Actually I think that would depend on the company policy. It sounds like they want to set a policy of no access points. Also if the access point connects to the company lan, then it can be considered a potential security breach, and dealt with that way. Even if it is their own hardware, once they hook it up to the company lan, the company can ban them from bringing the device in, or even potentially fire them for creating a security risk.
"Never happened to me. You did fresh install or upgraded the system? Also have you analyzed logs after login attempt? They should give you a clue..."
I did an upgrade. I should have looked in the logs, but was really frustraed and just upgraded this weekend. After looking in the logs I googled that message and found it is a bug, but their is a work around.
https://www.redhat.com/archives/fedora-list/2005-J une/msg03525.html
"Well I think you will encounter similar problems with any Linux - it is like you own unsupported hardware."
No it was working in FC2 and now it is not. That's not unsupported, that's broken.
What do I mean, my console is not working? If I am in X and I hit Ctl-Alt-F1, I used to be able to log into a console, and do stuff. I can't do that any more. I hit Ctl-Alt-F1 and get a console login prompt, and I enter username and password and it resets the console. If I pass to the command line init 3, when I get to the console the same thing happens. I cannot log in.
I knew people who hated Linux and Used FreeBSD for their desktops. They swore by it.
"Disabled services, use WindowMaker instead of bloated GNOME/KDE, Opera instead of Mozilla etc. "
I think your inerpretation of what he is saying is wrong. he default install is GNOME/KDE. Not everyone will 'tweak' their system. Out of the box, you are saying that it is bloated too.
I've heard the argument that all your RAM should be in use for 'good memory' management. I can write a program with lots of memory leaks that will use your RAM. Is that good memory management? I think the issue is that the REQUIREMENT of 512Megs to run the system or 1Gig or RAM to have it run nicely is bloat. If a system has to swap things out or RAM that takes time. If you have 512Megs of RAM shouldn't you be able to run this system without tasks swapping all the time?
I shut off most services, but ntpd is a service I like to run. Time is good IMHO. There are other services that are also OK.
Open office is slow and bloated also. Its better than before.
The real issue I have with FC, is each release another peice of my hardware stops working. In FC 3 my scsi cdr stopped working and still doesn't. In FC4 now its my web cam, and my console is in accessable.
I have heard of having a secure system, but my console is so secure, I can't even use it. Thank's FC4. I'm now looking at other distributions, and the BSD's for a desktop.
I believe they are already implanting people, and I don't mean UFO's either.
There are a few implants that they are doing. The first is in the ear (http://www.asha.org/public/hearing/treatment/coch lear_implant.htm). While this is normally not "computers", I have seen someone with an implant that has a wire coming out of their head, so that they can hear. It does have s speach processor, so it does have a processor. The second is the eyes, see here (http://www.news-medical.net/?id=8953).
I'll not bother talking about the merits of a BSD based firewall vs. a Linux one, because such conversations generally degenerate into territorial pissings.
Actually the reason I mentioned the other BSD's, Linux and Mac, was because I didn't want it to come off as a BSD is better than Linux kind of post. I did BSD, because I was familiar with NetBSD, and wanted to try FreeBSD. If you use iptables, or ipfw or ipf, or pf, it doesn't matter. They all can acomplish a similar task. Keep the bad guys out.
The real point I was trying to make, was more of the its a CDROM firewall, with memory disks. No hard drive to worry about someone replacing ls or other programs on. Its impossible to do that. There are linux floppy based distros, that do the same and a FreeBSD version as well. A CDROM however allows you to run more programs than a floppy.
No seriously I use a FreeBSD box to secure my Linux, Windows, Mac, etc machines.
Why? Because everyone is out trying to hack Linux and Windows machines, they seem to leave the FreeBSD machines alone, maybe because they don't know what to do with them. Or at least there seems to be less people hacking FreeBSD. Most likely its just less press about it. NetBSD or OpenBSD would also probably work as well.
I run my firewall off a custom hacked FreeBSD CDROM. While this makes updates more difficult, it makes replaceing files near impossible. Hackers can't replace/bin/ls unless they mount/bin as a memory filesystem, in which cause they now have to replace df, mount and several other programs. You really only need/var and/tmp as memory filesystems, and maybe some parts of/etc or the whole/etc.
It has no hard drive so if the power cycles, it just reboots and its all fine and dandy. I have a seperate machine that I can do builds on and updates. I have trimmed it down to a 64 Megs CD and that includes perl, sshd, apache, dhcpd, and bind9.
You could do this with Linux as well. I haven't heard of anyone creating a Windows bootable CDROM firewall. Mac needs special hardware, and I'm not that familar with Mac, but you could probably create a Mac firewall on cd as well.
If you think its been hacked, reboot and the hackers have to try again:-)
There are also commercial hardware firewalls. Some are cheap, like the Netgear, dlink, and Linksys, but some of the better ones are in the $500 plus range.
I guess I should have said GUI. ITunes is a software program. If my RAM, er uh memory, serves me right, Apple sue's MS for a GUI sometime last century, when Windows was first released ( win 3.x I think it was ). Apple lost, AFAIK.
That's when you switch to NetBSD. LOL It will run on your M68k or PA-RISK.
To some extent porting to multiple arch is difficult. I've done some porting. It can take time, especially if an arch is broken, or specs are not open.
I guess I could see someone saying we will release on platform x and then port to the other platforms, later.
Part of open source is the whole thing that the source is there. If it does not work the way you want it to then fix it!
If the product already exists, then you know what it is supposed to do. All you have to do is come up with scenerios to test what it does. You should already have a users guide, so you basically go to your users guide and look to see what it says its supposed to do. Then start testing the guide.
Having a good shredder is a start. I'd suggest a cross cut shredder, or a confettie(sp) shredder.
I'd watch out for those online fake email from ebay or your bank. I have citibank, but I've never given them my email address. So getting email from citibank telling me to change my password is a phisher. Watch out for an increase in offeres for credit cards as well.
DON'T carry your social security card with you in your wallet unless you are going somewhere that you need to show it. If your wallet gets stolen taht is one way they can get your bank account number. Find out the policy of banks about identity theft. Some banks will let people steal upto 5k before they call in the feds or police. I say this, because someone I know had their wallet stolen and the guy charged up $900 on a credit card before he called in the cards missing. Then the guy cashed checks from one bank at the guys bank each in the amount of 1-2k for a total of 3 checks. The grand total was just under 5k. My friend had to prove that it was not him cashing the checks and doing this and could not close his account. Also he had his ssn in his wallet when it was stolen so that is how the theif got his bank account number. He walked into the bank and said I forgot my account number, here's my ssn.
THE BANK DIDN'T ASK FOR AN ID EITHER!
Oh btw: the bank is Wells Fargo, and the other bank that the guy was getting the checks from was BoA.
DESTROY your old checks. If they end up in the trash someone could cash them even if you closed the account. Account numbers are recycled by banks.
Bottom line is that there is only so much you can do. The rest is up to these companies we pretend to trust with our personal information.
Well, Apple I guess is honoring the open source software, and releasing their code as open source. They just are sharing diffs or telling you what the changes are. So what. Do they really have to?
The cooperation is one way, Apple takes khtml and modifies it and makes it better, releases changes and its up to the khtml team to figure out what they did. That's what diff was for I though.
actually I have seem people do the following:
cd /
chmod -R 777 *
oops!
My former boss did this:
cd/opt/application_root
chmod -R 777 *
Interesting thing is she wasn't fired. application_root was the root of the development box.
I've also seen people sleepy at night cd'ng around a box, then cd /
do stuff, do stuff, forget what directory they are in
rm -rf *
Control-C.. f*** f*** f*** they f***ed their system up.
Not often but it has happened. Its more likely to see someone blow away/bin or/usr/X11R6 or/usr/bin or one of the directories and then forget they did that.
Real easy to drag a directoy to the trash in nautalus(sp?), good thing you can undo that, but will you be able to?
I like the RH and Mac method (and others do this I'm sure). Run as user X and then enter in root password when needed. Least priveleged user has something to it.
preventing people from accidentally accessing your network. In basic wireless security, you should change the SSID, and use wep. That way your neighbor, if they have a wifi card they cannot just see your network and start surfing on it right away. It will take them 3 minutes (LOL). Actually just changing the SSID and WEP will help prevent the potential issue of what happens when you have 3 wifi networks all with the same SSID. What will a client do when it tries to access the network. It should find the strongest signal, but sometimes you may have 2 signals that are the same strength and the client will get a DHCP ip address from one and then try to surf through the other and may have flaky access. I change SSID for that reason and add WEP the honest people out.
WEP is like gun laws in the US. They only keep the honest people from having guns. What a great society we live in.
.. our dba's have a perl script that takes metadata and a data dictionary and then generates all the necessary table updates and structures for table updates. Its not ff transforms, but generating code it not a new idea. What I want is a tool that generates java code from business rules. That would make my job so much easier. Of course open source too, cause I can't afford Rational Rose.
I just tell them, yeah our software sox(sounds like sucks)... ROTFLOL...
We have the same problem. Are you blah, blah, blah. Our real answer is, "our product has enough bells and wistles to meet that need". No joke, it really does. Its all about security and what kind of stuff your product it can do.
why so everyone can have their identity stolen after they graduate from college?
Its bad enough reading about all these idetity thefts taking place, but when you find out its because someone decided to create this wonderful new database of only info that an identity theif could use.. does anyone else think this is a dumb idea?
Slashdot Mirror
Actually I think that would depend on the company policy. It sounds like they want to set a policy of no access points. Also if the access point connects to the company lan, then it can be considered a potential security breach, and dealt with that way. Even if it is their own hardware, once they hook it up to the company lan, the company can ban them from bringing the device in, or even potentially fire them for creating a security risk.
will the owner of the blue root server please come to america ..lol.. okay so its a bad joke :-O
I did an upgrade. I should have looked in the logs, but was really frustraed and just upgraded this weekend. After looking in the logs I googled that message and found it is a bug, but their is a work around.J une/msg03525.html
https://www.redhat.com/archives/fedora-list/2005-
No it was working in FC2 and now it is not. That's not unsupported, that's broken.
What do I mean, my console is not working? If I am in X and I hit Ctl-Alt-F1, I used to be able to log into a console, and do stuff. I can't do that any more. I hit Ctl-Alt-F1 and get a console login prompt, and I enter username and password and it resets the console. If I pass to the command line init 3, when I get to the console the same thing happens. I cannot log in.
I knew people who hated Linux and Used FreeBSD for their desktops. They swore by it.
I think your inerpretation of what he is saying is wrong. he default install is GNOME/KDE. Not everyone will 'tweak' their system. Out of the box, you are saying that it is bloated too.
I've heard the argument that all your RAM should be in use for 'good memory' management. I can write a program with lots of memory leaks that will use your RAM. Is that good memory management? I think the issue is that the REQUIREMENT of 512Megs to run the system or 1Gig or RAM to have it run nicely is bloat. If a system has to swap things out or RAM that takes time. If you have 512Megs of RAM shouldn't you be able to run this system without tasks swapping all the time?
I shut off most services, but ntpd is a service I like to run. Time is good IMHO. There are other services that are also OK.
Open office is slow and bloated also. Its better than before.
The real issue I have with FC, is each release another peice of my hardware stops working. In FC 3 my scsi cdr stopped working and still doesn't. In FC4 now its my web cam, and my console is in accessable.
I have heard of having a secure system, but my console is so secure, I can't even use it. Thank's FC4. I'm now looking at other distributions, and the BSD's for a desktop.
There are a few implants that they are doing. The first is in the ear (http://www.asha.org/public/hearing/treatment/coch lear_implant.htm). While this is normally not "computers", I have seen someone with an implant that has a wire coming out of their head, so that they can hear. It does have s speach processor, so it does have a processor. The second is the eyes, see here (http://www.news-medical.net/?id=8953).
They also have RFID chips that they can implant people with (http://www.greaterthings.com/News/Chip_Implants/) .
They have a heart that is mechanical, but the FDA rejected that.
Actually the reason I mentioned the other BSD's, Linux and Mac, was because I didn't want it to come off as a BSD is better than Linux kind of post. I did BSD, because I was familiar with NetBSD, and wanted to try FreeBSD. If you use iptables, or ipfw or ipf, or pf, it doesn't matter. They all can acomplish a similar task. Keep the bad guys out.
The real point I was trying to make, was more of the its a CDROM firewall, with memory disks. No hard drive to worry about someone replacing ls or other programs on. Its impossible to do that. There are linux floppy based distros, that do the same and a FreeBSD version as well. A CDROM however allows you to run more programs than a floppy.
Why? Because everyone is out trying to hack Linux and Windows machines, they seem to leave the FreeBSD machines alone, maybe because they don't know what to do with them. Or at least there seems to be less people hacking FreeBSD. Most likely its just less press about it. NetBSD or OpenBSD would also probably work as well.
I run my firewall off a custom hacked FreeBSD CDROM. While this makes updates more difficult, it makes replaceing files near impossible. Hackers can't replace /bin/ls unless they mount /bin as a memory filesystem, in which cause they now have to replace df, mount and several other programs. You really only need /var and /tmp as memory filesystems, and maybe some parts of /etc or the whole /etc.
It has no hard drive so if the power cycles, it just reboots and its all fine and dandy. I have a seperate machine that I can do builds on and updates. I have trimmed it down to a 64 Megs CD and that includes perl, sshd, apache, dhcpd, and bind9.
You could do this with Linux as well. I haven't heard of anyone creating a Windows bootable CDROM firewall. Mac needs special hardware, and I'm not that familar with Mac, but you could probably create a Mac firewall on cd as well.
If you think its been hacked, reboot and the hackers have to try again :-)
There are also commercial hardware firewalls. Some are cheap, like the Netgear, dlink, and Linksys, but some of the better ones are in the $500 plus range.
I guess I should have said GUI. ITunes is a software program. If my RAM, er uh memory, serves me right, Apple sue's MS for a GUI sometime last century, when Windows was first released ( win 3.x I think it was ). Apple lost, AFAIK.
Why did they wait so long to sue? They want in on the money!
Both KDE and GNOME have sync GUI's if you need that kind of thing.
I've got a clie, and have had a palm V. Most of the Palms are supported I think. Check it out -> http://www.pilot-link.org/
.. probably most geeks would be dead, with our bad eyesight, and all, only a few really smart ones would be saved ..
I then get a complete desktop, and this is all over 384k dsl, so its not that bad.
I'm totally serious about this! I'm able to do this and work remotely.
What's really cool, is running Linux, then using wine to run the tarantilla client, then connecting to a remote cytrix server, all over dsl.
To some extent porting to multiple arch is difficult. I've done some porting. It can take time, especially if an arch is broken, or specs are not open.
I guess I could see someone saying we will release on platform x and then port to the other platforms, later.
Part of open source is the whole thing that the source is there. If it does not work the way you want it to then fix it!
If the product already exists, then you know what it is supposed to do. All you have to do is come up with scenerios to test what it does. You should already have a users guide, so you basically go to your users guide and look to see what it says its supposed to do. Then start testing the guide.
I'd rather do other things...
I'd watch out for those online fake email from ebay or your bank. I have citibank, but I've never given them my email address. So getting email from citibank telling me to change my password is a phisher. Watch out for an increase in offeres for credit cards as well.
DON'T carry your social security card with you in your wallet unless you are going somewhere that you need to show it. If your wallet gets stolen taht is one way they can get your bank account number. Find out the policy of banks about identity theft. Some banks will let people steal upto 5k before they call in the feds or police. I say this, because someone I know had their wallet stolen and the guy charged up $900 on a credit card before he called in the cards missing. Then the guy cashed checks from one bank at the guys bank each in the amount of 1-2k for a total of 3 checks. The grand total was just under 5k. My friend had to prove that it was not him cashing the checks and doing this and could not close his account. Also he had his ssn in his wallet when it was stolen so that is how the theif got his bank account number. He walked into the bank and said I forgot my account number, here's my ssn.
THE BANK DIDN'T ASK FOR AN ID EITHER!
Oh btw: the bank is Wells Fargo, and the other bank that the guy was getting the checks from was BoA.
DESTROY your old checks. If they end up in the trash someone could cash them even if you closed the account. Account numbers are recycled by banks.
Bottom line is that there is only so much you can do. The rest is up to these companies we pretend to trust with our personal information.
The cooperation is one way, Apple takes khtml and modifies it and makes it better, releases changes and its up to the khtml team to figure out what they did. That's what diff was for I though.
cd /
chmod -R 777 *
oops!
My former boss did this: /opt/application_root
cd
chmod -R 777 *
Interesting thing is she wasn't fired. application_root was the root of the development box.
I've also seen people sleepy at night cd'ng around a box, then cd / .. f*** f*** f*** they f***ed their system up.
do stuff, do stuff, forget what directory they are in
rm -rf *
Control-C
Not often but it has happened. Its more likely to see someone blow away /bin or /usr/X11R6 or /usr/bin or one of the directories and then forget they did that.
Real easy to drag a directoy to the trash in nautalus(sp?), good thing you can undo that, but will you be able to?
I like the RH and Mac method (and others do this I'm sure). Run as user X and then enter in root password when needed. Least priveleged user has something to it.
No I'd still have a job, because I can do the business analysis too.
WEP is like gun laws in the US. They only keep the honest people from having guns. What a great society we live in.
.. our dba's have a perl script that takes metadata and a data dictionary and then generates all the necessary table updates and structures for table updates. Its not ff transforms, but generating code it not a new idea. What I want is a tool that generates java code from business rules. That would make my job so much easier. Of course open source too, cause I can't afford Rational Rose.
We have the same problem. Are you blah, blah, blah. Our real answer is, "our product has enough bells and wistles to meet that need". No joke, it really does. Its all about security and what kind of stuff your product it can do.
Its bad enough reading about all these idetity thefts taking place, but when you find out its because someone decided to create this wonderful new database of only info that an identity theif could use.. does anyone else think this is a dumb idea?
a third party program that opens up a word document template and then creates a word document from it. Would that violate MS dealio?