Safe web practices covers a lot of ground. It was pointed out that intrusion de tction is the last piece of security. Firewalls, and appropriate security consc ious configuration of the online features comes first. Intrusion detection does n't stop you from geting hacked, but is a post-intursion activity that helps you prepare for the future. Various aspects of web security were discussed.
It was suggested that at a future meeting some of these should be set up and exe rcised so that it could be seen how they worked.
Snort sits on the wire and sniffs packets against rules. In this way it acts on the same information as ethereal and tcpdump. Tripwire and logwatch look for ch anges on the hosts filesystem. SAINT and Nessus are port knockers that look for vulnerabilities on the network.
Next we discussed NOMACHINES NX product. Running from windows, it can provid e a "desktop" view of the target Unix host. The setup is easy. The presentation is similar to VNC or TightVNC, but is not browser based.
After the meeting, some of the group ajourned to Lyons. There we discussed I MAP as a worthwhile endeavor. Being blunt, at first I didn't grasp the import. Since, after all, the web interfaces that I use for mail work fine. But, are a pparently based on IMAP. The value and nature of commodity software vs. innovat ive software was discussed.
How to make a buck was also discussed.
After a good working over in the parking lot, I might be willing to conce ed the value of IMAP. But, lets keep our options open!
let's do this again next month
The meeting started with a discussion of VMWare's virtualization product (vmware.com). This product is designed to use applances, but can also virtualize operating systems if they are appropriately configured and packaged. These can be obtained at the site easyvmx.com.
Next, QEMU was discussed. This can use a bootable CD iso image for an operating system and virtualize it. QEMU can create the iso images. These iso images can also be used by VMWARE, without having to go to easyvmx.com
The VMWARE server was also demoed
Meeting Summary
Started off with some more discussion of the wireless nic issues. Since there have been reports that the 2.6 kernel has more support for these, some time was spent going over how to install a new kernel.
A complete Red Hat Core 3 distribution was copied from CD to the hard drive and YUM was configured to use it as a repository. All the man pages were reviewed, but it wouldn't work. Turns out that yum-arch won't work. The man pages implied this much by listing it as deprecated. The new package is createrepo. Running this instead of yum-arch will get you a working YUM repository.
There was some discussion of virtualization and Bob and Brian agreed to present this topic at the next meeting. Didn't get to Apache, X, or BIND. These will have to wait for a future meeting.
Open Agenda
Meeting Summary
There was a very bried discussion of YUM and RPM's at the end of the meeting. YUM client configuration and the basic structure of an RPM were reviewed.
Most of the meeting was devoted to using wifi with Linux. The various configurations, distributions, hardware and issues were exchanged and discussed. Although no one got their wifi to work at the meeting, most felt that some progress had been made and that helpful resouces had been identified.