I know im going to get modded odwn for this but i am getting tired of the editor slnt here. DDoS is a real problem, soemone might have a workable solution but it looks at packets so it must be bad. a few points here--
Monitoring the flow of traffic can be done without getting too much into the *content* of the packets. In fact looking at the contents will slow the system by a huge degree.
Unless every byte is encrypted this can already be done now. If you are sending data in the clear you are exposed get used to it, if you dont like it encrypt it.
I can know that privacy is a real issue but lets not muddy the water by screaming like chicken little every time someone reinvents a port sniffer or traffic shaper. Save your breath for when real issues come up like new laws.
Having worked with Oracle support I can say that they are very good. We ran into a problem that required patching and they had the patch to us in like 4 hours (we called at 10pm ona sunday night)
The problem i have with this logic is this. Why should my tax dollars go to fund projects that M$ can grab and sell back to me. I persoanlly don't want to fund microsoft R&D with *tax* money
There was some discussion on one of the Security Foucus mailing lists that pondered the idea of an IP Blacklist that ISPs could use. The basic idea was that when a site is used in a DDOS attack they get added to this list then the ISPs black hole *all* the packet too and from the site. This means mail, web everything. This gives the sites that are being comprimised a real motive to secure thier sites. The basisc idea is that if you can't kept your box secure you become unreachable untilit's fixed. With something like this the admins that care will fix thier sites the ones that don't simply wont matter.
The discussions died out while trying to figure out to administer soemthing like this. I still think it it would be a great idea if those issues can be worked out.
While i cant speak for the Linux community, I was glad they delayed it and took it as a sign that they were finally getting the right idea. So for me anyway its not just a matter of if Linux does its good. I belive this should be the attitude of any software company. I am willing to wait for the latest features if it means that they will work.
2.4 isnt out because it's not working.I would rather it be vapor until it works. One of the main reasons I perfer Linux to M$ is that with Linux the time and care is taken to make sure that the features work before it's shipped rather than shipping a buggy product just to make some randomly chosen date.
You can find BRE at www.johndaileysoftware.com/bre/
When i saw the web based tradewars my first thought was that there had to be a way to make BRE work on the web too. Maybe some people would be intrested in this... I guess I have a new hobby project just in time for the holidays.
Get rid of nospam and underscores to email me.
how about this...
Microsoft writes really bad reviews of thier own software and then copyrights it. Then anyone who says bad things about Windows etc. gets told they are breaking the copyright and gets a C&D letter.
(Sadly i really think they would do this if they could)
As afr as htings other than email. As a network/security person i have to contact the technical contact when i get attacks from networks. In these cases an email address is useless. You can be pretty much assured that the 'cracker' has compromise the admins email account and will >/dev/null any reports that i send. In this case a phhone number is the most relaible and trustable contact method I have. Though the option for a public PGP key would be kinda cool
Well first keep your customers happy . Or you could just go to a Mailboxes etc or the postoffice and get a PO Box and use that. It also gives the advantage that you will get your notices even if you move
You are so right. I mean the bast way to deal with this to roll over nad play dead right now. I mean the everyone knows the best way to stop soemthing from abusing you is to stop making them mad.
I know thisis a troll and all but i have to point out the law in question is being put together by the Council of EUROPE so save you anti-American trolls fro when it is actuall the US that does something
FYI-
No Tripwire is purely a defensive measure. There is no way it can be used to attack a system. So it would be one of the few tools to survive that treaty.
This does make a good point. The simple fact is that when I felt like upgrading my Linux system (was RH 6.1) I was able to look at several options and finally settled on SuSE. Not because Redhat is horrible and mean but because Suse Offered the feature set the *I* was looking for. This is why I love Linux I can select the features that matter to me instead of being told what what things I need the software to do.
If Redhat 7 really is as bad as people are saying then it will fail because people have choices unlike what you get when you buy Windows.
And i have noticed that anytime there is a report of company succeeding on slashdot it is like open warare by the 'Slahsdotters'
I realize here on slashdot its hard to imagine that there are people in the US who don't work for public companies, but they are out there. They are the ones who lose in this. Cisco Employees make out great, Cisco makes out great. The guy driving the cab that takes all out to dinner gets to help pay for the gap. So there is a loser in this situation.
you said...
"They suggest sending your info to the Direct Marketing Association indicating you don't want calls from member companies. I remain skeptical of this... "
I worked for a company that was a DMA memeber we did direct mailings and we ran *every* list through the supplied filter. There were 2 reasons for us to do this
1) Not doing could result in losing memebership in the DMA who provide some nice perks/leads etc for members.
2) It made sence not to waste the postage on people who had taken the time to write to get thier names off the list. The odds of them buying because of the mailing was much smaller than the chance they would get a negitive impression of our clients.
My point is the DMA lists can be helpful.
The VOIP stuff inst that suprising. Current phone providers (Verizon etc) are required by federal law to provide 'hooks' for the easy implementaion of wiretaps on POTS systems. A new way to communicate via voice is surely going to be responded to with a new way to monitor it.
MMM inst wired one of the companies that are distributing the cue::cat? It seems kinda funny that they are the ones giving DG the chance to try to suck up to the community it has alianated.. Of course this just a passing thought in my mind
Also, if a Big Iron fork does take place, will the public support a corporate driven project, or will we look to Linus, Alan, and the bunch to maintain that tree as well. How much access do those guys have to Big Iron anyway? Not much I guess. ---
Hell I'll maintian the fork if IBM and company will give me the hardware
This seems add security on top of the RFC and mentions it. The detail description though sounds a lot like the 'IPTABLES' feature in the upcoming Linux 2.4 kernel. I really hope there is enough of a difference that it doesn't cause a conflict because i have really been looking forward to using the IPTABLES it is a huge improvement over the current ipchains setup. On a positive side I havent heard anything from Cisco about trying to enforce this patent yet...
THe only problem is that if you make it much smaller it gets a lot harder to use. The Visor is still better looking than the plain grey palms. As far as being able to carry, it's much clunkier than a smill notepad but a major improvement over a laptop
Looking at this challange and thinking about the DeCSS case, I wonder how inviting people to 'break' thier code would effect thier ablity to squash the information from coming out into the public. I think it would be intresting to see how the DMCA would apply if someone broke thier system and posted the results publicly. Would the 'no reverse engineering' part still have weight after the company asked publicly for people to do so? Just wondrering how this will play out...
Slashdot Mirror
Having worked with Oracle support I can say that they are very good. We ran into a problem that required patching and they had the patch to us in like 4 hours (we called at 10pm ona sunday night)
The problem i have with this logic is this. Why should my tax dollars go to fund projects that M$ can grab and sell back to me. I persoanlly don't want to fund microsoft R&D with *tax* money
There was some discussion on one of the Security Foucus mailing lists that pondered the idea of an IP Blacklist that ISPs could use. The basic idea was that when a site is used in a DDOS attack they get added to this list then the ISPs black hole *all* the packet too and from the site. This means mail, web everything. This gives the sites that are being comprimised a real motive to secure thier sites. The basisc idea is that if you can't kept your box secure you become unreachable untilit's fixed. With something like this the admins that care will fix thier sites the ones that don't simply wont matter. The discussions died out while trying to figure out to administer soemthing like this. I still think it it would be a great idea if those issues can be worked out.
While i cant speak for the Linux community, I was glad they delayed it and took it as a sign that they were finally getting the right idea. So for me anyway its not just a matter of if Linux does its good. I belive this should be the attitude of any software company. I am willing to wait for the latest features if it means that they will work.
2.4 isnt out because it's not working.I would rather it be vapor until it works. One of the main reasons I perfer Linux to M$ is that with Linux the time and care is taken to make sure that the features work before it's shipped rather than shipping a buggy product just to make some randomly chosen date.
Upon closer inspection i must agree..
You can find BRE at www.johndaileysoftware.com/bre/ When i saw the web based tradewars my first thought was that there had to be a way to make BRE work on the web too. Maybe some people would be intrested in this... I guess I have a new hobby project just in time for the holidays. Get rid of nospam and underscores to email me.
how about this... Microsoft writes really bad reviews of thier own software and then copyrights it. Then anyone who says bad things about Windows etc. gets told they are breaking the copyright and gets a C&D letter. (Sadly i really think they would do this if they could)
As afr as htings other than email. As a network /security person i have to contact the technical contact when i get attacks from networks. In these cases an email address is useless. You can be pretty much assured that the 'cracker' has compromise the admins email account and will >/dev/null any reports that i send. In this case a phhone number is the most relaible and trustable contact method I have. Though the option for a public PGP key would be kinda cool
Well first keep your customers happy . Or you could just go to a Mailboxes etc or the postoffice and get a PO Box and use that. It also gives the advantage that you will get your notices even if you move
You are so right. I mean the bast way to deal with this to roll over nad play dead right now. I mean the everyone knows the best way to stop soemthing from abusing you is to stop making them mad.
I know thisis a troll and all but i have to point out the law in question is being put together by the Council of EUROPE so save you anti-American trolls fro when it is actuall the US that does something
FYI- No Tripwire is purely a defensive measure. There is no way it can be used to attack a system. So it would be one of the few tools to survive that treaty.
This does make a good point. The simple fact is that when I felt like upgrading my Linux system (was RH 6.1) I was able to look at several options and finally settled on SuSE. Not because Redhat is horrible and mean but because Suse Offered the feature set the *I* was looking for. This is why I love Linux I can select the features that matter to me instead of being told what what things I need the software to do. If Redhat 7 really is as bad as people are saying then it will fail because people have choices unlike what you get when you buy Windows. And i have noticed that anytime there is a report of company succeeding on slashdot it is like open warare by the 'Slahsdotters'
I realize here on slashdot its hard to imagine that there are people in the US who don't work for public companies, but they are out there. They are the ones who lose in this. Cisco Employees make out great, Cisco makes out great. The guy driving the cab that takes all out to dinner gets to help pay for the gap. So there is a loser in this situation.
you said... "They suggest sending your info to the Direct Marketing Association indicating you don't want calls from member companies. I remain skeptical of this... " I worked for a company that was a DMA memeber we did direct mailings and we ran *every* list through the supplied filter. There were 2 reasons for us to do this 1) Not doing could result in losing memebership in the DMA who provide some nice perks/leads etc for members. 2) It made sence not to waste the postage on people who had taken the time to write to get thier names off the list. The odds of them buying because of the mailing was much smaller than the chance they would get a negitive impression of our clients. My point is the DMA lists can be helpful.
The VOIP stuff inst that suprising. Current phone providers (Verizon etc) are required by federal law to provide 'hooks' for the easy implementaion of wiretaps on POTS systems. A new way to communicate via voice is surely going to be responded to with a new way to monitor it.
MMM inst wired one of the companies that are distributing the cue::cat? It seems kinda funny that they are the ones giving DG the chance to try to suck up to the community it has alianated.. Of course this just a passing thought in my mind
Also, if a Big Iron fork does take place, will the public support a corporate driven project, or will we look to Linus, Alan, and the bunch to maintain that tree as well. How much access do those guys have to Big Iron anyway? Not much I guess. --- Hell I'll maintian the fork if IBM and company will give me the hardware
mmm you might want to read the pantent first and then send that mail to Cisco...
This seems add security on top of the RFC and mentions it. The detail description though sounds a lot like the 'IPTABLES' feature in the upcoming Linux 2.4 kernel. I really hope there is enough of a difference that it doesn't cause a conflict because i have really been looking forward to using the IPTABLES it is a huge improvement over the current ipchains setup. On a positive side I havent heard anything from Cisco about trying to enforce this patent yet...
THe only problem is that if you make it much smaller it gets a lot harder to use. The Visor is still better looking than the plain grey palms. As far as being able to carry, it's much clunkier than a smill notepad but a major improvement over a laptop
Compared to the mainsstream players that is pretty cheap
Looking at this challange and thinking about the DeCSS case, I wonder how inviting people to 'break' thier code would effect thier ablity to squash the information from coming out into the public. I think it would be intresting to see how the DMCA would apply if someone broke thier system and posted the results publicly. Would the 'no reverse engineering' part still have weight after the company asked publicly for people to do so? Just wondrering how this will play out...