Depends on the iLo version. Some of the older ones were very picky. there are firmware updates that will eliminate a lot of the compatibility issues, but the really old ones (DL380 G2's come to mind) leave up up a creek, even with the last supported release.
"...When the documents finally arrived more than seven months later, they included more than 800 pages of information, including 15 burn and fire-related incidents blamed by iPod owners on their iPods."
"...After conducting its own preliminary investigation, the federal agency determined that, with more than 175 million iPods sold, "the number of incidents is extremely small in relation to the number of products produced, making the risk of injury very low."
I love the media. "Coming up at 11, stunning new government documents reveal that **your** iPod may burst into flames!" Seriously? 15? If there was a problem with 15 Honda Insights, I doubt there'd even be a service bulletin.
Moral of the story; rechargeable lithium batteries are dangerous. Rechargeable lithium batteries made under sketchy conditions couple with charge controllers made under equally sketchy conditions are probably slightly more dangerous.
Nagios? For asset tracking? "I was trying to check my e-mail using using apache, and it just wasn't living up to my expectations at all...." I guess when all you have is a hammer, everything looks like a nail.
http://www.open-audit.org/ does a nice job of tracking on the windows side. Set up xampp, unzip the contents of the openaudit zip file into the htdocs directory, visit the side, move on with your life. Open Audit as a project is a little hackish and informal for my tastes, but it does pass the JFW (just fucking works) test. Tracks assets, installed software, license keys. It's just a PHP frontend for WMI results, so if WMI is acting funny, then open audit will be funny too. I also doubt it'll do much for network device inventory other than identifying approximately what the device is. (Printers show up ok, I doubt switches or routers will appear as anything other than "other".)
My suggestion for integrating Nagios would be to set an action URL for each of your hosts that in turn points to the Open Audit page for that particular host, unless you're already using the action URL for PNP (and if you're not, you should be for some of your hosts.)
Storing data on a single RAID array, on your daily use machine is not a backup.
Storing your data on a RAID array, then copying that data onto another RAID array, on another machine, *is* a backup.
(of course, it's not a spectacular, super awesome backup that will protect your data from flood, fire, and Jerry Bruckhiemer, but it is a backup, and it's a lot more than most people and many businesses ever think to do.)
Cheap, Easy, Good. Pick two. A network aware 1TB SATA NAS should set you back less than $400 shipped.
Once that's done, we can do a comparative analysis of CO2 of all the machines machines running WoW (factoring in the increased power draw of a machine with a higher end video card, plus increased disk & memory I/O compared to a machine running BOINC). I'd be willing to be the BOINC 24x7x365 number works out to be smaller, or at least on par with a WoW machine going 4 hours a night several times a week.
Yep, us dastardly uh-mer-uh-can's have, using the power of our fourth grade math skills, manipulated the laws of orbital mechanics to give you yer-o-pee'ins the short end of the stick. U-S-A! U-S-A!
The improved viewing lasts from the middle of July, including the days leading up to the Endevour ink-up through the end of the month. RTFA.
Mayor? P'shaw. Kwame's only official crime was getting caught. He just misused city funds, and then became a rather convenient scapegoat / distraction while the rats kept the party going a while longer.
Now, when you look at the city council, that's a group of people brewing up some good old fashion WTF? You've got Barb Collins, who famously wears a diamond tiara to meetings. Her supporters spontaneously broke into "Onward Christian solders" after she gave a speech equating members of a regional authority formed to takeover operations of Cobo Hall (home of the North American International Auto show, one of the few things that brings money into detroit) from an essentially bankrupt city to white settlers stealing land from "the native peoples."
Or, there's Martha Reeves (yes, the one from motown's Martha Reeves and the Vandellas). Who's been accused of having city employees earning overtime ferrying her around to the local casinos and billing rooms to her expense account.
Let's not leave out JoAnn Watson. A recent audit found that her property taxes were between $40 and $60 every six months. All joking about Detroit property values aside, we're talking about a 4 bedroom 3 bath stone house in a nice part of Detroit (stop snickering.) Mrs. Watson stated that she thought the low taxes were due to damage the home suffered in a Tornado, but she couldn't remember if the tornado had damaged her home in 2001 or 1995. That no Tornado has hit that part of Detroit in 50+ years makes no real difference. (as an aside, if my house ever got hit by a tornado, 75 years from that date if I'm still alive I'll be able to tell you the date, time, month, year, temperature, ambient humidity, and the color of the trash bag that I put my freshly destroyed boxer shorts in.)
But there's always dear, sweet, innocent as the baby jesus, "black people can't be racist" Monica Conyers, wife of US rep John Conyers. (Though I've yet to see them in the same place at the same time. methinks even he knows she's crookeder than a barrel of snakes). Federal indictment over a $6000 bribe? You betcha! Billing trips to Grand Cayman to the Detroit firefighters pension fund? But of course! Accepting upwards of $40,000 worth of jewelry from local pawnshops while reviewing an ordinance to crackdown on pawnshops? All in a day's work, no need to thank her.
Now, granted, these are petty when compared to selling of senate seats by crooked governors, they are indicative of the amazing level of corruption that really has turned Detroit into a dysfunctional city since Colman Young took office so long ago. The very *culture* of the City of Detroit as a civic institution is corrupt. Epic Corruption isn't just acknowledged but expected at every single level. And it's not just 'skim a little here, or 'whet your beak' there, it's "take every last possible dime you can. Bill everything to the pension funds or anything else that still has money, make sure you hook your family up with every do-nothing job you can find, and don't worry about getting caught. Because someone else is doing stuff that's even worse."
You guys have "bigger" corruption, but in Detroit, it's systemic.
I will go corrupt official toe to toe with you. You can have your Tony Soprano wannabes, and I'll put the city of Detroit against your whole exit ramp infested state! Hell, Monica Conyers has more corruption in her little finger than any five state or local officials you can find.
Pretty much. There's nothing quite like that thick yellow smog that hangs in the air over Gary, or that lovely smell of sulfer and despair that reminds you "Yep, this is Hell. Enjoy your visit from the safety of the highway or the train, and thank your lucky stars you don't have to get out."
"Detroit" proper certainly sucks, but it's never really had an IT infrastructure to start out with. Outside of Compuware, high-tech jobs just don't exist there. I'd bet dollars to doughnuts that those 440+ IT jobs in "Detroit" are postings from Livonia or Novi, which is about the same as equating a job posting in Simi Valley with one in Compton.
I worked IT for a Community College that serves Detroit. By far the most dysfunctional IT organization I've ever seen. After getting hired, the first thing my boss told me was "I can't believe they hired you, you're not related to anybody here." Dozens of redundant administrators with no real job function other than drawing a paycheck, a single, insanely flaky DNS and AD server (located downtown) serving 5 remote sites that would wipe out connectivity across all campuses when it went down. I finally started SSH tunneling all of my traffic to my home connection so I could at least keep myself entertained. One of my favorite moments was when one of the network administrators was on site and I showed him what I was doing. His first question: "What's SSH?" By that time, I wasn't even remotely surprised. I was slightly surprised when I saw that job posted internally after the same admin moved to a different role. Starting salary: 65k. A junior admin with no skills whatsoever pulling down that kind of money. God only knows what his bosses made...
I was finally "indefinitely laid off" (no one ever got fired, downsized, rightsized, or had their position eliminated. You were simply placed on indefinite lay off. I heard of people getting called back to their jobs 5+ years after they got laid off) by the "Senior Associate Vice president of human resources", and yes, there were associate VP's of HR, VP's of HR, and a President of HR. If you were in the HR department, you were some form of Vice president. Or you were a secretary who was assumed to be boning and or related to his or her associated vice president. I had two weeks vacation and was told that I had a signing bonus from the union contract (Yep. Union IT. The union was equally incompetent) coming to me upon my "lay off." I was paid 8 hours vacation (the payroll system was never, ever right. They said I had 8 hours, they paid me 8, and sent me to one of the dozens of voicemail boxes that never got checked.) and told that the bonus didn't really apply to me due to a quirk in the rules.
So I walked away with a day's pay instead of a month's, and I framed the letter. I use it as a reminder of how crappy an organization can really be.
I'm using Sophos http://www.sophos.com/ in an 60-70 machine environment, and have had good luck with their products. They don't seem to be the insane memory hogs that Mcafee and Symantec are.
Some of the other posters are correct, a 'proper' AD server that you can push policy from gives you a nice set of options for managing machines. 20 doesn't sound like that many systems, until you're the guy supporting them.
That's because she was using a telescope - even a small one negates the problem. Just like observing the sky from the bottom of a well. Standing in a 10m-deep well in the middle of a bright day you will see a piece of night sky, with stars and all, when you look up (well, except when you're on the equator and it's exactly the midday, but that's a corner case of sorts).
[[citation needed]]
Standing at the bottom of a well doesn't magically make the sky dark at midday. Other than a few very bright objects (Venus, maybe Jupiter, maybe the ISS, if it happens to path over the small swatch of sky you could see), I strongly doubt that you'll see anything other than blue sky. I've yet to read a convincing argument (or better, see a convincing picture) that proves the "bottom of a well" hypothesis any better than the "airplane on a treadmill" problem.
The closest explanation I've heard would be that, when viewing at dusk, your eyes would be better adjusted to the low-light conditions, since you've presumably been standing at the bottom of a dark well for a while. Which isn't that much more useful to anyone (short of maybe unwilling friends of Jame Gumb) than sitting in a dark room before going outside.
Also, please explain how using a telescope magically invalidates light pollution. If I follow your line of reasoning, I should be able to use a pair of binoculars to get a crystal clear view out of a dirty window.
"Family Guy" is the Denzel Washington of animated series. At one point, it was fresh and original.
But then it became huge. Now everyone loves it because it's "Family Guy." Stewie's gonna say something gay, there's gonna be thirty "like that time I was..." jokes that are sorta mildly amusing. Every once it a while it steps out and does something fresh (Blue Harvest), but then it's back into the routine. Or the 'new' just gets recycled into the routine (like the Shawshank parody.)
Denzel Washington does the same thing as an actor. He's played "Morally right guy that the establishment doesn't like / believe / trust" in like twenty movies now. Every once in a while he steps out and it's fantastic (Training Day), but then he turns around and makes "Man on Fire" three more times for the paychecks.
It's been said before and is worth repeating: The movies were 45 minutes of material crammed into 90 minutes of airtime. The 22 minute format is the best way for the series to continue.
Now, if they can just treat the movies as non-canon, all will be right with the world. New Futurama is always welcome.
You've created a defense that would defeat an unsophisticated attacker.
You can stop right there. I've created *a* defense. Obscurity is a *level* of defense, that's all it is. No, it's not going to hide the machine from someone who's adding -p 1-65535 to the end of their nmap scans. It's not going to magically protect me from someone trying to crack my particular server if I haven't patched a known exploit. It will protect me from the most basic attack, worms, that are looking for basic configs. How many SQL worms are out there banging away on port 1414? If I'm running a vulnerable server on port 1415, is that machine going to get infected by one of those ancient worms? No. Is it still vulnerable to a dedicated attacker, yes. But I've got a massive subset of attacks that I've mitigated with a very simple config change.
It bears repeating: The problem comes from making obscurity your only defense. Obscurity should always be a part of your defense.
We do not design security to defeat unsophisticated attacks.
Then why do you lock your server room doors? Or encrypt hard drives? Or install a fire suppression system in the building? Don't kid yourself, it's the unsophisticated attack that you need to worry about first and fucking foremost.
So, yes, 5 locks are more secure than 4 locks. Anyone who can break 4 will break 5, so it's not significant. Similarly hiding the port number is more secure than not hiding the port number. However, it doesn't change a one-hour break into more than a one hour one minute break.
Obscurity isn't about 5 locks instead of 4. Obscurity is the first lock. If obscurity doesn't work, why do we change passwords? All we're doing is 'obscuring' the password.
I can cat back through years of auth.log's and not see one. single. solitary. unauthorized login attempt on one of my boxes. Not one. Why? The SSH server sits on an unregistered port. Do I trust bragging about that statement enough to post the IP and port number here? Fuck no. But by obscuring the number, that machine is, at the very least, not a target of opportunity. That has to count for something in anybody's book. In several years, people haven't even *tried* to break in. But every day, there are attempts to open cmd.exe in the apache logs.
Obscurity is not a panacea, it's a step. It's a step in the overall security process that has gotten diminished by people spouting off a catchphrase.
Your comment is a contradiction. On one hand, you say by not acknowledging the cable's existence, the cable is insecure. The better solution, is to acknowledge the cable (that apparently no one knows about) because then no one will know about it because its existence as a 'secret' cable will be.....wait for it.....obscured by the fact that there are other cables! Ta da! You've invented a new form of 'security' by 'obscuring' the cables existence. Bully for you.
"Security through obscurity" is a catchphrase that somehow implies that obscurity is on its face an invalid tool. It's not. It never will be. Ever. If it wasn't, infantrymen would be running around in fashionable day-glo orange jumpsuits with pretty pastel helmets. "Security through obscurity" is *only* a bad thing when it's the only means used to secure something When used in conjunction with other methods and tools, it's a great benefit.
Example: Set up a public facing SSH server on port 22. Watch what happens to your log files after about 24 hours. They'll start filling up with break-in attempts. Now move the server up to a non-registered port. 99.9% of those break-in attempts disappear. Why? The bots don't see an active server, so they move on. Can the service still be found? yes. Can the bots start hammering away on the new port? yes. But, by obscuring the port that SSH listens on, have I made the machine dramatically more secure? Maybe not dramatically, but it's slightly more secure. I still need to enforce password policy. I should still install a tool like Denyhosts. But I've taken a huge step to cut down the chances that some bot will get lucky and crack a login/password in a drive-by attack.
I'm going to go out on a limb and say that the links getting cut have some level of redundancy. Somewhere in the planning stages, this kind of event has to have come up, and I'll put money on there being a contingency in effect.
The HP Laserjet 4 on my desk has a build date of December 1992. It's already out of my employer's inventory, but I've graciously offered to only use it until we run out of toner. Of course, the office that it came from purchased four spare toners to go with the fresh one that's still in the machine, so I figure the machine will probably be old enough to drink by the time I actually have to get rid of it....
922k pages over it's life time. Here's hoping I can get to 1 million before it croaks.
Slashdot Mirror
Depends on the iLo version. Some of the older ones were very picky. there are firmware updates that will eliminate a lot of the compatibility issues, but the really old ones (DL380 G2's come to mind) leave up up a creek, even with the last supported release.
"...When the documents finally arrived more than seven months later, they included more than 800 pages of information, including 15 burn and fire-related incidents blamed by iPod owners on their iPods."
"...After conducting its own preliminary investigation, the federal agency determined that, with more than 175 million iPods sold, "the number of incidents is extremely small in relation to the number of products produced, making the risk of injury very low."
I love the media. "Coming up at 11, stunning new government documents reveal that **your** iPod may burst into flames!" Seriously? 15? If there was a problem with 15 Honda Insights, I doubt there'd even be a service bulletin.
Moral of the story; rechargeable lithium batteries are dangerous. Rechargeable lithium batteries made under sketchy conditions couple with charge controllers made under equally sketchy conditions are probably slightly more dangerous.
forgot to mention, if you've got linux boxes, you can do inventory for those devices using the Hardware Abstraction Layer and an easily Cron'd script.
Nagios? For asset tracking? "I was trying to check my e-mail using using apache, and it just wasn't living up to my expectations at all...." I guess when all you have is a hammer, everything looks like a nail.
http://www.open-audit.org/ does a nice job of tracking on the windows side. Set up xampp, unzip the contents of the openaudit zip file into the htdocs directory, visit the side, move on with your life. Open Audit as a project is a little hackish and informal for my tastes, but it does pass the JFW (just fucking works) test. Tracks assets, installed software, license keys. It's just a PHP frontend for WMI results, so if WMI is acting funny, then open audit will be funny too. I also doubt it'll do much for network device inventory other than identifying approximately what the device is. (Printers show up ok, I doubt switches or routers will appear as anything other than "other".)
My suggestion for integrating Nagios would be to set an action URL for each of your hosts that in turn points to the Open Audit page for that particular host, unless you're already using the action URL for PNP (and if you're not, you should be for some of your hosts.)
Check your lagrange points. I'm always leaving monoliths there. And defining blues-rock trios. Those always show up at my lagrange.
"Great, another planet that doesn't listen..."
Can I use my frequent flier miles to upgrade the seat to hell that I just purchased?
Storing data on a single RAID array, on your daily use machine is not a backup.
Storing your data on a RAID array, then copying that data onto another RAID array, on another machine, *is* a backup.
(of course, it's not a spectacular, super awesome backup that will protect your data from flood, fire, and Jerry Bruckhiemer, but it is a backup, and it's a lot more than most people and many businesses ever think to do.)
Cheap, Easy, Good. Pick two. A network aware 1TB SATA NAS should set you back less than $400 shipped.
Once that's done, we can do a comparative analysis of CO2 of all the machines machines running WoW (factoring in the increased power draw of a machine with a higher end video card, plus increased disk & memory I/O compared to a machine running BOINC). I'd be willing to be the BOINC 24x7x365 number works out to be smaller, or at least on par with a WoW machine going 4 hours a night several times a week.
Waste is, and will always be, a relative term.
Yep, us dastardly uh-mer-uh-can's have, using the power of our fourth grade math skills, manipulated the laws of orbital mechanics to give you yer-o-pee'ins the short end of the stick. U-S-A! U-S-A!
The improved viewing lasts from the middle of July, including the days leading up to the Endevour ink-up through the end of the month. RTFA.
"At the tone, the time will be 11:13am. BEEP."
"At the sound of your blood curdling screams and unheralded pleas for mercy, the time will be 11:14am."
Take the same generic stuff that we all already have, slap it in a trendy new case, and all of us sudden it's big news....
Mayor? P'shaw. Kwame's only official crime was getting caught. He just misused city funds, and then became a rather convenient scapegoat / distraction while the rats kept the party going a while longer.
Now, when you look at the city council, that's a group of people brewing up some good old fashion WTF? You've got Barb Collins, who famously wears a diamond tiara to meetings. Her supporters spontaneously broke into "Onward Christian solders" after she gave a speech equating members of a regional authority formed to takeover operations of Cobo Hall (home of the North American International Auto show, one of the few things that brings money into detroit) from an essentially bankrupt city to white settlers stealing land from "the native peoples."
Or, there's Martha Reeves (yes, the one from motown's Martha Reeves and the Vandellas). Who's been accused of having city employees earning overtime ferrying her around to the local casinos and billing rooms to her expense account.
Let's not leave out JoAnn Watson. A recent audit found that her property taxes were between $40 and $60 every six months. All joking about Detroit property values aside, we're talking about a 4 bedroom 3 bath stone house in a nice part of Detroit (stop snickering.) Mrs. Watson stated that she thought the low taxes were due to damage the home suffered in a Tornado, but she couldn't remember if the tornado had damaged her home in 2001 or 1995. That no Tornado has hit that part of Detroit in 50+ years makes no real difference. (as an aside, if my house ever got hit by a tornado, 75 years from that date if I'm still alive I'll be able to tell you the date, time, month, year, temperature, ambient humidity, and the color of the trash bag that I put my freshly destroyed boxer shorts in.)
But there's always dear, sweet, innocent as the baby jesus, "black people can't be racist" Monica Conyers, wife of US rep John Conyers. (Though I've yet to see them in the same place at the same time. methinks even he knows she's crookeder than a barrel of snakes). Federal indictment over a $6000 bribe? You betcha! Billing trips to Grand Cayman to the Detroit firefighters pension fund? But of course! Accepting upwards of $40,000 worth of jewelry from local pawnshops while reviewing an ordinance to crackdown on pawnshops? All in a day's work, no need to thank her.
Now, granted, these are petty when compared to selling of senate seats by crooked governors, they are indicative of the amazing level of corruption that really has turned Detroit into a dysfunctional city since Colman Young took office so long ago. The very *culture* of the City of Detroit as a civic institution is corrupt. Epic Corruption isn't just acknowledged but expected at every single level. And it's not just 'skim a little here, or 'whet your beak' there, it's "take every last possible dime you can. Bill everything to the pension funds or anything else that still has money, make sure you hook your family up with every do-nothing job you can find, and don't worry about getting caught. Because someone else is doing stuff that's even worse."
You guys have "bigger" corruption, but in Detroit, it's systemic.
I will go corrupt official toe to toe with you. You can have your Tony Soprano wannabes, and I'll put the city of Detroit against your whole exit ramp infested state! Hell, Monica Conyers has more corruption in her little finger than any five state or local officials you can find.
The gauntlet has been thrown down!
Pretty much. There's nothing quite like that thick yellow smog that hangs in the air over Gary, or that lovely smell of sulfer and despair that reminds you "Yep, this is Hell. Enjoy your visit from the safety of the highway or the train, and thank your lucky stars you don't have to get out."
"Detroit" proper certainly sucks, but it's never really had an IT infrastructure to start out with. Outside of Compuware, high-tech jobs just don't exist there. I'd bet dollars to doughnuts that those 440+ IT jobs in "Detroit" are postings from Livonia or Novi, which is about the same as equating a job posting in Simi Valley with one in Compton.
I worked IT for a Community College that serves Detroit. By far the most dysfunctional IT organization I've ever seen. After getting hired, the first thing my boss told me was "I can't believe they hired you, you're not related to anybody here." Dozens of redundant administrators with no real job function other than drawing a paycheck, a single, insanely flaky DNS and AD server (located downtown) serving 5 remote sites that would wipe out connectivity across all campuses when it went down. I finally started SSH tunneling all of my traffic to my home connection so I could at least keep myself entertained. One of my favorite moments was when one of the network administrators was on site and I showed him what I was doing. His first question: "What's SSH?" By that time, I wasn't even remotely surprised. I was slightly surprised when I saw that job posted internally after the same admin moved to a different role. Starting salary: 65k. A junior admin with no skills whatsoever pulling down that kind of money. God only knows what his bosses made...
I was finally "indefinitely laid off" (no one ever got fired, downsized, rightsized, or had their position eliminated. You were simply placed on indefinite lay off. I heard of people getting called back to their jobs 5+ years after they got laid off) by the "Senior Associate Vice president of human resources", and yes, there were associate VP's of HR, VP's of HR, and a President of HR. If you were in the HR department, you were some form of Vice president. Or you were a secretary who was assumed to be boning and or related to his or her associated vice president. I had two weeks vacation and was told that I had a signing bonus from the union contract (Yep. Union IT. The union was equally incompetent) coming to me upon my "lay off." I was paid 8 hours vacation (the payroll system was never, ever right. They said I had 8 hours, they paid me 8, and sent me to one of the dozens of voicemail boxes that never got checked.) and told that the bonus didn't really apply to me due to a quirk in the rules.
So I walked away with a day's pay instead of a month's, and I framed the letter. I use it as a reminder of how crappy an organization can really be.
I'm using Sophos http://www.sophos.com/ in an 60-70 machine environment, and have had good luck with their products. They don't seem to be the insane memory hogs that Mcafee and Symantec are.
Some of the other posters are correct, a 'proper' AD server that you can push policy from gives you a nice set of options for managing machines. 20 doesn't sound like that many systems, until you're the guy supporting them.
And if they're running pirated, unpatched copies of windows, equally as fragile.
That's because she was using a telescope - even a small one negates the problem. Just like observing the sky from the bottom of a well. Standing in a 10m-deep well in the middle of a bright day you will see a piece of night sky, with stars and all, when you look up (well, except when you're on the equator and it's exactly the midday, but that's a corner case of sorts).
[[citation needed]]
Standing at the bottom of a well doesn't magically make the sky dark at midday. Other than a few very bright objects (Venus, maybe Jupiter, maybe the ISS, if it happens to path over the small swatch of sky you could see), I strongly doubt that you'll see anything other than blue sky. I've yet to read a convincing argument (or better, see a convincing picture) that proves the "bottom of a well" hypothesis any better than the "airplane on a treadmill" problem.
The closest explanation I've heard would be that, when viewing at dusk, your eyes would be better adjusted to the low-light conditions, since you've presumably been standing at the bottom of a dark well for a while. Which isn't that much more useful to anyone (short of maybe unwilling friends of Jame Gumb) than sitting in a dark room before going outside.
Also, please explain how using a telescope magically invalidates light pollution. If I follow your line of reasoning, I should be able to use a pair of binoculars to get a crystal clear view out of a dirty window.
"It's funny, but how will it go with farmers?"
Correct quote: ""This is executive Beta, programmed to underestimate middle America." "It's funny, but will it get them off their tractors?"
Loss of 20 geek points. Please complete three Windows ME to Vista upgrades as penance.
"Family Guy" is the Denzel Washington of animated series. At one point, it was fresh and original.
But then it became huge. Now everyone loves it because it's "Family Guy." Stewie's gonna say something gay, there's gonna be thirty "like that time I was..." jokes that are sorta mildly amusing. Every once it a while it steps out and does something fresh (Blue Harvest), but then it's back into the routine. Or the 'new' just gets recycled into the routine (like the Shawshank parody.)
Denzel Washington does the same thing as an actor. He's played "Morally right guy that the establishment doesn't like / believe / trust" in like twenty movies now. Every once in a while he steps out and it's fantastic (Training Day), but then he turns around and makes "Man on Fire" three more times for the paychecks.
It's been said before and is worth repeating: The movies were 45 minutes of material crammed into 90 minutes of airtime. The 22 minute format is the best way for the series to continue.
Now, if they can just treat the movies as non-canon, all will be right with the world. New Futurama is always welcome.
You've created a defense that would defeat an unsophisticated attacker.
You can stop right there. I've created *a* defense. Obscurity is a *level* of defense, that's all it is. No, it's not going to hide the machine from someone who's adding -p 1-65535 to the end of their nmap scans. It's not going to magically protect me from someone trying to crack my particular server if I haven't patched a known exploit. It will protect me from the most basic attack, worms, that are looking for basic configs. How many SQL worms are out there banging away on port 1414? If I'm running a vulnerable server on port 1415, is that machine going to get infected by one of those ancient worms? No. Is it still vulnerable to a dedicated attacker, yes. But I've got a massive subset of attacks that I've mitigated with a very simple config change.
It bears repeating: The problem comes from making obscurity your only defense. Obscurity should always be a part of your defense.
We do not design security to defeat unsophisticated attacks.
Then why do you lock your server room doors? Or encrypt hard drives? Or install a fire suppression system in the building? Don't kid yourself, it's the unsophisticated attack that you need to worry about first and fucking foremost.
So, yes, 5 locks are more secure than 4 locks. Anyone who can break 4 will break 5, so it's not significant. Similarly hiding the port number is more secure than not hiding the port number. However, it doesn't change a one-hour break into more than a one hour one minute break.
Obscurity isn't about 5 locks instead of 4. Obscurity is the first lock. If obscurity doesn't work, why do we change passwords? All we're doing is 'obscuring' the password.
I can cat back through years of auth.log's and not see one. single. solitary. unauthorized login attempt on one of my boxes. Not one. Why? The SSH server sits on an unregistered port. Do I trust bragging about that statement enough to post the IP and port number here? Fuck no. But by obscuring the number, that machine is, at the very least, not a target of opportunity. That has to count for something in anybody's book. In several years, people haven't even *tried* to break in. But every day, there are attempts to open cmd.exe in the apache logs.
Obscurity is not a panacea, it's a step. It's a step in the overall security process that has gotten diminished by people spouting off a catchphrase.
Your comment is a contradiction. On one hand, you say by not acknowledging the cable's existence, the cable is insecure. The better solution, is to acknowledge the cable (that apparently no one knows about) because then no one will know about it because its existence as a 'secret' cable will be.....wait for it.....obscured by the fact that there are other cables! Ta da! You've invented a new form of 'security' by 'obscuring' the cables existence. Bully for you.
"Security through obscurity" is a catchphrase that somehow implies that obscurity is on its face an invalid tool. It's not. It never will be. Ever. If it wasn't, infantrymen would be running around in fashionable day-glo orange jumpsuits with pretty pastel helmets. "Security through obscurity" is *only* a bad thing when it's the only means used to secure something When used in conjunction with other methods and tools, it's a great benefit.
Example: Set up a public facing SSH server on port 22. Watch what happens to your log files after about 24 hours. They'll start filling up with break-in attempts. Now move the server up to a non-registered port. 99.9% of those break-in attempts disappear. Why? The bots don't see an active server, so they move on. Can the service still be found? yes. Can the bots start hammering away on the new port? yes. But, by obscuring the port that SSH listens on, have I made the machine dramatically more secure? Maybe not dramatically, but it's slightly more secure. I still need to enforce password policy. I should still install a tool like Denyhosts. But I've taken a huge step to cut down the chances that some bot will get lucky and crack a login/password in a drive-by attack.
I'm going to go out on a limb and say that the links getting cut have some level of redundancy. Somewhere in the planning stages, this kind of event has to have come up, and I'll put money on there being a contingency in effect.
The HP Laserjet 4 on my desk has a build date of December 1992. It's already out of my employer's inventory, but I've graciously offered to only use it until we run out of toner. Of course, the office that it came from purchased four spare toners to go with the fresh one that's still in the machine, so I figure the machine will probably be old enough to drink by the time I actually have to get rid of it....
922k pages over it's life time. Here's hoping I can get to 1 million before it croaks.
The real question is, do any of these recordings detail the rampant cannibalism that continues to plague the RAF?
Yours etc.
Captain B.J. Smethwick in a white wine sauce with shallots, mushrooms and garlic.
How many Volkswagon beetles-worth is that?