Has *anyone* else noted (and been aware of this article) that this info has been available for the last *couple years*?!? Yes, I know's it been cool to flame the/. editors for the last couple years as well, but it's really pathetic as to how many people who thought this was new and were modded up.
I know it's a trite concept, but can we have some journalistic integrity here instead of even the fucking editors trolling for content?
Really, is it news that the people that just *love* to play with the higher technologies are the ones that are learning it, picking it apart, and if it's found cool and useful, really really grok the technology just to make it work well?
Aren't these, or shouldn't they be, your most sought after employees?
Oh good god man, use common sense. If you're responsible for corporate network security, hopefully you have some...
Q:First, what the heck is the definition of an "incident"? Their FAQ doesn't indicate what this means.
A: Again, common sense...if you're getting DDoS'd, you can generate huge amounts of logs if everything is getting recorded...one incident even though (potentially) 2.4million packets were reported (lol). Um, what else... if someone probes for 34 different vulnerabilities, hell, report it 34 times if you want.
Q:Secondly, does handing all your log files over to these guys remind anyone of the movie The Net? How do we know SecurityFocus can be trusted?
Aa: Um, no not really, "the net" thing was a back door.:P (and a bad movie when it comes to technical points, although not as bad as the infamous 'hackers'...lol.)
Ab: Hrm, if you're the really paranoid type, SecurityFocus can't be trusted. No one can. Therefore it would be logical to clean your logs of the "attacked address" before submitting them.:)
Anyways, hopefully this has helped out, sorry if I'm a bit off in these responses, I'm tired and this was too unfortunately typical of responses for me to not respond.:/
If you would have bothered to actually read some of the info, you would have noticed that you can scrub your logs to preserve such things as privacy...
Q: Do I have to clean my IP address and other identifying information out of my IDS logs before sending them to ARIS analyzer?
A: You always have the choice of how much information you wish to send. You may decide to strip address information when cleaning logs in ARIS extractor.
So clean yer logs of IP's you don't want to give them...:)
Did you even look at the site URL provided? Ofc, there are a whole lot of assumptions on whether or not you want to believe the data represented there is 'valid' or not, whether people are correctly listing their country...etc...
Anyways, more to the point, it all comes down to this being another potentially useful tool when it comes to what kindof attacks and such are actually being used in the wild...
I doubt he would have contested the certification if the hand counts had acutally taken place. Only one of the counties was actually able to hand in hand recounts because of the intimidation and scare tactics used by the protesters. Now *that's* how we should handle things... let unruly and violent mobs make our decesions for us... Yeah, that's that ticket...:P
Re:It's still a democracy...use it! -Agree, but...
on
Lawsuits Suck
·
· Score: 1
I don't think I've ever heard more self righteous bitching in one place... Really makes me sad to see so much arrogant trolling in one place... Telling people that they have "zero effect" and then touting how great you supposedly are isn't going to solve anything.
Encourage people to speak - make them think, and hopefully more and more people will become aware of some of the huge problems facing us today in the US and actually choose to make a difference instead of just going along with the crowd, or worse, the media. Actually contributing to the media's impression of over-ego'd and mindless fanatic geeks by posting crap like this, IMHO, is even worse. Even if it is only a troll. "Wellstone"? Rofl, probably not a well known politician nationally, but well known enough... Sigh, everyone, let's at least TRY to be constructive...
Slashdot Mirror
rofl, nice troll.
Has *anyone* else noted (and been aware of this article) that this info has been available for the last *couple years*?!? Yes, I know's it been cool to flame the /. editors for the last couple years as well, but it's really pathetic as to how many people who thought this was new and were modded up.
I know it's a trite concept, but can we have some journalistic integrity here instead of even the fucking editors trolling for content?
Really, is it news that the people that just *love* to play with the higher technologies are the ones that are learning it, picking it apart, and if it's found cool and useful, really really grok the technology just to make it work well ?
Aren't these, or shouldn't they be, your most sought after employees?
Is it really not that obvious?    :)
Oh good god man, use common sense. If you're responsible for corporate network security, hopefully you have some...
:P (and a bad movie when it comes to technical points, although not as bad as the infamous 'hackers'...lol.)
:)
:/
Q: First, what the heck is the definition of an "incident"? Their FAQ doesn't indicate what this means.
A: Again, common sense...if you're getting DDoS'd, you can generate huge amounts of logs if everything is getting recorded...one incident even though (potentially) 2.4million packets were reported (lol).
Um, what else... if someone probes for 34 different vulnerabilities, hell, report it 34 times if you want.
Q: Secondly, does handing all your log files over to these guys remind anyone of the movie The Net? How do we know SecurityFocus can be trusted?
Aa: Um, no not really, "the net" thing was a back door.
Ab: Hrm, if you're the really paranoid type, SecurityFocus can't be trusted. No one can. Therefore it would be logical to clean your logs of the "attacked address" before submitting them.
Anyways, hopefully this has helped out, sorry if I'm a bit off in these responses, I'm tired and this was too unfortunately typical of responses for me to not respond.
Q: Do I have to clean my IP address and other identifying information out of my IDS logs before sending them to ARIS analyzer?
A: You always have the choice of how much information you wish to send. You may decide to strip address information when cleaning logs in ARIS extractor.
So clean yer logs of IP's you don't want to give them... :)
Did you even look at the site URL provided? Ofc, there are a whole lot of assumptions on whether or not you want to believe the data represented there is 'valid' or not, whether people are correctly listing their country...etc...
Anyways, more to the point, it all comes down to this being another potentially useful tool when it comes to what kindof attacks and such are actually being used in the wild...
I doubt he would have contested the certification if the hand counts had acutally taken place. Only one of the counties was actually able to hand in hand recounts because of the intimidation and scare tactics used by the protesters. Now *that's* how we should handle things... let unruly and violent mobs make our decesions for us... Yeah, that's that ticket... :P
Really makes me sad to see so much arrogant trolling in one place... Telling people that they have "zero effect" and then touting how great you supposedly are isn't going to solve anything.
Encourage people to speak - make them think, and hopefully more and more people will become aware of some of the huge problems facing us today in the US and actually choose to make a difference instead of just going along with the crowd, or worse, the media. Actually contributing to the media's impression of over-ego'd and mindless fanatic geeks by posting crap like this, IMHO, is even worse. Even if it is only a troll. "Wellstone"? Rofl, probably not a well known politician nationally, but well known enough... Sigh, everyone, let's at least TRY to be constructive...