Screw fileshack, they want you to WAIT for the download to start. They actually have queues, the wait time right now is at least 12 minutes. Why not get the trailer directly from the bmx xxx site. Its embedded in a page but here's the URL it pulls the mpg from:
The other fun thing, is that the people who do know where to get cheap older oddball computers, aren't bloody likely to tell you where they get em:-) Because they can pick em up cheap and sell them on ebay. I've picked up working SparcStation 20s for $5, called a friend to tell him there were still a couple SS10s left for $5 each. I have a friend that picked up an SGI Onyx for $35 and I've seen (but didn't need) HP 9000 D-class machines for $35 each. All this without shipping charges. I personally never resell the stuff on ebay, if i see something for cheap that I know someone is looking for (like 19" Sun Monitors w/trintron tubes) $15 or so, I call em, if they need it I'll pick it up and resell it to them at cost.
Re:Definition of spoofing
on
Wartrapping?
·
· Score: 2
While what you descibed could be called spoofing, its more likely that spoofing is just a small part of your attack. What you've described is a man-in-the-middle attack. Spoofing is really just making something look like something else in order to fool someone. It doesn't have to be making your machine look like the machine of someone you're trying to attack. For example, in your ssh example, you could ARP spoof to pull that off, but say you want to access an SSH server that is restricted to certain IPs, well then you would have to pretend to be an allowed IP, any allowed IP.
After reading the posting we'll note this is VERY similar to the OpenSSH trojan. The trojan doesn't wind up in the sendmail binary but is actually created during the build process.
So more than just checking the MD5sums of things you download you need to watch who you compile as, since the trojan will have the privledges of whoever compiled sendmail. This isn't exactly the most sly trojan either, it is quite blatent about how it creates a tunnel to a specified target, this can also help the intruder avoid firewall rules and detection.
If you find you've been affected by the trojan you would be wise to reinstall the system from known clean code since the intruder may have already created other backdoors from themself.
Translation: I got owned by some 10 year old with netbus who stole my geocities password and replaced pictures of my wife with pictures of tranvestites.
Man, this is such a troll. A Master's _will_ get you more money AND a better job. It will also get you respect, as an engineering student I have boat loads of respect for everyone that has made it through the program and even more for people who want to continue thier education.
Sigh, Lets go over the many things wrong with your "arguement".
The original discussion was using IDE hard drives as opposed to DVD. So we should be discussing this in relevant sizes (around 4.7gigs)
5gig tapes fly for around $5 new 5gig hard drives aren't available anymore so you're likely to buy at least a 40gig, smaller ones are too hard to find. So I can understand why you choose that.
But, what if your project is only 5gigs? So you've got 8days worth of backup on your single drive. I've got 8 days on 8 tapes. Which is more reliable from your standpoint.
I'm also amazed at the amount of time you spent on CDW, seeing as how you choose the cheapest IDE hard drive and the most expensive 50gb tape.By the way why did you choose 50gb when 40gb tapes are more common and cost so much less?
So let me correct your error by supplying you with the least expensive 40gig tape:
Verbatim 40GB 4MM Data Cartridge, single: $18.21
I hope they don't have to correct these sort of errors at your place of employment too often
You seem like a cost sensitive guy, so you're probably not paying for offsite storage of your backups, maybe you bring them home with you, I know plenty of people that do. Bill does it.
Have you seen Bill's driving, the guy is a nutcase. I don't even want to imagine how many times those tapes have flown around his backseat or trunk. I'm not about to trust IDE hard drive backups to Bill's driving.
And have you met Sally in accounting? Have you seen how Sally treats her floppy disks? She doesn't treat my tapes much better. Yeah, I've dropped hard drives too, but not as much as I've seen tapes abused.
Tapes are easier to store as well. I also like how you didn't touch the fact that data recovery on a broken tape is worlds easier and less expensive than that of a hard drive. I don't know about you, but if the guy doing data recovery on my hard drive isn't grounded in some way, I'm pretty annoyed.
Btw, DVD-R/RW writters got for $300 and sometimes less. Media is $5 a disk.
There's many reason to use tape over ide hard drives, not the least of which being _less points of failure_. With a tape drive you have 1 motor, 1 read/write head, and none of these ever move more than a fraction of an inch, they never get dropped, they never get shaken up. If a tape gets left in someones car and melts, so what, you lost 1 tape, a few bucks and ones days backup, maybe not a huge lost since you've got a weeks worth of tapes.
Now a hard drive on the other hand, Bill says to Sally from accounting, "take this to Ted in IT while you're headed over there" Sally drops the drive "Oops, I better not tell Bill or Ted" Of course, Ted get the drive and its dead. Tape on the other hand, if Sally dropped it, would be fine, even if the case cracked, so what, open another tape, switch the reels, no biggie. Hard drive platters don't take switching quite as well, and data recovery, in a clean room, ain't cheap.
This also is the reason that backing up to optical media makes sense a lot of times, most of my real serious backups have at least one copy on optical (meaning CD) media.
Uh, honeynet?
The entire point of a honeynet is to let people in so you can study how they got in and what tools and techniques are in widespread use.
But no, this isn't censorship, this is blocking someone doing harm to your users and wasting your bandwidth (yes i know they're just setting up dummy files, but its still a waste)
of course, the problem with open relays means all of the far east may be blocked, but hey, spam is spam.
No biggie, I, as well as a large amount of other companies and individuals, already block all of the far east. No useful mail comes from there anyway. There's no point to contacting the providers since most don't speak english and the ones that do don't care if thier relays are open.
It means the printer is out of paper, I know HP Laser printers used that error. (Yes I know its a quote from office space)
As far as the topic of the dicussion goes. Anonymous or non-anonymous usage stats are the way to go. Non-Anonymous would allow you to tell who's leeching though. Just usage stats though, and if someone hacks from the connection it is NOT your responsibility to stop it, only to punish that person after they have been caught.
yes, they are part of the critical fixes included in SP1, but SP1 is not out yet. In fact, we're still on beta 1, they haven't even released any interm builds.
Forget reading the article, did you read the Slashdot posting? Lets see,
First problem: They weren't trying to make anyone look good, this was a 3rd party test.
Second: Why would they try to make anyone look good, neither of the "products" tested are for profit projects. They have nothing to gain from false benchmarks.
Third: How could that be taken as Linux bashing? Both filesystems are linux only, they aren't being compared to anything non-linux nor are you comparing them to anything non-linux.
Please read both the article and posting before you take the "How to post" (early and often) of slashdot very seriously.
Slashdot Mirror
cept most registrars email you at least 30 days in advance anyway because they want you to renew
Does it hurt to be wrong this often, or are you used to it by now?
Search results for: 209.10.163.130
Globix Corporation GLOBIXBLK3 (NET-209-10-0-0-1)
209.10.0.0 - 209.11.223.255
Acclaim Entertainment IP002407-209-10-163 (NET-209-10-163-128-1)
209.10.163.128 - 209.10.163.143
# ARIN Whois database, last updated 2002-10-14 19:05
# Enter ? for additional hints on searching ARIN's Whois database.
If you're going to troll, at least fess upto your trolliness and don't post AC
Screw fileshack, they want you to WAIT for the download to start. They actually have queues, the wait time right now is at least 12 minutes. Why not get the trailer directly from the bmx xxx site. Its embedded in a page but here's the URL it pulls the mpg from:
m pg
http://209.10.163.130/aux/bmxxxx/movies/mpg_01.
64-bit means you can handle these huge wacky long integers. Which is important for the home user because *tud* *beeeeeeeeeeeeeeeeeeeeeeeeeeep.....*
What about the simpsons?
The other fun thing, is that the people who do know where to get cheap older oddball computers, aren't bloody likely to tell you where they get em :-) Because they can pick em up cheap and sell them on ebay. I've picked up working SparcStation 20s for $5, called a friend to tell him there were still a couple SS10s left for $5 each. I have a friend that picked up an SGI Onyx for $35 and I've seen (but didn't need) HP 9000 D-class machines for $35 each. All this without shipping charges. I personally never resell the stuff on ebay, if i see something for cheap that I know someone is looking for (like 19" Sun Monitors w/trintron tubes) $15 or so, I call em, if they need it I'll pick it up and resell it to them at cost.
While what you descibed could be called spoofing, its more likely that spoofing is just a small part of your attack. What you've described is a man-in-the-middle attack. Spoofing is really just making something look like something else in order to fool someone. It doesn't have to be making your machine look like the machine of someone you're trying to attack. For example, in your ssh example, you could ARP spoof to pull that off, but say you want to access an SSH server that is restricted to certain IPs, well then you would have to pretend to be an allowed IP, any allowed IP.
65.54.254.151, 65.54.254.129, 65.54.252.99, 65.54.254.145, 65.54.254.151, 65.54.254.140, and 65.54.252.230 should all be blackholed
That's why I'm still running sendmail from 1996!
After reading the posting we'll note this is VERY similar to the OpenSSH trojan. The trojan doesn't wind up in the sendmail binary but is actually created during the build process.
So more than just checking the MD5sums of things you download you need to watch who you compile as, since the trojan will have the privledges of whoever compiled sendmail. This isn't exactly the most sly trojan either, it is quite blatent about how it creates a tunnel to a specified target, this can also help the intruder avoid firewall rules and detection.
If you find you've been affected by the trojan you would be wise to reinstall the system from known clean code since the intruder may have already created other backdoors from themself.
Somehow, I don't think a sign that says "No Blind People" is going to reach its target audience
Translation: I got owned by some 10 year old with netbus who stole my geocities password and replaced pictures of my wife with pictures of tranvestites.
Man, this is such a troll. A Master's _will_ get you more money AND a better job. It will also get you respect, as an engineering student I have boat loads of respect for everyone that has made it through the program and even more for people who want to continue thier education.
I'm be mighty suprised if you knew any women at all
Sigh,
Lets go over the many things wrong with your "arguement".
The original discussion was using IDE hard drives as opposed to DVD. So we should be discussing this in relevant sizes (around 4.7gigs)
5gig tapes fly for around $5
new 5gig hard drives aren't available anymore so you're likely to buy at least a 40gig, smaller ones are too hard to find. So I can understand why you choose that.
But, what if your project is only 5gigs? So you've got 8days worth of backup on your single drive. I've got 8 days on 8 tapes. Which is more reliable from your standpoint.
I'm also amazed at the amount of time you spent on CDW, seeing as how you choose the cheapest IDE hard drive and the most expensive 50gb tape.By the way why did you choose 50gb when 40gb tapes are more common and cost so much less?
So let me correct your error by supplying you with the least expensive 40gig tape:
Verbatim 40GB 4MM Data Cartridge, single: $18.21
I hope they don't have to correct these sort of errors at your place of employment too often
You seem like a cost sensitive guy, so you're probably not paying for offsite storage of your backups, maybe you bring them home with you, I know plenty of people that do. Bill does it.
Have you seen Bill's driving, the guy is a nutcase. I don't even want to imagine how many times those tapes have flown around his backseat or trunk. I'm not about to trust IDE hard drive backups to Bill's driving.
And have you met Sally in accounting? Have you seen how Sally treats her floppy disks? She doesn't treat my tapes much better. Yeah, I've dropped hard drives too, but not as much as I've seen tapes abused.
Tapes are easier to store as well. I also like how you didn't touch the fact that data recovery on a broken tape is worlds easier and less expensive than that of a hard drive. I don't know about you, but if the guy doing data recovery on my hard drive isn't grounded in some way, I'm pretty annoyed.
Btw, DVD-R/RW writters got for $300 and sometimes less. Media is $5 a disk.
But hey, you use whatever you want for backup.
There's many reason to use tape over ide hard drives, not the least of which being _less points of failure_. With a tape drive you have 1 motor, 1 read/write head, and none of these ever move more than a fraction of an inch, they never get dropped, they never get shaken up. If a tape gets left in someones car and melts, so what, you lost 1 tape, a few bucks and ones days backup, maybe not a huge lost since you've got a weeks worth of tapes.
Now a hard drive on the other hand, Bill says to Sally from accounting, "take this to Ted in IT while you're headed over there"
Sally drops the drive "Oops, I better not tell Bill or Ted"
Of course, Ted get the drive and its dead. Tape on the other hand, if Sally dropped it, would be fine, even if the case cracked, so what, open another tape, switch the reels, no biggie. Hard drive platters don't take switching quite as well, and data recovery, in a clean room, ain't cheap.
This also is the reason that backing up to optical media makes sense a lot of times, most of my real serious backups have at least one copy on optical (meaning CD) media.
Uh, honeynet?
The entire point of a honeynet is to let people in so you can study how they got in and what tools and techniques are in widespread use.
But no, this isn't censorship, this is blocking someone doing harm to your users and wasting your bandwidth (yes i know they're just setting up dummy files, but its still a waste)
IBM got in trouble for chalking ads, just because its tollerated doesn't make it legal.
of course, the problem with open relays means all of the far east may be blocked, but hey, spam is spam.
No biggie, I, as well as a large amount of other companies and individuals, already block all of the far east. No useful mail comes from there anyway. There's no point to contacting the providers since most don't speak english and the ones that do don't care if thier relays are open.
Once again, why is there no (Wrong, -1)
In response to your sig:
It means the printer is out of paper, I know HP Laser printers used that error. (Yes I know its a quote from office space)
As far as the topic of the dicussion goes. Anonymous or non-anonymous usage stats are the way to go. Non-Anonymous would allow you to tell who's leeching though. Just usage stats though, and if someone hacks from the connection it is NOT your responsibility to stop it, only to punish that person after they have been caught.
Note: your quote from the Simpson's episode "Sweet and Sour Marge" is slightly incorrect. The correct quote is:
"...While we're at it: Why don't I just change my last name back to Hitler?" -- Garth Motherloving
yes, they are part of the critical fixes included in SP1, but SP1 is not out yet. In fact, we're still on beta 1, they haven't even released any interm builds.
Forget reading the article, did you read the Slashdot posting? Lets see,
First problem: They weren't trying to make anyone look good, this was a 3rd party test.
Second: Why would they try to make anyone look good, neither of the "products" tested are for profit projects. They have nothing to gain from false benchmarks.
Third: How could that be taken as Linux bashing? Both filesystems are linux only, they aren't being compared to anything non-linux nor are you comparing them to anything non-linux.
Please read both the article and posting before you take the "How to post" (early and often) of slashdot very seriously.
Your page (slashdotsucks.org) has just as many problems as slashdot, and its uglier. See this for details