Your VM may have it's own bootloader, but I can assure you that every VM I have used is a complete virtual *machine*, not just a virtual operating system.
It executes exactly the same bootloader as a real machine.
The exception to this is as you describe, loading a kernel.
Sending only a handful of more carefully calculated responses is also more likely to succeed if the victim is using mitigation techniques such as rate throttling.
Even using source port randomization doesn't help as much as a lot of people think. You don't get one 32-bit PRNG, you get 2x 16-bit PRNGs. Each of these can be attacked separately. If you could narrow each of these down to 10 likely guesses, you only have to send 100 replies.
The metasploit code sends bulk randomly generated spoofed replies. If you look at Amit Klein's work on analyzing the PRNG's involved, there are *much* more effective attacks.
It is people making boneheaded statements like yours that make people think you are a tosser.
(Everybody still needs to patch/and or enable nat on egress, btw)
And if you read about the auditing process here: http://www.openbsd.org/security.html#process
We are not so much looking for security holes, as we are looking for basic software bugs...
Shame Linus has his head stuck up his ass, or he could have read that, too.
He's right - they're just bugs.
Where he isn't right is about OpenBSD - security is a by-product of fixing bugs. They don't just fix the bugs, but when a new class of bug is identified the whole source tree is scanned for that type of bug - both kernel *and* user-land.
But then Linux is just a kernel, isn't it?
Slashdot Mirror
Er... headless is not in the FOSS version, and you can run vmware/qemu/etc headless.
Would you like to try again?
Your VM may have it's own bootloader, but I can assure you that every VM I have used is a complete virtual *machine*, not just a virtual operating system.
It executes exactly the same bootloader as a real machine.
The exception to this is as you describe, loading a kernel.
Your logic is completely back-assward.
Yep, and here's the beauty of the model:
You add new features to the paid-for binaries before they get added to the open-source version.
The mug punters actually *pay* you to do your beta testing!
yep, free! ... and missing a few features.
Yes - go read Amit Klein's papers on trusteer.
Sending only a handful of more carefully calculated responses is also more likely to succeed if the victim is using mitigation techniques such as rate throttling.
Even using source port randomization doesn't help as much as a lot of people think. You don't get one 32-bit PRNG, you get 2x 16-bit PRNGs. Each of these can be attacked separately. If you could narrow each of these down to 10 likely guesses, you only have to send 100 replies.
to fit *inside* a beer can?
You are massively wrong.
The metasploit code sends bulk randomly generated spoofed replies. If you look at Amit Klein's work on analyzing the PRNG's involved, there are *much* more effective attacks.
It is people making boneheaded statements like yours that make people think you are a tosser.
(Everybody still needs to patch/and or enable nat on egress, btw)
... I did not fully understand, frankly, the limitations in the Vista environment."
Be warned, it only works once.
Unless she is also using Vista, but then dinner will be late anyway.
Buy him some uber-cool hardware which doesn't have *nix drivers, and delete his only copy of windows.
do NOT blindly forward to OpenDNS
They do not return NXDOMAIN for domains which don't exist.
Dan, not all of the internet is a web-browser.
Dan Kamikaze
Yeah, I know...
Sounds like he has his head in the clouds.
Monday 9am - doing nothing ...
Monday 10am - doing nothing
Monday 11am - doing nothing
Monday 12pm - lunch
Monday 1pm - doing nothing
Monday 2pm - doing nothing
Since discovering vimperator, I hardly use the mouse at all.
Typing ']]' will automatically find the 'next' link in most picture galleries.
FF3 + vimperator + half-qwerty, and I'm one-handed surfing all the way!
The hard part (no pun intended) was learning how to do the *other* stuff with my left hand.
If your bosses won't pay for some test servers, pick your most lightly-loaded server and install a VM.
You can't keep a network running without at least one scratch box.
Yes, RH should have tested this update, but you should *NOT* trust any vendor to get it right 100% of the time.
...check for rpm mouse droppings by running find.
RH may have made a small coding mistake - you made an even bigger one.
http://www.oberon.ethz.ch/
Oberon boots fairly quickly.
Now, WTF did you want the appliance to do?
I have not seen such a meaningless questions since, er, the last "ask slashdot".
Can *we* afford the environmental cost of replacing a working system?
Now everyone will know I buy banana-flavored lube!
In the 'portable' version of openssh?
And if you read about the auditing process here: http://www.openbsd.org/security.html#process
We are not so much looking for security holes, as we are looking for basic software bugs...
Shame Linus has his head stuck up his ass, or he could have read that, too.
Well, probably me.
He's right - they're just bugs. Where he isn't right is about OpenBSD - security is a by-product of fixing bugs. They don't just fix the bugs, but when a new class of bug is identified the whole source tree is scanned for that type of bug - both kernel *and* user-land. But then Linux is just a kernel, isn't it?