tour and I'm very impressed with the engineering of the facility and how efficient they are, that they offer interconnects with cloud service providers, low pricin

Re: [lopsa-tech] Puppet, Chef, Etc

Paul Heinlein: I'm delighted my intro to CFEngine 3 talk was so useful to you. Thanks! :) As John Stoffel mentioned, CFEngine has a very wide range of supported operating systems, since it's just a small C binary with a few of libraries. That also makes it well suited for small (Internet of Th

Re: [lopsa-tech] Puppet, Chef, Etc

his Evil Genius tutorial (https://www.usenix.org/blog/evil-genius-101, and I believe video recording is available online for a fee, https://www.usenix.org/conference/lisa13/video/usenix-training-video-stream-half-day-lisa-13-evil-genius-101 ) Aleksey Tsalolikhin _

Re: [lopsa-tech] Puppet, Chef, Etc

Great write-up, Edward, thanks for sharing your experience! On Thu, Nov 27, 2014 at 5:07 PM, Francis Liu wrote: > > How do you manage the "master" or "control" host. How do you ensure that > you don't accidentally kill it and everything else? > Francis: We keep our CFEngine policies in a vers

[lopsa-tech] getting a list of critical vulnerabilities from the NVD at NIST

Hello, I want to get a list of Critical (CVSS > 7) CVE's for a security vulnerability assessment for a client. Scored CVEs are available from https://nvd.nist.gov/download.cfm through a set of XML feeds. The nice NIST web site says: A common way to use the feeds is to perform a one-time import

Re: [lopsa-tech] getting a list of critical vulnerabilities from the NVD at NIST

n Security and Access Management > > Division of Information Technology > > University of Missouri > > (573) 884-6280 | ricka...@missouri.edu > > ACA | GCWN | GCFA > > > > *From:* tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] > *On Behalf

Re: [lopsa-tech] getting a list of critical vulnerabilities from the NVD at NIST

> > > __ __ > > > > Let me know if you need any other help. > > > > __ __ > > > > Thanks, > > > > __ __ > > > > *Josh Rickard* > > > > Security Analyst > > >

Re: [lopsa-tech] getting a list of critical vulnerabilities from the NVD at NIST

le, some vulnerability in package-2.3.1 that gets fixed in >> > package-2.3.2 upstream might be patched in package-2.3.1-a as provided >> > by RedHat, and NIST's data will indicate that 2.3.1 is vulnerable. >> > >> > Does anyone know if there is another

Re: [lopsa-tech] Provisioning and Configuration management tools that support AIX

Hi, Steve, In case you need support in addition to the packages, CFEngine has Enterprise packages and support for AIX 5.3, 6.1, 7.1 and CFEngineers.net (run by some folk

Re: [lopsa-tech] Living inside your editor (vim or emacs)?

Hi, Yves, I use vim to teach my 5-day CFEngine class, I have hotkeys setup to run the current screen buffer using cf-agent or bash, whichever's appropriate. =) I find it very handy, as I can edit the examples to answer questions from students, and immediately run the result. I also have hotkeys to

Re: [lopsa-tech] ansible regex help

On Sat, Nov 7, 2015 at 4:44 PM, Steve VanDevender < ste...@hexadecimal.uoregon.edu> wrote: > One of the goals of effective configuration management is > to record and control all relevant aspects of your system configuration, > and in-place config editing does not accomplish that -- it does not >

Re: [lopsa-tech] Good Linux VPS to host personal domain with IMAPS?

https://lopsa.org/Partner-Vendors quoths: Interested in providing a member discount? Send mail to us (bo...@lopsa.org) and let us know. Best, Aleksey On Tue, Jul 5, 2016 at 8:38 PM, Ryan Finnesey wrote: > Is there a formal process if I would like to give discounts to LOPSA > members? > > > > *

Re: [lopsa-tech] Google Chrome repository mirror

Hi Dave! How are you mirroring the Fedora and RPM Fusion repositories? Are you using reposync? Sorry if I missed it from your message, but why can't you mirror the Google Chrome RPM repository the same way? Best, -at On Thu, Sep 22, 2016 at 8:04 PM, Dave Close wrote: > I posted a question to

[lopsa-tech] Domain name registrar that supports all printable UTF8 in the .us namespace?

Passing along this inquiry from a colleague: Do you know a domain name registrar that allows all printable UTF8 characters in a domain name? (Of course the RFC specifies any series of 1-63 bytes, no matter if printable or not, is allowed, but that can be a little bit problematic in practice.) Mor