I'd suggest something other than DeepFreeze. (And yes, I've used it, and on larger networks that the OP. Yech.)
Here is a free solution:
set up an OS partition, a data partition, and a image partition. Use something like PartImage to re-image. When they get spyware, nuke the OS partition.
With a bit of work, you can make it all automatic over the wire, or ship a diskette that will do it.
I used to use a slackware boot disk and keep an image server in the office. That way I didn't need a image partition on the desk top. The down side is you have to be very careful to get the correct image for the hardware you wish to reimage.
But as of late I'm having a change of heart. For the following reasons (and others):
The thing that causes me to get a major case of the hips is when they release a new version of a language.
Poof! 30% (or more!) of the code has to be re-written for the "new" version. As far as I can see, they only shuffled around some APIs, and maybe added a "feature" or two.
All the security hoopla, all the armed guards, all the wars, all the lost freedoms, the hassle, removing my shoes fer crying out loud to board an airplane, and what do we have?
No Osama
No Saddam
Spending money like water
secrets with no good reason to have 'em.
Haliburton selling gas to US forces at 1.59 a gal, when the Iraqies get it for under a buck
No air conditioning even now for the majority of the troops.
Nothing but tents for the majority of the troops
Our men and women get a 2 week vacation after more than a year of service where people are trying to kill them, but our president takes month long vacations.
Persistant rumors that the inactive reserve may have to be called up.
Now they want a national ID card. Well, we've had 'em for years, but we just didn't know it. Please explain to me what a forged or stolen card is going to prevent.
... Because I was planning a trip to the store to look over HDTVs this evening.
I don't see the point in paying $4,000.00 for a set that won't let me record the precious little content I want to see that comes from the nutworks now.
Cool. I think I'll take that money and sock it away.
In an apparent attempt to quelch the amount of incoming spam, AT&T has asked their customers, partners, and business clients to provide them with IP addresses of their mail servers. All other mail will be discarded.
When I read that, I laughed so hard I nearly spotted. In case you did hear, AT&T was the first Tier 1 ISP to have been confirmed to write a pink contract. To be balanced about it, AT&T corporate stated that the contract had been modified without permission of their legal department.
"If any of your IM team is captured or killed, the state department will disavow any knowlege of your actions. This tape will self destruct in 10 seconds. Good Luck Jim."
Voting activists have expressed concerns that the plan focused on fixing public perceptions rather than addressing security problems.
I'd have to get that a big "BINGO, BOZO."
Dill said, however, that the design of a voter-verified paper system is not a trivial undertaking and that the usability and security aspects of such a feature need to be thought through carefully so companies design systems under standards that meet both these criteria.
Huh? What's hard about printing the selected choice, and a ballot box slot to shove it in to when done? Gee guys, we already have ballot boxes? Do we really, really have to buy your 2,000 dollar "verified paper system?" I mean, it's not like we haven't been dealing with ballot boxes for,,,, uh, how many years?
Come on, a paper trail is the only way to conduct a verified count not dependent on the technology that records the vote. The voter can look at the paper and say, "Gee, I didn't vote for Dubbya. What's wrong with this crazy thing?"
The CCAGW has been previously informed about the benefits of open source software in government. Tell them what you think!"
So their tinfoil hats are wrong side out.
These fruitcakes have their world view, don't disturb them with the facts. They won't thank you for it, nor will it affect their thinking.
Really? Has your cristal ball told you what my job is? Has it told you where I work? Has it told you what my role was on the crisis? "Who cares about the facts, I just wanna argue," right?
Go re-read your original post and tell me where it says you were assigned to "clean up" the mess. Sounds more like you created the mess by not checking the goods before you purchased them.
As for who you are, I'd be shocked if you are Allen Cox, Paul Vixie, or Bruce Perns. Those guys are (or should be) smart enough to know to check IPAs before leasing them. However, if you are... Oh, never mind. I've wasted enough time on you.
Having been unfortunate enough to be assigned an IP block from a previous spammer
So you are admitting that you are incompentent to do your job. It's called "due dilligence", and it's part of what you are supposed to do before you agree to accept the IP assignment.
and having gone through the subsequent ass-kissing I had to do to a black list maintainer that absolutely refused to remove us from the the list, I say the less blacklists there are, the better.
Why should the DNSbl remove you if it's your ISP that's listed?
I'm sorry but some of these list maintainers are anal, (VERY) self-righteous, awful people who will not listen, not even when the person at the other end of the line is polite, patient, and takes a polite and amicable approach to the issue of getting removed from the blacklist (and punches a pillow after the phone calls and emails instead of being rude to the person).
And some people think that just because they want off the list they should get off the list. Doesn't work that way buddy. Some lists are not because of what you have done, but because your ISP won't remove spammers. It's that simple.
I'm sorry but with the hell I had to go through to get removed (too much unwarranted ass-kissing, too much putting up with the "I'm only a volunteer" crap) I am only glad to see these anal a-holes go.
You don't like block lists? Fine. Don't use 'em. You need to mail people that want your stuff? Fine, ask them (the isp that is actually blocking your mail, not the DNSbl maintainer) to whitelist your allocations. What? They won't whitelist you? Gee, doesn't that tell you something?
You said: Ultimately, some commercial interest is involved, and someone is receiving the money -- there is an account into which funds are transferred, and therein arises the accountability.
And I said before that:
Silly as this all seems, spamming is big bucks. Remove the money, remove the problem. But you can't do that by suing all over the globe. You will do that when you stop lying, stealing scum suckers from being able to contact anyone in the first place.
As for your point in violating civil liberties, see my sig. I've used the same one for quite a while.
. . . the tag is all you really need to provide a legitimate, constitutional anti-spam process, and that can work just fine under SMTP without adopting a new transport protocol. What if we simply adopted the convention that adding the following header:
Because spamming slime have no problem at all with forging anything they want. Without accountabillity, nothing changes.
Some common tricks spammers use:
Set up their own ISP, or buy one
Steal IP space from dead netblocks
Use your pc as a spamming zombie via virus, hacking, cracking, or because the PC isn't otherwise secure.
Dialup IPs
Dialup IPs with Janus connections (use a dialup IP and forge that IP in the highspeed line. When you get a kill on the source, you are only killing a dialup line.)
buy bulletproof connections from lazy/incompentant/bankrupt ISPs
From your description, your idea depends on the spammer telling the truth about himself. Rule 0. Spammers lie.
I see problems with AMTP too.
Spammers set up their own CA and fake being legitimte by selling to non-spammers too. The non-spammers become human shields.
A CA, even if it were 10,000.00USD, wouldn't stop them. They would happily spend that to get a 24 hour spam run.
Spammers already infest many ISPs that have a large group of legitimate users. If you cut that ISP off, you also cut off their legitimate users.
The only way I see being able to cut off spammers is whitelisting people you want to email and using challange/response to those not whitelisted.
This doesn't require changing SMTP, CAs, or all the mail clients in the world, but it also doesn't make money for anyone, so it unlikely to see wide adoption in large ISPs.
As for using the law, the problem there is that over half the states already have laws against UBE, and the rate of spam keeps going up. How are you going to sue when the mail is sent from an open proxy in.BR, with a web server for payment in.CH, and the payment processor is in.RU, and the product is shipped out of.NZ?
Silly as this all seems, spamming is big bucks. Remove the money, remove the problem. But you can't do that by suing all over the globe. You will do that when you stop lying, stealing scum suckers from being able to contact anyone in the first place.
Go to nana-e, and they'll tell you that robots from space run SPEWS, and there's no way to get a hold of them.
Only spammers and people lying need to talk. People that remove spammers from thier network only need to post that they have done so to be removed from SPEWs.
They start with Class C's, then progress to banning class A's.
That is not factual. They start with the assignment of the spammer, and it grows as long as the ISP doesn't remove the spammer.
Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists.
And this is relavent to SPEWS how? SPEWS is not Nana-e, Nana-e is not SPEWS. Second point, thier server, their rules. Deal. If the owner of a server doesn't want traffic from.BR, that's up to them. BR can firewall out those that firewall them.
SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking.
And you are upset why? If your ISP supports spammers, then I don't want you scraping my webpages for email addresses. Counterwise, I don't want my users going to a bulker site and buying software to abuse my networks. It's against the AUP.
If it was anyone else (the government) who was advocating this, people would be outraged."
NEWS FLASH: 1st admendment only covers acts by the government, not the private sector. If the owner of private property wants you off his property, he can enforce that right absolutely up to and including use of deadly force to remove a tresspasser (for a homeowner) if needed.
You don't need to talk to SPEWS. SPEWS listens, they don't talk. If you say you removed the spammers, then they will remove your block. If you are colateral damage because of a spammer, post that you are moving, your current IPAs, your new IPAs, and the date. You may get a hole punched in the block for you. Don't whine that moving is too expensive. You got cheap hosting so the ISP can use you as a human shield. Getting trapped like that is stupid and shows you didn't do your due dilligence, but understandable. Staying with a spammy host makes you part of the problem and subject to blocking for supporting spam.
It's called due dilligence. You didn't do it to check that the IP's were blocked, you didn't do it to check that your ISP was spam friendly, you didn't change ISPs when your mail started to get returned, so you didn't do your job.
And I'm supposed to feel sorry/agree with you exactly why?
If you are in a windows shop, you are way understaffed for what you do. If you are in a unix shop, you are still understaffed.
What I try to do is:
Fix broken things that cause the most problem for the most people (or will cause the most monitary loss) first
Fix "quickie" problems next
New things for the most people
One day a week (or a half day) do those routine things that affect everyone, virus updates, IDS updates, patches, yada yada yada.
Try to keep reserve time in the morning and afternoon for high priority things that aren't schedueled, but don't tell people that's what you are doing or it will become the catchall time everyone ratpacks you.
Seriously consider that you've gotten an impossible mission here. Sounds like your employer isn't serious about taking care of the IT workload because they see it as an expense with no return. Point out that while you don't normally make or break any one thing, the IT department makes every one else more effeciant and that by properly funding and staffing IT they will save money or gain effeciency everywhere else, thus saving money everywhere else. Have situations where you can show them with in their own shop that what you've done saved money, or allowed something to be done faster. One good way to do this is to enlist others on your side.
Pick out a person who is not too good with computers, but does something that has very concrete and positive results for the company. Adopt that person, and make sure they get what they need. Ask them to help you make your case to management after a while.
Remember, it's only a job. While IT people as a class normally will do insane things to make sure everything works, take care of yourself too. After all, you were looking for a job when you found this one, and I bet the last person quit/was fired due to burnout.
unsupported old SCO machine which license had expired years ago. I even fixed a Y2k bug when I rebooted it once.
I'm not aware of any time limited liceses from SCO. Even OS 5.0.6 (End of life release) only posts warnings about not being registered, but it doesn't do anything about it other than give phone numbers for calling to report unlicensed installs.
On a more positive note, my employer is dropping technical support for SCO and going end of life on the SCO platform. A much needed action accelerated by SCO making such an ass of themselves.
"It simply surrenders to the wishes of the incumbent telephone monopolies and grants far-reaching and premature deregulation," Quinn said. "Consumers will pay for this lack of FCC resolve in the form of higher rates, less choice and lower quality service."
With the love of business and business' large contributions to the republican party, why, exactly is this a shock? All this proves is that republicans are more honest then democrats. Republicans stay bought.
written for the TeleVidio terminal family which was being emulated by Wyse-30's. Naturally I found this intolerable so I modified the UniBasic code and inserted VT100 escape sequences to fix the most important screens so that we could telnet to the SCO box instead of using the Wyse-30's which were blowing up and not being replaced.
If you had open server you could have used TermLite from the Vision disk. It's license is for the number of users you had on the SCO box.
Eh? Fixed IP what the hell is that!?!
I always thought that requiring a kernel re-link when you changed IP address was foolish.
Bela Lubkin still worked there in 2001, so not all the brains left. Haven't seen any posts from him in a while, but I haven't looked.
And yes, SCO OS 5.0.6 and UnixWare have serious drawbacks in my opinion.
Not really. Some solutions out there are trivial to set up and get running correctly.
MailScanner.info is one.
My detected virus load has increased about 1200% in the last three hours on a server doing about 30,000 (non-spam, non-virus) messages per day.
Stay anonymous. Do the COST-BENEFIT analysis (seriously).
In this climate, you have everything to loose and very VERY LITTLE to gain no matter how cool you think it is.
I agree with Augustz's post 100%. Use a public library (not the school's library, but the public library) to send an email from a free email service, and make sure the service is not in the US.
Read about how Blackboard treated two students here and see if you think reporting the problem is safe or not. In view of BlackBoard's past actions, if I were the one with the information, I'd post it to a Usenet group for security. I wouldn't inform them and give them so many days to fix it. I'd release it immeditately.
Slashdot Mirror
Here is a free solution: set up an OS partition, a data partition, and a image partition. Use something like PartImage to re-image. When they get spyware, nuke the OS partition.
With a bit of work, you can make it all automatic over the wire, or ship a diskette that will do it. I used to use a slackware boot disk and keep an image server in the office. That way I didn't need a image partition on the desk top. The down side is you have to be very careful to get the correct image for the hardware you wish to reimage.
The thing that causes me to get a major case of the hips is when they release a new version of a language.
Poof! 30% (or more!) of the code has to be re-written for the "new" version. As far as I can see, they only shuffled around some APIs, and maybe added a "feature" or two.
No Osama
No Saddam
Spending money like water
secrets with no good reason to have 'em.
Haliburton selling gas to US forces at 1.59 a gal, when the Iraqies get it for under a buck
No air conditioning even now for the majority of the troops.
Nothing but tents for the majority of the troops
Our men and women get a 2 week vacation after more than a year of service where people are trying to kill them, but our president takes month long vacations.
Persistant rumors that the inactive reserve may have to be called up.
Now they want a national ID card. Well, we've had 'em for years, but we just didn't know it. Please explain to me what a forged or stolen card is going to prevent.
I don't see the point in paying $4,000.00 for a set that won't let me record the precious little content I want to see that comes from the nutworks now.
Cool. I think I'll take that money and sock it away.
When I read that, I laughed so hard I nearly spotted. In case you did hear, AT&T was the first Tier 1 ISP to have been confirmed to write a pink contract. To be balanced about it, AT&T corporate stated that the contract had been modified without permission of their legal department.
"If any of your IM team is captured or killed, the state department will disavow any knowlege of your actions. This tape will self destruct in 10 seconds. Good Luck Jim."
I'd have to get that a big "BINGO, BOZO."
Dill said, however, that the design of a voter-verified paper system is not a trivial undertaking and that the usability and security aspects of such a feature need to be thought through carefully so companies design systems under standards that meet both these criteria.
Huh? What's hard about printing the selected choice, and a ballot box slot to shove it in to when done? Gee guys, we already have ballot boxes? Do we really, really have to buy your 2,000 dollar "verified paper system?" I mean, it's not like we haven't been dealing with ballot boxes for,,,, uh, how many years?
Come on, a paper trail is the only way to conduct a verified count not dependent on the technology that records the vote. The voter can look at the paper and say, "Gee, I didn't vote for Dubbya. What's wrong with this crazy thing?"
I take it you haven't gone to a school board or PTA meeting.
So their tinfoil hats are wrong side out. These fruitcakes have their world view, don't disturb them with the facts. They won't thank you for it, nor will it affect their thinking.
Go re-read your original post and tell me where it says you were assigned to "clean up" the mess. Sounds more like you created the mess by not checking the goods before you purchased them.
As for who you are, I'd be shocked if you are Allen Cox, Paul Vixie, or Bruce Perns. Those guys are (or should be) smart enough to know to check IPAs before leasing them. However, if you are ... Oh, never mind. I've wasted enough time on you.
So you are admitting that you are incompentent to do your job. It's called "due dilligence", and it's part of what you are supposed to do before you agree to accept the IP assignment.
and having gone through the subsequent ass-kissing I had to do to a black list maintainer that absolutely refused to remove us from the the list, I say the less blacklists there are, the better.
Why should the DNSbl remove you if it's your ISP that's listed?
I'm sorry but some of these list maintainers are anal, (VERY) self-righteous, awful people who will not listen, not even when the person at the other end of the line is polite, patient, and takes a polite and amicable approach to the issue of getting removed from the blacklist (and punches a pillow after the phone calls and emails instead of being rude to the person).
And some people think that just because they want off the list they should get off the list. Doesn't work that way buddy. Some lists are not because of what you have done, but because your ISP won't remove spammers. It's that simple.
I'm sorry but with the hell I had to go through to get removed (too much unwarranted ass-kissing, too much putting up with the "I'm only a volunteer" crap) I am only glad to see these anal a-holes go.
You don't like block lists? Fine. Don't use 'em. You need to mail people that want your stuff? Fine, ask them (the isp that is actually blocking your mail, not the DNSbl maintainer) to whitelist your allocations. What? They won't whitelist you? Gee, doesn't that tell you something?
Ultimately, some commercial interest is involved, and someone is receiving the money -- there is an account into which funds are transferred, and therein arises the accountability.
And I said before that:
Silly as this all seems, spamming is big bucks. Remove the money, remove the problem. But you can't do that by suing all over the globe. You will do that when you stop lying, stealing scum suckers from being able to contact anyone in the first place.
As for your point in violating civil liberties, see my sig. I've used the same one for quite a while.
Because spamming slime have no problem at all with forging anything they want. Without accountabillity, nothing changes.
Some common tricks spammers use:
Set up their own ISP, or buy one
Steal IP space from dead netblocks
Use your pc as a spamming zombie via virus, hacking, cracking, or because the PC isn't otherwise secure.
Dialup IPs
Dialup IPs with Janus connections (use a dialup IP and forge that IP in the highspeed line. When you get a kill on the source, you are only killing a dialup line.)
buy bulletproof connections from lazy/incompentant/bankrupt ISPs
From your description, your idea depends on the spammer telling the truth about himself. Rule 0. Spammers lie.
I see problems with AMTP too.
Spammers set up their own CA and fake being legitimte by selling to non-spammers too. The non-spammers become human shields.
A CA, even if it were 10,000.00USD, wouldn't stop them. They would happily spend that to get a 24 hour spam run.
Spammers already infest many ISPs that have a large group of legitimate users. If you cut that ISP off, you also cut off their legitimate users.
The only way I see being able to cut off spammers is whitelisting people you want to email and using challange/response to those not whitelisted. This doesn't require changing SMTP, CAs, or all the mail clients in the world, but it also doesn't make money for anyone, so it unlikely to see wide adoption in large ISPs.
As for using the law, the problem there is that over half the states already have laws against UBE, and the rate of spam keeps going up. How are you going to sue when the mail is sent from an open proxy in .BR, with a web server for payment in .CH, and the payment processor is in .RU, and the product is shipped out of .NZ?
Silly as this all seems, spamming is big bucks. Remove the money, remove the problem. But you can't do that by suing all over the globe. You will do that when you stop lying, stealing scum suckers from being able to contact anyone in the first place.
Only spammers and people lying need to talk. People that remove spammers from thier network only need to post that they have done so to be removed from SPEWs.
They start with Class C's, then progress to banning class A's.
That is not factual. They start with the assignment of the spammer, and it grows as long as the ISP doesn't remove the spammer.
Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists.
And this is relavent to SPEWS how? SPEWS is not Nana-e, Nana-e is not SPEWS. Second point, thier server, their rules. Deal. If the owner of a server doesn't want traffic from .BR, that's up to them. BR can firewall out those that firewall them.
SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking.
And you are upset why? If your ISP supports spammers, then I don't want you scraping my webpages for email addresses. Counterwise, I don't want my users going to a bulker site and buying software to abuse my networks. It's against the AUP.
If it was anyone else (the government) who was advocating this, people would be outraged."
NEWS FLASH: 1st admendment only covers acts by the government, not the private sector. If the owner of private property wants you off his property, he can enforce that right absolutely up to and including use of deadly force to remove a tresspasser (for a homeowner) if needed.
You don't need to talk to SPEWS. SPEWS listens, they don't talk. If you say you removed the spammers, then they will remove your block. If you are colateral damage because of a spammer, post that you are moving, your current IPAs, your new IPAs, and the date. You may get a hole punched in the block for you. Don't whine that moving is too expensive. You got cheap hosting so the ISP can use you as a human shield. Getting trapped like that is stupid and shows you didn't do your due dilligence, but understandable. Staying with a spammy host makes you part of the problem and subject to blocking for supporting spam.
It's called due dilligence. You didn't do it to check that the IP's were blocked, you didn't do it to check that your ISP was spam friendly, you didn't change ISPs when your mail started to get returned, so you didn't do your job.
And I'm supposed to feel sorry/agree with you exactly why?
If you are in a windows shop, you are way understaffed for what you do. If you are in a unix shop, you are still understaffed.
What I try to do is:
Fix broken things that cause the most problem for the most people (or will cause the most monitary loss) first
Fix "quickie" problems next
New things for the most people
One day a week (or a half day) do those routine things that affect everyone, virus updates, IDS updates, patches, yada yada yada.
Try to keep reserve time in the morning and afternoon for high priority things that aren't schedueled, but don't tell people that's what you are doing or it will become the catchall time everyone ratpacks you.
Seriously consider that you've gotten an impossible mission here. Sounds like your employer isn't serious about taking care of the IT workload because they see it as an expense with no return. Point out that while you don't normally make or break any one thing, the IT department makes every one else more effeciant and that by properly funding and staffing IT they will save money or gain effeciency everywhere else, thus saving money everywhere else. Have situations where you can show them with in their own shop that what you've done saved money, or allowed something to be done faster. One good way to do this is to enlist others on your side.
Pick out a person who is not too good with computers, but does something that has very concrete and positive results for the company. Adopt that person, and make sure they get what they need. Ask them to help you make your case to management after a while.
Remember, it's only a job. While IT people as a class normally will do insane things to make sure everything works, take care of yourself too. After all, you were looking for a job when you found this one, and I bet the last person quit/was fired due to burnout.
...which this ain't. It isn't news, and nerds have already patched. So what is this, a postfix ad?
I'm not aware of any time limited liceses from SCO. Even OS 5.0.6 (End of life release) only posts warnings about not being registered, but it doesn't do anything about it other than give phone numbers for calling to report unlicensed installs.
On a more positive note, my employer is dropping technical support for SCO and going end of life on the SCO platform. A much needed action accelerated by SCO making such an ass of themselves.
General Issimo Francisco Franko is still dead.
With the love of business and business' large contributions to the republican party, why, exactly is this a shock? All this proves is that republicans are more honest then democrats. Republicans stay bought.
If you had open server you could have used TermLite from the Vision disk. It's license is for the number of users you had on the SCO box.
Eh? Fixed IP what the hell is that!?!
I always thought that requiring a kernel re-link when you changed IP address was foolish.
Bela Lubkin still worked there in 2001, so not all the brains left. Haven't seen any posts from him in a while, but I haven't looked.
And yes, SCO OS 5.0.6 and UnixWare have serious drawbacks in my opinion.
Not really. Some solutions out there are trivial to set up and get running correctly.
MailScanner.info is one.
My detected virus load has increased about 1200% in the last three hours on a server doing about 30,000 (non-spam, non-virus) messages per day.
Nope. That's too late. It's best to call them before sparks fly.
Because it will make them expend the time to do it themselves, rather than catching a free ride.
If they are using FTP, then they deserve a rap in the mouth. SSH is easy and available for just about anything.
In this climate, you have everything to loose and very VERY LITTLE to gain no matter how cool you think it is.
I agree with Augustz's post 100%. Use a public library (not the school's library, but the public library) to send an email from a free email service, and make sure the service is not in the US.
Read about how Blackboard treated two students here and see if you think reporting the problem is safe or not. In view of BlackBoard's past actions, if I were the one with the information, I'd post it to a Usenet group for security. I wouldn't inform them and give them so many days to fix it. I'd release it immeditately.
You choose what you think is right.