I used to work for the company that sets up and maintains the AT&T wifi hotspot locations. They will be 'upgrading' to an AT&T DSL connection, Netopia CPE, and a Linux router to do the actual serving of welcome pages and network management.
I'd rather get called @ 5 AM to fix a problem, implying I still have a job, then getting canned for low productivity for spending too much time configuring kernels for servers when the stock kernel on most enterprise-level distributions work just fine 99.9% of the time. It's hard to justify to PHBs why it took the equivalent amount of time setting up 1 server as it would 3.
So which `make menuconfig' option needs to be disabled to effectively eliminate this vulnerability? In `Device Drivers->Virtualization', I have nothinng selected in my running kernel's config, yet it's still vulnerable when I run the exploit. From what I gathered by googling, you want to disable the CONFIG_MMU kernel option, but instead of doing it via editing the.config file, I'd rather do it in `make menuconfig' so that takes care of anything that may be depending on that option as well.
Agreed. I'm a sysadmin who "blindly uses what the vendors [RHEL and CentOS] ship", not because I don't know how to recompile a kernel, but because sitting around and compiling a customized kernel for every server we have would be a complete waste of time.
Mind you this is at a university so I was dealing with a young crowd which is commonly thought of to be more tech savy. Clearly, you havn't been exposed to any of this fine literature.
Is abstinence really that difficult? I guess it's about as difficult for the average person as you having the opportunity to turn down someone's sexual advances.
I managed to troubleshoot all other possible causes of this issue, and it was my conclusion (speaking as a competent IT administrator) that this could only be occurring due to direct action at the ISP (Comcast) level.' It seems like to me that a 'competent IT administrator' would have been able to come to this conclusion much quicker by simply running tcpdump (or windump if in Windows), as opposed to reaching this conclusion as the result of troubleshooting "all other possible causes of this issue".
For something that doesn't require the complexity of OOP, I think PHP does a decent job of getting what u need done quickly...assuming you're not a tard of a programmer. I like it's syntax (I come from a C background), as compared to Perl (which resembes the illegitimate child of C and LISP with down syndrome). Not to mention the documentation via www.php.net is nice.
Sounds like things are sailing along smoothly at this company (or his priorities are in the wrong place) if this is the worst of what this guy has to worry about.
Man, I definately feel for you. I had the pleasure of tackling a large, undocumented, foreign codebase myself a few months ago when the company I recently got hired at started dumping software bugs on me (I'm technically a sys/net admin who can also code). In our case, we're a java shop that utilizes Eclipse. All I can say is the debugger is your friend (specifically setting break points and stepping through code). Definately not ideal, but it gets the job done. I couldn't help feeling like Neo trying to learn my way around the Matrix.
Hehe, yeah. You're 100% correct...half the fun of it was getting the damn thing to work. I had a helluva time getting Doom to work over the modem at first. I went thru tons of init strings trying to find one that would work w/Doom w/out getting the dreaded 'CARRIER LOST' error. I think I finally attributed my failures to the damn phone line I was using. Once we moved and got a new phone line, everything worked fine. Kids have it easy these days..
My first REAL, gaming experience was when I was 9, and got to play Doom II. WOW, that got me hooked into PC's, let alone PC gaming. I second that. If it wasn't for Doom, I probably wouldn't have been as interested in computers and would have ended up pursuing a career in meteorology instead of IT, making much less money. Doom introduced me to all sorts of stuff that I never would have learned as a kid (modem init strings, IPX/SPX networking, DOS, terminal programs,etc). Most of these are obsolete technologies, but were learning scaffolds to what I know today.
What fascinated me more than anything was the multiplayer aspect of Doom. I remember spending entire weekends playing Doom w/a friend over the modem in co-op mode until my dad would kick me off his old 486:). Ah, the memories.
the bar code on your license uses an open, documented standard and can be rewritten to change your age or picture My Texas drivers license doesn't have a bar code on it, but rather a magnetic strip. Does anyone know if that's a documented standard as well?
Slashdot Mirror
Bret: Pretty scrawny black hole. It must be hungry.
Cubert: Duh! Black holes don't need food.
Bret: Neither do nerds!
I used to work for the company that sets up and maintains the AT&T wifi hotspot locations. They will be 'upgrading' to an AT&T DSL connection, Netopia CPE, and a Linux router to do the actual serving of welcome pages and network management.
Nevermind. I was able to get rid of this vulnerability by compiling/running this as a normal user:
http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c
It worked fine on Ubuntu and Gentoo
I'd rather get called @ 5 AM to fix a problem, implying I still have a job, then getting canned for low productivity for spending too much time configuring kernels for servers when the stock kernel on most enterprise-level distributions work just fine 99.9% of the time. It's hard to justify to PHBs why it took the equivalent amount of time setting up 1 server as it would 3.
So which `make menuconfig' option needs to be disabled to effectively eliminate this vulnerability? In `Device Drivers->Virtualization', I have nothinng selected in my running kernel's config, yet it's still vulnerable when I run the exploit. From what I gathered by googling, you want to disable the CONFIG_MMU kernel option, but instead of doing it via editing the .config file, I'd rather do it in `make menuconfig' so that takes care of anything that may be depending on that option as well.
Agreed. I'm a sysadmin who "blindly uses what the vendors [RHEL and CentOS] ship", not because I don't know how to recompile a kernel, but because sitting around and compiling a customized kernel for every server we have would be a complete waste of time.
thats a shame.
For something that doesn't require the complexity of OOP, I think PHP does a decent job of getting what u need done quickly...assuming you're not a tard of a programmer. I like it's syntax (I come from a C background), as compared to Perl (which resembes the illegitimate child of C and LISP with down syndrome). Not to mention the documentation via www.php.net is nice.
...the effects this may have on human procreation remains to be seen.
Sounds like things are sailing along smoothly at this company (or his priorities are in the wrong place) if this is the worst of what this guy has to worry about.
I guess this means I'll be ready in the event Earth is invaded by those horrible Strogg characters.
Man, I definately feel for you. I had the pleasure of tackling a large, undocumented, foreign codebase myself a few months ago when the company I recently got hired at started dumping software bugs on me (I'm technically a sys/net admin who can also code). In our case, we're a java shop that utilizes Eclipse. All I can say is the debugger is your friend (specifically setting break points and stepping through code). Definately not ideal, but it gets the job done. I couldn't help feeling like Neo trying to learn my way around the Matrix.
Hah, yea. We'd P2P it the oldskool way (fire up Qmodem, dial up a friend, and wait 45 mins to send Doom II zipped up (5 megs)) =D
Hehe, yeah. You're 100% correct...half the fun of it was getting the damn thing to work. I had a helluva time getting Doom to work over the modem at first. I went thru tons of init strings trying to find one that would work w/Doom w/out getting the dreaded 'CARRIER LOST' error. I think I finally attributed my failures to the damn phone line I was using. Once we moved and got a new phone line, everything worked fine. Kids have it easy these days..
What fascinated me more than anything was the multiplayer aspect of Doom. I remember spending entire weekends playing Doom w/a friend over the modem in co-op mode until my dad would kick me off his old 486
A calendar full of Mustangs and fanbois? This sounds like a terrible idea. I'd rather buy a calendar full of station wagons and trolls.
2008, the year of predictions
So, is this like the SNES version? If so, BAAAAAAAAAD AAAAAAAAAAAAAAAASS!!!!
Now might be a good time to purchase stock in paper-shredding companies.