Slashdot Mirror
Guardent To Sell Snort And Nessus
Cally writes: "An interesting article appeared on the Info-Sec News list the other day about Guardent's new security appliance. Based on Snort,
Nessus and IPTables, Guardent are taking the unusal step of trying to sell a product based on Free software into the highly resistant corporate security market.
Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free
software, the need for an expensive government audit prevents the
government from saving money and improving security."
fp
Doh!
Penises are nice to suck and play with. Mmm, the taste of penis skin!
What about the FreeBSD network stack that is now in Win2k and XP? Microsoft is using it in "supposed" enterprise apps.
The company should be called GNUardent.
'nuf said ...
Based on previous security issues in open source it has pretty much become obvious that a major security problem in an open source product is fixed much faster than an equivalent closed source product.
:)
Also, due to the number of people looking at the code of the open source product there's more chance of those hairy bugs being weeded out, or in the case of the software being used here probably has been given the maturity of the software and the caliber of the kind of people who use it.
With closed source or hardware based security solutions you might end up getting hacked because the hacker found a hole the vendor didn't know about and you can't even look at the source to try and work out how they did it.
I'd say the advantages of open source security outweigh the disadvantages, and it's been said time and time again. I doubt it will make a difference with enterprise customers though, they're all in bed with the big companies anyway.
The major issue for them is probably support, even though i'm sure this company will support their hardware there's still the "stigma" that with OSS you've got no central reliable resource to turn to for support.
Anyway, enough rantage
Microsoft only has to start offering money prizes for security holes. Then more white hats will get interested in disassembling Microsoft's binaries (MS would have to permit it in it's EULA I guess). It's much harder for open source people to offer $10,000 per security hole found. So in the long run closed source has the advantage, they're just not capitalizing on it yet.
It would be nice to know that Guardent is contributing to the respective projects that are being implemented on this device (IPTables, Snort, Nessus), but I haven't been able to find any ackknowledgement of it on either Nessus's thanks page or in the credits for Snort.
Certainly they've got people working for them who have the know-how to add substancial features to the projects and it would be nice to know that they're not just freeriding on the software for the managed services platform that this device really is.
"Although Free/Open security software is widely acknowledged to be better than commercial alternatives[...]"
This guy doesn't have a clue about the subject, that's evident.
I've yet to come across a open source system that does application level filtering, if you count out SOCKS4&5 that is.
Not to mention how poor Snort is compared to the comertial offerings.
I like open source systems, I'm a BSD user, however that doesn't blind me from seeing the truth.
1. Afghanistan's Taliban regime has openly sheltered, collaborated with, and supported Osama Bin Laden, a cruel islamist-supremacist fanatic bent on dominating the entire middle eastern region under totalitarian, fundamentalist rule. Bin Laden's henchmen are responsible for the murder of thousands of Americans, British, Africans, and other peoples, as well as the destruction of billions of dollars worth of commercial real estate. The parallel between Bin Laden and Adolf Hitler, a cruel aryan-supremacist fanatic bent on dominating the entire European continent under totalitarian Nazi rule, is too clear to merit further elaboration. Yet in spite of this, antiwar liberals refuse to condone the use of military force in putting a stop to Bin Laden's reign of terror, citing the weak excuse that violence only begets violence. As if self-defence and aggression amounted to the same thing! There can be no doubt that these same individuals would also have opposed any use of military force against the Nazi occupation of Poland, France, and North Africa.
2. Antiwar liberals regularly decry the loss of civilian life caused by U.S. air strikes. It is claimed that the Allies' goal of toppling the Taliban government that openly shelters Osama Bin Laden, the mastermind behind the murderous September 11 attacks, is not worth the hundreds of innocent Afghani lives that have been lost in the effort. By analogy, if today's date were 1944 instead of 2001, these same concerned humanitarians would be wailing loudly over the innocent German people losing their lives in Allied bombing raids. Better to let Hitler (a misunderstood anti-imperialist, for certain!) occupy France, Poland, and the rest of Europe, than a single hair on the head of a single blameless German civilian should come to any harm!
3. The United States' involvement with the Northern Alliance, a group of loosely affiliated Afghani tribesmen united mainly by their desire to overthrow the Taliban, has been called into question by prominent antiwar groups. Worried liberals have fretted mightily over brutalities committed by Northern Alliance soldiers, such as the mistreatment of prisoners and pashtun civilians. Once again, the comparison with World War II should prove instructive: in that great struggle, the United States was allied with the Soviet Union, which was then controlled by the psychopathic dictator Joseph Stalin, a man of unsurpassed brutality. Today's liberals would have decried any involvement with Stalin. To them it would be better for the Nazi armies to drive unopposed to the Caucasus oil fields than to have the United States sully its lily-white hands in an alliance with a totalitarian despot.
4. In World War II, it was well understood that there was a need for responsible citizens to take care about what was said or written, lest enemy spies glean valuable information from idle talk. "Loose lips sink ships" was the slogan of the day. Vigilance was the price Americans were willing to pay to defeat the evil that was Naziism. Our present struggle with terrorism finds us in a similar situation. Legislation has been passed by Congress that expands the data-gathering abilities of American law-enforcement officials. Sadly, today's antiwar liberals fancy themselves too good for this sort of restraint. They complain to no end about the terrible restrictions these new security measures will place on their precious civil liberties (as if new regulations for obtaining "HAZMAT" licenses, and enlarging the venues for money laundering cases will usher in a new police state!) irregardless of the improvements the new legislation will make in our ability to track down and apprehend terrorists. The hue and cry has been especially loud among Internet users, the so-called "geeks". It appears that these people would rather have thousands of their fellow Americans die than compromise their ability to download encrypted pornography at work.
5. But what about the Holocaust? Wouldn't genocide, the supreme violation of basic human goodness be enough to stir today's antiwar liberals to action against Hitler? Sadly, the answer can only be no. It has ben irrefutably shown that the Taliban regime has committed atrocities against women and ethnic minorities that rival those carried out by Nazi einsatzgruppen during the Second World War. In spite of the undeniable disregard for human rights and human lives shown by the Taliban, antiwar liberals refuse to sway in their opposition to the use of force against this brutal regime and the murderers it shelters. By their line of reasoning, any opposition to "American Capitalist Imperialism" is a good thing, and deserves to be supported. Clearly, then, if the current year were 1941, these same antiwar liberals would be crying out for peace with the National Socialist (Nazi) government of Adolf Hitler, sweeping under the rug German efforts to exterminate millions of people as "cultural differences that need to be respected".
There can now be no doubt about the mindset of those opposing America's war with the Taliban: these antiwar people are relentlessly opposed to war at any cost, and singlemindedly bent on seeing the United States as evil, and seeing any group opposed to the United States, no matter how murderous, degenerate, and foul, as defenders of truth, justice, and anti-imperialism. It is an undeniable fact that the antiwar liberals of today would have opposed the United States' struggle against Nazi villainy during World War II, and, as has been conclusively demonstrated, are as bad as Hitler. Thank you and God Bless America.
How did I know that the words "widely recognised" above would be a link from Slashdot to Slashdot. Linking to yourself saying the same thing is not a citation. It's the classic sign of a kook.
-- the most controversial site on the Web
OpenBSD has several advantages over Linux for this application:
- More cohesive codebase, tighter integrated security audits. (==more secure foundation to work from)
- Better firewall and nat features, syntax.
- BSD-licensed foundation, so no hassles if you're using it in a product.
- Cooler logo.
;-)
And of course, since the OpenBSD community has a lot of paranoidQuite frankly, seeing someone selling a security solution based on open source software and finding out the OS isn't OpenBSD is like finding your cousin Larry using an egg beater to polish his car's paint... You know they must have some reason, but damn if it has any obvious logic to it...
(Linux has it's own place. I use it a lot for developing and deploying java applications, also it's a better DB platform than obsd becuase it has SMP support. Right tool, right job. For security, obsd is the right tool.)
There are probably countless "hardware" boxes that use FreeBSD or some other BSD derivative as a base. The company takes that base and adds their own code to do whatever it is that would be unique to the box, then sells the result as a hardware solution. The box itself might have a lot of proprietary hardware in it, or it might not. That'll just depend on the box.
But either way, open source probably powers a lot more of the hardware (routers, proxies, firewalls, etc.) than the average PHB would expect.
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Not to rehash, but the hell is up with the guy submitting the post referring to free software. Not even the article this was linked talked about free.
"Although Free/Open security software is widely acknowledged to be better than commercial alternatives..."
I'm sure this point will rapidly become a chorus in this thread, but that sentence is pointless fluff.
Open source means you can could inspect the source. Iff you choose to expertly inspect the source you may come to understand the security parameters of the application. You'll know how it works, and a lot of what it depends on in terms of libraries, OS calls etc. And you can evaluate on those terms whether it provides an adequate level of security for the environment in which you intend to use it.
If you haven't audited the code, all you know is that the code is auditable. You know nothing about the security of the system.
Most of us here haven't performed any of these steps on systems like OpenSSH, for instance. Instead we rely on two things: that someone else has peformed a competent, honest audit; that so many people use it that if it had problems we'd all know (surely). Both of those are flimsy, when you come right down to it.
Open source only means you could audit it if you wanted to. It doesn't make it any more or less secure than anything else.
I find this statement terribly interesting. This implies that opensource software is more heavily auditted by the US government than closed source software.
Does anyone else find this ludicrous ?
One of the basic tenets of opensource software is that its bugs/vulnerabilities are presented for worldwide review. Any holes, trojans or vulnerabilities are caught faster and fixed almost immediately. Eric Raymond's find-fix-release cycle has been pretty much implemented in all active opensource projects. I find it interesting that the government, even if it is the NSA, is suspicious of opensource software, yet will trust the closed source products they buy. Isnt this placing your bets in the wrong basket ?
I wont got into the benefit of using opensource in detail, for it is bound to be flogged like a dead horse in the ensuing /. discussion below, but surely to suggest increased audit spending on opensource is FUD.
Additionally, it peeves me a little when everytime opensource is mentioned, the immediate line is drawn to Linux. I think the existence of other top notch operating systems such as FreeBSD, NetBSD and OpenBSD should also play a role in government procurement. The mindshare which Linux has managed to garner in this space is eclipsing decision makers away from proper evaluation and just jumping on to the Linux bandwagon.
After all, one of the basic tenets of opensource is choice. We dont want the lack of choice we have replaced with another lack of choice in operating systems, Linux only.
This is good news for the Open Source community. It's great to see a company making OSS the core of its business. However, the article also points out some of the traditional weak points of OSS.
One is that OSS focusses much more on technical prowess than on anything resembling a workable UI. For the true geek, no more than a command line is necessary for a UI. However, in the "real world" a user will not even consider touching the best software around if his only UI is a command line or a bad looking bunch of poorly designed widgets. It matters. Perhaps more than it should, but it is the reality. If functionality is (for the user) more or less comparable, the sleeker look will win.
Another point is of course the traditional lack of a single support channel. There is simply no guarantee for support for most OSS and face it, the actual software is at most half of the total cost, support being one of the largest money sinks. To a true company, the guarantees of support are much more important. And saying that they can do their own support (it's Open Source, right?) is simply no alternative, and neither is waiting for the whim of the masses to get round to their bug (yes, I know, they are now dependent on the whim of the supplier. But at least there's a binding support contract there).
Finally, for more critical applications, there are certain audits and certificates. I've rarely considered that with respect to OSS, but it does raise an interesting point. Especially with government applications and more critical applications, there will be a need for certain certificates. The Open Source community just hasn't got the money to fund such audits.
So, what can a company like Guardent do to repell these fears?
First off, as commercial suppliers, they can actually sign the support contracts and be held responsible for timely updates and fixes. Also, fixes now will be gathered and maintained by a single body, which is much preferable from a customer's point of view than scanning the Nets blindly every day for new updates.
Second, as suppliers, Guardent can create the UI necessary when packaging and integrating the seperate applications. This makes the package accessible to the users. Again, I cannot stress how important this is!
And finally, as a commercial company, they may be able to raise the cash necessary to get the necessary certificates and maintain them. Without these, a whole market segment will be closed to them no matter how well the software performs.
I hope that, if they make profit using these free softwares, they give some money back to the developers. I know that Renaud Deraison, one of the Nessus core developers, is tired of seing derivatives of his product sold by many companies which *never* give anything (bug reports, patches, plugins, money) back.
Hell, free software needs financial *and* technical support from those who use it. Or you won't be able to use it very long.
One is that OSS focusses much more on technical prowess than on anything resembling a workable UI.
http://www.fwbuilder.org/ is GUI which should work
with this product nicely.
control panel | register | calendar | members | search | faq | new posts | get password | get activation code
5 934f2d3ad778cbbd25762f8d7ae6&forumid=136
a =na&rf=http%3A//apolyton.net/forums/forumdisplay.p hp%3Fs%3D87e465f0cd6d7d2436d89d485c43014d%26forumi d%3D4&ln=&pl=undefined
apolyton store | interviews | the column | radio | chat | music 13.Dec/Civ3: MUST HAVE FOR STRATEGY GAMERS13.Dec/Civ3: STOCKING STUFFER FOR SURE13.Dec/About: NUCLEAR TEDDY BEAR AND FRIENDS13.Dec/Misc: NPDI TOP10 25/NOV-1/DEC/200112.Dec/Civ3: VOODOO VOTE ON PC STRATEGY G.O.Y.12.Dec/Civ3: `DAMN GOOD`, CONCLUDES F.S.12.Dec/Civ3: FORCES OF GOOD AND EVIL12.Dec/Civ3: BARELY MIDDLE-OF-THE-PACK12.Dec/Civ3: FOR TURN-BASED FANS ONLY... PROBABLY12.Dec/Civ3: HINTS IN JAN. 2002 ISSUE OF PCGAMER11.Dec/Misc: CHIPS&BITS TOP10 1-7/DEC/200111.Dec/Civ3: NON-SAFEDISK EXE AVAILIABLE11.Dec/About: 16000 LOGINS AND 426821...11.Dec/Misc: BABEL TIES UP EXCLUSIVE DEAL WITH INFOGR...11.Dec/About: NEW SMILIES11.Dec/Misc: PRIORITIES SET STRAIGHT11.Dec/Civ3: FIT WELL INTO STORY ARC10.Dec/Misc: NPDI TOP10 18-24/NOV/200110.Dec/Civ3: STORY CONTEST: NOV/19-25 RESULTS, NOV/26...10.Dec/Civ3: NEW FILES!10.Dec/Misc: C198# THE NATURE OF SEQUELS9.Dec/Civ3: SHARK WORTHY9.Dec/Civ3: `MESMIRIZING` TO SAY THE LEAST9.Dec/Civ3: MUTE THE MUSIC, WAIT FOR FIXES9.Dec/Civ3: CIV-VI IN TEN YEARS?9.Dec/Civ3: THAT`S THE WAY THEY LIKE IT9.Dec/Civ3: THREE NORDIC CHEERS9.Dec/Civ3: SERIES PROGRESSING WELL9.Dec/Civ3: FROM THE DIGITAL CULTURE BEAT8.Dec/Civ3: UPDATED V1.16 PATCH RELEASED
Apolyton CS Forums > Civilization III > Civ3-Strategy
(Moderated by: MarkG, Ming)
Subscribe to this Forum
Thread Thread Starter Replies Views Last Post
Rating
Announcement: CIV3 PATCH IS HERE! MarkG - - 07-12-2001
Top: 2nd Apolyton Civ3 Tournament : 1-15/December/2001 ( 1 2 3 ) MarkG 78 2469 14-12-2001 08:44
by Sirian
Top: Unit Strengths by Era ( 1 2 3 ) Jeffrey Morris FIRAXIS 65 932 14-12-2001 07:54
by King of Rasslin
Top: Poll: Apolyton Tournaments: 2, 3 or 4 weeks? MarkG 10 143 14-12-2001 06:57
by gnomos
Top: Apolyton Tournaments: General discussion, regulations and suggestions MarkG 11 441 07-12-2001 14:17
by Zaphod
Top: Suggest POSTS FOR OUR STRATEGY SECTION MarkG 15 941 07-12-2001 02:49
by adaMada
Guerilla Warfare Strategy? edub 9 202 14-12-2001 09:49
by dexter4dxm
OCC Best Dates ToeTruck 10 288 14-12-2001 07:35
by photar74
The quick way to move the capitol Caesar Addictus 10 234 14-12-2001 07:25
by Spearthrower
Is there ANY reason to be a Republic?! Nick Yeast 8 101 14-12-2001 06:23
by sophist
Has Anyone won Deity Without War at the Start? jgflg 0 12 14-12-2001 06:09
by jgflg
AI Govt and War analysation Ninot 4 70 14-12-2001 05:30
by Nakar Gabab
a few observations on leader generation ( 1 2 ) Mr. T 41 1917 14-12-2001 05:00
by Jaybe
Emp/Deity beelines? Kinjiru 2 52 14-12-2001 04:03
by Fistleaf
Vel's Strategy Thread - Part Three ( 1 2 3 4 ) Velociryx 110 4812 14-12-2001 03:47
by Velociryx
Why do other Civs think I mistreated someone? TrainWreck20 1 47 14-12-2001 03:34
by Sevorak
Beelining in the Industrial Age Nakar Gabab 15 246 14-12-2001 01:42
by Dissident
Intensely Annoying AI Navies Jason 25 1039 14-12-2001 00:54
by vmxa1
How to Roll-up a big civ in 1 Turn! jgflg 3 144 14-12-2001 00:31
by pchang
Is Cavalry Overpowered? ( 1 2 ) pcasey 54 944 13-12-2001 23:55
by pcasey
Industrious Civs - Use workers in battle campaigns! Libertarian 15 1295 13-12-2001 23:41
by ranald
My Rant about Strategic Resources pcasey 21 268 13-12-2001 23:33
by jbrians
My Issue with Pop Rushing pcasey 15 295 13-12-2001 23:25
by jbrians
Overcoming Initial Land Disadvanatages pickleboy 1 80 13-12-2001 21:17
by MarshalN
Non-realistic convenient patch Luigi 6 247 13-12-2001 21:02
by Dissident
Replaying a map as an OCC, new tactics ICMB 0 27 13-12-2001 20:15
by ICMB
Resources - The old way rules Nexus VI 23 626 13-12-2001 18:34
by David Weldon
Five City Challenge ToeTruck 3 174 13-12-2001 16:33
by solo
Nature Abhors a Vacuum NotLikeTea 3 240 13-12-2001 14:40
by Thrawn05
Mandatory Evacuation Prior to Right of Passage Backstab Jason 19 833 13-12-2001 14:25
by Thrawn05
What does "We love the King Day" do? Mike_W 11 588 13-12-2001 12:13
by Grim Legacy
Showing threads 1 to 30 of 388, sorted by thread title last post time number of replies number of views thread starter rating in ascending descending order, from last day last 2 days last 5 days last 10 days last 20 days last 30 days last 45 days last 60 days last 75 days last 100 days the last year the beginning
Subscribe to this Forum Pages (13): [ 1 2 3 4 > >> ]
All times are GMT. The time now is 10:07. Forum Jump:
Please select one: -------------------- Private messages Search Home -------------------- Civilization III-- Civ3-General-- Civ3-Release Info/Availability-- Civ3-Strategy-- Civ3-Civilizations-- Civ3-Files-- Civ3-Creation-- Civ3-Help-- Civ3-StoriesMaster of Orion-- MOO3-- MOO1/2Civilization II-- Civ2-General/Help-- Civ2-Test of Time-- Civ2-Strategy-- Civ2-Creation-- Civ2-MultiplayingCall To Power II-- CtP2-General/Help/Strategy/Multiplaying-- CtP2-Creation/AI/Mods/ScenariosAlpha Centauri-- AC-General/Help/Strategy-- AC-Creation-- AC-Fiction-- AC-MultiplayingCivilization: Call To Power-- CtP-General/Help/Strategy-- CtP-Creation-- CtP-MultiplayingHosted Sites-- HS-The Spanish Civilization II Site-- HS-GameLeague-- HS-Scenario League-- HS-Hodadian Award Central-- HS-The Art of WarAlternative Civs / Other Games-- Alternative Civilizations-- Clash of Civilizations-- Freeciv-- Guns, Germs & Steel-- Europa Universalis-- Trade Wars 2002-- Other Games---- Earth 2025---- Big Huge Games---- DinosaursMiscellaneous-- Civ - Macintosh---- Mac-Civilization II---- Mac-Alpha Centauri---- Mac-Call To Power-- Apolyton/Community-- Stories & Diplomacy-- Off-Topic
= new posts ( = more than 100 replies or 500 views ) = closed thread
= no new posts ( = more than 100 replies or 500 views )
Forum Rules:You may post new threads
You may post replies
You may post attachments
You may edit your posts HTML code is ON
vB code is ON
Smilies are ON
[IMG] code is ON
Contact Us - Apolyton Civilization Site - Support Us!
Powered by: vBulletin Version 2.0.3
Copyright ©2000, 2001, Jelsoft Enterprises Limited.
Page Loading Time:
http://apolyton.net/forums/forumdisplay.php?s=2db
English to French English to German English to Italian English to Portuguese English to Spanish French to English French to German German to English German to French Italian to English Spanish to English Portuguese to English
Systran Internet Translation Technologies
Front Page | Civilization III | Dinosaurs | Civilization II | Call to Power | Call to Power II | Alpha Centauri | Alternative Civs | Misc | Links | About ACS | GameStats
GameLeague | Scenario League | HAC | CSC | Spanish CivII Site | Clash of Civs | CtP Maps | WesW's Ctp1/2 Site | Civ3 Haven undefined&bn=MSIE&bv=400&ss=na&sc=na&dt=2&sv=10&j
NEIC Web Site Contents Near Real Time Earthquake List Current Earthquake Information ... Fast Moment Solutions ... Recent Hypocenter and Phase Data ... AUTODRM General Earthquake Information ... World ... USA ... Education ... Magnitude / Intensity Earthquake Search Source Parameter Search Seismograph Station Codes Earthquake Information Sources Routine U.S. Mining Seismicity U.S. National Seismograph Network Today in Earthquake History Large Earthquakes in 2001 Earthquake Email Notification ... Last BIGQUAKE Message About Us ... Tour Information Products and Services ... NEIC Maps ... Earthquake Information via Telephone Report an Earthquake Site Index Search NEIC Home Page
Other USGS Earthquake Websites USGS Earthquake Hazards Homepage Central United States Pacific Northwest Northern California Southern California Geologic Hazards National Strong Motion Program National Seismic Hazard Mapping Project Albuquerque Seismological Laboratory
You may need to reload this page for the latest list.
Current Time: Fri, 14 Dec 2001 10:10:26 UTC
Near Real Time Earthquake List
Updated as of Thu Dec 13 22:32:22 UTC 2001. DATE-(UTC)-TIME Latitude Longitude Depth Magnitude Q COMMENTS
yyyy/mm/dd hh:mm:ss degrees degrees km
2001/12/13 20:53:31 55.46N 161.65W 80.1 4.8 A ALASKA PENINSULA
2001/12/13 13:50:45 27.06N 44.32W 10.0 5.7 A NORTHERN MID-ATLANTIC RIDGE
2001/12/13 09:42:32 51.14N 179.52W 33.0 4.8 A ANDREANOF ISL, ALEUTIAN IS.
2001/12/13 07:28:09 42.79S 125.16E 10.0 4.7 B SOUTH OF AUSTRALIA
2001/12/13 06:52:48 18.79S 178.06W 538.7 4.4 B FIJI ISLANDS REGION
2001/12/13 04:57:49 44.06N 148.36E 33.0 4.4 B KURIL ISLANDS
2001/12/13 03:12:10 16.10N 97.88W 33.0 4.3 B OAXACA, MEXICO
2001/12/13 02:05:04 33.30N 95.90E 10.0 4.7 B QINGHAI, CHINA
2001/12/12 19:44:17 72.79N 5.17E 10.0 4.6 B NORWEGIAN SEA
2001/12/12 17:08:36 51.15N 178.13W 33.0 4.6 A ANDREANOF ISL, ALEUTIAN IS.
2001/12/12 14:02:35 42.78S 124.82E 10.0 7.0 A SOUTH OF AUSTRALIA
2001/12/12 12:53:18 17.30S 167.70E 42.7 6.2 A VANUATU ISLANDS
2001/12/12 11:31:54 21.94S 68.14W 127.7 4.5 A CHILE-BOLIVIA BORDER REGION
2001/12/12 11:04:21 23.87S 69.69E 10.0 4.9 B MID-INDIAN RIDGE
2001/12/12 08:56:32 27.87N 142.83E 33.0 4.6 B BONIN ISLANDS, JAPAN REGION
2001/12/12 05:47:15 15.90N 145.37E 369.9 4.5 B MARIANA ISLANDS
2001/12/12 04:59:49 52.42N 167.79W 33.0 4.3 A FOX ISLANDS, ALEUTIAN ISLANDS
2001/12/12 04:45:52 32.18S 71.28W 33.0 4.2 B NEAR COAST OF CENTRAL CHILE
2001/12/11 22:59:28 53.82N 160.60E 71.6 4.6 A NEAR EAST COAST OF KAMCHATKA
2001/12/11 21:40:35 34.11N 116.72W 9.3 3.6 SOUTHERN CALIFORNIA
2001/12/11 20:43:26 32.24N 138.85E 309.2 4.2 B SOUTHEAST OF HONSHU, JAPAN
If the earthquake you are looking for is no longer on this list, try List of Recent Earthquakes.
See also Maps and Lists of Current U.S. Earthquakes by Region from the Earthquake Hazards Program.
Earthquake Map Only (new window)
Earthquake List Only
Current Earthquake Maps
Latest Fast Moment Solutions
Explanation of earthquake parameters and publication criteria:
Depth
Distance below sea level in kilometers.
33 km is used as a default depth for earthquakes determined to be shallow, but whose depth is not satisfactorily determined by the data. Default depths of 5 or 10 km are usually used in continental areas and on mid-ocean ridges since earthquakes in these areas are usually shallower than 33 km.
Q
Earthquake Location Quality: A is good, B is fair, C is poor, D is bad.
The quality refers to the MATHEMATICAL accuracy with which the earthquake location has been computed. A and B qualities mean that the location is quite reliable, while a C quality can be fairly uncertain. Bad locations will generally not be reported. Quality does NOT indicate the earthquake's relationship to seismic zones, NOR does it have anything to do with possible damage or casualties that may have been caused.
UTC
Coordinated Universal Time
In the United States, to convert to your local time, find your time zone and subtract the number of hours listed. Standard Time Daylight Time
Eastern UTC - 5 hours UTC - 4 hours
Central UTC - 6 hours UTC - 5 hours
Mountain UTC - 7 hours UTC - 6 hours
Pacific UTC - 8 hours UTC - 7 hours
Alaska UTC - 9 hours UTC - 8 hours
Hawaii UTC - 10 hours
COMMENTS
The regions shown in the comments column are automatically generated names from the Flinn-Engdahl (F-E) seismic and geographical regionalization scheme, proposed in 1965, defined in 1974 and revised in 1995. The boundaries of these regions are defined at one-degree intervals and therefore differ from irregular political boundaries. For example, F-E region 545 (Northern Italy) also includes small parts of France, Switzerland, Austria and Slovenia and F-E region 493 (Chesapeake Bay Region) includes all of the State of Delaware, plus parts of the District of Columbia, Maryland, New Jersey, Pennsylvania and Virginia. Beginning with January 2000, the 1995 revision to the F-E code has been used in the QED and PDE listings. This revision includes 28 additional regions, which were defined by subdividing larger regions to provide better coverage for Northwest Africa, Southeast Asia and seismic zones along oceanic ridges.
The 3 to 5 letter codes enclosed in angle brackets refer to the organization contributing the location.
USGS National Earthquake Information Center
USGS Privacy Statement | Disclaimer
Maintained by: M. Zirbes Feedback
Updated: Thursday, 2001 December 13 15:36:28 MST
URL: http://neic.usgs.gov/neis/bulletin/bulletin.html
Home
Search
Country profiles
Arctic
Climate change
Freshwater
GEO data
Help/About
Community
UNEP web sites
UNEP.org
Contact us
Email: tech.support@unep.net
UNEP.Net Environment Network
UNEP/GRID-Arendal
Service Box 706
N - 4808 Arendal
Norway
Fax: +47 3703 5050
About UNEP.Net
The United Nations Environment Programme (UNEP) provides leadership and encourages partnership in caring for the environment by inspiring, informing, and enabling nations and peoples to improve their quality of life without compromising that of future generations. In carrying out its role as the lead global environment agency, UNEP acknowledges and recognizes that there are numerous specialized environmental institutions with a wealth of scientific information that they currently distribute to specific target audiences through the Web and other information distribution channels. It is this reality that led UNEP to initiate the UNEP.Net partnership in September 2000, so as to bring these specialized scientific environment communities together under one umbrella. The partnership is using the communities' varied and vast information resources to begin a new global process of developing integrated solutions to well-known environment problems while also highlighting emerging issues by using relevant components of their scientific information holdings. UNEP is thus fulfilling a part of its mandate by bringing together environmental information and data providers and facilitating and encouraging the exchange of information between them by using the most current Internet technologies to serve the world's environment citizens.
Environmental Systems Research Institute (ESRI), a globally recognized leader in the development of spatial or geographic information system technologies, has also been instrumental in starting the UNEP.Net initiative by contributing both technical and substantive environmental expertise. There is a rapidly growing list of institutions joining the partnership and they will all be acknowledged on the site. The UNEP.Net portal at http://www.unep.net adds immense value to the existing network of environmental sites and complements them in informing the world's environment citizens about how their actions impact on the environment, the best practices that they should emulate, and the globe's current and anticipated future environmental challenges.
There is a large volume of well-researched scientific environmental information fragmented in a wide variety of institutions and Web sites, and this has made it difficult to filter for relevant information required for solving real-world environmental problems. The integrated solutions on the UNEP.Net site compile information from different scientific institutions to develop comprehensive solutions to specific environmental challenges. Environmental research and localized environmental solutions and best practices in many countries have also gone unrecognized, and one benefit that will be realized by this environment network is providing the forum for scientific technical peer review, provision of insights on environmental issues to the global community and exchange of ideas.
UNEP.Net is a decentralized and distributed system that allows the integrated applications to query and generate reports from remote environmental databases and servers. This architecture enables the contributing publishers to continue to upgrade their systems and update their information holdings locally with the benefits being realized directly by the partnership. In negotiating contributions with various partners, UNEP maintains respect for intellectual property, but encourages its partners to exchange and make their information and data available free of charge. The site also hosts independent specialized solutions and information/data of its publishers developed to address specialized environmental issues and concerns. The dynamic and integrated applications can be accessed by specialized software and toolkits provided through the site, or directly with a Web browser, in which case less functionality is exposed to the user. For instance, downloading a copy of the freely distributed ArcExplorer and using it to overlay maps, etc. allows extensive manipulation of the map-based applications.
Questions about the environment? eisinfo@unep.org
Technical questions about this website? tech.support@unep.net
UNEP.Net © United Nations Environment Programme 2001
This page was last updated: 14 December 2001
Except only masochist like and use OpenBSD, since they have to deal with a dick like Theo. He's as tyrannical, obnoxious, and misguided as Linus Torvalds. I'd suggest they combine efforts to make the ultimate zealot and troll OS in the world, but they'd have a pissing match over the license to use.
xe.com The Universal Currency Converter(TM)
http://www.xe.com/ucc/ The World's Favorite Currency Tool
Links: XE.com Home | Currency Services Site Map | Help/FAQ | Tell a Friend
Webmasters: How to Link | Free Tools for Your Site | More Resources...
Español | Français | Svenska
For information on advertising on this page, click here.
I want to convert... using live currency rates
this amount
of this type of currency
into this type of currency.
enter any amount CAD Canada Dollars USD United States Dollars EUR Euro GBP United Kingdom Pounds DEM Germany Deutsche Marks FRF France Francs JPY Japan Yen NLG Netherlands Guilders ITL Italy Lire CHF Switzerland Francs DZD Algeria Dinars ARS Argentina Pesos AUD Australia Dollars ATS Austria Schillings BSD Bahamas Dollars BBD Barbados Dollars BEF Belgium Francs BMD Bermuda Dollars BRL Brazil Real BGL Bulgaria Leva CAD Canada Dollars CLP Chile Pesos CNY China Yuan Renminbi CYP Cyprus Pounds CZK Czech Republic Koruny DKK Denmark Kroner NLG Dutch (Netherlands) Guilders XCD Eastern Caribbean Dollars EGP Egypt Pounds EUR Euro FJD Fiji Dollars FIM Finland Markkaa FRF France Francs DEM Germany Deutsche Marks XAU Gold Ounces GRD Greece Drachmae HKD Hong Kong Dollars NLG Holland (Netherlands) Guilders HUF Hungary Forints ISK Iceland Kronur INR India Rupees IDR Indonesia Rupiahs IEP Ireland Pounds ILS Israel New Shekels ITL Italy Lire JMD Jamaica Dollars JPY Japan Yen JOD Jordan Dinars KRW Korea (South) Won LBP Lebanon Pounds LUF Luxembourg Francs MYR Malaysia Ringgits MXN Mexico Pesos NLG Netherlands Guilders NZD New Zealand Dollars NOK Norway Kroner PKR Pakistan Rupees XPD Palladium Ounces PHP Philippines Pesos XPT Platinum Ounces PLN Poland Zlotych PTE Portugal Escudos ROL Romania Lei RUR Russia Rubles SAR Saudi Arabia Riyals XAG Silver Ounces SGD Singapore Dollars SKK Slovakia Koruny ZAR South Africa Rand KRW South Korea Won ESP Spain Pesetas XDR Special Drawing Rights (IMF) SDD Sudan Dinars SEK Sweden Kronor CHF Switzerland Francs TWD Taiwan New Dollars THB Thailand Baht TTD Trinidad and Tobago Dollars TRL Turkey Liras GBP United Kingdom Pounds USD United States Dollars VEB Venezuela Bolivares ZMK Zambia Kwacha EUR Euro XCD Eastern Caribbean Dollars XDR Special Drawing Right (IMF) XAG Silver Ounces XAU Gold Ounces XPD Palladium Ounces XPT Platinum Ounces
scroll down to see more currencies USD United States Dollars CAD Canada Dollars EUR Euro GBP United Kingdom Pounds DEM Germany Deutsche Marks FRF France Francs JPY Japan Yen NLG Netherlands Guilders ITL Italy Lire CHF Switzerland Francs DZD Algeria Dinars ARS Argentina Pesos AUD Australia Dollars ATS Austria Schillings BSD Bahamas Dollars BBD Barbados Dollars BEF Belgium Francs BMD Bermuda Dollars BRL Brazil Real BGL Bulgaria Leva CAD Canada Dollars CLP Chile Pesos CNY China Yuan Renminbi CYP Cyprus Pounds CZK Czech Republic Koruny DKK Denmark Kroner NLG Dutch (Netherlands) Guilders XCD Eastern Caribbean Dollars EGP Egypt Pounds EUR Euro FJD Fiji Dollars FIM Finland Markkaa FRF France Francs DEM Germany Deutsche Marks XAU Gold Ounces GRD Greece Drachmae HKD Hong Kong Dollars NLG Holland (Netherlands) Guilders HUF Hungary Forints ISK Iceland Kronur INR India Rupees IDR Indonesia Rupiahs IEP Ireland Pounds ILS Israel New Shekels ITL Italy Lire JMD Jamaica Dollars JPY Japan Yen JOD Jordan Dinars KRW Korea (South) Won LBP Lebanon Pounds LUF Luxembourg Francs MYR Malaysia Ringgits MXN Mexico Pesos NLG Netherlands Guilders NZD New Zealand Dollars NOK Norway Kroner PKR Pakistan Rupees XPD Palladium Ounces PHP Philippines Pesos XPT Platinum Ounces PLN Poland Zlotych PTE Portugal Escudos ROL Romania Lei RUR Russia Rubles SAR Saudi Arabia Riyals XAG Silver Ounces SGD Singapore Dollars SKK Slovakia Koruny ZAR South Africa Rand KRW South Korea Won ESP Spain Pesetas XDR Special Drawing Rights (IMF) SDD Sudan Dinars SEK Sweden Kronor CHF Switzerland Francs TWD Taiwan New Dollars THB Thailand Baht TTD Trinidad and Tobago Dollars TRL Turkey Liras GBP United Kingdom Pounds USD United States Dollars VEB Venezuela Bolivares ZMK Zambia Kwacha EUR Euro XCD Eastern Caribbean Dollars XDR Special Drawing Right (IMF) XAG Silver Ounces XAU Gold Ounces XPD Palladium Ounces XPT Platinum Ounces
scroll down to see more currencies
Get every world currency in the Full Universal Currency Converter!
Get free currency rates by e-mail | Put this tool on your site for free
XE.com recommends NextCard Visa
It's not rocket science!
An ongoing APR as low as 9.99% can save you big money!
Top Rated for Customer Satisfaction 30 Second Approval
No Hidden Fees Reward Points Online Balance Transfers
24/7 Online Account Access 100% Safe Shopping Pledge
Instructions
The Universal Currency Converter(TM), the world's most popular currency tool, allows you to perform interactive foreign exchange rate calculations on the Internet, using live, up-to-the-minute currency rates.
To start, simply type the amount of source currency in the input box. You may include commas and a decimal point. Next, select the source and destination currencies using the scrolling selection boxes. (Note that there are far more currencies available than the initial five displayed.) When you are finished, push the "Perform Currency Conversion" button, and the results of your conversion will be displayed.
"Universal Currency Converter", "XE", "XE.COM", and the spinning currency logo are trade marks of xe.com.
TOP Copyright © 2001 xe.com | Terms of Use
It mat sound wierd but an awful lot of companies wont 'buy' free stuff (software especially). They like the security that a bazillion pounds of support contract and software maintenance gives them. The fact that the support I've had on _numerous_ free software is far better than you'd expect from a tech support department is irrelevant because there are no _guarantees_. Selling gnu tools as a business model may actually be viable :) Provided you offer 'support' on such things... :)
While the deployment and cost savings are attractive, it seems to me to be adding to the security risk to include vulnerability and penetration testing tools on a firewall.
Based on the current description, Guardent also seem to be missing a trick: combining IDS and firewall allows the creation of an IPS (Intrusion Prevention System) where detection of selected IDS signatures would cause the connection to be dropped.
Comments?
Andrew Yeomans
| A | B | C | D | G | H | I | J | K | L | M | O | P | R | S | T | V | W | X | Y | Z |
WARNING: Symptoms of being
the typical Ah Beng
Here are ten reasons why you may not be as cool as you think. You may be an AH BENG...
1. You live in Ang Sua and not Bukit Merah;
2. You realise that everyone address you as chef or Hock Kien Peng in the army;
3. Your command of Hokkien is better than your Singlish;
4. You have permed hair;
5. You like to shop in GOO CHAIR CHEW and PEOPLE'S PARK;
6. The girl at POSB stared at you when you said, "I one too wee door some money."
7. Chicks with luminous shirts and pony tails at the TOP of their head say, "ho say bo" to you;
8. Your belt is down to your pubes and butt crack area;
9. You can put 2 chickens in your trousers pocket;
10. YOU HAVE A BMX WITH STEREO AND NEON LIGHTS
and Ah Lian
If u think u are sexy and cool as hell, wait; read this: U may be an AH LIAN...
10 reasons why u could be an A. L.
1. SDU rejects your application because they cannot classify you;
2. Your job at Macdonalds is the only chance you get to speak bad English AKA Singlish;
3. Your skirt is below your boobs and you wear a size 42 short-sleeved shirt when u are a size 32;
4. You find cheap thrills by pinching your friend every time you see someone with a turban, hoping she would scream the correct color; (Harban Singh doesn't count--His turban is detachable; like many of them, only wears it during NS to escape HELMET, detached with the latest hairstyle in disco)
5. Your boyfriend insist that he live in:
Blk lie-tee-fi
lumber tree-too-egg
Ang Suah load;
6. You felt extremely privileged to take the M-ah-le-tee to work;
7. U wear a pony tail on the top of your head, with luminous green band/shirt to match;
8. You love to hang out in places like Mar-lee-na and See-tee hall stations;
9. You think green day is the American National Day and the Beatles is some kind of tropical bug.
10. YOUR NAME IS SOO-SEE TAN HUAY LIAN!!!
How the guide entries are arranged
All main entries are arranged in a single alphabetical listing including abbreviations, foreign words, and combining forms or prefixes. Each such entry consists of a paragraph, with a main, or core, word at the head of it in large bold type. Derived or related words, in smaller bold type, appear later in the paragraph in alphabetical order, with phrases included at the end. When a derived word is included within an entry, its meaning may be understood from the meaning of the headword or another derived word from the within paragraph. Copyrights reserved. Lyhshear Interactive © 1999
AIR-level by Victor Gan
literal : A-level lah
Even before Nike had Nike AIR, we had our AIR-levels.
eg. "I tell you ah, don't play play with me ok, I got AIR-level one.
Act Blur by Victor Gan
To pretend not to know something
eg. "Wah low, tomorrow got test, see peh chiah lat!"
"Har, tomorrow got test meh?" "Eh, Ah Seow, don't act blur lah, I know you finished studying already, right?"
Act Tough by C.K. Wu
To put on an inappropriate state of manly valour.
eg. Ah seow, don't know say you don't know lah- don't act tough. One day you kenna siong-siong than you know!
Ah Beng by Pang Siu Yuin
Used to be guys who go round wearing baggy trousers with a comb conspicuously in the back pocket, lots of gel in the hair...very "unclass?" behaviour
See also Ah Lian: Ah Beng's gerfland.
Ah Pui by Ghee Aun Wu
Meaning: A fat person
eg. Ah pui eh! can run faster or not, the bus going already lah!.
Alamak! by Spaceman Spiff
eg. Commentator: "He's going for the goal..past one..past two, only him and the goalkeeper left..he shoots! ALAMAK!! He missed! idiot man!"
Ayamby Raymond
Meaning: Malay word for chicken. Strangely it is used to denote inferiority or weakness. eg. All lee udder Intanasenal Airpod so AYAM, how to compare with ower lumber one airpod?
Balls Drop by C.K. Wu
To be very frightened. In such a severe state of apprehension that there is acute male organ prolapse resulting in a less than manly disposition.
eg. You know my boss that day KPKB and shout at me so loud make my balls drop only!
Bang Balls by Hang Yong
Meaning : to be frustrated
Blur by Pang Siu Yuin
Adjective usually describing a person who always does not know what is going on.eg. Ah Beng has been going out with Ah Lian for 3 days and everyone knows about it except Ah Kow so you say, "Ah Kow, why you so blur one? (Also see Sotong)
Bo Chup by Spaceman Spiff
Meaning: Don't give a rats ass
Literal: Don't Mix (?)
eg. Today got Accounting class? Ahh..Bo Chup lah, don't go!
Bo Ji by Kim
Meaning: No guts
eg. Go call her out lah! Bo ji ahh? Like that how?
Bo Leow by Spaceman Spiff
Meaning: Meaningless
Literal: No content (?)
eg. "I'm so sick of Ah Beng, he's always making a fool of himself, so Bo Leow!
Bo Hew by Raymond
Meaning: Similar to but not entirely synonymous to BO CHAP. Can be used together as a phrase for emphasis.
eg. Today ROD day, everybody really bo hew bo chap man!
Botak by Pang Siu Yuin
Bald or shaven head. synonym: durian head (used especially to describe military servicemen who have shaven their heads and have "spikes" instead of hair.
Buay Song By Tan Gim Lay
Meaning: Not happy, normally used to describe not happy with something or with someone. eg.He buay song you is it? or You buay song things are to be done like tha har?
Buay Tah Han by S.W
Meaning: State of intolerance
eg. "See his face only buay tah han, so arrogant."
Buayah by S.W.
Meaning: Crocodile (literally), womanizer
eg. "See, see, Ah Seng down there "buayahing" Ah Lian, see a-lady buay tah an, alway like tha one."
Can I hepch you ? by Terence Wee
The all-time classic query of 95% of Chinese-educated salesgirls working in Metro, Yaohan, Emporium Holdings, neighbourhood stores.... Actually only uttered by a few who happen to have lost interest in their engrossed private conversations with fellow salesgirls, or run out of things to avoid facing customers. The rest merely give you long, bored stares and carrying on with whatever they were doing.
Can or Not? by Ronald Seah
Meaning: Yes or No
eg. So how, lend me can or not?
Char Bor by Terence Wee
Meaning - Members of the Female Human species.
Variations : Xiao Char Bor - That crazy dame! Char Bor See Peh Swee - Man, check out that cool dudette!!
Cha Si Lang by S.W
Meaning: Utterly noisy
Literally: Even the dead (Si Lang) are disturbed by the noise. (could also mean frying the dead)
Cheena by Pang Siu Yuin
Used to describe person or object that is very "Chinese", usually derogatory. If a person's behaviour, dressing, attitude seems to be very decidedly old-fashioned, belonging to one's grandparents' or even parents' era, then the word cheena is used. eg. A samfoo blouse with big flower prints in gaudy colours that are definitely not-in-season (something you would expect the average Ah Soh to wear) can be considered to be cheena.
Chiat Lat by Ronald Seah
Literal: Eat Strength
Meaning: Problematic. Strength draining. Stress. Also refers to heavy workload.
eg. "Eh,Ah Beng, your work how?", "Wah lau, chiat lat man, no time to lelax!"
Variations: "Chin" Chiat Lat meaning "Very" problematic. Often used before "Die,die"--eg. "So how, he doe wan to len?" "Chin chiat lat man, die, die, sure die one!"
Chiak Chua by C.K. Wu
Syn: "eat snake", skive
To escape from one's dutiful task or job.Prevalent in army usage as in the avoidance of unpopular jobs like area cleaning.
eg. Ahhh! Ah Beng, don't say I don't tell you hah. If I catch you Chiak Chua again you sure kenna extra duty from me already.
Chim by Pang Siu Yuin
(adjective) means something that is difficult to understand because of its complexity. It may also be used to describe a word that is long and not used frequently. It may be ununderstandable or simply more complex than usual (remember that the average S'porean is really a simpleton at heart and mind...:)) Usually when confronted with something that appears to be more complex than 1+1, the S'porean would exclaim, "Why so CHIM one?" even before s/he begins to read or think about the "something". So in effect, the word "chim" can be used to describe words that are used in a difficult context too. Oh...this is just too chim for me to explain...;) there is another word derived from "chim" which is chiminology (not sure about the spelling, not even sure if it should be chimology)...anyway, chiminology sounds more "chim"...:) Example: "Why he always use chiminology?" meaning why are his usage of words always so chim?
Chim by Lau Peet Meng
literally : very deep
Often used to say you dun understand the other party, and you dun intend to listen to his/her twenty-hour speech about why Shakespeare is like an emasculated Tang poet.
eg. "eh! You very chim you know! Let's talk about that hot hot girl from MGS instead!"
Chim by Sheralyn Woon
A term used mainly for un-understandable things depending on context...I really love using that word in the most sarcastic context possible. People can't do anything for a rebut 'cos they aren't sure.
Chin Chye by Dr. W.H. Watt
Meaning: No special preference
Example: "Do you want to eat Kentucky or MacDonald?" "Chin Chye."
Chinese helicopter by Victor Gan
Meaning : Chinese educated
Rumour has it that a recruit was trying to explain to his officer that he was Chinese educated. The officer, being a bit blur, put down Chinese helicopter.
Chinese helicopter by Victor Gan
Meaning : Chinese educated
Chio by Kim
Adjective of Chio bu. See also Chio bu
Meaning: To describe a pretty ger
Eg: "His gerflan bery chio leh! I oso wan to knoe her!"
Chio Bu by Kim
Noun of Chio. See also Chio
Meaning : Beautiful ger
Eg: "Wah piang! Your gerflan is a real chio bu ah!"
Colour Water by James Seah
Meaning : Arrogant, boastful
(This guy really damn colour water. Rolex watch must also wear outside his long-sleeve shirt)
Da Jia Qu Mai Ya
Translation: Everybody go buy duck
Meaning: `Takashimaya' in Chinese and is a name of a shopping centre in Orchard
Go Stun by Shen
Translation: to reverse (frequently used by automobile drivers)
eg. Ahhh, you go stun first, then you can pak over there lor...
Humtum By Giles Sing
Definition: To hit something or someone by the use of one's hand or an object.
eg. "You better listen to me ok? If not I humtum you, understand!" or if anyone remember the game of humtum bola? A game which has almost disappeared from the scenes of the primary schools in Singapore. The object of the game is to throw a ball at someone running all over the place hoping to hit the target. Usually, a small ball is used, but the occasional Pong-Pong fruit will do.
Heng by Raymond
Meaning: Hokkien for good luck or good fortune.
eg. That day I very HENG you know; the mata never see me speed the red light.
Hiao by S.W.
Meaning: Vain
eg. "Ah Lian jin hiao, make-up always so thick, like pan-cake"
Hup Ply by Dr. W.H. Watt
Meaning: Half-price
eg. "Aiyoh! I forgot my bus pass and cannot get hup ply"
Inggrish by Terence Wee
Meaning - English
eg. "Wah ! The Inggrish test so dee-fee-kurt one, sure fail. Why dowan to give us students pass, leh? Must make us study so cham. Feddup."
Jia Chua by S.W.
Meaning: Eat snake (literally), lazy
eg. "Ah Beng, Jia Chua ah!! tan hor, Boss come then you die."
Kah Nah Sai by Tang
Meaning : to be hard done by or have bad luck happening to one.
eg. Wah lao, today I went to school and met this Headmaster, kah nah sai man!
Kaypoh by Sheralyn Woon
English equivalent: Busybody.
Term of endearment/irritation/scarcasm depending on who you use it on.
eg. After a long trying day in ECA, Ah Beng's gerfland still asking him what he has been doing all day. Usual response from our little 5" 7' footballer would be:" Why you so KAYPOH?" Endearment/irritation/sarcasm? Right! Irritation! But he will soon have to convince her it was endearment if he still wants her as his GERFLAND.
Keen Keen by Ghee Aun Wu
Meaning: "Fast" "Fast"
eg. Keen lah!, Beh-Tahan liao lah I need to go to the loo, now!
Kenna or ken-nah by Spaceman Spiff
Meaning: Received, Obtained, Get (not meant to be good)
Literal: Look at meaning
eg. Look at your pants man! So dirty, go home sure kenna scolding from mother.
Kenna ketok by Raymond
Meaning: Being had or tricked; usually used in context of buying overpriced goods or services. eg. Those tourist like kambing like that, kenna ketok by that taxi driver still don't know...
Kiasee by Victor Gan
Mr Kiasu's cousin in the Kiasu comic strip
Meaning : Afraid to die
eg. "Seow eh, tomorrow want to go fishing or not?" "See first lah, I scared tomorrow will rain." "Why you so kiasee one?"
Kia Si Lang by S.W
Meaning: Utterly frightened
Literally: Even the dead (Si Lang) are frightened.
eg. "Hey, don't like that scare people leh, kia si lang ay leh."
Kiasu by Victor Gan
Literal : Afraid to lose
Typical traits of a kiasu:
1.Everything also must grab
2.Must chope seat when you go everywhere
3.Anything that is free must get
4.Must be number 1 in everything
Kiam Chye by Pang Siu Yuin
Dialect for pickled green vegetables. Kiam Chye is saltish, dark green and kind of soggy. Term used to describe papers or books that have been badly crumbled, mistreated, and generally in a bad condition (eg. books with doggy ears).
eg. If you say to your classmate "Wah, your textbook become kiam chye already.", you invaribly mean to be sarcastic implying that s/he has studied very hard and used the textbook a lot. Teacher telling the class, "I don't want any assignments late or on kiam chye ok?" Meaning no late assignments on crumbled sheets of paper.
Kiam Pah by Lau Peet Meng
literally : owe a fight.
Gangster-speak for picking a fight. Often following a list of other swear words about the other party's mother to incite anger. Otherwise used for `friendly' bullying of a wimp (a.k.a. anyone who likes Dick Lee). eg. "F**k You! You KNN! Never do homework for me right? Kiam pah?!!"
Kin Jio Kia by Ah Tong
Literal : Banana Kid
Mostly referring to chinese who has very serious identity crisis. They usually think they are either european or american, definitely NOT chinese. Most of them consider themselves to be of higher class than the average people, and certainly enjoy labelling those with low educations as Bengs and Lians. The truly amazing ones are those who attain American or British accents without actually living in those countries. See also WOG (Western Oriented Gentleman)
Koon by S.C
Meaning: sleep (pp kooning)
eg. I am so sian, I need to koon. Don't disturb me when I'm kooning...
Kopi Tiam by Pang Siu Yuin
For the those who are still blur about what a Kopi Tiam is, it translates to Coffee Shop. Kopi is dialect for coffee and Tiam means shop. A more higher class kopi tiam would be called a Cafe.
Lah by Victor Gan
I don't know how to explain this lah!
How to use the 'lah' : Come on, lah, don't like this lah! Go home lah! Steady lah! Cannot lah! Tomorrow I got test lah!
Lay Leo by Dr W.H. Watt
Meaning: Radio
Example: "You got listen to Lay Leo or not?"
(Translation: Did you listen to the radio?)
Lolex by Terence Wee
Meaning - Rolex, the dream watch of Ah Bengs
eg. "If I got ma-nee, I wan to buy a Lollex, man. You know, Lollex not cheap one, must pay a lot of ma-nee. When I ged one, sure got a lot of char bor very interested in me, heh-heh
Lolls Loys by Terence Wee
Meaning - Rolls Royce, the preferred dream car of discerning Ah Bengs who have made it in life
Looksee by S.W
Meaning: Same as "take a look"
eg. "Ah Mei, you know hor, there's a sale in Metro laeh, go and looksee, looksee lah."
Loseface by S.W
Meaning: To be embarrassed
eg. "Ah Beng, afturds hor, don say anything bad hor, my girlflend is here, don't make me loseface lah."
Mai Tu Liao! By GodKnowsWho?
Meaning : Don't waste time.
eg. At a buffet lunch, a group of soldiers who had just booked out of camp were shown to a table. One of them say, Mai Tu Liao, attack the food!
Mana oo eng? by Timothy Tan
Where got time?
Too preoccupied with other things to chap.
eg. see cartoon? mana oo eng?
Maybe lor by Lau Peet Meng
A polite way for a girl to tell a guy she thinks he is very ugly, and does not want to be seen with him when he asks her out for a date at the latest air-con Hawker Centre in Woodlands. eg. "errrr... dunno whether mother allow or not. Maybe lor..."
Obiang by Raymond (Pronounced AWE- BIANG)
Meaning: Exquisite example of a Singlish word. No known English equivalent
Root word unknown. Approximate meaning is "outlandishly inappropriate"; out of place.
eg. Aiyoh! Ah Beng you go party wear clothes so Obaing, where got girls come and tackle you. Must wear like me so stylo mylo lah! Beh heow aye!
Onney by Ming
Meaning: only
Orleng Tzu by Ian Heng
Known in English as Orange Juice. Modern and affluent, Ah Bengs and Ah Lians are nowadays well dressed (including Versace), in-line with Singapore's spectacular economic growth. Sometimes, it is difficult to discern them from the crowd, especially the stunning Ah Lians. However, the give-away is when they order Orleng Tzu from the waiter/bartender.
Pai say by Victor Gan
Meaning : Shy, embarassing
"Wah the teacher always pick me in front of the whole class, damn pai say lah."
Pun chan by Victor Gan
Meaning : To give a chance
eg. Ok lah, see you small, pun chan you, let you go first.
Relak by Victor Gan
Meaning: relax
eg. "Oi Mat, relak lah. Why so uptight for what?"
Sabo by Grace Lim
Short for 'Sabotage' (?) (1) intentional usu. secretly carried-out damage to machines, buildings, etc., esp to to weaken a business or a country in wartime.
(2) intentional indirect or secret action to prevent or ruin a plan.
Meaning of 'Sabo' according to a typical S'porean:
Something like the meaning of 'Sabotage' given above. Still an 'intentional indirect or secret action', but usually refer to tricks or practical jokes played on someone. I think can also mean kenna 'betrayed', or 'played out', especially by friends. Usage: "Alamak! Today's my birthday! Better be careful. Otherwise sure kenna sabo-ed later." / "Why you tell teacher I cheat in test?!? Wanto sabo me is it?!?"
Sai Yang by S.W
Meaning: An expression, "What a waste!"
eg. "Closing date over a-lady-lah, jin sai yang!"
Skarly by Francis Chen
Short form for 'Suddenly'
"I was about to make a right turn. Skarly this car appears from nowhere and nearly langah me!"
See First by Victor Gan
To adopt a wait-and-see attitude, delaying any decision-making till the last minute.
eg. "Oi, tomorrow want to go chalet or not?" "See first, lah" "Wah low, you really want to go or not?" "Wait, see first, if Ai Swee go, I go"
Often used to see how many people are going to an event before making a commitment. Typical of KS S'poreans. If no one go, I am not going too.
See No Touch by Pang Siu Yuin
Literally means the object is only for viewing and touching is strictly disallowed. Usually sed abruptly to tell others to KEEP YOUR PAWS TO YOURSELF.
Seow Eh by Victor Gan
Term used to address any close friend or platoon mate in NS
Literal meaning : crazy one eg. "Seow eh, ho seh bo?" (How's it going?) "Like dat lah, damn sian"
Shack by Victor Gan
Meaning : Tired
eg. "Wah low, after the midnight show last night, this morning wake up damn shack man!"
Shiok by S.W.
Meaning: Feeling good
eg. "After exam lealy shiok, don have to study anymore."
Sian by Pang Siu Yuin
When you say, "I am very sian", it means that you are very bored. For extra emphasis, the phrase "you got nothing better to do is it" could be used together too. eg. "Why you very sian, got nothing better to do izzit, read this kind of trash?"
Sian by S.C
Meaning: very tired, sleepy
eg. Ah Beng: last night midnight show very good, did you see or not? Ah Kow: ya lor, that's why now so sian.
Siong by Dr W.H. Watt
alternative spelling: Xiong
Meaning: difficult, tough-going, hard
eg. The Financial Management paper is very siong.
Sotong by Pang Siu Yuin
Always dunno what is going on. Sotong is the malay word for octopus. When octopus squirts ink, everything is blurred and then dunno what is going on.
Steady Lah! or Steady Errn? by Ronald Seah
Meaning: Well done! or Isn't it cool?
eg. "Wah, steady lah, you did very well" or "How, you like my new car or not, steady errn?"
Stylo Milo by Ronald Seah
Meaning: Stylish
eg. Wah, you wear like that, very stylo milo maann.
Also refers to an action, the way something is done or a problem is solved.
eg. Wah, Ah Beng, you do ly dat very stylo milo one man.
Sua Ku by Victor Gan
Literal Meaning : Mountain turtle Country bumpkin
eg. "Wah lau, Ah Seng, you are from Bukit Timah Hill one har, so sua ku, Marina Square also don't know where?"
Suan by Spaceman Spiff
Meaning: Insult, Mock, Scoff, Sneer (& more)
Literal: Look at meaning
eg. Everytime I say something, they always Suan me! Why they so ly dat?
Suay by S.W
Meaning: Down on one's luck
eg. "Jin suay leh, how come the teacher has to pick me."
Sup Sup Shui by James Seah
Meaning : No big deal
eg. 1000 bucks huh, aiyah sup sup shui lah!
Tahan or tah-han by Spaceman Spiff
Meaning: Endure
Literal: Look at meaning
eg. One of these days, I cannot tahan dat buggers face, I'll whack him up man!
Tan Ku by Mooksen
Literal : wait forever
Meaning : Too good to be true
eg. "What! One shirt one dollar only? You tan ku, where got such thing one."
Tekan by C.K. Wu
Literally "to hit" in Malay
Can be used in Singlish to denote being attacked unfairly or being used as a scapegoat
eg. Wah! My koplal very siong man! Never pun-chan me. Always like to TEKAN me for small-small thing one. wait one day I sure sabo him back.
Tok Kok by Ming
Meaning: talking rubbish
eg. aiyah, you dun tok kok lah, I know you boosheet onney.
Tok Kong by M.S.
Meaning : Special, Unique
eg. "Ah Seng very the Tok Kong, he can swim and smoke at the same time one."
Velly velly bisee by Ming
Meaning : swamped with unwanted work, generally unavailable to be disturbed for any reason
eg. mai chup lah! I velly velly bisee!!!
Wah Lau by Pang Siu Yuin
Also spelt Wah Liow! (for more emphasis). Exclamation for disbelief or mock belief or hard-to-belief. Singlish equivalent of "Oh really?!?!".
Wah Liao! by Sheralyn Woon
Generic term used to spice up punctuation of the language of the average speechless Singaporean, rendered by either being out Kiasued, out smarted or just being polite since it can be used in many tones of exclamations, usually left to the discretion of the user.
Xiam by Ming
Meaning: get lost, leave me alone
eg. xiam, xiam, xiam! Get in my way onney!
Ya Ya by Ronald Seah
Meaning: Boastful
eg. Wah, he so ya ya one.
Yandao by Kim
Meaning: Handsome or smart looking
eg. "Wah, he's so yandao! Sure got many gers one..."
Yau Gui by Victor Gan
Literal Meaning : Hungry Ghost
eg. "Wah low, that fella eat buffet damn yau gui one, everyone also grab, I go with him also pai say lah!"
Zao Keng by Kim
Literal Meaning: Delibrate or unintentional exposal of assets
Often used to describe gers who wear too little
eg. "Aiyoh! Ah huay's skirt so short! Zao Keng liao lar!"
Zuo Bo by Q.N.
Literal Meaning: Do nothing
eg. "Today no lessen leh! What to do?" "Zuo bo lor!!"
| A | B | C | D | G | H | I | J | K | L | M | O | P | R | S | T | V | W | X | Y | Z |
Special thanks to all those who have contributed... If you have discovered any other newer terms, please inform me... Thanks!
I've noticed one thing though, in all this endeavor : the more "touchy" the system was, the greater the resistance to change to a better and more reliable open source alternative.
Than I started asking why ?
Let me point out some reasons behind this, which of course most of you already know:
- Open source projects don't send out nice brochures telling how great the product is
- Since there is almost no advertising (what ?! do you expect square headed managers to read slashdot ?! they barely can read !
:), there's little info about what a product can and cannot do. Of course, you can always ask that geek down the hall that seems to know them all, but how much can you trust a guy without social life ?
- We don't know if the new open source app will preserve/convert the data from the old app. I wanna be honest and say most of the time open source apps regard themselves as being the only apps out there (scratching someone's itch - ESR might say) and provide little feature to import existing data
- But the number one reason behind not accepting open source replacement of sensitive software is the fact that there is no one to blame
The latest reason applies to both managers and sysadmins or whomever is in charge of getting things done.Pointing fingers is big business when things go wrong. Commercial app means that you have someone to call almost 24-7, someone to swear at and still be nice (you paid them a shitload of money to do so). If things break, sysadmins can always say: it was that creepy product's fault.
But that is one thing you cannot do to open source. First of all, you paid nothing. The creator lets you use the software because he's a nice guy. If the system crashes, the managers will point fingers at the sysadmin: you're the one going with this solution - you fix it!.
Now security is probably one of the most sensitive and touchy part of an organization. Yes open source security software works better, yes it provides you more options, no it won't send your secret data neither to NSA nor FBI, no it's not hard to setup up neither to maintain, and no, microsoft didn't invent it. But, sometimes it may screw things up. And when that happens, the first question on everybody's minds is:
Whom do we point fingers at?
__________
Don't belong. Never join. Think for yourself. Peace!
Akamai Technologies uses Linux in a BIG way across its network of over 11,000 servers. NASA uses it, JPL, Lawrence Livermore (sp?), and the list goes on. With Linux comes free apps. like NetSaint, Snort, iptraf, etc., etc. How does one track the usage of free software when there is no registration/licensing required? One can't, so one may never know to what extent free software has consumed the enterprise unless the companies using it give out real numbers. Many companies don't, and some can't because they just don't keep track of it.
Rohan
The article mentioned that Guardent will sell their appliance for "$1,500 a pop" and that their solution "relies solely on open-source programs to protect customers".Your article
Although the Guardent site specifies:
- "For a low MONTHLY FEE of $1,500, organizations get complete 24x7 managed security protection for any Internet-facing network segment."
- "...with Guardent's PROPRIETARY event correlation, reporting and alerting capabilities"
I loves "experts" that dont know what they are talking about.
many of the biggest corperations regulary trust open source tools, espically snort and the others for security.
they dont run around screaming "we use snort! we use snort!"
I know at the corperation that owns my soul we have a clause in the new computer and security policy that free tools are to be sought out and used before money is spent on software.
Yes, they dont have a "linux and oss is evil" clause.... even with Microsoft being one of our major "investors".
Do not look at laser with remaining good eye.
while it is expensive to audit code, I'd really doubt that microsoft or a few other closed source platforms would even be willing to give up the code to the government for auditing in the first place. Secondly while it may be expensive for the audit we could look at the expense differently and think of how much we are saving by preventing problems and hacks before they happen. Repairing a compromised system I would guess is no small job at that level and Think of all the money lost because of compromised information.
Because OpenBSD's connection state tracker with ipfilter isn't as good as iptables.
Dont get me wrong, I like the syntax of ipf more, but I hate every minute of being behind my firewall when it was openbsd.
This may or may not have played a role in their choices. Maybe they just "know" Linux so they used Linux, or maybe they've evaluated their options and choose it for some other reason.
You should ask them.
One is that OSS focusses much more on technical prowess than on anything resembling a workable UI. For the true geek, no more than a command line is necessary for a UI. However, in the "real world" a user will not even consider touching the best software around if his only UI is a command line or a bad looking bunch of poorly designed widgets. It matters. Perhaps more than it should, but it is the reality. If functionality is (for the user) more or less comparable, the sleeker look will win. >/i>
this is true for the flighty home user. this is not true by any means for business or corperate.
all of my users have 5 vertical apps that are ugly as sin and are hardwer to use than a command prompt. (Imagine clicking in the password field to type your name and then having to backspace to erase the spaces that are there from the idiot programmer. or a UI that constantly scrambles data display or crashes the system.
why? because we HAVE NO CHOICE. there are 2 vendors for this type of app, they both suck. One still tries to use an access database for 300 people to access, and the one we use at least uses SQL for the database.
these aren't crap apps, they are mission critical, if the app goes away we die a horrible miserable death called "the money stopped flowing".
so companies put up with super horrible UI's all the time. I installed a Linux box for their web-surfing in the sales land for on the cable modem(to save on bandwidth to corperate and then to the internet) and I have had at least 50 comments that KDE looks and feels so much nicer than windows does, and our apps do.
so your argument is true for the 10% that buys the high dollar apps for home. the other 90% dont care at all how it looks, just how it works.
Do not look at laser with remaining good eye.
SecureWorks has been selling their iSensor product for some time now. It is also based on OpenSource Software using Snort and IPChains. The product comes with monitoring and constant signature updates for the IDS functionality, so that could be seen as the "value-add" for buying what is basically a bunch of free software in a PC box.
OpenBSD doesn't have IPFilter anymore. Theo is such an ass that they were pretty much forbidden from using it after they misunderstood the license it was under. Now they're pulling a GPL and reinventing the wheel with "pf". "pf" of course stands for "Pretty Fucked", a summary of the entire OpenBSD project and Theo's mental capacity.
The argument is that open source software is obviously superior despite it's relatively narrow field of application. Furthermore, the argument that in a major application of open source software, it's government bureaucracy that causes open source software to not live up to its full potential. Does it strike anyone else odd that something can be superior in the corporate environment if it becomes inferior whenever asinine, constrictive policy is in play? I mean, to divest corporations of the same qualities the NSA must endure would be to revolutionize business. Essentially, for open source software to be embraced you're going to need to change the world.
with few, if any of them, actually auditing the code for security holes before installing it to protect their mission-critical data.
In my 20 years of experience as a systems programmer, I am well-versed in the idea that it is much easier to throw out the existing code base and start from scratch rather than wasting time on trying to fix horribly flawed or poorly documented code that can be millions of lines long. Therefore, it should not come as much of a surprise that the security-conscious agencies in the federal government (CIA, NSA, DIA, Dept. of Commerce, etc.) largely write their own software inhouse rather than rely on fixing up something like Linux and hoping that they caught all the bugs. I mean, really folks, let's face it: Linux was designed by many people in a chaotic manner, and rarely were the features implemented with security at the top of their priorities.
So while it is all well and good that Guardent is trying to sell free software to enterprise customers, I can certainly see why major corporations would be hesitant to trust their security to messy open source software. Besides the fact that most of the biggest customers of closed source software vendors get to see the sourcecode for review anyway, because they are paying so much money for support, etc.
Is your company running tools written by ma
I've been working on a similar box for my employer. We're a small shop (3 developers, 3 techs) and we leverage Free software to help us compete with the big boys.
I'd be surprised if a lot of smaller, clued shops aren't doing the same thing. How else can you compete with big guys like IBM who can throw a billion people at a problem? And before you ask, yes we have given code to the community, and yes we provide source code to our customers...
Guardent's choice to go with this open source solution has nothing to do with some epiphany that open source is better or more secure. It's about "the bottom line". Guardent's main marketing focus is MSS (managed security services). Because their standard bill rates are higher than most InfoSec consulting firms, the only way to compete in the market was to lower the cost of their managed IDS/firewall offering by using open source products.
Using the IDS portion of this for corporate networks is fine. But IPTables is NOT a firewall I would recommend to any major corporation.
An earlier post suggested Guardent should contribute to the development efforts, since they plan to make some profit off of it. That won't happen, because it cuts into "the bottom line". I have inside info on this, so I know.
"Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free software, the need for an expensive government audit prevents the government from saving money and improving security."
I tend to agree that Free/Open security software is better. But one thing you should remember is that it's freeness is just the problem preventing the government from using it.
If the government spends money on software from company x, should it get hacked etc.., company x can be held responsible. It's "their" software.
If the government use free alternatives, granted they are probably more secure, but if they get hacked too, who's gonna take the blame? Certainly not the people who wrote/contributed to the software. After all, you get what you pay for right?
Taking on free/open software makes it the government's responsiblity to check/maintain it's security and if anything goes wrong, they take the wrap themselves instead of company x.
Besides financial implications, it's a whole lot of work to take on so I can see the logic in their choice.
My life is one big siesta in which I'm dreaming I wished my life was one big siesta.
NetWolves' FoxBox/WolfPac is really a rackmount PC running FreeBSD. The front end and "glue" is proprietary and there's licensed software in it, but most of the heavy lifting in the services it provides--firewall, VPN, file sharing, etc.--is done by free software. And it offers intrusion detection being run by Snort.
I'm sure there are other little companies doing similar things--this is just leveraging open source IDS software in "turnkey appliances" the same way it's been leveraged for other services. eSoft's Instagate Firewall/VPN product is Linux-based, and every Slashdot reader knows Sun Cobalt....
OpenBSD has a fantastic reputation for security. However, there are several side notes that probably pushed linux over the top.
1) LIDS. If they're using a 2.4 kernel, they can do LOTS of nice security things, like striping root of lots of it's dangerous abilities. Less danger if root is cracked. I don't know if LIDS is in use, but it probably should be.
2) Your 'better firewall and nat features, syntax' is highly debatable. As somone else pointed out, IPTables stateful inspection is far ahead of either ipfilter or pf. And your syntax comment is nothing more than a personal preference.
3) I don't like this reason much, but 'Linux' is much more widely recognised in the business world than 'OpenBSD'. When you come down to it, you have to be able to market this thing. Is this the way it should be? No. But it is, and we have to deal with it.
Zapman
Another company that uses a very similar if not nearly identical solution is Secureworks. They've been around longer than Guardnet, though obviously their marketing isn't great as I've only seen them a few places...
Because OpenBSD's connection state tracker with ipfilter isn't as good as iptables.
Dont get me wrong, I like the syntax of ipf more, but I hate every minute of being behind my firewall when it was openbsd.
I cant comment on ipf or pf, but I do agree that iptables is a huge jump in firewall ability for linux.
I was behind an ipchains firewall, and I had tried every trick in the book, but there was no way to get 2 people an my subnet to play each other over battlenet. Plus my firewall script was a huge mess, hard to maintain. And the automatic IPchains load/restore didnt save port-forward settings properly- so I had to hook in another shell script to kick it off.
With a 2.4 kernel upgrade and iptables, my firewall does more, anyone can play starcraft even vs each other, it restores after power failure automatically with no initscript hacking, and the shell script to kick it off it simple and easy to understand.
So I like iptables.
Read Guardent's description of the service that they are offering. In particular, pay attention to the parts where they say that they monitor the system for you, and that they provide you with a nice summary of what it's doing.
But I typically poke around at least a little bit in any application I run to see if it's doing what it says. That's also why I run Microsoft products behind restrictive ACLs -- I can't see what they're trying to pull by looking at the code, so I am forced to explicitly restrict those bastards.
What can I say, I like to make sure my installation works before I hang my job security on it. I'm astounded that more people don't. Then again, I worked with grumpy old bastards like you and discovered that they were the ones whose installations stayed up and didn't get hacked. Must have made an impression...
At IBM, long before the Linux jihad started, I was told to use free software but audit the code and license first. That's what I've been doing ever since, although I don't work at IBM anymore, and haven't for years.
Remember that what's inside of you doesn't matter because nobody can see it.
I had even toyed with the idea of writing my own web interface, pretty blinky lights on the box itself, etc. and selling these things myself.
I really don't think end-users have any need to configure a network security product. People who do need to set these up judge them based on their maintainability, configurability, and suitability to task.
Believe it or not, in many cases a CLI interface is MUCH easier to deal with than a GUI. In addition, most GUI's for security products are simply pretty interfaces to the text-based back ends, and may or may not be up to date with all of the capabilities of the CLI tools (always developed first). The GUI can, and will, screw things up (trust me on this...I used to test and certifiy commercial firewall/vpn products for a living, and have seen every interface under the sun and can name some very big well-known companies whose GUI would totally hose the firewall/VPN config under certain conditions, but the CLI tools would work just fine)
The GUI adds tons of complexity to the programmer's job, just for an INTERFACE! This time can be much better spent on writing and improving the tool itself. Why do you think so many linux GUI tools are simply interfaces to existing text tools? The guys writing the actual TOOL spend their time on that, and somebody else decides to write a different interface to it. No problems there.
So basically Marty Roesch now gets absolutely nothing for all his work and Guardent gets $1500 a month. No wonder his little enterprise at Sourcefire.com is having trouble. He's doing all this work for free and other companies come in and take the hard work and resell it because they have huge budgets. So, as usual, Eric Raymond's "Let's give it away and sell services around it!" business theory and Stallman's "Screw capitalism" business theory proves wrong yet again. And the reason people listen to these two who've never run a business before is???? Roesch needs to somehow dump the GNU and move to a license that forbids commercial resell without licensing. He's going to keep getting abused by everyone until he does.
Signed - A fellow open source software developer who doesn't drink the Raymond/Stallman Kool-Aid.
Is there really a good use for IDS systems other than to fill-up harddrives? We just spent six week reviewing six different ones, including Snort. Every single one of them had a tremendous number of false positives. Snort logged about 400K worth of "problems" per hour. It was completely useless, because how are you going to go through all of that garbage? As long as IDS's try to justify their existance by creating fantasy "break-in attempts," I'm not going to be a believer in them.
Snort is really nice, but I've had problems with it. First of all, if you have it listening on a dial-up and the dial-up goes down, so does snort. Now that's not a big problem, but it makes me wonder about the internal design. An IDS shouldn't quit on it's own, for any reason.
Second, on an RH7.0 machine, snort quits randomly for no apparant reason, and with no diagnostic message. I don't know if that's my fault, or what, it must be since nobody else seems to complain about it. But an IDS shouldn't quit on it's own.
Third, I was making some changes to the code and noticed some sloppy coding, including diagnostic messages not terminated by nulls, and convoluted string-matching code that would match some bytes twice. Again not a big deal, but when you see something like that, you start to wonder what else might be flakey. Will it miss something in a string someplace else?
Fourth, I sent patches for some of this to the authors, for instance rewriting the string matching code down to a few clear lines, and was ignored. After a few new versions came and went I gave up on my patches.
So hopefully this new commercial support will help get Snort cleaned up. But I for one will be very suspicious of using Snort for more than a home LAN. Probably what it needs is a ground-up re-write along the lines of BIND9.
I hate to criticize open-source software, especially something as useful as Snort (I do use it regularly). But when it comes to security stuff, code should be bulletproof and clean.
Protectix has also been doing this for some time now. Why is this big news?
I'm sorry, but Guardent are only one single company. However, the employees of Guardent is all individuals.
The use of plural verbs with collective nouns when talking about the actions of the whole group ranks right up there with using the word virii as the most pretentious grammatical annoyance one can find. It's not a matter of national importance or anything, just a pet peeve.
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
What it really means is, it has already been audited by more people than a closed source product would have been.
Besides, if you can show anyone, all the plans to your most secure lock in the world, and they still can't break it, i'd say that's amazing.
-------
"don't smoke, don't drink, don't fuck
at least i can fucking think"
Minor Threat
Is that Guardent is "selling" this box (well that, and the fact that they're calling it "breakthrough"). Tell you what, I'm going to go build the same box and monitor it from my house for 1000$ a month. God Bless Capitalism!
And I'm still trying to figure out what they're offering that other *pureplay* MSSP shops (Guardent has it's hand in everything) aren't doing. The cost isn't drastically different, and I know there are better technology shops (Guardent ditched all of it's good talent a long time ago) out there in that space that have been doing this for alot longer.
We
the
people
of
the
United
prison
states
of
America
hereby
claim
that
we
are
murderous
bastards
who
deserve
to
die.
We
suck
salty
donkey
balls
in
your
wet
ready
mouth
how
you
love
the
taste.
Deer
before
my
headlights
watch
it
wriggle
and
die.
We
the
people
of
the
United
prison
states
of
America
hereby
claim
that
we
are
murderous
bastards
who
deserve
to
die.
We
suck
salty
We
suck
salty
donkey
balls
in
your
wet
ready
mouth
how
you
love
the
taste.
I was a longtime sr. security architect at a NSP with security services ranked highly by Gartner. One thing I know from interaction with hundreds of customers is that they are interested in your assurances far more than the products you use. We had occasion from time to time to shift vendors, and the customers did follow. There are plus and minus points to everything. The real market isn't for an appliance, but for services sold month-to-month or year-by-year which implement traditional security methods (firewalling, vuln. analysis, IDS, etc) using free software. Instead of saying, "trust this software", you simply say, "We use best-of-breed tools" and you use YOUR reputation to back them.
This isn't all that common yet, although nessus is making a lot of headway being used commercially. It will be more common, though, if the OSS alternatives remain ahead of the curve in development (and eventually probably get funding).
I work for MontaVista Software, a vendor providing a Linux distribution tailored for embedded system use and development. We do a lot of patches both to the kernel and included software, and push back every one we can. Why? Because the development costs of maintaining our own tree separate from the primary tree for each application we include are just way too high. Folks who don't contribute back, thus, are just shooting themselves in the foot by failing to take full advantage of the open source model.
Having commercial users, then, lends itself to having patches, bug reports and the like provided; monetary donations, while nice, hardly strike me as so necessary. Most heavy commercial users of open source also hire at least one heavy developer to the projects they use; paying these folks' salaries certainly should count as financial contribution towards the project.
What I'm saying here is that just as a result of use, any commercial user of open source savvy enough to take full advantage of the development model (by having the community maintain a unified tree, having their own paid developers contribute so their customers get the features they need, &c) is providing all the benefit to the community they should be obligated to provide. There certainly should be no guilt trip for them to give back even more. Any vendor not savvy enough to take advantage of the model is just shooting themselves in the foot and should be urged to contribute to the community for reasons of self-interest rather than goodwill -- this sort of reasoning is much more likely to succeed.
I work in a .gov installation where security is taken quite seriously.
Seriously: both from the standpoint that what data we have could be considered valuable in certain quarters, and from the additional expected standpoint that any publicized breach of our security would be embarrassing, require explanations, jeopardize future funding, etc.
Anyone else working in .gov land knows that publicly wiping egg from face is to be avoided at any cost.
That being said, we use multiple network scanning and IDS tools.
SNORT is one of the tools we have come to rely on.
My personal horror story was a time when the boss at a car dealership I do some work for thought that our spare drives for the RAID5 array had been stolen. He asked to see what the existing drives looked like; I popped one out of the array, showed it to him, put it back in and ran raidhotadd. The system reconstructed the drive's contents and all was well -- until about 1:00 am or so, when a cron job tried to access the /boot partition and OOPS'd the box.
/boot partition), rather than just the partition in the array. Not so bad -- a boot partition ain't so hard to reproduce. But then in recovery, I screwed over another one of the drives (don't ask). The dealership spent five hours without any data entry, form printing, nada (everything was run off this one server) until I finally got the system restored off of backup (and then the last day's data needed to be reentered).
I'd raidhotadded the whole drive (which happened to be the one containing the
The funny thing is that when I explained what had happened, The Boss wasn't half as upset with me as I was with myself -- indeed, he seemed to accept the occasional mishap as a cost of doing business. Thus, I can certainly vouch for honesty as the best policy.
Any place where management cares more about finger-pointing than getting the system back up is somewhere I don't want to work.
Having said this, it is quite understandable that americans would adopt this incorrect usage in their own speech after hearing it form british speakers, because the average brit is far better spoken than the average american. Whenever I travel to the U.K. I enjoy the eloquence of the british people, but the fact remains that british english and american english are not the same.
Remote root exploits. I find this to be an extremely important feature in choosing a platform for a firewall product.
Warning...
heh heh ~~ Cruz2001
Karma: pi (Mostly due to circular reasoning in posts).
WTF is that?
...to the NSA Secure Linux project.
/., yes it's open source, yes you can read about it on www.nsa.gov)
Bob-
(Yes, it's been written up on
The Ludwig von Mises Institute. The reasoning individuals economics