I've spent the last five years or so in the web business, coded cgi's in visual basic, asp, perl & php on a variety of platforms.
These days, i'm doing a stint in operations - designing network & server (ie physical) architecture. Some other guy is heading the team doing the software. He's a Java guy so it's all servlets, jsps' & ejbs'.
I'm not convinced Java gives you *any* performance or scalability improvements, we spent time making sure we had failover redundancy in place - the same technique works equally well whatever the technology. Things getting slow? Add another server to the load balanced pool. The problems are to do with state & session synchronisation - the bottlenecks here are network & database related. The answer? faster networks, bigger databases.
Java costs a *lot* more to develop than some scripting language like Perl. Seen the cost of a Java coder recently? Seen how long it takes to change a jsp and recompile the project? So it would be cheaper and easier to develop in some scripting language right?
That holds true for simple projects, problems appear when you start doing something more complex. Java provides a strong, well designed framework for complex engineering projects and that's its real benefit - it scales across multiple engineers. Volume can be addressed cheaply with hardware, complexity cant.
Forgive my ignorance, by why were Myst and Riven ``notoriously controversial?'' I have played neither, and have not heard anything about this. Could someone please explain it to me?
Yes they were notorious, notoriously awful. If you want to know why just about every game has bucketloads of crap fmv to wade through, blame Myst.
we had a Clariion installed the day before yesterday, it kicks ass - pretty simple to configure and performs like a dream. Formatted a 35GB RAID 1+0 ufs filesystem on a Sun box in 1 minute. How sweet is that? The box was like 600kg though;)
PHP has a debugger built into it, if you check the PHP online manual, you'll see that the following directives can be set in php.ini:
Debugger Configuration Directives
debugger.host string
DNS name or IP address of host used by the debugger.
debugger.port string
Port number used by the debugger.
debugger.enabled boolean
Whether the debugger is enabled
Additionally, make sure you have the following set correctly.
display_errors boolean
This determines whether errors should be printed to the screen as part of the HTML output or not.
error_log string
Name of file where script errors should be logged. If the special value syslog is used, the errors are sent to the system logger instead. On UNIX, this means syslog(3) and on Windows NT it means the event log. The system logger is not supported on Windows 95.
error_reporting integer
Set the error reporting level. The parameter is an integer representing a bit field. Add the values of the error reporting levels you want.
Table 3-1. Error Reporting Levels
bit value enabled reporting
1 normal errors
2 normal warnings
4 parser errors
8 non-critical style-related warnings
The default value for this directive is 7 (normal errors, normal warnings and parser errors are shown).
For windows development I recommend a local instance of IIS or Apache w/ PHP (easy to setup - read the INSTALL file in the root of the win32 distribution).
A good editor is Homesite from Allaire - you can map a directory to your www server root, and when you preview pages it will get passed through the interpretor and generate error messages etc. The editor also does correct color coding for many different languages (javascript, cfml, asp, php, html, xml etc).
It wasn't a comprehensive guide to securing a machine, more an idea of how to get it to the state it should be out of the box.
For a machine in an aggresive environment i'd be doing stuff like installing ipfw, changing setuid & setgid binaries, mounting filesystems ro, removing compilers, installing tripwire with the db on a ro floppy, monitoring logs closely, installing fake binaries, removing unused accounts etc...
yeah you spotted the deliberate mistake:)/etc/rc.conf is the file i meant.
freebsd ships with sshd & ssh by default but moans when you try to run them because the correct libraries are not present. to get ssh / sshd running you just make rsaref or librsa depending on where you are.
cd/usr/ports/security/rsaref
make
[hit enter to agree]
make install
vi/etc/inetd.conf
[insert the lines]
sshd_enable="YES"
inetd_enable="NO"
sendmail_enable="NO"
portmap_enable="NO"
syslogd_flags="-s"
head over to http://www.gamedev.net/community/forums/ and check out to the Game DIsgn area. Many topics are discussed, including such gems as Goblin Genocide in RPG's
The markets are *completely* different.
on
Salon on the XBox
·
· Score: 1
PC games don't sell well because there are more consoles in existence than computers, at least ones well enough specced to play the latest games. Besides, Sony was very successful in marketing the PSX to the style leaders five years ago, and has positioned itself very well as a cool thing to own. Doesn't matter to the developer much as profit margins on PC games are substantially higher.
Now Microsoft have pretty much wrapped up the desktop market and after a couple of unsuccessful ventures with pda's need to grow their market to support share prices. What do they do? Go head head to head with Sony and battle for the console / home entertainment market. So they produce a pretty good machine with nice specifications, mass produce it, sell it at a loss, hook in the developers with the promise of a mass market machine without the exorbitant license fees and rub their hands in glee at all of the copies of Office Home Edition they can lease over broadband at $5 a month.
Of course the games developers are happy, they now have a much larger market to sell to, without paying Nintendo/Sony/Sega a penny.
Whether this will be good or bad for games in the long term will be interesting to see.
While a nice idea, i'm not sure how practical this would be - you can just imagine someone at Free insisting that a network daemon that automates the process of firing off P3 serial numbers to intel goes into the ports/packages tree, the guys as Open freaking because it presents a remote root exploit as the code hasn't been thoroughly audited and the Net people demanding versions that emulate the P3 serial for other architectures:)
While it's great to see a book on BSD in a nutshell - I can't really see what the requirement for it is. Unix in a Nutshell is an excellent resource, and as a FreeBSD user, The FreeBSD Handbook (available from Walnut Creek never strays far from my desk.
this site has some pretty useful links, particularly for people in the UK - you should be able to shop around and find something with minimal monthly fees, the tradeoff is the cc people will take a bigger slice of the cash.
You'll also need a merchant account, and realise that if someone decides to purchase something, then question the transaction to their cc company then the money will be taken right out of your account with no warning, and you'll have a bunch of bank fees to pay.
transatlantically there is something called gemini (2 cables, geddit?) which drops off at two locations in the uk. Gemini is jointly owned between a bunch of telco's (wcom, c&w...) & some isps (easynet...). Each of the cables, carries *many* fibres, each cable carries (i think) 622mbit. transatlantic connections tend to originate at washington or new york
wcom / uunet and most of the other telco's (level 3, colt...) operate large ring networks, with similar capacity (or greater) than the transatlantic capacity, these networks typically pass through the central business hubs of the eu (london, berlin, frankfurt, amsterdam & paris). They also tend to have connections over to stockholm, barcelona, milan, roma etc.
peering arrangements are typically made at internet exchanges, for example Linx. All of the major players peer here (often not with each other...:), and depending on your isp, you may or may not be directly peered (otherwise your traffic is routed transatlantically).
due to economics, transatlantic bandwidth tends to be cheaper than european, although this *is* changing, level 3 for instance charges less if traffic is just going across europe - probably to encourage take up of capacity.
finally, the uk is not the only drop off point in europe, i think there are similar connections in place in sweden, holland, germany & france.
if you want hard figures and network maps, suggest you look at:
www.uu.net www.level3.com www.colt.com
and also track down the various internet exchanges at key points around europe.
I know less about asia pac, connectivity tends to come in to hong kong, australia and japan, and i think those countries are directly connected to each other.
1 point to note, in many countries you will have to build datacentres locally / have some kind of operations in place. It's a legal not technical requirement. We're based in the uk, but when we launch in germany we'll have to deploy a seperate datacentre there.
The same thing also applies to Educational establishments. IN the uk we have ac.uk. And no it stands for Academic, not Anonymous Coward.
Has the tld.us got entries for organisation type in it? I know the 2 letter state codes are all present & accounted for (apparently, they are fairly difficult to get hold of tho'....)
As internic doesn't have a monopoly on tld's anymore, and there are authorities outside the US, i'm assuming that.mil,.gov &.edu could be obtained internationally nowadays. Anyone know about this?
Not only does it miss out Linux (which strictly speaking isn't unix, but is related to *bsd), it also manages to ignore the whole SVR5 family, ie Solaris, HPUX etc...
Not only does it miss out Linux (which strictly speaking isn't unix, but is related to *bsd), it also manages to ignore the whole SVR5 family, ie Solaris, HPUX etc...
I'm just going through this process myself, and we've been talking to emc & sun about storage solutions with a view to commiting on one supplier in the next week or so.
You say you want 1TB of storage, it'd be pretty difficult to store that inside your pc, so you'll need to look at an external system.
Now you don't say what this data is, or how it's changing over time or how critical it is. Here's a bunch of questions to ask yourself, and some pointers...
Am I backing up data, or will it be frequently used? Tapes can store a lot cheaply, not very convienient tho.
Is this data Read Only or Read Write? You may get by on something like a CD caddy.
Am I performing processor intensive work on the data? 1TB is a *lot* of data, depending on what you want to do with it, 1 machine won't be enough - have a look at systems that allow more than one machine to access it.
How fast do I need to get at the data? If it's time critical, then you'll probably want to choose a solution that has lots of smaller drives and provides say a fibrechannel interface. More heads = more speed (usually)
WHat availability do I need on my data? If you don't want embarassing downtimes (1 drive blows, need to take the whole array down to replace it), then you need to look at getting a mirrored, hot swapable solution going.
How am I going to archive the data? If you are writing to the disks a lot, then you are going to have to take backup into account. Tapes are way slower than hardisks - is the backup of that 1TB table valid considering it took you 2hours to backup and it changed 10000 times during archival.
How am I going to manage the disks? Does the vendor provide management software. Is it available for your OS? Does your OS handle disks of 1TB? 10TB? You'll need to look at this, and also have a look at the websites of people like Veritas (hint: it's not cheap).
Now onto your final question...
> was it worth it in the long run after taking the time, money and support into consideration?"
that depends, if you need to store 1TB of data then you don't really have an option do you?
Looking Glass were IMHO, one of the best if not *the* best games games working in the PC space. They have released consistently excellent & innovative games over their many years. Unfortunately whilst receiving critical success, yet the majority of the games buying public seem happy to settle for yet another rehash of some crap title. I'm thinking Tomb Raider VIII - The Brasierre of Doom, or Fifa, or even [dons flameproof clothes here] Quake 3. This market is tied up pretty well by EA & Eidos and that sucks.
Slashdot Mirror
I've spent the last five years or so in the web business, coded cgi's in visual basic, asp, perl & php on a variety of platforms.
These days, i'm doing a stint in operations - designing network & server (ie physical) architecture. Some other guy is heading the team doing the software. He's a Java guy so it's all servlets, jsps' & ejbs'.
I'm not convinced Java gives you *any* performance or scalability improvements, we spent time making sure we had failover redundancy in place - the same technique works equally well whatever the technology. Things getting slow? Add another server to the load balanced pool. The problems are to do with state & session synchronisation - the bottlenecks here are network & database related. The answer? faster networks, bigger databases.
Java costs a *lot* more to develop than some scripting language like Perl. Seen the cost of a Java coder recently? Seen how long it takes to change a jsp and recompile the project? So it would be cheaper and easier to develop in some scripting language right?
That holds true for simple projects, problems appear when you start doing something more complex. Java provides a strong, well designed framework for complex engineering projects and that's its real benefit - it scales across multiple engineers. Volume can be addressed cheaply with hardware, complexity cant.
Homesite integrates pretty well into Dreamweaver on Win32 & is or at least was bundled, Homesite works pretty good with PHP too.
I actually use Dreamweaver to knock up HTML template files etc, and then get the source, clean it up by hand then just use Homesite to put in code.
Forgive my ignorance, by why were Myst and Riven ``notoriously controversial?'' I have played neither, and have not heard anything about this. Could someone please explain it to me?
Yes they were notorious, notoriously awful. If you want to know why just about every game has bucketloads of crap fmv to wade through, blame Myst.
we had a Clariion installed the day before yesterday, it kicks ass - pretty simple to configure and performs like a dream. Formatted a 35GB RAID 1+0 ufs filesystem on a Sun box in 1 minute. How sweet is that? The box was like 600kg though ;)
PHP has a debugger built into it, if you check the PHP online manual, you'll see that the following directives can be set in php.ini:
Debugger Configuration Directives
debugger.host string
DNS name or IP address of host used by the debugger.
debugger.port string
Port number used by the debugger.
debugger.enabled boolean
Whether the debugger is enabled
Additionally, make sure you have the following set correctly.
display_errors boolean
This determines whether errors should be printed to the screen as part of the HTML output or not.
error_log string
Name of file where script errors should be logged. If the special value syslog is used, the errors are sent to the system logger instead. On UNIX, this means syslog(3) and on Windows NT it means the event log. The system logger is not supported on Windows 95.
error_reporting integer
Set the error reporting level. The parameter is an integer representing a bit field. Add the values of the error reporting levels you want.
Table 3-1. Error Reporting Levels
bit value enabled reporting
1 normal errors
2 normal warnings
4 parser errors
8 non-critical style-related warnings
The default value for this directive is 7 (normal errors, normal warnings and parser errors are shown).
For windows development I recommend a local instance of IIS or Apache w/ PHP (easy to setup - read the INSTALL file in the root of the win32 distribution).
A good editor is Homesite from Allaire - you can map a directory to your www server root, and when you preview pages it will get passed through the interpretor and generate error messages etc. The editor also does correct color coding for many different languages (javascript, cfml, asp, php, html, xml etc).
Apache has been designed for correctness and it *chugs* compared to IIS, Netscape/iPlanet or Zeus. But it's stable and works well.
If you need a speed boost try putting a Squid proxy in front of it - it'll really help on static pages / images.
You may find that the Apache 2 Alpha/Beta software performs better than the 1.x line.
It wasn't a comprehensive guide to securing a machine, more an idea of how to get it to the state it should be out of the box.
For a machine in an aggresive environment i'd be doing stuff like installing ipfw, changing setuid & setgid binaries, mounting filesystems ro, removing compilers, installing tripwire with the db on a ro floppy, monitoring logs closely, installing fake binaries, removing unused accounts etc...
Of course you could just unplug the damn machine
yeah you spotted the deliberate mistake :) /etc/rc.conf is the file i meant.
:)
freebsd ships with sshd & ssh by default but moans when you try to run them because the correct libraries are not present. to get ssh / sshd running you just make rsaref or librsa depending on where you are.
if you really want to you could do it manually
why isn't it on their already?
/usr/ports/security/rsaref
/etc/inetd.conf
on 4.0 and 4.1 just do this:
cd
make
[hit enter to agree]
make install
vi
[insert the lines]
sshd_enable="YES"
inetd_enable="NO"
sendmail_enable="NO"
portmap_enable="NO"
syslogd_flags="-s"
much more secure eh?
The license he distributes his software is his business, just because it doesn't mesh with the prevalent ideology here on /. doesn't make it bad.
Me, I couldn't give a rats ass what license something is distributed under, it's just not important to me in the selection process.
Tools for the job.
head over to http://www.gamedev.net/community/forums/ and check out to the Game DIsgn area. Many topics are discussed, including such gems as Goblin Genocide in RPG's
PC games don't sell well because there are more consoles in existence than computers, at least ones well enough specced to play the latest games. Besides, Sony was very successful in marketing the PSX to the style leaders five years ago, and has positioned itself very well as a cool thing to own. Doesn't matter to the developer much as profit margins on PC games are substantially higher.
Now Microsoft have pretty much wrapped up the desktop market and after a couple of unsuccessful ventures with pda's need to grow their market to support share prices. What do they do? Go head head to head with Sony and battle for the console / home entertainment market. So they produce a pretty good machine with nice specifications, mass produce it, sell it at a loss, hook in the developers with the promise of a mass market machine without the exorbitant license fees and rub their hands in glee at all of the copies of Office Home Edition they can lease over broadband at $5 a month.
Of course the games developers are happy, they now have a much larger market to sell to, without paying Nintendo/Sony/Sega a penny.
Whether this will be good or bad for games in the long term will be interesting to see.
While a nice idea, i'm not sure how practical this would be - you can just imagine someone at Free insisting that a network daemon that automates the process of firing off P3 serial numbers to intel goes into the ports/packages tree, the guys as Open freaking because it presents a remote root exploit as the code hasn't been thoroughly audited and the Net people demanding versions that emulate the P3 serial for other architectures :)
While it's great to see a book on BSD in a nutshell - I can't really see what the requirement for it is. Unix in a Nutshell is an excellent resource, and as a FreeBSD user, The FreeBSD Handbook (available from Walnut Creek never strays far from my desk.
the url is http://www.textor.com/commerce/papers/ccservices.h tml - slashdot parses out < & > in plain old text mode.
this site has some pretty useful links, particularly for people in the UK - you should be able to shop around and find something with minimal monthly fees, the tradeoff is the cc people will take a bigger slice of the cash.
You'll also need a merchant account, and realise that if someone decides to purchase something, then question the transaction to their cc company then the money will be taken right out of your account with no warning, and you'll have a bunch of bank fees to pay.
it might by simpler just to take cheques..
transatlantically there is something called gemini (2 cables, geddit?) which drops off at two locations in the uk. Gemini is jointly owned between a bunch of telco's (wcom, c&w...) & some isps (easynet...). Each of the cables, carries *many* fibres, each cable carries (i think) 622mbit. transatlantic connections tend to originate at washington or new york
:), and depending on your isp, you may or may not be directly peered (otherwise your traffic is routed transatlantically).
wcom / uunet and most of the other telco's (level 3, colt...) operate large ring networks, with similar capacity (or greater) than the transatlantic capacity, these networks typically pass through the central business hubs of the eu (london, berlin, frankfurt, amsterdam & paris). They also tend to have connections over to stockholm, barcelona, milan, roma etc.
peering arrangements are typically made at internet exchanges, for example Linx. All of the major players peer here (often not with each other...
due to economics, transatlantic bandwidth tends to be cheaper than european, although this *is* changing, level 3 for instance charges less if traffic is just going across europe - probably to encourage take up of capacity.
finally, the uk is not the only drop off point in europe, i think there are similar connections in place in sweden, holland, germany & france.
if you want hard figures and network maps, suggest you look at:
www.uu.net
www.level3.com
www.colt.com
and also track down the various internet exchanges at key points around europe.
I know less about asia pac, connectivity tends to come in to hong kong, australia and japan, and i think those countries are directly connected to each other.
1 point to note, in many countries you will have to build datacentres locally / have some kind of operations in place. It's a legal not technical requirement. We're based in the uk, but when we launch in germany we'll have to deploy a seperate datacentre there.
The same thing also applies to Educational establishments. IN the uk we have ac.uk. And no it stands for Academic, not Anonymous Coward.
.us got entries for organisation type in it? I know the 2 letter state codes are all present & accounted for (apparently, they are fairly difficult to get hold of tho'....)
.mil, .gov & .edu could be obtained internationally nowadays. Anyone know about this?
Has the tld
As internic doesn't have a monopoly on tld's anymore, and there are authorities outside the US, i'm assuming that
http://www.ehlis.com/adam/solaris/hi story.html - covers Linux & SVR5 type Unices too
Not only does it miss out Linux (which strictly speaking isn't unix, but is related to *bsd), it also manages to ignore the whole SVR5 family, ie Solaris, HPUX etc...
Basically quite a sucky family tree
Not only does it miss out Linux (which strictly speaking isn't unix, but is related to *bsd), it also manages to ignore the whole SVR5 family, ie Solaris, HPUX etc...
Basically quite a sucky family tree
I'm just going through this process myself, and we've been talking to emc & sun about storage solutions with a view to commiting on one supplier in the next week or so.
You say you want 1TB of storage, it'd be pretty difficult to store that inside your pc, so you'll need to look at an external system.
Now you don't say what this data is, or how it's changing over time or how critical it is. Here's a bunch of questions to ask yourself, and some pointers...
Am I backing up data, or will it be frequently used? Tapes can store a lot cheaply, not very convienient tho.
Is this data Read Only or Read Write? You may get by on something like a CD caddy.
Am I performing processor intensive work on the data? 1TB is a *lot* of data, depending on what you want to do with it, 1 machine won't be enough - have a look at systems that allow more than one machine to access it.
How fast do I need to get at the data? If it's time critical, then you'll probably want to choose a solution that has lots of smaller drives and provides say a fibrechannel interface. More heads = more speed (usually)
WHat availability do I need on my data? If you don't want embarassing downtimes (1 drive blows, need to take the whole array down to replace it), then you need to look at getting a mirrored, hot swapable solution going.
How am I going to archive the data? If you are writing to the disks a lot, then you are going to have to take backup into account. Tapes are way slower than hardisks - is the backup of that 1TB table valid considering it took you 2hours to backup and it changed 10000 times during archival.
How am I going to manage the disks? Does the vendor provide management software. Is it available for your OS? Does your OS handle disks of 1TB? 10TB? You'll need to look at this, and also have a look at the websites of people like Veritas (hint: it's not cheap).
Now onto your final question...
> was it worth it in the long run after taking the time, money and support into consideration?"
that depends, if you need to store 1TB of data then you don't really have an option do you?
Looking Glass were IMHO, one of the best if not *the* best games games working in the PC space. They have released consistently excellent & innovative games over their many years. Unfortunately whilst receiving critical success, yet the majority of the games buying public seem happy to settle for yet another rehash of some crap title. I'm thinking Tomb Raider VIII - The Brasierre of Doom, or Fifa, or even [dons flameproof clothes here] Quake 3. This market is tied up pretty well by EA & Eidos and that sucks.
Shame
AFAIK, ASP was active server pages before it ever became application service provider...
I'm assuming you aren't being sarcastic...
ASP can mean two things:
Active Server Pages, a m$ web technology, not a market
Application Service Provider, a market that typically buys Sun.