It does make me wonder why the people at CERT don't ever pretend to be skript kiddies. I just found this little tid-bit on a well known site which serves a lot of exploits.
Description:
A "feature" of most telnetd programs is that they will pass environmental variables (like TERM, DISPLAY, etc) for you. Unfortunately this can be a problem if someone passes LD_PRELOAD and causes/bin/login to load trojan libraries!
Author: Well known, squidge (squidge@onyx.infonexus.com) wrote this, but I doubt you can reach him. Isn't he in jail now?
Compromise: root REMOTELY!
Vulnerable Systems: Older Linux boxes, I think SunOS systems, probably others.
Date:January 1996 maybe? Quite old but lives forever like phf.
Assuming the Beowulf thing is supposed to refer to the parallel computing project, and not to some guy, the link should point to: http://www.beowulf.org/ and not http://www.beowulf.com/.
But fortunately the some-guy has linked to the project too. Thank you, some-guy.
I thought the US DoD was using OpenBSD. If I recall correctly, slashdot featured this fact in an article once.
It's a shame to see the use of such a good OS to a loss by the FUD that is Linux. Yes, you heard right. I use Linux myself, and it's not too bad, but why should everyone on the planet use Linux as well? Why can't they use NT? Why is preferring a BSD over Linux that bad?
Especially in the case of OpenBSD, where most of the utilities come from the GNU project and are released under the GPL it's not such a biggy that they don't want to use Linux, methinks.
"Stupid AMD. They should know better than to let Europeans interfere with their lifeline like this. Anybody who does business with socialists deserves to fail, and they will, believe me. They will."
Probably. But wait... we colonized america, did we not? So AMD, and you, are not only in business with "socialists", you're even the product of "socialism". I suppose this makes you a failure as well.
Most ISPs require you to agree to the terms they set. These usually state that you may not to naughty things (like sending spam and insult people). They also say that the ISP can remove your account whenever they want without giving a reason.
This seems like good enough "protection" for the user, the ISP, and the Internet as a whole.
Do you always base your ideas on software on what other people think of it?
If you do, I (and a lot of my friends) don't like SuSe. Will you be reformatting your harddrive now?
I have not used Gentus, in fact, I didn't even know it existed until know. But I think it is a great gesture to include a GNU/Linux distribution with hardware. Even if it's "crap".
It will probably bring the existance of GNU/Linux (or GNU/Linux outside of Redhat) and Open Source in general, to the attention of many people. I'd say this is a good thing.
If the information on your machines is so incredibly vital to you, disconnect them from the network.
Of course, this isn't always an option. But i think the common view on `hacking' is still the TV-ish "hey, i cracked the DoD's machine in 5min.".
I'm having a bit of trouble imagining that the DoD, or any other organization for that matter, would but all their "Top Secret" documents (including the ones with the red "Top Secret" label) equipped with a modem or a connection to the Internet.
The same effect can be reached through firewalling and proper administration.
Having big companies freeing their product sounds like a Good Thing to me. But why does everybody always say "this is nice, but...". Can't we just be happy with what we get? If they want to keep the source code, or in this case the hardware, to themselves, let them. It's just the way they choose to do business. It may not always seem fair, but i think a lot of companies have shown interest in Free Software lately and all they get in return is "ok. thanks. whatever. now give it all!".
I don't think the chance of becoming a millionare is a reason for not writing viruses. If that was true, there wouldn't be any windows-viruses out there as well.
I think that when somebody writes something in a UNIX-environment, he is more likely to write something useful, make it free software and donate it to the open source community. This way he has a chance of becoming respected and famous, which, imho, is much cooler than being "pheared".
That's probably why they needed a new computer. Maybe this one will get some sort of e-mail-so-that-you-dont-miss-the-forecast-thin gy. Or maybe it will be able to post to c.o.l.a. Or leave a message on your answering machine. Or....
There seems to be some sort of server overload. I either get "Connection refused" or broken images. Oh well, I'll just have to bookmark it and visit it when it has been forgotten by the rest of the world.
Having specs available will probably help all the OSs. But the way i see it, i think companies are more likely to develop closed source drivers or kernel modules and distribute them with the hardware. This wouldn't really help BSD users. But then again, if they start packing Linux drivers with their hardware BSD will probably follow soon.
Who really needs a CPU that fast? I'm doing quite well on my AMD K6-2 350MHz right now. Not that I'd call that a slow CPU, it's just adequate. I bought that CPU after the 450MHz AMD was released just so that i wouldn't cry when they'd release a 500MHz CPU and I'd no longer have the fastest CPU around. It's just stupid. I'd rather buy an extra couple MB's of core, or perhaps a fast harddrive. I have about 50 years of life left in me and I don't mind waiting for a process to finish.
I bought one of those cards a while ago. I believe it was SB PCI64V to be exact. Whatever you do, don't buy it! There should be an es1371 chip on the card and that's what it told my computer. At start-up the ID was 1371,/proc/pci (Linux) was nice enough to let me know as well. So i tried the es1371 module (*duh*) but it just wouldn't work. I got a copy of the alsa modules, but that didn't work either. After some thorough investigation i found out that there was an es1373 chip on the card, instead of the es1371 that's supposed to be on it. Ofcourse i tried to contact Creative about this. The helpdesk on their website didn't even read my posting. The told me it was not a `retail product' and give me an URL with drivers for win95. So i tried the primitive method of communication and picked up the phone. The same story here. In other words, Creative just f**ks you over and says "sorry, you should have bought a more expensive product."
Slashdot Mirror
It does make me wonder why the people at CERT don't ever pretend to be skript kiddies. I just found this little tid-bit on a well known site which serves a lot of exploits.
Description: A "feature" of most telnetd programs is that they will pass environmental variables (like TERM, DISPLAY, etc) for you. Unfortunately this can be a problem if someone passes LD_PRELOAD and causes /bin/login to load trojan libraries!
Author: Well known, squidge (squidge@onyx.infonexus.com) wrote this, but I doubt you can reach him. Isn't he in jail now?
Compromise: root REMOTELY!
Vulnerable Systems: Older Linux boxes, I think SunOS systems, probably others.
Date: January 1996 maybe? Quite old but lives forever like phf.
Assuming the Beowulf thing is supposed to refer to the parallel computing project, and not to some guy, the link should point to: http://www.beowulf.org/ and not http://www.beowulf.com/.
But fortunately the some-guy has linked to the project too. Thank you, some-guy.
I thought the US DoD was using OpenBSD. If I recall correctly, slashdot featured this fact in an article once.
It's a shame to see the use of such a good OS to a loss by the FUD that is Linux. Yes, you heard right. I use Linux myself, and it's not too bad, but why should everyone on the planet use Linux as well? Why can't they use NT? Why is preferring a BSD over Linux that bad?
Especially in the case of OpenBSD, where most of the utilities come from the GNU project and are released under the GPL it's not such a biggy that they don't want to use Linux, methinks.
"Stupid AMD. They should know better than to let Europeans interfere with their lifeline like this. Anybody who does business with socialists deserves to fail, and they will, believe me. They will."
Probably. But wait... we colonized america, did we not? So AMD, and you, are not only in business with "socialists", you're even the product of "socialism". I suppose this makes you a failure as well.
Why is the Ultimate Hitchhiker's Guide to the Galaxy so incredibly cheap compared to other books?
I paid about a sixth of what I paid for Lord of the Rings and both had a hard cover and a lot of words in them.
Most ISPs require you to agree to the terms they set. These usually state that you may not to naughty things (like sending spam and insult people). They also say that the ISP can remove your account whenever they want without giving a reason.
This seems like good enough "protection" for the user, the ISP, and the Internet as a whole.
Do you always base your ideas on software on what other people think of it?
If you do, I (and a lot of my friends) don't like SuSe. Will you be reformatting your harddrive now?
I have not used Gentus, in fact, I didn't even know it existed until know. But I think it is a great gesture to include a GNU/Linux distribution with hardware. Even if it's "crap".
It will probably bring the existance of GNU/Linux (or GNU/Linux outside of Redhat) and Open Source in general, to the attention of many people. I'd say this is a good thing.
As Gates once said: "640k should be enough for anyone".
;)
As i once said: "WOW! a 1GB harddrive! imagine the games you can store on that!"
Everything will be obsoleted in time.
Although i have to agree, 18.4MTB should take a long time
If the information on your machines is so incredibly vital to you, disconnect them from the network.
Of course, this isn't always an option. But i think the common view on `hacking' is still the TV-ish "hey, i cracked the DoD's machine in 5min.".
I'm having a bit of trouble imagining that the DoD, or any other organization for that matter, would but all their "Top Secret" documents (including the ones with the red "Top Secret" label) equipped with a modem or a connection to the Internet.
The same effect can be reached through firewalling and proper administration.
If the information is unavailable it is secure.
Having big companies freeing their product sounds like a Good Thing to me.
But why does everybody always say "this is nice, but...". Can't we just be happy with what we get?
If they want to keep the source code, or in this case the hardware, to themselves, let them.
It's just the way they choose to do business. It may not always seem fair, but i think a lot of companies have shown interest in Free Software lately and all they get in return is "ok. thanks. whatever. now give it all!".
I don't think the chance of becoming a millionare is a reason for not writing viruses. If that was true, there wouldn't be any windows-viruses out there as well.
I think that when somebody writes something in a UNIX-environment, he is more likely to write something useful, make it free software and donate it to the open source community. This way he has a chance of becoming respected and famous, which, imho, is much cooler than being "pheared".
That's probably why they needed a new computer.n gy. ....
Maybe this one will get some sort of
e-mail-so-that-you-dont-miss-the-forecast-thi
Or maybe it will be able to post to c.o.l.a.
Or leave a message on your answering machine.
Or
There seems to be some sort of server overload.
I either get "Connection refused" or broken
images. Oh well, I'll just have to bookmark it
and visit it when it has been forgotten by the
rest of the world.
Having specs available will probably help all the OSs. But the way i see it, i think companies are more likely to develop closed source drivers or kernel modules and distribute them with the hardware. This wouldn't really help BSD users.
But then again, if they start packing Linux drivers with their hardware BSD will probably follow soon.
Who really needs a CPU that fast?
I'm doing quite well on my AMD K6-2 350MHz right
now. Not that I'd call that a slow CPU, it's just
adequate.
I bought that CPU after the 450MHz AMD was released just so that i wouldn't cry when they'd release a 500MHz CPU and I'd no longer have the fastest CPU around. It's just stupid. I'd rather buy an extra couple MB's of core, or perhaps a fast harddrive. I have about 50 years of life left in me and I don't mind waiting for a process to finish.
I bought one of those cards a while ago. /proc/pci (Linux)
I believe it was SB PCI64V to be exact.
Whatever you do, don't buy it!
There should be an es1371 chip on the card and
that's what it told my computer.
At start-up the ID was 1371,
was nice enough to let me know as well.
So i tried the es1371 module (*duh*) but it just
wouldn't work. I got a copy of the alsa modules,
but that didn't work either.
After some thorough investigation i found out that
there was an es1373 chip on the card, instead of
the es1371 that's supposed to be on it.
Ofcourse i tried to contact Creative about this.
The helpdesk on their website didn't even read my
posting. The told me it was not a `retail product'
and give me an URL with drivers for win95.
So i tried the primitive method of communication
and picked up the phone. The same story here.
In other words, Creative just f**ks you over and
says "sorry, you should have bought a more expensive product."
That's all i have to say about that.