You must not be using ePO, or using it correctly. I'm new to it, and running an old version (3.6.1) but I can tell you in a matter of minutes, how many machines (of around 5000) are running the most current dat files, and how many aren't. I can very quickly get a list of machines running any version but the most current (though I usually only care about machines that are more than a few versions out of date).
If the engine does happen to break (which has happened, but is pretty rare), I can use ePO to reinstall it on the client machine.
McAfee detected Conficker just fine for us. Admittedly, their Conficker network scan tool didn't work well for me, I used the beta version of Nmap to do that (zero infections across our network).
On an enterprise level, I'm quite impressed with McAfee so far. There've been a few hiccups for sure, but I've seen much worse. We'll see how my upgrade to ePO 4 goes in the coming months.
Ahh, didn't realize that this is how RIM's "push" email worked. Even still, according to the articles on the blog, this is not Nokia's Messaging server, just their basic POP/IMAP client. So again, Nokia shouldn't need it.
I've never used BIS (or BES) so I'm not sure. But why would any email client need to pass the credentials it has to a third party to connect to a POP/IMAP server? If RIM is doing the same thing, then they should be called on it as well.
This is no different than if Outlook sent your credentials to MS, or Thunderbird sent them to Mozilla.
I sort of implied that it was a technical problem, I apologize its not really a technical issue at all. Take the example I gave about users that need remote access to their desktops. We don't have a list of those users, so without knowing who they are, that group can't push out a shutdown to all the desktops. There's other similar issues. Its not really a technical problem, more a procedural one.
The company I work for encourages all employees to shutdown their PCs at the end of the day. Once in a while they'll do a walk through at night and leave little reminders on any PCs they find still turned on.
There are some issues. For example, we use wake on LAN so that SMS can push patches during the night, but we don't have a way to go back and turn them off (some solutions are being looked at). As well, some IT personnel need to remote access to their desktop machines. A way to send a WOL packet to the machine at the initialization of the remote access session is also being looked at.
Generally though, it works well, though I haven't seen any stats on any savings. I think for most businesses, just this simple practice could realize significant savings though.
I'm not going to waste my time on this anymore. You continually bring up security and performance gains from blocking ads. I've never disagreed with either point. I AGREE with them, though I think there are better ways to do it.
I'll stand by my point that hard coding your favourites sites into your HOSTS file is neither a timesaver (in the long run) nor is it particularly beneficial. If you believe it is, great. Have fun with it.
Oh, and by the way. I've done a fair bit of coding in my day. I wrote several hundred thousand lines of code that runs a busy web hosting company's control panel. Interfacing with mail servers, ftp servers, dns servers, web servers, datbase servers, etc. It does incremental backups that are restorable by the user. I custom built the database backends. Its also useable by resellers to create custom frontends. It handles the frontend for billing (and I helped with the backend billing). That's one coding project I did. There've been many others and even though I'm no longer in a programming position I still find myself doing some coding.
I've been working professionally in IT for enough years. I've done security research at a University, and am now employed by a mid-sized telecommunications company as a lead IT security person. I've received awards from other IT managers in the company for finding and recommending fixes to security issues.
I'm the lead IT person on our PCI-DSS compliance project. I'm the lead IT person on our AV, IPS, and DLP implementations.
I've assisted on investigations on possible breaches.
I've written custom applications to do log analysis on our internal custom apps.
Question my qualifications all you want, and try to change the subject, and manipulate what I said all you want. It doesn't make you right, or distract from the points I've made. First, very few people are going to notice a savings of 30ms on the load time of their favourite sites (and that savings is only the FIRST time its loaded that day - depending the cache times). It doesn't change the fact that by using your setup, they lose a lot of the features that DNS provides.
1) Hard coding your favourites into your hosts file will save time on lookups, I've never debated that fact. What I've said is the time invested isn't worth it. You still refuse to address that other than saying its your time and you'll do with what you like. Fine... but others should be aware that in the long run it won't save them any time and could cost them time.
2)Who cares how long it takes your script to run. My point has been how long it took for you to do the coding and the testing, and migrate your setup to other machines.
3)So your telling me that your senses are so fine tuned that when you type http://slashdot.org/ (or click a bookmark) you can tell a difference of.03 seconds in the load time of the site? Wow... I'm impressed.
You seem very intent on posting tons of irrelevant information.
As I've said and you've agreed, you'll not recover the time you've invested. If you use a trusted DNS server, you virtually eliminate poisoning. I work (and have certifications) in IT Security. I know what I'm talking about.
You also lose all the advantages that DNS offers.
If you're happy with your setup, great, keep using it. But its not a good solution. Even the security benefits you claim can be had far easier. The same goes for ad blocking. OpenDNS blocks a lot of malware sites. Plugins for firefox virtually eliminate ads. All of that takes a few minutes to setup. If you want to waste days of your time that requires maintenance and doesn't offer any real improvements, go right ahead.
I'll state this once more in a different way and maybe you'll understand.
You have invested at least 20 hours in your setup. That puts you in the hole at 20 hours.
If you visit every one of your 250 sites in a day, you'll have saved seven and a half seconds that day. 20 hours/7.5 seconds is 9600 (20 hours * 60 minutes * 60 seconds). That means it will take you 9600 days of surfing every one of your 250 sites to make up the time you invested in your setup. (That's over 26 years). Now if you only visit 125 of those sites every day, it will take over 52 years to make up that time.
As far as your lookup time now in your hosts file, I'm counting that time as zero. Nothing, instantaneous. I'm giving you the best possible circumstances here to make your solution actually save time. If I was counting it against you, I'd reduce the 30ms and say your were only saving 29ms (or whatever).
Its clear you can't or won't understand what I'm trying to communicate to you. The time and effort involved in putting a list of your favorite sites into a host file will not realistically save you time in the long run. Its too much of an up front investment of your time.
What do my qualifications matter? You've yet to argue any of the facts I've posted above. Arguing the time it takes to do a lookup in your hosts file is pointless since I'm not counting that as taking any time. Arguing security benefits is pointless because I agree they are there (though I believe there are better ways).
The time you invested in putting your 250 sites in your hosts file will take decades to pay back. I've never debated that there are security benefits to placing pointers to 127.0.0.1 in your hosts file. I've never disagreed that putting ad sites in your hosts file will speed up browsing.
I'm only discussing the 250 favourites sites you have. You don't seem to be able to understand that.
You do realize that in all my calculations, I've considered your lookup in your hosts file to take 0 time. All my calculations are using the time you told me of 30ms to do a lookup from your DNS server. So all your "proof" of faster lookups via a hosts file I've already agreed.
But you've invested more time in your setup then it will save you in the long run.
1. I've only ever been referring to placing your favourite sites in your hosts file. Any arguments regarding the other sites to reduce ads/malicious sites, etc. is simply a red herring.
2. You said your self it took you 3 days to set this up. I later pointed out that I'm estimating that has 20 hours of work.
3. The most you will save in time is 30 milliseconds per site per day.
4. Assuming you never invest any more time in your setup to maintain it or move it to another machine, you will only save 45 minutes of time per year. And that's only if you visit each of your 250 sites every day.
5. Given your initial investment of 20 hours, it will take you nearly 30 years to recoup your investment.
It will take you over 30 years (and more than likely significantly longer than that) to save any time by having your favorite sites in your hosts file. That is what my point is and you have yet to refute that.
My point is, the time you invested in this setup will take 27 years to actually save you time. And that's only if you hit every site every day. If you only view 1/2 those sites every day, it'll take 54 years. And that's assuming you have the same computer for all those years, and never have to manually change anything.
First off, the article you quote talks about getting the speed gains specifically because he is not loading ad banners and the like. I never denied that. I never denied the security benefits. I agree with all that.
What I'm saying is that in all reality you will not save net time when adding your favourite websites to your hosts file. As for running a local DNS server, there's no real advantage to that unless you have other needs outside this discussion. Its not like ever home user has a DNS server running.
Its apparent that you really don't understand what I'm trying to explain to you. If you actually think your saving time, then be happy with your amazing setup.
First off, I agree with the security benefits, I never suggested there was anything wrong with those. I'm talking about the 250 sites your "saving" time on by doing the look ups in your hosts file.
My facts still stand. It will take you 27 years to start saving any time, and that's assuming you don't have to tweak your setup at all, or even move it to another machine.
I'm not talking about ad banners, blacklisting sites to 127.0.0.1 or that sort of thing, just the basic time savings of having something like '216.34.181.45 slashdot.org' in your hosts file. The math doesn't add up. You won't save any time in the long run. I'm also assuming that a look up in the HOSTS file takes 0ms (which isn't actually true, but we'll stick with it).
If you really understand how DNS (and web surfing) works, you'll see that you're not saving any time, and you're giving up features that DNS provides.
Its not a bad idea for blacklisting sites, but don't fool yourself, you're not saving any time.
You're probably trolling, but anyways, round trip ping to slashdot tells you nothing. How about a round trip ping to your DNS server. I'll bet its a lot less.
Secondly, the command I suggested should work just fine on any linux based system. I don't believe there is an equivalent to 'time' in the windows world (at least not by default), but nslookup will do more or less what dig does.
Even if you are the same guy that wrote the script, and it took 3 days (say 20 hours), and if it saves 45 minutes a year, it would take about 27 years for you to actually save any time. That's assuming that you never have to move or tweak your setup.
Maintaining a hosts file for the purpose of speeding up DNS lookups isn't really going to help you out.
Ummm, yeah. First off, pinging the site tells you nothing except round trip time. Try something like 'time dig +short slashdot.org' Mine takes about 6 milliseconds of real time. Sure, the DNS server likely has it cached (which would be true of the OpenDNS servers).
I don't know about you, but I wouldn't notice a reduction of 6 milliseconds. Even 30 milliseconds I wouldn't notice. Depending on your setup, your local machine probably caches the results as well, so you're likely only doing that lookup once a day.
Lets say all 250 sites on average, cache locally for 24 hours, and you visit each site daily.
250 * 6 = 1500 milliseconds (1.5 seconds).
So if you hit every site, every day for a year, you've saved yourself a whopping 9 minutes. Congratulations. How long did it take you to setup those 250 sites in your HOSTS file and write the script to maintain them? I'm guessing I've got a few decades before you've "saved" as much time as those of us who haven't bothered with such a setup. Oh, and by then you'll likely have switched machines a few times and have had to have taken the time to move that whole setup over.
Slashdot Mirror
You must not be using ePO, or using it correctly. I'm new to it, and running an old version (3.6.1) but I can tell you in a matter of minutes, how many machines (of around 5000) are running the most current dat files, and how many aren't. I can very quickly get a list of machines running any version but the most current (though I usually only care about machines that are more than a few versions out of date).
If the engine does happen to break (which has happened, but is pretty rare), I can use ePO to reinstall it on the client machine.
McAfee detected Conficker just fine for us. Admittedly, their Conficker network scan tool didn't work well for me, I used the beta version of Nmap to do that (zero infections across our network).
On an enterprise level, I'm quite impressed with McAfee so far. There've been a few hiccups for sure, but I've seen much worse. We'll see how my upgrade to ePO 4 goes in the coming months.
Ahh, didn't realize that this is how RIM's "push" email worked. Even still, according to the articles on the blog, this is not Nokia's Messaging server, just their basic POP/IMAP client. So again, Nokia shouldn't need it.
I've never used BIS (or BES) so I'm not sure. But why would any email client need to pass the credentials it has to a third party to connect to a POP/IMAP server? If RIM is doing the same thing, then they should be called on it as well.
This is no different than if Outlook sent your credentials to MS, or Thunderbird sent them to Mozilla.
I guess Nokia getting your email account credentials isn't an issue for you.
I sort of implied that it was a technical problem, I apologize its not really a technical issue at all. Take the example I gave about users that need remote access to their desktops. We don't have a list of those users, so without knowing who they are, that group can't push out a shutdown to all the desktops. There's other similar issues. Its not really a technical problem, more a procedural one.
The company I work for encourages all employees to shutdown their PCs at the end of the day. Once in a while they'll do a walk through at night and leave little reminders on any PCs they find still turned on.
There are some issues. For example, we use wake on LAN so that SMS can push patches during the night, but we don't have a way to go back and turn them off (some solutions are being looked at). As well, some IT personnel need to remote access to their desktop machines. A way to send a WOL packet to the machine at the initialization of the remote access session is also being looked at.
Generally though, it works well, though I haven't seen any stats on any savings. I think for most businesses, just this simple practice could realize significant savings though.
I'm not going to waste my time on this anymore. You continually bring up security and performance gains from blocking ads. I've never disagreed with either point. I AGREE with them, though I think there are better ways to do it.
I'll stand by my point that hard coding your favourites sites into your HOSTS file is neither a timesaver (in the long run) nor is it particularly beneficial. If you believe it is, great. Have fun with it.
I won't be replying again.
Oh, and by the way. I've done a fair bit of coding in my day. I wrote several hundred thousand lines of code that runs a busy web hosting company's control panel. Interfacing with mail servers, ftp servers, dns servers, web servers, datbase servers, etc. It does incremental backups that are restorable by the user. I custom built the database backends. Its also useable by resellers to create custom frontends. It handles the frontend for billing (and I helped with the backend billing). That's one coding project I did. There've been many others and even though I'm no longer in a programming position I still find myself doing some coding.
I've been working professionally in IT for enough years. I've done security research at a University, and am now employed by a mid-sized telecommunications company as a lead IT security person. I've received awards from other IT managers in the company for finding and recommending fixes to security issues.
I'm the lead IT person on our PCI-DSS compliance project. I'm the lead IT person on our AV, IPS, and DLP implementations.
I've assisted on investigations on possible breaches.
I've written custom applications to do log analysis on our internal custom apps.
Question my qualifications all you want, and try to change the subject, and manipulate what I said all you want. It doesn't make you right, or distract from the points I've made. First, very few people are going to notice a savings of 30ms on the load time of their favourite sites (and that savings is only the FIRST time its loaded that day - depending the cache times). It doesn't change the fact that by using your setup, they lose a lot of the features that DNS provides.
1) Hard coding your favourites into your hosts file will save time on lookups, I've never debated that fact. What I've said is the time invested isn't worth it. You still refuse to address that other than saying its your time and you'll do with what you like. Fine... but others should be aware that in the long run it won't save them any time and could cost them time.
2)Who cares how long it takes your script to run. My point has been how long it took for you to do the coding and the testing, and migrate your setup to other machines.
3)So your telling me that your senses are so fine tuned that when you type http://slashdot.org/ (or click a bookmark) you can tell a difference of .03 seconds in the load time of the site? Wow... I'm impressed.
You seem very intent on posting tons of irrelevant information.
As I've said and you've agreed, you'll not recover the time you've invested. If you use a trusted DNS server, you virtually eliminate poisoning. I work (and have certifications) in IT Security. I know what I'm talking about.
You also lose all the advantages that DNS offers.
If you're happy with your setup, great, keep using it. But its not a good solution. Even the security benefits you claim can be had far easier. The same goes for ad blocking. OpenDNS blocks a lot of malware sites. Plugins for firefox virtually eliminate ads. All of that takes a few minutes to setup. If you want to waste days of your time that requires maintenance and doesn't offer any real improvements, go right ahead.
I give up. You've invested 20 hours in your setup. You will not recover that time.
I'll state this once more in a different way and maybe you'll understand.
You have invested at least 20 hours in your setup. That puts you in the hole at 20 hours.
If you visit every one of your 250 sites in a day, you'll have saved seven and a half seconds that day. 20 hours/7.5 seconds is 9600 (20 hours * 60 minutes * 60 seconds). That means it will take you 9600 days of surfing every one of your 250 sites to make up the time you invested in your setup. (That's over 26 years). Now if you only visit 125 of those sites every day, it will take over 52 years to make up that time.
As far as your lookup time now in your hosts file, I'm counting that time as zero. Nothing, instantaneous. I'm giving you the best possible circumstances here to make your solution actually save time. If I was counting it against you, I'd reduce the 30ms and say your were only saving 29ms (or whatever).
Its clear you can't or won't understand what I'm trying to communicate to you. The time and effort involved in putting a list of your favorite sites into a host file will not realistically save you time in the long run. Its too much of an up front investment of your time.
What do my qualifications matter? You've yet to argue any of the facts I've posted above. Arguing the time it takes to do a lookup in your hosts file is pointless since I'm not counting that as taking any time. Arguing security benefits is pointless because I agree they are there (though I believe there are better ways).
If you're Tuesday afternoons are 20 days long... you're going too fast.
Do you even read my posts?
The time you invested in putting your 250 sites in your hosts file will take decades to pay back. I've never debated that there are security benefits to placing pointers to 127.0.0.1 in your hosts file. I've never disagreed that putting ad sites in your hosts file will speed up browsing.
I'm only discussing the 250 favourites sites you have. You don't seem to be able to understand that.
You do realize that in all my calculations, I've considered your lookup in your hosts file to take 0 time. All my calculations are using the time you told me of 30ms to do a lookup from your DNS server. So all your "proof" of faster lookups via a hosts file I've already agreed.
But you've invested more time in your setup then it will save you in the long run.
The speed gains in the securityfocus article are a result of the blocked ads. Read it again.
You have yet to refute my point that it will take you AT LEAST 27 years to actually save any time.
1. I've only ever been referring to placing your favourite sites in your hosts file. Any arguments regarding the other sites to reduce ads/malicious sites, etc. is simply a red herring.
2. You said your self it took you 3 days to set this up. I later pointed out that I'm estimating that has 20 hours of work.
3. The most you will save in time is 30 milliseconds per site per day.
4. Assuming you never invest any more time in your setup to maintain it or move it to another machine, you will only save 45 minutes of time per year. And that's only if you visit each of your 250 sites every day.
5. Given your initial investment of 20 hours, it will take you nearly 30 years to recoup your investment.
It will take you over 30 years (and more than likely significantly longer than that) to save any time by having your favorite sites in your hosts file. That is what my point is and you have yet to refute that.
Why are you still arguing irrelevant points?
Ahh, but its not zero time for a lookup is it?
My point is, the time you invested in this setup will take 27 years to actually save you time. And that's only if you hit every site every day. If you only view 1/2 those sites every day, it'll take 54 years. And that's assuming you have the same computer for all those years, and never have to manually change anything.
First off, the article you quote talks about getting the speed gains specifically because he is not loading ad banners and the like. I never denied that. I never denied the security benefits. I agree with all that.
What I'm saying is that in all reality you will not save net time when adding your favourite websites to your hosts file. As for running a local DNS server, there's no real advantage to that unless you have other needs outside this discussion. Its not like ever home user has a DNS server running.
Its apparent that you really don't understand what I'm trying to explain to you. If you actually think your saving time, then be happy with your amazing setup.
First off, I agree with the security benefits, I never suggested there was anything wrong with those. I'm talking about the 250 sites your "saving" time on by doing the look ups in your hosts file.
My facts still stand. It will take you 27 years to start saving any time, and that's assuming you don't have to tweak your setup at all, or even move it to another machine.
I'm not talking about ad banners, blacklisting sites to 127.0.0.1 or that sort of thing, just the basic time savings of having something like '216.34.181.45 slashdot.org' in your hosts file. The math doesn't add up. You won't save any time in the long run. I'm also assuming that a look up in the HOSTS file takes 0ms (which isn't actually true, but we'll stick with it).
If you really understand how DNS (and web surfing) works, you'll see that you're not saving any time, and you're giving up features that DNS provides.
Its not a bad idea for blacklisting sites, but don't fool yourself, you're not saving any time.
You're probably trolling, but anyways, round trip ping to slashdot tells you nothing. How about a round trip ping to your DNS server. I'll bet its a lot less.
Secondly, the command I suggested should work just fine on any linux based system. I don't believe there is an equivalent to 'time' in the windows world (at least not by default), but nslookup will do more or less what dig does.
Even if you are the same guy that wrote the script, and it took 3 days (say 20 hours), and if it saves 45 minutes a year, it would take about 27 years for you to actually save any time. That's assuming that you never have to move or tweak your setup.
Maintaining a hosts file for the purpose of speeding up DNS lookups isn't really going to help you out.
Ummm, yeah. First off, pinging the site tells you nothing except round trip time. Try something like 'time dig +short slashdot.org' Mine takes about 6 milliseconds of real time. Sure, the DNS server likely has it cached (which would be true of the OpenDNS servers).
I don't know about you, but I wouldn't notice a reduction of 6 milliseconds. Even 30 milliseconds I wouldn't notice. Depending on your setup, your local machine probably caches the results as well, so you're likely only doing that lookup once a day.
Lets say all 250 sites on average, cache locally for 24 hours, and you visit each site daily.
250 * 6 = 1500 milliseconds (1.5 seconds).
So if you hit every site, every day for a year, you've saved yourself a whopping 9 minutes. Congratulations. How long did it take you to setup those 250 sites in your HOSTS file and write the script to maintain them? I'm guessing I've got a few decades before you've "saved" as much time as those of us who haven't bothered with such a setup. Oh, and by then you'll likely have switched machines a few times and have had to have taken the time to move that whole setup over.