I have a free-pc, and I knew once the merger/buy took place that free-pcs days were numbered. First thing I did was by a pci nic and drop a linux cd in. Its too bad its a cyrix chip though, I have found that they are upgradeable to an AMDk6-2 333 chip however.
DoS takes advantage of the TCP/IP protocol. It doesnt matter what OS your running. If I smurf attack you (thats forging the source address of ICMP packets to that of your target and aiming them at a broadcast address of an unprotected network) your gonna have problems no matter what your running, NT, Linux, AIX, Solaris, *BSD etc.. It all depends on what mechanisms you have in place to protect yourself. Be it router filters or a stateful firewall.
I agree fully with this, but I think some admins would get ticked off if you started portscanning them looking for vulnerabilities. I only notifiy admins of problems if I just happen to be using their service. Like ftping a package down and I notice the server is running WU-FTP [BETA 18].
Does anyone know if they have changed the security model at all? They couldnt have if they needed to maintain backwards compatability. Sorry I am not in the microsoft "know".
This paper discusses buffer overflows written by aleph-one the moderator of bugtraq. It goes on to discuss functions that should be avoided in C due to their lack of bounds checking.
http://vapid.dhs.org/Library/P49-14-Aleph-One
This paper is by the w00w00 security team and it discusses heap overflows another result of bounds checking errors in C but these techniques are less widley known.
This is what attracts me to Open Source Packages/OS as security solutions. You can audit the source code yourself for security vulnerabilities (overflows). Plus the code is audited by security hobbiest/professionals all over the world.
Yes, there is a learning curve. But just because you have to learn something new doesnt mean you have to trash it. I dont know about most people but I like to think for myself. When I first heard about linux (sept 1994) I was amazed at what control and power it gave the user. I had never used unix before only waited for the day I took COS 250 (Unix programming in C) to get my CS login on our digital Unix boxen in the CS lab. But here was a Unix like OS that I could install for free on my home PC. I didnt know a thing about it but was ready to learn, and at that time you archied/gophered HOW-TO's inorder to do anything.
The concept of Virtual consoles blew me away and the fact that It came with a free C compiler just made me allocate more for it than DOS. I think Linux is ready for the desktops of those who are willing to learn something new everyday and not those who would rather "just do it".
Each OS has its strengths and weaknesses lack of applications for Linux. Lack of stability for windows (NT/95 Go ahead I dare you to install SP6 on your mail server) Just use the one that you feel is geared towards your personality.
I wonder how these are going to be priced? I hope well enough to keep them with in reach of the average joe. Maybe I will hold off buying any computer eq until this evolves a little more..
Nah, I think these guys are smart enough to regulate who sees what on there servers. If they didnt want to allow outside access to bofh.rr.com we would have known.
I wonder if slashdot can be used as like a 500,000 nerd clustered code breaking computer? Think about it 500,000 people with backgrounds in everything from math, programming, physics chemistry etc.. Have all of them look at one problem like a puzzle and report their findings on a forum.
Re:Here's one - if anyone's interested
on
The GCHQ Challenge
·
· Score: 1
Just highlight everything on the page with your mouse to see it. I used to do this for defaced sites to look for hidden hacker messages. I didnt think they would actually do this.:/
I wonder if they have encoded any of the words in the images themselves. I know images could be used to encrypt and hide messages in them. I think this would be more likely then useing the same foreground/background colors in html. =)
Slashdot Mirror
I am running mandrake 7.0 on mine, disable Plug and play in the BIOS and your all set. (if you need a nic)
I have a free-pc, and I knew once the merger/buy took place that free-pcs days were numbered. First thing I did was by a pci nic and drop a linux cd in. Its too bad its a cyrix chip though, I have found that they are upgradeable to an AMDk6-2 333 chip however.
Does this have anything to do with the crusoe? And the AMD chips getting faster by the day? what do you guys think?
They converted from HP-UX to NT for ship operations and the system crashed during sea trials. See it here
I would not call DDoS cracking.
Just go do a search on google or packetstorm, the information is out there.
DoS takes advantage of the TCP/IP protocol. It doesnt matter what OS your running. If I smurf attack you (thats forging the source address of ICMP packets to that of your target and aiming them at a broadcast address of an unprotected network) your gonna have problems no matter what your running, NT, Linux, AIX, Solaris, *BSD etc.. It all depends on what mechanisms you have in place to protect yourself. Be it router filters or a stateful firewall.
I agree fully with this, but I think some admins would get ticked off if you started portscanning them looking for vulnerabilities. I only notifiy admins of problems if I just happen to be using their service. Like ftping a package down and I notice the server is running WU-FTP [BETA 18].
etc..
Thats right, I watch packets bounce off my box at home too. I use FreeBSD and I deny ALL unless allowed. Bounce logs
This doesnt have to do with microsoft. He was refering to the fact that DOS stands for Disk Operating System and DoS stands for denial of service.
What looking for an orafice large enough to store a palm v?
Sorry I couldnt resist.
Does anyone know if they have changed the security model at all? They couldnt have if they needed to maintain backwards compatability. Sorry I am not in the microsoft "know".
This paper discusses buffer overflows written by aleph-one the moderator of bugtraq. It goes on to discuss functions that should be avoided in C due to their lack of bounds checking.
f lows.txt
http://vapid.dhs.org/Library/P49-14-Aleph-One
This paper is by the w00w00 security team and it discusses heap overflows another result of bounds checking errors in C but these techniques are less widley known.
ftp://ftp.technotronic.com/rfc/w00w00-heap-over
This is a link to the UNIX secure programming FAQ.
http://www.whitefang.com/sup/secure-faq.html
You would have to be very crafty to trick the eyes of all those who scour source code for holes.
Actually very often as I enjoy security as a hobby. Why do you depend soley on vendors for security?
This was the only thing holding me back from trying out BEos. I have been wanting to but didnt have the spare cash.
This is what attracts me to Open Source Packages/OS as security solutions. You can audit the source code yourself for security vulnerabilities (overflows). Plus the code is audited by security hobbiest/professionals all over the world.
And your flamming me over a suggestion? perhaps you are the one who should evaluate your priorities ;)
Yes, there is a learning curve. But just because you have to learn something new doesnt mean you have to trash it. I dont know about most people but I like to think for myself. When I first heard about linux (sept 1994) I was amazed at what control and power it gave the user. I had never used unix before only waited for the day I took COS 250 (Unix programming in C) to get my CS login on our digital Unix boxen in the CS lab. But here was a Unix like OS that I could install for free on my home PC. I didnt know a thing about it but was ready to learn, and at that time you archied/gophered HOW-TO's inorder to do anything.
The concept of Virtual consoles blew me away and the fact that It came with a free C compiler just made me allocate more for it than DOS. I think Linux is ready for the desktops of those who are willing to learn something new everyday and not those who would rather "just do it".
Each OS has its strengths and weaknesses lack of applications for Linux. Lack of stability for windows (NT/95 Go ahead I dare you to install SP6 on your mail server) Just use the one that you feel is geared towards your personality.
Why doesnt RedHat do a commercial? This would boost the public awareness.
I wonder how these are going to be priced? I hope well enough to keep them with in reach of the average joe. Maybe I will hold off buying any computer eq until this evolves a little more..
Nah, I think these guys are smart enough to regulate who sees what on there servers. If they didnt want to allow outside access to bofh.rr.com
we would have known.
I wonder if slashdot can be used as like a 500,000 nerd clustered code breaking computer? Think about it 500,000 people with backgrounds in everything from math, programming, physics chemistry etc.. Have all of them look at one problem like a puzzle and report their findings on a forum.
Just highlight everything on the page with your mouse to see it. I used to do this for defaced sites to look for hidden hacker messages. I didnt think they would actually do this. :/
I wonder if they have encoded any of the words in the images themselves. I know images could be used to encrypt and hide messages in them. I think this would be more likely then useing the same foreground/background colors in html. =)
j/k.