| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8
Comments:
<wettoast> thats a stupid analogy
<wettoast> unix is more of a model-t, since its much older
<pixil> Not to mention the fact that I've never seen windows "fly" ? :p
<Mouring> but it is still a funny image to have in your mind.
<Mouring> my gawd.. GPLv3 draft has ensured I'll be using BSD 2-clause for the rest of my life.
<Mouring> I can understand BSD 2-clause without needing a lawyer and two bottles of whiskey... I can't say the same for GPLv3 draft.
<wettoast> heh
<Mouring> ermm.. Should "Sendmail X" design document scare me?
<Mouring> "[..] easy to define a bijective function [..]" .. Umm.. my dictionary sure doesn't have "bijective" in it.
<Mr_You> yay I love watchguards, when you have two boxes for redundancy, they both go down!
<tchang> hahhaha
<Mr_You> how that happens I have no idea.
<Mr_You> had the same problem prior to an upgrade. which didn't fix it, apparently. we're running on one box cause the other one might be hosing things up.
<Mr_You> for some reason I thought cisco routers could do port filtering.
<tchang> they can, through acls
<Mr_You> yeah thats what I thought. hmm
<Mr_You> might be the way to go.
<Mr_You> I can't think of any reason for "real" firewall.
<Mr_You> except troubleshooting.
<Mouring> mr_you, ***ume you mean a "separate firewall"
<Mr_You> well seperate yes, but also packet inspection, etc.
<Mr_You> I'll probably have to have a firewall just for marketing purposes.
<tchang> spi is nice
<tchang> ios acls can't do spi
<Mr_You> nod
<Mouring> tchang, that is odd.. at one time they could do Statefull Packet Inspection.
<tchang> the router ios?
<Mouring> they had an added module before they moved it to PIX.
<Mouring> yes the router itself.
<tchang> i've only seen pix's do it
<Mouring> Cisco just wants you to buy more hardware. =-)
<tchang> yeah
<Mouring> granted SPI doesn't buy you much.. Most people confuse it with IDS. Which is a different horse.
<tchang> spi is necessary for any production fw imo
<Mouring> and IDS definitely needs its own box.
<Mr_You> I'll probably end up suggesting Cisco PIX. In fact, do they do basic routing?
<tchang> yes
<Mr_You> I don't think we would need a router then.
<Mouring> Mr_You, you'll need the router to connect to your WAN since I don't believe PIX supports CSU/DSU connections.
<Mr_You> nah this is in a colo.
<Mouring> PIX was designed originally for local net routing
<Mr_You> though I'm not sure if we could go with redundant PIX.
<Mouring> if all you are taking in in Ethernet then PIX should be fine and no router is needed.
<Mr_You> well it is the egress for the colo LAN.
<tchang> how much traffic do you see
<Mouring> Should CISCO has a the redudant patient that spawned CARP.
<Mr_You> nod
<Mr_You> I think it ranges from 5mbps to 25mbps right now, with up to 30 or 45 mbps, I forget.
<Mouring> that should more than likely be implied that CARP came about due to bad evil cisco patents on the @#$#%^#$% Redudndancy protocol that was already written.
<Mouring> in fact why not just use OpenBSD with pfsync.=-)
<Mouring> screw CISCO.
<Mr_You> if it were my network I might, but its work.
<Mouring> Save work 1/2 a Mill and they may give you some of it.=-)
<Mr_You> and getting experience in that stuff pays the bills, not OpenBSD pfsync ;-)
<Mr_You> well, I would do that by using what we have with port filters.
<Mr_You> we don't have a support contract with cisco, I just mentioned that most places have them.
<Mr_You> I could care less really, usually pretty reliable routers.
<Mr_You> and often that stuff is marketable.
<Mr_You> "Cisco Based Network" blah blah blah
<tchang> cisco "powered" network
<Mr_You> thats it.
<Mouring> "If you want to spend the money on CISCO hardware just give it to OpenBSD project and installed OpenBSD. At least you are ***ured that 100% of the money goes to a needy programmer and not a rich CEO's Pocket book."
<Mr_You> and when a customer calls because something is broken you can say you are talking with who to fix the problem? ;-)
<Mouring> "I'll get the head of the OpenBSD project right on that." =-)
<Mr_You> they'll say who?
<Mouring> And they would know who the head of Cisco is? =-)
<Mr_You> no, but they would know who Cisco is.
<Mouring> come on.. most clients are clueless.. They don't give a flying **** if you have to call the President of the USA.. They just want it fixed.
<Mr_You> but at the same time I'm kinda interested in Juniper, uggh
<Mouring> FINE.. I'll start a company called "Cysko" =-)
<tchang> sysco
<Mr_You> I'm just tired of **** going down.
<Mouring> tchy, but it can't be produnced, "C Ys KO!" <grin> As you walk out the door leaving them with a $500k worth of dead hardware.
<AC-130U> actually, there's sysco
<AC-130U> and that does food products and food related products like paper plates paper towels napkins plastic silverware etc
<wettoast> Mr_You: my friend works in tech support at worldcom/mci (or whatver its called today) He says the Juniper routers are great
<tchang> i actually have heard good things about the juniper routers
<tchang> but i've also heard a lot of what sounded like marketing crap
<AC-130U> hmmm
<AC-130U> juniper.
<AC-130U> overkill for home, no>?
<Mouring> I have friend with cisco switches and 2501 at home.=-)
<Mouring> He was at one time attempting to score a cheap RADSL card... but that failed.
<wettoast> AC-130U: for home, yeah.
<AC-130U> hmmmm.
<AC-130U> would like to have something more robust than linksys.
<AC-130U> dont get me wrong
<Mouring> netgear
<AC-130U> linksys is *great* for home, but i feel it is limited in some respects
<AC-130U> old netgear i like
<Mouring> linksys is junk now that they are owned byt the big "C"
<AC-130U> new netgear *ugh*
<tchang> i don't really have many demands to make of my home wan connection
<AC-130U> linksys WRT54G great
<AC-130U> dlink, *juuuuuuuuunk*
<wettoast> for home, i would use free/open bsd.
<Mouring> wet, ya but how many PCI radsl cards to you see? =-)
<Mouring> /to you/do you/
<AC-130U> are there 4 port nic's?
<tchang> yup
<tchang> i have a server with 4 of those :)
<AC-130U> and how much do they run? :P
<tchang> hell if i know
<tchang> i just pointed them out
<Mouring> more than I care to admit. =-)
<AC-130U> heh.
<Mouring> Depending on the configuration it can be a true 4 port ethernet or it could be 1 port and a switch.
<tchang> it's four controllers
<Mouring> tch, yes there are two different types.
<AC-130U> hmm
<AC-130U> so i could just use it as a 'switch' (the 4 port nic)
<ferret_> Xorg.... im testing a new config... brings me up to a blank desktop screen with no windows... how do i close this thing gracefully?
<Mr_You> I almost want to scrounge up 2 NICs for this "temporary" VPN so I can replace another watchguard that is causing problems with the VPN cause thats the in the future but with production quality hardware. bleah
<wettoast> hrm... im really considering the Sun Fire X2100 for a small mail server
<Mr_You> The new Suns, x86 and UltraSparc, seem nice.
<Mr_You> can't wait to see their blades.
<wettoast> its a single opteron system, with2 hot-plug sata drives
<wettoast> for 745 usd
<ferret_> anyone?
<wettoast> Mr_You: will they be sparc or amd?
<tchang> ctl + alt + f6 to go to another term
<ferret_> then i have to kill it?
<Mr_You> ferret: CTRL+BACKSPACe, IIRC
<Mr_You> or CTRL+ALT+BACKSPACE.
<ferret_> ctrl alt backspace did it, thanks
<ferret_> now to figure out how to specify a window manager instead of this vanilla one...
<Mr_You> wettoast: who knows.. the whole industry needs a ch***is standard, but I imagine it would do either.
<wettoast> its too bad you cant customize the servers, you can only selec their preconfigured specs
<wettoast> a barebone would be sweet
<Mr_You> helps their margins I guess.
<wettoast> Opteron 146, 512 RAM for $745 usd. Thats not bad.
<Mouring> Cisco 605 + 2x 4port (real, no switch) + OpenBSD would be a nice firewall/web/mail box
<Mouring> or at least a nice firewall box with VPN and correct DMZ
<wettoast> thats what OpenVPN is for :P
<Mouring> great.. so OpenVPN works by itself with no OS.
<Yashy> That's what 486s are for :)
<Mr_You> its convenient and we don't need 768-bit encryption heh
<Mr_You> specially when you are doing SSL or ssh within PPTP
<wettoast> well, i guess if you dont want something with a hard drive, then forget that..
<Mouring> 4096bit SSL! Accept no less!
<Mr_You> I tell people to turn on LT2P p***through encase I wanna go there some day.
<Mouring> No one needs 8192! That is overkill!
<Mr_You> s/encase/in case/
<Yashy> I'm still waiting for my certificate to generate..
<bun-bun> panthers are weird
<bun-bun> compared to us rabbits :)
Return to
#unixhelp
or
Go to some related
logs:
#politics
ww1 tready of Versailles
mulingon
sars turkey chicken kiss
#politics
#beginner
wacky wavy arm flailing inflatable tube man
#linuxhelp
#beginner
#nhl
|
|
