Slashdot Mirror

Fine, but why isn't ProPolice distributed/enabled by default in gcc?

Yeah, it's "been around for ages!".

But, if that's the case, then why do we have buffer overflow fixes in OpenSSH , Mozilla, and Apache?

See, I know I could probably install this compiler extension, and pass flags and all that. I'm sure Gentoo nuts do it all the time.

But why the hell is this not done by default, everwhere, if it's been available for NN years? This is where Microsoft may actually be ahead of us.

But, I guess pointing out this unpopular fact makes me a troll?

Were very much in the beginning stages of looking into it so I cant say for sure. However they do Advertise it

Well, I would normally recommend Pest Patrol. They're located across the hall from me, I've had lunch with their CEO and co-founder, and it's an all around great product with some talented people behind it.

Oh wait...CA bought them, the new v5 sucks, and everyone who worked hard to make it great is about to lose their job.

Ad-Aware :)

This Sybase move now means that I can download and play with a serious database. It's a smart move because it means that I will be gaining skills in programming for that database engine, skills which are seriously marketable.

If you want a database that offers what Sybase does, but without those silly restrictions ("5GB ought to be enough for everyone" indeed), you might as well look at Ingres. Open Source but available with full support from CA should you want it.

http://www.ca.com/opensource/

CA would seem to have prior art with their eTrust AC (developed out of SeOS from Memco) product which uses a kernel module to intercept syscalls on Unix, Windows and mainframe platforms and grant/deny access based on rules held by daemons which hold them in a database and add/remove/update them based on requests either from a master policy server and/or userland tools. Wonder how they'll feel about potentially having their legs removed by this patent from marketing the product on Windows.

Visual DBA Suite

Spatial Object Library

B1 Security

OpenROAD

Enterprise Access

EDBC

Will these be freely available (but not open), also what process did you go through when deciding what to contribute and what not to? I can imagine that these are areas where you feel you offer more than compeeting Open Source solutions and so you are holding back for now.

This is a shame, especialy with regards the Spatial library as PostgreSQL (via PostGIS) and MySQL (4.1 onwards) already have support for spatial objects and indexing.

Right Here

Mod parent down. Poster is a moron who couldn't be bothered to look for it.

If not -- moderators, this is precisely the sort of stupid, snippy, snotty question that always gets modded up for these interviews but contributes nothing.

a better answer for you, from the rules. An OSI compatible license is required, "without 'reciprocal' or 'copyleft' requirements". (emphasis mine)

interesting

Seriously, how hard can it be for MS to write an application as straightforward, yet secure as Firefox.

Perhaps lots of people, including Microsoft itself, have an interest in perpetuating the myth that software is inherently insecure.

...when you do the rest of the job and port all the applications.

The data is the easy bit.

Have a read of the terms and conditions

The open-source site has a paper that highlights some of Ingres's features. That would be a good place to start.

I was very exited about this as I have extensive SQL Server knowledge as well as some Ingres experience. As it turns out however, I can't enter. The PDF with the terms and conditions contains this paragraph:

The contest is intended for presentation in the United States, Canada
(except Quebec Province), Mexico, India, China, United Kingdom,
Australia, and New Zealand. Do not proceed in this site if you are not a
resident of one of those countries.

(In the actual document, it's in all CAPS, but the lameness filter prevents me from posting it that way)

I live in South Africa. Oh well...

I haven't heard of an open source tool with the same functionality as the former Raytheon SilentRunner, now CA eTrust Network Forensics
or the similar tool Niksun

An open source tool with similar capabilities would be an excellent project

eTrustTM Network Forensics captures raw network data and uses advanced forensics analysis to identify how business assets are affected by network exploits, internal data theft, and security or HR policy violations. Its patented technology allows IT and security staff to visualize network activity, uncover anomalous traffic and investigate breaches with a single, convenient solution.

All the big players are buying into this. For the Google-challenged:

EMC's take from todays Cnet
CA
HP
IBM(tho' they prefer the acronym HSM or Hierarchical Storage Management)
Veritas
Random googled pundit on the entire field.

There's been a whole host of developments in the ongoing SCO saga over the past couple of days. SCO have now filed law suits against Autozone and DaimlerChrysler on the same day as announcing growing operating losses. Despite securing a deal to license their IP with ev1servers, SCOsource only generated an income of $20,000 for the quarter. Today it has been revealed that Computer Associates, Questar Corp. and manufacturer Leggett & Platt Inc have all joined the ranks of SCO source licensees. Over at the Nasdaq the publicity stunts are beginning to wane thin with investors who sent SCO shares plummeting by almost 14% yesterday. In the courtroom, SCO was yesterday given 45 days to identify all specific lines of code they allege IBM put into Linux from AIX or Dynix; identify and provide with specificity all lines of code in Linux that it claims rights to.

The article you're linking to is about MyDoom.C. This article is about DoomJuice and DeadHat, which are a considerably more interesting development than the Umpteenth version of the same virus (and, heck MyDoom will probably reach Z too...given enough time).

Note that the DDoS attack is timed to be performed between 1st and 12th Feb, 2004.

Making physical and IT play nice is hard, but it is getting better every day. There are now even products on the market (ahm.. plug) that can help in this area such as eTrust 20/20

you can download a vrml plugin here:

http://ca.com/cosmo/

Where I work (computer support division at a large university) we use Service Desk from Computer Associates. For all we make fun of it, it's actually quite a useful tool. You can track requests, log comments, arrange callbacks, schedule stuff, escalate calls, and tons of other Really Neat Stuff if we only took the time to learn it. Affected customers can reopen requests if things haven't been resolved to their liking.

It's not just for service requests, I guess people manage "change orders" and can manage projects like, say, rolling out servers with it.

It's a Java tool and it also has a Web interface when you're away from a machine with it installed.

I think it's a tad pricy, though.

I was watching ER, and they had three of their products in promenetly displayed near some binders at the check-in nursing station thing. Why would a nurses station need to have software such as ArcServIT, BrightStor, UniCenter, etc.. all nicely lined up next to the monitor of their PC? It's just so odd, and does not fit in with the audience at all. These are Enterprise software suites that cost thousands of dollars.

Additionally, I saw the very same CA lineup in "Just Shoot Me", behind the CEO's desk, next to pictures of his family, and stuff. It would make so much more sense if the product placements were appropriate to the audience.

...run RedHat and integrate into our enterprise backup solution with the Linux client agent for ARCServe.

Unfortunately it's not free, but it didn't change our corporate licence by hardly anything.

CA released Unicenter 3.0 in August 2001. You shouldn't compare a project in development to a product that has already been superseded.

We are currently finalizing a scheduling tool purchase for the company I work for. We have taken a look at the commercial job schedulers available and we are down to two that best fit our needs. #1 -Tidal Enterprise Scheduler and #2 - Job Scheduler. We are choosing them for a Windows 2000 platform but they all have Unix agents and other platforms available as well. Here the others we looked at:

ActiveBatch32
UC4
Unicenter Autosys Job Management
Control-M
I wish this was a post back in August.

Good Luck!

I'd suggest that you take a look at Caldera's (now SCO, again) Volution Manager. It offers the same features for Unix systems, that M$ SMS offers for Windows. Plus, it can be integrated into larger enterprise management platforms like Unicenter and Tivoli should your needs grow so large. Also, if you are a Compaq/HP shop, Volution Manager integrates with Compaq's Insight Manager which is fabulous for hardware management.

Now, before we all laugh and say "doesn't it show that the certifications are stupid?" consider this.. maybe the certification system does work, and all those other certified products are equally flaky. I've got a list of some TCSEC-certified systems here and frankly it's a pretty unappealing set of OSes. If there were as many Unicos systems (rated B1) out there as there were Windows, I betcha they'd find holes in it soon enough. The fundamental problem with any popular OS is that there will be thousands of hackers and wannabees probing away at it. I don't think there are many people reverse engineering CA-ACF2 MVS in their bedrooms.

I think the motto should be: "Security Through Obscurity" - perhaps all those horrid proprietry OSes did have a point after all.

You say that you have used some of the larger enterprise frame works but, you don't mention which ones. If you have a large, very large budget, I would recommend you look at Unicenter TNG from Computer Associates.

Unicenter TNG is an Enterprise Management System, which is different than a network management system. Unicenter TNG allows you to monitor, control and automatically respond to events in your enterprise from a failed router to a single process that is about to have difficulty. It is infinitely configurable to manage and respond to events in very intelligent and or complex manners. It has agents called Neugents that actually learn from events in your environment and become increasingly intelligent, ultimately able to predict failures and when they will occur, well in advance of the actual failure. These events can then be responded to automatically, which prevents the failure from actually occuring.

Unicenter TNG can manage almost anything, literally. It can monitor logs or other files, manage hardware, manage protocols, backups, authentication, virus control, security and firewalls, manage databases or individual processes, or even manage complex business processes and jobs across the enterprise. It operates on a very wide range of platforms and can schedule and control individual jobs across all of those platforms.

Having said all that, CA also offers, for free, the Unicenter TNG Framework. This is the core processing engine of Unicenter but without the agents or options. It runs on most any platform and a Linux version is available. In fact, it use to come with the Suse distro, though I am not certain that it still does. With a fair bit of work and if you write a few of your own agents (the agent SDK is also free) you could give your scripts a level of intelligence that is just amazing.

You say that you have used some of the larger enterprise frame works but, you don't mention which ones. If you have a large, very large budget, I would recommend you look at Unicenter TNG from Computer Associates.

Unicenter TNG is an Enterprise Management System, which is different than a network management system. Unicenter TNG allows you to monitor, control and automatically respond to events in your enterprise from a failed router to a single process that is about to have difficulty. It is infinitely configurable to manage and respond to events in very intelligent and or complex manners. It has agents called Neugents that actually learn from events in your environment and become increasingly intelligent, ultimately able to predict failures and when they will occur, well in advance of the actual failure. These events can then be responded to automatically, which prevents the failure from actually occuring.

Unicenter TNG can manage almost anything, literally. It can monitor logs or other files, manage hardware, manage protocols, backups, authentication, virus control, security and firewalls, manage databases or individual processes, or even manage complex business processes and jobs across the enterprise. It operates on a very wide range of platforms and can schedule and control individual jobs across all of those platforms.

Having said all that, CA also offers, for free, the Unicenter TNG Framework. This is the core processing engine of Unicenter but without the agents or options. It runs on most any platform and a Linux version is available. In fact, it use to come with the Suse distro, though I am not certain that it still does. With a fair bit of work and if you write a few of your own agents (the agent SDK is also free) you could give your scripts a level of intelligence that is just amazing.

You say that you have used some of the larger enterprise frame works but, you don't mention which ones. If you have a large, very large budget, I would recommend you look at Unicenter TNG from Computer Associates.

Unicenter TNG is an Enterprise Management System, which is different than a network management system. Unicenter TNG allows you to monitor, control and automatically respond to events in your enterprise from a failed router to a single process that is about to have difficulty. It is infinitely configurable to manage and respond to events in very intelligent and or complex manners. It has agents called Neugents that actually learn from events in your environment and become increasingly intelligent, ultimately able to predict failures and when they will occur, well in advance of the actual failure. These events can then be responded to automatically, which prevents the failure from actually occuring.

Unicenter TNG can manage almost anything, literally. It can monitor logs or other files, manage hardware, manage protocols, backups, authentication, virus control, security and firewalls, manage databases or individual processes, or even manage complex business processes and jobs across the enterprise. It operates on a very wide range of platforms and can schedule and control individual jobs across all of those platforms.

Having said all that, CA also offers, for free, the Unicenter TNG Framework. This is the core processing engine of Unicenter but without the agents or options. It runs on most any platform and a Linux version is available. In fact, it use to come with the Suse distro, though I am not certain that it still does. With a fair bit of work and if you write a few of your own agents (the agent SDK is also free) you could give your scripts a level of intelligence that is just amazing.

Check out Computer Associate's portal product, CleverPath. It uses Tomcat as its application server. My company is testing CleverPath right now for deployment as a B2B portal for our customers.

If I were you I would let somebody else do the heavy lifting on benchmarks, where it's in production, etc. Contact CA, tell them you are thinking about deploying their portal and you want to know where it's in production and what the benchmarks are. Since CleverPath can be deployed with a third party app server (BEA, WebSphere, Sun ONE) you need to specify a native deployment for the reference customers. Since you know that the app server architecture is built on Tomcat you will have good references for Tomcat that you can use to demonstrate its abilities, or lack thereof.

I've setup and used SDO from computer Associates, and Visio64 (but they are closing). Has mentioned above tivoli is also an option.There's also SMS from Microsoft but some dev is necessary to make it work.
Whith SDO you'll be able to distribute to Microsoft OSes,Novell and a bunch of Unix systems has well. The architecture is build around a MS SQL database which will store information on packages, client machines. You'll be able to schedule when you're distribution will occur (thus not killing your network). A neat option that's bundled with the product is called DTO. This option lets your decide which network route will be used to reach the clients. With it you'll be able to say : to reach machine C go thru machine B, not A. This really is cool.

I've setup and used SDO from computer Associates, and Visio64 (but they are closing). Has mentioned above tivoli is also an option.There's also SMS from Microsoft but some dev is necessary to make it work.
Whith SDO you'll be able to distribute to Microsoft OSes,Novell and a bunch of Unix systems has well. The architecture is build around a MS SQL database which will store information on packages, client machines. You'll be able to schedule when you're distribution will occur (thus not killing your network). A neat option that's bundled with the product is called DTO. This option lets your decide which network route will be used to reach the clients. With it you'll be able to say : to reach machine C go thru machine B, not A. This really is cool.

We just got a laptop drive (and a bill) back from Ontrack after a VP lost his load on the road. It only takes one or two such lessons before getting such a spend approved...

Euh... well this might sound like a plug, but I think it is interesting to see that Computer Associates is embrassing Linux. This company is mostly a mainframe software company (4th largest software maker) ... anyways, they are launching a bunch of new applications for Linux, (well most of them are ports from their Unix versions...) but hey.. this is one big step in the corporate world for Linux. Well I know big blue is all over it, but looks like CA is throwing everything but the kitchen sink at it.

Euh... well this might sound like a plug, but I think it is interesting to see that Computer Associates is embrassing Linux. This company is mostly a mainframe software company (4th largest software maker) ... anyways, they are launching a bunch of new applications for Linux, (well most of them are ports from their Unix versions...) but hey.. this is one big step in the corporate world for Linux. Well I know big blue is all over it, but looks like CA is throwing everything but the kitchen sink at it.

O.k., coming in a little late to this discussion after making sure it was o.k. with my corporate masters :-).

The Java ldap browser I wrote is available for free download from Computer Associates. It comes with a Windows Install Version and a Solaris Tar file. (Being java you can probably persuade it to run under linux, but I've had trouble with Swing and linux, so no promises. If you can get it going, it runs about 4 times as fast as under windows though ... :-)

• Supports SSL and SASL
• saves/imports ldif files
• Pluggable architecture
• User customisable display via html forms
• i18n support
• yada yada yada... it does heaps.

... and kudos to my company CA for making it available for free download (normally it's packaged with our 'eTrust Directory' X500/ldap directory, which is pretty darn neat, but is *not* a free download :-)!

Unfortunately this is not (yet) an open source product, but if anyone uses it, finds it helpful, and writes to me, I'll have a better chance of persuading people here to make it so...

O.k., coming in a little late to this discussion after making sure it was o.k. with my corporate masters :-).

The Java ldap browser I wrote is available for free download from Computer Associates. It comes with a Windows Install Version and a Solaris Tar file. (Being java you can probably persuade it to run under linux, but I've had trouble with Swing and linux, so no promises. If you can get it going, it runs about 4 times as fast as under windows though ... :-)

• Supports SSL and SASL
• saves/imports ldif files
• Pluggable architecture
• User customisable display via html forms
• i18n support
• yada yada yada... it does heaps.

... and kudos to my company CA for making it available for free download (normally it's packaged with our 'eTrust Directory' X500/ldap directory, which is pretty darn neat, but is *not* a free download :-)!

Unfortunately this is not (yet) an open source product, but if anyone uses it, finds it helpful, and writes to me, I'll have a better chance of persuading people here to make it so...

I know this is a windows solution however I'm running two w2k advanced servers and have one on site one off site at my home.

They are clustered. First created with a 100mb crossover link. Then moved one offsite with a modem link between them (direct modem to modem). AS the files don't change much there is not a lot of traffic. (1 file in 3 days maybe).

There is also software link doubletake and surviveIT for the corporate world.

Hardware is fine and dandy, but have you ever tried to find the right drivers for a Turing Machine? ArcServe and Veritas drivers only support a few hundred gigabytes of tape.

You'd think after 60 years someone could have at least invented a Turing Autoloader.

KAK is among the virii that only needs to be previewed in Outlook or Outlook Express, don't even need to open it. Proof of concept is one thing, I'd buy them a bottle of their favorite beverage. Accidental release into the wild is bad, but excrement occurs. Malicious, malevolent payloads is something else entirely.

not forgetting Ingres.

According to Computer Associates it's just a variant of the original CodeRed, CodeRedv3. They've got all the info on it listed here. It matches the hits I'm getting on my site, I don't know about everybody else.

Did you see the 25 foot tall Tux penguin that we (Computer Associates) had there?

I work for Computer Associates (ca) who has 18,000 employees. We use Unicenter TNG/Unicenter BNG/Unicenter/or whatever we are calling it this week to do keep a constent inventory of applications installed on everybodies machines. I dont' have the numbers in front of me right now, but the last time I looked the count was 2.15 computers per employee. Of course some people do not have a machine, most have just one, but developers have more, like 2 or 3 I keep 4 :)

That is ~39,000 pc's not including build machines, or file servers. out of that, almost 8,000 X86 machines have Linux, BSD, or Solaris installed. of those, ~4,500 have star office installed, while ~3,500 have Koffice installed. While a machine with an app installed, is not a machine with someone using that app, queries that I ran show SO saves files extentions on >4,000 machines, and >2,100 users saving files with Koffice.

Another way that I know that we have an active NON-MS Office movement going on, is we had enough support calles to the help desk that we now support KOffice, and Star Office. Just my $.02, but might be relevent to the topic...

2. Delete the objects in the following order: (1) Queue, (2) Queue Server, (3) Extended Schema

3. Create the objects in the following order: (1) Extended Schema, (2) Queue Server, (3) Queue

4. If Multiple ARCserve/IT host servers reside in the same NDS container, they will share a common Queue Server object.

Of course, by the time I got to step #4 I had already performed step #2. Doh! Ended up reinstalling Arcserve on 4 servers (and learned to read all the instructions before starting next time :)

It seems just about every damn virus nowadays spreads via Outlook or Outlook Express which is too bad

But has anybody (specially Timothy) actually paid any attention to the damn stories?

Nowhere in these stories is it claimed that Sircam uses Outlook to spread! Maybe Timothy got the idea from reading this CNN article.

Geez, people, do you believe everything that CNN says? It's not like I really expect CNN to get this right, but /. readers are supposed to be better than that!

In fact, the Wired news clearly says that the virus serves as it's own SMTP client. A lot about this virus in fact resembles how the Judge Disemboweler virus operates.

The only thing that can be interpreted as using Outlook to spread itself is the fact that it takes its e-mail addresses from Windows Address Book files; however it will also try to get addresses from some files in the 'Temporary Internet Files' folder. This means it should be able to spread without any need for Outlook (just some e-mail client and a user naive enough to run the attachment) and without Windows Address Files.

All the usual sources of virus information seem to agree about this virus serving as its own SMTP client. Please check for yourselves:

http://www.symantec.com/avcenter/venc/data/w32.sir cam.worm@mm.html

http://vil.mcafee.com/dispVirus.asp?virus_k=99141&

http://www.antivirus.com/vinfo/virusencyclo/defaul t5.asp?VName=TROJ_SIRCAM.A

http://www.antivirus.com/vinfo/virusencyclo/defaul t5.asp?VName=TROJ_SIRCAM.A

http://www.sophos.com/virusinfo/analyses/w32sircam a.html

http://www.europe.f-secure.com/v-descs/sircam.shtm l

http://service.pandasoftware.es/servlet/panda.pand aInternet.EntradaDatosInternet?operacion=FichaViru s&idVirusFicha=1911&pestanaFicha=1

http://support.centralcommand.com/cgi-bin/command. cfg/php/enduser/std_adp.php?p_refno=010718-000010