Gosh, I was at the 50 karma cap, then two Genii mod me down as "off topic" for celebrating the new improved BiDi support in Gnome... Not like the long, relevant threads speculating about Swedish etymology! :-)
For your question: It's hard to find a better technical poet than Hafez among the mystics. He's nearly impenatrable for me in Persian, and I envy the classically fluent who can enjoy him. Maulana (Rumi) is the most immediate and enjoyable for me - at least selections from Diwan-e Shams. I am an amatuer, and stumble with broken Farsi and translations. Friends with more mastery than myself weep over verses of Maghrebi.
Az sedoy-e sokhaane eshq, nadidam khoshtar... -Hafez Shirazi
Properly configured firewalls, bastion hosts and ANY DMZ box have no compiler, and should have no client facility to pull data from anywhere - except for designated, trusted hosts on separate INTERNAL segments. This is enforced by firewall rules and router ACLs.
The firewall and IDS hosts must be so hard that no browser or FTP/rsync client etc. is installed at all. Upgrades, rules and signatures are tranfered to these systems only by valid, encrypted and keyed clients from appropriate stations- for instance the GUI for Checkpoint Firewall-1 with FWZ. ssh2/scp2 is also acceptable, when RSA key auth is employed (NO passwd!) along with rules and ACLs.
This is a part of "Defense in Depth" practice for Internet hosting. These defense approaches begin to separate the objectives of Security distinctly from those of Systems administration. This can be counter-intuitive because short-term administrative convenience is reduced to reduce the risks of administrative catastrophe.
I am a little extreme but -provided that my controls are themselves trustworthy- I can provide an extremely hard target!
Of course there are people who can construct exploit tools with sh, awk and dd. It is for these malevolent masterminds that we deploy detective controls!
Local Director is a horrible device. Unlike modern loadbalancers from F5, Alteon, Foundry, etc. the Local Defector is a layer-2 bridge. It cannot have more than one path to a given target, causes all the problems that bridges introduce into switched networks, and allows for potential security breaches, becuse it is commonly used to bridge between differing subnets!
All of the above vendors provide a proxy/switch style solution for layer 3 and above. If you can afford F5's BigIP HA+ in fail-over, this is a dream! Host-based on Intel, with a customized *BSD. Unless you are a freak for IOS-type management, Unix admins will love this.
To paraphrase Bruce Schneier Security is a set of procesess and a means of approach for systems.
I can vouch for the CISSP certification from (isc)2 as reinforcing this view of security. The CISSP is a significant valuator for businesses, who can be confident that candidates with this certification are literate in both technology and business considerations. This certification is exactly that: a CERTIFICATION. It is not a vendor technology program. It can be likened to a CPA designation for auditors and accountants.
The GIAC certifications from SANS are an excellent instruction in the working mechanisms of security technology. The curricula and basis for certification by SANS are under continous revision and are the most current in the industry.
The fact is that the CISSP is currently highly valued by employers as a valid assesment of domain awareness, best-practice assesment and professionalism. To combine this with specific GIAC tracks is a good way to identify formidable security personnel.
CISSP candidacy requires 3-5 years of work experience in one of the 10 domains identified. Additionally, (isc)2 will require a BS in an associated major, beginning in 2003. Studying for this is no piece of cake! Some resources:
If you can patent new TAGS, you can probably get away with anything! This is just a set of markups - and an OBVIOUS one, as it is simply usining a subset of SGML in exactly the way it was intended. Being "non-obvious" is a key requirement for an invention to be granted a patent.
Great Idea (tm): Why doesn't the guy trying to patent the HyperLink sue the fellow patenting RDF?
This is the VERY reason the M$ will never be able to compete on a performance basis with FreeBSD, or with Linux - for that matter.
The deepest parts of the API have bits of what was originally written to be 16-bit code! Rebuild this with a 32-bit compiler, Woops! Now "band-aid" the stuff that breaks....
At least I can still run the Reversi app that shipped in 1986.
To see so much measured, clear statements about both xBSD and Linux - without denegration or flamage. Matt's level discussion of VM issues and NFS speak for themselves, and doesn't need justification at the expense of other projects or systems.
I think that many of the "banner carriers" in the various user communities could do well to emulate this outlook!
Part of the appeal of Duke of URL is that Patrick Mullen is a largely unbiased amatuer with a website. If you miss this service enough, why not provide it yourself? I'm sure that a serious inquiry by e-mail to Patrick would result in a response - It would be nice to have the benefit of his experience when starting your own site!
She and her beta team forgot about *the* most important Content-Type:
The MSIE 'Patch' does little but obscure the problem - which was accurately described in the original Slashdot Rant as a natural consequence of Windows treating the browser as a shell extension.
http-equiv@excite.com is quoted: Clearly what this so-called "patch" does is convert all embedded file types
in MHTML documents viewed in patched Internet Explorer 6 into *.TMP files.
Previously all file types and file names were retained and if accepted would
run.
With Exchange 2000, you are really looking for the ADSI scripting interface to ActiveDirectory - as the Exchange DS is merged into AD. Check out Microsoft Technet.
It's not quite right to refer to the Windows IP stack as FreeBSD.
Like almost every IP implementation, the one in Win32 is heavily based on the Berkeley Net4 code. This is hardly surprising. The Berkeley implementation was TCP/IP - long before ther were others. Large blocks of the original Berkeley Net code appear to be copied unmodified in the NT/2000/XP system. This is probably true of AIX, Solaris, etc...
Like most of human activity, I believe that Open Source development is compelled by forces that defy categorization or even a very convincing explaination.
Theorize away! Academics will build their arguments and even create detailed demographies, without a demonstrable conclusion. And still, the development will continue, undisturbed.
There are several advantages of a paved Earth over a non-paved Earth, the only really important one is the ease of driving though. Today roads are narrow, you have to turn, and most governments frown at ground travel over Mach1. With endless blacktop in every direction, there will be no restriction to your
movement, and rocket powered hypercars will whiz in all directions. We will be able to amuse ourselves with endless driving at incredible speeds while drinking beer and eating wonderfully juicy burgers.
For your question: It's hard to find a better technical poet than Hafez among the mystics. He's nearly impenatrable for me in Persian, and I envy the classically fluent who can enjoy him. Maulana (Rumi) is the most immediate and enjoyable for me - at least selections from Diwan-e Shams. I am an amatuer, and stumble with broken Farsi and translations. Friends with more mastery than myself weep over verses of Maghrebi.
Az sedoy-e sokhaane eshq, nadidam khoshtar...
-Hafez Shirazi
Persian poetry on GNOME.
Do you run Connectiva or Mandrake?
The firewall and IDS hosts must be so hard that no browser or FTP/rsync client etc. is installed at all. Upgrades, rules and signatures are tranfered to these systems only by valid, encrypted and keyed clients from appropriate stations- for instance the GUI for Checkpoint Firewall-1 with FWZ. ssh2/scp2 is also acceptable, when RSA key auth is employed (NO passwd!) along with rules and ACLs.
This is a part of "Defense in Depth" practice for Internet hosting.
These defense approaches begin to separate the objectives of Security distinctly from those of Systems administration. This can be counter-intuitive because short-term administrative convenience is reduced to reduce the risks of administrative catastrophe.
I am a little extreme but -provided that my controls are themselves trustworthy- I can provide an extremely hard target!
Of course there are people who can construct exploit tools with sh, awk and dd. It is for these malevolent masterminds that we deploy detective controls!
SUE! SUE! SUE!
Emotional distress, the destruction of childhood dreams... I could go on for days and days.
You use vi - not only because you need to edit source files - but also to satisfy some aesthetic impulse which is atavistic and minimal?
Wild trolling!
I suspect that the prerequisite was added because of this.
Local Director is a horrible device. Unlike modern loadbalancers from F5, Alteon, Foundry, etc. the Local Defector is a layer-2 bridge. It cannot have more than one path to a given target, causes all the problems that bridges introduce into switched networks, and allows for potential security breaches, becuse it is commonly used to bridge between differing subnets!
All of the above vendors provide a proxy/switch style solution for layer 3 and above. If you can afford F5's BigIP HA+ in fail-over, this is a dream! Host-based on Intel, with a customized *BSD. Unless you are a freak for IOS-type management, Unix admins will love this.
Check out O'Reilly on Bridge-Path vs. Route-Path Server Load Balancing
I guess I can UUEncode these - so you can figure out why they have that bit-cap on @Home Usenet access!
I can vouch for the CISSP certification from (isc)2 as reinforcing this view of security. The CISSP is a significant valuator for businesses, who can be confident that candidates with this certification are literate in both technology and business considerations. This certification is exactly that: a CERTIFICATION. It is not a vendor technology program. It can be likened to a CPA designation for auditors and accountants.
The GIAC certifications from SANS are an excellent instruction in the working mechanisms of security technology. The curricula and basis for certification by SANS are under continous revision and are the most current in the industry.
The fact is that the CISSP is currently highly valued by employers as a valid assesment of domain awareness, best-practice assesment and professionalism. To combine this with specific GIAC tracks is a good way to identify formidable security personnel.
CISSP candidacy requires 3-5 years of work experience in one of the 10 domains identified. Additionally, (isc)2 will require a BS in an associated major, beginning in 2003. Studying for this is no piece of cake!
Some resources:
http://www.cissp.com/default.html
CISSP Library of Free Study References
The CISSP Open Study Guide
Am I the only one who remembers when RealNetworks was Progressive Networks, and Rob Glazer was helping to support liberal politicsl causes?
Great Idea (tm):
Why doesn't the guy trying to patent the HyperLink sue the fellow patenting RDF?
The deepest parts of the API have bits of what was originally written to be 16-bit code! Rebuild this with a 32-bit compiler, Woops! Now "band-aid" the stuff that breaks....
At least I can still run the Reversi app that shipped in 1986.
I think that many of the "banner carriers" in the various user communities could do well to emulate this outlook!
I get your point, but it's VIM ferchrissakes!
You'll only be sorry once you see the price tag for licensing and services.
Really.
Ouch...
Part of the appeal of Duke of URL is that Patrick Mullen is a largely unbiased amatuer with a website. If you miss this service enough, why not provide it yourself? I'm sure that a serious inquiry by e-mail to Patrick would result in a response - It would be nice to have the benefit of his experience when starting your own site!
There is a thread on BugTraq which explores this issue in depth:
http-equiv@excite.com is quoted:
Clearly what this so-called "patch" does is convert all embedded file types in MHTML documents viewed in patched Internet Explorer 6 into *.TMP files. Previously all file types and file names were retained and if accepted would run.
These guys see him, know what side his hair is parted on, and how many rounds are in the clip of his Kalashnikov.
Otherwise, Netscape etc. work as decent IMAP clients - as long as you don't expect to use calendar/scheduling, tasks or notes!
With Exchange 2000, you are really looking for the ADSI scripting interface to ActiveDirectory - as the Exchange DS is merged into AD. Check out Microsoft Technet.
I have petitioned management to institute the celebration of Festivus .
I think that a corporate celebration of Festivus gives a brilliant opportunity for the traditional "Airing of grievances".
Like almost every IP implementation, the one in Win32 is heavily based on the Berkeley Net4 code. This is hardly surprising. The Berkeley implementation was TCP/IP - long before ther were others. Large blocks of the original Berkeley Net code appear to be copied unmodified in the NT/2000/XP system. This is probably true of AIX, Solaris, etc...
This is a feature of the Berkeley licence.
Theorize away! Academics will build their arguments and even create detailed demographies, without a demonstrable conclusion. And still, the development will continue, undisturbed.
and
alt.culture.electric-midget
This is the stuff that really bears the test of time! Not to metion the great AOL flood of 1995, and the annual rites of September.
What else? 20 years of tjames and kibo.
1.1 Why pave the earth?
There are several advantages of a paved Earth over a non-paved Earth, the only really important one is the ease of driving though. Today roads are narrow, you have to turn, and most governments frown at ground travel over Mach1. With endless blacktop in every direction, there will be no restriction to your movement, and rocket powered hypercars will whiz in all directions. We will be able to amuse ourselves with endless driving at incredible speeds while drinking beer and eating wonderfully juicy burgers.