the only purpose i can imagine for putting padme in rotj would be to include her in the "ghost revue" along with yoda, obiwan, and anakin. although i don't know how that would work as she's not a jedi.
i would agree, in my experience only about 1 in 10 of people i have worked with have had the brain cells to actually get the work done. it's great to work with people that are on top of it, but i'm sick to death of having to carry the rest of them.
>Another brilliant common hole (at least in financial companies): block ports 21 and most others through the firewall so employees won't ftp files to or from their workstations over the intranet. Of course no employee is smart enough to configure their ftp client to use port 80.
hehehehee...reminds me of something i did at my last job. i used to work at a very large financial company, the only access to the internet was http via a proxy server. i couldn't get access to my external email accounts. so i built an http tunnel to encapsulate ssh back to my box at home. http://www.nocrew.org/software/httptunnel.h tml from there i could do anything i wanted. moral of the story : never f with a network engineer.
check out the flying boy ad. i have no idea if they are going to air this or not, it was shown at their brain share conference last week.
http://www.novellbrainshare.com/portal/content/h om e_video.jsp
ugh. if the preview function is to be believed, there is likely to be a space between the m and e in "home" in the url. be aware of that when you cut and paste the url into your browser.
how about getting internet wide multicast running? that would certainly assist in getting data out to a diverse group of recipients without putting a huge load on the internet.
AS 701 is the heart of the internet
on
Heart of the Net
·
· Score: 1
oh, i fucked that math up bad. still, the basic concept of qos + sensible bandwidth provisioning being preferable to restrictive terms of service still stands.
you fools need to stop trying to ban selected user behavior and start putting some thought in bandwidth provisioning & quality of service mechanisms. your real goal is to keep your network from being saturated by a few users to the detriment to the rest.
take a hint from the world of frame relay and implement a committed access rate/burst rate for your user connections, then provision your bandwidth around that.
users x car = total bandwidth required
to illustrate an example of this, i work for a major financial company, a slew of banks connect to us over a frame cloud. a T1 has 24 64k timeslots, we will place 48 customers on this at a 32k cir/ 64k burst rate. or 24 at 64/128. or 12 at 128/256. you get the idea.
back to the cable co's : i recently priced DS3 45M internet access at 15k a month from the largest carrier in the us.
45M = 1024k x 1024k x 45 = 47,185,920k
47,185,920k / 512k cir = 92,160 subscribers max
92,160 subscribers x 40$ monthly fee = 3,686,400$
(i hope i didn't screw any of that math up, double check it)
obviously there are other costs to consider aside from the cable companies internet connection, but still : how do they manage to make such a huge clusterfuck out of this?
for those of you who are confused about the nature of multihoming :
multihoming involves connecting to 2 or more isps and BGP publishing your ip space through both of them. this (ideally) involves having your own ARIN assigned ip space & AS number.
the point of multihoming is to address redunancy for inbound as well as outbound connections. you can use 2 isps + nat + creative outbound routing to handle outbound traffic, but that does nothing for a potential web server you're trying give multiple inbound paths to.
read the multihoming faq :
http://www.netaxs.com/~freedman/multi.html
first off, i'd just like to say, i love it when a hardcore networking article gets posted to slashdot, the number of responses is so much lower due to the userbase having no experience with the subject; and mindless pontificating and chest beating (as in anti microsoft/pro linux articles) doesn't cut it with this subject matter.
as an aside, i don't mean the above preamble as a negative statement about the specific poster i'm responding to.
"Consequently, since routes time out after a while
...This would logically increase the load on route discovery protocols such as BGP."
well...not exactly. when 2 routers are set up in BGP partnership they exchange an initial set of rotes which are statically set by the AS administrator, there's no dynamic discovery process. those routes are only changed under a few specific conditions : explicit changes announced by the BGP partner, or the loss of connectivity to the partner (too many missed hello packets). BGP route exchange is not based on some kind of dynamic route timeout/refresh algorithm as that would be horrifyingly inefficient.
a few words on how routing and route caching work (this is assumed to be on an defaultless internet backbone router) :
a packet enters the router destined for some ip address, a lookup against the routing table is done, the appropriate outbound interface is selected (this set is known as path determination), the packet is then sent to the appropriate outbound interface, re-framed, and sent out to the next hop (this step is known as switching); route caching associates a destination ip address with an next hop interface, thus bypassing the redundant route table lookup. a definate gain in efficiancy, cisco makes a number of advanced caching/switching engines that are used in thier high end core routers.
to summarize/explain the BGP/worm paper : worms generate excessive traffic; the traffic overwhelms some routers and wan links; thus, BGP hello packets get lost or never sent depending upon traffic or router load; consequently the BGP routes are being announced/withdrawn at a high rate (this is known as route flapping). this is bad, having a route fail is not a problem, as long as it stays failed. rapidly changing states creates extra load on the router. route dampaning policies help, but with a worm creating these conditions everywhere at once the cumulative effect is instability.
check these sites out to learn networking :
http://www.cisco.com/univercd/cc/td/doc/cisintwk /i to_doc/index.htm
http://www.merit.edu/mail.archives/nanog/
anyone who writes a wise ass follow up to this had better include a CCIE number.
current tv and radio coverage has degenerated into a commercial for the defense budget, reenforced with blind nationalism.
Re:Explain this one to me...
on
Taming the Web
·
· Score: 1
>The only thing I can think of is that your ISP doesn't allow any initial SYN packets through to you. This would make you only capable of being a client
permit tcp any any established would certainly be a bummer; however, most dsl/cable modem users already have their capacity to be a server kneecapped via asychronous connection speeds. 640k downstream vs 128k upstream. makes it easier to keep the users as passive recipients of "content"; public participation is actively discouraged.
"... letter to the Santa Clara County Superior Court at..."
oh, great...santa clara county was defeated in the us supreme court in 1886 by southern pacific railroad in the court case that established corporations as having the rights of people. big business made them their bitch 115 years ago.
http://www.ratical.org/corporations/SCvSPR1886.h tm l
http://caselaw.lp.findlaw.com/scripts/getcase.pl ?n avby=case&court=us&vol=118&page=394
>never really understood why Word that came out in >the win95 timeframe was never good enough to >stick with. do you REALLY need office-2000?
i'd stick with the last rev of wordperfect for dos if i could, but due to ever changing propreitary file formats i wouldn't be able read anything written in a higer rev file format. it seems to me that the file format changes that accompany every new release of ms office has already accomplished planned obsolescence.
Slashdot Mirror
the only purpose i can imagine for putting padme in rotj would be to include her in the "ghost revue" along with yoda, obiwan, and anakin. although i don't know how that would work as she's not a jedi.
>Mitre is not stupid, and they've been around the block plenty of times.
like that time in the cuckoo's nest?
i would agree, in my experience only about 1 in 10 of people i have worked with have had the brain cells to actually get the work done. it's great to work with people that are on top of it, but i'm sick to death of having to carry the rest of them.
>Another brilliant common hole (at least in financial companies): block ports 21 and most others through the firewall so employees won't ftp files to or from their workstations over the intranet. Of course no employee is smart enough to configure their ftp client to use port 80.
h tml
hehehehee...reminds me of something i did at my last job. i used to work at a very large financial company, the only access to the internet was http via a proxy server. i couldn't get access to my external email accounts. so i built an http tunnel to encapsulate ssh back to my box at home.
http://www.nocrew.org/software/httptunnel.
from there i could do anything i wanted. moral of the story : never f with a network engineer.
check out the flying boy ad. i have no idea if they are going to air this or not, it was shown at their brain share conference last week.
h om e_video.jsp
http://www.novellbrainshare.com/portal/content/
ugh. if the preview function is to be believed, there is likely to be a space between the m and e in "home" in the url. be aware of that when you cut and paste the url into your browser.
how about getting internet wide multicast running?
that would certainly assist in getting data out to a diverse group of recipients without putting a huge load on the internet.
http://www.caida.org/analysis/topology/as_core_net work/AS_Network.xml
oh, i fucked that math up bad. still, the basic concept of qos + sensible bandwidth provisioning being preferable to restrictive terms of service still stands.
you fools need to stop trying to ban selected user behavior and start putting some thought in bandwidth provisioning & quality of service mechanisms. your real goal is to keep your network from being saturated by a few users to the detriment to the rest.
take a hint from the world of frame relay and implement a committed access rate/burst rate for your user connections, then provision your bandwidth around that.
users x car = total bandwidth required
to illustrate an example of this, i work for a major financial company, a slew of banks connect to us over a frame cloud. a T1 has 24 64k timeslots, we will place 48 customers on this at a 32k cir/ 64k burst rate. or 24 at 64/128. or 12 at 128/256. you get the idea.
back to the cable co's : i recently priced DS3 45M internet access at 15k a month from the largest carrier in the us.
45M = 1024k x 1024k x 45 = 47,185,920k
47,185,920k / 512k cir = 92,160 subscribers max
92,160 subscribers x 40$ monthly fee = 3,686,400$
(i hope i didn't screw any of that math up, double check it)
obviously there are other costs to consider aside from the cable companies internet connection, but still : how do they manage to make such a huge clusterfuck out of this?
for those of you who are confused about the nature of multihoming :
multihoming involves connecting to 2 or more isps and BGP publishing your ip space through both of them. this (ideally) involves having your own ARIN assigned ip space & AS number.
the point of multihoming is to address redunancy for inbound as well as outbound connections. you can use 2 isps + nat + creative outbound routing to handle outbound traffic, but that does nothing for a potential web server you're trying give multiple inbound paths to.
read the multihoming faq :
http://www.netaxs.com/~freedman/multi.html
ahem. i hope they include a commentary track.
incorrect, SNMP is not enabled by default on cisco routers/switches.
first off, i'd just like to say, i love it when a hardcore networking article gets posted to slashdot, the number of responses is so much lower due to the userbase having no experience with the subject; and mindless pontificating and chest beating (as in anti microsoft/pro linux articles) doesn't cut it with this subject matter.
k /i to_doc/index.htm
as an aside, i don't mean the above preamble as a negative statement about the specific poster i'm responding to.
"Consequently, since routes time out after a while
...This would logically increase the load on route discovery protocols such as BGP."
well...not exactly. when 2 routers are set up in BGP partnership they exchange an initial set of rotes which are statically set by the AS administrator, there's no dynamic discovery process. those routes are only changed under a few specific conditions : explicit changes announced by the BGP partner, or the loss of connectivity to the partner (too many missed hello packets). BGP route exchange is not based on some kind of dynamic route timeout/refresh algorithm as that would be horrifyingly inefficient.
a few words on how routing and route caching work (this is assumed to be on an defaultless internet backbone router) :
a packet enters the router destined for some ip address, a lookup against the routing table is done, the appropriate outbound interface is selected (this set is known as path determination), the packet is then sent to the appropriate outbound interface, re-framed, and sent out to the next hop (this step is known as switching); route caching associates a destination ip address with an next hop interface, thus bypassing the redundant route table lookup. a definate gain in efficiancy, cisco makes a number of advanced caching/switching engines that are used in thier high end core routers.
to summarize/explain the BGP/worm paper : worms generate excessive traffic; the traffic overwhelms some routers and wan links; thus, BGP hello packets get lost or never sent depending upon traffic or router load; consequently the BGP routes are being announced/withdrawn at a high rate (this is known as route flapping). this is bad, having a route fail is not a problem, as long as it stays failed. rapidly changing states creates extra load on the router. route dampaning policies help, but with a worm creating these conditions everywhere at once the cumulative effect is instability.
check these sites out to learn networking :
http://www.cisco.com/univercd/cc/td/doc/cisintw
http://www.merit.edu/mail.archives/nanog/
anyone who writes a wise ass follow up to this had better include a CCIE number.
"The Internet is a peer-to-peer system..."
er? i think tcp/ip and the ip routing protocols would disagree.
open bsd/ssh is developed in canada to protect against this sort of nonsense.
from : http://www.openbsd.org/goals.html
"OpenBSD is developed and released from Canada and due to Canadian law it is legal to export crypto to the world"
i would heartily agree that internet based news sites have a much smarter and deeper analysis of current events. check out :
www.tompaine.com
www.motherjones.com
www.counterpunch.org
current tv and radio coverage has degenerated into a commercial for the defense budget, reenforced with blind nationalism.
>The only thing I can think of is that your ISP doesn't allow any initial SYN packets through to you. This would make you only capable of being a client
permit tcp any any established would certainly be a bummer; however, most dsl/cable modem users already have their capacity to be a server kneecapped via asychronous connection speeds. 640k downstream vs 128k upstream. makes it easier to keep the users as passive recipients of "content"; public participation is actively discouraged.
i found this on NANOG :
d er ed.shtml
how to stop the spread of code red with acl's on routers
http://www.cisco.com/warp/public/63/nbar_acl_co
"... letter to the Santa Clara County Superior Court at..."
h tm l
l ?n avby=case&court=us&vol=118&page=394
oh, great...santa clara county was defeated in the us supreme court in 1886 by southern pacific railroad in the court case that established corporations as having the rights of people. big business made them their bitch 115 years ago.
http://www.ratical.org/corporations/SCvSPR1886.
http://caselaw.lp.findlaw.com/scripts/getcase.p
>The buck stops with the shareholders, nowhere else.
go check your 401k
it's on the bbc and cnn:
d _1 446000/1446947.stm
k er .arrest.reut/index.html
http://news.bbc.co.uk/hi/english/sci/tech/newsi
http://www.cnn.com/2001/TECH/internet/07/23/hac
1. loss of writers, producers, directors to millenium.
2. loss of writers, producers, directors to move to hollywood from canada.
3. chris carter's abandonement of his original idea of a planned 5 year story arc.
four letters : HSRP
>After all, everyone knows how Soviet state run economy ended up after 50 years of head on competition with US free market style society.
the soviet economy crapped out due to massive trade isolation. compare/contrast the soviet economy with the chinese economy.
>never really understood why Word that came out in >the win95 timeframe was never good enough to >stick with. do you REALLY need office-2000?
i'd stick with the last rev of wordperfect for dos if i could, but due to ever changing propreitary file formats i wouldn't be able read anything written in a higer rev file format. it seems to me that the file format changes that accompany every new release of ms office has already accomplished planned obsolescence.