Welcome 
to Orb Designs

Home

Graffiti

About

Sitemap

Visual

DevWork


Email Brian Bilbrey

Email Brian

GPG Key

GRAFFITI -- March 08, 2004 thru March 14, 2004

>> Link to the Current Week <<

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week


Search this site :

Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable.     About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.

Ron Paul in 2008

Creative Commons License

Read LinuxGazette, get a clue.

MONDAY    Tues    Wed    Thu    Fri    Sat    Sun   
March 8, 2004

0648 - Good morning. After sleeping deeply in yesterday morning, the day went very well. First bit of good news is the first crocus of the year arrived on our property yesterday, a couple of weeks in advance of Spring. How lovely! After the heavy rains of the day before, it was glorious and sunny and 70 plus here yesterday. That let me get out in the yard and put in our peas.

First crocus of spring on our ground Rows ready for planting. Peas in the ground.

I came home an hour early or so on Friday, and turned up the soil into the first couple of rows, getting ready for the first round of planting. That came to naught on Saturday, as the rains came in late Friday night and stayed through the day. After we got back from shopping yesterday, I got into my muddies, and drained the furrows. Then we put up the wire trellis (about 20 linear feet worth), and got the Alaska and Snow Peas into the ground. In addition to the two week old plants, I also seeded the row with the same plants, covering my butt in case the weather kills these in advance of their taking hold. The plants don't look like much just now, but this picture will provide contrast to the LATER picture that'll be coming soon.


Wonderful news: After much patience and hard work, my lovely Marcia has finally gotten her well-deserved promotion. Way, baby!


In other news, my eyes are fading. You'd think with all the carrots I ate as a child, I'd have stunningly good vision at least into my late 80's. But over the last several months, I've noticed my close vision getting progressively worse. Not dramatically, mind you. But on the smallest stuff (like a serial number label on a computer upside down at the bottom of a rack, when I was close enough to read it, the text has been fuzzing out. So I decided it was time to get some cheapie reading glasses. Back on the Left Coast we'd have called these things Dean Edell's, after a Bay Area doc with a local TV news gig there. I got a three pack of 1.25 diopter glasses, one for the desk, one for the bedside, and one for carrying to and fro with me. Sigh. Getting old is a Joan Crawford.


Here's a link for you to spend some Monday on. First, if you recall the Penguin batting Flash animation I pointed to a couple of weeks back ... well, here's a much bloodier version that MikeM turned me on to: Penguin Bashing.


It's time for me to roll on into work. There's a lot going on, and it'll be a busy week. Thanks for spending some of yours with me...

Top  /  Email Brian


Mon    TUESDAY    Wed    Thu    Fri    Sat    Sun   
March 9, 2004

0727 - Good morning. I was awake by shortly after 5, and out of bed at 6 to get the trash out curbside for pickup this morning. They're not supposed to come around collecting until after 7, but generally have come and gone before that time. And of course, this is a morning when I'm in no rush at all. I'm meeting Larry at a client site to complete an installation we started last week, but that's not until 0930. Maybe I'll go back to bed...? Nah.

However, I'm only good for random surfing this morning, and I haven't found anything interesting enough to pass along yet. Yesterday, I spent much of the afternoon working on a script to parse out an HTML file, grabbing the pertinent bits to send them to Festival. Festival does text-to-speech conversion, and we'll pipe the output to either the web, TV, or low-power radios, depending upon the application. I've got some research yet to do there on finding better synthesis plugins and better voices than come default with Festival, however.

I've been editing this page for about an hour now, with bloody little to show for it.I suppose that I'll wrap this up and post. Have a great day!

Top  /  Email Brian


Mon    Tues    WEDNESDAY    Thu    Fri    Sat    Sun   
March 10, 2004

0658 - Good morning. Yesterday we spent the day doing installs and configuration and updates on Windows machines. Bloody reboots. What else is there to say? In the evening . . . I was working on something, can't remember what. It'll come back to me in a moment. Anyway, after that, Marcia and I played Scrabble for a while. On my first play, I got all seven tiles out on the board. Marcia said that was good, and made me take 50 extra points. She then clawed her way back up to parity, then a firm lead which I only caught and passed just in the last three plays of the game. It was a good one.

Oh, right. I was burning a few discs last night for assorted purposes. A new friend at a client site wanted another copy of Knoppix, since his girlfriend cleaned up the other one unfindably. For those readers who don't know or remember, Knoppix is a bootable, run-from-the-CD Linux distribution that lets you get your feet wet in Linux without committing it to the hardware. Then I went to burn a couple of bootable discs of the Offline NT Password & Registry Editor. This is a great little tool, runs Linux and lets you do just what we needed the other day - blank out the Administrator password on a box that we'd just demoted from Domain Controller status (this in particular was Win2K SBS). During the demotion, it asked for the new admin password for the local machine. One could only assume that the process set that, right? Wrong! With a box we could not log into, Russell put us onto NTPasswd. Worked like a charm. Followed the defaults and set the Administrator account to blank. Then we were able to do as we wished.

Finally, Gentoo was on the list. I got a copy of the latest "Universal" installation ISO, the 2004-0 release (Gentoo has gone to a quarterly release cycle), and let that download while we played last night. I just burnt it to disc a moment ago. One of the things about the Gentoo development team that I find particularly praiseworthy is their commitment to keeping the documentation in sync with the distribution, as well as patching up holes in the instructions as they come up. I've noted on more than one occasion that for one particular package or another, all of the docs above the README and manpage layer often are fairly static, leading to inconsistencies with the package's behaviour. Just another way that Gentoo rocks!

Okay! Time to wrap this up. Have a lovely day, see you around.

Top  /  Email Brian


Mon    Tues    Wed    THURSDAY    Fri    Sat    Sun   
March 11, 2004

0637 - Hullo. Another quick start for me today. I'm shooting straight up to one client site as early as possible, to setup a new laptop for a new salesguy. Then I'll head over to another regular client up Gaithersburg way to continue with both the text-to-audio work I've been doing there, along with exploring ClamAV, an Open Source anti-virus tool for mail servers.

Here on the home front, Sally's not doing so well, at the moment. She has a urinary tract infection. She's not very hungry, and that makes her a challenge when it comes to getting those important pills down her. Poor puppy. Also, the weather turned on us. After a week of 60's and seventies, we had snow yesterday. Snow! It didn't stick, but still it's a good thing I planted snow peas, eh?

Now I must go. Have a good day.

Top  /  Email Brian


Mon    Tues    Wed    Thu    FRIDAY    Sat    Sun   
March 12, 2004

Lucy sitting at guard duty in the back yard at dusk Lucy charging back into the house when called0729 - Good morning! Am I ever glad it's Friday! And I'm blessed with a later start and a closer client than other days this week, so all is getting even better. I'll start you off today with a couple of snaps of Lucy from earlier this week. At left, I'd put her out just to get her out from under foot. Usually she charges around the back yard, peering between the fence slats and yapping at things she sees (or thinks she sees). But this particular evening, she just settled her little behind down and kept watch from the center of the yard. That shot is grainy because it's dusk, the flash didn't help at all, and it's not a good low-light camera. So I pumped it up in the Gimp a bit. At right, you can see that Lucy really didn't want to be outside at all, when she could have been inside, underfoot, and ready to catch any dropped food.

Sally is improving, a little bit. She doesn't have much appetite, but that's probably down to the strong antibiotics the doc has her on. Other than that, behaviourally, she's making strides. We sure hope she shakes this one off...


Here's some humor. This came by email from the left coast...

It started out innocently enough. I began to think at parties now and then to loosen up. Inevitably though, one thought led to another, and soon I was more than just a social thinker. I began to think alone - "to relax," I told myself - but I knew it wasn't true.

Thinking became more and more important to me, and finally I was thinking all the time. I began to think on the job. I knew that thinking and employment don't mix, but I couldn't stop myself.

I began to avoid friends at lunchtime so I could read Thoreau and Kafka.I would return to the office dizzied and confused, asking, "What is it exactly we are doing here?"

Things weren't going so great at home either. One evening I had turned off the TV and asked my husband about the meaning of life. He spent that night at his mother's.

I soon had a reputation as a heavy thinker. One day the boss called me in. He said, "Skippy, I like you, and it hurts me to say this, but your thinking has become a real problem. If you don't stop thinking on the job, you'll have to find another job."

This gave me a lot to think about. I came home early after my conversation with the boss. Honey," I confessed, "I've been thinking..."

"I know you've been thinking," He said, "and I want a divorce!"

"But Honey, surely it's not that serious."

"It is serious," He said, lower lip aquiver. "You think as much as college professors, and college professors don't make any money, so if you keep on thinking we won't have any money!"

"That's a faulty syllogism," I said impatiently, and He began to cry.

I'd had enough. "I'm going to the library," I snarled as I stomped out the door.

I headed for the library, in the mood for some Nietzsche, with NPR on the radio. I roared into the parking lot and ran up to the big glass doors... they didn't open. The library was closed. To this day, I believe that a Higher Power was looking out for me that night.

As I sank to the ground clawing at the unfeeling glass, whimpering for Zarathustra, a poster caught my eye. "Friend, is heavy thinking ruining your life?" it asked. You probably recognize that line. It comes from the standard Thinker's Anonymous poster. Which is why I am what I am today: a recovering thinker.

I never miss a TA meeting. At each meeting we watch a non-educational video; last week it was "Porky's." Then we share experiences about how we avoided thinking since the last meeting. I still have my job, and things are a lot better at home.

Life just seemed... easier, somehow, as soon as I stopped thinking.

Soon, I will be able to vote Republican.


This next email came in a while ago, and dropped off my radar for a week, what with all the fun I've been having here. If you, Dear Reader, also have input for RIchard, send it my way and I'll get the info posted here, useful to everyone. Thanks...

From: Richard
Subject: Request for info/Pick your brain
Date: Thu, 4 Mar 2004 10:23:59 -0500

Mr. Bilbrey:

I am looking for some "what do other guys recommend/actually use" information or direction. If this is not appropriate or unwelcome, please do not hesitate to reply with a "pound salt".

I have inherited a customer because of poor previous consultant. They currently have a Windows 2003 server with about 8 desktops and are using Winproxy (www.ositis.com) as their only antivirus and firewall to their dsl connection. If not obvious, the site is a mess. The customer wants to be able to VPN and work remotely (terminal services).

I am working on a proposal to install antivirus on all nodes, dual-home the server (it's not) and put in a more rigorous firewall that will also allow the vpn, whether pass-thru to the server or by itself. The firewall is what I'm stuck on.

What do you do/use for your customers? Naturally I need to keep the customer penny wise and pound foolish while "re-training" them and getting them used to a more reasonable budget. I've been looking at dlink, netgear, linksys, checkpoint, sonicwall, and watchguard... and realized that I'd like some "real-world" opinions. Also, do you have a best practice on whether to use the firewall or server for the VPN?

Your comments/insights would be appreciated.

tx,
rich


Time for me to go. Have a great day, Happy Friday!

Top  /  Email Brian


Mon    Tues    Wed    Thu    Fri    SATURDAY    Sun   
March 13, 2004

1109 - Good morning. Robert writes in about yesterday's email from Rich about how to best server a new client:

From: Robert
Subject: Request for info/Pick your brain
Date: Fri, 12 Mar 2004 14:16:06 -0600

Hi Brian

At first glance one of those soho vpn routers would be the hands down solution until I re-read the question. Dual homing the server, assuming he wishes to have dual homed internet connectivity, which by my way of thinking may or may not have anything to do with the server, raises the level of complexity (and cost) significantly. If you have that, you might want to take advantage of the opportunity to aggregate the bandwith with automatic failover, no? But he is dealing with DSL so what is going to be the 'dual' in home? Cable? Dialup? Other DSL? Or is he really talking about dual homing the server, as in mirror? It will be interesting to read what ya'll come up with for him.

-Bob

I've been up since before 8, and I've been a total lazy person so far today, after a very busy week. Let me take the time to re-read Rich's email and craft my own reply...

Understand that the following is my opinion, without having seen the actual client site, and biased by what I've made work for clients in the past:

I'll have to make a couple of assumptions here. First, that the server is dual-homed, and firewalling on the Internet side using WinProxy. All workstations use the server as their gateway to the Internet, as well as being the file, authentication and anything else server. Eeeeew!!! Me runs and hides. I'm hopeful that with a Win2K3 server that perhaps all of the workstations are of a Windows XP Pro vintage - that will help immensely in the scenario I'll describe.

Here's my picture of how the network SHOULD look:


              INTERNET
                  |              
          Firewall Appliance
                  |
    10/100 or Gigabit Ethernet Switch
        |         |  |  | .... |
     Server       |  |  |      |
                 Workstations (8)

The Firewall Appliances I've had experience with are Sonicwalll and Watchguard. Both will suit the purpose admirably. One item that springs to mind is the type of Internet connection that the client has. If it's a static IP address, either product family will work. If it's a DHCP lease IP addess, then you might want to lean towards the Watchguard products, since they have support for DynDNS (http://www.dyndns.org/).

You'll want to pay for VPN capabilities, but not worry about Terminal Services. Allow people to use Remote Desktop from their outside XP computers to work on their inside desktop machines via VPN, or to just access the resources on the server via VPN. Terminal services is a management PITA, and licensing there has doubled in the last year.

If the server is providing outside services, convince the client to just STOP THAT! Get a second machine to provide Web and Email services, and put that in a DMZ hanging off the Firewall Appliance (changing that spec a bit), or better yet, get it hosted someplace.

All machines, server and workstations are NAT'd in a private, non-routable IP range, preferably one that's not in common default use by residential broadband Gateways, as it'll make the VPN setup much easier. Use one of the 172... ranges, as the 192.168 set is common.

Many new machines and servers are now coming with Gigabit ethernet interfaces. Getting a Gig router with 16 ports, unmanaged, only costs about $300 from Dell (that's a decent budgetary number, you can price shop after getting plan approval). And with Gigabit at the center, you can make effective use of machines with Gig interfaces today, and as new machines cycle into the mix, you can be reasonably sure that they'll be Gig-aware out of the box.

For AntiVirus, I'd recommend Symantec AntiVirus Small Business Edition 8.1 (10 user pack). You can find discounts with a bit of shopping, but it comes in at about $475 from Symantec directly. This is the recommended product because it'll protect both the server and the workstations. Let the server be the master for the AV, and install all the clients as managed from the server.

I hope this helps answer your questions, at least from this little myopic view of the world.

.brian


Now I need to figure out what to do with the rest of my day. Happy Saturday!

Top  /  Email Brian


Mon    Tues    Wed    Thu    Fri    Sat    SUNDAY  
March 14, 2004

2143 - Good evenin'. No post to speak of today, not as such. We just finished watching the last two parts of "The Five Red Herrings". I like it, although people who don't breathe Sayers say things like, "But some of Sayers' work has a tendency toward incessant clutter--and no where is that more apparent than in this 1931 novel...." (from an Amazon review). But then, I tend to be fond of overly complex things, for their own sake. Grin. More about my weekend tomorrow, of Postfix and dead plants. Toodle-oo.

Top  /  Email Brian


Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week


Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.

All Content Copyright © 1999-2011 Brian P. Bilbrey.

Creative Commons License
Except where otherwise noted, this site is licensed under the
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.