of mankind. It's what we do. We explore, and we learn. It's what we've always done. How many people died exploring the new world 500 years ago? 500 years from now, catching a flight to Mars will be just as routine as catching a flight to London is today. I only wish I could live long enough to see it...
IBM's Software and Services is the legacy of CEO Lou Gerstner, who in the 90's started concentrating less on moving servers out of the warehouse and more on moving money into the bank. I'd say it worked.
The FA says that 40gbps is intended for server-to-switch connections. 100meters should be plenty for that. How often is your server 40 kilometers from the nearest switch?
I'd also suspect that 40gbps will be a whole lot cheaper than 100gbps.
FTFA:
with Novell demanding indemnity against future Microsoft IP action Novell demanded nothing of the sort. Ron Hovsepian (sp?) himself said they approched Microsoft for an interoperability deal. Microsoft wouldn't do anything without a patent agreement. So they put the patent stuff in the agreement.
Someone already mentioned OpenVPN, i would also look at tinc (http://www.tinc-vpn.org/). It supports full mesh routing between all your sites, which would be a pain with OpenVPN. Of course if everyone is connecting back to a hub, then not a big deal.
Also for your NAT boxes, if you want to do it cost effectively, get some Linksys WRT54GL's and install OpenWRT. You can then run your VPN (openvpn or tinc) on those routers, which would make a much cleaner VPN network.
That collects the data. Then you just look to see if any machines have done over say 200 arps in 10 seconds, you know there's a problem. Below is a snippet from my bigbrother script, but you get the idea:
for i in `cat/usr2/arp/arp.data | tail -25 | awk '{print $1}'` do
if [ "$i" -ge "200" ] then
COLOR="red"
echo "Arp problem" | mail you@domain.com else
COLOR="green" fi done
Students in our dorms have no need for Microsoft ports, which is the primary reason worms can take down the network. So i block port 137,138,139,445 at the switch port level.
Granted this doesn't solve the virus problem on the computer, but it sure does prevent it from taking down the rest of the network.
AT&T and MCI have been doing this for years (using IP on their voice backbone) using "SoftSwitch" technology from 3com Commworks. It wasn't marketed to the general public since it gave the big boys a 'competitive advantage', saving them millions per month in tariffs.
Now that Commworks has been sold off, 3com still owns the technology and plans to market it. It has been in production over 5 years, and i'm hearing that it puts anything from Nortel or Cisco to shame. And it runs on Solaris, hehe..
I'm so sick of hearing how noble DirecTV is for beating the hackers "technically". They've had the advantage since day 1. They know all the hardware and software intimately, cause they designed it. Best of all, they can update ALL the software (and hardware) with a few key strokes from the command center.
Don't you think if the RIAA could do this, they would?? Don't you think if the RIAA could send an update to every CD-playing device in the world, and make all audio CD unrippable, they would?? Wouldn't the MPAA like to do the same thing with DVD players? They just don't have that advantage...
DirecTv did, and they did a good job using it. They took whatever measures needed to protect their business model. I'm just suprised they let it go on this long.
Who cares about Technet CD's? You missed the entire point. The Microsoft example was just that--an example. Any vendor could pull the same stunt. The point is, the new format is unacceptable from anyone--Microsoft, @stake, or whoever.
I'll tell you exactly why this is dangerous. It allows the vendor to add/edit or delete the advisory *without* telling anyone.
Let's say Microsoft decides to end of life NT 4.0. Since it's not supported anymore, they don't publish advisories or fixes for it. Then one day, boom. ALL NT advisories are simply deleted from Microsoft's website. The only thing left in BugTraq archives is a bunch of dead links. OR worse yet... they go through all 98/Me/2000 advisories that also mention NT, and just remove NT from the affected OS's line. They could certainly do this, and could justify it by saying "NT isn't supported anymore." This would certainly accelerate any Win2000 upgrade plans i had, and that's the whole point of this.
@stake's new format is not nearly as bad as Microsoft's, but i still firmly believe they need to post then entire advisory to BugTraq.
Slashdot Mirror
of mankind. It's what we do. We explore, and we learn. It's what we've always done. How many people died exploring the new world 500 years ago? 500 years from now, catching a flight to Mars will be just as routine as catching a flight to London is today. I only wish I could live long enough to see it...
We would always set the victims shell prompt to: /bin/echo -ne"Login incorrect.\n\nlogin:"
and have the script send us their password. Nothing beats the look on an admin's face when you walk up to them and recite their password, hahaha.
IBM's Software and Services is the legacy of CEO Lou Gerstner, who in the 90's started concentrating less on moving servers out of the warehouse and more on moving money into the bank. I'd say it worked.
Uhhh we are. That's why they keep suing us!!
The FA says that 40gbps is intended for server-to-switch connections. 100meters should be plenty for that. How often is your server 40 kilometers from the nearest switch?
I'd also suspect that 40gbps will be a whole lot cheaper than 100gbps.
Heh. GSX has always run on linux...
Someone already mentioned OpenVPN, i would also look at tinc (http://www.tinc-vpn.org/). It supports full mesh routing between all your sites, which would be a pain with OpenVPN. Of course if everyone is connecting back to a hub, then not a big deal.
Also for your NAT boxes, if you want to do it cost effectively, get some Linksys WRT54GL's and install OpenWRT. You can then run your VPN (openvpn or tinc) on those routers, which would make a much cleaner VPN network.
10 times safer?? please...how can they possibly measure that... if NASA really knows how unsafe the current shuttle is, maybe someone should fix it?
Quick hack that works for me. make a copy of /usr/sbin/tcpdump to /usr/sbin/tcpdump.arpwatch. Run this script every few minutes:
/usr/sbin/tcpdump.arpwatch -nepi eth0 ether proto \\arp | awk '{print $2,$14}' | sort | uniq -c | sort -n >/usr2/arp/arp.data 2>&1 &
/usr2/arp/arp.data | tail -25 | awk '{print $1}'`
#!/bin/sh
sleep 10
killall -TERM tcpdump.arpwatch
That collects the data. Then you just look to see if any machines have done over say 200 arps in 10 seconds, you know there's a problem. Below is a snippet from my bigbrother script, but you get the idea:
for i in `cat
do
if [ "$i" -ge "200" ]
then
COLOR="red"
echo "Arp problem" | mail you@domain.com
else
COLOR="green"
fi
done
Students in our dorms have no need for Microsoft ports, which is the primary reason worms can take down the network. So i block port 137,138,139,445 at the switch port level.
Granted this doesn't solve the virus problem on the computer, but it sure does prevent it from taking down the rest of the network.
Novell has a product called Netstorage that comes with NW6.5 and NNLS. It's web-based file storage. You can use a browser or their Win32 client.
AT&T and MCI have been doing this for years (using IP on their voice backbone) using "SoftSwitch" technology from 3com Commworks. It wasn't marketed to the general public since it gave the big boys a 'competitive advantage', saving them millions per month in tariffs.
Now that Commworks has been sold off, 3com still owns the technology and plans to market it. It has been in production over 5 years, and i'm hearing that it puts anything from Nortel or Cisco to shame. And it runs on Solaris, hehe..
my favorite is to change their prompt to: PS1="Login incorrect\n\nlogin: "
I'm so sick of hearing how noble DirecTV is for beating the hackers "technically". They've had the advantage since day 1. They know all the hardware and software intimately, cause they designed it. Best of all, they can update ALL the software (and hardware) with a few key strokes from the command center. Don't you think if the RIAA could do this, they would?? Don't you think if the RIAA could send an update to every CD-playing device in the world, and make all audio CD unrippable, they would?? Wouldn't the MPAA like to do the same thing with DVD players? They just don't have that advantage... DirecTv did, and they did a good job using it. They took whatever measures needed to protect their business model. I'm just suprised they let it go on this long.
Who cares about Technet CD's? You missed the entire point. The Microsoft example was just that--an example. Any vendor could pull the same stunt. The point is, the new format is unacceptable from anyone--Microsoft, @stake, or whoever.
I'll tell you exactly why this is dangerous. It allows the vendor to add/edit or delete the advisory *without* telling anyone.
Let's say Microsoft decides to end of life NT 4.0. Since it's not supported anymore, they don't publish advisories or fixes for it. Then one day, boom. ALL NT advisories are simply deleted from Microsoft's website. The only thing left in BugTraq archives is a bunch of dead links. OR worse yet... they go through all 98/Me/2000 advisories that also mention NT, and just remove NT from the affected OS's line. They could certainly do this, and could justify it by saying "NT isn't supported anymore." This would certainly accelerate any Win2000 upgrade plans i had, and that's the whole point of this.
@stake's new format is not nearly as bad as Microsoft's, but i still firmly believe they need to post then entire advisory to BugTraq.