[ale] Topic for next ALE NW meeting June 16th
Greg
runman at telocity.com
Sat May 25 23:51:56 EDT 2002
David, Geoffrey, et al...:
I just offered to help David in any way David wanted/needed. Not sure
where/when/how I got promoted to a co-presenter or what not, but I am
officially bowing out except to help in any way David wishes. I am nowhere
near a scripting guru. David, dude, you are the man. As for my topic at a
future date, ... ok I suggest the following (pick 1 please).
1. A one to one match up of MS <---> Linux programs for the everyday user
who is trying to ditch MS and the many day to day programs we have all come
to know and love. I will also deal w/ options for the 1 or 2 MS programs
that HAVE to be ran ... or How I Stopped Using MS software for All My Needs
(except Quicken - which does have 2 (if not more) fine Open Source cousins).
Yes, I will mention Quake for Linux, the many office suites, mail clients,
Outlook substitutes, etc...
2. A transparent firewall/bridge using OpenBSD, where transparent means the
box has no IP addresses and it just scrubs and filters packets and logs
stuff .. is also stateful . I could even talk about ip - the OpenBSD
successor to ipf (think ipchains in the Linux world). Yes, I know the "L"
in ALE is for Linux, but I haven't found a distro that is secure enough for
my paranoid, anti-cracker little brain to like for firewalls, though I will
be looking at Suse this week. I use a box like this to complement my other
Linux based firewall.
3. A short How - To on installing Apache and setting up some simple web
pages using HTML. Mainly for those wanting to just get into it or set it up
for a secure intranet. Will also cover some features/capabilities and such.
To keep it simple and secure, cgi/PHP/Java/Tomcat/etc won't be covered,
especially since I think newbies and some who don't know their limits forget
the considerable security that a webserver using server-side logic like
cgi/PHP/Java needs to have in place. Time is also a consideration of course
(The Wife was a little concerned when I came home after midnight the last
time I attended). Of course, this attitude may just be the results of the
many hours I have recently spent trying to keep out several hacks on my
machines or my excessive paranoia kicking in at this time. Web security
would/could be in fact several presentations and is dependent on the
differing technologies and would/could also flow over to firewalls and such.
For that I would suggest a wonderfully practical and well written book
written by ALE's own Bob Toxen, "Real World Linux Security Intrusion
Prevention, Detection, and Recovery". Other books on my shelves are "Linux
Firewalls - 2nd edition" by Ziegler, O'Reilly's "Practical Unix and Internet
Security" & their "Building Internet Firewalls" (the later seems kinda dated
to me). If you only want to get one, get Bob's. Most Linux admin books
have a chapter or so about security also. My Apache book is the one by Wrox
publishing. *sigh* I don't have any or think there are any dealing with MS
security on the web (read IIS) - I mean publishers probably think "why waste
the paper" ??
ok, I confess I do have an IIS book, but the security on IIS is crap. Now
I feel better.
> -----Original Message-----
> From: Geoffrey [mailto:esoteric at 3times25.net]
> Sent: Saturday, May 25, 2002 6:56 PM
> To: ale at ale.org
> Subject: Re: [ale] Topic for next ALE NW meeting June 16th
>
>
>
>
> David S. Jackson wrote:
> > On Fri, May 24, 2002 at 01:15:10PM -0400 Geoffrey The Esoteric
> <esoteric at 3times25.net> wrote:
> >
> >>With David's acceptance, I'll put together the announcement. I believe
> >>Greg offered to assist, therefore I'd need a short bio from
> both for the
> >>announcement.
> >>
> >
> > I accept, Baby!
> >
> > One thing, communication is hard enough to accomplish face to face, but
> > preparing something as complicated as a bash mini-seminar as a brand new
> > two-man team could be daunting, to me at least.
>
> That's fine as far as I'm concerned, you offered, it's your presentation.
>
> I'll not let Greg off that easily though, as I'd still like to leverage
> his knowledge, so Greg, how about you choose a topic of your choice for
> a presentation? Bob Toxen's going to do iptables in July, so you've got
> some time to think about it and put something together. Or, if you can
> help Dave with the issues he's outlined below, let him know.
>
> >
> > I think the end-result would be more cohesive if just one of us were
> > responsible for it. Team-teaching such a thing is a little too
> > sophisticated for me. But I certainly need help with outline, examples,
> > critiques of code and so forth that I'll prepare for the list and class
> > prior to the presentation date.
>
> Any takers? I'm open to reviewing code and examples.
>
> >
> > Also, I don't really have any experience making slides for a
> > presentation, so any help getting those ready would help. Why don't I
> > get the outline fleshed out, along with mini-exercises, and perhaps even
> > a little workbook of, say, 10 pages or something. And then whatever the
> > best way to get all that across in handouts, exercises, arm-waving, etc,
> > y'all can "edicate" me with.
>
> Someone into slides?
>
> >
> > That way, any special examples or problems can be elucidated and
> > incorporated by the time of the presentation.
> >
> > Howdat sound?
>
> You on, now how about that bio??? :)
>
>
> --
> Until later: Geoffrey esoteric at 3times25.net
>
> I didn't have to buy my radio from a specific company to listen
> to FM, why doesn't that apply to the Internet (anymore...)?
>
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info.
> Problems should be
> sent to listmaster at ale dot org.
>
>
>
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list