No I wasn't kidding, but apparently, I wasn't clear either.
I know how you intercept traffic on a switched network - but the person I was replying to didn't appear to do so. It's not been a case of 'just sticking another PC on the network' for quite a while now.
If you want to sniff on switched networks, stop being so cheap.
You'll need a managed switch with the ability to designate a specific switch port as a SPAN or mirror port (http://en.wikipedia.org/wiki/Port_mirroring). This will allow you to monitor any other traffic that is passing through the switch.
Those days aren't gone, they merely got a whole lot more expensive.
In any case, it's more likely that you'd do monitoring at the egress point(s) of your private network, not on a particular switch.
Luckily I don't want to sniff stuff on a switched network, although the comment I was replying to made it sound like it was possible to do it by simply sticking another PC on the network. We both know that's not the case.
Your comment is happily covered by my "You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason."
Yep, that's certainly one option. And it's more than just "another PC on the same subnet running a packet sniffer". Do any home-grade ADSL / Cable devices support it? Maybe with some of the open firmware solutions?
How do you packet sniff on switched networks? The days of being able to sniff all traffic[1] on a network by having something else on the same network are gone my friend.
You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason.
In corporate environments (of the ones I have experience) people don't pay for UNIX hardware and run files-ervers on it with SAMBA. That's why I picked AIX / HP-UX and Solaris, not Linux.
My point was that policy makers don't understand the underlying OS and simply say 'we must have AV' without considering the applications running on those machines.
When my Oracle DB or DB2 instance gets infected with HappySmilieFacev02 I'll change my mind. Policy should be appropriate and not simply blanket coverage, because that leads to as many problems as it solves.
This is probably just a policy issue. "We've put your AIX / HP-UX / Solaris server in". "What AV does it run?" "Er, it's running AIX / HP-UX / Solaris , we've not installed AV". "But our policy says we have to use product X or product Y to AV protect all our servers". "Yes, but you're not understan....." "Just install AV".
Maybe it comes from working in IT, but I always assume that if someone else is holding my data, they can access it. It doesn't interest me what they say - that's my basic starting assumption. So I always assumed that Dropbox could get to my data, and if I cared about the privacy of that data I just encrypted the files myself first.
It's my data, I'm in control of it. Giving it up to someone else and hoping they keep it safe is silly.
I'm surprised so many people are surprised (and I wonder if the people are are surprised haven't been in IT long?)
Maybe that's true in the US, I can't comment. It's not true in the UK where it's entirely possible to get 'involved in government' with nothing more than drive and local support. Whether one MP can achieve anything in the House of Commons is another question entirely, and whether being an MP let's you influence much other than your own expenses claim is beside the point.
I tend to answer a different question but keep the association in my head.
So I know if it asks me the name of my first pet, I tell it the place I was born (not actually like that, I usually provide a meaningless answer, but know that it's always that answer to that question), because so many places use the same stupid questions.
Until they break into your facebook account and use that to socially engineer access to something else and escalate their way into something beyond that. Or they access your facebook account and start taking guesses are the answers to the security questions you're forced to use (what school did you go to, what was your first pet called, etc., etc.)
There are so many links between so much of what we do online that you would do well to treat it all as worth securing equally.
I think there's room for choosing a difficulty level and having the game adapt as well. Didn't RE5 do that? You chose how hard you wanted it to be, but within that the game also decreased enemy health if you died over and over, and increased it if you survived fights without dying. So it was self adapting but within constraints you could choose yourself.
There's also a clear difference between games in which you compete against other people which try to provide an enjoyable experience, and games in which you are trying to win by having more skill than the other players, and single player games that are intended to be enjoyable and what people enjoy varies from person to person.
People who do it for a company People who don't do it for a company
Then your 18.2% are in the minority, which I think is the point here. The company folk might represent different companies, but they're still companies.
I call bullshit. The problem with statistics specifically is that it can very often be non-intuitive. The Monte Hall problem being one of the best examples. It's not just about ignorance or a lack of education. It's about presentation as well. I'm not stupid and I play the lottery. I know the chances of winning are approx. 1 in 14 million. Which means I have to play for some insane number of millennia before I'm ensured a win. But I also know that most weeks, someone somewhere does win. So the pound I place on it each week is a bit of fun.
Actually, this is the Olympics I've watched the most. I've just not sat down and watched it on the TV like previous years.
This is the first time I've been able to sit at my PC and watch the bits I was interested in on the BBC website, and then fast forward through some other stuff the Sky+ box recorded, and then catch some stuff on the Sky+ interactive section on the BBC, and then head back to the PC and watch a bit more on iPlayer or the BBC news site.
For me, it's really brought home the changes in broadcasting major sporting events that have taken place in only four years.
If I'm a terrorist who wants to bring data into the US, I'll encrypt it and put it on a web site somewhere, go to the US sans computer, and download it when I get there. Don't like web sites? Substitude SSH tunnels, VPN, whatever back to country of origin and you have a nice, easily available way to bring data into the country. I'm not sure why they believe terrorists and other ne'er-do-wells won't think of that.
Since they're clever, I'm sure they have thought about it. The real question you should be asking is why they're not worried about you doing it...
Slashdot Mirror
Trust.
Delegation.
Foster an environment in which people feel they can empower themselves.
Trust.
You don't get it from reading, you get it by thinking about the people who you liked working for the most, the organisations you felt most valued by.
Someone needs to show these guys some useful fables.
Yeh, I guess they never thought to check those two variables?
Come on guys. Powers of 10! You can't be going and moving from my powers of 10 wired Ethernet speeds, how will I do the simple math!
1 -> 10 -> 100 -> 1000 -> 10000
Easy maths! Say no to 40Gpbs.
No I wasn't kidding, but apparently, I wasn't clear either.
I know how you intercept traffic on a switched network - but the person I was replying to didn't appear to do so. It's not been a case of 'just sticking another PC on the network' for quite a while now.
If you want to sniff on switched networks, stop being so cheap.
You'll need a managed switch with the ability to designate a specific switch port as a SPAN or mirror port (http://en.wikipedia.org/wiki/Port_mirroring). This will allow you to monitor any other traffic that is passing through the switch.
Those days aren't gone, they merely got a whole lot more expensive.
In any case, it's more likely that you'd do monitoring at the egress point(s) of your private network, not on a particular switch.
Luckily I don't want to sniff stuff on a switched network, although the comment I was replying to made it sound like it was possible to do it by simply sticking another PC on the network. We both know that's not the case.
Your comment is happily covered by my "You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason."
Yep, that's certainly one option. And it's more than just "another PC on the same subnet running a packet sniffer". Do any home-grade ADSL / Cable devices support it? Maybe with some of the open firmware solutions?
How do you packet sniff on switched networks? The days of being able to sniff all traffic[1] on a network by having something else on the same network are gone my friend.
You'd need to be running some software on the switch or on the internet gateway, or some other device that sees all the traffic for some other reason.
[1] Yes, you can sniff some broadcast traffic.
Policy.
In corporate environments (of the ones I have experience) people don't pay for UNIX hardware and run files-ervers on it with SAMBA. That's why I picked AIX / HP-UX and Solaris, not Linux.
My point was that policy makers don't understand the underlying OS and simply say 'we must have AV' without considering the applications running on those machines.
When my Oracle DB or DB2 instance gets infected with HappySmilieFacev02 I'll change my mind. Policy should be appropriate and not simply blanket coverage, because that leads to as many problems as it solves.
This is probably just a policy issue. "We've put your AIX / HP-UX / Solaris server in". "What AV does it run?" "Er, it's running AIX / HP-UX / Solaris , we've not installed AV". "But our policy says we have to use product X or product Y to AV protect all our servers". "Yes, but you're not understan....." "Just install AV".
Maybe it comes from working in IT, but I always assume that if someone else is holding my data, they can access it. It doesn't interest me what they say - that's my basic starting assumption. So I always assumed that Dropbox could get to my data, and if I cared about the privacy of that data I just encrypted the files myself first.
It's my data, I'm in control of it. Giving it up to someone else and hoping they keep it safe is silly.
I'm surprised so many people are surprised (and I wonder if the people are are surprised haven't been in IT long?)
R2D2 could understand speech but not speak.
Just because you couldn't understand the mighty R2D2 doesn't mean he wasn't speaking!
Maybe that's true in the US, I can't comment. It's not true in the UK where it's entirely possible to get 'involved in government' with nothing more than drive and local support. Whether one MP can achieve anything in the House of Commons is another question entirely, and whether being an MP let's you influence much other than your own expenses claim is beside the point.
This being an IT project, I predict it will take 5 years longer than planned, cost 10x the initial budget, and still never really work quite right.
Fixed that for you.
I tend to answer a different question but keep the association in my head.
So I know if it asks me the name of my first pet, I tell it the place I was born (not actually like that, I usually provide a meaningless answer, but know that it's always that answer to that question), because so many places use the same stupid questions.
Until they break into your facebook account and use that to socially engineer access to something else and escalate their way into something beyond that. Or they access your facebook account and start taking guesses are the answers to the security questions you're forced to use (what school did you go to, what was your first pet called, etc., etc.)
There are so many links between so much of what we do online that you would do well to treat it all as worth securing equally.
I think there's room for choosing a difficulty level and having the game adapt as well. Didn't RE5 do that? You chose how hard you wanted it to be, but within that the game also decreased enemy health if you died over and over, and increased it if you survived fights without dying. So it was self adapting but within constraints you could choose yourself.
There's also a clear difference between games in which you compete against other people which try to provide an enjoyable experience, and games in which you are trying to win by having more skill than the other players, and single player games that are intended to be enjoyable and what people enjoy varies from person to person.
Except if you group them as,
People who do it for a company
People who don't do it for a company
Then your 18.2% are in the minority, which I think is the point here. The company folk might represent different companies, but they're still companies.
I call bullshit. The problem with statistics specifically is that it can very often be non-intuitive. The Monte Hall problem being one of the best examples. It's not just about ignorance or a lack of education. It's about presentation as well. I'm not stupid and I play the lottery. I know the chances of winning are approx. 1 in 14 million. Which means I have to play for some insane number of millennia before I'm ensured a win. But I also know that most weeks, someone somewhere does win. So the pound I place on it each week is a bit of fun.
I tried a couple of VPN solutions, they did work but performance was terrible.
That was from a previous case,
"In 1989, Dr. Rossi had a case eerily similar to the one in Berlin ..."
not this case.
Have we really entered an age where the number of people who join facebook groups are used as some kind of measure?
Half the people I know on facebook join whatever the hell their friends join, or click anything they can to get the alerts to go away.
Seriously - really?
Actually, this is the Olympics I've watched the most. I've just not sat down and watched it on the TV like previous years. This is the first time I've been able to sit at my PC and watch the bits I was interested in on the BBC website, and then fast forward through some other stuff the Sky+ box recorded, and then catch some stuff on the Sky+ interactive section on the BBC, and then head back to the PC and watch a bit more on iPlayer or the BBC news site. For me, it's really brought home the changes in broadcasting major sporting events that have taken place in only four years.
I don't care which way they sort it as long as the UK stays ahead of France.
If I'm a terrorist who wants to bring data into the US, I'll encrypt it and put it on a web site somewhere, go to the US sans computer, and download it when I get there. Don't like web sites? Substitude SSH tunnels, VPN, whatever back to country of origin and you have a nice, easily available way to bring data into the country. I'm not sure why they believe terrorists and other ne'er-do-wells won't think of that.
Since they're clever, I'm sure they have thought about it. The real question you should be asking is why they're not worried about you doing it ...