The problem is not the part where you track down the user using the IP address.. the problems begin when you go beyond that public IP address, lets play pretend:
Company A has an internet connection and they get one public IP address, and for some edditional fun, lets assume the company has 50 computers. One fine day one user receives a virus, which creates a backdoor to the computer. (by creating a reverse tunnel ofcourse) Now the cracker is able to access the computer and decides to send some spam. The cracker is clever and sends small batches through a big pool of backdoored computers. This way the single computer would send a few mails in a day (for example) through multiple hosts. (makes it even more fun)
A spam gets sent, reported and tracked to the ISP and to the client, but this is where the real fun begins. The network admin battles with his puny firewall, struggling to filter out real outgoing mail and pinpoint the origin (or just does it the old fashion way, goes through all computers)
This would all be prevented if the client had a pool (lets say/64 prefix for IPv6) of IP addresses, the address would have been much easier to track down.
Ofcourse, i admit this is a far fetched scenario, and full of holes, but that's the way i would do it if i was a spammer.
How I miss visiting Usenet and content outnumbering SPAM.
NAT actually makes locating spammers harder. Most companies (and people) using NAT do not track the connections made through that NAT gateway, thus a spammer behind the gateway would be pretty safe for a while. Well, as long as they don't do excessive spamming over long periods. Unique IP addresses make tracking a bit easier, as it's easier to point a Dial-Up user (for example) from the logs even after a long period of time, than it is to point a user behind a NAT gateway even few minutes after the incident.
Interesting enough, that there are sites out there that advice you to poke around in the.inf files and change it to work on SP1+, it apparently does work too..
never tried and even if i did the w2k version of IPv6 stack is pretty buggy
What amazed me most in the article was that XSLT was included as a programming language. Even though the definition for programming language is as follows (from WordNet):
programming language
n : (computer science) a language designed for programming computers [syn: {programing language}]
And even if at some level XSLT matches that. I still think that XSLT is not a programming language and in such shouldn't be judged by it's format. eXtensible Stylesheet Language, is by it's name a way to define a style for an XML document, and it's not for programming applications.
Although, i agree that XML is not the best way of representing applications and XPath itself is quite complex to use for even the simplest queries.
I never got to play myst, i discovered myst by playing Riven and i've never been that nervous while playing any game.
Although, you can't really get yourself killed, or do anything wrong (well you can get yourself killed), it's still scary as hell. And what's best, once you stop playing and the sounds of the game go away (aka. it gets really silent) you get jumpy as hell.
Well one this that most likely has outlived it's expectations is slashdot itself, i'm quite certain that when the first news was posted on slashdot, nobody expected it to become as big as it is now..
Try it, I have found it to be the best IM client in no matter if you are in KDE or GNOME
Best is always a matter of opinion, i found gaim to be featureless for my needs.
As for Jabber, (once again, this is a matter of opinions) i like the fact that i can use jabber from my palm, or i can just work out any app i want to, and it has ICQ, AIM, IRC and (Name your preferred feature) built in, by making it use just the XMPP protocol.
I would disagree with this, although i can see the point.
I tried, for a long time, to avoid both GNOME and KDE apps, just because i have an old computer, so i don't have that much of resources to run both. (both take up different resources =) So after i tried GNOME apps, i slowly started to lean in with GNOME desktop, adding components where needed. By this day, i haven't installed any KDE apps, while my GNOME arsenal is growing. This might be due to the nature of work i do on my machine, or it might be due to anti-KDE attitude (i'm not flaming it though =), but i still have no need for any KDE apps.
As for ICQ, AIM and the other IM clients, there is a simple solution for it Jabber, you don't need a million and one different apps running on your computer when you need just one.
'I agree on the firewall, tho. In the interests of protecting everyone, there should be some sort of default "safe" firewall that people can disable.'
This got me wondering, there was no mention of what apps are listening on the network. On a bulk linux there is no need for a firewall, and if the services installed (which i assume that there aren't too many of them) that shouldn't be running there is no need for a firewall.
currently most software firewalls are just neat little toys for the kids, things that keep poping up with neat little notes saying you received a packet from somewhere. Usually there is no need at all for them. Also i think it's wrong to say there is no firewall, while the article doesn't mention wether or not the iptables or ipchains (or whatever) is disabled.
Although, i understand the problem. the beginners need a sense of security, some mention of wether or not they are safe, will make them feel safer.
We use XTND Connect Server to sync out data, it has custom made clients for multiple platforms and new phones with syncml support can syncronize to it easily.
i'm not saying that this is the ultimate solution, but it is A solution.
Quite true, i keep thinking with the knowledge we have now, but i should be thinking with about what they knew back then.. There are always new innovative ways of doing things, and when ever a new thing is invented some of the old information is lost.
One thing that bothers me in all this, how did they make that tunnel if it was so small. it would have been pretty much impossible to make it while the stones were in place and even if the stones were not placed yet, it would have been difficult to get the holes aligned and when you come to think about the size of one stone itself, it would have still been hard to get through it.
it's interesting to follow the development of viruses. First came the plain old viruses that used warez to spread (yes, they infected other apps too.. but warez was the major distribution channel) there were all kinds of viruses, those that played songs at certain times or made your screen do funny things, most of them harmless in many ways.
Then came the time of harmful viruses, the ones that formatted your HD on certain event.
Now then, it came the time of internet, and worms came. Worms spread through different holes in machines, mostly e-mail readers. (everyone had them.. most of them had holes.. tsk tsk..)
The worms itself evolved in many ways, others became DDOS tools, others just spread. Most of them were a pain anyways, as they affected more than the people with buggy software.
Oh well, it's a challenge to write a worm/virus that can spread without anyone noticing it before it's too late. Believe me, we have thought it over and over.. tried to think of a method to spread, one without any way of backtracking the worm, allowing the worm to spread with different methods, through different holes and allowing the creator of the worm to update copies of the worm while it's spreading. Interesting thought to play around with.
Re:Heres the post everyone should read first
on
Mozilla RC3 Released
·
· Score: 1
The problem with all of this is MS-HTML, which is an incompatible subset of HTML. they allow new attributes for tags, and most of MS tools create incompatible html.
the web developers are making an invalid product if they use some arbituary subset of HTML. i'm really happy that XHTML is coming about, you can finally forget about parsing for bugs, if you parse the file as XML, it will be valid.
(although XHTML bugs on IE, try creating a document with in the )
At The moment Linux is in The Center Of Attention, I Don't Know about other countries but here in Finland Linux is in almost every computer magazine.. and seems like the magazines are getting interested in Linux too.. but almost every Magazine is saying that Linux needs a User Friendly Configuration tool.. which we have.. Linuxconf (well closest one i think). But most of the problem is in The Hardware... if This project goes on as it should.. i think it just make a BIG difference in Linux!
now We Just have to stand up to The commercial Operating Systems.. and Show What the Linux (Community) is ready for!
Slashdot Mirror
I sure hope they can find LEDs that blink fast enough, it would be a shame if the led couldn't blink fast enough and would slow the memory down..
The problem is not the part where you track down the user using the IP address.. the problems begin when you go beyond that public IP address, lets play pretend:
/64 prefix for IPv6) of IP addresses, the address would have been much easier to track down.
Company A has an internet connection and they get one public IP address, and for some edditional fun, lets assume the company has 50 computers.
One fine day one user receives a virus, which creates a backdoor to the computer. (by creating a reverse tunnel ofcourse) Now the cracker is able to access the computer and decides to send some spam. The cracker is clever and sends small batches through a big pool of backdoored computers. This way the single computer would send a few mails in a day (for example) through multiple hosts. (makes it even more fun)
A spam gets sent, reported and tracked to the ISP and to the client, but this is where the real fun begins. The network admin battles with his puny firewall, struggling to filter out real outgoing mail and pinpoint the origin (or just does it the old fashion way, goes through all computers)
This would all be prevented if the client had a pool (lets say
Ofcourse, i admit this is a far fetched scenario, and full of holes, but that's the way i would do it if i was a spammer.
How I miss visiting Usenet and content outnumbering SPAM. NAT actually makes locating spammers harder. Most companies (and people) using NAT do not track the connections made through that NAT gateway, thus a spammer behind the gateway would be pretty safe for a while. Well, as long as they don't do excessive spamming over long periods. Unique IP addresses make tracking a bit easier, as it's easier to point a Dial-Up user (for example) from the logs even after a long period of time, than it is to point a user behind a NAT gateway even few minutes after the incident.
Interesting enough, that there are sites out there that advice you to poke around in the .inf files and change it to work on SP1+, it apparently does work too..
never tried and even if i did the w2k version of IPv6 stack is pretty buggy
What amazed me most in the article was that XSLT was included as a programming language. Even though the definition for programming language is as follows (from WordNet):
programming language
n : (computer science) a language designed for programming computers [syn: {programing language}]
And even if at some level XSLT matches that. I still think that XSLT is not a programming language and in such shouldn't be judged by it's format. eXtensible Stylesheet Language, is by it's name a way to define a style for an XML document, and it's not for programming applications.
Although, i agree that XML is not the best way of representing applications and XPath itself is quite complex to use for even the simplest queries.
I never got to play myst, i discovered myst by playing Riven and i've never been that nervous while playing any game.
Although, you can't really get yourself killed, or do anything wrong (well you can get yourself killed), it's still scary as hell. And what's best, once you stop playing and the sounds of the game go away (aka. it gets really silent) you get jumpy as hell.
Well one this that most likely has outlived it's expectations is slashdot itself, i'm quite certain that when the first news was posted on slashdot, nobody expected it to become as big as it is now..
maybe it's just too obvious to notice.. =)
Ofcourse you do realize that NT did originally stand for N10 (pronounced N-Ten) the New Technology was the commercial name for the project
Aaah, There is nothing like a little nitpicking in the morning...
Try it, I have found it to be the best IM client in no matter if you are in KDE or GNOME
Best is always a matter of opinion, i found gaim to be featureless for my needs.
As for Jabber, (once again, this is a matter of opinions) i like the fact that i can use jabber from my palm, or i can just work out any app i want to, and it has ICQ, AIM, IRC and (Name your preferred feature) built in, by making it use just the XMPP protocol.
I would disagree with this, although i can see the point.
I tried, for a long time, to avoid both GNOME and KDE apps, just because i have an old computer, so i don't have that much of resources to run both. (both take up different resources =) So after i tried GNOME apps, i slowly started to lean in with GNOME desktop, adding components where needed. By this day, i haven't installed any KDE apps, while my GNOME arsenal is growing. This might be due to the nature of work i do on my machine, or it might be due to anti-KDE attitude (i'm not flaming it though =), but i still have no need for any KDE apps.
As for ICQ, AIM and the other IM clients, there is a simple solution for it Jabber, you don't need a million and one different apps running on your computer when you need just one.
'I agree on the firewall, tho. In the interests of protecting everyone, there should be some sort of default "safe" firewall that people can disable.'
This got me wondering, there was no mention of what apps are listening on the network. On a bulk linux there is no need for a firewall, and if the services installed (which i assume that there aren't too many of them) that shouldn't be running there is no need for a firewall.
currently most software firewalls are just neat little toys for the kids, things that keep poping up with neat little notes saying you received a packet from somewhere. Usually there is no need at all for them. Also i think it's wrong to say there is no firewall, while the article doesn't mention wether or not the iptables or ipchains (or whatever) is disabled.
Although, i understand the problem. the beginners need a sense of security, some mention of wether or not they are safe, will make them feel safer.
We use XTND Connect Server to sync out data, it has custom made clients for multiple platforms and new phones with syncml support can syncronize to it easily.
i'm not saying that this is the ultimate solution, but it is A solution.
Quite true, i keep thinking with the knowledge we have now, but i should be thinking with about what they knew back then..
There are always new innovative ways of doing things, and when ever a new thing is invented some of the old information is lost.
One thing that bothers me in all this, how did they make that tunnel if it was so small. it would have been pretty much impossible to make it while the stones were in place and even if the stones were not placed yet, it would have been difficult to get the holes aligned and when you come to think about the size of one stone itself, it would have still been hard to get through it.
it's interesting to follow the development of viruses. First came the plain old viruses that used warez to spread (yes, they infected other apps too.. but warez was the major distribution channel) there were all kinds of viruses, those that played songs at certain times or made your screen do funny things, most of them harmless in many ways.
Then came the time of harmful viruses, the ones that formatted your HD on certain event.
Now then, it came the time of internet, and worms came. Worms spread through different holes in machines, mostly e-mail readers. (everyone had them.. most of them had holes.. tsk tsk..)
The worms itself evolved in many ways, others became DDOS tools, others just spread. Most of them were a pain anyways, as they affected more than the people with buggy software.
Oh well, it's a challenge to write a worm/virus that can spread without anyone noticing it before it's too late. Believe me, we have thought it over and over.. tried to think of a method to spread, one without any way of backtracking the worm, allowing the worm to spread with different methods, through different holes and allowing the creator of the worm to update copies of the worm while it's spreading. Interesting thought to play around with.
The problem with all of this is MS-HTML, which is an incompatible subset of HTML. they allow new attributes for tags, and most of MS tools create incompatible html.
the web developers are making an invalid product if they use some arbituary subset of HTML. i'm really happy that XHTML is coming about, you can finally forget about parsing for bugs, if you parse the file as XML, it will be valid.
(although XHTML bugs on IE, try creating a document with in the )
This is realy good for the Linux community...
At The moment Linux is in The Center Of Attention, I Don't Know about other countries but here in Finland Linux is in almost every computer magazine.. and seems like the magazines are getting interested in Linux too.. but almost every Magazine is saying that Linux needs a User Friendly Configuration tool.. which we have.. Linuxconf (well closest one i think). But most of the problem is in The Hardware... if This project goes on as it should.. i think it just make a BIG difference in Linux!
now We Just have to stand up to The commercial Operating Systems.. and Show What the Linux (Community) is ready for!
WAY TO GO Mandrake!!