For the same reason smoke stacks and ventilation ducts have the least number of turns and bends: any obstruction creates back-pressure... and back pressure is something you don't want when you are trying to dissipate excess heat during a SCRAM.
Then again... whoever thought they could hit a 1.5 meter target while travelling at 250+ meters / second....
Not true. White Rock (another city near Vancouver) removed all their parking meters last year in exchange for a centralized system that you can phone and make your payment over the phone.
Any business that is running several e-commerce sites and processing thousands of dollars per hour should be using their own credit card clearing system.
This is when people realize that the lowest bidder is not always the best choice.
I think that you should look at your intended application.
- How much disk space are you going to need in total? - How much disk space are you going to need per node? - How much RAM is each node going to need? - Is your application going to benefit from a low-latency or a high-bandwith connection between nodes? - What about cpu? which cpu family will provide the best bang/$ for your calculations? PPC or X86? x86-64 maybe?
Once you know what you need, put it together in an RFP and send it out to every company that shows up under a google search for "beowulf cluster"
Review the responses and pick the best.
Since you are asking this question here, I'm going to refrain from suggesting the better option which is to build your own.
There is quite a bit of feeds in the old Ku band. It seems that the networks have forgotten that people can pick up Ku band too. I guess they don't care too much since the BUD (Big Ugly dishes) are not very common anymore.
There are all sorts of tv shows that you can pick up, such as: - news feeds - live feeds - tv show feeds (for example, you can watch the episodes of "24" at least a couple of days before they are shown on the regular chanels)
There are plenty of websites that give frequencies, polarizations and longitude for the various satellites out there. I won't provide any, but they are a mere google search away.
As for equipment, $200 sounds about right for a good setup. Check eBay, you can find good deals there too.
There was a session at last year's (2003) defcon about FTA satellite tv.
Cobalt RaQs make good honeypots. I know because I have one. Mirror a few websites from the net, set them up in their virtual servers, apply some fake logs and some email/ftp activity, and it looks just like a badly managed virtual web server at a small ISP.
I have used other honeypots, honeyd, vmware with varying results. Most hackers are aware of honeypots nowadays and the first thing they do when they get in is to check to see if it is a honeypot. According to their actions, they are getting paranoid. Honeyd and VMWare are easy to detect. A hand carved honeypot takes a lot of effort to get it right.
But a cobalt Raq with some fake sites on it. It's like candy for the hackers.
Wow, talk about two patents that are close to other existing technologies.
For example, there is the Zero-Knowledge-Test (ZKT) used for authenticating peers without actually transmitting a shared secret.
And a "Network architecture for secure communications between two console-based gaming systems"??? Haven't they ever heard of the SSH or SSL protocols?
What a waste of time and effort. Why would they bother to file this patents?
Are patents useless in the software world? I mean, as a programmer, I know that there is more than one way to solve a problem, so what kind of protection do you get with a software patent?
There are some highly sensitive solid-state accelerometers. I believe that they are manufactured by National Semiconductor. Microsoft uses them in their handheld Sidewinder FreeStyle Pro. They look like fat silicon chips and the interfaces are digital, so they are easily connected to microcontrollers.
If you need higher precission, you could add gyroscopes. Laser gyroscopes are popular this days and their prices have come down quite a bit.
When you combine accelerometers with gyroscopes and a fairly high sampling rate, you can obtain high degrees of accuracy and precision.
If you can use waypoints, then you can calculate drift rates and improve accuracy. If you think that the GPS signal may be usable then you can use a GPS receiver as a waypoint source.
From my experience, the most common source of errors is high frequency content, specially when walking. A damper would go a long way towards improving the accuracy.
You should have no problem integrating everything into a small backpack with a laptop (if you need a UI), or a small shoe box if all you want is data logging.
Hope this helps, if you want more information such as part numbers and suppliers, I could gather some. As for designs and software,.... sorry, it's confidential information.:-)
I heard about this desalination plant a while ago, that's why I launched google as soon as I read the headline. What is a "RO" plant?
The Santa Catalina desalination plant was built because a condominium project would not get a construction permit unless the developers made the development self-sufficient with regards to their water needs. The developers agreed to build a desalination plant and the excess water not used by the condominiums is sold to the rest of the island.
I contacted the technical support departments for Telus(ADSL) and Shaw(cable) with regards to their support for IPv6. Telus and Shaw are the two major broadband providers in the province of British Columbia, Canada.
Here are the results:
- Telus: Technical support rep. actually knew what IPv6 was and said that I was the first person to ever ask him that question. His response (after talking to supervisors) was: "Telus will deploy IPv6 within two years".
- Shaw: Technical support rep. did not know what I was talking about, escalated me to second level support, who then put me on hold for a while. Their response: not supported and there is no schedule to deploy IPv6. He said that Shaw "would do it when we start running out of IPs".
I didn't bother to contact any small ISPs in town.
I have used the PCI-WDT500 before and it worked just perfectly.
My application was a mpeg stream server using icecast.
I modified the icecast code so that it reset the watchdog timer after some important sections of code. If for any reason the icecast server would not be able to perform those tasks (ie, the mpeg stream was not being transmitted), the watchdog timer would expire and the machine would reboot.
Needles to say, this method would cover all types of problems from bugs in icecast, to kernel panics, hardware failures and network problems.
The PCI-WDT500 is a PCI bus version, so it will work with all newer systems. All you need to install it is to hook it up to the hardware reset line.
It is possible. My friend (who is on a small budget ) bought several old Monster3D video cards and is using them to perform digital audio processing. He can't afford to buy a new top of the line computer, so he bought an Old Pentium 100 motherboard with 6 PCI slots and populated the slots with Monster3D cards that he bought at eBay for less than $20 each. He now has the equivalent processing power of a >$5000 audio processor.
The only thing that you need to consider is the processing/transport ratio. You don't want to spend a lot of time transfering the data back and forth, to only perform a matrix multiply.
His method works, because he is applying the same set of very complex filters and transforms to a large amount of data. So he programs the GPU's with 3D models that represent the operations that he wants to perform, and sends in the data as textures. He then reads back the rendered frame, and you start all over again.
He is now working on porting the distributed.net RC5 client to the playstation 2, the pixel pipelines will be able to simultaneously work on different keys, and proper pipelining of the code should produce a high key rate for only the cost of a $450(Canadian) playstation 2.
One thing that you should consider when connecting many servers to one shared SAN is the issue of security.
Most security designs involve using "concentric circles" of security.
Each ring contains a set of applications and data that have a common security concern or priority. The closer to the center that you get, the data becomes more valuable and therefore the security measures are stronger and more protective.
The outer layers of the circle usually contain internet web servers, incomming mail servers, etc. The inner layers could contain such things as source code, payroll, billing, R&D, etc.
If you share a SAN across layers of security, an intruder could use the SAN to bypass any security measures that protect the inner layer.
And if you think that this is not possible, think again, I have read the results of a SAN security risk assesment performed by a large security firm, and they were able to plug in a laptop into the SAN and gain access to the SAN by making the SAN controller believe that the laptop had the WWUI (world-wide unique identifier) of a critical server that was down for maintenance.
Can't give any more details, since I am under NDA and I cannot reveal the exact method used, or specific company names or brands.
If your really need to get the low down on what is better, esspecially for your situation, to figure out what you really need I suggest you look up your local EMC office, or visit www.emc.com....its never failed me where I work...Nobody ever got fired for buying EMC
I don't know if anybody ever got fired for buying EMC, but if you are going to consider EMC as a solution, you should talk to the people at GunBroker.com, they use an EMC solution. They recently had a problem with the disk array, and here is a quote from their News and Announcements page:
"Our EMC disk array, which is supposed to guarantee 100% uptime, failed. It took EMC 24 hours to get it back online, and when they got it back online they corrupted our database"
Althought the reason for the failure has not been disclosed yet, I would think twice about buying EMC.
What I don't understand is how can they argue trademark infrigement, when there are no characters by the name of mobilix in the Asterix and Obelix books list of characters.
This just sounds to me like an attempt to bully small organizations into submission.
This is quoted from an interview with Albert Uderzo ( one of the creators of Asterix and Obelix ):
"For us, like for most French people, what we know of the Gauls begins with Vercingetorix. The 'RIX' at the end of his name means 'king' and is 'REX' in Latin and 'RIX' in Celtic. Not all Gaulish names end with 'IX', but we thought it would be fun to remind people of Vercingetorix. And it was also easier for us to have the Romans with names ending in 'US' and the Gauls with names in 'IX'
After that we used a similar formula for foreigners - using 'OS' or 'IS' for Greeks. We always enjoyed coming up with names from expressions and puns. This made it a very difficult job for our translators, because they had to create their own names so they would be funny in their language."
If you don't know much about Asterix and Obelix, it is a comic book about a gaulish (french) village that resists the assault of the roman empire. It was originally written by Rene Goscinny and drawn by Albert Uderzo. Sadly, Rene Goscinny passed away November 5, 1977.
After that point, Albert Uderzo has become the principal writer and he no longer draws the comics.
It is my opinion that ever since, the quality of the comic has decreased
My suspicion is that this lawsuit is one last feeble attempt by Uderzo to make more money. See the following quote of the same interview:
"Together with three friends, we had created a small publishing company, that was just managing to get by. We didn't make much money, but we sure had a lot of fun."
Notice that he mentions financial issues twice in a row, which in my opinion expresses his biggest worry.
I also find it interesting that in the entire official Asterix and Obelix web site there is not one single mention of Rene Goscinny, other than on the copyright line at the page footer, and that he refers to Rene Goscinny as one of his "...three friends,..." What are they hiding???.
Does anyone have access to the lawsuit documents? I am very interested in reading why they think they deserve to win this lawsuit.
That is not such an obvious solution, since the DCT-2000 is a digital cable signal receiver. AFAIK the tivo still does not have the capability to decode the digital cable signals. If you want to use a tivo with digital cable, then you are forced to use an IR dongle to control your digital cable box.
What Marqis wants to do is add a third party software package to the Motorola unit so that he can replace the TV-listings screen format and add functionality to the data port so that the tivo and the motorola can talk directly to each other, without using an un-reliable IR link.
I am a little skeptical about the savage operation.
The rumour is that a torpedo exploded and caused the sub to sink. Therefore it was a good idea to cut off the torpedo section and separate it from the rest of the submarine.
However, if you are going to try to conduct an investigation into the accident, would it not make more sense to savage the torpedo section first?
Since Russia's finances are very shaky, I do not think that they are going to try and rebuild the submarine to put it back into operation.
I think the real reason they savaged the portion that was not damaged is because they want to use it as a source of spare parts for other subs.
That would be a great indicator to a hacker that the machine is a honeypot. Wouldn't you be suspicious if you noticed that the server was not able to connect to anything?
I have discussed this with several people who run honeypots, including Lance Spitzner. Most of the solutions are along those lines, using complex firewalling techniques that include:
Preventing outgoing connections
Allowing only one connection to each external address
Allowing only the first X connections
Personally, I don't use any protection on my honeynet. Giving the hacker complete freedom to do as they please, allows me to not only witness their actions from the receiving side, but also the attacking side.
It is my opinion, ( my honeynet has not been attacked since it has been up, so I don't have any factual data ) that there is more work done on the attacking side than is seen on the receiving side. I plan to record that data by allowing hackers to use my systems to attack other sites.
If my honeypot is hacked into and then it is used to launch an attack against another system, am I liable for intentionally leaving an unsecured server on the internet?
Is this similar to leaving a gun rack unlocked, then somebody takes one of the guns and commits a crime with it?
For those of you that don't know, Vancouver, Canada has the cheapest bandwidth in North America.
Group Telecom has been selling 100Mbps co-location at $1000 US/month for the last two years, and if you want an internet feed at your location with the same bandwidth, it will be around $1400 US/month.
The building I live in has built-in ethernet, I pay $20 us/month for a switched 10Mbps feed.
Slashdot Mirror
For the same reason smoke stacks and ventilation ducts have the least number of turns and bends: any obstruction creates back-pressure ... and back pressure is something you don't want when you are trying to dissipate excess heat during a SCRAM.
Then again ... whoever thought they could hit a 1.5 meter target while travelling at 250+ meters / second ....
There are plenty of other logic analyzers that are open source. To name a few: SUMP, Open Workbench, Logic Shrimp.
Just stop using Youtube. Post the video on your own site. Case closed.
Get yourself a server in the US and install your own proxy... Won't cost you more than $100/month.
Not true. White Rock (another city near Vancouver) removed all their parking meters last year in exchange for a centralized system that you can phone and make your payment over the phone.
This is when people realize that the lowest bidder is not always the best choice.
I think that you should look at your intended application.
- How much disk space are you going to need in total?
- How much disk space are you going to need per node?
- How much RAM is each node going to need?
- Is your application going to benefit from a low-latency or a high-bandwith connection between nodes?
- What about cpu? which cpu family will provide the best bang/$ for your calculations? PPC or X86? x86-64 maybe?
Once you know what you need, put it together in an RFP and send it out to every company that shows up under a google search for "beowulf cluster"
Review the responses and pick the best.
Since you are asking this question here, I'm going to refrain from suggesting the better option which is to build your own.
Hector
There is quite a bit of feeds in the old Ku band. It seems that the networks have forgotten that people can pick up Ku band too. I guess they don't care too much since the BUD (Big Ugly dishes) are not very common anymore.
There are all sorts of tv shows that you can pick up, such as:
- news feeds
- live feeds
- tv show feeds (for example, you can watch the episodes of "24" at least a couple of days before they are shown on the regular chanels)
There are plenty of websites that give frequencies, polarizations and longitude for the various satellites out there. I won't provide any, but they are a mere google search away.
As for equipment, $200 sounds about right for a good setup. Check eBay, you can find good deals there too.
There was a session at last year's (2003) defcon about FTA satellite tv.
Hope this info helps
Cobalt RaQs make good honeypots. I know because I have one. Mirror a few websites from the net, set them up in their virtual servers, apply some fake logs and some email/ftp activity, and it looks just like a badly managed virtual web server at a small ISP.
I have used other honeypots, honeyd, vmware with varying results. Most hackers are aware of honeypots nowadays and the first thing they do when they get in is to check to see if it is a honeypot. According to their actions, they are getting paranoid. Honeyd and VMWare are easy to detect. A hand carved honeypot takes a lot of effort to get it right.
But a cobalt Raq with some fake sites on it. It's like candy for the hackers.
Wow, talk about two patents that are close to other existing technologies.
For example, there is the Zero-Knowledge-Test (ZKT) used for authenticating peers without actually transmitting a shared secret.
And a "Network architecture for secure communications between two console-based gaming systems"??? Haven't they ever heard of the SSH or SSL protocols?
What a waste of time and effort. Why would they bother to file this patents?
Are patents useless in the software world? I mean, as a programmer, I know that there is more than one way to solve a problem, so what kind of protection do you get with a software patent?
You could try using inertial navigation.
.... sorry, it's confidential information. :-)
There are some highly sensitive solid-state accelerometers. I believe that they are manufactured by National Semiconductor. Microsoft uses them in their handheld Sidewinder FreeStyle Pro. They look like fat silicon chips and the interfaces are digital, so they are easily connected to microcontrollers.
If you need higher precission, you could add gyroscopes. Laser gyroscopes are popular this days and their prices have come down quite a bit.
When you combine accelerometers with gyroscopes and a fairly high sampling rate, you can obtain high degrees of accuracy and precision.
If you can use waypoints, then you can calculate drift rates and improve accuracy. If you think that the GPS signal may be usable then you can use a GPS receiver as a waypoint source.
From my experience, the most common source of errors is high frequency content, specially when walking. A damper would go a long way towards improving the accuracy.
You should have no problem integrating everything into a small backpack with a laptop (if you need a UI), or a small shoe box if all you want is data logging.
Hope this helps, if you want more information such as part numbers and suppliers, I could gather some. As for designs and software,
Hector
I heard about this desalination plant a while ago, that's why I launched google as soon as I read the headline. What is a "RO" plant?
The Santa Catalina desalination plant was built because a condominium project would not get a construction permit unless the developers made the development self-sufficient with regards to their water needs. The developers agreed to build a desalination plant and the excess water not used by the condominiums is sold to the rest of the island.
I contacted the technical support departments for Telus(ADSL) and Shaw(cable) with regards to their support for IPv6. Telus and Shaw are the two major broadband providers in the province of British Columbia, Canada.
Here are the results:
- Telus: Technical support rep. actually knew what IPv6 was and said that I was the first person to ever ask him that question. His response (after talking to supervisors) was: "Telus will deploy IPv6 within two years".
- Shaw: Technical support rep. did not know what I was talking about, escalated me to second level support, who then put me on hold for a while. Their response: not supported and there is no schedule to deploy IPv6. He said that Shaw "would do it when we start running out of IPs".
I didn't bother to contact any small ISPs in town.
I have used the PCI-WDT500 before and it worked just perfectly.
My application was a mpeg stream server using icecast.
I modified the icecast code so that it reset the watchdog timer after some important sections of code. If for any reason the icecast server would not be able to perform those tasks (ie, the mpeg stream was not being transmitted), the watchdog timer would expire and the machine would reboot.
Needles to say, this method would cover all types of problems from bugs in icecast, to kernel panics, hardware failures and network problems.
The PCI-WDT500 is a PCI bus version, so it will work with all newer systems. All you need to install it is to hook it up to the hardware reset line.
It is possible. My friend (who is on a small budget ) bought several old Monster3D video cards and is using them to perform digital audio processing. He can't afford to buy a new top of the line computer, so he bought an Old Pentium 100 motherboard with 6 PCI slots and populated the slots with Monster3D cards that he bought at eBay for less than $20 each. He now has the equivalent processing power of a >$5000 audio processor.
The only thing that you need to consider is the processing/transport ratio. You don't want to spend a lot of time transfering the data back and forth, to only perform a matrix multiply.
His method works, because he is applying the same set of very complex filters and transforms to a large amount of data. So he programs the GPU's with 3D models that represent the operations that he wants to perform, and sends in the data as textures. He then reads back the rendered frame, and you start all over again.
He is now working on porting the distributed.net RC5 client to the playstation 2, the pixel pipelines will be able to simultaneously work on different keys, and proper pipelining of the code should produce a high key rate for only the cost of a $450(Canadian) playstation 2.
Most security designs involve using "concentric circles" of security.
Each ring contains a set of applications and data that have a common security concern or priority. The closer to the center that you get, the data becomes more valuable and therefore the security measures are stronger and more protective.
The outer layers of the circle usually contain internet web servers, incomming mail servers, etc. The inner layers could contain such things as source code, payroll, billing, R&D, etc.
If you share a SAN across layers of security, an intruder could use the SAN to bypass any security measures that protect the inner layer.
And if you think that this is not possible, think again, I have read the results of a SAN security risk assesment performed by a large security firm, and they were able to plug in a laptop into the SAN and gain access to the SAN by making the SAN controller believe that the laptop had the WWUI (world-wide unique identifier) of a critical server that was down for maintenance.
Can't give any more details, since I am under NDA and I cannot reveal the exact method used, or specific company names or brands.
I don't know if anybody ever got fired for buying EMC, but if you are going to consider EMC as a solution, you should talk to the people at GunBroker.com, they use an EMC solution. They recently had a problem with the disk array, and here is a quote from their News and Announcements page:
"Our EMC disk array, which is supposed to guarantee 100% uptime, failed. It took EMC 24 hours to get it back online, and when they got it back online they corrupted our database"
Althought the reason for the failure has not been disclosed yet, I would think twice about buying EMC.
What I don't understand is how can they argue trademark infrigement, when there are no characters by the name of mobilix in the Asterix and Obelix books list of characters.
This just sounds to me like an attempt to bully small organizations into submission.
This is quoted from an interview with Albert Uderzo ( one of the creators of Asterix and Obelix ):
"For us, like for most French people, what we know of the Gauls begins with Vercingetorix. The 'RIX' at the end of his name means 'king' and is 'REX' in Latin and 'RIX' in Celtic. Not all Gaulish names end with 'IX', but we thought it would be fun to remind people of Vercingetorix. And it was also easier for us to have the Romans with names ending in 'US' and the Gauls with names in 'IX'
After that we used a similar formula for foreigners - using 'OS' or 'IS' for Greeks. We always enjoyed coming up with names from expressions and puns. This made it a very difficult job for our translators, because they had to create their own names so they would be funny in their language."
If you don't know much about Asterix and Obelix, it is a comic book about a gaulish (french) village that resists the assault of the roman empire. It was originally written by Rene Goscinny and drawn by Albert Uderzo. Sadly, Rene Goscinny passed away November 5, 1977.
After that point, Albert Uderzo has become the principal writer and he no longer draws the comics.
It is my opinion that ever since, the quality of the comic has decreased
My suspicion is that this lawsuit is one last feeble attempt by Uderzo to make more money. See the following quote of the same interview:
"Together with three friends, we had created a small publishing company, that was just managing to get by. We didn't make much money, but we sure had a lot of fun."
Notice that he mentions financial issues twice in a row, which in my opinion expresses his biggest worry.
I also find it interesting that in the entire official Asterix and Obelix web site there is not one single mention of Rene Goscinny, other than on the copyright line at the page footer, and that he refers to Rene Goscinny as one of his "...three friends,..." What are they hiding???.
Does anyone have access to the lawsuit documents? I am very interested in reading why they think they deserve to win this lawsuit.
That is not such an obvious solution, since the DCT-2000 is a digital cable signal receiver. AFAIK the tivo still does not have the capability to decode the digital cable signals. If you want to use a tivo with digital cable, then you are forced to use an IR dongle to control your digital cable box.
What Marqis wants to do is add a third party software package to the Motorola unit so that he can replace the TV-listings screen format and add functionality to the data port so that the tivo and the motorola can talk directly to each other, without using an un-reliable IR link.
I am a little skeptical about the savage operation.
The rumour is that a torpedo exploded and caused the sub to sink. Therefore it was a good idea to cut off the torpedo section and separate it from the rest of the submarine.
However, if you are going to try to conduct an investigation into the accident, would it not make more sense to savage the torpedo section first?
Since Russia's finances are very shaky, I do not think that they are going to try and rebuild the submarine to put it back into operation.
I think the real reason they savaged the portion that was not damaged is because they want to use it as a source of spare parts for other subs.
How about a moderation system for articles?
I have discussed this with several people who run honeypots, including Lance Spitzner. Most of the solutions are along those lines, using complex firewalling techniques that include:
Preventing outgoing connections
Allowing only one connection to each external address
Allowing only the first X connections
Personally, I don't use any protection on my honeynet. Giving the hacker complete freedom to do as they please, allows me to not only witness their actions from the receiving side, but also the attacking side.
It is my opinion, ( my honeynet has not been attacked since it has been up, so I don't have any factual data ) that there is more work done on the attacking side than is seen on the receiving side. I plan to record that data by allowing hackers to use my systems to attack other sites.
That's why I am concerned about my liabilities.
If my honeypot is hacked into and then it is used to launch an attack against another system, am I liable for intentionally leaving an unsecured server on the internet?
Is this similar to leaving a gun rack unlocked, then somebody takes one of the guns and commits a crime with it?
I live in the concord pacific buildings in Yaletown ( in downtown ). My rent is $1000/month for a one bedroom + den. ( ~720 sq. feet ).
For those of you that don't know, Vancouver, Canada has the cheapest bandwidth in North America.
Group Telecom has been selling 100Mbps co-location at $1000 US/month for the last two years, and if you want an internet feed at your location with the same bandwidth, it will be around $1400 US/month.
The building I live in has built-in ethernet, I pay $20 us/month for a switched 10Mbps feed.