It may be strange for those not in the networking field, but when things really go bad, the only place to be is physically in the data center.
That means looking at the LEDs on switches for traffic indications. If you see a single port is spewing a LOT of activity during an outage, disconnect it. No, don't make it "down" but pull the cable out of the port.
Then go downstream and repeat until the potential problem set is reduced to an understandable level.
What really sucks about these kind of outages is that you can't remotely log in to various hosts or switches - you have to pull wires out of ports to break the "spew" that is taking things down.
I have to remember to charge a 100-X surcharge the next time I troubleshoot one of these... (300X if after-hours)
These sort of problems are REALLY hard to find, but trivial to fix.
A couple years ago, I had to troubleshoot a problem that was similar for a school district's network. Absolutely nothing could communicate.
I checked switches, routers, and servers for a while until I hooked a sniffer up, and still got bafflling results.
THEN I decided to go low-tech, and start disconnecting cables. That got me somewhere - certain backbone connections could be disconnected and traffic levels dropped to normal levels.
So, I hooked them back up, and went to the other end of the link, and started disconnecting things port by port until I found the problem.
It turned out to be an unauthorized little 4-port switch that had malfunctioned, and was spewing perfectly valid (as in, good CRC) packets to the LAN, but with random source MAC addresses.
THAT took down every switch in the network, as it required them to update their internal tables on a per-packet basis. The thing was actually not sending much data, but it was poisoning the switchs' internal tables. Not at the IP layer, but at the MAC layer.
When networking gear goes rogue, it can do really bad things to other connected equipment.
It's really hard to find the problem because every indication from every other piece of equipment is confusing. You almost always have to go to the backbone and disconnect entire segmets to find it.
First and foremost, check and sanitize EVERY input passed via a $_POST or $_GET (and to be safe, check cookie inputs too).
Make SURE that none of them are in a format or contain data that you don't expect.
It is easier said than done, and it sucks major ass to do, but it's really the only way to be sure of what you are doing.
I just spent most of the last week tracking down an XSS exploit for a client, and it was a mother to find where to filter the input AND what to look for. SOME inputs needed SOME HTML tags to pass through, others required binary data, and still others needed integers.
My advice on new code is to check your inputs like crazy before assigning any submitted data to a variable. Then check the variables themselves.
Watch for hex encodings of HTML characters, and then watch for it again.
Then, after all that work, hope it works, then drink heavily.
Under US Federal law, suppressors are still quite legal, just regulated out the wazoo. Basically, you need to get a tax stamp and a local police sign-off, and you're good to go.
Some states ban them, but not many. In Pennsylvania, a silencer is not addressed in state law in any way - so if you had a tax stamped-silencer and a license to carry firearms, you could even pack silenced heat here.
Besides, it's a stupid regulation anyway. All firearms launching bullets that are supersonic make a really loud sonic "crack" (in many cases, louder than the muzzle blast) that can't be silenced anyway. Anyone nearby could still hear the shot unless the gun was firing a low-velocity bullet that's limited in range anyway.
Ext4 is orders of magnitude faster than Ext3 regarding fsck time. Your half-day checks will almost certainly be reduced to minutes. The developers rewrote the algorithm to not require as intensive of a search in phase 1.
If it's really important to get the machines up in minimal time (even at risk of some data loss) then you can turn off the auto checks entirely.
While I'm all for staying generally logged-in as a normal unprivileged user (okay, schmuck), when there's admin work to be done it's time to just su to root or switch to a different terminal and log in as "He who shalt be obeyed".
One "su root -" (plus password) is shorter than a lot of "sudo" commands.
Why on Earth would anyone write an app that requires sharing MDB files? Even Microsoft warns that the MDB is a "desktop database" format, not really intended for heavy use.
It's almost trivially easy to port any Jet application to use a "real" backend database server (MS SQL, Postgres, MySQL, Oracle, etc.) Even Access works beautifully as an ODBC client.
Seriously, these suits are approaching a level of craziness that someone, somewhere, at some time will simply not retain counsel, and will instead just kill the IP firm's principals, lawyers, etc. Or spawn a "take care of it" industry that will indeed "take care" of the "problem" for under 10% of the amount at stake.
When billions of dollars are at stake, I'd never put anything past a CEO. When billions of tax revenues are at stake even the FBI will overlook a small local arson case...
The issue before the Court is whether the amendment passed is or is not a fundamental change to the state's form of government. Those require legislative approval, whereas other amendments do not.
The potential impact on those affected by the amendment may be a valid political concern, but it is not a valid legal concern, nor does it have any bearing on the only possible reason to declare the amendment invalid.
The only other possible claim is that it's invalid under the Federal constitution, in which case it will end up in a Federal court, and eventually be considered "valid" by SCOTUS by a 5-4 vote.
There's a potential for some nasty backlash if the court does overturn this proposition as well - a possible voter backlash forcing the state legislature to vote the court as constituted out of existence or limiting it's jurisdiction radically.
Using the judiciary to overturn any referendum that passes a majority vote is dangerous ground.
The courts have explicitly held that swearing in public is NOT an act that can be banned. Indeed, people have gotten off in cases of yelling "Fuck You!" at police officers here on those grounds.
>The idea that at a certain point, the govt takes most of your earnings in taxes is an urban legend. For anybody working by the hour, there is no "tipping point" where the govt keeps most of each additional dollar - it is just untrue.
Even if it's not true, I'd rather work just enough to get by than make more and lose any of the gain. Hell, I'd work for free before going over a threshold where the rate increased.
Back in the late 80's, Borland wrote all of their compilers in Assembly. That's how they were able to compile 27,000 lines of Pascal code per minute on a '286 machine.
I shudder to think of the difficulty of that endeavor.
"CWE-20: Improper Input Validation It's the number one killer of healthy software, so you're just asking for trouble if you don't ensure that your input conforms to expectations...MORE >>
CWE-116: Improper Encoding or Escaping of Output Computers have a strange habit of doing what you say, not what you mean. Insufficient output encoding is the often-ignored sibling to poor input validation, but it is at the root of most injection-based attacks, which are all the rage these days...MORE >>
CWE-89: Failure to Preserve SQL Query Structure (aka 'SQL Injection') If attackers can influence the SQL that you use to communicate with your database, then they can...MORE >>
CWE-79: Failure to Preserve Web Page Structure (aka 'Cross-site Scripting') Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications...If you're not careful, attackers can...MORE >>
CWE-78: Failure to Preserve OS Command Structure (aka 'OS Command Injection') When you invoke another program on the operating system, but you allow untrusted inputs to be fed into the command string that you generate for executing the program, then you are inviting attackers...MORE >>
CWE-352: Cross-Site Request Forgery (CSRF) With cross-site request forgery, the attacker gets the victim to activate a request that goes to your site. Thanks to scripting and the way the web works in general, the victim...MORE >>
CWE-209: Error Message Information Leak If you use chatty error messages, then they could disclose secrets to any attacker who dares to misuse your software. The secrets could cover a wide range of valuable data...MORE"
EVERY single one of these are simply cases of the first one. All are nothing more than not validating the input.
This thing reads like something written by the Department of Redunancy's Redundancy Department Subdivision of Redundancy....
The question here is whether or not the bankruptcy court will accept this proposal or simply force SCO into an involuntary Chapter 7 liquidation. BK courts do everything possible to make a potentially viable business emerge at the end of a Chapter 11 case, but if there's no viability the court can on its own motion or on the motion of creditors simply liquidate the whole thing.
Five shots from a.458 Winchester Magnum firing soft-points really wrecks a drive into smithereens. It's actually hard to find a spot on the platters that isn't either punched through or scratched to near-oblivion by tiny fragments bouncing around inside the thing. Really, they look almost sandblasted where not outright gone.
Technology is show to be poltically-neutral. The same websites that link peaceful people can also link criminals, terrorists, military personnel, and the CIA to each other.
The same gun can be used to terrorize or defend.
The same hammer can drive nails or bash in skulls.o
We now return you to your regularly-scheduled/.-ing.
It seems that nVidia is still stupidly keeping the OpenGL support as a Quadro-only feature. There is no good reason to not support it across the line - 3D in a window is actually a really cool feature, much better than having to run "full screen".
Come on, guys. If you want to sell the stuff, quit being asshats and do it already.
Slashdot Mirror
D'oh!
It may be strange for those not in the networking field, but when things really go bad, the only place to be is physically in the data center.
That means looking at the LEDs on switches for traffic indications. If you see a single port is spewing a LOT of activity during an outage, disconnect it. No, don't make it "down" but pull the cable out of the port.
Then go downstream and repeat until the potential problem set is reduced to an understandable level.
What really sucks about these kind of outages is that you can't remotely log in to various hosts or switches - you have to pull wires out of ports to break the "spew" that is taking things down.
I have to remember to charge a 100-X surcharge the next time I troubleshoot one of these... (300X if after-hours)
These sort of problems are REALLY hard to find, but trivial to fix.
A couple years ago, I had to troubleshoot a problem that was similar for a school district's network. Absolutely nothing could communicate.
I checked switches, routers, and servers for a while until I hooked a sniffer up, and still got bafflling results.
THEN I decided to go low-tech, and start disconnecting cables. That got me somewhere - certain backbone connections could be disconnected and traffic levels dropped to normal levels.
So, I hooked them back up, and went to the other end of the link, and started disconnecting things port by port until I found the problem.
It turned out to be an unauthorized little 4-port switch that had malfunctioned, and was spewing perfectly valid (as in, good CRC) packets to the LAN, but with random source MAC addresses.
THAT took down every switch in the network, as it required them to update their internal tables on a per-packet basis. The thing was actually not sending much data, but it was poisoning the switchs' internal tables. Not at the IP layer, but at the MAC layer.
When networking gear goes rogue, it can do really bad things to other connected equipment.
It's really hard to find the problem because every indication from every other piece of equipment is confusing. You almost always have to go to the backbone and disconnect entire segmets to find it.
First and foremost, check and sanitize EVERY input passed via a $_POST or $_GET (and to be safe, check cookie inputs too).
Make SURE that none of them are in a format or contain data that you don't expect.
It is easier said than done, and it sucks major ass to do, but it's really the only way to be sure of what you are doing.
I just spent most of the last week tracking down an XSS exploit for a client, and it was a mother to find where to filter the input AND what to look for. SOME inputs needed SOME HTML tags to pass through, others required binary data, and still others needed integers.
My advice on new code is to check your inputs like crazy before assigning any submitted data to a variable. Then check the variables themselves.
Watch for hex encodings of HTML characters, and then watch for it again.
Then, after all that work, hope it works, then drink heavily.
It's always good to stay busy, and doubly so if you can actually do something that helps grow the existing technology.
And if he can make some cash from this gig, even better!
Go Woz!
if(dislikesApple()||isDemocrat()){$mod++;}else{mod--;}//© Slashdot
Yep. Funny how low-tech has a way of defeating high-tech every time.
Actually, high-tech never fails, but the low-tech upon which it's built does.
I think that's hilarious - but how many times did you get your ass beaten to a pulp?
Under US Federal law, suppressors are still quite legal, just regulated out the wazoo. Basically, you need to get a tax stamp and a local police sign-off, and you're good to go.
Some states ban them, but not many. In Pennsylvania, a silencer is not addressed in state law in any way - so if you had a tax stamped-silencer and a license to carry firearms, you could even pack silenced heat here.
Besides, it's a stupid regulation anyway. All firearms launching bullets that are supersonic make a really loud sonic "crack" (in many cases, louder than the muzzle blast) that can't be silenced anyway. Anyone nearby could still hear the shot unless the gun was firing a low-velocity bullet that's limited in range anyway.
Ext4 is orders of magnitude faster than Ext3 regarding fsck time. Your half-day checks will almost certainly be reduced to minutes. The developers rewrote the algorithm to not require as intensive of a search in phase 1.
If it's really important to get the machines up in minimal time (even at risk of some data loss) then you can turn off the auto checks entirely.
While I'm all for staying generally logged-in as a normal unprivileged user (okay, schmuck), when there's admin work to be done it's time to just su to root or switch to a different terminal and log in as "He who shalt be obeyed".
One "su root -" (plus password) is shorter than a lot of "sudo" commands.
You, sir, are a blithering idiot. "Samba" is a dance and music genre. The slur was "Sambo".
Why on Earth would anyone write an app that requires sharing MDB files? Even Microsoft warns that the MDB is a "desktop database" format, not really intended for heavy use.
It's almost trivially easy to port any Jet application to use a "real" backend database server (MS SQL, Postgres, MySQL, Oracle, etc.) Even Access works beautifully as an ODBC client.
Say hello to my LITTLE FRIEND! /funny
Seriously, these suits are approaching a level of craziness that someone, somewhere, at some time will simply not retain counsel, and will instead just kill the IP firm's principals, lawyers, etc. Or spawn a "take care of it" industry that will indeed "take care" of the "problem" for under 10% of the amount at stake.
When billions of dollars are at stake, I'd never put anything past a CEO. When billions of tax revenues are at stake even the FBI will overlook a small local arson case...
Just until they threaten a company with large revenues run as a mob front and their office is suddenly visited by Luca Brasi and Furio....
The issue before the Court is whether the amendment passed is or is not a fundamental change to the state's form of government. Those require legislative approval, whereas other amendments do not.
The potential impact on those affected by the amendment may be a valid political concern, but it is not a valid legal concern, nor does it have any bearing on the only possible reason to declare the amendment invalid.
The only other possible claim is that it's invalid under the Federal constitution, in which case it will end up in a Federal court, and eventually be considered "valid" by SCOTUS by a 5-4 vote.
There's a potential for some nasty backlash if the court does overturn this proposition as well - a possible voter backlash forcing the state legislature to vote the court as constituted out of existence or limiting it's jurisdiction radically.
Using the judiciary to overturn any referendum that passes a majority vote is dangerous ground.
In PA, in addition to being an admission, it also triggers the charges to be based on the assumption of being in the "highest BAC" category.
The courts have explicitly held that swearing in public is NOT an act that can be banned. Indeed, people have gotten off in cases of yelling "Fuck You!" at police officers here on those grounds.
>The idea that at a certain point, the govt takes most of your earnings in taxes is an urban legend.
For anybody working by the hour, there is no "tipping point" where the govt keeps most of each additional dollar - it is just untrue.
Even if it's not true, I'd rather work just enough to get by than make more and lose any of the gain. Hell, I'd work for free before going over a threshold where the rate increased.
Back in the late 80's, Borland wrote all of their compilers in Assembly. That's how they were able to compile 27,000 lines of Pascal code per minute on a '286 machine.
I shudder to think of the difficulty of that endeavor.
"CWE-20: Improper Input Validation
It's the number one killer of healthy software, so you're just asking for trouble if you don't ensure that your input conforms to expectations...MORE >>
CWE-116: Improper Encoding or Escaping of Output
Computers have a strange habit of doing what you say, not what you mean. Insufficient output encoding is the often-ignored sibling to poor input validation, but it is at the root of most injection-based attacks, which are all the rage these days...MORE >>
CWE-89: Failure to Preserve SQL Query Structure (aka 'SQL Injection')
If attackers can influence the SQL that you use to communicate with your database, then they can...MORE >>
CWE-79: Failure to Preserve Web Page Structure (aka 'Cross-site Scripting')
Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications...If you're not careful, attackers can...MORE >>
CWE-78: Failure to Preserve OS Command Structure (aka 'OS Command Injection')
When you invoke another program on the operating system, but you allow untrusted inputs to be fed into the command string that you generate for executing the program, then you are inviting attackers...MORE >>
CWE-352: Cross-Site Request Forgery (CSRF)
With cross-site request forgery, the attacker gets the victim to activate a request that goes to your site. Thanks to scripting and the way the web works in general, the victim...MORE >>
CWE-209: Error Message Information Leak
If you use chatty error messages, then they could disclose secrets to any attacker who dares to misuse your software. The secrets could cover a wide range of valuable data...MORE"
EVERY single one of these are simply cases of the first one. All are nothing more than not validating the input.
This thing reads like something written by the Department of Redunancy's Redundancy Department Subdivision of Redundancy....
The question here is whether or not the bankruptcy court will accept this proposal or simply force SCO into an involuntary Chapter 7 liquidation. BK courts do everything possible to make a potentially viable business emerge at the end of a Chapter 11 case, but if there's no viability the court can on its own motion or on the motion of creditors simply liquidate the whole thing.
Five shots from a .458 Winchester Magnum firing soft-points really wrecks a drive into smithereens. It's actually hard to find a spot on the platters that isn't either punched through or scratched to near-oblivion by tiny fragments bouncing around inside the thing. Really, they look almost sandblasted where not outright gone.
And it is a lot of fun, too.
Technology is show to be poltically-neutral. The same websites that link peaceful people can also link criminals, terrorists, military personnel, and the CIA to each other.
The same gun can be used to terrorize or defend.
The same hammer can drive nails or bash in skulls.o
We now return you to your regularly-scheduled /.-ing.
It seems that nVidia is still stupidly keeping the OpenGL support as a Quadro-only feature. There is no good reason to not support it across the line - 3D in a window is actually a really cool feature, much better than having to run "full screen".
Come on, guys. If you want to sell the stuff, quit being asshats and do it already.