IRC log for ##pxe on 20100310

`06:09.19`	`*** join/##pxe ScytheBlade1 (~Death@smtp.mail.averageurl.com)`
`06:09.20`	`*** join/##pxe ScytheBlade1 (~Death@about/pxe/ScytheBlade1)`
`06:14.48`	`*** join/##pxe ScytheBlade1 (~Death@smtp.mail.averageurl.com)`
`06:14.49`	`*** join/##pxe ScytheBlade1 (~Death@about/pxe/ScytheBlade1)`
`12:09.45`	`*** join/##pxe the_mgt (~ich@a89-183-76-48.net-htp.de)`
`15:24.37`	`*** join/##pxe yermandu (~Patapitaf@unaffiliated/yermandu)`
`16:23.21`	`*** join/##pxe Xires (~Xires@66-190-79-122.dhcp.dntn.tx.charter.com)`
`16:38.36`	`*** join/##pxe TIM9 (~tim@CPE00166f2f93f9-CM001ac311b52c.cpe.net.cable.rogers.com)`
`16:51.50`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`16:52.30`	`toiz`	`i need advice:`
`16:53.08`	`toiz`	`when dhcp responds does it give the client a gateway?`
`16:53.24`	`toiz`	`i know it wont give dns`
`16:54.19`	`toiz`	`my goal is ofc making my client behind nat booting pxe from INET server`
`16:56.20`	`toiz`	`i have a M$ ris server in inet and a client behind ddwrt but i cant test before 2 days so i wondered i make this time useful and ask if someone has done it already`
`17:05.38`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:15.00`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:24.17`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:30.41`	`Nirkus`	`..gone :-/`
`17:33.35`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:43.07`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:53.06`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`17:55.12`	`toiz`	`keeps getting me rejoined:S`
`17:56.33`	`toiz`	`anyway if someone is interested in previous "goal" i have skype bcs_taivo`
`17:56.41`	`toiz`	`i also might come back later to this irc channel`
`18:54.41`	`Nirkus`	`ah`
`18:55.25`	`*** join/##pxe toiz (~a@33.21.190.90.dyn.estpak.ee)`
`18:56.39`	`Nirkus`	`mh, i guess, he wont read channel logs`
`18:58.04`	`Nirkus`	`uh, our logs have a 1 day delay`
`18:58.07`	`Nirkus`	`:)`
`19:03.08`	`toiz`	`><`
`19:04.22`	`Nirkus`	`toiz: there you are`
`19:04.37`	`toiz`	`y i came back to check if someone says something`
`19:04.49`	`Nirkus`	`toiz: if you want to do PXE over routed networks youll need a DHCP relay`
`19:05.14`	`Nirkus`	`with RIS im not so sure, what your intentions are.. :)`
`19:05.25`	`toiz`	`y can guess`
`19:05.29`	`Nirkus`	`toiz -v`
`19:05.38`	`toiz`	`what is -v ?`
`19:05.53`	`Nirkus`	`toiz: be more verbous`
`19:05.54`	`Nirkus`	`:)`
`19:05.58`	`toiz`	`hehe`
`19:06.41`	`toiz`	`right now i just want to install an xp in any random place where i have ddwrt`
`19:06.54`	`toiz`	`i have 2 plans`
`19:06.56`	`Nirkus`	`mkay, whats ddwrt?`
`19:07.07`	`toiz`	`do you know what is wrt54gl?`
`19:07.29`	`Nirkus`	`toiz: RIS is not PXE, it just loads its own boot loader via PXE and everything from that point on is M$..`
`19:07.38`	`Nirkus`	`ah openwrt`
`19:07.41`	`Nirkus`	`?`
`19:07.41`	`toiz`	`y`
`19:07.54`	`toiz`	`i dont care if RIS is not pxe:]`
`19:08.06`	`toiz`	`as long as i can boot into RIS behind random ddwrt`
`19:08.07`	`toiz`	`i am WIN`
`19:08.12`	`Nirkus`	`:)`
`19:08.26`	`Nirkus`	`openwrt should have some dhcp relay module`
`19:08.49`	`toiz`	`i have this giude > http://www.dd-wrt.com/wiki/index.php/PXE`
`19:09.04`	`toiz`	`if i just replace ip with outside ip it woint work right?`
`19:09.04`	`Nirkus`	`but you should route your DHCP/PXE/RIS traffic through some VPN tunnel like IPsec`
`19:09.13`	`toiz`	`hehe`
`19:09.30`	`toiz`	`that would be the easy way`
`19:09.46`	`toiz`	`but i want to install my xp from ANY place behind ddwrt`
`19:09.55`	`toiz`	`ddwrt is very common in my land`
`19:10.15`	`toiz`	`friends, companies etcetc`
`19:10.29`	`Nirkus`	`toiz: you want to _install_ something via PXE from anywhere or boot something?`
`19:10.31`	`toiz`	`i am starting ddwrt then thinking of next routers`
`19:10.35`	`toiz`	`YES`
`19:10.48`	`toiz`	`2 have 2 plans`
`19:10.55`	`toiz`	`planA router congig`
`19:11.18`	`toiz`	`planB modify PXE to be smater and let ethernet manufacturers apply it to new ethernet devices`
`19:11.22`	`toiz`	`planA seemed easier`
`19:12.07`	`Nirkus`	`toiz: PXE was designed so that any "smart" parts would be placed into PXE bootloaders or the apps loaded by PXE boot loaders`
`19:12.24`	`Nirkus`	`toiz: but, back to your plan :)`
`19:12.43`	`toiz`	`basicallt u understand my goal now, thats a good start`
`19:12.59`	`Nirkus`	`toiz: if you want to install something from behind $ddwrt_router under your control`
`19:13.50`	`Nirkus`	`toiz: you would need to setup a DHCP server on $ddwrt_router answering the PXE boot requests of your $client_pc`
`19:13.57`	`toiz`	`YES`
`19:14.03`	`toiz`	`like in here: http://www.dd-wrt.com/wiki/index.php/PXE`
`19:14.27`	`Nirkus`	`toiz: that $ddwrt_router would need to send some PXE boot loader like the one from M$ RIS or pxelinux or whatever to your $client_pc`
`19:14.43`	`toiz`	`yes i understand that too`
`19:15.06`	`Nirkus`	`toiz: than, the interesting part... you need to, somehow, get that PXE bootloader to load whatever data you need from your $inet_server`
`19:15.14`	`toiz`	`ee`
`19:15.25`	`toiz`	`i was thinking a shortcut`
`19:15.38`	`toiz`	`i was thinking i could boot the PXE bootloader from INET`
`19:15.40`	`Nirkus`	`toiz: so, what do you intend to do with your $client_pc, exactly?`
`19:15.46`	`Nirkus`	`toiz: no`
`19:15.53`	`toiz`	`because?`
`19:16.33`	`Nirkus`	`toiz: theoretically, it would be possible..using a DHCP server and giving a gateway and next-server ip..`
`19:16.39`	`toiz`	`yesyes...:D`
`19:16.43`	`toiz`	`thats my plan`
`19:16.49`	`Nirkus`	`toiz: BUT.. you dont want to use TFTP (UDP) over inet`
`19:16.52`	`toiz`	`if that wont work then your plan goes`
`19:17.06`	`toiz`	`why not?`
`19:17.26`	`toiz`	`simpel protocol and psws not crypted?`
`19:17.39`	`Nirkus`	`toiz: because its conenctionless and in secure`
`19:17.58`	`toiz`	`><`
`19:18.10`	`toiz`	`so ok thinking of your plan`
`19:18.21`	`toiz`	`your plan makes me build a pxe client into ddwrt`
`19:18.27`	`Nirkus`	`mh, no`
`19:18.29`	`toiz`	`which looks kinda complicated`
`19:18.32`	`toiz`	`hmm, no?`
`19:19.15`	`Nirkus`	`you need ddwrt to provide a DHCP server pointing pxe booting client pcs to its own tftp server, providing, for example, the pxelinux binary and a configuration for pxelinux`
`19:19.33`	`Nirkus`	`the configuration could point to some inet server`
`19:19.58`	`toiz`	`but you just sayd tftp over inet is bad`
`19:20.08`	`Nirkus`	`toiz: BUT.. that would use TFTP, still.. so you should have your ddwrt router set up some VPN tunnel to your inet_server`
`19:20.13`	`Nirkus`	`yes`
`19:20.15`	`Nirkus`	`:)`
`19:20.20`	`toiz`	`hmm`
`19:20.52`	`toiz`	`lets say that security is not the issue`
`19:21.17`	`toiz`	`it can be so unsecure like my grandmothers hut near da lake`
`19:21.24`	`Nirkus`	`so, your ddwrt router hase some encrypted VPN tunnel to your inet server to route all the traffic from and to your client pcs behind that ddwrt router through`
`19:21.26`	`toiz`	`then it would be a plan?`
`19:21.35`	`toiz`	`omgomg`
`19:21.38`	`Nirkus`	`mh`
`19:21.46`	`Nirkus`	`of course, you could do that`
`19:21.54`	`Nirkus`	`but dont say, i dindt warn ya`
`19:21.55`	`toiz`	`if my ddwrt does vpn stuff it also is complicated`
`19:22.13`	`toiz`	`but i will think about it`
`19:22.43`	`toiz`	`so plan is ddwrt makes ipsec tunnel, and bootes a pxe bootimage via tftp from inet using the vpn tunnel`
`19:22.45`	`toiz`	`so?`
`19:23.12`	`Nirkus`	`toiz: you will have (a) insecure communication between your client pcs and (b) your TFTP/ whatever download service need to be accessible to the whole inernet`
`19:23.39`	`toiz`	`ee`
`19:23.43`	`toiz`	`for which plan this goes`
`19:23.53`	`Nirkus`	`toiz: for the one w/o ipsec tunnel`
`19:24.02`	`Nirkus`	`toiz: had some lag over here`
`19:24.08`	`toiz`	`okok:)`
`19:24.19`	`toiz`	`with ipsec is insecure?`
`19:24.32`	`Nirkus`	`toiz: the machines booting via PXE wont be the ddwrt routers, right?`
`19:24.39`	`toiz`	`no`
`19:24.48`	`Nirkus`	`with ipsec in tunnel mode with auth+enc, its secure`
`19:24.51`	`toiz`	`random pcs, laptops, wmvare guests, whateveer..`
`19:24.57`	`Nirkus`	`toiz: ok`
`19:25.07`	`toiz`	`"so plan is ddwrt makes ipsec tunnel, and bootes a pxe bootimage via tftp from inet using the vpn tunnel" good plan?`
`19:25.23`	`Nirkus`	`toiz: sounds good`
`19:25.33`	`toiz`	`i am reinstalling my RIS currently, getting some wrtg tomoorow`
`19:25.36`	`toiz`	`mmm`
`19:25.39`	`Nirkus`	`toiz: you will need to setup a DHCP and TFTP server on that ddwrt routers`
`19:25.44`	`toiz`	`eeeeee`
`19:25.51`	`toiz`	`i need tftp server in router?`
`19:25.53`	`toiz`	`why?`
`19:25.55`	`Nirkus`	`so they can answer to thos clients on their local lan`
`19:26.14`	`toiz`	`i dont understand why ..:d`
`19:26.20`	`toiz`	`i understand dhcp server yes`
`19:26.21`	`Nirkus`	`toiz: that TFTP server only servers the PXE boot loader and its configuration file (text)`
`19:26.38`	`toiz`	`and what would be in that configuration file?`
`19:27.07`	`Nirkus`	`toiz: because its easier to setup and the inital conversation between client and PXE stuff wont be affected by internet connection loss and similar errors`
`19:27.16`	`toiz`	`hmm`
`19:27.24`	`toiz`	`ris is not tftp?`
`19:27.27`	`toiz`	`y/n ?`
`19:27.39`	`Nirkus`	`toiz: for pxelinux you can configure a little menu to display and the ip addresses and files to download`
`19:27.46`	`toiz`	`hmm`
`19:28.00`	`Nirkus`	`toiz: im not sure.. my contact with RIS was years ago`
`19:28.03`	`toiz`	`basically you are sayng a linux boots`
`19:28.08`	`toiz`	`pxelinux is linux right`
`19:28.23`	`Nirkus`	`toiz: pxelinux is just a bootloader, it can boot various stuff`
`19:28.25`	`toiz`	`then i can make it use whatever protocol i want`
`19:28.31`	`toiz`	`aaa`
`19:28.46`	`Nirkus`	`http://syslinux.zytor.com/wiki/index.php/PXELINUX`
`19:29.17`	`Nirkus`	`toiz: i think, pxelinux only supports TFTP as its provided by the network cards PXE boot ROM`
`19:29.47`	`Nirkus`	`toiz: there was some guy in here recently who somehow used HTTP with pxelinux`
`19:30.11`	`toiz`	`hehe`
`19:30.13`	`toiz`	`see, magic`
`19:30.15`	`toiz`	`this means`
`19:30.22`	`toiz`	`i can use whatever protocol i want with it`
`19:30.22`	`Nirkus`	`i think, he loaded some other PXE bootloader first`
`19:30.29`	`Nirkus`	`etherboot, maybe`
`19:30.33`	`toiz`	`great`
`19:30.43`	`toiz`	`as long as all this is small enough to fot a ddwrt`
`19:30.49`	`toiz`	`2-8 MB`
`19:30.50`	`toiz`	`><`
`19:31.04`	`Nirkus`	`pretty sure`
`19:31.49`	`toiz`	`i am thinking now, PXE inside ddwrt, PXE bootloader has biltin IPSEC tunnel module and configuration`
`19:31.58`	`Nirkus`	`loooool`
`19:32.08`	`toiz`	`why is that lol?`
`19:32.08`	`toiz`	`:D`
`19:32.19`	`Nirkus`	`i dont think, youll find a PXE _bootloader_ with IPsec support`
`19:32.26`	`toiz`	`i will make it`
`19:32.32`	`Nirkus`	`toiz: keep the IPsec tunnel in the router`
`19:32.37`	`toiz`	`hmm`
`19:32.48`	`toiz`	`i cant make all ddwrts on estonia hold ipsec tunnels 24h with my server.. ?`
`19:33.05`	`toiz`	`only way i am thinking is that PXE booting triggers ipec tunnel`
`19:33.11`	`toiz`	`in routr`
`19:33.18`	`Nirkus`	`toiz: ipsec can detect dead tunnels and set them up again`
`19:33.32`	`toiz`	`ehm`
`19:33.34`	`toiz`	`no i mean`
`19:33.48`	`toiz`	`i cant allw that every random booting ddwrt in estonia will connect to my server`
`19:33.58`	`toiz`	`i can only allow that it contacts when it wants to boot`
`19:34.03`	`Nirkus`	`toiz: your ipsec tunnel can idle and have no more traffic than the 'dead peer detection' pings once in a while`
`19:34.12`	`toiz`	`nono`
`19:34.15`	`Nirkus`	`mkay`
`19:34.16`	`toiz`	`its a matter of security`
`19:34.26`	`Nirkus`	`security?`
`19:34.37`	`Nirkus`	`you mean a matter of network congestion? :>`
`19:34.41`	`toiz`	`random companies and homes have a all access tunnel with my server?`
`19:34.50`	`toiz`	`umm i forget that`
`19:35.08`	`toiz`	`so BIG NO ANYWAYS for 24h tunnels`
`19:35.24`	`Nirkus`	`toiz: you can configure firewall rules on that ddwrt router for the ipsec tunnels`
`19:35.32`	`Nirkus`	`if ddwrt is capable of that`
`19:35.37`	`toiz`	`can i make the rules TRGGER?`
`19:35.44`	`toiz`	`i am thinkng now:`
`19:36.04`	`toiz`	`easier to configure ipsec into PXELINUX than triggeripsec into ddwrtg`
`19:36.13`	`toiz`	`i am not planning to learn ddwrtg, waste of time`
`19:37.01`	`toiz`	`Nirkus btw, where you work and sooo on?`
`19:37.27`	`Nirkus`	`toiz: you cannot 'configure' ipsec into pxelinux`
`19:37.37`	`toiz`	`Nirkus: i say i can:D`
`19:37.44`	`Nirkus`	`toiz: it does not have support for such high level foo`
`19:37.44`	`toiz`	`cause you sayd some guy made http happen`
`19:37.45`	`Nirkus`	`:)`
`19:37.56`	`toiz`	`http happens = ipsec happens`
`19:38.07`	`Nirkus`	`toiz: he made it happen using another bootloader which wrapped the tftp download calls`
`19:38.16`	`toiz`	`hmm`
`19:38.21`	`toiz`	`ok https?`
`19:38.28`	`Nirkus`	`toiz: i work at Netpioneer GmbH, http://www.netpioneer.de/`
`19:38.34`	`toiz`	`i can do ris over https with a ssl endppint`
`19:38.36`	`Nirkus`	`toiz: dont think so`
`19:38.44`	`toiz`	`what i do in netpioneer?`
`19:38.51`	`toiz`	`you do*`
`19:39.06`	`toiz`	`is this italy or deuchland?`
`19:39.13`	`Nirkus`	`i am a system administrator... germany`
`19:39.17`	`toiz`	`hehe:d`
`19:39.32`	`toiz`	`what platforms u admin`
`19:39.39`	`toiz`	`or what type of devices`
`19:39.47`	`Nirkus`	`atm im developing the LDAP user admin interface for them`
`19:39.48`	`toiz`	`server networks ?`
`19:40.10`	`toiz`	`LDAP is linux derivate for M$ AD?`
`19:40.47`	`Nirkus`	`managed switches (HP), linux servers (debian) hw and virtual (Xen), linux desktops, linux routers, windows desktops and even some windows servers`
`19:40.53`	`Nirkus`	`toiz: no`
`19:41.02`	`toiz`	`:o Xen`
`19:41.08`	`Nirkus`	`toiz: AD is a directory which is accesible 'LDAP like'`
`19:41.16`	`toiz`	`yes><`
`19:43.12`	`toiz`	`hmm i have more thought about this pxe thingie`
`19:43.17`	`toiz`	`your link made my thought`
`19:43.31`	`toiz`	`that link > http://syslinux.zytor.com/wiki/index.php/PXELINUX`
`19:43.46`	`toiz`	`now i am thinking if making a all access buffer server`
`19:44.22`	`toiz`	`client boots a bootloader from INET RIS`
`19:44.35`	`toiz`	`i can basically make a windows boot into ris`
`19:44.51`	`toiz`	`now this windows i am booting from there`
`19:45.05`	`toiz`	`it has tools for creating a ipsec tunnel`
`19:45.21`	`toiz`	`hmm ok i kinda failed in this theory sry`
`19:45.46`	`toiz`	`i just understand this buffer windows forst has to plant small windows into my client computer`
`19:46.12`	`toiz`	`cause i cant start a ipsec between a client and target server when ALL commands are made from unsecure buffer server`
`19:46.38`	`toiz`	`hmm hmm..`
`19:46.53`	`toiz`	`k seems i just have to test and then i have some more ideas`
`19:48.05`	`toiz`	`but thanks for info Nirkus, u made me consider vpn tunnel`
`19:48.06`	`toiz`	`><`
`19:52.39`	`Nirkus`	`toiz: np :)`
`19:53.14`	`Nirkus`	`toiz: ipsec tunnels can be triggered by traffic to be routed through them, too`
`19:53.29`	`Nirkus`	`toiz: but the tunnel setup may take some time or even fail`
`19:53.46`	`Nirkus`	`which would make the PXE boot process fail on DHCP level`
`19:54.20`	`Nirkus`	`toiz: therefore haveing the DHCP server and bootloader delivered by your ddwrt box on the LAN would be more fault tolerant`
`19:54.59`	`toiz`	`mhh`
`19:55.19`	`toiz`	`ill think about with my businesspartner tomorrow`
`19:55.35`	`toiz`	`how old are you btw`
`19:55.38`	`toiz`	`^`
`19:56.23`	`Nirkus`	`im 27 :)`
`19:56.46`	`toiz`	`i am not :]`
`19:56.50`	`Nirkus`	`hehe`
`19:57.01`	`toiz`	`do you install everything from pxe ?`
`19:57.03`	`Nirkus`	`toiz: where are you from and how old?`
`19:57.13`	`toiz`	`i am from estonia and i am 26 ^`
`19:57.23`	`toiz`	`estonia the land of IT developers`
`19:57.33`	`toiz`	`we eat .bat for breakfast`
`19:57.42`	`Nirkus`	`toiz: i developed a stateless and diskless linux setup based on PXE for some computer pool of the KIT soem years ago`
`19:57.54`	`toiz`	`><`
`19:58.08`	`toiz`	`mby u should to develop more some cool stuff using pxe`
`19:58.40`	`toiz`	`like vmware is this new tecnhology where theys OS boots from some server in lan`
`19:58.44`	`toiz`	`i dont remember the name`
`19:58.58`	`toiz`	`it reminds google crome os`
`19:59.04`	`toiz`	`not the name but the techonlogy`
`19:59.05`	`Nirkus`	`toiz: vmware is obsolte :>`
`19:59.10`	`toiz`	`hehehe`
`19:59.10`	`Nirkus`	`obsolete`
`19:59.15`	`toiz`	`i have esxi`
`19:59.16`	`toiz`	`i dont care`
`19:59.19`	`toiz`	`its easy`
`19:59.19`	`toiz`	`><`
`19:59.20`	`Nirkus`	`*g`
`19:59.36`	`toiz`	`u are reccomending something awesome?`
`19:59.39`	`Nirkus`	`esxi is ok, i guess... at least, its hypervisor based`
`20:02.00`	`Nirkus`	`KVM is too immature to be recommended, and Xen gets to 'old' to :)`
`20:02.07`	`toiz`	`currentlyin estonia populars are: OpenSUSE XEN, Citrix XenCenter, ESXi`
`20:02.15`	`toiz`	`esxi being most popular`
`20:02.52`	`toiz`	`some advanced guys use "QEMU, KVM, libvirt"`
`20:02.59`	`toiz`	`but i dont even know what this is`
`20:03.12`	`Nirkus`	`ESXi is only free w/o the management tools, right?`
`20:03.44`	`toiz`	`y`
`20:03.48`	`toiz`	`it has management`
`20:03.53`	`toiz`	`it is free woihout HA`
`20:03.57`	`toiz`	`and vmotion`
`20:03.58`	`Nirkus`	`Qemu is a full virtualization technoligy like the first VMware technoligy`
`20:04.05`	`toiz`	`ok`
`20:04.24`	`toiz`	`free esxi means no HA and no moving working guest OSes between esxi servers`
`20:04.27`	`Nirkus`	`KVM is the hypervisor included in current versions of the Linux kernel`
`20:04.33`	`toiz`	`k`
`20:05.02`	`Nirkus`	`libvirt is a generalized management tools infrastructure for things like quemu and KVM AFAIK`
`20:05.42`	`toiz`	`ok`
`20:05.45`	`toiz`	`i am thinking of it`
`20:05.50`	`toiz`	`right now vmware is all i need`
`20:05.53`	`toiz`	`esxi then`
`20:05.55`	`Nirkus`	`Citrix XenCenter is the commercial version of Xen`
`20:06.20`	`Nirkus`	`toiz: xen and kvm are interesting when you are experienced with them`
`20:06.32`	`Nirkus`	`toiz: because they are completely free of charge`
`20:07.02`	`toiz`	`okidoki`
`20:07.05`	`Nirkus`	`toiz: and Xen is a very efficient, hypervisor baed virtualization which uses Linux as a management plattform`
`20:07.16`	`Nirkus`	`s/baed/based/`
`20:07.17`	`toiz`	`but my business is not virtualisation`
`20:07.26`	`toiz`	`i just use it for hosting my own servers`
`20:07.34`	`Nirkus`	`toiz: yes, thats ok`
`20:07.59`	`Nirkus`	`toiz: ESXi will work for you and it performs quite nicely AFAIK`
`20:09.19`	`toiz`	`my favourite topics currently are: AD, RIS(WDS), WSUS, free monitoring with sql support (like nagiosXI but free), cheap ipsec tunnel endpoints, cheap NAS devices (not eeprom based but minimum atom and stuff)`
`20:09.33`	`toiz`	`><`
`20:10.00`	`toiz`	`i also can admin most windows server components`
`20:10.09`	`Nirkus`	`k`
`20:10.12`	`toiz`	`thats what we do here`
`20:10.18`	`toiz`	`a) admin stuff`
`20:10.28`	`toiz`	`b) thinkinf of new cool stuff`
`20:10.32`	`toiz`	`like RIS over inet`
`20:10.36`	`toiz`	`><`
`20:11.04`	`Nirkus`	`toiz: @WSUS: you should take a good look at Secunias CSI: http://secunia.com/vulnerability_scanning/corporate/`
`20:11.47`	`toiz`	`beta?`
`20:11.49`	`toiz`	`free?`
`20:11.49`	`Nirkus`	`toiz: i dont know if they already finished the beta phase of their WSUS integration`
`20:12.03`	`toiz`	`wsus seems to have this cool problem y`
`20:12.16`	`toiz`	`it needs to be checked after`
`20:12.24`	`toiz`	`like little child after cleaning his room`
`20:12.36`	`Nirkus`	`toiz: the private version of CSI (PSI) is free`
`20:12.45`	`Nirkus`	`hehe`
`20:12.49`	`toiz`	`private is for one person?`
`20:12.52`	`toiz`	`or what means private`
`20:13.03`	`toiz`	`WSUS is never for one person so .. ?`
`20:13.08`	`Nirkus`	`but WSUS is the only package management for windows, AFAIK`
`20:13.43`	`Nirkus`	`private means you are not allowed to use it in a corporate infrastructure but in your home machine`
`20:13.49`	`toiz`	`hehehe`
`20:13.52`	`toiz`	`seems like pointless`
`20:14.11`	`toiz`	`in home i can use this ee what was its name`
`20:14.13`	`toiz`	`bsad or smth`
`20:14.17`	`Nirkus`	`toiz: helps you keep your software up to date,k not only the microsoft foo`
`20:14.36`	`toiz`	`mbsa`
`20:14.38`	`toiz`	`WO`
`20:14.48`	`Nirkus`	`mbsa?`
`20:14.51`	`toiz`	`mbsa is same as CSI for one person?`
`20:15.18`	`toiz`	`http://technet.microsoft.com/en-us/security/cc184923.aspx`
`20:15.19`	`toiz`	`try it`
`20:15.25`	`toiz`	`on random xp or windows server`
`20:15.29`	`toiz`	`download run scan`
`20:16.04`	`Nirkus`	`toiz: reads like MBSA will only scan for microsoft programs`
`20:16.19`	`Nirkus`	`PSI/CSI scan for almost all programs installed`
`20:16.52`	`toiz`	`kk`
`20:17.09`	`toiz`	`i must think what other products my clients use`
`20:17.16`	`toiz`	`all custom and some autocad i think`
`20:17.19`	`toiz`	`nothing much`
`20:17.47`	`toiz`	`acrobat reader and flash are being deploid by gpo anyways`
`20:17.51`	`Nirkus`	`and flash, acrobat, firefox, opera, ..`
`20:18.05`	`toiz`	`cause they dont have normal updates`
`20:18.11`	`toiz`	`for users rights users`
`20:18.18`	`toiz`	`all gpo..:D`
`20:18.31`	`Nirkus`	`:)`
`20:19.39`	`toiz`	`like when i used to work in one estonian advanced company`
`20:19.50`	`toiz`	`they even dplyd M$ office via gpo`
`20:19.56`	`toiz`	`and office spellers and all`
`20:20.24`	`toiz`	`made some little .vbs that checked via regedit if the office had already been installed or not.. kinky shit:d`
`20:21.01`	`Nirkus`	`hihi`
`20:21.48`	`Nirkus`	`AFAIK, you can do almost anything with GPO foo, but it requires intense study and therefore intense money on docs and courses`
`20:21.51`	`Nirkus`	`:)`
`20:22.59`	`toiz`	`what docs and courses?:D`
`20:23.07`	`toiz`	`we have much cool practise here`
`20:23.20`	`Nirkus`	`those certified my M$? :)`
`20:23.34`	`toiz`	`hire some ex sysadmin like me who has open brain`
`20:23.59`	`toiz`	`pay him cool salary and he will implement cool stuff into gpo just using his brain and/or google`
`20:24.07`	`toiz`	`i am certified m$`
`20:24.14`	`toiz`	`k i have support cert`
`20:24.19`	`toiz`	`but not any servers`
`20:24.26`	`Nirkus`	`toiz: or just use linux and pay yourself a cool salary :>`
`20:24.30`	`toiz`	`OH NO`
`20:24.45`	`toiz`	`i have 6 years m$ servers in my back`
`20:24.52`	`toiz`	`umm 7 or 8`
`20:24.54`	`toiz`	`its 2010`
`20:25.07`	`toiz`	`i am not wasting it and starting from beginning with linux`
`20:25.17`	`Nirkus`	`hehe :)`
`20:25.25`	`toiz`	`and in estonia med/small companies use m$`
`20:25.28`	`toiz`	`and reason is:`
`20:25.44`	`toiz`	`there is 10 m$ guys and 1 linu guy in job market`
`20:25.47`	`Nirkus`	`almost all companies use M$`
`20:25.50`	`toiz`	`so..`
`20:26.11`	`toiz`	`they dont want that awesome risk`
`20:26.21`	`Nirkus`	`because people know windows and office from their home computers`
`20:26.21`	`toiz`	`i myself have helped 5+ companies to come over to m$`
`20:26.27`	`toiz`	`for THAT reason`
`20:26.38`	`toiz`	`y`
`20:26.40`	`Nirkus`	`hihi`
`20:26.52`	`toiz`	`all those 5+ companies lost theyr linu admin for some reason`
`20:27.02`	`toiz`	`different resons`
`20:27.19`	`toiz`	`and so noone wanted to admin SOMEONE elses linux servers`
`20:27.32`	`toiz`	`cause u dont use standards in there..`
`20:27.39`	`toiz`	`><`
`20:27.39`	`toiz`	`:d`
`20:28.04`	`Nirkus`	`well, with linux admins its the same as with the windows side.. there are some who do a good job an document it, some who do a good job, but dont ocument enough andmany who just do a crappy jib`
`20:28.12`	`toiz`	`y`
`20:28.20`	`toiz`	`and when win admin dont dokuments its no worries`
`20:28.24`	`toiz`	`new admin comes`
`20:28.31`	`Nirkus`	`lol`
`20:28.36`	`toiz`	`he can understand in 5 minutes`
`20:28.43`	`toiz`	`what services are running and for what`
`20:28.49`	`toiz`	`in server`
`20:28.50`	`toiz`	`><`
`20:29.20`	`toiz`	`its rare thing when some idiot installs some java based server app into M$ server and so on..`
`20:29.36`	`toiz`	`those kind of examples are so only way u can fuck up`
`20:29.42`	`Nirkus`	`well with windows you cannot do as much as with linux w/o buying extra software, so you cannot compare those two worlds just like that`
`20:29.50`	`toiz`	`hehe`
`20:29.55`	`toiz`	`i compare features`
`20:29.59`	`toiz`	`btw`
`20:30.05`	`toiz`	`i have 3 linu servers`
`20:30.12`	`toiz`	`so i am not all win here:D`
`20:30.21`	`toiz`	`i compare features: what company needs`
`20:30.59`	`toiz`	`company needs AD and GPO (cause all clients are xps) they need sharepoint and fileserver, sql, exchange`
`20:31.04`	`toiz`	`u can replace exchange`
`20:31.12`	`toiz`	`with pretty good derivates`
`20:31.16`	`toiz`	`that i know`
`20:31.22`	`toiz`	`i like lotus domino for example`
`20:31.29`	`toiz`	`but u cant replace AD and gpo`
`20:31.30`	`toiz`	`><`
`20:31.40`	`Nirkus`	`toiz: well, using AD and GPO for xp clients comes natural`
`20:31.46`	`toiz`	`y`
`20:31.58`	`toiz`	`and that is what people want here in estonia`
`20:32.02`	`toiz`	`we use linuxes for:`
`20:32.04`	`toiz`	`webapps`
`20:32.08`	`toiz`	`inestead of iis then`
`20:32.12`	`Nirkus`	`because AD and GPO are the tools provided by M$ to administer their product named windows`
`20:32.20`	`toiz`	`and hardcore clustering/special apps`
`20:32.33`	`toiz`	`basically all`
`20:32.41`	`toiz`	`for firewalls noone uses ISA NOR LINUX`
`20:32.47`	`toiz`	`only hw based firewalls`
`20:32.56`	`Nirkus`	`lol`
`20:32.58`	`toiz`	`like cisco>juniper>zywall`
`20:33.02`	`Nirkus`	`'hw based firewall' :-D`
`20:33.10`	`toiz`	`i dont know correct word`
`20:33.18`	`toiz`	`eng is not my prim lang`
`20:33.23`	`Nirkus`	`those are appliances mostly running PC hardware and some frontend for the linux inside`
`20:33.27`	`toiz`	`i know`
`20:33.34`	`toiz`	`i just dont know the word`
`20:33.39`	`Nirkus`	`or and ther arent hardware based at all`
`20:33.45`	`Nirkus`	`ah`
`20:33.47`	`Nirkus`	`ok`
`20:33.51`	`toiz`	`its some translation error`
`20:33.59`	`toiz`	`we call them here like boxes or so`
`20:34.21`	`toiz`	`basically meaning you dont have to put software ion them specially`
`20:34.37`	`Nirkus`	`if you know TCP/IP and iptables, you dont need any expensive appliance`
`20:34.40`	`toiz`	`which leaves less possibilities to fuck up`
`20:34.44`	`toiz`	`hmm`
`20:34.52`	`toiz`	`med+ company in estonia needs`
`20:35.01`	`Nirkus`	`toiz: yes, but those are two different approaches`
`20:35.15`	`toiz`	`ipsec tunnels, local vlans, blacklists, yadayadayada`
`20:35.30`	`Nirkus`	`a) you can invest in products, which have an easy interface with less possibilities for human error`
`20:35.35`	`toiz`	`estonians even use layer3 switcher for some magic reason`
`20:35.42`	`toiz`	`a) is good`
`20:35.44`	`toiz`	`we take that`
`20:35.47`	`toiz`	`kthxbye:D`
`20:35.59`	`Nirkus`	`b) you can invest in personell that will do more with less money for licenses and hardware`
`20:36.06`	`toiz`	`very reasoable approach is A`
`20:36.09`	`Nirkus`	`*g`
`20:36.10`	`toiz`	`we cant to b`
`20:36.17`	`toiz`	`thats wasting of monay`
`20:36.33`	`Nirkus`	`toiz: thats you opinion`
`20:36.36`	`toiz`	`people ALWAYS cost more than hw`
`20:36.41`	`toiz`	`thats proven on here`
`20:36.44`	`toiz`	`><`
`20:36.50`	`Nirkus`	`toiz: thats bullshit :)`
`20:36.56`	`toiz`	`in de its not?:D`
`20:37.40`	`toiz`	`random juniper for medsize company is max 2000 eur, using a derivate with os and sysadmin, costs every year afuckin salary++`
`20:37.47`	`Nirkus`	`poeple always cost money, but we administer a company of >100 employees with 3 subsidiaries in a team of 2 full-time and 2 part-time admins`
`20:37.54`	`toiz`	`tell me what is your monthly salary?`
`20:38.21`	`Nirkus`	`toiz: as i am still a student, i dont have a fixed salary`
`20:38.31`	`toiz`	`100-500 employee companies here usually have 1 admin and 1-2 support prsonnel`
`20:38.55`	`toiz`	`our admins get min 2000 eur every month`
`20:38.55`	`Nirkus`	`toiz: what is 'support personnel'?`
`20:39.02`	`toiz`	`random it guys`
`20:39.07`	`toiz`	`who install xps`
`20:39.09`	`Nirkus`	`doing what?`
`20:39.11`	`Nirkus`	`ah`
`20:39.11`	`toiz`	`proccess helpdesk`
`20:39.13`	`toiz`	`etc`
`20:39.38`	`Nirkus`	`we dont have that seperation.. we have our 2 + 2 team for everything`
`20:39.42`	`toiz`	`2000 eur per months means 3500 eur for company`
`20:39.47`	`toiz`	`cause taxes are aswesome`
`20:39.54`	`toiz`	`a ok`
`20:40.02`	`Nirkus`	`our team leader has something less than 50k a year`
`20:40.08`	`toiz`	`eur?`
`20:40.13`	`Nirkus`	`yes`
`20:40.19`	`toiz`	`i am calculating`
`20:40.51`	`toiz`	`thats 62 000 + eur every months for company`
`20:41.03`	`toiz`	`i mean take off 10% of his slary`
`20:41.08`	`toiz`	`and u get 3 junpiers`
`20:41.11`	`toiz`	`><`
`20:41.26`	`toiz`	`UPS`
`20:41.31`	`toiz`	`30 UNIPERS`
`20:41.38`	`toiz`	`no i am calculating wrong`
`20:41.39`	`toiz`	`wry`
`20:41.41`	`toiz`	`sry`
`20:41.44`	`toiz`	`we have night here`
`20:41.52`	`Nirkus`	`and who will organize the budget, on which hardware will you run all the developement systems and test databases and who will administer the 2 other subsidiaries and ..`
`20:41.58`	`toiz`	`6200 euros every month and 3 junipers`
`20:42.13`	`toiz`	`1 guy admin`
`20:42.21`	`toiz`	`0,5 guy on budget`
`20:42.43`	`toiz`	`1-2 guys support personnel with low salary`
`20:42.46`	`toiz`	`happens in estonia`
`20:42.47`	`toiz`	`<<`
`20:42.56`	`Nirkus`	`hehe`
`20:43.06`	`toiz`	`we also buy m$ servers`
`20:43.07`	`toiz`	`:D`
`20:43.18`	`Nirkus`	`and you support application servers and web servers and all that stuff, too?`
`20:43.46`	`toiz`	`14 custom web apps (most iis+mssql, some apache+mysql/postgre)`
`20:43.57`	`toiz`	`then all typical m$ stuff`
`20:44.07`	`toiz`	`like ads, backups, antivirs and so on`
`20:44.12`	`Nirkus`	`we have 1 guy out of our team for the M$ stuff :)`
`20:44.21`	`toiz`	`how many m$ servers?`
`20:44.34`	`toiz`	`not physically counting`
`20:44.38`	`toiz`	`one virtual is 1 server`
`20:44.56`	`Nirkus`	`um... 1 exchange server, 4 AD servers, 1 WSUS/print/antivir/. server and some hyperV servers hosting windows developement systems`
`20:45.01`	`Nirkus`	`plus the desktops`
`20:45.05`	`toiz`	`hmm`
`20:45.09`	`toiz`	`how many desktops?`
`20:45.16`	`toiz`	`ad servers are only ad?`
`20:45.28`	`Nirkus`	`something > $number_of_employees`
`20:45.29`	`toiz`	`exchange can take time if it is massive`
`20:45.33`	`toiz`	`k`
`20:45.41`	`toiz`	`if he admins desktops too it is pretty even`
`20:45.47`	`Nirkus`	`toiz: yes, ad servers only do AD`
`20:45.54`	`toiz`	`if not then i can do all those servers for .. lets say...`
`20:46.04`	`toiz`	`600 EUR per month`
`20:46.14`	`toiz`	`of when u rent me from my company then`
`20:46.19`	`toiz`	`1200 EUR /months`
`20:46.22`	`Nirkus`	`we seperated exchange and WSUS and antivir and foo so the AD boxes are free`
`20:46.45`	`toiz`	`why do have free ad servers?`
`20:46.52`	`toiz`	`are u having terminal on them?`
`20:47.04`	`Nirkus`	`toiz: no, terminal server is a virtual machine`
`20:47.06`	`toiz`	`ad takes 0 resource pretty much`
`20:47.08`	`toiz`	`k`
`20:47.25`	`toiz`	`echange takes a lot and yes should be separated`
`20:47.27`	`toiz`	`but ad..`
`20:47.28`	`Nirkus`	`toiz: yes, but all the other services on other boxes need ressources and depend on AD`
`20:47.45`	`Nirkus`	`so when you move them to more potent machines, you get free boxes doing AD`
`20:47.46`	`Nirkus`	`:>`
`20:47.48`	`toiz`	`are they at least in one virtual?:D`
`20:47.54`	`toiz`	`aaa`
`20:47.55`	`Nirkus`	`hehe`
`20:47.56`	`toiz`	`ok:D`
`20:47.59`	`toiz`	`thats normal`
`20:48.12`	`toiz`	`so your servers happen to be in estonia`
`20:48.15`	`toiz`	`1200 EUR`
`20:48.18`	`toiz`	`><`
`20:48.21`	`Nirkus`	`every subsidiary has 1 virtual AD and the main subsidiary has 1 physical box extra`
`20:48.24`	`toiz`	`only servers`
`20:48.32`	`toiz`	`mby i do all desktops for another 1200 eur`
`20:49.08`	`toiz`	`mby i should do "piece jobs" for you><`
`20:49.18`	`Nirkus`	`toiz: so â¬ 2400,- for the job our windows admin does? that are 28.8k/year`
`20:49.38`	`toiz`	`like one windows 2003 R2 SP2 install with random M$ services will cost u 300 eur`
`20:49.45`	`Nirkus`	`i think, our windows admin gets something between 35 and 40`
`20:49.54`	`toiz`	`28,8 year seems fair`
`20:49.56`	`toiz`	`y`
`20:50.08`	`toiz`	`hehe`
`20:50.08`	`Nirkus`	`its just a guess`
`20:50.10`	`toiz`	`ok almost><`
`20:50.14`	`Nirkus`	`dont know his actual salary`
`20:50.19`	`toiz`	`BUT`
`20:50.22`	`toiz`	`this 28,8 is`
`20:50.28`	`toiz`	`when u rent me from my company`
`20:50.34`	`toiz`	`if you take me firectly`
`20:50.36`	`Nirkus`	`how much do you pay /month on rent and supplies?`
`20:50.43`	`toiz`	`direclt with contract`
`20:50.45`	`toiz`	`its hald`
`20:50.48`	`toiz`	`= 14,4`
`20:50.50`	`toiz`	`half`
`20:50.59`	`toiz`	`what rent what supplies?`
`20:51.03`	`toiz`	`aaaa`
`20:51.23`	`toiz`	`we dont count like so in there`
`20:51.23`	`Nirkus`	`rent for your $home and supplies to stay alive ;)`
`20:51.29`	`toiz`	`aaa`
`20:51.30`	`toiz`	`hmm`
`20:51.34`	`toiz`	`1 sek`
`20:51.42`	`toiz`	`home is 200 eur a months`
`20:51.45`	`toiz`	`cause its my own home`
`20:51.51`	`toiz`	`its only water and inet and shit..`
`20:51.56`	`Nirkus`	`k`
`20:51.58`	`toiz`	`food is another 200`
`20:52.06`	`toiz`	`living good is 200`
`20:52.14`	`toiz`	`car is like in random EU country`
`20:52.26`	`toiz`	`if i would rent`
`20:52.34`	`toiz`	`home is 500/600`
`20:52.38`	`toiz`	`food still 200`
`20:53.05`	`toiz`	`but i need to buy lots of suits so all this 28,8-12x800= suits`
`20:53.11`	`toiz`	`i like dressing nice`
`20:54.04`	`Nirkus`	`so, in karlsruhe (germany) you would pay about 500 to 1kâ¬ rent a mont (depending on locationw ithint he city and size) + water,heat,inet, ... and food ... id say about 400 a month`
`20:54.25`	`Nirkus`	`hehe`
`20:54.28`	`toiz`	`1500 then + food?`
`20:54.58`	`Nirkus`	`1500 + food would be a very big home near the center`
`20:55.04`	`toiz`	`hehe`
`20:55.04`	`toiz`	`><`
`20:55.09`	`toiz`	`thats fine by me`
`20:55.14`	`toiz`	`anyways coming back to the point`
`20:55.20`	`Nirkus`	`average id say you have 800-1000 + food`
`20:55.23`	`toiz`	`i see a future making onetime jobs to foreigners`
`20:55.35`	`toiz`	`like configuring one project via remote admin or so`
`20:55.42`	`toiz`	`or sending me a server via POST`
`20:55.47`	`Nirkus`	`you mean like freelancing?`
`20:55.51`	`Nirkus`	`hihi`
`20:55.52`	`toiz`	`i install and conf and send it back`
`20:55.52`	`toiz`	`yes`
`20:55.55`	`toiz`	`we do that here`
`20:55.57`	`toiz`	`in estonia`
`20:56.01`	`toiz`	`we SEND SERVERS VIA POST`
`20:56.07`	`toiz`	`between cities`
`20:56.28`	`Nirkus`	`lol`
`20:56.32`	`toiz`	`so they send me server, i install 2003 R2 + ad + terminal, send it back`
`20:56.37`	`toiz`	`i get 300 eur`
`20:56.53`	`toiz`	`they send me server + eopen keys or smth`
`20:57.02`	`toiz`	`you dont do that?`
`20:57.49`	`Nirkus`	`i mainly work at netpioneer and sometimes do little jobs for some people or companies like setting up vpn appliances or something`
`20:57.59`	`toiz`	`k`
`20:58.07`	`Nirkus`	`so that server is a 1 day job if everything works out fine?`
`20:58.13`	`toiz`	`hmm`
`20:58.15`	`toiz`	`no`
`20:58.17`	`toiz`	`3 hour job`
`20:58.27`	`toiz`	`i have installed SO MANY WINDOWS SERVERS MAN`
`20:58.28`	`Nirkus`	`nice salary, then`
`20:58.29`	`Nirkus`	`:)`
`20:58.33`	`toiz`	`i do it 3 hour`
`20:58.40`	`toiz`	`if something fails then a day yes`
`20:58.44`	`toiz`	`or 2`
`20:58.58`	`toiz`	`but usually wont fail unless too new HW etcetc`
`20:59.05`	`toiz`	`new services i dont know yet etcetc`
`20:59.11`	`toiz`	`if all is old then 3h`
`20:59.35`	`toiz`	`10 min raid config, 1h win istall, 30 min-1h updates depending of media i am installng`
`20:59.48`	`toiz`	`1h = ad, dhcp, dns, terminal, you name it`
`21:00.08`	`Nirkus`	`hehe, k`
`21:00.12`	`toiz`	`antivir= <30 min`
`21:00.18`	`toiz`	`andvir center= 1-2 hour`
`21:00.27`	`toiz`	`we have all counted up:D`
`21:00.52`	`toiz`	`proffessional estonian it businesses give EXACT plan to client`
`21:00.58`	`toiz`	`where is actions and timesoncumtion`
`21:01.09`	`toiz`	`usually they put 20% time buffer extra`
`21:01.12`	`toiz`	`in case of failures`
`21:01.20`	`toiz`	`thats all`
`21:01.43`	`toiz`	`when HW is not updated then:`
`21:02.00`	`toiz`	`IMM/RASII config 30 min, all bios/raid/imm patches 1-4h`
`21:02.31`	`toiz`	`imm/rasII is management chip for ibm servers then, if u dont know yet`
`21:02.45`	`toiz`	`its like a minicomputer connected to master server`
`21:03.02`	`toiz`	`dell and other brand have derivates but i mainly support IBM`
`21:03.07`	`toiz`	`IBM + M$ = win`
`21:03.13`	`toiz`	`><`
`21:05.19`	`Nirkus`	`toiz: yes, with dell its called "RAC"`
`21:06.10`	`Nirkus`	`toiz: need to get away from my laptop.. cya in here?`
`21:06.18`	`Nirkus`	`was interesing, talking to you`
`21:15.45`	`toiz`	`u 2`
`21:15.51`	`toiz`	`cya><`

Generated by irclog2html.pl Modified by Tim Riker to work with infobot.