If you run a heavily Sun-oriented tech shop, presumably it will be advantageous to run a single OS (well, Solaris/Sparc and Solaris/Intel) to running Solaris/Sparc and Linux/Intel; cautious companies might more easily justify purchasing Intel-based hardware if they don't have to put a new OS on it at the same time.
Linux/Sparc and Linux/Intel ?
Solaris is far more limiting to specific architectures than Linux is. In fact Solaris/Intel is a real dog, has always had limited hardware compatibility and Sun's Intel boxes are simply too expensive.
I've been hacking over 30 years. I also brew beer, distill whisky, hunt, grow food, etc. These are definitely all the same expression: to know how things work.
Strange.. I have no such aspirations in other fields. I just like to work on systems and make them do cool stuff.
Who is going to check every header in every email?
What would be the spammers reaction? Quite easily forge 1000 headers in a single email?, using up all resources of your checker and causing a denial of service?
The SPAM phenonanom (sp?) is somewhat of a battle at the edge of crakerdom; it's the "what can I get away with" philosphy.
My users may have very valid emails from servers in the.kr domain, yet nearly 99% of our SPAM originates from there. I don't see that as a valid reason to block all their emails.
I really like the ideas of anti-SPAM co-operation by identifying the fingerprints of mass-emails and relaying those fingerprints to other servers - I'm yet to see the emergence of a company that can proclaim to do this effectively.
damn stupid time of night to be thinking about this anyway...
I noticed a queue building up the other day, apparently, while not being blacklisted, we had been blocked through an IP range by a provider - another customer in our range must have sent out some unsolicited mail, so I called our ISP, asked them whether there was a smart host where I could offload my queue and they obliged... not my problem any more, actually they may have dropped my queue to/dev/null, but at least it ceased to be my problem.
They manage to plug the RIM BlackBerry Handheld, GoToMyPc.Com, and Yahoo By Phone
Especially when VNC is dirt free and works just great as a remote management tool.
And no, I don't use it to slack, I use it to remote connect to desktops, especially since all those crappy Java apps don't seem to work properly via Terminal Server, oh, and it's cross-platform on both Client and Server too.
I used to work for what could be termed a.com company that is listed on the NASDAQ.
I got made redundant with 2000 or so shares which I still happen to keep. Those shares have risen 80% or so since I left the company late last year.
I realise that I can't place my experience as the norm, but it is at least one example of a company recovering and nearly reaching profitability.
Overall, in my view, the companies that have thus far survived the crash of the.com boom are probably more likely to survive in the future as they have had to re-work their business plans and be more conservative about their growth prospects and, as such, not leading (misleading) the market makers into over-valuing their stock. This then generates these companies some respect and their stock rises.
While all these tools turn out to be the Security Analyst's bible to utopia, they're also the ultimate cracker tools, missing only the Xploits that the old neverending line of script-kiddies use to bypass each and every point that these tools do their best to detect.
Nessus is, however, a single tool, that can be as both useful to the white hat5 as it is the bl4ck hats.
It gets my number one tool vote as being as useful to both partys - yet completely impartial.
Most people think IPSEC is about tunneling whole IP networks within the IPSEC protocol, but ubiquitous transport mode is really the holy grail of IPSEC. Basically it allows one to encrypt any TCP/UDP stream without regard to the underlying port side protocol - thus making ssh, httpssl, ftpssl, etc redundant.
True, in the past IPSEC has been about doing the encryption at the gateway instead of between individual systems. There are many reasons for this - firstly the idea of doing the encryption/encapsulation on a single box, instead of on a one-to-one basis makes it far easier for those who need to spec out the boxes involved.
Secondly, when using this type of system it makes it far easier to troubleshoot problems as you always have the option of doing a packet capture on the unecrypted side of the communication. Doing a packet capture on the encrypted side yields no useful information to network admins about what is going wrong.
Perhaps under Linux you can do a packet capture on the/dev/ipsecX interfaces to see the unencrypted data - I never tested this but hope it is so. Under Windows, which - whatever your religion - still hosts most of the world's computers, there is no such functionality.
Somewhere else in this discussion I read about someone pretty much drawing the fact that supporting encryption on all systems is the Holy Grail of secure computing and related to 9/11 as to whether this is a good thing. Crypto is important for many businesss applications and the fact is that if FreeS/WAN and sendmail were both installed on two systems that all emails between them would be encrypted, without the knowledge of sendmail at all. Yes, pretty cool - but still a long way to go before that is implemented on all systems, and certainly sure to receive some resistance from political bodies, especially the USA.
Some have mentioned that organisations, such as the NSA, have enough computing power to decrypt these communications. I really don't think that this is the case. Their saving grace at the moment is that encryption is mostly taking place at a LAN-LAN basis so there would be far too many keys to break if the encryption was one on a Host-Host basis. If OE takes hold, then there will be a myriad of keys that could really only feasibly be broken by other means, intelligence, backdoors, trojans and the like or even perhaps the inception of algorithms for which decryption was trivial.
Those methods after all are far less costly than putting a beowulf of systems at work just to work out what two systems are passing between them using generally accepted strong encryption.
The FreeS/WAN IPSEC implementation is seperate from the implementation that will be included in the Linux 2.6 kernel.
The big question is - Is it compatible? and will FreeS/WAN evolve to use the IPSEC implementation.
I've used 1.9, and it worked fine for me, but I find the iproute2 and IPSEC implementation in the 2.5 development branch of the Linux kernel somewhat more interesting.
As as person who spent several weeks with Solaris 9 on an Ulrta 5 (and a large personal history with Sun in general) and who now waits for Gentoo to finish building X on his Sun Ultra 5 architecture, I have to say I find the discussion here really funny, almost unimaginably so.
Comparing my Athlon MP system (going through an emerge sync; emerge --update world) to my Ultra 5 (going through an emerge xfree) is like compraing the stone age with he future.
Does it really matter?
Is UNIX dead? no
It has just evolved futher.
Linux is the future of unix, you cannot shrug off thosse distant relatives that brought you into being, you are stuck with your genealogy no matter what.
Forget the marketing bollocks that turns up at these sales related meetings: the technical history remains....
More information at Securityfocus. This is the remote exploit which seems to be a UDP amplifier.
If all ISPs actively put in anti-spoofing filters on all their routers then this type of denial of service attack could be greatly reduced as blackhats would only be able to spoof IPs & UDP services to their own segments.
But no, most ISPs probably take a router out of the box, type a few commands and take it into production.
If you see some code, think "so *that's* how it's done" and write similar code using the same algorithm, then it's yours. Unless it's patented of course.
Absolutely... these are the people who gave me the archimedes, and who allowed me to render Mandelbrot sets at what seemed to be the speed of light back in 1986, something that the PC couldn't handle until much later.
Hamiltonian Quaternion Space Hypermandelbrots... oh lovely!
you've entered into a contract. The way it seems is that what you got it not what you were told it was going to be.
Careerwise your best option is to get out now before it affects your career history in a big way.
Regarding credit checks...
In the UK, which is the law I happen to work under, a credit check is simply a list of numbers of which each increments when I make a late payment.
e.g.
001000101010100
Would indicate that 3 payments ago I did not make an immediate payment to a demand, nor did I five payments ago.
Unless you really have a bad credit history you're not really going to be affected here. The company is simply asking to ensure that you don't have a credit rating like this:
0943243254265:
That is their only cause for concern. Re-assure them if you trust them. If your rating is not that bad and the company is good enough to work for then bite the bullet and go for it.
Don't listen to the karma freaks/zealots who might answer otherwise.
Just how difficult is it to comeup with some code that goes about finding vulnerable machines, makes them invulnerable, and tries to spend a modest amount of it's time finding more vulnerable machines.
Bring on the white-hat worms that actually fix problems, rather than cause them.
Sure - ethics must be a problem, but there must be some slightly-un-ethical white hats out there ready to give this a go?
It's strange to see that manufacturers now believe that you don't need a keyboard on your notebook PCs.
Does it feature a remote keyboard? Am I expected to carry around a USB keyboard? Does this thing have super-standard, alien quality speech recognition?
It's fine to see a blonde sitting at a desk playing with a stylus, but the mojority of work still requires a keyboard these days.
Re:Linux kernel did not need GCC/GNU/RMS
on
Linus Is A Hero
·
· Score: 2
quite... my question is...
Which compiler built the first version of GCC?
Which compiler build that compiler's first version?
You can apply the same to an operating system kernel. That is what makes both very remarkable accomplishments, especially considering their success and abundance today.
Re:Why Saint Ignuciuis didn't make the cut.
on
Linus Is A Hero
·
· Score: 2
omg... how stupid... is there any other "culture" type stuff associated with GNU/Music?
Stick to producing great software like GCC and give up on the music front. !PLEASE!!!
Slashdot Mirror
Compilation produces binary code, not assembly.
Assembly is often considered a mid-level language between binary and high-level languages like C/C++.
If you run a heavily Sun-oriented tech shop, presumably it will be advantageous to run a single OS (well, Solaris/Sparc and Solaris/Intel) to running Solaris/Sparc and Linux/Intel; cautious companies might more easily justify purchasing Intel-based hardware if they don't have to put a new OS on it at the same time.
Linux/Sparc and Linux/Intel ?
Solaris is far more limiting to specific architectures than Linux is. In fact Solaris/Intel is a real dog, has always had limited hardware compatibility and Sun's Intel boxes are simply too expensive.
Have you tried searching for articles in say "Estonian" for your search example?
Those Estonians still need books, or should they learn English?
I've been hacking over 30 years. I also brew beer, distill whisky, hunt, grow food, etc. These are definitely all the same expression: to know how things work.
Strange.. I have no such aspirations in other fields. I just like to work on systems and make them do cool stuff.
Dear FBI,
Eat my shorts! I live in the UK and you have no immediate jurisdiction here.
Sincerely,
J. Dyson
MENTION THE WAR...
[John Cleese, Faulty Towers]
is my sendmail secure?
which macros?
where do I find this info for my version of sendmail? (I run 8.12.9/8.12.8)
seriously though... I've searched and I'm yet to find a reasonable document that describes ultimate securing of that version in particular.
Nor am I able to find any refernce of extra rules in m4 format to stop SPAM.
Links anyone?
Who is going to check every header in every email?
.kr domain, yet nearly 99% of our SPAM originates from there. I don't see that as a valid reason to block all their emails.
/dev/null, but at least it ceased to be my problem.
What would be the spammers reaction? Quite easily forge 1000 headers in a single email?, using up all resources of your checker and causing a denial of service?
The SPAM phenonanom (sp?) is somewhat of a battle at the edge of crakerdom; it's the "what can I get away with" philosphy.
My users may have very valid emails from servers in the
I really like the ideas of anti-SPAM co-operation by identifying the fingerprints of mass-emails and relaying those fingerprints to other servers - I'm yet to see the emergence of a company that can proclaim to do this effectively.
Business Plan anyone?
1. SPAM
2. identify own emails
3. publish fingerprint
4. profit...
damn stupid time of night to be thinking about this anyway...
I noticed a queue building up the other day, apparently, while not being blacklisted, we had been blocked through an IP range by a provider - another customer in our range must have sent out some unsolicited mail, so I called our ISP, asked them whether there was a smart host where I could offload my queue and they obliged... not my problem any more, actually they may have dropped my queue to
They manage to plug the RIM BlackBerry Handheld, GoToMyPc.Com, and Yahoo By Phone
Especially when VNC is dirt free and works just great as a remote management tool.
And no, I don't use it to slack, I use it to remote connect to desktops, especially since all those crappy Java apps don't seem to work properly via Terminal Server, oh, and it's cross-platform on both Client and Server too.
I used to work for what could be termed a .com company that is listed on the NASDAQ.
.com boom are probably more likely to survive in the future as they have had to re-work their business plans and be more conservative about their growth prospects and, as such, not leading (misleading) the market makers into over-valuing their stock. This then generates these companies some respect and their stock rises.
:-)
I got made redundant with 2000 or so shares which I still happen to keep. Those shares have risen 80% or so since I left the company late last year.
I realise that I can't place my experience as the norm, but it is at least one example of a company recovering and nearly reaching profitability.
Overall, in my view, the companies that have thus far survived the crash of the
Go figure
While all these tools turn out to be the Security Analyst's bible to utopia, they're also the ultimate cracker tools, missing only the Xploits that the old neverending line of script-kiddies use to bypass each and every point that these tools do their best to detect.
Nessus is, however, a single tool, that can be as both useful to the white hat5 as it is the bl4ck hats.
It gets my number one tool vote as being as useful to both partys - yet completely impartial.
A very difficult road to tread indeed...
Most people think IPSEC is about tunneling whole IP networks within the IPSEC protocol, but ubiquitous transport mode is really the holy grail of IPSEC. Basically it allows one to encrypt any TCP/UDP stream without regard to the underlying port side protocol - thus making ssh, httpssl, ftpssl, etc redundant.
/dev/ipsecX interfaces to see the unencrypted data - I never tested this but hope it is so. Under Windows, which - whatever your religion - still hosts most of the world's computers, there is no such functionality.
True, in the past IPSEC has been about doing the encryption at the gateway instead of between individual systems. There are many reasons for this - firstly the idea of doing the encryption/encapsulation on a single box, instead of on a one-to-one basis makes it far easier for those who need to spec out the boxes involved.
Secondly, when using this type of system it makes it far easier to troubleshoot problems as you always have the option of doing a packet capture on the unecrypted side of the communication. Doing a packet capture on the encrypted side yields no useful information to network admins about what is going wrong.
Perhaps under Linux you can do a packet capture on the
Somewhere else in this discussion I read about someone pretty much drawing the fact that supporting encryption on all systems is the Holy Grail of secure computing and related to 9/11 as to whether this is a good thing. Crypto is important for many businesss applications and the fact is that if FreeS/WAN and sendmail were both installed on two systems that all emails between them would be encrypted, without the knowledge of sendmail at all. Yes, pretty cool - but still a long way to go before that is implemented on all systems, and certainly sure to receive some resistance from political bodies, especially the USA.
Some have mentioned that organisations, such as the NSA, have enough computing power to decrypt these communications. I really don't think that this is the case. Their saving grace at the moment is that encryption is mostly taking place at a LAN-LAN basis so there would be far too many keys to break if the encryption was one on a Host-Host basis. If OE takes hold, then there will be a myriad of keys that could really only feasibly be broken by other means, intelligence, backdoors, trojans and the like or even perhaps the inception of algorithms for which decryption was trivial.
Those methods after all are far less costly than putting a beowulf of systems at work just to work out what two systems are passing between them using generally accepted strong encryption.
The FreeS/WAN IPSEC implementation is seperate from the implementation that will be included in the Linux 2.6 kernel.
The big question is - Is it compatible? and will FreeS/WAN evolve to use the IPSEC implementation.
I've used 1.9, and it worked fine for me, but I find the iproute2 and IPSEC implementation in the 2.5 development branch of the Linux kernel somewhat more interesting.
HAHAHAHAHAHAHAHAAA!
...
As as person who spent several weeks with Solaris 9 on an Ulrta 5 (and a large personal history with Sun in general) and who now waits for Gentoo to finish building X on his Sun Ultra 5 architecture, I have to say I find the discussion here really funny, almost unimaginably so.
Comparing my Athlon MP system (going through an emerge sync; emerge --update world) to my Ultra 5 (going through an emerge xfree) is like compraing the stone age with he future.
Does it really matter?
Is UNIX dead? no
It has just evolved futher.
Linux is the future of unix, you cannot shrug off thosse distant relatives that brought you into being, you are stuck with your genealogy no matter what.
Forget the marketing bollocks that turns up at these sales related meetings: the technical history remains.
bring back 1992-1994... sigh... cannot explain...
Here's one of the Interior.
More Photos can be got here.
More information at Securityfocus. This is the remote exploit which seems to be a UDP amplifier.
If all ISPs actively put in anti-spoofing filters on all their routers then this type of denial of service attack could be greatly reduced as blackhats would only be able to spoof IPs & UDP services to their own segments.
But no, most ISPs probably take a router out of the box, type a few commands and take it into production.
If you see some code, think "so *that's* how it's done" and write similar code using the same algorithm, then it's yours. Unless it's patented of course.
Unless it's patented and they catch you.
Absolutely... these are the people who gave me the archimedes, and who allowed me to render Mandelbrot sets at what seemed to be the speed of light back in 1986, something that the PC couldn't handle until much later.
Hamiltonian Quaternion Space Hypermandelbrots... oh lovely!
if you're going to rip off someone elses code, you'd think they'd strip it first...
I doubt that this is the result of someone running strings on the binaries.
It has to be said... at just a few Mhz these machines were the most powerful machines on the market back in 1988... I doubt much has changed...
While the PC was running on an 8-bit CPU, this stuff was out there in 32-bit spendour.
Mod the parent up.
you've entered into a contract. The way it seems is that what you got it not what you were told it was going to be.
Careerwise your best option is to get out now before it affects your career history in a big way.
Regarding credit checks...
In the UK, which is the law I happen to work under, a credit check is simply a list of numbers of which each increments when I make a late payment.
e.g.
001000101010100
Would indicate that 3 payments ago I did not make an immediate payment to a demand, nor did I five payments ago.
Unless you really have a bad credit history you're not really going to be affected here. The company is simply asking to ensure that you don't have a credit rating like this:
0943243254265:
That is their only cause for concern. Re-assure them if you trust them. If your rating is not that bad and the company is good enough to work for then bite the bullet and go for it.
Don't listen to the karma freaks/zealots who might answer otherwise.
If you enjoy your job then you'll do it.
Just how difficult is it to comeup with some code that goes about finding vulnerable machines, makes them invulnerable, and tries to spend a modest amount of it's time finding more vulnerable machines.
Bring on the white-hat worms that actually fix problems, rather than cause them.
Sure - ethics must be a problem, but there must be some slightly-un-ethical white hats out there ready to give this a go?
It's strange to see that manufacturers now believe that you don't need a keyboard on your notebook PCs.
Does it feature a remote keyboard?
Am I expected to carry around a USB keyboard?
Does this thing have super-standard, alien quality speech recognition?
It's fine to see a blonde sitting at a desk playing with a stylus, but the mojority of work still requires a keyboard these days.
quite... my question is...
Which compiler built the first version of GCC?
Which compiler build that compiler's first version?
You can apply the same to an operating system kernel. That is what makes both very remarkable accomplishments, especially considering their success and abundance today.
omg... how stupid... is there any other "culture" type stuff associated with GNU/Music?
Stick to producing great software like GCC and give up on the music front. !PLEASE!!!