[ale] Old host you want to unload?

Scott Castaline skotchman at gmail.com
Mon Jul 15 11:42:27 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've got an old Dell Poweredge 1400 series server. It only has one of
two possible CPU modules, and 512MB. It also has 3 SCSI Wide HDDs. (It
did have 4 but one died, can't find track 0 on powerup, you can hear
the constant recal going on with that drive.) It hasn't been powered
up in a while, you're welcome to come over and check it out, if it
interests you. I live in the Lawrenceville area.

Scott C


On 07/15/2013 10:14 AM, Jerald Sheets wrote:
> Ok, I'm at a desk and not on a phone.
> 
> 
> Let's sort of set the stage, if you will, to clarify a few things.
> 
> First, I've raised two boys into their 20's and done this all
> before. Second, I've got a metric crapload of snort processing
> scripts I've written that watch for all manner of icky URL matches
> on "requested sites" and also on Squid's logs to do the same.  I
> took the stance with the boys of "trust but verify" which is a very
> "apple-storeish" thing to do.  I had transgressions once by each
> boy that got addressed personally and quietly and have managed
> (aside from the occasional pop-up storm) to keep them "porn free"
> if you will as long as they've been under my roof. Anything they've
> managed outside of the house is beyond the scope of my purview, of
> course, but they pay for their own phones now… I can't "control"
> their intake forever.
> 
> Now I'm on "kids 2.0" with my second wife, and they're all girls
> and at ages 3, 6, and 10.  The 10 year old has an internet-capable
> device,  so, I'm putting the same system back in place with the
> same scripts and logging and automated emails and such.  However,
> their mother wants the added protection of content filtering for a
> couple of years until "aunt flo" arrives and she can halve "talk
> 1.0" with her, but also wanting to know /what /was requested and by
> what mechanism.  Ipcop to the rescue again…you can say "no" via
> automated system, but it's considerably more important to know what
> is being asked for and how.  Was it typed in? Why is the child
> interested in that particular topic?  (etc. etc.)
> 
> Also, having all these folks on the network at home while "mom &
> dad" work from home a lot requires packet-shaping of the Xbox and
> Rou down and web traffic/SSH up.  Also, when on the road, I need to
> be able to VPN into my private network from anywhere to do
> something even so small as printing a doc for my wife all the way
> to rooting around my internal net for various reasons.  (i.e., you
> can't hit the time machine from the outside)
> 
> So, a smallish box with modest means to run a couple hundred meg
> distro for firewalling seemed to be the way to go for us… that's
> why I asked.
> 
> 
> TL;DR.  (I've done this before.. I just need hardware)
> 
> Something else on the topic…. I re-read and it appeared I was
> *only* asking for "free" stuff… I'm not. If you've got something
> hogging space and you're under a "nag order" to get rid of it,
> please do think of me first.  And if it requires a few bucks,
> that's good too.  I just wanted to work with you guys who may need
> a few bucks first before giving that cash to $company making cheap
> crap in China.  I'd rather buy the cheap crap from you instead.
> XD
> 
> 
> --j
> 
> 
> On Jul 15, 2013, at 8:52 AM, Tom Freeman
> <tfreeman at intel.digichem.net <mailto:tfreeman at intel.digichem.net>>
> wrote:
> 
>> Please forgive the chime in - but...
>> 
>> +1  with an observation of sorts
>> 
>> A parent still needs to monitor sufficiently to catch a usuable
>> per centage (what ever that value is) to ensure that the
>> conversation takes place. (I caught a daughter sneaking a viewing
>> of "Flesh Gordon" from a copy her late mother gave me. _That_ was
>> an awkward conversation!)
>> 
>> 
>> On Mon, 15 Jul 2013, Jim Kinney wrote:
>> 
>>> In short: don't rely on technology as a role model stand-in for
>>> children. I have exactly 0 filters on the feed at my house.
>>> none. waste of time. Kids will find what interests them. If
>>> it's porn, you're overdue for "the talk" and that one will go
>>> on for the next several years. If the adult is not capable of
>>> sitting down and watching what they are and rationally 
>>> explaining what is problematic about it, the child will begin
>>> to disregard the adult as an authority figure and view them as
>>> just another knee-jerker wearing blinders. Most kids are
>>> wanting to find stuff that's not porn and other "bad stuff". 
>>> Most kids get embarrassed or grossed out when it accidentally
>>> crosses the screen on an errant mouse click. It's far more
>>> important to have them understanding that they will not be
>>> punished the occasional mistake but will be expected to learn
>>> from them. Teach them the "back" button in both mouse and
>>> keystrokes :-) Ron brought up a bigger issue that can't be
>>> filtered with current tools: what the kids actually say online
>>> to each other. Between 12-13 and about 19-20, girls are vile,
>>> horrid creatures to other girls and boys are brain-damaged
>>> monsters with illusions of invincibility. A useful tool would 
>>> be a screen mirror with recording so the nasty things they say
>>> to each other can be replayed, discussed, and used as reasons
>>> why privilege A is being withheld. I'm thinking of a chat
>>> mirroring tool or email copy process. It will only get to be
>>> used once then they will change methods (if they are smart).
>>> But that level of guidance, no matter what _they_ think, would 
>>> benefit them greatly learning how to relate with others. 
>>> Besides, once the hormones kick in, they will find a way to
>>> find out about it. If the default view at home is "NO! BAD!",
>>> they will look elsewhere for answers unless they are totally
>>> dominated by helicopter parents. Most commercial porn is crap
>>> with subtle and not so subtle overtone of violence against
>>> women as themes. It's a challenge to find something that can 
>>> serve as guidance for humans really relate in bed. And
>>> intelligent bed banging is far better than stupid gun banging
>>> in the street. On Sun, Jul 14, 2013 at 9:46 PM, Ron Frazier
>>> (ALE) <atllinuxenthinfo at techstarship.com 
>>> <mailto:atllinuxenthinfo at techstarship.com>> wrote: Hi all,
>>> 
>>> Since I brought up OpenDNS, even though I'm a user and a fan,
>>> I should point out some limitations.  About 10%, as a rough 
>>> guestimate, of the ugly stuff will sneak through the filter. 
>>> The purveyers of junk bring up new sites too fast for
>>> everything to be in the database.  Do not assume your kids will
>>> be totally prevented from getting to any and all "insert bad
>>> category" stuff.
>>> 
>>> Also, if your kid knows how to do any of the following, he /
>>> she can bypass the filter: choose an alternate dns server on
>>> the pc, use a proxy / anonymizer (although you can filter that 
>>> category), browse by ip alone without dns, start up a vpn,
>>> take their laptop / smartphone to a friend's house or hotspot
>>> or step parent's house.  Anything that bypasses the use of the
>>> OpenDNS servers or changes their public ip bypasses the filter.
>>> I have wished in the past that I could tie the filter to a
>>> specific pc, but OpenDNS does not provide that as far as I
>>> know.
>>> 
>>> Internet Explorer provides some built in content filtering 
>>> options, which can tie into things like NetNanny (I think),
>>> but I've never used it.  Firefox doesn't provide any of that 
>>> natively that I'm aware of, but there may be plugins for it.
>>> 
>>> I have links to a couple of Christian sites related these
>>> topics I could try to dig up if anyone wants.
>>> 
>>> Note that, even if they cannot easily access "uglyjunk.com 
>>> <http://uglyjunk.com>" because of OpenDNS, they can see links
>>> to it in google and bing, and in the latter case, with live
>>> video coming though bing.  The child's pc need not ever visit
>>> "uglyjunk.com <http://uglyjunk.com>" to see some of its 
>>> content, albeit with smaller pictures.
>>> 
>>> You can make things harder to bypass by putting the OpenDNS 
>>> servers in your router settings.  Then, any pc which just uses 
>>> basic dhcp to get it's ip and dns will pick that up from the 
>>> router.  But, that does not prevent the pc from querying
>>> another dns server directly if it wants to.  If the pc can get
>>> an ip for "uglyjunk.com <http://uglyjunk.com>", it can still
>>> visit the site.
>>> 
>>> I have heard that you can get hosts files of preconfigured 
>>> blacklist sites, then the computer is just directed to nowhere 
>>> when they try to get those sites, before even querying the dns.
>>>  I've never used that though.
>>> 
>>> The service also depends on linking your public ip to your 
>>> account.  That's why going to a hotspot bypasses the filter. 
>>> They'll have a different public ip which is not linked to your 
>>> account.  Even if the pc was set to use the OpenDNS servers, 
>>> your personal filter settings would not be in affect.  You
>>> would still get phishing protection though.
>>> 
>>> Since your public ip is subject to change periodically when
>>> your cable / dsl modem resets, you need to run a small utility,
>>> which I run in Windows, to link your current public ip with
>>> your account and filter settings.  You'll have to check on
>>> whether they have a linux utility, but they probably do.  When
>>> your ip changes, if the utility runs, the OpenDNS servers get
>>> set to respond to the new ip.  If your ip setting utility
>>> doesn't run for a few days, then your filters won't be in
>>> affect for a few days if your ip has changed.
>>> 
>>> I do NOT recommend running the ip setting utility on the
>>> child's computer.  Here's why.  Let's say you did that.  They
>>> go to starbucks.  They login, then the ip utility links
>>> STARBUCKS public ip to YOUR filter account.  Your child would
>>> then be subject to your filters, but so would EVERYONE ELSE in 
>>> starbucks.  That might cause some problems.  This would remain 
>>> in effect until your child logged into another network and got 
>>> another public ip.
>>> 
>>> Because ip's change, the system occasionally gets confused as
>>> to which account owns which ip.  This is rare, but, for
>>> example, let's say there is a disruption at the isp and all the
>>> cable modems get reset.  You may end up with what was someone
>>> else's public ip and they may end up with yours.  It may take a
>>> little while for the ip setting utilities to set everything
>>> straight. So, the possibility does exist that they could see
>>> stuff in their account logs on OpenDNS that came from you and
>>> you could see theirs.
>>> 
>>> One other slight disadvantage of the OpenDNS system is that
>>> all pc's in the house with the same public ip will have the
>>> same filters.  You could always active a vpn or proxy on your
>>> own pc though and bypass your own filter.
>>> 
>>> Despite these limitations, I found the service extremely
>>> useful and wouldn't want to be without it with a child in the
>>> house. You could gang other technologies on top of this, if you
>>> wish. I still have it active, even though my child has moved
>>> out, to filter out rubbish that I might hit accidentally.
>>> 
>>> This is slightly off topic to the original question, but I'd 
>>> consider a certain amount of monitoring of my kid's 
>>> communications online.  Chat, email, facebook, whatever.  How 
>>> much is up to you.  I'd also set rules on who it was
>>> appropriate to communicate with.  Again, up to personal
>>> discretion.  You can get books about how to deal with these
>>> issues.
>>> 
>>> Sincerely,
>>> 
>>> Ron
>>> 
>>> On 7/14/2013 8:09 PM, Doug Hall wrote: 27" iMac is sweet. But I
>>> agree with Ron. There's no reason to buy ANYTHING if you use
>>> OpenDNS to filter content. I'm very satisfied with the free
>>> service. Okay, maybe paranoia is a reason. I wouldn't be 
>>> surprised to know that OpenDNS is releasing records to the NSA.
>>> But then again, so could your current ISP. On Sun, Jul 14, 2013
>>> at 5:03 PM, Jerald Sheets <questy at gmail.com
>>> <mailto:questy at gmail.com>> wrote: I do.  It's a slamming 27"
>>> iMac.  :)
>>> 
>>> Jerald Sheets Sent from my iPhone5 On Jul 13, 2013, at 10:20
>>> PM, Jim Kinney <jim.kinney at gmail.com
>>> <mailto:jim.kinney at gmail.com>> wrote:
>>> 
>>> Jerald, you're missing the entire point: Upgrade _your_ machine
>>> and give the old one to the young-uns. Put squid-guard on it
>>> and provide a pile of bookmarks they are interested in. :-) 
>>> House Rule: Dad ALWAYS has the best hardware unless someone
>>> else is paying for it. On Sat, Jul 13, 2013 at 10:00 PM, Neal
>>> Rhodes <neal at mnopltd.com <mailto:neal at mnopltd.com>> wrote: I
>>> would think you could look for off-lease "no-os" refurb units
>>> on TigerDirect for maybe $100.
>>> 
>>> On Sat, 2013-07-13 at 21:22 -0400, Jerald Sheets wrote: Hi
>>> all. I've come to the point where my next generation o little
>>> ones will be going online, and I'm going to build me a content
>>> filtering firewall. (Ipcop) Thing is, I don't have any old
>>> hardware and need to get something, but anyth ing I would buy
>>> in a store would be overkill. I'm looking for something P3 or
>>> later, mid tower with one drive bay is fine and 4-8G of memory.
>>> Anyone have anything like that you'd like to unload? Jerald
>>> Sheets Sent from my iPhone5 
>>> _______________________________________________ Ale mailing
>>> list Ale at ale.org <mailto:Ale at ale.org> 
>>> http://mail.ale.org/mailman/listinfo/ale See JOBS, ANNOUNCE and
>>> SCHOOLS lists at http://mail.ale.org/mailman/listinfo 
>>> _______________________________________________ Ale mailing
>>> list Ale at ale.org http://mail.ale.org/mailman/listinfo/ale See
>>> JOBS, ANNOUNCE and SCHOOLS lists at 
>>> http://mail.ale.org/mailman/listinfo -- -- James P. Kinney III 
>>> Every time you stop a school, you will have to build a jail.
>>> What you gain at one end you lose at the other. It's like
>>> feeding a dog on his own tail. It won't fatten the dog. -
>>> Speech 11/23/1900 Mark Twain http://electjimkinney.org 
>>> http://heretothereideas.blogspot.com/
>> _______________________________________________ Ale mailing list 
>> Ale at ale.org <mailto:Ale at ale.org> 
>> http://mail.ale.org/mailman/listinfo/ale See JOBS, ANNOUNCE and
>> SCHOOLS lists at http://mail.ale.org/mailman/listinfo
> 
> 
> 
> _______________________________________________ Ale mailing list 
> Ale at ale.org http://mail.ale.org/mailman/listinfo/ale See JOBS,
> ANNOUNCE and SCHOOLS lists at http://mail.ale.org/mailman/listinfo
> 


- -- 
Sent from my home PC running Fedora18 to you and NSA, FBI, CIA, HSA
and God only knows who else!!!!!!!!!!!!!!!!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJR5BhgAAoJEIefqZ0kni1d24oP/0lKGRvWhRg9hTlFjnbF+7ys
z3EaP5NsbzO8Psm0im3u+6ZKckYWdNay3kmZuGvtLR6/mKwOenXwNNVyIocB4NFb
IXgiATx0KbPwjkxmnpOu1/nHDmA+TZ2kNCcWVT/6lBQcM2UAj1vnrLPH2I3zfc+e
gRWbQNnae19LRILQVvTCMi8faa+3Fj8UjM3cTkOGstIfqbxqDqlx6HoXmPY8VvKX
iWk7F68efQPr9+cn2v9FF8jdmfbgBkzmvqF3CnVBgHCUFpGW5pg7X9Yze2zu5uEg
P1H+PztAoJw8fGqQYveTLsv1tqBIAzg8kdkj1+l6T+yS5/zjksZ87g7Ktc6NIcoa
1nO1KJgrDa5lu9zetFYAVM2YLi+YXT1zxqVnnCLL8w8MDZTfjYY7WjmQjTfrMblB
7mqTPovBmm9O3j/DxZWWxWUDwRMqWws97iXl7Atv/wuAxAHzLM+tsuHRmAenxM8Z
RtScp2AOg+hJjoau+gFAmJQTO4tJZkVkPyLENqcFm738uq7RUiZ+pM+lAhCeNovV
x8L7g6j/LSktrag4Rr7k13bXptXMMX7hf2Q74xy5dD1UkcJ8uYGiupfUpl7kFSn2
J9j10DLZo6VHe5TDez2PWsQ9Qu5CkswzZNEz20gHrGhTPmdz15Uvt/+AHPaVNItm
1KPKITolGTnXSRfMxBqr
=zuMk
-----END PGP SIGNATURE-----


More information about the Ale mailing list