Museum Report 11/27/16
Steve Anderson was docent today. No new visitors came by. InfoAge members and volunteers. Mark dropped off a 24 channel cat 5 switch. -- Jeff Brace - ark72axow@gmail.com
On Mon, Nov 28, 2016 at 2:19 AM Jeffrey Brace via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote: Steve Anderson was docent today. No new visitors came by. InfoAge members and volunteers. Mark dropped off a 24 channel cat 5 switch. -- Jeff Brace - ark72axow@gmail.com
Mark dropped off a 24 channel cat 5 switch.
You mean Martin. There's no Mark. Specifically, it's a power-over-Ethernet switch. We can use that as a regular network switch, but it will also supply power for our two IP cameras, which Martin previously supplied. The cameras have motion sensors so we can configure them to send alerts (to the chapter admin group: me, Corey, Jeff B., Dean) when they record anything outside of our docent hours. Beside the two cameras, one port will connect to our office PC and another connect to the BBS for Telnet access via our LTE modem. What should we do with the other 20 ports? Any creative (non-sarcastic) suggestions for ways to demo/teach vintage computing that would need a network? To put it another way: how might we grow into a 24-port switch?
In that vein, would the group be interested in a 24 port 10m smart hub? Older technology for demos and such. On Mon, Nov 28, 2016 at 1:25 PM, Evan Koblentz via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Mark dropped off a 24 channel cat 5 switch.
You mean Martin. There's no Mark.
Specifically, it's a power-over-Ethernet switch. We can use that as a regular network switch, but it will also supply power for our two IP cameras, which Martin previously supplied. The cameras have motion sensors so we can configure them to send alerts (to the chapter admin group: me, Corey, Jeff B., Dean) when they record anything outside of our docent hours.
Beside the two cameras, one port will connect to our office PC and another connect to the BBS for Telnet access via our LTE modem.
What should we do with the other 20 ports? Any creative (non-sarcastic) suggestions for ways to demo/teach vintage computing that would need a network? To put it another way: how might we grow into a 24-port switch?
I think a hub would be nice to have as some older Ethernet interfaces do not play nice with switches. I keep a small eight-port hub for such things. Dean On Mon, Nov 28, 2016 at 3:10 PM murphnj via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
In that vein, would the group be interested in a 24 port 10m smart hub? Older technology for demos and such.
On Mon, Nov 28, 2016 at 1:25 PM, Evan Koblentz via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Mark dropped off a 24 channel cat 5 switch.
You mean Martin. There's no Mark.
Specifically, it's a power-over-Ethernet switch. We can use that as a regular network switch, but it will also supply power for our two IP cameras, which Martin previously supplied. The cameras have motion sensors so we can configure them to send alerts (to the chapter admin group: me, Corey, Jeff B., Dean) when they record anything outside of our docent hours.
Beside the two cameras, one port will connect to our office PC and another connect to the BBS for Telnet access via our LTE modem.
What should we do with the other 20 ports? Any creative (non-sarcastic) suggestions for ways to demo/teach vintage computing that would need a network? To put it another way: how might we grow into a 24-port switch?
I think a hub would be nice to have as some older Ethernet interfaces do not play nice with switches. I keep a small eight-port hub for such things.
Same here, though often you can get around it by using a nice managed Ethernet switch -- my little Cisco 2960G (8-port gigabit) switch will talk to make 10baseT devices that dislike cheaper unmanaged switches. I always keep at least one hub around for network sniffing. Incredibly useful for troubleshooting something that *should* be working, especially if you don't have a convenient way to mirror switchports over. I've also ran into situations where mirrored ports will like to you w.r.t. VLAN tagging. I've got a very small Netgear 4-port hub, 24 ports might be overkill :) Thanks, Jonathan
I think a hub would be nice to have as some older Ethernet interfaces do not play nice with switches. I keep a small eight-port hub for such things.
Same here, though often you can get around it by using a nice managed Ethernet switch -- my little Cisco 2960G (8-port gigabit) switch will talk to make 10baseT devices that dislike cheaper unmanaged switches.
Martin supplied this one: http://www.cisco.com/c/en/us/support/switches/catalyst-3750-24ps-switch/mode...
Martin supplied this one:
http://www.cisco.com/c/en/us/support/switches/catalyst-3750-24ps-switch/mode...
I've got it's older brother, the 3560E with PoE option. The 3570 should be a very nice switch. Shouldn't be a problem with 10baseT stuff unless it's *really* poorly behaved 10baseT. Thanks, Jonathan
On 11/28/2016 4:01 PM, Systems Glitch via vcf-midatlantic wrote:
unless it's*really* poorly behaved 10baseT. I.e. Asante Nubus cards which fail to properly query/broadcast their network type/etc? I have to run those behind their own tiny 10baseT hub to connect to the network at all...
-- Jonathan Gevaryahu jgevaryahu@gmail.com jgevaryahu@hotmail.com
I.e. Asante Nubus cards which fail to properly query/broadcast their network type/etc? I have to run those behind their own tiny 10baseT hub to connect to the network at all...
Yeah, or manually configure speed/duplex on the switch. Some 10baseT MAUs are like that, too! Thanks, Jonathan
On Nov 28, 2016, at 8:16 PM, Jonathan Gevaryahu via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On 11/28/2016 4:01 PM, Systems Glitch via vcf-midatlantic wrote:
unless it's*really* poorly behaved 10baseT. I.e. Asante Nubus cards which fail to properly query/broadcast their network type/etc? I have to run those behind their own tiny 10baseT hub to connect to the network at all...
FWIW, a 10Base-T switch should work fine in those situations, though they're relatively rare compared to 10/100 or gigabit switches. It's not the switch to which the embuggered Ethernet device objects (and I have a few Mac Ethernet cards of the above-described type with that problem), it's the negotiate. If you can manually set the port speed, that's good, otherwise, you can force it by putting a hub/bridge/switch in between to force it to 10. - Dave
If anyone is ever looking for a deal on POE switches, I've found that Avaya / Nortel switches go for crazy low prices on fleeBay. I'd sooner trust a 5 or 8 year old Avaya switch than a new bargain one. The only annoyance I've had with them so far is that the older ones with a DB9 serial port use a different console cable than Dell, HP, or Sonicwall equipment. -J On Mon, Nov 28, 2016 at 10:27 PM, David Riley via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On Nov 28, 2016, at 8:16 PM, Jonathan Gevaryahu via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On 11/28/2016 4:01 PM, Systems Glitch via vcf-midatlantic wrote:
unless it's*really* poorly behaved 10baseT. I.e. Asante Nubus cards which fail to properly query/broadcast their network type/etc? I have to run those behind their own tiny 10baseT hub to connect to the network at all...
FWIW, a 10Base-T switch should work fine in those situations, though they're relatively rare compared to 10/100 or gigabit switches. It's not the switch to which the embuggered Ethernet device objects (and I have a few Mac Ethernet cards of the above-described type with that problem), it's the negotiate.
If you can manually set the port speed, that's good, otherwise, you can force it by putting a hub/bridge/switch in between to force it to 10.
- Dave
-- Jason Perkins 313 355 0085
If anyone is ever looking for a deal on POE switches, I've found that Avaya / Nortel switches go for crazy low prices on fleeBay.
Yep, we have a 24-port gigabit Bay Networks/Nortel PoE at the NY office. The web interface is a little clunky, but it was pretty cheap (sub-$100, 3 or 4 years ago). There's starting to be lots of good PoE Cisco and HP ProCurve stuff available online as well -- my new (to me) switch even has 10gig slots. I've pretty much always ran on corporate cast-offs, after discovering that comparable equipment cost less than buying stuff at the local computer places. The only trouble is, some of the 1U switches can be pretty loud. Thanks, Jonathan
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus. On Tue, Nov 29, 2016 at 8:56 AM, Systems Glitch via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
If anyone is ever looking for a deal on POE switches, I've found that Avaya / Nortel switches go for crazy low prices on fleeBay.
Yep, we have a 24-port gigabit Bay Networks/Nortel PoE at the NY office. The web interface is a little clunky, but it was pretty cheap (sub-$100, 3 or 4 years ago). There's starting to be lots of good PoE Cisco and HP ProCurve stuff available online as well -- my new (to me) switch even has 10gig slots.
I've pretty much always ran on corporate cast-offs, after discovering that comparable equipment cost less than buying stuff at the local computer places. The only trouble is, some of the 1U switches can be pretty loud.
Thanks, Jonathan
-- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
The existing router has firewall protection that should be more than sufficient for our needs. On Tue, Nov 29, 2016 at 12:52 PM Evan Koblentz via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door. Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
IMHO the museum network *must* have a segment of 10BASE5 long enough to connect any VAX or PDP capable of running a stack. I think it should be hyng from the ceiling (or rafters) for all the world to see with the vampire taps and all. Such a segment could run DECnet or TCP/IP or both. Dave, you have to agree on this, eh? Jim On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network
On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Would this cause a problem for fire code regulations regarding running network wires in the ceiling? I think you would need to find somebody who can supply 10Base5 cable that is compliant with modern in ceiling wire fire regulations or maybe get an exemption from the fire marshal. Sent from my iPhone
On Dec 2, 2016, at 1:57 PM, Jim Scheef via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
IMHO the museum network *must* have a segment of 10BASE5 long enough to connect any VAX or PDP capable of running a stack. I think it should be hyng from the ceiling (or rafters) for all the world to see with the vampire taps and all. Such a segment could run DECnet or TCP/IP or both. Dave, you have to agree on this, eh? Jim
On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Interstate cable sells plenum-rated 10Base5 cable, but need to crimp your own connectors: http://www.interstatewire.com/thicknet-10base5-ethernet-cable.html On Fri, Dec 2, 2016 at 2:06 PM, Jonathan Gevaryahu via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Would this cause a problem for fire code regulations regarding running network wires in the ceiling?
I think you would need to find somebody who can supply 10Base5 cable that is compliant with modern in ceiling wire fire regulations or maybe get an exemption from the fire marshal.
Sent from my iPhone
On Dec 2, 2016, at 1:57 PM, Jim Scheef via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
IMHO the museum network *must* have a segment of 10BASE5 long enough to connect any VAX or PDP capable of running a stack. I think it should be hyng from the ceiling (or rafters) for all the world to see with the vampire taps and all. Such a segment could run DECnet or TCP/IP or both. Dave, you have to agree on this, eh? Jim
On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists. vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
I would use only Belden #9880 cable (yellow with the marks for tap spacing). After all, people are going to see this and it should look properly vintage. Also 9880 is the proper diameter to fit N-connectors and the vanpire taps. This post is my source: http://tech.mattmillman.com/projects/10base5/ Jim On Fri, 2 Dec 2016, Dean Notarnicola via vcf-midatlantic wrote:
Date: Fri, 2 Dec 2016 14:10:14 -0500 From: Dean Notarnicola via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Dean Notarnicola <dnotarnicola@gmail.com> Subject: Re: [vcf-midatlantic] Museum network
Interstate cable sells plenum-rated 10Base5 cable, but need to crimp your own connectors: http://www.interstatewire.com/thicknet-10base5-ethernet-cable.html
On Fri, Dec 2, 2016 at 2:06 PM, Jonathan Gevaryahu via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Would this cause a problem for fire code regulations regarding running network wires in the ceiling?
I think you would need to find somebody who can supply 10Base5 cable that is compliant with modern in ceiling wire fire regulations or maybe get an exemption from the fire marshal.
Sent from my iPhone
On Dec 2, 2016, at 1:57 PM, Jim Scheef via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
IMHO the museum network *must* have a segment of 10BASE5 long enough to connect any VAX or PDP capable of running a stack. I think it should be hyng from the ceiling (or rafters) for all the world to see with the vampire taps and all. Such a segment could run DECnet or TCP/IP or both. Dave, you have to agree on this, eh? Jim
On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists. vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
> I have a Nokia IP-600 hardware firewall sitting in my storage. > If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Why put it in the ceiling? Hang it where visitors can see it. Jim On Fri, 2 Dec 2016, Jonathan Gevaryahu via vcf-midatlantic wrote:
Date: Fri, 2 Dec 2016 14:06:38 -0500 From: Jonathan Gevaryahu via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Jonathan Gevaryahu <jgevaryahu@gmail.com> Subject: Re: [vcf-midatlantic] Museum network
Would this cause a problem for fire code regulations regarding running network wires in the ceiling?
I think you would need to find somebody who can supply 10Base5 cable that is compliant with modern in ceiling wire fire regulations or maybe get an exemption from the fire marshal.
Sent from my iPhone
On Dec 2, 2016, at 1:57 PM, Jim Scheef via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
IMHO the museum network *must* have a segment of 10BASE5 long enough to connect any VAX or PDP capable of running a stack. I think it should be hyng from the ceiling (or rafters) for all the world to see with the vampire taps and all. Such a segment could run DECnet or TCP/IP or both. Dave, you have to agree on this, eh? Jim
On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
It might be kind of cool-looking if we have a rack ladder hanging from the ceiling in our minicomputers exhibit, but first priority is to get more power installed. We're working on that.
Would this cause a problem for fire code regulations regarding running network wires in the ceiling? I think you would need to find somebody who can supply 10Base5 cable that is compliant with modern in ceiling wire fire regulations or maybe get an exemption from the fire marshal.
Low voltage cable? Is above ceiling an air duct return where the air vents are plumbed to the HVAC system but it pulls the return air through that space? - Ethan
Oh, and I agree with Dave that any machine connected to the Internet should be protected from wontan attack. Jim On Tue, 29 Nov 2016, Dave McGuire via vcf-midatlantic wrote:
Date: Tue, 29 Nov 2016 19:24:20 -0500 From: Dave McGuire via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> To: vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> Cc: Dave McGuire <mcguire@neurotica.com> Subject: Re: [vcf-midatlantic] Museum network
On 11/29/2016 12:52 PM, Evan Koblentz via vcf-midatlantic wrote:
I have a Nokia IP-600 hardware firewall sitting in my storage. If anyone is interested in it, I can bring it to Festivus.
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
This is a common error. Having servers on the Internet is like having a loaded Howitzer in your living room. Even if you have nothing else worth protecting in your living room, it's still a good idea to lock the front door.
Since the advent of Windows machines having IP stacks, the vast majority of both attacks and spam on the Internet has been armies of remotely-controlled Windows machines whose users say "Oh, I only use it for games, pictures, etc...I don't need to protect it." You're not protecting your data, you're guarding against the use of your hardware to attack others without your knowledge.
-Dave
-- Dave McGuire, AK4HZ New Kensington, PA
js@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
The only trouble is, some of the 1U switches can be pretty loud.
This wouldn't be bad at the museum. Until we get more power installed, our exhibits are fairly quiet for old computers. The PDP-8, Altair, and IMSAI turn it up a notch from all the micros. If the switch is loud, then good! It'll tell visitors something interesting is happening inside the room. :)
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
All computing resources should be protected, there's no excuse for zero protection nowadays. Even if you think it's a trivial system with no valuable data, it's still got computing power and can become part of a botnet. Some of the recent massive botnet attacks we've seen have come from security cameras, DVRs, and smart fridges, devices usually considered too unimportant by the average person to get a second thought about security. That said, you're probably better off with a pfSense installation than an old Nokia firewall, it'll be more up-to-date and probably easier to configure and maintain. It runs on generic PC hardware. I don't know if a Nokia firewall/router of that era is generic x86 in a fancy package, but the earlier Nokia IP-440 firewalls were, and could run pfSense.
It'll tell visitors something interesting is happening inside the room. :)
You've clearly not heard the 1U screamers I'm talking about -- it's a high pitched, extremely annoying and LOUD sound. It penetrated the 4 wythe brick walls that separated our server room from the storage area in front of it. You'll know something is going on, but you won't want to be anywhere around it! Thanks, Jonathan
On 11/29/2016 01:05 PM, Systems Glitch via vcf-midatlantic wrote:
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
All computing resources should be protected, there's no excuse for zero protection nowadays.
Afraid, Kernel Sanders? ;-) Actually it is this 'it's not important' attitude that causes way too much problems for those work with such things. I'll stop now as this could be a very long rant.
You've clearly not heard the 1U screamers I'm talking about -- it's a high pitched, extremely annoying and LOUD sound. It penetrated the 4 wythe brick walls that separated our server room from the storage area in front of it. You'll know something is going on, but you won't want to be anywhere around it!
How about 26 Cisco 7600's fully loaded and dual power supplies? Martin donated a 6500 (same as the 7600 basically) that could handle your switching/routing needs (and then some). I think we need to wait a bit longer before we can really put it to work. There currently isn't enough of a load to work with it. -- Linux Home Automation Neil Cherry ncherry@linuxha.com http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies
Have the 10GB blades for it as well....
On Nov 29, 2016, at 1:30 PM, Neil Cherry via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On 11/29/2016 01:05 PM, Systems Glitch via vcf-midatlantic wrote:
I don't know that we have much data to protect (or target!) but what does the hive-mind here think about it? A firewall is generally good to have; would this one suit us?
All computing resources should be protected, there's no excuse for zero protection nowadays.
Afraid, Kernel Sanders? ;-)
Actually it is this 'it's not important' attitude that causes way too much problems for those work with such things. I'll stop now as this could be a very long rant.
You've clearly not heard the 1U screamers I'm talking about -- it's a high pitched, extremely annoying and LOUD sound. It penetrated the 4 wythe brick walls that separated our server room from the storage area in front of it. You'll know something is going on, but you won't want to be anywhere around it!
How about 26 Cisco 7600's fully loaded and dual power supplies?
Martin donated a 6500 (same as the 7600 basically) that could handle your switching/routing needs (and then some). I think we need to wait a bit longer before we can really put it to work. There currently isn't enough of a load to work with it.
-- Linux Home Automation Neil Cherry ncherry@linuxha.com http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies
On 11/29/2016 01:30 PM, Neil Cherry via vcf-midatlantic wrote:
Martin donated a 6500 (same as the 7600 basically) that could handle your switching/routing needs (and then some). I think we need to wait a bit longer before we can really put it to work. There currently isn't enough of a load to work with it.
Very, very nice. These are amazingly capable machines. I run a 6500 in one of my buildings and a 7600 in the other, both with Sup720s installed. I've used every generation of big Cisco since the AGS, and these are far and away the most impressive jump in functionality that I've seen. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
On 11/29/2016 7:26 PM, Dave McGuire via vcf-midatlantic wrote:
On 11/29/2016 01:30 PM, Neil Cherry via vcf-midatlantic wrote:
Martin donated a 6500 (same as the 7600 basically) that could handle your switching/routing needs (and then some). I think we need to wait a bit longer before we can really put it to work. There currently isn't enough of a load to work with it. Very, very nice. These are amazingly capable machines. I run a 6500 in one of my buildings and a 7600 in the other, both with Sup720s installed. I've used every generation of big Cisco since the AGS, and these are far and away the most impressive jump in functionality that I've seen. Dave, The 6509 I donated to InfoAge is powered and operable, downside it's in building 9059 (the telephone building directly in back of the InfoAge parking lot)
If IA ever has a need, I have 10GB blades and 48 Port 10GB capable edge switches as well. Martin Flynn W2RWJ
Around 2000 the lab I worked in Middletown started rethinking our layout. We had some 40+ rows of racks of various test beds (Managed Network Services). Seems we didn't have the budget to properly replace the aging cable (it's was only about 10 years old ???). Anyway we started adding 37xx switches to each row and each row would have a few 37xx. Eventually we built a nice cross switched network layout for our test equipment (Ixia, Smartbits and a bunch of BBB Linux servers). It wasn't hard to have everything we needed in each test bed. I was surplused when VM just started. That would have been fun and the new SDN/SVN/NVF take that to an entirely new level. I really miss playing in the labs. PS: BBB = Boring Beige Box -- Linux Home Automation Neil Cherry ncherry@linuxha.com http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies
All computing resources should be protected, there's no excuse for zero protection nowadays. Even if you think it's a trivial system with no valuable data, it's still got computing power and can become part of a botnet. Some of the recent massive botnet attacks we've seen have come from security cameras, DVRs, and smart fridges, devices usually considered too unimportant by the average person to get a second thought about security.
Excellent points. Dean says the switch has plenty of protection itself. Thoughts?
Excellent points. Dean says the switch has plenty of protection itself. Thoughts?
Dean says the *router* has protection, that's very different :) I don't know what sort of router you guys are using, but as long as it's kept up-to-date, UPnP is disabled, and there's a sane default-deny firewall in place, it's probably fine. Thanks, Jonathan
Agreed! UPnP is disabled (always!). It has an SPI firewall ( I beleive, I will doubled check) I check the firmware revision when I'm in the museum. Maybe we should create a maintenance schedule for the router. On Tue, Nov 29, 2016 at 1:46 PM Systems Glitch via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Excellent points. Dean says the switch has plenty of protection itself. Thoughts?
Dean says the *router* has protection, that's very different :) I don't know what sort of router you guys are using, but as long as it's kept up-to-date, UPnP is disabled, and there's a sane default-deny firewall in place, it's probably fine.
Thanks, Jonathan
The router has basic firewall protection. Those are layered with the protection built into the Linux and windows installed on the museum PC (such as it is). I agree that it may not be the ideal protection against all threats, however there's some effort required in configuring and maintaining a firewall appliance. Is someone willing to set this up with out of band management and maintain/troubleshoot? On Tue, Nov 29, 2016 at 1:43 PM Evan Koblentz via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
All computing resources should be protected, there's no excuse for zero protection nowadays. Even if you think it's a trivial system with no valuable data, it's still got computing power and can become part of a botnet. Some of the recent massive botnet attacks we've seen have come from security cameras, DVRs, and smart fridges, devices usually considered too unimportant by the average person to get a second thought about security.
Excellent points. Dean says the switch has plenty of protection itself. Thoughts?
Is someone willing to set this up with out of band management and maintain/troubleshoot?
I'd be willing to admin either a pfSense installation, or plain OpenBSD. pfSense would probably be better since it comes with a web interface and someone else could easily sit down with the pfSense book (yes, a real paper book!) and figure it out. Not sure we need OOB management, usually I just use OpenVPN and don't allow Web UI access from the Internet/untrusted subnets. I've got a bunch of embedded systems intended for router/firewall builds that use serial console, we could hang a dialup modem off the console for emergencies, though I doubt we'd ever really need it. Plus, a modem is just something else for people to scan (and yeah, phone phreaks do still scan for modems ;) ) Thanks, Jonathan
On Nov 29, 2016, at 1:42 PM, Evan Koblentz via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
All computing resources should be protected, there's no excuse for zero protection nowadays. Even if you think it's a trivial system with no valuable data, it's still got computing power and can become part of a botnet. Some of the recent massive botnet attacks we've seen have come from security cameras, DVRs, and smart fridges, devices usually considered too unimportant by the average person to get a second thought about security.
Excellent points. Dean says the switch has plenty of protection itself. Thoughts
OMARC and ISEC are already on pFsense firewalls, I am building another unit for building 9059. Looking at the connection attempts to the Netgear 6100D (same Sprint platform as Mobile Beacon) 60 percent of the inbound attempts are from non conus sources . *None* are valid. I am using the geoblock rule on the firewall to toss the traffic. What we need to check if sprint allows inbound to the IP assigned to the router. Martin
Steve told me his name was Mark. He must have gotten the name wrong. Now it makes sense. How about connecting 9 Commodore 64 computers together for an 8 player internet game similar to Artillery Duel? I heard two guys were working on a game called Space Command that would play over the internet with the C64nic+ cards. Maybe we can find out how close those guys are to finishing their game and try it out. On Mon, Nov 28, 2016 at 1:25 PM, Evan Koblentz via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Mark dropped off a 24 channel cat 5 switch.
You mean Martin. There's no Mark.
Specifically, it's a power-over-Ethernet switch. We can use that as a regular network switch, but it will also supply power for our two IP cameras, which Martin previously supplied. The cameras have motion sensors so we can configure them to send alerts (to the chapter admin group: me, Corey, Jeff B., Dean) when they record anything outside of our docent hours.
Beside the two cameras, one port will connect to our office PC and another connect to the BBS for Telnet access via our LTE modem.
What should we do with the other 20 ports? Any creative (non-sarcastic) suggestions for ways to demo/teach vintage computing that would need a network? To put it another way: how might we grow into a 24-port switch?
-- Jeff Brace - ark72axow@gmail.com
How about connecting 9 Commodore 64 computers together for an 8 player internet game similar to Artillery Duel? I heard two guys were working on a game called Space Command that would play over the internet with the C64nic+ cards. Maybe we can find out how close those guys are to finishing their game and try it out.
Uh-huh. :)
participants (15)
-
Dave McGuire -
David Riley -
Dean Notarnicola -
Ethan -
Evan Koblentz -
Jason Perkins -
Jeffrey Brace -
Jim Scheef -
Jonathan Gevaryahu -
Joseph Oprysko -
Martin A Flynn -
Martin Flynn
-
murphnj -
Neil Cherry -
Systems Glitch