Coyote does have a surprisingly nice interface but I must confess to always preferring OBSD for secure systems. Besides, I tend to agree with De Raadt on the usage of floppies (http://www.monkey.org/openbsd/archive/misc/0007/m sg00236.html).
Cheers WWW, and I must say I wish you were here, drop me an email sometime.
Try browsing the new book from Addison Wesley, it is much better than the translated docs.
Don't let the perl-like variables fool you, they are merely a convenience. If you wish, you can do things such as get a regular expression object and access its features instead of doing things the perl way. In fact the perl way is simply accessing features of the current object...
No, they got bought. Not that I criticize them for it, I would have likely done the same in their shoes. They will, like most of us, do whatever their boss says provided it does not conflict with any major moral. Do you honestly believe he should go to war over which company they use to serve a failing business model? It doesn't matter, anyone who cares has long since blocked banner ads through one of the many filters which are freely available. As for the rest, fuck it, the click through on banner ads is so abysmal that the companies providing them will tank RSN.
I really hate to be the voice of reality/reason but high traffic mail servers would quite simply break. You have just greatly increased the complexity of sending a message by requiring it to be encrypted, most large isp's would fail under this load.
Obviously the correct response is for the client which has many free resources to do the encryption but that of course raises all sorts of issues that have been better addressed by others.
In other words your beating a dead horse which you have zero understanding of.
You mean it actually helped if you at least attempted to do a design? That I shouldn't just sit down and blindly code away at a problem? Fuck that's what I've been doing wrong, thanks guy...
Yawn, let's make them run some super secret.exe's, yeah that's it, my phd didn't go to waste.
Search discussions on bugtraq for why you cannot ever, EVER trust the client, let's cite quake as an example. Hint, if the attacker controls the environment, you are provably fucked.
You are either dealing with a buggy OS, some buggy apps, or some seriously stupid user behavior if you actually need 512 on a desktop pc. That is frankly obscene.
This is one of those books which really should come with a prerequisite reading list. This book is not meant for someone trying to start learning about patterns. The reviewer should come back to it after reading Java Design (also by Coad) as well as at least one pattern book. I would recommend Mark Grand's Design Patterns in Java as a good place to start. The reviewer may also want to pick up some generic OO Design books.
The splintering of reviews on Amazon further reflects this required background. See the reviews of Coad's Java Design on Amazon for a further example of a mis-marketed book.
Well actually you can spoof by using compromised machines in the middle of the connection. If I know that somerouter.example.com forwards traffic to somemachine.someothernet.com (or is on a non-switched subnet with a machine that does), I could compromise somerouter and get the packets destined for somemachine. This would also be true if I had legitimate control over somerouter.
What makes this interesting is that the spammer will be in much greater legal peril for compromising so many machines than anything related to the actual spam.
It would just be a matter of time and having a skilled engineer to do it. A competitor which designs similar products would of course have plenty of capable engineers.
The sad truth is I doubt they are really doing anything that is unique and if they are, their competitors already know about it. Security through obscurity is no security at all.
A few quick points... 1. The NSA cannot crack PGP on anything near a realtime basis, the FBI probably couldn't even uudecode...
2. The NSA was 2-10 years ahead but that was decades ago. The NSA most certainly lost their "lead" due to the sheer numbers of mathematicians working in academia and the private sector. Combine this with the more talented cryptographers avoiding the NSA for moral and monetary reasons.
3. Dumpster diving / social engineering are not applicable here.
Erhmm yes in fact windows is heavily based on DOS but that is not relevant...
If you knew what you were talking about you would know that in a system designed to support multiple users with differing priviledges performance penalties are incurred because of context switches.
You might also know that win 9* is not really a protected mode operating system and you might have a clue as to what that means at the hardware level...
Oh and win32 programs ALWAYS run on NT, any game can run on NT just fine yessiree...
You are clearly not subject to US laws however you ae subject to US influence. As Canada tends to kiss America's ass I wouldn't be too flamboyant in my disregard for American laws. It's amazing what a corporation with a wholse shitload of money can do.
50% right, it has kept the non-rich from defending themselves from those who would not be able to legally purchase a gun in any state. The truth is the wealthy and influential can either get permits or hire bodyguard agencies who get permits.
It's not, last I checked they intentionally lag the non members in order to get people to pay them, ohhh the internet version of nagware, just what we need.
There are better non web based proxies which can be found with little effort, I don't know whether they would bypass this kiddie's campus firewall or not though.
The best was seeing it in a theatre in Reston, VA on opening night. The audience went nuts on that (rather unexpected) scene.
To top it off, myself and my 20 something friends were all carded to view this "dirty" picture which as it turns out was about America's obsession with "dirty words". I burst out laughing when the 15 year old asked me for my ID...
This is about on the same level as me saying "I really f'ing hate NetBSD (I don't). Why don't I replace it with a copy of a program that just installs Dos".
1. The people distributing it just won't let you change it.
2. They always come as source so someone will notice.
3. Now that your +3, far too many people will see it.
It all depends on what lengths (cost and inconvenience) you are willing to go to. A good consulting firm will be able to evaluate your needs and inform you of the tradeoffs.
Unfortunately there are many people who (though well intentioned) will give you exceedingly poor advice because they don't have a full understanding of the subject.
Prevent? Maybe not, decrease the likelihood? You better f'ing believe it. How far you go and how much you spend varies on what your protecting. An example of a trivial measure for FreeBSD is the ICMP_BANDLIM kernel option which enables icmp error response bandwidth limiting.
Before you give up you may wish to do a bit more research....
Prevent? Maybe not, decrease the likelihood? You better f'ing believe it. How far you go and how much you spend varies on what your protecting but for FreeBSD there's an ICMP_BANDLIM which enables icmp error response bandwidth limiting. Before you give up you may wish to do a bit more research....
Slashdot Mirror
Coyote does have a surprisingly nice interface but I must confess to always preferring OBSD for secure systems. Besides, I tend to agree with De Raadt on the usage of floppies (http://www.monkey.org/openbsd/archive/misc/0007/m sg00236.html).
Cheers WWW, and I must say I wish you were here, drop me an email sometime.
Try browsing the new book from Addison Wesley, it is much better than the translated docs.
Don't let the perl-like variables fool you, they are merely a convenience. If you wish, you can do things such as get a regular expression object and access its features instead of doing things the perl way. In fact the perl way is simply accessing features of the current object...
Even better is http://www.alexaresearch.com/clientdir/methodology /
They'd fail stats 101 with this marketing fluff.
No, they got bought. Not that I criticize them for it, I would have likely done the same in their shoes. They will, like most of us, do whatever their boss says provided it does not conflict with any major moral. Do you honestly believe he should go to war over which company they use to serve a failing business model? It doesn't matter, anyone who cares has long since blocked banner ads through one of the many filters which are freely available. As for the rest, fuck it, the click through on banner ads is so abysmal that the companies providing them will tank RSN.
I really hate to be the voice of reality/reason but high traffic mail servers would quite simply break. You have just greatly increased the complexity of sending a message by requiring it to be encrypted, most large isp's would fail under this load.
Obviously the correct response is for the client which has many free resources to do the encryption but that of course raises all sorts of issues that have been better addressed by others.
In other words your beating a dead horse which you have zero understanding of.
You mean it actually helped if you at least attempted to do a design? That I shouldn't just sit down and blindly code away at a problem? Fuck that's what I've been doing wrong, thanks guy...
Yawn, let's make them run some super secret .exe's, yeah that's it, my phd didn't go to waste.
Search discussions on bugtraq for why you cannot ever, EVER trust the client, let's cite quake as an example. Hint, if the attacker controls the environment, you are provably fucked.
You are either dealing with a buggy OS, some buggy apps, or some seriously stupid user behavior if you actually need 512 on a desktop pc. That is frankly obscene.
S/Key's great but don't be surprised when your session is hijacked. Ooops I guess it isn't so great after all.
As for forwarding ftp read the ssh manual.
This is one of those books which really should come with a prerequisite reading list. This book is not meant for someone trying to start learning about patterns. The reviewer should come back to it after reading Java Design (also by Coad) as well as at least one pattern book. I would recommend Mark Grand's Design Patterns in Java as a good place to start. The reviewer may also want to pick up some generic OO Design books.
The splintering of reviews on Amazon further reflects this required background. See the reviews of Coad's Java Design on Amazon for a further example of a mis-marketed book.
Well actually you can spoof by using compromised machines in the middle of the connection. If I know that somerouter.example.com forwards traffic to somemachine.someothernet.com (or is on a non-switched subnet with a machine that does), I could compromise somerouter and get the packets destined for somemachine. This would also be true if I had legitimate control over somerouter.
What makes this interesting is that the spammer will be in much greater legal peril for compromising so many machines than anything related to the actual spam.
Mainly because otherwise your parents would hide their assets in your name to avoid paying taxes.
It would just be a matter of time and having a skilled engineer to do it. A competitor which designs similar products would of course have plenty of capable engineers.
The sad truth is I doubt they are really doing anything that is unique and if they are, their competitors already know about it. Security through obscurity is no security at all.
A few quick points...
1. The NSA cannot crack PGP on anything near a realtime basis, the FBI probably couldn't even uudecode...
2. The NSA was 2-10 years ahead but that was decades ago. The NSA most certainly lost their "lead" due to the sheer numbers of mathematicians working in academia and the private sector. Combine this with the more talented cryptographers avoiding the NSA for moral and monetary reasons.
3. Dumpster diving / social engineering are not applicable here.
The above is misleading in that in uses the Blackdown JDK as opposed to one of the optimized IBM JDKs.
Erhmm yes in fact windows is heavily based on DOS but that is not relevant...
If you knew what you were talking about you would know that in a system designed to support multiple users with differing priviledges performance penalties are incurred because of context switches.
You might also know that win 9* is not really a protected mode operating system and you might have a clue as to what that means at the hardware level...
Oh and win32 programs ALWAYS run on NT, any game can run on NT just fine yessiree...
Putz
Or until someone sniffs their router password and blows away their routing configuration....
You are clearly not subject to US laws however you ae subject to US influence. As Canada tends to kiss America's ass I wouldn't be too flamboyant in my disregard for American laws. It's amazing what a corporation with a wholse shitload of money can do.
50% right, it has kept the non-rich from defending themselves from those who would not be able to legally purchase a gun in any state. The truth is the wealthy and influential can either get permits or hire bodyguard agencies who get permits.
It's not, last I checked they intentionally lag the non members in order to get people to pay them, ohhh the internet version of nagware, just what we need.
There are better non web based proxies which can be found with little effort, I don't know whether they would bypass this kiddie's campus firewall or not though.
The best was seeing it in a theatre in Reston, VA on opening night. The audience went nuts on that (rather unexpected) scene.
To top it off, myself and my 20 something friends were all carded to view this "dirty" picture which as it turns out was about America's obsession with "dirty words". I burst out laughing when the 15 year old asked me for my ID...
Informative?!?!?
This is about on the same level as me saying "I really f'ing hate NetBSD (I don't). Why don't I replace it with a copy of a program that just installs Dos".
1. The people distributing it just won't let you change it.
2. They always come as source so someone will notice.
3. Now that your +3, far too many people will see it.
If your serious, talk to a consulting firm.
It all depends on what lengths (cost and inconvenience) you are willing to go to. A good consulting firm will be able to evaluate your needs and inform you of the tradeoffs.
Unfortunately there are many people who (though well intentioned) will give you exceedingly poor advice because they don't have a full understanding of the subject.
Prevent? Maybe not, decrease the likelihood? You better f'ing believe it. How far you go and how much you spend varies on what your protecting. An example of a trivial measure for FreeBSD is the ICMP_BANDLIM kernel option which enables icmp error response bandwidth limiting.
Before you give up you may wish to do a bit more research....
Prevent? Maybe not, decrease the likelihood? You better f'ing believe it. How far you go and how much you spend varies on what your protecting but for FreeBSD there's an ICMP_BANDLIM which enables icmp error response bandwidth limiting. Before you give up you may wish to do a bit more research....