[RM note: The point of this compendium of 100% of my postings to NBLUG's general discussion mailing list is at the bottom, where the group's founder claimed to third parties that I'd been summarily ejected and locked out of that forum for "flaming" -- as opposed to generating resentment from that club's leadership clique by dissenting from their rather narrow groupthink (e.g., pointing out that his friend, fellow NBLUG officer, and alleged expert Michael "dugan" Egan had spoken greatly in error when asked about Stampede Linux by a new Linux user). Judge for yourself.]
Date: Tue, 6 Apr 1999 16:05:43 -0700
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Does Linux support FAT32 partitions when
dual-booting?
X-Mailer: Mutt 0.95.4i
Quoting Steve (steve@adnd.com):
> I have all the RedHat packages that you need for a
successful upgrade to the
> 2.2.x kernel on my ftp site on sonic. Everything is there
except the kernel
> its self.
>
> ftp.sonic.net
> /pub/users/linunxut/kernel2.2.x/
See also:
http://www2.portal.redhat.com/support/docs/rhl/kernel-2.2/kernel2.2-upgrade.html
Also, moving beyond just Red Hat:
http://www.svlug.org/tech-notes/dists-2.2-locs.shtml
http://www.svlug.org/tech-notes/rick-2.2-reqs.shtml
Date: Tue, 6 Apr 1999 16:53:57 -0700
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Does Linux support FAT32 partitions when
dual-booting?
X-Mailer: Mutt 0.95.4i
Quoting Steve (steve@adnd.com):
> Thats where I got them, But I figured if you download
them off of sonic it
> would be faster :)
The point was to provide related information that would probably benefit other list members, not just the one person who posted a question. That's the whole point of forming a community of users on a mailing list.
Date: Thu, 24 Jun 1999 14:58:32 -0700
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Linux Distribution info
X-Mailer: Mutt 0.95.4i
Quoting Martin Hillyer (hillyer@cmc.net):
> Does anyone know a source for a comparison of different
distros such
> as RedHat, Slackware, Debian, Suse, Mandrake,
Stampede?
If you found one, how would you know you could trust it to be current, accurate, and reasonably unbiased?
The best way to arrivate at a comparison of the distributions is install a few and compare. You might consider one of those jewel-case CD-ROM collections of multiple distributions available from such vendors as Infomagic.
More at:
http://linuxmafia.com/~rick/faq/index.php?page=kicking#cheaplinux
http://linuxmafia.com/~rick/faq/index.php?page=kicking#distro
> Failing that, any opinions that people have would be
welcome (reasoned
> opinions, of course, I can come up with unreasoned ones
for myself :) ).
Naturally, the unreasonable people will, being cooperative sorts, disqualify themselves upon reading that request.
Date: Thu, 24 Jun 1999 17:14:32 -0700
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Linux Distribution info
X-Mailer: Mutt 0.95.4i
Quoting Mitchell Patenaude (mrp@sonic.net):
> The problem is that what you'll actually be testing who
has the best
> installer, since he's probably not going to spend a week
or two evaluating
> each before trying the next.
I'll invoke the Law of the Excluded Middle and suggest that a reasonable comparison of multiple distributions inherently involves living with each one for a _minimum_ of a few weeks each -- and also entails inherently personal judgements.
Date: Thu, 24 Jun 1999 19:56:56 -0700
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Linux Distribution info
X-Mailer: Mutt 0.95.4i
Quoting E. Frank Ball (frankb@sr.hp.com):
[much deleted]
> Debian is completely non-commercial, so it will never be OEMed....
This is not correct.
For background, please understand that Debian consists of four categories. CD vendors' selections from those categories differ, and many elect to offer some or all of the first two only. (There are over 2500 packages, in total.) By contrast, 100% of the packages are available at the Debian ftp mirrors, which are (thus) the reference collections:
1. Main: Packages whose licence allows free distribution with free access to source (and have no US export restrictions).
2. Non-free: Package with restrictive licences, but no US export restrictions.
3. Non-US: All packages with US export restrictions.
4. Contrib: All packages that would otherwise qualify for the "main" category, but that depend on non-free packages. (Note that this is a distinct meaning of "contrib" from what most people are used to. Many people have been misled by this confusing terminology.)
_Literally_ speaking, the term "commercial" means "subject to
being sold as a product or service". In that sense, Debian is
eminently commercial, in that you can buy CD-ROM sets from a
large number of vendors. Many are listed at http://www.debian.org/distrib/vendors
However, what people often mean by "commercial" is "includes proprietary software". Debian's non-free collection includes a few well-known proprietary packages such as Netscape4.x, Quake2, and xv, but obviously is limited to those packages for whom the owners have permitted third-party ftp distribution.
Which brings us to the point that some people mean "comes bundled with major shrink-wrapped applications, on the shelf at CompUSA". Nobody has yet bundled a Debian subset with Star Office, ApplixWare, or Oracle 8.0.5. However, there's not only no reason why they couldn't, but fewer obstacles than with most other distributions -- since bundlers can rest assured that everything in "Main" is unencumbered by third party property claims. For example, bundle SuSE 6.1 with your office suite and sell it, without getting permission from SuSE GmbH, and they'll sue you for violating their licence to YaST.
In fact, Debian _is_ "being OEMed", as we speak, by Corel Cororation, which is preparing a value-added proprietary superset of Debian, for release later this year.
Date: Tue, 2 Nov 1999 14:06:02 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Hardware reccomendations
X-Mailer: Mutt 1.0i
Quoting Joseph McCarty (atlee@saber.net):
> I'd really appreciate some feedback on internal 56K modems...
http://linuxmafia.com/~rick/faq/#internalmodem
http://linuxmafia.com/~rick/faq/#whichmodem
http://linuxmafia.com/~rick/faq/#winmodem
> ...and NICs that folks have found to work well under
both Linux and
> Win 95/98.
I can't really comment on MS Windows 95/98, because I don't use them, but Intel Pro/100 cards are always good (eepro100 driver), as are any cards based on _genuine DEC_ Tulip chips. (I have continuing doubts about the non-DEC imitation chips used by many OEMs.)
Date: Mon, 13 Dec 1999 00:01:45 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: X client for Win 98.
X-Mailer: Mutt 1.0i
Quoting Jay Di Silvestri (jay@adei.com):
> Isn't Exceed an X server?
Yep.
Date: Tue, 28 Dec 1999 10:36:23 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
> If you are dead set on the idea of serving from home,
then T1 offers
> 1.544 Mbps at full duplex, or SDSL (in some areas)
offers
> bi-directional identical speeds, but still are not full
duplex...
My building's service is SDSL (through Northpoint and Best Internet), and it's definitely full duplex. We switched to that from T1, and saw no difference in connection-latency.
Date: Tue, 28 Dec 1999 13:58:35 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
> Ys this is likely to e the case. A T1 is likely to
outperform SDSL when
> uploads and downloads both approach 1.544Mbps. In today's
environments,
> SDSL works ok for may people running a mostly DL service
while a full T1
> works better to tie together two LANs which are both
likely to exchang
> traffic simultaniously.
I doubt you have this right. The "S" stands for "symmetric".
> Another form of xDSL called (I think) HDSL is supposed
to be better than a
> T1 in that it can allocate up to 8 or 9 Mbps aggregate
pipe-size which can
> be dynamically converted to emphasize uploads, downloads,
or be equal both
> ways.
Yes, I've recently administered a LAN that included a 2 Mbps HDSL segment across my (former) employer's office building, on the available CAT3 telco cabling. (One of the advantages of HDSL is that it can survive such cabling.)
> Even if it is not true "full duplex", 8 to 9 Mbps is
fast enough to
> simulate a pipe aster than a T1.
However, I wasn't _speaking_ of 8 - 9 Mbps: At my building, housing The CoffeeNet, my hosts, Richard Couture's, and several of our clients', we went directly from T1 service to 1.1 Mbps SDSL, and our connectivity has continued to have all the characteristics of full-duplex.
> SDSL and HDSL frequently cost more than ADSL.
As well they should, given the pipe sizes usually involved.
Date: Tue, 28 Dec 1999 15:46:40 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
> This is not just from me, this is from PacBell and 2
northbay xDSL
> providers.
I beg your pardon, but it is not:
> Maybe you can tell them they are wrong:
> Please check http://public.pacbell.net/faq/dsl_faq.html
>
> "Will business customers want to replace their existing
DS-1 (T-1)
> Internet service with DSL? There are clear technological
differences
> between DSL and T1 Internet service. The first of which is
that T1 service
> is 1.5Mbps both ways.
Obviously, this refers to aDSL. Unfortunately, many parties who should know better use the terms "DSL" and aDSL synonymously.
> Mention of "both ways" is full duplex. I believe that
most xDSL are not
> ale to upload and download at max speeds
simutaniously.
We were speaking specifically of SDSL.
> On the original issue of latency, that does not
describe bandwidth, they
> are two different animals.
{quizzical look} That is true but not relevant to the present discussion.
> If your xDSL cable provider offers you 2Mbps SDSL, you need clarification:
(1) Best Internet (over Northpoint cabling service) provides approximately 1.1 Mbps service over an SDSL line to my place of residence, 744 Harrison, San Francisco. (Again, the initial "S" stands for "symmetric".) Separately, (2) At my former firm, I had a 2 Mbps HDSL line over existing CAT3 cabling across the office building, internal to the firm's LAN.
I hope that alleviates any confusion.
Date: Tue, 28 Dec 1999 17:15:05 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
>> We were speaking specifically of SDSL.
>
> I disagree, we were speaking of DSL (as the subject
states) which
> includes all forms of DSL.
I'm sorry, but I don't have time for this. You can check the prior posts for what my comment concerned, in context.
> I was not the first person to bring up the issue of
latency, but was
> re-addressing it since it was an item left un-contested
and
> uncorrected by anyone else.
I'm not sure what your point is. I mentioned the latency of our 1.1 Mbps SDSL line as being indistinguishable from that of the prior T1, which alone strongly suggested full duplex. I'm sorry if that point was unclear, but I doubt that recapitulating that conversation additional times will prove a good use of your time or mine.
> In some ways you are lucky to be in SF to get multiple
varieties of
> DSL.
I'm sorry to say that you still appear not to have understood what I said:
The 2 Mbps HDSL segment I mentioned is _internal_ to my former firm's network (as I said before). It's used to connect the firm's LAN across a large office building via existing CAT3 cabling. We used HDSL routers on either side of the building's telco cable, that being the best we could do without stringing new cable (which was not an option).
> Two questions:
Unfortunately neither bears on what I said. Perhaps you should ask someone with more free time to spend. I'm afraid I'm running short.
Date: Tue, 28 Dec 1999 23:31:49 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
> You state that you used the building's telco cable....
To clarify:
CAT3 cabling is inherently telco-GRADE. But this particular CAT3 had to be (as mentioned) _used_ for intra-LAN connectivity, not for telco (or other external) purposes. Thus our use of 2 Mbps HDSL signalling across it: Anything faster needs better cable.
Date: Wed, 29 Dec 1999 11:58:11 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz.
X-Mailer: Mutt 1.0i
Quoting Craig Hermann (c_herman@culinary.edu):
> With helpful and courteous people like Rick Moen on the
list, I am
> suprised it is not used more often to share
information.
Perhaps being peppered by such rhetoric is a commonplace for some, Craig, but I lack such sophistication.
Being the rustic that I am, if that sort of treatment, and your snippy personal comment (above) on top of that, are this list's notion of courtesy, I'll keep using mine instead, thanks.
Date: Wed, 29 Dec 1999 14:12:23 -800
Rom: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz. (Terminate this)
X-Mailer: Mutt 1.0i
Quoting Peter Bantowsky (peterban at jps.net):
> SportsFans...
[...]
Well, I sincerely _do_ hope you found the name-calling therapeutic. However, one does wonder what ranting about "Nick Moffit" has to do with NBLUG.
Date: Wed, 29 Dec 1999 15:25:35 -800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz. (Terminate this)
X-Mailer: Mutt 1.0i
Quoting Peter Bantowsky (peterban at jps.net):
> Hell, that's a no-brainer....
In other words, nothing to do with much at all.
> Regarding other matters, why bother with T1 when you
can go T3?
> [...]
Whatever floats your boat. Good luck.
> You and I are really not very different, in the roles
we are playing,
> from the poor saps who, for the sake of a techno-rush,
collaborated
> with another Borg earlier in this century.
Whatever that means. But please speak for just yourself, not _me_ and you, in the future. Thanks.
Date: Wed, 29 Dec 1999 16:46:17 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: DSL help plz. (Terminate this)
X-Mailer: Mutt 1.0i
I appreciate the good thoughts, but _have no quarrel_ with Mr. Michael Egan (dugan@libwais.sonoma.edu).
Or, in any lasting sense, with anyone else here, really: I just noted that a couple of other posters (i.e., _not_ Egan) seemed to be getting jollies from calling me names, and was amused at the irony of them doing this in the name of "courtesy" and the like.
Date: Sat, 22 Jan 2000 09:56:18 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: newbie stupid questions..
X-Mailer: Mutt 1.0i
Quoting ME (dugan@libwais.sonoma.edu):
> Debian has a system which allows you to write some
floppy disk image files
> out to a bunch f flloppy disks (I seem to recall about 12
to 18 3.5"
> 1.44Mb floppy disks) just to install a base system.
Nine, for Debian "slink" (2.1). A "rescue" (boot) disk, a drivers disk, and seven disks for the base system. And, actually, the base system can be installed via NFS, if you want.
ftp://http.us.debian.org/debian/dists/slink/main/disks-i386/current/
Debian "potato" (2.2 beta) requires somewhat more floppies, but those are still being tested.
ftp://http.us.debian.org/debian/dists/potato/main/disks-i386/current/disks-1.44/
> Once the base system was installed, you could use a LAN
connection to an
> NFS mount from another machine's HD (maybe at work? Maybe
borrow one from
> a friend?)
Once you have the Debian base system installed, you can use Debian's package tool "apt-get" to retrieve specified packages (and automatically get any packages required to support them, at the same time) -- via http, ftp, or other mechanisms. This is considerably quicker than the usual drill with other distributions, of basically grabbing the kitchen sink over NFS or ftp. In addition, you get the advantage of a leaner system, containing only what you want. And you can add other packages later via the same mechanism.
I describe this basic setup in http://linuxmafia.com/debian/tips (still badly in need of reorganisation and rewriting, sorry).
> Debian is not the easiest packaging systems to use if
you are rather new
> to Linux.
I would actively _discourage_ new Linux users from installing Debian. They should cut their teeth on something easier, and try Debian after they're used to Linux.
> If you can wait, take the whole box and all the
hardware to the next
> install-fest.
That strikes me as being best.
Date: Tue, 25 Jan 2000 18:01:15 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: pc/linux tcp/ip problems..
X-Mailer: Mutt 1.0i
Quoting Devin Carraway (aqua@atlantic.devin.com):
> ProFTPd's a nice ftp server. Good configurability and
features. If
> you run it, be sure to keep current on updates -- proftpd
has seen
> quite a few buffer overflows since its release, and ftpds
are very
> common points of attack.
I'll say.
http://linuxmafia.com/pub/linux/security/ftp-daemons
Date: Tue, 25 Jan 2000 18:07:43 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: pc/linux tcp/ip problems..
X-Mailer: Mutt 1.0i
Quoting E Frank Ball (frankb@sr.hp.com):
> I see scp and sftp both come with with ssh2. Any
comments on one vs.
> the other?
ssh2 comes with a severely restrictive licence, with sharply reduced support for encryption algorithms (for patent reasons). Also, the fallback mechanism to support ssh 1.x clients is unreliable (or was when I last checked).
That's why ssh2 has been overwhelmingly rejected by the Net, and why the usual choice is 1.2.x or (increasingly) OpenSSH.
When OpenSSH gets the 2.x protocol enhancements (such as sftpd), ah, now that will be a fine day. Meanwhile, scp is half a loaf.
Date: Tue, 25 Jan 2000 19:21:24 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: pc/linux tcp/ip problems..
X-Mailer: Mutt 1.0i
Quoting Devin Carraway (aqua@atlantic.devin.com):
> OpenSSH also has the much cuter logo. It's available in
rpm format
> (the usual considerations about binary-downloaded crypto
apply) from
> ftp.zedz.net:/pub/crypto/, along with binaries of other
software
> packages most people should be running. I haven't found
any debian
> packages of openssh, but probably because I haven't tried
hard enough.
In potato (2.2), at least, package "ssh" _is_ OpenSSH. To get Ylonen's semi-proprietary ssh, you apt-get install "ssh-nonfree".
Date: Wed, 26 Jan 2000 11:06:06 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Linux and PCI modems...
X-Mailer: Mutt 1.0i
Quoting Stagnoli, Paul (Paul.Stagnoli@CAI.COM):
> I am building a dual boot system with Win95 and Linux.
Which PCI
> modem will work with Linux? I prefer internal modems
because of cost.
There is nothing _inherently_ wrong with PCI as foundation for an internal modem: It's an unfortunate accident that pretty much all of them are terrible. You see, if you're a manufacturer who's already decided to build a cut-rate winmodem, you will gravitate towards PCI because its high bandwidth to the CPU local bus allows you to more easily offload to the host machine processing tasks that a non-winmodem can handle internally.
Thus, PCI modems are overwhemingly wimodems. The two exceptions are Multitech's MT5634ZPX-PCI and Actiontec's PCI56012 aka IBM 33L4618. Those are _probably_ supportable under Linux. At least, there are no obvious show-stoppers.
More at:
http://linuxmafia.com/~rick/faq/#internalmodem
http://linuxmafia.com/~rick/faq/#whichmodem
http://linuxmafia.com/~rick/faq/#winmodem
Date: Thu, 17 Feb 2000 14:19:45 -0800
From: Rick Moen <rick>
To: nblug-talk@lists.sonic.net
Subject: Re: Looking for advice
X-Mailer: Mutt 1.0i
Quoting Greg Dickerson (greg@gtworld.net):
> Does anyone know of any software I can run on RedHat
6.x that will give me
> a "PC Anywhere" interface to a windows NT server?
My S.O. tried to solve that problem at her place of work, and found no solution on Linux. Her eventual compromise was to buy an iBook, and run the MacOS PC Anywhere client -- which at least allowed her to avoid running a Microsoft OS.
Of course, if the server's owner will permit you, you can install a VNC server package, and administer the box via the Linux VNC client. If that's compatible with what you mean by "a PC Anywhere interface", then that's your answer.
My S.O.'s firm was unwilling to load that software on its servers; thus, her different solution.
From rick Mon Apr 24 14:22:55 2000
Date: Mon, 24 Apr 2000 14:22:55 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: [OT] Computer dealers, possibly
Linux-friendly?
User-Agent: Mutt/1.1.5i
Quoting E Frank Ball III (frankb@efball.com):
That's Nathan Myers's firm, which is/was excellent, but he's no longer accepting orders. However, Tuxtops does: http://www.tuxtops.com/ And they appear to be a quality outlet, too.
Date: Thu, 25 May 2000 10:53:00 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: Timeservers wanted (fwd)
User-Agent: Mutt/1.1.5i
begin Jeff Miller quotation:
> How local? Here are some from a list by Thinking Man
Software:
>
> clock.llnl.gov Lawrence Livermore National Laboratory
This was a stratum 1 (primary) server, but is listed (in the NBS listings) as "deleted".
> wave.mbari.org Monterey Bay Aquarium
This was also stratum 1, and is now listed as "discontinued service".
> norad.arc.nasa.gov Ames Research Center, Sunnyvale
Not listed.
> clock.isc.org Internet Software Consortium, Palo Alto
This is a stratum 1 server.
It's a really, really bad idea to synchronise off a stratum 1 server, from multiple points of view. For one thing, when the site's sysadmin (or his script) figures out where the traffic come and verifies that you're yet another person trying to grab a stratum-1 connection without approval, he'll probably shut out your entire IP netblock. Which will then result in your net neighbours getting annoyed with you.
Use _secondary_ NTP servers (only) for ordinary time-sync purposes: You can afford a few milliseconds worth of error. (If not, do your time-sync by shortwave.)
More information: http://www.eecis.udel.edu/~mills/ntp/servers.htm
Here are some net-wise local NTP servers from the stratum-two list. Please note access policies:
27. ns.scruz.net (165.227.1.1)
Location: scruz-net, inc. Santa Cruz, CA USA
Synchronization: NTP V3 secondary (stratum 2), BSD on Intel
Service area: Western USA (MAE-West attached)
Access policy: open access (scruz-net customers use both
ns.scruz.net and nic.scruz.net, others please use one or
the
other, not both... please drop us a note if you're using
the
server so we can keep you on our status list) Contact:
Matthew
Kaufman (matthew@scruz.net)
47. ntp.ucsd.edu (132.239.254.49)
Location: UCSD Academic Computing Services/Network Operations,
San
Diego, CA
Synchronization: NTP secondary (stratum 2)
Service Area: CERFNET; NSFNET, SDSC region and nearby
Access Policy: open access, please send a message to
notify.
Contact: timekeeper@ucsd.edu
62. ntp1.mainecoon.com (63.192.96.2)
Location: Quincy, California
Geographic Coordinates: 39:56.863N, 120:54.657W
Synchronization: NTP V4 secondary (stratum 2) P-II/X86 Solaris
2.7
Service Area: North America
Access Policy: Open Access, please drop us a note so we can
add
you to our mailing list.
Contact:time@mainecoon.com or Chris Kennedy (chris
@mainecoon.com)
Note: ntp1 is a CNAME for time service. Please use DNS; IP
assignments subject to change.
90. tick.koalas.com (207.48.109.6)
Location: Koala Computers, Coos Bay, OR
Geographic Coordinates: 43.36N 124.19W
Synchronization: NTP V3 Secondary (Stratum 2), PC/Linux
Service Area: Northwestern U.S.
Access Policy: open access
Contact: ( webmaster@koalas.com )
96. time.five-ten-sg.com (205.147.40.50)
Location: Lake Arrowhead, CA, USA
Synchronization: NTP V4 secondary (Stratum 2), Linux/intel
Service Area: within 100ms of Digilink.net
Access Policy: open access, email for firewall access first
Contact: carl@five-ten-sg.com
102. time.ultimeth.net (use DNS)
Location: Mill Creek, Washington, USA
Synchronization: NTP secondary (stratum 2), i486/Linux
Service Area: Northwest USA
Access Policy: Open access after reading our NTP usage
notes.
(http://www.ultimeth.net/NtpUsage/)
Contact: timekeeper@ultimeth.net
From <rick>
Date: Wed, 21 Jun 2000 10:20:33 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: Linux Ready for Prime Time?
User-Agent: Mutt/1.1.5i
begin Andru Luvisi quotation:
> Not addressing the original issue, I think it's worth
mentioning that I've
> spent this much time fighting with Windows in various
incarnations on more
> than one occasion.
You must have been very bad. That's a harsh punishment.
From rick Fri Jun 23 16:51:27 2000
Date: Fri, 23 Jun 2000 16:51:27 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: Thanks & 2nd Sound Card, 2nd Video Card
questions
User-Agent: Mutt/1.1.5i
begin Colin Marquardt quotation:
> I would vote for the announcements also to be made on
the talk list. It
> doesn't really add that much traffic.
With the disadvantage that anyone who's on both lists then gets two copies of each announcement.
Why not just subscribe to the announce list, if you want announcements?
Date: Fri, 4 Aug 2000 11:15:43 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: "funny" ASUS P5A-B-AT motherboard
User-Agent: Mutt/1.1.5i
begin Mitchell Patenaude quotation:
> Ouch, that's a logical/virtual partition rather than a
physical
> partition isn't it? That means it's enclosed within
another
> "extended" partition, and I don't think you can boot from
that.
Sure you can.
http://www.yggdrasil.com/bible/bible-src/lilo/user/node15.html
> I ended up recreating all the partitions as physical,
and that did the
> trick.
That would be my preference, in any event -- just on general grounds of system simplicity.
Date: Fri, 6 Oct 2000 18:20:43 -0700
To: NBLUG Discussion List <nblug-talk
@lists.sonic.net>
Subject: Re: [NBLUG TALK] A little more RH 7.0 problems?
User-Agent: Mutt/1.2.5i
begin Dustin Mollo quotation:
> And here I thought RH was getting better with each
release. Sounds
> like they are pretty screwed up. I'd use better words, but
this is a
> family mailing list :)
_If_ you grant the assumption that they had to ship something at this rather awkward time, then their reasons for the (custom-patched beta) gcc and glibc versions they included are at least defensible: Even Debian-stable (2.2 "potato") currently uses a glibc version (2.1.3) that technically doesn't exist, probably for security-patch reasons. The same sort of thing also happened when glibc was at 2.0.6.
I personally agree that Red Hat Software's making too aggressive a choice, here. I'm torn between applauding their pioneering spirit and being grateful that I'm not along for the ride.
Aside from all that, this business of distributions inventing non-existent software versions strikes me as very much A Bad Thing.
Date: Fri, 6 Oct 2000 19:26:56 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: [NBLUG TALK] RedHat 7.0 issue
User-Agent: Mutt/1.2.5i
begin Eric Eisenhart quotation:
> Basically, they've given the most recent version of gcc
that they felt
> was appropriate for regular compilation and then a
separate package
> for compiling the kernel, since very few people would be
happy with
> the version of gcc old enough to compile the kernel for
anything else.
The canonical version for kernel compiles is still 2.7.2.3, _not_ the 2.91 provided in Red Hat 7. Some versions of the gcc 2.9 series (aka "egcs") _sometimes_ yield OK results on kernels, but haven't been tested very thoroughly and often either the compiles error out or the resulting kernel images won't boot. (The linux-kernel mailing list doesn't want to hear your bug reports if you're not using 2.7.2.*.)
So, if Red Hat's choice of a "kgcc" gives you problems, get a real kernel compiler. ;->
"The most recent version of gcc that they felt was appropriate for regular compilation" (1) is _not_ technically gcc, but rather a Red Hat-invented mutation of a betaware CVS checkout, and (2) creates binaries that are incompatible both with everyone else's binaries and with those that will be compiled in the future by the upcoming gcc 3.0. One safer choice would have been a patched 2.95 -- the most recent released version of gcc. They say they didn't do this because it has problems on some non-x86 chips (e.g., Alpha).
This may be arguably true. It's probably an inopportune time to release a distribution.
Date: Sat, 7 Oct 2000 21:11:40 -0700
To: NBLUG Discussion List <nblug-talk
@lists.sonic.net>
Subject: Re: [NBLUG TALK] More RH 7.0/GCC news
User-Agent: Mutt/1.2.5i
begin Dustin Mollo quotation:
> I agree with Rick in the relm of RH being a 'leader' in
getting glibc
> out to people, but I personally wasn't afraid to installed
5.0. I
> guess simply because I knew that was the way the world
would be going.
Yes. Everyone else benefitted tremendously from Red Hat doing that, and they took a lot of unjustified abuse, at the time.
The way I understand it, the main category of application that "broke" on RH 5.0 were those that not only were libc5-dependent, but also compiled to invoke "soname" libc.so. But that wasn't Red Hat's fault: If your application needs libc version 5, you should compile it to use soname libc.so.5 (or something like libc.so.5.3, if you need to be that specific). Most of the applications that broke were badly built, in other words.
Date: Sat, 7 Oct 2000 21:20:47 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: [NBLUG TALK] More RH 7.0/GCC news
User-Agent: Mutt/1.2.5i
begin Eric Eisenhart quotation:
> Sounds like the main issue, though, is that they didn't
communicate
> their intentions to the GCC folks. If they had, it could
have had a
> less official version number, that kind of thing.
They could _and should_ have had a less official version number even _without_ communicating their intentions to the GCC steering committee: They could have called it gcc-redhat-2.96 (and called it via the obvious symlink).
But they shouldn't have named and numbered it the way they did. Other distributions have done the same sort of thing: That's not right, either.
Date: Sat, 7 Oct 2000 21:32:07 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: Tiemann defends his "Open Source" statement
User-Agent: Mutt/1.2.5i
begin Scott Doty quotation:
> Someone just pointed this out to me:
>
http://linuxtoday.com/news_story.php3?ltsn=2000-10-05-007-20-OP-RH
Michael Tiemann is a wonderful guy, whose company, CYGNUS Support, long ago paid its dues. I'm not the least bit surprised that CNET / ZDNET misquoted him, however. There are a few good writers for the latter, but, generally, if they told me the sun was going to rise in the east tomorrow, I just might get up early.
Date: Wed, 11 Oct 2000 13:49:09 -0700
To: NBLUG Discussion List <nblug-talk
@lists.sonic.net>
Subject: Re: [NBLUG TALK]
User-Agent: Mutt/1.2.5i
begin Dustin Mollo quotation:
> Speaking of leaking file handles and other odd things
with RH7.0, just saw
> this on /. For those of you that got the RH7.0 cd's last
night, you should
> check this out. Essentially, after about three weeks time,
all available
> file descriptors will be used up on the machine (due to
bad/buggy
> programing), and the machine will lock up.
And I love the fact that it's the system update daemon that does this.
Date: Tue, 28 Nov 2000 13:48:16 -0800
To: NBLUG Discussion List <nblug-talk
@lists.sonic.net>
Subject: Re: [NBLUG TALK] cool /. story...
User-Agent: Mutt/1.2.5i
begin Dustin Mollo quotation:
> And yes, he tackles the question about did RH do the
'right thing (tm)' with
> RH 7.0
And ducks just about every question. (One commentator characterised the interview as "pure brochureware", and I agree.)
I'm disappointed in Michael: He's a good guy, and I expect better from him.
Date: Fri, 5 Jan 2001 11:44:54 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: finding cheap hardware for Linux?
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> I found several smaller webservers on freshmeat.net:
dhttpd, webfs,
> and several at www.acme.com.
Then you know about micro_httpd, mini_httpd, mathopd,thttpd, fhttpd, boa (which I love), and Zeus. Boa is perfect for hosting static pages.
There's also: http://nwonknu.org/chttpd/
Date: Fri, 5 Jan 2001 11:54:28 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: finding cheap hardware for Linux?
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> I haven't tried mathopd, fhttpd, boa, or zeus (isn't zeus expensive?).
Ja, sure, you betcha.
> I'll check out boa.
Very handy. Configuration file uses the Apache format, for one thing.
Date: Fri, 5 Jan 2001 13:03:33 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: finding cheap hardware for Linux?
User-Agent: Mutt/1.2.5i
begin Brad Cox quotation:
> Another product I've used is publicfile from Dan
Bernstein (author of
> qmail and djbdns), available from http://cr.yp.to/publicfile.html.
Fie and bosh.
http://linuxmafia.com/pub/linux/security/ftp-daemons
Date: Fri, 5 Jan 2001 13:05:04 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: finding cheap hardware for Linux?
User-Agent: Mutt/1.2.5i
begin Brad Cox quotation:
> It helps if you have setup qmail and djbdns a number of times first.
Oh, and, lest I forget:
http://linuxmafia.com/~rick/faq/index.php?page=warez#djb
Date: Fri, 5 Jan 2001 16:38:00 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: finding cheap hardware for Linux?
User-Agent: Mutt/1.2.5i
begin Brad Cox quotation:
> I wouldn't suggest publicfile as a ftp server (which I
as much said in my
> original mail). However, the only reason that I wouldn't
suggest it is
> that there aren't clients that support Dan's EPLF.
In fairness, I seem to recall that Publicfile (unlike its anonftpd predecessor) doesn't _solely_ do EPLF format. And I certainly agree that the latter is an abstractly good idea. (Actually, that's a common thread among his projects. Good in theory, but bloodyminded about getting along with the rest of the world.))
But, also, you have to buy into much of the basic DJB architecture to use Publicfile: ucspi-tcp and daemontools, if memory serves. And all three of those packages are proprietary software. I'm sorry, but if the pervasive weirdness didn't kill the DJB software cult for me, the proprietary licensing would.
So, for a small, fast, more-secure httpd, I'd prefer Boa. For a small, fast, more-secure ftpd, I currently favour oftpd on Linux and aftpd on
Date: Sat, 20 Jan 2001 20:13:21 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin Bob Blick quotation:
> It's running a redhat 6.2 system straigt off the cd. I
know the hole was in
> wu-ftpd, but I need to know which packages I should
reinstall to make sure
> I have cleaned out the files typically overwritten by a
root kit.
(1) Secure your data files. (2) Recreate _all_ executables and configuration files from trusted sources. All -- and I am not kidding. (3) Restore your data files.
> Any links?
Start with http://www.cert.org/nav/recovering.html
After you rebuild, do whatever it takes to (1) lower your security exposure by removing unneeded software after a careful study of your system, and (2) stay current on whatever remaining software still poses security exposures.
By the way, I consider wu-ftpd to have _way_ too many security problems. Thus:
http://linuxmafia.com/pub/linux/security/ftp-daemons
http://linuxmafia.com/pub/linux/security/ssh-clients
> Be warned, everybody, if you have RH 6.2 on a machine,
it is a prime
> target.
Not inherently; it can be secured with enough attentive administration (and sorry about that salt rubbed into your wound, but it's the truth).
From rick Sat Jan 20 20:21:52 2001
Date: Sat, 20 Jan 2001 20:21:52 -0800
To: nblug-talk@lists.sonic.net
Cc: Devin Carraway <aqua@atlantic.devin.com>
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin Devin Carraway quotation:
> There are some trust issues in /home also, if you
made
> executables for yourself in there, but they're less common
targets.
Not just executables. Dotfiles, too. E.g., some of the more enterprising bad guys leave ~/.rhosts files behind as an additional backdoor way of getting back in.
From rick Sat Jan 20 20:32:26 2001
Date: Sat, 20 Jan 2001 20:32:26 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin Eric Eisenhart quotation:
> Problem with this is, it's possible that somebody might
have installed a
> rootkit that also changed the RPM database or the RPM
program or the kernel
> to see things as being as they still should be.
<deadpan>
That's why all Red Hat users store safety copies of
/var/lib/rpm/* off-system, right?
</deadpan>
> Looks like the problem was with wu-ftpd, nfs or lprng...
I am shocked, shocked, at the notion of a vulnerability with the world's cruftiest and most overfeatured ftp daemon, with the NFS code, or with one of the leading candidates for heavy access restriction in /etc/hosts.deny . ;->
> Really, though; it's easiest to do a fresh install.
I believe you misspelled "mandatory". If you've been compromised, there's really no other way that's safe.
From: <rick>
Date: Mon, 22 Jan 2001 11:50:05 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin Kevin Jamieson quotation:
> I'm sure most of the people here will likely say 'scp'
in place of
> ftping files from a machine - but, if this is a user box
ftp is most
> likely expected.
"Expected" by people who don't have to deal with the resulting breakins, when users' ftp passwords get sniffed and the machine gets cracked again. There are ways to mitigate the security impact of non-anonymous ftp, but first sysadmins needs to drop this attitude of "We'll stay vulnerable to accomodate users' refusal to leave the '80s."
> I think Proftpd was mentioned before as an alternate to wu.
Complete list of alternatives:
http://linuxmafia.com/pub/linux/security/ftp-daemons
From rick Mon Jan 22 11:56:57 2001
Date: Mon, 22 Jan 2001 11:56:57 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> http can be used for anonymous gets. No good solution
for anonymous
> puts.
CGI uploads, e.g., using CGI.pm, as detailed in http://www.tsden.org/ryutaroh/fileupload-e.shtml
> openssh is supposed to replace ssh1 and ssh2 with a
better license
> setup, but sftp doesn't work for me with openssh....
When last I checked, only the CVS checkouts had sftp-server.
But there's very little client support for sftp, whereas there's scp implementations on just about any OS. (If memory serves, sftp is NOT part of the secsh RFC draft, but rather an ssh.com "enhancement" that Marcus F. reverse-engineered for OpenSSH.)
> ...and when I connect to an openssh server with ssh1 it
won't export X
> like it should.
Then, you have a configuration issue, because X forwarding is supported.
From rick Mon Jan 22 12:07:22 2001
Date: Mon, 22 Jan 2001 12:07:22 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> If this is on the internet they also shouldn't have
rlogin access open
> to the outside.
Absolutely. (Well, DUH. ;->)
But the point is that you do not want hostile parties' ~/.rhosts files sitting around just in _case_ you accidentally enabled the r-commands. I actually have the adduser script create a root-owned .rhosts file with nothing in it, permissions 000, removing the concern prospectively.
> Then block most of what you left running with a
firewall so it cannot
> be accessed from outside.
When you use the term "firewall" in this context, are you referring to application-level proxy gateways, or do you mean filtering routers? If the latter, are you envisioning an implementation with stateful filters, or not?
From rick Mon Jan 22 12:18:04 2001
Date: Mon, 22 Jan 2001 12:18:04 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> Absolutely. Do you *NEED* to run a ftp daemon?
Yes, I do.
Show me a httpd that discloses special file attributes (notably symlink as opposed to hard link) and other file details -- and wake me up when all Linux distributions can do http installs in addition to ftp, and when small http clients capable of doing recursive gets ship on the general run of consumer operating systems.
On the latter point, it was impossible to install Debian-m68k on my Mac IIci without my *ix box's ftpd, because of tools I had to pull down onto the LAN directly onto the IIci's small HFS/MacOS partition. I didn't have wget or lynx or scp, and retrieving a friggin' graphical Web browser would have been just a bit absurd.
> Most are nothing but security holes waiting to be found.
Most are irrelevant if you exclude the riciculously bloated ones, e.g., wu-ftpd and proftpd. A relevant examination might concern, e.g., oftpd, Ranum's aftpd, hftpd, pftpd, and trollftpd.
From rick Mon Jan 22 13:43:26 2001
Date: Mon, 22 Jan 2001 13:43:26 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin Bob Blick quotation:
> If wu-ftpd has been fixed I don't see why I shouldn't
use it,
> unless there's something else I should know about it.
Yes, there is.
wu-ftpd has a sadly crufty codebase and is overfeatured. I recommend doing some reading on Internet and Unix security, if the consequences aren't apparent. (I can recommend some resources.)
Or just observe all the additional root-exploit alerts as they come in. ;->
From rick Tue Jan 23 12:32:43 2001
Date: Tue, 23 Jan 2001 12:32:43 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: what to do when you've been rooted
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> thttpd from www.acme.com shows sym-links.
That's good. I'll have to try it. I've only really played with Apache and Boa. (I assume you mean "shows" them in the sense of indicating that they are symlinks. Apache and Boa "show" symlinks in a fashion indistinguishable from the files or directories they point to.)
That's the biggest thing I miss on typical httpd output compared to an ftpd. The others are (1) _complete_ filesizes (not rounded), which can be crucial for telling at a glance whether the remote file differs from your local copy, and (2) rights masks. The owning user and group are usually conveyed correctly by random ftpds, and special file attributes other than symlink and directory seldom are needed in remote file displays.
Thanks.
> How many people on this list are trying to setup
machines for remote
> installs?
No idaa. I run installfests, as do many Linux user groups, so this matter should be of interest to LUGs generally.
But the point is that there is information lossage in going from httpd + ftpd to httpd-only. That lossage may or may not matter to particular individuals, but just telling them "ftp is obsolete" is doing them no favour.
The best argument against httpd + ftpd is the security one -- but I have not found that compelling after trying the smaller, faster, better-designed, not-overfeatured variety of ftpd typified by oftpd, Ranum's aftpd, Trollftpd, and pftpd.
> The average joe seems to think that stuff shipped
with
> redhat/suse/turbo is secure and this just isn't the case.
I wan't to
> point out as many alternatives to running a ftp deamon as
I can.
The average Joe seems to have a difficult time understanding why Proftpd isn't a significant improvement over wu-ftpd, because its design is inherently complex (which is A Bad Thing from the security perspective), and because he's still going to be sending plaintext passwords across the open Internet.
> For the less sophisicated user running ftp is best avoided.
I would say: Run a _suitable_ ftpd if you need an ftpd. (These wu-ftp versus Proftpd discussions don't do the trick.)
From rick Fri Jan 26 21:38:04 2001
Date: Fri, 26 Jan 2001 21:38:04 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: postmortem
User-Agent: Mutt/1.2.5i
First, Bob: Congratulations on the good job you've done of
documenting
what state your machine was left in.
begin Bob Blick quotation:
> In the /home/httpd/cgi-bin directory there was a program called "...".
Very typical of breakins.
> User "stan" is a valid account of a new user who has
never logged in, but
> in his directory there is a new directory "stacheldrahtV4"
and it's been
> compiled. Looks like a nasty program with all sorts of
devious features.
That's the name of a distributed denial of service (DDoS) tool, based on the earlier Tribal Flood Network and Trinoo toolkits. http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
Suffice it to say that your machine was almost certainly to be used to attack other sites and networks.
> wget http://packetstorm.securify.com/distributed/tfn2k.tgz
And _that_ is some Tribal Flood Network variant.
> I scanned the source of a lot of these programs, and it
looks like
> they got into the machine by exploiting rpc.statd.
That's quite plausible. The last remote root exploit against rpc.statd I recall was in July 2000. You may have left a known, documented remote root exploit open for six months -- maybe more, if the bad guys exploited an even earlier exploit.
> Never knew what that program was for....
One infers that you were running it, and didn't know what it was for. It's a bad idea to run network daemons whose purpose you don't know. If you don't know why you're running a given daemon process, please switch it off until you have a good reason.
If you don't know how to determine what network daemons you're running, yank the network cable until you've studied _Running Linux_ well enough to determine that.
Monitor security-alert mailing lists (or equivalent) for any advisories about the network daemons (and kernel versions) you _do_ elect to run. When you hear about remote security exploit or DoS attacks against that software, disable the daemons until you've applied the security patch or upgrade required to close the hole.
> I haven't deleted anything or reformatted yet, so if
anyone has any
> suggestions of more things to do I can still do it.
One hopes you intend a complete rebuild.
http://www.cert.org/tech_tips/win-UNIX-system_compromise.html
http://www.cert.org/tech_tips/unix_configuration_guidelines.html
And don't forget that all of your users' existing passwords have been compromised. You need to set them all up with totally new passwords. You might also consider chmoding /usr/bin/passwd to 0700 for a while (after the rebuild), to drive home to the users that they _must not_ re-adopt their compromised passwords.
From rick Sat Feb 17 10:43:29 2001
Date: Sat, 17 Feb 2001 10:43:29 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Off-topic: Amusing MS/Open Source URL story
pointed out to me by an associate...
User-Agent: Mutt/1.2.5i
begin ME quotation:
>
http://news.cnet.com/investor/news/newsitem-printer/0-9900-1021-4825719.html
>
> (Jim Alchin of MS):
> ''Open source is an intellectual-property destroyer,''
Allchin said.
> ''I can't imagine something that could be worse than this
for the
> software business and the intellectual-property
business.''
http://www.perlguy.net/images/opensource1.gif
> The last line is prob. an example of truth from MS:
> ''We can build a better product than Linux,'' he said.
http://ars.userfriendly.org/cartoons/?id=20010216
Date: Sat, 17 Feb 2001 12:38:16 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Off-topic: Amusing MS/Open Source URL story
pointed out to
me by an associate...
User-Agent: Mutt/1.2.5i
begin Paul Larkin quotation:
> If the quotation is accurate, then Alchin strikes me as
an amusing
> little character. Really too bad he's in such a position
of power.
> attitude.
Well, as Don Marti is fond of saying, if you don't believe in them, they can't hurt you.
I consider the whole incident hilarious, and think it will make one of the more colourful footnotes to Microsoft's eventual obituary. See also: http://www.kuro5hin.org/?op=displaystory;sid=2001/2/16/142659/184
From rick Thu Mar 22 18:43:01 2001
Date: Thu, 22 Mar 2001 18:43:01 -0800
To: nblug-talk@lists.sonic.net
Cc: Devin Carraway <aqua@atlantic.devin.com>
Subject: Re: eide cd-rw rfi?
User-Agent: Mutt/1.2.5i
begin Devin Carraway quotation:
> Recent versions of the kernel (2.2.16 or later, 2.4.x
is fine also) and
> cdrecord are necessary -- any current distribution will
have them. RedHat6.2
> and Debian Woody will both work. I'd suggest avoiding
Corel since it's based
> on Debian Slink, and is pretty much obsolete by now.
You _can_ start out by loading Corel Linux OS, and then doing a normal "apt-get update && apt-get dist-upgrade" to upgrade it to Debian 2.2 "potato". The only real obstacle is that Corel's mutant KDE 1.x packages do not cleanly upgrade to "potato's" 2.x versions.
The Corel KDE packages can be neatly excised by following instructions here: http://www.debian.org/News/weekly/2000/25/mail#2
(More-experienced Debian users could just snip the mutant package entries out of /var/lib/dpkg/status , but it's nice to have a recipe.
From rick Thu Mar 22 20:51:06 2001
Date: Thu, 22 Mar 2001 20:51:06 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin ME quotation:
> I have not seen or met someone that uses stampede....
I've used it, and I liked it very much. Its clean design is a breath of fresh air (no Red Hat-style config-file maze stands in the way of your _genuinely_ comprehending system configuration), and the optimisation for performance makes you wish that other distributions would do likewise.
Stampede's package system sucks, and there is no properly coherent distribution _policy_ (except the one inherent in their basically doing things sanely, which is gratifying). So, it loses compared to .deb-based distributions with strong policies (Stormix, Progeny, Libranet, Debian) as to maintainability. The installer was a bit rough, when I last tried it (v. 0.83, I think).
> ...but they claim to target the new Linux user.
Not really.
o Are you perhaps thinking of "We wanted a distribution that was fast and easy to use for the new user, yet versatile for the power user." That hardly constitutes "targeting the new Linux user".
o It is disclaimed to be pre-release software (which it indeed is).
o The very first item on the FAQ states:
Is Stampede Linux easy to install?
Well, let's just say it's getting better every day =). Check
out the
new Pre-Release install guide and decide for yourself. In
general,
if you have installed Linux before, you shouldn't have any
problems
with installing Stampede.
That sure doesn't sound like "targeting the new Linux user" to me.
From rick Thu Mar 22 23:03:11 2001
Date: Thu, 22 Mar 2001 23:03:11 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin ME quotation:
> Really a matter of how you choose to read it.
At the bottom of the General FAQ, it also says:
Should I use Stampede Linux?
Of course! While it is not recommend for the light of heart
right
now....
Now, maybe on the planet you're from, all this is consistent with "targeting new Linux users". But not mine.
> I guess it comes down to the word "target" in this
instance. I see it
> as a goal they are shooting for according to their FAQ. If
their FAQ
> is not true, then that is their fault for falsely stating
that is
> their goal.
Then, I think you need your prescription checked. And also maybe the eyesight one.
And then look into who exactly, in this picture, is going around "falsely stating" things. Even _after_ having the error called to his attention, in fact.
From: <rick>
Date: Fri, 23 Mar 2001 00:07:31 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin ME quotation:
> It is not really you, Rick is still sore from the
networking data link
> layer discussion we had a while back. It seems he con't
leave me
> alone.
I'm sorry, but who are you again? ;->
> I enjoy it. It is entertainment for me.
I don't. I simply think it's disreputable to fire off a flamboyantly wrong answer to someone's honest, curious question about a distribution based on no more knowledge of the subject than a five-second glance at the first item on its FAQ. And I didn't feel like letting the resulting misinformation pass without comment.
From rick Fri Mar 23 00:03:22 2001
Date: Fri, 23 Mar 2001 00:03:22 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin Rafe Magnuson quotation:
> Ah! That's the insight I was looking for. So it _is_
faster then?
It did seem _somewhat_ that way -- especially where X was concerned. But straight-up comparisons are notoriously difficult, because there are usually way too many uncontrolled variables. I could have fooled myself, so don't count on it. Stands to reason that it would be, anyway.
Also, bear in mind that some code just doesn't benefit from that treatment -- and a certain amount of RAM bloat may happen. (I didn't notice any, particularly, in this case.) Note that the Stampede people are using pgcc, a single-pass Pentium optimised compiler. It was the first product of the Pentium Compiler Group, a consortium that included participation from Intel and CYGNUS, and that later produced egcs, which has been adopted by the FSF as gcc 2.8 and above. Before these two, there were no gcc variants producing better than 486 optimisation (e.g., gcc 2.7.x).
I know of no other distribution that produces binaries using pgcc. (It's not portable to other CPU architectures, which is part of the reason we got egcs.)
> From your experience does the file/config structure
resemble slackware
> to any degree?
The (default) init structure is very similar (BSD-ish) to the old Slackware one, and it has the same general sort of simple layout. There's a package to substitute SysVInit, if you prefer (which I do).
Also, the installer reminded me a _lot_ of Slackware's.
The FAQ says that, also, Stampede's initial package list was inspired by Slackware's. I wouldn't know about that, from my own encounters.
From rick Fri Mar 23 07:52:43 2001
Date: Fri, 23 Mar 2001 07:52:43 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin Colin Marquardt quotation:
> Debian is like emacs: you can do everything with it.
I hope you realise that I wasn't talking about Debian, in the post you were replying to (but rather about Stampede). It's certainly OK if you were just branching off from that topic, but I wasn't sure.
> Sure, the packages do not come pre-compiled with that
optimization,
> but with apt's deb-src spec it is easy to re-build the
important
> packages.
Indeed, an upcoming version of apt will even take care of getting the build dependencies for you automatically. It's getting closer to the FreeBSD ports system all the time, on the source-code side.
> I couldn't even use Stampede (well, not without quite
some disadvantages
> at least) since I have an Athlon system.
Hmm, I have no idea what effect pgcc compilation would have on Athlons. For what it's worth, the Stampede betas I tried earlier ran great on my K6/233.
From rick Fri Mar 23 08:01:04 2001
Date: Fri, 23 Mar 2001 08:01:04 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin Rafe Magnuson quotation:
> Ah, I should have waited about two more seconds before my
last post,
> as the information you present below is most useful. It
brings me to
> wonder though, why is egcs so much more portable than
something like
> pgcc?
That's a good question. I wish I were a competent authority on compilers, since as things stand I lack the background to get this answer. However, I'm sure the gcc development team would be able to explain matters, if one of us asks.
> Certainly I can see machines of the x86 class being of
use still,
> but don't most people have at the very least a pentium 1
class processor
> (gasp! a p90! or a p60!)? Or am I missing the point
entirely here?
Yes, but don't forget that the idea of gcc is to have a compiler portable across multiple CPU _architectures_, not just multiple generations of x86. Alpha, m68k, PPC, StrongARM, PA-RISC, SPARC....
From: <rick>
Date: Fri, 23 Mar 2001 08:01:52 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin ME quotation:
> Perfect example of antagonism. :-)
Perfect example of disgust.
And you've now more than exhausted my interest.
From rick Fri Mar 23 11:28:10 2001
Date: Fri, 23 Mar 2001 11:28:10 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Stampede
User-Agent: Mutt/1.2.5i
begin Colin Marquardt quotation:
> HMM, AFAIK apt itself is there yet (since the days of
the potato
> release), but the packages themselves are probably not
fully up to
> speed on source dependencies.
Source dependencies are exactly what I was speaking of, Colin. With apt 0.3.x, you have to make sure you satisfy all the Build-Depends, manually. What I was saying is that the betas are able, by contrast, to take care of Build-Depends _for you_, when you build a source package.
> I am also not sure what the difference is between
compiling with pgcc
> (is this still a separate compiler nowadays?) ...
Again: Yes.
> ...and architecture flags to a current gcc.
"Current gcc" through 2.7.x did at best 486 optimisation on x86. Pentium Compiler Group was founded, with participation from Intel and CYGNUS, to do something about that situation. First, they wrote pgcc, a one-pass compiler (which, accordingly, could not be portable to other architectures). Then, they wrote egcs, a multi-pass, portable compiler. Both of these were forks of gcc.
PCC submitted their patches to the gcc 2.7.x maintainer. Those patches were ignored. The Linux world, in response, gradually began ignoring gcc 1.x, and looking to CYGNUS's ftp site for the canonical source for their "gcc" (meaning egcs). Eventually, FSF got a clue and transferred custodianship of the gcc project to the egcs maintainers, thus ending that fork. egcs was given the designation gcc 2.8.x, at that time. Current 2.9.x betas are based on egcs.
Meanwhile, pgcc remains available, and is a really sweet compiler, but is x86-only.
Clearer?
From rick Fri Mar 23 11:36:42 2001
Date: Fri, 23 Mar 2001 11:36:42 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Anyone attending NBLUG meetngs use "other"
Dsitros? Was Re: Stampede
User-Agent: Mutt/1.2.5i
begin Mike Rice quotation:
> I use Storm (Debian) at home, my wife finds it preferable
to RedHat and
> Windows(98/NT).
Stormix is really nice, and upgrades very nicely along the Debian-stable track, post-installation (unlike the bobbles you get with Corel Linux OS, when you attempt the same thing). I hope its packages continue to be maintained and available, now that its original creator is in bankruptcy protection.
From rick Fri Mar 23 11:38:10 2001
Date: Fri, 23 Mar 2001 11:38:10 -0800
To: nblug-talk@lists.sonic.net
Subject: Re: Anyone attending NBLUG meetings use "other"
Dsitros? Was Re: Stampede
User-Agent: Mutt/1.2.5i
begin Loraditch, Greg quotation:
> What's the general consensus for StormLinux 2000?
>
> I've got a copy sitting in my desk that I haven't yet
used. Is there any
> advantage to it over RedHat?
That's what we call "a religious question". ;->
One approach: Try a few distributions, one at a time, and see which ones you like over the long term.
From rick Tue Apr 10 15:41:41 2001
Date: Tue, 10 Apr 2001 15:41:41 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: Laptop Recommendations?
User-Agent: Mutt/1.2.5i
begin E Frank Ball quotation:
> If you are going to the trouble of doing a fresh
install I'd spring for
> some newer install CDs. Storm declared bankruptcy and will
likely die
> off, so you won't be able to upgrade it.
The latter is a non-sequitur, and not accurate: You see, he needs only to revise his /etc/apt/sources.list to contain the following:
deb http://http.us.debian.org/debian stable main contrib non-free
deb http://non-us.debian.org/debian-non-US stable non-US/main non-US/contrib non-US/non-free
Then, he will be able to bring all installed packages up to the current revisions of the Debian-stable track (as of any given date) by just typing
apt-get update && apt-get dist-upgrade
The Storm Technologies-originated enhancements such as Storm Package Manager (or whatever it's called) should remain present and usable, since Stormix has been highly compatible with Debian proper.
From: <rick>
Date: Tue, 10 Apr 2001 17:01:26 -0700
To: nblug-talk@lists.sonic.net
Subject: Re: BIND worm (was: DHCP Servers)
User-Agent: Mutt/1.2.5i
begin Colin Marquardt quotation:
> Speaking of ISC, here is an alert for those who didn't
hear about it
> yet:
Heh. Life in the slow lane.
BIND v. 8.2.3 came out Jan 26, 2001, fixing the TSIG bug
used, here.
http://www.isc.org/products/BIND/bind-security.html
[RM comments: The above is a full set of all posts I ever sent
to NBLUG's mailing list. On April 10, 2001, I received private
mail, out of the blue, from Eric Eisenhart of NBLUG, informing
me that my presence was unwanted, and therefore I was being put
on a list of people NBLUG automatically muzzles. I unsubscribed
-- but later found that Eisenhart had been going about behind
my back at other user groups trying to convince people that I'm
a "flamer". What follows is the only such occasion when it's
been in my presence:]
Date: Thu, 5 Dec 2002 17:30:30 -0800
From: Eric Eisenhart <eric@nblug.org>
To: board@nblug.org, vox@lists.lugod.org, p@dirac.org, rick
@linuxmafia.com
Subject: Re: [Fwd: Re: [vox] OT "auto-out-of-office" replies ==
get robbed ?]
For the record: We'd put Rick on the "deny" list so that he couldn't post, but left him the option of reading if he wished. Sometime later we cleaned him out of the deny list. Technically it's possible for him to join the NBLUG talk list again and respond to people. (but if he joins and flames he'll be denied, removed or always moderated pretty quickly) I think Rick mostly just wanted to be on our annouce list anyways, though.
It definitely was for flaming.
We try to make talk@nblug.org a place where users (*especially* the beginners who know very little) can ask questions and get helped. A correct response is certainly important, but even more important is that the responses be non-threatening so that users feel comfortable asking "stupid" questions the next time. An incorrect or misleading response can always be corrected or clarified (politely) in follow-ups. I think if we had separate mailing lists for newbies and more deeply technical stuff, the newbie list would have a slightly stricter "no flaming" policy and the tech list would be looser with flaming still discouraged. (I figure experienced users have probably been on the net long enough to develop at least a little bit of a thick skin)
--
Eric Eisenhart
NBLUG Co-Founder & President Pro Tempore for Life
The North Bay Linux Users Group
http://nblug.org/
eric@nblug.org, IRC: Freiheit@freenode, AIM: falschfreiheit,
ICQ: 48217244
From: Rick Moen <rick@linuxmafia.com>
To: vox@lists.lugod.org
Subject: Re: [Fwd: Re: [vox] OT "auto-out-of-office" replies ==
get robbed ?]
Quoting Eric Eisenhart (eric@nblug.org):
> It definitely was for flaming.
This seems to be "take a free shot at Rick" day, which I don't really take personally, but:
Ordinarily, the target of such an accusation has no means of refuting it. However, in this case I have an archive of all posts I ever sent to the NBLUG mailing list. I've put a copy here:
http://linuxmafia.com/~rick/linux-info2/nblug-talk.html
I'll immediately pay Eric $100 if he can convince Bill Kendrick, LUGOD president, that any one of those 56 posts contains "flaming" of any sort. (I suggest and request that any follow-up be via private mail -- except that if I'm wrong and Eric gets that $100, I'm willing to post this fact with an apology.)
[RM comments: There was of course no response.]