Ray Schafer of The Kernel Group (TKG) will demo their Bare Metal Restore on Solaris.
Michael Rice announced that the sparc 10 and the sparc 2 were still at his house, and that the NetApp was fixed according to NetApp and that Jack McKinney had volunteered to pick it up from them.
Gil reported that he never heard back from the former public access television producer he knew of. He volunteered to look further into it.
Ray said he was still trying to get in touch with a big name for an upcoming event. He mentioned Terpster, John Quarterman, Bruce Sterling. Ray mentioned again that Bruce Sterling doesn't do public appearances, but that if we push the "digital divide" as justification he might be willing to make an exception.
The discussion then veered onto the digital divide, and several points came up. The first was that many people on the other side of the divide don't know why they need computers, don't know how it could be useful to themselves, and some can't afford them. Gil mentioned that lots of companies are throwing away older computers. We also discussed how a public access television program could help address these issues.
Michael brought up that many companies are trying to address these issues
with very low cost internet appliances, such as the NIC (to be
demonstrated at a future CACTUS meeting), the i-opener and the like
devices.
We eventually came back around to future presentations at CACTUS. A
returning member, Ron Woan
We're still in a holding pattern on the full system upgrade on
linux.cactus.org this month. The OS has been upgraded to Debian 2.2
(potato) however due to upgrade problems with the software RAID system on
the box, we're still using the obsolete Linux 2.0 kernel. Hopefully this
will change soon.
Our only major software addition this past month is an interesting one.
We're now running a Nessus server on linux.cactus.org. For those of you not
familiar with Nessus, it's an excellent security scanner along the lines of
satan and other similar tools, providing the ability to probe your important
Windows and Unix boxes for critical security holes. Nessus is in active
development and is fully open source. The project's website at http://www.nessus.org has a description of
Nessus which is worth quoting.
"Unlike many other security scanners, Nessus does not take anything
for granted. That is, it will not consider that a given service is running
on a fixed port - that is, if you run your web server on port 1234, Nessus
will detect it and test its security. It will not make its security tests
regarding the version number of the remote services, but will really attempt
to exploit the vulnerability.
"Nessus is very fast, reliable and has a modular architecture that
allows you to fit it to your needs."
I had a minor problem with the documentation and wrote the author of the
software who got back to me in a couple of hours with a friendly and
complete answer - the kind of excellent support many of us have come to
expect from quality open source projects.
Nessus runs in a client/server configuration, allowing one to run a local
client (GTK based) to interface with the server, which probes your system
from the point of view of an outside intruder. Clients are available for
(ugh!) MS Windows and Java, although the Nessus website posts a disclaimer
about the latter, warning that it hasn't been maintained for a while.
I ran a security check on my system here using the Nessus server on
linux.cactus.org and came up with a number of potential problems - problem
CGI scripts, old versions of software, a few services on our LAN which
should be closed to the world. I made some changes to the firewall in my
router and tried again, only to find the problem ports still open! It turns
out that the "Basic Firewall" filter rule set which came with my Netopia
router when Jump.Net delivered it is configured out of the loop and is
completely ineffective. When I got to the bottom of the issue, I emailed
Jump.Net, rebuilt my firewall, and am considerably safer today than I was
last week, thanks in large part to Nessus!
If you want to run Nessus, download the software and install the client on a
machine to which you have console access. If you have root access on
linux.cactus.org, run nessus-adduser as root to create an account for
yourself. If you don't have root access but are a paid-up CACTUS member,
contact one of the CACTUS officers to create an account for you.
Communication between the Nessus client and server requires a one-time
password the first time you connect, thereafter the client and server
maintain a cryptographic key pair for one another which automates client
authentication on the server.
In other news, our domain, cactus.org, is now registered with CASDNS,
www.casdns.net, rather than with Network
Solutions, Inc. CAS (for Computer Analytical Systems) is located in
Louisville, KY and provides domain name registration services as a Council
of Registrars (CORE) member. They're a small company, very competent and
responsive. I've been working with them for a couple of years and if
necessary I can almost always reach the top person in their registration
service within a few seconds on the phone. No voice mail hell with these
folks! I approached them about registering our domain for two years on a
sponsorship basis, to which they readily agreed, so you'll find a listing
for them in the "Friends of CACTUS" section with full information
on reaching them. They must be doing something right! I talked with their
main registration person early this month and he was up to his ears in
domain name transfer requests from people fleeing NSI.
My company, FMP Computer Services, is currently providing a 2nd DNS server
for cactus.org on ns.fmp.com which is slaving DNS from linux.cactus.org.
When we get the Sparc 10 back on line, we can either move our 2nd name
service to it, or leave it at FMP and set up the Sparc 10 as a 3rd name
server. I am also listed as the tech/zone contact for the domain, and we
may want to change this back to hostmaster [at] cactus <dot> org at some point. It
will be a pleasure to work with the people at CASDNS after some of the
tangled negotiations on changes we and others have had working through
Network Solutions!
Let's welcome Baba Buehler as the newest member to CACTUS.
We also want to thank Conrad Schneiker, Philip Wheatley,
Eric Jones, and Michael Cheselka
for renewing their membership.
We especially like to extend our sincere thanks to the
Kernel Group for renewing their sponsorship.
The Kernel Group (TKG) provides top quality mission-critical
computer network development and support services for the healthcare
and financial services industries. They provide integration and
management services for existing networks, custom application
development, and maintenance outsourcing services. The Kernel Group
was founded in 1990 with headquarters in Austin, TX and maintains a
branch office in New York, NY. The contact person is Ray Schafer,
schafer [at] tkg <dot> com or 433-3300.
Please do not show up earlier than 6:20 pm on the specified day. Enter
through the main entrance at 10000 Burnet Road for ARL:UT. Tell the guard
that you are here for the CACTUS meeting. You will be required to sign
a log book, but not required to wear a badge. The guards will direct you
to the auditorium entrance. Limited parking in the front of the building
is available, but more extensive parking is available in the large parking
lot just north of the ARL building. After 6:30 pm, all entrances to JJ
PRC, except for the Burnet Road entrance, are closed and locked. You can
still enter the parking lot in front of the ARL building. No parking tags
are necessary after 6:00 pm. See map for further details.
Online maps are available at:
CACTUS System News
by Lindsay
Haisley
Membership
By Luis Basto
To renew your membership, please send check or money order
payable to CACTUS ($25/yr for regular membership and $96/yr
for corporate sponsorship):
CACTUS
PO BOX 9786
AUSTIN, TX 78766-9786
You can also pay in person at the general meetings. Please direct
any inquiries or address changes to membership [at] cactus <dot> org.
CACTUS Officers
Contact Information
CACTUS Sponsors
Significant Contributing Sponsors
Applied Research Laboratories/University of Texas at Austin www.arlut.utexas.edu
OuterNet www.outer.net
CACTUS Sponsors
Auspex Systems www.auspex.com
Flametree Corporation www.flametree.com
Covad/Laserlink www.laserlink.net
Multi Media Arts (MMA)
Friends of CACTUS
Applied Formal Methods, Inc.
Austin Code Works
CASDNS, Inc. www.casdns.net
CTG
Compaq Computer Corporation www.himalaya.compaq.com
EDP Contract Services
Hewlett Packard www.hp.com
Hounix http://www.texascomputers.com/hounix/
Network Appliance Corporation www.netapp.com
O'Keefe Search
Sailaway System Design
Schlumberger www.slb.com
Silicon Graphics www.sgi.com
Solid Systems
Sterling Infomation Group www.sterinfo.com
Sun Microsystems www.sun.com
Texas Internet Consulting www.tic.com
Technow
Unison Software
UT Computer Science Department
UT Computation Center
CACTUS Meeting Location:
Applied Research Labs
As always, please leave the facility as you saw it when you arrived. So
let's clean up all pizza and soda items before we leave. Thanks and hope
to see all of you there.
Map to the Monthly CACTUS Meeting
| | ^
<---- to MOPAC | | |
| | | North
| | | to Braker Lane
---------------+ |
-+ /-----------+ |
| | | |
| +--------+ | |
| Parking | | |
| Lot | | |
+----------+ | |
| |
+------------+ | |
| | +-------+ |
| | | +---+ |
| | | | | | Rutland
| ARL | | | | +---------
| | | | | +---------
| | | +---+ |
| | +---+---+ |
+------------+ | | |
| | | South
| | | to US 183
| | v